Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27.01.2018 Ran by lion l (administrator) on LIONL-PC (06-02-2018 17:27:11) Running from C:\Users\lion l\Desktop Loaded Profiles: lion l & (Available Profiles: lion l) Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Anglais (États-Unis) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Code Sector) C:\Program Files\TeraCopy\TeraCopyService.exe (AMD) C:\Windows\System32\atiesrxx.exe (Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe (ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe (AOMEI Tech Co., Ltd.) C:\Program Files (x86)\AOMEI Backupper\ABService.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe (Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe (Locktime Software) C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe (Numark) C:\Program Files (x86)\Numark\NV mkII\AudioDevMon.exe (Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe (TechSmith Corporation) C:\Program Files (x86)\Common Files\TechSmith Shared\Uploader\UploaderService.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe (WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe (Intel Corporation) C:\Program Files\Intel\STCServ\STCServ.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Microsoft Corporation) C:\Windows\System32\UI0Detect.exe (AMD) C:\Windows\System32\atieclxx.exe (Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (BitTorrent Inc.) C:\Users\lion l\AppData\Roaming\uTorrent\uTorrent.exe (WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe () F:\links\lionstart.exe (Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Microsoft Corporation) C:\Windows\System32\taskmgr.exe (Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winamp.exe (FileZilla Project) C:\Program Files (x86)\FileZilla FTP Client\filezilla.exe (Hyperionics Technology LLC) C:\Program Files\HyperSnap 8\HprSnap8.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (LastPass) C:\Program Files (x86)\LastPass\nplastpass.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Discord Inc.) C:\Users\lion l\AppData\Local\Discord\app-0.0.300\Discord.exe (Discord Inc.) C:\Users\lion l\AppData\Local\Discord\app-0.0.300\Discord.exe (Discord Inc.) C:\Users\lion l\AppData\Local\Discord\app-0.0.300\Discord.exe (2BrightSparks Pte. Ltd.) C:\Program Files (x86)\2BrightSparks\SyncBackFree\SyncBackFree.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [98024 2017-12-21] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [3237808 2018-01-09] (Dominik Reichl) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3567936 2018-01-22] (Dropbox, Inc.) HKU\S-1-5-21-1134811870-1576938331-451141257-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [4105328 2018-01-11] (Tonec Inc.) HKU\S-1-5-21-1134811870-1576938331-451141257-1001\...\Run: [uTorrent] => C:\Users\lion l\AppData\Roaming\uTorrent\uTorrent.exe [2375360 2016-11-08] (BitTorrent Inc.) HKU\S-1-5-21-1134811870-1576938331-451141257-1001\...\Run: [IDM trial reset] => F:\pc_restart\instal_seven_64bit\internet\outils\idm\[opensource] IDM trial reset\idm_trial_reset.exe [1179136 2015-04-11] () HKU\S-1-5-21-1134811870-1576938331-451141257-1001\...\Run: [Discord] => C:\Users\lion l\AppData\Local\Discord\app-0.0.300\Discord.exe [57821176 2018-01-08] (Discord Inc.) HKU\S-1-5-21-1134811870-1576938331-451141257-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\S-1-5-21-1134811870-1576938331-451141257-1001\...\MountPoints2: {017d02ac-b813-11e7-bdc6-001731e9bb2c} - R:\Autorun.exe HKU\S-1-5-21-1134811870-1576938331-451141257-1001\...\MountPoints2: {acc3d071-b7a8-11e7-8a23-001731e9bb2c} - N:\Autorun.exe HKU\S-1-5-21-1134811870-1576938331-451141257-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022018195859219\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [4105328 2018-01-11] (Tonec Inc.) HKU\S-1-5-21-1134811870-1576938331-451141257-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022018195859219\...\Run: [uTorrent] => C:\Users\lion l\AppData\Roaming\uTorrent\uTorrent.exe [2375360 2016-11-08] (BitTorrent Inc.) HKU\S-1-5-21-1134811870-1576938331-451141257-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022018195859219\...\Run: [IDM trial reset] => F:\pc_restart\instal_seven_64bit\internet\outils\idm\[opensource] IDM trial reset\idm_trial_reset.exe [1179136 2015-04-11] () HKU\S-1-5-21-1134811870-1576938331-451141257-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022018195859219\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\S-1-5-21-1134811870-1576938331-451141257-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022018195859219\...\MountPoints2: {017d02ac-b813-11e7-bdc6-001731e9bb2c} - R:\Autorun.exe HKU\S-1-5-21-1134811870-1576938331-451141257-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022018195859219\...\MountPoints2: {acc3d071-b7a8-11e7-8a23-001731e9bb2c} - N:\Autorun.exe HKU\S-1-5-21-1134811870-1576938331-451141257-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022018212620649\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [4105328 2018-01-11] (Tonec Inc.) HKU\S-1-5-21-1134811870-1576938331-451141257-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022018212620649\...\Run: [uTorrent] => C:\Users\lion l\AppData\Roaming\uTorrent\uTorrent.exe [2375360 2016-11-08] (BitTorrent Inc.) HKU\S-1-5-21-1134811870-1576938331-451141257-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022018212620649\...\Run: [IDM trial reset] => F:\pc_restart\instal_seven_64bit\internet\outils\idm\[opensource] IDM trial reset\idm_trial_reset.exe [1179136 2015-04-11] () HKU\S-1-5-21-1134811870-1576938331-451141257-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022018212620649\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\S-1-5-21-1134811870-1576938331-451141257-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022018212620649\...\MountPoints2: {017d02ac-b813-11e7-bdc6-001731e9bb2c} - R:\Autorun.exe HKU\S-1-5-21-1134811870-1576938331-451141257-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022018212620649\...\MountPoints2: {acc3d071-b7a8-11e7-8a23-001731e9bb2c} - N:\Autorun.exe HKU\S-1-5-21-1134811870-1576938331-451141257-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02032018020151127\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [4105328 2018-01-11] (Tonec Inc.) HKU\S-1-5-21-1134811870-1576938331-451141257-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02032018020151127\...\Run: [uTorrent] => C:\Users\lion l\AppData\Roaming\uTorrent\uTorrent.exe [2375360 2016-11-08] (BitTorrent Inc.) HKU\S-1-5-21-1134811870-1576938331-451141257-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02032018020151127\...\Run: [IDM trial reset] => F:\pc_restart\instal_seven_64bit\internet\outils\idm\[opensource] IDM trial reset\idm_trial_reset.exe [1179136 2015-04-11] () HKU\S-1-5-21-1134811870-1576938331-451141257-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02032018020151127\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\S-1-5-21-1134811870-1576938331-451141257-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02032018020151127\...\MountPoints2: {017d02ac-b813-11e7-bdc6-001731e9bb2c} - R:\Autorun.exe HKU\S-1-5-21-1134811870-1576938331-451141257-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02032018020151127\...\MountPoints2: {acc3d071-b7a8-11e7-8a23-001731e9bb2c} - N:\Autorun.exe HKU\S-1-5-21-1134811870-1576938331-451141257-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02042018020148621\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [4105328 2018-01-11] (Tonec Inc.) HKU\S-1-5-21-1134811870-1576938331-451141257-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02042018020148621\...\Run: [uTorrent] => C:\Users\lion l\AppData\Roaming\uTorrent\uTorrent.exe [2375360 2016-11-08] (BitTorrent Inc.) HKU\S-1-5-21-1134811870-1576938331-451141257-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02042018020148621\...\Run: [IDM trial reset] => F:\pc_restart\instal_seven_64bit\internet\outils\idm\[opensource] IDM trial reset\idm_trial_reset.exe [1179136 2015-04-11] () HKU\S-1-5-21-1134811870-1576938331-451141257-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02042018020148621\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\S-1-5-21-1134811870-1576938331-451141257-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02042018020148621\...\MountPoints2: {017d02ac-b813-11e7-bdc6-001731e9bb2c} - R:\Autorun.exe HKU\S-1-5-21-1134811870-1576938331-451141257-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02042018020148621\...\MountPoints2: {acc3d071-b7a8-11e7-8a23-001731e9bb2c} - N:\Autorun.exe HKU\S-1-5-21-1134811870-1576938331-451141257-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02052018020150764\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [4105328 2018-01-11] (Tonec Inc.) HKU\S-1-5-21-1134811870-1576938331-451141257-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02052018020150764\...\Run: [uTorrent] => C:\Users\lion l\AppData\Roaming\uTorrent\uTorrent.exe [2375360 2016-11-08] (BitTorrent Inc.) HKU\S-1-5-21-1134811870-1576938331-451141257-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02052018020150764\...\Run: [IDM trial reset] => F:\pc_restart\instal_seven_64bit\internet\outils\idm\[opensource] IDM trial reset\idm_trial_reset.exe [1179136 2015-04-11] () HKU\S-1-5-21-1134811870-1576938331-451141257-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02052018020150764\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\S-1-5-21-1134811870-1576938331-451141257-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02052018020150764\...\MountPoints2: {017d02ac-b813-11e7-bdc6-001731e9bb2c} - R:\Autorun.exe HKU\S-1-5-21-1134811870-1576938331-451141257-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02052018020150764\...\MountPoints2: {acc3d071-b7a8-11e7-8a23-001731e9bb2c} - N:\Autorun.exe HKU\S-1-5-21-1134811870-1576938331-451141257-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02062018020149615\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [4105328 2018-01-11] (Tonec Inc.) HKU\S-1-5-21-1134811870-1576938331-451141257-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02062018020149615\...\Run: [uTorrent] => C:\Users\lion l\AppData\Roaming\uTorrent\uTorrent.exe [2375360 2016-11-08] (BitTorrent Inc.) HKU\S-1-5-21-1134811870-1576938331-451141257-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02062018020149615\...\Run: [IDM trial reset] => F:\pc_restart\instal_seven_64bit\internet\outils\idm\[opensource] IDM trial reset\idm_trial_reset.exe [1179136 2015-04-11] () HKU\S-1-5-21-1134811870-1576938331-451141257-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02062018020149615\...\Run: [Discord] => C:\Users\lion l\AppData\Local\Discord\app-0.0.300\Discord.exe [57821176 2018-01-08] (Discord Inc.) HKU\S-1-5-21-1134811870-1576938331-451141257-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02062018020149615\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\S-1-5-21-1134811870-1576938331-451141257-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02062018020149615\...\MountPoints2: {017d02ac-b813-11e7-bdc6-001731e9bb2c} - R:\Autorun.exe HKU\S-1-5-21-1134811870-1576938331-451141257-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02062018020149615\...\MountPoints2: {acc3d071-b7a8-11e7-8a23-001731e9bb2c} - N:\Autorun.exe Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodeMeter Control Center.lnk [2017-12-10] ShortcutTarget: CodeMeter Control Center.lnk -> C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe (WIBU-SYSTEMS AG) Startup: C:\Users\lion l\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\lionstart.exe - Raccourci.lnk [2017-12-18] ShortcutTarget: lionstart.exe - Raccourci.lnk -> F:\links\lionstart.exe () Startup: C:\Users\lion l\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MARS RADIO.m3u - Raccourci.lnk [2017-12-18] ShortcutTarget: MARS RADIO.m3u - Raccourci.lnk -> F:\links\best_drum\mes_radios\MARS RADIO.m3u () GroupPolicy: Restriction <==== ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.10.47 Tcpip\..