got scamed

Here goes..I didn’t know I knew French <G:>

OTL Extras logfile created on: 6/30/2017 1:15:33 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\hilton\Downloads
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18697)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.24 Gb Total Physical Memory | 2.06 Gb Available Physical Memory | 63.57% Memory free
6.48 Gb Paging File | 5.34 Gb Available in Paging File | 82.52% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 1859.99 Gb Total Space | 1817.06 Gb Free Space | 97.69% Space Free | Partition Type: NTFS
Computer Name: HILTON-PC | User Name: hilton | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
[COLOR=rgb(229, 103, 23)]========== Extra Registry (All) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes<extension>]
.bat [@ = batfile] – “%1” %*
.chm [@ = chm.file] – C:\Windows\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] – “%1” %*
.com [@ = comfile] – “%1” %*
.cpl [@ = cplfile] – C:\Windows\System32\control.exe (Microsoft Corporation)
.exe [@ = exefile] – “%1” %*
.hlp [@ = hlpfile] – C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] – C:\Windows\System32\mshta.exe (Microsoft Corporation)
.html [@ = htmlfile] – C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.inf [@ = inffile] – C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] – C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] – C:\Windows\System32\rundll32.exe (Microsoft Corporation)
.js [@ = JSFile] – C:\Windows\System32\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] – C:\Windows\System32\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] – “%1” %*
.reg [@ = regfile] – C:\Windows\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] – “%1” /S
.txt [@ = txtfile] – C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] – C:\Windows\System32\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] – C:\Windows\System32\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] – C:\Windows\System32\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] – C:\Windows\System32\WScript.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-3292114827-816517840-1514174382-1000\SOFTWARE\Classes<extension>]
.html [@ = FirefoxHTML] – C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
[COLOR=rgb(229, 103, 23)]========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes<key>\shell[command]\command]
batfile [edit] – %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] – “%1” %*
batfile [print] – %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] – “%SystemRoot%\hh.exe” %1 (Microsoft Corporation)
cmdfile [edit] – %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] – “%1” %*
cmdfile [print] – %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] – “%1” %*
cplfile [cplopen] – %SystemRoot%\System32\control.exe “%1”,%* (Microsoft Corporation)
exefile [open] – “%1” %*
helpfile [open] – Reg Error: Key error.
hlpfile [open] – %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] – C:\Windows\System32\mshta.exe “%1” %* (Microsoft Corporation)
htmlfile [edit] – Reg Error: Key error.
htmlfile [open] – “C:\Program Files\Internet Explorer\IEXPLORE.EXE” %1 (Microsoft Corporation)
htmlfile [opennew] – “C:\Program Files\Internet Explorer\IEXPLORE.EXE” %1 (Microsoft Corporation)
htmlfile [print] – “C:\Windows\system32\rundll32.exe” “C:\Windows\system32\mshtml.dll”,PrintHTML “%1” (Microsoft Corporation)
http [open] – “C:\Program Files\Internet Explorer\IEXPLORE.EXE” %1 (Microsoft Corporation)
https [open] – “C:\Program Files\Internet Explorer\IEXPLORE.EXE” %1 (Microsoft Corporation)
inffile [install] – %SystemRoot%\System32\InfDefaultInstall.exe “%1” (Microsoft Corporation)
inffile [open] – %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] – %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] – %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] – %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] – “C:\Windows\System32\rundll32.exe” “C:\Windows\System32\ieframe.dll”,OpenURL %l (Microsoft Corporation)
InternetShortcut [print] – “C:\Windows\System32\rundll32.exe” “C:\Windows\System32\mshtml.dll”,PrintHTML “%1” (Microsoft Corporation)
jsfile [edit] – C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] – C:\Windows\System32\WScript.exe “%1” %* (Microsoft Corporation)
jsfile [print] – C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] – C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] – C:\Windows\System32\WScript.exe “%1” %* (Microsoft Corporation)
jsefile [print] – C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] – “%1” %*
regfile [edit] – %SystemRoot%\system32\notepad.exe “%1” (Microsoft Corporation)
regfile [open] – regedit.exe “%1” (Microsoft Corporation)
regfile [merge] – Reg Error: Key error.
regfile [print] – %SystemRoot%\system32\notepad.exe /p “%1” (Microsoft Corporation)
scrfile [config] – “%1”
scrfile [install] – rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] – “%1” /S
txtfile [edit] – Reg Error: Key error.
txtfile [open] – %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] – %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] – %SystemRoot%\system32\notepad.exe /pt “%1” “%2” “%3” “%4” (Microsoft Corporation)
vbefile [edit] – “%SystemRoot%\System32\Notepad.exe” %1 (Microsoft Corporation)
vbefile [open] – “%SystemRoot%\System32\WScript.exe” “%1” %* (Microsoft Corporation)
vbefile [print] – “%SystemRoot%\System32\Notepad.exe” /p %1 (Microsoft Corporation)
vbsfile [edit] – “%SystemRoot%\System32\Notepad.exe” %1 (Microsoft Corporation)
vbsfile [open] – “%SystemRoot%\System32\WScript.exe” “%1” %* (Microsoft Corporation)
vbsfile [print] – “%SystemRoot%\System32\Notepad.exe” /p %1 (Microsoft Corporation)
wsffile [edit] – “%SystemRoot%\System32\Notepad.exe” %1 (Microsoft Corporation)
wsffile [open] – “%SystemRoot%\System32\WScript.exe” “%1” %* (Microsoft Corporation)
wsffile [print] – “%SystemRoot%\System32\Notepad.exe” /p %1 (Microsoft Corporation)
wshfile [open] – “%SystemRoot%\System32\WScript.exe” “%1” %* (Microsoft Corporation)
Unknown [openas] – %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] – cmd.exe /s /k pushd “%V” (Microsoft Corporation)
Directory [find] – %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [runas] – cmd.exe /c takeown /f “%1” /r /d y && icacls “%1” /grant administrators:F /t (Microsoft Corporation)
Folder [open] – %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] – Reg Error: Value error.
Drive [find] – %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] – “C:\Program Files\Internet Explorer\iexplore.exe” %1 (Microsoft Corporation)
CLSID{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] – “C:\Program Files\Internet Explorer\iexplore.exe” (Microsoft Corporation)
[COLOR=rgb(229, 103, 23)]========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
“cval” = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
“VistaSp1” = Reg Error: Unknown registry data type – File not found
“AntiVirusOverride” = 0
“AntiSpywareOverride” = 0
“FirewallOverride” = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[COLOR=rgb(229, 103, 23)]========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\DomainPr ofile]
“EnableFirewall” = 1
“DisableNotifications” = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Standard Profile]
“EnableFirewall” = 1
“DisableNotifications” = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\PublicPr ofile]
“EnableFirewall” = 1
“DisableNotifications” = 0
[COLOR=rgb(229, 103, 23)]========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Firewall Rules]
“{00F7590F-862B-4217-A4C3-A2F723A5318B}” = rport=10243 | protocol=6 | dir=out | app=system |
“{130E9C9C-43BA-4722-BEBD-DC17D5488497}” = lport=139 | protocol=6 | dir=in | app=system |
“{1FC65E0A-55B5-45BF-856D-C54444F2EFFC}” = lport=10243 | protocol=6 | dir=in | app=system |
“{2C89FAE3-4649-44DD-A8F8-435FCDB7B737}” = rport=137 | protocol=17 | dir=out | app=system |
“{31B9614E-19B5-47F1-B248-82B7FB10F05A}” = rport=139 | protocol=6 | dir=out | app=system |
“{33BD130C-2EDE-45F5-96A3-0CB357BED01A}” = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
“{438014A4-9A45-49A8-A697-1AE4A4AD22E3}” = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
“{4DD80964-5998-454E-B269-08E4CDDC5C0A}” = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
“{595697F8-32D1-4756-9C44-796FE05FA7C1}” = rport=445 | protocol=6 | dir=out | app=system |
“{59C7FF6B-FB81-4464-809B-F15457DD553E}” = lport=2869 | protocol=6 | dir=in | app=system |
“{5BB621B1-4B14-4FF8-B978-E1294E2B6192}” = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
“{5E879FCF-B8F6-4803-BD30-613EDE3040E6}” = lport=138 | protocol=17 | dir=in | app=system |
“{6DB92760-ED36-44F1-B8F0-6065169171F3}” = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
“{77B6BA33-6B28-4060-B5B4-FFE79EE73271}” = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
“{77CA258F-B633-4A3A-BFB4-802478F267E5}” = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
“{786880E2-655D-4FF8-A544-3E03560FAA2C}” = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
“{818921FF-166D-476F-AD3E-7D2E0B361DB3}” = lport=445 | protocol=6 | dir=in | app=system |
“{897E160E-8314-46CF-AA7A-2A4804F5DAF4}” = lport=137 | protocol=17 | dir=in | app=system |
“{952BF929-6F23-4E09-8853-5C52A6024738}” = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
“{AB118072-21A5-40DF-9103-AF56187C75D8}” = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
“{DACD204F-DEF5-483A-BCE8-6076BA844F1E}” = lport=5353 | protocol=17 | dir=in | app=c:\program files\google\chrome\application\chrome.exe |
“{E433A99B-A6F8-49FB-B2D4-F0C67A559E94}” = rport=138 | protocol=17 | dir=out | app=system |
“{E89E9C44-AC4B-41D7-8784-5BC2FB9D9EC1}” = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
“{FA51EE56-D784-44BC-8529-940E77304795}” = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
[COLOR=rgb(229, 103, 23)]========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Firewall Rules]
“{039AE26B-1079-468C-A061-01D11C5F755F}” = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
“{0A573E46-1B2F-4B31-846B-CCDEF248BFDA}” = protocol=58 | dir=in | app=system |
“{0D547D58-43B9-4B3F-90C2-C69E6800A5E3}” = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
“{14BEFA0B-1E11-4E28-AC94-44D4A7A805AC}” = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
“{186AA901-C80B-4245-A655-D3628D868250}” = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
“{24797A19-1947-40F0-ACBE-E10E0583252B}” = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
“{3A500436-332F-43FF-B443-030332BD69A8}” = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
“{3B912AE4-4474-4BDE-9184-C98149AEE161}” = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
“{3F4ABB9D-304A-4925-8C98-53E2E9E2E6A9}” = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
“{4185EE8E-03EF-4C2E-B34A-F24773EE41CD}” = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
“{4DD19BC0-8D56-41F2-BBA6-E1F63020D218}” = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
“{5053FB91-682B-436F-8F80-3D4FFA351052}” = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
“{5913CB17-9064-4159-9323-37D5CD6B5D68}” = protocol=6 | dir=out | app=system |
“{6C178907-0A86-4A63-8767-E451EAB8901B}” = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
“{7EA43417-E1B8-46D3-8E5E-F350FBD439EF}” = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
“{98462915-C232-4D3A-BA64-1439C736C6A9}” = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
“{A5817B7A-EB84-400F-B1B7-22B7BECE34EE}” = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
“{B4787F2E-2FA3-4222-B52F-4AE5EEFB1364}” = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
“{BA9DCF03-18A2-40D2-B40E-D8C983DA6BD4}” = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
“{C99B5CD6-5C7F-410E-960C-7146A050F3A2}” = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
“{C9AC7846-8799-48E0-A585-0B3BD434B1C6}” = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
“{E374593A-580D-44C2-A23B-EFC552A7A882}” = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
“{E8207517-F4F1-4084-AD6C-988A4CDC999F}” = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
“{EAD2EC74-0D35-4D3D-900E-D48B9AB5AE26}” = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
“{EFC4B274-0D29-420D-BDBC-8C5FF0388D4A}” = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
“TCP Query User{AC689693-B971-449C-8EA9-AC51E5D70F9C}C:\users\hilton\appdata\local\amazon music\amazon music helper.exe” = protocol=6 | dir=in | app=c:\users\hilton\appdata\local\amazon music\amazon music helper.exe |
“UDP Query User{25F20FE1-CB5D-4B09-9160-3C9094A6B8A8}C:\users\hilton\appdata\local\amazon music\amazon music helper.exe” = protocol=17 | dir=in | app=c:\users\hilton\appdata\local\amazon music\amazon music helper.exe |
[COLOR=rgb(229, 103, 23)]========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall]
“{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3200_series” = Canon MG3200 series MP Drivers
“{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}” = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
“{18455581-E099-4BA8-BC6B-F34B2F06600C}” = Google Toolbar for Internet Explorer
“{224024F1-88C6-4E06-9AF6-39FF47347338}” = eM Client
“{2318C2B1-4965-11d4-9B18-009027A5CD4F}” = Google Toolbar for Internet Explorer
“{302600C1-6BDF-4FD1-1603-148929CC1385}” = Intel(R) Wireless Bluetooth(R)(patch version 19.0.1629.3590)
“{30500C7C-2206-3DC6-9792-96E95A04669D}” = Microsoft .NET Framework 4.6.1
“{34BF287B-24D9-4CFC-94A6-B1F4A92EC55D}” = Intel(R) Chipset Device Software
“{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1” = Malwarebytes version 3.1.2.1733
“{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}” = Google Update Helper
“{74d0e5db-b326-4dae-a6b2-445b9de1836e}” = Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026
“{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}” = Microsoft Silverlight
“{904CCF62-818D-4675-BC76-D37EB399F917}” = Windows Mobile Device Center
“{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033” = Microsoft .NET Framework 4.6.1
“{98f335cd-0a32-4b3f-b74c-ef9480e834f0}” = Intel(R) Chipset Device Software
“{9A25302D-30C0-39D9-BD6F-21E6EC160475}” = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
“{9BE518E6-ECC6-35A9-88E4-87755C07200F}” = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
“{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}” = WIDCOMM Bluetooth Software
“{A2563E55-3BEC-3828-8D67-E5E8B9E8B675}” = Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.23026
“{AC76BA86-0804-1033-1959-001824225037}” = Adobe Refresh Manager
“{AC76BA86-7AD7-1033-7B44-AC0F074E4100}” = Adobe Acrobat Reader DC
“{BE960C1C-7BAD-3DE6-8B1A-2616FE532845}” = Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.23026
“{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}” = Samsung USB Driver for Mobile Phones
“{D8A3D01E-BCBB-491B-856F-61E3B8563E32}” = Intel(R) Network Connections 19.5.303.0
“{E7044E25-3038-4A76-9064-344AC038043E}” = Windows Mobile Device Center Driver Update
“{EEA30AEB-8BA7-465B-85D4-098BB99733E7}” = OpenOffice 4.1.3
“{F0A37341-D692-11D4-A984-009027EC0A9C}” = SoundMAX
“{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}” = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
“{f65db027-aff3-4070-886a-0d87064aabb1}” = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
“{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}” = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
“Adobe Flash Player ActiveX” = Adobe Flash Player 26 ActiveX
“AI RoboForm” = RoboForm 8-3-7-7 (All Users)
“CanonQuickMenu” = Canon Quick Menu
“CCleaner” = CCleaner
“Google Chrome” = Google Chrome
“HDMI” = Intel(R) Graphics Media Accelerator Driver
“HECI” = Intel(R) Management Engine Interface
“MESOL” = Intel® Active Management Technology
“Mozilla Firefox 52.0 (x86 en-US)” = Mozilla Firefox 52.0 (x86 en-US)
“MozillaMaintenanceService” = Mozilla Maintenance Service
“PROSetDX” = Intel(R) Network Connections 19.5.303.0
“Stardock Fences 3” = Stardock Fences 3
“Stardock ObjectDock” = Stardock ObjectDock
[COLOR=rgb(229, 103, 23)]========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-3292114827-816517840-1514174382-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall]
“58d94f3ce2c27db0” = Dell System Detect
“Amazon Amazon Music” = Amazon Music
“Kodi” = Kodi
“Mozilla Firefox 53.0.3 (x86 en-US)” = Mozilla Firefox 53.0.3 (x86 en-US)
[COLOR=rgb(229, 103, 23)]========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 6/23/2017 1:29:36 PM | Computer Name = hilton-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 11.0.9600.18698 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 1374 Start
Time: 01d2ec430c56d251 Termination Time: 0 Application Path: C:\Program Files\Internet
Explorer\iexplore.exe Report Id:
Error - 6/23/2017 2:02:56 PM | Computer Name = hilton-PC | Source = WinMgmt | ID = 10
Description =
Error - 6/23/2017 3:10:55 PM | Computer Name = hilton-PC | Source = LMS | ID = 2
Description = LMS Service lost connection to HECI driver
Error - 6/23/2017 3:19:42 PM | Computer Name = hilton-PC | Source = LMS | ID = 2
Description = LMS Service lost connection to HECI driver
Error - 6/25/2017 10:45:32 AM | Computer Name = hilton-PC | Source = WinMgmt | ID = 10
Description =
Error - 6/25/2017 4:38:48 PM | Computer Name = hilton-PC | Source = WinMgmt | ID = 10
Description =
Error - 6/26/2017 10:29:40 AM | Computer Name = hilton-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 11.0.9600.18698 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 17b8 Start
Time: 01d2ee87fe4a21fc Termination Time: 74 Application Path: C:\Program Files\Internet
Explorer\iexplore.exe Report Id:
Error - 6/26/2017 12:54:57 PM | Computer Name = hilton-PC | Source = WinMgmt | ID = 10
Description =
Error - 6/26/2017 2:21:15 PM | Computer Name = hilton-PC | Source = WinMgmt | ID = 10
Description =
Error - 6/26/2017 2:21:31 PM | Computer Name = hilton-PC | Source = System Restore | ID = 8210
Description =
[ System Events ]
Error - 12/25/2016 2:21:43 PM | Computer Name = hilton-PC | Source = DCOM | ID = 10010
Description =
Error - 12/25/2016 2:25:34 PM | Computer Name = hilton-PC | Source = DCOM | ID = 10016
Description =
Error - 12/25/2016 2:26:42 PM | Computer Name = hilton-PC | Source = Service Control Manager | ID = 7024
Description = The Windows Search service terminated with service-specific error
%%-1073473535.
Error - 12/25/2016 2:26:42 PM | Computer Name = hilton-PC | Source = Service Control Manager | ID = 7031
Description = The Windows Search service terminated unexpectedly. It has done this
1 time(s). The following corrective action will be taken in 30000 milliseconds:
Restart the service.
Error - 12/26/2016 11:37:48 AM | Computer Name = hilton-PC | Source = Schannel | ID = 36887
Description = The following fatal alert was received: 20.
Error - 12/27/2016 2:22:18 PM | Computer Name = hilton-PC | Source = Schannel | ID = 36887
Description = The following fatal alert was received: 20.
Error - 12/27/2016 2:22:30 PM | Computer Name = hilton-PC | Source = Schannel | ID = 36887
Description = The following fatal alert was received: 20.
Error - 12/27/2016 3:44:01 PM | Computer Name = hilton-PC | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\DR0, has a bad block.
Error - 12/27/2016 3:44:45 PM | Computer Name = hilton-PC | Source = DCOM | ID = 10016
Description =
Error - 12/27/2016 3:44:46 PM | Computer Name = hilton-PC | Source = DCOM | ID = 10016
Description =
< End of report >
----------------next…
OTL logfile created on: 6/30/2017 1:15:33 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\hilton\Downloads
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18697)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.24 Gb Total Physical Memory | 2.06 Gb Available Physical Memory | 63.57% Memory free
6.48 Gb Paging File | 5.34 Gb Available in Paging File | 82.52% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 1859.99 Gb Total Space | 1817.06 Gb Free Space | 97.69% Space Free | Partition Type: NTFS

Computer Name: HILTON-PC | User Name: hilton | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (All) ==========

PRC - [2017/06/30 13:10:40 | 000,602,112 | ---- | M] (OldTimer Tools) – C:\Users\hilton\Downloads\OTL.exe
PRC - [2017/06/21 14:27:40 | 000,110,376 | ---- | M] (Siber Systems) – C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe
PRC - [2017/06/13 10:08:48 | 007,648,984 | ---- | M] (Piriform Ltd) – C:\Program Files\CCleaner\CCleaner.exe
PRC - [2017/06/02 03:58:31 | 000,427,520 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\SearchIndexer.exe
PRC - [2017/05/20 23:42:23 | 000,022,016 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\lsass.exe
PRC - [2017/05/16 13:35:10 | 000,815,312 | ---- | M] (Microsoft Corporation) – C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2017/05/12 13:41:01 | 000,069,632 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\smss.exe
PRC - [2017/05/09 17:42:26 | 003,146,704 | ---- | M] (Malwarebytes) – C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
PRC - [2017/05/09 17:41:44 | 008,534,480 | ---- | M] (Malwarebytes) – C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
PRC - [2017/05/09 17:40:20 | 003,398,608 | ---- | M] (Malwarebytes) – C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
PRC - [2017/04/27 14:41:40 | 000,288,848 | ---- | M] (Google Inc.) – C:\Program Files\Google\Update\1.3.33.5\GoogleCrashHandler.ex e
PRC - [2017/03/30 10:58:17 | 000,045,056 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\rundll32.exe
PRC - [2016/08/29 10:55:07 | 002,972,672 | ---- | M] (Microsoft Corporation) – C:\Windows\explorer.exe
PRC - [2016/07/23 03:42:36 | 000,151,280 | ---- | M] (Intel Corporation) – C:\Program Files\Intel\Bluetooth\ibtsiva.exe
PRC - [2016/07/18 15:43:52 | 001,161,256 | ---- | M] (Motorola Solutions, Inc.) – C:\Program Files\Intel\Bluetooth\obexsrv.exe
PRC - [2016/07/18 15:43:44 | 001,722,408 | ---- | M] (Motorola Solutions, Inc.) – C:\Program Files\Intel\Bluetooth\mediasrv.exe
PRC - [2016/07/18 15:43:38 | 001,202,216 | ---- | M] (Motorola Solutions, Inc.) – C:\Program Files\Intel\Bluetooth\devmonsrv.exe
PRC - [2016/06/29 16:50:18 | 000,049,152 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\taskhost.exe
PRC - [2015/04/12 23:19:24 | 000,259,072 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\services.exe
PRC - [2014/10/16 14:38:56 | 000,180,992 | ---- | M] (Intel Corporation) – C:\Windows\System32\IPROSetMonitor.exe
PRC - [2014/07/16 21:39:27 | 000,304,128 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\winlogon.exe
PRC - [2012/04/01 13:22:20 | 000,786,208 | ---- | M] (Broadcom Corporation.) – C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
PRC - [2012/02/11 01:37:49 | 000,317,440 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\spoolsv.exe
PRC - [2010/11/20 17:29:49 | 001,121,792 | ---- | M] (Microsoft Corporation) – C:\Program Files\Windows Media Player\wmpnetwk.exe
PRC - [2010/11/20 17:29:11 | 000,267,776 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\lsm.exe
PRC - [2010/11/20 17:29:06 | 000,192,000 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\taskeng.exe
PRC - [2009/12/01 15:43:26 | 000,176,128 | ---- | M] (Intel Corporation) – C:\Program Files\Intel\AMT\atchksrv.exe
PRC - [2009/12/01 15:43:12 | 002,519,040 | ---- | M] (Intel) – C:\Program Files\Intel\AMT\UNS.exe
PRC - [2009/12/01 15:42:22 | 000,102,400 | ---- | M] (Intel) – C:\Program Files\Intel\AMT\LMS.exe
PRC - [2009/07/13 21:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\wininit.exe
PRC - [2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009/07/13 21:14:19 | 000,092,672 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\dwm.exe
PRC - [2009/07/13 21:14:16 | 000,006,144 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\csrss.exe

