Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Suspected infection - random files in startup in taskmanager


  • This topic is locked This topic is locked
10 replies to this topic

#1 jayok321

jayok321

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:10:50 AM

Posted 24 August 2016 - 09:42 AM

Hey. How is everyone doing. So I've been having problems with malware/viruses and I have no clue when it started.  It first started when I kept getting popups about some Auto.it trojan from Windows Defender that kept recurring after it qurantined it and every time I restarted my computer. Knowing a little bit about removing viruses, I immediately downloaded Malwarebytes and scanned my computer with it.  It found a few Auto.it trojans in my roaming folder. I deleted them and all was well.  Forward a couple days and then I get a popup from windows defender again detecting another infection, a Worm.Rehib this time. Every time I try to remove it with an AV, I find it back on my computer. I also checked task manager and there's this weird file called FiifUKeTRYfhPYSQHHVHd and I expand it and my windows explorer is listed under it. So ya, any help would be greatly appreciated. I'm also running Windows 10 x64



BC AdBot (Login to Remove)

 


#2 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:04:50 PM

Posted 25 August 2016 - 10:20 AM

Hi & :welcome: to Bleeping Computer Forums!
My name is Jürgen and I will be assisting you with your Malware related problems. :warrior:

Before we move on, please read the following points carefully: :exclame:
  • My native language isn't English. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.
  • Please read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem.
  • If you have illegal/cracked software, cracks, keygens, etc. on the system, please remove or uninstall them now!
  • Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 5 days from this initial or any subsequent post, then this thread will be closed.
  • If I don't reply within 24 hours please PM me!
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
Step 1

Please run a FRST scan. This will help us diagnose your problem.

frst.pngfrstscan.png
Please download Farbar Recovery Scan Tool and save it to your Desktop.
(If you are not sure which version (32-/64-bit) applies to your system, download and try to start both of them as just the right one will run.)
  • Start FRST with administator privileges.
  • Make sure the option Addition.txt is checked and press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
  • Please copy and paste these logs in your next reply.

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#3 jayok321

jayok321
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:10:50 AM

Posted 25 August 2016 - 03:43 PM

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-08-2016 01
Ran by GaberFamily (administrator) on GABER-FAMILY (25-08-2016 16:41:07)
Running from C:\Users\GaberFamily\Desktop
Loaded Profiles: GaberFamily (Available Profiles: GaberFamily)
Platform: Windows 10 Pro Version 1607 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagenta.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Rivet Networks) C:\Program Files\Killer Networking\Network Manager\KillerService.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
() C:\Windows\System32\PnkBstrA.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Users\GaberFamily\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(Hauppauge Computer Works, Inc.) D:\Program Files (x86)\Hauppauge\DeviceCentral\HcwDCTrayTool.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Hauppauge Computer Works, Inc.) D:\Program Files (x86)\Hauppauge\DeviceCentral\HcwDevCentralService.exe
(Corsair Components, Inc.) C:\Program Files (x86)\Corsair\Corsair Utility Engine\CorsairHID.exe
(Rivet Networks) C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.102.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Farbar) C:\Users\GaberFamily\Desktop\FRST64 (1).exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8844032 1999-12-31] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-04-28] (Adobe Systems Incorporated)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [15033976 2015-11-20] (Logitech Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-06-14] (NVIDIA Corporation)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163800 2016-07-30] (IvoSoft)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-07-26] (Apple Inc.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [439440 2011-09-27] (CANON INC.)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [204560 2016-08-18] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [Corsair Utility Engine] => C:\Program Files (x86)\Corsair\Corsair Utility Engine\CorsairHID.exe [14885552 2016-03-23] (Corsair Components, Inc.)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [522552 2015-12-10] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [231736 2015-12-10] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [6709008 2016-07-28] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-2744257987-3702739802-1486994692-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [29500544 2016-07-13] (Skype Technologies S.A.)
HKU\S-1-5-21-2744257987-3702739802-1486994692-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2857248 2016-08-23] (Valve Corporation)
HKU\S-1-5-21-2744257987-3702739802-1486994692-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [3582240 2016-08-03] (Nota Inc.)
HKU\S-1-5-21-2744257987-3702739802-1486994692-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7943072 2016-07-19] (SUPERAntiSpyware)
HKU\S-1-5-21-2744257987-3702739802-1486994692-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8894680 2016-08-05] (Piriform Ltd)
HKU\S-1-5-21-2744257987-3702739802-1486994692-1001\...\Winlogon: [Shell] c:\windows\explorer.exe [4673304 2016-07-16] (Microsoft Corporation) <==== ATTENTION
HKU\S-1-5-18\...\Run: [KSS] => "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe" autorun
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
ShellIconOverlayIdentifiers: [HardLinkMenu] -> {0A479751-02BC-11d3-A855-0004AC2568AA} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2015-10-04] (Hermann Schinagl)
ShellIconOverlayIdentifiers: [IconOverlayHardLink] -> {0A479751-02BC-11d3-A855-0004AC2568DD} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2015-10-04] (Hermann Schinagl)
ShellIconOverlayIdentifiers: [IconOverlaySymbolicLink] -> {0A479751-02BC-11d3-A855-0004AC2568EE} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2015-10-04] (Hermann Schinagl)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [HardLinkMenu] -> {0A479751-02BC-11d3-A855-0004AC2568AA} => C:\Program Files\LinkShellExtension\32\HardlinkShellExt.dll [2015-10-04] (Hermann Schinagl)
ShellIconOverlayIdentifiers-x32: [IconOverlayHardLink] -> {0A479751-02BC-11d3-A855-0004AC2568DD} => C:\Program Files\LinkShellExtension\32\HardlinkShellExt.dll [2015-10-04] (Hermann Schinagl)
ShellIconOverlayIdentifiers-x32: [IconOverlaySymbolicLink] -> {0A479751-02BC-11d3-A855-0004AC2568EE} => C:\Program Files\LinkShellExtension\32\HardlinkShellExt.dll [2015-10-04] (Hermann Schinagl)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Hauppauge Device Properties.lnk [2016-06-16]
ShortcutTarget: Hauppauge Device Properties.lnk -> D:\Program Files (x86)\Hauppauge\DeviceCentral\HcwDCTrayTool.exe (Hauppauge Computer Works, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2015-08-01]
ShortcutTarget: Killer Network Manager.lnk -> C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe (Rivet Networks)
Startup: C:\Users\GaberFamily\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ePMGJCiIfeWIIffc.cmd.lnk [2016-08-20]
ShortcutTarget: ePMGJCiIfeWIIffc.cmd.lnk -> C:\Users\GaberFamily\AppData\Roaming\RfFceaKHcDZaFLIZiVLLY.cmd (No File)
Startup: C:\Users\GaberFamily\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SDNaUAOfcYRaVWVC.cmd.lnk [2016-08-24]
ShortcutTarget: SDNaUAOfcYRaVWVC.cmd.lnk -> C:\Users\GaberFamily\AppData\Roaming\fiifUKeTRYfhPYSQHHVHd.cmd (No File)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{d038c1b3-860d-4d13-9d7b-bf56d96a4d0d}: [DhcpNameServer] 209.222.18.222 209.222.18.218
Tcpip\..\Interfaces\{da7ff714-9411-4f11-a9ab-2120f057f175}: [DhcpNameServer] 192.168.1.1
 
Internet Explorer:
==================
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-08-23] (Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-08-23] (Microsoft Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2016-07-30] (IvoSoft)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-08-23] (Microsoft Corporation)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-08-23] (Microsoft Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2016-07-30] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
DPF: HKLM-x32 {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} hxxps://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1457669417348
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-23] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-23] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-23] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-23] (Microsoft Corporation)
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
 
FireFox:
========
FF ProfilePath: C:\Users\GaberFamily\AppData\Roaming\Mozilla\Firefox\Profiles\4lvfnymv.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-12] ()
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-12] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1219160.dll [2015-07-23] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2015-12-10] (Citrix Systems, Inc.)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-08-23] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-08-23] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-08-11] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-08-11] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-21] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-21] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems)
FF Extension: (Thumbnail Zoom Plus) - C:\Users\GaberFamily\AppData\Roaming\Mozilla\Firefox\Profiles\4lvfnymv.default\extensions\thumbnailZoom@dadler.github.com.xpi [2015-08-03]
FF Extension: (Avira Browser Safety) - C:\Users\GaberFamily\AppData\Roaming\Mozilla\Firefox\Profiles\4lvfnymv.default\Extensions\abs@avira.com [2016-08-24]
FF Extension: (Adblock Plus) - C:\Users\GaberFamily\AppData\Roaming\Mozilla\Firefox\Profiles\4lvfnymv.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-10-10]
 
Chrome: 
=======
CHR Profile: C:\Users\GaberFamily\AppData\Local\Google\Chrome\User Data\Default
CHR Profile: C:\Users\GaberFamily\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Docs) - C:\Users\GaberFamily\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-18]
CHR Extension: (Google Drive) - C:\Users\GaberFamily\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-18]
CHR Extension: (YouTube) - C:\Users\GaberFamily\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-18]
CHR Extension: (uBlock Origin) - C:\Users\GaberFamily\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2016-08-20]
CHR Extension: (Google Search) - C:\Users\GaberFamily\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-18]
CHR Extension: (Google Docs Offline) - C:\Users\GaberFamily\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-19]
CHR Extension: (Chrome Web Store Payments) - C:\Users\GaberFamily\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Gmail) - C:\Users\GaberFamily\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-18]
CHR Extension: (Chrome Media Router) - C:\Users\GaberFamily\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-18]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [674552 2016-07-28] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [5267456 2016-07-28] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1097488 2016-08-18] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [760024 2016-07-28] (AVG Technologies CZ, s.r.o.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1345056 2016-02-17] ()
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2981056 2016-08-11] (Microsoft Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-06-14] (NVIDIA Corporation)
R3 HcwDevCentralService; D:\Program Files (x86)\Hauppauge\DeviceCentral\HcwDevCentralService.exe [396104 2016-01-27] (Hauppauge Computer Works, Inc.)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [374360 2016-05-27] (Intel Corporation)
R2 Killer Service V2; C:\Program Files\Killer Networking\Network Manager\KillerService.exe [442880 2015-07-28] (Rivet Networks) [File not signed]
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193144 2015-11-20] (Logitech Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-06-14] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-06-14] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-06-14] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2016-06-14] (Electronic Arts)
S3 PAExec; C:\WINDOWS\PAExec.exe [189112 2016-07-07] (Power Admin LLC)
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2016-05-15] ()
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2016-05-15] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-02-28] (Riverbed Technology, Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-07-16] (Microsoft Corporation)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7183632 2016-07-18] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [21632 2016-01-07] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [163072 2016-05-13] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [314112 2016-06-30] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [261376 2016-06-01] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [260352 2016-06-01] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [261888 2016-07-19] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [52992 2016-06-01] (AVG Technologies CZ, s.r.o.)
R0 avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [77056 2016-06-20] (AVG Technologies CZ, s.r.o.)
R1 BfLwf; C:\Windows\system32\DRIVERS\bwcW10x64.sys [116272 2015-07-24] (Rivet Networks, LLC.)
S3 CM_VENDER_CMD; C:\Program Files\Common Files\Logitech\G430Install\CMVC64.sys [17104 2014-07-30] (Windows ® Win 7 DDK provider)
R3 CorsairVBusDriver; C:\Windows\System32\drivers\CorsairVBusDriver.sys [47840 2016-01-20] (Corsair)
R3 CorsairVHidDriver; C:\Windows\System32\drivers\CorsairVHidDriver.sys [21728 2016-01-20] (Corsair)
S3 EvolveVirtualAdapter; C:\Windows\System32\drivers\evolve.sys [21656 2016-07-30] (Echobit, LLC)
S3 hcwE5bda; C:\Windows\system32\drivers\hcwE5bda.sys [985096 2016-02-08] (Hauppauge Computer Work, Inc.)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-02-26] (REALiX™)
R3 KillerEth; C:\Windows\System32\drivers\e22w10x64.sys [156744 2016-02-26] (Qualcomm Atheros, Inc.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\Windows\system32\drivers\LGJoyXlCore.sys [68384 2015-06-10] (Logitech Inc.)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-02-28] (Riverbed Technology, Inc.)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_72b89f8d71abda5d\nvlddmkm.sys [14199352 2016-08-16] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-06-14] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
S3 SMIGrabber3C; C:\Windows\System32\Drivers\SmiUsbGrabber3C.sys [821888 2011-01-26] (Windows ® Win 7 DDK provider)
S1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [121248 2016-08-16] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [195936 2016-08-16] (Oracle Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 X86BDA; C:\Windows\system32\DRIVERS\OEMDrv.sys [268416 2011-06-08] ( ) [File not signed]
R3 XtuAcpiDriver; C:\Windows\System32\drivers\XtuAcpiDriver.sys [63840 2015-12-09] (Intel Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-08-25 16:41 - 2016-08-25 16:41 - 00029056 _____ C:\Users\GaberFamily\Desktop\FRST.txt
2016-08-25 16:39 - 2016-08-25 16:40 - 02396160 _____ (Farbar) C:\Users\GaberFamily\Desktop\FRST64 (1).exe
2016-08-24 19:33 - 2016-08-24 19:33 - 00284564 _____ C:\TDSSKiller.3.1.0.11_24.08.2016_19.33.26_log.txt
2016-08-24 11:18 - 2016-08-24 11:18 - 00284576 _____ C:\TDSSKiller.3.1.0.11_24.08.2016_11.18.03_log.txt
2016-08-24 10:51 - 2016-08-24 10:51 - 00002876 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2016-08-24 10:51 - 2016-08-24 10:51 - 00000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-08-24 10:51 - 2016-08-24 10:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-08-24 10:51 - 2016-08-24 10:51 - 00000000 ____D C:\Program Files\CCleaner
2016-08-24 10:26 - 2016-08-24 10:26 - 00000000 ____D C:\Users\GaberFamily\AppData\Roaming\Runscanner.net
2016-08-24 09:53 - 2016-08-24 09:53 - 00001849 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2016-08-24 09:53 - 2016-08-24 09:53 - 00000000 ____D C:\Users\GaberFamily\AppData\Roaming\SUPERAntiSpyware.com
2016-08-24 09:53 - 2016-08-24 09:53 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2016-08-24 09:53 - 2016-08-24 09:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2016-08-24 09:53 - 2016-08-24 09:53 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2016-08-24 09:13 - 2016-08-24 09:13 - 00284270 _____ C:\TDSSKiller.3.1.0.11_24.08.2016_09.13.33_log.txt
2016-08-24 09:01 - 2016-08-24 09:01 - 02932230 _____ C:\Users\GaberFamily\Desktop\GSC INJECTOR FOLDER.zip
2016-08-24 09:01 - 2016-08-24 09:01 - 00021864 _____ C:\Users\GaberFamily\Desktop\BO2_GSC_Injector.sprx
2016-08-24 09:01 - 2016-08-24 09:01 - 00000000 ____D C:\Users\GaberFamily\Desktop\BO2_GSC_INJECTOR
2016-08-24 09:00 - 2016-08-24 09:00 - 00016274 _____ C:\Users\GaberFamily\Desktop\BO2_GSC_Injector.cfg
2016-08-24 08:45 - 2016-08-24 08:45 - 00000000 ___HD C:\$AVG
2016-08-24 08:45 - 2016-08-24 08:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2016-08-24 08:35 - 2016-08-25 16:41 - 00000000 ____D C:\FRST
2016-08-24 08:07 - 2016-08-06 00:33 - 00354264 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-08-24 08:07 - 2016-08-06 00:31 - 00041824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2016-08-24 08:07 - 2016-08-06 00:30 - 01883784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-08-24 08:07 - 2016-08-06 00:30 - 01349128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-08-24 08:07 - 2016-08-06 00:30 - 01163696 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-08-24 08:07 - 2016-08-06 00:29 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-08-24 08:07 - 2016-08-06 00:26 - 01176664 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2016-08-24 08:07 - 2016-08-06 00:26 - 00409944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2016-08-24 08:07 - 2016-08-06 00:18 - 00584032 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-08-24 08:07 - 2016-08-06 00:18 - 00396168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-08-24 08:07 - 2016-08-06 00:17 - 00790760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2016-08-24 08:07 - 2016-08-06 00:17 - 00450400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-08-24 08:07 - 2016-08-06 00:17 - 00224096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-08-24 08:07 - 2016-08-06 00:16 - 01099104 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2016-08-24 08:07 - 2016-08-06 00:16 - 00987488 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2016-08-24 08:07 - 2016-08-06 00:16 - 00942432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2016-08-24 08:07 - 2016-08-06 00:16 - 00807776 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2016-08-24 08:07 - 2016-08-06 00:16 - 00435040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-08-24 08:07 - 2016-08-06 00:16 - 00073568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2016-08-24 08:07 - 2016-08-06 00:16 - 00020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2016-08-24 08:07 - 2016-08-06 00:13 - 00381760 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-08-24 08:07 - 2016-08-06 00:09 - 00151224 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-08-24 08:07 - 2016-08-06 00:08 - 02537816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-08-24 08:07 - 2016-08-06 00:08 - 02251432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-08-24 08:07 - 2016-08-06 00:08 - 01430208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-08-24 08:07 - 2016-08-06 00:08 - 00843104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-08-24 08:07 - 2016-08-06 00:08 - 00509784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-08-24 08:07 - 2016-08-06 00:03 - 20965240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-08-24 08:07 - 2016-08-06 00:03 - 01360456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-08-24 08:07 - 2016-08-06 00:03 - 01343928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2016-08-24 08:07 - 2016-08-06 00:03 - 00980824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-08-24 08:07 - 2016-08-06 00:03 - 00955008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-08-24 08:07 - 2016-08-06 00:03 - 00529928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2016-08-24 08:07 - 2016-08-06 00:03 - 00036168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe
2016-08-24 08:07 - 2016-08-05 23:48 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-08-24 08:07 - 2016-08-05 23:48 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2016-08-24 08:07 - 2016-08-05 23:48 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.exe
2016-08-24 08:07 - 2016-08-05 23:47 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2016-08-24 08:07 - 2016-08-05 23:47 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2016-08-24 08:07 - 2016-08-05 23:46 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2016-08-24 08:07 - 2016-08-05 23:45 - 00327680 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
2016-08-24 08:07 - 2016-08-05 23:45 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2016-08-24 08:07 - 2016-08-05 23:45 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2016-08-24 08:07 - 2016-08-05 23:45 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiougc.exe
2016-08-24 08:07 - 2016-08-05 23:45 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2016-08-24 08:07 - 2016-08-05 23:45 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netiougc.exe
2016-08-24 08:07 - 2016-08-05 23:44 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2016-08-24 08:07 - 2016-08-05 23:44 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceassociation.dll
2016-08-24 08:07 - 2016-08-05 23:43 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_WorkAccess.dll
2016-08-24 08:07 - 2016-08-05 23:43 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipboardServer.dll
2016-08-24 08:07 - 2016-08-05 23:43 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2016-08-24 08:07 - 2016-08-05 23:42 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-08-24 08:07 - 2016-08-05 23:42 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-08-24 08:07 - 2016-08-05 23:42 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ClipboardServer.dll
2016-08-24 08:07 - 2016-08-05 23:41 - 00554496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-08-24 08:07 - 2016-08-05 23:41 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2016-08-24 08:07 - 2016-08-05 23:41 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2016-08-24 08:07 - 2016-08-05 23:41 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncPolicy.dll
2016-08-24 08:07 - 2016-08-05 23:40 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-08-24 08:07 - 2016-08-05 23:40 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-08-24 08:07 - 2016-08-05 23:40 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafpos.dll
2016-08-24 08:07 - 2016-08-05 23:40 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpipcfg.dll
2016-08-24 08:07 - 2016-08-05 23:40 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2016-08-24 08:07 - 2016-08-05 23:39 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2016-08-24 08:07 - 2016-08-05 23:39 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-08-24 08:07 - 2016-08-05 23:39 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tcpipcfg.dll
2016-08-24 08:07 - 2016-08-05 23:38 - 17187328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-08-24 08:07 - 2016-08-05 23:38 - 00526848 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-08-24 08:07 - 2016-08-05 23:37 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-08-24 08:07 - 2016-08-05 23:37 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-08-24 08:07 - 2016-08-05 23:35 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2016-08-24 08:07 - 2016-08-05 23:34 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2016-08-24 08:07 - 2016-08-05 23:34 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2016-08-24 08:07 - 2016-08-05 23:34 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CastLaunch.dll
2016-08-24 08:07 - 2016-08-05 23:33 - 01304576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2016-08-24 08:07 - 2016-08-05 23:33 - 01106432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2016-08-24 08:07 - 2016-08-05 23:33 - 01082368 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-08-24 08:07 - 2016-08-05 23:33 - 00396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-08-24 08:07 - 2016-08-05 23:31 - 12174336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-08-24 08:07 - 2016-08-05 23:31 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2016-08-24 08:07 - 2016-08-05 23:30 - 13080576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-08-24 08:07 - 2016-08-05 23:28 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-08-24 08:07 - 2016-08-05 23:28 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2016-08-24 08:07 - 2016-08-05 23:28 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2016-08-24 08:07 - 2016-08-05 23:26 - 00758784 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-08-24 08:07 - 2016-08-05 23:26 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-08-24 08:07 - 2016-08-05 23:25 - 03116032 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAJApi.dll
2016-08-24 08:07 - 2016-08-05 23:24 - 02680832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-08-24 08:07 - 2016-08-05 23:24 - 02095616 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-08-24 08:07 - 2016-08-05 23:24 - 02026496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-08-24 08:07 - 2016-08-05 23:24 - 01875456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-08-24 08:07 - 2016-08-05 23:23 - 02370048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-08-24 08:07 - 2016-08-05 23:23 - 01062400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-08-24 08:07 - 2016-08-05 23:23 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-08-24 08:07 - 2016-08-05 23:23 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-08-24 08:07 - 2016-08-05 23:21 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2016-08-24 08:07 - 2016-08-05 23:19 - 01812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2016-08-24 08:07 - 2016-08-05 05:14 - 01066328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2016-08-24 08:07 - 2016-08-05 05:12 - 05622600 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2016-08-24 08:07 - 2016-08-05 05:10 - 00939872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pidgenx.dll
2016-08-24 08:07 - 2016-08-05 05:05 - 00665768 _____ (Microsoft Corporation) C:\WINDOWS\system32\GenValObj.exe
2016-08-24 08:07 - 2016-08-05 04:29 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.UXRes.dll
2016-08-24 08:07 - 2016-08-05 04:28 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2016-08-24 08:07 - 2016-08-05 04:22 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2016-08-24 08:07 - 2016-08-05 04:20 - 00538112 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2016-08-24 08:07 - 2016-08-05 04:08 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\slc.dll
2016-08-24 08:07 - 2016-08-05 04:07 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-08-24 08:06 - 2016-08-24 08:07 - 00277742 _____ C:\TDSSKiller.3.1.0.11_24.08.2016_08.06.44_log.txt
2016-08-24 08:06 - 2016-08-06 00:32 - 01046976 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-08-24 08:06 - 2016-08-06 00:32 - 00885832 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-08-24 08:06 - 2016-08-06 00:31 - 00077664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2016-08-24 08:06 - 2016-08-06 00:30 - 07814496 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-08-24 08:06 - 2016-08-06 00:29 - 00199008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2016-08-24 08:06 - 2016-08-06 00:24 - 01570680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-08-24 08:06 - 2016-08-06 00:23 - 00168800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-08-24 08:06 - 2016-08-06 00:18 - 02745224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-08-24 08:06 - 2016-08-06 00:18 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-08-24 08:06 - 2016-08-06 00:18 - 01260384 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-08-24 08:06 - 2016-08-06 00:17 - 00619368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-08-24 08:06 - 2016-08-06 00:16 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-08-24 08:06 - 2016-08-06 00:15 - 00408600 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2016-08-24 08:06 - 2016-08-06 00:13 - 22218808 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-08-24 08:06 - 2016-08-06 00:13 - 01847048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-08-24 08:06 - 2016-08-06 00:13 - 01694200 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2016-08-24 08:06 - 2016-08-06 00:13 - 01453992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-08-24 08:06 - 2016-08-06 00:13 - 01071728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-08-24 08:06 - 2016-08-06 00:13 - 01066096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-08-24 08:06 - 2016-08-06 00:13 - 00595488 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2016-08-24 08:06 - 2016-08-06 00:13 - 00044472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2016-08-24 08:06 - 2016-08-06 00:08 - 01469120 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-08-24 08:06 - 2016-08-06 00:08 - 00587968 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-08-24 08:06 - 2016-08-06 00:08 - 00313560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2016-08-24 08:06 - 2016-08-06 00:08 - 00050880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-08-24 08:06 - 2016-08-06 00:04 - 00361096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2016-08-24 08:06 - 2016-08-06 00:03 - 01557296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2016-08-24 08:06 - 2016-08-06 00:02 - 00321280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-08-24 08:06 - 2016-08-05 23:50 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2016-08-24 08:06 - 2016-08-05 23:49 - 22570496 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-08-24 08:06 - 2016-08-05 23:48 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2016-08-24 08:06 - 2016-08-05 23:48 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-08-24 08:06 - 2016-08-05 23:48 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-08-24 08:06 - 2016-08-05 23:48 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2016-08-24 08:06 - 2016-08-05 23:48 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
2016-08-24 08:06 - 2016-08-05 23:48 - 00010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwmp.dll
2016-08-24 08:06 - 2016-08-05 23:48 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spwmp.dll
2016-08-24 08:06 - 2016-08-05 23:48 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdxm.ocx
2016-08-24 08:06 - 2016-08-05 23:48 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxmasf.dll
2016-08-24 08:06 - 2016-08-05 23:47 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-08-24 08:06 - 2016-08-05 23:47 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2016-08-24 08:06 - 2016-08-05 23:47 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdxm.ocx
2016-08-24 08:06 - 2016-08-05 23:47 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxmasf.dll
2016-08-24 08:06 - 2016-08-05 23:46 - 09260032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmploc.DLL
2016-08-24 08:06 - 2016-08-05 23:46 - 09260032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmploc.DLL
2016-08-24 08:06 - 2016-08-05 23:46 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dasHost.exe
2016-08-24 08:06 - 2016-08-05 23:46 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModelOOBE.exe
2016-08-24 08:06 - 2016-08-05 23:46 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2016-08-24 08:06 - 2016-08-05 23:45 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll
2016-08-24 08:06 - 2016-08-05 23:45 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2016-08-24 08:06 - 2016-08-05 23:44 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceassociation.dll
2016-08-24 08:06 - 2016-08-05 23:43 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-08-24 08:06 - 2016-08-05 23:43 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-08-24 08:06 - 2016-08-05 23:42 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-08-24 08:06 - 2016-08-05 23:41 - 13867520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-08-24 08:06 - 2016-08-05 23:41 - 00743424 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-08-24 08:06 - 2016-08-05 23:41 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-08-24 08:06 - 2016-08-05 23:41 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2016-08-24 08:06 - 2016-08-05 23:41 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2016-08-24 08:06 - 2016-08-05 23:41 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2016-08-24 08:06 - 2016-08-05 23:40 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2016-08-24 08:06 - 2016-08-05 23:40 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncPolicy.dll
2016-08-24 08:06 - 2016-08-05 23:39 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2016-08-24 08:06 - 2016-08-05 23:39 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-08-24 08:06 - 2016-08-05 23:38 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-08-24 08:06 - 2016-08-05 23:38 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-08-24 08:06 - 2016-08-05 23:37 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-08-24 08:06 - 2016-08-05 23:36 - 19422720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-08-24 08:06 - 2016-08-05 23:36 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\das.dll
2016-08-24 08:06 - 2016-08-05 23:35 - 09127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-08-24 08:06 - 2016-08-05 23:35 - 07624192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-08-24 08:06 - 2016-08-05 23:34 - 19418624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-08-24 08:06 - 2016-08-05 23:34 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\smphost.dll
2016-08-24 08:06 - 2016-08-05 23:33 - 23682560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-08-24 08:06 - 2016-08-05 23:33 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smphost.dll
2016-08-24 08:06 - 2016-08-05 23:32 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2016-08-24 08:06 - 2016-08-05 23:31 - 03244032 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2016-08-24 08:06 - 2016-08-05 23:31 - 02710528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2016-08-24 08:06 - 2016-08-05 23:31 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-08-24 08:06 - 2016-08-05 23:31 - 01052672 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2016-08-24 08:06 - 2016-08-05 23:31 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-08-24 08:06 - 2016-08-05 23:31 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2016-08-24 08:06 - 2016-08-05 23:30 - 12345344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-08-24 08:06 - 2016-08-05 23:30 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2016-08-24 08:06 - 2016-08-05 23:30 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2016-08-24 08:06 - 2016-08-05 23:29 - 13433856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-08-24 08:06 - 2016-08-05 23:29 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-08-24 08:06 - 2016-08-05 23:29 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2016-08-24 08:06 - 2016-08-05 23:29 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2016-08-24 08:06 - 2016-08-05 23:29 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2016-08-24 08:06 - 2016-08-05 23:29 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-08-24 08:06 - 2016-08-05 23:28 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2016-08-24 08:06 - 2016-08-05 23:27 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-08-24 08:06 - 2016-08-05 23:27 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2016-08-24 08:06 - 2016-08-05 23:26 - 02422784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAJApi.dll
2016-08-24 08:06 - 2016-08-05 23:25 - 01595904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-08-24 08:06 - 2016-08-05 23:24 - 02314752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-08-24 08:06 - 2016-08-05 23:23 - 01780736 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-08-24 08:06 - 2016-08-05 23:23 - 01508864 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-08-24 08:06 - 2016-08-05 23:23 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-08-24 08:06 - 2016-08-05 23:23 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-08-24 08:06 - 2016-08-05 23:23 - 00520192 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32time.dll
2016-08-24 08:06 - 2016-08-05 23:19 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2016-08-24 08:06 - 2016-08-05 04:29 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.UXRes.dll
2016-08-24 08:06 - 2016-08-05 04:29 - 00019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll
2016-08-24 08:06 - 2016-08-05 04:23 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppc.dll
2016-08-24 08:06 - 2016-08-05 04:20 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2016-08-24 08:06 - 2016-08-05 04:18 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slc.dll
2016-08-24 08:06 - 2016-08-05 04:07 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-08-23 20:37 - 2016-08-23 20:37 - 00276746 _____ C:\TDSSKiller.3.1.0.11_23.08.2016_20.37.25_log.txt
2016-08-23 20:31 - 2016-08-24 00:22 - 00438288 ___SH C:\Users\GaberFamily\AppData\Roaming\fbTFciUgbVKI
2016-08-23 14:46 - 2016-08-23 14:47 - 00276746 _____ C:\TDSSKiller.3.1.0.11_23.08.2016_14.46.55_log.txt
2016-08-22 20:11 - 2016-08-22 20:11 - 00276746 _____ C:\TDSSKiller.3.1.0.11_22.08.2016_20.11.12_log.txt
2016-08-22 18:19 - 2016-08-22 18:19 - 00045290 _____ C:\Users\GaberFamily\Desktop\^E78451B71187079CCE4C601B9A771556A5384CDCA0E82F1E51^pimgpsh_fullsize_distr.jpg
2016-08-21 19:57 - 2016-08-21 19:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2016-08-21 19:57 - 2016-08-21 19:57 - 00000000 ____D C:\Program Files\Oracle
2016-08-21 19:57 - 2016-08-16 20:18 - 00920168 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxDrv.sys
2016-08-21 19:57 - 2016-08-16 20:18 - 00149256 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxUSBMon.sys
2016-08-21 19:52 - 2016-08-22 08:45 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2016-08-21 19:52 - 2016-08-21 19:52 - 02671136 _____ (Kaspersky Lab) C:\Users\GaberFamily\Downloads\kss16-0-0-1344en_ru_de_fr_es_it_zh-hans_pl_tr_nl_cs_ko_id_pt_ar_vi_hi_zh-hant_fa_10837.exe
2016-08-21 19:39 - 2016-08-21 19:39 - 00002348 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-08-21 19:39 - 2016-08-21 19:39 - 00002336 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-08-21 19:36 - 2016-08-21 19:50 - 00000932 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-08-21 19:36 - 2016-08-21 19:50 - 00000928 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-08-21 19:36 - 2016-08-21 19:45 - 00003990 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-08-21 19:36 - 2016-08-21 19:45 - 00003758 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-08-21 19:36 - 2016-08-21 19:36 - 00987728 _____ (Google Inc.) C:\Users\GaberFamily\Downloads\ChromeSetup.exe
2016-08-21 19:00 - 2016-08-21 19:00 - 00275414 _____ C:\TDSSKiller.3.1.0.11_21.08.2016_19.00.20_log.txt
2016-08-21 13:22 - 2016-08-21 13:22 - 00000000 ____D C:\Users\GaberFamily\AppData\Roaming\.mono
2016-08-21 13:22 - 2016-08-21 13:22 - 00000000 ____D C:\Users\GaberFamily\AppData\LocalLow\Blizzard Entertainment
2016-08-21 13:22 - 2016-08-21 13:22 - 00000000 ____D C:\ProgramData\.mono
2016-08-21 07:41 - 2016-08-23 06:39 - 00000000 ____D C:\Users\GaberFamily\Desktop\BO2 RTM TOOLS
2016-08-20 15:19 - 2016-08-20 15:19 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-08-20 15:19 - 2016-08-11 07:30 - 00138808 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2016-08-20 15:19 - 2016-05-03 22:23 - 00129824 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2016-08-20 15:19 - 2016-05-03 22:22 - 00130848 _____ C:\WINDOWS\system32\vulkan-1.dll
2016-08-20 15:19 - 2016-05-03 22:22 - 00045344 _____ C:\WINDOWS\system32\vulkaninfo.exe
2016-08-20 15:19 - 2016-05-03 22:22 - 00040224 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2016-08-20 15:18 - 2016-08-16 01:45 - 01588688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2016-08-20 15:18 - 2016-08-16 01:45 - 00054728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2016-08-20 15:18 - 2016-08-11 10:33 - 40070200 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-08-20 15:18 - 2016-08-11 10:33 - 35182648 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-08-20 15:18 - 2016-08-11 10:33 - 34837952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-08-20 15:18 - 2016-08-11 10:33 - 28236856 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-08-20 15:18 - 2016-08-11 10:33 - 10728856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-08-20 15:18 - 2016-08-11 10:33 - 10530960 _____ C:\WINDOWS\system32\nvptxJitCompiler.dll
2016-08-20 15:18 - 2016-08-11 10:33 - 10273096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-08-20 15:18 - 2016-08-11 10:33 - 09086344 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-08-20 15:18 - 2016-08-11 10:33 - 08681720 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-08-20 15:18 - 2016-08-11 10:33 - 08644456 _____ C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2016-08-20 15:18 - 2016-08-11 10:33 - 02914752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-08-20 15:18 - 2016-08-11 10:33 - 02553912 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-08-20 15:18 - 2016-08-11 10:33 - 01922616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437254.dll
2016-08-20 15:18 - 2016-08-11 10:33 - 01585088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437254.dll
2016-08-20 15:18 - 2016-08-11 10:33 - 01023544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-08-20 15:18 - 2016-08-11 10:33 - 00961080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-08-20 15:18 - 2016-08-11 10:33 - 00945088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-08-20 15:18 - 2016-08-11 10:33 - 00897592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-08-20 15:18 - 2016-08-11 10:33 - 00803096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2016-08-20 15:18 - 2016-08-11 10:33 - 00802072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2016-08-20 15:18 - 2016-08-11 10:33 - 00694952 _____ C:\WINDOWS\system32\nvfatbinaryLoader.dll
2016-08-20 15:18 - 2016-08-11 10:33 - 00644648 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2016-08-20 15:18 - 2016-08-11 10:33 - 00642904 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2016-08-20 15:18 - 2016-08-11 10:33 - 00612528 _____ C:\WINDOWS\system32\nvmcumd.dll
2016-08-20 15:18 - 2016-08-11 10:33 - 00584712 _____ C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2016-08-20 15:18 - 2016-08-11 10:33 - 00442816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2016-08-20 15:18 - 2016-08-11 10:33 - 00413256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2016-08-20 15:18 - 2016-08-11 10:33 - 00393664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2016-08-20 15:18 - 2016-08-11 10:33 - 00386104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2016-08-20 15:18 - 2016-08-11 10:33 - 00348728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2016-08-20 15:18 - 2016-08-11 10:33 - 00345936 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2016-08-20 15:18 - 2016-08-11 10:33 - 00000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2016-08-20 15:18 - 2016-08-11 10:33 - 00000669 _____ C:\WINDOWS\system32\nv-vk64.json
2016-08-20 11:56 - 2016-08-20 11:56 - 00000000 ____D C:\Users\GaberFamily\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BleachBit
2016-08-20 11:56 - 2016-08-20 11:56 - 00000000 ____D C:\Users\GaberFamily\AppData\Roaming\BleachBit
2016-08-20 11:56 - 2016-08-20 11:56 - 00000000 ____D C:\Program Files (x86)\BleachBit
2016-08-20 11:43 - 2016-08-20 11:43 - 00278262 _____ C:\TDSSKiller.3.1.0.11_20.08.2016_11.43.26_log.txt
2016-08-20 11:29 - 2016-08-24 11:16 - 00000560 _____ C:\Users\GaberFamily\Desktop\JRT.txt
2016-08-20 11:24 - 2016-08-20 11:24 - 00006994 _____ C:\TDSSKiller.3.1.0.11_20.08.2016_11.24.38_log.txt
2016-08-20 11:01 - 2016-08-20 11:04 - 00822598 _____ C:\TDSSKiller.3.1.0.11_20.08.2016_11.01.58_log.txt
2016-08-20 10:59 - 2016-08-20 10:59 - 00000000 ____D C:\Program Files (x86)\ESET
2016-08-20 10:58 - 2016-08-20 10:58 - 00000218 _____ C:\Users\GaberFamily\AppData\Local\recently-used.xbel
2016-08-20 10:43 - 2016-08-20 10:59 - 02870984 _____ (ESET) C:\Users\GaberFamily\Desktop\esetsmartinstaller_enu.exe
2016-08-20 10:42 - 2016-08-20 11:28 - 01610560 _____ (Malwarebytes) C:\Users\GaberFamily\Desktop\JRT.exe
2016-08-20 10:38 - 2016-08-24 11:17 - 00000000 ____D C:\AdwCleaner
2016-08-20 10:37 - 2016-08-20 10:37 - 04747704 _____ (AO Kaspersky Lab) C:\Users\GaberFamily\Desktop\tdsskiller.exe
2016-08-20 10:37 - 2016-08-20 10:37 - 00281002 _____ C:\TDSSKiller.3.1.0.11_20.08.2016_10.37.05_log.txt
2016-08-20 10:37 - 2016-08-20 10:37 - 00000000 ____D C:\TDSSKiller_Quarantine
2016-08-20 10:30 - 2016-08-20 10:30 - 00000000 ____D C:\WINDOWS\Panther
2016-08-20 07:53 - 2016-08-24 08:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Black Ops 2 - GSC Studio
2016-08-20 07:53 - 2016-08-20 07:53 - 00000000 ____D C:\Users\GaberFamily\AppData\Local\iMCS_Productions
2016-08-20 07:53 - 2016-08-20 07:53 - 00000000 ____D C:\Program Files (x86)\iMCS Productions
2016-08-20 07:49 - 2016-08-23 14:45 - 00000000 ____D C:\ProgramData\Realtek
2016-08-20 07:46 - 2016-08-21 07:28 - 00000000 ____D C:\Users\GaberFamily\AppData\Roaming\Notepad++
2016-08-20 07:46 - 2016-08-20 07:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2016-08-20 07:46 - 2016-08-20 07:46 - 00000000 ____D C:\Program Files (x86)\Notepad++
2016-08-20 07:26 - 2016-08-20 07:29 - 00000000 ____D C:\Users\GaberFamily\Desktop\New Logo
2016-08-19 09:19 - 2016-08-19 09:19 - 01778060 _____ C:\Users\GaberFamily\Desktop\game.psd
2016-08-19 08:26 - 2016-08-20 07:32 - 00000000 ____D C:\Users\GaberFamily\AppData\Roaming\IrfanView
2016-08-18 07:06 - 2016-08-18 07:06 - 26127872 _____ () C:\Users\GaberFamily\Desktop\Project Desire Recovery Tool (1.27).exe
2016-08-17 22:04 - 2016-08-17 22:04 - 00000036 _____ C:\Users\GaberFamily\Desktop\dabiq.txt
2016-08-17 21:38 - 2016-08-17 21:38 - 00000000 ____D C:\Users\GaberFamily\AppData\Roaming\Gyazo
2016-08-17 21:37 - 2016-08-18 07:18 - 00000000 ____D C:\Program Files (x86)\Gyazo
2016-08-17 21:37 - 2016-08-17 21:37 - 00003556 _____ C:\WINDOWS\System32\Tasks\GyazoUpdateTaskMachineDaily
2016-08-17 21:37 - 2016-08-17 21:37 - 00003420 _____ C:\WINDOWS\System32\Tasks\GyazoUpdateTaskMachine
2016-08-17 21:37 - 2016-08-17 21:37 - 00001055 _____ C:\Users\Public\Desktop\Gyazo.lnk
2016-08-17 21:37 - 2016-08-17 21:37 - 00001055 _____ C:\Users\Public\Desktop\Gyazo GIF.lnk
2016-08-17 21:37 - 2016-08-17 21:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gyazo
2016-08-17 17:42 - 2016-08-24 14:15 - 00000115 _____ C:\Users\GaberFamily\Desktop\ACC.txt
2016-08-17 17:04 - 2016-08-17 17:04 - 00000000 ____D C:\Users\GaberFamily\Desktop\LEXICON
2016-08-17 15:43 - 2016-08-21 08:33 - 00000109 _____ C:\Users\GaberFamily\Desktop\new psn acc.txt
2016-08-17 15:43 - 2016-08-17 15:43 - 00000034 _____ C:\Users\GaberFamily\Documents\new psn acc.txt
2016-08-16 20:18 - 2016-08-16 20:18 - 00195936 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxNetLwf.sys
2016-08-16 20:18 - 2016-08-16 20:18 - 00121248 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxNetAdp6.sys
2016-08-16 14:10 - 2016-08-16 14:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ControlConsole API
2016-08-16 10:38 - 2016-08-19 10:40 - 00000000 ____D C:\Users\GaberFamily\AppData\Local\XxBlud-23xX
2016-08-16 10:38 - 2016-08-15 21:57 - 00312336 ___SH C:\Users\GaberFamily\AppData\Roaming\YddNBGZaaOXh
2016-08-16 09:13 - 2016-08-16 09:13 - 00001822 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-08-16 09:13 - 2016-08-16 09:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-08-16 09:13 - 2016-08-16 09:13 - 00000000 ____D C:\Program Files\iTunes
2016-08-16 09:13 - 2016-08-16 09:13 - 00000000 ____D C:\Program Files\iPod
2016-08-16 09:13 - 2016-08-16 09:13 - 00000000 ____D C:\Program Files (x86)\iTunes
2016-08-15 18:30 - 2016-08-20 10:06 - 00000000 ____D C:\Windows.old
2016-08-15 18:30 - 2016-08-15 18:30 - 08124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-08-15 18:30 - 2016-08-15 18:30 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2016-08-15 18:30 - 2016-08-15 18:30 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2016-08-15 18:30 - 2016-08-15 18:30 - 06044672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-08-15 18:30 - 2016-08-15 18:30 - 05511168 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2016-08-15 18:30 - 2016-08-15 18:30 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2016-08-15 18:30 - 2016-08-15 18:30 - 03617280 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-08-15 18:30 - 2016-08-15 18:30 - 02999296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-08-15 18:30 - 2016-08-15 18:30 - 02190688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-08-15 18:30 - 2016-08-15 18:30 - 01708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2016-08-15 18:30 - 2016-08-15 18:30 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-08-15 18:30 - 2016-08-15 18:30 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-08-15 18:30 - 2016-08-15 18:30 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-08-15 18:30 - 2016-08-15 18:30 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-08-15 18:30 - 2016-08-15 18:30 - 01418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-08-15 18:30 - 2016-08-15 18:30 - 01265424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-08-15 18:30 - 2016-08-15 18:30 - 01081856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-08-15 18:30 - 2016-08-15 18:30 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-08-15 18:30 - 2016-08-15 18:30 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-08-15 18:30 - 2016-08-15 18:30 - 00770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-08-15 18:30 - 2016-08-15 18:30 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-08-15 18:30 - 2016-08-15 18:30 - 00658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-08-15 18:30 - 2016-08-15 18:30 - 00509952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2016-08-15 18:30 - 2016-08-15 18:30 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2016-08-15 18:30 - 2016-08-15 18:30 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-08-15 18:30 - 2016-08-15 18:30 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-08-15 18:30 - 2016-08-15 18:30 - 00389000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2016-08-15 18:30 - 2016-08-15 18:30 - 00297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
2016-08-15 18:30 - 2016-08-15 18:30 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2016-08-15 18:30 - 2016-08-15 18:30 - 00241496 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2016-08-15 18:30 - 2016-08-15 18:30 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2016-08-15 18:30 - 2016-08-15 18:30 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-08-15 18:30 - 2016-08-15 18:30 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-08-15 18:30 - 2016-08-15 18:30 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2016-08-15 18:30 - 2016-08-15 18:30 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2016-08-15 18:30 - 2016-08-15 18:30 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2016-08-15 18:30 - 2016-08-15 18:30 - 00114192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2016-08-15 18:30 - 2016-08-15 18:30 - 00079536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2016-08-15 18:30 - 2016-08-15 18:30 - 00062816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2016-08-15 18:30 - 2016-08-15 18:30 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-08-15 18:30 - 2016-08-15 18:30 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-08-15 18:30 - 2016-08-15 18:30 - 00000000 ____D C:\Program Files\CMAK
2016-08-15 18:30 - 2016-08-15 18:30 - 00000000 ____D C:\Program Files (x86)\CMAK
2016-08-15 18:29 - 2016-08-15 18:29 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2016-08-15 18:28 - 2016-08-15 18:28 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-08-15 18:28 - 2016-08-15 18:28 - 00000000 ____D C:\Program Files\MSBuild
2016-08-15 18:28 - 2016-08-15 18:28 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-08-15 18:28 - 2016-08-15 18:28 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-08-15 18:28 - 2016-05-25 18:31 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-08-15 18:28 - 2016-05-25 18:31 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-08-15 18:28 - 2016-05-25 18:31 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2016-08-15 18:28 - 2016-05-25 15:03 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2016-08-15 18:28 - 2016-05-25 15:03 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-08-15 18:28 - 2016-05-25 15:03 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2016-08-15 14:41 - 2016-08-15 14:41 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-08-15 14:39 - 2016-08-16 10:38 - 00000000 ____D C:\Users\GaberFamily\AppData\Local\ConnectedDevicesPlatform
2016-08-15 14:39 - 2016-08-15 14:39 - 00000020 ___SH C:\Users\GaberFamily\ntuser.ini
2016-08-15 14:38 - 2016-08-15 14:38 - 00000000 _SHDL C:\Users\Default\My Documents
2016-08-15 14:38 - 2016-08-15 14:38 - 00000000 _SHDL C:\Users\Default\Documents\My Videos
2016-08-15 14:38 - 2016-08-15 14:38 - 00000000 _SHDL C:\Users\Default\Documents\My Pictures
2016-08-15 14:38 - 2016-08-15 14:38 - 00000000 _SHDL C:\Users\Default\Documents\My Music
2016-08-15 14:38 - 2016-08-15 14:38 - 00000000 _SHDL C:\Users\Default User\Documents\My Videos
2016-08-15 14:38 - 2016-08-15 14:38 - 00000000 _SHDL C:\Users\Default User\Documents\My Pictures
2016-08-15 14:38 - 2016-08-15 14:38 - 00000000 _SHDL C:\Users\Default User\Documents\My Music
2016-08-15 14:38 - 2016-08-15 14:38 - 00000000 ____D C:\ProgramData\USOShared
2016-08-15 14:37 - 2016-08-25 16:37 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-08-15 14:37 - 2016-08-15 14:37 - 00007623 _____ C:\WINDOWS\diagwrn.xml
2016-08-15 14:37 - 2016-08-15 14:37 - 00007623 _____ C:\WINDOWS\diagerr.xml
2016-08-15 14:37 - 2016-08-15 14:37 - 00003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-08-15 14:37 - 2016-08-15 14:37 - 00003044 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-08-15 14:37 - 2016-08-15 14:37 - 00002880 _____ C:\WINDOWS\System32\Tasks\Red Giant Link
2016-08-15 14:37 - 2016-08-15 14:37 - 00002780 _____ C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-GABER-FAMILY-GaberFamily
2016-08-15 14:37 - 2016-08-15 14:37 - 00002496 _____ C:\WINDOWS\System32\Tasks\Private Internet Access Startup
2016-08-15 14:37 - 2016-08-15 14:37 - 00002478 _____ C:\WINDOWS\System32\Tasks\RunAsStdUser Task
2016-08-15 14:37 - 2016-08-15 14:37 - 00000000 ____D C:\WINDOWS\System32\Tasks\Apple
2016-08-15 14:36 - 2016-08-15 14:36 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-08-15 14:36 - 2016-08-15 14:36 - 00000000 ____D C:\Users\Default\AppData\Roaming\TuneUp Software
2016-08-15 14:36 - 2016-08-15 14:36 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2016-08-15 14:36 - 2016-08-15 14:36 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2016-08-15 14:36 - 2016-08-15 14:36 - 00000000 ____D C:\Users\Default User\AppData\Roaming\TuneUp Software
2016-08-15 14:36 - 2016-08-15 14:36 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2016-08-15 14:36 - 2016-08-15 14:36 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2016-08-15 14:34 - 2016-07-16 07:41 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2016-08-15 14:33 - 2016-08-24 20:00 - 00000000 ____D C:\Users\GaberFamily
2016-08-15 14:33 - 2016-08-15 14:36 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2016-08-15 14:33 - 2016-08-15 14:33 - 00000000 _SHDL C:\Users\GaberFamily\My Documents
2016-08-15 14:33 - 2016-08-15 14:33 - 00000000 _SHDL C:\Users\GaberFamily\Documents\My Videos
2016-08-15 14:33 - 2016-08-15 14:33 - 00000000 _SHDL C:\Users\GaberFamily\Documents\My Pictures
2016-08-15 14:33 - 2016-08-15 14:33 - 00000000 _SHDL C:\Users\GaberFamily\Documents\My Music
2016-08-15 14:32 - 2016-08-25 16:38 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-08-15 14:32 - 2016-08-25 16:37 - 00000000 ____D C:\ProgramData\NVIDIA
2016-08-15 14:32 - 2016-08-24 14:15 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-08-15 14:32 - 2016-08-20 15:19 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-08-15 14:32 - 2016-08-17 15:28 - 05051856 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-08-15 14:32 - 2016-08-15 14:34 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-08-15 14:32 - 2016-08-15 14:34 - 00000000 ____D C:\Program Files\Intel
2016-08-15 14:32 - 2016-08-15 14:34 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-08-15 14:32 - 2016-08-15 14:32 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2016-08-15 14:32 - 2016-08-15 14:32 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2016-08-15 14:32 - 2016-08-15 14:32 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2016-08-15 14:32 - 2016-08-15 14:32 - 00000000 ____D C:\Program Files\Realtek
2016-08-15 14:32 - 2016-08-15 14:32 - 00000000 _____ C:\WINDOWS\system32\GfxValDisplayLog.bin
2016-08-15 14:32 - 2016-08-11 08:27 - 06386048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-08-15 14:32 - 2016-08-11 08:27 - 02468288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-08-15 14:32 - 2016-08-11 08:27 - 01762752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-08-15 14:32 - 2016-08-11 08:27 - 01365048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2016-08-15 14:32 - 2016-08-11 08:27 - 00548920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-08-15 14:32 - 2016-08-11 08:27 - 00392128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-08-15 14:32 - 2016-08-11 08:27 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-08-15 14:32 - 2016-08-11 08:27 - 00069568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-08-15 14:32 - 2016-08-09 12:06 - 07255045 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-08-15 14:32 - 2016-05-27 15:50 - 00100488 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2016-08-15 14:13 - 2016-08-15 14:39 - 00000000 ___HD C:\$GetCurrent
2016-08-15 14:13 - 2016-08-15 14:39 - 00000000 ____D C:\Windows10Upgrade
2016-08-15 14:13 - 2016-08-15 14:15 - 00000036 _____ C:\WINDOWS\progress.ini
2016-08-15 14:13 - 2016-08-15 14:14 - 00000731 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 10 Upgrade Assistant.lnk
2016-08-15 14:06 - 2016-08-15 14:06 - 00000000 ___HD C:\$SysReset
2016-08-15 07:52 - 2016-08-15 07:52 - 14218072 _____ C:\Users\GaberFamily\Desktop\EBOOT.BIN
2016-08-13 22:53 - 2016-08-13 22:53 - 00012448 _____ C:\Users\GaberFamily\Downloads\gameboot.rar
2016-08-12 23:01 - 2016-08-15 18:11 - 00000000 ____D C:\Users\GaberFamily\Desktop\BO2 EBOOT
2016-08-10 02:02 - 2016-08-24 08:58 - 00000000 ____D C:\Users\GaberFamily\Desktop\ADD THESE
2016-08-10 01:34 - 2016-08-24 09:32 - 00000000 ____D C:\Users\GaberFamily\Desktop\Terminus Release
2016-08-10 00:32 - 2016-07-23 00:19 - 00000000 ____D C:\Users\GaberFamily\Desktop\Dumble's 4.0
2016-08-09 00:30 - 2016-08-15 18:11 - 00000000 ____D C:\Users\GaberFamily\Documents\Black Ops 2 - GSC Studio
2016-08-04 15:49 - 2016-08-05 00:20 - 06647784 _____ (Tim Kosse) C:\Users\GaberFamily\Downloads\FileZilla_3.20.1_win64-setup.exe
2016-08-04 03:31 - 2016-08-04 03:31 - 05791104 _____ (Microsoft Corporation) C:\Users\GaberFamily\Downloads\Windows10Upgrade28084.exe
2016-08-04 03:03 - 2016-08-24 11:51 - 00000000 ____D C:\Program Files (x86)\Steam
2016-08-04 03:03 - 2016-08-15 14:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2016-08-04 03:03 - 2016-08-04 03:03 - 00001036 _____ C:\Users\Public\Desktop\Steam.lnk
2016-08-04 02:15 - 2016-08-04 02:15 - 00000000 _____ C:\Users\GaberFamily\Desktop\LIT.txt
2016-08-03 00:43 - 2016-08-15 14:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell
2016-08-03 00:43 - 2016-08-03 00:43 - 00000000 ____D C:\Program Files\Classic Shell
2016-08-03 00:42 - 2016-08-03 00:42 - 07220496 _____ (IvoSoft) C:\Users\GaberFamily\Downloads\ClassicShellSetup_4_3_0.exe
2016-08-01 17:10 - 2016-08-24 08:40 - 00000000 ____D C:\Program Files (x86)\GenArts
2016-08-01 03:14 - 2016-06-12 15:05 - 37496126 _____ C:\Users\GaberFamily\Desktop\SouthSideModder MW3 Aftermath SPRX Mod Menu.rar
2016-07-30 23:21 - 2016-07-30 23:21 - 00021656 _____ (Echobit, LLC) C:\WINDOWS\system32\Drivers\evolve.sys
2016-07-30 23:21 - 2016-07-30 23:21 - 00000000 ____D C:\Users\GaberFamily\AppData\Local\Echobit
2016-07-30 23:21 - 2016-07-30 23:21 - 00000000 ____D C:\ProgramData\Echobit
2016-07-30 23:21 - 2016-07-30 23:21 - 00000000 ____D C:\Program Files\Echobit
2016-07-30 09:05 - 2016-07-30 09:05 - 00289240 _____ (IvoSoft) C:\WINDOWS\system32\StartMenuHelper64.dll
2016-07-30 09:05 - 2016-07-30 09:05 - 00247768 _____ (IvoSoft) C:\WINDOWS\SysWOW64\StartMenuHelper32.dll
2016-07-28 00:28 - 2016-07-28 00:28 - 00000000 ____D C:\Users\GaberFamily\AppData\Roaming\Sony Creative Software Inc
2016-07-27 20:27 - 2016-08-20 12:24 - 00000000 ____D C:\Users\GaberFamily\AppData\Local\Razer
2016-07-27 20:27 - 2016-08-20 12:24 - 00000000 ____D C:\ProgramData\Razer
2016-07-26 14:41 - 2016-07-26 14:41 - 00000000 ____D C:\Users\GaberFamily\AppData\Local\Private Internet Access
2016-07-26 14:41 - 2016-07-26 14:41 - 00000000 ____D C:\Users\GaberFamily\AppData\Local\Crashpad
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-08-25 16:40 - 2015-10-24 00:27 - 00000000 ____D C:\Program Files\Common Files\Adobe
2016-08-25 16:40 - 2015-08-01 02:29 - 00000000 ____D C:\ProgramData\Adobe
2016-08-25 16:40 - 2015-08-01 02:29 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-08-25 16:38 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-08-25 16:38 - 2015-08-08 19:05 - 00000000 ____D C:\ProgramData\MFAData
2016-08-25 16:38 - 2015-08-01 02:45 - 00000000 ____D C:\Users\GaberFamily\AppData\Local\ClassicShell
2016-08-25 16:38 - 2015-08-01 02:38 - 00000000 __SHD C:\Users\GaberFamily\IntelGraphicsProfiles
2016-08-24 20:00 - 2016-07-16 02:04 - 00262144 _____ C:\WINDOWS\system32\config\BBI
2016-08-24 20:00 - 2015-08-01 14:17 - 00000000 ____D C:\Users\GaberFamily\AppData\Local\Battle.net
2016-08-24 19:42 - 2015-08-01 14:10 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-08-24 19:40 - 2015-08-01 02:39 - 00000000 ____D C:\Users\GaberFamily\AppData\Roaming\Skype
2016-08-24 19:34 - 2015-11-15 14:56 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-08-24 19:31 - 2015-08-01 02:33 - 01421266 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-08-24 19:26 - 2015-08-01 05:24 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-08-24 19:25 - 2016-07-16 07:45 - 00000000 ____D C:\WINDOWS\INF
2016-08-24 14:16 - 2016-07-16 07:47 - 00000000 ___SD C:\WINDOWS\system32\dsc
2016-08-24 14:16 - 2016-07-16 07:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-08-24 14:16 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-08-24 14:16 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-08-24 14:15 - 2016-07-16 07:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-08-24 14:10 - 2015-08-13 16:55 - 00000000 ____D C:\Users\GaberFamily\AppData\Roaming\FileZilla
2016-08-24 10:51 - 2015-08-07 01:06 - 00000000 ____D C:\Users\GaberFamily\AppData\Local\CrashDumps
2016-08-24 10:44 - 2015-08-08 14:34 - 00000000 ____D C:\ProgramData\Package Cache
2016-08-24 10:42 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\PLA
2016-08-24 10:20 - 2016-02-20 04:27 - 00000000 ____D C:\Users\GaberFamily\AppData\Local\Ubisoft Game Launcher
2016-08-24 10:18 - 2015-08-01 14:54 - 00000000 ____D C:\Users\GaberFamily\AppData\Local\ElevatedDiagnostics
2016-08-24 09:40 - 2015-08-01 05:24 - 00000000 ____D C:\Users\GaberFamily\AppData\Roaming\Adobe
2016-08-24 09:39 - 2015-10-24 00:27 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2016-08-24 09:05 - 2016-06-27 16:19 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2016-08-24 08:47 - 2016-07-16 02:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2016-08-24 08:46 - 2015-08-08 19:03 - 00000000 ____D C:\Users\GaberFamily\AppData\Local\Avg
2016-08-24 08:45 - 2016-07-16 07:47 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-08-24 08:45 - 2015-08-08 19:04 - 00000000 ____D C:\Program Files (x86)\AVG
2016-08-24 08:45 - 2015-08-08 19:03 - 00000000 ____D C:\Users\GaberFamily\AppData\Local\AvgSetupLog
2016-08-24 08:41 - 2015-10-24 00:27 - 00000000 ____D C:\Program Files\Adobe
2016-08-24 08:41 - 2015-08-01 02:26 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-08-24 08:40 - 2016-07-24 15:42 - 00000000 ____D C:\ProgramData\Red Giant
2016-08-24 08:38 - 2016-07-23 18:52 - 00000000 ____D C:\Users\GaberFamily\AppData\Roaming\MAXON
2016-08-24 08:20 - 2015-08-11 13:54 - 147640136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-08-24 08:02 - 2015-08-01 02:29 - 00000000 ____D C:\Users\GaberFamily\AppData\Local\Adobe
2016-08-24 07:59 - 2016-07-16 07:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-08-24 07:54 - 2016-07-16 07:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-08-23 20:31 - 2016-04-10 14:47 - 00000000 ____D C:\Users\GaberFamily\Desktop\UPDATE 2.1 Black Ops 1 Ultimate RTM Tool ( CCAPI 2.5 )
2016-08-23 20:31 - 2016-04-10 13:53 - 00000000 ____D C:\Users\GaberFamily\Desktop\MW3 1.24 Fast Hack Tool By RoBzMoDz-
2016-08-23 20:31 - 2015-11-02 01:10 - 00000000 ____D C:\Users\GaberFamily\Desktop\BO1 By TrickyModz V2 RTM Tool
2016-08-23 14:45 - 2016-06-16 14:47 - 00000000 ____D C:\Users\GaberFamily\AppData\Roaming\obs-studio
2016-08-23 14:14 - 2015-08-01 03:02 - 00000000 ____D C:\Users\GaberFamily\AppData\Roaming\WinRAR
2016-08-23 07:00 - 2016-02-03 23:59 - 00000252 _____ C:\Users\GaberFamily\Desktop\school pw.txt
2016-08-22 08:45 - 2015-10-30 02:28 - 00000000 ____D C:\Users\Default.migrated
2016-08-22 08:45 - 2015-08-08 23:45 - 00000000 ____D C:\Users\TEMP
2016-08-21 20:16 - 2015-11-23 20:51 - 00000000 ____D C:\Users\GaberFamily\.VirtualBox
2016-08-21 20:05 - 2015-12-06 19:33 - 00000000 ____D C:\Users\GaberFamily\VirtualBox VMs
2016-08-21 20:01 - 2016-05-29 15:04 - 00000000 ____D C:\Users\GaberFamily\AppData\Roaming\deluge
2016-08-21 19:36 - 2015-08-01 02:29 - 00000000 ____D C:\Program Files (x86)\Google
2016-08-20 15:19 - 2016-07-15 14:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-08-20 12:33 - 2015-08-06 17:37 - 00000000 ____D C:\Users\GaberFamily\AppData\Roaming\vlc
2016-08-20 12:25 - 2015-08-03 20:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-08-20 11:57 - 2016-03-28 16:38 - 00000000 ____D C:\Users\GaberFamily\Documents\The Witcher 3
2016-08-20 11:57 - 2015-08-01 13:50 - 00000000 ____D C:\Users\GaberFamily\AppData\Roaming\qBittorrent
2016-08-20 11:28 - 2016-02-26 19:09 - 00000000 ____D C:\Users\GaberFamily\AppData\Roaming\IObit
2016-08-20 11:28 - 2016-02-26 19:09 - 00000000 ____D C:\ProgramData\IObit
2016-08-20 10:30 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\Vss
2016-08-20 09:15 - 2016-02-05 22:40 - 00000132 _____ C:\Users\GaberFamily\AppData\Roaming\Adobe PNG Format CS6 Prefs
2016-08-20 07:36 - 2016-07-23 23:54 - 00000000 ____D C:\Users\GaberFamily\Desktop\MyLogoWork
2016-08-19 14:14 - 2016-01-20 17:31 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-08-19 14:14 - 2015-08-01 02:30 - 00000000 ____D C:\ProgramData\Skype
2016-08-18 08:22 - 2015-10-06 20:12 - 14218072 _____ C:\Users\GaberFamily\Desktop\t6mp_ps3f.self
2016-08-16 14:10 - 2015-08-13 17:05 - 00000000 ____D C:\Program Files (x86)\ControlConsoleAPI
2016-08-16 10:28 - 2015-08-01 05:24 - 00000000 ____D C:\Users\GaberFamily\AppData\Local\Packages
2016-08-16 09:13 - 2015-08-01 02:30 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-08-16 09:12 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\appcompat
2016-08-16 01:45 - 2016-06-14 23:45 - 00223304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2016-08-15 18:31 - 2016-07-16 07:49 - 00000000 ____D C:\WINDOWS\Setup
2016-08-15 18:31 - 2016-07-16 07:47 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-08-15 18:30 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2016-08-15 18:30 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2016-08-15 18:30 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\system32\et-EE
2016-08-15 18:30 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\system32\es-MX
2016-08-15 18:30 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\system32\en-GB
2016-08-15 18:28 - 2016-07-16 07:43 - 00471040 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2016-08-15 18:28 - 2016-07-16 07:43 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2016-08-15 18:28 - 2016-07-16 07:43 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2016-08-15 18:28 - 2016-07-16 07:43 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2016-08-15 18:28 - 2016-07-16 07:43 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2016-08-15 18:28 - 2016-07-16 07:43 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2016-08-15 18:28 - 2016-07-16 07:43 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2016-08-15 18:28 - 2016-07-16 07:43 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2016-08-15 18:28 - 2016-07-16 07:43 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2016-08-15 18:28 - 2016-07-16 07:43 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2016-08-15 18:28 - 2016-07-16 07:43 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2016-08-15 18:28 - 2016-07-16 07:43 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2016-08-15 18:28 - 2016-07-16 07:43 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2016-08-15 18:28 - 2016-07-16 07:43 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2016-08-15 18:28 - 2016-07-16 07:43 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2016-08-15 18:28 - 2016-07-16 07:43 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll
2016-08-15 18:28 - 2016-07-16 07:43 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll
2016-08-15 18:28 - 2016-07-16 07:43 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll
2016-08-15 18:10 - 2015-08-01 05:24 - 00000000 ____D C:\Users\GaberFamily\AppData\Local\TileDataLayer
2016-08-15 14:41 - 2015-08-01 05:25 - 00002385 _____ C:\Users\GaberFamily\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-08-15 14:41 - 2015-08-01 05:25 - 00000000 ___RD C:\Users\GaberFamily\OneDrive
2016-08-15 14:39 - 2015-12-24 23:35 - 00000400 __RSH C:\ProgramData\ntuser.pol
2016-08-15 14:38 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\rescache
2016-08-15 14:38 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\Registration
2016-08-15 14:38 - 2016-07-16 07:47 - 00000000 ____D C:\ProgramData\USOPrivate
2016-08-15 14:37 - 2016-07-16 07:47 - 00000000 __RSD C:\WINDOWS\Media
2016-08-15 14:37 - 2016-07-16 07:47 - 00000000 __RHD C:\Users\Public\Libraries
2016-08-15 14:37 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-08-15 14:37 - 2015-12-09 21:57 - 00022840 _____ C:\WINDOWS\system32\emptyregdb.dat
2016-08-15 14:37 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2016-08-15 14:37 - 2015-10-25 20:37 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-08-15 14:36 - 2016-07-23 22:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2016-08-15 14:36 - 2016-07-16 07:47 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files
2016-08-15 14:36 - 2016-06-16 13:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hauppauge
2016-08-15 14:36 - 2016-06-06 21:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
2016-08-15 14:36 - 2016-06-06 21:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XLink Kai
2016-08-15 14:36 - 2016-05-29 15:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deluge
2016-08-15 14:36 - 2016-05-15 20:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 4
2016-08-15 14:36 - 2016-03-30 14:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Corsair Utility Engine
2016-08-15 14:36 - 2016-03-29 21:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
2016-08-15 14:36 - 2016-02-23 00:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio
2016-08-15 14:36 - 2015-12-18 22:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2016-08-15 14:36 - 2015-11-17 16:58 - 00000000 ____D C:\Users\GaberFamily\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Private Internet Access
2016-08-15 14:36 - 2015-11-02 01:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016 Tools
2016-08-15 14:36 - 2015-10-30 05:07 - 00000000 ____D C:\WINDOWS\ShellNew
2016-08-15 14:36 - 2015-10-11 13:04 - 00000000 ____D C:\Users\GaberFamily\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Link Shell Extension
2016-08-15 14:36 - 2015-10-01 22:36 - 00000000 ____D C:\Users\GaberFamily\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Control Center
2016-08-15 14:36 - 2015-09-15 11:10 - 00000000 ____D C:\Users\GaberFamily\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OBS Multiplatform
2016-08-15 14:36 - 2015-09-13 10:10 - 00000000 ____D C:\Users\GaberFamily\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server
2016-08-15 14:36 - 2015-09-13 10:10 - 00000000 ____D C:\Users\GaberFamily\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2016-08-15 14:36 - 2015-09-04 18:46 - 00000000 ____D C:\WINDOWS\en
2016-08-15 14:36 - 2015-08-01 14:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2016-08-15 14:36 - 2015-08-01 03:07 - 00000000 ____D C:\WINDOWS\system32\STRING
2016-08-15 14:36 - 2015-08-01 02:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-08-15 14:36 - 2015-08-01 02:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-08-15 14:36 - 2015-08-01 02:29 - 00000000 ____D C:\Users\GaberFamily\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-08-15 14:36 - 2015-08-01 02:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-08-15 14:36 - 2015-08-01 02:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2016-08-15 14:34 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-08-15 14:34 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2016-08-15 14:34 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\system32\spool
2016-08-15 14:34 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-08-15 14:34 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-08-15 14:34 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-08-15 14:34 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-08-15 14:34 - 2016-07-16 07:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-08-15 14:34 - 2016-06-18 12:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2016-08-15 14:34 - 2016-05-07 10:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2016-08-15 14:34 - 2016-03-10 22:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vulkan 1.0.3.0
2016-08-15 14:34 - 2016-01-20 17:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-08-15 14:34 - 2015-09-26 22:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SCE
2016-08-15 14:34 - 2015-08-23 00:43 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2016-08-15 14:34 - 2015-08-08 19:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen
2016-08-15 14:34 - 2015-08-01 13:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MumboJumbo Games
2016-08-15 14:34 - 2015-08-01 05:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Killer Networking
2016-08-15 14:34 - 2015-08-01 03:07 - 00000000 ___HD C:\WINDOWS\system32\CanonIJ Uninstaller Information
2016-08-15 14:34 - 2015-08-01 03:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2016-08-15 14:34 - 2015-08-01 03:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MX430 series
2016-08-15 14:34 - 2015-08-01 02:29 - 00000000 ____D C:\WINDOWS\SysWOW64\Adobe
2016-08-15 14:33 - 2016-07-16 07:47 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-08-15 14:33 - 2016-07-16 07:47 - 00000000 ___RD C:\WINDOWS\MiracastView
2016-08-15 14:33 - 2016-07-16 02:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-08-15 14:33 - 2016-02-20 04:27 - 00000000 ____D C:\Users\GaberFamily\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2016-08-15 14:33 - 2016-02-20 02:54 - 00000000 ____D C:\Users\GaberFamily\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc
2016-08-15 14:33 - 2015-07-10 07:04 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2016-08-15 14:32 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\Help
2016-08-14 01:25 - 2015-09-08 11:57 - 00000000 ____D C:\ProgramData\Origin
2016-08-13 23:44 - 2015-10-11 12:18 - 00226168 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe
2016-08-13 23:44 - 2015-10-11 12:18 - 00214392 _____ C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2016-08-13 20:26 - 2016-06-20 20:00 - 00000000 ____D C:\Users\GaberFamily\AppData\Roaming\Audacity
2016-08-13 00:29 - 2015-09-04 18:46 - 00000000 ____D C:\Users\GaberFamily\AppData\Local\Windows Live
2016-08-11 21:32 - 2015-10-24 00:28 - 00000034 _____ C:\Users\GaberFamily\AppData\Roaming\AdobeWLCMCache.dat
2016-08-11 10:33 - 2016-07-15 14:56 - 03901520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2016-08-11 10:33 - 2016-07-15 14:56 - 03443152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-08-11 10:33 - 2016-07-15 14:56 - 00040827 _____ C:\WINDOWS\system32\nvinfo.pb
2016-08-11 04:54 - 2016-06-27 16:36 - 00000000 ____D C:\temp
2016-08-10 11:10 - 2016-02-23 00:11 - 00001279 _____ C:\Users\Public\Desktop\OBS Studio.lnk
2016-08-09 18:36 - 2016-02-20 02:54 - 00000000 ____D C:\Users\GaberFamily\AppData\Local\Discord
2016-08-09 18:35 - 2016-02-20 02:54 - 00002267 _____ C:\Users\GaberFamily\Desktop\Discord.lnk
2016-08-09 18:35 - 2016-02-20 02:54 - 00000000 ____D C:\Users\GaberFamily\AppData\Roaming\discord
2016-08-06 23:07 - 2015-12-13 23:37 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-08-05 00:20 - 2015-08-01 02:29 - 00000000 ____D C:\Program Files\FileZilla FTP Client
2016-08-04 03:25 - 2015-08-08 19:04 - 00000000 ____D C:\ProgramData\Avg
2016-08-04 01:55 - 2015-08-08 19:04 - 00000943 _____ C:\Users\Public\Desktop\AVG.lnk
2016-08-03 00:44 - 2015-08-01 02:30 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-08-01 17:33 - 2016-07-14 17:06 - 00000000 ____D C:\Users\GaberFamily\Documents\Adobe
2016-08-01 17:10 - 2016-07-23 23:38 - 00000300 _____ C:\WINDOWS\MSUTIL.INI
2016-07-27 15:25 - 2015-08-01 13:32 - 00504488 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-07-26 14:59 - 2015-09-14 18:54 - 00000000 ____D C:\Users\GaberFamily\AppData\Roaming\TeamViewer
2016-07-26 14:40 - 2015-11-17 16:58 - 00027136 _____ (The OpenVPN Project) C:\WINDOWS\system32\Drivers\tap0901.sys
2016-07-26 14:40 - 2015-11-17 16:58 - 00000000 ____D C:\Program Files\pia_manager
 