\Interfaces\{33993AEB-07E2-49DD-86D1-BE251B71340D}: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{501D95D5-B878-4874-949C-3F84AE7AD319}: [DhcpNameServer] 192.168.10.47 Internet Explorer: ================== HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2017-12-14] (Internet Download Manager, Tonec Inc.) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2017-12-23] (LastPass) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office16\URLREDIR.DLL [2015-07-31] (Microsoft Corporation) BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2017-07-11] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre-9.0.4\bin\jp2ssv.dll [2018-01-19] (Oracle Corporation) BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2017-12-14] (Internet Download Manager, Tonec Inc.) BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll [2017-12-23] (LastPass) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office16\URLREDIR.DLL [2015-07-31] (Microsoft Corporation) BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2017-07-11] (Microsoft Corporation) Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2017-12-23] (LastPass) Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll [2017-12-23] (LastPass) Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2017-08-15] (Microsoft Corporation) Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2017-08-15] (Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2017-08-15] (Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2017-08-15] (Microsoft Corporation) FireFox: ======== FF DefaultProfile: 2r5xxk4w.default FF ProfilePath: C:\Users\lion l\AppData\Roaming\Mozilla\Firefox\Profiles\2r5xxk4w.default [2018-02-06] FF Homepage: Mozilla\Firefox\Profiles\2r5xxk4w.default -> about:home FF Extension: (Disconnect) - C:\Users\lion l\AppData\Roaming\Mozilla\Firefox\Profiles\2r5xxk4w.default\Extensions\2.0@disconnect.me.xpi [2017-10-23] FF Extension: (Protection Web Avira) - C:\Users\lion l\AppData\Roaming\Mozilla\Firefox\Profiles\2r5xxk4w.default\Extensions\abs@avira.com.xpi [2017-12-13] FF Extension: (Bookmarks Organizer) - C:\Users\lion l\AppData\Roaming\Mozilla\Firefox\Profiles\2r5xxk4w.default\Extensions\bookmarksorganizer@agenedia.com.xpi [2017-11-30] FF Extension: (Firebug) - C:\Users\lion l\AppData\Roaming\Mozilla\Firefox\Profiles\2r5xxk4w.default\Extensions\firebug@software.joehewitt.com.xpi [2017-10-23] [Legacy] FF Extension: (Disable WebRTC) - C:\Users\lion l\AppData\Roaming\Mozilla\Firefox\Profiles\2r5xxk4w.default\Extensions\jid1-5Fs7iTLscUaZBgwr@jetpack.xpi [2018-01-28] FF Extension: (Debrid-Link) - C:\Users\lion l\AppData\Roaming\Mozilla\Firefox\Profiles\2r5xxk4w.default\Extensions\jid1-6kU7yIbrTcZvJg@jetpack.xpi [2017-10-23] FF Extension: (Firefox Lightbeam) - C:\Users\lion l\AppData\Roaming\Mozilla\Firefox\Profiles\2r5xxk4w.default\Extensions\jid1-F9UJ2thwoAm5gQ@jetpack.xpi [2017-10-23] FF Extension: (MyJDownloader Browser Extension) - C:\Users\lion l\AppData\Roaming\Mozilla\Firefox\Profiles\2r5xxk4w.default\Extensions\jid1-OY8Xu5BsKZQa6A@jetpack.xpi [2018-01-15] FF Extension: (link-password) - C:\Users\lion l\AppData\Roaming\Mozilla\Firefox\Profiles\2r5xxk4w.default\Extensions\LinkPassword@EvighetensFilosofi.xpi [2017-11-28] FF Extension: (LastPass: Free Password Manager) - C:\Users\lion l\AppData\Roaming\Mozilla\Firefox\Profiles\2r5xxk4w.default\Extensions\support@lastpass.com [2018-01-18] FF Extension: (LastPass: Free Password Manager) - C:\Users\lion l\AppData\Roaming\Mozilla\Firefox\Profiles\2r5xxk4w.default\Extensions\support@lastpass.com.xpi [2017-12-05] FF Extension: (Google Translator for Firefox) - C:\Users\lion l\AppData\Roaming\Mozilla\Firefox\Profiles\2r5xxk4w.default\Extensions\translator@zoli.bod.xpi [2017-12-11] FF Extension: (Session Manager) - C:\Users\lion l\AppData\Roaming\Mozilla\Firefox\Profiles\2r5xxk4w.default\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2017-10-23] [Legacy] FF Extension: (FireFTP) - C:\Users\lion l\AppData\Roaming\Mozilla\Firefox\Profiles\2r5xxk4w.default\Extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f} [2018-01-18] [Legacy] FF Extension: (Adblock Plus) - C:\Users\lion l\AppData\Roaming\Mozilla\Firefox\Profiles\2r5xxk4w.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-12-12] FF HKU\S-1-5-21-1134811870-1576938331-451141257-1001\...\Firefox\Extensions: [mozilla_cc3@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc3.xpi FF Extension: (No Name) - C:\Program Files (x86)\Internet Download Manager\idmmzcc3.xpi [2018-01-13] FF HKU\S-1-5-21-1134811870-1576938331-451141257-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\lion l\AppData\Roaming\IDM\idmmzcc5 FF Extension: (IDM CC) - C:\Users\lion l\AppData\Roaming\IDM\idmmzcc5 [2018-01-18] [Legacy] [not signed] FF HKU\S-1-5-21-1134811870-1576938331-451141257-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-12-20] [Legacy] FF HKU\S-1-5-21-1134811870-1576938331-451141257-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022018195859219\...\Firefox\Extensions: [mozilla_cc3@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc3.xpi FF HKU\S-1-5-21-1134811870-1576938331-451141257-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022018195859219\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\lion l\AppData\Roaming\IDM\idmmzcc5 FF HKU\S-1-5-21-1134811870-1576938331-451141257-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022018195859219\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi FF HKU\S-1-5-21-1134811870-1576938331-451141257-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022018212620649\...\Firefox\Extensions: [mozilla_cc3@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc3.xpi FF HKU\S-1-5-21-1134811870-1576938331-451141257-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022018212620649\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\lion l\AppData\Roaming\IDM\idmmzcc5 FF HKU\S-1-5-21-1134811870-1576938331-451141257-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022018212620649\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi FF HKU\S-1-5-21-1134811870-1576938331-451141257-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02032018020151127\...\Firefox\Extensions: [mozilla_cc3@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc3.xpi FF HKU\S-1-5-21-1134811870-1576938331-451141257-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02032018020151127\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\lion l\AppData\Roaming\IDM\idmmzcc5 FF HKU\S-1-5-21-1134811870-1576938331-451141257-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02032018020151127\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi FF HKU\S-1-5-21-1134811870-1576938331-451141257-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02042018020148621\...\Firefox\Extensions: [mozilla_cc3@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc3.xpi FF HKU\S-1-5-21-1134811870-1576938331-451141257-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02042018020148621\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\lion l\AppData\Roaming\IDM\idmmzcc5 FF HKU\S-1-5-21-1134811870-1576938331-451141257-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02042018020148621\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi FF HKU\S-1-5-21-1134811870-1576938331-451141257-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02052018020150764\...\Firefox\Extensions: [mozilla_cc3@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc3.xpi FF HKU\S-1-5-21-1134811870-1576938331-451141257-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02052018020150764\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\lion l\AppData\Roaming\IDM\idmmzcc5 FF HKU\S-1-5-21-1134811870-1576938331-451141257-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02052018020150764\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi FF HKU\S-1-5-21-1134811870-1576938331-451141257-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02062018020149615\...\Firefox\Extensions: [mozilla_cc3@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc3.xpi FF HKU\S-1-5-21-1134811870-1576938331-451141257-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02062018020149615\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\lion l\AppData\Roaming\IDM\idmmzcc5 FF HKU\S-1-5-21-1134811870-1576938331-451141257-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02062018020149615\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_28_0_0_137.dll [2018-01-11] () FF Plugin: @java.com/DTPlugin,version=12.0.4.0 -> C:\Program Files\Java\jre-9.0.4\bin\dtplugin\npDeployJava1.dll [2018-01-19] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=12.0.4.0 -> C:\Program Files\Java\jre-9.0.4\bin\plugin2\npjp2.dll [2018-01-19] (Oracle Corporation) FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2017-12-23] (LastPass) FF Plugin: @microsoft.com/GENUINE -> disabled [No File] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~3\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_137.dll [2018-01-11] () FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2017-12-23] (LastPass) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation) FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2012-08-10] (Nero AG) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems) Chrome: ======= CHR DefaultSearchKeyword: Default -> lp CHR Profile: C:\Users\lion l\AppData\Local\Google\Chrome\User Data\Default [2018-01-30] CHR Extension: (Slides) - C:\Users\lion l\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-01-18] CHR Extension: (Docs) - C:\Users\lion l\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-01-18] CHR Extension: (Google Drive) - C:\Users\lion l\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-10-23] CHR Extension: (Session Manager) - C:\Users\lion l\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbcnbpafconjjigibnhbfmmgdbbkcjfi [2018-01-18] CHR Extension: (YouTube) - C:\Users\lion l\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-10-23] CHR Extension: (Adobe Acrobat) - C:\Users\lion l\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-01-18] CHR Extension: (Sheets) - C:\Users\lion l\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-01-18] CHR Extension: (Protection Web Avira) - C:\Users\lion l\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2018-01-18] CHR Extension: (Google Docs hors connexion) - C:\Users\lion l\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-01-18] CHR Extension: (LastPass: Free Password Manager) - C:\Users\lion l\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2018-01-18] CHR Extension: (IDM Integration Module) - C:\Users\lion l\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2018-01-15] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\lion l\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-01-18] CHR Extension: (Gmail) - C:\Users\lion l\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-10-23] CHR Extension: (Chrome Media Router) - C:\Users\lion l\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-01-28] CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - hxxp://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2018-01-13] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - hxxp://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2018-01-13] ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [109056 2009-02-06] (ArcSoft Inc.) S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1128944 2017-12-12] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [492560 2018-01-05] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [492560 2018-01-05] (Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1526832 2017-12-12] (Avira Operations GmbH & Co. KG) R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [444600 2017-12-21] (Avira Operations GmbH & Co. KG) R2 Backupper Service; C:\Program Files (x86)\AOMEI Backupper\ABService.exe [122728 