Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 10-07-2013 01 (ATTENTION: FRST version is 3213 days old) Ran by Système on 27-04-2022 16:15:48 Running from Y:\Programs\FRST Windows 7 Home Premium Service Pack 1 (X86) OS Language: French Standard Internet Explorer Version 8 Boot Mode: Recovery The current controlset is ControlSet001 [b]ATTENTION!:=====> FRST is updated to run from normal or Safe mode to produce a full FRST.txt log and Addition.txt log.[/b] ATTENTION!:=====> THE OPERATING SYSTEM IS A X64 SYSTEM BUT THE BOOT DISK THAT IS USED TO BOOT TO RECOVERY ENVIRONMENT IS A X86 SYSTEM DISK. ==================== Registry (Whitelisted) ================== HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-03-23] (IDT, Inc.) HKLM\...\Run: [SynTPEnh] - %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [1814312 2009-08-14] (Synaptics Incorporated) HKLM\...\Run: [Acronis Scheduler2 Service] - "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" [571000 2014-08-14] (Acronis) HKU\Default\...\RunOnce: [mctadmin] - C:\Windows\System32\mctadmin.exe [ 2009-07-14] (Microsoft Corporation) HKU\Default User\...\RunOnce: [mctadmin] - C:\Windows\System32\mctadmin.exe [ 2009-07-14] (Microsoft Corporation) HKU\MaPomme\...\Run: [DAEMON Tools Lite] - "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [ 2013-01-08] (DT Soft Ltd) HKU\MaPomme\...\Run: [SpybotSD TeaTimer] - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [ 2009-01-26] (Safer Networking Limited) HKU\MaPomme\...\Run: [bssimgglqasy] - C:\Windows\SYSTEM32\CMD.EXE /C START "" "C:\Users\MaPomme\Documents\litcrwnbyvyv.exe" [ 2010-11-21] (Microsoft Corporation) HKU\MaPomme\...\Run: [exe.exe] - C:\Users\MaPomme\AppData\Local\Temp\exe.exe [ 2010-10-18] () <===== ATTENTION HKU\MaPomme\...\Run: [Ygxuge] - C:\Users\MaPomme\AppData\Roaming\Doqyu\ikita.exe [ 2022-04-26] (Oracle Corporation) HKU\MaPomme\...\Run: [4538131] - C:\Users\MaPomme\AppData\Local\Temp\4538131.exe [ 2022-04-27] () <===== ATTENTION HKU\MaPomme\...\Run: [bssimgprqffj] - C:\Windows\SYSTEM32\CMD.EXE /C START "" "C:\Users\MaPomme\Documents\litcrwnbyvyv.exe" [ 2010-11-21] (Microsoft Corporation) Startup: C:\Users\MaPomme\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\-!RecOveR!-gxnjt++.Htm () Startup: C:\Users\MaPomme\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\-!RecOveR!-gxnjt++.Png () Startup: C:\Users\MaPomme\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\-!RecOveR!-gxnjt++.Txt () ========================== Services (Whitelisted) ================= S2 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1264280 2014-08-14] (Acronis) S2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\AESTSr64.exe [89600 2009-03-02] (Andrea Electronics Corporation) S2 afcdpsrv; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [4017144 2022-04-26] (Acronis) S2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [108289 2009-05-13] (Avira GmbH) S2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [185089 2009-07-21] (Avira GmbH) S2 Backupper Service; C:\Program Files (x86)\AOMEI\AOMEI Backupper\6.9.1\ABService.exe [1092656 2022-03-16] (AOMEI International Network Limited) S3 clr_optimization_v2.0.50727_64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [89920 2009-06-10] (Microsoft Corporation) S3 Com4QLBEx; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [228408 2009-05-05] (Hewlett-Packard Development Company, L.P.) S2 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [44168 2022-04-15] (CHENGDU YIWO Tech Development Co., Ltd) S3 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [42856 2010-11-21] (Microsoft Corporation) S2 HP Health Check Service; C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [121344 2010-06-30] (Hewlett-Packard Company) S3 hpqwmiex; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [230968 2010-05-14] (Hewlett-Packard Company) S3 idsvc; C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe [856400 2010-11-21] (Microsoft Corporation) S2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2403088 2020-06-19] (IObit) S4 NetTcpPortSharing; C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe [116560 2009-06-10] (Microsoft Corporation) S3 PerfHost; C:\Windows\SysWow64\perfhost.exe [20992 2009-07-14] (Microsoft Corporation) S2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\STacSV64.exe [247808 2010-03-23] (IDT, Inc.) S2 syncagentsrv; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [6856336 2014-09-13] (Acronis) S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [746736 2021-10-18] (Oracle Corporation) S2 Vekpei Tqjbujxo Oka; C:\Program Files (x86)\Qubq\Risjepots.pic [10902016 2022-04-27] (Sogou.com Inc.) S3 VssEaseusProvider; C:\Windows\system32\dllhost.exe [9728 2009-07-14] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== S0 ambakdrv; C:\Windows\System32\ambakdrv.sys [51120 2019-05-14] () S2 ammntdrv; C:\Windows\system32\ammntdrv.sys [171952 2016-12-21] () S2 amwrtdrv; C:\Windows\system32\amwrtdrv.sys [38320 2019-05-14] () S3 athr; C:\Windows\System32\DRIVERS\athrx.sys [1594368 2010-03-02] (Atheros Communications, Inc.) S2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [74880 2009-11-25] (Avira GmbH) S3 b06bdrv; C:\Windows\system32\drivers\bxvbda.sys [468480 2009-06-10] (Broadcom Corporation) S3 b57nd60a; C:\Windows\System32\DRIVERS\b57nd60a.sys [270848 2009-06-10] (Broadcom Corporation) S1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2022-04-27] (DT Soft Ltd) S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) S0 EUBAKUP; C:\Windows\System32\drivers\eubakup.sys [75912 2022-04-15] (CHENGDU YIWO Tech Development Co., Ltd) S0 EUBKMON; C:\Windows\System32\drivers\EUBKMON.sys [54920 2022-04-15] () S1 EUDSKACS; C:\Windows\system32\drivers\eudskacs.sys [23688 2022-04-15] (CHENGDU YIWO Tech Development Co., Ltd) S1 EUFDDISK; C:\Windows\system32\drivers\EuFdDisk.sys [555656 2022-04-15] (CHENGDU YIWO Tech Development Co., Ltd) S0 file_tracker; C:\Windows\System32\DRIVERS\file_tracker.sys [296736 2022-04-26] (Acronis International GmbH) S3 Imf8HpRegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\ImfHpRegFilter.sys [25176 2019-12-17] (IObit) S1 IMFCameraProtect; C:\Windows\system32\drivers\IMFCameraProtect.sys [26272 2017-03-17] (IObit.com) S3 IMFDownProtect; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\IMFDownProtect.sys [21928 2018-12-06] (IObit) S3 IMFForceDelete; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\IMFForceDelete.sys [16184 2019-06-11] (IObit) S3 ImfHpFileFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\ImfHpFileFilter.sys [28760 2019-12-17] (IObit) S3 ImfObCallback; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\ImfObCallback.sys [17496 2020-03-12] (IObit) S3 ImfRealScanner; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\ImfRealScanner.sys [33368 2020-07-01] (IObit) S3 ImfRegistryFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\ImfRegistryFilter.sys [25688 2019-12-17] (IObit) S3 ksthunk; C:\Windows\system32\drivers\ksthunk.sys [20992 2009-07-14] (Microsoft Corporation) S3 RTL8167; C:\Windows\System32\DRIVERS\Rt64win7.sys [215040 2009-05-22] (Realtek ) S3 STHDA; C:\Windows\System32\DRIVERS\stwrt64.sys [505344 2010-03-23] (IDT, Inc.) S2 tib; C:\Windows\System32\DRIVERS\tib.sys [1058632 2022-04-26] (Acronis International GmbH) S2 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [248648 2022-04-26] (Acronis International GmbH) S3 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys [239664 2021-10-18] (Oracle Corporation) S1 VBoxNetLwf; C:\Windows\System32\DRIVERS\VBoxNetLwf.sys [249568 2021-10-18] (Oracle Corporation) S3 RSUSBSTOR; System32\Drivers\RtsUStor.sys [x] S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [x] S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [x] ========================== Drivers MD5 ======================= C:\Windows\system32\drivers\1394ohci.sys A87D604AEA360176311474C87A63BB88 C:\Windows\System32\drivers\ACPI.sys D81D9E70B8A6DD14D42D7B4EFA65D5F2 C:\Windows\system32\drivers\acpipmi.sys 99F8E788246D495CE3794D7E7821D2CA C:\Windows\system32\drivers\adp94xx.sys 2F6B34B83843F0C5118B63AC634F5BF4 C:\Windows\system32\drivers\adpahci.sys 597F78224EE9224EA1A13D6350CED962 C:\Windows\system32\drivers\adpu320.sys E109549C90F62FB570B9540C4B148E54 C:\Windows\system32\drivers\afd.sys D31DC7A16DEA4A9BAF179F3D6FBDB38C C:\Windows\system32\drivers\agp440.sys 608C14DBA7299D8CB6ED035A68A15799 C:\Windows\system32\drivers\aliide.sys 5812713A477A3AD7363C7438CA2EE038 C:\Windows\System32\ambakdrv.sys D03124A92936B3B1D38AC31D9B5582F8 C:\Windows\system32\drivers\amdide.sys 1FF8B4431C353CE385C875F194924C0C C:\Windows\system32\drivers\amdk8.sys 7024F087CFF1833A806193EF9D22CDA9 C:\Windows\System32\DRIVERS\amdppm.sys 1E56388B3FE0D031C44144EB8C4D6217 C:\Windows\system32\drivers\amdsata.sys 6EC6D772EAE38DC17C14AED9B178D24B C:\Windows\system32\drivers\amdsbs.sys F67F933E79241ED32FF46A4F29B5120B C:\Windows\System32\drivers\amdxata.sys 1142A21DB581A84EA5597B03A26EBAA0 C:\Windows\system32\ammntdrv.sys 98B78382C46541F2FFBFFB4CB3C709A2 C:\Windows\system32\amwrtdrv.sys 301167E69BDE24CE24FB53376C422B3B C:\Windows\system32\drivers\appid.sys 89A69C3F2F319B43379399547526D952 C:\Windows\system32\drivers\arc.sys C484F8CEB1717C540242531DB7845C4E C:\Windows\system32\drivers\arcsas.sys 019AF6924AEFE7839F61C830227FE79C C:\Windows\System32\DRIVERS\asyncmac.sys 769765CE2CC62867468CEA93969B2242 C:\Windows\System32\drivers\atapi.sys 02062C0B390B7729EDC9E69C680A6F3C C:\Windows\System32\DRIVERS\athrx.sys F8633CDD09647A64EE8DB550630427FF C:\Windows\System32\DRIVERS\avgntflt.sys C30B5FC0ADCDFBA7668E99BAF0CBF58E C:\Windows\system32\drivers\bxvbda.sys 3E5B191307609F7514148C6832BB0842 C:\Windows\System32\DRIVERS\b57nd60a.sys B5ACE6968304A3900EEB1EBFD9622DF2 C:\Windows\System32\Drivers\Beep.sys 16A47CE2DECC9B099349A5F840654746 C:\Windows\System32\DRIVERS\blbdrive.sys 61583EE3C3A17003C4ACD0475646B4D3 C:\Windows\System32\DRIVERS\bowser.sys 91CE0D3DC57DD377E690A2D324022B08 C:\Windows\system32\drivers\BrFiltLo.sys F09EEE9EDC320B5E1501F749FDE686C8 C:\Windows\system32\drivers\BrFiltUp.sys B114D3098E9BDB8BEA8B053685831BE6 C:\Windows\System32\Drivers\Brserid.sys 43BEA8D483BF1870F018E2D02E06A5BD C:\Windows\System32\Drivers\BrSerWdm.sys A6ECA2151B08A09CACECA35C07F05B42 C:\Windows\System32\Drivers\BrUsbMdm.sys B79968002C277E869CF38BD22CD61524 C:\Windows\System32\Drivers\BrUsbSer.sys A87528880231C54E75EA7A44943B38BF C:\Windows\system32\drivers\bthmodem.sys 9DA669F11D1F894AB4EB69BF546A42E8 C:\Windows\System32\DRIVERS\cdfs.sys B8BD2BB284668C84865658C77574381A C:\Windows\System32\DRIVERS\cdrom.sys F036CE71586E93D94DAB220D7BDF4416 C:\Windows\system32\drivers\circlass.sys D7CD5C4E1B71FA62050515314CFB52CF C:\Windows\System32\CLFS.sys FE1EC06F2253F691FE36217C592A0206 C:\Windows\System32\DRIVERS\CmBatt.sys 0840155D0BDDF1190F84A663C284BD33 C:\Windows\system32\drivers\cmdide.sys E19D3F095812725D88F9001985B94EDD C:\Windows\System32\Drivers\cng.sys