Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Help cant remove files or install security programs


  • This topic is locked This topic is locked
7 replies to this topic

#1 jp2130

jp2130

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:11:33 AM

Posted 01 September 2017 - 12:05 PM

can someone help me figure out a fixlist here are my log files needed from frst...

 

please help me...Attached File  Addition.txt   44.9KB   2 downloadsAttached File  Addition.txt   44.9KB   2 downloadsAttached File  FRST.txt   100bytes   2 downloads


LastRegBack: 2017-08-25 00:05
==================== End of FRST.txt ============================

..

 

 

addition

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-08-2017
Ran by Justin (01-09-2017 12:39:24)
Running from C:\Users\Justin\Downloads
Windows 10 Pro Version 1607 (X64) (2017-08-09 18:45:32)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================
Administrator (S-1-5-21-1147769443-1841401927-1327021842-500 - Administrator - Enabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-1147769443-1841401927-1327021842-503 - Limited - Disabled)
Guest (S-1-5-21-1147769443-1841401927-1327021842-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1147769443-1841401927-1327021842-1003 - Limited - Enabled)
Justin (S-1-5-21-1147769443-1841401927-1327021842-1001 - Administrator - Enabled) => C:\Users\Justin
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Antivirus (Disabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {4C1D9672-63FE-5C90-371E-8FDA591C5B75}
AS: Avira Antivirus (Disabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avast Antivirus (Enabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Advanced IP Scanner 2.5 (HKLM-x32\...\{6ABB4DB7-5E8F-4F7A-AAF2-C7B4337B7161}) (Version: 2.5.3233 - Famatech)
AIDA64 Extreme v5.80 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 5.80 - FinalWire Ltd.)
Apowersoft Phone Manager version 2.8.8 (HKLM-x32\...\{4A00E3C4-2D0F-4AE7-9F2A-74870BE09EF8}_is1) (Version: 2.8.8 - APOWERSOFT LIMITED)
Avast Premier (HKLM-x32\...\Avast Antivirus) (Version: 17.6.2310 - AVAST Software)
BitLord 2.5 (HKLM-x32\...\BitLord) (Version: 2.4.5-316 - House of Life)
BlueStacks App Player (HKLM-x32\...\{EFA0FC40-7D96-4515-9715-7C0C5D872326}) (Version: 2.0.2.5623 - BlueStack Systems, Inc.)
BurnAware Professional 10.3 (HKLM-x32\...\BurnAware Professional_is1) (Version:  - Burnaware)
CCleaner (HKLM\...\CCleaner) (Version: 5.33 - Piriform)
Coolmuster Android Assistant (HKU\S-1-5-21-1147769443-1841401927-1327021842-1001\...\Coolmuster Android Assistant) (Version: 4.0.40 - Coolmuster)
CyberGhost 6 (HKLM\...\CyberGhost 6_is1) (Version:  - CyberGhost S.R.L.)
CyberGhost version 6.0.2.1985 (HKLM-x32\...\CyberGhost_is1) (Version: 6.0.2.1985 - CyberGhost Windows Client)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.1200.101.218 - ALPS ELECTRIC CO., LTD.)
DragonBoost (HKU\S-1-5-21-1147769443-1841401927-1327021842-1001\...\119) (Version:  - ) <==== ATTENTION
Driver Booster 4.5 (HKLM-x32\...\Driver Booster_is1) (Version: 4.5.0 - IObit)
EaseUS Partition Master 12.0 Trial Edition (HKLM-x32\...\EaseUS Partition Master Trial Edition_is1) (Version:  - EaseUS)
EasyBCD 2.2 (HKLM-x32\...\EasyBCD) (Version: 2.2 - NeoSmart Technologies)
Factorio version 0.13.16 (HKLM\...\Factorio_is1) (Version:  - )
FinePrint (HKLM\...\FinePrint) (Version: 9.15 - FinePrint Software, LLC)
GWX Control Panel (HKLM-x32\...\UltimateOutsider_GwxControlPanel) (Version:  - UltimateOutsider)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 6.0.2.156 - IObit)
iTunes (HKLM\...\{02F95875-9527-49CC-B32F-970ADAEBD1EF}) (Version: 12.6.2.20 - Apple Inc.)
KB4023057 (HKLM\...\{0339C035-CB0E-4AA1-8A94-6C306982BD86}) (Version: 2.1.0.0 - Microsoft Corporation)
Mask My IP (HKLM-x32\...\MaskMyIP) (Version: 2.6.6.6 - )
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio Code (HKLM-x32\...\{F8A2A208-72B3-4D61-95FC-8A65D340689B}_is1) (Version: 1.14.2 - Microsoft Corporation)
Mixed in Key (HKLM-x32\...\{4FF0FB67-BEF8-4DD0-BBA0-75EA9DA2B383}) (Version: 1.0.181.0 - Mixed In Key LLC) Hidden
Mixed In Key 7 (HKU\S-1-5-21-1147769443-1841401927-1327021842-1001\...\{4d05cb39-3d9c-4e75-930c-a99591564f91}) (Version: 7.0.181.0 - Mixed In Key LLC)
Mozilla Firefox 55.0.3 (x64 en-US) (HKLM\...\Mozilla Firefox 55.0.3 (x64 en-US)) (Version: 55.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 55.0 - Mozilla)
New Super Mario Forever 2012 - FULL PC Version - Foxy Games (HKLM-x32\...\New Super Mario Forever 2012 - FULL PC Version - Foxy Games1.0) (Version: 1.0 - Foxy Games)
O&O DiskImage Professional (HKLM\...\{3ED36072-ED00-4BE2-B862-8449AE4FE3C3}) (Version: 11.0.147 - O&O Software GmbH)
PDF Password Remover v6.0 (HKLM-x32\...\PDF Password Remover v6.0_is1) (Version:  - VeryPDF.com Inc.)
Python 3.5.2 (32-bit) (HKU\S-1-5-21-1147769443-1841401927-1327021842-1001\...\{cf72a2ab-2f1d-49fd-a0d7-1065e6357e1e}) (Version: 3.5.2150.0 - Python Software Foundation)
Python 3.5.2 Core Interpreter (32-bit) (HKLM-x32\...\{EB0611B2-7F10-4D97-BCF2-DCAAB1199498}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden
Python 3.5.2 Development Libraries (32-bit) (HKLM-x32\...\{5DB2183B-62D3-407F-BBC1-EAD2F36283FA}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden
Python 3.5.2 Documentation (32-bit) (HKLM-x32\...\{1FBA5182-78DD-4940-9F06-96E5042B7061}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden
Python 3.5.2 Executables (32-bit) (HKLM-x32\...\{33B10015-A9B1-4210-B50A-26C6443979B0}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden
Python 3.5.2 pip Bootstrap (32-bit) (HKLM-x32\...\{9ADF9987-3327-48C6-91B3-B10900366491}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden
Python 3.5.2 Standard Library (32-bit) (HKLM-x32\...\{FCBB04F4-D2CF-4F55-BE92-B3898696B318}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden
Python 3.5.2 Tcl/Tk Support (32-bit) (HKLM-x32\...\{C1153533-FDC4-4922-892D-B71810F69566}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden
Python 3.5.2 Test Suite (32-bit) (HKLM-x32\...\{9D50A6D7-410A-4469-87B7-35FA84CBD479}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden
Python 3.5.2 Utility Scripts (32-bit) (HKLM-x32\...\{E6DEBF43-7ACF-4E88-9BBF-9B5945683281}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{963ECCDD-F09F-4C24-9367-8B5D748AA7C8}) (Version: 3.5.2121.0 - Python Software Foundation)
qBittorrent 3.3.15 (HKLM-x32\...\qBittorrent) (Version: 3.3.15 - The qBittorrent project)
RegAlyzer (HKLM-x32\...\{296B2D8E-CE82-92AF-B2E8-A646E7CB78A2}_is1) (Version: 1.6.2.16 - Safer-Networking Ltd.)
SafeZone Stable 4.58.2552.909 (HKLM-x32\...\SafeZone 4.58.2552.909) (Version: 4.58.2552.909 - Avast Software) Hidden
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.6.46 - Safer-Networking Ltd.)
Total Uninstall 6.19.1 (HKLM\...\Total Uninstall 6_is1) (Version: 6.19.1 - Gavrila Martau)
UltraISO Premium V9.7 (HKLM-x32\...\UltraISO_is1) (Version:  - )
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