2017-09-04] (AOMEI Tech Co., Ltd.) S3 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [369720 2017-09-05] (BlueStack Systems, Inc.) S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2017-10-23] (Creative Labs) [File not signed] R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [307200 2008-11-18] (Creative Technology Ltd) [File not signed] S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-10-23] (Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-10-23] (Dropbox, Inc.) R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51024 2018-01-22] (Dropbox, Inc.) S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2291904 2017-08-14] (Disc Soft Ltd) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes) R2 nlsvc; C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe [332848 2017-08-22] (Locktime Software) R2 NVmkIIAudioDevMon; C:\Program Files (x86)\Numark\NV mkII\AudioDevMon.exe [611928 2017-03-15] (Numark) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2154816 2018-01-20] (Electronic Arts) R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3024712 2018-01-20] (Electronic Arts) R2 STCServ; C:\Program Files\Intel\STCServ\STCServ.exe [8095456 2015-03-16] (Intel Corporation) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10945776 2017-12-15] (TeamViewer GmbH) R2 TechSmith Uploader Service; C:\Program Files (x86)\Common Files\TechSmith Shared\Uploader\UploaderService.exe [3661096 2015-09-14] (TechSmith Corporation) R2 TeraCopyService; C:\Program Files\TeraCopy\TeraCopyService.exe [110416 2017-05-05] (Code Sector) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2016-03-25] (Microsoft Corporation) ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R0 ambakdrv; C:\Windows\System32\ambakdrv.sys [51120 2016-12-21] () R2 ammntdrv; C:\Windows\system32\ammntdrv.sys [171952 2016-12-21] () R2 amwrtdrv; C:\Windows\system32\amwrtdrv.sys [38320 2017-09-01] () R0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [64504 2017-10-06] (Avira Operations GmbH & Co. KG) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [196344 2017-12-12] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [153552 2018-02-02] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [35328 2017-10-06] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [78600 2017-10-06] (Avira Operations GmbH & Co. KG) R0 avusbflt; C:\Windows\System32\Drivers\avusbflt.sys [34128 2017-10-06] (Avira Operations GmbH & Co. KG) S3 BstkDrv; C:\Program Files (x86)\BlueStacks\BstkDrv.sys [270904 2017-06-21] (Bluestack System Inc. ) R3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.) R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2017-10-23] (Disc Soft Ltd) R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2017-10-23] (Disc Soft Ltd) S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [24056 2016-01-14] () S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [21496 2016-01-14] () R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77432 2017-11-29] () S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [10848 2016-07-11] () [File not signed] S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [10208 2016-07-11] () [File not signed] R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [27552 2017-10-28] (REALiX(tm)) R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [193968 2018-02-04] (Malwarebytes) R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [110016 2018-02-04] (Malwarebytes) R3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [46008 2018-02-04] (Malwarebytes) R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253880 2018-02-04] (Malwarebytes) R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [84256 2018-02-06] (Malwarebytes) R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] () R3 NIWinCDEmu; C:\Windows\System32\DRIVERS\NIWinCDEmu.sys [112408 2015-08-24] () R0 nldrv; C:\Windows\System32\drivers\nldrv.sys [178040 2017-08-24] (Locktime Software) S3 NUMARKNVmkII; C:\Windows\System32\DRIVERS\NumarkNVmkII.sys [589400 2017-03-15] (Numark) S3 ScpVBus; C:\Windows\System32\DRIVERS\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions) S3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [21984 2016-10-18] () S3 SeratoUsb; C:\Windows\System32\Drivers\SeratoUsb.sys [49656 2013-07-09] (Cristalink Ltd) R3 SoundGridMIDI; C:\Windows\System32\drivers\SoundGridMidi.sys [42320 2017-01-29] (Waves Audio Ltd.) R3 SoundGridMIDI; C:\Windows\SysWOW64\drivers\SoundGridMidi.sys [22016 2017-01-29] (Waves Audio Ltd.) [File not signed] R2 SoundGridProtocol; C:\Windows\System32\DRIVERS\SoundGridProtocol.sys [113488 2017-01-29] (Waves Audio Ltd.) R2 SoundGridProtocol; C:\Windows\SysWOW64\DRIVERS\SoundGridProtocol.sys [55296 2017-01-29] (Waves Audio Ltd.) [File not signed] R3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.) R1 UimBus; C:\Windows\System32\DRIVERS\UimBus.sys [102664 2015-02-09] () R1 Uim_DEVIM; C:\Windows\System32\DRIVERS\uim_devim.sys [25992 2015-02-09] () R1 Uim_IM; C:\Windows\System32\DRIVERS\uim_im.sys [700680 2015-02-09] () U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] () S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2016-03-25] (Microsoft Corporation) R3 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys [196040 2017-09-13] (Oracle Corporation) S3 XSplit_Dummy; C:\Windows\System32\drivers\xspltspk.sys [26200 2016-06-15] (SplitmediaLabs Limited) S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2018-02-06 17:26 - 2018-02-06 17:27 - 000039140 _____ C:\Users\lion l\Desktop\FRST.txt 2018-02-06 17:25 - 2018-02-06 17:26 - 000000000 ____D C:\FRST 2018-02-06 17:17 - 2018-02-06 17:18 - 002393088 _____ (Farbar) C:\Users\lion l\Desktop\FRST64.exe 2018-02-06 17:05 - 2018-02-06 17:05 - 000001228 _____ C:\Users\lion l\Desktop\SyncBackFree.lnk 2018-02-05 23:39 - 2018-02-06 01:04 - 193919561 _____ C:\Users\lion l\Desktop\[WwW.VoirFilms.ws]-Black.Mirror.S01E02.FRENCH.720p.WEB-DL.mp4 2018-02-05 12:35 - 2018-02-05 21:03 - 000000000 ____D C:\Users\lion l\AppData\Roaming\discord 2018-02-05 12:35 - 2018-02-05 12:35 - 000002173 _____ C:\Users\lion l\Desktop\Discord.lnk 2018-02-05 12:35 - 2018-02-05 12:35 - 000000000 ____D C:\Users\lion l\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc 2018-02-05 12:17 - 2018-02-05 12:20 - 057954808 _____ (Discord Inc.) C:\Users\lion l\Desktop\DiscordSetup.exe 2018-02-04 19:30 - 2018-02-04 19:43 - 000000000 ____D C:\MATS 2018-02-04 19:29 - 2018-02-04 19:29 - 000221662 _____ C:\Users\lion l\Desktop\MicrosoftProgram_Install_and_Uninstall.meta.diagcab 2018-02-04 19:22 - 2018-02-04 19:22 - 007189760 _____ (VS Revo Group ) C:\Users\lion l\Desktop\revosetup.exe 2018-02-04 19:22 - 2018-02-04 19:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller 2018-02-04 19:22 - 2018-02-04 19:22 - 000000000 ____D C:\Program Files\VS Revo Group 2018-02-04 19:16 - 2018-02-04 19:16 - 000000000 ____D C:\install 2018-02-04 19:06 - 2018-02-04 19:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip 2018-02-04 19:06 - 2018-02-04 19:06 - 000000000 ____D C:\Program Files\7-Zip 2018-02-04 19:05 - 2018-02-04 19:05 - 001414794 _____ (Igor Pavlov) C:\Users\lion l\Desktop\7z1801-x64.exe 2018-02-04 00:42 - 2018-02-04 00:42 - 000046008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2018-02-04 00:41 - 2018-02-06 16:57 - 000084256 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys 2018-02-04 00:41 - 2018-02-04 00:41 - 000253880 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys 2018-02-04 00:41 - 2018-02-04 00:41 - 000193968 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys 2018-02-04 00:41 - 2018-02-04 00:41 - 000110016 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys 2018-02-02 19:56 - 2018-02-02 19:56 - 000000004 ____H C:\ProgramData\cm-lock 2018-01-31 01:03 - 2018-01-31 01:03 - 000000275 _____ C:\Users\lion l\Desktop\Capture vidéo de l'écran - Screencast - Filmer son écran.URL 2018-01-29 11:19 - 2018-01-29 11:19 - 000000000 ____D C:\Users\lion l\AppData\Roaming\DigitalVolcano 2018-01-29 11:18 - 2018-01-29 11:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Duplicate Cleaner Pro 2018-01-29 11:18 - 2018-01-29 11:18 - 000000000 ____D C:\Program Files (x86)\Duplicate Cleaner Pro 2018-01-29 00:21 - 2018-01-29 00:22 - 005231272 _____ (techPowerUp (www.techpowerup.com)) C:\Users\lion l\Desktop\GPU-Z.2.7.0.exe 2018-01-28 13:31 - 2018-01-28 13:31 - 000000268 _____ C:\Users\lion l\Desktop\Dj Lion L - 2018 Happy Years - part 4 - 01-01-2018 01 Jan 2018 Mars Radio DNB, France Jungle, Dnb, Ragga Jungle, Jump Up, Dr.URL 2018-01-28 13:31 - 2018-01-28 13:31 - 000000257 _____ C:\Users\lion l\Desktop\Neuro circus 16-01-2018.URL 2018-01-28 13:30 - 2018-01-28 13:30 - 000000257 _____ C:\Users\lion l\Desktop\Dj Lion L - Hacking King 15-01-2018 15 Jan 2018 France Drum & Bass.URL 2018-01-26 22:52 - 2018-01-26 22:53 - 000000142 _____ C:\Users\lion l\Desktop\mars radio dnb 01-2018 modif.txt 2018-01-25 05:20 - 2018-01-25 05:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2018-01-23 12:48 - 2018-01-23 12:48 - 000000927 _____ C:\Users\lion l\Desktop\Freebox Server - Raccourci.lnk 2018-01-23 12:10 - 2018-01-23 12:11 - 000467616 _____ C:\Windows\system32\FNTCACHE.DAT 2018-01-23 12:08 - 2018-01-23 12:08 - 000000000 ___SD C:\Windows\system32\CompatTel 2018-01-22 12:19 - 2018-01-22 12:19 - 000051024 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe 2018-01-22 12:19 - 2018-01-22 12:19 - 000045672 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys 2018-01-22 12:19 - 2018-01-22 12:19 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys 2018-01-22 12:19 - 2018-01-22 12:19 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys 2018-01-21 23:32 - 2018-01-21 23:32 - 000000651 _____ C:\Users\lion l\Desktop\film2 - Raccourci.lnk 2018-01-21 12:07 - 2018-01-07 16:47 - 000631680 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2018-01-21 12:07 - 2018-01-07 16:45 - 005581544 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2018-01-21 12:07 - 2018-01-07 16:45 - 000708328 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2018-01-21 12:07 - 2018-01-07 16:45 - 000262376 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll 2018-01-21 12:07 - 2018-01-07 16:45 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2018-01-21 12:07 - 2018-01-07 16:45 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2018-01-21 12:07 - 2018-01-07 16:42 - 001460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2018-01-21 12:07 - 2018-01-07 16:42 - 001212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2018-01-21 12:07 - 2018-01-07 16:42 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2018-01-21 12:07 - 2018-01-07 16:42 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2018-01-21 12:07 - 2018-01-07 16:42 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2018-01-21 12:07 - 2018-01-07 16:42 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2018-01-21 12:07 - 2018-01-07 16:42 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2018-01-21 12:07 - 2018-01-07 16:42 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2018-01-21 12:07 - 2018-01-07 16:42 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2018-01-21 12:07 - 2018-01-07 16:42 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2018-01-21 12:07 - 2018-01-07 16:42 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2018-01-21 12:07 - 2018-01-07 16:42 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2018-01-21 12:07 - 2018-01-07 16:42 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2018-01-21 12:07 - 2018-01-07 16:42 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2018-01-21 12:07 - 2018-01-07 16:42 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2018-01-21 12:07 - 2018-01-07 16:42 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2018-01-21 12:07 - 2018-01-07 16:42 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll 2018-01-21 12:07 - 2018-01-07 16:42 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2018-01-21 12:07 - 2018-01-07 16:42 