D5FEA92400F12412B3922087C09DA6A5 C:\Windows\System32\DRIVERS\compbatt.sys 102DE219C3F61415F964C88E9085AD14 C:\Windows\System32\DRIVERS\CompositeBus.sys 03EDB043586CCEBA243D689BDDA370A8 C:\Windows\system32\drivers\crcdisk.sys 1C827878A998C18847245FE1F34EE597 C:\Windows\System32\Drivers\dfsc.sys 9BB2EF44EAA163B29C4A4587887A0FE4 C:\Windows\System32\drivers\discache.sys 13096B05847EC78F0977F2C0F79E9AB3 C:\Windows\System32\drivers\disk.sys 9819EEE8B5EA3784EC4AF3B137A5244C C:\Windows\System32\drivers\drmkaud.sys 9B19F34400D24DF84C858A421C205754 C:\Windows\System32\DRIVERS\dtsoftbus01.sys 46571ED73AE84469DCA53081D33CF3C8 C:\Windows\System32\drivers\dxgkrnl.sys F5BEE30450E18E6B83A5012C100616FD C:\Windows\system32\drivers\evbda.sys DC5D737F51BE844D8C82C695EB17372F C:\Windows\system32\drivers\elxstor.sys 0E5DA5369A0FCAEA12456DD852545184 C:\Windows\system32\drivers\errdev.sys 34A3C54752046E79A126E15C51DB409B C:\Windows\System32\drivers\eubakup.sys 6A5EFA86D7B9ECEB4117A2BC0484CCAD C:\Windows\System32\drivers\EUBKMON.sys FCC7BC29016F9DFB16625C2312511A1D C:\Windows\system32\drivers\eudskacs.sys 4B2CA718496E0BC281A6B606AF1D61D6 C:\Windows\system32\drivers\EuFdDisk.sys 60B56D7CEC522F1EC39D0E1E868852DC C:\Windows\System32\Drivers\exfat.sys A510C654EC00C1E9BDD91EEB3A59823B C:\Windows\System32\Drivers\fastfat.sys 0ADC83218B66A6DB380C330836F3E36D C:\Windows\system32\drivers\fdc.sys D765D19CD8EF61F650C384F62FAC00AB C:\Windows\System32\drivers\fileinfo.sys 655661BE46B5F5F3FD454E2C3095B930 C:\Windows\System32\drivers\filetrace.sys 5F671AB5BC87EEA04EC38A6CD5962A47 C:\Windows\System32\DRIVERS\file_tracker.sys 72CC30F0D6DF8D3FBD5CD728259A8F69 C:\Windows\system32\drivers\flpydisk.sys C172A0F53008EAEB8EA33FE10E177AF5 C:\Windows\System32\drivers\fltmgr.sys DA6B67270FD9DB3697B20FCE94950741 C:\Windows\System32\DRIVERS\fltsrv.sys 9BD0273A5B650CC16E8A54AD9B312BEB C:\Windows\System32\drivers\FsDepends.sys D43703496149971890703B4B1B723EAC C:\Windows\System32\Drivers\Fs_Rec.sys E95EF8547DE20CF0603557C0CF7A9462 C:\Windows\System32\DRIVERS\fvevol.sys 1F7B25B858FA27015169FE95E54108ED C:\Windows\system32\drivers\gagp30kx.sys 8C778D335C9D272CFD3298AB02ABE3B6 C:\Windows\system32\drivers\hcw85cir.sys F2523EF6460FC42405B12248338AB2F0 C:\Windows\System32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A C:\Windows\System32\DRIVERS\HDAudBus.sys 97BFED39B6B79EB12CDDBFEED51F56BB C:\Windows\system32\drivers\HidBatt.sys 78E86380454A7B10A5EB255DC44A355F C:\Windows\system32\drivers\hidbth.sys 7FD2A313F7AFE5C4DAB14798C48DD104 C:\Windows\system32\drivers\hidir.sys 0A77D29F311B88CFAE3B13F9C1A73825 C:\Windows\System32\DRIVERS\hidusb.sys 9592090A7E2B61CD582B612B6DF70536 C:\Windows\System32\DRIVERS\HpqKbFiltr.sys 9AF482D058BE59CC28BCE52E7C4B747C C:\Windows\system32\drivers\HpSAMD.sys 39D2ABCD392F3D8A6DCE7B60AE7B8EFC C:\Windows\System32\drivers\HTTP.sys 0EA7DE1ACB728DD5A369FD742D6EEE28 C:\Windows\System32\drivers\hwpolicy.sys A5462BD6884960C9DC85ED49D34FF392 C:\Windows\System32\DRIVERS\i8042prt.sys FA55C73D4AFFA7EE23AC4BE53B4592D3 C:\Windows\system32\drivers\iaStorV.sys 3DF4395A7CF8B7A72A5F4606366B8C2D C:\Windows\system32\drivers\iirsp.sys 5C18831C61933628F5BB0EA2675B9D21 C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\ImfHpRegFilter.sys 894544FABA87495D4F826557AE5A230C C:\Windows\system32\drivers\IMFCameraProtect.sys D91627A4AC0C90E0B4F41422060CE4A0 C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\IMFDownProtect.sys 7A4E36E091087C3580EFBA7471743744 C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\IMFForceDelete.sys 9FAA7C43A43124ACFEFED8C38FCA6375 C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\ImfHpFileFilter.sys 6C25D19328FE0CD7EFB56E5D36F63E5A C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\ImfObCallback.sys 5AE9181B50533F5BF9F931DBA4EF0A95 C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\ImfRealScanner.sys DD11BE203D357235080628DBAD4CA636 C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\ImfRegistryFilter.sys B5637B21E328E63A52B7710705C8F134 C:\Windows\system32\drivers\intelide.sys F00F20E70C6EC3AA366910083A0518AA C:\Windows\system32\drivers\intelppm.sys ADA036632C664CAA754079041CF1F8C1 C:\Windows\System32\DRIVERS\ipfltdrv.sys C9F0E1BD74365A8771590E9008D22AB6 C:\Windows\system32\drivers\IPMIDrv.sys 0FC1AEA580957AA8817B8F305D18CA3A C:\Windows\System32\drivers\ipnat.sys AF9B39A7E7B6CAA203B3862582E9F2D0 C:\Windows\System32\drivers\irenum.sys 3ABF5E7213EB28966D55D58B515D5CE9 C:\Windows\system32\drivers\isapnp.sys 2F7B28DC3E1183E5EB418DF55C204F38 C:\Windows\system32\drivers\msiscsi.sys D931D7309DEB2317035B07C9F9E6B0BD C:\Windows\System32\DRIVERS\kbdclass.sys BC02336F1CBA7DCC7D1213BB588A68A5 C:\Windows\system32\drivers\kbdhid.sys 0705EFF5B42A9DB58548EEC3B26BB484 C:\Windows\System32\Drivers\ksecdd.sys CCD53B5BD33CE0C889E830D839C8B66E C:\Windows\System32\Drivers\ksecpkg.sys 9FF918A261752C12639E8AD4208D2C2F C:\Windows\system32\drivers\ksthunk.sys 6869281E78CB31A43E969F06B57347C4 C:\Windows\System32\DRIVERS\lltdio.sys 1538831CF8AD2979A04C423779465827 C:\Windows\system32\drivers\lsi_fc.sys 1A93E54EB0ECE102495A51266DCDB6A6 C:\Windows\system32\drivers\lsi_sas.sys 1047184A9FDC8BDBFF857175875EE810 C:\Windows\system32\drivers\lsi_sas2.sys 30F5C0DE1EE8B5BC9306C1F0E4A75F93 C:\Windows\system32\drivers\lsi_scsi.sys 0504EACAFF0D3C8AED161C4B0D369D4A C:\Windows\system32\drivers\luafv.sys 43D0F98E1D56CCDDB0D5254CFF7B356E C:\Windows\system32\drivers\megasas.sys A55805F747C6EDB6A9080D7C633BD0F4 C:\Windows\system32\drivers\MegaSR.sys BAF74CE0072480C3B6B7C13B2A94D6B3 C:\Windows\System32\drivers\modem.sys 800BA92F7010378B09F9ED9270F07137 C:\Windows\System32\DRIVERS\monitor.sys B03D591DC7DA45ECE20B3B467E6AADAA C:\Windows\System32\DRIVERS\mouclass.sys 7D27EA49F3C1F687D357E77A470AEA99 C:\Windows\System32\DRIVERS\mouhid.sys D3BF052C40B0C4166D9FD86A4288C1E6 C:\Windows\System32\drivers\mountmgr.sys 32E7A3D591D671A6DF2DB515A5CBE0FA C:\Windows\system32\drivers\mpio.sys A44B420D30BD56E145D6A2BC8768EC58 C:\Windows\System32\drivers\mpsdrv.sys 6C38C9E45AE0EA2FA5E551F2ED5E978F C:\Windows\system32\drivers\mrxdav.sys DC722758B8261E1ABAFD31A3C0A66380 C:\Windows\System32\DRIVERS\mrxsmb.sys FAF015B07E3A2874A790A39B7D2C579F C:\Windows\System32\DRIVERS\mrxsmb10.sys 08E2345DF129082BCDFFDC1440F9C00D C:\Windows\System32\DRIVERS\mrxsmb20.sys 108D87409C5812EF47D81E22843E8C9D C:\Windows\System32\drivers\msahci.sys C25F0BAFA182CBCA2DD3C851C2E75796 C:\Windows\system32\drivers\msdsm.sys DB801A638D011B9633829EB6F663C900 C:\Windows\System32\Drivers\Msfs.sys AA3FB40E17CE1388FA1BEDAB50EA8F96 C:\Windows\System32\drivers\mshidkmdf.sys F9D215A46A8B9753F61767FA72A20326 C:\Windows\System32\drivers\msisadrv.sys D916874BBD4F8B07BFB7FA9B3CCAE29D C:\Windows\System32\drivers\MSKSSRV.sys 49CCF2C4FEA34FFAD8B1B59D49439366 C:\Windows\System32\drivers\MSPCLOCK.sys BDD71ACE35A232104DDD349EE70E1AB3 C:\Windows\System32\drivers\MSPQM.sys 4ED981241DB27C3383D72092B618A1D0 C:\Windows\System32\Drivers\MsRPC.sys 759A9EEB0FA9ED79DA1FB7D4EF78866D C:\Windows\System32\DRIVERS\mssmbios.sys 0EED230E37515A0EAEE3C2E1BC97B288 C:\Windows\System32\drivers\MSTEE.sys 2E66F9ECB30B4221A318C92AC2250779 C:\Windows\system32\drivers\MTConfig.sys 7EA404308934E675BFFDE8EDF0757BCD C:\Windows\System32\Drivers\mup.sys F9A18612FD3526FE473C1BDA678D61C8 C:\Windows\System32\DRIVERS\nwifi.sys 1EA3749C4114DB3E3161156FFFFA6B33 C:\Windows\System32\drivers\ndis.sys 79B47FD40D9A817E932F9D26FAC0A81C C:\Windows\System32\DRIVERS\ndiscap.sys 9F9A1F53AAD7DA4D6FEF5BB73AB811AC C:\Windows\System32\DRIVERS\ndistapi.sys 30639C932D9FEF22B31268FE25A1B6E5 C:\Windows\System32\DRIVERS\ndisuio.sys 136185F9FB2CC61E573E676AA5402356 C:\Windows\System32\DRIVERS\ndiswan.sys 53F7305169863F0A2BDDC49E116C2E11 C:\Windows\System32\Drivers\NDProxy.sys 015C0D8E0E0421B4CFD48CFFE2825879 C:\Windows\System32\DRIVERS\netbios.sys 86743D9F5D2B1048062B14B1D84501C4 C:\Windows\System32\DRIVERS\netbt.sys 09594D1089C523423B32A4229263F068 C:\Windows\system32\drivers\nfrd960.sys 77889813BE4D166CDAB78DDBA990DA92 C:\Windows\System32\Drivers\Npfs.sys 1E4C4AB5C9B8DD13179BBDC75A2A01F7 C:\Windows\System32\drivers\nsiproxy.sys E7F5AE18AF4168178A642A9247C63001 C:\Windows\System32\Drivers\Ntfs.sys 05D78AA5CB5F3F5C31160BDB955D0B7C C:\Windows\System32\Drivers\Null.sys 9899284589F75FA8724FF3D16AED75C1 C:\Windows\system32\drivers\nvraid.sys 5D9FD91F3D38DC9DA01E3CB5FA89CD48 C:\Windows\system32\drivers\nvstor.sys F7CD50FE7139F07E77DA8AC8033D1832 C:\Windows\system32\drivers\nv_agp.sys 270D7CD42D6E3979F6DD0146650F0E05 C:\Windows\system32\drivers\ohci1394.sys 3589478E4B22CE21B41FA1BFC0B8B8A0 C:\Windows\system32\drivers\parport.sys 0086431C29C35BE1DBC43F52CC273887 C:\Windows\System32\drivers\partmgr.sys 871EADAC56B0A4C6512BBE32753CCF79 C:\Windows\System32\drivers\pci.sys 94575C0571D1462A0F70BDE6BD6EE6B3 C:\Windows\system32\drivers\pciide.sys B5B8B5EF2E5CB34DF8DCF8831E3534FA C:\Windows\system32\drivers\pcmcia.sys B2E81D4E87CE48589F98CB8C05B01F2F C:\Windows\System32\drivers\pcw.sys D6B9C2E1A11A3A4B26A182FFEF18F603 C:\Windows\System32\drivers\peauth.sys 68769C3356B3BE5D1C732C97B9A80D6E C:\Windows\System32\DRIVERS\raspptp.sys F92A2C41117A11A00BE01CA01A7FCDE9 C:\Windows\system32\drivers\processr.sys 0D922E23C041EFB1C3FAC2A6F943C9BF C:\Windows\System32\DRIVERS\pacer.sys 0557CF5A2556BD58E26384169D72438D C:\Windows\system32\drivers\ql2300.sys A53A15A11EBFD21077463EE2C7AFEEF0 C:\Windows\system32\drivers\ql40xx.sys 4F6D12B51DE1AAEFF7DC58C4D75423C8 C:\Windows\system32\drivers\qwavedrv.sys 76707BB36430888D9CE9D705398ADB6C C:\Windows\System32\DRIVERS\rasacd.sys 5A0DA8AD5762FA2D91678A8A01311704 C:\Windows\System32\DRIVERS\AgileVpn.sys 7ECFF9B22276B73F43A99A15A6094E90 C:\Windows\System32\DRIVERS\rasl2tp.sys 471815800AE33E6F1C32FB1B97C490CA C:\Windows\System32\DRIVERS\raspppoe.sys 855C9B1CD4756C5E9A2AA58A15F58C25 C:\Windows\System32\DRIVERS\rassstp.sys E8B1E447B008D07FF47D016C2B0EEECB C:\Windows\System32\DRIVERS\rdbss.sys 77F665941019A1594D887A74F301FA2F C:\Windows\system32\drivers\rdpbus.sys 302DA2A0539F2CF54D7C6CC30C1F2D8D C:\Windows\System32\DRIVERS\RDPCDD.sys CEA6CC257FC9B7715F1C2B4849286D24 C:\Windows\System32\drivers\rdpencdd.sys BB5971A4F00659529A5C44831AF22365 C:\Windows\System32\drivers\rdprefmp.sys 216F3FA57533D98E1F74DED70113177A C:\Windows\System32\Drivers\RDPWD.sys 15B66C206B5CB095BAB980553F38ED23 C:\Windows\System32\drivers\rdyboost.sys 34ED295FA0121C241BFEF24764FC4520 C:\Windows\System32\DRIVERS\rspndr.sys DDC86E4F8E7456261E637E3552E804FF C:\Windows\System32\DRIVERS\Rt64win7.sys B49DC435AE3695BAC5623DD94B05732D C:\Windows\system32\drivers\sbp2port.sys AC03AF3329579FFFB455AA2DAABBE22B C:\Windows\System32\DRIVERS\scfilter.sys 253F38D0D7074C02FF8DEB9836C97D2B C:\Windows\System32\Drivers\secdrv.sys 3EA8A16169C26AFBEB544E0E48421186 C:\Windows\system32\drivers\serenum.sys CB624C0035412AF0DEBEC78C41F5CA1B C:\Windows\system32\drivers\serial.sys C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 C:\Windows\system32\drivers\sermouse.sys 1C545A7D0691CC4A027396535691C3E3 