==================== Files in the root of some directories =======
 
2016-02-05 22:40 - 2016-08-20 09:15 - 0000132 _____ () C:\Users\GaberFamily\AppData\Roaming\Adobe PNG Format CS6 Prefs
2015-10-24 00:28 - 2016-08-11 21:32 - 0000034 _____ () C:\Users\GaberFamily\AppData\Roaming\AdobeWLCMCache.dat
2016-08-23 20:31 - 2016-08-24 00:22 - 0438288 ___SH () C:\Users\GaberFamily\AppData\Roaming\fbTFciUgbVKI
2015-11-21 15:26 - 2015-11-21 15:26 - 0000099 _____ () C:\Users\GaberFamily\AppData\Roaming\LauncherSettings_live.cfg
2016-08-16 10:38 - 2016-08-15 21:57 - 0312336 ___SH () C:\Users\GaberFamily\AppData\Roaming\YddNBGZaaOXh
2016-02-13 23:22 - 2016-02-13 23:22 - 229845735 _____ () C:\Users\GaberFamily\AppData\Local\ACCCx3_4_3_189.zip.aamdownload
2016-02-13 23:22 - 2016-02-13 23:22 - 0002657 _____ () C:\Users\GaberFamily\AppData\Local\ACCCx3_4_3_189.zip.aamdownload.aamd
2016-04-03 15:33 - 2016-04-03 15:33 - 238722213 _____ () C:\Users\GaberFamily\AppData\Local\ACCCx3_5_1_209.zip.aamdownload
2016-04-03 15:33 - 2016-04-03 15:33 - 0002741 _____ () C:\Users\GaberFamily\AppData\Local\ACCCx3_5_1_209.zip.aamdownload.aamd
2015-08-01 05:26 - 2015-08-01 05:26 - 0000000 _____ () C:\Users\GaberFamily\AppData\Local\Driver_LOM_8161Present.flag
2016-08-20 10:58 - 2016-08-20 10:58 - 0000218 _____ () C:\Users\GaberFamily\AppData\Local\recently-used.xbel
2015-08-01 03:14 - 2015-08-01 03:14 - 0007604 _____ () C:\Users\GaberFamily\AppData\Local\Resmon.ResmonCfg
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2016-08-15 14:32
 
==================== End of FRST.txt ============================
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-08-2016 01
Ran by GaberFamily (25-08-2016 16:41:29)
Running from C:\Users\GaberFamily\Desktop
Windows 10 Pro Version 1607 (X64) (2016-08-15 18:39:54)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2744257987-3702739802-1486994692-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2744257987-3702739802-1486994692-503 - Limited - Disabled)
GaberFamily (S-1-5-21-2744257987-3702739802-1486994692-1001 - Administrator - Enabled) => C:\Users\GaberFamily
Guest (S-1-5-21-2744257987-3702739802-1486994692-501 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG AntiVirus Free Edition (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.017.20053 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.180 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Adobe Flash Player 23 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 23.0.0.134 - Adobe Systems Incorporated)
Adobe Illustrator CC 2015 (HKLM-x32\...\{5680D629-B263-49CC-821E-3CEBD4507B51}) (Version: 19.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.9.160 - Adobe Systems, Inc.)
Ansel (Version: 372.54 - NVIDIA Corporation) Hidden
Apple Application Support (32-bit) (HKLM-x32\...\{D4B07658-F443-4445-A261-E643996E139D}) (Version: 4.3.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{A6B0442B-E159-444B-B49D-6B9AC531EAE3}) (Version: 4.3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
AVG (HKLM\...\AvgZen) (Version: 1.82.2.30772 - AVG Technologies)
AVG (Version: 16.101.7752 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4647 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.101.7752 - AVG Technologies)
AVG Zen (Version: 1.82.2 - AVG Technologies) Hidden
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.7.2.45672 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
BleachBit (HKLM-x32\...\BleachBit) (Version: 1.12 - BleachBit)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon MP Navigator EX 5.1 (HKLM-x32\...\MP Navigator EX 5.1) (Version:  - )
Canon MX430 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX430_series) (Version:  - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.21 - Piriform)
Citrix Receiver (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 14.4.0.8014 - Citrix Systems, Inc.)
Classic Shell (HKLM\...\{383BB30A-B4A7-4666-9A83-22CFA8640097}) (Version: 4.3.0 - IvoSoft)
ControlConsole API version 2.60 (HKLM-x32\...\{E6C0F5ED-B5EA-451D-8CB1-57902AA188DE}_is1) (Version: 2.60 - Enstone)
CopyTrans Control Center Uninstall Only (HKU\S-1-5-21-2744257987-3702739802-1486994692-1001\...\CopyTrans Suite) (Version: 4.004 - WindSolutions)
Corsair Utility Engine (HKLM-x32\...\{46A3EEB3-8F6F-4BC4-9A53-CDE33D089D08}) (Version: 1.16.42 - Corsair)
Counter-Strike (HKLM\...\Steam App 10) (Version:  - Valve)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Deluge 1.3.12 (HKLM-x32\...\Deluge) (Version:  - )
Discord (HKU\S-1-5-21-2744257987-3702739802-1486994692-1001\...\Discord) (Version: 0.0.292 - Hammer & Chisel, Inc.)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
FileZilla Client 3.19.0 (HKLM-x32\...\FileZilla Client) (Version: 3.19.0 - Tim Kosse)
FMW 1 (Version: 1.122.3 - AVG Technologies) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 52.0.2743.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Gyazo 3.2.6 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version:  - Nota Inc.)
Hauppauge Capture (HKLM-x32\...\Hauppauge Capture) (Version: 1.0.34057 - Hauppauge Computer Works)
Hauppauge Device Central (HKLM-x32\...\Hauppauge Device Central) (Version: 1.3.34023 - Hauppauge Computer Works, Inc.)
Intel® C++ Redistributables on Intel® 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
Intel® Chipset Device Software (x32 Version: 10.0.27 - Intel® Corporation) Hidden
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4331 - Intel Corporation)
iTunes (HKLM\...\{955524E7-79EB-4CA9-BA4D-FD2DF587651B}) (Version: 12.4.3.1 - Apple Inc.)
Killer Bandwidth Control Filter Driver (Version: 1.1.55.1530 - Rivet Networks) Hidden
Killer E220x Drivers (Version: 1.1.55.1530 - Rivet Networks) Hidden
Killer Network Manager (Version: 1.1.55.1530 - Rivet Networks) Hidden
Killer Performance Suite (HKLM-x32\...\{D1B8FFFE-90FB-42C9-A6CE-808248F2747C}) (Version: 1.1.55.1530 - Rivet Networks)
Link Shell Extension (HKLM\...\HardlinkShellExt) (Version: 3.8.6.3 - Hermann Schinagl)
Logitech G430 Driver (HKLM-x32\...\G430_Driver) (Version: 8.53.0.2 - Logitech)
Logitech Gaming Software 8.76 (HKLM\...\Logitech Gaming Software) (Version: 8.76.155 - Logitech Inc.)
Luxor 2 HD version 12.11.05.0001 (HKLM-x32\...\{9C5E20CE-15E2-46A7-B9F6-A1FA55238646}_is1) (Version: 12.11.05.0001 - Killjoy & Pain, Inc.)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 16.0.7167.2040 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 39.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 en-US)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 39.0 - Mozilla)
MSI Afterburner 4.1.1 (HKLM-x32\...\Afterburner) (Version: 4.1.1 - MSI Co., LTD)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.9.2 - Notepad++ Team)
NVIDIA 3D Vision Controller Driver 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 372.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 372.54 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.11.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.0 - NVIDIA Corporation)
NVIDIA Graphics Driver 372.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 372.54 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.15 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.15 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
OBS Multiplatform (HKLM-x32\...\OBS Multiplatform) (Version: 0.12.3 - OBS Project)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 0.14.2 - OBS Project)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7167.2040 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7167.2040 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7167.2040 - Microsoft Corporation) Hidden
Online Plug-in (x32 Version: 14.4.0.8014 - Citrix Systems, Inc.) Hidden
Oracle VM VirtualBox 5.1.4 (HKLM\...\{4EF3FBF6-697D-440A-AADA-7F5D39B73E62}) (Version: 5.1.4 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.7.2.53208 - Electronic Arts, Inc.)
paint.net (HKLM\...\{DF3A46D9-67B3-44B2-9D01-25C8BA772C8A}) (Version: 4.0.6 - dotPDN LLC)
Private Internet Access Support Files (HKLM-x32\...\{7D72DAFF-DCB2-437B-BC22-4B2ABF21462B}) (Version: 1.0.0.0 - Private Internet Access)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
qBittorrent 3.3.4 (HKLM-x32\...\qBittorrent) (Version: 3.3.4 - The qBittorrent project)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7727 - Realtek Semiconductor Corp.)
RivaTuner Statistics Server 6.3.0 (HKLM-x32\...\RTSS) (Version: 6.3.0 - Unwinder)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.9.5 - Rockstar Games)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.)
SCE ProDG Debugger Documentation for PlayStation®3 v420.1.0 (HKLM-x32\...\{D7BF9F65-76E8-44BA-948A-875863CF3144}) (Version: 4.20.1 - Sony Computer Entertainment Ltd. / SN Systems Ltd.)
SCE ProDG Debugger for PlayStation®3 v420.1.0 (HKLM-x32\...\{6C8B2A8A-50E7-4D9F-80E7-94CBD6148FBB}) (Version: 4.20.1 - Sony Computer Entertainment Ltd. / SN Systems Ltd.)
SCE ProDG Target Manager Documentation for PlayStation®3 v420.1.0 (HKLM-x32\...\{6DDB0863-803D-4814-A39F-E395A5D4EE34}) (Version: 4.20.1 - Sony Computer Entertainment Ltd. / SN Systems Ltd.)
SCE ProDG Target Manager for PlayStation®3 v420.1.0 (HKLM-x32\...\{149E5890-9C43-4E68-92A3-5516705D1CAD}) (Version: 4.20.1 - Sony Computer Entertainment Ltd. / SN Systems Ltd.)
Self-service Plug-in (x32 Version: 4.4.0.11833 - Citrix Systems, Inc.) Hidden
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.4.0 - NVIDIA Corporation) Hidden
Skype™ 7.26 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.26.101 - Skype Technologies S.A.)
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.16052.2 - Samsung Electronics Co., Ltd.)
Smart Switch (x32 Version: 4.1.16052.2 - Samsung Electronics Co., Ltd.) Hidden
SN Systems SN Launcher v1.0.7.1 (HKLM-x32\...\{C72CA33A-AA67-4CB8-BD94-E2ABDED81173}) (Version: 1.0.7.1 - Sony Computer Entertainment Ltd. / SN Systems Ltd.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1222 - SUPERAntiSpyware.com)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.63017 - TeamViewer)
The Witcher 3 - Wild Hunt (HKLM-x32\...\The Witcher 3 - Wild Hunt_is1) (Version:  - )
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 17.0 - Ubisoft)
Vegas Pro 13.0 (64-bit) (HKLM\...\{1EEE0BEE-0BC8-11E5-A19E-F04DA23A5C58}) (Version: 13.0.453 - Sony)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
Windows 10 Upgrade Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17350 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
XLink Kai (HKLM-x32\...\{d86f7b48-48d2-4848-8a06-62ae2ab8c766}) (Version: 7.4.30.1 - Team XLink)
XLink Kai (x32 Version: 7.4.30.1 - Team XLink) Hidden
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-2744257987-3702739802-1486994692-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\GaberFamily\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\FileCoAuth.exe (Microsoft Corporation)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {08A046CC-7D99-49DE-B4A0-0E17E8635177} - System32\Tasks\Private Internet Access Startup => C:\Program Files\pia_manager\pia_manager.exe [2016-07-26] ()
Task: {0FD1A556-F465-469F-B729-4B96EF1AD9B3} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2016-08-03] ()
Task: {2587701E-A03A-4275-9D5E-67284319E9FF} - System32\Tasks\Red Giant Link => C:\Program Files\Red Giant Link\Red Giant Link.exe
Task: {35DC49FE-F5A3-4C99-9A59-6C5A4040F08D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-08-23] (Microsoft Corporation)
Task: {4053CE05-A0A5-4C9D-AD29-48B6C354443A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-21] (Google Inc.)
Task: {4562B7EE-9BE6-4244-8056-A003AF01DF73} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-08-11] (Microsoft Corporation)
Task: {4890E127-5F59-4C06-BE02-B62C9181A452} - System32\Tasks\GyazoUpdateTaskMachineDaily => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2016-08-03] ()
Task: {803DB7F7-5082-4EF7-909A-28973D3662F1} - System32\Tasks\RunAsStdUser Task => C:\Program Files (x86)\iWin Games\iWinGames.exe
Task: {862E1D3A-BFCF-4C64-BB0D-088457D96CF2} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-08-05] (Piriform Ltd)
Task: {8736E581-02C7-4D7E-948D-5D4C4C17A354} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-21] (Google Inc.)
Task: {89B8FFCC-9B4D-4323-8ACB-DCB69F959DA8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-08-15] (Adobe Systems Incorporated)
Task: {9117430B-6CFB-4CF2-A4D7-6406AAC53F18} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-08-23] (Microsoft Corporation)
Task: {9DE6639A-164D-40B4-8751-631A080EAE6D} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-08-11] (Microsoft Corporation)
Task: {B5B5D5FE-A900-430E-8843-756C455E83FC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-06-25] (Adobe Systems Incorporated)
Task: {D77B92E1-8F13-4254-B573-6D645A837354} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-08-24] (Microsoft Corporation)
Task: {D84102D1-AAD8-4EF3-A4F5-F07AF8B96DE5} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {F4E9EFDB-9C56-4A91-9CA0-DFA44034C329} - System32\Tasks\AdobeAAMUpdater-1.0-GABER-FAMILY-GaberFamily => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-04-28] (Adobe Systems Incorporated)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
Shortcut: C:\Users\GaberFamily\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Link Shell Extension\Donate.lnk -> hxxp://schinagl.priv.at/nt/hardlinkshellext/linkshellextension.html
 
ShortcutWithArgument: C:\Users\GaberFamily\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"
 