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2018-01-21 12:07 - 2018-01-07 16:42 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll 2018-01-21 12:07 - 2018-01-07 16:42 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2018-01-21 12:07 - 2018-01-07 16:42 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll 2018-01-21 12:07 - 2018-01-07 16:42 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2018-01-21 12:07 - 2018-01-07 16:42 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll 2018-01-21 12:07 - 2018-01-07 16:42 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2018-01-21 12:07 - 2018-01-07 16:42 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2018-01-21 12:07 - 2018-01-07 16:42 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll 2018-01-21 12:07 - 2018-01-07 16:42 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll 2018-01-21 12:07 - 2018-01-07 16:42 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2018-01-21 12:07 - 2018-01-07 16:42 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2018-01-21 12:07 - 2018-01-07 16:42 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2018-01-21 12:07 - 2018-01-07 16:42 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2018-01-21 12:07 - 2018-01-07 16:42 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2018-01-21 12:07 - 2018-01-07 16:42 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2018-01-21 12:07 - 2018-01-07 16:42 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2018-01-21 12:07 - 2018-01-07 16:42 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2018-01-21 12:07 - 2018-01-07 16:42 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2018-01-21 12:07 - 2018-01-07 16:42 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2018-01-21 12:07 - 2018-01-07 16:42 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2018-01-21 12:07 - 2018-01-07 16:42 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2018-01-21 12:07 - 2018-01-07 16:42 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2018-01-21 12:07 - 2018-01-07 16:42 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2018-01-21 12:07 - 2018-01-07 16:42 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2018-01-21 12:07 - 2018-01-07 16:42 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2018-01-21 12:07 - 2018-01-07 16:42 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2018-01-21 12:07 - 2018-01-07 16:42 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2018-01-21 12:07 - 2018-01-07 16:42 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2018-01-21 12:07 - 2018-01-07 16:42 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2018-01-21 12:07 - 2018-01-07 16:42 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2018-01-21 12:07 - 2018-01-07 16:42 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2018-01-21 12:07 - 2018-01-07 16:42 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2018-01-21 12:07 - 2018-01-07 16:42 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2018-01-21 12:07 - 2018-01-07 16:42 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2018-01-21 12:07 - 2018-01-07 16:42 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2018-01-21 12:07 - 2018-01-07 16:42 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2018-01-21 12:07 - 2018-01-07 16:42 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2018-01-21 12:07 - 2018-01-07 16:42 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2018-01-21 12:07 - 2018-01-07 16:42 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2018-01-21 12:07 - 2018-01-07 16:42 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2018-01-21 12:07 - 2018-01-07 16:42 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2018-01-21 12:07 - 2018-01-07 16:42 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2018-01-21 12:07 - 2018-01-07 16:42 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2018-01-21 12:07 - 2018-01-07 16:34 - 001665384 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2018-01-21 12:07 - 2018-01-07 16:27 - 004013800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2018-01-21 12:07 - 2018-01-07 16:27 - 003959016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2018-01-21 12:07 - 2018-01-07 16:25 - 001314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2018-01-21 12:07 - 2018-01-07 16:24 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2018-01-21 12:07 - 2018-01-07 16:24 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2018-01-21 12:07 - 2018-01-07 16:24 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2018-01-21 12:07 - 2018-01-07 16:24 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2018-01-21 12:07 - 2018-01-07 16:24 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2018-01-21 12:07 - 2018-01-07 16:24 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll 2018-01-21 12:07 - 2018-01-07 16:24 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2018-01-21 12:07 - 2018-01-07 16:24 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2018-01-21 12:07 - 2018-01-07 16:24 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2018-01-21 12:07 - 2018-01-07 16:24 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2018-01-21 12:07 - 2018-01-07 16:24 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2018-01-21 12:07 - 2018-01-07 16:24 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2018-01-21 12:07 - 2018-01-07 16:24 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll 2018-01-21 12:07 - 2018-01-07 16:24 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2018-01-21 12:07 - 2018-01-07 16:24 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll 2018-01-21 12:07 - 2018-01-07 16:24 - 000065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2018-01-21 12:07 - 2018-01-07 16:24 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2018-01-21 12:07 - 2018-01-07 16:24 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll 2018-01-21 12:07 - 2018-01-07 16:24 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2018-01-21 12:07 - 2018-01-07 16:24 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2018-01-21 12:07 - 2018-01-07 16:24 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2018-01-21 12:07 - 2018-01-07 16:24 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2018-01-21 12:07 - 2018-01-07 16:24 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2018-01-21 12:07 - 2018-01-07 16:24 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2018-01-21 12:07 - 2018-01-07 16:24 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2018-01-21 12:07 - 2018-01-07 16:24 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2018-01-21 12:07 - 2018-01-07 16:24 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2018-01-21 12:07 - 2018-01-07 16:24 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2018-01-21 12:07 - 2018-01-07 16:24 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2018-01-21 12:07 - 2018-01-07 16:24 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2018-01-21 12:07 - 2018-01-07 16:24 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2018-01-21 12:07 - 2018-01-07 16:24 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2018-01-21 12:07 - 2018-01-07 16:24 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2018-01-21 12:07 - 2018-01-07 16:24 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2018-01-21 12:07 - 2018-01-07 16:24 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2018-01-21 12:07 - 2018-01-07 16:24 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2018-01-21 12:07 - 2018-01-07 16:24 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2018-01-21 12:07 - 2018-01-07 16:24 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2018-01-21 12:07 - 2018-01-07 16:24 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2018-01-21 12:07 - 2018-01-07 16:24 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2018-01-21 12:07 - 2018-01-07 16:24 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2018-01-21 12:07 - 2018-01-07 16:24 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2018-01-21 12:07 - 2018-01-07 16:24 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2018-01-21 12:07 - 2018-01-07 16:24 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2018-01-21 12:07 - 2018-01-07 16:24 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2018-01-21 12:07 - 2018-01-07 16:24 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2018-01-21 12:07 - 2018-01-07 16:24 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2018-01-21 12:07 - 2018-01-07 16:12 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe 2018-01-21 12:07 - 2018-01-07 16:12 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys 2018-01-21 12:07 - 2018-01-07 16:12 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe 2018-01-21 12:07 - 2018-01-07 16:11 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2018-01-21 12:07 - 2018-01-07 16:08 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2018-01-21 12:07 - 2018-01-07 16:07 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2018-01-21 12:07 - 2018-01-07 16:04 - 000159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2018-01-21 12:07 - 2018-01-07 16:03 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2018-01-21 12:07 - 2018-01-07 16:03 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2018-01-21 12:07 - 2018-01-07 16:03 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2018-01-21 12:07 - 2018-01-07 16:03 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2018-01-21 12:07 - 2018-01-07 16:03 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2018-01-21 12:07 - 2018-01-07 15:59 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2018-01-21 12:07 - 2018-01-07 15:59 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2018-01-21 12:07 - 2018-01-07 15:59 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2018-01-21 12:07 - 2018-01-07 15:59 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2018-01-21 12:07 - 2018-01-07 15:58 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll 2018-01-21 12:07 - 2018-01-07 15:58 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2018-01-21 12:07 - 2018-01-07 15:58 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2018-01-21 12:07 - 2018-01-07 15:58 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2018-01-21 12:07 - 2018-01-07 15:58 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2018-01-21 12:07 - 2017-12-05 18:36 - 001484288 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2018-01-21 12:07 - 2017-12-05 18:36 - 000229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2018-01-21 12:07 - 2017-12-05 18:36 - 000218112 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll 2018-01-21 12:07 - 2017-12-05 18:36 - 000190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2018-01-21 12:07 - 2017-12-05 18:36 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll 2018-01-21 12:07 - 2017-12-05 18:36 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\TabSvc.dll 2018-01-21 12:07 - 2017-12-05 18:08 - 001176576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2018-01-21 12:07 - 2017-12-05 18:08 - 000179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll 2018-01-21 12:07 - 2017-12-05 18:08 - 000145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll 2018-01-21 12:07 - 2017-12-05 18:08 - 000135168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll 2018-01-21 12:07 - 2017-12-05 18:08 - 000106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll 2018-01-21 12:07 - 2017-12-05 17:04 - 000404992 _____ (Microsoft Corporation) C:\Windows\system32\wisptis.exe 2018-01-21 05:11 - 2018-01-21 05:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HyperSnap 8 2018-01-18 21:50 - 2018-01-18 21:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2018-01-18 21:50 - 2018-01-18 21:50 - 000000000 ____D C:\ProgramData\Malwarebytes 2018-01-18 21:50 - 2017-11-29 09:11 - 000077432 _____ C:\Windows\system32\Drivers\mbae64.sys 2018-01-18 21:34 - 2018-01-19 15:27 - 000000000 ____D C:\Users\lion