C:\Windows\system32\drivers\sffdisk.sys A554811BCD09279536440C964AE35BBF C:\Windows\system32\drivers\sffp_mmc.sys FF414F0BAEFEBA59BC6C04B3DB0B87BF C:\Windows\system32\drivers\sffp_sd.sys DD85B78243A19B59F0637DCF284DA63C C:\Windows\system32\drivers\sfloppy.sys A9D601643A1647211A1EE2EC4E433FF4 C:\Windows\system32\drivers\SiSRaid2.sys 843CAF1E5FDE1FFD5FF768F23A51E2E1 C:\Windows\system32\drivers\sisraid4.sys 6A6C106D42E9FFFF8B9FCB4F754F6DA4 C:\Windows\System32\DRIVERS\smb.sys 548260A7B8654E024DC30BF8A7C5BAA4 C:\Windows\System32\DRIVERS\snapman.sys 2F7A6F88A9516EB47B0BF13024434244 C:\Windows\System32\Drivers\spldr.sys B9E31E5CACDFE584F34F730A677803F9 C:\Windows\System32\DRIVERS\srv.sys 2098B8556D1CEC2ACA9A29CD479E3692 C:\Windows\System32\DRIVERS\srv2.sys D0F73A42040F21F92FD314B42AC5C9E7 C:\Windows\System32\DRIVERS\srvnet.sys 2BA8F3250828CCDB4204ECF2C6F40B6A C:\Windows\system32\drivers\stexstor.sys F3817967ED533D08327DC73BC4D5542A C:\Windows\System32\DRIVERS\stwrt64.sys DFFBC024DFC7BB05B2129E05CBC7A201 C:\Windows\System32\DRIVERS\swenum.sys D01EC09B6711A5F8E7E6564A4D0FBC90 C:\Windows\System32\DRIVERS\SynTP.sys 924D711941956F7420A4925592BE8253 C:\Windows\System32\drivers\tcpip.sys 509383E505C973ED7534A06B3D19688D C:\Windows\System32\DRIVERS\tcpip.sys 509383E505C973ED7534A06B3D19688D C:\Windows\System32\drivers\tcpipreg.sys DF687E3D8836BFB04FCC0615BF15A519 C:\Windows\System32\drivers\tdpipe.sys 3371D21011695B16333A3934340C4E7C C:\Windows\System32\drivers\tdtcp.sys E4245BDA3190A582D55ED09E137401A9 C:\Windows\System32\DRIVERS\tdx.sys DDAD5A7AB24D8B65F8D724F5C20FD806 C:\Windows\System32\DRIVERS\termdd.sys 561E7E1F06895D78DE991E01DD0FB6E5 C:\Windows\System32\DRIVERS\tib.sys AEEEB1EE424A8D6F17B3A6461E0FC7E6 C:\Windows\System32\DRIVERS\tib_mounter.sys 3813F93D8A69EDE68913CC3050640FE3 C:\Windows\System32\DRIVERS\tssecsrv.sys CE18B2CDFC837C99E5FAE9CA6CBA5D30 C:\Windows\System32\drivers\tsusbflt.sys D11C783E3EF9A3C52C0EBE83CC5000E9 C:\Windows\system32\drivers\TsUsbGD.sys 9CC2CCAE8A84820EAECB886D477CBCB8 C:\Windows\System32\DRIVERS\tunnel.sys 3566A8DAAFA27AF944F5D705EAA64894 C:\Windows\system32\drivers\uagp35.sys B4DD609BD7E282BFC683CEC7EAAAAD67 C:\Windows\System32\DRIVERS\udfs.sys FF4232A1A64012BAA1FD97C7B67DF593 C:\Windows\system32\drivers\uliagpkx.sys 4BFE1BC28391222894CBF1E7D0E42320 C:\Windows\System32\DRIVERS\umbus.sys DC54A574663A895C8763AF0FA1FF7561 C:\Windows\system32\drivers\umpass.sys B2E8E8CB557B156DA5493BBDDCC1474D C:\Windows\System32\DRIVERS\usbccgp.sys 481DFF26B4DCA8F4CBAC1F7DCE1D6829 C:\Windows\system32\drivers\usbcir.sys AF0892A803FDDA7492F595368E3B68E7 C:\Windows\System32\DRIVERS\usbehci.sys 74EE782B1D9C241EFE425565854C661C C:\Windows\System32\DRIVERS\usbfilter.sys 44D9C773FEBFF10593B50DDFC2D6BC27 C:\Windows\System32\DRIVERS\usbhub.sys DC96BD9CCB8403251BCF25047573558E C:\Windows\System32\DRIVERS\usbohci.sys 58E546BBAF87664FC57E0F6081E4F609 C:\Windows\system32\drivers\usbprint.sys 73188F58FB384E75C4063D29413CEE3D C:\Windows\System32\DRIVERS\USBSTOR.SYS D76510CFA0FC09023077F22C2F979D86 C:\Windows\system32\drivers\usbuhci.sys 81FB2216D3A60D1284455D511797DB3D C:\Windows\System32\Drivers\usbvideo.sys 454800C2BC7F3927CE030141EE4F4C50 C:\Windows\System32\DRIVERS\VBoxDrv.sys EBE625B0BDBBA0661991AC961139E969 C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys C118300A622C1E8CD56558E137A3FEE9 C:\Windows\System32\DRIVERS\VBoxNetLwf.sys C81B7D3AD05D06953088EA50C0EA5A23 C:\Windows\System32\DRIVERS\VBoxUSBMon.sys 32E5D87788CA988709E6355FFAD9D360 C:\Windows\System32\drivers\vdrvroot.sys C5C876CCFC083FF3B128F933823E87BD C:\Windows\System32\DRIVERS\vgapnp.sys DA4DA3F5E02943C2DC8C6ED875DE68DD C:\Windows\System32\drivers\vga.sys 53E92A310193CB3C03BEA963DE7D9CFC C:\Windows\system32\drivers\vhdmp.sys 2CE2DF28C83AEAF30084E1B1EB253CBB C:\Windows\system32\drivers\viaide.sys E5689D93FFE4E5D66C0178761240DD54 C:\Windows\System32\drivers\volmgr.sys D2AAFD421940F640B407AEFAAEBD91B0 C:\Windows\System32\drivers\volmgrx.sys A255814907C89BE58B79EF2F189B843B C:\Windows\System32\drivers\volsnap.sys 0D08D2F3B3FF84E433346669B5E0F639 C:\Windows\system32\drivers\vsmraid.sys 5E2016EA6EBACA03C04FEAC5F330D997 C:\Windows\System32\DRIVERS\vwifibus.sys 36D4720B72B5C5D9CB2B9C29E9DF67A1 C:\Windows\System32\DRIVERS\vwififlt.sys 6A3D66263414FF0D6FA754C646612F3F C:\Windows\system32\drivers\wacompen.sys 4E9440F4F152A7B944CB1663D3935A3E C:\Windows\System32\DRIVERS\wanarp.sys 356AFD78A6ED4457169241AC3965230C C:\Windows\System32\DRIVERS\wanarp.sys 356AFD78A6ED4457169241AC3965230C C:\Windows\system32\drivers\wd.sys 72889E16FF12BA0F235467D6091B17DC C:\Windows\System32\drivers\Wdf01000.sys 441BD2D7B4F98134C3A4F9FA570FD250 C:\Windows\System32\DRIVERS\wfplwf.sys 611B23304BF067451A9FDEE01FBDD725 C:\Windows\System32\drivers\wimmount.sys 05ECAEC3E4529A7153B3136CEB49F0EC C:\Windows\System32\DRIVERS\wmiacpi.sys F6FF8944478594D0E414D3F048F0D778 C:\Windows\system32\drivers\ws2ifsl.sys 6BCC1D7D2FD2453957C5479A32364E52 C:\Windows\System32\drivers\WudfPf.sys D3381DC54C34D79B22CEE0D65BA91B7C C:\Windows\System32\DRIVERS\WUDFRd.sys CF8D590BE3373029D57AF80914190682 ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2022-04-27 16:15 - 2022-04-27 16:15 - 00000000 ____D C:\FRST 2022-04-27 16:13 - 2022-04-27 16:13 - 00011696 ____A C:\Users\MaPomme\AppData\Local\-!RecOveR!-xlkev++.Htm 2022-04-27 16:13 - 2022-04-27 16:13 - 00002443 ____A C:\Users\MaPomme\AppData\Local\-!RecOveR!-xlkev++.Txt 2022-04-27 16:12 - 2022-04-27 16:13 - 00011696 ____A C:\ProgramData\-!RecOveR!-xlkev++.Htm 2022-04-27 16:12 - 2022-04-27 16:13 - 00002443 ____A C:\ProgramData\-!RecOveR!-xlkev++.Txt 2022-04-27 16:12 - 2022-04-27 16:12 - 00011696 ____A C:\Users\Public\Documents\-!RecOveR!-xlkev++.Htm 2022-04-27 16:12 - 2022-04-27 16:12 - 00002443 ____A C:\Users\Public\Documents\-!RecOveR!-xlkev++.Txt 2022-04-27 16:06 - 2022-04-27 16:06 - 00000000 ____D C:\Program Files (x86)\Qubq 2022-04-27 16:01 - 2022-04-27 16:06 - 00000000 ____D C:\Users\MaPomme\AppData\Roaming\Dashlane 2022-04-27 16:01 - 2022-04-27 16:01 - 00011696 ____A C:\Users\Public\Downloads\-!RecOveR!-gxnjt++.Htm 2022-04-27 16:01 - 2022-04-27 16:01 - 00011696 ____A C:\Users\Public\-!RecOveR!-gxnjt++.Htm 2022-04-27 16:01 - 2022-04-27 16:01 - 00011696 ____A C:\Users\MaPomme\Downloads\-!RecOveR!-gxnjt++.Htm 2022-04-27 16:01 - 2022-04-27 16:01 - 00011696 ____A C:\Users\MaPomme\Documents\-!RecOveR!-gxnjt++.Htm 2022-04-27 16:01 - 2022-04-27 16:01 - 00011696 ____A C:\Users\MaPomme\AppData\Roaming\-!RecOveR!-gxnjt++.Htm 2022-04-27 16:01 - 2022-04-27 16:01 - 00011696 ____A C:\Users\MaPomme\AppData\-!RecOveR!-gxnjt++.Htm 2022-04-27 16:01 - 2022-04-27 16:01 - 00011696 ____A C:\Users\MaPomme\-!RecOveR!-gxnjt++.Htm 2022-04-27 16:01 - 2022-04-27 16:01 - 00002443 ____A C:\Users\Public\Downloads\-!RecOveR!-gxnjt++.Txt 2022-04-27 16:01 - 2022-04-27 16:01 - 00002443 ____A C:\Users\Public\-!RecOveR!-gxnjt++.Txt 2022-04-27 16:01 - 2022-04-27 16:01 - 00002443 ____A C:\Users\MaPomme\Downloads\-!RecOveR!-gxnjt++.Txt 2022-04-27 16:01 - 2022-04-27 16:01 - 00002443 ____A C:\Users\MaPomme\Documents\-!RecOveR!-gxnjt++.Txt 2022-04-27 16:01 - 2022-04-27 16:01 - 00002443 ____A C:\Users\MaPomme\AppData\Roaming\-!RecOveR!-gxnjt++.Txt 2022-04-27 16:01 - 2022-04-27 16:01 - 00002443 ____A C:\Users\MaPomme\AppData\-!RecOveR!-gxnjt++.Txt 2022-04-27 16:01 - 2022-04-27 16:01 - 00002443 ____A C:\Users\MaPomme\-!RecOveR!-gxnjt++.Txt 2022-04-27 16:01 - 2022-04-27 16:01 - 00000000 ____D C:\Users\MaPomme\AppData\Local\Packages 2022-04-27 16:01 - 2022-04-27 16:01 - 00000000 ____D C:\Program Files (x86)\Dashlane 2022-04-27 16:00 - 2022-04-27 16:00 - 00001177 ____A C:\Users\Public\Desktop\IObit Malware Fighter.lnk 2022-04-27 15:58 - 2022-04-27 16:13 - 00000000 ____D C:\ProgramData\{BE2ACE5C-32B7-4777-9BDF-ECF87CDAB705} 2022-04-27 15:58 - 2022-04-27 16:12 - 00000000 ____D C:\ProgramData\ProductData 2022-04-27 15:58 - 2022-04-27 16:12 - 00000000 ____D C:\ProgramData\IObit 2022-04-27 15:58 - 2022-04-27 16:00 - 00000000 ____D C:\Users\MaPomme\AppData\Roaming\IObit 2022-04-27 15:58 - 2022-04-27 15:58 - 00000993 ____A C:\Users\MaPomme\Desktop\System Defragmenter.lnk 2022-04-27 15:58 - 2022-04-27 15:58 - 00000000 ____D C:\Program Files (x86)\IObit 2022-04-27 15:58 - 2017-03-17 12:31 - 00026272 ____A (IObit.com) C:\Windows\System32\Drivers\IMFCameraProtect.sys 2022-04-27 15:57 - 2022-04-27 16:01 - 00000000 ____D C:\Users\MaPomme\AppData\Roaming\Zewyy 2022-04-27 15:57 - 2022-04-27 15:59 - 00000000 ____D C:\Users\MaPomme\AppData\Roaming\Doqyu 2022-04-27 15:57 - 2022-04-27 15:58 - 00000000 ____D C:\Users\MaPomme\AppData\Roaming\Amizo 2022-04-27 15:56 - 2022-04-27 16:11 - 00000256 ____A C:\Users\MaPomme\Documents\-!recover!-!file!-.txt 2022-04-27 15:56 - 2022-04-27 16:01 - 00011696 ____A C:\Users\Public\Documents\-!RecOveR!-gxnjt++.Htm 2022-04-27 15:56 - 2022-04-27 16:01 - 00011696 ____A C:\Users\MaPomme\AppData\Local\-!RecOveR!-gxnjt++.Htm 2022-04-27 15:56 - 2022-04-27 16:01 - 00002443 ____A C:\Users\Public\Documents\-!RecOveR!-gxnjt++.Txt 2022-04-27 15:56 - 2022-04-27 16:01 - 00002443 ____A C:\Users\MaPomme\AppData\Local\-!RecOveR!-gxnjt++.Txt 2022-04-27 15:56 - 2022-04-27 15:56 - 00011696 ____A C:\ProgramData\-!RecOveR!-gxnjt++.Htm 2022-04-27 15:56 - 2022-04-27 15:56 - 00002443 ____A C:\ProgramData\-!RecOveR!-gxnjt++.Txt 2022-04-27 15:56 - 2022-04-27 15:56 - 00000264 ____A C:\Users\MaPomme\Documents\desctop._ini 2022-04-27 15:55 - 2022-04-27 16:13 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy 2022-04-27 15:55 - 2022-04-27 15:55 - 00001262 ____A C:\Users\MaPomme\Desktop\Spybot - Search & Destroy.lnk 2022-04-27 15:55 - 2022-04-27 15:55 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2022-04-27 15:55 - 2016-04-14 13:02 - 00286720 ____H (Microsoft Corporation) C:\Users\MaPomme\Documents\litcrwnbyvyv.exe 2022-04-27 15:23 - 2022-04-27 16:12 - 00000000 ____D C:\ProgramData\Apple Computer 2022-04-27 15:23 - 2022-04-27 16:06 - 00000000 ____D C:\Users\MaPomme\AppData\Roaming\Azureus 2022-04-27 15:23 - 2022-04-27 15:23 - 00001852 ____A C:\Users\Public\Desktop\Vuze.lnk 2022-04-27 15:23 - 2022-04-27 15:23 - 00001845 ____A C:\Users\Public\Desktop\QuickTime Player.lnk 2022-04-27 15:23 - 2022-04-27 15:23 - 00000000 ____D C:\Program Files (x86)\Vuze 2022-04-27 15:23 - 2022-04-27 15:23 - 00000000 ____D C:\Program Files (x86)\QuickTime 2022-04-27 15:22 - 2022-04-27 16:13 - 00000000 ____D C:\Users\MaPomme\AppData\Local\Apple 2022-04-27 15:22 - 2022-04-27 16:12 - 00000000 ____D C:\ProgramData\Apple 2022-04-27 15:22 - 2022-04-27 15:22 - 00000000 ____D C:\Program Files (x86)\Apple Software Update 2022-04-27 15:21 - 2022-04-27 16:01 - 00000000 ____D C:\Users\MaPomme\AppData\Roaming\PC Speed Maximizer 2022-04-27 15:20 - 2022-04-27 15:20 - 00001121 ____A C:\Users\MaPomme\Desktop\PC Speed Maximizer.lnk 2022-04-27 15:20 - 2022-04-27 15:20 - 00000965 ____A C:\Users\MaPomme\Desktop\IDA Pro Freeware.lnk 2022-04-27 15:20 - 2022-04-27 15:20 - 00000000 ____D C:\Program Files (x86)\PDF-to-Word 2022-04-27 15:20 - 2022-04-27 15:20 - 00000000 ____D C:\Program Files (x86)\PC Speed Maximizer 2022-04-27 15:20 - 2022-04-27 15:20 - 00000000 ____D C:\Program Files (x86)\IDA Freeware 4.3 2022-04-27 15:19 - 2022-04-27 16:01 - 00000000 ____D C:\Users\MaPomme\AppData\Roaming\Mozilla 2022-04-27 15:19 - 2022-04-27 15:59 - 00000000 ____D C:\Users\MaPomme\AppData\Roaming\Foxit 2022-04-27 15:19 - 2022-04-27 15:58 - 00000000 ____D C:\Users\MaPomme\AppData\Roaming\Adobe 2022-04-27 15:19 - 2022-04-27 15:19 - 00001530 ____A C:\Users\MaPomme\Desktop\Flash Decompiler Trillix.lnk 2022-04-27 15:19 - 2022-04-27 15:19 - 00001234 ____A C:\Users\Public\Desktop\Foxit Reader.lnk 2022-04-27 15:19 - 2022-04-27 15:19 - 00000202 ____A C:\Users\Public\Desktop\eBay.url 2022-04-27 15:19 - 2022-04-27 15:19 - 00000000 ____D C:\Windows\SysWOW64\Macromed 2022-04-27 15:19 - 2022-04-27 15:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2022-04-27 15:19 - 2022-04-27 15:19 - 00000000 ____D C:\Program Files (x86)\Foxit Software 2022-04-27 15:19 - 2022-04-27 15:19 - 00000000 ____D C:\Program Files (x86)\AskBarDis 2022-04-27 15:18 - 2022-04-27 15:18 - 00000000 ____D C:\Program Files (x86)\Eltima Software 2022-04-27 15:17 - 2022-04-27 16:13 - 00000000 ____D C:\Users\MaPomme\AppData\Local\eMule 2022-04-27 15:17 - 2022-04-27 15:17 - 00001182 ____A C:\Users\Public\Desktop\DivX Converter.lnk 2022-04-27 15:17 - 2022-04-27 15:17 - 00001146 ____A C:\Users\Public\Desktop\DivX Player.lnk 2022-04-27 15:17 - 2022-04-27 15:17 - 00000997 ____A C:\Users\Public\Desktop\eMule.lnk 2022-04-27 15:17 - 2022-04-27 15:17 - 00000000 ____D C:\Program Files\DivX 2022-04-27 15:17 - 2022-04-27 15:17 - 00000000 ____D C:\Program Files (x86)\eMule 2022-04-27 15:16 - 2022-04-27 15:17 - 00000000 ____D C:\Program Files (x86)\DivX 2022-04-27 15:16 - 2022-04-27 15:16 - 00001617 ____A C:\Users\MaPomme\Desktop\DivX Movies.lnk 2022-04-27 15:16 - 2022-04-27 15:16 - 00000000 ____D C:\Program Files (x86)\Google 2022-04-27 15:15 - 2022-04-27 16:13 - 00000000 ____D C:\ProgramData\Yahoo! Companion 2022-04-27 15:15 - 2022-04-27 16:01 - 00000000 ____D C:\Users\MaPomme\AppData\Roaming\Yahoo! 2022-04-27 15:15 - 2022-04-27 15:15 - 00001889 ____A C:\Users\MaPomme\Desktop\CCleaner.lnk 2022-04-27 15:15 - 2022-04-27 15:15 - 00000000 ____D C:\Program Files (x86)\Yahoo! 2022-04-27 15:15 - 2022-04-27 15:15 - 00000000 ____D C:\Program Files (x86)\CCleaner 2022-04-27 15:12 - 2022-04-27 16:12 - 00000000 ____D C:\ProgramData\Avira 2022-04-27 15:12 - 2022-04-27 15:12 - 00002070 ____A C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk 2022-04-27 15:12 - 2022-04-27 15:12 - 00000000 ____D C:\Program Files (x86)\Avira 2022-04-27 15:12 - 2009-11-25 11:19 - 00074880 ____A (Avira GmbH) C:\Windows\System32\Drivers\avgntflt.sys 2022-04-27 12:10 - 2022-04-27 12:10 - 00001954 ____A C:\Users\Public\Desktop\DAEMON Tools Lite.lnk 2022-04-27 12:08 - 2022-04-27 16:12 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite 2022-04-27 12:08 - 2022-04-27 15:59 - 00000000 ____D C:\Users\MaPomme\AppData\Roaming\DAEMON Tools Lite 2022-04-27 12:08 - 2022-04-27 12:08 - 00283200 ____A (DT Soft Ltd) C:\Windows\System32\Drivers\dtsoftbus01.sys 2022-04-27 12:08 - 2022-04-27 12:08 - 00000000 ____D C:\Program Files (x86)\DAEMON Tools Lite 2022-04-27 12:05 - 2022-04-27 12:05 - 00000000 ____D C:\Program Files (x86)\EditHexa 2022-04-27 12:03 - 2022-04-27 16:13 - 00000000 ____D C:\Users\MaPomme\AppData\Local\insight-nodejs 2022-04-27 12:03 - 2022-04-27 16:11 - 00000000 ____D C:\ResHacker 2022-04-27 12:03 - 2022-04-27 16:01 - 00000000 ____D C:\Users\MaPomme\AppData\Roaming\Videoder 2022-04-27 12:03 - 2022-04-27 15:57 - 00000000 ____D C:\Users\MaPomme\AppData\Local\Videoder 2022-04-27 12:03 - 2022-04-27 12:03 - 00000973 ____A C:\Users\MaPomme\Desktop\ResHacker.lnk 2022-04-27 12:00 - 2015-07-18 15:08 - 00984448 ____A (Microsoft Corporation) C:\Windows\System32\ucrtbase.dll 2022-04-27 12:00 - 2015-07-18 15:08 - 00901264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll 2022-04-27 12:00 - 2015-07-18 15:08 - 00066400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll 2022-04-27 12:00 - 2015-07-18 15:08 - 00063840 ____A (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-private-l1-1-0.dll 2022-04-27 12:00 - 2015-07-18 15:08 - 00022368 ____A (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll 2022-04-27 12:00 - 2015-07-18 15:08 - 00020832 ____A (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-math-l1-1-0.dll 2022-04-27 12:00 - 2015-07-18 15:08 - 00019808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll 2022-04-27 12:00 - 2015-07-18 15:08 - 00019808 ____A (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-multibyte-l1-1-0.dll 2022-04-27 12:00 - 2015-07-18 15:08 - 00017760 ____A (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll 2022-04-27 12:00 - 2015-07-18 15:08 - 00017760 ____A (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll 2022-04-27 12:00 - 2015-07-18 15:08 - 00017760 ____A (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-string-l1-1-0.dll 2022-04-27 12:00 - 2015-07-18 15:08 - 00017760 ____A (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-stdio-l1-1-0.dll 2022-04-27 12:00 - 2015-07-18 15:08 - 00016224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll 2022-04-27 12:00 - 2015-07-18 15:08 - 00016224 ____A (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-runtime-l1-1-0.dll 2022-04-27 12:00 - 2015-07-18 15:08 - 00015712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll 2022-04-27 12:00 - 2015-07-18 15:08 - 00015712 ____A (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-convert-l1-1-0.dll 2022-04-27 12:00 - 2015-07-18 15:08 - 00014176 ____A (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll 2022-04-27 12:00 - 2015-07-18 15:08 - 00014176 ____A (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll 2022-04-27 12:00 - 2015-07-18 15:08 - 00014176 ____A (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-time-l1-1-0.dll 2022-04-27 12:00 - 2015-07-18 15:08 - 00014176 ____A (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-2-0.dll 2022-04-27 12:00 - 2015-07-18 15:08 - 00013664 ____A (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll 2022-04-27 12:00 - 2015-07-18 15:08 - 00013664 ____A (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-filesystem-l1-1-0.dll 2022-04-27 12:00 - 2015-07-18 15:08 - 00012640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll 2022-04-27 12:00 - 2015-07-18 15:08 - 00012640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll 2022-04-27 12:00 - 2015-07-18 15:08 - 00012640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll 2022-04-27 12:00 - 2015-07-18 15:08 - 00012640 ____A (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-process-l1-1-0.dll 2022-04-27 12:00 - 2015-07-18 15:08 - 00012640 ____A (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-heap-l1-1-0.dll 2022-04-27 12:00 - 2015-07-18 15:08 - 00012640 ____A (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-conio-l1-1-0.dll 2022-04-27 12:00 - 2015-07-18 15:08 - 00012128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll 2022-04-27 12:00 - 2015-07-18 15:08 - 00012128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll 2022-04-27 12:00 - 2015-07-18 15:08 - 00012128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll 2022-04-27 12:00 - 2015-07-18 15:08 - 00012128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll 2022-04-27 12:00 - 2015-07-18 15:08 - 00012128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll 2022-04-27 12:00 - 2015-07-18 15:08 - 00012128 ____A (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-utility-l1-1-0.dll 2022-04-27 12:00 - 2015-07-18 15:08 - 00012128 ____A (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-locale-l1-1-0.dll 2022-04-27 12:00 - 2015-07-18 15:08 - 00012128 ____A (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-environment-l1-1-0.dll 2022-04-27 12:00 - 2015-07-18 15:08 - 00012128 ____A (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-2-0.dll 2022-04-27 12:00 - 2015-07-18 15:08 - 00012128 ____A (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-1.dll 2022-04-27 12:00 - 2015-07-18 15:08 - 00011616 ____A (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-eventing-provider-l1-1-0.dll 2022-04-27 12:00 - 2015-07-18 15:08 - 00011616 ____A (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll 2022-04-27 12:00 - 2015-07-18 15:08 - 00011616 ____A (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll 2022-04-27 12:00 - 2015-07-18 15:08 - 00011616 ____A (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll 2022-04-27 12:00 - 2015-07-18 15:08 - 00011616 ____A (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll 2022-04-27 12:00 - 2015-07-18 15:08 - 00011616 ____A (Microsoft Corporation) C:\Windows\System32\api-ms-win-eventing-provider-l1-1-0.dll 2022-04-27 12:00 - 2015-07-18 15:08 - 00011616 ____A (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l2-1-0.dll 2022-04-27 12:00 - 2015-07-18 15:08 - 00011616 ____A (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-timezone-l1-1-0.dll 2022-04-27 12:00 - 2015-07-18 15:08 - 00011616 ____A (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l2-1-0.dll 2022-04-27 12:00 - 2015-07-18 15:08 - 00011616 ____A (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-2-0.dll 2022-04-27 11:59 - 2022-04-27 11:59 - 00000000 ____D C:\ProgramData\Package Cache 2022-04-27 11:58 - 2022-04-27 11:59 - 00000000 ____D C:\Program Files (x86)\InCtrl5 2022-04-27 11:55 - 2022-04-27 11:55 - 00001035 ____A C:\Users\MaPomme\Desktop\Ripp-it_AM.lnk 2022-04-27 11:55 - 2022-04-27 11:55 - 00000000 ____D C:\Program Files (x86)\Ripp-it_AM 2022-04-27 11:55 - 2022-04-27 11:55 - 00000000 ____D C:\Program Files (x86)\AviSynth 2.5 2022-04-27 11:54 - 2022-04-27 16:13 - 00000000 ____D C:\ProgramData\Videoder 2022-04-27 11:54 - 2022-04-27 11:54 - 00002183 ____A C:\Users\Public\Desktop\Videoder.lnk 2022-04-27 11:54 - 2022-04-27 11:54 - 00000000 ____D C:\Program Files (x86)\Videoder 2022-04-27 11:51 - 2022-04-27 16:01 - 00000000 ____D C:\Users\MaPomme\Desktop\Tor Browser 2022-04-27 11:51 - 2022-04-27 11:51 - 00000789 ____A C:\Users\MaPomme\Desktop\Start Tor Browser.lnk 2022-04-27 11:50 - 2022-04-27 16:13 - 00000000 ____D C:\ProgramData\SystemAcCrux 2022-04-27 11:50 - 2022-04-27 16:10 - 00004940 ____A C:\Windows\SysWOW64\Eaolog.log 2022-04-27 11:50 - 2022-04-27 16:10 - 00000048 ____A C:\Windows\SysWOW64\EUTB.TODJ 2022-04-27 11:50 - 2022-04-27 11:50 - 00001335 ____A C:\Users\Public\Desktop\EaseUS Todo Backup Free.lnk 2022-04-27 11:50 - 2022-04-15 09:05 - 00555656 ____A (CHENGDU YIWO Tech Development Co., Ltd) C:\Windows\System32\Drivers\EuFdDisk.sys 2022-04-27 11:50 - 2022-04-15 09:05 - 00075912 ____A (CHENGDU YIWO Tech Development Co., Ltd) C:\Windows\System32\Drivers\eubakup.sys 2022-04-27 11:50 - 2022-04-15 09:05 - 00054920 ____A C:\Windows\System32\Drivers\EUBKMON.sys 2022-04-27 11:50 - 2022-04-15 