========== Modules (All) ==========

MOD - [2017/06/30 13:10:40 | 000,602,112 | ---- | M] (OldTimer Tools) – C:\Users\hilton\Downloads\OTL.exe
MOD - [2017/06/21 14:27:40 | 028,446,504 | ---- | M] (Siber Systems Inc.) – C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
MOD - [2017/06/21 14:27:40 | 000,110,376 | ---- | M] (Siber Systems) – C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe
MOD - [2017/06/13 15:33:32 | 001,366,968 | ---- | M] (Stardock) – c:\Program Files\Stardock\Fences\DesktopDock.dll
MOD - [2017/06/13 15:33:32 | 000,763,320 | ---- | M] (Stardock) – C:\Program Files\Stardock\Fences\FencesMenu.dll
MOD - [2017/06/13 15:33:32 | 000,053,720 | ---- | M] () – c:\Program Files\Stardock\Fences\SdCrashReporter.dll
MOD - [2017/06/13 10:08:48 | 007,648,984 | ---- | M] (Piriform Ltd) – C:\Program Files\CCleaner\CCleaner.exe
MOD - [2017/06/02 04:09:50 | 000,034,816 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\mssprxy.dll
MOD - [2017/05/25 11:58:04 | 000,399,304 | ---- | M] (Malwarebytes Corporation) – C:\Program Files\Malwarebytes\Anti-Malware\mbae.dll
MOD - [2017/05/22 10:56:04 | 000,306,704 | ---- | M] (BugSplat) – c:\Program Files\Stardock\Fences\BugSplat.dll
MOD - [2017/05/22 10:56:04 | 000,106,000 | ---- | M] (BugSplat, LLC) – c:\Program Files\Stardock\Fences\BugSplatRc.dll
MOD - [2017/05/21 00:06:33 | 000,172,032 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\wdigest.dll
MOD - [2017/05/21 00:06:32 | 000,099,840 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\sspicli.dll
MOD - [2017/05/21 00:06:29 | 000,655,360 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\rpcrt4.dll
MOD - [2017/05/21 00:06:29 | 000,254,464 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\schannel.dll
MOD - [2017/05/21 00:06:29 | 000,022,016 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\secur32.dll
MOD - [2017/05/21 00:06:23 | 000,261,120 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\msv1_0.dll
MOD - [2017/05/21 00:06:23 | 000,223,232 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\ncrypt.dll
MOD - [2017/05/21 00:06:17 | 000,017,408 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\credssp.dll
MOD - [2017/05/21 00:06:16 | 000,082,432 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\bcrypt.dll
MOD - [2017/05/20 23:42:24 | 000,036,352 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\cryptbase.dll
MOD - [2017/05/19 13:26:21 | 001,042,392 | ---- | M] (Stardock Corporation) – c:\Program Files\Stardock\Fences\SdAppServices.dll
MOD - [2017/05/16 13:35:10 | 000,815,312 | ---- | M] (Microsoft Corporation) – C:\Program Files\Internet Explorer\iexplore.exe
MOD - [2017/05/16 13:35:10 | 000,235,216 | ---- | M] (Microsoft Corporation) – C:\Program Files\Internet Explorer\sqmapi.dll
MOD - [2017/05/14 15:16:37 | 002,290,176 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\iertutil.dll
MOD - [2017/05/14 15:12:11 | 000,476,160 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\ieui.dll
MOD - [2017/05/14 15:11:45 | 020,274,688 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\mshtml.dll
MOD - [2017/05/14 14:44:07 | 004,549,120 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\jscript9.dll
MOD - [2017/05/14 14:38:51 | 001,155,072 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\mshtmlmedia.dll
MOD - [2017/05/14 14:30:17 | 013,664,768 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\ieframe.dll
MOD - [2017/05/14 14:15:06 | 002,767,872 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\wininet.dll
MOD - [2017/05/14 14:14:54 | 000,288,256 | ---- | M] (Microsoft Corporation) – C:\Program Files\Internet Explorer\IEShims.dll
MOD - [2017/05/14 14:11:26 | 000,710,144 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\ieapfltr.dll
MOD - [2017/05/14 14:11:22 | 001,314,816 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\urlmon.dll
MOD - [2017/05/14 14:07:14 | 000,286,208 | ---- | M] (Microsoft Corporation) – C:\Program Files\Internet Explorer\ieproxy.dll
MOD - [2017/05/12 14:04:46 | 001,310,528 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\ntdll.dll
MOD - [2017/05/12 14:03:19 | 000,629,760 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\usp10.dll
MOD - [2017/05/12 14:03:18 | 000,043,008 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\srclient.dll
MOD - [2017/05/12 14:03:08 | 000,026,112 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\lpk.dll
MOD - [2017/05/12 14:03:07 | 000,306,688 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\gdi32.dll
MOD - [2017/05/12 14:03:05 | 000,010,240 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\dciman32.dll
MOD - [2017/05/12 14:03:03 | 001,629,696 | ---- | M] (Microsoft Corporation) – C:\Windows\winsxs\x86_microsoft.windows.gdiplus_65 95b64144ccf1df_1.1.7601.23807_none_5c02a265a011fb0 2\GdiPlus.dll
MOD - [2017/05/12 14:03:03 | 000,644,096 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\advapi32.dll
MOD - [2017/05/12 12:25:40 | 001,251,328 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\DWrite.dll
MOD - [2017/05/10 11:12:47 | 012,880,896 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\shell32.dll
MOD - [2017/05/10 11:12:38 | 001,499,648 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\ExplorerFrame.dll
MOD - [2017/05/09 17:42:26 | 003,146,704 | ---- | M] (Malwarebytes) – C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
MOD - [2017/05/09 17:41:44 | 008,534,480 | ---- | M] (Malwarebytes) – C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
MOD - [2017/05/09 17:40:08 | 001,596,856 | ---- | M] (Malwarebytes) – C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll
MOD - [2017/05/09 17:33:20 | 004,793,344 | ---- | M] (The Qt Company Ltd) – C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
MOD - [2017/04/17 11:12:24 | 001,417,728 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\ole32.dll
MOD - [2017/04/17 11:12:24 | 000,581,632 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\oleaut32.dll
MOD - [2017/04/17 11:12:18 | 000,872,448 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\kernel32.dll
MOD - [2017/04/17 11:12:18 | 000,294,400 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\KernelBase.dll
MOD - [2017/04/12 11:26:12 | 000,179,200 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\wintrust.dll
MOD - [2017/04/12 11:25:04 | 001,176,064 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\crypt32.dll
MOD - [2017/04/12 11:25:04 | 000,106,496 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\cryptnet.dll
MOD - [2017/04/11 14:53:16 | 000,104,960 | ---- | M] (The Qt Company Ltd) – C:\Program Files\Malwarebytes\Anti-Malware\scenegraph\softwarecontext.dll
MOD - [2017/04/11 14:52:58 | 000,697,344 | ---- | M] (The Qt Company Ltd) – C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\qtquickcontrolsplugin.dll
MOD - [2017/04/11 14:52:36 | 000,096,768 | ---- | M] (The Qt Company Ltd) – C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\PrivateWidgets\widgetsplugin.dll
MOD - [2017/04/11 14:52:32 | 000,172,544 | ---- | M] (The Qt Company Ltd) – C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\dialogplugin.dll
MOD - [2017/04/11 14:52:04 | 000,035,328 | ---- | M] (The Qt Company Ltd) – C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\Private\dialogsprivateplug in.dll
MOD - [2017/04/11 14:51:56 | 000,074,752 | ---- | M] (The Qt Company Ltd) – C:\Program Files\Malwarebytes\Anti-Malware\QtWinExtras\qml_winextras.dll
MOD - [2017/04/11 14:51:38 | 000,069,632 | ---- | M] (The Qt Company Ltd) – C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Layouts\qquicklayoutsplugin.dll
MOD - [2017/04/11 14:50:26 | 000,206,336 | ---- | M] (The Qt Company Ltd) – C:\Program Files\Malwarebytes\Anti-Malware\Qt5WinExtras.dll
MOD - [2017/04/11 14:49:04 | 000,013,312 | ---- | M] (The Qt Company Ltd) – C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Window.2\windowplugin.dll
MOD - [2017/04/11 14:49:02 | 000,013,312 | ---- | M] (The Qt Company Ltd) – C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2\qtquick2plugin.dll
MOD - [2017/04/11 14:49:00 | 000,022,528 | ---- | M] (The Qt Company Ltd) – C:\Program Files\Malwarebytes\Anti-Malware\Qt\labs\settings\qmlsettingsplugin.dll
MOD - [2017/04/11 14:48:58 | 000,044,032 | ---- | M] (The Qt Company Ltd) – C:\Program Files\Malwarebytes\Anti-Malware\Qt\labs\folderlistmodel\qmlfolderlistmodel plugin.dll
MOD - [2017/04/11 14:48:58 | 000,013,312 | ---- | M] (The Qt Company Ltd) – C:\Program Files\Malwarebytes\Anti-Malware\QtQml\Models.2\modelsplugin.dll
MOD - [2017/04/11 14:47:56 | 002,567,168 | ---- | M] (The Qt Company Ltd) – C:\Program Files\Malwarebytes\Anti-Malware\Qt5Quick.dll
MOD - [2017/04/11 14:46:22 | 002,514,432 | ---- | M] (The Qt Company Ltd) – C:\Program Files\Malwarebytes\Anti-Malware\Qt5Qml.dll
MOD - [2017/04/11 14:45:08 | 000,328,704 | ---- | M] (The Qt Company Ltd) – C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qwebp.dll
MOD - [2017/04/11 14:45:00 | 000,030,208 | ---- | M] (The Qt Company Ltd) – C:\Program Files\Malwarebytes\Anti-Malware\iconengines\qsvgicon.dll
MOD - [2017/04/11 14:45:00 | 000,019,968 | ---- | M] (The Qt Company Ltd) – C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qsvg.dll
MOD - [2017/04/11 14:44:58 | 000,318,976 | ---- | M] (The Qt Company Ltd) – C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qtiff.dll
MOD - [2017/04/11 14:44:58 | 000,247,808 | ---- | M] (The Qt Company Ltd) – C:\Program Files\Malwarebytes\Anti-Malware\Qt5Svg.dll
MOD - [2017/04/11 14:44:54 | 000,017,920 | ---- | M] (The Qt Company Ltd) – C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qwbmp.dll
MOD - [2017/04/11 14:44:50 | 000,038,912 | ---- | M] (The Qt Company Ltd) – C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qdds.dll
MOD - [2017/04/11 14:44:50 | 000,018,944 | ---- | M] (The Qt Company Ltd) – C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qtga.dll
MOD - [2017/04/11 14:44:48 | 000,031,232 | ---- | M] (The Qt Company Ltd) – C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qicns.dll
MOD - [2017/04/11 14:44:42 | 000,992,768 | ---- | M] (The Qt Company Ltd) – C:\Program Files\Malwarebytes\Anti-Malware\platforms\qwindows.dll
MOD - [2017/04/11 14:44:26 | 000,242,176 | ---- | M] (The Qt Company Ltd) – C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qjpeg.dll
MOD - [2017/04/11 14:44:22 | 000,025,088 | ---- | M] (The Qt Company Ltd) – C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qico.dll
MOD - [2017/04/11 14:44:16 | 000,024,576 | ---- | M] (The Qt Company Ltd) – C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qgif.dll
MOD - [2017/04/11 14:43:40 | 004,481,024 | ---- | M] (The Qt Company Ltd) – C:\Program Files\Malwarebytes\Anti-Malware\Qt5Widgets.dll
MOD - [2017/04/11 14:42:12 | 005,093,888 | ---- | M] (The Qt Company Ltd) – C:\Program Files\Malwarebytes\Anti-Malware\Qt5Gui.dll
MOD - [2017/04/11 14:41:14 | 000,672,768 | ---- | M] (The Qt Company Ltd) – C:\Program Files\Malwarebytes\Anti-Malware\Qt5Network.dll
MOD - [2017/03/30 10:58:17 | 000,045,056 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\rundll32.exe
MOD - [2017/02/09 12:14:44 | 000,060,416 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\samlib.dll
MOD - [2017/02/09 12:14:38 | 000,481,792 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\mscms.dll
MOD - [2017/01/18 11:35:50 | 000,012,128 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\api-ms-win-core-synch-l1-2-0.dll
MOD - [2016/11/10 12:19:39 | 000,811,520 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\user32.dll
MOD - [2016/11/09 12:17:31 | 002,365,440 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\msi.dll
MOD - [2016/11/09 12:17:18 | 001,806,848 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\authui.dll
MOD - [2016/10/11 11:18:29 | 000,829,952 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\msctf.dll
MOD - [2016/10/11 09:33:27 | 000,187,392 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\UIAnimation.dll
MOD - [2016/10/07 11:12:49 | 000,090,624 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\olepro32.dll
MOD - [2016/09/08 16:34:01 | 000,087,040 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\davclnt.dll
MOD - [2016/08/29 10:55:07 | 002,972,672 | ---- | M] (Microsoft Corporation) – C:\Windows\explorer.exe
MOD - [2016/06/29 16:51:32 | 000,182,272 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\msls31.dll
MOD - [2016/06/29 16:51:30 | 000,036,352 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\imgutil.dll
MOD - [2016/06/29 16:50:18 | 000,049,152 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\taskhost.exe
MOD - [2016/06/29 16:48:27 | 000,293,376 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\dxgi.dll
MOD - [2016/06/29 16:48:27 | 000,249,856 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\d3d10_1core.dll
MOD - [2016/06/29 16:48:27 | 000,207,872 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\WindowsCodecsExt.dll
MOD - [2016/06/29 16:48:27 | 000,161,792 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\d3d10_1.dll
MOD - [2016/06/29 16:48:27 | 000,010,752 | -H-- | M] (Microsoft Corporation) – C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
MOD - [2016/06/29 16:48:27 | 000,009,728 | -H-- | M] (Microsoft Corporation) – C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
MOD - [2016/06/29 16:48:27 | 000,005,632 | -H-- | M] (Microsoft Corporation) – C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
MOD - [2016/06/29 16:48:27 | 000,005,632 | -H-- | M] (Microsoft Corporation) – C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
MOD - [2016/06/29 16:48:27 | 000,004,096 | -H-- | M] (Microsoft Corporation) – C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
MOD - [2016/06/29 16:48:27 | 000,003,584 | -H-- | M] (Microsoft Corporation) – C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
MOD - [2016/06/29 16:48:27 | 000,003,072 | -H-- | M] (Microsoft Corporation) – C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
MOD - [2016/06/29 16:48:27 | 000,003,072 | -H-- | M] (Microsoft Corporation) – C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
MOD - [2016/06/29 16:48:27 | 000,002,560 | -H-- | M] (Microsoft Corporation) – C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
MOD - [2016/06/29 16:46:09 | 001,505,280 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\d3d11.dll
MOD - [2016/06/14 11:21:27 | 003,209,216 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\mf.dll
MOD - [2016/06/14 11:21:27 | 000,354,816 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\mfplat.dll
MOD - [2016/06/14 11:21:20 | 001,005,056 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\cryptui.dll
MOD - [2016/06/14 11:21:20 | 000,080,896 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\cryptsp.dll
MOD - [2016/06/14 11:21:18 | 000,195,072 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\AudioSes.dll
MOD - [2016/05/12 11:18:23 | 000,079,360 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\gpapi.dll
MOD - [2016/05/12 09:04:55 | 000,249,352 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\bcryptprimitives.dll
MOD - [2016/05/11 11:19:26 | 000,206,336 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\ws2_32.dll
MOD - [2016/05/11 11:19:25 | 000,351,744 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\winhttp.dll
MOD - [2016/05/11 11:19:24 | 000,363,520 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\StructuredQuery.dll
MOD - [2016/05/11 11:19:16 | 000,231,424 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\mswsock.dll
MOD - [2016/04/09 00:20:04 | 001,230,848 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\WindowsCodecs.dll
MOD - [2016/03/09 14:40:16 | 000,316,416 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\webio.dll
MOD - [2015/12/08 17:53:48 | 000,079,872 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\MP3DMOD.DLL
MOD - [2015/12/08 17:53:47 | 000,004,608 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\ksuser.dll
MOD - [2015/11/11 14:39:34 | 001,242,624 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\comsvcs.dll
MOD - [2015/10/29 13:49:58 | 000,295,936 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\apphelp.dll
MOD - [2015/10/29 13:49:57 | 000,562,176 | ---- | M] (Microsoft Corporation) – C:\Windows\AppPatch\AcLayers.dll
MOD - [2015/09/01 13:52:53 | 000,348,672 | ---- | M] (Microsoft Corporation) – C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll
MOD - [2015/08/27 13:58:14 | 001,391,104 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\msxml6.dll
MOD - [2015/07/09 13:42:54 | 001,372,160 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\dwmcore.dll
MOD - [2015/07/09 13:42:54 | 000,067,584 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\dwmapi.dll
MOD - [2015/05/25 14:01:39 | 000,092,160 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\sechost.dll
MOD - [2015/04/24 13:54:13 | 001,680,896 | ---- | M] (Microsoft Corporation) – C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e8 55142bd5705d\comctl32.dll
MOD - [2015/01/28 23:02:08 | 002,311,168 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\wpdshext.dll
MOD - [2014/07/16 21:40:03 | 000,157,696 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\winsta.dll
MOD - [2014/01/28 22:06:47 | 000,381,440 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\wer.dll
MOD - [2013/11/26 04:16:50 | 003,419,136 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\d2d1.dll
MOD - [2013/10/18 21:36:59 | 000,159,232 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\imagehlp.dll
MOD - [2013/10/11 22:01:25 | 000,216,576 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\FWPUCLNT.DLL
MOD - [2013/10/05 02:38:22 | 000,970,912 | ---- | M] (Microsoft Corporation) – C:\Program Files\Malwarebytes\Anti-Malware\msvcr120.dll
MOD - [2013/10/05 02:38:22 | 000,455,328 | ---- | M] (Microsoft Corporation) – C:\Program Files\Malwarebytes\Anti-Malware\msvcp120.dll
MOD - [2013/07/25 21:55:59 | 000,180,224 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\shdocvw.dll
MOD - [2012/12/07 08:26:17 | 000,308,736 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\Wpc.dll
MOD - [2012/12/07 08:20:43 | 002,576,384 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\gameux.dll
MOD - [2012/10/09 13:40:31 | 000,044,032 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\dhcpcsvc6.dll
MOD - [2012/10/03 12:42:26 | 000,052,224 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\nlaapi.dll
MOD - [2012/07/04 17:16:56 | 000,057,344 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\netapi32.dll
MOD - [2012/04/01 13:22:26 | 000,336,160 | ---- | M] (Broadcom Corporation.) – C:\Program Files\WIDCOMM\Bluetooth Software\BTNCopy.dll
MOD - [2012/01/04 04:58:41 | 000,442,880 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\ntshrui.dll
MOD - [2011/12/30 01:27:56 | 000,478,720 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\timedate.cpl
MOD - [2011/12/16 03:52:58 | 000,690,688 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\msvcrt.dll
MOD - [2011/08/27 00:26:27 | 000,233,472 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\oleacc.dll
MOD - [2011/06/16 00:33:18 | 000,180,224 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\xmllite.dll
MOD - [2011/03/11 01:33:09 | 001,699,328 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\esent.dll
MOD - [2011/03/03 01:38:01 | 000,270,336 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\dnsapi.dll
MOD - [2010/11/20 17:29:50 | 000,301,568 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\srchadmin.dll
MOD - [2010/11/20 17:29:49 | 000,172,544 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\spp.dll
MOD - [2010/11/20 17:29:41 | 000,744,448 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\ActionCenter.dll
MOD - [2010/11/20 17:29:41 | 000,547,840 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\PortableDeviceApi.dll
MOD - [2010/11/20 17:29:41 | 000,165,376 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\provsvc.dll
MOD - [2010/11/20 17:29:41 | 000,105,984 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\WPDShServiceObj.dll
MOD - [2010/11/20 17:29:40 | 000,051,712 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\wscapi.dll
MOD - [2010/11/20 17:29:39 | 002,146,304 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\SyncCenter.dll
MOD - [2010/11/20 17:29:26 | 000,418,816 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\cscui.dll
MOD - [2010/11/20 17:29:26 | 000,139,264 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\cscobj.dll
MOD - [2010/11/20 17:29:24 | 000,692,736 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\bthprops.cpl
MOD - [2010/11/20 17:29:24 | 000,505,856 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\taskschd.dll
MOD - [2010/11/20 17:29:24 | 000,103,936 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\IPHLPAPI.DLL
MOD - [2010/11/20 17:29:21 | 000,146,432 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\twext.dll
MOD - [2010/11/20 17:29:20 | 001,128,448 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\vssapi.dll
MOD - [2010/11/20 17:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\wbem\fastprox.dll
MOD - [2010/11/20 17:29:20 | 000,118,272 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\imm32.dll
MOD - [2010/11/20 17:29:20 | 000,080,896 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\QUTIL.DLL
MOD - [2010/11/20 17:29:19 | 000,638,976 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\VAN.dll
MOD - [2010/11/20 17:29:19 | 000,380,416 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\sxs.dll
MOD - [2010/11/20 17:29:19 | 000,269,824 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\Wldap32.dll
MOD - [2010/11/20 17:29:19 | 000,228,352 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\stobject.dll
MOD - [2010/11/20 17:29:18 | 000,194,048 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\winmm.dll
MOD - [2010/11/20 17:29:15 | 000,090,112 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\srvcli.dll
MOD - [2010/11/20 17:29:13 | 001,661,440 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\networkexplorer.dll
MOD - [2010/11/20 17:29:13 | 000,081,920 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\userenv.dll
MOD - [2010/11/20 17:29:13 | 000,022,528 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\netutils.dll
MOD - [2010/11/20 17:29:12 | 001,063,936 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\werconcpl.dll
MOD - [2010/11/20 17:29:12 | 000,988,160 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\propsys.dll
MOD - [2010/11/20 17:29:12 | 000,854,016 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\dbghelp.dll
MOD - [2010/11/20 17:29:12 | 000,801,280 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\NaturalLanguage6.dll
MOD - [2010/11/20 17:29:12 | 000,649,216 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\appwiz.cpl
MOD - [2010/11/20 17:29:12 | 000,592,384 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\msftedit.dll
MOD - [2010/11/20 17:29:12 | 000,363,008 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\wbemcomn.dll
MOD - [2010/11/20 17:29:12 | 000,327,680 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\zipfldr.dll
MOD - [2010/11/20 17:29:12 | 000,320,000 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\winspool.drv
MOD - [2010/11/20 17:29:12 | 000,206,336 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\framedynos.dll
MOD - [2010/11/20 17:29:12 | 000,199,168 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\onex.dll
MOD - [2010/11/20 17:29:12 | 000,145,920 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\cfgmgr32.dll
MOD - [2010/11/20 17:29:12 | 000,108,032 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\shacct.dll
MOD - [2010/11/20 17:29:12 | 000,082,944 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\thumbcache.dll
MOD - [2010/11/20 17:29:12 | 000,046,080 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\RpcRtRemote.dll
MOD - [2010/11/20 17:29:11 | 002,494,464 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\netshell.dll
MOD - [2010/11/20 17:29:11 | 001,750,528 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\pnidui.dll
MOD - [2010/11/20 17:29:11 | 000,392,192 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\imapi2.dll
MOD - [2010/11/20 17:29:11 | 000,220,160 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\SndVolSSO.dll
MOD - [2010/11/20 17:29:11 | 000,128,512 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\EhStorAPI.dll
MOD - [2010/11/20 17:29:08 | 000,399,872 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\DXP.dll
MOD - [2010/11/20 17:29:08 | 000,395,264 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\prnfldr.dll
MOD - [2010/11/20 17:29:08 | 000,034,816 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\cscapi.dll
MOD - [2010/11/20 17:29:08 | 000,030,720 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\msdmo.dll
MOD - [2010/11/20 17:29:08 | 000,023,040 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\cscdll.dll
MOD - [2010/11/20 17:29:07 | 000,309,760 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\actxprxy.dll
MOD - [2010/11/20 17:29:07 | 000,172,032 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\wdmaud.drv
MOD - [2010/11/20 17:29:07 | 000,171,520 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\QAGENT.DLL
MOD - [2010/11/20 17:29:07 | 000,167,936 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\msutb.dll
MOD - [2010/11/20 17:29:07 | 000,069,120 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\ntlanman.dll
MOD - [2010/11/20 17:29:06 | 001,667,584 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\setupapi.dll
MOD - [2010/11/20 17:29:06 | 000,740,864 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\batmeter.dll
MOD - [2010/11/20 17:29:06 | 000,646,144 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\SearchFolder.dll
MOD - [2010/11/20 17:29:06 | 000,312,832 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\hgcpl.dll
MOD - [2010/11/20 17:29:06 | 000,213,504 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\MMDevAPI.dll
MOD - [2010/11/20 17:29:06 | 000,192,000 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\taskeng.exe
MOD - [2010/11/20 17:29:06 | 000,097,280 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\dwmredir.dll
MOD - [2010/11/20 17:29:06 | 000,051,200 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\samcli.dll
MOD - [2010/11/20 17:29:06 | 000,047,104 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\wkscli.dll
MOD - [2010/11/20 17:29:06 | 000,040,448 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\wtsapi32.dll
MOD - [2010/11/20 17:29:04 | 000,485,888 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\comdlg32.dll
MOD - [2010/11/20 17:29:04 | 000,034,304 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\msasn1.dll
MOD - [2010/11/20 17:29:03 | 000,350,208 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\shlwapi.dll
MOD - [2009/09/23 18:48:52 | 000,275,968 | ---- | M] (Intel Corporation) – C:\Windows\System32\igfxrenu.lrc
MOD - [2009/07/13 21:17:54 | 000,242,936 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\rsaenh.dll
MOD - [2009/07/13 21:16:21 | 000,674,304 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\wwanmm.dll
MOD - [2009/07/13 21:16:21 | 000,284,672 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\WWanAPI.dll
MOD - [2009/07/13 21:16:21 | 000,027,648 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\wwapi.dll
MOD - [2009/07/13 21:16:20 | 000,095,744 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\wscinterop.dll
MOD - [2009/07/13 21:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\wsock32.dll
MOD - [2009/07/13 21:16:20 | 000,013,824 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\wshqos.dll
MOD - [2009/07/13 21:16:20 | 000,010,752 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\wship6.dll
MOD - [2009/07/13 21:16:20 | 000,009,216 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\WSHTCPIP.DLL
MOD - [2009/07/13 21:16:19 | 000,748,544 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\WlanMM.dll
MOD - [2009/07/13 21:16:19 | 000,084,480 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\wlanhlp.dll
MOD - [2009/07/13 21:16:19 | 000,081,408 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\wlanapi.dll
MOD - [2009/07/13 21:16:19 | 000,016,896 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\winnsi.dll
MOD - [2009/07/13 21:16:19 | 000,008,192 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\wlanutil.dll
MOD - [2009/07/13 21:16:18 | 000,262,144 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\wevtapi.dll
MOD - [2009/07/13 21:16:18 | 000,061,440 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\wercplsupport.dll
MOD - [2009/07/13 21:16:17 | 000,561,664 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\UIAutomationCore.dll
MOD - [2009/07/13 21:16:17 | 000,249,856 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\uxtheme.dll
MOD - [2009/07/13 21:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\vsstrace.dll
MOD - [2009/07/13 21:16:17 | 000,047,616 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\wbem\wbemsvc.dll
MOD - [2009/07/13 21:16:17 | 000,029,184 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\wbem\wbemprox.dll
MOD - [2009/07/13 21:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\version.dll
MOD - [2009/07/13 21:16:16 | 000,013,312 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\TSChannel.dll
MOD - [2009/07/13 21:16:15 | 000,055,296 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\Syncreg.dll
MOD - [2009/07/13 21:16:15 | 000,027,136 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\slc.dll
MOD - [2009/07/13 21:16:14 | 000,040,960 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\sfc_os.dll
MOD - [2009/07/13 21:16:13 | 000,010,752 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\SensApi.dll
MOD - [2009/07/13 21:16:12 | 000,845,824 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\RASMM.dll
MOD - [2009/07/13 21:16:12 | 000,791,552 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\opengl32.dll
MOD - [2009/07/13 21:16:12 | 000,325,120 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\rasapi32.dll
MOD - [2009/07/13 21:16:12 | 000,159,744 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\PortableDeviceTypes.dll
MOD - [2009/07/13 21:16:12 | 000,145,408 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\powrprof.dll
MOD - [2009/07/13 21:16:12 | 000,077,312 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\PlaySndSrv.dll
MOD - [2009/07/13 21:16:12 | 000,076,800 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\rasman.dll
MOD - [2009/07/13 21:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\profapi.dll
MOD - [2009/07/13 21:16:12 | 000,019,456 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\osbaseln.dll
MOD - [2009/07/13 21:16:12 | 000,011,776 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\rasadhlp.dll
MOD - [2009/07/13 21:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\psapi.dll
MOD - [2009/07/13 21:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\ntmarta.dll
MOD - [2009/07/13 21:16:11 | 000,090,112 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\ntdsapi.dll
MOD - [2009/07/13 21:16:11 | 000,016,896 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\npmproxy.dll
MOD - [2009/07/13 21:16:11 | 000,008,704 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\nsi.dll
MOD - [2009/07/13 21:16:05 | 004,888,576 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\NlsData0009.dll
MOD - [2009/07/13 21:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\netprofm.dll
MOD - [2009/07/13 21:15:44 | 000,031,232 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\msimtf.dll
MOD - [2009/07/13 21:15:44 | 000,015,872 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\msiltcfg.dll
MOD - [2009/07/13 21:15:44 | 000,004,608 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\msimg32.dll
MOD - [2009/07/13 21:15:43 | 000,019,968 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\MsCtfMonitor.dll
MOD - [2009/07/13 21:15:42 | 000,072,192 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\msacm32.dll
MOD - [2009/07/13 21:15:41 | 000,064,000 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\mpr.dll
MOD - [2009/07/13 21:15:40 | 000,177,664 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\mlang.dll
MOD - [2009/07/13 21:15:40 | 000,016,896 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\midimap.dll
MOD - [2009/07/13 21:15:36 | 000,022,016 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\linkinfo.dll
MOD - [2009/07/13 21:15:27 | 000,009,728 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\IconCodecService.dll
MOD - [2009/07/13 21:15:24 | 000,026,112 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\hcproviders.dll
MOD - [2009/07/13 21:15:24 | 000,022,016 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\hid.dll
MOD - [2009/07/13 21:15:22 | 000,848,384 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\FXSST.dll
MOD - [2009/07/13 21:15:22 | 000,130,048 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\glu32.dll
MOD - [2009/07/13 21:15:21 | 000,227,328 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\FXSAPI.dll
MOD - [2009/07/13 21:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\es.dll
MOD - [2009/07/13 21:15:14 | 000,189,952 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\EhStorShell.dll
MOD - [2009/07/13 21:15:14 | 000,020,992 | ---- | M] (Microsoft Corporation) – C:\Windows\ehome\ehSSO.dll
MOD - [2009/07/13 21:15:13 | 000,717,824 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\dui70.dll
MOD - [2009/07/13 21:15:13 | 000,183,296 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\eappcfg.dll
MOD - [2009/07/13 21:15:13 | 000,181,248 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\duser.dll
MOD - [2009/07/13 21:15:13 | 000,056,320 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\eappprxy.dll
MOD - [2009/07/13 21:15:13 | 000,022,016 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\dsrole.dll
MOD - [2009/07/13 21:15:13 | 000,018,944 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\drprov.dll
MOD - [2009/07/13 21:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\devobj.dll
MOD - [2009/07/13 21:15:11 | 000,061,952 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\dhcpcsvc.dll
MOD - [2009/07/13 21:15:11 | 000,044,544 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\devrtl.dll
MOD - [2009/07/13 21:15:11 | 000,033,792 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\dimsjob.dll
MOD - [2009/07/13 21:15:10 | 000,531,968 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\ddraw.dll
MOD - [2009/07/13 21:15:08 | 000,019,456 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\davhlpr.dll
MOD - [2009/07/13 21:15:07 | 000,058,880 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\cryptdll.dll
MOD - [2009/07/13 21:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\clbcatq.dll
MOD - [2009/07/13 21:14:58 | 000,014,336 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\avrt.dll
MOD - [2009/07/13 21:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\atl.dll
MOD - [2009/07/13 21:14:53 | 000,046,592 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\AltTab.dll
MOD - [2009/07/13 21:14:19 | 000,092,672 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\dwm.exe
MOD - [2009/07/13 21:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\msscript.ocx
MOD - [2009/07/13 21:14:09 | 001,140,736 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\wscui.cpl
MOD - [2009/07/13 21:14:08 | 000,020,992 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\msacm32.drv
MOD - [2009/07/13 21:10:22 | 000,002,560 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\sfc.dll
MOD - [2009/07/13 21:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\normaliz.dll
MOD - [2009/07/13 21:08:30 | 002,628,608 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\NlsLexicons0009.dll
MOD - [2009/07/13 21:05:30 | 000,925,184 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\FXSRESM.dll