VSO ConvertXToDVD 7 (HKLM-x32\...\{A021D003-6933-4EA4-B582-F1D0C3E52409}_is1) (Version: 7.0.0.31 - VSO Software)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Wondershare Video Converter Ultimate(Build 9.0.3.0) (HKLM-x32\...\Wondershare Video Converter Ultimate_is1) (Version: 9.0.3.0 - Wondershare Software)
YTD Video Downloader 5.8.3 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 5.8.3 - GreenTree Applications SRL) <==== ATTENTION
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-09-01] (AVAST Software)
ShellIconOverlayIdentifiers: [OODIIcon] -> {14A94384-BBED-47ed-86C0-6BF63FD892D0} => C:\Program Files\OO Software\DiskImage\oodishi.dll [2017-04-25] (O&O Software GmbH)
ContextMenuHandlers1: [avast] -> [CC]{472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers1: [IObitUnstaler] -> [CC]{B19ED566-D419-470b-B111-3C89040BC027} =>  -> No File
ContextMenuHandlers1: [SDECon32] -> [CC]{44176360-2BBF-4EC1-93CE-384B8681A0BC} =>  -> No File
ContextMenuHandlers1: [SDECon64] -> [CC]{44176360-2BBF-4EC1-93CE-384B8681A0BC} =>  -> No File
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2017-08-15] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} =>  -> No File
ContextMenuHandlers1: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} =>  -> No File
ContextMenuHandlers1: [WondershareVideoConverterFileOpreation] -> [CC]{FEB746CA-95C2-485F-B386-C30D4E56D22E} =>  -> No File
ContextMenuHandlers2: [OODIDismount] -> [CC]{BF5F9978-5B95-4F2E-BB19-5D95234187EE} =>  -> No File
ContextMenuHandlers2: [UltraISO] -> [CC]{AD392E40-428C-459F-961E-9B147782D099} =>  -> No File
ContextMenuHandlers3: [00asw] -> [CC]{472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers4: [IObitUnstaler] -> [CC]{B19ED566-D419-470b-B111-3C89040BC027} =>  -> No File
ContextMenuHandlers4: [UltraISO] -> [CC]{AD392E40-428C-459F-961E-9B147782D099} =>  -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Intel Corporation)
ContextMenuHandlers6: [avast] -> [CC]{472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers6: [IObitUnstaler] -> [CC]{B19ED566-D419-470b-B111-3C89040BC027} =>  -> No File
ContextMenuHandlers6: [SDECon32] -> [CC]{44176360-2BBF-4EC1-93CE-384B8681A0BC} =>  -> No File
ContextMenuHandlers6: [SDECon64] -> [CC]{44176360-2BBF-4EC1-93CE-384B8681A0BC} =>  -> No File
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> [CC]{45AC2688-0253-4ED8-97DE-B5370FA7D48A} =>  -> No File
ContextMenuHandlers6: [UltraISO] -> [CC]{AD392E40-428C-459F-961E-9B147782D099} =>  -> No File
ContextMenuHandlers6: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} =>  -> No File
ContextMenuHandlers6: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} =>  -> No File
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {14E499A6-E996-41B6-9307-72D0828B4884} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-08-01] (Microsoft Corporation) <==== ATTENTION
Task: {2B7177F5-B500-4A90-90A9-D0EC66671480} - System32\Tasks\Uninstaller_SkipUac_Justin => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2016-08-30] (IObit)
Task: {2FB3D124-3FE9-46EA-B0AC-7B04AF76F604} - System32\Tasks\Driver Booster SkipUAC (Justin) => C:\Program Files\Driver Booster Pro 4.1\Driver Booster\4.5.0\DriverBooster.exe [2017-07-28] (IObit)
Task: {46EDFD0D-C7A4-4064-92B5-F4212E64A3FB} - System32\Tasks\Microsoft\Windows\rempl\shell-unlock => C:\Program Files\rempl\remsh.exe
Task: {4ABF5A67-76E1-409F-BB53-65BDAB73C2B9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-08-03] (Piriform Ltd)
Task: {530A0A12-8549-4E36-96DF-6B6B19E69615} - System32\Tasks\SafeZone scheduled Autoupdate 1503278813 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-08-04] (Avast Software)
Task: {6BEFEF56-6CCC-4EDD-AC62-18845982DDB5} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2017-05-23] (Safer-Networking Ltd.)
Task: {6ED5B3B9-2939-4D82-8B53-6BED0B7F80A6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-08-01] (Microsoft Corporation) <==== ATTENTION
Task: {72E13932-144B-48BC-A226-C1079F073ED9} - System32\Tasks\Microsoft\Windows\Windows Error Reporting\ErrorReporting => C:\\ProgramData\\WindowsReporting\\wermgr.exe <==== ATTENTION
Task: {85F699F1-A024-40C1-B5FD-DFE5A80D0844} - System32\Tasks\Driver Booster Scheduler => C:\Program Files\Driver Booster Pro 4.1\Driver Booster\4.5.0\Scheduler.exe [2017-07-26] (IObit)
Task: {94D95DBC-FF01-4D03-986B-3BC2FC9D1A98} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2017-05-23] (Safer-Networking Ltd.)
Task: {952FA07C-9E0F-46DB-A1D9-6227AE42ABC1} - System32\Tasks\Microsoft\Windows\rempl\shell => C:\Program Files\rempl\remsh.exe
Task: {9AD393FA-C4E0-4374-8D69-8A11B6752D0A} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2017-05-23] (Safer-Networking Ltd.)
Task: {B7D227F0-EE22-4972-851F-960A0D9FE1B4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-08-01] (Microsoft Corporation) <==== ATTENTION
Task: {BD40CD11-9775-468A-BA78-97319C0DF03A} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {C9DB9AD2-1AD1-4B66-8889-144D39B315FF} - System32\Tasks\WINshell Event Notification => C:\Users\Justin\AppData\Local\Temp\SBCint2.exe <==== ATTENTION
Task: {D614251A-8099-4926-A29F-D95817F1FFE0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-08-01] (Microsoft Corporation) <==== ATTENTION
Task: {F5FCC194-AFB2-4A63-BAB4-9EDC1BA3B2D3} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-09-01] (AVAST Software)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Justin.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============
2016-07-16 07:42 - 2016-07-16 07:42 - 000231424 ____N () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-07-15 16:39 - 2017-06-21 03:48 - 002681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2017-08-09 14:50 - 2017-08-09 14:50 - 000959168 _____ () C:\Users\Justin\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64\ClientTelemetry.dll
2017-08-22 21:07 - 2015-02-27 14:38 - 000721263 _____ () C:\WINDOWS\SysWOW64\WSCM64.dll
2017-08-14 12:31 - 2017-08-14 12:31 - 002793472 ____N () C:\WINDOWS\SYSTEM32\MSBNWXQ.EXE
2016-11-20 14:11 - 2016-11-20 14:11 - 000134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-05-27 22:05 - 2017-03-04 02:31 - 000474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-05-27 21:47 - 2017-03-04 02:12 - 009760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-05-27 21:47 - 2017-03-04 02:05 - 001401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-05-27 21:47 - 2017-03-04 02:05 - 000757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-08-12 09:07 - 2017-03-04 02:05 - 001033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-08-12 09:07 - 2017-08-01 14:26 - 002424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-08-12 09:07 - 2017-08-01 14:31 - 004853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-01-19 19:19 - 2017-01-19 19:19 - 000013312 _____ () C:\Program Files (x86)\BitLord\QtWebEngineProcess.exe
2017-09-01 11:35 - 2012-07-27 04:27 - 000022336 _____ () C:\Program Files\CCleaner\branding.dll