09:05 - 00036488 ____A (CHENGDU YIWO Tech Development Co., Ltd) C:\Windows\System32\Drivers\EuFdMount.sys 2022-04-27 11:50 - 2022-04-15 09:05 - 00023688 ____A (CHENGDU YIWO Tech Development Co., Ltd) C:\Windows\System32\Drivers\eudskacs.sys 2022-04-27 11:48 - 2022-04-27 16:12 - 00000000 ____D C:\ProgramData\EaseUS 2022-04-27 11:48 - 2022-04-27 11:48 - 00000000 ____D C:\Program Files (x86)\EaseUS 2022-04-27 11:48 - 2022-04-15 09:04 - 00028808 ____A (CHENGDU YIWO Tech Development Co., Ltd) C:\Windows\System32\fbnative.exe 2022-04-27 11:47 - 2022-04-27 16:13 - 00000000 ____D C:\Users\MaPomme\.VirtualBox 2022-04-27 11:47 - 2022-04-27 16:13 - 00000000 ____D C:\ProgramData\VirtualBox 2022-04-27 11:47 - 2022-04-27 11:47 - 00001076 ____A C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk 2022-04-27 11:47 - 2021-10-18 11:46 - 00188184 ____A (Oracle Corporation) C:\Windows\System32\Drivers\VBoxUSBMon.sys 2022-04-27 11:47 - 2021-10-18 11:45 - 01045352 ____A (Oracle Corporation) C:\Windows\System32\Drivers\VBoxDrv.sys 2022-04-27 11:46 - 2022-04-27 11:46 - 00000000 ____D C:\Program Files\Oracle 2022-04-27 11:45 - 2022-04-27 11:45 - 00000836 ____A C:\Users\Public\Desktop\DiskGenius.lnk 2022-04-27 11:45 - 2022-04-27 11:45 - 00000000 ____D C:\Program Files\DiskGenius 2022-04-26 20:52 - 2022-04-27 16:12 - 00000000 ____D C:\ProgramData\Acronis 2022-04-26 20:52 - 2022-04-26 20:52 - 01058632 ____A (Acronis International GmbH) C:\Windows\System32\Drivers\tib.sys 2022-04-26 20:52 - 2022-04-26 20:52 - 00304416 ____A (Acronis International GmbH) C:\Windows\System32\Drivers\snapman.sys 2022-04-26 20:52 - 2022-04-26 20:52 - 00296736 ____A (Acronis International GmbH) C:\Windows\System32\Drivers\file_tracker.sys 2022-04-26 20:52 - 2022-04-26 20:52 - 00248648 ____A (Acronis International GmbH) C:\Windows\System32\Drivers\tib_mounter.sys 2022-04-26 20:52 - 2022-04-26 20:52 - 00134432 ____A (Acronis International GmbH) C:\Windows\System32\Drivers\fltsrv.sys 2022-04-26 20:52 - 2022-04-26 20:52 - 00001205 ____A C:\Users\Public\Desktop\Acronis True Image 2015.lnk 2022-04-26 20:52 - 2022-04-26 20:52 - 00000000 ____D C:\Program Files (x86)\Acronis 2022-04-26 20:25 - 2022-04-27 15:58 - 00000000 ____D C:\Users\MaPomme\AppData\Roaming\63AE6C56-E50B-471F-92D6-D3F21081930F 2022-04-26 20:23 - 2022-04-27 15:58 - 00000000 ____D C:\Users\MaPomme\AppData\Roaming\Acronis 2022-04-26 18:33 - 2022-04-26 18:33 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdFs_01_09_00.Wdf 2022-04-26 17:58 - 2022-04-27 16:11 - 00000000 ___HD C:\AomeiRecovery 2022-04-26 17:40 - 2022-04-26 17:52 - 00001024 ___AH C:\SYSTAG.BIN 2022-04-26 17:39 - 2022-04-27 16:12 - 00000000 ____D C:\ProgramData\Aomei 2022-04-26 17:39 - 2022-04-27 16:10 - 00000432 ____A C:\Windows\SysWOW64\winsevr.dat 2022-04-26 17:39 - 2022-04-27 16:10 - 00000208 ____A C:\Windows\SysWOW64\AbBakConfig.dat 2022-04-26 17:39 - 2022-04-26 17:39 - 00000946 ____A C:\Users\Public\Desktop\AOMEI Backupper.lnk 2022-04-26 17:38 - 2022-04-27 16:12 - 00000000 ____D C:\ProgramData\AomeiBR 2022-04-26 17:38 - 2022-04-26 17:38 - 00000000 ____D C:\Program Files (x86)\AOMEI 2022-04-26 17:38 - 2019-05-14 11:28 - 00051120 ____A C:\Windows\System32\ambakdrv.sys 2022-04-26 17:38 - 2019-05-14 11:28 - 00038320 ____A C:\Windows\System32\amwrtdrv.sys 2022-04-26 17:38 - 2016-12-21 22:52 - 00171952 ____A C:\Windows\System32\ammntdrv.sys 2022-04-26 15:42 - 2022-04-27 15:59 - 00000000 ____D C:\Users\MaPomme\AppData\Roaming\DesktopOK 2022-04-26 15:42 - 2017-08-03 11:11 - 00326656 ____A (Nenad Hrg SoftwareOK) C:\Users\MaPomme\Desktop\DesktopOK.exe 2022-04-26 15:42 - 2008-03-29 01:36 - 00499200 ____A (Quick And Easy Software) C:\Users\MaPomme\Desktop\Eject_USB.exe 2022-04-26 15:40 - 2009-02-02 03:27 - 07347200 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RTSUSTORicon.dll 2022-04-26 15:38 - 2022-04-26 15:38 - 00002179 ____A C:\Users\Public\Desktop\HP Support Assistant.lnk 2022-04-26 15:37 - 2022-04-27 16:13 - 00000000 ____D C:\ProgramData\{8D274659-3D84-4410-A197-C170D180BC76} 2022-04-26 15:37 - 2022-04-27 16:12 - 00000000 ____D C:\ProgramData\Hewlett-Packard 2022-04-26 15:36 - 2022-04-27 16:13 - 00000000 ____D C:\ProgramData\{DA06AA03-DF24-4ECE-939E-1B0939235C66} 2022-04-26 15:36 - 2022-04-26 15:36 - 00057560 ____A C:\Users\MaPomme\AppData\Local\GDIPFONTCACHEV1.DAT 2022-04-26 15:35 - 2022-04-27 16:13 - 00000000 ____D C:\Users\MaPomme\AppData\Local\GHISLER 2022-04-26 15:35 - 2022-04-26 15:36 - 00000386 ____A C:\UsbRecovery.log 2022-04-26 15:29 - 2022-04-27 16:12 - 00000000 ____D C:\totalcmd 2022-04-26 15:29 - 2022-04-26 15:29 - 00000646 ____A C:\Users\MaPomme\Desktop\Total Commander 64 bit.lnk 2022-04-26 15:29 - 2022-04-26 15:29 - 00000632 ____A C:\Users\MaPomme\Desktop\Total Commander.lnk 2022-04-26 15:23 - 2022-04-26 15:23 - 00000000 ____A C:\Users\MaPomme\AppData\Local\QSwitch.txt 2022-04-26 15:23 - 2022-04-26 15:23 - 00000000 ____A C:\Users\MaPomme\AppData\Local\DSwitch.txt 2022-04-26 15:23 - 2022-04-26 15:23 - 00000000 ____A C:\Users\MaPomme\AppData\Local\AtStart.txt 2022-04-26 15:22 - 2022-04-26 15:22 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_SynTP_01009.Wdf 2022-04-26 15:21 - 2022-04-27 15:59 - 00000000 ____D C:\Users\MaPomme\AppData\Roaming\hpqLog 2022-04-26 15:20 - 2009-04-29 08:48 - 00018432 ____A (Hewlett-Packard Development Company, L.P.) C:\Windows\System32\Drivers\HpqKbFiltr.sys 2022-04-26 15:20 - 2008-09-08 14:31 - 01885488 ___RA (Hewlett-Packard Company) C:\Windows\SysWOW64\BttnCmn.dll 2022-04-26 15:20 - 2008-09-08 14:31 - 01885488 ____A (Hewlett-Packard Company) C:\Windows\SysWOW64\BttnCmns.dll 2022-04-26 15:20 - 2006-11-02 07:04 - 01919968 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\wdfcoinstaller01005.dll 2022-04-26 15:19 - 2022-04-26 15:19 - 00000000 ____D C:\Program Files (x86)\HP USB TV Tuner 2022-04-26 15:19 - 2006-10-10 17:47 - 00036921 ____A (Hauppauge Computer Works) C:\Windows\SysWOW64\hcwutl32_priv.dll 2022-04-26 15:19 - 2006-10-10 17:47 - 00036921 ____A (Hauppauge Computer Works) C:\Windows\SysWOW64\hcwutl32.dll 2022-04-26 15:17 - 2022-04-26 15:17 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_SynTP_01007.Wdf 2022-04-26 15:16 - 2022-04-26 15:16 - 00000000 ____D C:\Program Files\Synaptics 2022-04-26 15:13 - 2022-04-26 15:22 - 00014574 ____A C:\Windows\DPINST.LOG 2022-04-26 15:13 - 2022-04-26 15:13 - 00000000 ____D C:\Program Files\DIFX 2022-04-26 15:13 - 2022-04-26 15:13 - 00000000 ____D C:\Program Files (x86)\AMD 2022-04-26 15:13 - 2009-03-09 06:49 - 00036408 ____A (Advanced Micro Devices) C:\Windows\System32\Drivers\usbfilter.sys 2022-04-26 15:12 - 2022-04-26 15:40 - 00000000 ____D C:\Program Files (x86)\Realtek 2022-04-26 15:12 - 2009-05-22 07:52 - 00215040 ____A (Realtek ) C:\Windows\System32\Drivers\Rt64win7.sys 2022-04-26 15:12 - 2009-03-04 23:54 - 00067584 ____A C:\Windows\System32\RtNicProp64.dll 2022-04-26 15:11 - 2022-04-27 16:12 - 00000000 ____D C:\ProgramData\Atheros 2022-04-26 15:11 - 2022-04-27 15:59 - 00000000 ____D C:\Users\MaPomme\AppData\Roaming\InstallShield 2022-04-26 15:11 - 2022-04-26 15:11 - 00000000 ____D C:\Windows\System32\nn-NO 2022-04-26 15:11 - 2022-04-26 15:11 - 00000000 ____D C:\Program Files (x86)\Cisco 2022-04-26 15:11 - 2022-04-26 15:11 - 00000000 ____D C:\Program Files (x86)\Atheros 2022-04-26 15:11 - 2010-03-02 16:45 - 01594368 ____A (Atheros Communications, Inc.) C:\Windows\System32\Drivers\athrx.sys 2022-04-26 15:11 - 2010-02-02 14:48 - 00060416 ____A (Atheros) C:\Windows\System32\athihvui.dll 2022-04-26 15:11 - 2010-02-02 14:47 - 00439808 ____A (Atheros) C:\Windows\System32\athihvs.dll 2022-04-26 15:10 - 2022-04-26 15:10 - 00006656 ____A C:\Windows\System32\bcmwlrc.dll 2022-04-26 15:10 - 2022-04-26 15:10 - 00000000 ____D C:\Program Files\Broadcom 2022-04-26 15:08 - 2022-04-26 15:08 - 00000000 ____D C:\Program Files\IDT 2022-04-26 15:08 - 2010-03-23 07:53 - 01465344 ____A (IDT, Inc.) C:\Windows\System32\stapo64.dll 2022-04-26 15:08 - 2010-03-23 07:53 - 00645632 ____N (IDT, Inc.) C:\Windows\System32\stapi64.dll 2022-04-26 15:08 - 2010-03-23 07:53 - 00505344 ____A (IDT, Inc.) C:\Windows\System32\Drivers\stwrt64.sys 2022-04-26 15:08 - 2010-03-23 07:53 - 00431616 ____A (IDT, Inc.) C:\Windows\System32\stcplx64.dll 2022-04-26 15:07 - 2022-04-26 15:07 - 00000000 ____D C:\Windows\System32\SRSLabs 2022-04-26 15:07 - 2010-03-31 23:11 - 00162304 ____A (Andrea Electronics Corporation) C:\Windows\System32\AESTAC64.dll 2022-04-26 15:07 - 2010-03-23 07:53 - 12772352 ____A (IDT, Inc.) C:\Windows\System32\idtcpl64.cpl 2022-04-26 15:07 - 2010-03-23 07:53 - 03348480 ____A (IDT, Inc.) C:\Windows\System32\stlang64.dll 2022-04-26 15:07 - 2010-03-23 07:53 - 00564224 ____A (IDT, Inc.) C:\Windows\System32\idt64mp1.exe 2022-04-26 15:07 - 2010-03-23 07:53 - 00487424 ____A (IDT, Inc.) C:\Windows\sttray64.exe 2022-04-26 15:07 - 2009-10-09 09:45 - 00442368 ____A (Andrea Electronics Corporation) C:\Windows\System32\AESTEC64.dll 2022-04-26 15:07 - 2009-03-02 10:58 - 00068608 ____A (Andrea Electronics Corporation) C:\Windows\System32\AESTAR64.dll 2022-04-26 15:07 - 2009-03-02 10:47 - 00090624 ____A (Andrea Electronics Corporation) C:\Windows\System32\AESTCo64.dll 2022-04-26 15:06 - 2022-04-26 15:40 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2022-04-26 15:06 - 2022-04-26 15:39 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard 2022-04-26 15:06 - 2022-04-26 15:06 - 00000000 _RASH C:\Windows\System32\Drivers\103C_HP_cNB_Presario CQ61 Notebook PC_Y5335KV_0U_QCNF9468D76_EU_4A_I363F_SQuanta_V42.14_F.07_T091010_WU3-1_L40C_M3837_J128_7AMD_8F62_92.00_#220426_N10EC8136;168C002B_(VU001EA#ABF)_XMOBILE_CN10_Z.MRK 2022-04-26 15:06 - 2010-03-23 07:53 - 00209920 ____A (IDT, Inc.) C:\Windows\System32\staco64.dll 2022-04-26 15:04 - 2022-04-27 15:59 - 00000000 ____D C:\Users\MaPomme\AppData\Roaming\GHISLER 2022-04-26 12:28 - 2022-04-26 12:28 - 00008192 _RASH C:\BOOTSECT.BAK 2022-04-26 12:28 - 2022-04-26 11:44 - 00000000 ____D C:\Windows\Panther 2022-04-26 12:28 - 2010-11-21 05:23 - 00383786 _RASH C:\bootmgr 2022-04-26 12:15 - 2022-04-27 16:01 - 00000000 ____D C:\Windows.old 2022-04-26 11:44 - 2022-04-27 16:01 - 00000000 ____D C:\users\MaPomme 2022-04-26 11:44 - 2022-04-27 15:58 - 00000000 ____D C:\Users\MaPomme\AppData\Local\VirtualStore 2022-04-26 11:44 - 2022-04-26 11:44 - 00000020 ___SH C:\Users\MaPomme\ntuser.ini 2022-04-26 11:44 - 2022-04-26 11:44 - 00000000 __SHD C:\Users\Public\Documents\Mes vidéos 2022-04-26 11:44 - 2022-04-26 11:44 - 00000000 __SHD C:\Users\Public\Documents\Mes images 2022-04-26 11:44 - 2022-04-26 11:44 - 00000000 __SHD C:\Users\Public\Documents\Ma musique 2022-04-26 11:44 - 2022-04-26 11:44 - 00000000 __SHD C:\Users\MaPomme\Voisinage réseau 2022-04-26 11:44 - 2022-04-26 11:44 - 00000000 __SHD C:\Users\MaPomme\Voisinage d'impression 2022-04-26 11:44 - 2022-04-26 11:44 - 00000000 __SHD C:\Users\MaPomme\Modèles 2022-04-26 11:44 - 2022-04-26 11:44 - 00000000 __SHD C:\Users\MaPomme\Menu Démarrer 2022-04-26 