==================== Loaded Modules (Whitelisted) ==============
 
2016-07-16 07:42 - 2016-07-16 07:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-07-16 07:42 - 2016-07-16 07:42 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-08-15 14:32 - 2016-08-11 08:27 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-03-18 22:56 - 2016-03-18 22:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-07-05 15:23 - 2016-07-05 15:23 - 01354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-05-15 21:42 - 2016-05-15 21:42 - 00076152 _____ () C:\WINDOWS\system32\PnkBstrA.exe
2016-07-15 20:57 - 2016-06-14 16:03 - 00367552 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-07-15 20:57 - 2016-06-14 16:03 - 00288192 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-07-15 20:57 - 2016-06-14 16:03 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-07-15 20:57 - 2016-06-14 16:03 - 03611584 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2016-07-15 20:57 - 2016-06-14 16:03 - 02665920 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-07-15 20:57 - 2016-06-14 16:03 - 01988544 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-07-15 20:57 - 2016-06-14 16:03 - 01840576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-07-15 20:57 - 2016-06-14 16:03 - 00207296 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2016-07-16 07:42 - 2016-07-16 07:42 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-08-15 14:41 - 2016-08-15 14:41 - 00959168 _____ () C:\Users\GaberFamily\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64\ClientTelemetry.dll
2016-03-16 15:46 - 2016-08-23 20:46 - 08921800 _____ () C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\1033\GrooveIntlResource.dll
2004-09-30 14:15 - 2004-09-30 14:15 - 00192000 _____ () C:\Program Files\LinkShellExtension\RockallDLL.dll
2016-07-16 07:42 - 2016-07-16 07:42 - 00130048 _____ () C:\WINDOWS\SYSTEM32\CHARTV.dll
2016-07-15 20:57 - 2016-06-14 16:03 - 00034240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-07-15 20:57 - 2016-06-14 16:03 - 00920000 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2016-07-16 07:42 - 2016-07-16 07:42 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-08-24 08:06 - 2016-08-05 23:43 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-08-24 08:07 - 2016-08-05 23:28 - 09761280 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-08-24 08:07 - 2016-08-05 23:21 - 01401344 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-08-24 08:07 - 2016-08-05 23:21 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-08-24 08:07 - 2016-08-05 23:21 - 01033728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-08-24 08:07 - 2016-08-05 23:23 - 02438144 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-08-24 08:07 - 2016-08-05 23:23 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-08-24 08:07 - 2016-08-05 23:20 - 00114176 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Dss.BackgroundTask.dll
2016-08-21 19:39 - 2016-08-02 19:41 - 02366280 _____ () C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\libglesv2.dll
2016-08-21 19:39 - 2016-08-02 19:40 - 00107848 _____ () C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\libegl.dll
2015-03-06 20:07 - 2015-03-06 20:07 - 00908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2015-11-20 17:41 - 2015-11-20 17:41 - 01095448 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-06 20:07 - 2015-03-06 20:07 - 00060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2015-11-20 17:41 - 2015-11-20 17:41 - 00240408 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2016-08-23 06:37 - 2016-08-23 06:38 - 00055808 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11607.1001.51.0_x64__8wekyb3d8bbwe\WinStoreTasksWrapper.dll
2016-08-16 10:28 - 2016-08-16 10:28 - 00071168 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.102.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2016-08-16 10:28 - 2016-08-16 10:28 - 00178176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.102.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-08-16 10:28 - 2016-08-16 10:28 - 35290624 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.102.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2016-08-24 08:07 - 2016-08-05 23:20 - 00115712 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\DeviceSideServicesActionUriHandler.dll
2016-08-24 08:07 - 2016-08-05 23:20 - 00522752 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.NodeWinrtWrap.dll
2016-07-16 07:43 - 2016-07-16 10:28 - 00040448 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\winrt-projections\bin\Winrt_Projections.node
2016-07-16 07:43 - 2016-07-16 10:27 - 00813056 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.web.http\bin\NodeRT_Windows_Web_Http.node
2016-07-16 07:43 - 2016-07-16 10:28 - 00963584 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.web.http.headers\bin\NodeRT_Windows_Web_Http_Headers.node
2016-07-16 07:43 - 2016-07-16 10:28 - 00249344 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.web.http.filters\bin\NodeRT_Windows_Web_Http_Filters.node
2016-07-16 07:43 - 2016-07-16 10:28 - 00572416 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.storage.streams\bin\NodeRT_Windows_Storage_Streams.node
2016-07-16 07:43 - 2016-07-16 10:28 - 00403968 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.foundation\bin\NodeRT_Windows_Foundation.node
2016-07-16 07:43 - 2016-07-16 10:27 - 00183296 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\nodert-buffer-utils\bin\NodeRT_Buffer_Utils.node
2016-07-16 07:43 - 2016-07-16 10:27 - 00288256 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.cortana.pal\bin\NodeRT_Windows_Cortana_PAL.node
2016-07-07 02:06 - 2016-06-14 16:03 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-03-23 11:04 - 2016-03-23 11:04 - 00091136 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\LuaQtWrapperLibrary.dll
2016-03-23 11:02 - 2016-03-23 11:02 - 00224256 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\quazip.dll
2016-03-23 11:02 - 2016-03-23 11:02 - 00200704 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\lua52.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\ProgramData\TEMP:2CB9631F [134]
AlternateDataStreams: C:\ProgramData\TEMP:E0AE69BE [123]
AlternateDataStreams: C:\Users\Public\DRM:احتضان [98]
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\38264578.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\38264578.sys => ""="Driver"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2015-07-10 07:04 - 2016-08-24 10:49 - 00000826 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2744257987-3702739802-1486994692-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "AvgUi"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "ConnectionCenter"
HKLM\...\StartupApproved\Run32: => "Redirector"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKLM\...\StartupApproved\Run32: => "vmware-tray.exe"
HKU\S-1-5-21-2744257987-3702739802-1486994692-1001\...\StartupApproved\StartupFolder: => "SDNaUAOfcYRaVWVC.cmd.lnk"
HKU\S-1-5-21-2744257987-3702739802-1486994692-1001\...\StartupApproved\StartupFolder: => "ePMGJCiIfeWIIffc.cmd.lnk"
HKU\S-1-5-21-2744257987-3702739802-1486994692-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2744257987-3702739802-1486994692-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-2744257987-3702739802-1486994692-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2744257987-3702739802-1486994692-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-2744257987-3702739802-1486994692-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-2744257987-3702739802-1486994692-1001\...\StartupApproved\Run: => "EvolveClient"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [UDP Query User{47090433-B8A6-46A6-A5CB-0906483F459D}D:\games\call of duty black ops 2\t6mpv43.exe] => (Allow) D:\games\call of duty black ops 2\t6mpv43.exe
FirewallRules: [TCP Query User{00D1A524-BDA0-4274-9163-56EE16BDFA75}D:\games\call of duty black ops 2\t6mpv43.exe] => (Allow) D:\games\call of duty black ops 2\t6mpv43.exe
FirewallRules: [UDP Query User{37CC89AE-C824-4AB5-AC62-9B80B94C596F}D:\games\call of duty black ops 2\t6zmv41.exe] => (Block) D:\games\call of duty black ops 2\t6zmv41.exe
FirewallRules: [TCP Query User{186C3BC2-71C7-4986-8714-12798CF4F9DD}D:\games\call of duty black ops 2\t6zmv41.exe] => (Block) D:\games\call of duty black ops 2\t6zmv41.exe
FirewallRules: [{24C4C5BB-4FBD-4989-BA6B-F34427DA72C7}] => (Allow) D:\Steam\steamapps\common\theHunter\launcher\launcher.exe
FirewallRules: [{55C51C0D-6678-47B0-8B22-3ECBCC0D87C8}] => (Allow) D:\Steam\steamapps\common\theHunter\launcher\launcher.exe
FirewallRules: [{E59925DA-2EA4-4154-94D6-67CDC301208C}] => (Allow) D:\Steam\steamapps\common\Call of Duty Black Ops III\BlackOps3.exe
FirewallRules: [{FF6F8154-930E-428B-B56E-17CC36F3869A}] => (Allow) D:\Steam\steamapps\common\Call of Duty Black Ops III\BlackOps3.exe
FirewallRules: [{4AEDB200-80AB-4421-BACE-D42DD5AA275E}] => (Allow) D:\Steam\steamapps\common\Double Action\bin\hammer.exe
FirewallRules: [{9CDDD659-5DEF-4A07-8649-851B3B331B7E}] => (Allow) D:\Steam\steamapps\common\Double Action\bin\hammer.exe
FirewallRules: [{7F591425-95C0-4246-862E-73F152811DB9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{C9C3E5DA-7EEF-445E-BC7D-FD58F159F8B5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{763BB12A-25CE-4B42-A8AB-D18B66D2B19A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{5BC6EF96-FFDD-4F0B-9E3B-A62FCB57A259}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{5D3635DA-FA58-4457-970F-5C547CF84A4E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{88664A8F-0FFA-414C-9BB5-DE5D0B3FBBE1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{BD8473B3-1A1A-4FBC-8B3B-D651676484ED}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{5763C6ED-F6CD-49E5-B25C-B921E606DE19}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{CA468E5C-7D2D-4696-B457-B779B34E32D6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{39DE735F-FC6E-4605-893B-C0E9A3DD18D4}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{938FE918-60ED-4089-A52D-635DB414A9C3}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{8651535E-5E4E-440E-8978-9AFFD6EA43C5}] => (Allow) D:\Steam\steamapps\common\FreeStyle2\LauncherSteam.exe
FirewallRules: [{18DEAD1B-1977-4211-A801-8A442F6077F4}] => (Allow) D:\Steam\steamapps\common\FreeStyle2\LauncherSteam.exe
FirewallRules: [{55DB37E3-043D-44E8-9DB6-A12D3285FF49}] => (Block) %USERPROFILE%\Desktop\BO1 By TrickyModz V2 RTM Tool\Black OPS By TrickyModz.exe
FirewallRules: [UDP Query User{A65244D3-C74E-44AC-AC62-CE66E0F25A7F}D:\program files (x86)\hauppauge\capture\hauppaugecapture.exe] => (Block) D:\program files (x86)\hauppauge\capture\hauppaugecapture.exe
FirewallRules: [TCP Query User{D096FEAD-9B40-4CE0-9047-6F098CDC6565}D:\program files (x86)\hauppauge\capture\hauppaugecapture.exe] => (Block) D:\program files (x86)\hauppauge\capture\hauppaugecapture.exe
FirewallRules: [UDP Query User{C30A215B-4CA7-444F-A560-33B4B51176C3}D:\program files (x86)\hauppauge\capture\hauppaugecapture.exe] => (Allow) D:\program files (x86)\hauppauge\capture\hauppaugecapture.exe
FirewallRules: [TCP Query User{415E2890-A40E-4800-B720-546885DF8B44}D:\program files (x86)\hauppauge\capture\hauppaugecapture.exe] => (Allow) D:\program files (x86)\hauppauge\capture\hauppaugecapture.exe
FirewallRules: [{015B1072-F323-42C6-8A2E-484D94856694}] => (Allow) D:\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{11792A9C-0FB6-4CB0-9049-152654EE2EB3}] => (Allow) D:\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [UDP Query User{9A94EB8A-F943-42BD-AE3C-40130802EEB3}C:\program files (x86)\xlink kai\kaiengine.exe] => (Allow) C:\program files (x86)\xlink kai\kaiengine.exe
FirewallRules: [TCP Query User{41AF9500-D33E-4666-B802-68C4F5ECC669}C:\program files (x86)\xlink kai\kaiengine.exe] => (Allow) C:\program files (x86)\xlink kai\kaiengine.exe
FirewallRules: [UDP Query User{14EA63B5-CA76-4D13-9D8C-AAE3FA3198B7}C:\program files (x86)\deluge\deluge.exe] => (Allow) C:\program files (x86)\deluge\deluge.exe
FirewallRules: [TCP Query User{38725D6E-DD59-48DE-B71F-1AFD34F392FF}C:\program files (x86)\deluge\deluge.exe] => (Allow) C:\program files (x86)\deluge\deluge.exe
FirewallRules: [UDP Query User{6EC9ABE2-8F98-40EB-B1BD-EA5BCDDE7765}D:\origin\battlefield 4\bf4.exe] => (Allow) D:\origin\battlefield 4\bf4.exe
FirewallRules: [TCP Query User{C9EFD51F-1148-49F8-96E3-524B845AB679}D:\origin\battlefield 4\bf4.exe] => (Allow) D:\origin\battlefield 4\bf4.exe
FirewallRules: [{85C04946-D071-4595-A3DF-E7A06AD0F3C2}] => (Allow) D:\Origin\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{FE605BEB-312A-4AB2-8F49-5030D8C49F1B}] => (Allow) D:\Origin\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{BAA501E5-FD46-42FE-90C0-93BE1CE7C9B9}] => (Allow) D:\Origin\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{E3D13767-5133-4352-ABF0-B960EA4DE35B}] => (Allow) D:\Origin\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{3F388C24-1237-4F0F-9831-D08A74ADA60A}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{7DBE0CB8-F0E6-462D-ABAD-864F3940A942}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{EC560FF1-4C30-44C2-AC9B-A0A197487D41}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{D4EB7EA9-D500-4F82-8DC9-1DCD38E39094}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{1622008C-4223-42BA-A009-91D27068CD9A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{0216277B-7CB6-4915-9BC8-5CE1AFE79214}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{139DBDCD-B9B8-4891-9924-2A0E5398EB23}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{F7117B33-3CCC-4CBE-84C5-D65B7B4D6227}] => (Block) %USERPROFILE%\Desktop\MW3 1.24 Fast Hack Tool By RoBzMoDz-\MW3 Fast Hack Tool By RoBzMoDz-.exe
FirewallRules: [{D4B00859-42DB-462F-B995-43EC09FDEDAC}] => (Block) %USERPROFILE%\Desktop\MW3 1.24 Fast Hack Tool By RoBzMoDz-\MW3 Fast Hack Tool By RoBzMoDz-.exe
FirewallRules: [UDP Query User{C0FE114F-DD35-4321-BA84-4823DD613635}C:\program files (x86)\sn systems\ps3\bin\ps3tmserver.exe] => (Block) C:\program files (x86)\sn systems\ps3\bin\ps3tmserver.exe
FirewallRules: [TCP Query User{25743C19-8C8D-4E12-9B03-AA716BC9FF13}C:\program files (x86)\sn systems\ps3\bin\ps3tmserver.exe] => (Block) C:\program files (x86)\sn systems\ps3\bin\ps3tmserver.exe
FirewallRules: [UDP Query User{2CB9B00D-D0A8-4A5B-BDD5-A6843301AB57}C:\program files\filezilla ftp client\filezilla.exe] => (Allow) C:\program files\filezilla ftp client\filezilla.exe
FirewallRules: [TCP Query User{49528E81-9FE5-4088-82F4-7012506004EC}C:\program files\filezilla ftp client\filezilla.exe] => (Allow) C:\program files\filezilla ftp client\filezilla.exe
FirewallRules: [{3A37A32C-4626-4D70-BDE9-63E013DCB159}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe
FirewallRules: [{4AB23AD2-49A3-405F-B91D-41EBD8C1ED4E}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe
FirewallRules: [{6548366C-90D8-4B2F-88A7-188CA1BD0F73}] => (Block) D:\Games\The Witcher 3 Wild Hunt\bin\x64\witcher3.exe
FirewallRules: [{B528A0C1-0076-45B3-8793-CD61D9D76B6F}] => (Block) D:\Games\The Witcher 3 Wild Hunt\bin\x64\witcher3.exe
FirewallRules: [UDP Query User{2462DC02-0D88-48DC-B598-B861EA3DF65A}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{BE563559-ADE7-47ED-85F2-CD167262C396}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{A6A082A9-E2EF-446E-ADCE-74B0FF7B93ED}D:\steam\steamapps\common\arma 3\arma3.exe] => (Block) D:\steam\steamapps\common\arma 3\arma3.exe
FirewallRules: [TCP Query User{3DDCE773-7886-46F9-9E37-05A0DDFA5FF9}D:\steam\steamapps\common\arma 3\arma3.exe] => (Block) D:\steam\steamapps\common\arma 3\arma3.exe
FirewallRules: [{F1C8AACC-24C6-4CCB-BFAB-C587861FA531}] => (Allow) D:\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{9D08DB28-6193-4C97-AA6A-D84F6830F8EC}] => (Allow) D:\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{BAB4B6EC-3170-476F-991E-8A699480AF8F}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{AE54F347-220B-43F5-8E13-4DAC092E65EF}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{DC1D965F-98AD-4898-98DB-D5BBD3905899}] => (Allow) D:\Steam\steamapps\common\Call of Duty 4\iw3mp.exe
FirewallRules: [{7D6DA535-8A53-4A06-874E-C8615ED1DF73}] => (Allow) D:\Steam\steamapps\common\Call of Duty 4\iw3mp.exe
FirewallRules: [{65A84314-2192-4920-9674-82D9FE6E5283}] => (Allow) D:\Steam\steamapps\common\Call of Duty 4\iw3sp.exe
FirewallRules: [{92C5456E-97AF-46A6-834B-DB808323BCF4}] => (Allow) D:\Steam\steamapps\common\Call of Duty 4\iw3sp.exe
FirewallRules: [{6E792348-6457-4C2F-BD06-1426CFEAE978}] => (Allow) D:\Steam\steamapps\common\Double Action\hl2.exe
FirewallRules: [{AA41A3D0-CEF5-4AD2-A589-7591ED801F64}] => (Allow) D:\Steam\steamapps\common\Double Action\hl2.exe
FirewallRules: [{AF066DC0-4630-48EC-878F-16E072725752}] => (Allow) D:\Steam\steamapps\common\Verdun\Verdun.exe
FirewallRules: [{CE613808-5A20-4CE6-8A4C-2249D113D13D}] => (Allow) D:\Steam\steamapps\common\Verdun\Verdun.exe
FirewallRules: [UDP Query User{AC055964-1C78-4F6A-9E2E-0D6C3989B2CB}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [TCP Query User{3E456651-AE17-4242-B5D5-873A88D1AA61}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{9EBEC111-9D8E-4499-8D69-92163669D65F}] => (Allow) D:\Steam\steamapps\common\H1Z1\LaunchPad.exe
FirewallRules: [{E47A5CD0-21A8-4DDB-976B-5941CF8AE7E7}] => (Allow) D:\Steam\steamapps\common\H1Z1\LaunchPad.exe
FirewallRules: [UDP Query User{89FE015D-0F1D-4B0B-9DDA-FB153CCF1F85}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [TCP Query User{7A588237-317C-41D0-800E-F0456FB1D30A}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{0401C0B5-D417-4CCE-9D48-FF9F698F4EF5}] => (Allow) D:\Steam\steamapps\common\Arma 2\arma2.exe
FirewallRules: [{35118970-31DE-40C7-87B9-A3220AE16329}] => (Allow) D:\Steam\steamapps\common\Arma 2\arma2.exe
FirewallRules: [{D5EAF4CF-3888-4954-8BE1-0FAE512BE839}] => (Allow) D:\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{CADD4D6A-13A9-431B-862D-6030BF7CB37C}] => (Allow) D:\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{B4A59D18-493C-4E5F-9195-0A2D2D0633A1}] => (Allow) D:\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{3CC415DA-621B-4C02-A2F5-1CE415294EF8}] => (Allow) D:\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{2E1A6A58-755D-4F73-A45B-AF2D98A72744}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{2AB83AFA-CE88-409D-99E1-B5D433FCC7DA}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{63EAEB0B-2908-4913-8FEA-72EB97B2C05F}] => (Allow) D:\Steam\steamapps\common\Arma 2 Operation Arrowhead\DLCsetup\ACR\datacachepreprocessor.exe
FirewallRules: [{3A28C90C-C8F1-4074-A941-0431FE748212}] => (Allow) D:\Steam\steamapps\common\Arma 2 Operation Arrowhead\DLCsetup\ACR\datacachepreprocessor.exe
FirewallRules: [{1DDB4F8D-377C-4270-9043-0DD93ECE3452}] => (Allow) D:\Steam\steamapps\common\Arma 2 Operation Arrowhead\ArmA2OA.exe
FirewallRules: [{89ABF818-A719-41A5-85E0-DB4C18F6E039}] => (Allow) D:\Steam\steamapps\common\Arma 2 Operation Arrowhead\ArmA2OA.exe
FirewallRules: [{A6519B7A-8518-4BA1-9A62-EBBC466D9E4D}] => (Allow) D:\Steam\steamapps\common\Arma 2 Operation Arrowhead\ArmA2OA_BE.exe
FirewallRules: [{3F5CA2DF-3161-4039-A46F-FFCDB7191DC0}] => (Allow) D:\Steam\steamapps\common\Arma 2 Operation Arrowhead\ArmA2OA_BE.exe
FirewallRules: [{A082F17B-4D29-4FA4-A191-0A68F387EEE1}] => (Allow) D:\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{996A35CD-C85B-41E4-817B-8B1B5842371F}] => (Allow) D:\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{CDF87958-17D5-4B5A-B93C-1731F3C49577}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{99F709DC-EA4B-4055-A661-752C4EF555FD}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{C19AB460-AA28-4271-981A-A37527B9CADE}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{BB56623A-255A-4BCC-9630-59A0D70D92B7}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{F9B99710-876F-4721-BA7C-EF8D6E6427F4}] => (Allow) D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{FDDF9FE0-1AF0-4AF5-AB00-2CF76BB3B9F5}] => (Allow) D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{03F71D5E-2AA8-4A19-AB38-9E1B7673C9CE}] => (Allow) D:\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{B302674F-39E0-4221-8DAD-C71B00EDF77F}] => (Allow) D:\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{9C7C3C19-7B9D-43CA-AAB7-EF668A984614}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{C5062D96-ED77-4C34-8B0F-445FAC86EC8D}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{98F030BA-C871-4BEA-896F-361C046F161B}] => (Allow) D:\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{66489240-DF9B-480C-8B1B-12394CD5C308}] => (Allow) D:\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [TCP Query User{104F55F4-8765-4645-B550-C9FFCECECBD5}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{95535BDF-5601-4D9A-B54E-7DD383989F0D}] => (Allow) D:\Steam\steamapps\common\Call of Duty World at War\CoDWaW.exe
FirewallRules: [{5F637885-6CC6-45B2-8FF1-CFC8B2BF4B55}] => (Allow) D:\Steam\steamapps\common\Call of Duty World at War\CoDWaW.exe
FirewallRules: [{3D0C4E16-1FCB-447F-B7B5-6A666163E80E}] => (Allow) D:\Steam\steamapps\common\Call of Duty World at War\CoDWaWmp.exe
FirewallRules: [{D9DC4072-50B3-46DA-BA0E-FE6149C0E255}] => (Allow) D:\Steam\steamapps\common\Call of Duty World at War\CoDWaWmp.exe
FirewallRules: [TCP Query User{77C485F1-4247-4FD6-88B6-1CC2B861846E}D:\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{5E69A89A-0684-42E9-99EB-C9EC78BE9790}D:\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{AD679893-14FD-49FC-B965-55706F6783A4}] => (Block) %ProgramFiles%\Adobe\Adobe Illustrator CC 2015\Support Files\Contents\Windows\Illustrator.exe
FirewallRules: [{FB827801-A624-45A6-A868-CE55BF7D1D7E}] => (Block) %USERPROFILE%\Desktop\BO1 By TrickyModz V2 RTM Tool\Black OPS By TrickyModz.exe
FirewallRules: [TCP Query User{A6BE6EBC-4CF1-4DAD-ABC9-ADF4595FE894}D:\steam\steamapps\common\thehunter\game\thehunter.exe] => (Allow) D:\steam\steamapps\common\thehunter\game\thehunter.exe
FirewallRules: [UDP Query User{83161017-F339-41D1-A335-513EC1728FD9}D:\steam\steamapps\common\thehunter\game\thehunter.exe] => (Allow) D:\steam\steamapps\common\thehunter\game\thehunter.exe
FirewallRules: [{D88D25A1-2490-4899-A76D-7894BC800910}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{9957B9A3-E2FE-4EAD-8664-C2DE212BDFB8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{6276BFF9-F64D-43C3-8ABC-68C14B376B8B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{262E11DB-B57C-460A-99B2-826AA948038F}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{70ABE662-0E8B-4A28-8664-563F834119D1}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{6065CFC1-2B9D-438D-AAFF-5A39FB6922D9}] => (Allow) D:\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{F7BF0FC5-BF98-48E7-BA65-F9ED447D3FA3}] => (Allow) D:\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{E0C5134C-784F-4540-A6E4-F20388F41310}] => (Allow) D:\Steam\steamapps\common\Half-Life\hl.exe
FirewallRules: [{C47A6AC2-45E7-42CE-9792-F62D55BFB476}] => (Allow) D:\Steam\steamapps\common\Half-Life\hl.exe
FirewallRules: [TCP Query User{5174B0FE-25CF-4B59-970F-5E03D1A6FBDD}D:\hearthstone\hearthstone.exe] => (Allow) D:\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{CCAB3952-2AD3-4917-87BC-C4180ECC16FF}D:\hearthstone\hearthstone.exe] => (Allow) D:\hearthstone\hearthstone.exe
FirewallRules: [{B78AA5D7-6018-456C-8F76-4B9BC34F902C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{7CA2D420-BEA5-468B-9E89-7604084B7C54}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{66E54A9A-998B-419B-AFAE-8B5E3ED36760}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{151047D8-61E2-4827-8290-8F47479AE670}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{DE5BA69E-1E11-4247-B3EA-CA6FB2C01A47}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
 
==================== Restore Points =========================
 
20-08-2016 11:28:21 JRT Pre-Junkware Removal
21-08-2016 19:47:31 JRT Pre-Junkware Removal
24-08-2016 08:41:21 Removed Trapcode Suite 64-bit
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (08/24/2016 12:52:21 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Project Desire Recovery Tool (1.27).exe version 2.7.2.5 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
 
Process ID: 1820
 
Start Time: 01d1fe2730ab2d73
 
Termination Time: 3
 
Application Path: C:\Users\GaberFamily\Desktop\Project Desire Recovery Tool (1.27).exe
 
Report Id: 1e73fe0f-6a1b-11e6-9f4b-fcaa142c237e
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (08/24/2016 12:47:21 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Project Desire Recovery Tool (1.27).exe version 2.7.2.5 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
 
Process ID: c74
 
Start Time: 01d1fe268cbb048e
 
Termination Time: 7
 
Application Path: C:\Users\GaberFamily\Desktop\Project Desire Recovery Tool (1.27).exe
 
Report Id: 6ae46cbd-6a1a-11e6-9f4b-fcaa142c237e
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (08/24/2016 11:16:07 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"1".Error in manifest or policy file "UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"2" on line UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Please use sxstrace.exe for detailed diagnosis.
 
Error: (08/24/2016 11:16:01 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW.  hr = 0x80070006, The handle is invalid.
.
 
 
Operation:
   Executing Asynchronous Operation
 
Context:
   Current State: DoSnapshotSet
 
Error: (08/24/2016 11:15:56 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
.
 
Error: (08/24/2016 10:55:49 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.0_none_2d0f50fcbdb171b8.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.0_none_2d0f50fcbdb171b8.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.0_none_2d0f50fcbdb171b8.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.0_none_2d0f50fcbdb171b8.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.0_none_74bc87d3d22d9abe.manifest.
 
Error: (08/24/2016 10:53:59 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.0_none_2d0f50fcbdb171b8.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.0_none_2d0f50fcbdb171b8.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.0_none_2d0f50fcbdb171b8.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.0_none_2d0f50fcbdb171b8.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.0_none_74bc87d3d22d9abe.manifest.
 
Error: (08/24/2016 10:53:42 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"1".Error in manifest or policy file "UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"2" on line UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Please use sxstrace.exe for detailed diagnosis.
 
Error: (08/24/2016 10:52:10 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.0_none_2d0f50fcbdb171b8.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.0_none_2d0f50fcbdb171b8.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.0_none_2d0f50fcbdb171b8.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.0_none_2d0f50fcbdb171b8.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.0_none_74bc87d3d22d9abe.manifest.
 
Error: (08/24/2016 10:51:53 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"1".Error in manifest or policy file "UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"2" on line UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Please use sxstrace.exe for detailed diagnosis.
 
 
System errors:
=============
Error: (08/25/2016 04:38:00 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}{F72671A9-012C-4725-9D2F-2A4D32D65169}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (08/24/2016 07:26:06 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}{F72671A9-012C-4725-9D2F-2A4D32D65169}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (08/24/2016 11:52:33 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}{F72671A9-012C-4725-9D2F-2A4D32D65169}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (08/24/2016 11:38:41 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Steam Client Service service failed to start due to the following error: 
%%1053 = The service did not respond to the start or control request in a timely fashion.
 
Error: (08/24/2016 11:38:41 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
 
Error: (08/24/2016 11:14:05 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}{F72671A9-012C-4725-9D2F-2A4D32D65169}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (08/24/2016 11:13:36 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: The AVG WatchDog service did not shut down properly after receiving a preshutdown control.
 
Error: (08/24/2016 10:43:06 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}{F72671A9-012C-4725-9D2F-2A4D32D65169}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (08/24/2016 10:42:35 AM) (Source: DCOM) (EventID: 10005) (User: GABER-FAMILY)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}
 
Error: (08/24/2016 10:42:29 AM) (Source: DCOM) (EventID: 10005) (User: GABER-FAMILY)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}
 
 
CodeIntegrity:
===================================
  Date: 2016-08-25 16:40:42.464
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-08-25 16:40:42.463
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-08-25 16:38:41.375
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-08-25 16:38:41.374
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-08-25 16:38:41.237
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-08-25 16:38:41.237
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-08-25 16:38:41.096
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-08-25 16:38:41.095
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-08-25 16:38:40.954
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-08-25 16:38:40.953
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-4690K CPU @ 3.50GHz
Percentage of memory in use: 33%
Total physical RAM: 8006.6 MB
Available physical RAM: 5305.49 MB
Total Virtual: 14662.6 MB
Available Virtual: 11699.63 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:232.33 GB) (Free:170.24 GB) NTFS
Drive d: () (Fixed) (Total:931.51 GB) (Free:348.01 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 35EF4CE0)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================


#4 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:04:50 PM

Posted 26 August 2016 - 08:52 AM

Hi,

Step 1

frst.pngfrstfix.png

Press the w8.png + R on your keyboard at the same time. Type notepad and click OK.
  • Copy the entire content of the codebox below and paste into the notepad document:
    CloseProcesses:
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
    Startup: C:\Users\GaberFamily\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ePMGJCiIfeWIIffc.cmd.lnk [2016-08-20]
    Startup: C:\Users\GaberFamily\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SDNaUAOfcYRaVWVC.cmd.lnk [2016-08-24]
    cmd: type "C:\TDSSKiller.3.1.0.11_24.08.2016_09.13.33_log.txt"
    2016-08-23 20:31 - 2016-08-24 00:22 - 0438288 ___SH () C:\Users\GaberFamily\AppData\Roaming\fbTFciUgbVKI
    2016-08-16 10:38 - 2016-08-15 21:57 - 0312336 ___SH () C:\Users\GaberFamily\AppData\Roaming\YddNBGZaaOXh
    EmptyTemp:
    
  • Click File, Save As and type fixlist.txt as the File Name.
Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!
  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
    (XP users click run after receipt of Windows Security Warning - Open File).
  • Press the Fix button just once and wait.
  • If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
  • When finished FRST will generate a log on the Desktop, called Fixlog.txt.
Please post it to your reply.

After the Reboot:

Step 2

frst.pngfrstscan.png

Start FRST with administator privileges.
  • Press the Scan button.
  • When finished, FRST will produce a log (FRST.txt) in the same directory the tool was run from.
    Please copy and paste the log in your next reply.

Edited by deeprybka, 26 August 2016 - 08:53 AM.

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#5 jayok321

jayok321
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:10:50 AM

Posted 26 August 2016 - 03:40 PM

Fix result of Farbar Recovery Scan Tool (x64) Version: 21-08-2016 01
Ran by GaberFamily (26-08-2016 16:34:31) Run:1
Running from C:\Users\GaberFamily\Desktop
Loaded Profiles: GaberFamily (Available Profiles: GaberFamily)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
CloseProcesses:
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
Startup: C:\Users\GaberFamily\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ePMGJCiIfeWIIffc.cmd.lnk [2016-08-20]
Startup: C:\Users\GaberFamily\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SDNaUAOfcYRaVWVC.cmd.lnk [2016-08-24]
cmd: type "C:\TDSSKiller.3.1.0.11_24.08.2016_09.13.33_log.txt"
2016-08-23 20:31 - 2016-08-24 00:22 - 0438288 ___SH () C:\Users\GaberFamily\AppData\Roaming\fbTFciUgbVKI
2016-08-16 10:38 - 2016-08-15 21:57 - 0312336 ___SH () C:\Users\GaberFamily\AppData\Roaming\YddNBGZaaOXh
EmptyTemp:
*****************
 
Processes closed successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => key removed successfully
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found. 
C:\Users\GaberFamily\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ePMGJCiIfeWIIffc.cmd.lnk => moved successfully
C:\Users\GaberFamily\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SDNaUAOfcYRaVWVC.cmd.lnk => moved successfully
 
