This topic is locked
Hi guys I would appreciate if someone could help me get rid of this virus. here's my logs:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 2:38:53 AM, on 4/28/2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10586.0020)
Boot mode: Normal
Running processes:
C:\Users\deco\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
C:\Users\deco\Desktop\Virus Tools\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft..../?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110902204322.dll
O2 - BHO: FLVBlaster.FLVBlasterIEAddon - {807ca0aa-7cb3-4f03-bd61-076f618cc82d} - mscoree.dll (file missing)
O2 - BHO: G-Buster Browser Defense Unibanco - {C41A1C0E-EA6C-11D4-B1B8-444553540008} - C:\Windows\Downloaded Program Files\gbiehuni.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~3\Office15\GROOVEEX.DLL
O4 - HKLM\..\Run: [Hotkey Utility] C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [RealDownloader] C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\deco\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [iCloudDrive] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
O4 - HKCU\..\Run: [iCloudPhotos] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
O4 - HKCU\..\Run: [OneDrive] "C:\Users\deco\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.11.163\SSScheduler.exe
O4 - Global Startup: RealPlayer Cloud Service UI.lnk = C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe
O8 - Extra context menu item: Download with FLV Blaster - C:\Users\deco\AppData\Roaming\FLV2PC\Internet Explorer\script.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.connectify.me
O15 - ESC Trusted Zone: http://*.fastspring.com
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset...lineScanner.cab
O16 - DPF: {E37CB5F0-51F5-4395-A808-5FA49E399008} (GbPluginObj Class) - https://clickbanking...GbPluginUni.cab
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Fast Track Audio Device Monitor (FastTrackAudioDevMon) - M-Audio - C:\Program Files (x86)\M-Audio\Fast Track\AudioDevMon.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Freemake Improver - Freemake - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intuit Update Service v4 (IntuitUpdateServiceV4) - Intuit Inc. - C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.11.163\McCHSvc.exe
O23 - Service: McShield - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NIHardwareService - Native Instruments GmbH - C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
O23 - Service: PACE License Services (PaceLicenseDServices) - PACE Anti-Piracy, Inc. - C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: RealPlayer Cloud Service - RealNetworks, Inc. - C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
O23 - Service: RealPlayer Update Service (RealPlayerUpdateSvc) - Unknown owner - C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Update service - Popcorn Time - C:\Program Files (x86)\Popcorn Time\Updater.exe
O23 - Service: Updater Service - Acer Group - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 13166 bytes
OTL logfile created on: 4/28/2016 12:10:23 AM - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\deco\Desktop\Virus Tools
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.10586.0)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.97 Gb Total Physical Memory | 2.12 Gb Available Physical Memory | 53.40% Memory free
7.97 Gb Paging File | 6.11 Gb Available in Paging File | 76.66% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 911.88 Gb Total Space | 634.97 Gb Free Space | 69.63% Space Free | Partition Type: NTFS
Computer Name: DECO-PC | User Name: deco | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - File not found --
PRC - [2016/04/27 00:15:48 | 000,303,000 | ---- | M] () -- C:\ProgramData\vreXjvX\protect\protect.exe
PRC - [2016/04/25 23:49:26 | 000,574,672 | ---- | M] (WFini LIMITED) -- C:\ProgramData\6winp6\WFini.exe
PRC - [2016/04/24 23:54:32 | 000,376,592 | ---- | M] (tsvr.com) -- C:\Users\deco\AppData\Roaming\TSv\TSvr.exe
PRC - [2016/04/23 11:15:56 | 000,554,176 | ---- | M] (Microsoft Corporation) -- C:\Users\deco\AppData\Local\Microsoft\OneDrive\OneDrive.exe
PRC - [2016/04/19 18:59:27 | 000,144,384 | ---- | M] () -- C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
PRC - [2016/03/10 14:07:20 | 009,926,112 | ---- | M] (Malwarebytes) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
PRC - [2015/12/14 04:48:02 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2015/12/08 19:51:25 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\deco\Desktop\Virus Tools\OTL.exe
PRC - [2015/10/30 04:19:59 | 000,166,912 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
PRC - [2015/10/19 14:53:04 | 000,339,968 | ---- | M] (Popcorn Time) -- C:\Program Files (x86)\Popcorn Time\Updater.exe
PRC - [2014/11/07 09:07:01 | 000,266,824 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\realplay.exe
PRC - [2014/11/07 09:06:51 | 001,141,848 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
PRC - [2014/11/07 09:06:44 | 000,296,520 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
PRC - [2014/10/30 01:41:44 | 000,031,856 | ---- | M] () -- C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
PRC - [2014/10/29 15:06:54 | 000,560,192 | ---- | M] () -- C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
PRC - [2014/10/26 18:59:24 | 000,039,568 | ---- | M] () -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
PRC - [2014/09/18 14:16:34 | 000,014,624 | ---- | M] (Intuit Inc.) -- C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
PRC - [2013/05/21 17:33:20 | 001,962,768 | ---- | M] (M-Audio) -- C:\Program Files (x86)\M-Audio\Fast Track\AudioDevMon.exe
PRC - [2012/05/18 01:23:36 | 002,938,880 | ---- | M] (PACE Anti-Piracy, Inc.) -- C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
PRC - [2010/08/04 09:40:12 | 000,611,872 | ---- | M] () -- C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
PRC - [2010/01/28 20:27:36 | 000,243,232 | ---- | M] (Acer Group) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe
PRC - [2009/06/04 23:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
========== Modules (No Company Name) ==========
MOD - [2016/04/23 11:15:54 | 000,679,624 | ---- | M] () -- C:\Users\deco\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\ClientTelemetry.dll
MOD - [2016/04/19 18:59:27 | 022,284,800 | ---- | M] () -- C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
MOD - [2016/04/19 18:59:27 | 000,144,384 | ---- | M] () -- C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
MOD - [2016/04/19 18:59:27 | 000,141,312 | ---- | M] () -- C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
MOD - [2015/09/15 09:58:36 | 008,901,184 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll
MOD - [2014/10/29 15:07:02 | 000,065,600 | ---- | M] () -- C:\Program Files (x86)\RealNetworks\RealDownloader\dtvhooks.dll
MOD - [2014/10/29 15:06:54 | 000,560,192 | ---- | M] () -- C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
MOD - [2014/10/29 15:01:58 | 001,382,048 | ---- | M] () -- C:\Program Files (x86)\RealNetworks\RealDownloader\cpprest100_1_2.dll
MOD - [2010/08/04 09:40:12 | 000,611,872 | ---- | M] () -- C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
MOD - [2010/08/04 06:47:32 | 000,144,896 | ---- | M] () -- C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyHook.dll
========== Services (SafeList) ==========
SRV:64bit: - [2016/04/04 09:28:28 | 001,443,520 | ---- | M] (Disc Soft Ltd) [On_Demand | Running] -- C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe -- (Disc Soft Lite Bus Service)
SRV:64bit: - [2016/04/02 00:21:17 | 000,498,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\tileobjserver.dll -- (tiledatamodelsvc)
SRV:64bit: - [2016/04/02 00:15:47 | 001,090,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\RDXService.dll -- (RetailDemo)
SRV:64bit: - [2016/04/02 00:07:41 | 002,158,592 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2016/03/29 04:51:06 | 000,087,040 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tzautoupdate.dll -- (tzautoupdate)
SRV:64bit: - [2016/03/29 04:50:15 | 000,066,560 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\moshost.dll -- (MapsBroker)
SRV:64bit: - [2016/03/29 04:38:23 | 000,207,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NetSetupSvc.dll -- (NetSetupSvc)
SRV:64bit: - [2016/03/29 04:27:45 | 000,339,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SensorService.dll -- (SensorService)
SRV:64bit: - [2016/03/29 04:20:21 | 000,948,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XblAuthManager.dll -- (XblAuthManager)
SRV:64bit: - [2016/03/29 04:13:03 | 000,587,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2016/03/29 03:32:15 | 001,098,240 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dosvc.dll -- (DoSvc)
SRV:64bit: - [2016/03/29 02:45:48 | 000,338,432 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2016/02/24 06:34:50 | 001,613,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:64bit: - [2016/02/24 06:28:35 | 003,449,168 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2016/02/24 05:43:01 | 000,625,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ClipSVC.dll -- (ClipSVC)
SRV:64bit: - [2016/02/24 04:19:10 | 000,145,408 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dssvc.dll -- (DsSvc)
SRV:64bit: - [2016/02/24 04:07:53 | 000,252,928 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\PimIndexMaintenance.dll -- (PimIndexMaintenanceSvc)
SRV:64bit: - [2016/02/24 03:59:32 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2016/02/24 03:40:53 | 001,224,704 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\Unistore.dll -- (UnistoreSvc)
SRV:64bit: - [2016/02/24 03:18:37 | 001,490,432 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\UserDataService.dll -- (UserDataSvc)
SRV:64bit: - [2016/02/23 06:20:41 | 001,139,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XblGameSave.dll -- (XblGameSave)
SRV:64bit: - [2016/02/23 06:17:08 | 000,649,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ngcsvc.dll -- (NgcSvc)
SRV:64bit: - [2016/02/23 05:29:35 | 000,591,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SmsRouterSvc.dll -- (SmsRouter)
SRV:64bit: - [2016/02/23 05:28:32 | 000,275,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2016/02/23 05:20:42 | 000,847,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2016/02/23 05:20:36 | 000,606,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2016/02/23 04:58:02 | 000,163,840 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2016/01/16 02:24:56 | 002,057,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2016/01/04 22:49:33 | 000,749,056 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PhoneService.dll -- (PhoneSvc)
SRV:64bit: - [2016/01/04 22:43:47 | 000,912,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\usermgr.dll -- (UserManager)
SRV:64bit: - [2015/12/12 10:21:40 | 000,162,304 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tetheringservice.dll -- (icssvc)
SRV:64bit: - [2015/12/12 10:17:07 | 000,084,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\inetsrv\w3logsvc.dll -- (w3logsvc)
SRV:64bit: - [2015/12/12 10:17:00 | 000,026,624 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mqsvc.exe -- (MSMQ)
SRV:64bit: - [2015/12/07 01:15:40 | 001,035,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XboxNetApiSvc.dll -- (XboxNetApiSvc)
SRV:64bit: - [2015/10/30 04:19:28 | 000,075,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2015/10/30 04:19:26 | 000,504,320 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2015/10/30 04:19:26 | 000,497,664 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WalletService.dll -- (WalletService)
SRV:64bit: - [2015/10/30 04:18:46 | 000,168,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2015/10/30 04:18:43 | 001,872,896 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2015/10/30 04:18:41 | 000,117,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2015/10/30 04:18:19 | 001,297,408 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SensorDataService.exe -- (SensorDataService)
SRV:64bit: - [2015/10/30 04:18:18 | 000,729,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2015/10/30 04:18:14 | 000,081,408 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2015/10/30 04:18:01 | 000,289,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NgcCtnrSvc.dll -- (NgcCtnrSvc)
SRV:64bit: - [2015/10/30 04:18:01 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wpnservice.dll -- (WpnService)
SRV:64bit: - [2015/10/30 04:18:01 | 000,034,304 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DevQueryBroker.dll -- (DevQueryBroker)
SRV:64bit: - [2015/10/30 04:18:01 | 000,027,136 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lfsvc.dll -- (lfsvc)
SRV:64bit: - [2015/10/30 04:18:01 | 000,022,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\LicenseManagerSvc.dll -- (LicenseManager)
SRV:64bit: - [2015/10/30 04:17:59 | 002,745,856 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\Windows.StateRepository.dll -- (StateRepository)
SRV:64bit: - [2015/10/30 04:17:59 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\embeddedmodesvc.dll -- (embeddedmode)
SRV:64bit: - [2015/10/30 04:17:59 | 000,023,040 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AJRouter.dll -- (AJRouter)
SRV:64bit: - [2015/10/30 04:17:58 | 000,764,976 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\CoreMessaging.dll -- (CoreMessagingRegistrar)
SRV:64bit: - [2015/10/30 04:17:58 | 000,287,744 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\cdpsvc.dll -- (CDPSvc)
SRV:64bit: - [2015/10/30 04:17:54 | 000,360,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\usocore.dll -- (UsoSvc)
SRV:64bit: - [2015/10/30 04:17:53 | 000,097,792 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2015/10/30 04:17:53 | 000,060,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2015/10/30 04:17:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2015/10/30 04:17:52 | 000,181,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2015/10/30 04:17:51 | 000,031,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe -- (diagnosticshub.standardcollector.service)
SRV:64bit: - [2015/10/30 04:17:50 | 000,342,016 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\APHostService.dll -- (OneSyncSvc)
SRV:64bit: - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (UserDataSvc_c25f902)
SRV:64bit: - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (UserDataSvc_c1ea93f)
SRV:64bit: - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (UserDataSvc_b373ecd)
SRV:64bit: - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (UserDataSvc_9b831b)
SRV:64bit: - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (UserDataSvc_92b9988)
SRV:64bit: - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (UserDataSvc_8813b)
SRV:64bit: - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (UserDataSvc_7b374)
SRV:64bit: - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (UserDataSvc_779a392)
SRV:64bit: - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (UserDataSvc_6e717)
SRV:64bit: - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (UserDataSvc_488fcf4)
SRV:64bit: - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (UserDataSvc_3cec53b)
SRV:64bit: - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (UserDataSvc_39abea1)
SRV:64bit: - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (UserDataSvc_2d9d5bd)
SRV:64bit: - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (UserDataSvc_2aca6610)
SRV:64bit: - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (UserDataSvc_263866)
SRV:64bit: - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (UserDataSvc_1f11813)
SRV:64bit: - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (UserDataSvc_1ac00272)
SRV:64bit: - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (UserDataSvc_14973560)
SRV:64bit: - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (UnistoreSvc_c25f902)
SRV:64bit: - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (UnistoreSvc_c1ea93f)
SRV:64bit: - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (UnistoreSvc_b373ecd)
SRV:64bit: - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (UnistoreSvc_9b831b)
SRV:64bit: - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (UnistoreSvc_92b9988)
SRV:64bit: - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (UnistoreSvc_8813b)