11:44 - 2022-04-26 11:44 - 00000000 __SHD C:\Users\MaPomme\Documents\Mes vidéos 2022-04-26 11:44 - 2022-04-26 11:44 - 00000000 __SHD C:\Users\MaPomme\Documents\Mes images 2022-04-26 11:44 - 2022-04-26 11:44 - 00000000 __SHD C:\Users\MaPomme\Documents\Ma musique 2022-04-26 11:44 - 2022-04-26 11:44 - 00000000 __SHD C:\Users\MaPomme\AppData\Local\Historique 2022-04-26 11:44 - 2022-04-26 11:44 - 00000000 __SHD C:\Users\Default\Voisinage réseau 2022-04-26 11:44 - 2022-04-26 11:44 - 00000000 __SHD C:\Users\Default\Voisinage d'impression 2022-04-26 11:44 - 2022-04-26 11:44 - 00000000 __SHD C:\Users\Default\Modèles 2022-04-26 11:44 - 2022-04-26 11:44 - 00000000 __SHD C:\Users\Default\Menu Démarrer 2022-04-26 11:44 - 2022-04-26 11:44 - 00000000 __SHD C:\Users\Default\Documents\Mes vidéos 2022-04-26 11:44 - 2022-04-26 11:44 - 00000000 __SHD C:\Users\Default\Documents\Mes images 2022-04-26 11:44 - 2022-04-26 11:44 - 00000000 __SHD C:\Users\Default\Documents\Ma musique 2022-04-26 11:44 - 2022-04-26 11:44 - 00000000 __SHD C:\Users\Default\AppData\Local\Historique 2022-04-26 11:44 - 2022-04-26 11:44 - 00000000 __SHD C:\Users\Default User\Documents\Mes vidéos 2022-04-26 11:44 - 2022-04-26 11:44 - 00000000 __SHD C:\Users\Default User\Documents\Mes images 2022-04-26 11:44 - 2022-04-26 11:44 - 00000000 __SHD C:\Users\Default User\Documents\Ma musique 2022-04-26 11:44 - 2022-04-26 11:44 - 00000000 __SHD C:\Users\Default User\AppData\Local\Historique 2022-04-26 11:44 - 2022-04-26 11:44 - 00000000 __SHD C:\Recovery 2022-04-26 11:44 - 2022-04-26 11:44 - 00000000 __SHD C:\ProgramData\Modèles 2022-04-26 11:44 - 2022-04-26 11:44 - 00000000 __SHD C:\ProgramData\Menu Démarrer 2022-04-26 11:44 - 2022-04-26 11:44 - 00000000 __SHD C:\ProgramData\Favoris 2022-04-26 11:44 - 2022-04-26 11:44 - 00000000 __SHD C:\ProgramData\Bureau 2022-04-26 11:44 - 2022-04-26 11:44 - 00000000 __SHD C:\Program Files\Fichiers communs 2022-04-26 11:35 - 2022-04-27 16:13 - 00072050 ____A C:\Windows\WindowsUpdate.log 2022-04-26 11:30 - 2022-04-26 11:30 - 00001355 ____A C:\Windows\TSSysprep.log ==================== One Month Modified Files and Folders ======= 2022-04-27 16:15 - 2022-04-27 16:15 - 00000000 ____D C:\FRST 2022-04-27 16:13 - 2022-04-27 16:13 - 00011696 ____A C:\Users\MaPomme\AppData\Local\-!RecOveR!-xlkev++.Htm 2022-04-27 16:13 - 2022-04-27 16:13 - 00002443 ____A C:\Users\MaPomme\AppData\Local\-!RecOveR!-xlkev++.Txt 2022-04-27 16:13 - 2022-04-27 16:12 - 00011696 ____A C:\ProgramData\-!RecOveR!-xlkev++.Htm 2022-04-27 16:13 - 2022-04-27 16:12 - 00002443 ____A C:\ProgramData\-!RecOveR!-xlkev++.Txt 2022-04-27 16:13 - 2022-04-27 15:58 - 00000000 ____D C:\ProgramData\{BE2ACE5C-32B7-4777-9BDF-ECF87CDAB705} 2022-04-27 16:13 - 2022-04-27 15:55 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy 2022-04-27 16:13 - 2022-04-27 15:22 - 00000000 ____D C:\Users\MaPomme\AppData\Local\Apple 2022-04-27 16:13 - 2022-04-27 15:17 - 00000000 ____D C:\Users\MaPomme\AppData\Local\eMule 2022-04-27 16:13 - 2022-04-27 15:15 - 00000000 ____D C:\ProgramData\Yahoo! Companion 2022-04-27 16:13 - 2022-04-27 12:03 - 00000000 ____D C:\Users\MaPomme\AppData\Local\insight-nodejs 2022-04-27 16:13 - 2022-04-27 11:54 - 00000000 ____D C:\ProgramData\Videoder 2022-04-27 16:13 - 2022-04-27 11:50 - 00000000 ____D C:\ProgramData\SystemAcCrux 2022-04-27 16:13 - 2022-04-27 11:47 - 00000000 ____D C:\Users\MaPomme\.VirtualBox 2022-04-27 16:13 - 2022-04-27 11:47 - 00000000 ____D C:\ProgramData\VirtualBox 2022-04-27 16:13 - 2022-04-26 15:37 - 00000000 ____D C:\ProgramData\{8D274659-3D84-4410-A197-C170D180BC76} 2022-04-27 16:13 - 2022-04-26 15:36 - 00000000 ____D C:\ProgramData\{DA06AA03-DF24-4ECE-939E-1B0939235C66} 2022-04-27 16:13 - 2022-04-26 15:35 - 00000000 ____D C:\Users\MaPomme\AppData\Local\GHISLER 2022-04-27 16:13 - 2022-04-26 11:35 - 00072050 ____A C:\Windows\WindowsUpdate.log 2022-04-27 16:12 - 2022-04-27 16:12 - 00011696 ____A C:\Users\Public\Documents\-!RecOveR!-xlkev++.Htm 2022-04-27 16:12 - 2022-04-27 16:12 - 00002443 ____A C:\Users\Public\Documents\-!RecOveR!-xlkev++.Txt 2022-04-27 16:12 - 2022-04-27 15:58 - 00000000 ____D C:\ProgramData\ProductData 2022-04-27 16:12 - 2022-04-27 15:58 - 00000000 ____D C:\ProgramData\IObit 2022-04-27 16:12 - 2022-04-27 15:23 - 00000000 ____D C:\ProgramData\Apple Computer 2022-04-27 16:12 - 2022-04-27 15:22 - 00000000 ____D C:\ProgramData\Apple 2022-04-27 16:12 - 2022-04-27 15:12 - 00000000 ____D C:\ProgramData\Avira 2022-04-27 16:12 - 2022-04-27 12:08 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite 2022-04-27 16:12 - 2022-04-27 11:48 - 00000000 ____D C:\ProgramData\EaseUS 2022-04-27 16:12 - 2022-04-26 20:52 - 00000000 ____D C:\ProgramData\Acronis 2022-04-27 16:12 - 2022-04-26 17:39 - 00000000 ____D C:\ProgramData\Aomei 2022-04-27 16:12 - 2022-04-26 17:38 - 00000000 ____D C:\ProgramData\AomeiBR 2022-04-27 16:12 - 2022-04-26 15:37 - 00000000 ____D C:\ProgramData\Hewlett-Packard 2022-04-27 16:12 - 2022-04-26 15:29 - 00000000 ____D C:\totalcmd 2022-04-27 16:12 - 2022-04-26 15:11 - 00000000 ____D C:\ProgramData\Atheros 2022-04-27 16:11 - 2022-04-27 15:56 - 00000256 ____A C:\Users\MaPomme\Documents\-!recover!-!file!-.txt 2022-04-27 16:11 - 2022-04-27 12:03 - 00000000 ____D C:\ResHacker 2022-04-27 16:11 - 2022-04-26 17:58 - 00000000 ___HD C:\AomeiRecovery 2022-04-27 16:10 - 2022-04-27 11:50 - 00004940 ____A C:\Windows\SysWOW64\Eaolog.log 2022-04-27 16:10 - 2022-04-27 11:50 - 00000048 ____A C:\Windows\SysWOW64\EUTB.TODJ 2022-04-27 16:10 - 2022-04-26 17:39 - 00000432 ____A C:\Windows\SysWOW64\winsevr.dat 2022-04-27 16:10 - 2022-04-26 17:39 - 00000208 ____A C:\Windows\SysWOW64\AbBakConfig.dat 2022-04-27 16:10 - 2009-07-14 06:51 - 00025419 ____A C:\Windows\setupact.log 2022-04-27 16:09 - 2010-11-21 05:47 - 00009138 ____A C:\Windows\PFRO.log 2022-04-27 16:06 - 2022-04-27 16:06 - 00000000 ____D C:\Program Files (x86)\Qubq 2022-04-27 16:06 - 2022-04-27 16:01 - 00000000 ____D C:\Users\MaPomme\AppData\Roaming\Dashlane 2022-04-27 16:06 - 2022-04-27 15:23 - 00000000 ____D C:\Users\MaPomme\AppData\Roaming\Azureus 2022-04-27 16:06 - 2009-07-14 05:20 - 00000000 ___RD C:\Program Files (x86) 2022-04-27 16:04 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared 2022-04-27 16:01 - 2022-04-27 16:01 - 00011696 ____A C:\Users\Public\Downloads\-!RecOveR!-gxnjt++.Htm 2022-04-27 16:01 - 2022-04-27 16:01 - 00011696 ____A C:\Users\Public\-!RecOveR!-gxnjt++.Htm 2022-04-27 16:01 - 2022-04-27 16:01 - 00011696 ____A C:\Users\MaPomme\Downloads\-!RecOveR!-gxnjt++.Htm 2022-04-27 16:01 - 2022-04-27 16:01 - 00011696 ____A C:\Users\MaPomme\Documents\-!RecOveR!-gxnjt++.Htm 2022-04-27 16:01 - 2022-04-27 16:01 - 00011696 ____A C:\Users\MaPomme\AppData\Roaming\-!RecOveR!-gxnjt++.Htm 2022-04-27 16:01 - 2022-04-27 16:01 - 00011696 ____A C:\Users\MaPomme\AppData\-!RecOveR!-gxnjt++.Htm 2022-04-27 16:01 - 2022-04-27 16:01 - 00011696 ____A C:\Users\MaPomme\-!RecOveR!-gxnjt++.Htm 2022-04-27 16:01 - 2022-04-27 16:01 - 00002443 ____A C:\Users\Public\Downloads\-!RecOveR!-gxnjt++.Txt 2022-04-27 16:01 - 2022-04-27 16:01 - 00002443 ____A C:\Users\Public\-!RecOveR!-gxnjt++.Txt 2022-04-27 16:01 - 2022-04-27 16:01 - 00002443 ____A C:\Users\MaPomme\Downloads\-!RecOveR!-gxnjt++.Txt 2022-04-27 16:01 - 2022-04-27 16:01 - 00002443 ____A C:\Users\MaPomme\Documents\-!RecOveR!-gxnjt++.Txt 2022-04-27 16:01 - 2022-04-27 16:01 - 00002443 ____A C:\Users\MaPomme\AppData\Roaming\-!RecOveR!-gxnjt++.Txt 2022-04-27 16:01 - 2022-04-27 16:01 - 00002443 ____A C:\Users\MaPomme\AppData\-!RecOveR!-gxnjt++.Txt 2022-04-27 16:01 - 2022-04-27 16:01 - 00002443 ____A C:\Users\MaPomme\-!RecOveR!-gxnjt++.Txt 2022-04-27 16:01 - 2022-04-27 16:01 - 00000000 ____D C:\Users\MaPomme\AppData\Local\Packages 2022-04-27 16:01 - 2022-04-27 16:01 - 00000000 ____D C:\Program Files (x86)\Dashlane 2022-04-27 16:01 - 2022-04-27 15:57 - 00000000 ____D C:\Users\MaPomme\AppData\Roaming\Zewyy 2022-04-27 16:01 - 2022-04-27 15:56 - 00011696 ____A C:\Users\Public\Documents\-!RecOveR!-gxnjt++.Htm 2022-04-27 16:01 - 2022-04-27 15:56 - 00011696 ____A C:\Users\MaPomme\AppData\Local\-!RecOveR!-gxnjt++.Htm 2022-04-27 16:01 - 2022-04-27 15:56 - 00002443 ____A C:\Users\Public\Documents\-!RecOveR!-gxnjt++.Txt 2022-04-27 16:01 - 2022-04-27 15:56 - 00002443 ____A C:\Users\MaPomme\AppData\Local\-!RecOveR!-gxnjt++.Txt 2022-04-27 16:01 - 2022-04-27 15:21 - 00000000 ____D C:\Users\MaPomme\AppData\Roaming\PC Speed Maximizer 2022-04-27 16:01 - 2022-04-27 15:19 - 00000000 ____D C:\Users\MaPomme\AppData\Roaming\Mozilla 2022-04-27 16:01 - 2022-04-27 15:15 - 00000000 ____D C:\Users\MaPomme\AppData\Roaming\Yahoo! 2022-04-27 16:01 - 2022-04-27 12:03 - 00000000 ____D C:\Users\MaPomme\AppData\Roaming\Videoder 2022-04-27 16:01 - 2022-04-27 11:51 - 00000000 ____D C:\Users\MaPomme\Desktop\Tor Browser 2022-04-27 16:01 - 2022-04-26 12:15 - 00000000 ____D C:\Windows.old 2022-04-27 16:01 - 2022-04-26 11:44 - 00000000 ____D C:\users\MaPomme 2022-04-27 16:01 - 2011-04-12 11:27 - 00000000 ___RD C:\Users\Public\Recorded TV 2022-04-27 16:01 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Public\Libraries 2022-04-27 16:01 - 2009-07-14 05:20 - 00000000 ___RD C:\users\Public 2022-04-27 16:00 - 2022-04-27 16:00 - 00001177 ____A C:\Users\Public\Desktop\IObit Malware Fighter.lnk 2022-04-27 16:00 - 2022-04-27 15:58 - 00000000 ____D C:\Users\MaPomme\AppData\Roaming\IObit 2022-04-27 15:59 - 2022-04-27 15:57 - 00000000 ____D C:\Users\MaPomme\AppData\Roaming\Doqyu 2022-04-27 15:59 - 2022-04-27 15:19 - 00000000 ____D C:\Users\MaPomme\AppData\Roaming\Foxit 2022-04-27 15:59 - 2022-04-27 12:08 - 00000000 ____D C:\Users\MaPomme\AppData\Roaming\DAEMON Tools Lite 2022-04-27 15:59 - 2022-04-26 15:42 - 00000000 ____D C:\Users\MaPomme\AppData\Roaming\DesktopOK 2022-04-27 15:59 - 2022-04-26 15:21 - 00000000 ____D C:\Users\MaPomme\AppData\Roaming\hpqLog 2022-04-27 15:59 - 2022-04-26 15:11 - 00000000 ____D C:\Users\MaPomme\AppData\Roaming\InstallShield 2022-04-27 15:59 - 2022-04-26 15:04 - 00000000 ____D C:\Users\MaPomme\AppData\Roaming\GHISLER 2022-04-27 15:58 - 2022-04-27 15:58 - 00000993 ____A C:\Users\MaPomme\Desktop\System Defragmenter.lnk 2022-04-27 15:58 - 2022-04-27 15:58 - 00000000 ____D C:\Program Files (x86)\IObit 2022-04-27 15:58 - 2022-04-27 15:57 - 00000000 ____D C:\Users\MaPomme\AppData\Roaming\Amizo 2022-04-27 15:58 - 2022-04-27 15:19 - 00000000 ____D C:\Users\MaPomme\AppData\Roaming\Adobe 2022-04-27 15:58 - 2022-04-26 20:25 - 00000000 ____D C:\Users\MaPomme\AppData\Roaming\63AE6C56-E50B-471F-92D6-D3F21081930F 2022-04-27 15:58 - 2022-04-26 20:23 - 00000000 ____D C:\Users\MaPomme\AppData\Roaming\Acronis 2022-04-27 15:58 - 2022-04-26 11:44 - 00000000 ____D C:\Users\MaPomme\AppData\Local\VirtualStore 2022-04-27 15:57 - 2022-04-27 12:03 - 00000000 ____D C:\Users\MaPomme\AppData\Local\Videoder 2022-04-27 15:56 - 2022-04-27 15:56 - 00011696 ____A C:\ProgramData\-!RecOveR!-gxnjt++.Htm 2022-04-27 15:56 - 2022-04-27 15:56 - 00002443 ____A C:\ProgramData\-!RecOveR!