========= type "C:\TDSSKiller.3.1.0.11_24.08.2016_09.13.33_log.txt" =========
 
09:13:33.0180 0x07b0  TDSS rootkit removing tool 3.1.0.11 Aug  5 2016 12:13:31
09:13:33.0180 0x07b0  UEFI system
09:13:34.0911 0x07b0  ============================================================
09:13:34.0911 0x07b0  Current date / time: 2016/08/24 09:13:34.0911
09:13:34.0911 0x07b0  SystemInfo:
09:13:34.0911 0x07b0  
09:13:34.0911 0x07b0  OS Version: 10.0.14393 ServicePack: 0.0
09:13:34.0911 0x07b0  Product type: Workstation
09:13:34.0911 0x07b0  ComputerName: GABER-FAMILY
09:13:34.0911 0x07b0  UserName: GaberFamily
09:13:34.0911 0x07b0  Windows directory: C:\WINDOWS
09:13:34.0911 0x07b0  System windows directory: C:\WINDOWS
09:13:34.0911 0x07b0  Running under WOW64
09:13:34.0911 0x07b0  Processor architecture: Intel x64
09:13:34.0911 0x07b0  Number of processors: 4
09:13:34.0911 0x07b0  Page size: 0x1000
09:13:34.0911 0x07b0  Boot type: Safe boot with network
09:13:34.0911 0x07b0  CodeIntegrityOptions = 0x00000001
09:13:34.0911 0x07b0  ============================================================
09:13:34.0958 0x07b0  KLMD registered as C:\WINDOWS\system32\drivers\19987393.sys
09:13:34.0958 0x07b0  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 14393.0, osProperties = 0x19
09:13:34.0989 0x07b0  System UUID: {49432ADF-28BD-7B8E-0691-442BE17E8C2B}
09:13:35.0146 0x07b0  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:13:35.0161 0x07b0  Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:13:35.0177 0x07b0  ============================================================
09:13:35.0177 0x07b0  \Device\Harddisk0\DR0:
09:13:35.0177 0x07b0  GPT partitions:
09:13:35.0177 0x07b0  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {767883CF-3C74-4F30-BCD1-6A07199F202D}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xE1000
09:13:35.0177 0x07b0  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {F4FDA706-E590-47BB-BD38-F31559773382}, Name: EFI system partition, StartLBA 0xE1800, BlocksNum 0x31800
09:13:35.0177 0x07b0  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {8404658B-8D92-456F-AA34-BD1BF1824DDE}, Name: Microsoft reserved partition, StartLBA 0x113000, BlocksNum 0x8000
09:13:35.0177 0x07b0  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {2BDD227F-40AB-4CFD-9CFD-30F46567513A}, Name: Basic data partition, StartLBA 0x11B000, BlocksNum 0x1D0AA800
09:13:35.0177 0x07b0  MBR partitions:
09:13:35.0177 0x07b0  \Device\Harddisk1\DR1:
09:13:35.0177 0x07b0  MBR partitions:
09:13:35.0177 0x07b0  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
09:13:35.0177 0x07b0  ============================================================
09:13:35.0177 0x07b0  C: <-> \Device\Harddisk0\DR0\Partition4
09:13:35.0193 0x07b0  D: <-> \Device\Harddisk1\DR1\Partition1
09:13:35.0193 0x07b0  ============================================================
09:13:35.0193 0x07b0  Initialize success
09:13:35.0193 0x07b0  ============================================================
09:13:36.0724 0x0ef8  ============================================================
09:13:36.0724 0x0ef8  Scan started
09:13:36.0724 0x0ef8  Mode: Manual; 
09:13:36.0724 0x0ef8  ============================================================
09:13:36.0724 0x0ef8  KSN ping started
09:13:36.0786 0x0ef8  KSN ping finished: true
09:13:37.0317 0x0ef8  ================ Scan system memory ========================
09:13:37.0317 0x0ef8  System memory - ok
09:13:37.0317 0x0ef8  ================ Scan services =============================
09:13:37.0333 0x0ef8  [ A7901875F89D011C38CF52C98ACF5B29, 782141AB1DD7ACDE6EA08B5BAFDE8BADD05B81D38C18E097D6D9C46102056EB1 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
09:13:37.0349 0x0ef8  1394ohci - ok
09:13:37.0349 0x0ef8  [ EE1CCC54F75C24727A218F98FC5349DA, 0B0D26640BFA0F551B7087027E572D0BF2C5EAF50A4187C5A7D839180B7FF589 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
09:13:37.0349 0x0ef8  3ware - ok
09:13:37.0364 0x0ef8  [ 73C73E1AA0D4D727A04AAAB120B7F56A, 5D311F11022994410DF5C67914D38B1F0D813EFD181EA234750286A272D67A1A ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
09:13:37.0364 0x0ef8  ACPI - ok
09:13:37.0380 0x0ef8  [ 0935496EF9624B46B935CB35ECE1F205, A22A2A29195505A65E8626D60B00C86C23E0CABC1EB8345EA5ED523516CC21C0 ] AcpiDev         C:\WINDOWS\System32\drivers\AcpiDev.sys
09:13:37.0380 0x0ef8  AcpiDev - ok
09:13:37.0380 0x0ef8  [ D6794C31F4077B71433988787BAA926E, F16365C2F195AAE94D4740E6C3DF4C0CECEC6393CAD65425DCCD28CDBA6EC51A ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
09:13:37.0380 0x0ef8  acpiex - ok
09:13:37.0380 0x0ef8  [ FE5F656D6B35089DA39112E74EC6A85A, 5D81EE63998232A5B36DE47FE15B9D04D5BD02234CA133A2462AECA8C60A22ED ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
09:13:37.0380 0x0ef8  acpipagr - ok
09:13:37.0380 0x0ef8  [ 2F242941E4DFF69B883D77A16F039557, 45C388365317C720654A659A9326B2BC0E9D84929C704654985597D5D620101C ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
09:13:37.0380 0x0ef8  AcpiPmi - ok
09:13:37.0396 0x0ef8  [ C247E35A21682DA8D0DC3AF9F025FCC5, 455415EE3166B3043AD8A4DD50B688DB74242267FB555642441251EFA823E971 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
09:13:37.0396 0x0ef8  acpitime - ok
09:13:37.0396 0x0ef8  [ 68E7DEA59FDEF410BAF29FDB5B7A6EEF, B808FCF0C30B465A1330E47947B84FC722A3B4C46260E261C54B1EED725A288F ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
09:13:37.0396 0x0ef8  AdobeARMservice - ok
09:13:37.0411 0x0ef8  [ 3BB1CBEADE03BB5794D0C5FC82BF4A82, 75DF08B0A80EC9204FD4526CB2D074A3045F1CFB6F766DB965D9C18E6E8EC049 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
09:13:37.0411 0x0ef8  AdobeFlashPlayerUpdateSvc - ok
09:13:37.0442 0x0ef8  [ 49B9DB97AFC85DCCBDACDAB2E90085B7, 2A6C2A09F74EA15044F442CCFB54A0F24F105ADB915E5C78F02F59652DC29152 ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
09:13:37.0442 0x0ef8  ADP80XX - ok
09:13:37.0458 0x0ef8  [ 983266DA83FFF73DBDDD3730A4712228, 433A2731DAC687C52FB7E23093B8E11D92CCCF4C35B493D73AC30C6A4A6D2A6C ] AFD             C:\WINDOWS\system32\drivers\afd.sys
09:13:37.0474 0x0ef8  AFD - ok
09:13:37.0474 0x0ef8  [ E44DB3F7225EC3E119560738B3619972, 32946FBC2BD74072F22E48D769A034183F6C3728FCCC3CF0DD561602511E39B2 ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
09:13:37.0474 0x0ef8  ahcache - ok
09:13:37.0474 0x0ef8  [ D0905D4A945D01D4B28DB9E1BD5985F7, CF389CBCD3B99D1BAE34A42F723F1005C32213A394F691978076D3DF1727715C ] AJRouter        C:\WINDOWS\System32\AJRouter.dll
09:13:37.0474 0x0ef8  AJRouter - ok
09:13:37.0489 0x0ef8  [ 8FD51B3B35707A66080D7C8CB05E792D, FE52F3DC280D208FDDC75F6E3294B8D601E0D86F9BD3DB1ACC8FC296AC74C23B ] ALG             C:\WINDOWS\System32\alg.exe
09:13:37.0489 0x0ef8  ALG - ok
09:13:37.0489 0x0ef8  [ DF21E05E41E5AC3F13F304D91457649A, 7F48F2AD1DBE89A261113C76D7C23AD7D87D5599BCC31F8A558A8A10B81BF521 ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
09:13:37.0489 0x0ef8  AmdK8 - ok
09:13:37.0489 0x0ef8  [ 45D0AA4BB90B821DF92E8F19ABED0C5E, EA87A6E98DB3C5A88A844C04C6934E870B7004E783AA5211722115382A211B90 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
09:13:37.0489 0x0ef8  AmdPPM - ok
09:13:37.0505 0x0ef8  [ 74FFBC43B4B899C9A8CA06A892F2CE73, 8D599363C7F3D373F1859BAA4D06DD0F40BE78B56BE52B74DE6EA6EF99452004 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
09:13:37.0505 0x0ef8  amdsata - ok
09:13:37.0505 0x0ef8  [ AAB0F1D8D7E54761ABAB13AF161F1680, CF847990EFFA2828F5B1DB1A68F08A6C2C918E9612EDFFCF95C36BCABBBEA272 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
09:13:37.0505 0x0ef8  amdsbs - ok
09:13:37.0505 0x0ef8  [ F91BAAC4237C40352A807000F3B716F9, F7EFA08E5067C3D419C9D21EDB880BA08883A80DDF35F8B42EC3AB293FE5E03E ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
09:13:37.0505 0x0ef8  amdxata - ok
09:13:37.0521 0x0ef8  [ BC121C099C6C659126AD2102AFDFF8CF, 42B5EE293BDD7ADCE48173A01B30D8452564B9DA225EAF25E9292FE77C0FCF3E ] AppID           C:\WINDOWS\system32\drivers\appid.sys
09:13:37.0521 0x0ef8  AppID - ok
09:13:37.0521 0x0ef8  [ 74A24CF946279111D7F203B36569EC02, FD67D36804744B4FE3E20BA891852575E6C2DA6515643B2F4B4210118B0FCCDA ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
09:13:37.0521 0x0ef8  AppIDSvc - ok
09:13:37.0521 0x0ef8  [ 008E4CCA7A4B33042276061E0A5B8244, DAD980540B564EFA06760435AF1B3213056E6DE8B2A55DF98E7D871625D4B080 ] Appinfo         C:\WINDOWS\System32\appinfo.dll
09:13:37.0536 0x0ef8  Appinfo - ok
09:13:37.0536 0x0ef8  [ 3B3774C868868257533EC7E715BB6D53, 4AF1DADCEDBD80BE6EDEC696DF59E65B51D31E33F4C84413CA03C7BD959FF4E5 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
09:13:37.0536 0x0ef8  Apple Mobile Device Service - ok
09:13:37.0536 0x0ef8  [ 68190E2BADF23BD782344970E5B5DE9E, 95D30EC12C7FDF5822CED8BC2F17669A6687A2FB262B4F0D15C8DCFF4E9AB33D ] applockerfltr   C:\WINDOWS\system32\drivers\applockerfltr.sys
09:13:37.0536 0x0ef8  applockerfltr - ok
09:13:37.0536 0x0ef8  [ 76A12AC673B0F8A607ACDD0583C247D4, CBC6C0EB82C7A8E3998344280BBB5A697AFA7206CA2BADFDA7ED6E7DD20E3DAC ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
09:13:37.0536 0x0ef8  AppMgmt - ok
09:13:37.0552 0x0ef8  [ 41BF82B41BD24BAC9D9890DAC3212007, 0644BEE740244188B3D39F875D313B560D288B7FC33064E352C2A5F09073E361 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
09:13:37.0552 0x0ef8  AppReadiness - ok
09:13:37.0567 0x0ef8  [ 1C37C4C7172DFF2B1824F063C4527E71, 9F3C3906CB71A8AD5C63F12A9CC2495BE062366E136D389FCBCF5F40AFA7DEAB ] AppVClient      C:\WINDOWS\system32\AppVClient.exe
09:13:37.0583 0x0ef8  AppVClient - ok
09:13:37.0583 0x0ef8  [ FC51FBAF73621601693DA24262353DE3, 147A5F185724E76C7E4EC6FA829A0311773B6A77B8F0A7953C1E6073AD5F4F94 ] AppvStrm        C:\WINDOWS\system32\drivers\AppvStrm.sys
09:13:37.0583 0x0ef8  AppvStrm - ok
09:13:37.0599 0x0ef8  [ 8DC924848E20F890BEFC6B31136D46BE, B7603425B4970F505B5A3EB0F6652A9CDD188059BDC945D6DF2BADC2DF8F4B5D ] AppvVemgr       C:\WINDOWS\system32\drivers\AppvVemgr.sys
09:13:37.0599 0x0ef8  AppvVemgr - ok
09:13:37.0599 0x0ef8  [ 9ADC5A8BEE10E174F95349E9232D8E76, F322991323DCDC51199BB3AB0DA20F6C3CC7EE6E804400B473C610FDB895F0AE ] AppvVfs         C:\WINDOWS\system32\drivers\AppvVfs.sys
09:13:37.0599 0x0ef8  AppvVfs - ok
09:13:37.0630 0x0ef8  [ 757646A22C2E9BC21E6A50842FE79139, 6AEBD3486F79C55154D677204D0CCB8179DAFC90941A743D277B44C1EED9DB12 ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
09:13:37.0661 0x0ef8  AppXSvc - ok
09:13:37.0661 0x0ef8  [ E6AB1F0B4C3D4E0D2A88332D76FECD03, 0D3003EB979DA4546DCDD055011E24F13E34F683F02C9801CAC564D1809F11D2 ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
09:13:37.0661 0x0ef8  arcsas - ok
09:13:37.0661 0x0ef8  [ 61C5A480C43E7E8E49C42869F49D0D3E, E610F0E4315ABA1D90AD4A1D7A68ABA2ACBB7FCA89E9D1798470365D52592D55 ] AsyncMac        C:\WINDOWS\System32\drivers\asyncmac.sys
09:13:37.0661 0x0ef8  AsyncMac - ok
09:13:37.0661 0x0ef8  [ A10F989A812B57B9695F6C305907C9C6, E2B292610079AA1A10696138DE8130905A8A834B75A8DED7EBF8B6732B77A0F4 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
09:13:37.0677 0x0ef8  atapi - ok
09:13:37.0677 0x0ef8  [ 5D637DF654D6386487876ADF5AF301B3, 7B53356237369D892F5BBEA9C967B20DCA40FA2B6B3C5AF7A4304FFD00DF1BFC ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
09:13:37.0677 0x0ef8  AudioEndpointBuilder - ok
09:13:37.0692 0x0ef8  [ 57CEE51D9D84870F93D404302705A054, 14364B9798E9FE3F8A42109D749804795FA507C1A7D535DC17876ECCD47644E9 ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
09:13:37.0708 0x0ef8  Audiosrv - ok
09:13:37.0724 0x0ef8  [ CAF8BC64B176E0538DD8E48843362BCD, 22DB7FBEE6C86E8083F40E4D355E97A123DCC9337E1B48F75A40CD6971576846 ] AvgAMPS         C:\Program Files (x86)\AVG\Av\avgamps.exe
09:13:37.0724 0x0ef8  AvgAMPS - ok
09:13:37.0724 0x0ef8  [ 344B89E8D91B1F25239310DCC7337ED0, CF57BD6AAA2A1527957DA4BA4FFC8072D4BE071C95A8741690CA051727B4E30C ] Avgboota        C:\WINDOWS\system32\DRIVERS\avgboota.sys
09:13:37.0724 0x0ef8  Avgboota - ok
09:13:37.0739 0x0ef8  [ EBE91430DEC70E1F81D1C48B31160CAE, DFFF9663D797D7E289EEB5591ACFED49454FAEB9840CBCB319B60043CD989550 ] Avgdiska        C:\WINDOWS\system32\DRIVERS\avgdiska.sys
09:13:37.0739 0x0ef8  Avgdiska - ok
09:13:37.0802 0x0ef8  [ 108BCEE353BB2EF57396F227755AE69E, F4061BDBA8938AE5697517368F733745F5357D3A982A5D83514C9F2378D19BF9 ] AVGIDSAgent     C:\Program Files (x86)\AVG\Av\avgidsagenta.exe
09:13:37.0864 0x0ef8  AVGIDSAgent - ok
09:13:37.0880 0x0ef8  [ F363AE47CE4920A46F09BA858952DCBB, ED0B6DFD9984E801B4F2CD621D832810D9E43D425AB3E2CA15560474E4865DE2 ] AVGIDSDriver    C:\WINDOWS\system32\DRIVERS\avgidsdrivera.sys
09:13:37.0880 0x0ef8  AVGIDSDriver - ok
09:13:37.0880 0x0ef8  [ 6E74613980F4691B95E6A10F71218D0B, DB42099501DD5AD10286E7CC77E4B17D9D6FA4406B20C876C0587EE637D3A50A ] AVGIDSHA        C:\WINDOWS\system32\DRIVERS\avgidsha.sys
09:13:37.0896 0x0ef8  AVGIDSHA - ok
09:13:37.0896 0x0ef8  [ 65E62E92584319747183FA54C08C0330, 26F3D9C36254499DC0A43B5FF4A6B35784BC49143CDAED7E0257A6C527BF2EE5 ] Avgldx64        C:\WINDOWS\system32\DRIVERS\avgldx64.sys
09:13:37.0896 0x0ef8  Avgldx64 - ok
09:13:37.0911 0x0ef8  [ 301E95F388C93D3C73EE35E3693C6A97, 512BA2905EDCC900B12037701A120EE527A14894BF562610F3CF57A65D20FCD5 ] Avgloga         C:\WINDOWS\system32\DRIVERS\avgloga.sys
09:13:37.0911 0x0ef8  Avgloga - ok
09:13:37.0911 0x0ef8  [ A1E22774E01EDB88EC9620EF017B3ABE, 94C26CBA3B37A530A76EE116DE42862B2AC635C434F097102B27562CE427D25E ] Avgmfx64        C:\WINDOWS\system32\DRIVERS\avgmfx64.sys
09:13:37.0911 0x0ef8  Avgmfx64 - ok
09:13:37.0927 0x0ef8  [ 2A0D6982D0492BF6266E64F25C23EAE8, 7400F85784C0658B4DF6C7424E3ACDCF421D8293D247E80D6AEE14FA91EBFBDC ] Avgrkx64        C:\WINDOWS\system32\DRIVERS\avgrkx64.sys
09:13:37.0927 0x0ef8  Avgrkx64 - ok
09:13:37.0942 0x0ef8  [ 8CD64A981787F589D867B275CCAA9E2E, 1A0740E50610F0CB5D507EE9D54BC7F01209DF82015E7CBB0982110FEEC36526 ] avgsvc          C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
09:13:37.0958 0x0ef8  avgsvc - ok
09:13:37.0958 0x0ef8  [ 1EEB894456B375A486950D343F6DB81F, C5D6EBAC49A4AABE360EE2FA791628C164608FAF5CF37049368CE061D8ABFC10 ] avguniva        C:\WINDOWS\system32\DRIVERS\avguniva.sys
09:13:37.0958 0x0ef8  avguniva - ok
09:13:37.0974 0x0ef8  [ A6AE2B2E79925C37F543A8D6EC6D8C68, 53498B84884CB2AA2E2FC700535EFBC8E809BC15239A72B5DB20A212A2BD0500 ] avgwd           C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
09:13:37.0974 0x0ef8  avgwd - ok
09:13:37.0989 0x0ef8  [ A94156BEA24D01996D9E026C51B9BFF2, 2FABAFED50DA5074CBCAD483D67E8F01EC6DB6A9F3D531CCF6120D291BA6DD92 ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
09:13:37.0989 0x0ef8  Avira.ServiceHost - ok
09:13:37.0989 0x0ef8  [ 6D90FDA2DC364B8EA1420F2F81585CC3, 10E6F23A213CFE49BE04BB7D366ADD4028D61D7114FEC67C30B5467DF6B36D4F ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
09:13:37.0989 0x0ef8  AxInstSV - ok
09:13:38.0005 0x0ef8  [ 61BAC67048CA5C1D08C48FCC8012B613, 71B2A466FC38DA1029B471FBD2541D8FE359751A7B212AE0F420DB3645916450 ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
09:13:38.0021 0x0ef8  b06bdrv - ok
09:13:38.0021 0x0ef8  [ 68F72B05EBC6D1779C0D60A147C7CA0B, AA1C857BEE34865C6B901157FC22570D4CF45D950708BAD7AA333F120F2B474C ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
09:13:38.0021 0x0ef8  BasicDisplay - ok
09:13:38.0021 0x0ef8  [ 23156E7EDAF613D839E2839746B168D3, CAEF8F9C7D3A338BD747AC9D5BFBE730D77B911E87BCF532EBB75E1F80916AFA ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
09:13:38.0021 0x0ef8  BasicRender - ok
09:13:38.0021 0x0ef8  [ 3F5523DCEFE42B385659C5CB46A6B810, CA24A3DF002B19E7BDEDE9B5EB60623F299D0E78B2E4F58DCFC028D76DEFE52D ] bcmfn           C:\WINDOWS\System32\drivers\bcmfn.sys
09:13:38.0021 0x0ef8  bcmfn - ok
09:13:38.0021 0x0ef8  [ 0B750A6A6D847E73CA48ADD7A0F5A393, 6A43020F23846EFB1AFA3C070465B0059E9DF60DEB16899E09559462DF30939F ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
09:13:38.0021 0x0ef8  bcmfn2 - ok
09:13:38.0036 0x0ef8  [ D4EFDA0D56429018281F8F3188E6F86C, 020B861338BAF8E2A861CA1D2D22640CCD39BA84F18260F9862F7E3AC5014985 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
09:13:38.0036 0x0ef8  BDESVC - ok
09:13:38.0036 0x0ef8  [ 0A508274355745EEF01C6BE3198D02C4, E2DB08AEE2368FA95FDB357BB31EA4EBF31679C3E72E109DB3D7CD1B5F7B828E ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
09:13:38.0036 0x0ef8  Beep - ok
09:13:38.0052 0x0ef8  [ 8C3E38D724D5AEF4D979C321B7054BF8, 24A17689A8A4FE551E22E0CCDB186ABE7F1B39F3EB8E258C9BF6BE2F5AC2550E ] BEService       C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
09:13:38.0083 0x0ef8  BEService - ok
09:13:38.0083 0x0ef8  [ 5125CBB61AC81168366BEB290399CB8E, B2A3095D45E2114DE2BD0E5A3AE20B3CE95EE517A35B9E1EAD05E231F38DBDCF ] BFE             C:\WINDOWS\System32\bfe.dll
09:13:38.0099 0x0ef8  BFE - ok
09:13:38.0099 0x0ef8  [ 58707E11F078AAD73083811549F3DF5D, F5B58020776673B0FA08E6426DFAC62C89FBD61FF277F65DC1AF424F71FA7477 ] BfLwf           C:\WINDOWS\system32\DRIVERS\bwcW10x64.sys
09:13:38.0099 0x0ef8  BfLwf - ok
09:13:38.0114 0x0ef8  [ D99CD8421A546B5AC727CD947C61DC83, E5DD081CB7D8FB6891277D4DEB34B003C04EEF236462E2FCAE35D131F580C10D ] BITS            C:\WINDOWS\System32\qmgr.dll
09:13:38.0130 0x0ef8  BITS - ok
09:13:38.0146 0x0ef8  [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
09:13:38.0146 0x0ef8  Bonjour Service - ok
09:13:38.0146 0x0ef8  [ EEBFAEB4702E1049ECD44B10485E6C0C, 8F4D31E36717101B6172D7346E86EBC77B9CDAA5CC14AA1379661C16A7FF05E2 ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
09:13:38.0146 0x0ef8  bowser - ok
09:13:38.0161 0x0ef8  [ 78C35DD7CF780428650B1EE9B0F8D41E, C5A3111383CD9813A4ED33E244E20E2E0607CDEFC5BF00A760F63DAD019EE90E ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
09:13:38.0177 0x0ef8  BrokerInfrastructure - ok
09:13:38.0177 0x0ef8  [ B3F32C630DD3F2F6A6091B89CFF13641, 7A9C53EF9AB9FF1DC392FD711B194A101DB36CA5BC799E817BEB446741089B76 ] Browser         C:\WINDOWS\System32\browser.dll
09:13:38.0177 0x0ef8  Browser - ok
09:13:38.0177 0x0ef8  [ 722036C26D2C4E50EC2A2EC5FD678846, 999468038AE01F0FF6881F4B2A2CB67BC636641188E95F10729E08ADBC3CB3DE ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
09:13:38.0177 0x0ef8  BthAvrcpTg - ok
09:13:38.0177 0x0ef8  [ C2E31BE025D46D189E38DD1EDF07837A, 656528DCAAAF485EC57EE5C3021E96736634DE3B9C39CBCD2728E055ABD4C0A5 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
09:13:38.0177 0x0ef8  BthHFEnum - ok
09:13:38.0192 0x0ef8  [ F7CD605FC0B0B22F3F6F247595E3A655, 1CD9140DE5415DDBEACD8667E63E5C95FD64D693B56302A0474E693E578BEAB0 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
09:13:38.0192 0x0ef8  bthhfhid - ok
09:13:38.0192 0x0ef8  [ B157D72BDA6A6DD6E9DC6BF338CD0CF8, B2AC26AE214151E5AD93DED78256BC0295DBF0133C854E7DEE4CD776D9C9A349 ] BthHFSrv        C:\WINDOWS\System32\BthHFSrv.dll
09:13:38.0192 0x0ef8  BthHFSrv - ok
09:13:38.0192 0x0ef8  [ 535DC41A33630AE4C262406F9E981C03, 599332589AA28D04189E19B87A4AE6FEEB60B40A7BC6E3B11240DA363A981C29 ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
09:13:38.0208 0x0ef8  BTHMODEM - ok
09:13:38.0208 0x0ef8  [ 96932F631F5CB9F5D1C8F99A71568EF3, 5E4C8955A2EE9DC76B4EBC383653EB753D76D6B017E1A5DD553AC16094D7F12A ] bthserv         C:\WINDOWS\system32\bthserv.dll
09:13:38.0208 0x0ef8  bthserv - ok
09:13:38.0208 0x0ef8  [ 23F9EF739F685E07482116425E7879AA, 0EBDF96A49A319C0BCF6F51FB6C8C392C017E1738B950C19C91FF43E14D73143 ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
09:13:38.0208 0x0ef8  buttonconverter - ok
09:13:38.0208 0x0ef8  [ 4C61113687EB66035A70A55EE9B7DB4A, 3339821A3853B90F3B468470493A813053D82014E2677E726C16E19AABE2A440 ] CapImg          C:\WINDOWS\System32\drivers\capimg.sys
09:13:38.0208 0x0ef8  CapImg - ok
09:13:38.0224 0x0ef8  [ F8FB51B9EF6372610E9B31A1D86B62FC, 7461584A8B39AC549AD7BAFFA509D4CD81EEE542808BC8EFC285863A0AE6432D ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
09:13:38.0224 0x0ef8  cdfs - ok
09:13:38.0224 0x0ef8  [ 7AD576CF28F1E7AEFC3D6E8279DF84F6, 1F7E26F9354B543881E940F5183086AC00684CDC0AB7A797E1F0AB21C4AD8716 ] CDPSvc          C:\WINDOWS\System32\CDPSvc.dll
09:13:38.0224 0x0ef8  CDPSvc - ok
09:13:38.0239 0x0ef8  [ 0415CA08674F64D63329CB51D4004685, 12F3AB9A263F2E131F4969E6CED2AE6DD7AF06C10AF02923256FF4C9E34698BF ] CDPUserSvc      C:\WINDOWS\System32\CDPUserSvc.dll
09:13:38.0239 0x0ef8  CDPUserSvc - ok
09:13:38.0255 0x0ef8  [ 613D0137C269187FA298A157E3D14A18, 84BC268525F14BB27202CE242BF94D9E83BC91B50A0335908574F31B29A2F04D ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
09:13:38.0255 0x0ef8  cdrom - ok
09:13:38.0255 0x0ef8  [ 9450FA11E9DE6715FCB71A519A8FF90B, B7E341C6E4CE967FCDD0D17A497C07E8A1C6B0AACE8A6E8E5D6C21EF73F13E16 ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
09:13:38.0255 0x0ef8  CertPropSvc - ok
09:13:38.0255 0x0ef8  [ 0AED948DA8D5F08B3D6F12E4E2089736, 95E538E81DDBC83492C5F3820C82C78F050B4D74ACF12D7970EC84F93581AE29 ] cht4iscsi       C:\WINDOWS\system32\drivers\cht4sx64.sys
09:13:38.0271 0x0ef8  cht4iscsi - ok
09:13:38.0302 0x0ef8  [ 0002A0FDE087C1657AB31CE73077539C, 4DD6210B67E9633AB3240371590869DC833A4C986C74FC12A5D4FFFFD361848A ] cht4vbd         C:\WINDOWS\System32\drivers\cht4vx64.sys
09:13:38.0317 0x0ef8  cht4vbd - ok
09:13:38.0333 0x0ef8  [ 6B4F90A287D75CCD78694F6790C911B2, 73D7C31E9F475FA3FD568FCA9A953F968729AA114F63C06F38BF5198DAD67BD8 ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
09:13:38.0333 0x0ef8  circlass - ok
09:13:38.0333 0x0ef8  [ 09D0B94D3A06EFD1EB70189EC4B26DF7, 47E73C536C63F4C21E4ADBB122A152D3A291CF4EDD4CB4D07D09D14E1A9961F1 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
09:13:38.0333 0x0ef8  CLFS - ok
09:13:38.0380 0x0ef8  [ E3B9DF555BB278746E853E47429C8236, 1A6B112AF2032A2EE7C78C82BF393051D22D3F9212887FF7175FEFEE4E234882 ] ClickToRunSvc   C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
09:13:38.0427 0x0ef8  ClickToRunSvc - ok
09:13:38.0427 0x0ef8  [ E133CFCBFABB3CB517BE9F42FEA5887C, DA699CDD5F3CC427354540C907BD24CCA7BAC3112C53918EB611CB4EEC7611DA ] ClipSVC         C:\WINDOWS\System32\ClipSVC.dll
09:13:38.0442 0x0ef8  ClipSVC - ok
09:13:38.0442 0x0ef8  [ EEC3A4A98AE1A337E3CD1483AD6F2E15, 764DA329984A95E092F5C15116DA34FA7FC27216C0862365D4BF10ADC97EC5C5 ] clreg           C:\WINDOWS\System32\drivers\registry.sys
09:13:38.0442 0x0ef8  clreg - ok
09:13:38.0458 0x0ef8  [ 429623E266EF067A44E8CF148E9DFB9B, A48AA85ACC52C7AD73DB2D6148B3F9FB5EAC33C8F8C5BB6D7D0A9D84B7C08E11 ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
09:13:38.0458 0x0ef8  CmBatt - ok
09:13:38.0458 0x0ef8  [ 84FC81FF9F291A0FC8D10933C1748F66, 46B6C64659A24C1D4917963FECEC2D6AED516C047762F0B4E67651CF8241A7D8 ] CM_VENDER_CMD   C:\Program Files\Common Files\Logitech\G430Install\CMVC64.sys
09:13:38.0458 0x0ef8  CM_VENDER_CMD - ok
09:13:38.0458 0x0ef8  [ E09C3E2CD29727AAC0977E1A7CE0425E, 86BC9C4306861D104A0F87E9C6E3E7A972488C80DD399A983397FF0312292DA3 ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
09:13:38.0474 0x0ef8  CNG - ok
09:13:38.0474 0x0ef8  [ 3DB10C59405931E2C72EFB82C1AF97D1, 100B5450A70988DB1C1F8A5FDBB3553AF1A0D47B42A5AC71460DB92E26010CE6 ] cnghwassist     C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
09:13:38.0474 0x0ef8  cnghwassist - ok
09:13:38.0489 0x0ef8  [ 34C935AF2A414572B412B3556586D783, 912981B88B0796576ECCD5EBE0C4728EC02D5D6A96B039447DCBA59B2583F25E ] CompositeBus    C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys
09:13:38.0489 0x0ef8  CompositeBus - ok
09:13:38.0489 0x0ef8  COMSysApp - ok
09:13:38.0489 0x0ef8  [ 44EEEB2382F566999287E13F2067693C, 53A4A0C85EAD38030FF2078C67465E3710ECD03A08FF34E1E67B2E3E1CC70043 ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
09:13:38.0489 0x0ef8  condrv - ok
09:13:38.0505 0x0ef8  [ 9CE94A05A5BA6A92013CAD1B924B1EC2, 19ECE2C607BAE5DCE7ED4AB46722E63EF834B219716F3A90AF661C02B58088C4 ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
09:13:38.0521 0x0ef8  CoreMessagingRegistrar - ok
09:13:38.0521 0x0ef8  [ 829FD68876F4B6484AAF85F1E98BE050, BF94C916A393E0D99DB9E49FB5B37649799EA494112FD7271D0EAC704751F799 ] CorsairVBusDriver C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys
09:13:38.0521 0x0ef8  CorsairVBusDriver - ok
09:13:38.0521 0x0ef8  [ 407237341D4E3D27E987E4B78CAF5359, EBFD281D853D45016C67003B284C88FB4BB59B6ACE181E207CCC4A14449092BC ] CorsairVHidDriver C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys
09:13:38.0521 0x0ef8  CorsairVHidDriver - ok
09:13:38.0536 0x0ef8  [ 00431929A879841E642A626DBD8311C6, E77C3CE24DA8748F96A0F6F8E410BAC484A6393EC969EF30D79E0D71FF36967A ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
09:13:38.0536 0x0ef8  cphs - ok
09:13:38.0552 0x0ef8  [ 5F06CAC4B09250CDDDD0180A08162924, A2EB0A57225E65FC264CFC9FAD858D8B54A015CDAE3DC904B1C4E9AAB40B1F06 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
09:13:38.0552 0x0ef8  CryptSvc - ok
09:13:38.0552 0x0ef8  [ 03214883D52FAD46573233852344C72C, 63DCCDD895EB804D205ABB8EA381B34FB0879D09E4D0EB0B28F9B2BB1024BAB7 ] CSC             C:\WINDOWS\system32\drivers\csc.sys
09:13:38.0567 0x0ef8  CSC - ok
09:13:38.0583 0x0ef8  [ BE35D1BAC3F18C9EB1C1CFBA31ED95E3, 4255475D173868A0E5583E844A1884E819E229838C4DEACAC47F1A4DEF388C9D ] CscService      C:\WINDOWS\System32\cscsvc.dll
09:13:38.0583 0x0ef8  CscService - ok
09:13:38.0583 0x0ef8  [ DC08465037FA57A5203BDF3E963422C2, ADA7F6B4ED68413924E187DA1A609BB7B7AA5E483055994A17AEBC7F1BCEC5F2 ] ctxusbm         C:\WINDOWS\system32\DRIVERS\ctxusbm.sys
09:13:38.0599 0x0ef8  ctxusbm - ok
09:13:38.0599 0x0ef8  [ 68B1E0DA1BB1680494227E88CE821E2F, DE9AFCE4CC28F3484180D6A63FBBDA5B89F208E056BD17870C074094159ED6AF ] dam             C:\WINDOWS\system32\drivers\dam.sys
09:13:38.0599 0x0ef8  dam - ok
09:13:38.0614 0x0ef8  [ 7BD259FC59CF9C2AE1B979564B374CC6, 299832FCE304A85080C80ABFE820A6093AC15A7C1E7C89D8C946708E955A2909 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
09:13:38.0614 0x0ef8  DcomLaunch - ok
09:13:38.0630 0x0ef8  [ AE9F09F87755C18904656CB4F59F351D, B352A43B3B68B497D87B49C302AF3F37F36D56D49878AE3785C3D43597E5DC57 ] DcpSvc          C:\WINDOWS\system32\dcpsvc.dll
09:13:38.0630 0x0ef8  DcpSvc - ok
09:13:38.0630 0x0ef8  [ ABBD3EE724117242E28D31F19FBCFF03, 68EA91A969DD80A5DE28B0A8EAEB308837183713559C2C2FAEF991858C971393 ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
09:13:38.0646 0x0ef8  defragsvc - ok
09:13:38.0646 0x0ef8  [ 78658EBDAD59E17ACC3569C8451F07B3, 629A014AF4E306C167B4D5C8DAFEE145472691CDCBBBB616D1435B67AA6FF20B ] DeviceAssociationService C:\WINDOWS\system32\das.dll
09:13:38.0661 0x0ef8  DeviceAssociationService - ok
09:13:38.0661 0x0ef8  [ FEA494AC3A1BAE63C1F2AF267D49F1DB, 0722FEA2481740B53EF26B1CA59166C63C157A5C708AC93DF3FBB74A27266C9C ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
09:13:38.0661 0x0ef8  DeviceInstall - ok
09:13:38.0661 0x0ef8  [ CDF1B1B5C5951111791C236B2696C7F8, BF6C4BA545C8827B40DB69890DB4D2B2F9C583C5E3CFBDFD370B05891141458D ] DevQueryBroker  C:\WINDOWS\system32\DevQueryBroker.dll
09:13:38.0661 0x0ef8  DevQueryBroker - ok
09:13:38.0661 0x0ef8  [ 7EAFDEF51136E8F2452CEBD8D084F108, 88609DCB578D14BEBF7CF3C4D300FE2440BA0CF95189969247AB516059E9C284 ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
09:13:38.0677 0x0ef8  Dfsc - ok
09:13:38.0677 0x0ef8  [ F0D4400BA0F08610D9A551B15BF10B76, 83EB8FB272FC2DD2CC0659C2FB90AD0DAE88A88AB3951E03BCD933A25B601E10 ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
09:13:38.0677 0x0ef8  Dhcp - ok
09:13:38.0677 0x0ef8  [ CA7FEDDFCF61EF15A09C54DA2C07C49F, 346EF7709BA9E6BD48592B86FA46F9D956C847EF91F4980EEAD98269D0F0EF67 ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
09:13:38.0692 0x0ef8  diagnosticshub.standardcollector.service - ok
09:13:38.0708 0x0ef8  [ 6079A6F6406C4FFB552F66384F25F919, 8B38645F1F4A8F72DF18373EDCD3828DDF8D4E2A406E42E654F21C0C1A5EB661 ] DiagTrack       C:\WINDOWS\system32\diagtrack.dll
09:13:38.0739 0x0ef8  DiagTrack - ok
09:13:38.0739 0x0ef8  [ 35B9D46560339A5A7F0CAC6ED702C817, F70480B01533B7029F90E2DE297E9E829660300DDE7A7D009B0AC2684E7691A7 ] disk            C:\WINDOWS\system32\drivers\disk.sys
09:13:38.0739 0x0ef8  disk - ok
09:13:38.0755 0x0ef8  [ 53757B27986CDC970725FAE35F45CA11, 3B332C2FBD502BAD959DDD65C86FEAFA78DFDDF6405F130F2F26A8AF9424E21B ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
09:13:38.0755 0x0ef8  DmEnrollmentSvc - ok
09:13:38.0755 0x0ef8  [ 815F45161A4571C2C44491564F3D5968, 32E7AE8414A178CE429C0CDFCF718E3C11C705FB3155EA5CA0EAD48AAE507B01 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
09:13:38.0755 0x0ef8  dmvsc - ok
09:13:38.0755 0x0ef8  [ 6E5EE6E420FECD64DE463C5F01CBFE71, F173C56895E80AA03D70CD78B3AB659C2EEAACFF43BE3B6EF3939D6F4AD4F62D ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
09:13:38.0755 0x0ef8  dmwappushservice - ok
09:13:38.0771 0x0ef8  [ 7F8A3ABF7750326E18CE953CCE262670, 5DBD159E8A455A42764FC73CF7DCAC849B5896848C5589B00BD36697804C0A3B ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
09:13:38.0771 0x0ef8  Dnscache - ok
09:13:38.0771 0x0ef8  [ 8F46B4C3F9BA19C26A26D0A11137B20B, BA0A66DBA98D77FD85A7CD2D4593F2B2A1A3B4D32BBECBCFFBEB5A54DCB0D8ED ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
09:13:38.0771 0x0ef8  dot3svc - ok
09:13:38.0786 0x0ef8  [ CA09EAEE92C6FDDC6B05057F11A0372D, 14DB5C186B69644AA93C445BF31CC9670204F95A47B77B6EACB19B4A316378AD ] DPS             C:\WINDOWS\system32\dps.dll
09:13:38.0786 0x0ef8  DPS - ok
09:13:38.0786 0x0ef8  [ AE6BD4C879A8C849E53947C92DF3B3A0, 8C29774CB2D30D901C54AAC0C8ACE709351EE40E5C8FB9951B2A18B4A03F28B7 ] drmkaud         C:\WINDOWS\system32\DRIVERS\drmkaud.sys
09:13:38.0786 0x0ef8  drmkaud - ok
09:13:38.0786 0x0ef8  [ 7433474BE77F065D2FA628671FE31A3E, 063ADDC68F48036749E6EC7B2F66284DB29F90F62E9468D16B4EF5A0FDC45E35 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
09:13:38.0786 0x0ef8  DsmSvc - ok
09:13:38.0802 0x0ef8  [ 5FCA45C24501DA7390065D3706A9FC3F, 093FD840F1502ECC6F05B9723CA523B3F15CF39A5D2B9106E1267739B3F2C52C ] DsSvc           C:\WINDOWS\System32\DsSvc.dll
09:13:38.0802 0x0ef8  DsSvc - ok
09:13:38.0833 0x0ef8  [ A90C76FB62526DEB5A5557A8839841AB, 939BDA8A4F73E834A319D45C97B0892B0A44886A9191BA20D1121622BAE413FA ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
09:13:38.0849 0x0ef8  DXGKrnl - ok
09:13:38.0864 0x0ef8  [ 9FCE4EF7D5E274F862D9A2526B5F4779, 81D42D5475C2801C8E0C233A0BA827569D8A70590017C91C665C8B232D9BFAA9 ] EapHost         C:\WINDOWS\System32\eapsvc.dll
09:13:38.0864 0x0ef8  EapHost - ok
09:13:38.0911 0x0ef8  [ 7EC6FC0266D74BD47ABB130A328B70EC, 3856790AF967AB03B1A89F97328DC4D5A6854ACDA6169681A9AFB03D7CF791F9 ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
09:13:38.0942 0x0ef8  ebdrv - ok
09:13:38.0958 0x0ef8  [ FD0FC10A8CFD7AFEC58BBBE649BAA470, 9BDBD540FCF33FC01AB896D50A872E2FB5A007225FA003C528E6DCBDBEE19C25 ] EFS             C:\WINDOWS\System32\lsass.exe
09:13:38.0958 0x0ef8  EFS - ok
09:13:38.0958 0x0ef8  [ 8D74B8B5D6F7C5BC4C525BAF2B083FF1, DA5656F745B3911F96871887FDFDC40F4D9C820622A0AA27EFE4BA93662833CA ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
09:13:38.0958 0x0ef8  EhStorClass - ok
09:13:38.0958 0x0ef8  [ 4D49B99DCACA1FC782A94DB596246504, 878B27A128093640830AB4C78973E1D896CF3AA918FA24FAB1029F0C9D1CB98B ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
09:13:38.0974 0x0ef8  EhStorTcgDrv - ok
09:13:38.0974 0x0ef8  [ 80A7999DE02CE678B865832E1CE78CD6, 2576EBB6E4D630A906DE724F125099E52A962B5B68B9F9BCA849A7B29D8C8689 ] embeddedmode    C:\WINDOWS\System32\embeddedmodesvc.dll
09:13:38.0974 0x0ef8  embeddedmode - ok
09:13:38.0974 0x0ef8  [ B4264DEF962801CDB83C008DE30758D1, 57886688102BE727450BA45932044A5A389B5822A0C1C08C2AFFBA380F70C3F3 ] EntAppSvc       C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
09:13:38.0974 0x0ef8  EntAppSvc - ok
09:13:38.0989 0x0ef8  [ 77B60DEC7DCB4233E4A69D3F52E5DB24, 3A5C905E37A93899051497C90E5BA8E1D003B56C6906CADFD2F1CDF52052D248 ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
09:13:38.0989 0x0ef8  ErrDev - ok
09:13:38.0989 0x0ef8  [ F89083AB8B9F51C0031C1CBD0A9A7E35, 9EE973A25134960E62D1A6A1E34AD9B3F7690E71C1AD31A23FA2081A73438754 ] EventSystem     C:\WINDOWS\system32\es.dll
09:13:39.0005 0x0ef8  EventSystem - ok
09:13:39.0005 0x0ef8  [ A0539478593A00AA64E600CF7E19F195, BD835D70F3EE9BFEFFABE747AD65BC97C73AD8042F653BF93535277FB0CBD4CE ] EvolveVirtualAdapter C:\WINDOWS\System32\drivers\evolve.sys
09:13:39.0005 0x0ef8  EvolveVirtualAdapter - ok
09:13:39.0005 0x0ef8  [ FCD2C63754C2E739A8EEAD9BC63F9DDC, C57A72ABA4C0BD71F914B9C8FF965DCFF585A205498F19A4584A4BAF7674839D ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
09:13:39.0005 0x0ef8  exfat - ok
09:13:39.0021 0x0ef8  [ C077AA74EDDAF69985EB27597BCB342A, 8CE48D37E39A6DFA3C8E959CA92A49029100446DC40044EE009D55FB9CDE378A ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
09:13:39.0021 0x0ef8  fastfat - ok
09:13:39.0036 0x0ef8  [ 77CE56471AF984800F318F3734D768C7, 72D540072374A56C2C497F0532A50705D3F0637F2C0C96B1D715F2EDFCA3AA2D ] Fax             C:\WINDOWS\system32\fxssvc.exe
09:13:39.0036 0x0ef8  Fax - ok
09:13:39.0052 0x0ef8  [ 99598ECA5E41996E005D5B9D9FF1EFA2, 91345CD50EF02431B69093505C1C5F5DC6A1AA6BF192EE9392ED4D5626B60462 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
09:13:39.0052 0x0ef8  fdc - ok
09:13:39.0052 0x0ef8  [ EF0DD43A4CBAB367BCA1AFBDC9971E4F, 73E161C45D63FDDE71EE2438137913724DC513860539D1E7F6BD861F5D1B33F3 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
09:13:39.0052 0x0ef8  fdPHost - ok
09:13:39.0052 0x0ef8  [ 34DAC585994CD3B4E910DE11C584EF3D, A6C6A4CB5413EA61F1A54E2D3AD71A311CEA2C26218544D2D2D4A5CFEC52DE8C ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
09:13:39.0052 0x0ef8  FDResPub - ok
09:13:39.0052 0x0ef8  [ B68DA1FE3CA2311AFD38DD6905CA7F71, 4B395DFB1B47D2507CA4D9DC996A70D0A3BDB1A245CD6DA6C42B2A299AFCCF37 ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
09:13:39.0052 0x0ef8  fhsvc - ok
09:13:39.0052 0x0ef8  [ F44F666B0EACC3181544FFCF8CA0FFC7, 83F771CF9DAE1C504B30731EEC55355EA1253174252DA2192ADF1D228B3735C3 ] FileCrypt       C:\WINDOWS\system32\drivers\filecrypt.sys
09:13:39.0067 0x0ef8  FileCrypt - ok
09:13:39.0067 0x0ef8  [ 78A210DDFDF2C9EC884631D2DAA573F0, 5D39C6EF4AC690A9749EEDBE2478FFF15A22877A2861EDA103C7BF1607B0C1BD ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
09:13:39.0067 0x0ef8  FileInfo - ok
09:13:39.0067 0x0ef8  [ 1A97DB5E701A186989F3795223C3BE39, F7982220D4DF7E104955E63CACE352394E2577DEF49506EA126127F820EB62DF ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
09:13:39.0067 0x0ef8  Filetrace - ok
09:13:39.0067 0x0ef8  [ 46626665F0E5906E45619B4EFD6186B8, 37FDD3B8AD49FD29E54DA5567EA77F28A53498AE56348F7A2628E5E5549D638B ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
09:13:39.0067 0x0ef8  flpydisk - ok
09:13:39.0083 0x0ef8  [ FDA72ACA14D516D18C33AFCD0FD9260F, 6509612DEC82EA74614B5C9A7B432305A1A468C97B88BED9E141DF2929B621B1 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
09:13:39.0083 0x0ef8  FltMgr - ok
09:13:39.0114 0x0ef8  [ 289EFA0470B308F01BAF955DE81E0682, F88081AD427BD90B3085A07439D1BDBB4966A898D49B0ABEFF7829D68BE532A5 ] FontCache       C:\WINDOWS\system32\FntCache.dll
09:13:39.0130 0x0ef8  FontCache - ok
09:13:39.0130 0x0ef8  [ 59241194DBDF30A2B4029E402F377900, 47A92E9CD8494C403B377799D395670A393766647E24CD83B15338CE2AA50266 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:13:39.0130 0x0ef8  FontCache3.0.0.0 - ok
09:13:39.0146 0x0ef8  [ B6848AE7BF5BD5182075D948DF7588DC, 0245D35CA48451D0743347338EE2E8E8AB6C6FD8ABE0B91E7FE2830714D30BE0 ] FrameServer     C:\WINDOWS\system32\FrameServer.dll
09:13:39.0161 0x0ef8  FrameServer - ok
09:13:39.0161 0x0ef8  [ D152CCBFC8251670BF0AAFE00D6BC782, 9DE82D8FC4E1DAF8FF23EE08C0B7CB5051A9224E64544D262CFA4996A41B04E1 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
09:13:39.0161 0x0ef8  FsDepends - ok
09:13:39.0161 0x0ef8  [ 6D6BB5C7363CD35FA715E826F3D029EE, C214F791EB39E8B25CE57ED9D6C1D56EE1AF6021BCB380980BD42A6338A6C9F7 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
09:13:39.0161 0x0ef8  Fs_Rec - ok
09:13:39.0177 0x0ef8  [ B719EAA1EC93586955B013BD7DD61356, 0D0D94CF33322EEC0AD08835D0314E578F9687F361CD436A2073A4D2C0D56C86 ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
09:13:39.0177 0x0ef8  fvevol - ok
09:13:39.0177 0x0ef8  [ EF78034773CE506323655A868C949144, DF195BEEE6704FBCC6D2D9E1BF6723E52ED502A1459F495B7D18481E6A79B5BC ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
09:13:39.0177 0x0ef8  gencounter - ok
09:13:39.0192 0x0ef8  [ B55FEBC6A00DAA1FE074F020B6907516, 67071FBAC2ABA47AB71358A5F08E92E034A55343878F00137E90B3B1F7362976 ] genericusbfn    C:\WINDOWS\System32\drivers\genericusbfn.sys
09:13:39.0192 0x0ef8  genericusbfn - ok
09:13:39.0208 0x0ef8  [ F78BC07DCED5EDDD6D477E923620F8EA, ABE28155100A38A5E1B58FFC8099EF416145278B440A67B8DAFD7715FE412624 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
09:13:39.0224 0x0ef8  GfExperienceService - ok
09:13:39.0224 0x0ef8  [ DDD8A8CDDC7F13EF57D1DAAE71865936, 9D472A8689F72F24D40D5B94849690F53C67849FDF6162A94EF4FB330A3DA566 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
09:13:39.0224 0x0ef8  GPIOClx0101 - ok
09:13:39.0239 0x0ef8  [ C9316C91895057669386E620C89580E5, 5C7BF2C890E77AE3D401BB1F9F76B42D8A0ECD98118F17929FCD4097C768D90A ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
09:13:39.0255 0x0ef8  gpsvc - ok
09:13:39.0255 0x0ef8  [ 7ACD8F69B5D6EC97E6D2C006E19BED88, FC69214C9308EA64B88EF4C3C95800586DDBB44C8540846B79A161BAD8203B6E ] GpuEnergyDrv    C:\WINDOWS\system32\drivers\gpuenergydrv.sys
09:13:39.0255 0x0ef8  GpuEnergyDrv - ok
09:13:39.0271 0x0ef8  [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:13:39.0271 0x0ef8  gupdate - ok
09:13:39.0271 0x0ef8  [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:13:39.0271 0x0ef8  gupdatem - ok
09:13:39.0333 0x0ef8  [ 9252529EE963CE64DF92E904AF989114, 4D7EC8E63D8FB2BF54F4BA78AD9025D9D639A3C439F498D85B32EB01A2C0D7F6 ] HcwDevCentralService D:\Program Files (x86)\Hauppauge\DeviceCentral\HcwDevCentralService.exe
09:13:39.0333 0x0ef8  HcwDevCentralService - ok
09:13:39.0349 0x0ef8  [ 718C920CB260519A6A2F42B380556279, 69A7031A7E4BE3AA295517DB73DD0B8D250BE90AEB063EE6928AFE8C5C022CC1 ] hcwE5bda        C:\WINDOWS\system32\drivers\hcwE5bda.sys
09:13:39.0364 0x0ef8  hcwE5bda - ok
09:13:39.0364 0x0ef8  [ 10E3515FE5DBA6656FA62C29342EC4A1, 2051F10F74ED712B1766EB61E87FADE25AB3D0970BABFD320600D1B0D6377F26 ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
09:13:39.0364 0x0ef8  HDAudBus - ok
09:13:39.0364 0x0ef8  [ B90D284B97CD4CA9DE7430AAAD887A56, 2F14F985C39B7801ED64590979CF2114924E9547F5B11D2B37A74DBFFDD9E7C5 ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
09:13:39.0364 0x0ef8  HidBatt - ok
09:13:39.0364 0x0ef8  [ B2FE11643CC6ACDEE6C247DD36018FDB, 5796613C7DBF8B2A9E860E006FF1A245B6BE7D10E3F6685AD142B48E5C237B8C ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
09:13:39.0380 0x0ef8  HidBth - ok
09:13:39.0380 0x0ef8  [ D24355488A2D4D2323518EC1AC7A6D9E, ED2176A2093726087EDDA25B86E9CDD4BA35F4E748E3A6DE0B15C4C97646B5C7 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
09:13:39.0380 0x0ef8  hidi2c - ok
09:13:39.0380 0x0ef8  [ 0AF9ABBA4F3F55C6C803890D64BC3C29, D3DE6FA308F8E7CD4F16387F46AE4B2F7EC9BBA07BF87652B660A0D645710571 ] hidinterrupt    C:\WINDOWS\System32\drivers\hidinterrupt.sys
09:13:39.0380 0x0ef8  hidinterrupt - ok
09:13:39.0380 0x0ef8  [ CDBCF8E9AB06D88A1E1191D32F320C5D, F76963AB7CF2BAB3A220013879AECD3976BFD851CFB66B5A69A9EA2541048861 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
09:13:39.0380 0x0ef8  HidIr - ok
09:13:39.0380 0x0ef8  [ C900FE0DD6A1E2220084B8F1C427790C, 802194EBEDA1A50EDA300078B0888AAC1F17A42E67147B7B3B9C50AD8D4E5C89 ] hidserv         C:\WINDOWS\system32\hidserv.dll
09:13:39.0380 0x0ef8  hidserv - ok
09:13:39.0396 0x0ef8  [ 2B7002EEACFC2687788A34ADB204293D, 040B5FC43459E80AD56CEBB26EC7676F449310537ADCD3272C2064241E328834 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
09:13:39.0396 0x0ef8  HidUsb - ok
09:13:39.0396 0x0ef8  [ 44D54C8356588525D7AD0FDCFDDA0811, 46963ADBF14FA8A9B0E6564106ADEA49BBD4EBD9E43DF389CCD31F9B9BD080D9 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
09:13:39.0396 0x0ef8  HomeGroupListener - ok
09:13:39.0411 0x0ef8  [ 86161A89F16851728802590EC7C92608, 3A3B05BB4E115410D27063B30C0EF3F18295F542050F329F1E466C81A9E23A46 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
09:13:39.0411 0x0ef8  HomeGroupProvider - ok
09:13:39.0411 0x0ef8  [ F5CA18197B4646E04DB9EB2D6642CC4D, 5BA3342DDF1BCB67E4156169FE9A33E7BC2641C729E9F1A80C0E80953C6AB114 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
09:13:39.0411 0x0ef8  HpSAMD - ok
09:13:39.0427 0x0ef8  [ 65E358D604267CBAACB74A2598BBE22B, A645E48641D638A58789B7948FC3DD5072179C0919B546A6DB08094FA9321A30 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
09:13:39.0442 0x0ef8  HTTP - ok
09:13:39.0442 0x0ef8  [ 0C84C250F80EAEC2C9768464CC1A9626, 212E1003B78F9B98FEB084FD1FDB59B26A9DE4C9120F24D4361FBBF0F3C035E7 ] HvHost          C:\WINDOWS\System32\hvhostsvc.dll
09:13:39.0442 0x0ef8  HvHost - ok
09:13:39.0458 0x0ef8  [ 3756E15BB86689412775DF22A442FC46, AD9DF5B542B30C89F9904CB574E75BD2D18A31F67032F0E2453290E912FC5DE3 ] hvservice       C:\WINDOWS\system32\drivers\hvservice.sys
09:13:39.0458 0x0ef8  hvservice - ok
09:13:39.0474 0x0ef8  [ EF558A02D734A1403583E95CCEEC2487, F0D052DAF48A62E4A90D067BFCB5EE9563804DE68D0EA82E0E11C8D16AD19D29 ] HWiNFO32        C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS
09:13:39.0474 0x0ef8  HWiNFO32 - ok
09:13:39.0474 0x0ef8  [ 771EDDA9830A3079F996F34D681FB6E5, F452AD656872A1C8B2D6DCE232CE01EBD456C46F4934A7601E78470F2A2CBF38 ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
09:13:39.0474 0x0ef8  hwpolicy - ok
09:13:39.0474 0x0ef8  [ 3B9F315E7FA72CC25228EB097DD9C694, B26F1E494428EF197A0C97645C05BB3CA093827A005D35C987F1D6778BC4E52C ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
09:13:39.0474 0x0ef8  hyperkbd - ok
09:13:39.0474 0x0ef8  [ B54B30992620C97230013A74461C8517, CAF09BDCDD6DE2A39CB8AE2C65E6F8FE12D8E93D84BBEF6C6A98F872BF54A4E3 ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
09:13:39.0474 0x0ef8  i8042prt - ok
09:13:39.0474 0x0ef8  [ C6B8743B213F06AA60943D8366FE968F, 758954F70B810063914B243115B2C753B2BCE40190F95C30ACBA0BF04EBD5B33 ] iagpio          C:\WINDOWS\System32\drivers\iagpio.sys
09:13:39.0474 0x0ef8  iagpio - ok
09:13:39.0489 0x0ef8  [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c           C:\WINDOWS\System32\drivers\iai2c.sys
09:13:39.0489 0x0ef8  iai2c - ok
09:13:39.0489 0x0ef8  [ 5A0E850F8CD17791A3E6A3CF81D0CA28, 10A965A49D53360DD250E0758B6BB142872298A21C732EB026ACB93492C5C6CF ] iaLPSS2i_GPIO2  C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys
09:13:39.0489 0x0ef8  iaLPSS2i_GPIO2 - ok
09:13:39.0489 0x0ef8  [ 7508F1096803385D6376BFD0BD473AC4, 1F32EC23CDC94DCB9710E6663B5C3BD83568545DDC2C741CFC13550A4E4DD2BE ] iaLPSS2i_I2C    C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys
09:13:39.0489 0x0ef8  iaLPSS2i_I2C - ok
09:13:39.0505 0x0ef8  [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
09:13:39.0505 0x0ef8  iaLPSSi_GPIO - ok
09:13:39.0505 0x0ef8  [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
09:13:39.0505 0x0ef8  iaLPSSi_I2C - ok
09:13:39.0521 0x0ef8  [ 5F6CA62BE8ECC4D0E1F5D4D4A02B456B, F720A1F14C9053D24C5B42827E5F9578A27F3E62A6C65A3CFA068E580F02F072 ] iaStorA         C:\WINDOWS\system32\drivers\iaStorA.sys
09:13:39.0536 0x0ef8  iaStorA - ok
09:13:39.0552 0x0ef8  [ 97E553D03219D3D51705C7235D9EAEBD, 5D4578C8804AF32D1DC0868E34D6538138DC15F9568CA7E21051B1C82C0D8D55 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
09:13:39.0567 0x0ef8  iaStorAV - ok
09:13:39.0567 0x0ef8  [ 8350FE3BCDE3428BC040877BB7E9EAEB, 77F9456351CA640C6B7862907C0580627E761EC807B551976A95657EB4D6CC20 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
09:13:39.0567 0x0ef8  iaStorV - ok
09:13:39.0583 0x0ef8  [ 3BA03F7C7700DDF4C383DDE9252F5817, 3E90F69D0010E7764349D9AE865D577E431FEBC67DA554B400BC808DD286E203 ] ibbus           C:\WINDOWS\System32\drivers\ibbus.sys
09:13:39.0583 0x0ef8  ibbus - ok
09:13:39.0599 0x0ef8  [ 937AC47F7356554DA05D9722C356EB55, 9EABC9F19B4E1193B669D2674967F5C6F03FAD348EDF0615E3F78554FF9A83CC ] icssvc          C:\WINDOWS\System32\tetheringservice.dll
09:13:39.0599 0x0ef8  icssvc - ok
09:13:39.0692 0x0ef8  [ DCADFA880DF77BB103F7A034A4B33577, 4AA267EE18104AEBA40A98A1D2DE2E10F1BB84F6FB4C5496600A45C072E18EC9 ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
09:13:39.0802 0x0ef8  igfx - ok
09:13:39.0817 0x0ef8  [ E1C55B9A0BC573F95CBB0FE981C390D2, C19BAB0E55DD23F0CC106D73DAA1154D359D8033E065832E41B9D710E241FCF0 ] igfxCUIService2.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
09:13:39.0817 0x0ef8  igfxCUIService2.0.0.0 - ok
09:13:39.0833 0x0ef8  [ F2934208C0E50C0B971A7981AB90BED2, B936BFBBD71E731CC2CDB8B47D262F2EF09726FF921C2DA0841910CA2401423D ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
09:13:39.0833 0x0ef8  IKEEXT - ok
09:13:39.0849 0x0ef8  [ 2A01C96DF5802D3434634E55C91232D8, A3ABEF36E2FD2CF5C371ADBF92566A09669A1D990ABE4677370F57F2EEAF8121 ] IndirectKmd     C:\WINDOWS\System32\drivers\IndirectKmd.sys
09:13:39.0849 0x0ef8  IndirectKmd - ok
09:13:39.0911 0x0ef8  [ 0D378E0EC4009E954FB1A358514CE99E, 05B36FCFFBCB01DBD01096B3E72F2AEBCEF91C99EF2AA4DB17EBECC33A1CA0B7 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
09:13:39.0958 0x0ef8  IntcAzAudAddService - ok
09:13:39.0974 0x0ef8  [ A38C7B403BBFD5B30F27C2D6B11AAF25, 25F0E31A9987B49224C8884F30AF85DE3B1181E20BC8C0401C0F85BAA481A7D1 ] IntcDAud        C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
09:13:39.0989 0x0ef8  IntcDAud - ok
09:13:39.0989 0x0ef8  [ 9F7E87F6595D065A8A200A291043045E, 6944F72F73EADC6C9B7691F2C1C6DF1898F22C88EFA78EC0BA8CB5FFD9CE057B ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
09:13:39.0989 0x0ef8  intelide - ok
09:13:39.0989 0x0ef8  [ A6BD2E20AE1BC5CB2776C87C28E4F4CA, BD8BE67CED9A4982D785CE9ECBEFE868C3A2E37DF7F9592B9F9049B807A1554B ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
09:13:39.0989 0x0ef8  intelpep - ok
09:13:39.0989 0x0ef8  [ 2A48DA39542636DB0FA3BA915385D1B3, 6CA0916F5F4B1E81AE6A6233276320599BFA7C129267177703E3BB6468FB4683 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