========== Services (All) ==========

SRV - [2017/06/15 13:19:19 | 000,272,384 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] – C:\Windows\System32\Macromed\Flash\FlashPlayerUpda teService.exe – (AdobeFlashPlayerUpdateSvc)
SRV - [2017/06/02 03:58:31 | 000,427,520 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\SearchIndexer.exe – (WSearch)
SRV - [2017/05/20 23:42:23 | 000,022,016 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\lsass.exe – (VaultSvc)
SRV - [2017/05/20 23:42:23 | 000,022,016 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\lsass.exe – (SamSs)
SRV - [2017/05/20 23:42:23 | 000,022,016 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\lsass.exe – (ProtectedStorage)
SRV - [2017/05/20 23:42:23 | 000,022,016 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\lsass.exe – (Netlogon)
SRV - [2017/05/20 23:42:23 | 000,022,016 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\lsass.exe – (KeyIso)
SRV - [2017/05/20 23:42:23 | 000,022,016 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\lsass.exe – (EFS)
SRV - [2017/05/14 15:11:09 | 000,104,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\IEEtwCollector.exe – (IEEtwCollectorService)
SRV - [2017/05/12 13:45:37 | 000,029,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\appidsvc.dll – (AppIDSvc)
SRV - [2017/05/12 12:25:40 | 000,909,824 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\FntCache.dll – (FontCache)
SRV - [2017/05/10 11:01:19 | 002,092,032 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\wuaueng.dll – (wuauserv)
SRV - [2017/05/09 17:40:20 | 003,398,608 | ---- | M] (Malwarebytes) [Auto | Running] – C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe – (MBAMService)
SRV - [2017/04/26 13:09:48 | 000,194,032 | ---- | M] (Google) [Disabled | Stopped] – C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe – (gusvc)
SRV - [2017/04/25 09:12:12 | 000,083,056 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] – C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe – (AdobeARMservice)
SRV - [2017/04/17 11:12:25 | 000,377,344 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\rpcss.dll – (RpcSs)
SRV - [2017/04/17 11:12:25 | 000,377,344 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\rpcss.dll – (DcomLaunch)
SRV - [2017/04/12 11:25:04 | 000,145,920 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\cryptsvc.dll – (CryptSvc)
SRV - [2017/03/26 20:33:36 | 000,135,800 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] – C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSv cHost.exe – (NetTcpPortSharing)
SRV - [2017/03/26 20:33:36 | 000,135,800 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] – C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSv cHost.exe – (NetTcpActivator)
SRV - [2017/03/26 20:33:36 | 000,135,800 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] – C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSv cHost.exe – (NetPipeActivator)
SRV - [2017/03/26 20:33:36 | 000,135,800 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] – C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSv cHost.exe – (NetMsmqActivator)
SRV - [2017/03/26 20:33:36 | 000,105,096 | ---- | M] (Microsoft Corporation) [Auto | Stopped] – C:\Windows\Microsoft.NET\Framework\v4.0.30319\msco rsvw.exe – (clr_optimization_v4.0.30319_32)
SRV - [2017/03/26 20:33:36 | 000,045,688 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] – C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspn et_state.exe – (aspnet_state)
SRV - [2017/03/19 10:47:05 | 000,172,488 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] – C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe – (MozillaMaintenance)
SRV - [2017/03/10 12:20:21 | 001,508,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\pla.dll – (pla)
SRV - [2017/02/09 11:51:50 | 000,032,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\WcsPlugInService.dll – (WcsPlugInService)
SRV - [2016/12/25 17:07:19 | 000,153,752 | ---- | M] (Google Inc.) [Disabled | Stopped] – C:\Program Files\Google\Update\GoogleUpdate.exe – (gupdatem)
SRV - [2016/12/25 17:07:19 | 000,153,752 | ---- | M] (Google Inc.) [Disabled | Stopped] – C:\Program Files\Google\Update\GoogleUpdate.exe – (gupdate)
SRV - [2016/11/09 12:17:17 | 000,047,104 | ---- | M] (Microsoft Corporation) [On_Demand | Running] – C:\Windows\System32\appinfo.dll – (Appinfo)
SRV - [2016/11/09 11:55:06 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\msiexec.exe – (msiserver)
SRV - [2016/09/08 16:34:14 | 000,208,896 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\WebClnt.dll – (WebClient)
SRV - [2016/08/21 09:05:24 | 000,935,424 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\diagtrack.dll – (DiagTrack)
SRV - [2016/08/06 11:15:08 | 001,178,112 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\WsmSvc.dll – (WinRM)
SRV - [2016/07/23 03:42:36 | 000,151,280 | ---- | M] (Intel Corporation) [Auto | Running] – C:\Program Files\Intel\Bluetooth\ibtsiva.exe – (iBtSiva)
SRV - [2016/07/22 03:21:08 | 000,754,784 | ---- | M] (DEVGURU Co., LTD.) [On_Demand | Stopped] – C:\Program Files\SAMSUNG\USB Drivers\27_ssconn\conn\ss_conn_service.exe – (ss_conn_service)
SRV - [2016/07/18 15:43:52 | 001,161,256 | ---- | M] (Motorola Solutions, Inc.) [Auto | Running] – C:\Program Files\Intel\Bluetooth\obexsrv.exe – (Bluetooth OBEX Service)
SRV - [2016/07/18 15:43:44 | 001,722,408 | ---- | M] (Motorola Solutions, Inc.) [Auto | Running] – C:\Program Files\Intel\Bluetooth\mediasrv.exe – (Bluetooth Media Service)
SRV - [2016/07/18 15:43:38 | 001,202,216 | ---- | M] (Motorola Solutions, Inc.) [Auto | Running] – C:\Program Files\Intel\Bluetooth\devmonsrv.exe – (Bluetooth Device Monitor)
SRV - [2016/06/14 11:21:33 | 000,157,184 | ---- | M] (Microsoft Corporation) [On_Demand | Running] – C:\Windows\System32\pcasvc.dll – (PcaSvc)
SRV - [2016/06/14 11:21:18 | 000,474,624 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\audiosrv.dll – (Audiosrv)
SRV - [2016/06/14 11:21:18 | 000,474,624 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\audiosrv.dll – (AudioEndpointBuilder)
SRV - [2016/05/12 11:18:25 | 000,351,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\IPSECSVC.DLL – (PolicyAgent)
SRV - [2016/05/12 11:18:24 | 000,606,720 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\gpsvc.dll – (gpsvc)
SRV - [2016/05/11 11:19:25 | 000,351,744 | ---- | M] (Microsoft Corporation) [On_Demand | Running] – C:\Windows\System32\winhttp.dll – (WinHttpAutoProxySvc)
SRV - [2016/02/09 05:50:10 | 000,021,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\seclogon.dll – (seclogon)
SRV - [2015/10/29 13:49:57 | 000,062,464 | ---- | M] (Microsoft Corporation) [On_Demand | Running] – C:\Windows\System32\aelupsvc.dll – (AeLookupSvc)
SRV - [2015/08/05 13:41:00 | 000,751,104 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\schedsvc.dll – (Schedule)
SRV - [2015/07/15 13:55:03 | 001,159,168 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\sysmain.dll – (SysMain)
SRV - [2015/01/08 22:48:18 | 000,076,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\wdi.dll – (WdiSystemHost)
SRV - [2015/01/08 22:48:18 | 000,076,800 | ---- | M] (Microsoft Corporation) [On_Demand | Running] – C:\Windows\System32\wdi.dll – (WdiServiceHost)
SRV - [2014/12/18 22:43:00 | 000,164,864 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\profsvc.dll – (ProfSvc)
SRV - [2014/12/05 23:50:19 | 000,242,688 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\nlasvc.dll – (NlaSvc)
SRV - [2014/10/16 14:38:56 | 000,180,992 | ---- | M] (Intel Corporation) [Auto | Running] – C:\Windows\System32\IPROSetMonitor.exe – (Intel(R)
SRV - [2014/10/13 21:50:50 | 000,523,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\termsrv.dll – (TermService)
SRV - [2014/06/30 18:14:53 | 000,879,248 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe – (idsvc)
SRV - [2014/03/20 18:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] – C:\Windows\Microsoft.NET\Framework\v2.0.50727\msco rsvw.exe – (clr_optimization_v2.0.50727_32)
SRV - [2014/01/27 22:07:07 | 000,185,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\wwansvc.dll – (WwanSvc)
SRV - [2013/10/11 22:01:41 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\IKEEXT.DLL – (IKEEXT)
SRV - [2013/05/27 00:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Program Files\Windows Defender\MpSvc.dll – (WinDefend)
SRV - [2012/10/03 12:40:35 | 000,499,712 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\iphlpsvc.dll – (iphlpsvc)
SRV - [2012/07/25 23:20:40 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\WUDFSvc.dll – (wudfsvc)
SRV - [2012/07/04 17:14:34 | 000,102,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] – C:\Windows\System32\browser.dll – (Browser)
SRV - [2012/04/01 13:22:20 | 000,786,208 | ---- | M] (Broadcom Corporation.) [Auto | Running] – C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe – (btwdins)
SRV - [2012/02/11 01:37:49 | 000,317,440 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\spoolsv.exe – (Spooler)
SRV - [2011/05/24 06:44:59 | 000,293,376 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\umpnpmgr.dll – (PlugPlay)
SRV - [2011/03/03 01:38:01 | 000,132,608 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\dnsrslvr.dll – (Dnscache)
SRV - [2010/11/20 17:29:50 | 001,203,200 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\wbengine.exe – (wbengine)
SRV - [2010/11/20 17:29:50 | 000,523,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\FXSSVC.exe – (Fax)
SRV - [2010/11/20 17:29:50 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Running] – C:\Windows\System32\TabSvc.dll – (TabletInputService)
SRV - [2010/11/20 17:29:49 | 001,121,792 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Program Files\Windows Media Player\wmpnetwk.exe – (WMPNetworkSvc)
SRV - [2010/11/20 17:29:49 | 000,171,008 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\umrdp.dll – (UmRdpService)
SRV - [2010/11/20 17:29:49 | 000,125,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\sdrsvc.dll – (SDRSVC)
SRV - [2010/11/20 17:29:41 | 000,463,360 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\wiaservc.dll – (StiSvc)
SRV - [2010/11/20 17:29:41 | 000,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Running] – C:\Windows\System32\ListSvc.dll – (HomeGroupListener)
SRV - [2010/11/20 17:29:41 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] – C:\Windows\System32\provsvc.dll – (HomeGroupProvider)
SRV - [2010/11/20 17:29:41 | 000,085,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\wpdbusenum.dll – (WPDBusEnum)
SRV - [2010/11/20 17:29:32 | 000,068,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] – C:\Windows\System32\Mcx2Svc.dll – (Mcx2Svc)
SRV - [2010/11/20 17:29:29 | 000,556,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\ehome\ehrecvr.exe – (ehRecvr)
SRV - [2010/11/20 17:29:26 | 000,546,304 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\cscsvc.dll – (CscService)
SRV - [2010/11/20 17:29:25 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\AxInstSv.dll – (AxInstSV)
SRV - [2010/11/20 17:29:24 | 000,286,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\rasmans.dll – (RasMan)
SRV - [2010/11/20 17:29:24 | 000,276,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\wcncsvc.dll – (wcncsvc)
SRV - [2010/11/20 17:29:24 | 000,144,384 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\dps.dll – (DPS)
SRV - [2010/11/20 17:29:24 | 000,053,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\sppuinotify.dll – (sppuinotify)
SRV - [2010/11/20 17:29:21 | 000,071,168 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\KMSVC.DLL – (hkmsvc)
SRV - [2010/11/20 17:29:20 | 000,214,016 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\dot3svc.dll – (dot3svc)
SRV - [2010/11/20 17:29:20 | 000,067,584 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\certprop.dll – (SCPolicySvc)
SRV - [2010/11/20 17:29:20 | 000,067,584 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\certprop.dll – (CertPropSvc)
SRV - [2010/11/20 17:29:13 | 000,204,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\servicing\TrustedInstaller.exe – (TrustedInstaller)
SRV - [2010/11/20 17:29:13 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\umpo.dll – (Power)
SRV - [2010/11/20 17:29:12 | 003,179,520 | ---- | M] (Microsoft Corporation) [Auto | Stopped] – C:\Windows\System32\sppsvc.exe – (sppsvc)
SRV - [2010/11/20 17:29:12 | 001,025,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\VSSVC.exe – (VSS)
SRV - [2010/11/20 17:29:12 | 000,494,592 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\BFE.DLL – (BFE)
SRV - [2010/11/20 17:29:12 | 000,328,192 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\shsvcs.dll – (ShellHWDetection)
SRV - [2010/11/20 17:29:12 | 000,254,464 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\dhcpcore.dll – (Dhcp)
SRV - [2010/11/20 17:29:11 | 001,086,976 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\wevtsvc.dll – (eventlog)
SRV - [2010/11/20 17:29:08 | 000,585,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] – C:\Windows\System32\qmgr.dll – (BITS)
SRV - [2010/11/20 17:29:08 | 000,453,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\vds.exe – (vds)
SRV - [2010/11/20 17:29:07 | 000,330,240 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\QAGENTRT.DLL – (napagent)
SRV - [2010/11/20 17:29:07 | 000,242,176 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\tapisrv.dll – (TapiSrv)
SRV - [2010/11/20 17:29:07 | 000,168,960 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\srvsvc.dll – (LanmanServer)
SRV - [2010/11/20 17:29:07 | 000,113,664 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\SessEnv.dll – (SessionEnv)
SRV - [2010/11/20 17:29:07 | 000,084,480 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\wkssvc.dll – (LanmanWorkstation)
SRV - [2010/11/20 17:29:06 | 000,566,272 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\MPSSVC.dll – (MpsSvc)
SRV - [2009/12/01 15:43:26 | 000,176,128 | ---- | M] (Intel Corporation) [Auto | Running] – C:\Program Files\Intel\AMT\atchksrv.exe – (atchksrv)
SRV - [2009/12/01 15:43:12 | 002,519,040 | ---- | M] (Intel) [Auto | Running] – C:\Program Files\Intel\AMT\UNS.exe – (UNS)
SRV - [2009/12/01 15:42:22 | 000,102,400 | ---- | M] (Intel) [Auto | Running] – C:\Program Files\Intel\AMT\LMS.exe – (LMS)
SRV - [2009/07/13 21:16:20 | 000,073,728 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\wscsvc.dll – (wscsvc)
SRV - [2009/07/13 21:16:20 | 000,010,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\wpcsvc.dll – (WPCSvc)
SRV - [2009/07/13 21:16:19 | 000,829,440 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\wlansvc.dll – (Wlansvc)
SRV - [2009/07/13 21:16:19 | 000,168,960 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\wbem\WMIsvc.dll – (Winmgmt)
SRV - [2009/07/13 21:16:18 | 000,147,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\wecsvc.dll – (Wecsvc)
SRV - [2009/07/13 21:16:18 | 000,065,024 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\wersvc.dll – (WerSvc)
SRV - [2009/07/13 21:16:18 | 000,061,440 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\wercplsupport.dll – (wercplsupport)
SRV - [2009/07/13 21:16:17 | 000,288,768 | ---- | M] (Microsoft Corporation) [Auto | Stopped] – C:\Windows\System32\w32time.dll – (w32time)
SRV - [2009/07/13 21:16:17 | 000,266,752 | ---- | M] (Microsoft Corporation) [On_Demand | Running] – C:\Windows\System32\upnphost.dll – (upnphost)
SRV - [2009/07/13 21:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\wbiosrvc.dll – (WbioSrvc)
SRV - [2009/07/13 21:16:17 | 000,029,696 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\uxsms.dll – (UxSms)
SRV - [2009/07/13 21:16:16 | 000,077,312 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\trkwks.dll – (TrkWks)
SRV - [2009/07/13 21:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\themeservice.dll – (Themes)
SRV - [2009/07/13 21:16:15 | 000,313,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\swprv.dll – (swprv)
SRV - [2009/07/13 21:16:15 | 000,162,816 | ---- | M] (Microsoft Corporation) [On_Demand | Running] – C:\Windows\System32\ssdpsrv.dll – (SSDPSRV)
SRV - [2009/07/13 21:16:15 | 000,090,112 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\sstpsvc.dll – (SstpSvc)
SRV - [2009/07/13 21:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\StorSvc.dll – (StorSvc)
SRV - [2009/07/13 21:16:13 | 000,132,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\SCardSvr.dll – (SCardSvr)
SRV - [2009/07/13 21:16:13 | 000,112,640 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\regsvc.dll – (RemoteRegistry)
SRV - [2009/07/13 21:16:13 | 000,049,664 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\Sens.dll – (SENS)
SRV - [2009/07/13 21:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\RpcEpMap.dll – (RpcEptMapper)
SRV - [2009/07/13 21:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\sensrsvc.dll – (SensrSvc)
SRV - [2009/07/13 21:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\PeerDistSvc.dll – (PeerDistSvc)
SRV - [2009/07/13 21:16:12 | 000,327,680 | ---- | M] (Microsoft Corporation) [On_Demand | Running] – C:\Windows\System32\p2psvc.dll – (p2psvc)
SRV - [2009/07/13 21:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] – C:\Windows\System32\pnrpsvc.dll – (PNRPsvc)
SRV - [2009/07/13 21:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] – C:\Windows\System32\pnrpsvc.dll – (p2pimsvc)
SRV - [2009/07/13 21:16:12 | 000,210,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\qwave.dll – (QWAVE)
SRV - [2009/07/13 21:16:12 | 000,090,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\rasauto.dll – (RasAuto)
SRV - [2009/07/13 21:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\pnrpauto.dll – (PNRPAutoReg)
SRV - [2009/07/13 21:16:11 | 000,019,456 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\nsisvc.dll – (nsi)
SRV - [2009/07/13 21:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] – C:\Windows\System32\netprofm.dll – (netprofm)
SRV - [2009/07/13 21:16:03 | 000,280,576 | ---- | M] (Microsoft Corporation) [On_Demand | Running] – C:\Windows\System32\netman.dll – (Netman)
SRV - [2009/07/13 21:15:43 | 000,308,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\msdtckrm.dll – (KtmRm)
SRV - [2009/07/13 21:15:41 | 000,075,264 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] – C:\Windows\System32\mprdim.dll – (RemoteAccess)
SRV - [2009/07/13 21:15:41 | 000,049,664 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\mmcss.dll – (THREADORDER)
SRV - [2009/07/13 21:15:41 | 000,049,664 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\mmcss.dll – (MMCSS)
SRV - [2009/07/13 21:15:36 | 000,189,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\lltdsvc.dll – (lltdsvc)
SRV - [2009/07/13 21:15:36 | 000,018,432 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\lmhsvc.dll – (lmhosts)
SRV - [2009/07/13 21:15:34 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\iscsiexe.dll – (MSiSCSI)
SRV - [2009/07/13 21:15:33 | 000,300,544 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] – C:\Windows\System32\ipnathlp.dll – (SharedAccess)
SRV - [2009/07/13 21:15:33 | 000,078,848 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\IPBusEnum.dll – (IPBusEnum)
SRV - [2009/07/13 21:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Running] – C:\Windows\System32\hidserv.dll – (hidserv)
SRV - [2009/07/13 21:15:20 | 000,028,160 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\FDResPub.dll – (FDResPub)
SRV - [2009/07/13 21:15:20 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Running] – C:\Windows\System32\fdPHost.dll – (fdPHost)
SRV - [2009/07/13 21:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\es.dll – (EventSystem)
SRV - [2009/07/13 21:15:13 | 000,098,304 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\eapsvc.dll – (EapHost)
SRV - [2009/07/13 21:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\defragsvc.dll – (defragsvc)
SRV - [2009/07/13 21:15:00 | 000,064,512 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\bthserv.dll – (bthserv)
SRV - [2009/07/13 21:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\bdesvc.dll – (BDESVC)
SRV - [2009/07/13 21:14:53 | 000,149,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\appmgmts.dll – (AppMgmt)
SRV - [2009/07/13 21:14:46 | 000,136,192 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\wbem\WmiApSrv.exe – (wmiApSrv)
SRV - [2009/07/13 21:14:43 | 000,035,840 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\UI0Detect.exe – (UI0Detect)
SRV - [2009/07/13 21:14:39 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\snmptrap.exe – (SNMPTRAP)
SRV - [2009/07/13 21:14:25 | 000,134,144 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\msdtc.exe – (MSDTC)
SRV - [2009/07/13 21:14:22 | 000,009,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\Locator.exe – (RpcLocator)
SRV - [2009/07/13 21:14:19 | 000,094,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\ehome\ehsched.exe – (ehSched)
SRV - [2009/07/13 21:14:18 | 000,007,168 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\dllhost.exe – (COMSysApp)
SRV - [2009/07/13 21:14:11 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\alg.exe – (ALG)
SRV - [2009/06/10 17:14:51 | 000,042,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\Microsoft.NET\Framework\v3.0\WPF\Presen tationFontCache.exe – (FontCache3.0.0.0)
SRV - [2007/05/31 10:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\WindowsMobile\wcescomm.dll – (WcesComm)
SRV - [2007/05/31 10:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\WindowsMobile\rapimgr.dll – (RapiMgr)

========== Driver Services (All) ==========

DRV - File not found [Kernel | On_Demand | Stopped] – system32\drivers\mfeplk.sys – (mfeplk)
DRV - File not found [Kernel | On_Demand | Stopped] – system32\drivers\bcbtums.sys – (bcbtums)
DRV - [2017/06/29 10:30:25 | 000,162,240 | ---- | M] (Malwarebytes) [File_System | Auto | Running] – C:\Windows\System32\drivers\MBAMChameleon.sys – (MBAMChameleon)
DRV - [2017/06/29 10:30:20 | 000,040,352 | ---- | M] (Malwarebytes) [File_System | On_Demand | Stopped] – C:\Windows\System32\drivers\mbam.sys – (MBAMProtection)
DRV - [2017/06/29 10:30:19 | 000,221,600 | ---- | M] (Malwarebytes) [File_System | On_Demand | Running] – C:\Windows\System32\drivers\MBAMSwissArmy.sys – (MBAMSwissArmy)
DRV - [2017/05/21 00:10:13 | 000,137,960 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] – C:\Windows\System32\drivers\ksecpkg.sys – (KSecPkg)
DRV - [2017/05/21 00:10:13 | 000,067,304 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] – C:\Windows\System32\drivers\ksecdd.sys – (KSecDD)
DRV - [2017/05/20 23:43:01 | 000,226,304 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] – C:\Windows\System32\drivers\mrxsmb10.sys – (mrxsmb10)
DRV - [2017/05/20 23:42:58 | 000,098,304 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] – C:\Windows\System32\drivers\mrxsmb20.sys – (mrxsmb20)
DRV - [2017/05/20 23:42:53 | 000,124,416 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] – C:\Windows\System32\drivers\mrxsmb.sys – (mrxsmb)
DRV - [2017/05/12 13:45:36 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\appid.sys – (AppID)
DRV - [2017/05/10 10:47:49 | 000,074,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] – C:\Windows\System32\drivers\tdx.sys – (tdx)
DRV - [2017/05/07 11:14:32 | 000,078,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] – C:\Windows\System32\drivers\mountmgr.sys – (mountmgr)
DRV - [2017/04/07 11:26:50 | 000,730,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] – C:\Windows\System32\drivers\dxgkrnl.sys – (DXGKrnl)
DRV - [2017/04/05 11:00:19 | 000,311,808 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] – C:\Windows\System32\drivers\srv.sys – (srv)
DRV - [2017/04/05 11:00:11 | 000,313,856 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] – C:\Windows\System32\drivers\srv2.sys – (srv2)
DRV - [2017/04/05 11:00:07 | 000,116,224 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] – C:\Windows\System32\drivers\srvnet.sys – (srvnet)
DRV - [2017/04/04 11:25:44 | 001,309,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\tcpip.sys – (TCPIP6)
DRV - [2017/04/04 11:25:44 | 001,309,928 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] – C:\Windows\System32\drivers\tcpip.sys – (Tcpip)
DRV - [2017/04/04 10:52:22 | 000,338,944 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] – C:\Windows\System32\drivers\afd.sys – (AFD)
DRV - [2017/03/10 11:51:41 | 000,148,992 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] – C:\Windows\System32\drivers\fastfat.sys – (fastfat)
DRV - [2017/03/10 11:51:40 | 000,142,336 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] – C:\Windows\System32\drivers\exfat.sys – (exfat)
DRV - [2016/12/18 22:20:31 | 000,038,984 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\aswTap.sys – (aswTap)
DRV - [2016/11/20 10:07:42 | 000,373,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] – C:\Windows\System32\drivers\cng.sys – (CNG)
DRV - [2016/11/17 12:27:53 | 000,250,600 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] – C:\Windows\System32\clfs.sys – (CLFS)
DRV - [2016/10/05 10:50:29 | 000,068,608 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] – C:\Windows\System32\drivers\bowser.sys – (bowser)
DRV - [2016/09/08 10:49:59 | 000,117,248 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] – C:\Windows\System32\drivers\mrxdav.sys – (MRxDAV)
DRV - [2016/09/08 10:49:56 | 000,081,408 | ---- | M] (Microsoft Corporation) [File_System | System | Running] – C:\Windows\System32\drivers\dfsc.sys – (DfsC)
DRV - [2016/08/16 16:27:20 | 000,259,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] – C:\Windows\System32\drivers\usbhub.sys – (usbhub)
DRV - [2016/08/16 16:27:02 | 000,076,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] – C:\Windows\System32\drivers\usbccgp.sys – (usbccgp)
DRV - [2016/08/16 16:26:59 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] – C:\Windows\System32\drivers\usbehci.sys – (usbehci)
DRV - [2016/08/16 16:26:58 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\usbohci.sys – (usbohci)
DRV - [2016/08/16 16:26:56 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] – C:\Windows\System32\drivers\usbuhci.sys – (usbuhci)
DRV - [2016/07/22 03:21:06 | 000,146,048 | ---- | M] (Samsung Electronics Co., Ltd.) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\ssudmdm.sys – (ssudmdm)
DRV - [2016/07/22 03:21:06 | 000,107,648 | ---- | M] (Samsung Electronics Co., Ltd.) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\ssudbus.sys – (dg_ssudbus)
DRV - [2016/07/07 10:57:43 | 000,035,840 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] – C:\Windows\System32\drivers\tcpipreg.sys – (tcpipreg)
DRV - [2016/06/14 11:17:57 | 000,593,920 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] – C:\Windows\System32\drivers\PEAuth.sys – (PEAUTH)
DRV - [2016/05/11 10:52:27 | 000,188,928 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] – C:\Windows\System32\drivers\netbt.sys – (NetBT)
DRV - [2016/02/03 13:59:58 | 000,076,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\USBSTOR.SYS – (USBSTOR)
DRV - [2016/01/20 20:51:31 | 000,057,280 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] – C:\Windows\System32\drivers\disk.sys – (Disk)
DRV - [2016/01/11 14:54:03 | 001,212,352 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] – C:\Windows\System32\drivers\ntfs.sys – (Ntfs)
DRV - [2015/12/08 17:11:16 | 000,005,120 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\drmkaud.sys – (drmkaud)
DRV - [2015/10/13 17:59:10 | 000,116,200 | ---- | M] (Motorola Solutions, Inc.) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\btmaux.sys – (btmaux)
DRV - [2015/10/13 17:59:08 | 000,072,168 | ---- | M] (Motorola Solutions, Inc.) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\btmaud.sys – (btmaudio)
DRV - [2015/10/13 00:50:31 | 000,712,640 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] – C:\Windows\System32\drivers\ndis.sys – (NDIS)
DRV - [2015/05/29 16:43:42 | 000,026,792 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] – C:\Windows\System32\drivers\Smb_driver_Intel.sys – (SmbDrvI)
DRV - [2015/02/24 23:03:14 | 000,514,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] – C:\Windows\System32\drivers\http.sys – (HTTP)
DRV - [2014/07/16 21:03:11 | 000,184,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\rdpwd.sys – (RDPWD)
DRV - [2014/07/16 21:02:33 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\tssecsrv.sys – (tssecsrv)
DRV - [2014/02/03 22:07:50 | 000,234,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\msiscsi.sys – (iScsiPrt)
DRV - [2013/07/12 06:07:54 | 000,086,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\usbcir.sys – (usbcir)
DRV - [2013/07/03 00:02:48 | 000,036,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\usbscan.sys – (usbscan)
DRV - [2013/06/25 18:56:40 | 000,527,064 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] – C:\Windows\System32\drivers\Wdf01000.sys – (Wdf01000)
DRV - [2013/01/24 00:47:07 | 000,196,328 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] – C:\Windows\System32\drivers\fvevol.sys – (fvevol)
DRV - [2012/10/30 02:22:30 | 000,232,312 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] – C:\Windows\System32\drivers\e1e6232.sys – (e1express)
DRV - [2012/07/25 22:33:43 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\WUDFPf.sys – (WudfPf)
DRV - [2012/07/25 22:32:51 | 000,155,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\WUDFRd.sys – (WUDFRd)
DRV - [2012/07/06 15:23:23 | 000,393,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\bthport.sys – (BTHPORT)
DRV - [2012/03/31 23:53:04 | 000,153,128 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\btwaudio.sys – (btwaudio)
DRV - [2012/03/31 23:52:58 | 000,504,360 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\btwampfl.sys – (btwampfl)
DRV - [2012/03/17 03:27:18 | 000,056,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] – C:\Windows\System32\drivers\partmgr.sys – (partmgr)
DRV - [2012/03/05 08:29:16 | 000,175,144 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\btwavdt.sys – (btwavdt)
DRV - [2012/03/05 08:28:58 | 000,018,728 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\btwrchid.sys – (btwrchid)
DRV - [2012/03/01 01:46:57 | 000,019,824 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] – C:\Windows\System32\drivers\fs_rec.sys – (Fs_Rec)
DRV - [2012/02/17 00:13:22 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\tdtcp.sys – (TDTCP)
DRV - [2011/09/16 21:36:56 | 000,033,832 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\btwl2cap.sys – (btwl2cap)
DRV - [2011/04/27 23:15:03 | 000,060,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\BTHUSB.SYS – (BTHUSB)
DRV - [2011/03/11 01:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\nvstor.sys – (nvstor)
DRV - [2011/03/11 01:39:00 | 000,117,120 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\nvraid.sys – (nvraid)
DRV - [2011/03/11 01:38:51 | 000,332,160 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\iaStorV.sys – (iaStorV)
DRV - [2011/03/11 01:38:37 | 000,080,256 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\amdsata.sys – (amdsata)
DRV - [2011/03/11 01:38:37 | 000,022,400 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] – C:\Windows\System32\drivers\amdxata.sys – (amdxata)
DRV - [2010/11/20 17:29:49 | 000,133,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\rdpdr.sys – (RDPDR)
DRV - [2010/11/20 17:29:26 | 000,388,096 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] – C:\Windows\System32\drivers\csc.sys – (CSC)
DRV - [2010/11/20 17:29:24 | 000,173,440 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] – C:\Windows\System32\drivers\rdyboost.sys – (rdyboost)
DRV - [2010/11/20 17:29:24 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\TsUsbFlt.sys – (TsUsbFlt)
DRV - [2010/11/20 17:29:20 | 000,108,544 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] – C:\Windows\System32\drivers\tunnel.sys – (tunnel)
DRV - [2010/11/20 17:29:20 | 000,063,488 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] – C:\Windows\System32\drivers\wanarp.sys – (Wanarpv6)
DRV - [2010/11/20 17:29:20 | 000,063,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\wanarp.sys – (WANARP)
DRV - [2010/11/20 17:29:20 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] – C:\Windows\System32\drivers\ndproxy.sys – (NDProxy)
DRV - [2010/11/20 17:29:20 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\scfilter.sys – (scfilter)
DRV - [2010/11/20 17:29:19 | 000,242,688 | ---- | M] (Microsoft Corporation) [File_System | System | Running] – C:\Windows\System32\drivers\rdbss.sys – (rdbss)
DRV - [2010/11/20 17:29:19 | 000,118,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] – C:\Windows\System32\drivers\ndiswan.sys – (NdisWan)
DRV - [2010/11/20 17:29:13 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\tdpipe.sys – (TDPIPE)
DRV - [2010/11/20 17:29:12 | 000,246,784 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] – C:\Windows\System32\drivers\udfs.sys – (udfs)
DRV - [2010/11/20 17:29:12 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] – C:\Windows\System32\drivers\RDPCDD.sys – (RDPCDD)
DRV - [2010/11/20 17:29:07 | 000,046,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\ndisuio.sys – (Ndisuio)
DRV - [2010/11/20 17:29:04 | 000,014,208 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] – C:\Windows\System32\drivers\hwpolicy.sys – (hwpolicy)
DRV - [2010/11/20 17:29:03 | 000,304,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\HdAudio.sys – (HdAudAddService)
DRV - [2010/11/20 17:29:03 | 000,274,304 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] – C:\Windows\System32\drivers\acpi.sys – (ACPI)
DRV - [2010/11/20 17:29:03 | 000,245,632 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] – C:\Windows\System32\drivers\volsnap.sys – (volsnap)
DRV - [2010/11/20 17:29:03 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\vmbus.sys – (vmbus)
DRV - [2010/11/20 17:29:03 | 000,164,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\1394ohci.sys – (1394ohci)
DRV - [2010/11/20 17:29:03 | 000,160,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\vhdmp.sys – (vhdmp)
DRV - [2010/11/20 17:29:03 | 000,153,984 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] – C:\Windows\System32\drivers\pci.sys – (pci)
DRV - [2010/11/20 17:29:03 | 000,130,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\mpio.sys – (mpio)
DRV - [2010/11/20 17:29:03 | 000,116,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\msdsm.sys – (msdsm)
DRV - [2010/11/20 17:29:03 | 000,108,544 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] – C:\Windows\System32\drivers\hdaudbus.sys – (HDAudBus)
DRV - [2010/11/20 17:29:03 | 000,108,544 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] – C:\Windows\System32\drivers\cdrom.sys – (cdrom)
DRV - [2010/11/20 17:29:03 | 000,085,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\sbp2port.sys – (sbp2port)
DRV - [2010/11/20 17:29:03 | 000,065,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\IPMIDrv.sys – (IPMIDRV)
DRV - [2010/11/20 17:29:03 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\dmvsc.sys – (dmvsc)
DRV - [2010/11/20 17:29:03 | 000,053,120 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] – C:\Windows\System32\drivers\volmgr.sys – (volmgr)
DRV - [2010/11/20 17:29:03 | 000,053,120 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] – C:\Windows\System32\drivers\termdd.sys – (TermDD)
DRV - [2010/11/20 17:29:03 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] – C:\Windows\System32\drivers\vmstorfl.sys – (storflt)
DRV - [2010/11/20 17:29:03 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] – C:\Windows\System32\drivers\umbus.sys – (umbus)
DRV - [2010/11/20 17:29:03 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\winusb.sys – (WinUsb)
DRV - [2010/11/20 17:29:03 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] – C:\Windows\System32\drivers\CompositeBus.sys – (CompositeBus)
DRV - [2010/11/20 17:29:03 | 000,028,160 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] – C:\Windows\System32\drivers\kbdhid.sys – (kbdhid)
DRV - [2010/11/20 17:29:03 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\storvsc.sys – (storvsc)
DRV - [2010/11/20 17:29:03 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\msahci.sys – (msahci)
DRV - [2010/11/20 17:29:03 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\TsUsbGD.sys – (TsUsbGD)
DRV - [2010/11/20 17:29:03 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] – C:\Windows\System32\drivers\hidusb.sys – (HidUsb)
DRV - [2010/11/20 17:29:03 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\VMBusHID.sys – (VMBusHID)
DRV - [2010/11/20 17:29:03 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\sffp_sd.sys – (sffp_sd)
DRV - [2010/11/20 17:29:03 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\acpipmi.sys – (AcpiPmi)
DRV - [2010/11/20 17:29:03 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\vms3cap.sys – (s3cap)
DRV - [2010/06/15 15:37:52 | 000,382,976 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Running] – C:\Windows\System32\drivers\ADIHdAud.sys – (ADIHdAudAddService)
DRV - [2009/09/23 19:18:14 | 004,808,192 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] – C:\Windows\System32\drivers\igdkmd32.sys – (igfx)
DRV - [2009/09/18 19:32:06 | 000,045,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] – C:\Windows\System32\drivers\HECI.sys – (HECI)
DRV - [2009/07/13 21:26:21 | 000,019,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\compbatt.sys – (Compbatt)
DRV - [2009/07/13 21:26:21 | 000,015,952 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\cmdide.sys – (cmdide)
DRV - [2009/07/13 21:26:17 | 000,297,552 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\adpahci.sys – (adpahci)
DRV - [2009/07/13 21:26:15 | 000,422,976 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\adp94xx.sys – (adp94xx)
DRV - [2009/07/13 21:26:15 | 000,159,312 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\amdsbs.sys – (amdsbs)
DRV - [2009/07/13 21:26:15 | 000,146,512 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\adpu320.sys – (adpu320)
DRV - [2009/07/13 21:26:15 | 000,086,608 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\arcsas.sys – (arcsas)
DRV - [2009/07/13 21:26:15 | 000,076,368 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\arc.sys – (arc)
DRV - [2009/07/13 21:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\AMDAGP.SYS – (amdagp)
DRV - [2009/07/13 21:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\AGP440.sys – (agp440)
DRV - [2009/07/13 21:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] – C:\Windows\System32\drivers\atapi.sys – (atapi)
DRV - [2009/07/13 21:26:15 | 000,014,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\amdide.sys – (amdide)
DRV - [2009/07/13 21:26:15 | 000,014,400 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\aliide.sys – (aliide)
DRV - [2009/07/13 21:20:45 | 000,012,368 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] – C:\Windows\System32\drivers\pciide.sys – (pciide)
DRV - [2009/07/13 21:20:44 | 000,162,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\msrpc.sys – (MsRPC)
DRV - [2009/07/13 21:20:44 | 000,105,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\NV_AGP.SYS – (nv_agp)
DRV - [2009/07/13 21:20:44 | 000,049,728 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] – C:\Windows\System32\drivers\mup.sys – (Mup)
DRV - [2009/07/13 21:20:44 | 000,044,624 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\nfrd960.sys – (nfrd960)
DRV - [2009/07/13 21:20:44 | 000,041,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] – C:\Windows\System32\drivers\mouclass.sys – (mouclass)
DRV - [2009/07/13 21:20:44 | 000,028,240 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] – C:\Windows\System32\drivers\mssmbios.sys – (mssmbios)
DRV - [2009/07/13 21:20:43 | 000,013,888 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] – C:\Windows\System32\drivers\msisadrv.sys – (msisadrv)
DRV - [2009/07/13 21:20:37 | 000,089,168 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\lsi_sas.sys – (LSI_SAS)
DRV - [2009/07/13 21:20:36 | 000,235,584 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\MegaSR.sys – (MegaSR)
DRV - [2009/07/13 21:20:36 | 000,096,848 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\lsi_scsi.sys – (LSI_SCSI)
DRV - [2009/07/13 21:20:36 | 000,095,824 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\lsi_fc.sys – (LSI_FC)
DRV - [2009/07/13 21:20:36 | 000,054,864 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\lsi_sas2.sys – (LSI_SAS2)
DRV - [2009/07/13 21:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\isapnp.sys – (isapnp)
DRV - [2009/07/13 21:20:36 | 000,042,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] – C:\Windows\System32\drivers\kbdclass.sys – (kbdclass)
DRV - [2009/07/13 21:20:36 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\iirsp.sys – (iirsp)
DRV - [2009/07/13 21:20:36 | 000,030,800 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\megasas.sys – (megasas)
DRV - [2009/07/13 21:20:36 | 000,015,424 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\intelide.sys – (intelide)
DRV - [2009/07/13 21:20:28 | 000,453,712 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\elxstor.sys – (elxstor)
DRV - [2009/07/13 21:20:28 | 000,198,208 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] – C:\Windows\System32\drivers\fltMgr.sys – (FltMgr)
DRV - [2009/07/13 21:20:28 | 000,070,720 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\djsvs.sys – (aic78xx)
DRV - [2009/07/13 21:20:28 | 000,067,152 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\HpSAMD.sys – (HpSAMD)
DRV - [2009/07/13 21:20:28 | 000,058,448 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] – C:\Windows\System32\drivers\fileinfo.sys – (FileInfo)
DRV - [2009/07/13 21:20:28 | 000,057,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\GAGP30KX.SYS – (gagp30kx)
DRV - [2009/07/13 21:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] – C:\Windows\System32\drivers\fsdepends.sys – (FsDepends)
DRV - [2009/07/13 21:20:28 | 000,022,096 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] – C:\Windows\System32\drivers\crcdisk.sys – (crcdisk)
DRV - [2009/07/13 21:19:11 | 000,297,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] – C:\Windows\System32\drivers\volmgrx.sys – (volmgrx)
DRV - [2009/07/13 21:19:11 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\vsmraid.sys – (vsmraid)
DRV - [2009/07/13 21:19:11 | 000,057,424 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\ULIAGPKX.SYS – (uliagpkx)
DRV - [2009/07/13 21:19:11 | 000,019,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\wd.sys – (Wd)
DRV - [2009/07/13 21:19:10 | 000,055,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\UAGP35.SYS – (uagp35)
DRV - [2009/07/13 21:19:10 | 000,053,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\VIAAGP.SYS – (viaagp)
DRV - [2009/07/13 21:19:10 | 000,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] – C:\Windows\System32\drivers\vdrvroot.sys – (vdrvroot)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] – C:\Windows\System32\drivers\wimmount.sys – (WIMMount)
DRV - [2009/07/13 21:19:10 | 000,016,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\viaide.sys – (viaide)
DRV - [2009/07/13 21:19:10 | 000,012,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] – C:\Windows\System32\drivers\swenum.sys – (swenum)
DRV - [2009/07/13 21:19:04 | 001,383,488 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\ql2300.sys – (ql2300)
DRV - [2009/07/13 21:19:04 | 000,106,064 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\ql40xx.sys – (ql40xx)
DRV - [2009/07/13 21:19:04 | 000,077,888 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\sisraid4.sys – (SiSRaid4)
DRV - [2009/07/13 21:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] – C:\Windows\System32\drivers\pcw.sys – (pcw)
DRV - [2009/07/13 21:19:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\sisraid2.sys – (SiSRaid2)
DRV - [2009/07/13 21:19:04 | 000,021,072 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\stexstor.sys – (stexstor)
DRV - [2009/07/13 21:19:03 | 000,180,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\pcmcia.sys – (pcmcia)
DRV - [2009/07/13 21:19:03 | 000,052,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\SISAGP.SYS – (sisagp)
DRV - [2009/07/13 21:19:03 | 000,017,472 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] – C:\Windows\System32\drivers\spldr.sys – (spldr)
DRV - [2009/07/13 20:57:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\BrSerId.sys – (Brserid)
DRV - [2009/07/13 20:18:07 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\WSDPrint.sys – (WSDPrintDevice)
DRV - [2009/07/13 20:17:06 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\usbprint.sys – (usbprint)
DRV - [2009/07/13 20:14:49 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\WSDScan.sys – (WSDScan)
DRV - [2009/07/13 20:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] – C:\Windows\System32\drivers\rdpbus.sys – (rdpbus)
DRV - [2009/07/13 20:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] – C:\Windows\System32\drivers\RDPREFMP.sys – (RDPREFMP)
DRV - [2009/07/13 20:01:39 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] – C:\Windows\System32\drivers\RDPENCDD.sys – (RDPENCDD)
DRV - [2009/07/13 19:55:24 | 000,031,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\modem.sys – (Modem)
DRV - [2009/07/13 19:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] – C:\Windows\System32\drivers\ws2ifsl.sys – (ws2ifsl)
DRV - [2009/07/13 19:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] – C:\Windows\System32\drivers\agilevpn.sys – (RasAgileVpn)
DRV - [2009/07/13 19:54:58 | 000,075,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] – C:\Windows\System32\drivers\rassstp.sys – (RasSstp)
DRV - [2009/07/13 19:54:53 | 000,077,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] – C:\Windows\System32\drivers\raspppoe.sys – (RasPppoe)
DRV - [2009/07/13 19:54:48 | 000,073,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] – C:\Windows\System32\drivers\raspptp.sys – (PptpMiniport)
DRV - [2009/07/13 19:54:46 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] – C:\Windows\System32\drivers\asyncmac.sys – (AsyncMac)
DRV - [2009/07/13 19:54:40 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\rasacd.sys – (RasAcd)
DRV - [2009/07/13 19:54:34 | 000,078,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] – C:\Windows\System32\drivers\rasl2tp.sys – (Rasl2tp)
DRV - [2009/07/13 19:54:29 | 000,101,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\ipnat.sys – (IPNAT)
DRV - [2009/07/13 19:54:29 | 000,058,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\ipfltdrv.sys – (IpFilterDriver)
DRV - [2009/07/13 19:54:24 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] – C:\Windows\System32\drivers\ndistapi.sys – (NdisTapi)
DRV - [2009/07/13 19:54:13 | 000,031,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\qwavedrv.sys – (QWAVEdrv)
DRV - [2009/07/13 19:53:58 | 000,104,448 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] – C:\Windows\System32\drivers\pacer.sys – (Psched)
DRV - [2009/07/13 19:53:54 | 000,036,352 | ---- | M] (Microsoft Corporation) [File_System | System | Running] – C:\Windows\System32\drivers\netbios.sys – (NetBIOS)
DRV - [2009/07/13 19:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] – C:\Windows\System32\drivers\wfplwf.sys – (WfpLwf)
DRV - [2009/07/13 19:53:41 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\smb.sys – (Smb)
DRV - [2009/07/13 19:53:27 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\irenum.sys – (IRENUM)
DRV - [2009/07/13 19:53:20 | 000,060,928 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] – C:\Windows\System32\drivers\rspndr.sys – (rspndr)
DRV - [2009/07/13 19:53:19 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] – C:\Windows\System32\drivers\lltdio.sys – (lltdio)
DRV - [2009/07/13 19:52:53 | 000,060,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] – C:\Windows\System32\drivers\mpsdrv.sys – (mpsdrv)
DRV - [2009/07/13 19:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\ndiscap.sys – (NdisCap)
DRV - [2009/07/13 19:52:03 | 000,267,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\nwifi.sys – (NativeWifiP)
DRV - [2009/07/13 19:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\vwifibus.sys – (vwifibus)
DRV - [2009/07/13 19:51:43 | 000,093,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\bthpan.sys – (BthPan)
DRV - [2009/07/13 19:51:41 | 000,129,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\rfcomm.sys – (RFCOMM)
DRV - [2009/07/13 19:51:36 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\bthenum.sys – (BthEnum)
DRV - [2009/07/13 19:51:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\umpass.sys – (UmPass)
DRV - [2009/07/13 19:51:34 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\bthmodem.sys – (BTHMODEM)
DRV - [2009/07/13 19:51:33 | 000,091,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\hidbth.sys – (HidBth)
DRV - [2009/07/13 19:51:29 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\ohci1394.sys – (ohci1394)
DRV - [2009/07/13 19:51:17 | 000,037,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\circlass.sys – (circlass)
DRV - [2009/07/13 19:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\mshidkmdf.sys – (mshidkmdf)
DRV - [2009/07/13 19:51:05 | 000,037,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\hidir.sys – (HidIr)
DRV - [2009/07/13 19:46:55 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\MTConfig.sys – (MTConfig)
DRV - [2009/07/13 19:46:53 | 000,021,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\wacompen.sys – (WacomPen)
DRV - [2009/07/13 19:45:52 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\sfloppy.sys – (sfloppy)
DRV - [2009/07/13 19:45:52 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\sffp_mmc.sys – (sffp_mmc)
DRV - [2009/07/13 19:45:52 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\sffdisk.sys – (sffdisk)
DRV - [2009/07/13 19:45:45 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\fdc.sys – (fdc)
DRV - [2009/07/13 19:45:45 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\flpydisk.sys – (flpydisk)
DRV - [2009/07/13 19:45:35 | 000,079,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] – C:\Windows\System32\drivers\parport.sys – (Parport)
DRV - [2009/07/13 19:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | System | Running] – C:\Windows\System32\drivers\serial.sys – (Serial)
DRV - [2009/07/13 19:45:29 | 000,008,704 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] – C:\Windows\System32\drivers\parvdm.sys – (Parvdm)
DRV - [2009/07/13 19:45:28 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] – C:\Windows\System32\drivers\serenum.sys – (Serenum)
DRV - [2009/07/13 19:45:08 | 000,026,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] – C:\Windows\System32\drivers\mouhid.sys – (mouhid)
DRV - [2009/07/13 19:45:08 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\sermouse.sys – (sermouse)
DRV - [2009/07/13 19:45:08 | 000,008,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\mskssrv.sys – (MSKSSRV)
DRV - [2009/07/13 19:45:08 | 000,006,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\mstee.sys – (MSTEE)
DRV - [2009/07/13 19:45:08 | 000,005,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\mspclock.sys – (MSPCLOCK)
DRV - [2009/07/13 19:45:07 | 000,005,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\mspqm.sys – (MSPQM)
DRV - [2009/07/13 19:45:01 | 000,006,144 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] – C:\Windows\System32\drivers\beep.sys – (Beep)
DRV - [2009/07/13 19:25:59 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] – C:\Windows\System32\drivers\monitor.sys – (monitor)
DRV - [2009/07/13 19:25:51 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] – C:\Windows\System32\drivers\vga.sys – (VgaSave)
DRV - [2009/07/13 19:25:49 | 000,026,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\vgapnp.sys – (vga)
DRV - [2009/07/13 19:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] – C:\Windows\System32\drivers\discache.sys – (discache)
DRV - [2009/07/13 19:23:04 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] – C:\Windows\System32\drivers\blbdrive.sys – (blbdrive)
DRV - [2009/07/13 19:19:21 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\hidbatt.sys – (HidBatt)
DRV - [2009/07/13 19:19:19 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\errdev.sys – (ErrDev)
DRV - [2009/07/13 19:19:18 | 000,014,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\CmBatt.sys – (CmBatt)
DRV - [2009/07/13 19:19:17 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\wmiacpi.sys – (WmiAcpi)
DRV - [2009/07/13 19:15:45 | 000,086,528 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] – C:\Windows\System32\drivers\luafv.sys – (luafv)
DRV - [2009/07/13 19:15:29 | 000,028,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] – C:\Windows\System32\drivers\filetrace.sys – (Filetrace)
DRV - [2009/07/13 19:12:08 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] – C:\Windows\System32\drivers\nsiproxy.sys – (nsiproxy)
DRV - [2009/07/13 19:11:32 | 000,035,328 | ---- | M] (Microsoft Corporation) [File_System | System | Running] – C:\Windows\System32\drivers\npfs.sys – (Npfs)
DRV - [2009/07/13 19:11:26 | 000,022,528 | ---- | M] (Microsoft Corporation) [File_System | System | Running] – C:\Windows\System32\drivers\msfs.sys – (Msfs)
DRV - [2009/07/13 19:11:24 | 000,080,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\i8042prt.sys – (i8042prt)
DRV - [2009/07/13 19:11:15 | 000,070,656 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] – C:\Windows\System32\drivers\cdfs.sys – (cdfs)
DRV - [2009/07/13 19:11:12 | 000,004,608 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] – C:\Windows\System32\drivers\null.sys – (Null)
DRV - [2009/07/13 19:11:04 | 000,055,296 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\amdk8.sys – (AmdK8)
DRV - [2009/07/13 19:11:04 | 000,053,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] – C:\Windows\System32\drivers\intelppm.sys – (intelppm)
DRV - [2009/07/13 19:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\viac7.sys – (ViaC7)
DRV - [2009/07/13 19:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\amdppm.sys – (AmdPPM)
DRV - [2009/07/13 19:11:04 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\processr.sys – (Processor)
DRV - [2009/07/13 18:54:14 | 000,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\hcw85cir.sys – (hcw85cir)
DRV - [2009/07/13 18:53:33 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\BrUsbMdm.sys – (BrUsbMdm)
DRV - [2009/07/13 18:53:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\BrUsbSer.sys – (BrUsbSer)
DRV - [2009/07/13 18:53:32 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\BrSerWdm.sys – (BrSerWdm)
DRV - [2009/07/13 18:53:28 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\BrFiltLo.sys – (BrFiltLo)
DRV - [2009/07/13 18:53:28 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\BrFiltUp.sys – (BrFiltUp)
DRV - [2009/07/13 18:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\b57nd60x.sys – (b57nd60x)
DRV - [2009/07/13 18:02:48 | 003,100,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\evbdx.sys – (ebdrv)
DRV - [2009/07/13 18:02:48 | 000,430,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\bxvbdx.sys – (b06bdrv)
DRV - [2009/07/13 17:41:34 | 000,002,864 | ---- | M] (Microsoft Corporation) [Adapter | On_Demand | Unknown] – C:\Windows\System32\WINSOCK.DLL – (Winsock)
DRV - [2009/07/13 16:50:20 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Disabled | Stopped] – C:\Windows\System32\drivers\secdrv.sys – (secdrv)