-gxnjt++.Txt 2022-04-27 15:56 - 2022-04-27 15:56 - 00000264 ____A C:\Users\MaPomme\Documents\desctop._ini 2022-04-27 15:55 - 2022-04-27 15:55 - 00001262 ____A C:\Users\MaPomme\Desktop\Spybot - Search & Destroy.lnk 2022-04-27 15:55 - 2022-04-27 15:55 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2022-04-27 15:23 - 2022-04-27 15:23 - 00001852 ____A C:\Users\Public\Desktop\Vuze.lnk 2022-04-27 15:23 - 2022-04-27 15:23 - 00001845 ____A C:\Users\Public\Desktop\QuickTime Player.lnk 2022-04-27 15:23 - 2022-04-27 15:23 - 00000000 ____D C:\Program Files (x86)\Vuze 2022-04-27 15:23 - 2022-04-27 15:23 - 00000000 ____D C:\Program Files (x86)\QuickTime 2022-04-27 15:23 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64 2022-04-27 15:22 - 2022-04-27 15:22 - 00000000 ____D C:\Program Files (x86)\Apple Software Update 2022-04-27 15:20 - 2022-04-27 15:20 - 00001121 ____A C:\Users\MaPomme\Desktop\PC Speed Maximizer.lnk 2022-04-27 15:20 - 2022-04-27 15:20 - 00000965 ____A C:\Users\MaPomme\Desktop\IDA Pro Freeware.lnk 2022-04-27 15:20 - 2022-04-27 15:20 - 00000000 ____D C:\Program Files (x86)\PDF-to-Word 2022-04-27 15:20 - 2022-04-27 15:20 - 00000000 ____D C:\Program Files (x86)\PC Speed Maximizer 2022-04-27 15:20 - 2022-04-27 15:20 - 00000000 ____D C:\Program Files (x86)\IDA Freeware 4.3 2022-04-27 15:19 - 2022-04-27 15:19 - 00001530 ____A C:\Users\MaPomme\Desktop\Flash Decompiler Trillix.lnk 2022-04-27 15:19 - 2022-04-27 15:19 - 00001234 ____A C:\Users\Public\Desktop\Foxit Reader.lnk 2022-04-27 15:19 - 2022-04-27 15:19 - 00000202 ____A C:\Users\Public\Desktop\eBay.url 2022-04-27 15:19 - 2022-04-27 15:19 - 00000000 ____D C:\Windows\SysWOW64\Macromed 2022-04-27 15:19 - 2022-04-27 15:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2022-04-27 15:19 - 2022-04-27 15:19 - 00000000 ____D C:\Program Files (x86)\Foxit Software 2022-04-27 15:19 - 2022-04-27 15:19 - 00000000 ____D C:\Program Files (x86)\AskBarDis 2022-04-27 15:18 - 2022-04-27 15:18 - 00000000 ____D C:\Program Files (x86)\Eltima Software 2022-04-27 15:17 - 2022-04-27 15:17 - 00001182 ____A C:\Users\Public\Desktop\DivX Converter.lnk 2022-04-27 15:17 - 2022-04-27 15:17 - 00001146 ____A C:\Users\Public\Desktop\DivX Player.lnk 2022-04-27 15:17 - 2022-04-27 15:17 - 00000997 ____A C:\Users\Public\Desktop\eMule.lnk 2022-04-27 15:17 - 2022-04-27 15:17 - 00000000 ____D C:\Program Files\DivX 2022-04-27 15:17 - 2022-04-27 15:17 - 00000000 ____D C:\Program Files (x86)\eMule 2022-04-27 15:17 - 2022-04-27 15:16 - 00000000 ____D C:\Program Files (x86)\DivX 2022-04-27 15:16 - 2022-04-27 15:16 - 00001617 ____A C:\Users\MaPomme\Desktop\DivX Movies.lnk 2022-04-27 15:16 - 2022-04-27 15:16 - 00000000 ____D C:\Program Files (x86)\Google 2022-04-27 15:15 - 2022-04-27 15:15 - 00001889 ____A C:\Users\MaPomme\Desktop\CCleaner.lnk 2022-04-27 15:15 - 2022-04-27 15:15 - 00000000 ____D C:\Program Files (x86)\Yahoo! 2022-04-27 15:15 - 2022-04-27 15:15 - 00000000 ____D C:\Program Files (x86)\CCleaner 2022-04-27 15:12 - 2022-04-27 15:12 - 00002070 ____A C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk 2022-04-27 15:12 - 2022-04-27 15:12 - 00000000 ____D C:\Program Files (x86)\Avira 2022-04-27 14:46 - 2009-07-14 07:13 - 01524562 ____A C:\Windows\System32\PerfStringBackup.INI 2022-04-27 12:10 - 2022-04-27 12:10 - 00001954 ____A C:\Users\Public\Desktop\DAEMON Tools Lite.lnk 2022-04-27 12:09 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\DriverStore 2022-04-27 12:08 - 2022-04-27 12:08 - 00283200 ____A (DT Soft Ltd) C:\Windows\System32\Drivers\dtsoftbus01.sys 2022-04-27 12:08 - 2022-04-27 12:08 - 00000000 ____D C:\Program Files (x86)\DAEMON Tools Lite 2022-04-27 12:05 - 2022-04-27 12:05 - 00000000 ____D C:\Program Files (x86)\EditHexa 2022-04-27 12:03 - 2022-04-27 12:03 - 00000973 ____A C:\Users\MaPomme\Desktop\ResHacker.lnk 2022-04-27 11:59 - 2022-04-27 11:59 - 00000000 ____D C:\ProgramData\Package Cache 2022-04-27 11:59 - 2022-04-27 11:58 - 00000000 ____D C:\Program Files (x86)\InCtrl5 2022-04-27 11:55 - 2022-04-27 11:55 - 00001035 ____A C:\Users\MaPomme\Desktop\Ripp-it_AM.lnk 2022-04-27 11:55 - 2022-04-27 11:55 - 00000000 ____D C:\Program Files (x86)\Ripp-it_AM 2022-04-27 11:55 - 2022-04-27 11:55 - 00000000 ____D C:\Program Files (x86)\AviSynth 2.5 2022-04-27 11:54 - 2022-04-27 11:54 - 00002183 ____A C:\Users\Public\Desktop\Videoder.lnk 2022-04-27 11:54 - 2022-04-27 11:54 - 00000000 ____D C:\Program Files (x86)\Videoder 2022-04-27 11:53 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Registration 2022-04-27 11:51 - 2022-04-27 11:51 - 00000789 ____A C:\Users\MaPomme\Desktop\Start Tor Browser.lnk 2022-04-27 11:50 - 2022-04-27 11:50 - 00001335 ____A C:\Users\Public\Desktop\EaseUS Todo Backup Free.lnk 2022-04-27 11:48 - 2022-04-27 11:48 - 00000000 ____D C:\Program Files (x86)\EaseUS 2022-04-27 11:47 - 2022-04-27 11:47 - 00001076 ____A C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk 2022-04-27 11:47 - 2021-10-18 21:03 - 129071992 ____A (EaseUS ) C:\Users\MaPomme\Desktop\TB_Free_easeus.exe 2022-04-27 11:46 - 2022-04-27 11:46 - 00000000 ____D C:\Program Files\Oracle 2022-04-27 11:45 - 2022-04-27 11:45 - 00000836 ____A C:\Users\Public\Desktop\DiskGenius.lnk 2022-04-27 11:45 - 2022-04-27 11:45 - 00000000 ____D C:\Program Files\DiskGenius 2022-04-26 20:52 - 2022-04-26 20:52 - 01058632 ____A (Acronis International GmbH) C:\Windows\System32\Drivers\tib.sys 2022-04-26 20:52 - 2022-04-26 20:52 - 00304416 ____A (Acronis International GmbH) C:\Windows\System32\Drivers\snapman.sys 2022-04-26 20:52 - 2022-04-26 20:52 - 00296736 ____A (Acronis International GmbH) C:\Windows\System32\Drivers\file_tracker.sys 2022-04-26 20:52 - 2022-04-26 20:52 - 00248648 ____A (Acronis International GmbH) C:\Windows\System32\Drivers\tib_mounter.sys 2022-04-26 20:52 - 2022-04-26 20:52 - 00134432 ____A (Acronis International GmbH) C:\Windows\System32\Drivers\fltsrv.sys 2022-04-26 20:52 - 2022-04-26 20:52 - 00001205 ____A C:\Users\Public\Desktop\Acronis True Image 2015.lnk 2022-04-26 20:52 - 2022-04-26 20:52 - 00000000 ____D C:\Program Files (x86)\Acronis 2022-04-26 18:33 - 2022-04-26 18:33 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdFs_01_09_00.Wdf 2022-04-26 17:52 - 2022-04-26 17:40 - 00001024 ___AH C:\SYSTAG.BIN 2022-04-26 17:39 - 2022-04-26 17:39 - 00000946 ____A C:\Users\Public\Desktop\AOMEI Backupper.lnk 2022-04-26 17:38 - 2022-04-26 17:38 - 00000000 ____D C:\Program Files (x86)\AOMEI 2022-04-26 15:44 - 2010-11-21 05:24 - 01008640 ____A (Microsoft Corporation) C:\Windows\System32\user32.dll 2022-04-26 15:44 - 2010-11-21 05:24 - 00833024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll 2022-04-26 15:44 - 2010-11-21 05:24 - 00419840 ____A (Microsoft Corporation) C:\Windows\System32\systemcpl.dll 2022-04-26 15:44 - 2010-11-21 05:24 - 00014848 ____A (Microsoft Corporation) C:\Windows\System32\slwga.dll 2022-04-26 15:44 - 2010-11-21 05:23 - 00013824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\slwga.dll 2022-04-26 15:44 - 2009-07-14 06:45 - 00016832 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2022-04-26 15:44 - 2009-07-14 06:45 - 00016832 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2022-04-26 15:40 - 2022-04-26 15:12 - 00000000 ____D C:\Program Files (x86)\Realtek 2022-04-26 15:40 - 2022-04-26 15:06 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2022-04-26 15:39 - 2022-04-26 15:06 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard 2022-04-26 15:39 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Help 2022-04-26 15:38 - 2022-04-26 15:38 - 00002179 ____A C:\Users\Public\Desktop\HP Support Assistant.lnk 2022-04-26 15:36 - 2022-04-26 15:36 - 00057560 ____A C:\Users\MaPomme\AppData\Local\GDIPFONTCACHEV1.DAT 2022-04-26 15:36 - 2022-04-26 15:35 - 00000386 ____A C:\UsbRecovery.log 2022-04-26 15:29 - 2022-04-26 15:29 - 00000646 ____A C:\Users\MaPomme\Desktop\Total Commander 64 bit.lnk 2022-04-26 15:29 - 2022-04-26 15:29 - 00000632 ____A C:\Users\MaPomme\Desktop\Total Commander.lnk 2022-04-26 15:23 - 2022-04-26 15:23 - 00000000 ____A C:\Users\MaPomme\AppData\Local\QSwitch.txt 2022-04-26 15:23 - 2022-04-26 15:23 - 00000000 ____A C:\Users\MaPomme\AppData\Local\DSwitch.txt 2022-04-26 15:23 - 2022-04-26 15:23 - 00000000 ____A C:\Users\MaPomme\AppData\Local\AtStart.txt 2022-04-26 15:22 - 2022-04-26 15:22 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_SynTP_01009.Wdf 2022-04-26 15:22 - 2022-04-26 15:13 - 00014574 ____A C:\Windows\DPINST.LOG 2022-04-26 15:19 - 2022-04-26 15:19 - 00000000 ____D C:\Program Files (x86)\HP USB TV Tuner 2022-04-26 15:17 - 2022-04-26 15:17 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_SynTP_01007.Wdf 2022-04-26 15:16 - 2022-04-26 15:16 - 00000000 ____D C:\Program Files\Synaptics 2022-04-26 15:13 - 2022-04-26 15:13 - 00000000 ____D C:\Program Files\DIFX 2022-04-26 15:13 - 2022-04-26 15:13 - 00000000 ____D C:\Program Files (x86)\AMD 2022-04-26 15:11 - 2022-04-26 15:11 - 00000000 ____D C:\Windows\System32\nn-NO 2022-04-26 15:11 - 2022-04-26 15:11 - 00000000 ____D C:\Program Files (x86)\Cisco 2022-04-26 15:11 - 2022-04-26 15:11 - 00000000 ____D C:\Program Files (x86)\Atheros 2022-04-26 15:11 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\zh-TW 2022-04-26 15:11 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\zh-CN 2022-04-26 15:11 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\tr-TR 2022-04-26 15:11 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\sv-SE 2022-04-26 15:11 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\ru-RU 2022-04-26 15:11 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\pt-PT 2022-04-26 15:11 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\pl-PL 2022-04-26 15:11 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\nl-NL 2022-04-26 15:11 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\ko-KR 2022-04-26 15:11 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\ja-JP 2022-04-26 15:11 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\it-IT 2022-04-26 15:11 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\hu-HU 2022-04-26 15:11 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\fr-FR 2022-04-26 15:11 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\fi-FI 2022-04-26 15:11 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\el-GR 2022-04-26 15:11 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\de-DE 2022-04-26 15:10 - 2022-04-26 15:10 - 00006656 ____A C:\Windows\System32\bcmwlrc.dll 2022-04-26 15:10 - 2022-04-26 15:10 - 00000000 ____D C:\Program Files\Broadcom 2022-04-26 15:10 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\zh-HK 2022-04-26 15:10 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\th-TH 2022-04-26 15:10 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\sl-SI 2022-04-26 15:10 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\sk-SK 2022-04-26 15:10 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\ro-RO 2022-04-26 15:10 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\pt-BR 