09:13:39.0989 0x0ef8  intelppm - ok
09:13:39.0989 0x0ef8  [ 4A922CAB4AB5F29F1BECC9D95B4B7F05, 7C1006799E26A0B4DF49373A4D0509748C602588CFB3C1CBB409E335F5DF9593 ] iorate          C:\WINDOWS\system32\drivers\iorate.sys
09:13:40.0005 0x0ef8  iorate - ok
09:13:40.0005 0x0ef8  [ FE85D0A86CA7A5A99CF8CD04DE7F80AE, 544C01FC01EE728EB5667158207E5F4418FE77A88BA318192A834722DB766F4E ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
09:13:40.0005 0x0ef8  IpFilterDriver - ok
09:13:40.0021 0x0ef8  [ 89548E57FD0A7BC703541C69C0286B13, 261698B302DF5B80C57FC4257E0A0AABC8DEFFED16D8CD142AD8E7CB51AF2007 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
09:13:40.0036 0x0ef8  iphlpsvc - ok
09:13:40.0036 0x0ef8  [ 450DBDD716C7911F83E05F78EE18BFA2, 43C0DA172F632131898F315A53DEDD1AE99FB0620AB32B3A5B99FEC498C9AAE5 ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
09:13:40.0036 0x0ef8  IPMIDRV - ok
09:13:40.0036 0x0ef8  [ F1DAECC3B3D6399875D4F10529D6A77C, 6533D2F858816BE6570C998510919FCA2904EC6EF806F61C1FD325E88133111B ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
09:13:40.0036 0x0ef8  IPNAT - ok
09:13:40.0052 0x0ef8  [ EECB45F889E99174DA56FBDF37962D25, 12B407C45C9D0396FF3B5B118A863CBDEE0867034AE365F4CF5A8F66A4DB2003 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
09:13:40.0067 0x0ef8  iPod Service - ok
09:13:40.0067 0x0ef8  [ 7475A2903BB704B446AA6309E34D3362, C94643A1626A9716015EBA7041A1224098501EB7DAA704CBFCAD3DC6F3CFC6AF ] irda            C:\WINDOWS\system32\drivers\irda.sys
09:13:40.0067 0x0ef8  irda - ok
09:13:40.0067 0x0ef8  [ 9725E7F0C64CE9916A5CDABE8D6E13C3, 04AF9E48FEF208A2850DF28352E8FDCBF4018982C72C0F67EE12C048C4070116 ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
09:13:40.0067 0x0ef8  IRENUM - ok
09:13:40.0067 0x0ef8  [ 8C604213A2E73088BFFE6CD2E6F1AE53, B4C4FEE4D398A29F72EC27D5668071D7E68CD943FFFC38624DD5DF5BEBDF46D3 ] irmon           C:\WINDOWS\System32\irmon.dll
09:13:40.0067 0x0ef8  irmon - ok
09:13:40.0067 0x0ef8  [ 58040898883A96160D41739C80328BBF, 7F85C91C905811416E266A263DDEFCDCB0B45376AAE51B551AB636C16577DB9F ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
09:13:40.0067 0x0ef8  isapnp - ok
09:13:40.0083 0x0ef8  [ C9FD02D62E09337B67B0C61EC8CA38CC, DC77E935ECC8474BE9018F0937CB11C137073582B20A0EE107CE247FD9E1F9C1 ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
09:13:40.0083 0x0ef8  iScsiPrt - ok
09:13:40.0083 0x0ef8  [ 210808437570BDDEE71A43535E3A2D30, EF5DE6EE4FF58F44CDE4D4E7F298ABBC9086EC05CC3AE4903060DA878115AC1E ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
09:13:40.0083 0x0ef8  kbdclass - ok
09:13:40.0083 0x0ef8  [ 2D05785B0C58D90A34EA15032EADBBA9, 3E1238FF7F6ECA522761830FE7EA7587B704FCB3ECE8C6BF94CC17A640B678ED ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
09:13:40.0083 0x0ef8  kbdhid - ok
09:13:40.0099 0x0ef8  [ 813BA3EB2CE038F2A5382DDD75CAD60B, 99FA444027CAC247B54317730D54AB0C4C000AE076B97E47470FDA9834594312 ] kdnic           C:\WINDOWS\System32\drivers\kdnic.sys
09:13:40.0099 0x0ef8  kdnic - ok
09:13:40.0099 0x0ef8  [ FD0FC10A8CFD7AFEC58BBBE649BAA470, 9BDBD540FCF33FC01AB896D50A872E2FB5A007225FA003C528E6DCBDBEE19C25 ] KeyIso          C:\WINDOWS\system32\lsass.exe
09:13:40.0099 0x0ef8  KeyIso - ok
09:13:40.0099 0x0ef8  [ 9F5BCA33169A832EA380D1CB47CF71B7, 15C207CA687D841F13B4B1E254A102F1EA0299650E3A4961D6E1B757E24B705B ] Killer Service V2 C:\Program Files\Killer Networking\Network Manager\KillerService.exe
09:13:40.0114 0x0ef8  Killer Service V2 - ok
09:13:40.0114 0x0ef8  [ C94FB70AA81EF5D64B11E61B567F5AF2, 6488014691F19FE8E8EAE9C540A6C7791AA96715D9A5720B2B84360D834F6963 ] KillerEth       C:\WINDOWS\System32\drivers\e22w10x64.sys
09:13:40.0114 0x0ef8  KillerEth - ok
09:13:40.0114 0x0ef8  [ 9FA1B5D84F596F0664F0465F302044DC, 47B41D3D6119B5B20C83AF84D315C4AB40B5534D687736A8B67BD985A3B232C1 ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
09:13:40.0130 0x0ef8  KSecDD - ok
09:13:40.0130 0x0ef8  [ 3B342AD20A76FAEC4851A38774B99AB4, 5003427A1BA8AFA2273C623BCF1A9CC5D60654A346FE4A2FB43CDAD2732E8BB3 ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
09:13:40.0130 0x0ef8  KSecPkg - ok
09:13:40.0130 0x0ef8  [ 4ED115CD1A1099705F56B5E0FFF97CC6, 9CC49DF2CD6AAAE405BA661D13EFC1E05111D1DE3D1E50C39C425AF1F075610B ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
09:13:40.0130 0x0ef8  ksthunk - ok
09:13:40.0146 0x0ef8  [ 8125BDF7ADC261F75EF0CAD92456E350, 184797AA1D58C4FF743BA60D48590B88B781EE7779205E45E0679DEC79F3E185 ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
09:13:40.0146 0x0ef8  KtmRm - ok
09:13:40.0146 0x0ef8  [ 8CCAB08815B50AD78B823DB3F96C8604, 265E6D582EB7207B5CC577D61CB7BC3646F613047F168CD69BB776C37780EBF5 ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
09:13:40.0161 0x0ef8  LanmanServer - ok
09:13:40.0161 0x0ef8  [ 752FE77F22592016A5EBBF399EC12E14, 231CF3E069FF64A4E8C81D0799A73924D864585B25382EFF8D1707F87747AC9E ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
09:13:40.0177 0x0ef8  LanmanWorkstation - ok
09:13:40.0177 0x0ef8  [ F8EBAA1FE6D3BF84752931DE1BFA0E2A, 2F3C512712BA709BBBBD779D9E792DBE324876C402CDCEF0345B8B7ABE1D232A ] lfsvc           C:\WINDOWS\System32\lfsvc.dll
09:13:40.0177 0x0ef8  lfsvc - ok
09:13:40.0177 0x0ef8  [ 17325C9B9ADB2BB99049936D0C9812C8, 70ADDC85FD5757BC9C4B97F382B25A19851FF8275021FFC04A81E208A604F83E ] LGBusEnum       C:\WINDOWS\system32\drivers\LGBusEnum.sys
09:13:40.0177 0x0ef8  LGBusEnum - ok
09:13:40.0177 0x0ef8  [ 2D7F1C02B94D6F0F3E10107E5EA8E141, 93B266F38C3C3EAAB475D81597ABBD7CC07943035068BB6FD670DBBE15DE0131 ] LGCoreTemp      C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys
09:13:40.0177 0x0ef8  LGCoreTemp - ok
09:13:40.0177 0x0ef8  [ C7AF05942E041D4B1F345ACF79993BB3, E8FAAE356C99A11F6CF17640FD9C67F87AFBFEFB70C458CB85178F2AD94DF848 ] LGJoyXlCore     C:\WINDOWS\system32\drivers\LGJoyXlCore.sys
09:13:40.0177 0x0ef8  LGJoyXlCore - ok
09:13:40.0192 0x0ef8  [ 1DDB8DE3D6EEF31EDCF4977B2D2FAACC, 24291B522A596E2D9A1CDAC192DB1C7422D5DD0E87E5C8A5F5E2CAA90296BF23 ] LGVirHid        C:\WINDOWS\system32\drivers\LGVirHid.sys
09:13:40.0192 0x0ef8  LGVirHid - ok
09:13:40.0192 0x0ef8  [ F2E1302599E445F3E1A305123A92A8BC, 162D5C8045463931E8465544144F11567AA0F246AEAC3828A13284C283F01633 ] LicenseManager  C:\WINDOWS\system32\LicenseManagerSvc.dll
09:13:40.0192 0x0ef8  LicenseManager - ok
09:13:40.0192 0x0ef8  [ 5933A6673F00D8255C52957E40C2D601, 0AA1281F8B3F97E360592D1B35EE7D3D614F1AB46007F9884CFFB1C5E647575E ] lltdio          C:\WINDOWS\system32\drivers\lltdio.sys
09:13:40.0192 0x0ef8  lltdio - ok
09:13:40.0192 0x0ef8  [ 88A3C935725FA6EA1A228DCC26CF9C6F, 9B1F70644EEFA1EE7CE151A8A970430087339B7A6345F2E0252370929D4AFAC6 ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
09:13:40.0208 0x0ef8  lltdsvc - ok
09:13:40.0208 0x0ef8  [ 3F858E28AEE6545FA1B64134DFD5C2CE, FFD7B4FB0A7B61BC6B76A172134673842F2CF00E96FA3ED4A8273DC525B6BB92 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
09:13:40.0208 0x0ef8  lmhosts - ok
09:13:40.0208 0x0ef8  [ F22EC985B9BE0788B5DB4F0162131CCF, 015A5E0396240373ED9EC5026C53CD5E03AE31688A984C47E071704B0FE8D552 ] LogiRegistryService C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
09:13:40.0208 0x0ef8  LogiRegistryService - ok
09:13:40.0224 0x0ef8  [ 8E1B0946948CCC0BC1FA3CB70374A795, 0B894C129A35E223FF9594725AC90916CBD597FAD2211A18FC2AE03EA8679597 ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
09:13:40.0224 0x0ef8  LSI_SAS - ok
09:13:40.0224 0x0ef8  [ 4F68163FC04C973500DC4DA0946917B0, DF060C29109EB3978CEDFE781999B0C4C1E8C0FDB133428058D8400C53315EEC ] LSI_SAS2i       C:\WINDOWS\system32\drivers\lsi_sas2i.sys
09:13:40.0224 0x0ef8  LSI_SAS2i - ok
09:13:40.0224 0x0ef8  [ E5AC5F2815938651CDCC27F425474673, 3AF0598982153C36A766506FA088F7B84333CC96FEBB050402547AFC613AF9F7 ] LSI_SAS3i       C:\WINDOWS\system32\drivers\lsi_sas3i.sys
09:13:40.0224 0x0ef8  LSI_SAS3i - ok
09:13:40.0239 0x0ef8  [ CCF6EC9FB9B8F18E05B4253E81013E48, EBE8D77FEE8B99BD8C29702404774D554673C96DF3FDF3DCEA9C99E22C2709FC ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
09:13:40.0239 0x0ef8  LSI_SSS - ok
09:13:40.0239 0x0ef8  [ 5570D03E2048AC7961BEF6FFEE3A2CA5, FD0232312D87015FA0B8062FA175A44410F8C1C9778145CCDD57BA1C23929C87 ] LSM             C:\WINDOWS\System32\lsm.dll
09:13:40.0255 0x0ef8  LSM - ok
09:13:40.0255 0x0ef8  [ C9579D32219E5B936AC3A48D470117EC, E61A77191B6BA25D29B1221FEBBE826BBC11F825C0E35A72B4CEFFF8B7FE59A8 ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
09:13:40.0255 0x0ef8  luafv - ok
09:13:40.0271 0x0ef8  [ 6D4111E1852A9F0BFC07BB69F3141841, 9BFF4517F26F1E9DF4DA6633B542EAA20A698B9397D2ED73134E7AEF306FBB15 ] MapsBroker      C:\WINDOWS\System32\moshost.dll
09:13:40.0271 0x0ef8  MapsBroker - ok
09:13:40.0271 0x0ef8  [ BE6FE8C282F4165CFD1EB45A4F24D191, 39BD016B8A6011BD3B99D20F811E81BDC3B2E6857E97225A76DF320955DB8654 ] MBfilt          C:\WINDOWS\system32\drivers\MBfilt64.sys
09:13:40.0271 0x0ef8  MBfilt - ok
09:13:40.0271 0x0ef8  [ C3CDCCF07486BD2616A7B82946E07AC0, 1EF95DAB2DA856BC7D7573B2EB2D9006DF337F827F0B56A161D0C97F45DB755E ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
09:13:40.0271 0x0ef8  megasas - ok
09:13:40.0286 0x0ef8  [ FADB2FE017E69EECE0E1BA78661C2E8C, BE99B49031D8B4B670B6F6B6E829E54406779CF6F1D8AFE8AB79A73E6764AB2F ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
09:13:40.0286 0x0ef8  megasr - ok
09:13:40.0302 0x0ef8  [ FB4FD57CB9A6424C91D041844ADA059E, 6DE806E9E15D68C1A832962D00C3611E8AE97E14B95C0B6E0128E08269646D4C ] MEIx64          C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys
09:13:40.0302 0x0ef8  MEIx64 - ok
09:13:40.0302 0x0ef8  [ 55A417C3E41F2A98666CF929EC19108E, A38C262B2863C87E4151525BF26D6AC16E7982D370E2C6998EB15C88C4BC8254 ] MessagingService C:\WINDOWS\System32\MessagingService.dll
09:13:40.0302 0x0ef8  MessagingService - ok
09:13:40.0317 0x0ef8  [ FD60818B66B2E8A5415EA840E99A9D8F, 5D2F22909354534B821D958FBEF6A40EB4F642F53C7B509D00949096EF716F36 ] mlx4_bus        C:\WINDOWS\System32\drivers\mlx4_bus.sys
09:13:40.0333 0x0ef8  mlx4_bus - ok
09:13:40.0333 0x0ef8  [ 68F6977F1CFBAAC770D940A8C0326FA1, 90EE1E7DAC680EAA5AD50E9B0B9FD8FCE8DD6A02D5EF941B5AA5084CBD40BB80 ] MMCSS           C:\WINDOWS\system32\drivers\mmcss.sys
09:13:40.0333 0x0ef8  MMCSS - ok
09:13:40.0333 0x0ef8  [ D842ADDB5911945D51F61A0B1C8F36E3, 5EB93A1FD2D2D9FAB6121356E1AB18F2ADE9550D3033274AF7CA8F7FD51E59ED ] Modem           C:\WINDOWS\system32\drivers\modem.sys
09:13:40.0333 0x0ef8  Modem - ok
09:13:40.0333 0x0ef8  [ 9CCCB7FC3EDADEBA461D78615A6011A6, C120B58F25E8CCFD971EB78645C0682F367AD56DC15F2D8C1980CE75B04719DF ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
09:13:40.0333 0x0ef8  monitor - ok
09:13:40.0333 0x0ef8  [ 27A07B2FB2E3057DA8DAEA4F25D843C7, 09D2B39E6B9AAEC879E5871DD6BCFF2AEF0B894F3B44649665A685F8B3CA6F27 ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
09:13:40.0333 0x0ef8  mouclass - ok
09:13:40.0349 0x0ef8  [ 7BD6E7F7C9001AB21B8362CFFEE80B25, C470C3363EEF3A60409A5934988BFB9B72AE7C2BB63CC2C2D006D7EB1C797F6A ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
09:13:40.0349 0x0ef8  mouhid - ok
09:13:40.0349 0x0ef8  [ F5BDAEE4B7D369D4C74668DCFBA3FF10, 100F39288E56AFE0D39D1CC235BDC9F3727C873CD3114E092DA7A08810BD3EB2 ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
09:13:40.0349 0x0ef8  mountmgr - ok
09:13:40.0349 0x0ef8  [ 22A7042C70F90F8261840740DDBB5176, AD0075C97D2D7C568D5CFB1C3A02DCE3BC01941844A759B29CD4DE4AF2F5FC45 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
09:13:40.0349 0x0ef8  MozillaMaintenance - ok
09:13:40.0364 0x0ef8  [ 30844BD376F9D01E62C820BEF446F1F8, 910D672EDB544A20AEB4450B4D89830F46EDD28CE0021156176315C5D068A1B4 ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
09:13:40.0364 0x0ef8  mpsdrv - ok
09:13:40.0380 0x0ef8  [ 779CFDB17EA07A6D26FEBBAC95B65772, 74D9542E8DCCD07396A45A45D2F500AA6F9DCC1DB785A6153EB3067E42F576A4 ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
09:13:40.0380 0x0ef8  MpsSvc - ok
09:13:40.0396 0x0ef8  [ 50C2389CD04C5B8632E3DC2D733EF15D, 0F83A8A5F405BC6F401B5A75D45F6D07C61C0CA692D2A77C63E742622F5BF921 ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
09:13:40.0396 0x0ef8  MRxDAV - ok
09:13:40.0396 0x0ef8  [ C9BB4E2FCAB693FEB00CF940060D94F4, DBE5DACBAB0CF803EBBDC414FD4D2A159B9062892DE923E22E56CBCDB80F13A7 ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
09:13:40.0411 0x0ef8  mrxsmb - ok
09:13:40.0411 0x0ef8  [ 8F58AEAE00B39AC9AD93755E777B19D8, 335E4D9E9E81609BEAFA08376EE29C35DA6A1839FAFC37399B9066F03BFFFBC1 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
09:13:40.0411 0x0ef8  mrxsmb10 - ok
09:13:40.0427 0x0ef8  [ 6C83C4A8278E48455DA13E554CEB45F1, 9389EF464F242861FCE8C22D2EB19E8574BF3E56C1A4FB064DE9E7480631E7F6 ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
09:13:40.0427 0x0ef8  mrxsmb20 - ok
09:13:40.0427 0x0ef8  [ 74C9D21523DAE0C18F413C196DF0058A, 3DB4B8CA368D9DD82FAE2C2BC828A21142C8D29780A7C8667188C447519FF702 ] MsBridge        C:\WINDOWS\system32\drivers\bridge.sys
09:13:40.0427 0x0ef8  MsBridge - ok
09:13:40.0427 0x0ef8  [ 308F08347923DEEDE7BC03EC7D485841, 72DB45CA11FE635DF9F8273C38CBEFB8DF5362ADA0CBF6D2B1E570365DC700C0 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
09:13:40.0442 0x0ef8  MSDTC - ok
09:13:40.0442 0x0ef8  [ F01B849D9D4A8CEAF32D4FDBD0B83C92, D2473AC4C6E6C03DEF13EA73EC78FB878BDC95C047651BF79A16C9DEA82AD046 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
09:13:40.0442 0x0ef8  Msfs - ok
09:13:40.0442 0x0ef8  [ 22ECD8F5D1DFADF2011BBB1700CB871D, 8F9EFF51137394EFA5471B8A29C541710063B65806B075B4925A84D5B6BC3BBB ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
09:13:40.0442 0x0ef8  msgpiowin32 - ok
09:13:40.0442 0x0ef8  [ FD870F6968A145E4D2BA8A8842686B03, 34B8F601F3B5E42B4D0A41E2AF7DB4EB4E5B627DA8DA9A2A2D46B153AF23AEB1 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
09:13:40.0442 0x0ef8  mshidkmdf - ok
09:13:40.0442 0x0ef8  [ 30364757963A028CE5DF0FBAAC270173, C72588A6A52FF8E418A15D2C407A4DB7EA768585423720145F8253D5CA519DC2 ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
09:13:40.0442 0x0ef8  mshidumdf - ok
09:13:40.0458 0x0ef8  [ 6BB0FEDDAE7135FA37FFAFF4D9E0E876, B41A3C0FFDFC493D6325ED493445AFCED04EC9DFF2B38125616FC5419AD1ACC4 ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
09:13:40.0458 0x0ef8  msisadrv - ok
09:13:40.0458 0x0ef8  [ 07E3E54734B14F43A4A95A849C0A0DE2, 314AA02EA84D267B32DBAEBEA6C1AC1A266DED1E8D35A17B41D1D2AC75E8049E ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
09:13:40.0458 0x0ef8  MSiSCSI - ok
09:13:40.0458 0x0ef8  msiserver - ok
09:13:40.0458 0x0ef8  [ 13D614E6B51ECF36746C48CE829FA7F6, CAD63C0A4F7110093F84C58252C5803F14E3FC46584B79DA17EC86D49FEAEA64 ] MSKSSRV         C:\WINDOWS\system32\DRIVERS\MSKSSRV.sys
09:13:40.0458 0x0ef8  MSKSSRV - ok
09:13:40.0458 0x0ef8  [ 642CDE46351D5D2D90311E77072AB46D, B2D3033E607BA2F6E6B9CFB1CBF154CD0CE910EA473C56343EC81B9B94044CCA ] MsLldp          C:\WINDOWS\system32\drivers\mslldp.sys
09:13:40.0474 0x0ef8  MsLldp - ok
09:13:40.0474 0x0ef8  [ F2302A5CE63CA7673200FAFCEEEDB6AF, B8C44FC2DC0332183DE325CDBF511101F3307225295EDD428CE575A8DE15C223 ] MSPCLOCK        C:\WINDOWS\system32\DRIVERS\MSPCLOCK.sys
09:13:40.0474 0x0ef8  MSPCLOCK - ok
09:13:40.0474 0x0ef8  [ 6114512EA26E835BA522C63635429DB5, 0F91CE41B4555316A79AEF3047C152D538CC9C7C329987C9FD0E3D961AFC87C8 ] MSPQM           C:\WINDOWS\system32\DRIVERS\MSPQM.sys
09:13:40.0474 0x0ef8  MSPQM - ok
09:13:40.0474 0x0ef8  [ AA538E16E644D00E3BA5349BBA9598EC, 64A68B06883FE7ED34E04AB119BA819753F1222923EDD4E802C35D402B89D075 ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
09:13:40.0489 0x0ef8  MsRPC - ok
09:13:40.0489 0x0ef8  [ 7ACFE7435317E791FF9EED2F49B402F2, EAF2CE12403A9D975112A22EDBC313EE63B926C070B35E62D515403DD34BD88D ] MsSecFlt        C:\WINDOWS\system32\drivers\mssecflt.sys
09:13:40.0489 0x0ef8  MsSecFlt - ok
09:13:40.0489 0x0ef8  [ 0543BEFD41EC4D25C7F7CF36409CEC7D, 631622CFEC49952C0470531B23FFFFF483DC0EFFEF7A97B1179A600392C05DDD ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
09:13:40.0489 0x0ef8  mssmbios - ok
09:13:40.0489 0x0ef8  [ C1569E4DB8EFE3617847BF041A3C842F, 99ADE5E7F50E04CAEC737F7F90741CCA8EE628996BA5EB6C6BC62184884429B6 ] MSTEE           C:\WINDOWS\system32\DRIVERS\MSTEE.sys
09:13:40.0489 0x0ef8  MSTEE - ok
09:13:40.0505 0x0ef8  [ 130B16970154BA9876B09E5C4BAC63BE, BE3AF8FC5A26AB9C9DBA9C015C2E1FD3C4CD9CB423A2BBDABA91428BF8620553 ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
09:13:40.0505 0x0ef8  MTConfig - ok
09:13:40.0505 0x0ef8  [ 15D987C8F6CCD4AC94E070C5986762CB, 452FB0C48B86C7F8F53794CC2DDBF2B900B03A0383B2DE8F6A830F8CB0AFBAD8 ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
09:13:40.0505 0x0ef8  Mup - ok
09:13:40.0505 0x0ef8  [ 3D2C5B4995CA0751D32DEA0DE9FDFE44, A26958785FD9E05E2CA97078C9BB277CD44222BF5F7D9E8DC2F3F6AAAFFC6483 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
09:13:40.0505 0x0ef8  mvumis - ok
09:13:40.0521 0x0ef8  [ DB31EBB04C871F422C36A0962DA7D38B, B1BC2344744F537FB2C7D07B415F860195B7795E185253F05C0817A3764FEC10 ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
09:13:40.0521 0x0ef8  NativeWifiP - ok
09:13:40.0521 0x0ef8  [ C3D9870E680D9D843B18F4626C3858FE, 43596CAC9FB488F810FBA954C52BC4D13F7D32028C40ACFE33DFD7EE36A65C17 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
09:13:40.0536 0x0ef8  NcaSvc - ok
09:13:40.0536 0x0ef8  [ 04CE2C0F0759EACD886BA4B658B60D5D, E34D0976FC5936C8629800D826DB127072D1DFC3D350EFACA3AA1B8119551762 ] NcbService      C:\WINDOWS\System32\ncbservice.dll
09:13:40.0536 0x0ef8  NcbService - ok
09:13:40.0552 0x0ef8  [ E6094065008FE423377294050E7CEA2D, 86E200227256407530E2C28243DEFBC3CB6E9497644404D9AD79DA242286DF7B ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
09:13:40.0552 0x0ef8  NcdAutoSetup - ok
09:13:40.0552 0x0ef8  [ 8C17F3795DAE9A0ECDE4B3A3B0740E5F, 65807F2EEB7E60E1A7EFB4AEC9BB20C7121E8754E9001616DF919E5EA8B7C541 ] ncme            C:\WINDOWS\system32\drivers\cfohx.sys
09:13:40.0552 0x0ef8  ncme - ok
09:13:40.0552 0x0ef8  [ 629CB21AC49C8867E0F29DF1C16DB7B4, 20663E68C69D0A1A2FE99A0C2A9DEFABF49786A1DC8F7F4E1699458AF57D7E79 ] ndfltr          C:\WINDOWS\System32\drivers\ndfltr.sys
09:13:40.0552 0x0ef8  ndfltr - ok
09:13:40.0567 0x0ef8  [ 36DD2C614720EC2970CB5E870BA69D8D, 692BDA4201119E0561E17E7E1A72320DBECDE3F8E4E65FBEA1B2C1128E16508B ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
09:13:40.0583 0x0ef8  NDIS - ok
09:13:40.0599 0x0ef8  [ 6DD605338FAAF6BA17662AA874E0D162, 636607829F5D7C3B7A4683C0A2DD594360D72F2AA3F8710153BE32575AE34A15 ] NdisCap         C:\WINDOWS\system32\drivers\ndiscap.sys
09:13:40.0599 0x0ef8  NdisCap - ok
09:13:40.0599 0x0ef8  [ E34196F285F8B8879E1FF36C31F7179E, 77A4F24F995D4C0689C43F9956E08DCEC62517E4F8B1B9EAA1852B5293DB5B9A ] NdisImPlatform  C:\WINDOWS\system32\drivers\NdisImPlatform.sys
09:13:40.0599 0x0ef8  NdisImPlatform - ok
09:13:40.0599 0x0ef8  [ 1FAD2398673F30CEC616B89C46B7DCBA, 70302049E6AE2BC6B3A7A9DE54D3F940AD6A9771CC2EBCCEC65994E67A25ECB5 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
09:13:40.0599 0x0ef8  NdisTapi - ok
09:13:40.0599 0x0ef8  [ AEB8ECBE66CC46854066CB1F5623E179, 2F650A85A9DAE38887610C0B876621035616CEDB65D4BBBD7F1405616D218AAF ] Ndisuio         C:\WINDOWS\system32\drivers\ndisuio.sys
09:13:40.0599 0x0ef8  Ndisuio - ok
09:13:40.0614 0x0ef8  [ 7340104C2BF2F126714F7CDE85E63610, 45B64EC6F3A4C43F7D74806789067658C6EF0D44D36B841F4D26E1EBC95AF66C ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
09:13:40.0614 0x0ef8  NdisVirtualBus - ok
09:13:40.0614 0x0ef8  [ 07ADC1F8DCBEB8104D75129B11584B8C, CB51A294D9FD4E210DBEEF05A1E60A96CE52D6D138EF62A54E1F608F90FED300 ] NdisWan         C:\WINDOWS\System32\drivers\ndiswan.sys
09:13:40.0614 0x0ef8  NdisWan - ok
09:13:40.0614 0x0ef8  [ 07ADC1F8DCBEB8104D75129B11584B8C, CB51A294D9FD4E210DBEEF05A1E60A96CE52D6D138EF62A54E1F608F90FED300 ] ndiswanlegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
09:13:40.0614 0x0ef8  ndiswanlegacy - ok
09:13:40.0630 0x0ef8  [ 78A12E3DF035B5D054986949B19BE43C, AD9B34F89B9F27D473BD5FCE6694A40FCCB808B61ABEDD6F70F1AF6C7E73ABF8 ] ndproxy         C:\WINDOWS\system32\DRIVERS\NDProxy.sys
09:13:40.0630 0x0ef8  ndproxy - ok
09:13:40.0630 0x0ef8  [ 04C8859355C1DC9C0FA198D1894D71C2, E7C67E73009341B5D402470C686781B3C7BBE2531CE26665E08E711B990B1A77 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
09:13:40.0630 0x0ef8  Ndu - ok
09:13:40.0630 0x0ef8  [ 6C76780A01FC2B885BD6E957B5C36B02, DB7834F03A765F65C773E772D8051AFADB22CA4B5074180AA397857A0C47A068 ] NetAdapterCx    C:\WINDOWS\system32\drivers\NetAdapterCx.sys
09:13:40.0630 0x0ef8  NetAdapterCx - ok
09:13:40.0630 0x0ef8  [ 5D1513BD6430307C9DB86C6E351372ED, D2AB709CF7CFA5B857B084AFC821914A975B7DDDCE154229981F19448973BD6D ] NetBIOS         C:\WINDOWS\system32\drivers\netbios.sys
09:13:40.0646 0x0ef8  NetBIOS - ok
09:13:40.0646 0x0ef8  [ 6FEBB0A847FFD5F057B9AC8889F1B9A7, 558BCC64C59079E6569F61CCE1219A124B3313FC4E6CB5CBCC94124D202FF19D ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
09:13:40.0646 0x0ef8  NetBT - ok
09:13:40.0646 0x0ef8  [ FD0FC10A8CFD7AFEC58BBBE649BAA470, 9BDBD540FCF33FC01AB896D50A872E2FB5A007225FA003C528E6DCBDBEE19C25 ] Netlogon        C:\WINDOWS\system32\lsass.exe
09:13:40.0646 0x0ef8  Netlogon - ok
09:13:40.0661 0x0ef8  [ D3BF2DA9216A4CF22A97820A50A67EFF, D00CBE0A7ECFB449D9B48967A01EE56141404EBE229893D5A1710781AD5F2551 ] Netman          C:\WINDOWS\System32\netman.dll
09:13:40.0661 0x0ef8  Netman - ok
09:13:40.0677 0x0ef8  [ F2645D51DD8AABC8BC72358409410437, 8CB97628923D6CEA6EFAD7E666BE92C154060BD108C28D46287A520A14B18ADA ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
09:13:40.0677 0x0ef8  netprofm - ok
09:13:40.0692 0x0ef8  [ 724EA060EF56BAB4DED8F731FA56279B, E07FFE11D7B5C94D6B56940C6423ACB85910F6E8789E788EC91EEEE1C02B247F ] NetSetupSvc     C:\WINDOWS\System32\NetSetupSvc.dll
09:13:40.0692 0x0ef8  NetSetupSvc - ok
09:13:40.0692 0x0ef8  [ EFA857E2B0CC7C9DFEF48A2187B910F7, 424475568CD70237F056838388A5F7BDCD1B09349085498644C75940B12E8EAF ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:13:40.0692 0x0ef8  NetTcpPortSharing - ok
09:13:40.0708 0x0ef8  [ B996DE26A2E16053C9485F5905B05320, 30EB2CEB466A4F05A44F7CBFCDFD8CC3C27B5FCF1269C1B9410C48AB362D2A75 ] NgcCtnrSvc      C:\WINDOWS\System32\NgcCtnrSvc.dll
09:13:40.0708 0x0ef8  NgcCtnrSvc - ok
09:13:40.0724 0x0ef8  [ 2EC2F2E4C88BA9B72D1F6B92234BCD53, 4DC98EBE5A3B34ED654017F076F457970D3FBF749DC54A6533DAABDE85A7C4FE ] NgcSvc          C:\WINDOWS\system32\ngcsvc.dll
09:13:40.0739 0x0ef8  NgcSvc - ok
09:13:40.0739 0x0ef8  [ 0B5083278F195C26FE9E0140AEAEDCBE, B4D505963D5EBA14EC80E6D0BB8B862D96D1D1C3A57F4744AEBA3FF4BFB1997A ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
09:13:40.0755 0x0ef8  NlaSvc - ok
09:13:40.0755 0x0ef8  [ DE7FCC77F4A503AF4CA6A47D49B3713D, 4BFAA99393F635CD05D91A64DE73EDB5639412C129E049F0FE34F88517A10FC6 ] NPF             C:\WINDOWS\system32\drivers\npf.sys
09:13:40.0755 0x0ef8  NPF - ok
09:13:40.0755 0x0ef8  [ 001CBD7A2CD45C4EB39C01C3C677EF73, F4AAF4D60DB1232921C7811A62287B55C7C098B7A1FF9A40D88AF58A5ABECBA2 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
09:13:40.0755 0x0ef8  Npfs - ok
09:13:40.0755 0x0ef8  [ 90F5DC9802AAA00CD0B6E2AD9E7FFADC, 71C0777829299DECA6ACD42F38802DBE3C29A42CFBD8A396F39DFA44D1F55B6C ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
09:13:40.0755 0x0ef8  npsvctrig - ok
09:13:40.0771 0x0ef8  [ 1993C85962692EF7024501E7FE92D466, F5BCAA8308495EBF8BB061C2015E07C202A779668D171364D7E312975BC18B10 ] nsi             C:\WINDOWS\system32\nsisvc.dll
09:13:40.0771 0x0ef8  nsi - ok
09:13:40.0771 0x0ef8  [ 0C6218321A09A7B51BA7FFAFBA4CCB21, 330B3FA793A78410B28DFC8250BBF24442E3BB80434A7938BB96F02337614E0D ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
09:13:40.0771 0x0ef8  nsiproxy - ok
09:13:40.0802 0x0ef8  [ D1AF837A1555990602A51A3ED238EC80, 37F25AAC4431C665F014FF7EB2FBB395621581200CB5029D4C3F5040E9181F52 ] NTFS            C:\WINDOWS\system32\drivers\NTFS.sys
09:13:40.0817 0x0ef8  NTFS - ok
09:13:40.0833 0x0ef8  [ 6E6DD6F9DD2A034CF85E94047DBDB992, 63D0A0756F551B7668D1CBAB24B29FD462C706E8A81690BC248D6C92061FE215 ] Null            C:\WINDOWS\system32\drivers\Null.sys
09:13:40.0833 0x0ef8  Null - ok
09:13:40.0833 0x0ef8  [ 67B51A97733B10D716B366C2ED126763, C34B889D39A4443A82BCDF6B9A0BF637D2ECC37BBB1AAE21143EC9E3DC495D90 ] NVHDA           C:\WINDOWS\system32\drivers\nvhda64v.sys
09:13:40.0833 0x0ef8  NVHDA - ok
09:13:41.0021 0x0ef8  [ A51617881CEF500F8139494CBFBD543E, 2B5912D7D0490CC654DE0B8745D6F1574389E929C71DB0F5B8F504BAC691E790 ] nvlddmkm        C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_72b89f8d71abda5d\nvlddmkm.sys
09:13:41.0192 0x0ef8  nvlddmkm - ok
09:13:41.0239 0x0ef8  [ 020F45E362D3B57CCC5735582BB1A6EC, E2D953CEF208528382153D06FED8394BEB52657C547E4D2D2954E537C9A382DC ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
09:13:41.0255 0x0ef8  NvNetworkService - ok
09:13:41.0271 0x0ef8  [ D261DF41F0840F734856A2B4F5E072C7, 2E703556D0C919375D0B7770513456844B13362190643D5524663EC8546E0FF5 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
09:13:41.0271 0x0ef8  nvraid - ok
09:13:41.0271 0x0ef8  [ 23B702B555EB0436B9DAA0BC63DA65CE, D454F80D9657CFEC852F022C12D7B2C1A2D7D247ECC591EDB07B9369DFD8C99E ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
09:13:41.0271 0x0ef8  nvstor - ok
09:13:41.0271 0x0ef8  [ F82BCEB9F57B2959F6AAE2A3DDA892A8, 5B02C74BAF0E12B84F239B1449DAA955B28BD5BA7D35D315DB57F45E042E0DB3 ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
09:13:41.0271 0x0ef8  NvStreamKms - ok
09:13:41.0317 0x0ef8  [ 9209D57C1AA24841EF8D5DE6A5B2AAEB, C1A53621F5361DCE9C962A9B9B586D1904901C9EC20EFCA76C40ADCD98BEDF3C ] NvStreamNetworkSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
09:13:41.0364 0x0ef8  NvStreamNetworkSvc - ok
09:13:41.0411 0x0ef8  [ 0EDF9504CA5174075BA5902AFC1F57C8, 8E210E71BA91813D3BB6B59E5F6AD0889711336AD12B1B1C67CCC882A6ED3E53 ] NvStreamSvc     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
09:13:41.0442 0x0ef8  NvStreamSvc - ok
09:13:41.0458 0x0ef8  [ 1D97F4D3B6D1F64E6419317EF0DA5768, B06D07D5757BF0760EAC2F2DF6FA3E841FF20C25E21D28E76DFB16187A385A46 ] nvsvc           C:\WINDOWS\system32\nvvsvc.exe
09:13:41.0474 0x0ef8  nvsvc - ok
09:13:41.0474 0x0ef8  [ F37FE6B15A987AEEC08EEF531F2FAED7, CC768E7DE80C7A8CB2392F9BC528212B8A3A35A30A222ED0B0B959051E6F8065 ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
09:13:41.0474 0x0ef8  nvvad_WaveExtensible - ok
09:13:41.0489 0x0ef8  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
09:13:41.0489 0x0ef8  odserv - ok
09:13:41.0505 0x0ef8  [ 17997DC2441F7E29CDFC6458E0392764, 636CCE2DA1EF8195B33F8D6D5C8CC151D58EBF08DC9AD8ACCCE7ABD41A69639F ] OneSyncSvc      C:\WINDOWS\System32\APHostService.dll
09:13:41.0505 0x0ef8  OneSyncSvc - ok
09:13:41.0536 0x0ef8  [ 2906AF02B5D06B0EFCD32382F19B88DB, 52A57816017591AC18693095ED6877EC6187F01A1B075ECC0F7E8FA73543E9D0 ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
09:13:41.0567 0x0ef8  Origin Client Service - ok
09:13:41.0567 0x0ef8  [ 47E0EC70C731D4520BAC597A8AD29C63, 745A4FBC44ED9ADF444F6E62E1143B6B5BA1F1EF6A3D41D0A14D91DE0C3CEC4D ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:13:41.0567 0x0ef8  ose - ok
09:13:41.0583 0x0ef8  [ 4578ECA1FCEF4E7C787D84F78625143B, F5FE84D6D7412A4C037772593C434253D590E476B0B7498987A1697BED86A510 ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
09:13:41.0583 0x0ef8  p2pimsvc - ok
09:13:41.0599 0x0ef8  [ 2BBCED66D7AFC968BDBB0E4D8524DF0A, 762D916390F9DE69B3EA1D31244224F910645F8E5CEF4C505B76B215BFDFCD9A ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
09:13:41.0599 0x0ef8  p2psvc - ok
09:13:41.0599 0x0ef8  PAExec - ok
09:13:41.0599 0x0ef8  [ 6B81BF7853D161DB8AC62CD8B9C2DE6B, B2DC06D135FD2501217DDA7349556EB873309E02188D4C3901807BA24FAB30C7 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
09:13:41.0614 0x0ef8  Parport - ok
09:13:41.0614 0x0ef8  [ F9C32E5ECA5D29852A93C3888A4CC4B2, D52FFB5B85962D5C8FF8016627CBAE69472DDBA559261B6C7FD6DC4C677BB7C0 ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
09:13:41.0614 0x0ef8  partmgr - ok
09:13:41.0614 0x0ef8  [ CE515B2C6E2EA50053A8862398646B38, C85D370E5250AFCF44796CE274B5A100C6829DC28BF1D4C6991EF61DE46FD10A ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
09:13:41.0630 0x0ef8  PcaSvc - ok
09:13:41.0630 0x0ef8  [ 55E45E0A89429AE9C62D728B9C4891C0, 729922C3488866C8D67F00E82C082F2E8E6F05180F4767AD30FC7E1FFE4946C5 ] pci             C:\WINDOWS\system32\drivers\pci.sys
09:13:41.0646 0x0ef8  pci - ok
09:13:41.0646 0x0ef8  [ 214DCC87E3898F738075D1341252A552, E721FBBC3510DDB848A8CAEA3B6031EE988F42252DBC3BF7BDB6ABD9A0D9FABD ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
09:13:41.0646 0x0ef8  pciide - ok
09:13:41.0646 0x0ef8  [ AED76A3333B3A31536E430020E0226FC, EC255B79B0908E3C142D92E35B79D90A3F2594BA012CA2B1B04A6A8745153430 ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
09:13:41.0646 0x0ef8  pcmcia - ok
09:13:41.0646 0x0ef8  [ E63FB38B6E75B39467492FBAD2CD512A, DB406C92BA2460C833A49B98EB5BD58348E868F643A0123B0C9B5315FFC6A124 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
09:13:41.0646 0x0ef8  pcw - ok
09:13:41.0661 0x0ef8  [ 2CCD68D8A6BBFF2DE0EC54F086C5F3BC, D3D5A56F0C1BEBA9A05CE82F4BBD011E40A15358C00A668F9614F7E002A65A08 ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
09:13:41.0661 0x0ef8  pdc - ok
09:13:41.0677 0x0ef8  [ 1509A77F840AA9E72CF8247D0CF2FBDE, 2D47AD4D8F5C2D871E603FB6D72D25EFD0E63FA3A542DAADAB9D82ED074C0E0B ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
09:13:41.0677 0x0ef8  PEAUTH - ok
09:13:41.0708 0x0ef8  [ 2B55ACB1727A8E5E7514D2D75AC4EBEB, 5E7449F3EE0B15E400E405DE561ED2D3932259107A9D9320AE42CA1A5C5AB992 ] PeerDistSvc     C:\WINDOWS\system32\peerdistsvc.dll
09:13:41.0724 0x0ef8  PeerDistSvc - ok
09:13:41.0739 0x0ef8  [ 540116170E2135FCD5DDE77702166B67, CBEC51C2D47532F1781B3255040F303263420B204C2F8BB2B5D1EC342F57B285 ] percsas2i       C:\WINDOWS\system32\drivers\percsas2i.sys
09:13:41.0739 0x0ef8  percsas2i - ok
09:13:41.0739 0x0ef8  [ 8356F87553BF49C703CF382033815898, 245EB941566D848F134629690BF271B1CBEAB6440771D3D8D7AED3756835354E ] percsas3i       C:\WINDOWS\system32\drivers\percsas3i.sys
09:13:41.0739 0x0ef8  percsas3i - ok
09:13:41.0755 0x0ef8  [ CB5343FF52A702A9ACFAAE6BE972FE09, EAA5362D91D05D382DF4EBBAA3FD575456F23CAD531CC6F1270F8254892DBF02 ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
09:13:41.0755 0x0ef8  PerfHost - ok
09:13:41.0786 0x0ef8  [ CFA4868B2932396D47BCC8E7350907C1, C757910212982F54CF9B2CFFCB632D58E3A07E468A2DA42CDF97BFB6A05823DE ] PhoneSvc        C:\WINDOWS\System32\PhoneService.dll
09:13:41.0786 0x0ef8  PhoneSvc - ok
09:13:41.0802 0x0ef8  [ 06A31E2C90347128A1A25290568E152C, 7F0BC96C116A5C6B9796233CA975B1F6A73D554A533191F38295D60221E503C4 ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
09:13:41.0802 0x0ef8  PimIndexMaintenanceSvc - ok
09:13:41.0817 0x0ef8  [ F931F21E4287FE3ECCF09B54A232BBA2, CEB7AB3236E5F30214027092B7B695ED35F7A1E007DF4046797D1E4DFEF49EC8 ] pla             C:\WINDOWS\system32\pla.dll
09:13:41.0833 0x0ef8  pla - ok
09:13:41.0849 0x0ef8  [ FEA494AC3A1BAE63C1F2AF267D49F1DB, 0722FEA2481740B53EF26B1CA59166C63C157A5C708AC93DF3FBB74A27266C9C ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
09:13:41.0849 0x0ef8  PlugPlay - ok
09:13:41.0849 0x0ef8  [ CD421DDB5C6E5458CE52EDC36DE7DC5B, 7B9C0A8B2B86BBF5D7E02F2620B0015A2530CBBC99724BE20313DE53EB31D62E ] PnkBstrA        C:\WINDOWS\system32\PnkBstrA.exe
09:13:41.0849 0x0ef8  PnkBstrA - ok
09:13:41.0849 0x0ef8  [ 56D7A89423325121C4A9BD5C326414F3, 649048C23D1973C3504E26B35362AC99DFE9BF31FFE73F45B43306A212AEA34C ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
09:13:41.0849 0x0ef8  PNRPAutoReg - ok
09:13:41.0864 0x0ef8  [ 4578ECA1FCEF4E7C787D84F78625143B, F5FE84D6D7412A4C037772593C434253D590E476B0B7498987A1697BED86A510 ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
09:13:41.0864 0x0ef8  PNRPsvc - ok
09:13:41.0880 0x0ef8  [ F70CAC34B455D05EAA04B2F8FB58E1CB, 295BFFB3DA03C5CE5462C11D3240024B68AC06E8DEA9062A739BE2CCEE19EB5D ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
09:13:41.0880 0x0ef8  PolicyAgent - ok
09:13:41.0880 0x0ef8  [ 60C8376B48BA96F07AEA536527433D44, EB988C119C3E71169B91ED2A744C71933DD35447DC4A8249E80EC24E9E7077D4 ] Power           C:\WINDOWS\system32\umpo.dll
09:13:41.0880 0x0ef8  Power - ok
09:13:41.0896 0x0ef8  [ 5645B9D9788CCA2C88B9534996ED2D6D, 4988942DF163DB5B9B1A08CE6B628D2C47C2E2EAA30AEAE4EFE21C8CF4C8DC5D ] PptpMiniport    C:\WINDOWS\System32\drivers\raspptp.sys
09:13:41.0896 0x0ef8  PptpMiniport - ok
09:13:41.0942 0x0ef8  [ 7196D3C2E2E3129814C8DAB91F9A7D1E, 6763E4BF8E846B597E78778E520F5BADC95608BAA4EA0AC84971384B5D976DD7 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
09:13:41.0974 0x0ef8  PrintNotify - ok
09:13:41.0989 0x0ef8  [ 372913E12677A8CBBBABDD8311894F9D, A5233D95A0D22D2A9DB214E7CB79A99D389B67189FF6A87D0AD4610A333A637F ] Processor       C:\WINDOWS\System32\drivers\processr.sys
09:13:41.0989 0x0ef8  Processor - ok
09:13:41.0989 0x0ef8  [ B2DC3BA675F95343D55EC989FE303561, C53FCA036358B0B11BBE5348074FA24831CF67C9FEE31A3DC9CF88B6178CFBC8 ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
09:13:42.0005 0x0ef8  ProfSvc - ok
09:13:42.0005 0x0ef8  [ FC98407B85A31161851FDE245517574F, 2CCD706CF243934FCDA32B24CE0C385EA2E67F206E0306FA584496F583A20CD1 ] Psched          C:\WINDOWS\system32\drivers\pacer.sys
09:13:42.0005 0x0ef8  Psched - ok
09:13:42.0005 0x0ef8  [ 7A68710BAC9B6809314B86C0CB1CBC4A, C02D97993D1F6FE6EFBA5B1366B3A4FE8CE1136A95F3A2DA07BA59554C163501 ] QWAVE           C:\WINDOWS\system32\qwave.dll
09:13:42.0021 0x0ef8  QWAVE - ok
09:13:42.0021 0x0ef8  [ 819602BBBFDB0BD46DEA3715BF0DD452, D4007FF1E5296316B53436CA3598D6B1CF4F60AB77D5B02F3E595081EDD5D879 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
09:13:42.0021 0x0ef8  QWAVEdrv - ok
09:13:42.0021 0x0ef8  [ CDF47037A0939F56D11F699629C276AD, A63F2A3FE80FB8084E3870E907505694B79EE1D9E56E292C01D481FEFD2534B0 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
09:13:42.0021 0x0ef8  RasAcd - ok
09:13:42.0021 0x0ef8  [ 28C2EA278070EE12701D0EDF8CB0EC36, F10288C1C6835840026DB30285345EF892DE989F43C948E7F4760B8895FF675F ] RasAgileVpn     C:\WINDOWS\System32\drivers\AgileVpn.sys
09:13:42.0021 0x0ef8  RasAgileVpn - ok
09:13:42.0036 0x0ef8  [ 7B82197BF35CC3BE59AEF8B706AB8A16, AB0216164A548A48CD21F5F035E57E867584A96890B9887EC08F8DABDD89F990 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
09:13:42.0036 0x0ef8  RasAuto - ok
09:13:42.0036 0x0ef8  [ 17E565710172ED71B8531D8822E1C5D1, 0CA39ABD9E544DDAD9D9D7D1FC50444274C31E18F9BF73069051D9F62833698F ] Rasl2tp         C:\WINDOWS\System32\drivers\rasl2tp.sys
09:13:42.0036 0x0ef8  Rasl2tp - ok
09:13:42.0052 0x0ef8  [ DF0702D6A190452E1BFA52F36E58640A, 37B7B8220CDE965F1232D883CEEEDDDB309ABA0ACBE38486E69B9052D39187C4 ] RasMan          C:\WINDOWS\System32\rasmans.dll
09:13:42.0052 0x0ef8  RasMan - ok
09:13:42.0067 0x0ef8  [ 9387DF155233D45D4E010F4F2FB52A57, CABC25DA4E512809AED0085767BDD94BF3C1DA792BFF8A009B5465D9110E7060 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
09:13:42.0067 0x0ef8  RasPppoe - ok
09:13:42.0067 0x0ef8  [ F0F4EEDEEBEE7A4244FAFB96A16B5712, F64717E601BD5EB674003009507B8CDD6F69F00E8670D6895EC64786166A0E8D ] RasSstp         C:\WINDOWS\System32\drivers\rassstp.sys
09:13:42.0067 0x0ef8  RasSstp - ok
09:13:42.0067 0x0ef8  [ BBE0FC9C9E7C556DA6E6E6904739DF7E, E6F0C48371EEB92B796DA0AE49DA575AC0B4403146F75A1040DC2C1A44CAB0F6 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
09:13:42.0083 0x0ef8  rdbss - ok
09:13:42.0083 0x0ef8  [ 79A415E6FA915EFC00297DAB16EC2635, 47BB49F6D756214193D38A4AB182B541AAC180381C3111FF7F9B0AD4C44D8733 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
09:13:42.0083 0x0ef8  rdpbus - ok
09:13:42.0083 0x0ef8  [ 7135785C21CA79D270D11037C43D3F19, 654A3C65CF891ED8C82A740D10CF607FC7D709185E664DE03288CEB5B25F03A6 ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
09:13:42.0083 0x0ef8  RDPDR - ok
09:13:42.0099 0x0ef8  [ 97A61A3CB2B5CB4FC32B3224EF333448, E4F2E8BCEE3639BE57BBC8A8E67FDE42C3A5158F1204684B0ECD216F4AA044A3 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
09:13:42.0099 0x0ef8  RdpVideoMiniport - ok
09:13:42.0099 0x0ef8  [ 69BB204AE07EE84ECFAB1BF13C4BD04B, 1CA832CBF4AE4821EEA2A19F9519C2D1D00406B8CCE2A86FE3B33A5F293DB218 ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
09:13:42.0099 0x0ef8  rdyboost - ok
09:13:42.0114 0x0ef8  [ 940D6F5A2B0A61EE4170DF84F6C95C20, F8EE846DC8015EDFE7CB5BEEDC977EAA9C586BAC2216DE69D8ECCBDBC7408649 ] ReFSv1          C:\WINDOWS\system32\drivers\ReFSv1.sys
09:13:42.0130 0x0ef8  ReFSv1 - ok
09:13:42.0130 0x0ef8  [ FD2B3A645798A2EFB7FB61AC42AAA611, 8A121D361A73CA19AA87B1AD33B8020A99444BF4C8904944AD5913C5083859B8 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
09:13:42.0146 0x0ef8  RemoteAccess - ok
09:13:42.0146 0x0ef8  [ 3183B161B1F05333F6C325577FEF3596, D6A89B2A021377B6F371E5B9EFC36FF018822B28F0ED41F8CD2F00C5C8605707 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
09:13:42.0146 0x0ef8  RemoteRegistry - ok
09:13:42.0161 0x0ef8  [ 94DCF20DF6170B557AFD386E37C128BC, 70FB7C7A7D2BFA95EACEEE38B39E1DCA93DA63AE1898C4F54956B9413C60EB88 ] RetailDemo      C:\WINDOWS\system32\RDXService.dll
09:13:42.0177 0x0ef8  RetailDemo - ok
09:13:42.0177 0x0ef8  [ 068220E1B417556F4226E6A3CA0A1C24, 381DD82EF6EAEE83B5B3FA123D04A4D1EEB3407737683C22BBA787C39DCAFFE3 ] RmSvc           C:\WINDOWS\System32\RMapi.dll
09:13:42.0177 0x0ef8  RmSvc - ok
09:13:42.0177 0x0ef8  [ 83A6C2CAFE236652D1559640594A0EA8, 52360F17C9C70C9CEA3316560B40C4D89FD705ED7E6B6088C99FC54D4CC35EB5 ] rpcapd          C:\Program Files (x86)\WinPcap\rpcapd.exe
09:13:42.0177 0x0ef8  rpcapd - ok
09:13:42.0192 0x0ef8  [ 672724C8B21B7DC56646045DE4D5B860, 79986E80A92C949C543959F1E35647A9788DAB2892AC20B6DEA5C0BBC0CEDE9E ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
09:13:42.0192 0x0ef8  RpcEptMapper - ok
09:13:42.0192 0x0ef8  [ 109C1D609951E886D3643B15C1EDD1C2, 347D8E7C50EC7F96217C7421D9BC8A42C9DF50B94169CB58DCF857A63C33C2EA ] RpcLocator      C:\WINDOWS\system32\locator.exe
09:13:42.0192 0x0ef8  RpcLocator - ok
09:13:42.0208 0x0ef8  [ 7BD259FC59CF9C2AE1B979564B374CC6, 299832FCE304A85080C80ABFE820A6093AC15A7C1E7C89D8C946708E955A2909 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
09:13:42.0208 0x0ef8  RpcSs - ok
09:13:42.0224 0x0ef8  [ 5FF28F097C9699097B473F8FC7C1AA7D, 695560F1DBD85073F3D6CB1FF16F16504CA044EA62E940E463A16BBA8B86E2FA ] rspndr          C:\WINDOWS\system32\drivers\rspndr.sys
09:13:42.0224 0x0ef8  rspndr - ok
09:13:42.0224 0x0ef8  [ B5DAEE69BACA64D2BB004568E22D8756, C0072CF6B438ED756435A182D55AC55F3AD356ACBD483DE06A94893D3CA8CCC5 ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
09:13:42.0224 0x0ef8  s3cap - ok
09:13:42.0224 0x0ef8  [ FD0FC10A8CFD7AFEC58BBBE649BAA470, 9BDBD540FCF33FC01AB896D50A872E2FB5A007225FA003C528E6DCBDBEE19C25 ] SamSs           C:\WINDOWS\system32\lsass.exe
09:13:42.0224 0x0ef8  SamSs - ok
09:13:42.0224 0x0ef8  [ 5E73FB63E2DBC75FE0C17DEB0010CE0E, 9DAC47486262397D03BC01F7438CAB62CF33BD7B5283F5B9548C770A3D6D0ADC ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
09:13:42.0224 0x0ef8  sbp2port - ok
09:13:42.0239 0x0ef8  [ 3CD0130FFDEAEACF0905B482F3934EA3, 1EC355B63135FD2563093EBB206741C0C4CCE0551A662F6DC86C875146A88B06 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
09:13:42.0239 0x0ef8  SCardSvr - ok
09:13:42.0239 0x0ef8  [ 9EE060D6560FFBFBDB2ED5D6ED192294, 14387B69CD26D12BE31A23251B6AA8EDFC4D6CDE4FA558F0950DE91D2DD03946 ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
09:13:42.0255 0x0ef8  ScDeviceEnum - ok
09:13:42.0255 0x0ef8  [ 3D9A82B03C92D1FEC42CB171D6F57778, DC027F02F5EB5F1D10DB6F405FB0C15D4D5C922445F5F3C916624113278AF072 ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
09:13:42.0255 0x0ef8  scfilter - ok
09:13:42.0271 0x0ef8  [ D4DB6B318A0A0C74A90260725A228C0B, 57BA2EF9D880488C785C806ABF9EE753A48E589129442D72F815CD6EFFA07B22 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
09:13:42.0286 0x0ef8  Schedule - ok
09:13:42.0286 0x0ef8  [ 9055ADDFBA4C8B914C914CE693B55C0A, DB213AC36E14D856B81D2AFE46815402537A2ABEEA15032A9FF436F953129441 ] scmbus          C:\WINDOWS\system32\drivers\scmbus.sys
09:13:42.0286 0x0ef8  scmbus - ok
09:13:42.0286 0x0ef8  [ B6F2363584E62960846F7C3F00124A4F, 252189FF9D623CF69BF415FF7C7FE74B0BBF756B632420578BFAFF6595616CF7 ] scmdisk0101     C:\WINDOWS\System32\drivers\scmdisk0101.sys
09:13:42.0286 0x0ef8  scmdisk0101 - ok
09:13:42.0286 0x0ef8  [ 9450FA11E9DE6715FCB71A519A8FF90B, B7E341C6E4CE967FCDD0D17A497C07E8A1C6B0AACE8A6E8E5D6C21EF73F13E16 ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
09:13:42.0302 0x0ef8  SCPolicySvc - ok
09:13:42.0302 0x0ef8  [ 0447065A6E10774EFCECFDD0EB970A79, 384A9AC72E756F96D43EE4B144A466564476AFD8778092C979116BB29A514433 ] ScpVBus         C:\WINDOWS\System32\drivers\ScpVBus.sys
09:13:42.0302 0x0ef8  ScpVBus - ok
09:13:42.0302 0x0ef8  [ FCBB8A17B4437B2CA8CC8DA8CB1D306E, 5FA762B1B6C8A45ED6F304A45B500038537ABD3DF6328F3C8E2BD43CBDEAB835 ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
09:13:42.0302 0x0ef8  sdbus - ok
09:13:42.0317 0x0ef8  [ F3714DBAA42C15F78FFCDFE4273214EB, 2D018970B92C5F0744FAE10A2FC298F3DCEA5C2EDEB760F4F0651337B9878ABF ] SDRSVC          C:\WINDOWS\System32\SDRSVC.dll
09:13:42.0317 0x0ef8  SDRSVC - ok
09:13:42.0317 0x0ef8  [ 120DFCB71D6C502613A9E2D50E16850C, 2C294010AD1C9C380CD5221A37720544178B7358C8C8553AF44055E4CEE5DAF5 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
09:13:42.0317 0x0ef8  sdstor - ok
09:13:42.0317 0x0ef8  [ EFD644DD091E1D94555FC3BBC95EA66D, FBDDA6680BEC378CCF12A32D9186020E884DA15A1E789D1531B1E687FC7B54B1 ] seclogon        C:\WINDOWS\system32\seclogon.dll
09:13:42.0317 0x0ef8  seclogon - ok
09:13:42.0333 0x0ef8  [ B605A44ACA1FCFF736235A4D7AEDA548, 48D8B5BC027CFE91AF7402C463327572181D4C1B1E2942F4D05792EED070B2DC ] SENS            C:\WINDOWS\System32\sens.dll
09:13:42.0333 0x0ef8  SENS - ok
09:13:42.0333 0x0ef8  Sense - ok
09:13:42.0349 0x0ef8  [ 1CC993A041899B48D5DF4D3F4A4425FC, 8D138B3A92C0E181C865A37AD55EE2D55CC352ED9B60BF60BE0AC610F13F8FA1 ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
09:13:42.0364 0x0ef8  SensorDataService - ok
09:13:42.0380 0x0ef8  [ 7BFD114F0F308CE29AEB8F16056D0658, 0CD3B3C69DCB3EAD8F8EF5C633911DD4F2C1167DC6FE28107EE38713A35A1F5C ] SensorService   C:\WINDOWS\system32\SensorService.dll
09:13:42.0380 0x0ef8  SensorService - ok
09:13:42.0380 0x0ef8  [ E6F00415DADCEEC860E7AB42BFD19A65, 274CAF22F93D43B6DB6953730E3DF8DA94776B24EEE74B80AB4CD780BC1366A9 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
09:13:42.0396 0x0ef8  SensrSvc - ok
09:13:42.0396 0x0ef8  [ 401D706DDC0A7AF18C3DD228ADF74551, 27C0B38D7C2E3F6FF06201124E63483931F6071954B2B99EC0143C464238C0B7 ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
09:13:42.0396 0x0ef8  SerCx - ok
09:13:42.0396 0x0ef8  [ 7084D11083F0CDCA8B5C76F9846ABF5D, F639920882B0E784D8CFAF0D4C0F0C411937B6831E5DD99B0ABFBFE06BA4742F ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
09:13:42.0396 0x0ef8  SerCx2 - ok
09:13:42.0396 0x0ef8  [ 3FF478A8ED32A83C36581425F6282B6C, 787646A17098EA7CF36064D0A950C1D470D4A280C8C5AC40023D566E53860EAE ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
09:13:42.0396 0x0ef8  Serenum - ok
09:13:42.0411 0x0ef8  [ 92509187AA171A80521528B36F753E1D, FE0DA272B8A155ECC161E99586C4AE7EE17B1C84BC330DA1566C83B8E03FA825 ] Serial          C:\WINDOWS\System32\drivers\serial.sys
09:13:42.0411 0x0ef8  Serial - ok
09:13:42.0411 0x0ef8  [ 433D38FF6D08B993847EA2A10EB8CB52, 29BA75DB6D1AC761BBDFB5AC8874FC7D763E1CD10D290E369063B34CE951270F ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
09:13:42.0411 0x0ef8  sermouse - ok
09:13:42.0411 0x0ef8  [ D525D273BE5691BDACE72B07AB0D1E02, 9231BD2137E71B3D555CEBBA8811297F239FDA08BF573CA4741D03D76718B5B1 ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
09:13:42.0427 0x0ef8  SessionEnv - ok
09:13:42.0427 0x0ef8  [ 697D3EE0740AEAB62B66ABCA1C83D13B, FCF54A0071ED04AD3FC8551C67FE5FD49089DC0510F753052CAC5972A65C9E3D ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
09:13:42.0427 0x0ef8  sfloppy - ok
09:13:42.0442 0x0ef8  [ 3D0069B8F0C2FB1B0F13DBDB57593DAD, 4CEC91BC45A51C4E445D2DD8A13AC97719D5AAC1DBA8EA9166D2A354E7857378 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
09:13:42.0442 0x0ef8  SharedAccess - ok
09:13:42.0458 0x0ef8  [ 482E6BE8A07832E824080D352075ACA1, 4123A76C8E805AF4FE229C53E9C174095C0937913BA81A63FE9B45C44AA5B15F ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
09:13:42.0458 0x0ef8  ShellHWDetection - ok
09:13:42.0474 0x0ef8  [ CF3BDF9EAD8D3EF671E9339B44B185BA, C17EC6D5B00F49D9C8B5B6C262A85F34ED71C58450659F006B3632AA84F68E23 ] shpamsvc        C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
09:13:42.0474 0x0ef8  shpamsvc - ok
09:13:42.0474 0x0ef8  [ A34CE1830E45DA98932295FDE4B7908A, FC553ECF4D64B4B10B7FDE5352707785517A18D487A80665BAFC7261E3F35CDC ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
09:13:42.0474 0x0ef8  SiSRaid2 - ok
09:13:42.0474 0x0ef8  [ A7B5C670770E908DA5FEF5BF1136E933, 8D3BB6FF65E631C34BE8EA766481B2FDB2E1E916A4FD67F86705A8975A136E6C ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
09:13:42.0474 0x0ef8  SiSRaid4 - ok
09:13:42.0489 0x0ef8  [ 6749AD471D1D44CBD1F30257C861F77B, D5A554F35E380948F13BFE0673B49F8FD8AE5A438BF3645857522E2560A58685 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
09:13:42.0489 0x0ef8  SkypeUpdate - ok
09:13:42.0505 0x0ef8  [ D4FB7A2D9832F7567555066F53BF47BF, 88BD214AE84EF766EB56CD42AD24667754D59F528FF65C38799020A503C58786 ] SMIGrabber3C    C:\WINDOWS\System32\Drivers\SmiUsbGrabber3C.sys
09:13:42.0505 0x0ef8  SMIGrabber3C - ok
09:13:42.0521 0x0ef8  [ 3CF50AFD283566573E0412E5D512184A, 382825D5592F13088FB82A0452F9FAC917767A808B521F1BDACB78B70797FB5A ] smphost         C:\WINDOWS\System32\smphost.dll
09:13:42.0521 0x0ef8  smphost - ok
09:13:42.0521 0x0ef8  [ 0B217141AC1283655402CDB356577735, 6EFA4CA46CFC8B7156CE7E5CA89B7F7073E16D66C2FC13F4DB95FEB78CCF698F ] SmsRouter       C:\WINDOWS\system32\SmsRouterSvc.dll