2017-08-21 17:04 - 2016-09-13 14:00 - 000109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2017-08-21 17:04 - 2016-09-13 14:00 - 000167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2017-08-21 17:04 - 2016-09-13 14:00 - 000416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2017-08-21 17:04 - 2017-05-12 11:36 - 000507464 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2017-08-21 04:12 - 2016-06-14 16:35 - 000625440 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
2017-08-21 04:12 - 2016-06-21 19:29 - 000210720 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
2017-08-21 04:12 - 2016-06-21 19:30 - 000442144 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl
2017-08-21 04:12 - 2016-06-21 19:29 - 000059680 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl
2017-08-21 04:12 - 2016-05-23 21:49 - 000899872 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\webres.dll
2017-08-21 04:12 - 2016-06-14 16:35 - 000625440 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\ProductStatistics.dll
2017-09-01 08:51 - 2017-09-01 08:51 - 000167096 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-09-01 08:51 - 2017-09-01 08:51 - 000059040 _____ () C:\Program Files\AVAST Software\Avast\module_lifetime.dll
2017-08-21 22:20 - 2017-08-21 22:20 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-09-01 08:51 - 2017-09-01 08:51 - 000211904 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
2017-09-01 08:51 - 2017-09-01 08:51 - 000241960 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2017-09-01 08:50 - 2017-09-01 08:50 - 000233768 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2017-09-01 08:51 - 2017-09-01 08:51 - 000685688 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2017-09-01 09:49 - 2017-09-01 09:49 - 005897648 _____ () C:\Program Files\AVAST Software\Avast\defs\17090102\algo.dll
2017-02-04 03:38 - 2017-02-04 03:38 - 002720256 _____ () C:\Program Files (x86)\BitLord\torrent.dll
2016-12-22 20:09 - 2016-12-22 20:09 - 000020480 _____ () C:\Program Files (x86)\BitLord\boost_system-vc140-mt-1_63.dll
2015-04-13 09:57 - 2015-04-13 09:57 - 000143296 _____ () C:\Program Files (x86)\BitLord\libvlc.dll
2016-12-22 20:12 - 2016-12-22 20:12 - 000022528 _____ () C:\Program Files (x86)\BitLord\boost_random-vc140-mt-1_63.dll
2015-04-13 10:00 - 2015-04-13 10:00 - 002631616 _____ () C:\Program Files (x86)\BitLord\libvlccore.dll
2017-01-18 13:50 - 2017-01-18 13:50 - 000013824 _____ () C:\Program Files (x86)\BitLord\libEGL.DLL
2017-01-18 13:50 - 2017-01-18 13:50 - 001983488 _____ () C:\Program Files (x86)\BitLord\libGLESv2.dll
2015-04-13 09:57 - 2015-04-13 09:57 - 000554944 _____ () C:\Program Files (x86)\BitLord\plugins\access\libdshow_plugin.dll
2015-04-13 10:00 - 2015-04-13 10:00 - 000041920 _____ () C:\Program Files (x86)\BitLord\plugins\audio_output\libdirectsound_plugin.dll
2015-04-13 10:00 - 2015-04-13 10:00 - 000039872 _____ () C:\Program Files (x86)\BitLord\plugins\audio_output\libwaveout_plugin.dll
2015-04-13 09:58 - 2015-04-13 09:58 - 000086464 _____ () C:\Program Files (x86)\BitLord\plugins\video_output\libdirect3d_plugin.dll
2015-04-13 09:56 - 2015-04-13 09:56 - 000070675 _____ () C:\Program Files (x86)\BitLord\plugins\video_output\libdirectdraw_plugin.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
There are 7936 more sites.
IE trusted site: HKU\S-1-5-21-1147769443-1841401927-1327021842-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1147769443-1841401927-1327021842-1001\...\webcompanion.com -> hxxp://webcompanion.com
IE restricted site: HKU\S-1-5-21-1147769443-1841401927-1327021842-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1147769443-1841401927-1327021842-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1147769443-1841401927-1327021842-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-1147769443-1841401927-1327021842-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-1147769443-1841401927-1327021842-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1147769443-1841401927-1327021842-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1147769443-1841401927-1327021842-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-1147769443-1841401927-1327021842-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1147769443-1841401927-1327021842-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1147769443-1841401927-1327021842-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-1147769443-1841401927-1327021842-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-1147769443-1841401927-1327021842-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-1147769443-1841401927-1327021842-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-1147769443-1841401927-1327021842-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-1147769443-1841401927-1327021842-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-1147769443-1841401927-1327021842-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-1147769443-1841401927-1327021842-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-1147769443-1841401927-1327021842-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-1147769443-1841401927-1327021842-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-1147769443-1841401927-1327021842-1001\...\123simsen.com -> www.123simsen.com
There are 7936 more sites.
IE restricted site: HKU\S-1-5-21-1147769443-1841401927-1327021842-500\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1147769443-1841401927-1327021842-500\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1147769443-1841401927-1327021842-500\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-1147769443-1841401927-1327021842-500\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-1147769443-1841401927-1327021842-500\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1147769443-1841401927-1327021842-500\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1147769443-1841401927-1327021842-500\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-1147769443-1841401927-1327021842-500\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1147769443-1841401927-1327021842-500\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1147769443-1841401927-1327021842-500\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-1147769443-1841401927-1327021842-500\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-1147769443-1841401927-1327021842-500\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-1147769443-1841401927-1327021842-500\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-1147769443-1841401927-1327021842-500\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-1147769443-1841401927-1327021842-500\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-1147769443-1841401927-1327021842-500\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-1147769443-1841401927-1327021842-500\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-1147769443-1841401927-1327021842-500\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-1147769443-1841401927-1327021842-500\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-1147769443-1841401927-1327021842-500\...\123simsen.com -> www.123simsen.com
There are 7936 more sites.