SRV:64bit: - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (UnistoreSvc_7b374)
SRV:64bit: - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (UnistoreSvc_779a392)
SRV:64bit: - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (UnistoreSvc_6e717)
SRV:64bit: - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (UnistoreSvc_488fcf4)
SRV:64bit: - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (UnistoreSvc_3cec53b)
SRV:64bit: - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (UnistoreSvc_39abea1)
SRV:64bit: - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (UnistoreSvc_2d9d5bd)
SRV:64bit: - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (UnistoreSvc_2aca6610)
SRV:64bit: - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (UnistoreSvc_263866)
SRV:64bit: - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (UnistoreSvc_1f11813)
SRV:64bit: - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (UnistoreSvc_1ac00272)
SRV:64bit: - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (UnistoreSvc_14973560)
SRV:64bit: - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (PimIndexMaintenanceSvc_c25f902)
SRV:64bit: - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (PimIndexMaintenanceSvc_c1ea93f)
SRV:64bit: - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (PimIndexMaintenanceSvc_b373ecd)
SRV:64bit: - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (PimIndexMaintenanceSvc_9b831b)
SRV:64bit: - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (PimIndexMaintenanceSvc_92b9988)
SRV:64bit: - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (PimIndexMaintenanceSvc_8813b)
SRV:64bit: - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (PimIndexMaintenanceSvc_7b374)
SRV:64bit: - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (PimIndexMaintenanceSvc_779a392)
SRV:64bit: - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (PimIndexMaintenanceSvc_6e717)
SRV:64bit: - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (PimIndexMaintenanceSvc_488fcf4)
SRV:64bit: - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (PimIndexMaintenanceSvc_3cec53b)
SRV:64bit: - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (PimIndexMaintenanceSvc_39abea1)
SRV:64bit: - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (PimIndexMaintenanceSvc_2d9d5bd)
SRV:64bit: - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (PimIndexMaintenanceSvc_2aca6610)
SRV:64bit: - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (PimIndexMaintenanceSvc_263866)
SRV:64bit: - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (PimIndexMaintenanceSvc_1f11813)
SRV:64bit: - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (PimIndexMaintenanceSvc_1ac00272)
SRV:64bit: - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (PimIndexMaintenanceSvc_14973560)
SRV:64bit: - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\svchost.exe -- (OneSyncSvc_c25f902)
SRV:64bit: - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\svchost.exe -- (OneSyncSvc_c1ea93f)
SRV:64bit: - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\svchost.exe -- (OneSyncSvc_b373ecd)
SRV:64bit: - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\svchost.exe -- (OneSyncSvc_9b831b)
SRV:64bit: - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\svchost.exe -- (OneSyncSvc_92b9988)
SRV:64bit: - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\svchost.exe -- (OneSyncSvc_8813b)
SRV:64bit: - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\svchost.exe -- (OneSyncSvc_7b374)
SRV:64bit: - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\svchost.exe -- (OneSyncSvc_779a392)
SRV:64bit: - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\svchost.exe -- (OneSyncSvc_6e717)
SRV:64bit: - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\svchost.exe -- (OneSyncSvc_488fcf4)
SRV:64bit: - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\svchost.exe -- (OneSyncSvc_3cec53b)
SRV:64bit: - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\svchost.exe -- (OneSyncSvc_39abea1)
SRV:64bit: - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\svchost.exe -- (OneSyncSvc_2d9d5bd)
SRV:64bit: - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\svchost.exe -- (OneSyncSvc_2aca6610)
SRV:64bit: - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\svchost.exe -- (OneSyncSvc_263866)
SRV:64bit: - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\svchost.exe -- (OneSyncSvc_1f11813)
SRV:64bit: - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\svchost.exe -- (OneSyncSvc_1ac00272)
SRV:64bit: - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\svchost.exe -- (OneSyncSvc_14973560)
SRV:64bit: - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (MessagingService_c25f902)
SRV:64bit: - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (MessagingService_c1ea93f)
SRV:64bit: - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (MessagingService_b373ecd)
SRV:64bit: - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (MessagingService_9b831b)
SRV:64bit: - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (MessagingService_92b9988)
SRV:64bit: - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (MessagingService_8813b)
SRV:64bit: - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (MessagingService_7b374)
SRV:64bit: - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (MessagingService_779a392)
SRV:64bit: - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (MessagingService_6e717)
SRV:64bit: - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (MessagingService_488fcf4)
SRV:64bit: - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (MessagingService_3cec53b)
SRV:64bit: - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (MessagingService_39abea1)
SRV:64bit: - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (MessagingService_2d9d5bd)
SRV:64bit: - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (MessagingService_2aca6610)
SRV:64bit: - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (MessagingService_263866)
SRV:64bit: - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (MessagingService_1f11813)
SRV:64bit: - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (MessagingService_1ac00272)
SRV:64bit: - [2015/10/30 04:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (MessagingService_14973560)
SRV:64bit: - [2015/10/30 04:17:48 | 000,444,928 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2015/10/30 04:17:48 | 000,205,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2015/10/30 04:17:47 | 000,023,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2015/10/30 04:17:46 | 000,290,304 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\TieringEngineService.exe -- (TieringEngineService)
SRV:64bit: - [2015/10/30 04:17:46 | 000,186,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dcpsvc.dll -- (DcpSvc)
SRV:64bit: - [2015/10/30 04:17:46 | 000,118,784 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2015/10/30 04:17:46 | 000,013,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2015/10/30 04:17:45 | 000,313,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\EnterpriseAppMgmtSvc.dll -- (EntAppSvc)
SRV:64bit: - [2015/10/30 04:17:43 | 000,278,016 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Windows.Internal.Management.dll -- (DmEnrollmentSvc)
SRV:64bit: - [2015/10/30 04:17:43 | 000,057,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dmwappushsvc.dll -- (dmwappushservice)
SRV:64bit: - [2015/10/30 04:17:41 | 000,052,736 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\MessagingService.dll -- (MessagingService)
SRV:64bit: - [2015/10/30 04:17:39 | 000,547,840 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2015/10/30 04:17:37 | 000,380,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2015/10/30 04:17:37 | 000,364,464 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:64bit: - [2015/10/30 04:17:37 | 000,024,864 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2015/10/30 04:17:35 | 000,511,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2015/10/30 04:17:35 | 000,511,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvmsession)
SRV:64bit: - [2015/10/30 04:17:35 | 000,511,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2015/10/30 04:17:35 | 000,511,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2015/10/30 04:17:35 | 000,511,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2015/10/30 04:17:35 | 000,511,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2015/10/30 04:17:35 | 000,511,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2015/10/30 04:17:35 | 000,511,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2015/10/30 04:17:21 | 003,337,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2015/10/30 04:17:18 | 000,326,144 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\BthHFSrv.dll -- (BthHFSrv)
SRV:64bit: - [2015/07/31 11:43:34 | 000,289,256 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.11.163\McCHSvc.exe -- (McComponentHostService)
SRV:64bit: - [2011/04/07 12:37:16 | 005,352,960 | ---- | M] (Native Instruments GmbH) [Auto | Running] -- C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe -- (NIHardwareService)
SRV:64bit: - [2010/09/22 22:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/01/28 20:27:36 | 000,243,232 | ---- | M] (Acer Group) [Auto | Running] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)
SRV:64bit: - [2010/01/05 22:04:02 | 000,244,840 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV:64bit: - [2010/01/05 22:04:02 | 000,199,032 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV:64bit: - [2010/01/05 22:04:02 | 000,148,520 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\systemcore\mfevtps.exe -- (mfevtp)
SRV - [2016/04/07 16:45:19 | 000,269,504 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2016/02/24 03:07:45 | 000,949,248 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysWOW64\Unistore.dll -- (UnistoreSvc)
SRV - [2016/02/11 22:32:14 | 000,146,888 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2016/01/29 11:11:22 | 000,327,296 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2015/12/14 04:48:02 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2015/12/12 10:17:13 | 000,504,320 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2015/12/12 10:17:13 | 000,504,320 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (W3SVC)
SRV - [2015/12/12 10:17:06 | 000,072,192 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\inetsrv\w3logsvc.dll -- (w3logsvc)
SRV - [2015/12/12 10:17:04 | 000,056,832 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2015/10/30 04:18:31 | 002,179,584 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\Windows.StateRepository.dll -- (StateRepository)
SRV - [2015/10/30 04:18:31 | 000,022,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\lfsvc.dll -- (lfsvc)
SRV - [2015/10/30 04:18:29 | 000,461,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\CoreMessaging.dll -- (CoreMessagingRegistrar)
SRV - [2015/10/30 04:18:23 | 000,020,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2015/10/30 04:18:21 | 000,200,192 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Windows.Internal.Management.dll -- (DmEnrollmentSvc)
SRV - [2015/10/30 04:17:21 | 003,337,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2015/10/19 14:53:04 | 000,339,968 | ---- | M] (Popcorn Time) [Auto | Running] -- C:\Program Files (x86)\Popcorn Time\Updater.exe -- (Update service)
SRV - [2014/11/07 09:06:51 | 001,141,848 | ---- | M] (RealNetworks, Inc.) [Auto | Running] -- C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe -- (RealPlayer Cloud Service)
SRV - [2014/10/30 01:41:44 | 000,031,856 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe -- (RealPlayerUpdateSvc)
SRV - [2014/10/26 18:59:24 | 000,039,568 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2014/09/18 14:16:34 | 000,014,624 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe -- (IntuitUpdateServiceV4)
SRV - [2014/02/04 04:55:16 | 000,108,032 | ---- | M] (Freemake) [Auto | Stopped] -- C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe -- (Freemake Improver)
SRV - [2013/05/21 17:33:20 | 001,962,768 | ---- | M] (M-Audio) [Auto | Running] -- C:\Program Files (x86)\M-Audio\Fast Track\AudioDevMon.exe -- (FastTrackAudioDevMon)
SRV - [2012/05/18 01:23:36 | 002,938,880 | ---- | M] (PACE Anti-Piracy, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe -- (PaceLicenseDServices)
SRV - [2009/06/04 23:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2016/04/27 23:25:22 | 000,192,216 | ---- | M] (Malwarebytes) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV:64bit: - [2016/04/24 22:14:17 | 000,047,672 | ---- | M] (Disc Soft Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dtliteusbbus.sys -- (dtliteusbbus)
DRV:64bit: - [2016/04/24 22:13:54 | 000,030,264 | ---- | M] (Disc Soft Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dtlitescsibus.sys -- (dtlitescsibus)
DRV:64bit: - [2016/03/29 07:23:38 | 000,277,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2016/03/29 06:25:13 | 000,258,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ufx01000.sys -- (Ufx01000)
DRV:64bit: - [2016/03/29 05:21:40 | 000,378,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2016/03/29 05:16:55 | 000,026,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xinputhid.sys -- (xinputhid)
DRV:64bit: - [2016/03/29 04:23:41 | 000,694,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdiWiFi.sys -- (wdiwifi)
DRV:64bit: - [2016/02/23 06:25:27 | 000,534,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2016/02/23 06:20:35 | 000,238,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xboxgip.sys -- (xboxgip)
DRV:64bit: - [2016/01/16 02:46:08 | 000,067,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2015/12/12 10:21:39 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\capimg.sys -- (CapImg)
DRV:64bit: - [2015/12/12 10:21:39 | 000,095,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2015/12/12 10:17:13 | 000,175,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mqac.sys -- (MQAC)
DRV:64bit: - [2015/10/30 06:07:05 | 000,038,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2015/10/30 06:06:56 | 000,029,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2015/10/30 04:19:39 | 000,030,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2015/10/30 04:18:42 | 000,052,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2015/10/30 04:18:09 | 000,930,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refsv1.sys -- (ReFSv1)
DRV:64bit: - [2015/10/30 04:18:09 | 000,385,376 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2015/10/30 04:18:08 | 000,218,624 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2015/10/30 04:18:03 | 000,200,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2015/10/30 04:18:03 | 000,106,520 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WindowsTrustedRT.sys -- (WindowsTrustedRT)
DRV:64bit: - [2015/10/30 04:18:03 | 000,078,848 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\storqosflt.sys -- (storqosflt)
DRV:64bit: - [2015/10/30 04:18:03 | 000,061,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmCx.sys -- (UcmCx0101)
DRV:64bit: - [2015/10/30 04:18:03 | 000,050,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2015/10/30 04:18:03 | 000,031,584 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2015/10/30 04:18:03 | 000,026,624 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ioqos.sys -- (IoQos)
DRV:64bit: - [2015/10/30 04:18:01 | 000,154,464 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2015/10/30 04:17:57 | 000,047,616 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mmcss.sys -- (MMCSS)
DRV:64bit: - [2015/10/30 04:17:52 | 000,163,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2015/10/30 04:17:52 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urscx01000.sys -- (UrsCx01000)
DRV:64bit: - [2015/10/30 04:17:52 | 000,039,264 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\cnghwassist.sys -- (cnghwassist)
DRV:64bit: - [2015/10/30 04:17:51 | 000,155,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2015/10/30 04:17:51 | 000,088,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2015/10/30 04:17:51 | 000,077,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2015/10/30 04:17:51 | 000,074,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2015/10/30 04:17:51 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2015/10/30 04:17:50 | 000,199,008 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof)