09:13:42.0536 0x0ef8  SmsRouter - ok
09:13:42.0536 0x0ef8  [ 6F4CE07D420FB657B5936F71101ABD41, CEC52984C56E578E0FFE12BE1B8148335F788B7D1751F2D0E79B944A41113C20 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
09:13:42.0536 0x0ef8  SNMPTRAP - ok
09:13:42.0552 0x0ef8  [ 3DB9C2950439B61A038BF83E697C7A14, 6BF5EA5D4A251CB982F336840A60EF4241A3FC7442E7CD4D7C82199F5BF8D4D2 ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
09:13:42.0552 0x0ef8  spaceport - ok
09:13:42.0567 0x0ef8  [ E03264C4C25B568F92ED1656AD541E64, D42942BFFBC7213D204FAF84F4FE015FC23A6ACB29B5E752834EDBC17A3AC20D ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
09:13:42.0567 0x0ef8  SpbCx - ok
09:13:42.0567 0x0ef8  [ DA5A9752A702E86AFC10F06115A8AF4C, 1EBF973AAEE0D851934CFD99BF6FC3B33D6EF5EDE95F81450D2EA18117172FC9 ] Spooler         C:\WINDOWS\System32\spoolsv.exe
09:13:42.0583 0x0ef8  Spooler - ok
09:13:42.0661 0x0ef8  [ D9B2C0D75F4463EE117F56D59D3CD670, 6E43BCF9388BCA58E2BDF64B71022334542727B0CDDE5F8DAF2AA8CFEA5F619F ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
09:13:42.0724 0x0ef8  sppsvc - ok
09:13:42.0739 0x0ef8  [ EDCDCD95B916DB156A903AC6256F0CCF, 4158EFE298235EDE2C34CE9F3978A4F3690379F14B21F917647EEAA0A8C1DE4A ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
09:13:42.0739 0x0ef8  srv - ok
09:13:42.0755 0x0ef8  [ DF7147DE10921DBAAE9F9EEF94590E10, 2222BA441227056DA17194648B3AF49655650F7BBA9E4A9ACEF519E392099C6D ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
09:13:42.0771 0x0ef8  srv2 - ok
09:13:42.0771 0x0ef8  [ 416D224AF7481A4179F018FB1F9A5B6B, 38159D7957A8091DFC5C32DCAC4DB07FDE14BBE4E75B4E61B4FBB332E3F9259D ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
09:13:42.0771 0x0ef8  srvnet - ok
09:13:42.0771 0x0ef8  [ 44758105AB3EA34E815D4B6CA1153311, 7F223A20D2538C123BAC6F75BE0E126876A116F09502FD980C05B8916E26E1B7 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
09:13:42.0786 0x0ef8  SSDPSRV - ok
09:13:42.0786 0x0ef8  [ B97C7EC07218A8002323718202BF5E77, 39D3254383E3F49FD3E2DFF8212F4B5744D8D5E0A6BB320516C5EE525AD211EB ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
09:13:42.0786 0x0ef8  SstpSvc - ok
09:13:42.0802 0x0ef8  [ 7DB9E612A2742ACEAB080B882E83141C, FFD1FA36E732F55223F3F4B5F845331DBB3073B023C2C5BF51A0E7680DEE7FA7 ] ss_conn_service C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
09:13:42.0817 0x0ef8  ss_conn_service - ok
09:13:42.0864 0x0ef8  [ DF762D30EF0EE10E569C507BE75EAA6B, C23BA05E778CF1A547E7D3FE2226E0E68917570C56D5E703E599CAF2FD10BD17 ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
09:13:42.0911 0x0ef8  StateRepository - ok
09:13:42.0942 0x0ef8  [ 2831AD619ECDACCD53616F1F614E4891, 59E36012299508835A113C6382DA3AACA45EC983E78A2D14127BF9AB972A08C0 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
09:13:42.0958 0x0ef8  Steam Client Service - ok
09:13:42.0974 0x0ef8  [ 86E93885D05EF3DE8561D4A4A7E3B1E4, 0B7A0459853588C23E2ADFCBF34F5F16FBB856563418D622C828BAA718BF15B8 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
09:13:42.0974 0x0ef8  Stereo Service - ok
09:13:42.0974 0x0ef8  [ 29D26E1347AE1BBD4201014E19880B2C, 9E2153AD96CE4F189EEE43BB02515532C619FB1CA02D8F6DEF517AC3347AAA14 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
09:13:42.0974 0x0ef8  stexstor - ok
09:13:42.0989 0x0ef8  [ 91CB95B35481155BFE29C217CD237F27, CA66957DF1441D991453BEF02D768D44E5D9A484BC23C8874E8A7AC20904CB06 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
09:13:43.0005 0x0ef8  stisvc - ok
09:13:43.0005 0x0ef8  [ 0FE3B9A9E40DE1029B0AC2368A3F765D, AB06795E456DB9CE4E5A91DD1C2638B4D474CE1C5DB4819D5EE17A337D74A231 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
09:13:43.0005 0x0ef8  storahci - ok
09:13:43.0005 0x0ef8  [ C5E0ACE4771F5575D9D5B457ABF3AD03, 365880BC5AC313F25C313EFB7758301F98D9B2BF4C5FC9499F98C2B7F8407D96 ] storflt         C:\WINDOWS\system32\drivers\vmstorfl.sys
09:13:43.0005 0x0ef8  storflt - ok
09:13:43.0005 0x0ef8  [ C1CFB9C19BF1134D8B9A7CF89BEC0AD1, 60DDF10777B30F3F70E4D52AFEABE71C7B509D0F2E3829106ED42ED330F8BCF4 ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
09:13:43.0005 0x0ef8  stornvme - ok
09:13:43.0021 0x0ef8  [ BEBF85EB4D90E6996047DA027D0ED26E, DF109CF0F07CDD1B9B702C2A076D4DD5366DAAD971CC9359AF0358E79981706F ] storqosflt      C:\WINDOWS\system32\drivers\storqosflt.sys
09:13:43.0021 0x0ef8  storqosflt - ok
09:13:43.0021 0x0ef8  [ EAB902EB8DCF9436354C7CF71A41C223, BB855A7C296AE60C025C7D488EB24BB7AB72FC716A12BE0BBE14B95DFCD290ED ] StorSvc         C:\WINDOWS\system32\storsvc.dll
09:13:43.0036 0x0ef8  StorSvc - ok
09:13:43.0036 0x0ef8  [ 8E73037A6F8938475692FFCC26EBF385, F78C5CD1A3CD17AA831EEC82426B14006B4DDBC9085A4814E04E8C37FD6B05F7 ] storufs         C:\WINDOWS\system32\drivers\storufs.sys
09:13:43.0036 0x0ef8  storufs - ok
09:13:43.0036 0x0ef8  [ 9D9DED47DA10E845EFF2DD57C94C809B, 520D0CE7A867051B80C8141E351FE5A5BCE3C99776093F234DB77D3407B1F104 ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
09:13:43.0036 0x0ef8  storvsc - ok
09:13:43.0036 0x0ef8  [ 224C92E442B1B8C20C274332F1ACF00D, CDE5DCFB7A21089464A6E2ABB29BBE08B184C3433C218756AA5902A8F67C0B2C ] svsvc           C:\WINDOWS\system32\svsvc.dll
09:13:43.0036 0x0ef8  svsvc - ok
09:13:43.0036 0x0ef8  [ 505E0C40B5D0ADDCBB414640F59BD2E0, DF4B5E65FE6FF2224F298A2A2FAC9B648C082DFF8463148633647580A9FAD34D ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
09:13:43.0036 0x0ef8  swenum - ok
09:13:43.0052 0x0ef8  [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard     C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
09:13:43.0052 0x0ef8  SwitchBoard - ok
09:13:43.0067 0x0ef8  [ 2EE27411B5904C63D723BEA391819F58, C88C11D460E90398E16011B8A2CED5EE5626084F24790EA6115532F8F70060C6 ] swprv           C:\WINDOWS\System32\swprv.dll
09:13:43.0067 0x0ef8  swprv - ok
09:13:43.0067 0x0ef8  [ 32F46FB0F290D16DAA452B289C985795, 73F88AAAA6026DB4C27F1D054145216DCC3F1960946FB2A7A90518DD1D5737CB ] Synth3dVsc      C:\WINDOWS\System32\drivers\Synth3dVsc.sys
09:13:43.0083 0x0ef8  Synth3dVsc - ok
09:13:43.0099 0x0ef8  [ FED48B19D6F55D7A3AB498D85729D1BA, FA5E0E02BC2E2DE108C55991E3B063CC947072228B53539F42F922661510DE7C ] SysMain         C:\WINDOWS\system32\sysmain.dll
09:13:43.0099 0x0ef8  SysMain - ok
09:13:43.0114 0x0ef8  [ D9FEA79BF6AF136F8E656AE045C2FEC8, E6F08A93348E035185F0F1C6B6277E636F4F25D1136E3ACCA63488DAEEC7114B ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
09:13:43.0114 0x0ef8  SystemEventsBroker - ok
09:13:43.0114 0x0ef8  [ 86E7FD5C8DBEC1EB51C4368561402B75, 86EE61414CD5854E39E33F67BF5DA4377B569B3ED4D18882C470BC6784891DA1 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
09:13:43.0130 0x0ef8  TabletInputService - ok
09:13:43.0130 0x0ef8  [ 134B275751051C5D03F9ACCDC4F8CAAB, D50F96485AF6F26EA9A5A3A2ADEACC2DFD3B2ABCDAB88195B75CC72EAC543BE2 ] tap0901         C:\WINDOWS\System32\drivers\tap0901.sys
09:13:43.0130 0x0ef8  tap0901 - ok
09:13:43.0130 0x0ef8  [ 3929C8FC134AC672C4F3F85160956257, CD3195CA58BA6F55EA0DDA2BE6AB58280AD1CA488D7AAA1539DD05FB99374F36 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
09:13:43.0146 0x0ef8  TapiSrv - ok
09:13:43.0177 0x0ef8  [ 172B5A199F917B4BACB38F13BCAA11CB, 8491C9E284658920544F5EFED7125D50135C43360BD50B78F962578D9716C719 ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
09:13:43.0208 0x0ef8  Tcpip - ok
09:13:43.0239 0x0ef8  [ 172B5A199F917B4BACB38F13BCAA11CB, 8491C9E284658920544F5EFED7125D50135C43360BD50B78F962578D9716C719 ] Tcpip6          C:\WINDOWS\system32\drivers\tcpip.sys
09:13:43.0271 0x0ef8  Tcpip6 - ok
09:13:43.0271 0x0ef8  [ 8DBB1BE20C36E6D19BCC89EEA00B953C, 8B97A7E53E1D77363AFF6A5AAEAD89EBAE28DCB8D82753C804FD7CD5646500AF ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
09:13:43.0271 0x0ef8  tcpipreg - ok
09:13:43.0271 0x0ef8  [ 9D2DD64A0B51C56285512DC9454340F6, ABB90CE6A55269F71AFB08E04969CF9A4EFD93F7A7189AF920EEE3E005214DDD ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
09:13:43.0271 0x0ef8  tdx - ok
09:13:43.0364 0x0ef8  [ DA1B697C42888BA804DD07BA49B116B1, D5CE76608771845B58A597B7337000E219DC1466613F79313F6E82D33FF55F48 ] TeamViewer      C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
09:13:43.0458 0x0ef8  TeamViewer - ok
09:13:43.0474 0x0ef8  [ 06130AFFECEB94525FC2352936576B70, 10EBE2C8FDC087D29E2FFB328F0F7905A5374AB8CC9FAE8699E7676DBC8CBF91 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
09:13:43.0474 0x0ef8  terminpt - ok
09:13:43.0489 0x0ef8  [ FB68E5F02316C42BE7282DA492351C6F, AC31D841FEA58B776127E138DB20F8D48E26FD8C00CE2FA9695EA14EBF159A0A ] TermService     C:\WINDOWS\System32\termsrv.dll
09:13:43.0489 0x0ef8  TermService - ok
09:13:43.0505 0x0ef8  [ 2AF438EC0D361A7BBB70E604A686602C, 4BE6A0461EB2CB94288614434A1CEC81C2ED46241721FD5BBD8ABE0680F7C804 ] Themes          C:\WINDOWS\system32\themeservice.dll
09:13:43.0505 0x0ef8  Themes - ok
09:13:43.0505 0x0ef8  [ 1482B8ED5CACA87992A882B853B83CEE, 613247F0E362A109090E8563D977DECC50C64D45D6962905FA84A2D59329045C ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe
09:13:43.0505 0x0ef8  TieringEngineService - ok
09:13:43.0521 0x0ef8  [ 3B3C607C3C62DFBEF61938DA2CAB94DF, E5EEA7F45A7BBFDF6F0003CD77E39958C451DD1B4B401876B5619A3C20F5C370 ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll
09:13:43.0536 0x0ef8  tiledatamodelsvc - ok
09:13:43.0536 0x0ef8  [ C1F8CBE2D4843E0CCC3EFEA2EC60D4AB, 9D07527D982066922318C77AECE99280DE55034C375ACE145E827A6BEB5C3B70 ] TimeBrokerSvc   C:\WINDOWS\System32\TimeBrokerServer.dll
09:13:43.0536 0x0ef8  TimeBrokerSvc - ok
09:13:43.0536 0x0ef8  [ 798C8CB861EB09C5AFB77468E5449BBB, F6631E779159B99B097A59792D11713809CA493618B6A210A4BC905F16782094 ] TPM             C:\WINDOWS\System32\drivers\tpm.sys
09:13:43.0552 0x0ef8  TPM - ok
09:13:43.0552 0x0ef8  [ 3B91F35089240F6187AD681A5EC28BDE, 3D035CB73BC8E7831DCD0FB7D9DAD91CE51D3D0F9D9C8B866A0009BD508B6702 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
09:13:43.0552 0x0ef8  TrkWks - ok
09:13:43.0552 0x0ef8  [ AF343840E793BE63A9C646760BE8F2CD, 483FE55873A01DB7ACEC99B6823DAACC9EA7C67D36C6F12698113B31A7D5B8BE ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
09:13:43.0552 0x0ef8  TrustedInstaller - ok
09:13:43.0552 0x0ef8  [ A6F4025664C9D4BC2A9EDAB4092706D7, 89808A1679C0E716F86F06EE7701DCC289200894F0FA1F120DA2AC3A45FDB312 ] tsusbflt        C:\WINDOWS\system32\drivers\TsUsbFlt.sys
09:13:43.0568 0x0ef8  tsusbflt - ok
09:13:43.0568 0x0ef8  [ 37A96AD493E110C0BF1EE0AC0F9E7DBD, F2A6894A4AEE18DF2B92222CDB0801A13AEEB7212071F0431430788339B30E23 ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
09:13:43.0568 0x0ef8  TsUsbGD - ok
09:13:43.0568 0x0ef8  [ 5A91FDBA4D3FCB56DAEB8C091B3EB8E1, 8AB91F4423125267FA8509A1C3A9AD1CBD642FA6A96D8789F9AB8CB75ABAD58C ] tsusbhub        C:\WINDOWS\system32\drivers\tsusbhub.sys
09:13:43.0568 0x0ef8  tsusbhub - ok
09:13:43.0568 0x0ef8  [ 79E264287F17D56D768440B0270466DE, ABF9DC95C5E939B30BFD9BF9EDFDB3BD78A9DFCB055B945965303B6A60E6D7A7 ] tunnel          C:\WINDOWS\System32\drivers\tunnel.sys
09:13:43.0568 0x0ef8  tunnel - ok
09:13:43.0583 0x0ef8  [ 0F38FCE8C61CC14DE3718FAB5FFC0D3A, 527071956BDC0F2863DCDFEDD314DB5265A6AE525F810186F508E0D58A97D767 ] tzautoupdate    C:\WINDOWS\system32\tzautoupdate.dll
09:13:43.0583 0x0ef8  tzautoupdate - ok
09:13:43.0583 0x0ef8  [ AA65954F512BA097DD190790876DD991, C1BB2B8F54F064D01190327B5E7949EBBDA21D6FC6F94D9FCD20F685C2F855FA ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
09:13:43.0583 0x0ef8  UASPStor - ok
09:13:43.0583 0x0ef8  [ AB6268022C3A5B529075A39C33904DA6, 2717F1704640201F2681711543EA39A74C3E89C7DB232EC5DD89FD8AA6F07846 ] UcmCx0101       C:\WINDOWS\system32\Drivers\UcmCx.sys
09:13:43.0583 0x0ef8  UcmCx0101 - ok
09:13:43.0599 0x0ef8  [ 7ED2EDA43D21C7A5F589A7960E265C52, 7DB8A595236FBB8A264D7AB155201357212855050ABB5B1036EF32F1223FDCC2 ] UcmTcpciCx0101  C:\WINDOWS\system32\Drivers\UcmTcpciCx.sys
09:13:43.0599 0x0ef8  UcmTcpciCx0101 - ok
09:13:43.0599 0x0ef8  [ 169351463039B45F5CDED9768879F712, 990C8C4AEF9ED7FF6BCEAE67F7BDAA037777B142B8D96A74F8715C941A5C63C6 ] UcmUcsi         C:\WINDOWS\System32\drivers\UcmUcsi.sys
09:13:43.0599 0x0ef8  UcmUcsi - ok
09:13:43.0599 0x0ef8  [ 08A9E3AD29B215484FBB68CDC175DF3A, 3EFFF99C3BC4A1454E3D2B5177AE587ED3041AB4CE2A95BA7E28A2124E38E1E5 ] Ucx01000        C:\WINDOWS\system32\drivers\ucx01000.sys
09:13:43.0599 0x0ef8  Ucx01000 - ok
09:13:43.0614 0x0ef8  [ DA70AEE267491AA56BC63AA0C0C96CA2, 0A0AADB27607F9292BB3CE000CFDDB19BD4CA09EAAD926C4925CB43B17817AD9 ] UdeCx           C:\WINDOWS\system32\drivers\udecx.sys
09:13:43.0614 0x0ef8  UdeCx - ok
09:13:43.0614 0x0ef8  [ FBC5ECF6D5A868D0B116C2DBB02B8168, 945AA76C60ABAD6075B5C8F9172C018F75BCF393A1CB8B329F5E68E664627775 ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
09:13:43.0614 0x0ef8  udfs - ok
09:13:43.0630 0x0ef8  [ B918E40FAA9CD118CCA4AD388B748C98, 4B539B7B656F02C5E5BAEE52A677757B05CC11C5500D619850A564C28FAB8115 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
09:13:43.0630 0x0ef8  UEFI - ok
09:13:43.0630 0x0ef8  [ 166B17AE1DD24D8BA8CA474C7C31148F, D34E786277093278F58EFAC957279DC4ED43A190538C875B80F5B1E0A0C30381 ] UevAgentDriver  C:\WINDOWS\system32\drivers\UevAgentDriver.sys
09:13:43.0630 0x0ef8  UevAgentDriver - ok
09:13:43.0646 0x0ef8  [ FCA4D901FB9934DAB82ED31C4EE89A11, 8EDF8DD71C13DE77AC83D1086670E9E90C69DE379F1CF768C8B9C789254C04AA ] UevAgentService C:\WINDOWS\system32\AgentService.exe
09:13:43.0661 0x0ef8  UevAgentService - ok
09:13:43.0661 0x0ef8  [ 0FD75222C1AD2687AB365BEBEA400DD4, AD10DBCA59EB7D34FD8F963CE267F36774A9BC613F8D637903B12AC88C328E8A ] Ufx01000        C:\WINDOWS\system32\drivers\ufx01000.sys
09:13:43.0677 0x0ef8  Ufx01000 - ok
09:13:43.0677 0x0ef8  [ C1A78C53E01C641AE41BFA65797819F5, 0B9FE1BD724B3315199A1B1DA2F03255E4FE744DA3CE6CD0F77699A8E42E9359 ] UfxChipidea     C:\WINDOWS\System32\drivers\UfxChipidea.sys
09:13:43.0677 0x0ef8  UfxChipidea - ok
09:13:43.0677 0x0ef8  [ 767307212110EBEFB93EC9A5BE9E85B9, 368797400FE54802CE74F34B773CE2AF09EB8DEA6C035B55419A52F0B5A6FAD0 ] ufxsynopsys     C:\WINDOWS\System32\drivers\ufxsynopsys.sys
09:13:43.0677 0x0ef8  ufxsynopsys - ok
09:13:43.0677 0x0ef8  [ 8578F83EC5175920F2D8586FFF9DCE47, 049A16AC87F93E761150C8286633FFCA62EE85F5645DDE77D36BD0EB6481FF83 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
09:13:43.0693 0x0ef8  UI0Detect - ok
09:13:43.0693 0x0ef8  [ DC460AAA18CA2342FBBFB2DF9B044472, 14D45E059C596AE97506D26705F248CA1C2269160B31A60341060E8A93146CBD ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
09:13:43.0693 0x0ef8  umbus - ok
09:13:43.0693 0x0ef8  [ C3CF0377917ECE6D65D7623E1E61568F, 4909695E04CBC86BFCFFBC15F332C367521054B7B4D3C141C7CA6B2E40E090B9 ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
09:13:43.0693 0x0ef8  UmPass - ok
09:13:43.0693 0x0ef8  [ 640CF093C1CF16D5FD317616CA348F31, BEC34D1AACA83BF5A84CE01F6A668E3CA5A33C56A446DC42EFFF7C43D22E1AE6 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
09:13:43.0708 0x0ef8  UmRdpService - ok
09:13:43.0724 0x0ef8  [ B8272BB8D4982C496FDC704809C38E02, F93855D932FB1DBBCC86E82C0FE0DC9ECF93BBD629D2CA9D0BE7E075E114B7FF ] UnistoreSvc     C:\WINDOWS\System32\unistore.dll
09:13:43.0739 0x0ef8  UnistoreSvc - ok
09:13:43.0739 0x0ef8  [ 6CDA3536F6BAB7896A57EAB7DC07F379, 8FBE6457ECD1ABB518D9800EBA8A017774FFAA8EABD2EDC0825181A12FE9AEF6 ] upnphost        C:\WINDOWS\System32\upnphost.dll
09:13:43.0755 0x0ef8  upnphost - ok
09:13:43.0755 0x0ef8  [ 6B46FC140C9AF68E6E7697D66D59CB4D, F018B4784D65F1A8140A6EA69C35D6A7ECE01738694052FD54AFD2B81A8F2FF8 ] UrsChipidea     C:\WINDOWS\System32\drivers\urschipidea.sys
09:13:43.0755 0x0ef8  UrsChipidea - ok
09:13:43.0755 0x0ef8  [ B4402E7F0923F660270442CE76877ABE, 1C2DD26EAB71F75EA576E8DAABAF71FD7DC3DF807CF025617C774CEF33C0B718 ] UrsCx01000      C:\WINDOWS\system32\drivers\urscx01000.sys
09:13:43.0755 0x0ef8  UrsCx01000 - ok
09:13:43.0755 0x0ef8  [ 9DD431F1B94789CFB527E5D19261F124, 8F5A249A97C5B14B282E3147DD21951D2AD34B651E762814C12F4C26D74EC70C ] UrsSynopsys     C:\WINDOWS\System32\drivers\urssynopsys.sys
09:13:43.0755 0x0ef8  UrsSynopsys - ok
09:13:43.0771 0x0ef8  [ C87E32B90F085970D9637FBAD45EF6FE, C180EACD2EE479277DA5DBF39E43B428BD7945141B2451CB3946B0C1E495E76F ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
09:13:43.0771 0x0ef8  usbccgp - ok
09:13:43.0771 0x0ef8  [ 0B663856474AC41924D9E9112203858F, 9E09F2A6279B48CAC09F8C7AA1F1BE02864D540C2ED1460CBA9FABCF0A546A1E ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
09:13:43.0771 0x0ef8  usbcir - ok
09:13:43.0771 0x0ef8  [ F83D2250256203AC5DA5E8601C1AFDD7, AC0D90E2DB3051798B9D287CF3D0E92FED4000822E65A82775A29CF896B76F04 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
09:13:43.0786 0x0ef8  usbehci - ok
09:13:43.0786 0x0ef8  [ 7FFD26742321919590ED77FCA556D65F, F7FAB63C36F8519F5A7B9091C507F3CB580C390322FAF9155CCE7F66C965B968 ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
09:13:43.0802 0x0ef8  usbhub - ok
09:13:43.0802 0x0ef8  [ 7A749B2863B5561BE34B39E8E249AD8F, E5B67DFAF5407007FD0CC408D6B4BA19DF59584819FC715E9F9E0FBF3EA00AAB ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
09:13:43.0818 0x0ef8  USBHUB3 - ok
09:13:43.0818 0x0ef8  [ D2109F1F4FEBF1DAC415CDC5DE876479, C8A871EBD0E5EF004BA622A73DAC36C03608CD317FDCD0A6A98608DF4CC10D55 ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
09:13:43.0818 0x0ef8  usbohci - ok
09:13:43.0818 0x0ef8  [ 29C9572F2D061CFC3C0BD48A3163E343, 2527DCC9E6D421F5DC40051C787A5270EB077746785465C9AA2A2AEEF47307D5 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
09:13:43.0818 0x0ef8  usbprint - ok
09:13:43.0818 0x0ef8  [ 429477D6DEF3321FF7D3EF23CAAADA00, BB7D2AFE99736AAFFA8B0B2DABF7D6A6D5CB9563B1DE6A7E86CE7DC9D27F31C0 ] usbser          C:\WINDOWS\System32\drivers\usbser.sys
09:13:43.0818 0x0ef8  usbser - ok
09:13:43.0833 0x0ef8  [ 0CC16F7B91C57AE9A4E44425A295FDAA, 7CEE11955E5742DA390601F565412C14A7481B8747C495CCD246696C56B426DC ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
09:13:43.0833 0x0ef8  USBSTOR - ok
09:13:43.0833 0x0ef8  [ C917D09064CDBD18F75ADC9B2C48F847, A7F6223346CCD7E84186CD0C0715014F8E3A4398298925A43290224678620D23 ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
09:13:43.0833 0x0ef8  usbuhci - ok
09:13:43.0833 0x0ef8  [ 95BCCEFBC40D06484CF16144FE79B8A5, 8ABA73C5FFEDD319FB96B807AD08716698E557522478DF1A2C5D662675636AE0 ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
09:13:43.0849 0x0ef8  USBXHCI - ok
09:13:43.0864 0x0ef8  [ 4CC81AB9D380A6264FF4C0C1512CF965, 76C33053D1C9155B0F3F8392FF982AD4EABEE2BBBEE89EA41DBFE8E436973EB0 ] UserDataSvc     C:\WINDOWS\System32\userdataservice.dll
09:13:43.0880 0x0ef8  UserDataSvc - ok
09:13:43.0896 0x0ef8  [ 8F6DAAFDDDA27D83ACC8C7FF1536CAF6, 5E1B67A5B388CBB3B193C238546BAD4DC5F5DF54859E16607A60681E6D38FA73 ] UserManager     C:\WINDOWS\System32\usermgr.dll
09:13:43.0911 0x0ef8  UserManager - ok
09:13:43.0927 0x0ef8  [ C7CC4F8EA7FC1DE4221103B39360ABA0, 00B12186D731C3869022DCE763B243123D4E0B9BD0EA52AD9C95F9416F13FFD1 ] UsoSvc          C:\WINDOWS\system32\usocore.dll
09:13:43.0943 0x0ef8  UsoSvc - ok
09:13:43.0943 0x0ef8  [ FD0FC10A8CFD7AFEC58BBBE649BAA470, 9BDBD540FCF33FC01AB896D50A872E2FB5A007225FA003C528E6DCBDBEE19C25 ] VaultSvc        C:\WINDOWS\system32\lsass.exe
09:13:43.0943 0x0ef8  VaultSvc - ok
09:13:43.0958 0x0ef8  [ B9762134953EF28EC04286AA4B35863E, 032C3CCA358E3AEA18FEAD374223544C69287B7380892BB266573D9BEB571B4E ] VBoxDrv         C:\WINDOWS\system32\DRIVERS\VBoxDrv.sys
09:13:43.0958 0x0ef8  VBoxDrv - ok
09:13:43.0974 0x0ef8  [ 6DFE5B5F1E614E2088139D4A0C11AB15, 4347577D3E913EED1A094026B6898875B0DA7C5D57182DF77762EDDC3C0AF63F ] VBoxNetAdp      C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys
09:13:43.0974 0x0ef8  VBoxNetAdp - ok
09:13:43.0974 0x0ef8  [ E4DCFB40B687F565CD8261EB558586BD, 7B961F069850653DDB9EA68A67A5129845B6F735EB99F6591E109AEF425B84F9 ] VBoxNetLwf      C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys
09:13:43.0974 0x0ef8  VBoxNetLwf - ok
09:13:43.0989 0x0ef8  [ 312FB8707B51E327DFFBD7DD08BE9E2E, 02E0A4FCA3560B993209C6F2BF4C4056162FE8F6B9560C142E8263DCFBE7BE90 ] VBoxUSBMon      C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys
09:13:43.0989 0x0ef8  VBoxUSBMon - ok
09:13:43.0989 0x0ef8  [ 0CBDE344FB48E42D78E29469F202ADBC, A1C3FBA5409DD3BBEAF1D3CE2583D6C8A621C0E4F534155EC540AFD67BC9E8CA ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
09:13:43.0989 0x0ef8  vdrvroot - ok
09:13:44.0005 0x0ef8  [ 0783EDE1FA94649ED7F3CEF6A734041A, 1A13A613EF6B67459031C7994FFC6F32F73E02E0F123A171618E4F011C635684 ] vds             C:\WINDOWS\System32\vds.exe
09:13:44.0005 0x0ef8  vds - ok
09:13:44.0021 0x0ef8  [ 723195568C8755CAD57F7933C5F2C5C2, 5C403799F67223605F825BC16D217C1EF5E1A0DDF00AC6380FE8976339B67D9B ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
09:13:44.0021 0x0ef8  VerifierExt - ok
09:13:44.0036 0x0ef8  [ C12B4859FC255AA6B3021CF8BB14A11F, E95922351825D23ABCADD173E9256FC9AFFF28555DD1971CFF5666A2055958C5 ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
09:13:44.0036 0x0ef8  vhdmp - ok
09:13:44.0036 0x0ef8  [ 7929228F0E8B0C2FA0495A17A4FC27F6, 1F1667B10A96B1D85ED165F62A5C0EF28C37F828B8280EA08BFCC1BAC03F2C90 ] vhf             C:\WINDOWS\System32\drivers\vhf.sys
09:13:44.0036 0x0ef8  vhf - ok
09:13:44.0052 0x0ef8  [ AEE432ED868831B1F068E373598F6D93, BAE91F47B0CB94B826CA010B490AD924D7B715911DF3FCE62F9165F3B571105C ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
09:13:44.0052 0x0ef8  vmbus - ok
09:13:44.0052 0x0ef8  [ 9444B23FC694B5F90F21B0FC7F10D8DD, 86F92856F5C985DD8E5993B51E85E1F47EF8C9B2FB37468998C94266963BB4BD ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
09:13:44.0052 0x0ef8  VMBusHID - ok
09:13:44.0052 0x0ef8  [ 4D0287F566B36536DD812A54C015FC4A, 01D6508CA59CF04A47902B1F7C202FD14A81240E0B447588D919DD1072B040CF ] vmgid           C:\WINDOWS\System32\drivers\vmgid.sys
09:13:44.0052 0x0ef8  vmgid - ok
09:13:44.0052 0x0ef8  [ A6CA116884BE5352829D2E538AD56A87, 9C58A15E15433EA92E3DDB38BB446700BD620D43B0F46EDD578349676B4B4D76 ] vmicguestinterface C:\WINDOWS\System32\icsvc.dll
09:13:44.0068 0x0ef8  vmicguestinterface - ok
09:13:44.0068 0x0ef8  [ A6CA116884BE5352829D2E538AD56A87, 9C58A15E15433EA92E3DDB38BB446700BD620D43B0F46EDD578349676B4B4D76 ] vmicheartbeat   C:\WINDOWS\System32\icsvc.dll
09:13:44.0068 0x0ef8  vmicheartbeat - ok
09:13:44.0083 0x0ef8  [ A6CA116884BE5352829D2E538AD56A87, 9C58A15E15433EA92E3DDB38BB446700BD620D43B0F46EDD578349676B4B4D76 ] vmickvpexchange C:\WINDOWS\System32\icsvc.dll
09:13:44.0083 0x0ef8  vmickvpexchange - ok
09:13:44.0083 0x0ef8  [ DC3172A6EB5DDB5EF94CB734CB7D4E63, 812971E0C2C18C876FFC9A46F1563801894C2EE9DD01CE1A641A0C68C0C1C6E2 ] vmicrdv         C:\WINDOWS\System32\icsvcext.dll
09:13:44.0099 0x0ef8  vmicrdv - ok
09:13:44.0099 0x0ef8  [ A6CA116884BE5352829D2E538AD56A87, 9C58A15E15433EA92E3DDB38BB446700BD620D43B0F46EDD578349676B4B4D76 ] vmicshutdown    C:\WINDOWS\System32\icsvc.dll
09:13:44.0099 0x0ef8  vmicshutdown - ok
09:13:44.0114 0x0ef8  [ A6CA116884BE5352829D2E538AD56A87, 9C58A15E15433EA92E3DDB38BB446700BD620D43B0F46EDD578349676B4B4D76 ] vmictimesync    C:\WINDOWS\System32\icsvc.dll
09:13:44.0114 0x0ef8  vmictimesync - ok
09:13:44.0114 0x0ef8  [ A6CA116884BE5352829D2E538AD56A87, 9C58A15E15433EA92E3DDB38BB446700BD620D43B0F46EDD578349676B4B4D76 ] vmicvmsession   C:\WINDOWS\System32\icsvc.dll
09:13:44.0114 0x0ef8  vmicvmsession - ok
09:13:44.0130 0x0ef8  [ DC3172A6EB5DDB5EF94CB734CB7D4E63, 812971E0C2C18C876FFC9A46F1563801894C2EE9DD01CE1A641A0C68C0C1C6E2 ] vmicvss         C:\WINDOWS\System32\icsvcext.dll
09:13:44.0130 0x0ef8  vmicvss - ok
09:13:44.0130 0x0ef8  [ 29075915F9BDC3437F8BED71C067D399, 2C7718080C11DFDD4C9A2085537F78F5633369B4A27D9C64168F0249594A4AA2 ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
09:13:44.0130 0x0ef8  volmgr - ok
09:13:44.0146 0x0ef8  [ 6BDB6CE6D2D9E3D3F28F1C97E12B62E2, 5E77D7AF858D7B90FF395F39B86D6F96413D1DDEA28BC9FB40C5524A4DF6DAD0 ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
09:13:44.0146 0x0ef8  volmgrx - ok
09:13:44.0161 0x0ef8  [ BF2546583BB75F01DDA60A7921DFB230, 579BD0BC55F4F03CD8D1FCDAC3975A1649C688820F2F7FC1AD354132D9E3BEE9 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
09:13:44.0161 0x0ef8  volsnap - ok
09:13:44.0161 0x0ef8  [ AC2E20A74D09D24485BE8396CE04F07B, 23FCE8BEE01B89E5CDCA536D75DBA6DCE3E92E13178A66836CEB7829310A89D1 ] volume          C:\WINDOWS\system32\drivers\volume.sys
09:13:44.0161 0x0ef8  volume - ok
09:13:44.0161 0x0ef8  [ 04BEC879AD7B3FDDD0339B19FECB0160, 8C92755DDB41AD7DDA1643D7F32FAA0FCA7E2C65C69611EB5EC1B3276EA8DBC7 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
09:13:44.0161 0x0ef8  vpci - ok
09:13:44.0177 0x0ef8  [ FD9BCB8920973CEAD4D49DC7A6D8A618, 34AB4A485FB40DF737600006D8323BE927FB0BDA2BC170F4C123BE775EAE7CC8 ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
09:13:44.0177 0x0ef8  vsmraid - ok
09:13:44.0193 0x0ef8  [ 01FFD5AF533F2CFDF26DDDC9313731C1, BFF0F2E57CD2358AC8F519F6F5692A46D97EC4E9B763D47101CEF31712FD4738 ] VSS             C:\WINDOWS\system32\vssvc.exe
09:13:44.0208 0x0ef8  VSS - ok
09:13:44.0224 0x0ef8  [ 0C111F220798CCE80484026E06822379, B98A5E44D3ABA67E6DE99E18BF3C2C606923E6269E262665C721F672ACBBED2A ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
09:13:44.0224 0x0ef8  VSTXRAID - ok
09:13:44.0224 0x0ef8  [ 607639716E9DB1CEF4E18B5B229293B4, 1D997177093F907EFE8A04AD10443BB9C355C0D7657DBD449E7EE7FCABC3ECBC ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
09:13:44.0224 0x0ef8  vwifibus - ok
09:13:44.0224 0x0ef8  [ B1ED64E628763148BF84FBE23F2AD711, 6182A39675E6049BC3DD353694720795A8E3D0331509AA8ABA4883D5C569AD5E ] vwififlt        C:\WINDOWS\system32\drivers\vwififlt.sys
09:13:44.0224 0x0ef8  vwififlt - ok
09:13:44.0239 0x0ef8  [ E7DE2794DF35F02868513D9594BF10FD, 89CB88814A5F7ACCFAC6FB5E3388B6922E1F8DCBB275531826DD04419BF74A7A ] W32Time         C:\WINDOWS\system32\w32time.dll
09:13:44.0255 0x0ef8  W32Time - ok
09:13:44.0255 0x0ef8  [ 55D00B785A7587F4263D125817871283, B92400B229099C1E243F2B149881A1423A2E9C8CA2D77D868B9B923BFDEC7FF2 ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
09:13:44.0255 0x0ef8  WacomPen - ok
09:13:44.0255 0x0ef8  [ 1483BE4D0135C378CB61D3CD73AB3E03, B7309C9E4F370860C507BF52D17234CDF4A7FAE95D2D822714E07EF5DEC0249B ] WalletService   C:\WINDOWS\system32\WalletService.dll
09:13:44.0271 0x0ef8  WalletService - ok
09:13:44.0271 0x0ef8  [ CEF3D306C09BEC1A800E9B4A06F859F6, 75D21F97E9F94FA97024F945AF512FEC94F88DD8073F3FAD92A6E0A9FDC586DB ] wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
09:13:44.0271 0x0ef8  wanarp - ok
09:13:44.0271 0x0ef8  [ CEF3D306C09BEC1A800E9B4A06F859F6, 75D21F97E9F94FA97024F945AF512FEC94F88DD8073F3FAD92A6E0A9FDC586DB ] wanarpv6        C:\WINDOWS\system32\DRIVERS\wanarp.sys
09:13:44.0271 0x0ef8  wanarpv6 - ok
09:13:44.0302 0x0ef8  [ 30B8286F8FE1AE90A583100D45E02247, 3C86A4A5E21F9A1267EA231B20914E0A162BA4C25FE8917AD3AB6D504DA5BE0C ] wbengine        C:\WINDOWS\system32\wbengine.exe
09:13:44.0318 0x0ef8  wbengine - ok
09:13:44.0333 0x0ef8  [ 6BE945D6DE02713BAD8627205CDF9F48, F6548EAF5D67DA4682D8B31E5B565606DEAAB9276B44F25F1A4203AB61B9400B ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
09:13:44.0349 0x0ef8  WbioSrvc - ok
09:13:44.0349 0x0ef8  [ CD24DEEA22152524CCFE859591D12A57, C60ACF77647E5D6EDC10BBBCF974DF264145123C8EDB6506AFA9C949EBA53D7F ] wcifs           C:\WINDOWS\system32\drivers\wcifs.sys
09:13:44.0349 0x0ef8  wcifs - ok
09:13:44.0364 0x0ef8  [ 32960EA9CF836D7DD77767DCB68CE230, 679446A4FAB0331C181D2716CAEA225267C6164BB9867E360C5B3D6AB1083195 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
09:13:44.0364 0x0ef8  Wcmsvc - ok
09:13:44.0380 0x0ef8  [ D50645235A507B0546B1B5CF7D0B8849, 19F5FE10C953B8EE8EEDA9A9F7F2E97AA193BB085E7FC364066686089ADD1C9F ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
09:13:44.0380 0x0ef8  wcncsvc - ok
09:13:44.0396 0x0ef8  [ AEA1093B751339267D8C8C1EF3D669CF, 8F3325E7FB16BD856A0593C36F2E3E018909038C52CD5F92E116E0C1366F31CB ] wcnfs           C:\WINDOWS\system32\drivers\wcnfs.sys
09:13:44.0396 0x0ef8  wcnfs - ok
09:13:44.0396 0x0ef8  [ D520B1B849B6D4D707AB31722B952C2D, 149BABB7BD63C1F212ADD9306C84FFB2A5CE6DC435BD3213EAB787E9B222C61F ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
09:13:44.0396 0x0ef8  WdBoot - ok
09:13:44.0411 0x0ef8  [ 5030C76047D756263093A47B82970868, E772F15973F6DE36851DD230F1F4190746CD81CA1E7284DC074711C4BF45CAF0 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
09:13:44.0411 0x0ef8  Wdf01000 - ok
09:13:44.0427 0x0ef8  [ 29FF9199EDEB4F5470BB134D1A2563D2, 94713F98A6EA6042203D5DD0DE6758F5F0F331F7D4BB05E91EF20CEEEBD6780F ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
09:13:44.0427 0x0ef8  WdFilter - ok
09:13:44.0427 0x0ef8  [ E7A7E8803E66B7CCED95D327A4DBC135, 401ECD953D4014A95C9022822D9ACEC1A68C917281DBA2365503A473FC6D9507 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
09:13:44.0443 0x0ef8  WdiServiceHost - ok
09:13:44.0443 0x0ef8  [ E7A7E8803E66B7CCED95D327A4DBC135, 401ECD953D4014A95C9022822D9ACEC1A68C917281DBA2365503A473FC6D9507 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
09:13:44.0443 0x0ef8  WdiSystemHost - ok
09:13:44.0458 0x0ef8  [ 373DF27CD5D5E50FFA2A90FEE0C0D994, 09E6C6C690AEE1C1A9A84BBA87A934040B2A20F677E5F5B2D24F8433B61BD81E ] wdiwifi         C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
09:13:44.0458 0x0ef8  wdiwifi - ok
09:13:44.0458 0x0ef8  [ 17CF416CFF408190F5A4CBD79AB12E55, E376C8865C7EA633AE20D2CF940E4C7584AC783BAAF7941780FB6C4C84802F33 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
09:13:44.0474 0x0ef8  WdNisDrv - ok
09:13:44.0474 0x0ef8  WdNisSvc - ok
09:13:44.0474 0x0ef8  [ 3570C4E14F85CE0B537D126727ACA91C, A474C9E6B6E4E5945C63367C1D3D24D4782C4A4FEB00FAE15DFED099D8283078 ] WebClient       C:\WINDOWS\System32\webclnt.dll
09:13:44.0474 0x0ef8  WebClient - ok
09:13:44.0489 0x0ef8  [ 1785F9C96A0BDEC1F6E0C79EF412F342, D6D4EDA69457BEDDA69C2F60FC4C2FAC97D46CD8E9C1804CCD68F169383583E3 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
09:13:44.0489 0x0ef8  Wecsvc - ok
09:13:44.0489 0x0ef8  [ B9175D63527B05131F2FA504CF0265F2, 1E43A17788F1B6A29E2889C81E0BE100D64BD3A9DEE7C154D9581F01D2D7D05F ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
09:13:44.0489 0x0ef8  WEPHOSTSVC - ok
09:13:44.0489 0x0ef8  [ 5C58EC0C9D4DE04DCDE56F6DCEA62080, 8ED386EDF4C39C339CE0BB2AC7E199C38705E5A6B3F56A4987B9A8ABD19BB59F ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
09:13:44.0489 0x0ef8  wercplsupport - ok
09:13:44.0505 0x0ef8  [ F899B355CC95AF26AB36E84E8A0DD685, C400F2F80FFF6473FEF066943C4A2AFF0FFE988A4F755757A2E5005C2A10DAD8 ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
09:13:44.0505 0x0ef8  WerSvc - ok
09:13:44.0505 0x0ef8  [ E1785942AC51FEE6826CDF02075C5AA9, 56FE7017684086F4F9C3A2C0D3AC00369BA0938BA3987EEBEE9A75B8E3CA0AE1 ] WFPLWFS         C:\WINDOWS\system32\drivers\wfplwfs.sys
09:13:44.0505 0x0ef8  WFPLWFS - ok
09:13:44.0521 0x0ef8  [ B154618505A6A9026EFA6AB8C4123BF1, 713648D71AA027B4472E7E75B942630DBE7383687984B02A5E99C9E4192C95EB ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
09:13:44.0521 0x0ef8  WiaRpc - ok
09:13:44.0521 0x0ef8  [ 0CF79A0EACFFBB75A50A469A27696D02, E112BF7B5A8D0B0AD2EA0E7B9FD4E8CFEC9371C8E94A60248292D688AFE715C4 ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
09:13:44.0521 0x0ef8  WIMMount - ok
09:13:44.0521 0x0ef8  WinDefend - ok
09:13:44.0521 0x0ef8  [ 0DE131733317EB4BE67028366B0CAAC6, AC7DADBF03A3752B4D33CA19F03DBCEDD6F56893C2DA25C98B0AB07063D990E3 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
09:13:44.0521 0x0ef8  WindowsTrustedRT - ok
09:13:44.0536 0x0ef8  [ 92EB5D38BDF10C790450F3E46BF93A0E, 0FC027398DBD43EDC1F7D703C0B6DB20294DF34E67C9288442039B1A5663CE1B ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
09:13:44.0536 0x0ef8  WindowsTrustedRTProxy - ok
09:13:44.0536 0x0ef8  [ C9E7D91A044B77CBCB4121C06610A86C, 9FF039D67A5CE4732920EA4F1F5CFD9DE0AAADC34829A007EA697030D42D3623 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
09:13:44.0552 0x0ef8  WinHttpAutoProxySvc - ok
09:13:44.0552 0x0ef8  [ F95DE20312ACCA7761446DE152BD1F7C, F6C5ACA500C2182437F4A7402BD81C3A2B77C0BBD78BA31FB574DC1997FCBFE6 ] WinMad          C:\WINDOWS\System32\drivers\winmad.sys
09:13:44.0552 0x0ef8  WinMad - ok
09:13:44.0568 0x0ef8  [ CD49CA8E3280ACEEC5ECF431A59F5EFD, 75F48EFC6DEE9E06B490703EE47602AFDEA51505285B02D2CF884601E71857CC ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
09:13:44.0568 0x0ef8  Winmgmt - ok
09:13:44.0599 0x0ef8  [ F86E9029774478D276E0AAB7D169896D, EDCB96F745E1F16BDFF70B140B38412096FA29A407157183223AE6111CBB4B38 ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
09:13:44.0646 0x0ef8  WinRM - ok
09:13:44.0646 0x0ef8  [ 4EFB346BFDAEEB29316AA52BBB9852B1, 4BC5554F44BD9549D0A929D77BD410FA3EB502A7D0170303D369268672505494 ] WINUSB          C:\WINDOWS\System32\drivers\WinUSB.SYS
09:13:44.0646 0x0ef8  WINUSB - ok
09:13:44.0646 0x0ef8  [ 8B9AFF5F08E66A6F1F1063DEC9457FB6, 98F2AF6988D125521FD34CAA48B9652922F0C8ECFAE9B0C1DF4B3CE6B9CF500F ] WinVerbs        C:\WINDOWS\System32\drivers\winverbs.sys
09:13:44.0646 0x0ef8  WinVerbs - ok
09:13:44.0661 0x0ef8  [ 4D694EDF85F1BFC463B15846D4E00A9B, 4ED44C0E22D2843121E4C8A58F97B526BB7D85C0D7A0BB4B1158A970258C791E ] wisvc           C:\WINDOWS\system32\flightsettings.dll
09:13:44.0677 0x0ef8  wisvc - ok
09:13:44.0708 0x0ef8  [ B155B02AFF09DEFBC7FC8B359747B2C3, 6F759629305B4BDF08FC9C99C8EE3F328D87E8703819D98E1452D6A9F5D9896C ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
09:13:44.0739 0x0ef8  WlanSvc - ok
09:13:44.0771 0x0ef8  [ 7A98AF088E0B1A5EB98863B14F493716, 8B2F8D02AC0637C72859AF29C05C01D7D1C81C6A15CBE2D579F27F3254E66076 ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
09:13:44.0786 0x0ef8  wlidsvc - ok
09:13:44.0802 0x0ef8  [ 6F4F4F5A007D1710BD76FB311DA97C07, FC0FEA4364F6BA4E31DBC82735D09D429CA3BE9AFCFF5D5E1263D8B27FC2CE3E ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
09:13:44.0802 0x0ef8  WmiAcpi - ok
09:13:44.0802 0x0ef8  [ 3CDDFF6CAD962C5EF1C52FD667C358B6, F6F09145E9461EB17172988D26749FCF36920A1A683459334D04A6D072B31A92 ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
09:13:44.0802 0x0ef8  wmiApSrv - ok
09:13:44.0802 0x0ef8  WMPNetworkSvc - ok
09:13:44.0818 0x0ef8  [ EDADABA8665AB5C51BF59C4E2566BA7E, C85337881856B466F61DFA1E69FC2FD8250085D299A5DE052BFA80C83FD5EFD0 ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
09:13:44.0818 0x0ef8  Wof - ok
09:13:44.0833 0x0ef8  [ 909CB4BBF7B08E78C363000E09E79A6F, 217205D1B5EE03274AFF9405AED6D2A5665CBA4C3876E84B53DA44920CDF9CB1 ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
09:13:44.0864 0x0ef8  workfolderssvc - ok
09:13:44.0864 0x0ef8  [ F02930EB91596042F2221397D60AFCE5, 10E2AB0993B67CBAA9E11C68280608965064EC9F7E0C570F5B453FACADB8AB5D ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
09:13:44.0864 0x0ef8  WPDBusEnum - ok
09:13:44.0880 0x0ef8  [ 75A9284F01FE7CB1A7D5EAE5C1EB4F33, 390EF23AEA06D8711555F7979FF8BE0620B53C1A551638C4EC6FB7C6678965B3 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
09:13:44.0880 0x0ef8  WpdUpFltr - ok
09:13:44.0880 0x0ef8  [ 60E2EB3E7B7F15C25E02462159F90707, D8344B529EEC0D4922CAC3E6897CC9F191ACF1376017BE38ED6BF6019F1ED181 ] WpnService      C:\WINDOWS\system32\WpnService.dll
09:13:44.0880 0x0ef8  WpnService - ok
09:13:44.0880 0x0ef8  [ C7C91FB86A3C6CD7619725A88ED1884C, 132C43C518F37BF303D768BD5FB0AB835F693C43FE693937D804A34E940D770F ] WpnUserService  C:\WINDOWS\System32\WpnUserService.dll
09:13:44.0896 0x0ef8  WpnUserService - ok
09:13:44.0896 0x0ef8  [ 36D7B73ADC3E10607ED6EC874AFB5D1E, 1737B3E4D2CA76BB27903BF460E4960E6A0BC32D35069AC7C5E4B07F625F3282 ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
09:13:44.0896 0x0ef8  ws2ifsl - ok
09:13:44.0896 0x0ef8  [ 519806FBCF00A0B17B8E03297DB0F551, 1911EA7168B06DBF3D36833120E4731437BF1ACC294C289B132C50280A40F548 ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
09:13:44.0896 0x0ef8  wscsvc - ok
09:13:44.0911 0x0ef8  [ 696EC2EAA2A42A137CCBB9A84D6917C0, 424089F4F373962AF8357C5D4D43F35948989BE3F58EAD3690F565F4C1BBC66F ] WSDPrintDevice  C:\WINDOWS\System32\drivers\WSDPrint.sys
09:13:44.0911 0x0ef8  WSDPrintDevice - ok
09:13:44.0911 0x0ef8  [ 46E4A69825A7554A5DB784A55F8AD203, 7F347054FCDD5DEF93083D420E56EBE5EEBBAE2BD2FED9B2E75E85149DE52780 ] WSDScan         C:\WINDOWS\system32\DRIVERS\WSDScan.sys
09:13:44.0911 0x0ef8  WSDScan - ok
09:13:44.0911 0x0ef8  WSearch - ok
09:13:44.0943 0x0ef8  [ DB38A10568D01CCCDA442C8F52EDF657, C48AE43F8AE22B1A68E73E452C09CE8913885A549DCD33D017A16350AEA5EAB5 ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
09:13:44.0974 0x0ef8  wuauserv - ok
09:13:44.0974 0x0ef8  [ AED7FE551E8672B824A56324076183EB, FFE543AAEFDEFFE6B20C244DB141A9425BDA88ED36F4870F0B70FEC433BDF0C1 ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
09:13:44.0974 0x0ef8  WudfPf - ok
09:13:44.0989 0x0ef8  [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFRd          C:\WINDOWS\system32\drivers\WudfRd.sys
09:13:44.0989 0x0ef8  WUDFRd - ok
09:13:44.0989 0x0ef8  [ 47F6450F28BAA32B2AB0D6BE00996249, C8A47D6ADF89AD613AB685C6224B9099DCEFDCD8ABCF703542AFDC356404116E ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
09:13:44.0989 0x0ef8  wudfsvc - ok
09:13:45.0005 0x0ef8  [ 42DF36725C1B28EF40F94363BA9213ED, 87F7355FEF000326BFFC9ED24D6E32D05F36A549779A1D319603F94E6D8223FD ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
09:13:45.0021 0x0ef8  WwanSvc - ok
09:13:45.0036 0x0ef8  [ A3C436C67C60F43FDE192A23C39C640F, 6B88DE083E26175A774C243528954E6ECCFEC1450B7C7C6C5C45A3F9B8C70B01 ] X86BDA          C:\WINDOWS\system32\DRIVERS\OEMDrv.sys
09:13:45.0036 0x0ef8  X86BDA - ok
09:13:45.0052 0x0ef8  [ 38DDEB2AFE7D72B43DB116DACBFB97CD, 516368980793E22034298CA9C800D1AAD5B89979771182B74EB6E5FBC8BA1016 ] XblAuthManager  C:\WINDOWS\System32\XblAuthManager.dll
09:13:45.0068 0x0ef8  XblAuthManager - ok
09:13:45.0083 0x0ef8  [ 765FF96467A26C4C03281ECA426EC2D9, 2526B03C518D72F429C29BA4D4F11707AF277BF71520A1A92238A932950AE161 ] XblGameSave     C:\WINDOWS\System32\XblGameSave.dll
09:13:45.0099 0x0ef8  XblGameSave - ok
09:13:45.0114 0x0ef8  [ 59335CEA021FB89E07AD5DB5D17F09D0, 33FEFD5798BFA306FBEDCC8F2D0D984B6546A61B5026E921A8AC0466ADF2B698 ] xboxgip         C:\WINDOWS\System32\drivers\xboxgip.sys
09:13:45.0114 0x0ef8  xboxgip - ok
09:13:45.0130 0x0ef8  [ 335E6F2BE58523B295945C840C185B00, 94ED7E2CB212A3D55B8A2CB90CD1D02A6AF92DC0DDD487CB5B7CAC9883343460 ] XboxNetApiSvc   C:\WINDOWS\system32\XboxNetApiSvc.dll
09:13:45.0146 0x0ef8  XboxNetApiSvc - ok
09:13:45.0146 0x0ef8  [ 864F4209B03BE4267DDE09B067A165CA, C6751CB80940F320A742C38295E4FEEC85F99BE7D6C564AC5F5068E85A82421D ] xinputhid       C:\WINDOWS\System32\drivers\xinputhid.sys
09:13:45.0146 0x0ef8  xinputhid - ok
09:13:45.0146 0x0ef8  [ DCF1C283860C3CAB0BF0A71528A0136C, DFC44E5337A8B37C54CA57D53F74E41BE2C0495AF2A566FE1E9A37C045BF4C84 ] XtuAcpiDriver   C:\WINDOWS\System32\drivers\XtuAcpiDriver.sys
09:13:45.0146 0x0ef8  XtuAcpiDriver - ok
09:13:45.0146 0x0ef8  ================ Scan global ===============================
09:13:45.0161 0x0ef8  [ 0C710DB449712EE13ACE733695DB7780, BBC7875B38D318CE4E88979D083AC72E8993254A466A8A6882DDE9E0C3B687A3 ] C:\WINDOWS\system32\basesrv.dll
09:13:45.0161 0x0ef8  [ 1FEF9536BA2779E2F3CB524E34BAC715, 6387C7E2FD538EFD9AC19B622AEC81F6F924576FDAB6F003AF5B6CBD33F6A379 ] C:\WINDOWS\system32\winsrv.dll
09:13:45.0161 0x0ef8  [ 1EE06E957B0B2CA52D26DA7861E160EF, 4B743A1C7010138F5F6684BBCF7CAD6FD05F49920BDD3FDB776347AA6B44AB94 ] C:\WINDOWS\system32\sxssrv.dll
09:13:45.0177 0x0ef8  [ 133390D061D94917125DC666DA67ECD0, 69D6FFF3E0A0C4D77A62B4D71E1E3A8D10D93C46782A1B05F0EC4B8919C384B9 ] C:\WINDOWS\system32\services.exe
09:13:45.0177 0x0ef8  [ Global ] - ok
09:13:45.0177 0x0ef8  ================ Scan MBR ==================================
09:13:45.0177 0x0ef8  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
09:13:45.0193 0x0ef8  \Device\Harddisk0\DR0 - ok
09:13:45.0193 0x0ef8  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
09:13:45.0318 0x0ef8  \Device\Harddisk1\DR1 - ok
09:13:45.0318 0x0ef8  ================ Scan VBR ==================================
09:13:45.0318 0x0ef8  [ EDF928BEA8A2567C96571364DCE2CADF ] \Device\Harddisk0\DR0\Partition1
09:13:45.0318 0x0ef8  \Device\Harddisk0\DR0\Partition1 - ok
09:13:45.0318 0x0ef8  [ A716FF655F24343D37861B4A31302684 ] \Device\Harddisk0\DR0\Partition2
09:13:45.0318 0x0ef8  \Device\Harddisk0\DR0\Partition2 - ok
09:13:45.0318 0x0ef8  [ DD9E294531627371CDCAB99D9FA3C136 ] \Device\Harddisk0\DR0\Partition3
09:13:45.0318 0x0ef8  \Device\Harddisk0\DR0\Partition3 - ok
09:13:45.0318 0x0ef8  [ 78800DCEE949465F984599186F20EDF4 ] \Device\Harddisk0\DR0\Partition4
09:13:45.0318 0x0ef8  \Device\Harddisk0\DR0\Partition4 - ok
09:13:45.0333 0x0ef8  [ 2883472D5EF2FBE8CA2FC4BFE7EBC1D6 ] \Device\Harddisk1\DR1\Partition1
09:13:45.0333 0x0ef8  \Device\Harddisk1\DR1\Partition1 - ok
09:13:45.0333 0x0ef8  ================ Scan generic autorun ======================
09:13:45.0443 0x0ef8  [ C137F3B93557075F8CC6232F0E2D9EC3, 54E89108F3EC9009036C8BF9053E76534D8F8911CCF83AEA0C45B9EACFBB1EF5 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
09:13:45.0545 0x0ef8  RTHDVCPL - ok
09:13:45.0561 0x0ef8  [ 51B634D617073986FA73417318F7C121, CAB64175383F501FA515D335167334D7F2147F0889E5052484AA1FF866C6F8CF ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
09:13:45.0576 0x0ef8  AdobeAAMUpdater-1.0 - ok
09:13:45.0764 0x0ef8  [ 9CFD0AFEA08FFEA16F3EFFC94D5B3DEF, AB7879DDA9D516C2B124640B1D34557A8BAD244423867E8390D29FFF6858A865 ] C:\Program Files\Logitech Gaming Software\LCore.exe
09:13:45.0936 0x0ef8  Launch LCore - ok
09:13:45.0983 0x0ef8  [ 94A8196066774252DF015EEDF02CCA44, AD2DFDA427E3CCB5C8404F0AFAFE71C64B862D2E26A67E1BFC2B40738FD0B873 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
09:13:46.0014 0x0ef8  NvBackend - ok
09:13:46.0014 0x0ef8  [ 5677C8C60F4659E8626AC9036EEF38DF, 1C7D3EC3BCB3E34900DD9556A3EBAF449C68585DC8E07682E680790497105B8B ] C:\Program Files\Classic Shell\ClassicStartMenu.exe
09:13:46.0014 0x0ef8  Classic Start Menu - ok
09:13:46.0014 0x0ef8  [ ADEA393B2B49EB25578702F4F5525E93, 8F0AB94BEA3751C566CBFF2F9A29495CCAC029DE3721107BBA892A418FD70581 ] C:\Program Files\iTunes\iTunesHelper.exe
09:13:46.0030 0x0ef8  iTunesHelper - ok
09:13:46.0030 0x0ef8  [ FB2693E1B53BCEDA1F054FF2C54881E6, 41E25F1EDE25F722F9B73527B2F8B05F38EC87964DBBDEA4F1306E207A78E894 ] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
09:13:46.0030 0x0ef8  IJNetworkScannerSelectorEX - ok
09:13:46.0045 0x0ef8  [ 2CDEFC7505383D4B9CCF86DC67CE0C98, 65B3DD4E70F9E783C55F15465491F71B63A2481AFF4E6D89E2263DA14BE3AF20 ] C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe
09:13:46.0045 0x0ef8  AvgUi - ok
09:13:46.0045 0x0ef8  [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
09:13:46.0061 0x0ef8  SwitchBoard - ok
09:13:46.0076 0x0ef8  [ 8FE651ACBA3344E645CFEB6286FFF6B8, ECE4DFFEB7EB0B19B6790FD0F619A5C4B23CA0BA9CC3F25924925F8EA07264B6 ] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe
09:13:46.0092 0x0ef8  AdobeCS6ServiceManager - ok
09:13:46.0280 0x0ef8  [ 862759B43CB15C01301DD911F11200F3, FB02C15ABBD39834F219C92C0B14B2E9BB753518F498543796BC5E2ACF0EEC04 ] C:\Program Files (x86)\Corsair\Corsair Utility Engine\CorsairHID.exe
09:13:46.0451 0x0ef8  Corsair Utility Engine - ok
09:13:46.0467 0x0ef8  [ F39F3D20532D432663FE0BE4978C4947, AE91CFA7B3CBFC0AD9EAB868DEE0E5C16F06C7E68D6CABB421146AC86C58D62C ] C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
09:13:46.0483 0x0ef8  ConnectionCenter - ok
09:13:46.0483 0x0ef8  [ E1ADB14F9EBB72CD4E98B7C5A923F790, A4EB5C7D0B02DFF8591BF61768896DB5F7FE9C20A0EF557D80C8810E4E6E5C74 ] C:\Program Files (x86)\Citrix\ICA Client\redirector.exe
09:13:46.0483 0x0ef8  Redirector - ok
09:13:46.0498 0x0ef8  [ B84EA4194486D6820AE6A5A80C4468D9, 8711FA7A503E6E77E5300AB6C529A44A9F035B7852FD1815F43262D7BC0DACC7 ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
09:13:46.0498 0x0ef8  Avira SystrayStartTrigger - ok
09:13:46.0498 0x0ef8  [ 99EC85193F298938639841341323C8A8, 92762D4220726C379D423E75B0084F6DF5A0B42F54835611AC607DD0BE41F7CF ] C:\Program Files (x86)\AVG\Av\avuirunnerx.exe
09:13:46.0498 0x0ef8  AVG_UI - ok
09:13:46.0498 0x0ef8  [ 297C1BDCC26ADB339D4C0F0550E434D6, EFF4EC2543421BE537B1EDC8E88CFF7C529F3774F54BD9A71CCDB33EE9ED6370 ] C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe
09:13:46.0498 0x0ef8  Malwarebytes Anti-Malware (cleanup) - ok
09:13:46.0623 0x0ef8  [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
09:13:46.0733 0x0ef8  OneDriveSetup - ok
09:13:46.0842 0x0ef8  [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
09:13:46.0936 0x0ef8  OneDriveSetup - ok
09:13:46.0951 0x0ef8  [ FD9A7F99A09DB266D0C1361B0ACCBD7E, 579160BDACDFE39AE5DDD7B5C2964453E89BA8D933F3FB16C6E3897EA3BDED29 ] C:\Users\GaberFamily\AppData\Local\Microsoft\OneDrive\OneDrive.exe
09:13:46.0967 0x0ef8  OneDrive - ok
09:13:46.0967 0x0ef8  Skype - ok
09:13:46.0998 0x0ef8  [ 20BEDE125BE16DA2E492E639DF45A79F, E48AF838BC9C6B55FA37EB99591C4B17EE60EF49625132A9ECE70D3878F8957A ] C:\Program Files (x86)\Steam\steam.exe
09:13:47.0030 0x0ef8  Steam - ok
09:13:47.0092 0x0ef8  [ C1CE66436AFE9216A3E7C650C3D0F8AB, B2EF7A948604FB531A9744AACE2706C20B38CE14AD122CF5BA4B670078D155D9 ] C:\Program Files (x86)\Gyazo\GyStation.exe
09:13:47.0123 0x0ef8  Gyazo - ok
09:13:47.0123 0x0ef8  Waiting for KSN requests completion. In queue: 279
09:13:48.0155 0x0ef8  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.14393.0 ), 0x60100 ( disabled : updated )
09:13:48.0170 0x0ef8  AV detected via SS2: AVG AntiVirus Free Edition, C:\Program Files (x86)\AVG\Av\avgwsc.exe ( 16.101.0.7752 ), 0x41000 ( enabled : updated )
09:13:48.0186 0x0ef8  Win FW state via NFP2: enabled ( trusted )
09:13:48.0358 0x0ef8  ============================================================
09:13:48.0358 0x0ef8  Scan finished
09:13:48.0358 0x0ef8  ============================================================
09:13:48.0358 0x0658  Detected object count: 0
09:13:48.0358 0x0658  Actual detected object count: 0
09:13:50.0170 0x0a64  Deinitialize success
 