2022-04-26 15:10 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\nb-NO 2022-04-26 15:10 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\lv-LV 2022-04-26 15:10 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\lt-LT 2022-04-26 15:10 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\hr-HR 2022-04-26 15:10 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\he-IL 2022-04-26 15:10 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\et-EE 2022-04-26 15:10 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\bg-BG 2022-04-26 15:10 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\ar-SA 2022-04-26 15:08 - 2022-04-26 15:08 - 00000000 ____D C:\Program Files\IDT 2022-04-26 15:07 - 2022-04-26 15:07 - 00000000 ____D C:\Windows\System32\SRSLabs 2022-04-26 15:07 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\System32\restore 2022-04-26 15:06 - 2022-04-26 15:06 - 00000000 _RASH C:\Windows\System32\Drivers\103C_HP_cNB_Presario CQ61 Notebook PC_Y5335KV_0U_QCNF9468D76_EU_4A_I363F_SQuanta_V42.14_F.07_T091010_WU3-1_L40C_M3837_J128_7AMD_8F62_92.00_#220426_N10EC8136;168C002B_(VU001EA#ABF)_XMOBILE_CN10_Z.MRK 2022-04-26 14:58 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\LogFiles 2022-04-26 12:28 - 2022-04-26 12:28 - 00008192 _RASH C:\BOOTSECT.BAK 2022-04-26 12:28 - 2009-07-14 07:38 - 00025600 __ASH C:\Windows\System32\config\BCD-Template.LOG 2022-04-26 12:28 - 2009-07-14 07:32 - 00028672 ____A C:\Windows\System32\config\BCD-Template 2022-04-26 11:44 - 2022-04-26 12:28 - 00000000 ____D C:\Windows\Panther 2022-04-26 11:44 - 2022-04-26 11:44 - 00000020 ___SH C:\Users\MaPomme\ntuser.ini 2022-04-26 11:44 - 2022-04-26 11:44 - 00000000 __SHD C:\Users\Public\Documents\Mes vidéos 2022-04-26 11:44 - 2022-04-26 11:44 - 00000000 __SHD C:\Users\Public\Documents\Mes images 2022-04-26 11:44 - 2022-04-26 11:44 - 00000000 __SHD C:\Users\Public\Documents\Ma musique 2022-04-26 11:44 - 2022-04-26 11:44 - 00000000 __SHD C:\Users\MaPomme\Voisinage réseau 2022-04-26 11:44 - 2022-04-26 11:44 - 00000000 __SHD C:\Users\MaPomme\Voisinage d'impression 2022-04-26 11:44 - 2022-04-26 11:44 - 00000000 __SHD C:\Users\MaPomme\Modèles 2022-04-26 11:44 - 2022-04-26 11:44 - 00000000 __SHD C:\Users\MaPomme\Menu Démarrer 2022-04-26 11:44 - 2022-04-26 11:44 - 00000000 __SHD C:\Users\MaPomme\Documents\Mes vidéos 2022-04-26 11:44 - 2022-04-26 11:44 - 00000000 __SHD C:\Users\MaPomme\Documents\Mes images 2022-04-26 11:44 - 2022-04-26 11:44 - 00000000 __SHD C:\Users\MaPomme\Documents\Ma musique 2022-04-26 11:44 - 2022-04-26 11:44 - 00000000 __SHD C:\Users\MaPomme\AppData\Local\Historique 2022-04-26 11:44 - 2022-04-26 11:44 - 00000000 __SHD C:\Users\Default\Voisinage réseau 2022-04-26 11:44 - 2022-04-26 11:44 - 00000000 __SHD C:\Users\Default\Voisinage d'impression 2022-04-26 11:44 - 2022-04-26 11:44 - 00000000 __SHD C:\Users\Default\Modèles 2022-04-26 11:44 - 2022-04-26 11:44 - 00000000 __SHD C:\Users\Default\Menu Démarrer 2022-04-26 11:44 - 2022-04-26 11:44 - 00000000 __SHD C:\Users\Default\Documents\Mes vidéos 2022-04-26 11:44 - 2022-04-26 11:44 - 00000000 __SHD C:\Users\Default\Documents\Mes images 2022-04-26 11:44 - 2022-04-26 11:44 - 00000000 __SHD C:\Users\Default\Documents\Ma musique 2022-04-26 11:44 - 2022-04-26 11:44 - 00000000 __SHD C:\Users\Default\AppData\Local\Historique 2022-04-26 11:44 - 2022-04-26 11:44 - 00000000 __SHD C:\Users\Default User\Documents\Mes vidéos 2022-04-26 11:44 - 2022-04-26 11:44 - 00000000 __SHD C:\Users\Default User\Documents\Mes images 2022-04-26 11:44 - 2022-04-26 11:44 - 00000000 __SHD C:\Users\Default User\Documents\Ma musique 2022-04-26 11:44 - 2022-04-26 11:44 - 00000000 __SHD C:\Users\Default User\AppData\Local\Historique 2022-04-26 11:44 - 2022-04-26 11:44 - 00000000 __SHD C:\Recovery 2022-04-26 11:44 - 2022-04-26 11:44 - 00000000 __SHD C:\ProgramData\Modèles 2022-04-26 11:44 - 2022-04-26 11:44 - 00000000 __SHD C:\ProgramData\Menu Démarrer 2022-04-26 11:44 - 2022-04-26 11:44 - 00000000 __SHD C:\ProgramData\Favoris 2022-04-26 11:44 - 2022-04-26 11:44 - 00000000 __SHD C:\ProgramData\Bureau 2022-04-26 11:44 - 2022-04-26 11:44 - 00000000 __SHD C:\Program Files\Fichiers communs 2022-04-26 11:44 - 2009-07-14 05:20 - 00000000 __RHD C:\users\Default 2022-04-26 11:44 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\Recovery 2022-04-26 11:44 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Windows NT 2022-04-26 11:34 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Microsoft.NET 2022-04-26 11:32 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache 2022-04-26 11:31 - 2009-07-14 06:45 - 00274464 ____A C:\Windows\System32\FNTCACHE.DAT 2022-04-26 11:30 - 2022-04-26 11:30 - 00001355 ____A C:\Windows\TSSysprep.log 2022-04-26 11:30 - 2009-07-14 06:46 - 00002790 ____A C:\Windows\DtcInstall.log 2022-04-15 09:05 - 2022-04-27 11:50 - 00555656 ____A (CHENGDU YIWO Tech Development Co., Ltd) C:\Windows\System32\Drivers\EuFdDisk.sys 2022-04-15 09:05 - 2022-04-27 11:50 - 00075912 ____A (CHENGDU YIWO Tech Development Co., Ltd) C:\Windows\System32\Drivers\eubakup.sys 2022-04-15 09:05 - 2022-04-27 11:50 - 00054920 ____A C:\Windows\System32\Drivers\EUBKMON.sys 2022-04-15 09:05 - 2022-04-27 11:50 - 00036488 ____A (CHENGDU YIWO Tech Development Co., Ltd) C:\Windows\System32\Drivers\EuFdMount.sys 2022-04-15 09:05 - 2022-04-27 11:50 - 00023688 ____A (CHENGDU YIWO Tech Development Co., Ltd) C:\Windows\System32\Drivers\eudskacs.sys 2022-04-15 09:04 - 2022-04-27 11:48 - 00028808 ____A (CHENGDU YIWO Tech Development Co., Ltd) C:\Windows\System32\fbnative.exe ==================== Known DLLs (Whitelisted) ============ ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe [2010-11-21 05:24] - [2010-11-21 05:24] - 2872320 ____A (Microsoft Corporation) AC4C51EB24AA95B77F705AB159189E24 C:\Windows\System32\winlogon.exe [2010-11-21 05:24] - [2010-11-21 05:24] - 0390656 ____A (Microsoft Corporation) 1151B1BAA6F350B1DB6598E0FEA7C457 C:\Windows\System32\wininit.exe [2009-07-14 01:52] - [2009-07-14 03:39] - 0129024 ____A (Microsoft Corporation) 94355C28C1970635A31B3FE52EB7CEBA C:\Windows\System32\svchost.exe [2009-07-14 01:31] - [2009-07-14 03:39] - 0027136 ____A (Microsoft Corporation) C78655BC80301D76ED4FEF1C1EA40A7D C:\Windows\System32\services.exe [2009-07-14 01:19] - [2009-07-14 03:39] - 0328704 ____A (Microsoft Corporation) 24ACB7E5BE595468E3B9AA488B9B4FCB C:\Windows\System32\User32.dll [2010-11-21 05:24] - [2022-04-26 15:44] - 1008640 ____A (Microsoft Corporation) 2C353B6CE0C8D03225CAA2AF33B68D79 C:\Windows\System32\userinit.exe [2010-11-21 05:24] - [2010-11-21 05:24] - 0030720 ____A (Microsoft Corporation) BAFE84E637BF7388C96EF48D4D3FDD53 C:\Windows\System32\Drivers\volsnap.sys [2010-11-21 05:23] - [2010-11-21 05:23] - 0295808 ____A (Microsoft Corporation) 0D08D2F3B3FF84E433346669B5E0F639 ==================== EXE ASSOCIATION ===================== HKLM\...\.exe: exefile => OK HKLM\...\exefile\DefaultIcon: %1 => OK HKLM\...\exefile\open\command: "%1" %* => OK ==================== Restore Points ========================= ==================== BCD ================================ Gestionnaire de d‚marrage Windows --------------------------------- identificateur {bootmgr} device partition=C: description Windows Boot Manager locale fr-FR inherit {globalsettings} default {default} resumeobject {96aa411e-c54b-11ec-98e5-b99efb034655} displayorder {default} toolsdisplayorder {memdiag} timeout 30 Chargeur de d‚marrage Windows ----------------------------- identificateur {default} device partition=C: path \Windows\system32\winload.exe description Windows 7 locale fr-FR inherit {bootloadersettings} recoverysequence {96aa4120-c54b-11ec-98e5-b99efb034655} recoveryenabled Yes osdevice partition=C: systemroot \Windows resumeobject {96aa411e-c54b-11ec-98e5-b99efb034655} nx OptIn Chargeur de d‚marrage Windows ----------------------------- identificateur {96aa4120-c54b-11ec-98e5-b99efb034655} device ramdisk=[C:]\Recovery\96aa4120-c54b-11ec-98e5-b99efb034655\Winre.wim,{96aa4121-c54b-11ec-98e5-b99efb034655} path \windows\system32\winload.exe description Windows Recovery Environment inherit {bootloadersettings} osdevice ramdisk=[C:]\Recovery\96aa4120-c54b-11ec-98e5-b99efb034655\Winre.wim,{96aa4121-c54b-11ec-98e5-b99efb034655} systemroot \windows nx OptIn winpe Yes Reprendre … partir de la mise en veille prolong‚e ------------------------------------------------- identificateur {96aa411e-c54b-11ec-98e5-b99efb034655} device partition=C: path \Windows\system32\winresume.exe description Windows Resume Application locale fr-FR inherit {resumeloadersettings} filedevice partition=C: filepath \hiberfil.sys debugoptionenabled No Testeur de m‚moire Windows -------------------------- identificateur {memdiag} device partition=C: path \boot\memtest.exe description Diagnostics m‚moire Windows locale fr-FR inherit {globalsettings} badmemoryaccess Yes ParamŠtres EMS -------------- identificateur {emssettings} bootems Yes ParamŠtres du d‚bogueur ----------------------- identificateur {dbgsettings} debugtype Serial debugport 1 baudrate 115200 Erreurs de m‚moire RAM ---------------------- identificateur {badmemory} ParamŠtres globaux ------------------ identificateur {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} ParamŠtres du chargeur de d‚marrage ----------------------------------- identificateur {bootloadersettings} inherit {globalsettings} {hypervisorsettings} ParamŠtres de l'hyperviseur ------------------- identificateur {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 ParamŠtres du chargeur de reprise --------------------------------- identificateur {resumeloadersettings} inherit {globalsettings} Options de p‚riph‚rique ----------------------- identificateur {96aa4121-c54b-11ec-98e5-b99efb034655} description Ramdisk Options ramdisksdidevice partition=C: ramdisksdipath \Recovery\96aa4120-c54b-11ec-98e5-b99efb034655\boot.sdi ==================== Memory info =========================== Percentage of memory in use: 16% Total physical RAM: 3580.2 MB Available physical RAM: 2992.02 MB Total Pagefile: 3578.48 MB Available Pagefile: 2999.18 MB Total Virtual: 2047.88 MB Available Virtual: 1912.98 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:119.24 GB) (Free:99.29 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive e: (TOSHIBA EXT) (Fixed) (Total:931.51 GB) (Free:732.01 GB) NTFS Drive x: (Boot) (Fixed) (Total:0.25 GB) (Free:0.25 GB) NTFS Drive y: () (Removable) (Total:7.21 GB) (Free:6.58 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119 GB) (Disk ID: E22286D5) Partition 1: (Active) - (Size=119 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 7 GB) (Disk ID: 002A33F4) Partition 1: (Active) - (Size=7 GB) - (Type=07 NTFS) ======================================================== Disk: 2 (Size: 932 GB) (Disk ID: D2E50B87) Partition 1: (Active) - (Size=932 GB) - (Type=07 NTFS) LastRegBack: 2022-04-26 11:29 ==================== End Of Log ============================