========== Standard Registry (All) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = Search - Microsoft Bing
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Search - Microsoft Bing
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com
IE - HKLM..\SearchScopes{2f23ab71-4ac6-41f2-a955-ea576e553146}: “URL” = Search - Microsoft Bing {searchTerms}&FORM=IE8SRC

IE - HKU.DEFAULT\Software\Microsoft\Windows\CurrentVers ion\Internet Settings: “ProxyEnable” = 0
IE - HKU.DEFAULT\Software\Microsoft\Windows\CurrentVers ion\Internet Settings: “ProxyOverride” = *.local

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Inter net Settings: “ProxyEnable” = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Inter net Settings: “ProxyOverride” = *.local

IE - HKU\S-1-5-19..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)

IE - HKU\S-1-5-20..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)

IE - HKU\S-1-5-21-3292114827-816517840-1514174382-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKU\S-1-5-21-3292114827-816517840-1514174382-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/
IE - HKU\S-1-5-21-3292114827-816517840-1514174382-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Search - Microsoft Bing
IE - HKU\S-1-5-21-3292114827-816517840-1514174382-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-3292114827-816517840-1514174382-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKU\S-1-5-21-3292114827-816517840-1514174382-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 5F FF 75 80 CC E2 D2 01 [binary data]
IE - HKU\S-1-5-21-3292114827-816517840-1514174382-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP = 47 B9 81 76 61 E4 D2 01 [binary data]
IE - HKU\S-1-5-21-3292114827-816517840-1514174382-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = Reg Error: Value error.
IE - HKU\S-1-5-21-3292114827-816517840-1514174382-1000..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-21-3292114827-816517840-1514174382-1000..\SearchScopes,DefaultScope = {91566AD5-071B-451D-9504-A58141841FA2}
IE - HKU\S-1-5-21-3292114827-816517840-1514174382-1000..\SearchScopes{91566AD5-071B-451D-9504-A58141841FA2}: “URL” = Google {searchTerms}&sourceid=ie7&rls=com.microsoft:{lang uage}:{referrer:source}&ie={inputEncoding?}&oe={ou tputEncoding?}
IE - HKU\S-1-5-21-3292114827-816517840-1514174382-1000\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings: “ProxyEnable” = 0
IE - HKU\S-1-5-21-3292114827-816517840-1514174382-1000\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings: “ProxyOverride” = *.local

========== FireFox ==========

FF - prefs.js..browser.search.countryCode: “US”
FF - prefs.js..browser.search.defaultenginename: “google”
FF - prefs.js..browser.search.hiddenOneOffs: “Yahoo,Amazon.com,DuckDuckGo,Twitter,Wikipedia (en)”
FF - prefs.js..browser.search.region: “US”
FF - prefs.js..browser.search.selectedEngine: “Yahoo! Powered”
FF - prefs.js..browser.startup.homepage: “www.google.com”
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:53.0.3
FF - prefs.js..keyword.URL: true
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins@citrixonline.com/appdetectorplugin: C:\Users\hilton\AppData\Local\Citrix\Plugins\104\n pappdetector.dll (Citrix Online)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extens ions\rf-firefox@siber.com: C:\Program Files\Siber Systems\AI RoboForm\Firefox\roboform.xpi [2017/06/21 14:27:40 | 001,151,353 | ---- | M] ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 52.0\extensions\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 52.0\extensions\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensi ons\rf-firefox@siber.com: C:\Program Files\Siber Systems\AI RoboForm\Firefox\roboform.xpi [2017/06/21 14:27:40 | 001,151,353 | ---- | M] ()
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 53.0.3\extensions\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 53.0.3\extensions\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2016/12/30 13:39:31 | 000,000,000 | —D | M] (No name found) – C:\Users\hilton\AppData\Roaming\Mozilla\Extensions
[2017/06/26 14:32:30 | 000,000,000 | —D | M] (No name found) – C:\Users\hilton\AppData\Roaming\Mozilla\Firefox\Pr ofiles\pc153f57.default-1485114558992\browser-extension-data
[2017/06/26 14:32:30 | 000,000,000 | —D | M] (No name found) – C:\Users\hilton\AppData\Roaming\Mozilla\Firefox\Pr ofiles\pc153f57.default-1485114558992\browser-extension-data{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2017/06/13 11:25:54 | 000,000,000 | —D | M] (No name found) – C:\Users\hilton\AppData\Roaming\Mozilla\Firefox\Pr ofiles\pc153f57.default-1485114558992\extensions
[2017/06/13 11:25:53 | 001,059,016 | ---- | M] () (No name found) – C:\Users\hilton\AppData\Roaming\Mozilla\Firefox\Pr ofiles\pc153f57.default-1485114558992\extensions{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2017/04/06 12:45:17 | 000,005,297 | ---- | M] () (No name found) – C:\Users\hilton\AppData\Roaming\Mozilla\Firefox\Pr ofiles\pc153f57.default-1485114558992\features{24ba2855-20b3-4585-bcde-f033a53eda89}\disable-prefetch@mozilla.org.xpi
[2017/04/06 12:45:17 | 000,007,195 | ---- | M] () (No name found) – C:\Users\hilton\AppData\Roaming\Mozilla\Firefox\Pr ofiles\pc153f57.default-1485114558992\features{24ba2855-20b3-4585-bcde-f033a53eda89}\e10srollout@mozilla.org.xpi
[2017/06/13 11:26:00 | 000,005,328 | ---- | M] () (No name found) – C:\Users\hilton\AppData\Roaming\Mozilla\Firefox\Pr ofiles\pc153f57.default-1485114558992\features{4586968c-b104-4f8e-ba26-6d251e589a74}\disable-cert-transparency@mozilla.org.xpi
[2017/06/13 11:26:01 | 000,005,297 | ---- | M] () (No name found) – C:\Users\hilton\AppData\Roaming\Mozilla\Firefox\Pr ofiles\pc153f57.default-1485114558992\features{4586968c-b104-4f8e-ba26-6d251e589a74}\disable-prefetch@mozilla.org.xpi
[2017/06/13 11:26:01 | 000,007,195 | ---- | M] () (No name found) – C:\Users\hilton\AppData\Roaming\Mozilla\Firefox\Pr ofiles\pc153f57.default-1485114558992\features{4586968c-b104-4f8e-ba26-6d251e589a74}\e10srollout@mozilla.org.xpi
[2017/04/12 16:20:06 | 000,005,297 | ---- | M] () (No name found) – C:\Users\hilton\AppData\Roaming\Mozilla\Firefox\Pr ofiles\pc153f57.default-1485114558992\features{a50a3c83-bc20-49cb-8701-088133a3746b}\disable-prefetch@mozilla.org.xpi
[2017/04/12 16:20:09 | 000,007,195 | ---- | M] () (No name found) – C:\Users\hilton\AppData\Roaming\Mozilla\Firefox\Pr ofiles\pc153f57.default-1485114558992\features{a50a3c83-bc20-49cb-8701-088133a3746b}\e10srollout@mozilla.org.xpi
[2017/04/17 11:20:07 | 000,005,297 | ---- | M] () (No name found) – C:\Users\hilton\AppData\Roaming\Mozilla\Firefox\Pr ofiles\pc153f57.default-1485114558992\features{d2c77760-8bdc-4d39-8b9d-8fbc07ab6b8b}\disable-prefetch@mozilla.org.xpi
[2017/04/17 11:20:07 | 000,007,195 | ---- | M] () (No name found) – C:\Users\hilton\AppData\Roaming\Mozilla\Firefox\Pr ofiles\pc153f57.default-1485114558992\features{d2c77760-8bdc-4d39-8b9d-8fbc07ab6b8b}\e10srollout@mozilla.org.xpi
[2017/06/28 15:25:11 | 000,000,000 | —D | M] (No name found) – C:\Program Files\Mozilla Firefox\browser\extensions

O1 HOSTS File: ([2017/05/17 13:54:12 | 000,000,824 | RHS- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (RoboForm Toolbar Helper) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM..\Toolbar: (&RoboForm Toolbar) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKU\S-1-5-21-3292114827-816517840-1514174382-1000..\Toolbar\WebBrowser: (&RoboForm Toolbar) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O4 - HKLM..\Run: [Fences] C:\Program Files\Stardock\Fences\Fences.exe (Stardock Corporation)
O4 - HKLM..\Run: [Malwarebytes TrayApp] C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Malwarebytes)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3292114827-816517840-1514174382-1000..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-3292114827-816517840-1514174382-1000..\Run: [Fences] c:\program files\stardock\fences\Fences.exe (Stardock Corporation)
O4 - HKU\S-1-5-21-3292114827-816517840-1514174382-1000..\Run: [RoboForm] C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe (Siber Systems)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3292114827-816517840-1514174382-1000..\RunOnce: [FlashPlayerUpdate] C:\Windows\System32\Macromed\Flash\FlashUtil32_26_ 0_0_126_ActiveX.exe (Adobe Systems Incorporated)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKU\S-1-5-21-3292114827-816517840-1514174382-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Customize Menu - file://C:/Program Files/Siber Systems/AI RoboForm/RoboFormComCustomizeIEMenu.html File not found
O8 - Extra context menu item: Fill Forms - file://C:/Program Files/Siber Systems/AI RoboForm/RoboFormComFillForms.html File not found
O8 - Extra context menu item: Save Forms - file://C:/Program Files/Siber Systems/AI RoboForm/RoboFormComSavePass.html File not found
O8 - Extra context menu item: Set Fields - file://C:/Program Files/Siber Systems/AI RoboForm/RoboFormComSetFields.html File not found
O8 - Extra context menu item: Show RoboForm Toolbar - file://C:/Program Files/Siber Systems/AI RoboForm/RoboFormComShowToolbar.html File not found
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra ‘Tools’ menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra ‘Tools’ menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra ‘Tools’ menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra Button: Show Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra ‘Tools’ menuitem : Show RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 - C:\Windows\System32\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 - C:\Windows\System32\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 - C:\Windows\System32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 - C:\Windows\System32\wshbth.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000034 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000035 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-3292114827-816517840-1514174382-1000..Trusted Domains: dell.com (* in Trusted sites)
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} https://files.pcpitstop.com/cab/pcmatic.cab (PCPitstop Utility)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfac es{B78AF187-32FB-4F20-86D2-C40DA41B6832}: DhcpNameServer = 209.18.47.61 209.18.47.62
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-mfe-ipt - No CLSID value found
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.ex e (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O22 - SharedTaskScheduler: {1984DD45-52CF-49cd-AB77-18F378FEA264} - FencesShellExt - C:\Program Files\Stardock\Fences\FencesMenu.dll (Stardock)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 17:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat – [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk )
O35 - HKLM..comfile [open] – “%1” %
O35 - HKLM..exefile [open] – “%1” %*
O37 - HKLM...com [@ = comfile] – “%1” %*
O37 - HKLM...exe [@ = exefile] – “%1” %*
O38 - SubSystems\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\Windows: (ServerDll=sxssrv,4)

MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe - (Broadcom Corporation.)
MsConfig - StartUpReg: CCleaner Monitoring - hkey= - key= - C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd)
MsConfig - StartUpReg: eM Client - hkey= - key= - C:\Program Files\eM Client\MailClient.exe (eM Client s.r.o.)
MsConfig - StartUpReg: Fences - hkey= - key= - C:\Program Files\Stardock\Fences\Fences.exe (Stardock Corporation)
MsConfig - StartUpReg: Malwarebytes TrayApp - hkey= - key= - C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Malwarebytes)
MsConfig - StartUpReg: RoboForm - hkey= - key= - C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe (Siber Systems)
MsConfig - StartUpReg: Windows Mobile Device Center - hkey= - key= - C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
MsConfig - State: “startup” - 1
MsConfig - State: “services” - 2

ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {30500C7C-2206-3DC6-9792-96E95A04669D} - .NET Framework
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - “%ProgramFiles%\Windows Mail\WinMail.exe” OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {66C64F22-FC60-4E6C-A6B5-F0D580E680CE} - C:\Windows\System32\ie4uinit.exe -EnableTLS
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {7D715857-A67C-4C2F-A929-038448584D63} - C:\Windows\System32\ie4uinit.exe -DisableSSL3
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -UserConfig
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {8A69D345-D564-463c-AFF1-A69D9E530F96} - “C:\Program Files\Google\Chrome\Application\59.0.3071.115\Inst aller\chrmstp.exe” --configure-user-settings --verbose-logging --system-level
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: MBAMService - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes)
SafeBootMin: MCODS -
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: TBS - Service
SafeBootMin: vmms - Service
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

========== Files/Folders - Created Within 30 Days ==========

[2017/06/25 16:38:12 | 000,000,000 | -HSD | C] – C:$RECYCLE.BIN
[2017/06/24 14:41:31 | 006,488,488 | ---- | C] (SosVirus) – C:\Users\hilton\Desktop\AdsFix.exe
[2017/06/21 15:05:35 | 000,162,240 | ---- | C] (Malwarebytes) – C:\Windows\System32\drivers\MBAMChameleon.sys
[2017/06/21 15:05:27 | 000,085,400 | ---- | C] (Malwarebytes) – C:\Windows\System32\drivers\farflt.sys
[2017/06/21 15:05:27 | 000,065,824 | ---- | C] (Malwarebytes) – C:\Windows\System32\drivers\mwac.sys
[2017/06/21 15:05:18 | 000,040,352 | ---- | C] (Malwarebytes) – C:\Windows\System32\drivers\mbam.sys
[2017/06/21 15:04:42 | 000,221,600 | ---- | C] (Malwarebytes) – C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2017/06/21 15:04:36 | 000,000,000 | —D | C] – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
[2017/06/21 15:04:26 | 000,000,000 | —D | C] – C:\ProgramData\Malwarebytes
[2017/06/21 15:04:26 | 000,000,000 | —D | C] – C:\Program Files\Malwarebytes
[2017/06/14 13:30:56 | 000,000,000 | —D | C] – C:\Users\hilton\Documents\TotalAV
[2017/06/14 13:23:25 | 000,000,000 | —D | C] – C:\Users\hilton\AppData\Roaming\TotalAV
[2017/06/14 07:49:50 | 003,550,208 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\D3DCompiler_47.dll
[2017/06/14 07:49:47 | 004,549,120 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\jscript9.dll
[2017/06/14 07:49:46 | 004,001,000 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\ntkrnlpa.exe
[2017/06/14 07:49:46 | 003,945,704 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\ntoskrnl.exe
[2017/06/14 07:49:46 | 002,401,792 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\win32k.sys
[2017/06/14 07:49:45 | 001,549,824 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\tquery.dll
[2017/06/14 07:49:45 | 001,400,320 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\mssrch.dll
[2017/06/14 07:49:45 | 000,497,152 | ---- | C] (Microsoft Corporation) – C:\Windows\HelpPane.exe
[2017/06/14 07:49:44 | 001,155,072 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\mshtmlmedia.dll
[2017/06/14 07:49:44 | 000,667,648 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\MsSpellCheckingFacility.exe
[2017/06/14 07:49:44 | 000,346,320 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\iedkcs32.dll
[2017/06/14 07:49:44 | 000,308,456 | ---- | C] (Adobe Systems Incorporated) – C:\Windows\System32\atmfd.dll
[2017/06/14 07:49:44 | 000,091,368 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\MigAutoPlay.exe
[2017/06/14 07:49:43 | 002,953,216 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\wucltux.dll
[2017/06/14 07:49:43 | 002,057,216 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\inetcpl.cpl
[2017/06/14 07:49:43 | 000,710,144 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\ieapfltr.dll
[2017/06/14 07:49:43 | 000,693,248 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\msfeeds.dll
[2017/06/14 07:49:43 | 000,666,624 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\mssvp.dll
[2017/06/14 07:49:43 | 000,476,160 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\ieui.dll
[2017/06/14 07:49:43 | 000,341,504 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\html.iec
[2017/06/14 07:49:43 | 000,337,408 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\mssph.dll
[2017/06/14 07:49:43 | 000,197,120 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\mssphtb.dll
[2017/06/14 07:49:43 | 000,174,080 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\wuwebv.dll
[2017/06/14 07:49:43 | 000,104,448 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\mssitlb.dll
[2017/06/14 07:49:43 | 000,059,392 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\msscntrs.dll
[2017/06/14 07:49:43 | 000,034,816 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\mssprxy.dll
[2017/06/14 07:49:43 | 000,009,728 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\msshooks.dll
[2017/06/14 07:49:42 | 001,499,648 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\ExplorerFrame.dll
[2017/06/14 07:49:42 | 001,251,328 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\DWrite.dll
[2017/06/14 07:49:42 | 000,620,032 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\jscript9diag.dll
[2017/06/14 07:49:42 | 000,573,440 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\wuapi.dll
[2017/06/14 07:49:42 | 000,416,256 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\dxtmsft.dll
[2017/06/14 07:49:42 | 000,279,040 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\dxtrans.dll
[2017/06/14 07:49:42 | 000,168,960 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\msrating.dll
[2017/06/14 07:49:42 | 000,115,712 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\ieUnatt.exe
[2017/06/14 07:49:42 | 000,047,104 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\jsproxy.dll
[2017/06/14 07:49:41 | 002,724,864 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\mshtml.tlb
[2017/06/14 07:49:41 | 000,690,688 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\adtschema.dll
[2017/06/14 07:49:41 | 000,689,664 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\ie4uinit.exe
[2017/06/14 07:49:41 | 000,400,896 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\srcore.dll
[2017/06/14 07:49:41 | 000,262,656 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\rstrui.exe
[2017/06/14 07:49:41 | 000,223,232 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\ncrypt.dll
[2017/06/14 07:49:41 | 000,146,432 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\msaudite.dll
[2017/06/14 07:49:41 | 000,141,312 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\rpchttp.dll
[2017/06/14 07:49:41 | 000,104,960 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\ieetwcollector.exe
[2017/06/14 07:49:41 | 000,097,792 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\appidpolicyconverter.exe
[2017/06/14 07:49:41 | 000,093,696 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\wudriver.dll
[2017/06/14 07:49:41 | 000,091,136 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\inseng.dll
[2017/06/14 07:49:41 | 000,082,432 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\bcrypt.dll
[2017/06/14 07:49:41 | 000,073,728 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\WinSetupUI.dll
[2017/06/14 07:49:41 | 000,070,656 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\fontsub.dll
[2017/06/14 07:49:41 | 000,064,000 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\MshtmlDac.dll
[2017/06/14 07:49:41 | 000,062,464 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\iesetup.dll
[2017/06/14 07:49:41 | 000,060,416 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\msobjs.dll
[2017/06/14 07:49:41 | 000,060,416 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\JavaScriptCollectionAgent.dll
[2017/06/14 07:49:41 | 000,050,688 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\appidapi.dll
[2017/06/14 07:49:41 | 000,050,176 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\setbcdlocale.dll
[2017/06/14 07:49:41 | 000,050,176 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\auditpol.exe
[2017/06/14 07:49:41 | 000,047,616 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\ieetwproxystub.dll
[2017/06/14 07:49:41 | 000,038,912 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\csrsrv.dll
[2017/06/14 07:49:41 | 000,035,840 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\wups2.dll
[2017/06/14 07:49:41 | 000,035,328 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\wuapp.exe
[2017/06/14 07:49:41 | 000,034,304 | ---- | C] (Adobe Systems) – C:\Windows\System32\atmlib.dll
[2017/06/14 07:49:41 | 000,030,720 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\iernonce.dll
[2017/06/14 07:49:41 | 000,030,208 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\wups.dll
[2017/06/14 07:49:41 | 000,016,896 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\appidcertstorecheck.exe
[2017/06/14 07:49:41 | 000,015,872 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\sspisrv.dll
[2017/06/14 07:49:41 | 000,011,776 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\wu.upgrade.ps.dll
[2017/06/14 07:49:41 | 000,010,752 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\msmmsp.dll
[2017/06/14 07:49:41 | 000,010,240 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\dciman32.dll
[2017/06/14 07:49:41 | 000,006,656 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\apisetschema.dll
[2017/06/14 07:49:41 | 000,004,096 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\ieetwcollectorres.dll
[2017/06/13 13:03:34 | 000,897,696 | ---- | C] (Sysinternals - www.sysinternals.com) – C:\Users\hilton\Desktop\Dell Sonic Firewall.exe
[2017/06/13 12:04:25 | 000,050,688 | ---- | C] (Atribune.org) – C:\Users\hilton\Desktop\ATF-Cleaner.exe
[2017/06/13 10:23:10 | 000,000,000 | —D | C] – C:\Program Files\Citrix
[2017/06/13 10:23:01 | 000,000,000 | —D | C] – C:\Users\hilton\AppData\Local\GoToAssist Remote Support Customer
[2017/06/13 10:22:59 | 000,000,000 | —D | C] – C:\Users\hilton\AppData\Local\Citrix
[14 C:\Windows\System32\drivers*.tmp files → C:\Windows\System32\drivers*.tmp → ]