========= End of CMD: =========
 
C:\Users\GaberFamily\AppData\Roaming\fbTFciUgbVKI => moved successfully
C:\Users\GaberFamily\AppData\Roaming\YddNBGZaaOXh => moved successfully
 
=========== EmptyTemp: ==========
 
BITS transfer queue => 32768 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 54758711 B
Java, Flash, Steam htmlcache => 372000274 B
Windows/system/drivers => 437744 B
Edge => 30875 B
Chrome => 63509146 B
Firefox => 7034549 B
Opera => 0 B
 
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 822 B
NetworkService => 0 B
GaberFamily => 3502795 B
 
RecycleBin => 0 B
EmptyTemp: => 478.1 MB temporary data Removed.
 
================================
 
 
The system needed a reboot.
 
==== End of Fixlog 16:34:33 ====

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-08-2016 01
Ran by GaberFamily (administrator) on GABER-FAMILY (26-08-2016 16:36:30)
Running from C:\Users\GaberFamily\Desktop
Loaded Profiles: GaberFamily (Available Profiles: GaberFamily)
Platform: Windows 10 Pro Version 1607 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagenta.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Rivet Networks) C:\Program Files\Killer Networking\Network Manager\KillerService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\System32\PnkBstrA.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe
(NVIDIA Corporation) C:\Users\GaberFamily\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(Hauppauge Computer Works, Inc.) D:\Program Files (x86)\Hauppauge\DeviceCentral\HcwDCTrayTool.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Hauppauge Computer Works, Inc.) D:\Program Files (x86)\Hauppauge\DeviceCentral\HcwDevCentralService.exe
(Corsair Components, Inc.) C:\Program Files (x86)\Corsair\Corsair Utility Engine\CorsairHID.exe
(Rivet Networks) C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8844032 1999-12-31] (Realtek Semiconductor)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [15033976 2015-11-20] (Logitech Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-06-14] (NVIDIA Corporation)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163800 2016-07-30] (IvoSoft)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-07-26] (Apple Inc.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [439440 2011-09-27] (CANON INC.)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [204560 2016-08-18] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [Corsair Utility Engine] => C:\Program Files (x86)\Corsair\Corsair Utility Engine\CorsairHID.exe [14885552 2016-03-23] (Corsair Components, Inc.)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [522552 2015-12-10] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [231736 2015-12-10] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [6709008 2016-07-28] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-2744257987-3702739802-1486994692-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [29500544 2016-07-13] (Skype Technologies S.A.)
HKU\S-1-5-21-2744257987-3702739802-1486994692-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2857248 2016-08-23] (Valve Corporation)
HKU\S-1-5-21-2744257987-3702739802-1486994692-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [3582240 2016-08-03] (Nota Inc.)
HKU\S-1-5-21-2744257987-3702739802-1486994692-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7943072 2016-07-19] (SUPERAntiSpyware)
HKU\S-1-5-21-2744257987-3702739802-1486994692-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8894680 2016-08-05] (Piriform Ltd)
HKU\S-1-5-21-2744257987-3702739802-1486994692-1001\...\Winlogon: [Shell] c:\windows\explorer.exe [4673304 2016-07-16] (Microsoft Corporation) <==== ATTENTION
HKU\S-1-5-18\...\Run: [KSS] => "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe" autorun
ShellIconOverlayIdentifiers: [HardLinkMenu] -> {0A479751-02BC-11d3-A855-0004AC2568AA} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2015-10-04] (Hermann Schinagl)
ShellIconOverlayIdentifiers: [IconOverlayHardLink] -> {0A479751-02BC-11d3-A855-0004AC2568DD} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2015-10-04] (Hermann Schinagl)
ShellIconOverlayIdentifiers: [IconOverlaySymbolicLink] -> {0A479751-02BC-11d3-A855-0004AC2568EE} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2015-10-04] (Hermann Schinagl)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [HardLinkMenu] -> {0A479751-02BC-11d3-A855-0004AC2568AA} => C:\Program Files\LinkShellExtension\32\HardlinkShellExt.dll [2015-10-04] (Hermann Schinagl)
ShellIconOverlayIdentifiers-x32: [IconOverlayHardLink] -> {0A479751-02BC-11d3-A855-0004AC2568DD} => C:\Program Files\LinkShellExtension\32\HardlinkShellExt.dll [2015-10-04] (Hermann Schinagl)
ShellIconOverlayIdentifiers-x32: [IconOverlaySymbolicLink] -> {0A479751-02BC-11d3-A855-0004AC2568EE} => C:\Program Files\LinkShellExtension\32\HardlinkShellExt.dll [2015-10-04] (Hermann Schinagl)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Hauppauge Device Properties.lnk [2016-06-16]
ShortcutTarget: Hauppauge Device Properties.lnk -> D:\Program Files (x86)\Hauppauge\DeviceCentral\HcwDCTrayTool.exe (Hauppauge Computer Works, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2015-08-01]
ShortcutTarget: Killer Network Manager.lnk -> C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe (Rivet Networks)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{d038c1b3-860d-4d13-9d7b-bf56d96a4d0d}: [DhcpNameServer] 209.222.18.222 209.222.18.218
Tcpip\..\Interfaces\{da7ff714-9411-4f11-a9ab-2120f057f175}: [DhcpNameServer] 192.168.1.1
 
Internet Explorer:
==================
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-08-23] (Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-08-23] (Microsoft Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2016-07-30] (IvoSoft)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-08-23] (Microsoft Corporation)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-08-23] (Microsoft Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2016-07-30] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
DPF: HKLM-x32 {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} hxxps://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1457669417348
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-23] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-23] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-23] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-23] (Microsoft Corporation)
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
 
FireFox:
========
FF ProfilePath: C:\Users\GaberFamily\AppData\Roaming\Mozilla\Firefox\Profiles\4lvfnymv.default
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1219160.dll [2015-07-23] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2015-12-10] (Citrix Systems, Inc.)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-08-23] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-08-23] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-08-11] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-08-11] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-21] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-21] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Extension: (Thumbnail Zoom Plus) - C:\Users\GaberFamily\AppData\Roaming\Mozilla\Firefox\Profiles\4lvfnymv.default\extensions\thumbnailZoom@dadler.github.com.xpi [2015-08-03]
FF Extension: (Avira Browser Safety) - C:\Users\GaberFamily\AppData\Roaming\Mozilla\Firefox\Profiles\4lvfnymv.default\Extensions\abs@avira.com [2016-08-24]
FF Extension: (Adblock Plus) - C:\Users\GaberFamily\AppData\Roaming\Mozilla\Firefox\Profiles\4lvfnymv.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-10-10]
 