DRV:64bit: - [2015/10/30 04:17:46 | 000,061,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2015/10/30 04:17:46 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\gpuenergydrv.sys -- (GpuEnergyDrv)
DRV:64bit: - [2015/10/30 04:17:42 | 000,126,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2015/10/30 04:17:42 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2015/10/30 04:17:39 | 000,081,920 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2015/10/30 04:17:37 | 000,293,216 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2015/10/30 04:17:37 | 000,209,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Ucx01000.sys -- (Ucx01000)
DRV:64bit: - [2015/10/30 04:17:37 | 000,127,840 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2015/10/30 04:17:37 | 000,124,928 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2015/10/30 04:17:37 | 000,118,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2015/10/30 04:17:37 | 000,099,680 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2015/10/30 04:17:37 | 000,087,040 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\filecrypt.sys -- (FileCrypt)
DRV:64bit: - [2015/10/30 04:17:37 | 000,061,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (tsusbflt)
DRV:64bit: - [2015/10/30 04:17:37 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Udecx.sys -- (UdeCx)
DRV:64bit: - [2015/10/30 04:17:37 | 000,044,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2015/10/30 04:17:37 | 000,031,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vhf.sys -- (vhf)
DRV:64bit: - [2015/10/30 04:17:26 | 000,017,944 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WindowsTrustedRTProxy.sys -- (WindowsTrustedRTProxy)
DRV:64bit: - [2015/10/30 04:17:25 | 000,046,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2015/10/30 04:17:25 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2015/10/30 04:17:25 | 000,028,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urschipidea.sys -- (UrsChipidea)
DRV:64bit: - [2015/10/30 04:17:25 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urssynopsys.sys -- (UrsSynopsys)
DRV:64bit: - [2015/10/30 04:17:25 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2015/10/30 04:17:23 | 000,705,376 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mlx4_bus.sys -- (mlx4_bus)
DRV:64bit: - [2015/10/30 04:17:23 | 000,532,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2015/10/30 04:17:23 | 000,424,800 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ibbus.sys -- (ibbus)
DRV:64bit: - [2015/10/30 04:17:23 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2015/10/30 04:17:23 | 000,283,136 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1y60x64.sys -- (e1yexpress)
DRV:64bit: - [2015/10/30 04:17:23 | 000,133,984 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2015/10/30 04:17:23 | 000,131,424 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ufxsynopsys.sys -- (ufxsynopsys)
DRV:64bit: - [2015/10/30 04:17:23 | 000,104,800 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2i.sys -- (LSI_SAS2i)
DRV:64bit: - [2015/10/30 04:17:23 | 000,099,168 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3i.sys -- (LSI_SAS3i)
DRV:64bit: - [2015/10/30 04:17:23 | 000,094,048 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UfxChipidea.sys -- (UfxChipidea)
DRV:64bit: - [2015/10/30 04:17:23 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2015/10/30 04:17:23 | 000,079,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2015/10/30 04:17:23 | 000,077,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2015/10/30 04:17:23 | 000,076,128 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ndfltr.sys -- (ndfltr)
DRV:64bit: - [2015/10/30 04:17:23 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2015/10/30 04:17:23 | 000,059,232 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winverbs.sys -- (WinVerbs)
DRV:64bit: - [2015/10/30 04:17:23 | 000,058,720 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\percsas3i.sys -- (percsas3i)
DRV:64bit: - [2015/10/30 04:17:23 | 000,058,208 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\percsas2i.sys -- (percsas2i)
DRV:64bit: - [2015/10/30 04:17:23 | 000,055,808 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2015/10/30 04:17:23 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmUcsi.sys -- (UcmUcsi)
DRV:64bit: - [2015/10/30 04:17:23 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2015/10/30 04:17:23 | 000,034,144 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storufs.sys -- (storufs)
DRV:64bit: - [2015/10/30 04:17:23 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2015/10/30 04:17:23 | 000,026,976 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winmad.sys -- (WinMad)
DRV:64bit: - [2015/10/30 04:17:22 | 003,436,896 | ---- | M] (QLogic Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2015/10/30 04:17:22 | 001,135,456 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2015/10/30 04:17:22 | 000,673,120 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2015/10/30 04:17:22 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2015/10/30 04:17:22 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2015/10/30 04:17:22 | 000,209,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2015/10/30 04:17:22 | 000,107,360 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2015/10/30 04:17:22 | 000,083,296 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2015/10/30 04:17:22 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2015/10/30 04:17:22 | 000,050,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidinterrupt.sys -- (hidinterrupt)
DRV:64bit: - [2015/10/30 04:17:22 | 000,037,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\buttonconverter.sys -- (buttonconverter)
DRV:64bit: - [2015/10/30 04:17:22 | 000,028,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2015/10/30 04:17:22 | 000,026,976 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2015/10/30 04:17:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2015/10/30 04:17:22 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\genericusbfn.sys -- (genericusbfn)
DRV:64bit: - [2015/10/30 04:17:22 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2015/10/30 04:17:22 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2015/10/30 04:17:22 | 000,009,728 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2015/10/30 04:17:22 | 000,009,728 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn.sys -- (bcmfn)
DRV:64bit: - [2015/10/30 04:17:18 | 002,504,192 | ---- | M] (MediaTek Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)
DRV:64bit: - [2015/10/30 04:17:18 | 000,165,888 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C.sys -- (iaLPSS2i_I2C)
DRV:64bit: - [2015/10/30 04:17:18 | 000,117,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2015/10/30 04:17:18 | 000,113,152 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2015/10/30 04:17:18 | 000,081,408 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iai2c.sys -- (iai2c)
DRV:64bit: - [2015/10/30 04:17:18 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2015/10/30 04:17:18 | 000,065,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2015/10/30 04:17:18 | 000,064,000 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:64bit: - [2015/10/30 04:17:18 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2015/10/30 04:17:18 | 000,046,432 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2015/10/30 04:17:18 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2015/10/30 04:17:18 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\compositebus.inf_amd64_912dfdedc3d2f520\CompositeBus.sys -- (CompositeBus)
DRV:64bit: - [2015/10/30 04:17:18 | 000,038,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2015/10/30 04:17:18 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2015/10/30 04:17:18 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2015/10/30 04:17:18 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2015/10/30 04:17:18 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2015/06/17 12:04:24 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2013/08/22 09:40:24 | 000,040,664 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:64bit: - [2013/06/28 19:49:35 | 000,045,856 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2013/05/21 17:33:20 | 000,460,048 | ---- | M] (M-Audio) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MAudioFastTrack.sys -- (MAUSBFASTTRACK)
DRV:64bit: - [2012/07/15 12:48:16 | 000,030,720 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tapoas.sys -- (tapoas)
DRV:64bit: - [2012/05/16 11:13:34 | 000,105,624 | ---- | M] (PACE Anti-Piracy, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\Tpkd.sys -- (Tpkd)
DRV:64bit: - [2012/03/23 14:13:28 | 010,627,744 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010/01/05 22:04:02 | 000,528,232 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2010/01/05 22:04:02 | 000,440,688 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2010/01/05 22:04:02 | 000,279,752 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2010/01/05 22:04:02 | 000,189,880 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2010/01/05 22:04:02 | 000,121,504 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2010/01/05 22:04:02 | 000,093,840 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdet.sys -- (mferkdet)
DRV:64bit: - [2010/01/05 22:04:02 | 000,075,288 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfenlfk.sys -- (mfenlfk)
DRV:64bit: - [2010/01/05 22:04:02 | 000,062,416 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:64bit: - [2009/12/09 06:39:52 | 000,537,624 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/05/25 17:13:10 | 000,138,752 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcHdmi.sys -- (IntcHdmiAddService)
DRV - [2016/04/27 22:43:10 | 000,056,496 | ---- | M] (GMER) [Kernel | On_Demand | Unknown] -- C:\Users\deco\AppData\Local\Temp\kwldapod.sys -- (kwldapod)
DRV - [2016/04/27 19:12:28 | 000,057,048 | ---- | M] () [Kernel | On_Demand | Unknown] -- C:\Users\deco\AppData\Local\Temp\aswMBR.sys -- (aswMBR)
DRV - [2015/10/30 04:17:18 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_912dfdedc3d2f520\CompositeBus.sys -- (CompositeBus)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,NewTabPageShow = 1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = {67C334C0-408D-4E6D-B5A7-0ADD6AFFA252}
IE - HKLM\..\SearchScopes\{67C334C0-408D-4E6D-B5A7-0ADD6AFFA252}: "URL" = http://www.google.co...utputEncoding?}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,NewTabPageShow = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US,en;q=0.8,fr-FR;q=0.7,fr;q=0.5,pt-BR;q=0.3,pt;q=0.2
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = ED 5A 79 53 B3 1C D1 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
IE - HKCU\..\SearchScopes,DefaultScope = {67C334C0-408D-4E6D-B5A7-0ADD6AFFA252}
IE - HKCU\..\SearchScopes\{67C334C0-408D-4E6D-B5A7-0ADD6AFFA252}: "URL" = http://www.google.co...utputEncoding?}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js - File not found
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll ()
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.40.2: C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre1.8.0_40\bin\new_plugin\npjp2.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.40.2: C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=17.0.15.10: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.6.14: c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=17.0.15: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=17.0.15.10: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer Cloud)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@emusic.com/eMusicPlugin DLM6: C:\Program Files (x86)\eMusic Download Manager 6\npEMusic602.dll File not found
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\deco\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\deco\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\deco\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\deco\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{338950EA-82DB-44C1-930D-0C28E023C9F0}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2014/11/07 09:08:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014/11/07 09:08:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 44.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2016/03/29 13:36:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 44.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2016/03/29 13:36:47 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 44.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2016/03/29 13:36:47 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 44.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2016/03/29 13:36:47 | 000,000,000 | ---D | M]
[2011/08/06 20:02:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\deco\AppData\Roaming\Mozilla\Extensions
[2016/04/28 00:04:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\deco\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\extensions
[2016/04/24 22:15:30 | 000,000,000 | ---D | M] (SNT) -- C:\Users\deco\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\extensions\[email protected]
[2016/04/28 00:04:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\deco\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\extensions
[2016/04/24 22:16:16 | 000,000,000 | ---D | M] (SNT) -- C:\Users\deco\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\extensions\[email protected]
[2016/01/16 15:54:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\deco\AppData\Roaming\Mozilla\Firefox\Profiles\req8cfge.default\extensions
[2014/03/26 11:49:47 | 000,000,000 | ---D | M] (SNT) -- C:\Users\deco\AppData\Roaming\Mozilla\Firefox\Profiles\req8cfge.default\extensions\[email protected]
[2016/04/25 12:39:24 | 000,673,748 | ---- | M] () (No name found) -- C:\Users\deco\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi
[2015/11/03 08:43:21 | 000,636,306 | ---- | M] () (No name found) -- C:\Users\deco\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi
[2015/11/03 08:43:21 | 000,636,306 | ---- | M] () (No name found) -- C:\Users\deco\AppData\Roaming\Mozilla\Firefox\Profiles\req8cfge.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi
[2016/02/11 22:32:07 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2016/02/11 22:32:15 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2010/01/05 22:04:02 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\mozilla firefox\components\Scriptff.dll
[2015/11/18 11:57:24 | 000,034,072 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll
[2014/11/07 09:07:15 | 000,148,552 | ---- | M] (RealPlayer Cloud) -- C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll
CHR - Extension: No name found = C:\Users\deco\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\
CHR - Extension: No name found = C:\Users\deco\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
CHR - Extension: No name found = C:\Users\deco\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\
CHR - Extension: No name found = C:\Users\deco\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
CHR - Extension: No name found = C:\Users\deco\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\
CHR - Extension: No name found = C:\Users\deco\AppData\Local\Google\Chrome\User Data\Default\Extensions\enmofgaijnbjpblfljopnpdogpldapoc\1.1_0\
CHR - Extension: No name found = C:\Users\deco\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\
CHR - Extension: No name found = C:\Users\deco\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_0\
CHR - Extension: No name found = C:\Users\deco\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\
CHR - Extension: No name found = C:\Users\deco\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooblpjoncpjmbncgocjlnannofkjjhnp\3.6.3_0\
CHR - Extension: No name found = C:\Users\deco\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\
Hosts file not found
O2:64bit: - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll (RealDownloader)
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\mcafee\SystemCore\ScriptSn.20110902204322.dll (McAfee, Inc.)