========== Files - Modified Within 30 Days ==========

[2017/06/30 13:11:24 | 000,000,460 | ---- | M] () – C:\Users\hilton\Desktop\PC Help Forum.website
[2017/06/30 13:11:18 | 000,001,091 | ---- | M] () – C:\Users\hilton\Desktop\OTL - Shortcut.lnk
[2017/06/30 13:00:23 | 000,000,524 | ---- | M] () – C:\Users\hilton\Desktop\MyFitnessPal (1).website
[2017/06/30 12:43:27 | 000,000,487 | ---- | M] () – C:\Users\hilton\Desktop\Gmail.website
[2017/06/30 12:42:43 | 000,065,824 | ---- | M] (Malwarebytes) – C:\Windows\System32\drivers\mwac.sys
[2017/06/30 12:39:17 | 000,000,565 | ---- | M] () – C:\Users\hilton\Desktop\News & Observer.website
[2017/06/30 12:26:33 | 000,000,629 | ---- | M] () – C:\Users\hilton\Desktop\DRUDGE REPORT 2016®.website
[2017/06/30 05:01:54 | 000,021,696 | -H-- | M] () – C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2017/06/30 05:01:54 | 000,021,696 | -H-- | M] () – C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2017/06/29 10:30:25 | 000,162,240 | ---- | M] (Malwarebytes) – C:\Windows\System32\drivers\MBAMChameleon.sys
[2017/06/29 10:30:22 | 000,085,400 | ---- | M] (Malwarebytes) – C:\Windows\System32\drivers\farflt.sys
[2017/06/29 10:30:20 | 000,040,352 | ---- | M] (Malwarebytes) – C:\Windows\System32\drivers\mbam.sys
[2017/06/29 10:30:19 | 000,221,600 | ---- | M] (Malwarebytes) – C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2017/06/29 10:30:12 | 000,059,936 | ---- | M] () – C:\Windows\System32\drivers\mbae.sys
[2017/06/28 15:22:06 | 000,002,027 | ---- | M] () – C:\Users\Public\Desktop\Malwarebytes.lnk
[2017/06/28 14:49:46 | 000,002,136 | ---- | M] () – C:\Users\Public\Desktop\Google Chrome.lnk
[2017/06/28 12:57:47 | 000,661,656 | ---- | M] () – C:\Windows\System32\perfh009.dat
[2017/06/28 12:57:47 | 000,121,524 | ---- | M] () – C:\Windows\System32\perfc009.dat
[2017/06/28 12:53:35 | 000,067,584 | --S- | M] () – C:\Windows\bootstat.dat
[2017/06/28 12:53:32 | 2608,287,744 | -HS- | M] () – C:\hiberfil.sys
[2017/06/28 11:59:35 | 000,000,470 | ---- | M] () – C:\Users\hilton\Desktop\FL Pharm.website
[2017/06/28 10:21:59 | 000,000,972 | ---- | M] () – C:\Users\Public\Desktop\CCleaner.lnk
[2017/06/26 12:22:50 | 000,016,349 | ---- | M] () – C:\Users\hilton\Documents\NEW MEDS.odt
[2017/06/24 16:22:10 | 000,000,520 | ---- | M] () – C:\Users\hilton\Desktop\Login - Login - TotalAV.website
[2017/06/24 14:41:15 | 006,488,488 | ---- | M] (SosVirus) – C:\Users\hilton\Desktop\AdsFix.exe
[2017/06/23 15:45:28 | 000,001,180 | ---- | M] () – C:\Users\hilton\Desktop.sprint.website
[2017/06/21 15:35:28 | 000,000,467 | ---- | M] () – C:\Users\hilton\Desktop\Sign In Humana.website
[2017/06/20 13:46:38 | 000,000,496 | ---- | M] () – C:\Users\hilton\Desktop\Google.website
[2017/06/20 13:46:35 | 000,000,185 | ---- | M] () – C:\Users\hilton\Desktop\Official PC Matic-PC Pitstop Support.url
[2017/06/19 14:51:29 | 000,000,544 | ---- | M] () – C:\Users\hilton\Desktop\Calendar.website
[2017/06/19 13:46:30 | 000,000,228 | ---- | M] () – C:\Users\hilton\Desktop\GoToMyPC My Account.url
[2017/06/19 09:47:10 | 000,000,514 | ---- | M] () – C:\Users\hilton\Desktop\MyChart - Login Page.website
[2017/06/16 17:13:15 | 000,000,521 | ---- | M] () – C:\Users\hilton\Desktop\Grocery Store Food Lion.website
[2017/06/15 13:19:18 | 000,803,328 | ---- | M] (Adobe Systems Incorporated) – C:\Windows\System32\FlashPlayerApp.exe
[2017/06/15 13:19:18 | 000,144,896 | ---- | M] (Adobe Systems Incorporated) – C:\Windows\System32\FlashPlayerCPLApp.cpl
[2017/06/15 03:24:20 | 000,290,256 | ---- | M] () – C:\Windows\System32\FNTCACHE.DAT
[2017/06/13 12:55:14 | 000,013,133 | ---- | M] () – C:\Users\hilton\Desktop\Windows Defender -.lnk
[2017/06/13 10:43:47 | 000,000,751 | ---- | M] () – C:\Users\hilton\Desktop\State Farm®.website
[2017/06/09 15:28:45 | 000,000,215 | ---- | M] () – C:\Users\hilton\Desktop\Komando.url
[2017/06/07 14:20:43 | 000,000,502 | ---- | M] () – C:\Users\hilton\Desktop\MSN.website
[2017/06/06 17:07:44 | 000,000,438 | ---- | M] () – C:\Users\hilton\Desktop\SpinLife Nationwide Service We Repair Power Chairs, Scooters, Lift Chairs & More.website
[2017/06/06 15:27:26 | 000,000,505 | ---- | M] () – C:\Users\hilton\Desktop\Survey.website
[2017/06/02 14:25:02 | 000,000,516 | ---- | M] () – C:\Users\hilton\Desktop\Netflix.website
[2017/06/02 04:09:56 | 001,549,824 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\tquery.dll
[2017/06/02 04:09:50 | 001,400,320 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\mssrch.dll
[2017/06/02 04:09:50 | 000,666,624 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\mssvp.dll
[2017/06/02 04:09:50 | 000,337,408 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\mssph.dll
[2017/06/02 04:09:50 | 000,197,120 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\mssphtb.dll
[2017/06/02 04:09:50 | 000,104,448 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\mssitlb.dll
[2017/06/02 04:09:50 | 000,059,392 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\msscntrs.dll
[2017/06/02 04:09:50 | 000,034,816 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\mssprxy.dll
[2017/06/02 03:57:49 | 000,497,152 | ---- | M] (Microsoft Corporation) – C:\Windows\HelpPane.exe
[2017/06/02 03:57:31 | 000,009,728 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\msshooks.dll
[2017/06/01 12:46:36 | 000,000,559 | ---- | M] () – C:\Users\hilton\Desktop\Search - BeenVerified.website
[14 C:\Windows\System32\drivers*.tmp files → C:\Windows\System32\drivers*.tmp → ]

========== Files Created - No Company Name ==========

[2017/06/30 13:11:18 | 000,001,091 | ---- | C] () – C:\Users\hilton\Desktop\OTL - Shortcut.lnk
[2017/06/26 12:22:47 | 000,016,349 | ---- | C] () – C:\Users\hilton\Documents\NEW MEDS.odt
[2017/06/25 16:36:02 | 2608,287,744 | -HS- | C] () – C:\hiberfil.sys
[2017/06/21 15:04:36 | 000,002,027 | ---- | C] () – C:\Users\Public\Desktop\Malwarebytes.lnk
[2017/06/21 15:04:33 | 000,059,936 | ---- | C] () – C:\Windows\System32\drivers\mbae.sys
[2017/06/20 13:46:35 | 000,000,185 | ---- | C] () – C:\Users\hilton\Desktop\Official PC Matic-PC Pitstop Support.url
[2017/06/19 13:46:29 | 000,000,228 | ---- | C] () – C:\Users\hilton\Desktop\GoToMyPC My Account.url
[2017/06/14 07:49:43 | 000,066,048 | ---- | C] () – C:\Windows\System32\PrintBrmUi.exe
[2017/06/13 12:55:14 | 000,013,133 | ---- | C] () – C:\Users\hilton\Desktop\Windows Defender -.lnk
[2017/06/09 15:28:44 | 000,000,215 | ---- | C] () – C:\Users\hilton\Desktop\Komando.url
[2017/06/06 17:07:44 | 000,000,438 | ---- | C] () – C:\Users\hilton\Desktop\SpinLife Nationwide Service We Repair Power Chairs, Scooters, Lift Chairs & More.website
[2016/07/15 13:39:48 | 000,000,008 | RHS- | C] () – C:\ProgramData\ntuser.pol
[2016/07/02 15:56:45 | 000,032,832 | ---- | C] () – C:\Windows\System32\rnd_chunk.bin

========== ZeroAccess Check ==========

[2017/04/12 15:18:10 | 000,000,227 | RHS- | M] () – C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
“” = %SystemRoot%\system32\shell32.dll – [2017/05/10 11:12:47 | 012,880,896 | ---- | M] (Microsoft Corporation)
“ThreadingModel” = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
“” = %systemroot%\system32\wbem\fastprox.dll – [2010/11/20 17:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation)
“ThreadingModel” = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
“” = %systemroot%\system32\wbem\wbemess.dll – [2009/07/13 21:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
“ThreadingModel” = Both

========== LOP Check ==========

[2017/01/28 15:25:47 | 000,000,000 | —D | M] – C:\Users\hilton\AppData\Roaming\Canon
[2017/04/12 14:19:27 | 000,000,000 | —D | M] – C:\Users\hilton\AppData\Roaming\Dashlane
[2017/06/29 13:26:59 | 000,000,000 | —D | M] – C:\Users\hilton\AppData\Roaming\eM Client
[2017/04/17 13:28:11 | 000,000,000 | —D | M] – C:\Users\hilton\AppData\Roaming\Kodi
[2017/04/12 14:19:31 | 000,000,000 | —D | M] – C:\Users\hilton\AppData\Roaming\OpenOffice
[2017/06/25 13:21:07 | 000,000,000 | —D | M] – C:\Users\hilton\AppData\Roaming\Remo
[2017/06/26 14:32:30 | 000,000,000 | —D | M] – C:\Users\hilton\AppData\Roaming\RoboForm
[2017/01/06 15:30:09 | 000,000,000 | —D | M] – C:\Users\hilton\AppData\Roaming\Samsung
[2017/04/12 14:19:32 | 000,000,000 | —D | M] – C:\Users\hilton\AppData\Roaming\Stardock
[2017/06/14 13:23:25 | 000,000,000 | —D | M] – C:\Users\hilton\AppData\Roaming\TotalAV
[2017/04/12 15:18:43 | 000,000,000 | —D | M] – C:\Users\TEMP\AppData\Roaming\AVAST Software

========== Purity Check ==========

========== Custom Scans ==========

< >
[2009/07/14 00:53:46 | 000,014,124 | ---- | C] () – C:\Windows\Tasks\SCHEDLGU(29).TXT
[2009/07/14 00:53:46 | 000,032,576 | ---- | C] () – C:\Windows\Tasks\SCHEDLGU.TXT
[2009/07/14 00:53:47 | 000,000,006 | -H-- | C] () – C:\Windows\Tasks\SA.DAT

< ================================================== ============== >

< HKCU\Software >
“TM” = 0140
“U_TM” = 0140
“U_DT” = 20160715
“U_SDT” =
“U_VER” = 3.21

[HKEY_CURRENT_USER\Software\Adobe]

[HKEY_CURRENT_USER\Software\Amazon]

[HKEY_CURRENT_USER\Software\Amazon Services LLC]

[HKEY_CURRENT_USER\Software\Analog Devices]

[HKEY_CURRENT_USER\Software\AppDataLow]

[HKEY_CURRENT_USER\Software\AVAST Software]

[HKEY_CURRENT_USER\Software\Canon]

[HKEY_CURRENT_USER\Software\Chromium]

[HKEY_CURRENT_USER\Software\Clients]

[HKEY_CURRENT_USER\Software\Dashlane_profiles]

[HKEY_CURRENT_USER\Software\DriverSupport]

[HKEY_CURRENT_USER\Software\eM Client]

[HKEY_CURRENT_USER\Software\g3n-h@ckm@n]

[HKEY_CURRENT_USER\Software\Google]

[HKEY_CURRENT_USER\Software\Intel]

[HKEY_CURRENT_USER\Software\jtosjykc]

[HKEY_CURRENT_USER\Software\Kodi]

[HKEY_CURRENT_USER\Software\Macromedia]

[HKEY_CURRENT_USER\Software\Malwarebytes]

[HKEY_CURRENT_USER\Software\Microsoft]

[HKEY_CURRENT_USER\Software\Mozilla]

[HKEY_CURRENT_USER\Software\MozillaPlugins]

[HKEY_CURRENT_USER\Software\Netscape]

[HKEY_CURRENT_USER\Software\OpenOffice]

[HKEY_CURRENT_USER\Software\ovbrx]

[HKEY_CURRENT_USER\Software\PCPitstop]

[HKEY_CURRENT_USER\Software\Piriform]

[HKEY_CURRENT_USER\Software\Policies]

[HKEY_CURRENT_USER\Software\QtProject]

[HKEY_CURRENT_USER\Software\Samsung]

[HKEY_CURRENT_USER\Software\Siber Systems]

[HKEY_CURRENT_USER\Software\SnigelWeb]

[HKEY_CURRENT_USER\Software\Stardock]

[HKEY_CURRENT_USER\Software\Sysinternals]

[HKEY_CURRENT_USER\Software\Widcomm]

[HKEY_CURRENT_USER\Software\Classes]

< HKCU\Software\AppDataLow /s >
[HKEY_CURRENT_USER\Software\AppDataLow\Software]
[HKEY_CURRENT_USER\Software\AppDataLow\Software\Mic rosoft]
[HKEY_CURRENT_USER\Software\AppDataLow\Software\Mic rosoft\AntiPhishing]
“i” = 19C7B9DF-D590-437B-80CD-B1EE20BFE8AA [binary data]
[HKEY_CURRENT_USER\Software\AppDataLow\Software\Mic rosoft\Internet Explorer]
[HKEY_CURRENT_USER\Software\AppDataLow\Software\Mic rosoft\Internet Explorer\Security]
[HKEY_CURRENT_USER\Software\AppDataLow\Software\Mic rosoft\Internet Explorer\Security\AntiPhishing]
[HKEY_CURRENT_USER\Software\AppDataLow\Software\Mic rosoft\Internet Explorer\Security\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2]
“UserFile” = 01 00 00 00 D0 8C 9D DF 01 15 D1 11 8C 7A 00 C0 4F C2 97 EB 01 00 00 00 4F CC 3B E1 66 10 12 43 BA 01 BF 88 8C 48 DA 65 00 00 00 00 12 00 00 00 55 00 73 00 65 00 72 00 46 00 69 00 6C 00 65 00 00 00 10 66 00 00 00 01 00 00 20 00 00 00 C4 0D D3 22 DB 86 30 9B 98 02 AE 79 51 11 BF 1A 0B D6 F7 5D 37 95 4D 40 F5 0F B0 76 B8 C0 7B 6E 00 00 00 00 0E 80 00 00 00 02 00 00 20 00 00 00 54 04 8A 21 49 8F C4 BC 5B BB 29 13 02 17 E7 56 9F 12 FC F6 38 BB C9 95 7B 10 52 39 A2 5C E3 7E 10 00 00 00 53 68 2C E2 C1 37 82 C2 27 4B D0 E7 99 DB 53 87 40 00 00 00 4C 04 AC EB A0 50 40 E5 87 EC 6B BA 73 38 AE D4 BF 49 71 D0 29 3F 01 0F 59 34 02 99 FF A5 C2 72 33 EF E8 C0 BA 75 49 C0 54 A6 43 00 FD 81 2A C2 73 1A 80 47 13 ED 38 2C 1D 55 5F AA 8B A8 D6 F9 [Binary data over 200 bytes]
[HKEY_CURRENT_USER\Software\AppDataLow\Software\Mic rosoft\RepService]
“i” = 468FFA79-B8F8-49BD-939C-FA557AFE282A [binary data]
“B” = 50.000000 [binary data]
“A” = .cpl,.exe,.dll,.ocx,.sys,.scr,.drv [Binary data over 200 bytes]
“E” = 1 [binary data]
[HKEY_CURRENT_USER\Software\AppDataLow\Software\Mic rosoft\Silverlight]
[HKEY_CURRENT_USER\Software\AppDataLow\Software\Mic rosoft\Silverlight\Permissions]

< HKCU\Software\Microsoft\Windows\CurrentVersion\Pol icies\Explorer /s >
“NoDriveTypeAutoRun” = 145

< HKCU\Software\Microsoft\Windows\CurrentVersion\Pol icies\System /s >

< HKLM\Software >
“” =

[HKEY_LOCAL_MACHINE\Software\Adobe]

[HKEY_LOCAL_MACHINE\Software\AdsFix]

[HKEY_LOCAL_MACHINE\Software\Analog Devices]

[HKEY_LOCAL_MACHINE\Software\ATI Technologies]

[HKEY_LOCAL_MACHINE\Software\AVAST Software]

[HKEY_LOCAL_MACHINE\Software\Canon]

[HKEY_LOCAL_MACHINE\Software\CBSTEST]

[HKEY_LOCAL_MACHINE\Software\Citrix]

[HKEY_LOCAL_MACHINE\Software\Classes]

[HKEY_LOCAL_MACHINE\Software\Clients]

[HKEY_LOCAL_MACHINE\Software\DriverSupport]

[HKEY_LOCAL_MACHINE\Software\g3n-h@ckm@n]

[HKEY_LOCAL_MACHINE\Software\GEAR Software]

[HKEY_LOCAL_MACHINE\Software\Google]

[HKEY_LOCAL_MACHINE\Software\InstalledOptions]

[HKEY_LOCAL_MACHINE\Software\Intel]

[HKEY_LOCAL_MACHINE\Software\Macromedia]

[HKEY_LOCAL_MACHINE\Software\Microsoft]

[HKEY_LOCAL_MACHINE\Software\Mozilla]

[HKEY_LOCAL_MACHINE\Software\mozilla.org]

[HKEY_LOCAL_MACHINE\Software\MozillaPlugins]

[HKEY_LOCAL_MACHINE\Software\ODBC]

[HKEY_LOCAL_MACHINE\Software\OldTimer Tools]

[HKEY_LOCAL_MACHINE\Software\OpenOffice]

[HKEY_LOCAL_MACHINE\Software\PCPitstop]

[HKEY_LOCAL_MACHINE\Software\Piriform]

[HKEY_LOCAL_MACHINE\Software\Policies]

[HKEY_LOCAL_MACHINE\Software\Reason]

[HKEY_LOCAL_MACHINE\Software\RegisteredApplications]

[HKEY_LOCAL_MACHINE\Software\SAMSUNG]

[HKEY_LOCAL_MACHINE\Software\Siber Systems]

[HKEY_LOCAL_MACHINE\Software\Sonic]

[HKEY_LOCAL_MACHINE\Software\Stardock]

[HKEY_LOCAL_MACHINE\Software\Synaptics]

[HKEY_LOCAL_MACHINE\Software\sysinternals]

[HKEY_LOCAL_MACHINE\Software\Volatile]

[HKEY_LOCAL_MACHINE\Software\Widcomm]

[HKEY_LOCAL_MACHINE\Software\WOW6432Node]

< HKCU\Software\Microsoft\Command Processor /s >
“CompletionChar” = 9
“DefaultColor” = 0
“EnableExtensions” = 1
“PathCompletionChar” = 9

< HKLM\Software\Microsoft\Command Processor /s >
“CompletionChar” = 64
“DefaultColor” = 0
“EnableExtensions” = 1
“PathCompletionChar” = 64

< HKLM\Software\Microsoft\Windows\CurrentVersion\Pol icies\Explorer /s >

< HKLM\Software\Microsoft\Windows\CurrentVersion\Pol icies\System /s >
“ConsentPromptBehaviorAdmin” = 5
“ConsentPromptBehaviorUser” = 3
“EnableInstallerDetection” = 1
“EnableLUA” = 1
“EnableSecureUIAPaths” = 1
“EnableUIADesktopToggle” = 0
“EnableVirtualization” = 1
“PromptOnSecureDesktop” = 1
“ValidateAdminCodeSignatures” = 0
“dontdisplaylastusername” = 0
“legalnoticecaption” =
“legalnoticetext” =
“scforceoption” = 0
“shutdownwithoutlogon” = 1
“undockwithoutlogon” = 1
“FilterAdministratorToken” = 0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Policies\System\Audit]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Policies\System\UIPI]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Policies\System\UIPI\Clipboard]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Policies\System\UIPI\Clipboard\Exceptio nFormats]
“CF_TEXT” = 1
“CF_BITMAP” = 2
“CF_OEMTEXT” = 7
“CF_DIB” = 8
“CF_PALETTE” = 9
“CF_UNICODETEXT” = 13
“CF_DIBV5” = 17

< HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\RunMRU /s >

< HKLM\System\CurrentControlSet\Control\Session Manager\AppcertDlls /s >

< %Homedrive%* >
[2017/04/02 16:17:19 | 000,025,188 | ---- | M] () – C:\AdsFix_02_04_2017_16_17_19.txt
[2017/06/25 16:36:02 | 000,028,806 | ---- | M] () – C:\AdsFix_25_06_2017_16_36_02.txt
[2009/06/10 17:42:20 | 000,000,024 | ---- | M] () – C:\autoexec.bat
[2009/06/10 17:42:20 | 000,000,010 | ---- | M] () – C:\config.sys
[2014/01/25 16:34:35 | 000,000,037 | ---- | M] () – C:\DevMgr.bat
[2017/06/28 12:53:32 | 2608,287,744 | -HS- | M] () – C:\hiberfil.sys
[2017/06/28 12:53:34 | 3477,721,088 | -HS- | M] () – C:\pagefile.sys
[2017/06/28 12:12:21 | 000,072,558 | ---- | M] () – C:\QuickDiag.txt
[2017/06/23 14:38:30 | 000,201,513 | R— | M] () – C:\QuickDiag_23_06_2017_14_38_30.txt
[2017/03/30 12:29:50 | 000,230,674 | R— | M] () – C:\QuickDiag_30_03_2017_12_29_51.txt

< %Homedrive%*. >
[2017/06/25 16:38:12 | 000,000,000 | -HSD | M] – C:$RECYCLE.BIN
[2016/08/10 13:53:26 | 000,000,000 | —D | M] – C:\95fcae343f4f0cedab9b17240bf8
[2017/06/26 14:32:55 | 000,000,000 | —D | M] – C:\AdsFix
[2017/04/21 14:19:58 | 000,000,000 | —D | M] – C:\AdwCleaner
[2017/06/19 15:11:10 | 000,000,000 | -HSD | M] – C:\Config.Msi
[2016/08/20 14:06:16 | 000,000,000 | —D | M] – C:\Dell
[2009/07/14 00:53:55 | 000,000,000 | -HSD | M] – C:\Documents and Settings
[2016/08/01 14:18:40 | 000,000,000 | —D | M] – C:\DRIVERS
[2017/04/23 15:23:04 | 000,000,000 | —D | M] – C:\FRST
[2016/08/01 14:35:27 | 000,000,000 | —D | M] – C:\Intel
[2009/07/13 22:37:05 | 000,000,000 | —D | M] – C:\PerfLogs
[2017/06/26 14:32:50 | 000,000,000 | R–D | M] – C:\Program Files
[2017/06/26 14:32:41 | 000,000,000 | -H-D | M] – C:\ProgramData
[2017/06/28 12:12:13 | 000,000,000 | —D | M] – C:\QuickDiag
[2016/06/29 16:30:47 | 000,000,000 | -HSD | M] – C:\Recovery
[2016/06/27 19:57:44 | 000,000,000 | -H-D | M] – C:\RPKTools
[2016/07/05 14:05:37 | 000,000,000 | —D | M] – C:\SWSetup
[2017/06/27 02:20:49 | 000,000,000 | -HSD | M] – C:\System Volume Information
[2012/07/23 20:44:40 | 000,000,000 | -H-D | M] – C:\Tools
[2017/06/26 14:32:41 | 000,000,000 | R–D | M] – C:\Users
[2017/06/28 11:56:16 | 000,000,000 | —D | M] – C:\Windows

< %Homedrive%\Recycler*.exe /s >

< %Homedrive%\Recycler*.scr /s >

< %Homedrive%\Recycler*.pif /s >

< %Homedrive%\Recycler*.vb* /s >

< %Homedrive%$Recycle.bin*.exe /s >

< %Homedrive%$Recycle.bin*.scr /s >

< %Homedrive%$Recycle.bin*.pif /s >

< %Homedrive%$Recycle.bin*.vb* /s >

< %Userprofile%* >
[2017/06/30 13:47:59 | 006,029,312 | -HS- | M] () – C:\Users\hilton\ntuser.dat
[2017/06/30 13:47:58 | 000,262,144 | -HS- | M] () – C:\Users\hilton\ntuser.dat.LOG1
[2016/06/29 16:31:02 | 000,000,000 | -HS- | M] () – C:\Users\hilton\ntuser.dat.LOG2
[2017/04/12 15:29:59 | 000,065,536 | -HS- | M] () – C:\Users\hilton\ntuser.dat{2b899727-1fa6-11e7-9604-001e4ff1b1f4}.TM.blf
[2017/04/12 15:29:59 | 000,524,288 | -HS- | M] () – C:\Users\hilton\ntuser.dat{2b899727-1fa6-11e7-9604-001e4ff1b1f4}.TMContainer00000000000000000001.regt rans-ms
[2017/04/12 15:29:59 | 000,524,288 | -HS- | M] () – C:\Users\hilton\ntuser.dat{2b899727-1fa6-11e7-9604-001e4ff1b1f4}.TMContainer00000000000000000002.regt rans-ms
[2016/06/29 16:53:05 | 000,065,536 | -HS- | M] () – C:\Users\hilton\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf
[2016/06/29 16:53:05 | 000,524,288 | -HS- | M] () – C:\Users\hilton\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regt rans-ms
[2016/06/29 16:53:05 | 000,524,288 | -HS- | M] () – C:\Users\hilton\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regt rans-ms
[2016/12/06 22:11:59 | 000,065,536 | -HS- | M] () – C:\Users\hilton\NTUSER.DAT{9ce04edb-b001-11e6-a6f8-001986000c73}.TM.blf
[2016/12/06 22:11:59 | 000,524,288 | -HS- | M] () – C:\Users\hilton\NTUSER.DAT{9ce04edb-b001-11e6-a6f8-001986000c73}.TMContainer00000000000000000001.regt rans-ms
[2016/12/06 22:11:59 | 000,524,288 | -HS- | M] () – C:\Users\hilton\NTUSER.DAT{9ce04edb-b001-11e6-a6f8-001986000c73}.TMContainer00000000000000000002.regt rans-ms
[2017/04/17 03:26:12 | 000,065,536 | -HS- | M] () – C:\Users\hilton\ntuser.dat{f56a0772-22b8-11e7-885a-001e4ff1b1f4}.TM.blf
[2017/04/17 03:26:12 | 000,524,288 | -HS- | M] () – C:\Users\hilton\ntuser.dat{f56a0772-22b8-11e7-885a-001e4ff1b1f4}.TMContainer00000000000000000001.regt rans-ms
[2017/04/17 03:26:12 | 000,524,288 | -HS- | M] () – C:\Users\hilton\ntuser.dat{f56a0772-22b8-11e7-885a-001e4ff1b1f4}.TMContainer00000000000000000002.regt rans-ms
[2010/11/20 16:57:02 | 000,000,020 | -HS- | M] () – C:\Users\hilton\ntuser.ini

< %Userprofile%*. >
[2017/04/12 14:19:26 | 000,000,000 | -H-D | M] – C:\Users\hilton\AppData
[2016/06/29 16:31:07 | 000,000,000 | -HSD | M] – C:\Users\hilton\Application Data
[2017/06/15 13:17:56 | 000,000,000 | R–D | M] – C:\Users\hilton\Contacts
[2016/06/29 16:31:07 | 000,000,000 | -HSD | M] – C:\Users\hilton\Cookies
[2017/06/30 13:11:18 | 000,000,000 | R–D | M] – C:\Users\hilton\Desktop
[2017/06/26 12:23:27 | 000,000,000 | R–D | M] – C:\Users\hilton\Documents
[2017/06/30 13:10:40 | 000,000,000 | R–D | M] – C:\Users\hilton\Downloads
[2017/06/15 13:17:56 | 000,000,000 | R–D | M] – C:\Users\hilton\Favorites
[2017/06/15 13:17:57 | 000,000,000 | R–D | M] – C:\Users\hilton\Links
[2016/06/29 16:31:07 | 000,000,000 | -HSD | M] – C:\Users\hilton\Local Settings
[2017/06/15 13:17:56 | 000,000,000 | R–D | M] – C:\Users\hilton\Music
[2016/06/29 16:31:07 | 000,000,000 | -HSD | M] – C:\Users\hilton\My Documents
[2016/06/29 16:31:07 | 000,000,000 | -HSD | M] – C:\Users\hilton\NetHood
[2017/06/15 13:17:56 | 000,000,000 | R–D | M] – C:\Users\hilton\Pictures
[2016/06/29 16:31:07 | 000,000,000 | -HSD | M] – C:\Users\hilton\PrintHood
[2016/06/29 16:31:07 | 000,000,000 | -HSD | M] – C:\Users\hilton\Recent
[2017/06/15 13:17:57 | 000,000,000 | R–D | M] – C:\Users\hilton\Saved Games
[2017/06/15 13:17:56 | 000,000,000 | R–D | M] – C:\Users\hilton\Searches
[2016/06/29 16:31:07 | 000,000,000 | -HSD | M] – C:\Users\hilton\SendTo
[2016/06/29 16:31:07 | 000,000,000 | -HSD | M] – C:\Users\hilton\Start Menu
[2016/06/29 16:31:07 | 000,000,000 | -HSD | M] – C:\Users\hilton\Templates
[2017/06/15 13:17:56 | 000,000,000 | R–D | M] – C:\Users\hilton\Videos

< %Allusersprofile%* >
[2017/04/23 15:51:52 | 000,000,008 | RHS- | M] () – C:\ProgramData\ntuser.pol