==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-08-09 18:01 - 2017-08-28 07:17 - 000455044 ____N C:\WINDOWS\system32\Drivers\etc\hosts
0.0.0.0 http://86.105.152.166/info/check.php
0.0.0.0 http://www.chris-pc.com/info/check.php
0.0.0.0 http://www.chris-pc.com/piracy/report.php
162.222.193.86 aoaomo.tremorhub.com
188.95.50.62 bobomo.tremorhub.com
162.222.193.86 www.howcast.com
162.222.193.86 howcast.com
162.222.193.86 www.ustream.tv
162.222.193.86 ustream.tv
162.222.193.86 www.livestream.com
162.222.193.86 livestream.com
162.222.193.86 www.dailymotion.com
162.222.193.86 dailymotion.com
192.192.3.8 virustotal.com
127.0.0.1 plugpackdownload.net
127.0.0.1 texttotalk.org
127.0.0.1 gambling577.xyz
127.0.0.1 htagdownload.space
127.0.0.1 mybcnmonetize.com
127.0.0.1 dscdn.pw
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
There are 15616 more lines.

==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1147769443-1841401927-1327021842-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Justin\Pictures\IMG_0256.JPG
HKU\S-1-5-21-1147769443-1841401927-1327021842-500\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
HKLM\...\StartupApproved\Run: => "WindowsDefender"
HKLM\...\StartupApproved\Run: => "IgfxTray"
HKLM\...\StartupApproved\Run: => "Persistence"
HKLM\...\StartupApproved\Run32: => "EaseUS Cleanup"
HKLM\...\StartupApproved\Run32: => "AnonymizerGadget"
HKLM\...\StartupApproved\Run32: => "Avira SystrayStartTrigger"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "SDTray"
HKU\S-1-5-21-1147769443-1841401927-1327021842-1001\...\StartupApproved\StartupFolder: => "asd.lnk"
HKU\S-1-5-21-1147769443-1841401927-1327021842-1001\...\StartupApproved\Run: => "Avira Phantom VPN"
HKU\S-1-5-21-1147769443-1841401927-1327021842-1001\...\StartupApproved\Run: => "alamo"
HKU\S-1-5-21-1147769443-1841401927-1327021842-1001\...\StartupApproved\Run: => "WinResSync"
HKU\S-1-5-21-1147769443-1841401927-1327021842-1001\...\StartupApproved\Run: => "inactivation"
HKU\S-1-5-21-1147769443-1841401927-1327021842-1001\...\StartupApproved\Run: => "Second Copy"
HKU\S-1-5-21-1147769443-1841401927-1327021842-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1147769443-1841401927-1327021842-1001\...\StartupApproved\Run: => "IDMan"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{32A5CBA0-06F8-4027-B60C-64570BB8ACCA}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{221C9F45-D3FE-4C2F-869B-503FDFFCB135}] => (Allow) C:\Program Files (x86)\BitLord\BitLord.exe
FirewallRules: [{EF6CAFD8-E184-442C-AA73-5E208549239E}] => (Allow) C:\Program Files (x86)\BitLord\BitLord.exe
FirewallRules: [{042FD2E0-AB74-4DCF-82FC-3B22C6028F50}] => (Allow) C:\Program Files (x86)\EaseUS\EaseUS Partition Master 12.0\bin\Main.exe
FirewallRules: [{C1703572-6890-438A-805F-722D53A71C5C}] => (Allow) C:\Program Files (x86)\EaseUS\EaseUS Partition Master 12.0\bin\Main.exe
FirewallRules: [{177AB982-0EC0-417A-99E2-13B0A787A668}] => (Allow) C:\Program Files (x86)\EaseUS\EaseUS Partition Master 12.0\bin\Main.exe
FirewallRules: [{A858441C-2EF0-4106-B864-8B88D705C2D6}] => (Allow) C:\Program Files (x86)\EaseUS\EaseUS Partition Master 12.0\bin\Main.exe
FirewallRules: [{91DFD530-7062-43E9-B6EE-997947558A7D}] => (Allow) C:\Program Files (x86)\EaseUS\EaseUS Partition Master 12.0\bin\Main.exe
FirewallRules: [{22EFEEEE-75B2-4F78-A58B-002D63BEF61C}] => (Allow) C:\Program Files (x86)\EaseUS\EaseUS Partition Master 12.0\bin\Main.exe
FirewallRules: [{B088219B-48BD-46AF-BF2E-00738457A880}] => (Allow) C:\Program Files (x86)\EaseUS\EaseUS Partition Master 12.0\bin\Main.exe
FirewallRules: [{B7FA2CD4-3F89-4075-9298-5337B3699910}] => (Allow) C:\Program Files (x86)\EaseUS\EaseUS Partition Master 12.0\bin\Main.exe
FirewallRules: [{4D4BB944-DDC5-4E7F-BD5F-C396FA6BCDFB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{EF611B70-3676-4F66-8D90-20E05A78BCA7}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{CF32ADE6-68BF-4454-96F7-A9C63925E0D8}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe
FirewallRules: [{BABB8B05-FC9F-4FBE-899A-6E204181F707}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe
FirewallRules: [{55E2AA5A-356B-446A-A9E4-80EE5F0CB1A5}] => (Allow) C:\WINDOWS\system32\rundll32.exe
FirewallRules: [TCP Query User{9F2ADCD6-D5FF-4290-A887-66389BE6A986}C:\windows\system32\mmc.exe] => (Allow) C:\windows\system32\mmc.exe
FirewallRules: [UDP Query User{A1DF8CF5-0B17-44AA-B7DD-294B65B38445}C:\windows\system32\mmc.exe] => (Allow) C:\windows\system32\mmc.exe
FirewallRules: [{F1342BB4-F4F2-4E6A-871D-3130D625DC3A}] => (Allow) C:\WINDOWS\system32\rundll32.exe
FirewallRules: [{2B31241A-478A-43CF-9CF7-D8AF94EA1FDB}] => (Allow) C:\Program Files\Driver Booster Pro 4.1\Driver Booster\4.5.0\DriverBooster.exe
FirewallRules: [{C89CD565-5D9F-4157-AC3D-458426CE1589}] => (Allow) C:\Program Files\Driver Booster Pro 4.1\Driver Booster\4.5.0\DriverBooster.exe
FirewallRules: [{5FE8A7A7-47D5-4B50-9B62-985EA65A1707}] => (Allow) C:\Program Files\Driver Booster Pro 4.1\Driver Booster\4.5.0\DBDownloader.exe
FirewallRules: [{D0D1AC2E-080F-420B-A908-D7E07649E362}] => (Allow) C:\Program Files\Driver Booster Pro 4.1\Driver Booster\4.5.0\DBDownloader.exe
FirewallRules: [{E0FB71A5-419C-4959-809B-184713CAADA9}] => (Allow) C:\Program Files\Driver Booster Pro 4.1\Driver Booster\4.5.0\AutoUpdate.exe
FirewallRules: [{EEAE39F4-1E8A-4D55-8C83-F75FE0CAF7C6}] => (Allow) C:\Program Files\Driver Booster Pro 4.1\Driver Booster\4.5.0\AutoUpdate.exe
FirewallRules: [{8C1D1EC5-04FC-4ECC-A9FA-61DC6A1E725D}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909_0\SZBrowser.exe
FirewallRules: [TCP Query User{A6A23B31-C242-4B3A-9206-B244515BBCCE}C:\program files (x86)\apowersoft\apowersoft phone manager\apowersoft phone manager.exe] => (Allow) C:\program files (x86)\apowersoft\apowersoft phone manager\apowersoft phone manager.exe
FirewallRules: [UDP Query User{EEBCABF0-BC19-4ABE-8E3C-325DFCA5F740}C:\program files (x86)\apowersoft\apowersoft phone manager\apowersoft phone manager.exe] => (Allow) C:\program files (x86)\apowersoft\apowersoft phone manager\apowersoft phone manager.exe
FirewallRules: [TCP Query User{761EAAE5-CA5A-42D9-9BC2-D84EED6D7C89}C:\program files (x86)\coolmuster\coolmuster android assistant\bin\androidassistserver.exe] => (Allow) C:\program files (x86)\coolmuster\coolmuster android assistant\bin\androidassistserver.exe
FirewallRules: [UDP Query User{CB214E42-DBB5-4CE0-BBB5-3B2B9C3D8E04}C:\program files (x86)\coolmuster\coolmuster android assistant\bin\androidassistserver.exe] => (Allow) C:\program files (x86)\coolmuster\coolmuster android assistant\bin\androidassistserver.exe
FirewallRules: [{E4EB5B37-6D78-4E4D-938C-7D4D85432AA7}] => (Allow) C:\Program Files (x86)\Coolmuster\Coolmuster Android Assistant\Bin\Coolmuster Android Assistant.exe
FirewallRules: [{56F8E2E4-18DD-4BB5-BBEF-489AC18F93D3}] => (Allow) C:\Program Files (x86)\Coolmuster\Coolmuster Android Assistant\Bin\Coolmuster Android Assistant.exe
FirewallRules: [{8848C546-7220-4008-BC30-8446D9A72C81}] => (Allow) C:\Program Files (x86)\Coolmuster\Coolmuster Android Assistant\Bin\Coolmuster Android Assistant.exe
FirewallRules: [{D736451E-C6F0-4A31-A730-2CA9AEBED9BA}] => (Allow) C:\Program Files (x86)\Coolmuster\Coolmuster Android Assistant\Bin\Coolmuster Android Assistant.exe
FirewallRules: [{EA4C49C7-43E1-44B6-AE7D-03B6FA30CD53}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{15F0BFD9-CFFA-4F6E-93A2-2C18A1D152D6}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{2C812EB0-AA26-46DE-9E24-E028048F1FB7}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Restore Points =========================
24-08-2017 03:34:58 Installed BlueStacks App Player
26-08-2017 03:51:11 Removed Bonjour
26-08-2017 03:54:33 Removed Apple Mobile Device Support
26-08-2017 03:55:33 Removed Apple Application Support (64-bit)
29-08-2017 17:44:09 Windows Update
==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================
Application errors:
==================
Error: (09/01/2017 10:41:43 AM) (Source: COM) (EventID: 10031) (User: )
Description: An unmarshaling policy check was performed when unmarshaling a custom marshaled object and the class {2CD39202-3A2F-4935-9A86-65B919919A7F} was rejected
Error: (09/01/2017 09:39:23 AM) (Source: COM) (EventID: 10031) (User: )
Description: An unmarshaling policy check was performed when unmarshaling a custom marshaled object and the class {2CD39202-3A2F-4935-9A86-65B919919A7F} was rejected
Error: (09/01/2017 09:39:23 AM) (Source: COM) (EventID: 10031) (User: )
Description: An unmarshaling policy check was performed when unmarshaling a custom marshaled object and the class {2CD39202-3A2F-4935-9A86-65B919919A7F} was rejected
Error: (09/01/2017 09:39:23 AM) (Source: COM) (EventID: 10031) (User: )
Description: An unmarshaling policy check was performed when unmarshaling a custom marshaled object and the class {2CD39202-3A2F-4935-9A86-65B919919A7F} was rejected
Error: (09/01/2017 09:39:12 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x8007007B
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable
Error: (09/01/2017 09:39:09 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x8007007B
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=1
Error: (09/01/2017 09:38:33 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (09/01/2017 09:29:48 AM) (Source: COM) (EventID: 10031) (User: )
Description: An unmarshaling policy check was performed when unmarshaling a custom marshaled object and the class {2CD39202-3A2F-4935-9A86-65B919919A7F} was rejected
Error: (09/01/2017 09:28:03 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x8007007B
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=1
Error: (09/01/2017 09:10:33 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x8007139F
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable

System errors:
=============
Error: (09/01/2017 12:39:25 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-VJHEPJ2)
Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 and APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 to the user DESKTOP-VJHEPJ2\Justin SID (S-1-5-21-1147769443-1841401927-1327021842-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.WindowsStore_11606.1001.39.0_x64__8wekyb3d8bbwe SID (S-1-15-2-1609473798-1231923017-684268153-4268514328-882773646-2760585773-1760938157). This security permission can be modified using the Component Services administrative tool.
Error: (09/01/2017 09:45:36 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Downloaded Maps Manager service hung on starting.
Error: (09/01/2017 09:43:31 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Connected Devices Platform Service service terminated with the following error:
Unspecified error
Error: (09/01/2017 09:43:31 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Background Intelligent Transfer Service service hung on starting.
Error: (09/01/2017 09:39:06 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (09/01/2017 09:39:06 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (09/01/2017 09:38:59 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 and APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (09/01/2017 09:38:33 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The BstHdAndroidSvc service terminated with the following error:
An exception occurred in the service when handling the control request.
Error: (09/01/2017 09:38:33 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The WCAssistantService service failed to start due to the following error:
The requested resource is in use.
Error: (09/01/2017 09:38:33 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The AntiVirWebService service depends on the AntiVirService service which failed to start because of the following error:
The requested resource is in use.

==================== Memory info ===========================
Processor: Intel® Core™ i3-2370M CPU @ 2.40GHz
Percentage of memory in use: 75%
Total physical RAM: 3959.09 MB
Available physical RAM: 960.33 MB
Total Virtual: 7443.36 MB
Available Virtual: 1112.78 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:456.18 GB) (Free:290.66 GB) NTFS
Drive g: () (Fixed) (Total:8 GB) (Free:6.3 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 6FC28303)
Partition: GPT.
==================== End of Addition.txt ============================

 



BC AdBot (Login to Remove)

 


#2 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,635 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:11:33 AM

Posted 01 September 2017 - 04:44 PM

Welcome. :)

 

Please remove the following programs:

 

DragonBoost
YTD Video Downloader 5.8.3
 

 

  • Highlight the entire content of the quote box below.

Start::  
ContextMenuHandlers1: [avast] -> [CC]{472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers1: [IObitUnstaler] -> [CC]{B19ED566-D419-470b-B111-3C89040BC027} =>  -> No File
ContextMenuHandlers1: [SDECon32] -> [CC]{44176360-2BBF-4EC1-93CE-384B8681A0BC} =>  -> No File
ContextMenuHandlers1: [SDECon64] -> [CC]{44176360-2BBF-4EC1-93CE-384B8681A0BC} =>  -> No File
ContextMenuHandlers1: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} =>  -> No File
ContextMenuHandlers1: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} =>  -> No File
ContextMenuHandlers1: [WondershareVideoConverterFileOpreation] -> [CC]{FEB746CA-95C2-485F-B386-C30D4E56D22E} =>  -> No File
ContextMenuHandlers2: [OODIDismount] -> [CC]{BF5F9978-5B95-4F2E-BB19-5D95234187EE} =>  -> No File
ContextMenuHandlers2: [UltraISO] -> [CC]{AD392E40-428C-459F-961E-9B147782D099} =>  -> No File
ContextMenuHandlers3: [00asw] -> [CC]{472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers4: [IObitUnstaler] -> [CC]{B19ED566-D419-470b-B111-3C89040BC027} =>  -> No File
ContextMenuHandlers4: [UltraISO] -> [CC]{AD392E40-428C-459F-961E-9B147782D099} =>  -> No File
ContextMenuHandlers6: [avast] -> [CC]{472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers6: [IObitUnstaler] -> [CC]{B19ED566-D419-470b-B111-3C89040BC027} =>  -> No File
ContextMenuHandlers6: [SDECon32] -> [CC]{44176360-2BBF-4EC1-93CE-384B8681A0BC} =>  -> No File
ContextMenuHandlers6: [SDECon64] -> [CC]{44176360-2BBF-4EC1-93CE-384B8681A0BC} =>  -> No File
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> [CC]{45AC2688-0253-4ED8-97DE-B5370FA7D48A} =>  -> No File
ContextMenuHandlers6: [UltraISO] -> [CC]{AD392E40-428C-459F-961E-9B147782D099} =>  -> No File
ContextMenuHandlers6: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} =>  -> No File
ContextMenuHandlers6: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} =>  -> No File
Task: {C9DB9AD2-1AD1-4B66-8889-144D39B315FF} - System32\Tasks\WINshell Event Notification => C:\Users\Justin\AppData\Local\Temp\SBCint2.exe <==== ATTENTION
2017-08-14 12:31 - 2017-08-14 12:31 - 002793472 ____N () C:\WINDOWS\SYSTEM32\MSBNWXQ.EXE
Folder: C:\WINDOWS\SYSTEM32\DRIVERS
HOSTS:
Removeproxy:
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: ipconfig /flushdns
CMD: netsh winsock reset catalog
CMD: netsh int ip reset C:\resettcpip.txt
CMD: FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i"
CMD: Bitsadmin /Reset /Allusers
EMPTYTEMP:
Reboot:
End::

  • Right click on the highlighted text and select Copy.
  • Start FRST (FRST64) with Administrator privileges
  • Press the Fix button. FRST will process the lines copied above from the clipboard.
  • When finished, a log file (Fixlog.txt) will pop up and saved in the same location the tool was ran from.

Please copy and paste its contents in your next reply.
 

 


No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#3 jp2130

jp2130
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:11:33 AM

Posted 01 September 2017 - 06:42 PM

ok i am not sure if i was able to fully remove dragonboost, but the other one i did. 

 

here is the Fix result of Farbar Recovery Scan Tool (x64) Version: 20-08-2017
Ran by Justin (01-09-2017 19:12:46) Run:1
Running from C:\Users\Justin\Downloads
Loaded Profiles: Justin (Available Profiles: Justin & Administrator)
Boot Mode: Normal
==============================================

fixlist content:
*****************
 
ContextMenuHandlers1: [avast] -> [CC]{472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers1: [IObitUnstaler] -> [CC]{B19ED566-D419-470b-B111-3C89040BC027} =>  -> No File
ContextMenuHandlers1: [SDECon32] -> [CC]{44176360-2BBF-4EC1-93CE-384B8681A0BC} =>  -> No File
ContextMenuHandlers1: [SDECon64] -> [CC]{44176360-2BBF-4EC1-93CE-384B8681A0BC} =>  -> No File
ContextMenuHandlers1: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} =>  -> No File
ContextMenuHandlers1: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} =>  -> No File
ContextMenuHandlers1: [WondershareVideoConverterFileOpreation] -> [CC]{FEB746CA-95C2-485F-B386-C30D4E56D22E} =>  -> No File
ContextMenuHandlers2: [OODIDismount] -> [CC]{BF5F9978-5B95-4F2E-BB19-5D95234187EE} =>  -> No File
ContextMenuHandlers2: [UltraISO] -> [CC]{AD392E40-428C-459F-961E-9B147782D099} =>  -> No File
ContextMenuHandlers3: [00asw] -> [CC]{472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers4: [IObitUnstaler] -> [CC]{B19ED566-D419-470b-B111-3C89040BC027} =>  -> No File
ContextMenuHandlers4: [UltraISO] -> [CC]{AD392E40-428C-459F-961E-9B147782D099} =>  -> No File
ContextMenuHandlers6: [avast] -> [CC]{472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers6: [IObitUnstaler] -> [CC]{B19ED566-D419-470b-B111-3C89040BC027} =>  -> No File
ContextMenuHandlers6: [SDECon32] -> [CC]{44176360-2BBF-4EC1-93CE-384B8681A0BC} =>  -> No File
ContextMenuHandlers6: [SDECon64] -> [CC]{44176360-2BBF-4EC1-93CE-384B8681A0BC} =>  -> No File
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> [CC]{45AC2688-0253-4ED8-97DE-B5370FA7D48A} =>  -> No File
ContextMenuHandlers6: [UltraISO] -> [CC]{AD392E40-428C-459F-961E-9B147782D099} =>  -> No File
ContextMenuHandlers6: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} =>  -> No File
ContextMenuHandlers6: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} =>  -> No File
Task: {C9DB9AD2-1AD1-4B66-8889-144D39B315FF} - System32\Tasks\WINshell Event Notification => C:\Users\Justin\AppData\Local\Temp\SBCint2.exe <==== ATTENTION
2017-08-14 12:31 - 2017-08-14 12:31 - 002793472 ____N () C:\WINDOWS\SYSTEM32\MSBNWXQ.EXE
Folder: C:\WINDOWS\SYSTEM32\DRIVERS
HOSTS:
Removeproxy:
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: ipconfig /flushdns
CMD: netsh winsock reset catalog
CMD: netsh int ip reset C:\resettcpip.txt
CMD: FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i"
CMD: Bitsadmin /Reset /Allusers
EMPTYTEMP:
Reboot:

*****************

  => Error: No automatic fix found for this entry.
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\avast => key removed successfully
HKLM\Software\Classes\CLSID\[CC]{472083B0-C522-11CF-8763-00608CC02F24} => key not found.
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\IObitUnstaler => key removed successfully
HKLM\Software\Classes\CLSID\[CC]{B19ED566-D419-470b-B111-3C89040BC027} => key not found.
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\SDECon32 => key removed successfully
HKLM\Software\Classes\CLSID\[CC]{44176360-2BBF-4EC1-93CE-384B8681A0BC} => key not found.
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\SDECon64 => key removed successfully
HKLM\Software\Classes\CLSID\[CC]{44176360-2BBF-4EC1-93CE-384B8681A0BC} => key not found.
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR => key removed successfully
HKLM\Software\Classes\CLSID\[CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} => key not found.
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR32 => key removed successfully
HKLM\Software\Classes\CLSID\[CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => key not found.
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WondershareVideoConverterFileOpreation => key removed successfully
HKLM\Software\Classes\CLSID\[CC]{FEB746CA-95C2-485F-B386-C30D4E56D22E} => key not found.
HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\OODIDismount => key removed successfully
HKLM\Software\Classes\CLSID\[CC]{BF5F9978-5B95-4F2E-BB19-5D95234187EE} => key not found.
HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\UltraISO => key removed successfully
HKLM\Software\Classes\CLSID\[CC]{AD392E40-428C-459F-961E-9B147782D099} => key not found.
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\00asw => key removed successfully
HKLM\Software\Classes\CLSID\[CC]{472083B0-C522-11CF-8763-00608CC02F24} => key not found.
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\IObitUnstaler => key removed successfully
HKLM\Software\Classes\CLSID\[CC]{B19ED566-D419-470b-B111-3C89040BC027} => key not found.
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\UltraISO => key removed successfully
HKLM\Software\Classes\CLSID\[CC]{AD392E40-428C-459F-961E-9B147782D099} => key not found.
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\avast => key removed successfully
HKLM\Software\Classes\CLSID\[CC]{472083B0-C522-11CF-8763-00608CC02F24} => key not found.
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\IObitUnstaler => key removed successfully
HKLM\Software\Classes\CLSID\[CC]{B19ED566-D419-470b-B111-3C89040BC027} => key not found.
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\SDECon32 => key removed successfully
HKLM\Software\Classes\CLSID\[CC]{44176360-2BBF-4EC1-93CE-384B8681A0BC} => key not found.
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\SDECon64 => key removed successfully
HKLM\Software\Classes\CLSID\[CC]{44176360-2BBF-4EC1-93CE-384B8681A0BC} => key not found.
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Shell Extension for Malware scanning => key removed successfully
HKLM\Software\Classes\CLSID\[CC]{45AC2688-0253-4ED8-97DE-B5370FA7D48A} => key not found.
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\UltraISO => key removed successfully
HKLM\Software\Classes\CLSID\[CC]{AD392E40-428C-459F-961E-9B147782D099} => key not found.
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR => key removed successfully
HKLM\Software\Classes\CLSID\[CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} => key not found.
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR32 => key removed successfully
HKLM\Software\Classes\CLSID\[CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C9DB9AD2-1AD1-4B66-8889-144D39B315FF} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C9DB9AD2-1AD1-4B66-8889-144D39B315FF} => key removed successfully
C:\WINDOWS\System32\Tasks\WINshell Event Notification => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WINshell Event Notification => key removed successfully
Could not move "C:\WINDOWS\SYSTEM32\MSBNWXQ.EXE" => Scheduled to move on reboot.