O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540008} - C:\Windows\Downloaded Program Files\gbiehuni.dll ()
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Hotkey Utility] C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe ()
O4 - HKLM..\Run: [RealDownloader] C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe ()
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [DAEMON Tools Lite Automount] C:\Program Files\DAEMON Tools Lite\DTAgent.exe (Disc Soft Ltd)
O4 - HKCU..\Run: [iCloudDrive] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe (Apple Inc.)
O4 - HKCU..\Run: [iCloudPhotos] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe (Apple Inc.)
O4 - HKCU..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
O4 - HKCU..\Run: [OneDrive] C:\Users\deco\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DSCAutomationHostEnabled = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O8:64bit: - Extra context menu item: Download with FLV Blaster - C:\Users\deco\AppData\Roaming\FLV2PC\Internet Explorer\script.htm ()
O8 - Extra context menu item: Download with FLV Blaster - C:\Users\deco\AppData\Roaming\FLV2PC\Internet Explorer\script.htm ()
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab(OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab(Java Plug-in 11.40.2)
O16 - DPF: {CAFEEFAC-0018-0000-0040-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab(Java Plug-in 1.8.0_40)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab(Java Plug-in 1.8.0_40)
O16 - DPF: {E37CB5F0-51F5-4395-A808-5FA49E399008} https://clickbanking...GbPluginUni.cab(GbPluginObj Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 201.17.0.64 201.17.0.92
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{67e01175-984f-458a-99df-04aabdde5b6d}: DhcpNameServer = 201.17.0.85 201.17.0.55
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{bc9b8eca-8d3a-463c-a441-d44690c56727}: DhcpNameServer = 201.17.0.64 201.17.0.92
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399008} - C:\Windows\Downloaded Program Files\gbiehuni.dll ()
O30:64bit: - LSA: Security Packages - (livessp) - File not found
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2016/04/27 22:34:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2016/04/27 13:08:24 | 000,000,000 | ---D | C] -- C:\Users\deco\AppData\Local\Temp
[2016/04/27 11:27:42 | 000,000,000 | ---D | C] -- C:\ProgramData\vreXjvX
[2016/04/27 11:27:27 | 000,000,000 | ---D | C] -- C:\Users\deco\AppData\Local\vreXjvX
[2016/04/27 11:27:21 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\vreXjvX
[2016/04/27 11:27:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\vreXjvX
[2016/04/27 02:29:44 | 000,000,000 | -H-D | C] -- C:\Users\deco\Desktop\Freemake_do_not_remove_this_folder
[2016/04/26 12:18:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
[2016/04/26 12:18:43 | 000,000,000 | ---D | C] -- C:\Users\deco\AppData\Roaming\WinZiper
[2016/04/26 12:18:43 | 000,000,000 | ---D | C] -- C:\Users\deco\AppData\Roaming\eCyber
[2016/04/26 12:16:24 | 000,000,000 | ---D | C] -- C:\ProgramData\6winp6
[2016/04/26 12:15:50 | 000,000,000 | ---D | C] -- C:\Users\deco\AppData\Roaming\TSv
[2016/04/26 12:15:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QQBrowser
[2016/04/26 00:19:29 | 000,000,000 | ---D | C] -- C:\Users\deco\Desktop\Copy of proud
[2016/04/24 22:39:06 | 000,000,000 | ---D | C] -- C:\Users\deco\AppData\Local\Native Instruments
[2016/04/24 22:35:35 | 000,000,000 | ---D | C] -- C:\Users\deco\AppData\Local\Disc_Soft_Ltd
[2016/04/24 22:33:08 | 000,000,000 | ---D | C] -- C:\Users\deco\Documents\Native Instruments
[2016/04/24 22:31:55 | 000,000,000 | -H-D | C] -- C:\ProgramData\{9327ACE9-CC82-4A33-9B33-291ACA1E267B}
[2016/04/24 22:27:45 | 000,000,000 | -H-D | C] -- C:\ProgramData\{CB28D9D3-6B5D-4AFA-BA37-B4AFAAAF71B9}
[2016/04/24 22:25:48 | 000,000,000 | -H-D | C] -- C:\ProgramData\{5A23829C-A66E-47B0-AD50-21A3FFE6C325}
[2016/04/24 22:25:23 | 000,000,000 | -H-D | C] -- C:\ProgramData\{DCC412E7-393B-4016-91FB-9307F059AFB6}
[2016/04/24 22:24:55 | 000,000,000 | -H-D | C] -- C:\ProgramData\{49FAB1E7-7D4E-4015-BBCA-E52669133FB7}
[2016/04/24 22:24:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Native Instruments
[2016/04/24 22:24:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments
[2016/04/24 22:24:50 | 000,000,000 | ---D | C] -- C:\Program Files\Native Instruments
[2016/04/24 22:24:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Native Instruments
[2016/04/24 22:19:58 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Daemon Tools Images
[2016/04/24 22:15:17 | 000,000,000 | ---D | C] -- C:\Users\deco\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108
[2016/04/24 22:14:57 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\dmp
[2016/04/24 22:14:17 | 000,047,672 | ---- | C] (Disc Soft Ltd) -- C:\WINDOWS\SysNative\drivers\dtliteusbbus.sys
[2016/04/24 22:13:54 | 000,030,264 | ---- | C] (Disc Soft Ltd) -- C:\WINDOWS\SysNative\drivers\dtlitescsibus.sys
[2016/04/24 22:13:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2016/04/24 22:13:52 | 000,000,000 | ---D | C] -- C:\Users\deco\AppData\Roaming\DAEMON Tools Lite
[2016/04/24 22:13:45 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2016/04/24 22:13:40 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2016/04/24 11:51:13 | 000,000,000 | ---D | C] -- C:\Users\deco\AppData\Roaming\Leadertech
[2016/04/24 04:27:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avid
[2016/04/24 04:25:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avid
[2016/04/23 21:56:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Waves Central
[2016/04/23 21:48:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PositiveGrid
[2016/04/23 21:40:11 | 000,000,000 | ---D | C] -- C:\Users\deco\AppData\Roaming\BIAS_FX
[2016/04/23 16:17:47 | 000,000,000 | ---D | C] -- C:\Users\deco\Desktop\proud
[2016/04/22 19:46:49 | 000,000,000 | ---D | C] -- C:\Users\deco\AppData\Local\M-Audio
[2016/04/22 19:46:49 | 000,000,000 | ---D | C] -- C:\ProgramData\M-Audio
[2016/04/22 19:40:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\M-Audio
[2016/04/22 19:40:40 | 000,000,000 | ---D | C] -- C:\Program Files\M-Audio
[2016/04/22 19:40:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\M-Audio
[2016/04/22 19:40:33 | 000,000,000 | ---D | C] -- C:\ProgramData\AVID
[2016/04/22 19:35:35 | 000,000,000 | ---D | C] -- C:\Users\deco\AppData\Roaming\InstallShield
[2016/04/21 23:50:59 | 000,000,000 | ---D | C] -- C:\Users\deco\Desktop\split reaction
[2016/04/21 22:40:28 | 000,000,000 | ---D | C] -- C:\Users\deco\Desktop\plugins
[2016/04/21 22:09:49 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[2016/04/21 21:51:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel
[2016/04/21 21:48:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Propellerhead Software
[2016/04/21 21:48:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Propellerhead Software
[2016/04/21 21:21:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\VST3
[2016/04/21 21:21:35 | 000,000,000 | --SD | C] -- C:\Program Files (x86)\Common Files\WPAPI
[2016/04/21 21:21:35 | 000,000,000 | --SD | C] -- C:\Program Files (x86)\Waves
[2016/04/21 21:21:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\VST3
[2016/04/20 22:16:38 | 000,000,000 | ---D | C] -- C:\Users\deco\AppData\Roaming\IK Multimedia
[2016/04/20 21:54:23 | 000,000,000 | ---D | C] -- C:\Users\deco\AppData\Local\Waves Audio
[2016/04/20 21:54:15 | 000,000,000 | --SD | C] -- C:\ProgramData\Waves Audio
[2016/04/20 21:54:15 | 000,000,000 | ---D | C] -- C:\Users\deco\AppData\Roaming\Logs
[2016/04/20 21:54:09 | 000,000,000 | --SD | C] -- C:\Users\deco\AppData\Roaming\Waves Audio
[2016/04/20 21:52:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Waves Central
[2016/04/17 23:52:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IK Multimedia
[2016/04/17 23:51:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VstPlugIns
[2016/04/17 23:51:03 | 000,000,000 | ---D | C] -- C:\Users\deco\Documents\IK Multimedia
[2016/04/17 23:51:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IK Multimedia
[2016/04/17 22:50:39 | 000,000,000 | ---D | C] -- C:\Users\deco\Documents\BIAS
[2016/04/17 22:36:41 | 000,000,000 | ---D | C] -- C:\Program Files\VSTPlugins
[2016/04/17 22:36:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Avid
[2016/04/17 21:57:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2016/04/17 21:35:36 | 000,000,000 | ---D | C] -- C:\Users\deco\Documents\untitled
[2016/04/17 21:31:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASIO4ALL v2
[2016/04/17 20:56:12 | 000,000,000 | ---D | C] -- C:\Users\deco\AppData\Roaming\Trillium Lane
[2016/04/17 20:54:18 | 000,000,000 | ---D | C] -- C:\Users\deco\AppData\Roaming\PACE Anti-Piracy
[2016/04/17 20:54:18 | 000,000,000 | ---D | C] -- C:\Users\deco\AppData\Local\PACE Anti-Piracy
[2016/04/17 20:54:18 | 000,000,000 | ---D | C] -- C:\ProgramData\PACE Anti-Piracy
[2016/04/17 20:54:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PACE Anti-Piracy
[2016/04/17 20:15:54 | 000,000,000 | ---D | C] -- C:\Users\deco\AvidLogFiles
[2016/04/17 20:03:26 | 000,000,000 | ---D | C] -- C:\Users\deco\AppData\Roaming\Avid
[2016/04/17 19:55:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Digidesign
[2016/04/17 19:55:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Avid
[2016/04/17 19:27:09 | 000,000,000 | ---D | C] -- C:\ProgramData\PACE
[2016/04/17 19:27:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PACE
[2016/04/13 11:07:58 | 000,037,376 | ---- | C] (Adobe Systems) -- C:\WINDOWS\SysWow64\atmlib.dll
[2016/04/13 11:07:55 | 018,673,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\edgehtml.dll
[2016/04/13 11:07:52 | 000,303,104 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\atmfd.dll
[2016/04/13 11:07:49 | 000,541,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fontdrvhost.exe
[2016/04/13 11:07:49 | 000,365,568 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysNative\atmfd.dll
[2016/04/13 11:07:49 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wininetlui.dll
[2016/04/13 11:07:45 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wininetlui.dll
[2016/04/13 11:07:44 | 000,209,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\storewuauth.dll
[2016/04/13 11:07:43 | 000,630,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fontdrvhost.exe
[2016/04/13 11:07:42 | 022,378,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgehtml.dll
[2016/04/13 11:07:40 | 000,045,568 | ---- | C] (Adobe Systems) -- C:\WINDOWS\SysNative\atmlib.dll
[2016/04/13 11:07:39 | 007,474,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2016/04/13 11:07:38 | 003,592,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kfull.sys
[2016/04/13 11:07:37 | 001,388,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsasrv.dll
[2016/04/13 11:07:18 | 001,444,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SRHInproc.dll
[2016/04/13 11:07:18 | 000,965,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SRH.dll
[2016/04/13 11:07:18 | 000,799,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SRH.dll
[2016/04/13 11:07:17 | 016,985,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.dll
[2016/04/13 11:07:17 | 001,714,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SRHInproc.dll
[2016/04/13 11:07:14 | 013,018,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
[2016/04/13 11:07:10 | 011,545,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll
[2016/04/13 11:07:08 | 009,918,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll
[2016/04/13 11:07:07 | 001,944,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InputService.dll
[2016/04/13 11:07:07 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TextInputFramework.dll
[2016/04/13 11:07:07 | 000,118,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fontsub.dll
[2016/04/13 11:07:06 | 007,836,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakra.dll
[2016/04/13 11:07:06 | 002,624,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InputService.dll
[2016/04/13 11:07:06 | 000,345,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TextInputFramework.dll
[2016/04/13 11:07:02 | 005,662,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakra.dll
[2016/04/13 11:07:01 | 003,994,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_nt.dll
[2016/04/13 11:06:58 | 003,428,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.dll
[2016/04/13 11:06:53 | 005,202,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\BingMaps.dll
[2016/04/13 11:06:53 | 002,798,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.dll
[2016/04/13 11:06:52 | 000,948,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XblAuthManager.dll
[2016/04/13 11:06:49 | 001,297,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LicenseManager.dll
[2016/04/13 11:06:48 | 001,946,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmcore.dll
[2016/04/13 11:06:48 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\enterprisecsps.dll
[2016/04/13 11:06:47 | 001,390,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Shell.dll
[2016/04/13 11:06:46 | 001,832,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.dll
[2016/04/13 11:06:46 | 001,098,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dosvc.dll
[2016/04/13 11:06:46 | 000,986,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LicenseManager.dll
[2016/04/13 11:06:45 | 003,575,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettingsThresholdAdminFlowUI.dll
[2016/04/13 11:06:44 | 001,626,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dwmcore.dll
[2016/04/13 11:06:44 | 001,388,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kbase.sys
[2016/04/13 11:06:43 | 003,078,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\esent.dll
[2016/04/13 11:06:40 | 007,199,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BingMaps.dll
[2016/04/13 11:06:40 | 002,722,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\esent.dll
[2016/04/13 11:06:40 | 001,139,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UIAutomationCore.dll