l\Desktop\[APP] Malwarebytes Premium v3.3.1.2183 2018-01-18 02:06 - 2018-01-18 02:07 - 000000000 ____D C:\Windows\SoftwareDistribution.bak 2018-01-17 23:35 - 2018-01-17 23:35 - 000000000 ____D C:\temp 2018-01-17 23:28 - 2018-01-17 23:28 - 000000000 ____D C:\RegBackup 2018-01-17 22:53 - 2018-01-17 22:53 - 000000000 ____D C:\TDSSKiller_Quarantine 2018-01-17 22:48 - 2018-01-17 22:53 - 000706130 _____ C:\TDSSKiller.3.1.0.15_17.01.2018_22.48.36_log.txt 2018-01-17 22:30 - 2018-01-17 22:45 - 000011650 _____ C:\TDSSKiller.3.1.0.15_17.01.2018_22.30.29_log.txt 2018-01-17 21:40 - 2018-01-18 10:49 - 000000000 ____D C:\inetpub 2018-01-17 21:11 - 2018-01-18 10:52 - 000000000 ____D C:\Windows\SysWOW64\XPSViewer 2018-01-17 21:11 - 2018-01-18 10:50 - 000000000 ____D C:\Program Files\Reference Assemblies 2018-01-17 21:11 - 2018-01-18 10:50 - 000000000 ____D C:\Program Files\MSBuild 2018-01-17 21:11 - 2018-01-18 10:50 - 000000000 ____D C:\Program Files (x86)\MSBuild 2018-01-17 21:11 - 2018-01-18 09:59 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies 2018-01-17 13:28 - 2018-01-18 10:51 - 000000000 ____D C:\Users\lion l\AppData\LocalLow\Oracle 2018-01-16 02:55 - 2018-01-16 15:22 - 634268578 _____ C:\Users\lion l\Desktop\Dj Lion L - Neuro circus - Vol 1- 16-01-2018 - Neurofunk.wav 2018-01-15 23:27 - 2018-01-15 23:49 - 674299864 _____ C:\Users\lion l\Desktop\Dj Lion L - Hacking King 15-01-2018.wav 2018-01-14 23:41 - 2018-01-14 23:41 - 000000230 _____ C:\Users\lion l\Desktop\EMDR France Annuaire général.URL 2018-01-14 22:54 - 2018-01-15 11:24 - 000000520 _____ C:\Users\lion l\Desktop\docteur emdr.txt 2018-01-13 17:35 - 2017-12-29 02:47 - 000226024 _____ (Tonec Inc.) C:\Windows\system32\Drivers\idmwfp.sys 2018-01-11 20:11 - 2018-01-11 20:11 - 000000000 ____D C:\Users\lion l\Desktop\dossier 2016 aah modele 2018-01-08 04:54 - 2018-01-08 04:54 - 000018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys 2018-01-08 04:52 - 2018-01-08 04:52 - 001854096 _____ (Logitech, Inc.) C:\Windows\system32\LkmdfCoInst.dll 2018-01-08 04:52 - 2018-01-08 04:52 - 001077696 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys 2018-01-08 04:52 - 2018-01-08 04:52 - 000122816 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll 2018-01-08 04:52 - 2018-01-08 04:52 - 000118784 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll 2018-01-08 04:52 - 2018-01-08 04:52 - 000086672 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LHidFilt.Sys 2018-01-08 04:52 - 2018-01-08 04:52 - 000069264 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LMouFilt.Sys 2018-01-08 04:52 - 2018-01-08 04:52 - 000063120 _____ (Logitech, Inc.) C:\Windows\system32\LMouFiltCoInst.dll 2018-01-08 04:45 - 2018-01-18 10:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriversCloud.com 2018-01-08 04:45 - 2018-01-18 10:50 - 000000000 ____D C:\Program Files\DriversCloud.com 2018-01-08 04:45 - 2018-01-08 04:45 - 000000982 _____ C:\Users\Public\Desktop\DriversCloud.com - Démarrer la détection.lnk 2018-01-08 04:45 - 2018-01-08 04:45 - 000000000 ____D C:\ProgramData\DriversCloud.com 2018-01-07 02:57 - 2018-01-18 10:09 - 000000000 ____D C:\Users\lion l\AppData\Roaming\Thinstall ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2064-01-01 04:33 - 2017-10-27 02:48 - 000000000 ____D C:\ProgramData\eLicenser 2018-02-06 17:28 - 2017-10-23 18:46 - 000000000 ____D C:\Users\lion l\AppData\Roaming\uTorrent 2018-02-06 17:12 - 2017-10-23 19:07 - 000001186 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job 2018-02-06 17:03 - 2017-10-23 07:36 - 000000000 ____D C:\Users\lion l\Documents\Mes téléchargements Filehippo 2018-02-06 17:00 - 2017-12-15 17:00 - 000063585 _____ C:\Users\lion l\Network_Meter_Data.js 2018-02-06 16:27 - 2017-10-23 04:59 - 000003292 _____ C:\Windows\System32\Tasks\Avira_Antivirus_Systray 2018-02-06 15:51 - 2009-07-14 05:45 - 000021280 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2018-02-06 15:51 - 2009-07-14 05:45 - 000021280 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2018-02-06 15:46 - 2017-11-20 03:19 - 000000000 ____D C:\ProgramData\KMSAutoS 2018-02-06 14:20 - 2017-11-15 08:49 - 000000000 ____D C:\Users\lion l\AppData\LocalLow\Mozilla 2018-02-06 00:31 - 2017-10-23 03:17 - 000782424 _____ C:\Windows\system32\perfh00C.dat 2018-02-06 00:31 - 2017-10-23 03:17 - 000160946 _____ C:\Windows\system32\perfc00C.dat 2018-02-06 00:31 - 2009-07-14 06:13 - 001759238 _____ C:\Windows\system32\PerfStringBackup.INI 2018-02-06 00:31 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf 2018-02-05 23:39 - 2017-10-23 07:14 - 000000000 ____D C:\Users\lion l\AppData\Roaming\FileZilla 2018-02-05 23:17 - 2017-12-15 21:46 - 000025822 _____ C:\Users\lion l\IP_Log_Data.js 2018-02-05 22:49 - 2017-10-23 06:26 - 000000000 ____D C:\Users\lion l\AppData\Roaming\Skype 2018-02-05 20:12 - 2017-10-23 19:07 - 000001182 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job 2018-02-03 23:22 - 2017-10-23 05:19 - 000000000 ____D C:\Users\lion l\AppData\Roaming\DMCache 2018-02-03 23:22 - 2017-10-23 03:59 - 000000029 _____ C:\Users\lion l\AppData\Roaming\Network Meter_Usage.ini 2018-02-02 19:55 - 2017-10-23 07:37 - 000000082 _____ C:\Windows\SysWOW64\winsevr.dat 2018-02-02 19:55 - 2017-10-23 07:36 - 000000000 ____D C:\Program Files (x86)\AOMEI Backupper 2018-02-02 19:55 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2018-02-02 19:52 - 2017-10-23 06:30 - 000000000 ____D C:\Users\lion l\AppData\Roaming\KeePass 2018-02-02 06:24 - 2017-10-23 04:59 - 000153552 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2018-02-02 04:38 - 2017-10-23 03:44 - 000002229 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2018-02-02 00:19 - 2017-10-23 03:07 - 000000000 ____D C:\Users\lion l\AppData\Roaming\AIMP 2018-02-01 23:22 - 2017-10-23 02:16 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2018-02-01 22:56 - 2017-12-09 23:01 - 001344068 _____ C:\Users\lion l\Documents\Duplicate Cleaner log.txt 2018-02-01 15:41 - 2017-10-23 18:01 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2018-02-01 15:00 - 2017-10-20 07:47 - 000001024 _____ C:\.rnd 2018-01-31 01:07 - 2017-11-07 04:04 - 000000000 ____D C:\Users\lion l\AppData\Roaming\vlc 2018-01-30 02:45 - 2017-10-23 22:23 - 000000000 ____D C:\Program Files (x86)\Origin 2018-01-30 01:51 - 2017-10-23 04:15 - 000000000 ____D C:\Program Files\Mozilla Firefox 2018-01-29 19:51 - 2017-10-23 20:20 - 000000000 ____D C:\Users\lion l\Desktop\a_up 2018-01-29 00:16 - 2017-11-02 17:58 - 000000000 ____D C:\Users\lion l\AppData\Roaming\TeraCopy 2018-01-28 22:46 - 2017-10-23 22:52 - 000000000 ____D C:\Users\lion l\AppData\Roaming\Mp3tag 2018-01-27 12:11 - 2017-10-23 22:22 - 000000000 ____D C:\ProgramData\Origin 2018-01-27 04:53 - 2017-10-23 22:23 - 000000000 ____D C:\Users\lion l\AppData\Roaming\Origin 2018-01-27 03:19 - 2017-10-23 04:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag 2018-01-27 03:19 - 2017-10-23 04:08 - 000000000 ____D C:\Program Files (x86)\Mp3tag 2018-01-27 03:16 - 2017-10-23 03:09 - 000000000 ____D C:\Users\lion l\AppData\Roaming\WhatsApp 2018-01-26 12:43 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\rescache 2018-01-25 07:41 - 2017-10-23 19:47 - 000000000 ____D C:\Users\lion l\AppData\Roaming\dBpoweramp 2018-01-25 06:20 - 2017-10-23 02:17 - 000000000 ____D C:\Users\lion l\AppData\Roaming\Notepad++ 2018-01-25 05:21 - 2017-10-23 19:07 - 000000000 ____D C:\Program Files (x86)\Dropbox 2018-01-24 12:28 - 2017-10-23 03:10 - 000000000 ____D C:\Users\lion l\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp 2018-01-23 12:29 - 2017-10-23 01:50 - 001731010 _____ C:\Windows\SysWOW64\PerfStringBackup.INI 2018-01-23 12:08 - 2017-10-23 07:55 - 000000000 ____D C:\Windows\system32\appraiser 2018-01-23 12:08 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\tracing 2018-01-23 01:50 - 2017-12-16 02:35 - 000000000 ____D C:\Users\lion l\AppData\Roaming\Wise Disk Cleaner 2018-01-23 01:15 - 2017-10-23 05:19 - 000000000 ____D C:\Users\lion l\Downloads\Video 2018-01-23 01:10 - 2017-10-23 07:52 - 000000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.4 2018-01-22 22:21 - 2017-10-26 01:43 - 000004130 _____ C:\Windows\System32\Tasks\CCleaner Update 2018-01-22 22:21 - 2017-10-23 05:19 - 000000000 ____D C:\Users\lion l\AppData\Roaming\IDM 2018-01-21 14:21 - 2017-11-07 20:45 - 000000000 ____D C:\Users\lion l\AppData\Roaming\spek 2018-01-21 05:11 - 2017-10-23 18:27 - 000000000 ____D C:\Program Files\HyperSnap 8 2018-01-19 15:53 - 2017-10-23 20:33 - 000144448 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll 2018-01-19 15:53 - 2017-10-23 20:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2018-01-19 15:52 - 2017-10-23 20:32 - 000000000 ____D C:\Program Files\Java 2018-01-19 14:56 - 2017-10-23 05:19 - 000000000 ____D C:\Program Files (x86)\Internet Download Manager 2018-01-19 14:49 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\NDF 2018-01-18 21:50 - 2017-10-23 05:18 - 000000000 ____D C:\Program Files\Malwarebytes 2018-01-18 21:42 - 2017-11-02 17:58 - 000000000 ___HD C:\Users\lion l\AppData\Roaming\Obsidium 2018-01-18 19:27 - 2017-10-29 01:38 - 000000000 ____D C:\Windows\Minidump 2018-01-18 15:29 - 2017-10-23 01:33 - 001951200 _____ C:\Windows\WindowsUpdate.log.bak 2018-01-18 10:59 - 2017-10-24 00:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune Pro 2018-01-18 10:57 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\TAPI 2018-01-18 10:57 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\Msdtc 2018-01-18 10:56 - 2017-10-23 03:14 - 000000000 ____D C:\Windows\SysWOW64\fr 2018-01-18 10:56 - 2017-10-23 03:12 - 000000000 ____D C:\Windows\system32\fr 2018-01-18 10:56 - 2011-04-12 09:28 - 000000000 __SHD C:\Windows\BitLockerDiscoveryVolumeContents 2018-01-18 10:56 - 2009-07-14 06:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2018-01-18 10:56 - 2009-07-14 06:32 - 000000000 ____D C:\Windows\system32\WinBioPlugIns 2018-01-18 10:56 - 2009-07-14 06:32 - 000000000 ____D C:\Windows\Offline Web Pages 2018-01-18 10:56 - 2009-07-14 06:32 - 000000000 ____D C:\Windows\addins 2018-01-18 10:56 - 2009-07-14 06:32 - 000000000 ____D C:\Program Files\Windows Sidebar 2018-01-18 10:56 - 2009-07-14 06:32 - 000000000 ____D C:\Program Files\Windows Portable Devices 2018-01-18 10:56 - 2009-07-14 06:32 - 000000000 ____D C:\Program Files\Windows Photo Viewer 2018-01-18 10:56 - 2009-07-14 06:32 - 000000000 ____D C:\Program Files\Windows Defender 2018-01-18 10:56 - 2009-07-14 06:32 - 000000000 ____D C:\Program Files\DVD Maker 2018-01-18 10:56 - 2009-07-14 06:32 - 000000000 ____D C:\Program Files (x86)\Windows Sidebar 2018-01-18 10:56 - 2009-07-14 06:32 - 000000000 ____D C:\Program Files (x86)\Windows Portable Devices 2018-01-18 10:56 - 2009-07-14 06:32 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2018-01-18 10:56 - 2009-07-14 06:32 - 000000000 ____D C:\Program Files (x86)\Windows Defender 2018-01-18 10:56 - 2009-07-14 04:20 - 000000000 __RSD C:\Windows\Media 2018-01-18 10:56 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\SysWOW64\Setup 2018-01-18 10:56 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\SysWOW64\ras 2018-01-18 10:56 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\SysWOW64\oobe 2018-01-18 10:56 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\SysWOW64\migwiz 2018-01-18 10:56 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\SysWOW64\manifeststore 2018-01-18 10:56 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\SysWOW64\lv-LV 2018-01-18 10:56 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\SysWOW64\lt-LT 2018-01-18 10:56 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\SysWOW64\InstallShield 2018-01-18 10:56 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\SysWOW64\icsxml 2018-01-18 10:56 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\SysWOW64\et-EE 2018-01-18 10:56 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\SysWOW64\Dism 2018-01-18 10:56 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\SysWOW64\com 2018-01-18 10:56 