========================= Folder: C:\WINDOWS\SYSTEM32\DRIVERS ========================

2016-07-16 07:41 - 2016-07-16 07:41 - 000235520 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\1394ohci.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000107360 ____N (LSI) C:\WINDOWS\SYSTEM32\DRIVERS\3ware.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000705888 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\acpi.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000018432 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\AcpiDev.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000126816 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\acpiex.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000012288 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\acpipagr.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000014336 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\acpipmi.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000013312 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\acpitime.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 001135456 ____N (PMC-Sierra) C:\WINDOWS\SYSTEM32\DRIVERS\adp80xx.sys
2016-11-20 14:11 - 2016-11-20 14:11 - 000584032 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\afd.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\agilevpn.sys
2016-11-20 14:11 - 2016-11-20 14:11 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\ahcache.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000123392 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\amdk8.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000120832 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\amdppm.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000083296 ____N (Advanced Micro Devices) C:\WINDOWS\SYSTEM32\DRIVERS\amdsata.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000259424 ____N (AMD Technologies Inc.) C:\WINDOWS\SYSTEM32\DRIVERS\amdsbs.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000026976 ____N (Advanced Micro Devices) C:\WINDOWS\SYSTEM32\DRIVERS\amdxata.sys
2013-07-05 08:59 - 2013-07-05 08:59 - 000497968 _____ (Alps Electric Co., Ltd.) C:\WINDOWS\SYSTEM32\DRIVERS\Apfiltr.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000172896 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\appid.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000015360 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\applockerfltr.sys
2016-11-20 14:11 - 2016-11-20 14:11 - 000127328 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\AppVStrm.sys
2016-07-16 07:43 - 2016-11-20 14:09 - 000157024 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\AppvVemgr.sys
2016-07-16 07:43 - 2016-11-20 14:09 - 000141152 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\AppvVfs.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000131936 ____N (PMC-Sierra, Inc.) C:\WINDOWS\SYSTEM32\DRIVERS\arcsas.sys
2017-08-20 21:25 - 2017-09-01 08:50 - 000320528 _____ (AVAST Software s.r.o.) C:\WINDOWS\SYSTEM32\DRIVERS\aswbidsdrivera.sys
2017-08-20 21:25 - 2017-09-01 08:50 - 000198976 _____ (AVAST Software s.r.o.) C:\WINDOWS\SYSTEM32\DRIVERS\aswbidsha.sys
2017-08-20 21:25 - 2017-09-01 08:50 - 000343296 _____ (AVAST Software s.r.o.) C:\WINDOWS\SYSTEM32\DRIVERS\aswbloga.sys
2017-08-20 21:25 - 2017-09-01 08:50 - 000057736 _____ (AVAST Software s.r.o.) C:\WINDOWS\SYSTEM32\DRIVERS\aswbuniva.sys
2017-08-20 21:25 - 2017-09-01 08:51 - 000047016 _____ (AVAST Software) C:\WINDOWS\SYSTEM32\DRIVERS\aswHwid.sys
2017-08-20 21:25 - 2017-09-01 08:51 - 000041832 _____ (AVAST Software) C:\WINDOWS\SYSTEM32\DRIVERS\aswKbd.sys
2017-08-20 21:25 - 2017-09-01 08:51 - 000147784 _____ (AVAST Software) C:\WINDOWS\SYSTEM32\DRIVERS\aswMonFlt.sys
2017-08-20 21:25 - 2017-08-21 22:20 - 000146664 _____ (AVAST Software) C:\WINDOWS\SYSTEM32\DRIVERS\aswmonflt.sys.150336857756203
2017-08-21 22:21 - 2017-09-01 08:50 - 000555072 _____ (AVAST Software) C:\WINDOWS\SYSTEM32\DRIVERS\aswNetSec.sys
2017-08-20 21:25 - 2017-09-01 08:51 - 000110376 _____ (AVAST Software) C:\WINDOWS\SYSTEM32\DRIVERS\aswRdr2.sys
2017-08-20 21:25 - 2017-09-01 08:51 - 000084416 _____ (AVAST Software) C:\WINDOWS\SYSTEM32\DRIVERS\aswRvrt.sys
2017-08-20 21:25 - 2017-09-01 08:51 - 001016384 _____ (AVAST Software) C:\WINDOWS\SYSTEM32\DRIVERS\aswSnx.sys
2017-08-20 21:25 - 2017-09-01 08:51 - 000590880 _____ (AVAST Software) C:\WINDOWS\SYSTEM32\DRIVERS\aswSP.sys
2017-08-20 21:25 - 2017-09-01 08:51 - 000199312 _____ (AVAST Software) C:\WINDOWS\SYSTEM32\DRIVERS\aswStm.sys
2017-08-20 21:25 - 2017-09-01 08:51 - 000361336 _____ (AVAST Software) C:\WINDOWS\SYSTEM32\DRIVERS\aswVmm.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000028160 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\asyncmac.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000028512 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\atapi.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000191840 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\ataport.sys
2016-05-19 09:33 - 2016-05-19 09:33 - 000246804 _____ () C:\WINDOWS\SYSTEM32\DRIVERS\AtherosBT.bin
2016-05-19 09:33 - 2016-05-19 09:33 - 000044028 _____ () C:\WINDOWS\SYSTEM32\DRIVERS\AthrBT_0x01020200.dfu
2016-05-19 09:33 - 2016-05-19 09:33 - 000045868 _____ () C:\WINDOWS\SYSTEM32\DRIVERS\AthrBT_0x01020201.dfu
2016-05-19 09:33 - 2016-05-19 09:33 - 000046972 _____ () C:\WINDOWS\SYSTEM32\DRIVERS\AthrBT_0x11020000.dfu
2016-05-19 09:33 - 2016-05-19 09:33 - 000046852 _____ () C:\WINDOWS\SYSTEM32\DRIVERS\AthrBT_0x11020100.dfu
2016-05-19 09:33 - 2016-05-19 09:33 - 000046908 _____ () C:\WINDOWS\SYSTEM32\DRIVERS\AthrBT_0x31010000.dfu
2016-05-19 09:33 - 2016-05-19 09:33 - 000040684 _____ () C:\WINDOWS\SYSTEM32\DRIVERS\AthrBT_0x31010000_ss01.dfu
2016-05-19 09:33 - 2016-05-19 09:33 - 000042908 _____ () C:\WINDOWS\SYSTEM32\DRIVERS\AthrBT_0x31010100.dfu
2017-08-21 04:18 - 2017-08-21 04:18 - 004318648 _____ (Qualcomm Atheros Communications, Inc.) C:\WINDOWS\SYSTEM32\DRIVERS\athw10x.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 004233728 ____N (Qualcomm Atheros Communications, Inc.) C:\WINDOWS\SYSTEM32\DRIVERS\athw8x.sys
2017-08-15 13:51 - 2017-08-15 13:41 - 000060920 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\SYSTEM32\DRIVERS\avdevprot.sys
2017-08-15 12:29 - 2017-08-15 13:41 - 000173784 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\SYSTEM32\DRIVERS\avgntflt.sys
2017-08-15 12:29 - 2017-08-15 13:41 - 000167464 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\SYSTEM32\DRIVERS\avipbb.sys
2017-08-15 12:29 - 2017-08-15 13:41 - 000044488 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\SYSTEM32\DRIVERS\avkmgr.sys
2017-08-15 12:29 - 2017-08-15 13:41 - 000088488 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\SYSTEM32\DRIVERS\avnetflt.sys
2017-08-15 12:29 - 2017-08-15 13:41 - 000038048 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\SYSTEM32\DRIVERS\avusbflt.sys
2017-05-27 21:46 - 2017-03-28 01:36 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\BasicDisplay.sys
2017-07-09 10:39 - 2017-06-03 05:15 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\BasicRender.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000036192 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\battc.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000009728 ____N (Windows ® Win 7 DDK provider) C:\WINDOWS\SYSTEM32\DRIVERS\bcmfn.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000009728 ____N (Windows ® Win 7 DDK provider) C:\WINDOWS\SYSTEM32\DRIVERS\bcmfn2.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000009728 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\beep.sys
2016-11-20 14:11 - 2016-11-20 14:11 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\bowser.sys
2017-07-15 16:40 - 2017-07-07 02:49 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\bridge.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000022016 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\BtaMPM.sys
2016-07-13 17:47 - 2017-08-21 04:23 - 000608664 _____ (Qualcomm Atheros) C:\WINDOWS\SYSTEM32\DRIVERS\btfilter.sys
2016-11-20 14:10 - 2016-11-20 14:10 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\BthA2DP.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000043008 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\BthAvrcpTg.sys
2016-11-20 14:10 - 2016-11-20 14:10 - 000114176 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\bthenum.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000065536 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\bthhfenum.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000031232 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\BthhfHid.sys
2017-08-12 09:06 - 2017-07-12 01:21 - 000250880 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\BthLEEnum.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000066048 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\bthmodem.sys
2017-07-15 16:38 - 2017-07-07 02:47 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\bthpan.sys
2017-05-27 21:46 - 2017-04-27 19:54 - 000967680 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\bthport.sys
2016-11-20 14:10 - 2016-11-20 14:10 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\BTHUSB.SYS
2016-07-16 07:41 - 2016-07-16 07:41 - 000038912 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\buttonconverter.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000533856 ____N (QLogic Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\bxvbda.sys
2016-11-20 14:10 - 2016-11-20 14:10 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\capimg.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000092160 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\cdfs.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000173056 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\cdrom.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000076640 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\CEA.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000102752 ____N (Chelsio Communications) C:\WINDOWS\SYSTEM32\DRIVERS\cht4dx64.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000346976 ____N (Chelsio Communications) C:\WINDOWS\SYSTEM32\DRIVERS\cht4sx64.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 002104160 ____N (Chelsio Communications) C:\WINDOWS\SYSTEM32\DRIVERS\cht4vx64.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000048640 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\circlass.sys
2017-05-27 21:47 - 2017-03-04 03:20 - 000379744 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\Classpnp.sys
2017-08-12 09:07 - 2017-08-01 15:29 - 000376672 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\clfs.sys
2016-11-20 14:10 - 2016-11-20 14:10 - 000681304 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\ClipSp.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000029696 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\CmBatt.sys
2016-11-20 14:11 - 2016-11-20 14:11 - 000023392 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\cmimcext.sys
2017-08-12 09:08 - 2017-08-01 15:21 - 000624048 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\cng.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000038752 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\cnghwassist.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000053088 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\condrv.sys
2016-11-20 14:11 - 2016-11-20 14:11 - 000079200 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\crashdmp.sys
2017-05-27 21:49 - 2017-03-04 02:19 - 000552960 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\csc.sys
2012-08-05 22:42 - 2012-08-05 22:42 - 000041328 _____ (Cirrus Logic) C:\WINDOWS\SYSTEM32\DRIVERS\CSLFDx64.sys
2012-08-05 22:42 - 2012-08-05 22:42 - 000014704 _____ (Cirrus Logic) C:\WINDOWS\SYSTEM32\DRIVERS\CSUFDx64.sys
2017-05-27 21:47 - 2017-03-04 03:15 - 000063328 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\dam.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000057856 _____ (Microsoft Corp.) C:\WINDOWS\SYSTEM32\DRIVERS\dc1-controller.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\devauthe.sys
2017-07-15 16:39 - 2017-06-21 02:58 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\dfsc.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000101720 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\disk.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000038240 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\Diskdump.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000014336 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\Dmpusbstor.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000035840 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\dmvsc.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000097280 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\drmk.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000016168 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\drmkaud.sys