< %Allusersprofile%*. >
[2017/04/12 14:14:37 | 000,000,000 | —D | M] – C:\ProgramData\Adobe
[2009/07/14 00:53:55 | 000,000,000 | -HSD | M] – C:\ProgramData\Application Data
[2017/04/20 11:08:20 | 000,000,000 | —D | M] – C:\ProgramData\AVAST Software
[2017/04/12 14:14:49 | 000,000,000 | -H-D | M] – C:\ProgramData\CanonBJ
[2017/01/28 15:19:08 | 000,000,000 | —D | M] – C:\ProgramData\CanonIJWSpt
[2016/08/01 14:10:46 | 000,000,000 | —D | M] – C:\ProgramData\Dell
[2009/07/14 00:53:55 | 000,000,000 | -HSD | M] – C:\ProgramData\Desktop
[2009/07/14 00:53:55 | 000,000,000 | -HSD | M] – C:\ProgramData\Documents
[2017/04/12 14:14:54 | 000,000,000 | —D | M] – C:\ProgramData\Driver Support
[2009/07/14 00:53:55 | 000,000,000 | -HSD | M] – C:\ProgramData\Favorites
[2017/04/26 13:09:51 | 000,000,000 | —D | M] – C:\ProgramData\Google
[2017/06/21 15:04:26 | 000,000,000 | —D | M] – C:\ProgramData\Malwarebytes
[2017/06/26 14:32:42 | 000,000,000 | --SD | M] – C:\ProgramData\Microsoft
[2017/06/26 14:32:41 | 000,000,000 | —D | M] – C:\ProgramData\Norton
[2017/05/17 13:56:47 | 000,000,000 | —D | M] – C:\ProgramData\NortonInstaller
[2017/04/16 14:42:24 | 000,000,000 | —D | M] – C:\ProgramData\Package Cache
[2017/06/26 14:32:41 | 000,000,000 | —D | M] – C:\ProgramData\PCPitstop
[2016/06/29 18:33:19 | 000,000,000 | —D | M] – C:\ProgramData\RoboForm
[2016/08/31 15:01:35 | 000,000,000 | —D | M] – C:\ProgramData\Samsung
[2017/04/16 14:46:08 | 000,000,000 | —D | M] – C:\ProgramData\SecuritySuite
[2017/04/12 14:15:29 | 000,000,000 | —D | M] – C:\ProgramData\Stardock
[2009/07/14 00:53:55 | 000,000,000 | -HSD | M] – C:\ProgramData\Start Menu
[2009/07/14 00:53:55 | 000,000,000 | -HSD | M] – C:\ProgramData\Templates

< %LocalAppData%* >
[2017/01/21 17:12:55 | 000,065,776 | ---- | M] () – C:\Users\hilton\AppData\Local\GDIPFONTCACHEV1.DAT
[2017/06/28 12:52:26 | 002,499,297 | -H-- | M] () – C:\Users\hilton\AppData\Local\IconCache.db

< %LocalAppData%*. >
[2017/06/26 14:32:32 | 000,000,000 | —D | M] – C:\Users\hilton\AppData\Local\76f7c66
[2017/06/15 13:19:03 | 000,000,000 | —D | M] – C:\Users\hilton\AppData\Local\Adobe
[2017/06/26 14:32:32 | 000,000,000 | —D | M] – C:\Users\hilton\AppData\Local\Amazon Music
[2016/06/29 16:31:07 | 000,000,000 | -HSD | M] – C:\Users\hilton\AppData\Local\Application Data
[2017/04/12 14:16:18 | 000,000,000 | —D | M] – C:\Users\hilton\AppData\Local\Apps
[2016/12/21 15:03:54 | 000,000,000 | —D | M] – C:\Users\hilton\AppData\Local\AVAST Software
[2017/02/27 15:10:05 | 000,000,000 | —D | M] – C:\Users\hilton\AppData\Local\Broadcom
[2016/07/13 12:30:23 | 000,000,000 | —D | M] – C:\Users\hilton\AppData\Local\CEF
[2017/06/26 14:32:31 | 000,000,000 | —D | M] – C:\Users\hilton\AppData\Local\Citrix
[2017/04/26 13:10:27 | 000,000,000 | —D | M] – C:\Users\hilton\AppData\Local\CrashDumps
[2017/06/29 15:54:56 | 000,000,000 | —D | M] – C:\Users\hilton\AppData\Local\Deployment
[2017/06/14 14:30:40 | 000,000,000 | —D | M] – C:\Users\hilton\AppData\Local\Diagnostics
[2017/06/24 16:30:24 | 000,000,000 | —D | M] – C:\Users\hilton\AppData\Local\ElevatedDiagnostics
[2017/04/12 14:16:23 | 000,000,000 | —D | M] – C:\Users\hilton\AppData\Local\Google
[2017/06/26 14:32:31 | 000,000,000 | —D | M] – C:\Users\hilton\AppData\Local\GoToAssist Remote Support Customer
[2016/07/03 12:23:08 | 000,000,000 | —D | M] – C:\Users\hilton\AppData\Local\GWX
[2016/06/29 16:31:07 | 000,000,000 | -HSD | M] – C:\Users\hilton\AppData\Local\History
[2016/09/05 16:30:04 | 000,000,000 | —D | M] – C:\Users\hilton\AppData\Local\LogMeIn Rescue Applet
[2016/09/05 14:21:27 | 000,000,000 | —D | M] – C:\Users\hilton\AppData\Local\McAfee File Lock
[2017/06/26 14:32:31 | 000,000,000 | —D | M] – C:\Users\hilton\AppData\Local\Microsoft
[2017/04/12 14:16:41 | 000,000,000 | —D | M] – C:\Users\hilton\AppData\Local\Microsoft Games
[2017/04/12 14:18:44 | 000,000,000 | —D | M] – C:\Users\hilton\AppData\Local\Mozilla
[2016/08/12 12:28:34 | 000,000,000 | —D | M] – C:\Users\hilton\AppData\Local\Packages
[2016/07/02 15:09:05 | 000,000,000 | —D | M] – C:\Users\hilton\AppData\Local\Programs
[2017/06/26 14:32:31 | 000,000,000 | —D | M] – C:\Users\hilton\AppData\Local\Stardock
[2017/06/30 13:11:25 | 000,000,000 | —D | M] – C:\Users\hilton\AppData\Local\Temp
[2016/06/29 16:31:07 | 000,000,000 | -HSD | M] – C:\Users\hilton\AppData\Local\Temporary Internet Files
[2017/04/12 14:19:23 | 000,000,000 | —D | M] – C:\Users\hilton\AppData\Local\VirtualStore

< %AppData%* >

< %AppData%*. >
[2017/04/12 14:19:26 | 000,000,000 | —D | M] – C:\Users\hilton\AppData\Roaming\Adobe
[2017/01/28 15:25:47 | 000,000,000 | —D | M] – C:\Users\hilton\AppData\Roaming\Canon
[2017/04/12 14:19:27 | 000,000,000 | —D | M] – C:\Users\hilton\AppData\Roaming\Dashlane
[2017/06/29 13:26:59 | 000,000,000 | —D | M] – C:\Users\hilton\AppData\Roaming\eM Client
[2010/11/20 16:57:14 | 000,000,000 | —D | M] – C:\Users\hilton\AppData\Roaming\Identities
[2012/07/23 19:53:50 | 000,000,000 | —D | M] – C:\Users\hilton\AppData\Roaming\InstallShield
[2017/04/17 13:28:11 | 000,000,000 | —D | M] – C:\Users\hilton\AppData\Roaming\Kodi
[2016/07/04 15:27:35 | 000,000,000 | —D | M] – C:\Users\hilton\AppData\Roaming\Macromedia
[2017/06/26 14:32:30 | 000,000,000 | —D | M] – C:\Users\hilton\AppData\Roaming\McAfee
[2017/06/26 14:32:30 | 000,000,000 | --SD | M] – C:\Users\hilton\AppData\Roaming\Microsoft
[2017/04/12 14:19:29 | 000,000,000 | —D | M] – C:\Users\hilton\AppData\Roaming\Mozilla
[2017/04/12 14:19:31 | 000,000,000 | —D | M] – C:\Users\hilton\AppData\Roaming\OpenOffice
[2017/06/25 13:21:07 | 000,000,000 | —D | M] – C:\Users\hilton\AppData\Roaming\Remo
[2017/06/26 14:32:30 | 000,000,000 | —D | M] – C:\Users\hilton\AppData\Roaming\RoboForm
[2017/01/06 15:30:09 | 000,000,000 | —D | M] – C:\Users\hilton\AppData\Roaming\Samsung
[2017/04/12 14:19:32 | 000,000,000 | —D | M] – C:\Users\hilton\AppData\Roaming\Stardock
[2017/06/14 13:23:25 | 000,000,000 | —D | M] – C:\Users\hilton\AppData\Roaming\TotalAV

< %Userprofile%\Local Settings* >
[2017/01/21 17:12:55 | 000,065,776 | ---- | M] () – C:\Users\hilton\Local Settings\GDIPFONTCACHEV1.DAT
[2017/06/28 12:52:26 | 002,499,297 | -H-- | M] () – C:\Users\hilton\Local Settings\IconCache.db

< %Userprofile%\Local Settings*. >
[2017/06/26 14:32:32 | 000,000,000 | —D | M] – C:\Users\hilton\Local Settings\76f7c66
[2017/06/15 13:19:03 | 000,000,000 | —D | M] – C:\Users\hilton\Local Settings\Adobe
[2017/06/26 14:32:32 | 000,000,000 | —D | M] – C:\Users\hilton\Local Settings\Amazon Music
[2016/06/29 16:31:07 | 000,000,000 | -HSD | M] – C:\Users\hilton\Local Settings\Application Data
[2017/04/12 14:16:18 | 000,000,000 | —D | M] – C:\Users\hilton\Local Settings\Apps
[2016/12/21 15:03:54 | 000,000,000 | —D | M] – C:\Users\hilton\Local Settings\AVAST Software
[2017/02/27 15:10:05 | 000,000,000 | —D | M] – C:\Users\hilton\Local Settings\Broadcom
[2016/07/13 12:30:23 | 000,000,000 | —D | M] – C:\Users\hilton\Local Settings\CEF
[2017/06/26 14:32:31 | 000,000,000 | —D | M] – C:\Users\hilton\Local Settings\Citrix
[2017/04/26 13:10:27 | 000,000,000 | —D | M] – C:\Users\hilton\Local Settings\CrashDumps
[2017/06/29 15:54:56 | 000,000,000 | —D | M] – C:\Users\hilton\Local Settings\Deployment
[2017/06/14 14:30:40 | 000,000,000 | —D | M] – C:\Users\hilton\Local Settings\Diagnostics
[2017/06/24 16:30:24 | 000,000,000 | —D | M] – C:\Users\hilton\Local Settings\ElevatedDiagnostics
[2017/04/12 14:16:23 | 000,000,000 | —D | M] – C:\Users\hilton\Local Settings\Google
[2017/06/26 14:32:31 | 000,000,000 | —D | M] – C:\Users\hilton\Local Settings\GoToAssist Remote Support Customer
[2016/07/03 12:23:08 | 000,000,000 | —D | M] – C:\Users\hilton\Local Settings\GWX
[2016/06/29 16:31:07 | 000,000,000 | -HSD | M] – C:\Users\hilton\Local Settings\History
[2016/09/05 16:30:04 | 000,000,000 | —D | M] – C:\Users\hilton\Local Settings\LogMeIn Rescue Applet
[2016/09/05 14:21:27 | 000,000,000 | —D | M] – C:\Users\hilton\Local Settings\McAfee File Lock
[2017/06/26 14:32:31 | 000,000,000 | —D | M] – C:\Users\hilton\Local Settings\Microsoft
[2017/04/12 14:16:41 | 000,000,000 | —D | M] – C:\Users\hilton\Local Settings\Microsoft Games
[2017/04/12 14:18:44 | 000,000,000 | —D | M] – C:\Users\hilton\Local Settings\Mozilla
[2016/08/12 12:28:34 | 000,000,000 | —D | M] – C:\Users\hilton\Local Settings\Packages
[2016/07/02 15:09:05 | 000,000,000 | —D | M] – C:\Users\hilton\Local Settings\Programs
[2017/06/26 14:32:31 | 000,000,000 | —D | M] – C:\Users\hilton\Local Settings\Stardock
[2017/06/30 13:11:25 | 000,000,000 | —D | M] – C:\Users\hilton\Local Settings\Temp
[2016/06/29 16:31:07 | 000,000,000 | -HSD | M] – C:\Users\hilton\Local Settings\Temporary Internet Files
[2017/04/12 14:19:23 | 000,000,000 | —D | M] – C:\Users\hilton\Local Settings\VirtualStore

< %Userprofile%\Local Settings\Application Data* >
[2017/01/21 17:12:55 | 000,065,776 | ---- | M] () – C:\Users\hilton\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2017/06/28 12:52:26 | 002,499,297 | -H-- | M] () – C:\Users\hilton\Local Settings\Application Data\IconCache.db

< %Userprofile%\Local Settings\Application Data*. >
[2017/06/26 14:32:32 | 000,000,000 | —D | M] – C:\Users\hilton\Local Settings\Application Data\76f7c66
[2017/06/15 13:19:03 | 000,000,000 | —D | M] – C:\Users\hilton\Local Settings\Application Data\Adobe
[2017/06/26 14:32:32 | 000,000,000 | —D | M] – C:\Users\hilton\Local Settings\Application Data\Amazon Music
[2016/06/29 16:31:07 | 000,000,000 | -HSD | M] – C:\Users\hilton\Local Settings\Application Data\Application Data
[2017/04/12 14:16:18 | 000,000,000 | —D | M] – C:\Users\hilton\Local Settings\Application Data\Apps
[2016/12/21 15:03:54 | 000,000,000 | —D | M] – C:\Users\hilton\Local Settings\Application Data\AVAST Software
[2017/02/27 15:10:05 | 000,000,000 | —D | M] – C:\Users\hilton\Local Settings\Application Data\Broadcom
[2016/07/13 12:30:23 | 000,000,000 | —D | M] – C:\Users\hilton\Local Settings\Application Data\CEF
[2017/06/26 14:32:31 | 000,000,000 | —D | M] – C:\Users\hilton\Local Settings\Application Data\Citrix
[2017/04/26 13:10:27 | 000,000,000 | —D | M] – C:\Users\hilton\Local Settings\Application Data\CrashDumps
[2017/06/29 15:54:56 | 000,000,000 | —D | M] – C:\Users\hilton\Local Settings\Application Data\Deployment
[2017/06/14 14:30:40 | 000,000,000 | —D | M] – C:\Users\hilton\Local Settings\Application Data\Diagnostics
[2017/06/24 16:30:24 | 000,000,000 | —D | M] – C:\Users\hilton\Local Settings\Application Data\ElevatedDiagnostics
[2017/04/12 14:16:23 | 000,000,000 | —D | M] – C:\Users\hilton\Local Settings\Application Data\Google
[2017/06/26 14:32:31 | 000,000,000 | —D | M] – C:\Users\hilton\Local Settings\Application Data\GoToAssist Remote Support Customer
[2016/07/03 12:23:08 | 000,000,000 | —D | M] – C:\Users\hilton\Local Settings\Application Data\GWX
[2016/06/29 16:31:07 | 000,000,000 | -HSD | M] – C:\Users\hilton\Local Settings\Application Data\History
[2016/09/05 16:30:04 | 000,000,000 | —D | M] – C:\Users\hilton\Local Settings\Application Data\LogMeIn Rescue Applet
[2016/09/05 14:21:27 | 000,000,000 | —D | M] – C:\Users\hilton\Local Settings\Application Data\McAfee File Lock
[2017/06/26 14:32:31 | 000,000,000 | —D | M] – C:\Users\hilton\Local Settings\Application Data\Microsoft
[2017/04/12 14:16:41 | 000,000,000 | —D | M] – C:\Users\hilton\Local Settings\Application Data\Microsoft Games
[2017/04/12 14:18:44 | 000,000,000 | —D | M] – C:\Users\hilton\Local Settings\Application Data\Mozilla
[2016/08/12 12:28:34 | 000,000,000 | —D | M] – C:\Users\hilton\Local Settings\Application Data\Packages
[2016/07/02 15:09:05 | 000,000,000 | —D | M] – C:\Users\hilton\Local Settings\Application Data\Programs
[2017/06/26 14:32:31 | 000,000,000 | —D | M] – C:\Users\hilton\Local Settings\Application Data\Stardock
[2017/06/30 13:11:25 | 000,000,000 | —D | M] – C:\Users\hilton\Local Settings\Application Data\Temp
[2016/06/29 16:31:07 | 000,000,000 | -HSD | M] – C:\Users\hilton\Local Settings\Application Data\Temporary Internet Files
[2017/04/12 14:19:23 | 000,000,000 | —D | M] – C:\Users\hilton\Local Settings\Application Data\VirtualStore

< %Userprofile%\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave\FlashWritableRoot#SharedObjects* >

< %Userprofile%\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave\FlashWritableRoot#SharedObjects*. >

< %Userprofile%\Local Settings\Application Data\Google\Chrome\User Data\Default\Pepper Data\Shockwave FlashWritableRoot#SharedObjects* >

< %Userprofile%\Local Settings\Application Data\Google\Chrome\User Data\Default\Pepper Data\Shockwave FlashWritableRoot#SharedObjects*. >

< %programFiles%* >
[2016/09/05 14:05:34 | 000,000,174 | -HS- | M] () – C:\Program Files\desktop.ini

< %programFiles%*. >
[2017/04/12 14:10:12 | 000,000,000 | —D | M] – C:\Program Files\Adobe
[2017/04/12 14:10:41 | 000,000,000 | —D | M] – C:\Program Files\Analog Devices
[2017/04/12 14:12:06 | 000,000,000 | —D | M] – C:\Program Files\Canon
[2017/04/12 14:12:10 | 000,000,000 | -H-D | M] – C:\Program Files\CanonBJ
[2017/06/26 14:32:50 | 000,000,000 | —D | M] – C:\Program Files\CCleaner
[2017/06/13 10:23:10 | 000,000,000 | —D | M] – C:\Program Files\Citrix
[2017/06/26 14:32:50 | 000,000,000 | —D | M] – C:\Program Files\Common Files
[2016/08/12 15:08:52 | 000,000,000 | —D | M] – C:\Program Files\Dashlane
[2017/06/26 14:32:50 | 000,000,000 | —D | M] – C:\Program Files\Driver Support
[2017/03/15 03:22:57 | 000,000,000 | —D | M] – C:\Program Files\DVD Maker
[2017/06/26 14:32:50 | 000,000,000 | —D | M] – C:\Program Files\eM Client
[2017/06/26 14:32:47 | 000,000,000 | —D | M] – C:\Program Files\Google
[2017/04/12 14:12:44 | 000,000,000 | -H-D | M] – C:\Program Files\InstallShield Installation Information
[2017/06/26 14:32:47 | 000,000,000 | —D | M] – C:\Program Files\Intel
[2017/06/26 14:32:46 | 000,000,000 | —D | M] – C:\Program Files\Internet Explorer
[2017/06/26 14:32:46 | 000,000,000 | —D | M] – C:\Program Files\Kodi
[2017/06/21 15:04:26 | 000,000,000 | —D | M] – C:\Program Files\Malwarebytes
[2017/06/26 14:32:46 | 000,000,000 | —D | M] – C:\Program Files\McAfee
[2017/06/26 14:32:46 | 000,000,000 | —D | M] – C:\Program Files\Microsoft Games
[2017/06/26 14:32:45 | 000,000,000 | —D | M] – C:\Program Files\Microsoft Silverlight
[2016/07/02 03:18:15 | 000,000,000 | —D | M] – C:\Program Files\Microsoft.NET
[2017/06/28 15:25:11 | 000,000,000 | —D | M] – C:\Program Files\Mozilla Firefox
[2017/06/26 14:32:45 | 000,000,000 | —D | M] – C:\Program Files\Mozilla Maintenance Service
[2017/04/12 14:13:30 | 000,000,000 | —D | M] – C:\Program Files\MSBuild
[2017/05/17 14:10:13 | 000,000,000 | —D | M] – C:\Program Files\Norton Security
[2017/05/17 13:59:39 | 000,000,000 | —D | M] – C:\Program Files\NortonInstaller
[2017/04/12 14:13:50 | 000,000,000 | —D | M] – C:\Program Files\OpenOffice 4
[2017/04/12 14:13:51 | 000,000,000 | —D | M] – C:\Program Files\PCPitstop
[2009/07/14 00:52:30 | 000,000,000 | —D | M] – C:\Program Files\Reference Assemblies
[2017/04/12 14:13:51 | 000,000,000 | —D | M] – C:\Program Files\SAMSUNG
[2017/04/12 14:14:03 | 000,000,000 | —D | M] – C:\Program Files\Siber Systems
[2017/04/12 14:14:10 | 000,000,000 | —D | M] – C:\Program Files\Stardock
[2017/04/12 14:14:15 | 000,000,000 | —D | M] – C:\Program Files\Synaptics
[2009/07/14 00:53:23 | 000,000,000 | -H-D | M] – C:\Program Files\Uninstall Information
[2017/04/12 14:14:16 | 000,000,000 | —D | M] – C:\Program Files\WIDCOMM
[2016/07/02 13:56:24 | 000,000,000 | —D | M] – C:\Program Files\Windows Defender
[2010/11/20 20:38:49 | 000,000,000 | —D | M] – C:\Program Files\Windows Mail
[2016/10/13 03:21:51 | 000,000,000 | —D | M] – C:\Program Files\Windows Media Player
[2017/04/12 14:14:36 | 000,000,000 | —D | M] – C:\Program Files\Windows NT
[2010/11/20 20:38:49 | 000,000,000 | —D | M] – C:\Program Files\Windows Photo Viewer
[2010/11/20 17:33:48 | 000,000,000 | —D | M] – C:\Program Files\Windows Portable Devices
[2017/06/26 14:32:42 | 000,000,000 | —D | M] – C:\Program Files\Windows Sidebar

< %programfiles%\Google\Desktop*. >

< %ProgramFiles%\Common Files* >

< %ProgramFiles%\Common Files*. >
[2017/06/26 14:32:50 | 000,000,000 | —D | M] – C:\Program Files\Common Files\Adobe
[2017/04/20 11:08:15 | 000,000,000 | —D | M] – C:\Program Files\Common Files\AV
[2016/12/18 22:15:14 | 000,000,000 | —D | M] – C:\Program Files\Common Files\McAfee
[2017/06/26 14:32:50 | 000,000,000 | —D | M] – C:\Program Files\Common Files\microsoft shared
[2017/06/26 14:32:50 | 000,000,000 | —D | M] – C:\Program Files\Common Files\postureAgent
[2009/07/13 22:37:05 | 000,000,000 | —D | M] – C:\Program Files\Common Files\Services
[2009/07/13 22:37:05 | 000,000,000 | —D | M] – C:\Program Files\Common Files\SpeechEngines
[2017/06/26 14:32:50 | 000,000,000 | —D | M] – C:\Program Files\Common Files\System
Invalid Environment Variable: ProgramFiles(X86)
Invalid Environment Variable: ProgramFiles(X86)

< %Systemroot%\Installer* >

< %Systemroot%\Installer*. >
[2017/06/26 14:32:20 | 000,000,000 | -HSD | M] – C:\Windows\Installer

< %Systemroot%\Temp*.exe /s >
[2017/06/28 14:49:06 | 001,393,496 | ---- | M] (Google Inc.) – C:\Windows\Temp\CR_95FA6.tmp\setup.exe

< %systemroot%\system32*.dll /lockedfiles >

< %systemroot%\system32*.exe /lockedfiles >

< %systemroot%\system32*.in* >
[2009/07/14 00:42:29 | 000,000,073 | -HS- | M] () – C:\Windows\system32\desktop.ini
[2016/06/29 16:51:31 | 000,016,303 | ---- | M] () – C:\Windows\system32\ieuinit.inf
[2009/07/14 00:42:26 | 000,000,535 | ---- | M] () – C:\Windows\system32\mapisvc.inf
[2017/06/28 12:57:47 | 000,781,298 | ---- | M] () – C:\Windows\system32\PerfStringBackup.INI
[2009/06/10 17:39:59 | 000,060,124 | ---- | M] () – C:\Windows\system32\tcpmon.ini

< %systemroot%\PSS* /s >
[2017/02/27 15:05:38 | 000,000,834 | ---- | M] () – C:\Windows\PSS\Bluetooth.lnk.CommonStartup

< %systemroot%\Tasks* >
[2017/06/28 12:53:37 | 000,000,006 | -H-- | M] () – C:\Windows\Tasks\SA.DAT
[2009/07/14 00:53:46 | 000,014,124 | ---- | M] () – C:\Windows\Tasks\SCHEDLGU(29).TXT
[2017/06/21 11:12:17 | 000,032,576 | ---- | M] () – C:\Windows\Tasks\SCHEDLGU.TXT

< %systemroot%\Tasks*. >

< %systemroot%\system32\Tasks* >
[2017/05/05 18:26:22 | 000,004,464 | ---- | M] () – C:\Windows\system32\Tasks\Adobe Acrobat Update Task
[2017/06/15 13:19:19 | 000,004,312 | ---- | M] () – C:\Windows\system32\Tasks\Adobe Flash Player Updater
[2016/07/02 15:47:30 | 000,002,794 | ---- | M] () – C:\Windows\system32\Tasks\CCleanerSkipUAC
[2017/04/27 14:41:46 | 000,003,190 | ---- | M] () – C:\Windows\system32\Tasks\GoogleUpdateTaskMachineC ore
[2017/04/27 14:41:47 | 000,003,318 | ---- | M] () – C:\Windows\system32\Tasks\GoogleUpdateTaskMachineU A
[2017/06/21 14:27:57 | 000,004,118 | ---- | M] () – C:\Windows\system32\Tasks\Open URL by RoboForm
[2017/06/21 14:27:56 | 000,003,572 | ---- | M] () – C:\Windows\system32\Tasks\Run RoboForm TaskBar Icon

< %systemroot%\system32\Tasks*. >
[2017/06/25 17:11:28 | 000,000,000 | —D | M] – C:\Windows\system32\Tasks\Games
[2017/06/26 14:32:19 | 000,000,000 | —D | M] – C:\Windows\system32\Tasks\Microsoft
[2017/06/26 14:32:19 | 000,000,000 | —D | M] – C:\Windows\system32\Tasks\WPD

< %systemroot%\syswow64\Tasks* >

< %systemroot%\syswow64\Tasks*. >

< %systemroot%\system32\drivers*.sy* /lockedfiles >
[14 C:\Windows\system32\drivers*.tmp files → C:\Windows\system32\drivers*.tmp → ]

< %systemroot%\system32\config*.exe /s >

< %Systemroot%\ServiceProfiles*.exe /s >

< %systemroot%\system32*.sys >
[2009/07/13 17:40:41 | 000,009,029 | ---- | M] () – C:\Windows\system32\ANSI.SYS
[2016/11/17 12:27:53 | 000,250,600 | ---- | M] (Microsoft Corporation) – C:\Windows\system32\clfs.sys
[2009/07/13 17:40:44 | 000,027,097 | ---- | M] () – C:\Windows\system32\country.sys
[2009/07/13 17:40:40 | 000,004,768 | ---- | M] () – C:\Windows\system32\HIMEM.SYS
[2009/07/13 17:40:43 | 000,042,809 | ---- | M] () – C:\Windows\system32\KEY01.SYS
[2009/07/13 17:40:43 | 000,042,537 | ---- | M] () – C:\Windows\system32\KEYBOARD.SYS
[2009/07/13 17:40:23 | 000,027,866 | ---- | M] () – C:\Windows\system32\NTDOS.SYS
[2009/07/13 17:40:31 | 000,029,146 | ---- | M] () – C:\Windows\system32\NTDOS404.SYS
[2009/07/13 17:40:35 | 000,029,370 | ---- | M] () – C:\Windows\system32\NTDOS411.SYS
[2009/07/13 17:40:39 | 000,029,274 | ---- | M] () – C:\Windows\system32\NTDOS412.SYS
[2009/07/13 17:40:27 | 000,029,146 | ---- | M] () – C:\Windows\system32\NTDOS804.SYS
[2009/07/13 17:40:11 | 000,033,952 | ---- | M] () – C:\Windows\system32\NTIO.SYS
[2009/07/13 17:40:15 | 000,034,672 | ---- | M] () – C:\Windows\system32\NTIO404.SYS
[2009/07/13 17:40:17 | 000,035,776 | ---- | M] () – C:\Windows\system32\NTIO411.SYS
[2009/07/13 17:40:19 | 000,035,536 | ---- | M] () – C:\Windows\system32\NTIO412.SYS
[2009/07/13 17:40:13 | 000,034,672 | ---- | M] () – C:\Windows\system32\NTIO804.SYS
[2017/05/12 13:44:14 | 002,401,792 | ---- | M] (Microsoft Corporation) – C:\Windows\system32\win32k.sys