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\SysWOW64\AdvancedInstallers 2018-01-18 10:56 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\sysprep 2018-01-18 10:56 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\Setup 2018-01-18 10:56 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\ras 2018-01-18 10:56 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\oobe 2018-01-18 10:56 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\migwiz 2018-01-18 10:56 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\manifeststore 2018-01-18 10:56 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\lv-LV 2018-01-18 10:56 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\lt-LT 2018-01-18 10:56 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\icsxml 2018-01-18 10:56 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\ias 2018-01-18 10:56 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\et-EE 2018-01-18 10:56 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\Dism 2018-01-18 10:56 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\com 2018-01-18 10:56 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\AdvancedInstallers 2018-01-18 10:56 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\servicing 2018-01-18 10:56 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\PolicyDefinitions 2018-01-18 10:56 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\L2Schemas 2018-01-18 10:56 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\IME 2018-01-18 10:56 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\Cursors 2018-01-18 10:56 - 2009-07-14 04:20 - 000000000 ____D C:\Program Files\Common Files\System 2018-01-18 10:56 - 2009-07-14 04:20 - 000000000 ____D C:\Program Files\Common Files\Services 2018-01-18 10:52 - 2017-11-08 06:31 - 000000000 ____D C:\Windows\SysWOW64\PolicyDefinitions 2018-01-18 10:52 - 2017-11-08 06:31 - 000000000 ____D C:\Windows\System32\Tasks\Safer-Networking 2018-01-18 10:52 - 2017-10-27 03:54 - 000000000 ____D C:\Windows\System32\Tasks\Apple 2018-01-18 10:52 - 2017-10-24 00:41 - 000000000 ____D C:\Windows\system32\Macromed 2018-01-18 10:52 - 2017-10-23 19:53 - 000000000 ____D C:\Windows\SysWOW64\Macromed 2018-01-18 10:52 - 2017-10-23 18:16 - 000000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform 2018-01-18 10:52 - 2017-10-23 04:55 - 000000000 ____D C:\Windows\System32\Tasks\WiseCleaner 2018-01-18 10:52 - 2011-04-12 09:17 - 000000000 ____D C:\Windows\SysWOW64\winrm 2018-01-18 10:52 - 2011-04-12 09:17 - 000000000 ____D C:\Windows\SysWOW64\WCN 2018-01-18 10:52 - 2011-04-12 09:17 - 000000000 ____D C:\Windows\SysWOW64\slmgr 2018-01-18 10:52 - 2011-04-12 09:17 - 000000000 ____D C:\Windows\SysWOW64\Printing_Admin_Scripts 2018-01-18 10:52 - 2011-04-12 09:17 - 000000000 ____D C:\Windows\system32\winrm 2018-01-18 10:52 - 2011-04-12 09:17 - 000000000 ____D C:\Windows\system32\WCN 2018-01-18 10:52 - 2011-04-12 09:17 - 000000000 ____D C:\Windows\system32\slmgr 2018-01-18 10:52 - 2011-04-12 09:17 - 000000000 ____D C:\Windows\system32\Printing_Admin_Scripts 2018-01-18 10:52 - 2009-07-14 04:20 - 000000000 ___HD C:\Windows\system32\GroupPolicy 2018-01-18 10:52 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\SysWOW64\MUI 2018-01-18 10:52 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\SysWOW64\Msdtc 2018-01-18 10:52 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\SysWOW64\IME 2018-01-18 10:52 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\spool 2018-01-18 10:52 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\SMI 2018-01-18 10:52 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\MUI 2018-01-18 10:52 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\IME 2018-01-18 10:51 - 2018-01-05 11:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Data Recovery Wizard 2018-01-18 10:51 - 2017-12-23 20:03 - 000000000 ____D C:\Users\lion l\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LastPass 2018-01-18 10:51 - 2017-12-23 20:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LastPass 2018-01-18 10:51 - 2017-12-16 02:35 - 000000000 ____D C:\Users\lion l\AppData\Roaming\Wise Registry Cleaner 2018-01-18 10:51 - 2017-12-16 02:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Registry Cleaner 2018-01-18 10:51 - 2017-12-12 18:20 - 000000000 ____D C:\Users\lion l\AppData\Roaming\audacity 2018-01-18 10:51 - 2017-12-10 17:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CodeMeter 2018-01-18 10:51 - 2017-11-30 17:12 - 000000000 ____D C:\Users\lion l\Documents\Dynamic Library 2018-01-18 10:51 - 2017-11-25 12:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HomeDev 2018-01-18 10:51 - 2017-11-25 09:46 - 000000000 __HDC C:\ProgramData\{781D5802-8CD2-44DB-8B92-AE3303955601} 2018-01-18 10:51 - 2017-11-25 01:04 - 000000000 ____D C:\Users\lion l\AppData\Roaming\CodeBlocks 2018-01-18 10:51 - 2017-11-24 10:32 - 000000000 ____D C:\Users\lion l\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CodeBlocks 2018-01-18 10:51 - 2017-11-24 10:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CodeBlocks 2018-01-18 10:51 - 2017-11-21 09:14 - 000000000 ____D C:\Users\lion l\AppData\Roaming\obs-studio 2018-01-18 10:51 - 2017-11-21 09:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio 2018-01-18 10:51 - 2017-11-13 08:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 2018-01-18 10:51 - 2017-11-12 06:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serato 2018-01-18 10:51 - 2017-11-08 06:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot Anti-Beacon 2018-01-18 10:51 - 2017-11-07 03:54 - 000000000 ____D C:\Users\lion l\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVS4YOU 2018-01-18 10:51 - 2017-11-07 03:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU 2018-01-18 10:51 - 2017-11-03 02:04 - 000000000 ____D C:\ProgramData\X360CE 2018-01-18 10:51 - 2017-11-02 17:05 - 000000000 ____D C:\Users\lion l\Documents\Neverwinter Nights 2 2018-01-18 10:51 - 2017-11-02 03:20 - 000000000 ____D C:\Users\lion l\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2018-01-18 10:51 - 2017-10-28 04:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center 2018-01-18 10:51 - 2017-10-28 02:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Waves 2018-01-18 10:51 - 2017-10-28 02:20 - 000000000 ___SD C:\ProgramData\Waves Audio 2018-01-18 10:51 - 2017-10-28 02:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Waves Central 2018-01-18 10:51 - 2017-10-28 01:30 - 000000000 ____D C:\Users\lion l\AppData\Roaming\MAGIX 2018-01-18 10:51 - 2017-10-28 01:22 - 000000000 ____D C:\ProgramData\VEGAS 2018-01-18 10:51 - 2017-10-28 01:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX 2018-01-18 10:51 - 2017-10-28 01:22 - 000000000 ____D C:\ProgramData\MAGIX 2018-01-18 10:51 - 2017-10-27 21:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Overloud 2018-01-18 10:51 - 2017-10-27 20:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McDSP 2018-01-18 10:51 - 2017-10-27 20:52 - 000000000 ____D C:\ProgramData\AudioUTOPiA 2018-01-18 10:51 - 2017-10-27 20:07 - 000000000 ____D C:\Users\lion l\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HOFA 2018-01-18 10:51 - 2017-10-27 03:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steinberg 2018-01-18 10:51 - 2017-10-27 03:46 - 000000000 ____D C:\Users\lion l\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steinberg Cubase LE AI Elements 9 2018-01-18 10:51 - 2017-10-27 03:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eLicenser 2018-01-18 10:51 - 2017-10-27 02:48 - 000000000 ____D C:\Users\lion l\AppData\Roaming\Steinberg Installation Updater 2018-01-18 10:51 - 2017-10-24 09:05 - 000000000 ____D C:\Users\lion l\Desktop\app android bluestacks 2018-01-18 10:51 - 2017-10-24 08:07 - 000000000 ____D C:\Windows\pss 2018-01-18 10:51 - 2017-10-24 07:51 - 000000000 ____D C:\Users\lion l\Downloads\Temp 2018-01-18 10:51 - 2017-10-24 07:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ditto 2018-01-18 10:51 - 2017-10-24 04:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime 2018-01-18 10:51 - 2017-10-24 03:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith 2018-01-18 10:51 - 2017-10-24 01:48 - 000000000 ____D C:\Users\lion l\AppData\Roaming\georando 2018-01-18 10:51 - 2017-10-24 01:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Géorando Liberté VT 2018-01-18 10:51 - 2017-10-24 00:25 - 000000000 ____D C:\Users\lion l\AppData\Roaming\R-TT 2018-01-18 10:51 - 2017-10-24 00:24 - 000000000 ____D C:\Users\lion l\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\R-Studio 2018-01-18 10:51 - 2017-10-24 00:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FILE RECOVERY for Windows 2018-01-18 10:51 - 2017-10-24 00:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UCheck 2018-01-18 10:51 - 2017-10-24 00:17 - 000000000 ____D C:\ProgramData\UCheck 2018-01-18 10:51 - 2017-10-24 00:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinalWire 2018-01-18 10:51 - 2017-10-24 00:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO64 2018-01-18 10:51 - 2017-10-24 00:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate 2018-01-18 10:51 - 2017-10-24 00:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskMark 2018-01-18 10:51 - 2017-10-23 23:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\2BrightSparks 2018-01-18 10:51 - 2017-10-23 23:17 - 000000000 ____D C:\Users\lion l\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Serato 2018-01-18 10:51 - 2017-10-23 23:16 - 000000000 ____D C:\Windows\Downloaded Installations 2018-01-18 10:51 - 2017-10-23 23:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Numark 2018-01-18 10:51 - 2017-10-23 23:15 - 000000000 ____D C:\ProgramData\inMusic 2018-01-18 10:51 - 2017-10-23 22:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Arboretum 2018-01-18 10:51 - 2017-10-23 22:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony 2018-01-18 10:51 - 2017-10-23 22:29 - 000000000 ____D C:\Users\lion l\AppData\Roaming\Sony 2018-01-18 10:51 - 2017-10-23 22:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimCity™ 2018-01-18 10:51 - 2017-10-23 22:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin 2018-01-18 10:51 - 2017-10-23 21:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey 2018-01-18 10:51 - 2017-10-23 20:40 - 000000000 ____D C:\Users\lion l\AppData\Roaming\Winamp 2018-01-18 10:51 - 2017-10-23 20:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp 2018-01-18 10:51 - 2017-10-23 20:20 - 000000000 ____D C:\Users\lion l\Desktop\mIRC.v7.48 2018-01-18 10:51 - 2017-10-23 20:20 - 000000000 ____D C:\Users\lion l\Desktop\lion team 2018-01-18 10:51 - 2017-10-23 20:20 - 000000000 ____D C:\Users\lion l\Desktop\KompoZer 0.7.10 2018-01-18 10:51 - 2017-10-23 19:58 - 000000000 __HDC C:\ProgramData\{F5F70DB9-3A6F-41BE-87C8-E6E4372C83AA} 2018-01-18 10:51 - 2017-10-23 19:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments Massive 2018-01-18 10:51 - 2017-10-23 19:54 - 000000000 ____D C:\ProgramData\Native Instruments 2018-01-18 10:51 - 2017-10-23 19:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments 2018-01-18 10:51 - 2017-10-23 19:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Propellerhead 2018-01-18 10:51 - 2017-10-23 19:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\dBpoweramp Music Converter 2018-01-18 10:51 - 2017-10-23 19:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\dBpoweramp 2018-01-18 10:51 - 2017-10-23 18:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft WebCam Companion 3 2018-01-18 10:51 - 2017-10-23 18:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft Connect 2018-01-18 10:51 - 2017-10-23 18:41 - 000000000 ____D C:\Users\lion l\AppData\Roaming\ArcSoft 2018-01-18 10:51 - 2017-10-23 18:15 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outils Microsoft Office 2016 2018-01-18 10:51 - 2017-10-23 18:12 - 000000000 ____D C:\Windows\SHELLNEW 2018-01-18 10:51 - 2017-10-23 08:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoulseekQt 2018-01-18 10:51 - 2017-10-23 07:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva 2018-01-18 10:51 - 2017-10-23 07:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ant Renamer 2018-01-18 10:51 - 2017-10-23 07:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo 2018-01-18 10:51 - 2017-10-23 07:48 - 000000000 ____D C:\Users\lion l\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OCCT 2018-01-18 10:51 - 2017-10-23 07:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2018-01-18 10:51 - 2017-10-23 07:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MP3Gain 2018-01-18 10:51 - 2017-10-23 07:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOMEI Backupper 2018-01-18 10:51 - 2017-10-23 07:37 - 000000000 ____D C:\ProgramData\AomeiBR 2018-01-18 10:51 - 2017-10-23 07:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID 2018-01-18 10:51 - 2017-10-23 07:29 - 000000000 ____D C:\Users\lion l\AppData\Roaming\Locktime Software 2018-01-18 10:51 - 2017-10-23 07:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetLimiter 4 2018-01-18 10:51 - 2017-10-23 07:19 - 000000000 __HDC C:\ProgramData\{89E12743-F5D2-491A-AE99-56622754DF19} 2018-01-18 10:51 - 2017-10-23 07:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client 2018-01-18 10:51 - 2017-10-23 07:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paragon Hard Disk Manager™ 15 Premium 2018-01-18 10:51 - 2017-10-23 07:01 - 000000000 ____D C:\Users\lion l\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Registry Trash Keys Finder 2018-01-18 10:51 - 2017-10-23 06:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spek 2018-01-18 10:51 - 2017-10-23 06:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Disk Cleaner 2018-01-18 10:51 - 2017-10-23 06:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Axantum AxCrypt 2018-01-18 10:51 - 2017-10-23 05:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Resource Hacker 2018-01-18 10:51 - 2017-10-23 05:49 - 000000000 ____D C:\Users\lion l\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader 2018-01-18 10:51 - 2017-10-23 05:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite 2018-01-18 10:51 - 2017-10-23 05:24 - 000000000 ____D C:\ProgramData\DAEMON Tools Lite 2018-01-18 10:51 - 2017-10-23 05:23 - 000000000 ____D C:\Users\lion l\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker 2018-01-18 10:51 - 2017-10-23 05:19 - 000000000 ____D C:\Users\lion l\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager 2018-01-18 10:51 - 2017-10-23 05:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager 2018-01-18 10:51 - 2017-10-23 05:17 - 000000000 ____D C:\Users\lion l\AppData\Roaming\Raptr 2018-01-18 10:51 - 2017-10-23 05:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Partition Master 12.5 2018-01-18 10:51 - 2017-10-23 04:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2018-01-18 10:51 - 2017-10-23 04:54 - 000000000 ____D C:\Users\lion l\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Python 3.6 2018-01-18 10:51 - 2017-10-23 04:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2018-01-18 10:51 - 2017-10-23 03:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2018-01-18 10:51 - 2017-10-23 03:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2018-01-18 10:51 - 2017-10-23 03:35 - 000000000 ____D C:\Windows\RaidTool 2018-01-18 10:51 - 2017-10-23 03:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JMicron Technology Corp 2018-01-18 10:51 - 2017-10-23 03:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC x64 2018-01-18 10:51 - 2017-10-23 03:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Daum 2018-01-18 10:51 - 2017-10-23 03:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP 2018-01-18 10:51 - 2017-10-23 02:32 - 000000000 ____D C:\ProgramData\Package Cache 2018-01-18 10:51 - 2017-10-23 02:19 - 000000000 ____D C:\Users\lion l\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2018-01-18 10:51 - 2017-10-23 02:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2018-01-18 10:51 - 2017-10-23 02:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++ 2018-01-18 10:51 - 2017-10-23 02:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative 2018-01-18 10:51 - 2009-07-14 06:32 - 000000000 ____D C:\Windows\Performance 2018-01-18 10:51 - 2009-07-14 05:45 - 000000000 ____D C:\Windows\Setup 2018-01-18 10:51 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\Catroot2.bak 2018-01-18 10:51 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\security 2018-01-18 10:51 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\schemas 2018-01-18 10:51 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\Resources 2018-01-18 10:51 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\PLA 2018-01-18 10:51 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\Help 2018-01-18 10:51 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\Globalization 2018-01-18 10:51 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\Branding 2018-01-18 10:51 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\AppCompat 2018-01-18 10:50 - 2017-12-23 20:03 - 000000000 ____D C:\Program Files (x86)\LastPass 2018-01-18 10:50 - 2017-12-10 17:45 - 000000000 ____D C:\Program Files\WIBU-SYSTEMS 2018-01-18 10:50 - 2017-11-24 04:32 - 000000000 ____D C:\Program Files (x86)\FileHippo.com 2018-01-18 10:50 - 2017-11-21 09:10 - 000000000 ____D C:\Program Files (x86)\obs-studio 2018-01-18 10:50 - 2017-11-13 08:47 - 000000000 ____D C:\Program Files (x86)\Nero 2018-01-18 10:50 - 2017-11-08 06:31 - 000000000 ____D C:\Program Files (x86)\Spybot Anti-Beacon 2018-01-18 10:50 - 2017-11-02 17:03 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2018-01-18 10:50 - 2017-10-28 04:23 - 000000000 ____D C:\Program Files\Common Files\ATI Technologies 2018-01-18 10:50 - 2017-10-28 02:40 - 000000000 ___SD C:\Program Files (x86)\Waves 2018-01-18 10:50 - 2017-10-28 02:17 - 000000000 ____D C:\Program Files (x86)\Waves Central 2018-01-18 10:50 - 2017-10-27 20:52 - 000000000 ____D C:\Program Files\VSTPlugins 2018-01-18 10:50 - 2017-10-27 20:52 - 000000000 ____D C:\Program Files (x86)\VSTPlugins 2018-01-18 10:50 - 2017-10-27 20:07 - 000000000 ____D C:\Program Files\HOFA 2018-01-18 10:50 - 2017-10-27 03:32 - 000000000 ____D C:\Program Files\eLicenser 2018-01-18 10:50 - 2017-10-27 03:32 - 000000000 ____D C:\Program Files (x86)\Syncrosoft 2018-01-18 10:50 - 2017-10-27 03:32 - 000000000 ____D C:\Program Files (x86)\eLicenser 2018-01-18 10:50 - 2017-10-27 02:47 - 000000000 ____D C:\Program Files\Steinberg 2018-01-18 10:50 - 2017-10-24 08:22 - 000000000 ____D C:\Program Files (x86)\UltraISO 2018-01-18 10:50 - 2017-10-24 07:51 - 000000000 ____D C:\Program Files\Ditto 2018-01-18 10:50 - 2017-10-24 04:29 - 000000000 ____D C:\Program Files (x86)\QuickTime 2018-01-18 10:50 - 2017-10-24 01:12 - 000000000 ____D C:\Program Files\TeraCopy 2018-01-18 10:50 - 2017-10-24 00:24 - 000000000 ____D C:\Program Files (x86)\R-Studio 2018-01-18 10:50 - 2017-10-24 00:22 - 000000000 ____D C:\Program Files (x86)\FILE RECOVERY for Windows 2018-01-18 10:50 - 2017-10-24 00:10 - 000000000 ____D C:\Program Files\HWiNFO64 2018-01-18 10:50 - 2017-10-24 00:09 - 000000000 ____D C:\Program Files (x86)\HD Tune Pro 2018-01-18 10:50 - 2017-10-24 00:06 - 000000000 ____D C:\Program Files\CrystalDiskMark 2018-01-18 10:50 - 2017-10-23 23:17 - 000000000 ____D C:\Program Files (x86)\Serato 2018-01-18 10:50 - 2017-10-23 23:15 - 000000000 ____D C:\Program Files (x86)\Numark 2018-01-18 10:50 - 2017-10-23 22:09 - 000000000 ____D C:\Program Files (x86)\Steinberg 2018-01-18 10:50 - 2017-10-23 21:35 - 000000000 ____D C:\Program Files\Common Files\Propellerhead Software 2018-01-18 10:50 - 2017-10-23 20:48 - 000000000 ____D C:\Program Files (x86)\Lame For Audacity 2018-01-18 10:50 - 2017-10-23 20:40 - 000000000 ____D C:\Program Files (x86)\Winamp 2018-01-18 10:50 - 2017-10-23 19:58 - 000000000 ____D C:\Program Files\Common Files\Native Instruments 2018-01-18 10:50 - 2017-10-23 19:54 - 000000000 ____D C:\Program Files\Native Instruments 2018-01-18 10:50 - 2017-10-23 19:54 - 000000000 ____D C:\Program Files (x86)\Native Instruments 2018-01-18 10:50 - 2017-10-23 19:46 - 000000000 ____D C:\Program Files\SpoonUninstall 2018-01-18 10:50 - 2017-10-23 19:46 - 000000000 ____D C:\Program Files\dBpoweramp 2018-01-18 10:50 - 2017-10-23 18:14 - 000000000 ____D C:\Program Files\Microsoft SQL Server 2018-01-18 10:50 - 2017-10-23 18:14 - 000000000 ____D C:\Program Files\Common Files\DESIGNER 2018-01-18 10:50 - 2017-10-23 18:14 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server 2018-01-18 10:50 - 2017-10-23 08:16 - 000000000 ____D C:\Program Files (x86)\SoulseekQt 2018-01-18 10:50 - 2017-10-23 07:54 - 000000000 ____D C:\Program Files\Recuva 2018-01-18 10:50 - 2017-10-23 07:50 - 000000000 ____D C:\Program Files (x86)\CrystalDiskInfo 2018-01-18 10:50 - 2017-10-23 07:48 - 000000000 ____D C:\Program Files (x86)\OCCTPT 2018-01-18 10:50 - 2017-10-23 07:39 - 000000000 ____D C:\Program Files (x86)\MP3Gain 2018-01-18 10:50 - 2017-10-23 07:34 - 000000000 ____D C:\Program Files\UCheck 2018-01-18 10:50 - 2017-10-23 07:19 - 000000000 ____D C:\Program Files (x86)\FlashFXP 5 2018-01-18 10:50 - 2017-10-23 07:13 - 000000000 ____D C:\Program Files (x86)\FileZilla FTP Client 2018-01-18 10:50 - 2017-10-23 07:01 - 000000000 ____D C:\Program Files (x86)\TrashReg 2018-01-18 10:50 - 2017-10-23 06:32 - 000000000 ____D C:\Program Files (x86)\Spek 2018-01-18 10:50 - 2017-10-23 06:28 - 000000000 ____D C:\Program Files (x86)\KeePass Password Safe 2 2018-01-18 10:50 - 2017-10-23 06:26 - 000000000 ___RD C:\Program Files (x86)\Skype 2018-01-18 10:50 - 2017-10-23 05:59 - 000000000 ____D C:\Program Files (x86)\Resource Hacker 2018-01-18 10:50 - 2017-10-23 05:25 - 000000000 ____D C:\Program Files\DAEMON Tools Lite 2018-01-18 10:50 - 2017-10-23 05:23 - 000000000 ____D C:\Program Files\Unlocker 2018-01-18 10:50 - 2017-10-23 04:56 - 000000000 ____D C:\Program Files\CCleaner 2018-01-18 10:50 - 2017-10-23 03:39 - 000000000 ____D C:\Program Files\Microsoft Silverlight 2018-01-18 10:50 - 2017-10-23 03:39 - 000000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2018-01-18 10:50 - 2017-10-23 03:13 - 000000000 ____D C:\Program Files\MPC-HC 2018-01-18 10:50 - 2017-10-23 02:48 - 000000000 ____D C:\Program Files (x86)\Raptr Inc 2018-01-18 10:50 - 2017-10-23 02:19 - 000000000 ____D C:\Program Files\WinRAR 2018-01-18 10:50 - 2017-10-23 02:17 - 000000000 ____D C:\Program Files (x86)\Notepad++ 2018-01-18 10:50 - 2017-10-23 02:09 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2018-01-18 10:50 - 2017-10-23 02:09 - 000000000 ____D C:\Program Files\Creative 2018-01-18 10:50 - 2017-10-23 02:09 - 000000000 ____D C:\Program Files (x86)\Creative 2018-01-18 10:50 - 2009-07-14 06:32 - 000000000 ____D C:\Program Files\Microsoft Games 2018-01-18 10:50 - 2009-07-14 04:20 - 000000000 ____D C:\Program Files\Windows NT 2018-01-18 10:50 - 2009-07-14 04:20 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared 2018-01-18 10:50 - 2009-07-14 04:20 - 000000000 ____D C:\Program Files (x86)\Windows NT 2018-01-18 10:49 - 2017-12-10 17:45 - 000000000 ____D C:\Program Files (x86)\CodeMeter 2018-01-18 10:49 - 2017-11-24 23:21 - 000000000 ____D C:\AdwCleaner 2018-01-18 10:49 - 2017-11-24 10:32 - 000000000 ____D C:\Program Files (x86)\CodeBlocks 2018-01-18 10:49 - 2017-11-07 03:50 - 000000000 ____D C:\Program Files (x86)\AVS4YOU 2018-01-18 10:49 - 2017-10-27 03:54 - 000000000 ____D C:\Program Files (x86)\Apple Software Update 2018-01-18 10:49 - 2017-10-24 08:18 - 000000000 ____D C:\Program Files (x86)\BlueStacks 2018-01-18 10:49 - 2017-10-23 21:22 - 000000000 ____D C:\Program Files (x86)\AutoHotkey 2018-01-18 10:49 - 2017-10-23 07:52 - 000000000 ____D C:\Program Files (x86)\Ant Renamer 2018-01-18 10:49 - 2017-10-23 03:06 - 000000000 ____D C:\Program Files (x86)\AIMP 2018-01-18 10:41 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\registration 2018-01-18 10:26 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\Vss 2018-01-18 10:15 - 