Chrome: 
=======
CHR Profile: C:\Users\GaberFamily\AppData\Local\Google\Chrome\User Data\Default
CHR Profile: C:\Users\GaberFamily\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Docs) - C:\Users\GaberFamily\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-18]
CHR Extension: (Google Drive) - C:\Users\GaberFamily\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-18]
CHR Extension: (YouTube) - C:\Users\GaberFamily\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-18]
CHR Extension: (uBlock Origin) - C:\Users\GaberFamily\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2016-08-20]
CHR Extension: (Google Search) - C:\Users\GaberFamily\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-18]
CHR Extension: (Google Docs Offline) - C:\Users\GaberFamily\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-19]
CHR Extension: (Chrome Web Store Payments) - C:\Users\GaberFamily\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Gmail) - C:\Users\GaberFamily\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-18]
CHR Extension: (Chrome Media Router) - C:\Users\GaberFamily\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-18]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [674552 2016-07-28] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [5267456 2016-07-28] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1097488 2016-08-18] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [760024 2016-07-28] (AVG Technologies CZ, s.r.o.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1345056 2016-02-17] ()
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2981056 2016-08-11] (Microsoft Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-06-14] (NVIDIA Corporation)
R3 HcwDevCentralService; D:\Program Files (x86)\Hauppauge\DeviceCentral\HcwDevCentralService.exe [396104 2016-01-27] (Hauppauge Computer Works, Inc.)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [374360 2016-05-27] (Intel Corporation)
R2 Killer Service V2; C:\Program Files\Killer Networking\Network Manager\KillerService.exe [442880 2015-07-28] (Rivet Networks) [File not signed]
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193144 2015-11-20] (Logitech Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-06-14] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-06-14] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-06-14] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2016-06-14] (Electronic Arts)
S3 PAExec; C:\WINDOWS\PAExec.exe [189112 2016-07-07] (Power Admin LLC)
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2016-05-15] ()
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2016-05-15] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-02-28] (Riverbed Technology, Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-07-16] (Microsoft Corporation)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7183632 2016-07-18] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [21632 2016-01-07] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [163072 2016-05-13] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [314112 2016-06-30] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [261376 2016-06-01] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [260352 2016-06-01] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [261888 2016-07-19] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [52992 2016-06-01] (AVG Technologies CZ, s.r.o.)
R0 avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [77056 2016-06-20] (AVG Technologies CZ, s.r.o.)
R1 BfLwf; C:\Windows\system32\DRIVERS\bwcW10x64.sys [116272 2015-07-24] (Rivet Networks, LLC.)
S3 CM_VENDER_CMD; C:\Program Files\Common Files\Logitech\G430Install\CMVC64.sys [17104 2014-07-30] (Windows ® Win 7 DDK provider)
R3 CorsairVBusDriver; C:\Windows\System32\drivers\CorsairVBusDriver.sys [47840 2016-01-20] (Corsair)
R3 CorsairVHidDriver; C:\Windows\System32\drivers\CorsairVHidDriver.sys [21728 2016-01-20] (Corsair)
S3 EvolveVirtualAdapter; C:\Windows\System32\drivers\evolve.sys [21656 2016-07-30] (Echobit, LLC)
S3 hcwE5bda; C:\Windows\system32\drivers\hcwE5bda.sys [985096 2016-02-08] (Hauppauge Computer Work, Inc.)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-02-26] (REALiX™)
R3 KillerEth; C:\Windows\System32\drivers\e22w10x64.sys [156744 2016-02-26] (Qualcomm Atheros, Inc.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\Windows\system32\drivers\LGJoyXlCore.sys [68384 2015-06-10] (Logitech Inc.)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-02-28] (Riverbed Technology, Inc.)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_72b89f8d71abda5d\nvlddmkm.sys [14199352 2016-08-16] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-06-14] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
S3 SMIGrabber3C; C:\Windows\System32\Drivers\SmiUsbGrabber3C.sys [821888 2011-01-26] (Windows ® Win 7 DDK provider)
S1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [121248 2016-08-16] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [195936 2016-08-16] (Oracle Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 X86BDA; C:\Windows\system32\DRIVERS\OEMDrv.sys [268416 2011-06-08] ( ) [File not signed]
R3 XtuAcpiDriver; C:\Windows\System32\drivers\XtuAcpiDriver.sys [63840 2015-12-09] (Intel Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-08-26 16:34 - 2016-08-26 16:34 - 00144596 _____ C:\Users\GaberFamily\Desktop\Fixlog.txt
2016-08-25 22:06 - 2016-08-25 22:06 - 00000218 _____ C:\Users\GaberFamily\AppData\Local\recently-used.xbel
2016-08-25 20:20 - 2016-08-25 20:20 - 20457664 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2016-08-25 16:41 - 2016-08-26 16:36 - 00027315 _____ C:\Users\GaberFamily\Desktop\FRST.txt
2016-08-25 16:41 - 2016-08-25 16:41 - 00065373 _____ C:\Users\GaberFamily\Desktop\Addition.txt
2016-08-25 16:39 - 2016-08-25 16:40 - 02396160 _____ (Farbar) C:\Users\GaberFamily\Desktop\FRST64.exe
2016-08-24 19:33 - 2016-08-24 19:33 - 00284564 _____ C:\TDSSKiller.3.1.0.11_24.08.2016_19.33.26_log.txt
2016-08-24 11:18 - 2016-08-24 11:18 - 00284576 _____ C:\TDSSKiller.3.1.0.11_24.08.2016_11.18.03_log.txt
2016-08-24 10:51 - 2016-08-24 10:51 - 00002876 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2016-08-24 10:51 - 2016-08-24 10:51 - 00000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-08-24 10:51 - 2016-08-24 10:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-08-24 10:51 - 2016-08-24 10:51 - 00000000 ____D C:\Program Files\CCleaner
2016-08-24 10:26 - 2016-08-24 10:26 - 00000000 ____D C:\Users\GaberFamily\AppData\Roaming\Runscanner.net
2016-08-24 09:53 - 2016-08-24 09:53 - 00001849 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2016-08-24 09:53 - 2016-08-24 09:53 - 00000000 ____D C:\Users\GaberFamily\AppData\Roaming\SUPERAntiSpyware.com
2016-08-24 09:53 - 2016-08-24 09:53 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2016-08-24 09:53 - 2016-08-24 09:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2016-08-24 09:53 - 2016-08-24 09:53 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2016-08-24 09:13 - 2016-08-24 09:13 - 00284270 _____ C:\TDSSKiller.3.1.0.11_24.08.2016_09.13.33_log.txt
2016-08-24 09:01 - 2016-08-24 09:01 - 02932230 _____ C:\Users\GaberFamily\Desktop\GSC INJECTOR FOLDER.zip
2016-08-24 09:01 - 2016-08-24 09:01 - 00021864 _____ C:\Users\GaberFamily\Desktop\BO2_GSC_Injector.sprx
2016-08-24 09:01 - 2016-08-24 09:01 - 00000000 ____D C:\Users\GaberFamily\Desktop\BO2_GSC_INJECTOR
2016-08-24 09:00 - 2016-08-24 09:00 - 00016274 _____ C:\Users\GaberFamily\Desktop\BO2_GSC_Injector.cfg
2016-08-24 08:45 - 2016-08-24 08:45 - 00000000 ___HD C:\$AVG
2016-08-24 08:45 - 2016-08-24 08:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2016-08-24 08:35 - 2016-08-26 16:36 - 00000000 ____D C:\FRST
2016-08-24 08:07 - 2016-08-06 00:33 - 00354264 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-08-24 08:07 - 2016-08-06 00:31 - 00041824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2016-08-24 08:07 - 2016-08-06 00:30 - 01883784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-08-24 08:07 - 2016-08-06 00:30 - 01349128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-08-24 08:07 - 2016-08-06 00:30 - 01163696 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-08-24 08:07 - 2016-08-06 00:29 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-08-24 08:07 - 2016-08-06 00:26 - 01176664 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2016-08-24 08:07 - 2016-08-06 00:26 - 00409944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2016-08-24 08:07 - 2016-08-06 00:18 - 00584032 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-08-24 08:07 - 2016-08-06 00:18 - 00396168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-08-24 08:07 - 2016-08-06 00:17 - 00790760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2016-08-24 08:07 - 2016-08-06 00:17 - 00450400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-08-24 08:07 - 2016-08-06 00:17 - 00224096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-08-24 08:07 - 2016-08-06 00:16 - 01099104 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2016-08-24 08:07 - 2016-08-06 00:16 - 00987488 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2016-08-24 08:07 - 2016-08-06 00:16 - 00942432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2016-08-24 08:07 - 2016-08-06 00:16 - 00807776 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2016-08-24 08:07 - 2016-08-06 00:16 - 00435040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-08-24 08:07 - 2016-08-06 00:16 - 00073568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2016-08-24 08:07 - 2016-08-06 00:16 - 00020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2016-08-24 08:07 - 2016-08-06 00:13 - 00381760 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-08-24 08:07 - 2016-08-06 00:09 - 00151224 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-08-24 08:07 - 2016-08-06 00:08 - 02537816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-08-24 08:07 - 2016-08-06 00:08 - 02251432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-08-24 08:07 - 2016-08-06 00:08 - 01430208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-08-24 08:07 - 2016-08-06 00:08 - 00843104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-08-24 08:07 - 2016-08-06 00:08 - 00509784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-08-24 08:07 - 2016-08-06 00:03 - 20965240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-08-24 08:07 - 2016-08-06 00:03 - 01360456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-08-24 08:07 - 2016-08-06 00:03 - 01343928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2016-08-24 08:07 - 2016-08-06 00:03 - 00980824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-08-24 08:07 - 2016-08-06 00:03 - 00955008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-08-24 08:07 - 2016-08-06 00:03 - 00529928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2016-08-24 08:07 - 2016-08-06 00:03 - 00036168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe
2016-08-24 08:07 - 2016-08-05 23:48 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-08-24 08:07 - 2016-08-05 23:48 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2016-08-24 08:07 - 2016-08-05 23:48 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.exe
2016-08-24 08:07 - 2016-08-05 23:47 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2016-08-24 08:07 - 2016-08-05 23:47 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2016-08-24 08:07 - 2016-08-05 23:46 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2016-08-24 08:07 - 2016-08-05 23:45 - 00327680 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
2016-08-24 08:07 - 2016-08-05 23:45 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2016-08-24 08:07 - 2016-08-05 23:45 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2016-08-24 08:07 - 2016-08-05 23:45 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiougc.exe
2016-08-24 08:07 - 2016-08-05 23:45 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2016-08-24 08:07 - 2016-08-05 23:45 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netiougc.exe
2016-08-24 08:07 - 2016-08-05 23:44 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2016-08-24 08:07 - 2016-08-05 23:44 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceassociation.dll
2016-08-24 08:07 - 2016-08-05 23:43 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_WorkAccess.dll
2016-08-24 08:07 - 2016-08-05 23:43 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipboardServer.dll
2016-08-24 08:07 - 2016-08-05 23:43 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2016-08-24 08:07 - 2016-08-05 23:42 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-08-24 08:07 - 2016-08-05 23:42 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-08-24 08:07 - 2016-08-05 23:42 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ClipboardServer.dll
2016-08-24 08:07 - 2016-08-05 23:41 - 00554496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-08-24 08:07 - 2016-08-05 23:41 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2016-08-24 08:07 - 2016-08-05 23:41 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2016-08-24 08:07 - 2016-08-05 23:41 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncPolicy.dll
2016-08-24 08:07 - 2016-08-05 23:40 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-08-24 08:07 - 2016-08-05 23:40 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-08-24 08:07 - 2016-08-05 23:40 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafpos.dll
2016-08-24 08:07 - 2016-08-05 23:40 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpipcfg.dll
2016-08-24 08:07 - 2016-08-05 23:40 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2016-08-24 08:07 - 2016-08-05 23:39 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2016-08-24 08:07 - 2016-08-05 23:39 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-08-24 08:07 - 2016-08-05 23:39 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tcpipcfg.dll
2016-08-24 08:07 - 2016-08-05 23:38 - 17187328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-08-24 08:07 - 2016-08-05 23:38 - 00526848 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-08-24 08:07 - 2016-08-05 23:37 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-08-24 08:07 - 2016-08-05 23:37 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-08-24 08:07 - 2016-08-05 23:35 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2016-08-24 08:07 - 2016-08-05 23:34 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2016-08-24 08:07 - 2016-08-05 23:34 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2016-08-24 08:07 - 2016-08-05 23:34 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CastLaunch.dll
2016-08-24 08:07 - 2016-08-05 23:33 - 01304576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2016-08-24 08:07 - 2016-08-05 23:33 - 01106432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2016-08-24 08:07 - 2016-08-05 23:33 - 01082368 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-08-24 08:07 - 2016-08-05 23:33 - 00396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-08-24 08:07 - 2016-08-05 23:31 - 12174336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-08-24 08:07 - 2016-08-05 23:31 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2016-08-24 08:07 - 2016-08-05 23:30 - 13080576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-08-24 08:07 - 2016-08-05 23:28 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-08-24 08:07 - 2016-08-05 23:28 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2016-08-24 08:07 - 2016-08-05 23:28 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2016-08-24 08:07 - 2016-08-05 23:26 - 00758784 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-08-24 08:07 - 2016-08-05 23:26 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-08-24 08:07 - 2016-08-05 23:25 - 03116032 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAJApi.dll
2016-08-24 08:07 - 2016-08-05 23:24 - 02680832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-08-24 08:07 - 2016-08-05 23:24 - 02095616 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-08-24 08:07 - 2016-08-05 23:24 - 02026496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-08-24 08:07 - 2016-08-05 23:24 - 01875456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-08-24 08:07 - 2016-08-05 23:23 - 02370048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-08-24 08:07 - 2016-08-05 23:23 - 01062400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-08-24 08:07 - 2016-08-05 23:23 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-08-24 08:07 - 2016-08-05 23:23 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-08-24 08:07 - 2016-08-05 23:21 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2016-08-24 08:07 - 2016-08-05 23:19 - 01812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2016-08-24 08:07 - 2016-08-05 05:14 - 01066328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2016-08-24 08:07 - 2016-08-05 05:12 - 05622600 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2016-08-24 08:07 - 2016-08-05 05:10 - 00939872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pidgenx.dll
2016-08-24 08:07 - 2016-08-05 05:05 - 00665768 _____ (Microsoft Corporation) C:\WINDOWS\system32\GenValObj.exe
2016-08-24 08:07 - 2016-08-05 04:29 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.UXRes.dll
2016-08-24 08:07 - 2016-08-05 04:28 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2016-08-24 08:07 - 2016-08-05 04:22 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2016-08-24 08:07 - 2016-08-05 04:20 - 00538112 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2016-08-24 08:07 - 2016-08-05 04:08 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\slc.dll
2016-08-24 08:07 - 2016-08-05 04:07 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-08-24 08:06 - 2016-08-24 08:07 - 00277742 _____ C:\TDSSKiller.3.1.0.11_24.08.2016_08.06.44_log.txt
2016-08-24 08:06 - 2016-08-06 00:32 - 01046976 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-08-24 08:06 - 2016-08-06 00:32 - 00885832 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-08-24 08:06 - 2016-08-06 00:31 - 00077664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2016-08-24 08:06 - 2016-08-06 00:30 - 07814496 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-08-24 08:06 - 2016-08-06 00:29 - 00199008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2016-08-24 08:06 - 2016-08-06 00:24 - 01570680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-08-24 08:06 - 2016-08-06 00:23 - 00168800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-08-24 08:06 - 2016-08-06 00:18 - 02745224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-08-24 08:06 - 2016-08-06 00:18 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-08-24 08:06 - 2016-08-06 00:18 - 01260384 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-08-24 08:06 - 2016-08-06 00:17 - 00619368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-08-24 08:06 - 2016-08-06 00:16 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-08-24 08:06 - 2016-08-06 00:15 - 00408600 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2016-08-24 08:06 - 2016-08-06 00:13 - 22218808 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-08-24 08:06 - 2016-08-06 00:13 - 01847048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-08-24 08:06 - 2016-08-06 00:13 - 01694200 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2016-08-24 08:06 - 2016-08-06 00:13 - 01453992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-08-24 08:06 - 2016-08-06 00:13 - 01071728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-08-24 08:06 - 2016-08-06 00:13 - 01066096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-08-24 08:06 - 2016-08-06 00:13 - 00595488 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2016-08-24 08:06 - 2016-08-06 00:13 - 00044472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2016-08-24 08:06 - 2016-08-06 00:08 - 01469120 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-08-24 08:06 - 2016-08-06 00:08 - 00587968 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-08-24 08:06 - 2016-08-06 00:08 - 00313560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2016-08-24 08:06 - 2016-08-06 00:08 - 00050880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-08-24 08:06 - 2016-08-06 00:04 - 00361096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2016-08-24 08:06 - 2016-08-06 00:03 - 01557296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2016-08-24 08:06 - 2016-08-06 00:02 - 00321280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-08-24 08:06 - 2016-08-05 23:50 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2016-08-24 08:06 - 2016-08-05 23:49 - 22570496 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-08-24 08:06 - 2016-08-05 23:48 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2016-08-24 08:06 - 2016-08-05 23:48 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-08-24 08:06 - 2016-08-05 23:48 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-08-24 08:06 - 2016-08-05 23:48 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2016-08-24 08:06 - 2016-08-05 23:48 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
2016-08-24 08:06 - 2016-08-05 23:48 - 00010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwmp.dll
2016-08-24 08:06 - 2016-08-05 23:48 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spwmp.dll
2016-08-24 08:06 - 2016-08-05 23:48 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdxm.ocx
2016-08-24 08:06 - 2016-08-05 23:48 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxmasf.dll
2016-08-24 08:06 - 2016-08-05 23:47 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-08-24 08:06 - 2016-08-05 23:47 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2016-08-24 08:06 - 2016-08-05 23:47 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdxm.ocx
2016-08-24 08:06 - 2016-08-05 23:47 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxmasf.dll
2016-08-24 08:06 - 2016-08-05 23:46 - 09260032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmploc.DLL
2016-08-24 08:06 - 2016-08-05 23:46 - 09260032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmploc.DLL
2016-08-24 08:06 - 2016-08-05 23:46 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dasHost.exe
2016-08-24 08:06 - 2016-08-05 23:46 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModelOOBE.exe
2016-08-24 08:06 - 2016-08-05 23:46 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2016-08-24 08:06 - 2016-08-05 23:45 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll
2016-08-24 08:06 - 2016-08-05 23:45 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2016-08-24 08:06 - 2016-08-05 23:44 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceassociation.dll
2016-08-24 08:06 - 2016-08-05 23:43 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-08-24 08:06 - 2016-08-05 23:43 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-08-24 08:06 - 2016-08-05 23:42 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-08-24 08:06 - 2016-08-05 23:41 - 13867520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-08-24 08:06 - 2016-08-05 23:41 - 00743424 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-08-24 08:06 - 2016-08-05 23:41 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-08-24 08:06 - 2016-08-05 23:41 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2016-08-24 08:06 - 2016-08-05 23:41 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2016-08-24 08:06 - 2016-08-05 23:41 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2016-08-24 08:06 - 2016-08-05 23:40 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2016-08-24 08:06 - 2016-08-05 23:40 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncPolicy.dll
2016-08-24 08:06 - 2016-08-05 23:39 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2016-08-24 08:06 - 2016-08-05 23:39 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-08-24 08:06 - 2016-08-05 23:38 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-08-24 08:06 - 2016-08-05 23:38 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-08-24 08:06 - 2016-08-05 23:37 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-08-24 08:06 - 2016-08-05 23:36 - 19422720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-08-24 08:06 - 2016-08-05 23:36 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\das.dll
2016-08-24 08:06 - 2016-08-05 23:35 - 09127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-08-24 08:06 - 2016-08-05 23:35 - 07624192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-08-24 08:06 - 2016-08-05 23:34 - 19418624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-08-24 08:06 - 2016-08-05 23:34 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\smphost.dll
2016-08-24 08:06 - 2016-08-05 23:33 - 23682560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-08-24 08:06 - 2016-08-05 23:33 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smphost.dll
2016-08-24 08:06 - 2016-08-05 23:32 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2016-08-24 08:06 - 2016-08-05 23:31 - 03244032 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2016-08-24 08:06 - 2016-08-05 23:31 - 02710528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2016-08-24 08:06 - 2016-08-05 23:31 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-08-24 08:06 - 2016-08-05 23:31 - 01052672 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2016-08-24 08:06 - 2016-08-05 23:31 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-08-24 08:06 - 2016-08-05 23:31 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2016-08-24 08:06 - 2016-08-05 23:30 - 12345344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-08-24 08:06 - 2016-08-05 23:30 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2016-08-24 08:06 - 2016-08-05 23:30 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2016-08-24 08:06 - 2016-08-05 23:29 - 13433856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-08-24 08:06 - 2016-08-05 23:29 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-08-24 08:06 - 2016-08-05 23:29 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2016-08-24 08:06 - 2016-08-05 23:29 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2016-08-24 08:06 - 2016-08-05 23:29 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2016-08-24 08:06 - 2016-08-05 23:29 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-08-24 08:06 - 2016-08-05 23:28 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2016-08-24 08:06 - 2016-08-05 23:27 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-08-24 08:06 - 2016-08-05 23:27 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2016-08-24 08:06 - 2016-08-05 23:26 - 02422784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAJApi.dll
2016-08-24 08:06 - 2016-08-05 23:25 - 01595904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-08-24 08:06 - 2016-08-05 23:24 - 02314752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-08-24 08:06 - 2016-08-05 23:23 - 01780736 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-08-24 08:06 - 2016-08-05 23:23 - 01508864 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-08-24 08:06 - 2016-08-05 23:23 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-08-24 08:06 - 2016-08-05 23:23 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-08-24 08:06 - 2016-08-05 23:23 - 00520192 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32time.dll
2016-08-24 08:06 - 2016-08-05 23:19 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2016-08-24 08:06 - 2016-08-05 04:29 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.UXRes.dll
2016-08-24 08:06 - 2016-08-05 04:29 - 00019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll
2016-08-24 08:06 - 2016-08-05 04:23 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppc.dll
2016-08-24 08:06 - 2016-08-05 04:20 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2016-08-24 08:06 - 2016-08-05 04:18 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slc.dll
2016-08-24 08:06 - 2016-08-05 04:07 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-08-23 20:37 - 2016-08-23 20:37 - 00276746 _____ C:\TDSSKiller.3.1.0.11_23.08.2016_20.37.25_log.txt
2016-08-23 14:46 - 2016-08-23 14:47 - 00276746 _____ C:\TDSSKiller.3.1.0.11_23.08.2016_14.46.55_log.txt
2016-08-22 20:11 - 2016-08-22 20:11 - 00276746 _____ C:\TDSSKiller.3.1.0.11_22.08.2016_20.11.12_log.txt
2016-08-22 18:19 - 2016-08-22 18:19 - 00045290 _____ C:\Users\GaberFamily\Desktop\^E78451B71187079CCE4C601B9A771556A5384CDCA0E82F1E51^pimgpsh_fullsize_distr.jpg
2016-08-21 19:57 - 2016-08-21 19:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2016-08-21 19:57 - 2016-08-21 19:57 - 00000000 ____D C:\Program Files\Oracle
2016-08-21 19:57 - 2016-08-16 20:18 - 00920168 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxDrv.sys
2016-08-21 19:57 - 2016-08-16 20:18 - 00149256 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxUSBMon.sys
2016-08-21 19:52 - 2016-08-22 08:45 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2016-08-21 19:52 - 2016-08-21 19:52 - 02671136 _____ (Kaspersky Lab) C:\Users\GaberFamily\Downloads\kss16-0-0-1344en_ru_de_fr_es_it_zh-hans_pl_tr_nl_cs_ko_id_pt_ar_vi_hi_zh-hant_fa_10837.exe
2016-08-21 19:39 - 2016-08-21 19:39 - 00002348 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-08-21 19:39 - 2016-08-21 19:39 - 00002336 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-08-21 19:36 - 2016-08-21 19:50 - 00000932 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-08-21 19:36 - 2016-08-21 19:50 - 00000928 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-08-21 19:36 - 2016-08-21 19:45 - 00003990 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-08-21 19:36 - 2016-08-21 19:45 - 00003758 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-08-21 19:36 - 2016-08-21 19:36 - 00987728 _____ (Google Inc.) C:\Users\GaberFamily\Downloads\ChromeSetup.exe
2016-08-21 19:00 - 2016-08-21 19:00 - 00275414 _____ C:\TDSSKiller.3.1.0.11_21.08.2016_19.00.20_log.txt
2016-08-21 13:22 - 2016-08-21 13:22 - 00000000 ____D C:\Users\GaberFamily\AppData\Roaming\.mono
2016-08-21 13:22 - 2016-08-21 13:22 - 00000000 ____D C:\Users\GaberFamily\AppData\LocalLow\Blizzard Entertainment
2016-08-21 13:22 - 2016-08-21 13:22 - 00000000 ____D C:\ProgramData\.mono
2016-08-21 07:41 - 2016-08-23 06:39 - 00000000 ____D C:\Users\GaberFamily\Desktop\BO2 RTM TOOLS
2016-08-20 15:19 - 2016-08-20 15:19 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-08-20 15:19 - 2016-08-11 07:30 - 00138808 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2016-08-20 15:19 - 2016-05-03 22:23 - 00129824 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2016-08-20 15:19 - 2016-05-03 22:22 - 00130848 _____ C:\WINDOWS\system32\vulkan-1.dll
2016-08-20 15:19 - 2016-05-03 22:22 - 00045344 _____ C:\WINDOWS\system32\vulkaninfo.exe
2016-08-20 15:19 - 2016-05-03 22:22 - 00040224 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2016-08-20 15:18 - 2016-08-16 01:45 - 01588688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2016-08-20 15:18 - 2016-08-16 01:45 - 00054728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2016-08-20 15:18 - 2016-08-11 10:33 - 40070200 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-08-20 15:18 - 2016-08-11 10:33 - 35182648 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-08-20 15:18 - 2016-08-11 10:33 - 34837952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-08-20 15:18 - 2016-08-11 10:33 - 28236856 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-08-20 15:18 - 2016-08-11 10:33 - 10728856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-08-20 15:18 - 2016-08-11 10:33 - 10530960 _____ C:\WINDOWS\system32\nvptxJitCompiler.dll
2016-08-20 15:18 - 2016-08-11 10:33 - 10273096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-08-20 15:18 - 2016-08-11 10:33 - 09086344 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-08-20 15:18 - 2016-08-11 10:33 - 08681720 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-08-20 15:18 - 2016-08-11 10:33 - 08644456 _____ C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2016-08-20 15:18 - 2016-08-11 10:33 - 02914752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-08-20 15:18 - 2016-08-11 10:33 - 02553912 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-08-20 15:18 - 2016-08-11 10:33 - 01922616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437254.dll
2016-08-20 15:18 - 2016-08-11 10:33 - 01585088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437254.dll
2016-08-20 15:18 - 2016-08-11 10:33 - 01023544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-08-20 15:18 - 2016-08-11 10:33 - 00961080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-08-20 15:18 - 2016-08-11 10:33 - 00945088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-08-20 15:18 - 2016-08-11 10:33 - 00897592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-08-20 15:18 - 2016-08-11 10:33 - 00803096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2016-08-20 15:18 - 2016-08-11 10:33 - 00802072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2016-08-20 15:18 - 2016-08-11 10:33 - 00694952 _____ C:\WINDOWS\system32\nvfatbinaryLoader.dll
2016-08-20 15:18 - 2016-08-11 10:33 - 00644648 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2016-08-20 15:18 - 2016-08-11 10:33 - 00642904 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2016-08-20 15:18 - 2016-08-11 10:33 - 00612528 _____ C:\WINDOWS\system32\nvmcumd.dll
2016-08-20 15:18 - 2016-08-11 10:33 - 00584712 _____ C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2016-08-20 15:18 - 2016-08-11 10:33 - 00442816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2016-08-20 15:18 - 2016-08-11 10:33 - 00413256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2016-08-20 15:18 - 2016-08-11 10:33 - 00393664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2016-08-20 15:18 - 2016-08-11 10:33 - 00386104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2016-08-20 15:18 - 2016-08-11 10:33 - 00348728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2016-08-20 15:18 - 2016-08-11 10:33 - 00345936 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2016-08-20 15:18 - 2016-08-11 10:33 - 00000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2016-08-20 15:18 - 2016-08-11 10:33 - 00000669 _____ C:\WINDOWS\system32\nv-vk64.json
2016-08-20 11:56 - 2016-08-20 11:56 - 00000000 ____D C:\Users\GaberFamily\AppData\Roaming\BleachBit
2016-08-20 11:43 - 2016-08-20 11:43 - 00278262 _____ C:\TDSSKiller.3.1.0.11_20.08.2016_11.43.26_log.txt
2016-08-20 11:29 - 2016-08-24 11:16 - 00000560 _____ C:\Users\GaberFamily\Desktop\JRT.txt
2016-08-20 11:24 - 2016-08-20 11:24 - 00006994 _____ C:\TDSSKiller.3.1.0.11_20.08.2016_11.24.38_log.txt
2016-08-20 11:01 - 2016-08-20 11:04 - 00822598 _____ C:\TDSSKiller.3.1.0.11_20.08.2016_11.01.58_log.txt
2016-08-20 10:59 - 2016-08-20 10:59 - 00000000 ____D C:\Program Files (x86)\ESET
2016-08-20 10:43 - 2016-08-20 10:59 - 02870984 _____ (ESET) C:\Users\GaberFamily\Desktop\esetsmartinstaller_enu.exe
2016-08-20 10:42 - 2016-08-20 11:28 - 01610560 _____ (Malwarebytes) C:\Users\GaberFamily\Desktop\JRT.exe
2016-08-20 10:38 - 2016-08-24 11:17 - 00000000 ____D C:\AdwCleaner
2016-08-20 10:37 - 2016-08-20 10:37 - 04747704 _____ (AO Kaspersky Lab) C:\Users\GaberFamily\Desktop\tdsskiller.exe
2016-08-20 10:37 - 2016-08-20 10:37 - 00281002 _____ C:\TDSSKiller.3.1.0.11_20.08.2016_10.37.05_log.txt
2016-08-20 10:37 - 2016-08-20 10:37 - 00000000 ____D C:\TDSSKiller_Quarantine
2016-08-20 10:30 - 2016-08-20 10:30 - 00000000 ____D C:\WINDOWS\Panther
2016-08-20 07:53 - 2016-08-24 08:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Black Ops 2 - GSC Studio
2016-08-20 07:53 - 2016-08-20 07:53 - 00000000 ____D C:\Users\GaberFamily\AppData\Local\iMCS_Productions
2016-08-20 07:53 - 2016-08-20 07:53 - 00000000 ____D C:\Program Files (x86)\iMCS Productions
2016-08-20 07:49 - 2016-08-23 14:45 - 00000000 ____D C:\ProgramData\Realtek
2016-08-20 07:46 - 2016-08-21 07:28 - 00000000 ____D C:\Users\GaberFamily\AppData\Roaming\Notepad++
2016-08-20 07:46 - 2016-08-20 07:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2016-08-20 07:46 - 2016-08-20 07:46 - 00000000 ____D C:\Program Files (x86)\Notepad++
2016-08-20 07:26 - 2016-08-20 07:29 - 00000000 ____D C:\Users\GaberFamily\Desktop\New Logo
2016-08-19 09:19 - 2016-08-19 09:19 - 01778060 _____ C:\Users\GaberFamily\Desktop\game.psd
2016-08-19 08:26 - 2016-08-20 07:32 - 00000000 ____D C:\Users\GaberFamily\AppData\Roaming\IrfanView
2016-08-18 07:06 - 2016-08-18 07:06 - 26127872 _____ () C:\Users\GaberFamily\Desktop\Project Desire Recovery Tool (1.27).exe
2016-08-17 22:04 - 2016-08-17 22:04 - 00000036 _____ C:\Users\GaberFamily\Desktop\dabiq.txt
2016-08-17 21:38 - 2016-08-17 21:38 - 00000000 ____D C:\Users\GaberFamily\AppData\Roaming\Gyazo
2016-08-17 21:37 - 2016-08-18 07:18 - 00000000 ____D C:\Program Files (x86)\Gyazo
2016-08-17 21:37 - 2016-08-17 21:37 - 00003556 _____ C:\WINDOWS\System32\Tasks\GyazoUpdateTaskMachineDaily
2016-08-17 21:37 - 2016-08-17 21:37 - 00003420 _____ C:\WINDOWS\System32\Tasks\GyazoUpdateTaskMachine
2016-08-17 21:37 - 2016-08-17 21:37 - 00001055 _____ C:\Users\Public\Desktop\Gyazo.lnk
2016-08-17 21:37 - 2016-08-17 21:37 - 00001055 _____ C:\Users\Public\Desktop\Gyazo GIF.lnk
2016-08-17 21:37 - 2016-08-17 21:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gyazo
2016-08-17 17:42 - 2016-08-24 14:15 - 00000115 _____ C:\Users\GaberFamily\Desktop\ACC.txt
2016-08-17 17:04 - 2016-08-17 17:04 - 00000000 ____D C:\Users\GaberFamily\Desktop\LEXICON
2016-08-17 15:43 - 2016-08-21 08:33 - 00000109 _____ C:\Users\GaberFamily\Desktop\new psn acc.txt
2016-08-17 15:43 - 2016-08-17 15:43 - 00000034 _____ C:\Users\GaberFamily\Documents\new psn acc.txt
2016-08-16 20:18 - 2016-08-16 20:18 - 00195936 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxNetLwf.sys
2016-08-16 20:18 - 2016-08-16 20:18 - 00121248 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxNetAdp6.sys
2016-08-16 14:10 - 2016-08-16 14:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ControlConsole API
2016-08-16 10:38 - 2016-08-19 10:40 - 00000000 ____D C:\Users\GaberFamily\AppData\Local\XxBlud-23xX
2016-08-16 09:13 - 2016-08-16 09:13 - 00001822 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-08-16 09:13 - 2016-08-16 09:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-08-16 09:13 - 2016-08-16 09:13 - 00000000 ____D C:\Program Files\iTunes
2016-08-16 09:13 - 2016-08-16 09:13 - 00000000 ____D C:\Program Files\iPod
2016-08-16 09:13 - 2016-08-16 09:13 - 00000000 ____D C:\Program Files (x86)\iTunes
2016-08-15 18:30 - 2016-08-20 10:06 - 00000000 ____D C:\Windows.old
2016-08-15 18:30 - 2016-08-15 18:30 - 08124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-08-15 18:30 - 2016-08-15 18:30 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2016-08-15 18:30 - 2016-08-15 18:30 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2016-08-15 18:30 - 2016-08-15 18:30 - 06044672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-08-15 18:30 - 2016-08-15 18:30 - 05511168 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2016-08-15 18:30 - 2016-08-15 18:30 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2016-08-15 18:30 - 2016-08-15 18:30 - 03617280 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-08-15 18:30 - 2016-08-15 18:30 - 02999296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-08-15 18:30 - 2016-08-15 18:30 - 02190688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-08-15 18:30 - 2016-08-15 18:30 - 01708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2016-08-15 18:30 - 2016-08-15 18:30 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-08-15 18:30 - 2016-08-15 18:30 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-08-15 18:30 - 2016-08-15 18:30 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-08-15 18:30 - 2016-08-15 18:30 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-08-15 18:30 - 2016-08-15 18:30 - 01418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-08-15 18:30 - 2016-08-15 18:30 - 01265424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-08-15 18:30 - 2016-08-15 18:30 - 01081856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-08-15 18:30 - 2016-08-15 18:30 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-08-15 18:30 - 2016-08-15 18:30 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-08-15 18:30 - 2016-08-15 18:30 - 00770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-08-15 18:30 - 2016-08-15 18:30 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-08-15 18:30 - 2016-08-15 18:30 - 00658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-08-15 18:30 - 2016-08-15 18:30 - 00509952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2016-08-15 18:30 - 2016-08-15 18:30 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2016-08-15 18:30 - 2016-08-15 18:30 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-08-15 18:30 - 2016-08-15 18:30 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-08-15 18:30 - 2016-08-15 18:30 - 00389000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2016-08-15 18:30 - 2016-08-15 18:30 - 00297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
2016-08-15 18:30 - 2016-08-15 18:30 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2016-08-15 18:30 - 2016-08-15 18:30 - 00241496 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2016-08-15 18:30 - 2016-08-15 18:30 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2016-08-15 18:30 - 2016-08-15 18:30 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-08-15 18:30 - 2016-08-15 18:30 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-08-15 18:30 - 2016-08-15 18:30 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2016-08-15 18:30 - 2016-08-15 18:30 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2016-08-15 18:30 - 2016-08-15 18:30 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2016-08-15 18:30 - 2016-08-15 18:30 - 00114192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2016-08-15 18:30 - 2016-08-15 18:30 - 00079536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2016-08-15 18:30 - 2016-08-15 18:30 - 00062816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2016-08-15 18:30 - 2016-08-15 18:30 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-08-15 18:30 - 2016-08-15 18:30 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-08-15 18:30 - 2016-08-15 18:30 - 00000000 ____D C:\Program Files\CMAK
2016-08-15 18:30 - 2016-08-15 18:30 - 00000000 ____D C:\Program Files (x86)\CMAK
2016-08-15 18:29 - 2016-08-15 18:29 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2016-08-15 18:28 - 2016-08-15 18:28 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-08-15 18:28 - 2016-08-15 18:28 - 00000000 ____D C:\Program Files\MSBuild
2016-08-15 18:28 - 2016-08-15 18:28 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-08-15 18:28 - 2016-08-15 18:28 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-08-15 18:28 - 2016-05-25 18:31 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-08-15 18:28 - 2016-05-25 18:31 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-08-15 18:28 - 2016-05-25 18:31 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2016-08-15 18:28 - 2016-05-25 15:03 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2016-08-15 18:28 - 2016-05-25 15:03 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-08-15 18:28 - 2016-05-25 15:03 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2016-08-15 14:41 - 2016-08-15 14:41 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-08-15 14:39 - 2016-08-16 10:38 - 00000000 ____D C:\Users\GaberFamily\AppData\Local\ConnectedDevicesPlatform
2016-08-15 14:39 - 2016-08-15 14:39 - 00000020 ___SH C:\Users\GaberFamily\ntuser.ini
2016-08-15 14:38 - 2016-08-15 14:38 - 00000000 _SHDL C:\Users\Default\My Documents
2016-08-15 14:38 - 2016-08-15 14:38 - 00000000 _SHDL C:\Users\Default\Documents\My Videos
2016-08-15 14:38 - 2016-08-15 14:38 - 00000000 _SHDL C:\Users\Default\Documents\My Pictures
2016-08-15 14:38 - 2016-08-15 14:38 - 00000000 _SHDL C:\Users\Default\Documents\My Music
2016-08-15 14:38 - 2016-08-15 14:38 - 00000000 _SHDL C:\Users\Default User\Documents\My Videos
2016-08-15 14:38 - 2016-08-15 14:38 - 00000000 _SHDL C:\Users\Default User\Documents\My Pictures
2016-08-15 14:38 - 2016-08-15 14:38 - 00000000 _SHDL C:\Users\Default User\Documents\My Music
2016-08-15 14:38 - 2016-08-15 14:38 - 00000000 ____D C:\ProgramData\USOShared
2016-08-15 14:37 - 2016-08-26 16:35 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-08-15 14:37 - 2016-08-15 14:37 - 00007623 _____ C:\WINDOWS\diagwrn.xml
2016-08-15 14:37 - 2016-08-15 14:37 - 00007623 _____ C:\WINDOWS\diagerr.xml
2016-08-15 14:37 - 2016-08-15 14:37 - 00003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-08-15 14:37 - 2016-08-15 14:37 - 00002880 _____ C:\WINDOWS\System32\Tasks\Red Giant Link
2016-08-15 14:37 - 2016-08-15 14:37 - 00002496 _____ C:\WINDOWS\System32\Tasks\Private Internet Access Startup
2016-08-15 14:37 - 2016-08-15 14:37 - 00002478 _____ C:\WINDOWS\System32\Tasks\RunAsStdUser Task
2016-08-15 14:37 - 2016-08-15 14:37 - 00000000 ____D C:\WINDOWS\System32\Tasks\Apple
2016-08-15 14:36 - 2016-08-15 14:36 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-08-15 14:36 - 2016-08-15 14:36 - 00000000 ____D C:\Users\Default\AppData\Roaming\TuneUp Software
2016-08-15 14:36 - 2016-08-15 14:36 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2016-08-15 14:36 - 2016-08-15 14:36 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2016-08-15 14:36 - 2016-08-15 14:36 - 00000000 ____D C:\Users\Default User\AppData\Roaming\TuneUp Software
2016-08-15 14:36 - 2016-08-15 14:36 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2016-08-15 14:36 - 2016-08-15 14:36 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2016-08-15 14:34 - 2016-07-16 07:41 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2016-08-15 14:33 - 2016-08-25 22:06 - 00000000 ____D C:\Users\GaberFamily
2016-08-15 14:33 - 2016-08-15 14:36 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2016-08-15 14:33 - 2016-08-15 14:33 - 00000000 _SHDL C:\Users\GaberFamily\My Documents
2016-08-15 14:33 - 2016-08-15 14:33 - 00000000 _SHDL C:\Users\GaberFamily\Documents\My Videos
2016-08-15 14:33 - 2016-08-15 14:33 - 00000000 _SHDL C:\Users\GaberFamily\Documents\My Pictures
2016-08-15 14:33 - 2016-08-15 14:33 - 00000000 _SHDL C:\Users\GaberFamily\Documents\My Music
2016-08-15 14:32 - 2016-08-26 16:35 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-08-15 14:32 - 2016-08-26 16:35 - 00000000 ____D C:\ProgramData\NVIDIA
2016-08-15 14:32 - 2016-08-25 19:52 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-08-15 14:32 - 2016-08-20 15:19 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-08-15 14:32 - 2016-08-17 15:28 - 05051856 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-08-15 14:32 - 2016-08-15 14:34 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-08-15 14:32 - 2016-08-15 14:34 - 00000000 ____D C:\Program Files\Intel
2016-08-15 14:32 - 2016-08-15 14:34 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-08-15 14:32 - 2016-08-15 14:32 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2016-08-15 14:32 - 2016-08-15 14:32 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2016-08-15 14:32 - 2016-08-15 14:32 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2016-08-15 14:32 - 2016-08-15 14:32 - 00000000 ____D C:\Program Files\Realtek
2016-08-15 14:32 - 2016-08-15 14:32 - 00000000 _____ C:\WINDOWS\system32\GfxValDisplayLog.bin
2016-08-15 14:32 - 2016-08-11 08:27 - 06386048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-08-15 14:32 - 2016-08-11 08:27 - 02468288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-08-15 14:32 - 2016-08-11 08:27 - 01762752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-08-15 14:32 - 2016-08-11 08:27 - 01365048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2016-08-15 14:32 - 2016-08-11 08:27 - 00548920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-08-15 14:32 - 2016-08-11 08:27 - 00392128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-08-15 14:32 - 2016-08-11 08:27 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-08-15 14:32 - 2016-08-11 08:27 - 00069568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-08-15 14:32 - 2016-08-09 12:06 - 07255045 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-08-15 14:32 - 2016-05-27 15:50 - 00100488 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2016-08-15 14:13 - 2016-08-15 14:39 - 00000000 ___HD C:\$GetCurrent
2016-08-15 14:13 - 2016-08-15 14:39 - 00000000 ____D C:\Windows10Upgrade
2016-08-15 14:13 - 2016-08-15 14:15 - 00000036 _____ C:\WINDOWS\progress.ini
2016-08-15 14:13 - 2016-08-15 14:14 - 00000731 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 10 Upgrade Assistant.lnk
2016-08-15 14:06 - 2016-08-15 14:06 - 00000000 ___HD C:\$SysReset
2016-08-15 07:52 - 2016-08-15 07:52 - 14218072 _____ C:\Users\GaberFamily\Desktop\EBOOT.BIN
2016-08-13 22:53 - 2016-08-13 22:53 - 00012448 _____ C:\Users\GaberFamily\Downloads\gameboot.rar
2016-08-12 23:01 - 2016-08-15 18:11 - 00000000 ____D C:\Users\GaberFamily\Desktop\BO2 EBOOT
2016-08-10 02:02 - 2016-08-24 08:58 - 00000000 ____D C:\Users\GaberFamily\Desktop\ADD THESE
2016-08-10 01:34 - 2016-08-24 09:32 - 00000000 ____D C:\Users\GaberFamily\Desktop\Terminus Release
2016-08-10 00:32 - 2016-07-23 00:19 - 00000000 ____D C:\Users\GaberFamily\Desktop\Dumble's 4.0
2016-08-09 00:30 - 2016-08-15 18:11 - 00000000 ____D C:\Users\GaberFamily\Documents\Black Ops 2 - GSC Studio
2016-08-04 15:49 - 2016-08-05 00:20 - 06647784 _____ (Tim Kosse) C:\Users\GaberFamily\Downloads\FileZilla_3.20.1_win64-setup.exe
2016-08-04 03:31 - 2016-08-04 03:31 - 05791104 _____ (Microsoft Corporation) C:\Users\GaberFamily\Downloads\Windows10Upgrade28084.exe
2016-08-04 03:03 - 2016-08-24 11:51 - 00000000 ____D C:\Program Files (x86)\Steam
2016-08-04 03:03 - 2016-08-15 14:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2016-08-04 03:03 - 2016-08-04 03:03 - 00001036 _____ C:\Users\Public\Desktop\Steam.lnk
2016-08-04 02:15 - 2016-08-04 02:15 - 00000000 _____ C:\Users\GaberFamily\Desktop\LIT.txt
2016-08-03 00:43 - 2016-08-15 14:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell
2016-08-03 00:43 - 2016-08-03 00:43 - 00000000 ____D C:\Program Files\Classic Shell
2016-08-03 00:42 - 2016-08-03 00:42 - 07220496 _____ (IvoSoft) C:\Users\GaberFamily\Downloads\ClassicShellSetup_4_3_0.exe
2016-08-01 17:10 - 2016-08-24 08:40 - 00000000 ____D C:\Program Files (x86)\GenArts
2016-08-01 03:14 - 2016-06-12 15:05 - 37496126 _____ C:\Users\GaberFamily\Desktop\SouthSideModder MW3 Aftermath SPRX Mod Menu.rar
2016-07-30 23:21 - 2016-07-30 23:21 - 00021656 _____ (Echobit, LLC) C:\WINDOWS\system32\Drivers\evolve.sys
2016-07-30 23:21 - 2016-07-30 23:21 - 00000000 ____D C:\Users\GaberFamily\AppData\Local\Echobit
2016-07-30 23:21 - 2016-07-30 23:21 - 00000000 ____D C:\ProgramData\Echobit
2016-07-30 23:21 - 2016-07-30 23:21 - 00000000 ____D C:\Program Files\Echobit
2016-07-30 09:05 - 2016-07-30 09:05 - 00289240 _____ (IvoSoft) C:\WINDOWS\system32\StartMenuHelper64.dll
2016-07-30 09:05 - 2016-07-30 09:05 - 00247768 _____ (IvoSoft) C:\WINDOWS\SysWOW64\StartMenuHelper32.dll
2016-07-28 00:28 - 2016-07-28 00:28 - 00000000 ____D C:\Users\GaberFamily\AppData\Roaming\Sony Creative Software Inc
2016-07-27 20:27 - 2016-08-20 12:24 - 00000000 ____D C:\Users\GaberFamily\AppData\Local\Razer
2016-07-27 20:27 - 2016-08-20 12:24 - 00000000 ____D C:\ProgramData\Razer
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-08-26 16:35 - 2015-08-08 19:05 - 00000000 ____D C:\ProgramData\MFAData
2016-08-26 16:35 - 2015-08-01 02:38 - 00000000 __SHD C:\Users\GaberFamily\IntelGraphicsProfiles
2016-08-26 16:34 - 2016-07-16 02:04 - 00262144 _____ C:\WINDOWS\system32\config\BBI
2016-08-26 16:32 - 2015-08-01 02:45 - 00000000 ____D C:\Users\GaberFamily\AppData\Local\ClassicShell
2016-08-25 23:09 - 2015-08-01 02:33 - 01457366 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-08-25 22:06 - 2015-08-01 02:39 - 00000000 ____D C:\Users\GaberFamily\AppData\Roaming\Skype
2016-08-25 21:59 - 2016-02-20 04:27 - 00000000 ____D C:\Users\GaberFamily\AppData\Local\Ubisoft Game Launcher
2016-08-25 21:58 - 2015-08-13 16:55 - 00000000 ____D C:\Users\GaberFamily\AppData\Roaming\FileZilla
2016-08-25 21:57 - 2016-07-16 07:45 - 00000000 ____D C:\WINDOWS\INF
2016-08-25 21:56 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-08-25 21:56 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-08-25 21:54 - 2015-10-24 00:27 - 00000000 ____D C:\Program Files\Common Files\Adobe
2016-08-25 21:54 - 2015-10-24 00:27 - 00000000 ____D C:\Program Files\Adobe
2016-08-25 21:37 - 2015-08-01 02:29 - 00000000 ____D C:\Users\GaberFamily\AppData\Local\Adobe
2016-08-25 21:23 - 2015-11-23 20:51 - 00000000 ____D C:\Users\GaberFamily\.VirtualBox
2016-08-25 20:08 - 2015-11-15 14:56 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-08-25 17:43 - 2016-05-29 15:04 - 00000000 ____D C:\Users\GaberFamily\AppData\Roaming\deluge
2016-08-25 17:42 - 2015-12-06 19:33 - 00000000 ____D C:\Users\GaberFamily\VirtualBox VMs
2016-08-25 16:53 - 2015-08-01 14:10 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-08-25 16:42 - 2016-07-16 07:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-08-25 16:42 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-08-25 16:40 - 2015-08-01 02:29 - 00000000 ____D C:\ProgramData\Adobe
2016-08-25 16:40 - 2015-08-01 02:29 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-08-24 20:00 - 2015-08-01 14:17 - 00000000 ____D C:\Users\GaberFamily\AppData\Local\Battle.net
2016-08-24 19:26 - 2015-08-01 05:24 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-08-24 14:16 - 2016-07-16 07:47 - 00000000 ___SD C:\WINDOWS\system32\dsc
2016-08-24 14:16 - 2016-07-16 07:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-08-24 14:16 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-08-24 14:16 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-08-24 14:15 - 2016-07-16 07:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-08-24 10:51 - 2015-08-07 01:06 - 00000000 ____D C:\Users\GaberFamily\AppData\Local\CrashDumps
2016-08-24 10:44 - 2015-08-08 14:34 - 00000000 ____D C:\ProgramData\Package Cache
2016-08-24 10:42 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\PLA
2016-08-24 10:18 - 2015-08-01 14:54 - 00000000 ____D C:\Users\GaberFamily\AppData\Local\ElevatedDiagnostics
2016-08-24 09:40 - 2015-08-01 05:24 - 00000000 ____D C:\Users\GaberFamily\AppData\Roaming\Adobe
2016-08-24 09:39 - 2015-10-24 00:27 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2016-08-24 09:05 - 2016-06-27 16:19 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2016-08-24 08:47 - 2016-07-16 02:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2016-08-24 08:46 - 2015-08-08 19:03 - 00000000 ____D C:\Users\GaberFamily\AppData\Local\Avg
2016-08-24 08:45 - 2016-07-16 07:47 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-08-24 08:45 - 2015-08-08 19:04 - 00000000 ____D C:\Program Files (x86)\AVG
2016-08-24 08:45 - 2015-08-08 19:03 - 00000000 ____D C:\Users\GaberFamily\AppData\Local\AvgSetupLog
2016-08-24 08:41 - 2015-08-01 02:26 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-08-24 08:40 - 2016-07-24 15:42 - 00000000 ____D C:\ProgramData\Red Giant
2016-08-24 08:38 - 2016-07-23 18:52 - 00000000 ____D C:\Users\GaberFamily\AppData\Roaming\MAXON
2016-08-24 08:20 - 2015-08-11 13:54 - 147640136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-08-24 07:54 - 2016-07-16 07:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-08-23 20:31 - 2016-04-10 14:47 - 00000000 ____D C:\Users\GaberFamily\Desktop\UPDATE 2.1 Black Ops 1 Ultimate RTM Tool ( CCAPI 2.5 )
2016-08-23 20:31 - 2016-04-10 13:53 - 00000000 ____D C:\Users\GaberFamily\Desktop\MW3 1.24 Fast Hack Tool By RoBzMoDz-
2016-08-23 20:31 - 2015-11-02 01:10 - 00000000 ____D C:\Users\GaberFamily\Desktop\BO1 By TrickyModz V2 RTM Tool
2016-08-23 14:45 - 2016-06-16 14:47 - 00000000 ____D C:\Users\GaberFamily\AppData\Roaming\obs-studio
2016-08-23 14:14 - 2015-08-01 03:02 - 00000000 ____D C:\Users\GaberFamily\AppData\Roaming\WinRAR
2016-08-23 07:00 - 2016-02-03 23:59 - 00000252 _____ C:\Users\GaberFamily\Desktop\school pw.txt
2016-08-22 08:45 - 2015-10-30 02:28 - 00000000 ____D C:\Users\Default.migrated
2016-08-22 08:45 - 2015-08-08 23:45 - 00000000 ____D C:\Users\TEMP
2016-08-21 19:36 - 2015-08-01 02:29 - 00000000 ____D C:\Program Files (x86)\Google
2016-08-20 15:19 - 2016-07-15 14:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-08-20 12:33 - 2015-08-06 17:37 - 00000000 ____D C:\Users\GaberFamily\AppData\Roaming\vlc
2016-08-20 11:57 - 2016-03-28 16:38 - 00000000 ____D C:\Users\GaberFamily\Documents\The Witcher 3
2016-08-20 11:57 - 2015-08-01 13:50 - 00000000 ____D C:\Users\GaberFamily\AppData\Roaming\qBittorrent
2016-08-20 11:28 - 2016-02-26 19:09 - 00000000 ____D C:\Users\GaberFamily\AppData\Roaming\IObit
2016-08-20 11:28 - 2016-02-26 19:09 - 00000000 ____D C:\ProgramData\IObit
2016-08-20 10:30 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\Vss
2016-08-20 09:15 - 2016-02-05 22:40 - 00000132 _____ C:\Users\GaberFamily\AppData\Roaming\Adobe PNG Format CS6 Prefs
2016-08-20 07:36 - 2016-07-23 23:54 - 00000000 ____D C:\Users\GaberFamily\Desktop\MyLogoWork
2016-08-19 14:14 - 2016-01-20 17:31 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-08-19 14:14 - 2015-08-01 02:30 - 00000000 ____D C:\ProgramData\Skype
2016-08-18 08:22 - 2015-10-06 20:12 - 14218072 _____ C:\Users\GaberFamily\Desktop\t6mp_ps3f.self
2016-08-16 14:10 - 2015-08-13 17:05 - 00000000 ____D C:\Program Files (x86)\ControlConsoleAPI
2016-08-16 10:28 - 2015-08-01 05:24 - 00000000 ____D C:\Users\GaberFamily\AppData\Local\Packages
2016-08-16 09:13 - 2015-08-01 02:30 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-08-16 09:12 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\appcompat
2016-08-16 01:45 - 2016-06-14 23:45 - 00223304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2016-08-15 18:31 - 2016-07-16 07:49 - 00000000 ____D C:\WINDOWS\Setup
2016-08-15 18:31 - 2016-07-16 07:47 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-08-15 18:30 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2016-08-15 18:30 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2016-08-15 18:30 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\system32\et-EE
2016-08-15 18:30 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\system32\es-MX
2016-08-15 18:30 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\system32\en-GB
2016-08-15 18:28 - 2016-07-16 07:43 - 00471040 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2016-08-15 18:28 - 2016-07-16 07:43 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2016-08-15 18:28 - 2016-07-16 07:43 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2016-08-15 18:28 - 2016-07-16 07:43 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2016-08-15 18:28 - 2016-07-16 07:43 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2016-08-15 18:28 - 2016-07-16 07:43 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2016-08-15 18:28 - 2016-07-16 07:43 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2016-08-15 18:28 - 2016-07-16 07:43 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2016-08-15 18:28 - 2016-07-16 07:43 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2016-08-15 18:28 - 2016-07-16 07:43 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2016-08-15 18:28 - 2016-07-16 07:43 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2016-08-15 18:28 - 2016-07-16 07:43 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2016-08-15 18:28 - 2016-07-16 07:43 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2016-08-15 18:28 - 2016-07-16 07:43 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2016-08-15 18:28 - 2016-07-16 07:43 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2016-08-15 18:28 - 2016-07-16 07:43 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll
2016-08-15 18:28 - 2016-07-16 07:43 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll
2016-08-15 18:28 - 2016-07-16 07:43 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll
2016-08-15 18:10 - 2015-08-01 05:24 - 00000000 ____D C:\Users\GaberFamily\AppData\Local\TileDataLayer
2016-08-15 14:41 - 2015-08-01 05:25 - 00002385 _____ C:\Users\GaberFamily\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-08-15 14:41 - 2015-08-01 05:25 - 00000000 ___RD C:\Users\GaberFamily\OneDrive
2016-08-15 14:39 - 2015-12-24 23:35 - 00000400 __RSH C:\ProgramData\ntuser.pol
2016-08-15 14:38 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\rescache
2016-08-15 14:38 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\Registration
2016-08-15 14:38 - 2016-07-16 07:47 - 00000000 ____D C:\ProgramData\USOPrivate
2016-08-15 14:37 - 2016-07-16 07:47 - 00000000 __RSD C:\WINDOWS\Media
2016-08-15 14:37 - 2016-07-16 07:47 - 00000000 __RHD C:\Users\Public\Libraries
2016-08-15 14:37 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-08-15 14:37 - 2015-12-09 21:57 - 00022840 _____ C:\WINDOWS\system32\emptyregdb.dat
2016-08-15 14:37 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2016-08-15 14:36 - 2016-07-23 22:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2016-08-15 14:36 - 2016-07-16 07:47 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files
2016-08-15 14:36 - 2016-06-16 13:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hauppauge
2016-08-15 14:36 - 2016-06-06 21:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
2016-08-15 14:36 - 2016-06-06 21:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XLink Kai
2016-08-15 14:36 - 2016-05-29 15:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deluge
2016-08-15 14:36 - 2016-05-15 20:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 4
2016-08-15 14:36 - 2016-03-30 14:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Corsair Utility Engine
2016-08-15 14:36 - 2016-03-29 21:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
2016-08-15 14:36 - 2016-02-23 00:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio
2016-08-15 14:36 - 2015-12-18 22:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2016-08-15 14:36 - 2015-11-17 16:58 - 00000000 ____D C:\Users\GaberFamily\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Private Internet Access
2016-08-15 14:36 - 2015-11-02 01:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016 Tools
2016-08-15 14:36 - 2015-10-30 05:07 - 00000000 ____D C:\WINDOWS\ShellNew
2016-08-15 14:36 - 2015-10-11 13:04 - 00000000 ____D C:\Users\GaberFamily\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Link Shell Extension
2016-08-15 14:36 - 2015-10-01 22:36 - 00000000 ____D C:\Users\GaberFamily\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Control Center
2016-08-15 14:36 - 2015-09-15 11:10 - 00000000 ____D C:\Users\GaberFamily\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OBS Multiplatform
2016-08-15 14:36 - 2015-09-13 10:10 - 00000000 ____D C:\Users\GaberFamily\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server
2016-08-15 14:36 - 2015-09-13 10:10 - 00000000 ____D C:\Users\GaberFamily\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2016-08-15 14:36 - 2015-09-04 18:46 - 00000000 ____D C:\WINDOWS\en
2016-08-15 14:36 - 2015-08-01 14:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2016-08-15 14:36 - 2015-08-01 03:07 - 00000000 ____D C:\WINDOWS\system32\STRING
2016-08-15 14:36 - 2015-08-01 02:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-08-15 14:36 - 2015-08-01 02:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-08-15 14:36 - 2015-08-01 02:29 - 00000000 ____D C:\Users\GaberFamily\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-08-15 14:36 - 2015-08-01 02:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-08-15 14:36 - 2015-08-01 02:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2016-08-15 14:34 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2016-08-15 14:34 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\system32\spool
2016-08-15 14:34 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-08-15 14:34 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-08-15 14:34 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-08-15 14:34 - 2016-07-16 07:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-08-15 14:34 - 2016-06-18 12:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2016-08-15 14:34 - 2016-05-07 10:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2016-08-15 14:34 - 2016-03-10 22:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vulkan 1.0.3.0
2016-08-15 14:34 - 2016-01-20 17:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-08-15 14:34 - 2015-09-26 22:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SCE
2016-08-15 14:34 - 2015-08-23 00:43 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2016-08-15 14:34 - 2015-08-08 19:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen
2016-08-15 14:34 - 2015-08-01 13:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MumboJumbo Games
2016-08-15 14:34 - 2015-08-01 05:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Killer Networking
2016-08-15 14:34 - 2015-08-01 03:07 - 00000000 ___HD C:\WINDOWS\system32\CanonIJ Uninstaller Information
2016-08-15 14:34 - 2015-08-01 03:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2016-08-15 14:34 - 2015-08-01 03:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MX430 series
2016-08-15 14:34 - 2015-08-01 02:29 - 00000000 ____D C:\WINDOWS\SysWOW64\Adobe
2016-08-15 14:33 - 2016-07-16 07:47 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-08-15 14:33 - 2016-07-16 07:47 - 00000000 ___RD C:\WINDOWS\MiracastView
2016-08-15 14:33 - 2016-07-16 02:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-08-15 14:33 - 2016-02-20 02:54 - 00000000 ____D C:\Users\GaberFamily\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc
2016-08-15 14:33 - 2015-07-10 07:04 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2016-08-15 14:32 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\Help
2016-08-14 01:25 - 2015-09-08 11:57 - 00000000 ____D C:\ProgramData\Origin
2016-08-13 23:44 - 2015-10-11 12:18 - 00226168 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe
2016-08-13 23:44 - 2015-10-11 12:18 - 00214392 _____ C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2016-08-13 20:26 - 2016-06-20 20:00 - 00000000 ____D C:\Users\GaberFamily\AppData\Roaming\Audacity
2016-08-13 00:29 - 2015-09-04 18:46 - 00000000 ____D C:\Users\GaberFamily\AppData\Local\Windows Live
2016-08-11 21:32 - 2015-10-24 00:28 - 00000034 _____ C:\Users\GaberFamily\AppData\Roaming\AdobeWLCMCache.dat
2016-08-11 10:33 - 2016-07-15 14:56 - 03901520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2016-08-11 10:33 - 2016-07-15 14:56 - 03443152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-08-11 10:33 - 2016-07-15 14:56 - 00040827 _____ C:\WINDOWS\system32\nvinfo.pb
2016-08-11 04:54 - 2016-06-27 16:36 - 00000000 ____D C:\temp
2016-08-10 11:10 - 2016-02-23 00:11 - 00001279 _____ C:\Users\Public\Desktop\OBS Studio.lnk
2016-08-09 18:36 - 2016-02-20 02:54 - 00000000 ____D C:\Users\GaberFamily\AppData\Local\Discord
2016-08-09 18:35 - 2016-02-20 02:54 - 00002267 _____ C:\Users\GaberFamily\Desktop\Discord.lnk
2016-08-09 18:35 - 2016-02-20 02:54 - 00000000 ____D C:\Users\GaberFamily\AppData\Roaming\discord
2016-08-06 23:07 - 2015-12-13 23:37 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-08-05 00:20 - 2015-08-01 02:29 - 00000000 ____D C:\Program Files\FileZilla FTP Client
2016-08-04 03:25 - 2015-08-08 19:04 - 00000000 ____D C:\ProgramData\Avg
2016-08-04 01:55 - 2015-08-08 19:04 - 00000943 _____ C:\Users\Public\Desktop\AVG.lnk
2016-08-03 00:44 - 2015-08-01 02:30 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-08-01 17:33 - 2016-07-14 17:06 - 00000000 ____D C:\Users\GaberFamily\Documents\Adobe
2016-08-01 17:10 - 2016-07-23 23:38 - 00000300 _____ C:\WINDOWS\MSUTIL.INI
2016-07-27 15:25 - 2015-08-01 13:32 - 00504488 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
 
==================== Files in the root of some directories =======
 
2016-02-05 22:40 - 2016-08-20 09:15 - 0000132 _____ () C:\Users\GaberFamily\AppData\Roaming\Adobe PNG Format CS6 Prefs
2015-10-24 00:28 - 2016-08-11 21:32 - 0000034 _____ () C:\Users\GaberFamily\AppData\Roaming\AdobeWLCMCache.dat
2015-11-21 15:26 - 2015-11-21 15:26 - 0000099 _____ () C:\Users\GaberFamily\AppData\Roaming\LauncherSettings_live.cfg
2016-02-13 23:22 - 2016-02-13 23:22 - 229845735 _____ () C:\Users\GaberFamily\AppData\Local\ACCCx3_4_3_189.zip.aamdownload
2016-02-13 23:22 - 2016-02-13 23:22 - 0002657 _____ () C:\Users\GaberFamily\AppData\Local\ACCCx3_4_3_189.zip.aamdownload.aamd
2016-04-03 15:33 - 2016-04-03 15:33 - 238722213 _____ () C:\Users\GaberFamily\AppData\Local\ACCCx3_5_1_209.zip.aamdownload
2016-04-03 15:33 - 2016-04-03 15:33 - 0002741 _____ () C:\Users\GaberFamily\AppData\Local\ACCCx3_5_1_209.zip.aamdownload.aamd
2015-08-01 05:26 - 2015-08-01 05:26 - 0000000 _____ () C:\Users\GaberFamily\AppData\Local\Driver_LOM_8161Present.flag
2016-08-25 22:06 - 2016-08-25 22:06 - 0000218 _____ () C:\Users\GaberFamily\AppData\Local\recently-used.xbel
2015-08-01 03:14 - 2015-08-01 03:14 - 0007604 _____ () C:\Users\GaberFamily\AppData\Local\Resmon.ResmonCfg
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2016-08-25 19:52
 
==================== End of FRST.txt ============================


#6 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:04:50 PM

Posted 27 August 2016 - 06:38 AM

Hi,

Step 1

Don't remove on your own anything that HitmanPro detects!
This scanner, as it is a really good for checking, has been known for deleting files instead of curing them, which in some cases may render the machine unbootable.
Any removals will be done manually after careful analysis of the scan results!


Please download hitmanpro_32.pngHitmanPro 32-bit / HitmanPro 64-bit by SurfRight and save it to your desktop.
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.

  • Right-click onhitmanpro.pngicon and select admin.PNGRun as Administrator to start the tool.
  • If the program won't run please run it while holding down the left CTRL key until it's loaded!
  • Click on the Next button (1). You must agree with the terms of EULA (2 - if asked).
  • Check the box beside "No, I only want to perform a one-time scan to check this computer" and click on the Next button. (3)
  • The program will start to scan the computer. It would only take several minutes.
  • When the scan is done click on Save Log (4) and close HitmanPro! (5)
  • Copy and paste the content of the log file in your next reply.

hitman.gif

Step 2

Scan with esetlogo.pngOnline Scanner.

  • Start the ESET Online Scanner App eset_online_scanner.png with administartor privileges.
  • Select the option Yes, I accept the Terms of Use and click on Start.
  • Choose the following settings:

settings.png

  • Click on Start. The virus signature database will begin to download. This may take some time.
  • When completed the Online Scan will begin automatically.
    Note: This scan might take a long time! Please be patient.
  • When completed, click on Finish.
  • A log filelog.pngis created at logpath.png
    Copy and paste the content of this log file in your next reply.

esetlog.png

Note: Do not forget to re-enable your antivirus application after running the above scan!
eset.gif


Edited by deeprybka, 27 August 2016 - 06:41 AM.

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#7 jayok321

jayok321
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:10:50 AM

Posted 27 August 2016 - 08:52 AM

HitmanPro 3.7.14.265
www.hitmanpro.com
 
   Computer name . . . . : GABER-FAMILY
   Windows . . . . . . . : 10.0.0.14393.X64/4
   User name . . . . . . : GABER-FAMILY\GaberFamily
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Free
 
   Scan date . . . . . . : 2016-08-27 07:41:17
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 1m 19s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No
 
   Threats . . . . . . . : 0
   Traces  . . . . . . . : 7
 
   Objects scanned . . . : 1,967,923
   Files scanned . . . . : 50,995
   Remnants scanned  . . : 356,064 files / 1,560,864 keys
 
Suspicious files ____________________________________________________________
 
   C:\Users\GaberFamily\AppData\Local\PunkBuster\BF4\pb\PnkBstrK.sys
      Size . . . . . . . : 138,648 bytes
      Age  . . . . . . . : 103.4 days (2016-05-15 21:16:14)
      Entropy  . . . . . : 7.7
      SHA-256  . . . . . : DE86A451D282866613EE18CF668C2E962ABCB09FA51F7FF0C98405418A19EA81
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : 22.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.
         The file is a device driver. Device drivers run as trusted (highly privileged) code.
         Program is code signed with a valid Authenticode certificate.
 
   C:\Users\GaberFamily\AppData\Local\PunkBuster\COD4\pb\pbcl.dll
      Size . . . . . . . : 967,165 bytes
      Age  . . . . . . . : 210.1 days (2016-01-30 04:05:41)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : B1B32990F47ED2E39EB18AEA0839D9521B87E9ED18C0BCA8E2C6873FBA9D6494
      Fuzzy  . . . . . . : 29.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.
 
   C:\Users\GaberFamily\AppData\Local\PunkBuster\WAW\pb\pbcl.dll
      Size . . . . . . . : 733,004 bytes
      Age  . . . . . . . : 86.6 days (2016-06-01 17:53:49)
      Entropy  . . . . . : 7.5
      SHA-256  . . . . . : 8715126E77E8E6F98B4487C11B4656ADAC59145A86D56A0370F2FAE86E40FDC7
      Fuzzy  . . . . . . : 25.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.
 
   C:\Users\GaberFamily\Desktop\FRST64.exe
      Size . . . . . . . : 2,396,160 bytes
      Age  . . . . . . . : 1.6 days (2016-08-25 16:39:20)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 00FD54D2E366B2B2D2DB896529515EF75E2ED62BCB1BEE88AF63D45DF7DD5FF0
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.
 
 
Potential Unwanted Programs _________________________________________________
 
   HKLM\SOFTWARE\WOW6432Node\Auslogics\Google Analytics Package\ (TweakBit)
   HKU\.DEFAULT\Software\iWinArcade\ (iWinToolbar)
   HKU\S-1-5-18\Software\iWinArcade\ (iWinToolbar)
 
 

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=7649feb6db4d7c4e88ae7add4c4a3538
# end=init
# utc_time=2016-08-20 02:59:55
# local_time=2016-08-20 10:59:55 (-0500, Eastern Daylight Time)
# country="United States"
# osver=6.2.9200 NT 
Update Init
Update Download
Update Finalize
Updated modules version: 30488
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=7649feb6db4d7c4e88ae7add4c4a3538
# end=updated
# utc_time=2016-08-20 03:03:21
# local_time=2016-08-20 11:03:21 (-0500, Eastern Daylight Time)
# country="United States"
# osver=6.2.9200 NT 
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=7649feb6db4d7c4e88ae7add4c4a3538
# end=init
# utc_time=2016-08-20 03:30:01
# local_time=2016-08-20 11:30:01 (-0500, Eastern Daylight Time)
# country="United States"
# osver=6.2.9200 NT 
Update Init
Update Download
esets_scanner_update returned -1 esets_gle=53251
Update Finalize
Updated modules version: 30488
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=7649feb6db4d7c4e88ae7add4c4a3538
# end=updated
# utc_time=2016-08-20 03:30:50
# local_time=2016-08-20 11:30:50 (-0500, Eastern Daylight Time)
# country="United States"
# osver=6.2.9200 NT 
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=7649feb6db4d7c4e88ae7add4c4a3538
# end=init
# utc_time=2016-08-20 03:33:59
# local_time=2016-08-20 11:33:59 (-0500, Eastern Daylight Time)
# country="United States"
# osver=6.2.9200 NT 
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=7649feb6db4d7c4e88ae7add4c4a3538
# engine=30488
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2016-08-20 05:33:02
# local_time=2016-08-20 01:33:02 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=6.2.9200 NT 
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 0 2123398 0 0
# scanned=443122
# found=4
# cleaned=4
# scan_time=7332
sh=816CDF695CF105119FAA5F79E2604097888321E3 ft=0 fh=0000000000000000 vn="Win32/Injector.Autoit.CMV trojan (cleaned by deleting)" ac=C fn="C:\Users\GaberFamily\AppData\Roaming\YAcOedHbWSUhQPhDAdF"
sh=68B0376FB80EC5DBF7B47DCC7B5335383E9B063A ft=1 fh=893d1fa1996eca88 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (deleted)" ac=C fn="D:\Downloads\ccsetup520.exe"
sh=B6E0AE76730CB3113AC4FDCE39586FE5D86CEA40 ft=0 fh=0000000000000000 vn="a variant of Win32/Packed.Themida suspicious application (deleted)" ac=C fn="D:\Downloads\MW3ProjectMemoriesPackage1.2byEnstone.rar"
sh=1270F0D918D443430A2D2CF519899B0003240B40 ft=0 fh=0000000000000000 vn="a variant of Win32/Packed.VMProtect.AAH trojan (deleted)" ac=C fn="D:\Downloads\Pack x64 64-Bits.rar"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=7649feb6db4d7c4e88ae7add4c4a3538
# end=init
# utc_time=2016-08-24 01:15:17
# local_time=2016-08-24 09:15:17 (-0500, Eastern Daylight Time)
# country="United States"
# osver=6.2.9200 NT 
Update Init
Update Download
Update Finalize
Updated modules version: 30526
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=7649feb6db4d7c4e88ae7add4c4a3538
# end=updated
# utc_time=2016-08-24 01:15:53
# local_time=2016-08-24 09:15:53 (-0500, Eastern Daylight Time)
# country="United States"
# osver=6.2.9200 NT 
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=7649feb6db4d7c4e88ae7add4c4a3538
# engine=30526
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2016-08-24 02:28:28
# local_time=2016-08-24 10:28:28 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=6.2.9200 NT 
# compatibility_mode_1='AVG AntiVirus Free Edition'
# compatibility_mode=1057 16777214 100 85 0 1414148 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 0 2457924 0 0
# scanned=424456
# found=1
# cleaned=1
# scan_time=4354
sh=77B6CED191E65925D8D48F05E7D0E24964A0D9D8 ft=0 fh=0000000000000000 vn="a variant of Win32/MagicalJellyBean.A potentially unsafe application (deleted)" ac=C fn="D:\Downloads\Windows XP Pro SP3 - Activated\WXPVOL_EN.iso"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=7649feb6db4d7c4e88ae7add4c4a3538
# end=init
# utc_time=2016-08-27 11:44:00
# local_time=2016-08-27 07:44:00 (-0500, Eastern Daylight Time)
# country="United States"
# osver=6.2.9200 NT 
Update Init
Update Download
Update Finalize
Updated modules version: 30558
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=7649feb6db4d7c4e88ae7add4c4a3538
# end=updated
# utc_time=2016-08-27 11:44:53
# local_time=2016-08-27 07:44:53 (-0500, Eastern Daylight Time)
# country="United States"
# osver=6.2.9200 NT 
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=7649feb6db4d7c4e88ae7add4c4a3538
# end=restart
# utc_time=2016-08-27 12:21:57
# local_time=2016-08-27 08:21:57 (-0500, Eastern Daylight Time)
# country="United States"
# osver=6.2.9200 NT 
# compatibility_mode_1='AVG AntiVirus Free Edition'
# compatibility_mode=1057 16777213 100 85 0 1665757 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 0 2709533 0 0
# scanned=222423
# found=1
# cleaned=0
# scan_time=2224
sh=77B6CED191E65925D8D48F05E7D0E24964A0D9D8 ft=0 fh=0000000000000000 vn="a variant of Win32/MagicalJellyBean.A potentially unsafe application" ac=I fn="D:\Downloads\Windows XP Pro SP3 - Activated\WXPVOL_EN.iso"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=7649feb6db4d7c4e88ae7add4c4a3538
# end=init
# utc_time=2016-08-27 12:22:40
# local_time=2016-08-27 08:22:40 (-0500, Eastern Daylight Time)
# country="United States"
# osver=6.2.9200 NT 
Update Init
Update Download
esets_scanner_update returned -1 esets_gle=53251
Update Finalize
Updated modules version: 30558
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=7649feb6db4d7c4e88ae7add4c4a3538
# end=updated
# utc_time=2016-08-27 12:23:05
# local_time=2016-08-27 08:23:05 (-0500, Eastern Daylight Time)
# country="United States"
# osver=6.2.9200 NT 
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=7649feb6db4d7c4e88ae7add4c4a3538
# engine=30558
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2016-08-27 01:47:25
# local_time=2016-08-27 09:47:25 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=6.2.9200 NT 
# compatibility_mode_1='AVG AntiVirus Free Edition'
# compatibility_mode=1057 16777213 100 85 0 1670885 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 0 2714661 0 0
# scanned=392923
# found=0
# cleaned=0
# scan_time=5059


#8 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:04:50 PM

Posted 27 August 2016 - 08:53 AM

Can you please tell me which problems still persist now?
regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#9 jayok321

jayok321
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:10:50 AM

Posted 27 August 2016 - 08:54 AM

None. All is well now! Thank you so much. I was just worried about those two startup files for the most part and that it kept recurring and I wasn't sure if I was clean and wanted to make sure.



#10 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:04:50 PM

Posted 27 August 2016 - 09:01 AM

cleandeeprybka.gif


That's it! abklatsch.gif
Your logs look clean to me at the moment. :thumbup2:
We're gonna clean up everything now, close security holes on your computer and in the end I'll provide you with a list of security tips so you hopefully will not need our help anymore in the future.


My help is free for everybody, however...
If I have helped you fix your PC, then please consider donating to continue the fight against malware: btn_donate_SM.gif
Thank you!


Clean Upcleanupm.PNG

Now we remove all the tools we used (including their logs and quarantine folders), restore your settings and delete old and infected system restorepoints:

  • You can uninstall programs that you had to install (e.g. MBAM or ESET Onlinescanner) in the control panel if you so wish.
  • Download delfix.pngDelFix (by Xplode) and save it to your Desktop.
    • Close all running programs and start delfix.exe.
    • Make sure that all available options are checked.
    • Click on Run
    • DelFix should remove all our tools and delete itself afterwards. I don't need the log file.
  • If there is still something left you can delete it manually.

Closing security holes

Many infections happen via drive-by downloads that run unnoticed in the background while the user visits an infected website. To achieve this malware exploits security holes in installed software (e.g. browser or its plugins). Older versions of such software often have lots of known exploitable holes. Therefore it's very important to always keep your software up-to-date.
 

Tips

I recommend to read and follow the "16 simple and easy ways to keep your computer safe and secure on the Internet" (Link) by Lawrence Abrams.


regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#11 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:04:50 PM

Posted 31 August 2016 - 11:32 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.
regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users