< dir %Homedrive%* /S /A:L /C >
Volume in drive C is Windows
Volume Serial Number is 12EF-4412
Directory of C:
07/14/2009 12:53 AM Documents and Settings [C:\Users]
0 File(s) 0 bytes
Directory of C:\ProgramData
07/14/2009 12:53 AM Application Data [C:\ProgramData]
07/14/2009 12:53 AM Desktop [C:\Users\Public\Desktop]
07/14/2009 12:53 AM Documents [C:\Users\Public\Documents]
07/14/2009 12:53 AM Favorites [C:\Users\Public\Favorites]
07/14/2009 12:53 AM Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
07/14/2009 12:53 AM Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\ProgramData\Application Data
07/14/2009 12:53 AM Application Data [C:\ProgramData]
07/14/2009 12:53 AM Desktop [C:\Users\Public\Desktop]
07/14/2009 12:53 AM Documents [C:\Users\Public\Documents]
07/14/2009 12:53 AM Favorites [C:\Users\Public\Favorites]
07/14/2009 12:53 AM Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
07/14/2009 12:53 AM Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\ProgramData\Application Data\Application Data
07/14/2009 12:53 AM Application Data [C:\ProgramData]
07/14/2009 12:53 AM Desktop [C:\Users\Public\Desktop]
07/14/2009 12:53 AM Documents [C:\Users\Public\Documents]
07/14/2009 12:53 AM Favorites [C:\Users\Public\Favorites]
07/14/2009 12:53 AM Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
07/14/2009 12:53 AM Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\ProgramData\Application Data\Application Data\Application Data
07/14/2009 12:53 AM Application Data [C:\ProgramData]
07/14/2009 12:53 AM Desktop [C:\Users\Public\Desktop]
07/14/2009 12:53 AM Documents [C:\Users\Public\Documents]
07/14/2009 12:53 AM Favorites [C:\Users\Public\Favorites]
07/14/2009 12:53 AM Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
07/14/2009 12:53 AM Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\ProgramData\Application Data\Application Data\Application Data\Application Data
07/14/2009 12:53 AM Application Data [C:\ProgramData]
07/14/2009 12:53 AM Desktop [C:\Users\Public\Desktop]
07/14/2009 12:53 AM Documents [C:\Users\Public\Documents]
07/14/2009 12:53 AM Favorites [C:\Users\Public\Favorites]
07/14/2009 12:53 AM Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
07/14/2009 12:53 AM Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data
07/14/2009 12:53 AM Application Data [C:\ProgramData]
07/14/2009 12:53 AM Desktop [C:\Users\Public\Desktop]
07/14/2009 12:53 AM Documents [C:\Users\Public\Documents]
07/14/2009 12:53 AM Favorites [C:\Users\Public\Favorites]
07/14/2009 12:53 AM Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
07/14/2009 12:53 AM Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
07/14/2009 12:53 AM Application Data [C:\ProgramData]
07/14/2009 12:53 AM Desktop [C:\Users\Public\Desktop]
07/14/2009 12:53 AM Documents [C:\Users\Public\Documents]
07/14/2009 12:53 AM Favorites [C:\Users\Public\Favorites]
07/14/2009 12:53 AM Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
07/14/2009 12:53 AM Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
07/14/2009 12:53 AM Application Data [C:\ProgramData]
07/14/2009 12:53 AM Desktop [C:\Users\Public\Desktop]
07/14/2009 12:53 AM Documents [C:\Users\Public\Documents]
07/14/2009 12:53 AM Favorites [C:\Users\Public\Favorites]
07/14/2009 12:53 AM Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
07/14/2009 12:53 AM Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
07/14/2009 12:53 AM Application Data [C:\ProgramData]
07/14/2009 12:53 AM Desktop [C:\Users\Public\Desktop]
07/14/2009 12:53 AM Documents [C:\Users\Public\Documents]
07/14/2009 12:53 AM Favorites [C:\Users\Public\Favorites]
07/14/2009 12:53 AM Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
07/14/2009 12:53 AM Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
07/14/2009 12:53 AM Application Data [C:\ProgramData]
07/14/2009 12:53 AM Desktop [C:\Users\Public\Desktop]
07/14/2009 12:53 AM Documents [C:\Users\Public\Documents]
07/14/2009 12:53 AM Favorites [C:\Users\Public\Favorites]
07/14/2009 12:53 AM Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
07/14/2009 12:53 AM Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
07/14/2009 12:53 AM Application Data [C:\ProgramData]
07/14/2009 12:53 AM Desktop [C:\Users\Public\Desktop]
07/14/2009 12:53 AM Documents [C:\Users\Public\Documents]
07/14/2009 12:53 AM Favorites [C:\Users\Public\Favorites]
07/14/2009 12:53 AM Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
07/14/2009 12:53 AM Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
07/14/2009 12:53 AM Application Data [C:\ProgramData]
07/14/2009 12:53 AM Desktop [C:\Users\Public\Desktop]
07/14/2009 12:53 AM Documents [C:\Users\Public\Documents]
07/14/2009 12:53 AM Favorites [C:\Users\Public\Favorites]
07/14/2009 12:53 AM Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
07/14/2009 12:53 AM Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
07/14/2009 12:53 AM Application Data [C:\ProgramData]
07/14/2009 12:53 AM Desktop [C:\Users\Public\Desktop]
07/14/2009 12:53 AM Documents [C:\Users\Public\Documents]
07/14/2009 12:53 AM Favorites [C:\Users\Public\Favorites]
07/14/2009 12:53 AM Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
07/14/2009 12:53 AM Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
07/14/2009 12:53 AM Application Data [C:\ProgramData]
07/14/2009 12:53 AM Desktop [C:\Users\Public\Desktop]
07/14/2009 12:53 AM Documents [C:\Users\Public\Documents]
07/14/2009 12:53 AM Favorites [C:\Users\Public\Favorites]
07/14/2009 12:53 AM Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
07/14/2009 12:53 AM Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
07/14/2009 12:53 AM Application Data [.]
07/14/2009 12:53 AM Desktop [.]
07/14/2009 12:53 AM Documents [.]
07/14/2009 12:53 AM Favorites [.]
07/14/2009 12:53 AM Start Menu [.]
07/14/2009 12:53 AM Templates [.]
0 File(s) 0 bytes
Directory of C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Documents
07/14/2009 12:53 AM My Music [C:\Users\Public\Music]
07/14/2009 12:53 AM My Pictures [C:\Users\Public\Pictures]
07/14/2009 12:53 AM My Videos [C:\Users\Public\Videos]
0 File(s) 0 bytes
Directory of C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Documents
07/14/2009 12:53 AM My Music [C:\Users\Public\Music]
07/14/2009 12:53 AM My Pictures [C:\Users\Public\Pictures]
07/14/2009 12:53 AM My Videos [C:\Users\Public\Videos]
0 File(s) 0 bytes
Directory of C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Documents
07/14/2009 12:53 AM My Music [C:\Users\Public\Music]
07/14/2009 12:53 AM My Pictures [C:\Users\Public\Pictures]
07/14/2009 12:53 AM My Videos [C:\Users\Public\Videos]
0 File(s) 0 bytes
Directory of C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Documents
07/14/2009 12:53 AM My Music [C:\Users\Public\Music]
07/14/2009 12:53 AM My Pictures [C:\Users\Public\Pictures]
07/14/2009 12:53 AM My Videos [C:\Users\Public\Videos]
0 File(s) 0 bytes
Directory of C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Documents
07/14/2009 12:53 AM My Music [C:\Users\Public\Music]
07/14/2009 12:53 AM My Pictures [C:\Users\Public\Pictures]
07/14/2009 12:53 AM My Videos [C:\Users\Public\Videos]
0 File(s) 0 bytes
Directory of C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Documents
07/14/2009 12:53 AM My Music [C:\Users\Public\Music]
07/14/2009 12:53 AM My Pictures [C:\Users\Public\Pictures]
07/14/2009 12:53 AM My Videos [C:\Users\Public\Videos]
0 File(s) 0 bytes
Directory of C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Documents
07/14/2009 12:53 AM My Music [C:\Users\Public\Music]
07/14/2009 12:53 AM My Pictures [C:\Users\Public\Pictures]
07/14/2009 12:53 AM My Videos [C:\Users\Public\Videos]
0 File(s) 0 bytes
Directory of C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Documents
07/14/2009 12:53 AM My Music [C:\Users\Public\Music]
07/14/2009 12:53 AM My Pictures [C:\Users\Public\Pictures]
07/14/2009 12:53 AM My Videos [C:\Users\Public\Videos]
0 File(s) 0 bytes
Directory of C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Documents
07/14/2009 12:53 AM My Music [C:\Users\Public\Music]
07/14/2009 12:53 AM My Pictures [C:\Users\Public\Pictures]
07/14/2009 12:53 AM My Videos [C:\Users\Public\Videos]
0 File(s) 0 bytes
Directory of C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Documents
07/14/2009 12:53 AM My Music [C:\Users\Public\Music]
07/14/2009 12:53 AM My Pictures [C:\Users\Public\Pictures]
07/14/2009 12:53 AM My Videos [C:\Users\Public\Videos]
0 File(s) 0 bytes
Directory of C:\ProgramData\Application Data\Application Data\Application Data\Documents
07/14/2009 12:53 AM My Music [C:\Users\Public\Music]
07/14/2009 12:53 AM My Pictures [C:\Users\Public\Pictures]
07/14/2009 12:53 AM My Videos [C:\Users\Public\Videos]
0 File(s) 0 bytes
Directory of C:\ProgramData\Application Data\Application Data\Documents
07/14/2009 12:53 AM My Music [C:\Users\Public\Music]
07/14/2009 12:53 AM My Pictures [C:\Users\Public\Pictures]
07/14/2009 12:53 AM My Videos [C:\Users\Public\Videos]
0 File(s) 0 bytes
Directory of C:\ProgramData\Application Data\Documents
07/14/2009 12:53 AM My Music [C:\Users\Public\Music]
07/14/2009 12:53 AM My Pictures [C:\Users\Public\Pictures]
07/14/2009 12:53 AM My Videos [C:\Users\Public\Videos]
0 File(s) 0 bytes
Directory of C:\ProgramData\Documents
07/14/2009 12:53 AM My Music [C:\Users\Public\Music]
07/14/2009 12:53 AM My Pictures [C:\Users\Public\Pictures]
07/14/2009 12:53 AM My Videos [C:\Users\Public\Videos]
0 File(s) 0 bytes
Directory of C:\Users
07/14/2009 12:53 AM All Users [C:\ProgramData]
07/14/2009 12:53 AM Default User [C:\Users\Default]
0 File(s) 0 bytes
Directory of C:\Users\All Users
07/14/2009 12:53 AM Application Data [C:\ProgramData]
07/14/2009 12:53 AM Desktop [C:\Users\Public\Desktop]
07/14/2009 12:53 AM Documents [C:\Users\Public\Documents]
07/14/2009 12:53 AM Favorites [C:\Users\Public\Favorites]
07/14/2009 12:53 AM Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
07/14/2009 12:53 AM Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\All Users\Application Data
07/14/2009 12:53 AM Application Data [C:\ProgramData]
07/14/2009 12:53 AM Desktop [C:\Users\Public\Desktop]
07/14/2009 12:53 AM Documents [C:\Users\Public\Documents]
07/14/2009 12:53 AM Favorites [C:\Users\Public\Favorites]
07/14/2009 12:53 AM Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
07/14/2009 12:53 AM Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\All Users\Application Data\Application Data
07/14/2009 12:53 AM Application Data [C:\ProgramData]
07/14/2009 12:53 AM Desktop [C:\Users\Public\Desktop]
07/14/2009 12:53 AM Documents [C:\Users\Public\Documents]
07/14/2009 12:53 AM Favorites [C:\Users\Public\Favorites]
07/14/2009 12:53 AM Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
07/14/2009 12:53 AM Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\All Users\Application Data\Application Data\Application Data
07/14/2009 12:53 AM Application Data [C:\ProgramData]
07/14/2009 12:53 AM Desktop [C:\Users\Public\Desktop]
07/14/2009 12:53 AM Documents [C:\Users\Public\Documents]
07/14/2009 12:53 AM Favorites [C:\Users\Public\Favorites]
07/14/2009 12:53 AM Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
07/14/2009 12:53 AM Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\All Users\Application Data\Application Data\Application Data\Application Data
07/14/2009 12:53 AM Application Data [C:\ProgramData]
07/14/2009 12:53 AM Desktop [C:\Users\Public\Desktop]
07/14/2009 12:53 AM Documents [C:\Users\Public\Documents]
07/14/2009 12:53 AM Favorites [C:\Users\Public\Favorites]
07/14/2009 12:53 AM Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
07/14/2009 12:53 AM Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data
07/14/2009 12:53 AM Application Data [C:\ProgramData]
07/14/2009 12:53 AM Desktop [C:\Users\Public\Desktop]
07/14/2009 12:53 AM Documents [C:\Users\Public\Documents]
07/14/2009 12:53 AM Favorites [C:\Users\Public\Favorites]
07/14/2009 12:53 AM Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
07/14/2009 12:53 AM Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
07/14/2009 12:53 AM Application Data [C:\ProgramData]
07/14/2009 12:53 AM Desktop [C:\Users\Public\Desktop]
07/14/2009 12:53 AM Documents [C:\Users\Public\Documents]
07/14/2009 12:53 AM Favorites [C:\Users\Public\Favorites]
07/14/2009 12:53 AM Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
07/14/2009 12:53 AM Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
07/14/2009 12:53 AM Application Data [C:\ProgramData]
07/14/2009 12:53 AM Desktop [C:\Users\Public\Desktop]
07/14/2009 12:53 AM Documents [C:\Users\Public\Documents]
07/14/2009 12:53 AM Favorites [C:\Users\Public\Favorites]
07/14/2009 12:53 AM Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
07/14/2009 12:53 AM Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
07/14/2009 12:53 AM Application Data [C:\ProgramData]
07/14/2009 12:53 AM Desktop [C:\Users\Public\Desktop]
07/14/2009 12:53 AM Documents [C:\Users\Public\Documents]
07/14/2009 12:53 AM Favorites [C:\Users\Public\Favorites]
07/14/2009 12:53 AM Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
07/14/2009 12:53 AM Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
07/14/2009 12:53 AM Application Data [C:\ProgramData]
07/14/2009 12:53 AM Desktop [C:\Users\Public\Desktop]
07/14/2009 12:53 AM Documents [C:\Users\Public\Documents]
07/14/2009 12:53 AM Favorites [C:\Users\Public\Favorites]
07/14/2009 12:53 AM Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
07/14/2009 12:53 AM Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
07/14/2009 12:53 AM Application Data [C:\ProgramData]
07/14/2009 12:53 AM Desktop [C:\Users\Public\Desktop]
07/14/2009 12:53 AM Documents [C:\Users\Public\Documents]
07/14/2009 12:53 AM Favorites [C:\Users\Public\Favorites]
07/14/2009 12:53 AM Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
07/14/2009 12:53 AM Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
07/14/2009 12:53 AM Application Data [C:\ProgramData]
07/14/2009 12:53 AM Desktop [C:\Users\Public\Desktop]
07/14/2009 12:53 AM Documents [C:\Users\Public\Documents]
07/14/2009 12:53 AM Favorites [C:\Users\Public\Favorites]
07/14/2009 12:53 AM Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
07/14/2009 12:53 AM Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
07/14/2009 12:53 AM Application Data [C:\ProgramData]
07/14/2009 12:53 AM Desktop [C:\Users\Public\Desktop]
07/14/2009 12:53 AM Documents [C:\Users\Public\Documents]
07/14/2009 12:53 AM Favorites [C:\Users\Public\Favorites]
07/14/2009 12:53 AM Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
07/14/2009 12:53 AM Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
07/14/2009 12:53 AM Application Data [C:\ProgramData]
07/14/2009 12:53 AM Desktop [C:\Users\Public\Desktop]
07/14/2009 12:53 AM Documents [C:\Users\Public\Documents]
07/14/2009 12:53 AM Favorites [C:\Users\Public\Favorites]
07/14/2009 12:53 AM Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
07/14/2009 12:53 AM Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
07/14/2009 12:53 AM Application Data [.]
07/14/2009 12:53 AM Desktop [.]
07/14/2009 12:53 AM Documents [.]
07/14/2009 12:53 AM Favorites [.]
07/14/2009 12:53 AM Start Menu [.]
07/14/2009 12:53 AM Templates [.]
0 File(s) 0 bytes
Directory of C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Documents
07/14/2009 12:53 AM My Music [C:\Users\Public\Music]
07/14/2009 12:53 AM My Pictures [.]
07/14/2009 12:53 AM My Videos [C:\Users\Public\Videos]
0 File(s) 0 bytes
Directory of C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Documents
07/14/2009 12:53 AM My Music [C:\Users\Public\Music]
07/14/2009 12:53 AM My Pictures [C:\Users\Public\Pictures]
07/14/2009 12:53 AM My Videos [C:\Users\Public\Videos]
0 File(s) 0 bytes
Directory of C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Documents
07/14/2009 12:53 AM My Music [C:\Users\Public\Music]
07/14/2009 12:53 AM My Pictures [C:\Users\Public\Pictures]
07/14/2009 12:53 AM My Videos [C:\Users\Public\Videos]
0 File(s) 0 bytes
Directory of C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Documents
07/14/2009 12:53 AM My Music [C:\Users\Public\Music]
07/14/2009 12:53 AM My Pictures [C:\Users\Public\Pictures]
07/14/2009 12:53 AM My Videos [C:\Users\Public\Videos]
0 File(s) 0 bytes
Directory of C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Documents
07/14/2009 12:53 AM My Music [C:\Users\Public\Music]
07/14/2009 12:53 AM My Pictures [C:\Users\Public\Pictures]
07/14/2009 12:53 AM My Videos [C:\Users\Public\Videos]
0 File(s) 0 bytes
Directory of C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Documents
07/14/2009 12:53 AM My Music [C:\Users\Public\Music]
07/14/2009 12:53 AM My Pictures [C:\Users\Public\Pictures]
07/14/2009 12:53 AM My Videos [C:\Users\Public\Videos]
0 File(s) 0 bytes
Directory of C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Documents
07/14/2009 12:53 AM My Music [C:\Users\Public\Music]
07/14/2009 12:53 AM My Pictures [C:\Users\Public\Pictures]
07/14/2009 12:53 AM My Videos [C:\Users\Public\Videos]
0 File(s) 0 bytes
Directory of C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Documents
07/14/2009 12:53 AM My Music [C:\Users\Public\Music]
07/14/2009 12:53 AM My Pictures [C:\Users\Public\Pictures]
07/14/2009 12:53 AM My Videos [C:\Users\Public\Videos]
0 File(s) 0 bytes
Directory of C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Documents
07/14/2009 12:53 AM My Music [C:\Users\Public\Music]
07/14/2009 12:53 AM My Pictures [C:\Users\Public\Pictures]
07/14/2009 12:53 AM My Videos [C:\Users\Public\Videos]
0 File(s) 0 bytes
Directory of C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Documents
07/14/2009 12:53 AM My Music [C:\Users\Public\Music]
07/14/2009 12:53 AM My Pictures [C:\Users\Public\Pictures]
07/14/2009 12:53 AM My Videos [C:\Users\Public\Videos]
0 File(s) 0 bytes
Directory of C:\Users\All Users\Application Data\Application Data\Application Data\Documents
07/14/2009 12:53 AM My Music [C:\Users\Public\Music]
07/14/2009 12:53 AM My Pictures [C:\Users\Public\Pictures]
07/14/2009 12:53 AM My Videos [C:\Users\Public\Videos]
0 File(s) 0 bytes
Directory of C:\Users\All Users\Application Data\Application Data\Documents
07/14/2009 12:53 AM My Music [C:\Users\Public\Music]
07/14/2009 12:53 AM My Pictures [C:\Users\Public\Pictures]
07/14/2009 12:53 AM My Videos [C:\Users\Public\Videos]
0 File(s) 0 bytes
Directory of C:\Users\All Users\Application Data\Documents
07/14/2009 12:53 AM My Music [C:\Users\Public\Music]
07/14/2009 12:53 AM My Pictures [C:\Users\Public\Pictures]
07/14/2009 12:53 AM My Videos [C:\Users\Public\Videos]
0 File(s) 0 bytes
Directory of C:\Users\All Users\Documents
07/14/2009 12:53 AM My Music [C:\Users\Public\Music]
07/14/2009 12:53 AM My Pictures [C:\Users\Public\Pictures]
07/14/2009 12:53 AM My Videos [C:\Users\Public\Videos]
0 File(s) 0 bytes
Directory of C:\Users\Default
07/14/2009 12:53 AM Application Data [C:\Users\Default\AppData\Roaming]
07/14/2009 12:53 AM Cookies [C:\Users\Default\AppData\Roaming\Microsoft\Windows \Cookies]
07/14/2009 12:53 AM Local Settings [C:\Users\Default\AppData\Local]
07/14/2009 12:53 AM My Documents [C:\Users\Default\Documents]
07/14/2009 12:53 AM NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows \Network Shortcuts]
07/14/2009 12:53 AM PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows \Printer Shortcuts]
07/14/2009 12:53 AM Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows \Recent]
07/14/2009 12:53 AM SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows \SendTo]
07/14/2009 12:53 AM Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows \Start Menu]
07/14/2009 12:53 AM Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows \Templates]
0 File(s) 0 bytes
Directory of C:\Users\Default\AppData\Local
07/14/2009 12:53 AM Application Data [C:\Users\Default\AppData\Local]
07/14/2009 12:53 AM History [C:\Users\Default\AppData\Local\Microsoft\Windows\H istory]
07/14/2009 12:53 AM Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\T emporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\Default\Documents
07/14/2009 12:53 AM My Music [C:\Users\Default\Music]
07/14/2009 12:53 AM My Pictures [C:\Users\Default\Pictures]
07/14/2009 12:53 AM My Videos [C:\Users\Default\Videos]
0 File(s) 0 bytes
Directory of C:\Users\hilton
06/29/2016 04:31 PM Application Data [C:\Users\hilton\AppData\Roaming]
06/29/2016 04:31 PM Cookies [C:\Users\hilton\AppData\Roaming\Microsoft\Windows\ Cookies]
06/29/2016 04:31 PM Local Settings [C:\Users\hilton\AppData\Local]
06/29/2016 04:31 PM My Documents [C:\Users\hilton\Documents]
06/29/2016 04:31 PM NetHood [C:\Users\hilton\AppData\Roaming\Microsoft\Windows\ Network Shortcuts]
06/29/2016 04:31 PM PrintHood [C:\Users\hilton\AppData\Roaming\Microsoft\Windows\ Printer Shortcuts]
06/29/2016 04:31 PM Recent [C:\Users\hilton\AppData\Roaming\Microsoft\Windows\ Recent]
06/29/2016 04:31 PM SendTo [C:\Users\hilton\AppData\Roaming\Microsoft\Windows\ SendTo]
06/29/2016 04:31 PM Start Menu [C:\Users\hilton\AppData\Roaming\Microsoft\Windows\ Start Menu]
06/29/2016 04:31 PM Templates [C:\Users\hilton\AppData\Roaming\Microsoft\Windows\ Templates]
0 File(s) 0 bytes
Directory of C:\Users\hilton\AppData\Local
06/29/2016 04:31 PM Application Data [C:\Users\hilton\AppData\Local]
06/29/2016 04:31 PM History [C:\Users\hilton\AppData\Local\Microsoft\Windows\Hi story]
06/29/2016 04:31 PM Temporary Internet Files [C:\Users\hilton\AppData\Local\Microsoft\Windows\Te mporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\hilton\AppData\Local\Application Data
06/29/2016 04:31 PM Application Data [C:\Users\hilton\AppData\Local]
06/29/2016 04:31 PM History [C:\Users\hilton\AppData\Local\Microsoft\Windows\Hi story]
06/29/2016 04:31 PM Temporary Internet Files [C:\Users\hilton\AppData\Local\Microsoft\Windows\Te mporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\hilton\AppData\Local\Application Data\Application Data
06/29/2016 04:31 PM Application Data [C:\Users\hilton\AppData\Local]
06/29/2016 04:31 PM History [C:\Users\hilton\AppData\Local\Microsoft\Windows\Hi story]
06/29/2016 04:31 PM Temporary Internet Files [C:\Users\hilton\AppData\Local\Microsoft\Windows\Te mporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\hilton\AppData\Local\Application Data\Application Data\Application Data
06/29/2016 04:31 PM Application Data [C:\Users\hilton\AppData\Local]
06/29/2016 04:31 PM History [C:\Users\hilton\AppData\Local\Microsoft\Windows\Hi story]
06/29/2016 04:31 PM Temporary Internet Files [C:\Users\hilton\AppData\Local\Microsoft\Windows\Te mporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\hilton\AppData\Local\Application Data\Application Data\Application Data\Application Data
06/29/2016 04:31 PM Application Data [C:\Users\hilton\AppData\Local]
06/29/2016 04:31 PM History [C:\Users\hilton\AppData\Local\Microsoft\Windows\Hi story]
06/29/2016 04:31 PM Temporary Internet Files [C:\Users\hilton\AppData\Local\Microsoft\Windows\Te mporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\hilton\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data
06/29/2016 04:31 PM Application Data [C:\Users\hilton\AppData\Local]
06/29/2016 04:31 PM History [C:\Users\hilton\AppData\Local\Microsoft\Windows\Hi story]
06/29/2016 04:31 PM Temporary Internet Files [C:\Users\hilton\AppData\Local\Microsoft\Windows\Te mporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\hilton\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
06/29/2016 04:31 PM Application Data [C:\Users\hilton\AppData\Local]
06/29/2016 04:31 PM History [C:\Users\hilton\AppData\Local\Microsoft\Windows\Hi story]
06/29/2016 04:31 PM Temporary Internet Files [C:\Users\hilton\AppData\Local\Microsoft\Windows\Te mporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\hilton\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
06/29/2016 04:31 PM Application Data [C:\Users\hilton\AppData\Local]
06/29/2016 04:31 PM History [C:\Users\hilton\AppData\Local\Microsoft\Windows\Hi story]
06/29/2016 04:31 PM Temporary Internet Files [C:\Users\hilton\AppData\Local\Microsoft\Windows\Te mporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\hilton\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
06/29/2016 04:31 PM Application Data [C:\Users\hilton\AppData\Local]
06/29/2016 04:31 PM History [C:\Users\hilton\AppData\Local\Microsoft\Windows\Hi story]
06/29/2016 04:31 PM Temporary Internet Files [C:\Users\hilton\AppData\Local\Microsoft\Windows\Te mporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\hilton\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
06/29/2016 04:31 PM Application Data [C:\Users\hilton\AppData\Local]
06/29/2016 04:31 PM History [C:\Users\hilton\AppData\Local\Microsoft\Windows\Hi story]
06/29/2016 04:31 PM Temporary Internet Files [C:\Users\hilton\AppData\Local\Microsoft\Windows\Te mporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\hilton\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
06/29/2016 04:31 PM Application Data [C:\Users\hilton\AppData\Local]
06/29/2016 04:31 PM History [C:\Users\hilton\AppData\Local\Microsoft\Windows\Hi story]
06/29/2016 04:31 PM Temporary Internet Files [C:\Users\hilton\AppData\Local\Microsoft\Windows\Te mporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\hilton\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
06/29/2016 04:31 PM Application Data [C:\Users\hilton\AppData\Local]
06/29/2016 04:31 PM History [C:\Users\hilton\AppData\Local\Microsoft\Windows\Hi story]
06/29/2016 04:31 PM Temporary Internet Files [C:\Users\hilton\AppData\Local\Microsoft\Windows\Te mporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\hilton\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
06/29/2016 04:31 PM Application Data [C:\Users\hilton\AppData\Local]
06/29/2016 04:31 PM History [C:\Users\hilton\AppData\Local\Microsoft\Windows\Hi story]
06/29/2016 04:31 PM Temporary Internet Files [C:\Users\hilton\AppData\Local\Microsoft\Windows\Te mporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\hilton\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
06/29/2016 04:31 PM Application Data [.]
06/29/2016 04:31 PM History [C:\Users\hilton\AppData\Local\Microsoft\Windows\Hi story]
06/29/2016 04:31 PM Temporary Internet Files [.]
0 File(s) 0 bytes
Directory of C:\Users\hilton\AppData\LocalLow
05/21/2017 02:31 PM PlayReady [C:\ProgramData\Microsoft\PlayReady]
0 File(s) 0 bytes
Directory of C:\Users\hilton\Documents
06/29/2016 04:31 PM My Music [C:\Users\hilton\Music]
06/29/2016 04:31 PM My Pictures [C:\Users\hilton\Pictures]
06/29/2016 04:31 PM My Videos [C:\Users\hilton\Videos]
0 File(s) 0 bytes
Directory of C:\Users\hilton\Local Settings
06/29/2016 04:31 PM Application Data [C:\Users\hilton\AppData\Local]
06/29/2016 04:31 PM History [C:\Users\hilton\AppData\Local\Microsoft\Windows\Hi story]
06/29/2016 04:31 PM Temporary Internet Files [C:\Users\hilton\AppData\Local\Microsoft\Windows\Te mporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\hilton\Local Settings\Application Data
06/29/2016 04:31 PM Application Data [C:\Users\hilton\AppData\Local]
06/29/2016 04:31 PM History [C:\Users\hilton\AppData\Local\Microsoft\Windows\Hi story]
06/29/2016 04:31 PM Temporary Internet Files [C:\Users\hilton\AppData\Local\Microsoft\Windows\Te mporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\hilton\Local Settings\Application Data\Application Data
06/29/2016 04:31 PM Application Data [C:\Users\hilton\AppData\Local]
06/29/2016 04:31 PM History [C:\Users\hilton\AppData\Local\Microsoft\Windows\Hi story]
06/29/2016 04:31 PM Temporary Internet Files [C:\Users\hilton\AppData\Local\Microsoft\Windows\Te mporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\hilton\Local Settings\Application Data\Application Data\Application Data
06/29/2016 04:31 PM Application Data [C:\Users\hilton\AppData\Local]
06/29/2016 04:31 PM History [C:\Users\hilton\AppData\Local\Microsoft\Windows\Hi story]
06/29/2016 04:31 PM Temporary Internet Files [C:\Users\hilton\AppData\Local\Microsoft\Windows\Te mporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\hilton\Local Settings\Application Data\Application Data\Application Data\Application Data
06/29/2016 04:31 PM Application Data [C:\Users\hilton\AppData\Local]
06/29/2016 04:31 PM History [C:\Users\hilton\AppData\Local\Microsoft\Windows\Hi story]
06/29/2016 04:31 PM Temporary Internet Files [C:\Users\hilton\AppData\Local\Microsoft\Windows\Te mporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\hilton\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data
06/29/2016 04:31 PM Application Data [C:\Users\hilton\AppData\Local]
06/29/2016 04:31 PM History [C:\Users\hilton\AppData\Local\Microsoft\Windows\Hi story]
06/29/2016 04:31 PM Temporary Internet Files [C:\Users\hilton\AppData\Local\Microsoft\Windows\Te mporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\hilton\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
06/29/2016 04:31 PM Application Data [C:\Users\hilton\AppData\Local]
06/29/2016 04:31 PM History [C:\Users\hilton\AppData\Local\Microsoft\Windows\Hi story]
06/29/2016 04:31 PM Temporary Internet Files [C:\Users\hilton\AppData\Local\Microsoft\Windows\Te mporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\hilton\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
06/29/2016 04:31 PM Application Data [C:\Users\hilton\AppData\Local]
06/29/2016 04:31 PM History [C:\Users\hilton\AppData\Local\Microsoft\Windows\Hi story]
06/29/2016 04:31 PM Temporary Internet Files [C:\Users\hilton\AppData\Local\Microsoft\Windows\Te mporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\hilton\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
06/29/2016 04:31 PM Application Data [C:\Users\hilton\AppData\Local]
06/29/2016 04:31 PM History [C:\Users\hilton\AppData\Local\Microsoft\Windows\Hi story]
06/29/2016 04:31 PM Temporary Internet Files [C:\Users\hilton\AppData\Local\Microsoft\Windows\Te mporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\hilton\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
06/29/2016 04:31 PM Application Data [C:\Users\hilton\AppData\Local]
06/29/2016 04:31 PM History [C:\Users\hilton\AppData\Local\Microsoft\Windows\Hi story]
06/29/2016 04:31 PM Temporary Internet Files [C:\Users\hilton\AppData\Local\Microsoft\Windows\Te mporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\hilton\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
06/29/2016 04:31 PM Application Data [C:\Users\hilton\AppData\Local]
06/29/2016 04:31 PM History [C:\Users\hilton\AppData\Local\Microsoft\Windows\Hi story]
06/29/2016 04:31 PM Temporary Internet Files [C:\Users\hilton\AppData\Local\Microsoft\Windows\Te mporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\hilton\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
06/29/2016 04:31 PM Application Data [C:\Users\hilton\AppData\Local]
06/29/2016 04:31 PM History [C:\Users\hilton\AppData\Local\Microsoft\Windows\Hi story]
06/29/2016 04:31 PM Temporary Internet Files [C:\Users\hilton\AppData\Local\Microsoft\Windows\Te mporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\hilton\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
06/29/2016 04:31 PM Application Data [C:\Users\hilton\AppData\Local]
06/29/2016 04:31 PM History [C:\Users\hilton\AppData\Local\Microsoft\Windows\Hi story]
06/29/2016 04:31 PM Temporary Internet Files [C:\Users\hilton\AppData\Local\Microsoft\Windows\Te mporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\hilton\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
06/29/2016 04:31 PM Application Data [.]
06/29/2016 04:31 PM History [C:\Users\hilton\AppData\Local\Microsoft\Windows\Hi story]
06/29/2016 04:31 PM Temporary Internet Files [.]
0 File(s) 0 bytes
Directory of C:\Users\hilton\My Documents
06/29/2016 04:31 PM My Music [C:\Users\hilton\Music]
06/29/2016 04:31 PM My Pictures [C:\Users\hilton\Pictures]
06/29/2016 04:31 PM My Videos [C:\Users\hilton\Videos]
0 File(s) 0 bytes
Directory of C:\Users\PCPitstopSVC
07/02/2016 03:44 PM Application Data [C:\Users\PCPitstopSVC\AppData\Roaming]
07/02/2016 03:44 PM Cookies [C:\Users\PCPitstopSVC\AppData\Roaming\Microsoft\Wi ndows\Cookies]
07/02/2016 03:44 PM Local Settings [C:\Users\PCPitstopSVC\AppData\Local]
07/02/2016 03:44 PM My Documents [C:\Users\PCPitstopSVC\Documents]
07/02/2016 03:44 PM NetHood [C:\Users\PCPitstopSVC\AppData\Roaming\Microsoft\Wi ndows\Network Shortcuts]
07/02/2016 03:44 PM PrintHood [C:\Users\PCPitstopSVC\AppData\Roaming\Microsoft\Wi ndows\Printer Shortcuts]
07/02/2016 03:44 PM Recent [C:\Users\PCPitstopSVC\AppData\Roaming\Microsoft\Wi ndows\Recent]
07/02/2016 03:44 PM SendTo [C:\Users\PCPitstopSVC\AppData\Roaming\Microsoft\Wi ndows\SendTo]
07/02/2016 03:44 PM Start Menu [C:\Users\PCPitstopSVC\AppData\Roaming\Microsoft\Wi ndows\Start Menu]
07/02/2016 03:44 PM Templates [C:\Users\PCPitstopSVC\AppData\Roaming\Microsoft\Wi ndows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\PCPitstopSVC\AppData\Local
07/02/2016 03:44 PM Application Data [C:\Users\PCPitstopSVC\AppData\Local]
07/02/2016 03:44 PM History [C:\Users\PCPitstopSVC\AppData\Local\Microsoft\Wind ows\History]
07/02/2016 03:44 PM Temporary Internet Files [C:\Users\PCPitstopSVC\AppData\Local\Microsoft\Wind ows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\PCPitstopSVC\AppData\Local\Application Data
07/02/2016 03:44 PM Application Data [C:\Users\PCPitstopSVC\AppData\Local]
07/02/2016 03:44 PM History [C:\Users\PCPitstopSVC\AppData\Local\Microsoft\Wind ows\History]
07/02/2016 03:44 PM Temporary Internet Files [C:\Users\PCPitstopSVC\AppData\Local\Microsoft\Wind ows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\PCPitstopSVC\AppData\Local\Application Data\Application Data
07/02/2016 03:44 PM Application Data [C:\Users\PCPitstopSVC\AppData\Local]
07/02/2016 03:44 PM History [C:\Users\PCPitstopSVC\AppData\Local\Microsoft\Wind ows\History]
07/02/2016 03:44 PM Temporary Internet Files [C:\Users\PCPitstopSVC\AppData\Local\Microsoft\Wind ows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\PCPitstopSVC\AppData\Local\Application Data\Application Data\Application Data
07/02/2016 03:44 PM Application Data [C:\Users\PCPitstopSVC\AppData\Local]
07/02/2016 03:44 PM History [C:\Users\PCPitstopSVC\AppData\Local\Microsoft\Wind ows\History]
07/02/2016 03:44 PM Temporary Internet Files [C:\Users\PCPitstopSVC\AppData\Local\Microsoft\Wind ows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\PCPitstopSVC\AppData\Local\Application Data\Application Data\Application Data\Application Data
07/02/2016 03:44 PM Application Data [C:\Users\PCPitstopSVC\AppData\Local]
07/02/2016 03:44 PM History [C:\Users\PCPitstopSVC\AppData\Local\Microsoft\Wind ows\History]
07/02/2016 03:44 PM Temporary Internet Files [C:\Users\PCPitstopSVC\AppData\Local\Microsoft\Wind ows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\PCPitstopSVC\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data
07/02/2016 03:44 PM Application Data [C:\Users\PCPitstopSVC\AppData\Local]
07/02/2016 03:44 PM History [C:\Users\PCPitstopSVC\AppData\Local\Microsoft\Wind ows\History]
07/02/2016 03:44 PM Temporary Internet Files [C:\Users\PCPitstopSVC\AppData\Local\Microsoft\Wind ows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\PCPitstopSVC\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
07/02/2016 03:44 PM Application Data [C:\Users\PCPitstopSVC\AppData\Local]
07/02/2016 03:44 PM History [C:\Users\PCPitstopSVC\AppData\Local\Microsoft\Wind ows\History]
07/02/2016 03:44 PM Temporary Internet Files [C:\Users\PCPitstopSVC\AppData\Local\Microsoft\Wind ows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\PCPitstopSVC\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
07/02/2016 03:44 PM Application Data [C:\Users\PCPitstopSVC\AppData\Local]
07/02/2016 03:44 PM History [C:\Users\PCPitstopSVC\AppData\Local\Microsoft\Wind ows\History]
07/02/2016 03:44 PM Temporary Internet Files [C:\Users\PCPitstopSVC\AppData\Local\Microsoft\Wind ows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\PCPitstopSVC\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
07/02/2016 03:44 PM Application Data [C:\Users\PCPitstopSVC\AppData\Local]
07/02/2016 03:44 PM History [C:\Users\PCPitstopSVC\AppData\Local\Microsoft\Wind ows\History]
07/02/2016 03:44 PM Temporary Internet Files [C:\Users\PCPitstopSVC\AppData\Local\Microsoft\Wind ows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\PCPitstopSVC\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
07/02/2016 03:44 PM Application Data [C:\Users\PCPitstopSVC\AppData\Local]
07/02/2016 03:44 PM History [C:\Users\PCPitstopSVC\AppData\Local\Microsoft\Wind ows\History]
07/02/2016 03:44 PM Temporary Internet Files [C:\Users\PCPitstopSVC\AppData\Local\Microsoft\Wind ows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\PCPitstopSVC\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
07/02/2016 03:44 PM Application Data [C:\Users\PCPitstopSVC\AppData\Local]
07/02/2016 03:44 PM History [C:\Users\PCPitstopSVC\AppData\Local\Microsoft\Wind ows\History]
07/02/2016 03:44 PM Temporary Internet Files [C:\Users\PCPitstopSVC\AppData\Local\Microsoft\Wind ows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\PCPitstopSVC\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
07/02/2016 03:44 PM Application Data [C:\Users\PCPitstopSVC\AppData\Local]
07/02/2016 03:44 PM History [C:\Users\PCPitstopSVC\AppData\Local\Microsoft\Wind ows\History]
07/02/2016 03:44 PM Temporary Internet Files [C:\Users\PCPitstopSVC\AppData\Local\Microsoft\Wind ows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\PCPitstopSVC\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
07/02/2016 03:44 PM Application Data [C:\Users\PCPitstopSVC\AppData\Local]
07/02/2016 03:44 PM History [C:\Users\PCPitstopSVC\AppData\Local\Microsoft\Wind ows\History]
07/02/2016 03:44 PM Temporary Internet Files [.]
0 File(s) 0 bytes
Directory of C:\Users\PCPitstopSVC\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
07/02/2016 03:44 PM Application Data [.]
07/02/2016 03:44 PM History [.]
07/02/2016 03:44 PM Temporary Internet Files [.]
0 File(s) 0 bytes
Directory of C:\Users\PCPitstopSVC\Documents
07/02/2016 03:44 PM My Music [C:\Users\PCPitstopSVC\Music]
07/02/2016 03:44 PM My Pictures [C:\Users\PCPitstopSVC\Pictures]
07/02/2016 03:44 PM My Videos [C:\Users\PCPitstopSVC\Videos]
0 File(s) 0 bytes
Directory of C:\Users\PCPitstopSVC\Local Settings
07/02/2016 03:44 PM Application Data [C:\Users\PCPitstopSVC\AppData\Local]
07/02/2016 03:44 PM History [C:\Users\PCPitstopSVC\AppData\Local\Microsoft\Wind ows\History]
07/02/2016 03:44 PM Temporary Internet Files [C:\Users\PCPitstopSVC\AppData\Local\Microsoft\Wind ows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\PCPitstopSVC\Local Settings\Application Data
07/02/2016 03:44 PM Application Data [C:\Users\PCPitstopSVC\AppData\Local]
07/02/2016 03:44 PM History [C:\Users\PCPitstopSVC\AppData\Local\Microsoft\Wind ows\History]
07/02/2016 03:44 PM Temporary Internet Files [C:\Users\PCPitstopSVC\AppData\Local\Microsoft\Wind ows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\PCPitstopSVC\Local Settings\Application Data\Application Data
07/02/2016 03:44 PM Application Data [C:\Users\PCPitstopSVC\AppData\Local]
07/02/2016 03:44 PM History [C:\Users\PCPitstopSVC\AppData\Local\Microsoft\Wind ows\History]
07/02/2016 03:44 PM Temporary Internet Files [C:\Users\PCPitstopSVC\AppData\Local\Microsoft\Wind ows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\PCPitstopSVC\Local Settings\Application Data\Application Data\Application Data
07/02/2016 03:44 PM Application Data [C:\Users\PCPitstopSVC\AppData\Local]
07/02/2016 03:44 PM History [C:\Users\PCPitstopSVC\AppData\Local\Microsoft\Wind ows\History]
07/02/2016 03:44 PM Temporary Internet Files [C:\Users\PCPitstopSVC\AppData\Local\Microsoft\Wind ows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\PCPitstopSVC\Local Settings\Application Data\Application Data\Application Data\Application Data
07/02/2016 03:44 PM Application Data [C:\Users\PCPitstopSVC\AppData\Local]
07/02/2016 03:44 PM History [C:\Users\PCPitstopSVC\AppData\Local\Microsoft\Wind ows\History]
07/02/2016 03:44 PM Temporary Internet Files [C:\Users\PCPitstopSVC\AppData\Local\Microsoft\Wind ows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\PCPitstopSVC\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data
07/02/2016 03:44 PM Application Data [C:\Users\PCPitstopSVC\AppData\Local]
07/02/2016 03:44 PM History [C:\Users\PCPitstopSVC\AppData\Local\Microsoft\Wind ows\History]
07/02/2016 03:44 PM Temporary Internet Files [C:\Users\PCPitstopSVC\AppData\Local\Microsoft\Wind ows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\PCPitstopSVC\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
07/02/2016 03:44 PM Application Data [C:\Users\PCPitstopSVC\AppData\Local]
07/02/2016 03:44 PM History [C:\Users\PCPitstopSVC\AppData\Local\Microsoft\Wind ows\History]
07/02/2016 03:44 PM Temporary Internet Files [C:\Users\PCPitstopSVC\AppData\Local\Microsoft\Wind ows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\PCPitstopSVC\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
07/02/2016 03:44 PM Application Data [C:\Users\PCPitstopSVC\AppData\Local]
07/02/2016 03:44 PM History [C:\Users\PCPitstopSVC\AppData\Local\Microsoft\Wind ows\History]
07/02/2016 03:44 PM Temporary Internet Files [C:\Users\PCPitstopSVC\AppData\Local\Microsoft\Wind ows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\PCPitstopSVC\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
07/02/2016 03:44 PM Application Data [C:\Users\PCPitstopSVC\AppData\Local]
07/02/2016 03:44 PM History [C:\Users\PCPitstopSVC\AppData\Local\Microsoft\Wind ows\History]
07/02/2016 03:44 PM Temporary Internet Files [C:\Users\PCPitstopSVC\AppData\Local\Microsoft\Wind ows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\PCPitstopSVC\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
07/02/2016 03:44 PM Application Data [C:\Users\PCPitstopSVC\AppData\Local]
07/02/2016 03:44 PM History [C:\Users\PCPitstopSVC\AppData\Local\Microsoft\Wind ows\History]
07/02/2016 03:44 PM Temporary Internet Files [C:\Users\PCPitstopSVC\AppData\Local\Microsoft\Wind ows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\PCPitstopSVC\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
07/02/2016 03:44 PM Application Data [C:\Users\PCPitstopSVC\AppData\Local]
07/02/2016 03:44 PM History [C:\Users\PCPitstopSVC\AppData\Local\Microsoft\Wind ows\History]
07/02/2016 03:44 PM Temporary Internet Files [C:\Users\PCPitstopSVC\AppData\Local\Microsoft\Wind ows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\PCPitstopSVC\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
07/02/2016 03:44 PM Application Data [C:\Users\PCPitstopSVC\AppData\Local]
07/02/2016 03:44 PM History [C:\Users\PCPitstopSVC\AppData\Local\Microsoft\Wind ows\History]
07/02/2016 03:44 PM Temporary Internet Files [C:\Users\PCPitstopSVC\AppData\Local\Microsoft\Wind ows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\PCPitstopSVC\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
07/02/2016 03:44 PM Application Data [C:\Users\PCPitstopSVC\AppData\Local]
07/02/2016 03:44 PM History [C:\Users\PCPitstopSVC\AppData\Local\Microsoft\Wind ows\History]
07/02/2016 03:44 PM Temporary Internet Files [.]
0 File(s) 0 bytes
Directory of C:\Users\PCPitstopSVC\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
07/02/2016 03:44 PM Application Data [.]
07/02/2016 03:44 PM History [.]
07/02/2016 03:44 PM Temporary Internet Files [.]
0 File(s) 0 bytes
Directory of C:\Users\PCPitstopSVC\My Documents
07/02/2016 03:44 PM My Music [C:\Users\PCPitstopSVC\Music]
07/02/2016 03:44 PM My Pictures [C:\Users\PCPitstopSVC\Pictures]
07/02/2016 03:44 PM My Videos [C:\Users\PCPitstopSVC\Videos]
0 File(s) 0 bytes
Directory of C:\Users\Public\Documents
07/14/2009 12:53 AM My Music [C:\Users\Public\Music]
07/14/2009 12:53 AM My Pictures [C:\Users\Public\Pictures]
07/14/2009 12:53 AM My Videos [C:\Users\Public\Videos]
0 File(s) 0 bytes
Total Files Listed:
0 File(s) 0 bytes
487 Dir(s) 1,951,056,351,232 bytes free