[2016/04/13 11:06:39 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UIAutomationCore.dll
[2016/04/13 11:06:39 | 000,859,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.dll
[2016/04/13 11:06:38 | 000,938,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapControlCore.dll
[2016/04/13 11:06:38 | 000,852,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapsStore.dll
[2016/04/13 11:06:38 | 000,696,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NetSetupEngine.dll
[2016/04/13 11:06:37 | 000,988,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SharedStartModel.dll
[2016/04/13 11:06:37 | 000,649,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.dll
[2016/04/13 11:06:37 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NetSetupShim.dll
[2016/04/13 11:06:36 | 002,158,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll
[2016/04/13 11:06:36 | 000,711,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MapControlCore.dll
[2016/04/13 11:06:36 | 000,630,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PhoneProviders.dll
[2016/04/13 11:06:33 | 001,317,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.efi
[2016/04/13 11:06:33 | 001,141,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.exe
[2016/04/13 11:06:33 | 000,958,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RemoteNaturalLanguage.dll
[2016/04/13 11:06:32 | 001,211,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Cred.dll
[2016/04/13 11:06:32 | 000,587,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bisrv.dll
[2016/04/13 11:06:32 | 000,354,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\NetSetupShim.dll
[2016/04/13 11:06:31 | 001,090,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RDXService.dll
[2016/04/13 11:06:31 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InputLocaleManager.dll
[2016/04/13 11:06:30 | 001,030,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.efi
[2016/04/13 11:06:30 | 000,989,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SecConfig.efi
[2016/04/13 11:06:30 | 000,874,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.exe
[2016/04/13 11:06:30 | 000,502,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\NetSetupEngine.dll
[2016/04/13 11:06:27 | 001,575,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Speech.dll
[2016/04/13 11:06:27 | 000,415,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\StoreAgent.dll
[2016/04/13 11:06:26 | 000,556,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PsmServiceExtHost.dll
[2016/04/13 11:06:26 | 000,498,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tileobjserver.dll
[2016/04/13 11:06:26 | 000,175,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Core.TextInput.dll
[2016/04/13 11:06:25 | 000,550,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\StoreAgent.dll
[2016/04/13 11:06:25 | 000,369,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\audiodg.exe
[2016/04/13 11:06:25 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fontsub.dll
[2016/04/13 11:06:24 | 001,072,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Web.Http.dll
[2016/04/13 11:06:24 | 000,765,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fveapi.dll
[2016/04/13 11:06:24 | 000,460,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapConfiguration.dll
[2016/04/13 11:06:24 | 000,339,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SensorService.dll
[2016/04/13 11:06:24 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Core.TextInput.dll
[2016/04/13 11:06:23 | 000,438,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AccountsRt.dll
[2016/04/13 11:06:23 | 000,418,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmenrollengine.dll
[2016/04/13 11:06:23 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MapConfiguration.dll
[2016/04/13 11:06:22 | 000,988,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NMAA.dll
[2016/04/13 11:06:22 | 000,498,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MessagingDataModel2.dll
[2016/04/13 11:06:22 | 000,358,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AccountsRt.dll
[2016/04/13 11:06:22 | 000,207,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NetSetupSvc.dll
[2016/04/13 11:06:21 | 000,300,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LockAppHost.exe
[2016/04/13 11:06:19 | 000,821,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TokenBroker.dll
[2016/04/13 11:06:19 | 000,712,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\RemoteNaturalLanguage.dll
[2016/04/13 11:06:19 | 000,350,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CredProvDataModel.dll
[2016/04/13 11:06:18 | 000,628,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MessagingDataModel2.dll
[2016/04/13 11:06:18 | 000,253,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LockAppHost.exe
[2016/04/13 11:06:18 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InputLocaleManager.dll
[2016/04/13 11:06:17 | 001,410,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Web.Http.dll
[2016/04/13 11:06:17 | 001,056,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\JpMapControl.dll
[2016/04/13 11:06:17 | 001,052,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MsSpellCheckingFacility.dll
[2016/04/13 11:06:17 | 000,555,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SyncController.dll
[2016/04/13 11:06:17 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RDXTaskFactory.dll
[2016/04/13 11:06:15 | 000,730,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Internal.Shell.Broker.dll
[2016/04/13 11:06:13 | 000,764,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Cred.dll
[2016/04/13 11:06:12 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\JpMapControl.dll
[2016/04/13 11:06:11 | 001,239,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Bluetooth.dll
[2016/04/13 11:06:11 | 000,269,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\moshostcore.dll
[2016/04/13 11:06:04 | 000,848,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapi.dll
[2016/04/13 11:06:04 | 000,688,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.Connectivity.dll
[2016/04/13 11:06:03 | 000,440,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CredProvDataModel.dll
[2016/04/13 11:06:02 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\accountaccessor.dll
[2016/04/13 11:06:02 | 000,169,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mdmmigrator.dll
[2016/04/13 11:06:02 | 000,162,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\enrollmentapi.dll
[2016/04/13 11:06:01 | 000,787,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Web.dll
[2016/04/13 11:06:01 | 000,638,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TokenBroker.dll
[2016/04/13 11:06:01 | 000,296,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\policymanager.dll
[2016/04/13 11:05:58 | 003,351,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msi.dll
[2016/04/13 11:05:58 | 000,686,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dnsapi.dll
[2016/04/13 11:05:58 | 000,258,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\ufx01000.sys
[2016/04/13 11:05:56 | 000,881,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Input.Inking.dll
[2016/04/13 11:05:55 | 001,117,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Speech.dll
[2016/04/13 11:05:55 | 000,777,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MsSpellCheckingFacility.dll
[2016/04/13 11:05:55 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dafBth.dll
[2016/04/13 11:05:54 | 000,378,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBXHCI.SYS
[2016/04/13 11:05:54 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppxSysprep.dll
[2016/04/13 11:05:54 | 000,084,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\NetSetupApi.dll
[2016/04/13 11:05:53 | 000,682,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Input.Inking.dll
[2016/04/13 11:05:53 | 000,592,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Web.dll
[2016/04/13 11:05:53 | 000,261,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LsaIso.exe
[2016/04/13 11:05:53 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AboveLockAppHost.dll
[2016/04/13 11:05:53 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\VEDataLayerHelpers.dll
[2016/04/13 11:05:52 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msorcl32.dll
[2016/04/13 11:05:52 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\policymanagerprecheck.dll
[2016/04/13 11:05:52 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MosStorage.dll
[2016/04/13 11:05:52 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MosStorage.dll
[2016/04/13 11:05:50 | 000,521,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Networking.Connectivity.dll
[2016/04/13 11:05:49 | 000,708,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Security.Authentication.Web.Core.dll
[2016/04/13 11:05:49 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncbservice.dll
[2016/04/13 11:05:49 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mdmregistration.dll
[2016/04/13 11:05:49 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\xinputhid.sys
[2016/04/13 11:05:48 | 000,848,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\samsrv.dll
[2016/04/13 11:05:48 | 000,374,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettingsAdminFlows.exe
[2016/04/13 11:05:48 | 000,334,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\policymanager.dll
[2016/04/13 11:05:48 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fveui.dll
[2016/04/13 11:05:48 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Devices.dll
[2016/04/13 11:05:47 | 000,888,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.dll
[2016/04/13 11:05:47 | 000,115,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NetSetupApi.dll
[2016/04/13 11:05:47 | 000,100,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\omadmapi.dll
[2016/04/13 11:05:46 | 000,129,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AboveLockAppHost.dll
[2016/04/13 11:05:45 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mdmregistration.dll
[2016/04/13 11:05:45 | 000,110,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\srvcli.dll
[2016/04/13 11:05:44 | 000,854,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.Bluetooth.dll
[2016/04/13 11:05:44 | 000,081,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netapi32.dll
[2016/04/13 11:05:40 | 000,705,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapi.dll
[2016/04/13 11:05:40 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Devices.dll
[2016/04/13 11:05:40 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\VEDataLayerHelpers.dll
[2016/04/13 11:05:40 | 000,078,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wkscli.dll
[2016/04/13 11:05:39 | 000,277,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\sdbus.sys
[2016/04/13 11:05:39 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wkscli.dll
[2016/04/13 11:05:38 | 000,770,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iuilp.dll
[2016/04/13 11:05:37 | 000,694,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdiWiFi.sys
[2016/04/13 11:05:37 | 000,411,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\oleacc.dll
[2016/04/13 11:05:37 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BitLockerDeviceEncryption.exe
[2016/04/13 11:05:36 | 000,074,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\easinvoker.exe
[2016/04/13 11:05:36 | 000,051,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SensorsNativeApi.dll
[2016/04/13 11:05:35 | 000,841,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32spl.dll
[2016/04/13 11:05:35 | 000,185,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dumpsd.sys
[2016/04/13 11:05:35 | 000,058,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SensorsNativeApi.dll
[2016/04/13 11:05:34 | 000,686,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieproxy.dll
[2016/04/13 11:05:34 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DAFWSD.dll
[2016/04/13 11:05:34 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsdchngr.dll
[2016/04/13 11:05:33 | 000,638,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Networking.dll
[2016/04/13 11:05:33 | 000,330,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2016/04/13 11:05:32 | 000,239,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\credprovhost.dll
[2016/04/13 11:05:32 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\VEEventDispatcher.dll
[2016/04/13 11:05:28 | 000,174,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\easwrt.dll
[2016/04/13 11:05:27 | 000,250,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2016/04/13 11:05:27 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmcsps.dll
[2016/04/13 11:05:26 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\VEEventDispatcher.dll
[2016/04/13 11:05:26 | 000,278,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NotificationObjFactory.dll
[2016/04/13 11:05:26 | 000,239,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\NotificationObjFactory.dll
[2016/04/13 11:05:26 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\VEStoreEventHandlers.dll
[2016/04/13 11:05:26 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\browserbroker.dll
[2016/04/13 11:05:26 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wsdchngr.dll
[2016/04/13 11:05:25 | 000,306,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieproxy.dll
[2016/04/13 11:05:25 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\credprovhost.dll
[2016/04/13 11:05:25 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuautoappupdate.dll
[2016/04/13 11:05:24 | 000,402,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FWPUCLNT.DLL
[2016/04/13 11:05:24 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tzautoupdate.dll
[2016/04/13 11:05:23 | 004,774,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\actxprxy.dll
[2016/04/13 11:05:23 | 000,821,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fvewiz.dll
[2016/04/13 11:05:23 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\OnDemandConnRouteHelper.dll
[2016/04/13 11:05:23 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\basesrv.dll