2009-07-14 05:45 - 000000000 ____D C:\Windows\ServiceProfiles 2018-01-18 10:09 - 2018-01-02 05:44 - 000000000 ____D C:\Users\lion l\Desktop\RecycleNOW 2018-01-18 10:09 - 2017-10-27 18:54 - 000000000 ____D C:\Users\lion l\AppData\Roaming\Waves Audio 2018-01-18 10:09 - 2017-10-23 21:37 - 000000000 ____D C:\Users\lion l\Documents\Ableton 2018-01-18 10:09 - 2017-10-23 20:20 - 000000000 ____D C:\Users\lion l\Desktop\by label 2018-01-18 10:09 - 2017-10-23 18:01 - 000000000 ____D C:\Users\lion l\AppData\Roaming\TeamViewer 2018-01-18 10:08 - 2018-01-02 04:59 - 000000000 ____D C:\Users\Default\AppData\Roaming\Macromedia 2018-01-18 10:08 - 2018-01-02 04:59 - 000000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia 2018-01-18 10:08 - 2017-11-02 17:04 - 000000000 ____D C:\Users\lion l\AppData\Roaming\Arrowhead 2018-01-18 10:08 - 2017-10-27 20:10 - 000000000 ____D C:\Users\lion l\AppData\Roaming\HOFA 2018-01-18 10:08 - 2017-10-23 21:35 - 000000000 ____D C:\Users\lion l\AppData\Roaming\Ableton 2018-01-18 10:08 - 2017-10-23 20:32 - 000000000 ____D C:\Users\lion l\AppData\LocalLow\Sun 2018-01-18 10:08 - 2017-10-23 08:13 - 000000000 ____D C:\Users\lion l\AppData\Roaming\Macromedia 2018-01-18 10:08 - 2017-10-23 05:32 - 000000000 ____D C:\Users\lion l\AppData\LocalLow\Google 2018-01-18 10:08 - 2017-10-23 02:24 - 000000000 ____D C:\Users\lion l\AppData\Roaming\Mozilla 2018-01-18 10:08 - 2017-10-23 01:54 - 000000000 ____D C:\Users\lion l\AppData\Roaming\Adobe 2018-01-18 10:07 - 2017-12-03 16:31 - 000000000 ____D C:\ProgramData\SplitMediaLabs 2018-01-18 10:07 - 2017-11-13 08:46 - 000000000 ____D C:\ProgramData\Nero 2018-01-18 10:07 - 2017-10-27 21:11 - 000000000 ____D C:\ProgramData\Overloud 2018-01-18 10:07 - 2017-10-27 20:09 - 000000000 ____D C:\ProgramData\HOFA 2018-01-18 10:07 - 2017-10-24 08:18 - 000000000 ____D C:\ProgramData\BlueStacks 2018-01-18 10:07 - 2017-10-24 03:54 - 000000000 ____D C:\ProgramData\TechSmith 2018-01-18 10:07 - 2017-10-23 21:08 - 000000000 ____D C:\ProgramData\Propellerhead Software 2018-01-18 10:07 - 2017-10-23 20:32 - 000000000 ____D C:\ProgramData\Oracle 2018-01-18 10:07 - 2017-10-23 08:14 - 000000000 ____D C:\ProgramData\Adobe 2018-01-18 10:07 - 2017-10-23 07:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glarysoft 2018-01-18 10:07 - 2017-10-23 07:19 - 000000000 ____D C:\ProgramData\FlashFXP 2018-01-18 10:07 - 2017-10-23 04:23 - 000000000 ____D C:\ProgramData\Avira 2018-01-18 10:06 - 2017-11-30 11:49 - 000000000 ____D C:\Program Files\SAMSUNG 2018-01-18 10:06 - 2017-10-27 22:18 - 000000000 ____D C:\ProgramData\Ableton 2018-01-18 10:06 - 2017-10-23 20:45 - 000000000 ____D C:\Program Files\Propellerhead 2018-01-18 10:06 - 2017-10-23 03:37 - 000000000 ____D C:\Program Files\VideoLAN 2018-01-18 10:05 - 2017-10-23 23:15 - 000000000 ____D C:\Program Files\Numark 2018-01-18 10:05 - 2017-10-23 07:08 - 000000000 ____D C:\Program Files\Paragon Software 2018-01-18 10:04 - 2017-10-23 18:11 - 000000000 ____D C:\Program Files\Microsoft Office 2018-01-18 10:04 - 2017-10-23 18:11 - 000000000 ____D C:\Program Files\Microsoft Analysis Services 2018-01-18 10:04 - 2017-10-23 07:29 - 000000000 ____D C:\Program Files\Locktime Software 2018-01-18 10:03 - 2017-10-27 03:49 - 000000000 ____D C:\Program Files\Common Files\Steinberg 2018-01-18 10:03 - 2017-10-23 19:58 - 000000000 ____D C:\Program Files\Common Files\Avid 2018-01-18 10:03 - 2017-10-23 07:38 - 000000000 ____D C:\Program Files\EaseUS 2018-01-18 10:03 - 2017-10-23 07:33 - 000000000 ____D C:\Program Files\CPUID 2018-01-18 10:03 - 2017-10-23 03:33 - 000000000 ____D C:\Program Files\Intel 2018-01-18 10:03 - 2017-10-23 03:11 - 000000000 ____D C:\Program Files\DAUM 2018-01-18 10:03 - 2009-07-14 04:20 - 000000000 ____D C:\Program Files\Common Files\SpeechEngines 2018-01-18 10:02 - 2017-12-16 02:35 - 000000000 ____D C:\Program Files (x86)\Wise 2018-01-18 10:02 - 2017-12-10 17:45 - 000000000 ____D C:\Program Files\CodeMeter 2018-01-18 10:02 - 2017-11-13 09:08 - 000000000 ____D C:\Program Files\Common Files\Adobe 2018-01-18 10:02 - 2017-11-13 09:08 - 000000000 ____D C:\Program Files\Adobe 2018-01-18 10:02 - 2017-10-28 04:22 - 000000000 ____D C:\Program Files\AMD 2018-01-18 10:02 - 2017-10-23 06:00 - 000000000 ____D C:\Program Files\Axantum 2018-01-18 10:00 - 2017-10-28 01:22 - 000000000 ____D C:\Program Files (x86)\VEGAS 2018-01-18 10:00 - 2017-10-24 03:54 - 000000000 ____D C:\Program Files (x86)\TechSmith 2018-01-18 10:00 - 2017-10-23 22:30 - 000000000 ____D C:\Program Files (x86)\Sony 2018-01-18 10:00 - 2017-10-23 07:31 - 000000000 ____D C:\Program Files (x86)\tor 2018-01-18 09:59 - 2017-11-20 03:15 - 000000000 ____D C:\Program Files (x86)\Ratiborus 2018-01-18 09:59 - 2017-10-24 00:08 - 000000000 ____D C:\Program Files (x86)\Seagate 2018-01-18 09:59 - 2017-10-23 06:42 - 000000000 ____D C:\Program Files (x86)\OpenOffice 4 2018-01-18 09:57 - 2017-11-25 12:44 - 000000000 ____D C:\Program Files (x86)\HomeDev 2018-01-18 09:57 - 2017-10-28 01:22 - 000000000 ____D C:\Program Files (x86)\MAGIX 2018-01-18 09:57 - 2017-10-24 00:11 - 000000000 ____D C:\Program Files (x86)\FinalWire 2018-01-18 09:57 - 2017-10-23 19:49 - 000000000 ____D C:\Program Files (x86)\Illustrate 2018-01-18 09:57 - 2017-10-23 18:11 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2018-01-18 09:57 - 2017-10-23 18:11 - 000000000 ____D C:\Program Files (x86)\Microsoft Analysis Services 2018-01-18 09:57 - 2017-10-23 07:35 - 000000000 ____D C:\Program Files (x86)\Glarysoft 2018-01-18 09:57 - 2017-10-23 03:36 - 000000000 ____D C:\Program Files (x86)\Google 2018-01-18 09:56 - 2017-10-23 05:02 - 000000000 ____D C:\Program Files (x86)\EaseUS 2018-01-18 09:56 - 2017-10-23 02:10 - 000000000 ___HD C:\Program Files (x86)\Creative Installation Information 2018-01-18 09:55 - 2017-10-28 04:24 - 000000000 ____D C:\Program Files (x86)\AMD 2018-01-18 09:55 - 2017-10-23 23:36 - 000000000 ____D C:\Program Files (x86)\2BrightSparks 2018-01-18 09:55 - 2017-10-23 20:47 - 000000000 ____D C:\Program Files (x86)\Audacity 2018-01-18 09:55 - 2017-10-23 18:41 - 000000000 ____D C:\Program Files (x86)\ArcSoft 2018-01-18 09:55 - 2017-10-23 08:14 - 000000000 ____D C:\Program Files (x86)\Adobe 2018-01-18 09:55 - 2017-10-23 04:23 - 000000000 ____D C:\Program Files (x86)\Avira 2018-01-18 09:55 - 2017-10-20 20:52 - 000000000 ____D C:\audio 2018-01-18 02:02 - 2017-10-23 01:54 - 000000000 ____D C:\Users\lion l 2018-01-17 23:22 - 2018-01-02 22:14 - 000000000 ____D C:\Users\lion l\Desktop\Nouveau dossier 2018-01-17 21:42 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\SysWOW64\inetsrv 2018-01-17 21:42 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\inetsrv 2018-01-16 21:16 - 2017-10-23 06:28 - 000001124 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass 2.lnk 2018-01-12 17:16 - 2018-01-05 11:13 - 000000068 __RSH C:\Windows\system32\Drivers\tunnel.winsecurity 2018-01-12 16:56 - 2018-01-05 11:13 - 000000068 __RSH C:\Windows\system32\Drivers\Wdf01000.winsecurity 2018-01-11 18:58 - 2017-10-24 00:42 - 000004496 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2018-01-11 18:58 - 2017-10-24 00:41 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2018-01-11 18:58 - 2017-10-24 00:41 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl ==================== Files in the root of some directories ======= 2017-12-15 21:46 - 2018-02-05 23:17 - 000025822 _____ () C:\Users\lion l\IP_Log_Data.js 2017-12-15 17:00 - 2018-02-06 17:00 - 000063585 _____ () C:\Users\lion l\Network_Meter_Data.js 2017-11-12 21:13 - 2017-11-12 21:13 - 000000624 _____ () C:\Users\lion l\AppData\Roaming\All CPU MeterV3_Settings.ini 2017-10-23 03:59 - 2018-02-03 23:22 - 000000029 _____ () C:\Users\lion l\AppData\Roaming\Network Meter_Usage.ini 2017-11-13 09:18 - 2017-11-13 09:18 - 319553372 _____ () C:\Users\lion l\AppData\Local\ACCCx4_3_0_256.zip.aamdownload 2017-11-13 09:18 - 2017-11-13 09:18 - 000003567 _____ () C:\Users\lion l\AppData\Local\ACCCx4_3_0_256.zip.aamdownload.aamd Some zero byte size files/folders: ========================== C:\Windows\SysWOW64\aaclient.dll C:\Windows\SysWOW64\admparse.dll C:\Windows\SysWOW64\corpol.dll C:\Windows\SysWOW64\ie4uinit.exe C:\Windows\SysWOW64\ieakeng.dll C:\Windows\SysWOW64\ieaksie.dll C:\Windows\SysWOW64\ieakui.dll C:\Windows\SysWOW64\mfc71.dll C:\Windows\SysWOW64\mfc71u.dll C:\Windows\SysWOW64\mstime.dll C:\Windows\SysWOW64\vm3dgl.dll C:\Windows\SysWOW64\vm3dum.dll C:\Windows\SysWOW64\vmGuestLib.dll C:\Windows\SysWOW64\vmGuestLibJava.dll C:\Windows\SysWOW64\vmhgfs.dll C:\Windows\SysWOW64\vsocklib.dll C:\Windows\System32\aaclient.dll C:\Windows\System32\admparse.dll C:\Windows\System32\audiodev.dll C:\Windows\System32\compobj.dll C:\Windows\System32\corpol.dll C:\Windows\System32\crtdll.dll C:\Windows\System32\ctl3d32.dll C:\Windows\System32\d3d8.dll C:\Windows\System32\d3dim.dll C:\Windows\System32\d3dim700.dll C:\Windows\System32\d3dramp.dll C:\Windows\System32\d3dxof.dll C:\Windows\System32\dmband.dll C:\Windows\System32\dmcompos.dll C:\Windows\System32\dmime.dll C:\Windows\System32\dmscript.dll C:\Windows\System32\dmstyle.dll C:\Windows\System32\dplaysvr.exe C:\Windows\System32\dplayx.dll C:\Windows\System32\dpmodemx.dll C:\Windows\System32\dpwsockx.dll C:\Windows\System32\explorer.exe C:\Windows\System32\expsrv.dll C:\Windows\System32\FXSEXT32.dll C:\Windows\System32\FXSXP32.dll C:\Windows\System32\hh.exe C:\Windows\System32\iccvid.dll C:\Windows\System32\ieakeng.dll C:\Windows\System32\ieaksie.dll C:\Windows\System32\ieakui.dll C:\Windows\System32\instnm.exe C:\Windows\System32\iprop.dll C:\Windows\System32\ir32_32.dll C:\Windows\System32\ir41_qc.dll C:\Windows\System32\ir41_qcx.dll C:\Windows\System32\ir50_32.dll C:\Windows\System32\ir50_qc.dll C:\Windows\System32\ir50_qcx.dll C:\Windows\System32\mfc40.dll C:\Windows\System32\mfc40u.dll C:\Windows\System32\mfc71.dll C:\Windows\System32\mfc71u.dll C:\Windows\System32\mscpx32r.dLL C:\Windows\System32\mscpxl32.dLL C:\Windows\System32\msexch40.dll C:\Windows\System32\msexcl40.dll C:\Windows\System32\msjet40.dll C:\Windows\System32\msjetoledb40.dll C:\Windows\System32\msjint40.dll C:\Windows\System32\msjter40.dll C:\Windows\System32\msjtes40.dll C:\Windows\System32\msltus40.dll C:\Windows\System32\msorc32r.dll C:\Windows\System32\msorcl32.dll C:\Windows\System32\mspbde40.dll C:\Windows\System32\msrd2x40.dll C:\Windows\System32\msrd3x40.dll C:\Windows\System32\msrepl40.dll C:\Windows\System32\mstext40.dll C:\Windows\System32\mstime.dll C:\Windows\System32\msvbvm60.dll C:\Windows\System32\msvcr71.dll C:\Windows\System32\msvcrt20.dll C:\Windows\System32\msvcrt40.dll C:\Windows\System32\mswdat10.dll C:\Windows\System32\mswstr10.dll C:\Windows\System32\msxbde40.dll C:\Windows\System32\mtxlegih.dll C:\Windows\System32\ntkrnlpa.exe C:\Windows\System32\odbcji32.dll C:\Windows\System32\odbcjt32.dll C:\Windows\System32\oddbse32.dll C:\Windows\System32\odexl32.dll C:\Windows\System32\odfox32.dll C:\Windows\System32\odpdx32.dll C:\Windows\System32\odtext32.dll C:\Windows\System32\ole2.dll C:\Windows\System32\ole2disp.dll C:\Windows\System32\ole2nls.dll C:\Windows\System32\olecli32.dll C:\Windows\System32\olepro32.dll C:\Windows\System32\olesvr32.dll C:\Windows\System32\olethk32.dll C:\Windows\System32\perfhost.exe C:\Windows\System32\rdvgumd32.dll C:\Windows\System32\setup16.exe C:\Windows\System32\setupSNK.exe C:\Windows\System32\sqlunirl.dll C:\Windows\System32\sqlwid.dll C:\Windows\System32\sqlwoa.dll C:\Windows\System32\storage.dll C:\Windows\System32\typelib.dll C:\Windows\System32\user.exe C:\Windows\System32\vbajet32.dll C:\Windows\System32\vdmdbg.dll C:\Windows\System32\vfpodbc.dll C:\Windows\System32\vm3dgl.dll C:\Windows\System32\vm3dum.dll C:\Windows\System32\vmGuestLib.dll C:\Windows\System32\vmGuestLibJava.dll C:\Windows\System32\vmhgfs.dll C:\Windows\System32\vsocklib.dll C:\Windows\System32\wow32.dll ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2017-12-16 21:24 ==================== End of FRST.txt ============================