< MD5 for: AFD.SYS >
[2010/11/20 17:29:19 | 000,338,944 | ---- | M] (Microsoft Corporation) MD5=1151FD4FB0216CFED887BFDE29EBD516 – C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17514_none_d9efac7d bcaf385b\afd.sys
[2015/10/13 20:41:27 | 000,338,944 | ---- | M] (Microsoft Corporation) MD5=3EA58284BD7B72F78D505E82366F7E0C – C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.23237_none_da667526 d5da9ab2\afd.sys
[2016/06/29 16:50:30 | 000,338,944 | ---- | M] (Microsoft Corporation) MD5=66DD39CA12BAEB8D32111581769D9117 – C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.22457_none_da50efe2 d5eab341\afd.sys
[2015/10/13 12:31:53 | 000,338,944 | ---- | M] (Microsoft Corporation) MD5=93B49FA857F7036A4EFF32371F6E7391 – C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.19031_none_d9d6d4b9 bcc265b7\afd.sys
[2017/04/04 10:52:22 | 000,338,944 | ---- | M] (Microsoft Corporation) MD5=F582FC7976F1248AC5FBD6875C626B41 – C:\Windows\System32\drivers\afd.sys
[2017/04/04 10:52:22 | 000,338,944 | ---- | M] (Microsoft Corporation) MD5=F582FC7976F1248AC5FBD6875C626B41 – C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.23761_none_da400d24 d5f8483e\afd.sys
[2016/06/29 16:50:30 | 000,338,944 | ---- | M] (Microsoft Corporation) MD5=F81BB7E487EDCEAB630A7EE66CF23913 – C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.18264_none_d9b98067 bcd7e63c\afd.sys

< MD5 for: ATAPI.SYS >
[2009/07/13 21:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E – C:\AdwCleaner\quarantine\files\gbqmmquenhyrcdfsncy iuzwbmxwslgsb\DriverUpdate\Backups\20160801T180925 859811\internal_ide_channel\atapi.sys
[2009/07/13 21:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E – C:\AdwCleaner\quarantine\files\gbqmmquenhyrcdfsncy iuzwbmxwslgsb\DriverUpdate\Backups\20160801T180925 859811\pci\cc_0101\atapi.sys
[2009/07/13 21:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E – C:\AdwCleaner\quarantine\files\gbqmmquenhyrcdfsncy iuzwbmxwslgsb\DriverUpdate\Backups\20160817T192426 104112\internal_ide_channel\atapi.sys
[2009/07/13 21:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E – C:\AdwCleaner\quarantine\files\gbqmmquenhyrcdfsncy iuzwbmxwslgsb\DriverUpdate\Backups\20160817T192426 104112\pci\cc_0101\atapi.sys
[2009/07/13 21:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E – C:\AdwCleaner\quarantine\files\gbqmmquenhyrcdfsncy iuzwbmxwslgsb\DriverUpdate\Backups\20160831T181043 454415\internal_ide_channel\atapi.sys
[2009/07/13 21:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E – C:\AdwCleaner\quarantine\files\gbqmmquenhyrcdfsncy iuzwbmxwslgsb\DriverUpdate\Backups\20160831T181043 454415\pci\cc_0101\atapi.sys
[2009/07/13 21:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E – C:\AdwCleaner\quarantine\files\gbqmmquenhyrcdfsncy iuzwbmxwslgsb\DriverUpdate\Backups\20160926T121156 009\internal_ide_channel\atapi.sys
[2009/07/13 21:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E – C:\AdwCleaner\quarantine\files\gbqmmquenhyrcdfsncy iuzwbmxwslgsb\DriverUpdate\Backups\20160926T121156 009\pci\cc_0101\atapi.sys
[2009/07/13 21:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E – C:\Windows\System32\drivers\atapi.sys
[2009/07/13 21:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E – C:\Windows\System32\DriverStore\FileRepository\msh dc.inf_x86_neutral_a5025d31bee4647c\atapi.sys
[2009/07/13 21:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E – C:\Windows\System32\DriverStore\FileRepository\msh dc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009/07/13 21:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E – C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6 .1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
[2009/07/13 21:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E – C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6 .1.7601.18231_none_df26d4d57fdef5b0\atapi.sys
[2009/07/13 21:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E – C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6 .1.7601.22414_none_dfc9143c98e9a6c4\atapi.sys

< MD5 for: CDROM.SYS >
[2010/11/20 17:29:03 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 – C:\AdwCleaner\quarantine\files\gbqmmquenhyrcdfsncy iuzwbmxwslgsb\DriverUpdate\Backups\20160801T180925 859811\gencdrom\cdrom.sys
[2010/11/20 17:29:03 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 – C:\AdwCleaner\quarantine\files\gbqmmquenhyrcdfsncy iuzwbmxwslgsb\DriverUpdate\Backups\20160817T192426 104112\gencdrom\cdrom.sys
[2010/11/20 17:29:03 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 – C:\AdwCleaner\quarantine\files\gbqmmquenhyrcdfsncy iuzwbmxwslgsb\DriverUpdate\Backups\20160831T181043 454415\gencdrom\cdrom.sys
[2010/11/20 17:29:03 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 – C:\AdwCleaner\quarantine\files\gbqmmquenhyrcdfsncy iuzwbmxwslgsb\DriverUpdate\Backups\20160926T121156 009\gencdrom\cdrom.sys
[2010/11/20 17:29:03 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 – C:\Windows\System32\drivers\cdrom.sys
[2010/11/20 17:29:03 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 – C:\Windows\System32\DriverStore\FileRepository\cdr om.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010/11/20 17:29:03 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 – C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6 .1.7601.17514_none_61b0c5ce02098355\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011/02/26 01:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 – C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_5414 9f9ef14031fc\explorer.exe
[2010/11/20 17:29:20 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 – C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc 10fdd7fe87ca\explorer.exe
[2016/08/29 10:55:07 | 002,972,672 | ---- | M] (Microsoft Corporation) MD5=6DDCA324434FFA506CF7DC4E51DB7935 – C:\Windows\explorer.exe
[2016/08/29 10:55:07 | 002,972,672 | ---- | M] (Microsoft Corporation) MD5=6DDCA324434FFA506CF7DC4E51DB7935 – C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.23537_none_5432 df58f129e196\explorer.exe
[2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E – C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389 023fd8245f84\explorer.exe

< MD5 for: I8042PRT.SYS >
[2009/07/13 19:11:24 | 000,080,896 | ---- | M] (Microsoft Corporation) MD5=F151F0BDC47F4A28B1B20A0818EA36D6 – C:\Windows\System32\drivers\i8042prt.sys
[2009/07/13 19:11:24 | 000,080,896 | ---- | M] (Microsoft Corporation) MD5=F151F0BDC47F4A28B1B20A0818EA36D6 – C:\Windows\System32\DriverStore\FileRepository\key board.inf_x86_neutral_50ad659974198591\i8042prt.sy s
[2009/07/13 19:11:24 | 000,080,896 | ---- | M] (Microsoft Corporation) MD5=F151F0BDC47F4A28B1B20A0818EA36D6 – C:\Windows\System32\DriverStore\FileRepository\msm ouse.inf_x86_neutral_7a9084e0177406eb\i8042prt.sys
[2009/07/13 19:11:24 | 000,080,896 | ---- | M] (Microsoft Corporation) MD5=F151F0BDC47F4A28B1B20A0818EA36D6 – C:\Windows\winsxs\x86_keyboard.inf_31bf3856ad364e3 5_6.1.7601.17514_none_9955d7c4373b0589\i8042prt.sy s
[2009/07/13 19:11:24 | 000,080,896 | ---- | M] (Microsoft Corporation) MD5=F151F0BDC47F4A28B1B20A0818EA36D6 – C:\Windows\winsxs\x86_msmouse.inf_31bf3856ad364e35 _6.1.7600.16385_none_4e0a61a033aec8c3\i8042prt.sys

< MD5 for: NDIS.SYS >
[2012/08/22 13:05:16 | 000,712,048 | ---- | M] (Microsoft Corporation) MD5=15B74B6283CEBCCE3054C1001CA01B5E – C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.22097_none_aa0491cf 93ad1c31\ndis.sys
[2015/10/12 18:32:56 | 000,713,152 | ---- | M] (Microsoft Corporation) MD5=43C1C599FF590C875764CB6254A506B6 – C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.23235_none_aa435dc7 937e55cc\ndis.sys
[2012/08/22 13:16:46 | 000,712,048 | ---- | M] (Microsoft Corporation) MD5=8C9C922D71F1CD4DEF73F186416B7896 – C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17939_none_a9bdfee4 7a5cd154\ndis.sys
[2015/10/13 00:50:31 | 000,712,640 | ---- | M] (Microsoft Corporation) MD5=9804FB2E46077F2977552347DFCA7E05 – C:\Windows\System32\drivers\ndis.sys
[2015/10/13 00:50:31 | 000,712,640 | ---- | M] (Microsoft Corporation) MD5=9804FB2E46077F2977552347DFCA7E05 – C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.19030_none_a9b4bda4 7a653a28\ndis.sys
[2010/11/20 17:29:12 | 000,712,576 | ---- | M] (Microsoft Corporation) MD5=E7C54812A2AAF43316EB6930C1FFA108 – C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_a9ce95b2 7a512623\ndis.sys

< MD5 for: NETBT.SYS >
[2010/11/20 17:29:08 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=280122DDCF04B378EDD1AD54D71C1E54 – C:\Windows\winsxs\x86_microsoft-windows-netbt_31bf3856ad364e35_6.1.7601.17514_none_626c324 d55864070\netbt.sys
[2016/05/11 10:52:27 | 000,188,928 | ---- | M] (Microsoft Corporation) MD5=A00996C9BFEF29A93B9F21DBE1DC502D – C:\Windows\System32\drivers\netbt.sys
[2016/05/11 10:52:27 | 000,188,928 | ---- | M] (Microsoft Corporation) MD5=A00996C9BFEF29A93B9F21DBE1DC502D – C:\Windows\winsxs\x86_microsoft-windows-netbt_31bf3856ad364e35_6.1.7601.23451_none_62c75d2 e6ec73ced\netbt.sys

< MD5 for: TDX.SYS >
[2017/05/10 10:47:49 | 000,074,752 | ---- | M] (Microsoft Corporation) MD5=01743A8A62F2C0488F9C4F6D25C21B2C – C:\Windows\System32\drivers\tdx.sys
[2017/05/10 10:47:49 | 000,074,752 | ---- | M] (Microsoft Corporation) MD5=01743A8A62F2C0488F9C4F6D25C21B2C – C:\Windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.1.7601.23806_none_ecdb75b e536ba5d9\tdx.sys
[2017/04/04 10:52:12 | 000,074,752 | ---- | M] (Microsoft Corporation) MD5=0D4CE846B6461A89CF246636E6098323 – C:\Windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.1.7601.23761_none_ec9592d e53a0d1a5\tdx.sys
[2015/10/13 20:41:04 | 000,074,752 | ---- | M] (Microsoft Corporation) MD5=0E5C6676F9ABDB1C54C461EA5BA8175B – C:\Windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.1.7601.23237_none_ecbbfae 053832419\tdx.sys
[2010/11/20 17:29:07 | 000,074,752 | ---- | M] (Microsoft Corporation) MD5=B459575348C20E8121D6039DA063C704 – C:\Windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.1.7601.17514_none_ec45323 73a57c1c2\tdx.sys
[2015/10/13 12:31:24 | 000,074,752 | ---- | M] (Microsoft Corporation) MD5=BB8817D0508DD5EA69C770C8DEF5AB67 – C:\Windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.1.7601.19031_none_ec2c5a7 33a6aef1e\tdx.sys

< MD5 for: VOLSNAP.SYS >
[2010/11/20 17:29:03 | 000,245,632 | ---- | M] (Microsoft Corporation) MD5=F497F67932C6FA693D7DE2780631CFE7 – C:\AdwCleaner\quarantine\files\gbqmmquenhyrcdfsncy iuzwbmxwslgsb\DriverUpdate\Backups\20160801T180925 859811\storage\volume\volsnap.sys
[2010/11/20 17:29:03 | 000,245,632 | ---- | M] (Microsoft Corporation) MD5=F497F67932C6FA693D7DE2780631CFE7 – C:\AdwCleaner\quarantine\files\gbqmmquenhyrcdfsncy iuzwbmxwslgsb\DriverUpdate\Backups\20160817T192426 104112\storage\volume\volsnap.sys
[2010/11/20 17:29:03 | 000,245,632 | ---- | M] (Microsoft Corporation) MD5=F497F67932C6FA693D7DE2780631CFE7 – C:\AdwCleaner\quarantine\files\gbqmmquenhyrcdfsncy iuzwbmxwslgsb\DriverUpdate\Backups\20160831T181043 454415\storage\volume\volsnap.sys
[2010/11/20 17:29:03 | 000,245,632 | ---- | M] (Microsoft Corporation) MD5=F497F67932C6FA693D7DE2780631CFE7 – C:\AdwCleaner\quarantine\files\gbqmmquenhyrcdfsncy iuzwbmxwslgsb\DriverUpdate\Backups\20160926T121156 009\storage\volume\volsnap.sys
[2010/11/20 17:29:03 | 000,245,632 | ---- | M] (Microsoft Corporation) MD5=F497F67932C6FA693D7DE2780631CFE7 – C:\Windows\System32\drivers\volsnap.sys
[2010/11/20 17:29:03 | 000,245,632 | ---- | M] (Microsoft Corporation) MD5=F497F67932C6FA693D7DE2780631CFE7 – C:\Windows\System32\DriverStore\FileRepository\vol ume.inf_x86_neutral_6dee0205881d1a1d\volsnap.sys
[2010/11/20 17:29:03 | 000,245,632 | ---- | M] (Microsoft Corporation) MD5=F497F67932C6FA693D7DE2780631CFE7 – C:\Windows\winsxs\x86_volume.inf_31bf3856ad364e35_ 6.1.7601.17514_none_17be216c5a5713d8\volsnap.sys

< MD5 for: WININIT.EXE >
[2009/07/13 21:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 – C:\Windows\System32\wininit.exe
[2009/07/13 21:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 – C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90 ef265a43c13\wininit.exe

< MD5 for: WINLOGON.EXE >
[2014/07/15 22:56:14 | 000,304,640 | ---- | M] (Microsoft Corporation) MD5=4F37B93C14AEE313BEC52A23AFB15C2E – C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22750_none_7224 b2134c7555fa\winlogon.exe
[2014/07/16 21:39:27 | 000,304,128 | ---- | M] (Microsoft Corporation) MD5=52449FD429D6053B78AE564DEF303870 – C:\Windows\System32\winlogon.exe
[2014/07/16 21:39:27 | 000,304,128 | ---- | M] (Microsoft Corporation) MD5=52449FD429D6053B78AE564DEF303870 – C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18540_none_71a5 e34e334f9d18\winlogon.exe
[2010/11/20 17:29:06 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 – C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca 6b0233339500\winlogon.exe
[2014/03/04 05:17:02 | 000,304,128 | ---- | M] (Microsoft Corporation) MD5=998507B046BA314CE8245364C686FA67 – C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_71da 23b23327143c\winlogon.exe
[2016/07/27 18:38:59 | 000,074,240 | ---- | M] () MD5=A6C645EF2F30ABF61FCDBE5E76999730 – C:\QuickDiag\MBR\Winlogon.exe
[2014/03/04 06:39:02 | 000,304,640 | ---- | M] (Microsoft Corporation) MD5=D53972F87D850CD2EB4B29B60CAFDD77 – C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_7255 f1994c4f8119\winlogon.exe

< End of report >[/COLOR][/COLOR][/COLOR][/COLOR][/COLOR][/COLOR][/COLOR][/COLOR][/COLOR]

hello

uninstall this , it’s useless :

Google Toolbar for Internet Explorer

==

you’d better use firefox than Google Chrome for these reasons :


[URL unfurl="true"]https://translate.google.com/translate?sl=fr&tl=en&js=y&prev=_t&hl=fr&ie=UTF-8&u=http://www.revoltenumerique.herbesfolles.org/2014/04/23/pourquoi-vous-ne-devriez-pas-utiliser-google-chrome/&edit-text=[/URL]
[URL unfurl="true"]https://translate.google.com/translate?sl=fr&tl=en&js=y&prev=_t&hl=fr&ie=UTF-8&u=http://www.zebulon.fr/actualites/16099-google-permet-a-doubleclick-d-acceder-aux-informations-personnelles-des-utilisateurs.html&edit-text=[/URL]
[URL unfurl="true"]https://translate.google.com/translate?sl=fr&tl=en&js=y&prev=_t&hl=fr&ie=UTF-8&u=https://www.developpez.com/actu/106316/Mozilla-et-Google-retirent-l-extension-WOT-de-leurs-stores-apres-un-scandale-de-collecte-et-vente-des-donnees-personnelles-de-ses-utilisateurs/&edit-text=[/URL]

==

firefox is not up to date , we’re now at the version 54

==

copy the text which is between the red lines and paste it In the lower part of OTL and click “Run Fix”

[MEDIA=imgur]jwfpUVl[/MEDIA]

===========================================

:OTL
DRV - File not found [Kernel | On_Demand | Stopped] – system32\drivers\mfeplk.sys – (mfeplk)
FF - prefs.js..browser.search.selectedEngine: “Yahoo! Powered”
FF - user.js - File not found

:Reg
[-HKEY_CURRENT_USER\Software\Chromium]
[-HKEY_CURRENT_USER\Software\jtosjykc]
[-HKEY_CURRENT_USER\Software\ovbrx]
[-HKEY_CURRENT_USER\Software\DriverSupport]
[-HKEY_LOCAL_MACHINE\Software\DriverSupport]

:files
C:\95fcae343f4f0cedab9b17240bf8
C:\ProgramData\Norton
C:\ProgramData\NortonInstaller
C:\ProgramData\Driver Support
C:\Users\hilton\AppData\Local\76f7c66
C:\Users\hilton\AppData\Local\McAfee File Lock
C:\Users\hilton\AppData\Roaming\McAfee
C:\Program Files\Driver Support
C:\Program Files\McAfee
C:\Program Files\Norton Security
C:\Program Files\NortonInstaller
C:\Windows\Temp*
C:\Users\hilton\AppData\Roaming\TotalAV
C:\Users\hilton\Desktop\Login - Login - TotalAV.website
C:\Users\hilton\Documents\TotalAV
C:\Program Files\Common Files\McAfee

:commands
[emptytemp]

===============================================

then after , paste the content of the report C:_OTL\Moved Files\date_Hour.log

ok ..got rid of toolbar and made foxfire my default..cut off all FW/Vinous stuff and ran OTL..the reports went into notepad and don’t see the url you gave me any where so hope this works

hello you didn’t click on “correction” but you did “Analyse” lol ^^

At sort of at an empass here..due to my health problems i am unable to get to computer…hopefully it5 will only be a short time…so will holler at you when ii get back on it..
Thanks for the help and patience..
Hefs

Hello no problem , I’ll wait the time It’ll take

Well,good news for you..my sister and niece are buying me a new lap top..it is too much trouble to get to this one and it is 9 yrs old and time to retire it..
My only problem is I don’t want to transfer the problems from this one to the new ones…you have any ideas or is there a board on here that can help me..
I really appreciate all of your patience and help and sorry for beaing a PIA..My old 75 yr old brain just jumps time too much..
Thanks again,
Hefs

Please start a new thread in the windows area for your file transfer. You should however complete this thread to ensure there is no malware transfer to your new machine.

ok..please end this thread..will have new computer in a day or two..thanks for every thing…
hefs

hello these last days , My Box was out of order, I’ll take care of it on monday , it written 8888 , a horror , no intenet, no phone… absolutely nothing, yes in france my aswers come to late that you hoped for them,We do not have the same lol lifetimes, I’m sorry for this unpleasantness sorry but I uesed GoogleTrad tu write this, I didn’t know how to say " désagrément" in english ^^

Wow..sorry to hear of your6problems and6 hope you get back online soon..
Agin thanks for all your help and you can mark this one closed..will have new computer in a few days.

verry sorry it’s a horror , without internet I can’t live I like so much to help people with their machines , I realised to connect me on another machine from a neighbourg(neighbourhood ? ) but it’s not very that… sometimes the connection goes out, sometimes it freezes , i’m not sure to keep it really working 'till I I’ve not my real connection , for now , I’m waiting for the news from my F.A.I ( Internet Access “Dealer” ) sorry perhaps I think you’ll find my english isn’t wonderful but I think you’ll understand lol