[2016/04/13 11:05:23 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\browcli.dll
[2016/04/13 11:05:22 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\browcli.dll
[2016/04/13 11:05:22 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LicenseManagerShellext.exe
[2016/04/13 11:05:21 | 000,496,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Security.Authentication.Web.Core.dll
[2016/04/13 11:05:21 | 000,450,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SyncController.dll
[2016/04/13 11:05:21 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fvecpl.dll
[2016/04/13 11:05:21 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tbauth.dll
[2016/04/13 11:05:20 | 000,141,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\easwrt.dll
[2016/04/13 11:05:20 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fveskybackup.dll
[2016/04/13 11:05:19 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SensorsNativeApi.V2.dll
[2016/04/13 11:05:18 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\samlib.dll
[2016/04/13 11:05:17 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettings.DeviceEncryptionHandlers.dll
[2016/04/13 11:05:17 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups.dll
[2016/04/13 11:05:16 | 000,269,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\FWPUCLNT.DLL
[2016/04/13 11:05:16 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FontProvider.dll
[2016/04/13 11:05:16 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\moshost.dll
[2016/04/13 11:05:16 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tbauth.dll
[2016/04/13 11:05:16 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TokenBrokerCookies.exe
[2016/04/13 11:05:15 | 000,333,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\portcls.sys
[2016/04/13 11:05:15 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmenterprisediagnostics.dll
[2016/04/13 11:05:15 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mapsupdatetask.dll
[2016/04/13 11:05:15 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TokenBrokerCookies.exe
[2016/04/13 11:05:14 | 007,979,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mos.dll
[2016/04/13 11:05:14 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NetCfgNotifyObjectHost.exe
[2016/04/13 11:05:13 | 006,297,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mos.dll
[2016/04/13 11:05:13 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapsBtSvc.dll
[2016/04/13 11:05:13 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapsCSP.dll
[2016/04/13 11:05:12 | 000,784,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\NMAA.dll
[2016/04/13 11:05:12 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fveapibase.dll
[2016/04/13 11:05:12 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mtxoci.dll
[2016/04/13 11:05:12 | 000,118,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mtxoci.dll
[2016/04/13 11:05:12 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BdeHdCfgLib.dll
[2016/04/13 11:05:12 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\OnDemandConnRouteHelper.dll
[2016/04/13 11:05:11 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SensorsNativeApi.V2.dll
[2016/04/13 11:05:11 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\oleacchooks.dll
[2016/04/13 11:05:11 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\oleacchooks.dll
[2016/04/13 11:05:10 | 000,414,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcastdvr.exe
[2016/04/13 11:05:10 | 000,199,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InstallAgent.exe
[2016/04/13 11:05:10 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MapsBtSvc.dll
[2016/04/13 11:05:09 | 000,764,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakradiag.dll
[2016/04/13 11:05:09 | 000,161,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InstallAgent.exe
[2016/04/13 11:05:09 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppCapture.dll
[2016/04/08 13:29:36 | 000,000,000 | ---D | C] -- C:\Users\deco\Desktop\2015 statements
[2016/04/08 12:57:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TurboTax 2015
[2016/04/07 16:45:02 | 005,934,784 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerInstaller.exe
[2016/04/04 13:53:14 | 000,000,000 | ---D | C] -- C:\Users\deco\Desktop\Bounces
[2016/04/04 13:00:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Web Installer
[2016/03/29 13:43:11 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2016/03/29 13:34:47 | 006,362,264 | ---- | C] (WindSolutions) -- C:\Users\deco\Desktop\CopyTransDriversInstaller.exe
[2016/03/29 13:27:15 | 000,000,000 | ---D | C] -- C:\Users\deco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Control Center
[2016/03/29 13:26:52 | 000,000,000 | ---D | C] -- C:\Users\deco\AppData\Roaming\WindSolutions
[2016/03/29 13:26:51 | 000,000,000 | ---D | C] -- C:\ProgramData\WindSolutions
[2016/03/29 12:37:22 | 000,000,000 | ---D | C] -- C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
[6 C:\WINDOWS\SysWow64\*.tmp files -> C:\WINDOWS\SysWow64\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2016/04/27 23:45:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2016/04/27 23:40:00 | 000,000,922 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2016/04/27 23:40:00 | 000,000,918 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2016/04/27 23:39:00 | 000,000,392 | ---- | M] () -- C:\WINDOWS\tasks\WpsUpdateTask_sales in bloom.job
[2016/04/27 23:39:00 | 000,000,392 | ---- | M] () -- C:\WINDOWS\tasks\WpsNotifyTask_sales in bloom.job
[2016/04/27 23:35:31 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3406242734-3781281278-1370421689-1000Core.job
[2016/04/27 23:35:01 | 000,000,920 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3406242734-3781281278-1370421689-1000UA.job
[2016/04/27 23:25:22 | 000,192,216 | ---- | M] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\MBAMSwissArmy.sys
[2016/04/27 23:23:09 | 000,001,179 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2016/04/27 23:09:03 | 000,000,001 | ---- | M] () -- C:\WINDOWS\SysWow64\us.html
[2016/04/27 23:08:48 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
[2016/04/27 23:08:48 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job
[2016/04/27 23:04:05 | 000,089,421 | ---- | M] () -- C:\WINDOWS\SysWow64\rsslogs.20160427230305
[2016/04/27 23:03:49 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2016/04/27 23:01:44 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2016/04/27 23:01:01 | 3193,835,520 | -HS- | M] () -- C:\hiberfil.sys
[2016/04/27 22:53:45 | 000,008,459 | ---- | M] () -- C:\WINDOWS\SysWow64\rsslogs.20160427225244
[2016/04/27 22:49:09 | 000,002,419 | ---- | M] () -- C:\WINDOWS\SysWow64\rsslogs.20160427224809
[2016/04/27 22:46:56 | 552,806,388 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
[2016/04/27 22:35:52 | 000,009,673 | ---- | M] () -- C:\WINDOWS\SysWow64\rsslogs.20160427223452
[2016/04/27 19:23:27 | 001,008,216 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2016/04/27 19:23:27 | 000,835,958 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2016/04/27 19:23:27 | 000,172,032 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2016/04/27 18:54:03 | 010,281,826 | ---- | M] () -- C:\Users\deco\Desktop\Proud Of You.mp3
[2016/04/27 17:19:30 | 068,013,430 | ---- | M] () -- C:\Users\deco\Desktop\Proud Of You.wav
[2016/04/27 13:09:15 | 000,290,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\subinacl.exe
[2016/04/27 11:27:24 | 000,002,183 | ---- | M] () -- C:\Users\deco\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2016/04/27 11:27:22 | 000,002,065 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2016/04/27 02:30:36 | 009,630,946 | ---- | M] () -- C:\Users\deco\Desktop\sewer.mp3
[2016/04/27 02:30:22 | 010,179,106 | ---- | M] () -- C:\Users\deco\Desktop\proudofu.mp3
[2016/04/27 02:30:07 | 008,709,346 | ---- | M] () -- C:\Users\deco\Desktop\NJ.mp3
[2016/04/27 02:29:54 | 007,234,786 | ---- | M] () -- C:\Users\deco\Desktop\loathed.mp3
[2016/04/27 02:27:05 | 042,468,352 | ---- | M] () -- C:\Users\deco\Desktop\sewer.wav
[2016/04/27 01:12:12 | 033,670,268 | ---- | M] () -- C:\Users\deco\Desktop\proudofu.wav
[2016/04/27 00:38:45 | 038,405,120 | ---- | M] () -- C:\Users\deco\Desktop\NJ.wav
[2016/04/27 00:11:57 | 023,931,308 | ---- | M] () -- C:\Users\deco\Desktop\loathed.wav
[2016/04/24 22:24:05 | 000,000,258 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2016/04/24 22:21:48 | 000,002,168 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2016/04/24 22:14:17 | 000,047,672 | ---- | M] (Disc Soft Ltd) -- C:\WINDOWS\SysNative\drivers\dtliteusbbus.sys
[2016/04/24 22:13:54 | 000,030,264 | ---- | M] (Disc Soft Ltd) -- C:\WINDOWS\SysNative\drivers\dtlitescsibus.sys
[2016/04/24 22:13:53 | 000,001,818 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2016/04/24 12:09:32 | 004,920,128 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2016/04/24 04:27:12 | 000,002,074 | ---- | M] () -- C:\Users\deco\Application Data\Microsoft\Internet Explorer\Quick Launch\Pro Tools 10.lnk
[2016/04/24 04:27:12 | 000,002,050 | ---- | M] () -- C:\Users\Public\Desktop\Pro Tools 10.lnk
[2016/04/23 21:40:11 | 000,000,030 | ---- | M] () -- C:\Users\deco\AppData\Roaming\.pgbiasfx
[2016/04/23 19:09:06 | 000,000,016 | ---- | M] () -- C:\WINDOWS\SysWow64\w3data.vss
[2016/04/23 19:09:06 | 000,000,016 | ---- | M] () -- C:\WINDOWS\SysWow64\msvcsv60.dll
[2016/04/23 19:09:06 | 000,000,016 | ---- | M] () -- C:\Users\deco\AppData\Roaming\msregsvv.dll
[2016/04/23 19:09:06 | 000,000,016 | ---- | M] () -- C:\WINDOWS\msocreg32.dat
[2016/04/23 19:09:06 | 000,000,016 | ---- | M] () -- C:\ProgramData\autobk.inc
[2016/04/17 21:57:39 | 000,001,918 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2016/04/15 13:17:05 | 013,363,814 | ---- | M] () -- C:\Users\deco\Desktop\IRS divida.rtf
[2016/04/13 13:35:24 | 019,607,285 | ---- | M] () -- C:\Users\deco\Desktop\ListaStock.xml
[2016/04/08 13:00:46 | 000,001,095 | ---- | M] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
[2016/04/08 12:57:28 | 000,002,547 | ---- | M] () -- C:\Users\Public\Desktop\TurboTax 2015.lnk
[2016/04/07 16:45:04 | 005,934,784 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerInstaller.exe
[2016/04/07 09:49:58 | 000,029,842 | ---- | M] () -- C:\License.rtf
[2016/04/06 15:32:08 | 000,829,944 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2016/04/06 15:32:08 | 000,176,632 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2016/04/02 01:13:14 | 000,369,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\audiodg.exe
[2016/04/02 01:10:46 | 000,730,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Internal.Shell.Broker.dll
[2016/04/02 01:10:39 | 000,374,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettingsAdminFlows.exe
[2016/04/02 01:10:25 | 000,770,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iuilp.dll
[2016/04/02 00:30:16 | 000,151,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\VEStoreEventHandlers.dll
[2016/04/02 00:29:38 | 000,127,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\VEDataLayerHelpers.dll
[2016/04/02 00:29:29 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\VEDataLayerHelpers.dll
[2016/04/02 00:26:25 | 000,630,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PhoneProviders.dll
[2016/04/02 00:25:58 | 000,239,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\NotificationObjFactory.dll
[2016/04/02 00:25:42 | 000,278,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NotificationObjFactory.dll
[2016/04/02 00:23:44 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\VEEventDispatcher.dll
[2016/04/02 00:23:05 | 000,285,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\VEEventDispatcher.dll
[2016/04/02 00:21:17 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tileobjserver.dll
[2016/04/02 00:18:47 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SharedStartModel.dll
[2016/04/02 00:15:47 | 001,090,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RDXService.dll
[2016/04/02 00:14:35 | 003,994,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_nt.dll
[2016/04/02 00:09:17 | 001,832,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.dll
[2016/04/02 00:07:41 | 002,158,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll
[2016/04/02 00:07:22 | 003,575,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettingsThresholdAdminFlowUI.dll
[2016/04/02 00:03:52 | 004,774,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\actxprxy.dll
[2016/04/02 00:00:39 | 001,390,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Shell.dll
[2016/03/29 13:27:16 | 000,001,421 | ---- | M] () -- C:\Users\deco\Desktop\CopyTrans Control Center.lnk
[2016/03/29 07:23:38 | 000,277,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\sdbus.sys
[2016/03/29 07:22:12 | 001,030,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.efi
[2016/03/29 07:22:12 | 000,874,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.exe
[2016/03/29 07:20:20 | 007,474,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2016/03/29 07:20:19 | 001,317,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.efi
[2016/03/29 07:20:19 | 001,141,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.exe
[2016/03/29 07:20:17 | 002,656,952 | ---- | M] () -- C:\WINDOWS\SysNative\CoreUIComponents.dll
[2016/03/29 07:15:23 | 000,100,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\omadmapi.dll
[2016/03/29 07:11:32 | 000,686,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dnsapi.dll
[2016/03/29 07:02:09 | 000,989,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SecConfig.efi
[2016/03/29 07:02:02 | 000,334,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\policymanager.dll
[2016/03/29 06:56:37 | 001,297,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LicenseManager.dll
[2016/03/29 06:37:57 | 001,862,008 | ---- | M] () -- C:\WINDOWS\SysWow64\CoreUIComponents.dll
[2016/03/29 06:28:18 | 000,115,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NetSetupApi.dll
[2016/03/29 06:28:16 | 000,696,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NetSetupEngine.dll
[2016/03/29 06:25:23 | 000,058,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SensorsNativeApi.dll
[2016/03/29 06:25:13 | 000,258,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\ufx01000.sys
[2016/03/29 06:19:37 | 000,296,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\policymanager.dll
[2016/03/29 06:18:27 | 000,185,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dumpsd.sys
[2016/03/29 06:17:08 | 000,300,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LockAppHost.exe
[2016/03/29 06:13:11 | 000,986,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LicenseManager.dll
[2016/03/29 06:11:27 | 000,074,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\easinvoker.exe
[2016/03/29 06:10:44 | 000,110,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\srvcli.dll
[2016/03/29 06:09:54 | 000,078,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wkscli.dll
[2016/03/29 06:08:30 | 000,261,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LsaIso.exe
[2016/03/29 06:07:11 | 000,081,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netapi32.dll
[2016/03/29 05:44:53 | 000,502,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\NetSetupEngine.dll
[2016/03/29 05:44:50 | 000,084,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\NetSetupApi.dll
[2016/03/29 05:41:44 | 000,051,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SensorsNativeApi.dll
[2016/03/29 05:41:04 | 000,630,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fontdrvhost.exe
[2016/03/29 05:32:59 | 000,253,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LockAppHost.exe
[2016/03/29 05:25:44 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wkscli.dll
[2016/03/29 05:21:40 | 000,378,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBXHCI.SYS
[2016/03/29 05:17:11 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapsCSP.dll
[2016/03/29 05:16:55 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\xinputhid.sys
[2016/03/29 05:07:26 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\policymanagerprecheck.dll
[2016/03/29 05:07:20 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups.dll
[2016/03/29 05:07:14 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SensorsNativeApi.V2.dll
[2016/03/29 05:07:14 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsdchngr.dll
[2016/03/29 05:07:09 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmenterprisediagnostics.dll
[2016/03/29 05:06:14 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\oleacchooks.dll
[2016/03/29 05:06:04 | 000,045,568 | ---- | M] (Adobe Systems) -- C:\WINDOWS\SysNative\atmlib.dll
[2016/03/29 05:02:38 | 000,118,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fontsub.dll
[2016/03/29 05:01:15 | 000,541,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fontdrvhost.exe
[2016/03/29 05:00:51 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fveskybackup.dll
[2016/03/29 05:00:40 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mapsupdatetask.dll
[2016/03/29 05:00:23 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NetCfgNotifyObjectHost.exe
[2016/03/29 04:59:20 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LicenseManagerShellext.exe
[2016/03/29 04:58:17 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wininetlui.dll
[2016/03/29 04:57:59 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\samlib.dll
[2016/03/29 04:57:44 | 000,058,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\browcli.dll
[2016/03/29 04:57:42 | 000,199,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InstallAgent.exe
[2016/03/29 04:57:22 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MosStorage.dll
[2016/03/29 04:55:34 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tbauth.dll
[2016/03/29 04:55:24 | 000,120,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapsBtSvc.dll
[2016/03/29 04:54:03 | 000,147,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mtxoci.dll
[2016/03/29 04:53:25 | 000,116,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FontProvider.dll
[2016/03/29 04:52:04 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TokenBrokerCookies.exe
[2016/03/29 04:51:53 | 000,167,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dafBth.dll
[2016/03/29 04:51:06 | 000,087,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tzautoupdate.dll
[2016/03/29 04:50:57 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppxSysprep.dll
[2016/03/29 04:50:52 | 000,107,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BdeHdCfgLib.dll
[2016/03/29 04:50:25 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\OnDemandConnRouteHelper.dll
[2016/03/29 04:50:15 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\moshost.dll
[2016/03/29 04:50:11 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuautoappupdate.dll
[2016/03/29 04:49:59 | 000,091,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\browserbroker.dll
[2016/03/29 04:48:58 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Devices.dll
[2016/03/29 04:48:35 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppCapture.dll
[2016/03/29 04:46:30 | 000,365,568 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysNative\atmfd.dll
[2016/03/29 04:44:19 | 000,230,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DAFWSD.dll
[2016/03/29 04:42:37 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\moshostcore.dll
[2016/03/29 04:39:18 | 000,550,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\StoreAgent.dll
[2016/03/29 04:38:23 | 000,207,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NetSetupSvc.dll
[2016/03/29 04:36:09 | 000,209,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\storewuauth.dll
[2016/03/29 04:35:45 | 000,239,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\credprovhost.dll
[2016/03/29 04:35:40 | 000,411,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\oleacc.dll
[2016/03/29 04:34:50 | 000,333,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\portcls.sys
[2016/03/29 04:34:37 | 000,641,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\enterprisecsps.dll
[2016/03/29 04:34:10 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieproxy.dll
[2016/03/29 04:33:46 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\easwrt.dll
[2016/03/29 04:32:57 | 000,414,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcastdvr.exe
[2016/03/29 04:32:35 | 000,764,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakradiag.dll
[2016/03/29 04:30:14 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msorcl32.dll
[2016/03/29 04:28:42 | 000,460,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapConfiguration.dll
[2016/03/29 04:27:45 | 000,339,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SensorService.dll
[2016/03/29 04:26:12 | 000,169,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mdmmigrator.dll
[2016/03/29 04:23:59 | 000,628,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MessagingDataModel2.dll
[2016/03/29 04:23:41 | 000,694,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdiWiFi.sys
[2016/03/29 04:23:09 | 000,324,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RDXTaskFactory.dll
[2016/03/29 04:22:47 | 000,438,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AccountsRt.dll
[2016/03/29 04:21:39 | 000,330,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2016/03/29 04:20:34 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wsdchngr.dll
[2016/03/29 04:20:33 | 000,080,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SensorsNativeApi.V2.dll
[2016/03/29 04:20:28 | 000,166,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AboveLockAppHost.dll
[2016/03/29 04:20:21 | 000,948,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XblAuthManager.dll
[2016/03/29 04:19:43 | 000,556,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PsmServiceExtHost.dll
[2016/03/29 04:19:39 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\oleacchooks.dll
[2016/03/29 04:19:30 | 000,037,376 | ---- | M] (Adobe Systems) -- C:\WINDOWS\SysWow64\atmlib.dll
[2016/03/29 04:17:55 | 000,440,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CredProvDataModel.dll
[2016/03/29 04:17:29 | 000,708,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Security.Authentication.Web.Core.dll
[2016/03/29 04:17:04 | 001,056,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\JpMapControl.dll
[2016/03/29 04:16:33 | 000,852,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapsStore.dll
[2016/03/29 04:16:09 | 000,093,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fontsub.dll
[2016/03/29 04:15:44 | 001,714,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SRHInproc.dll
[2016/03/29 04:14:43 | 000,965,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SRH.dll
[2016/03/29 04:14:05 | 000,859,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.dll
[2016/03/29 04:13:03 | 000,587,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bisrv.dll
[2016/03/29 04:12:16 | 000,471,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NetSetupShim.dll
[2016/03/29 04:12:15 | 000,065,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wininetlui.dll
[2016/03/29 04:11:45 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\browcli.dll
[2016/03/29 04:11:44 | 000,161,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InstallAgent.exe
[2016/03/29 04:11:28 | 000,881,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Input.Inking.dll
[2016/03/29 04:11:27 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MosStorage.dll
[2016/03/29 04:11:23 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NMAA.dll
[2016/03/29 04:10:45 | 000,938,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapControlCore.dll
[2016/03/29 04:10:40 | 001,388,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kbase.sys
[2016/03/29 04:09:56 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tbauth.dll
[2016/03/29 04:09:47 | 000,087,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MapsBtSvc.dll
[2016/03/29 04:09:12 | 001,239,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Bluetooth.dll
[2016/03/29 04:08:39 | 000,118,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mtxoci.dll
[2016/03/29 04:08:35 | 000,888,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.dll
[2016/03/29 04:08:32 | 000,841,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32spl.dll
[2016/03/29 04:06:55 | 001,575,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Speech.dll
[2016/03/29 04:06:55 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TokenBrokerCookies.exe
[2016/03/29 04:06:54 | 000,848,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapi.dll
[2016/03/29 04:05:30 | 000,052,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\OnDemandConnRouteHelper.dll
[2016/03/29 04:05:21 | 001,395,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UIAutomationCore.dll
[2016/03/29 04:04:15 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Devices.dll
[2016/03/29 04:02:45 | 001,211,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Cred.dll
[2016/03/29 04:02:16 | 002,624,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InputService.dll
[2016/03/29 04:02:14 | 000,303,104 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\atmfd.dll
[2016/03/29 04:00:38 | 000,176,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettings.DeviceEncryptionHandlers.dll
[2016/03/29 04:00:11 | 000,175,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Core.TextInput.dll
[2016/03/29 04:00:08 | 000,345,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TextInputFramework.dll
[2016/03/29 04:00:05 | 000,235,008 | ---- | M] () -- C:\WINDOWS\SysNative\MTF.dll
[2016/03/29 03:59:56 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InputLocaleManager.dll
[2016/03/29 03:59:52 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fveapibase.dll
[2016/03/29 03:59:10 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BitLockerDeviceEncryption.exe
[2016/03/29 03:56:21 | 000,415,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\StoreAgent.dll
[2016/03/29 03:56:05 | 000,821,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TokenBroker.dll
[2016/03/29 03:55:42 | 001,052,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MsSpellCheckingFacility.dll
[2016/03/29 03:53:32 | 000,193,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\credprovhost.dll
[2016/03/29 03:52:16 | 000,306,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieproxy.dll
[2016/03/29 03:52:01 | 000,141,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\easwrt.dll
[2016/03/29 03:49:56 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fveui.dll
[2016/03/29 03:48:08 | 000,346,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MapConfiguration.dll
[2016/03/29 03:44:25 | 000,498,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MessagingDataModel2.dll
[2016/03/29 03:43:29 | 000,358,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AccountsRt.dll
[2016/03/29 03:42:33 | 000,250,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2016/03/29 03:42:31 | 001,410,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Web.Http.dll
[2016/03/29 03:42:28 | 003,592,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kfull.sys
[2016/03/29 03:41:39 | 000,129,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AboveLockAppHost.dll
[2016/03/29 03:40:56 | 000,787,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Web.dll
[2016/03/29 03:39:35 | 000,350,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CredProvDataModel.dll
[2016/03/29 03:39:19 | 000,496,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Security.Authentication.Web.Core.dll
[2016/03/29 03:38:55 | 000,800,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\JpMapControl.dll
[2016/03/29 03:37:45 | 001,444,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SRHInproc.dll
[2016/03/29 03:37:09 | 000,799,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SRH.dll
[2016/03/29 03:36:48 | 003,351,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msi.dll
[2016/03/29 03:36:46 | 000,649,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.dll
[2016/03/29 03:35:26 | 000,354,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\NetSetupShim.dll
[2016/03/29 03:34:56 | 000,682,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Input.Inking.dll
[2016/03/29 03:34:54 | 000,784,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\NMAA.dll
[2016/03/29 03:34:52 | 000,418,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmenrollengine.dll
[2016/03/29 03:34:33 | 000,711,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MapControlCore.dll
[2016/03/29 03:32:57 | 000,854,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.Bluetooth.dll
[2016/03/29 03:32:43 | 000,638,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Networking.dll
[2016/03/29 03:32:33 | 000,128,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmcsps.dll
[2016/03/29 03:32:31 | 000,162,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\enrollmentapi.dll
[2016/03/29 03:32:26 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mdmregistration.dll
[2016/03/29 03:32:15 | 001,098,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dosvc.dll
[2016/03/29 03:31:44 | 001,117,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Speech.dll
[2016/03/29 03:31:23 | 000,705,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapi.dll
[2016/03/29 03:31:02 | 001,946,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmcore.dll
[2016/03/29 03:30:31 | 001,139,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UIAutomationCore.dll
[2016/03/29 03:29:41 | 000,555,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SyncController.dll
[2016/03/29 03:29:22 | 000,256,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\accountaccessor.dll
[2016/03/29 03:28:13 | 001,944,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InputService.dll
[2016/03/29 03:28:10 | 000,764,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Cred.dll
[2016/03/29 03:27:21 | 007,979,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mos.dll
[2016/03/29 03:27:14 | 000,133,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Core.TextInput.dll
[2016/03/29 03:27:11 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TextInputFramework.dll
[2016/03/29 03:27:04 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InputLocaleManager.dll
[2016/03/29 03:27:01 | 000,162,816 | ---- | M] () -- C:\WINDOWS\SysWow64\MTF.dll
[2016/03/29 03:23:37 | 000,777,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MsSpellCheckingFacility.dll
[2016/03/29 03:22:58 | 000,638,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TokenBroker.dll
[2016/03/29 03:17:00 | 000,765,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fveapi.dll
[2016/03/29 03:14:22 | 001,072,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Web.Http.dll
[2016/03/29 03:13:06 | 000,592,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Web.dll
[2016/03/29 03:06:46 | 000,151,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mdmregistration.dll
[2016/03/29 03:05:57 | 001,388,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsasrv.dll
[2016/03/29 03:05:44 | 001,626,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dwmcore.dll
[2016/03/29 03:05:40 | 007,199,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BingMaps.dll
[2016/03/29 03:05:20 | 000,450,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SyncController.dll
[2016/03/29 03:04:35 | 000,688,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.Connectivity.dll
[2016/03/29 03:04:06 | 000,848,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\samsrv.dll
[2016/03/29 03:01:28 | 013,018,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
[2016/03/29 03:00:50 | 006,297,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mos.dll
[2016/03/29 02:56:52 | 016,985,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.dll
[2016/03/29 02:52:20 | 011,545,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll
[2016/03/29 02:51:55 | 009,918,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll
[2016/03/29 02:51:27 | 022,378,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgehtml.dll
[2016/03/29 02:49:21 | 005,202,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\BingMaps.dll
[2016/03/29 02:45:48 | 000,338,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncbservice.dll
[2016/03/29 02:45:43 | 003,078,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\esent.dll
[2016/03/29 02:43:27 | 000,521,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Networking.Connectivity.dll
[2016/03/29 02:43:22 | 003,428,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.dll
[2016/03/29 02:38:54 | 002,798,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.dll
[2016/03/29 02:38:50 | 018,673,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\edgehtml.dll
[2016/03/29 02:36:49 | 002,722,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\esent.dll
[2016/03/29 02:35:37 | 000,821,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fvewiz.dll
[2016/03/29 02:28:43 | 000,324,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fvecpl.dll
[2016/03/29 02:27:32 | 005,662,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakra.dll
[2016/03/29 02:27:00 | 007,836,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakra.dll
[2016/03/29 02:26:38 | 000,402,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FWPUCLNT.DLL
[2016/03/29 02:26:06 | 000,958,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RemoteNaturalLanguage.dll
[2016/03/29 02:25:30 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\FWPUCLNT.DLL
[2016/03/29 02:25:01 | 000,712,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\RemoteNaturalLanguage.dll
[2016/03/29 02:21:24 | 000,065,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\basesrv.dll
[6 C:\WINDOWS\SysWow64\*.tmp files -> C:\WINDOWS\SysWow64\*.tmp -> ]
========== Files Created - No Company Name ==========
[2016/04/27 23:04:05 | 000,085,793 | ---- | C] () -- C:\WINDOWS\SysWow64\rsslogs.20160427230305
[2016/04/27 22:53:45 | 000,008,459 | ---- | C] () -- C:\WINDOWS\SysWow64\rsslogs.20160427225244
[2016/04/27 22:49:09 | 000,002,419 | ---- | C] () -- C:\WINDOWS\SysWow64\rsslogs.20160427224809
[2016/04/27 22:35:52 | 000,009,673 | ---- | C] () -- C:\WINDOWS\SysWow64\rsslogs.20160427223452
[2016/04/27 22:34:39 | 552,806,388 | ---- | C] () -- C:\WINDOWS\MEMORY.DMP
[2016/04/27 18:53:36 | 010,281,826 | ---- | C] () -- C:\Users\deco\Desktop\Proud Of You.mp3
[2016/04/27 18:52:00 | 068,013,430 | ---- | C] () -- C:\Users\deco\Desktop\Proud Of You.wav
[2016/04/27 11:27:22 | 000,002,183 | ---- | C] () -- C:\Users\deco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
[2016/04/27 02:30:22 | 009,630,946 | ---- | C] () -- C:\Users\deco\Desktop\sewer.mp3
[2016/04/27 02:30:07 | 010,179,106 | ---- | C] () -- C:\Users\deco\Desktop\proudofu.mp3
[2016/04/27 02:29:55 | 008,709,346 | ---- | C] () -- C:\Users\deco\Desktop\NJ.mp3
[2016/04/27 02:29:44 | 007,234,786 | ---- | C] () -- C:\Users\deco\Desktop\loathed.mp3
[2016/04/27 02:22:55 | 042,468,352 | ---- | C] () -- C:\Users\deco\Desktop\sewer.wav
[2016/04/27 01:12:08 | 033,670,268 | ---- | C] () -- C:\Users\deco\Desktop\proudofu.wav
[2016/04/27 00:34:53 | 038,405,120 | ---- | C] () -- C:\Users\deco\Desktop\NJ.wav
[2016/04/27 00:11:54 | 023,931,308 | ---- | C] () -- C:\Users\deco\Desktop\loathed.wav
[2016/04/26 12:16:58 | 000,000,001 | ---- | C] () -- C:\WINDOWS\SysWow64\us.html
[2016/04/24 22:24:05 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2016/04/24 22:13:53 | 000,001,818 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2016/04/24 04:27:12 | 000,002,074 | ---- | C] () -- C:\Users\deco\Application Data\Microsoft\Internet Explorer\Quick Launch\Pro Tools 10.lnk
[2016/04/24 04:27:12 | 000,002,050 | ---- | C] () -- C:\Users\Public\Desktop\Pro Tools 10.lnk
[2016/04/23 21:47:27 | 185,683,968 | ---- | C] () -- C:\Users\deco\Desktop\BIAS_FX_Windows64bit_v1_1_0_745.msi
[2016/04/23 21:40:11 | 000,000,030 | ---- | C] () -- C:\Users\deco\AppData\Roaming\.pgbiasfx
[2016/04/17 23:55:12 | 000,000,016 | ---- | C] () -- C:\WINDOWS\SysWow64\w3data.vss
[2016/04/17 23:55:12 | 000,000,016 | ---- | C] () -- C:\WINDOWS\SysWow64\msvcsv60.dll
[2016/04/17 23:55:12 | 000,000,016 | ---- | C] () -- C:\Users\deco\AppData\Roaming\msregsvv.dll
[2016/04/17 23:55:12 | 000,000,016 | ---- | C] () -- C:\WINDOWS\msocreg32.dat
[2016/04/17 23:55:12 | 000,000,016 | ---- | C] () -- C:\ProgramData\autobk.inc
[2016/04/17 21:57:39 | 000,001,918 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2016/04/17 21:57:26 | 000,002,535 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2016/04/15 13:02:11 | 013,363,814 | ---- | C] () -- C:\Users\deco\Desktop\IRS divida.rtf
[2016/04/13 13:35:11 | 019,607,285 | ---- | C] () -- C:\Users\deco\Desktop\ListaStock.xml
[2016/04/13 11:07:43 | 001,862,008 | ---- | C] () -- C:\WINDOWS\SysWow64\CoreUIComponents.dll
[2016/04/13 11:07:38 | 002,656,952 | ---- | C] () -- C:\WINDOWS\SysNative\CoreUIComponents.dll
[2016/04/13 11:05:08 | 000,235,008 | ---- | C] () -- C:\WINDOWS\SysNative\MTF.dll
[2016/04/13 11:05:08 | 000,162,816 | ---- | C] () -- C:\WINDOWS\SysWow64\MTF.dll
[2016/04/08 12:57:28 | 000,002,547 | ---- | C] () -- C:\Users\Public\Desktop\TurboTax 2015.lnk
[2016/04/07 09:49:58 | 000,029,842 | ---- | C] () -- C:\License.rtf
[2016/03/29 13:27:16 | 000,001,421 | ---- | C] () -- C:\Users\deco\Desktop\CopyTrans Control Center.lnk
[2015/12/12 01:35:03 | 000,965,390 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2015/12/12 01:27:40 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2015/10/30 04:24:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2015/10/30 04:24:43 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2015/10/30 04:18:39 | 000,164,224 | ---- | C] () -- C:\WINDOWS\SysWow64\weretw.dll
[2015/10/30 04:18:36 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2015/10/30 04:18:36 | 000,047,104 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2015/10/30 04:18:34 | 000,019,968 | ---- | C] () -- C:\WINDOWS\SysWow64\GamePanelExternalHook.dll
[2015/10/30 04:18:31 | 000,252,928 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.Perception.Stub.dll
[2015/10/30 04:18:31 | 000,029,184 | ---- | C] () -- C:\WINDOWS\SysWow64\dtdump.exe
[2015/10/30 04:18:29 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2015/10/30 04:18:29 | 000,293,376 | ---- | C] () -- C:\WINDOWS\SysWow64\HrtfApo.dll
[2015/10/30 04:18:26 | 000,022,528 | ---- | C] () -- C:\WINDOWS\SysWow64\efsext.dll
[2015/10/30 04:18:25 | 000,002,269 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2015/10/30 04:18:23 | 000,167,640 | ---- | C] () -- C:\WINDOWS\SysWow64\chs_singlechar_pinyin.dat
[2015/10/30 04:17:40 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2015/03/22 14:54:16 | 000,000,033 | ---- | C] () -- C:\Users\deco\AppData\Roaming\AdobeWLCMCache.dat
[2014/11/20 13:54:12 | 000,000,132 | ---- | C] () -- C:\Users\deco\AppData\Roaming\Adobe GIF Format CS5 Prefs
[2014/08/28 13:04:39 | 000,000,043 | ---- | C] () -- C:\Users\deco\AppData\Roaming\mbam.context.scan
[2014/08/02 18:23:02 | 000,000,086 | ---- | C] () -- C:\Users\deco\AppData\Roaming\WB.CFG
[2013/06/28 19:41:12 | 000,003,717 | ---- | C] () -- C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml
[2012/01/24 22:06:54 | 000,001,095 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
[2012/01/19 17:20:51 | 000,000,000 | ---- | C] () -- C:\Users\deco\AppData\Local\{CB8DCE11-B253-4EDB-B0CC-A0787B08F204}
[2012/01/19 17:17:54 | 000,000,000 | ---- | C] () -- C:\Users\deco\AppData\Local\{A0AE2BA0-BC64-4C82-85C5-75CA07927EC2}
[2012/01/19 17:15:56 | 000,000,000 | ---- | C] () -- C:\Users\deco\AppData\Local\{94C3ECB7-004E-4BDD-8C96-A0480CED3308}
[2011/12/16 14:29:06 | 000,000,000 | ---- | C] () -- C:\Users\deco\AppData\Local\{1B957172-A890-42A3-9248-7DEEDD3B6504}
[2011/12/16 14:27:09 | 000,000,000 | ---- | C] () -- C:\Users\deco\AppData\Local\{A3F3D639-BB66-4436-9F6F-760226486CE7}
[2011/11/07 17:22:43 | 000,000,000 | ---- | C] () -- C:\Users\deco\AppData\Local\{09CAB645-9211-464F-94C3-44802F73D6F4}
========== ZeroAccess Check ==========
[2011/11/17 03:41:18 | 000,000,000 | -HSD | M] -- C:\Users\deco\AppData\Local\{052083fb-9b8c-0199-7ef2-0ea11ac85f48}\L
[2012/08/12 17:46:03 | 000,000,000 | -HSD | M] -- C:\Users\deco\AppData\Local\{052083fb-9b8c-0199-7ef2-0ea11ac85f48}\U
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\windows.storage.dll -- [2016/02/24 05:46:25 | 006,607,080 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\windows.storage.dll -- [2016/02/24 05:06:39 | 005,242,496 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2015/10/30 04:17:43 | 000,987,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2015/10/30 04:18:21 | 000,765,440 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2015/10/30 04:17:45 | 000,518,656 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== Alternate Data Streams ==========
@Alternate Data Stream - 962 bytes -> C:\Program Files (x86)\Common Files\Microsoft Shared:aVlgSRdtWjZLuVWMBpaiZ
@Alternate Data Stream - 945 bytes -> C:\ProgramData\Microsoft:JC00IUg3n1Mx2poMMk
@Alternate Data Stream - 192 bytes -> C:\Windows:nlsPreferences
@Alternate Data Stream - 1279 bytes -> C:\ProgramData\Microsoft:YSZUZXKIzleugtKMK
@Alternate Data Stream - 1073 bytes -> C:\ProgramData\Microsoft:INL1pHYdTghSiscdUO
@Alternate Data Stream - 1031 bytes -> C:\Users\deco\AppData\Local\fxTJ3wOFPpr5:hmVaetgd9kzvQ7J84ObD
@Alternate Data Stream - 1027 bytes -> C:\ProgramData\Microsoft:Ys9gXmQ3SrbipY4xA65epdF
< End of report >
GMER 2.1.19163 - http://www.gmer.net
Rootkit scan 2016-04-28 02:39:50
Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\0000003e WDC_WD10EARS-22Y5B1 rev.80.00A80 931.51GB
Running: gmer.exe; Driver: C:\Users\deco\AppData\Local\Temp\kwldapod.sys
---- Threads - GMER 2.1 ----
Thread C:\WINDOWS\system32\csrss.exe [696:4020] fffff960d2b84060
Thread C:\WINDOWS\SYSTEM32\ntdll.dll [5684:5688] 0000000000a4e06c
Thread C:\WINDOWS\SYSTEM32\ntdll.dll [5684:5752] 0000000000a33660
Thread C:\WINDOWS\SYSTEM32\ntdll.dll [5684:5796] 0000000000a476d0
Thread C:\WINDOWS\SYSTEM32\ntdll.dll [5684:4848] 0000000000a34240
---- EOF - GMER 2.1 ----
Sign In
Create Account