2017-08-10 20:49 - 2017-08-10 20:49 - 000030264 _____ (Disc Soft Ltd) C:\WINDOWS\SYSTEM32\DRIVERS\dtlitescsibus.sys
2017-08-10 14:20 - 2017-08-10 14:20 - 000030264 _____ (Disc Soft Ltd) C:\WINDOWS\SYSTEM32\DRIVERS\dtproscsibus.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000035680 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\Dumpata.sys
2016-07-16 07:44 - 2016-07-16 07:44 - 000089560 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\dumpfve.sys
2017-07-09 10:39 - 2017-06-03 05:54 - 000187232 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\dumpsd.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000031744 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\dumpsdport.sys
2013-08-10 16:56 - 2013-08-10 16:56 - 000102176 ____N () C:\WINDOWS\SYSTEM32\DRIVERS\dumqtsye.sys
2017-08-12 09:08 - 2017-07-12 02:02 - 002186592 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\dxgkrnl.sys
2017-08-12 09:08 - 2017-07-12 02:02 - 000402776 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\dxgmms1.sys
2017-05-27 21:48 - 2017-03-04 03:09 - 000658784 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\dxgmms2.sys
2017-08-14 21:34 - 2017-08-14 21:34 - 000077184 _____ (IAPH2V) C:\WINDOWS\SYSTEM32\DRIVERS\ec94b695309b8e8e83d246afdb96bfe2.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000088416 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\EhStorClass.sys
2016-11-20 14:10 - 2016-11-20 14:10 - 000118112 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\EhStorTcgDrv.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000013312 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\errdev.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 003418976 ____N (QLogic Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\evbda.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000334848 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\exfat.sys
2017-05-27 21:47 - 2016-11-11 06:13 - 000352096 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\fastfat.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000032256 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\fdc.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000088576 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\filecrypt.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000085344 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\fileinfo.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000035840 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\filetrace.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000026112 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\flpydisk.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000377696 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\fltMgr.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000031584 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\fs_rec.sys
2017-05-27 21:47 - 2017-04-27 20:44 - 000062816 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\fsdepends.sys
2016-11-20 14:11 - 2016-11-20 14:11 - 000649568 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\fvevol.sys
2017-05-27 21:49 - 2017-03-04 03:17 - 000409952 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\FWPKCLNT.SYS
2016-07-16 07:41 - 2016-07-16 07:41 - 000020480 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\genericusbfn.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 003440660 ____N () C:\WINDOWS\SYSTEM32\DRIVERS\gm.dls
2016-07-16 07:42 - 2016-07-16 07:42 - 000000646 ____N () C:\WINDOWS\SYSTEM32\DRIVERS\gmreadme.txt
2016-07-16 07:42 - 2016-07-16 07:42 - 000008192 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\gpuenergydrv.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000083456 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\hdaudbus.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000410624 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\HdAudio.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000036704 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\hidbatt.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\hidbth.sys
2016-11-20 14:10 - 2016-11-20 14:10 - 000156672 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\hidclass.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000051200 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\hidi2c.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000050016 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\hidinterrupt.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000046592 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\hidir.sys
2016-11-20 14:10 - 2016-11-20 14:10 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\hidparse.sys
2016-11-20 14:10 - 2016-11-20 14:10 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\hidusb.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000064352 ____N (Hewlett-Packard Company) C:\WINDOWS\SYSTEM32\DRIVERS\HpSAMD.sys
2017-08-12 09:07 - 2017-08-01 15:13 - 001102176 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\http.sys
2016-11-20 14:11 - 2016-11-20 14:11 - 000073568 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\hvservice.sys
2017-05-27 21:46 - 2017-03-04 03:07 - 000110944 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\hvsocket.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000029536 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\hwpolicy.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000016384 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\hyperkbd.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000114176 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\i8042prt.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000033280 ____N (Intel® Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\iagpio.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000081408 ____N (Intel® Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\iai2c.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000064512 ____N (Intel Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\iaLPSS2i_GPIO2.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000176384 ____N (Intel Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\iaLPSS2i_I2C.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000038128 ____N (Intel Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\iaLPSSi_GPIO.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000113152 ____N (Intel Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\iaLPSSi_I2C.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000673120 ____N (Intel Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\iaStorAV.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000412000 ____N (Intel Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\iaStorV.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000526176 ____N (Mellanox) C:\WINDOWS\SYSTEM32\DRIVERS\ibbus.sys
2017-04-27 11:33 - 2016-10-17 11:35 - 000223464 ____N (Tonec Inc.) C:\WINDOWS\SYSTEM32\DRIVERS\idmwfp.sys
2017-03-09 01:16 - 2017-03-09 01:16 - 005382856 _____ (Intel Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\igdkmd64.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000035840 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\IndirectKmd.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000019296 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\intelide.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000048152 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\intelpep.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000134144 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\intelppm.sys
2016-11-20 14:10 - 2016-11-20 14:10 - 000048992 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\iorate.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000085504 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\ipfltdrv.sys
2017-05-27 21:46 - 2017-03-04 03:24 - 000090976 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\IPMIDrv.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000212480 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\ipnat.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000120320 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\irda.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000019456 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\irenum.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000022880 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\isapnp.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000062304 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\kbdclass.sys
2016-11-20 14:10 - 2016-11-20 14:10 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\kbdhid.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000025088 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\kdnic.sys
2017-05-27 21:48 - 2017-03-04 02:28 - 000394752 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\ks.sys
2017-08-12 09:08 - 2017-08-01 15:32 - 000133984 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\ksecdd.sys
2017-08-12 09:08 - 2017-08-01 15:25 - 000168800 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\ksecpkg.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000026112 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\ksthunk.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000066048 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\lltdio.sys
2017-08-21 02:55 - 2017-09-01 08:52 - 000061304 _____ () C:\WINDOWS\SYSTEM32\DRIVERS\lpsport.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000108896 ____N (LSI Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\lsi_sas.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000105824 ____N (LSI Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\lsi_sas2i.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000101216 ____N (Avago Technologies) C:\WINDOWS\SYSTEM32\DRIVERS\lsi_sas3i.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000082776 ____N (LSI Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\lsi_sss.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000125952 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\luafv.sys
2017-08-28 14:24 - 2017-08-28 14:24 - 000194776 _____ (Malwarebytes) C:\WINDOWS\SYSTEM32\DRIVERS\MBAMSwissArmy.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000022528 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\mcd.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000059744 ____N (Avago Technologies) C:\WINDOWS\SYSTEM32\DRIVERS\megasas.sys
2016-11-20 14:10 - 2016-11-20 14:10 - 000064352 _____ (Avago Technologies) C:\WINDOWS\SYSTEM32\DRIVERS\MegaSas2i.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000575840 ____N (LSI Corporation, Inc.) C:\WINDOWS\SYSTEM32\DRIVERS\megasr.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000842584 ____N (Mellanox) C:\WINDOWS\SYSTEM32\DRIVERS\mlx4_bus.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000048128 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\mmcss.sys
2017-05-27 21:49 - 2016-11-11 05:26 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\modem.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000038400 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\monitor.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000059232 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\mouclass.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000032256 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\mouhid.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000104800 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\mountmgr.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000075776 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\mpsdrv.sys
2016-11-20 14:11 - 2016-11-20 14:11 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\mrxdav.sys
2017-05-27 21:49 - 2017-03-04 03:08 - 000450400 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\mrxsmb.sys
2017-07-15 16:41 - 2017-07-07 02:39 - 000282624 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\mrxsmb10.sys
2017-08-12 09:08 - 2017-07-12 02:00 - 000223072 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\mrxsmb20.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000031232 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\msfs.sys
2017-08-09 14:28 - 2017-08-09 14:28 - 000000000 ____H () C:\WINDOWS\SYSTEM32\DRIVERS\Msft_Kernel_Apfiltr_01009.Wdf
2017-08-15 12:30 - 2017-08-15 12:30 - 000000000 ____H () C:\WINDOWS\SYSTEM32\DRIVERS\Msft_Kernel_avusbflt_01011.Wdf
2017-08-09 14:27 - 2017-08-09 14:27 - 000000000 ____H () C:\WINDOWS\SYSTEM32\DRIVERS\Msft_Kernel_WinUSB_01007.Wdf
2017-08-09 14:27 - 2017-08-09 14:27 - 000000000 ____H () C:\WINDOWS\SYSTEM32\DRIVERS\Msft_User_WpdFs_01_11_00.Wdf
2017-08-09 14:28 - 2017-08-09 14:28 - 000000000 ____H () C:\WINDOWS\SYSTEM32\DRIVERS\Msft_User_WpdMtpDr_01_11_00.Wdf
2016-07-16 07:42 - 2016-07-16 07:42 - 000000003 ____N () C:\WINDOWS\SYSTEM32\DRIVERS\MsftWdf_Kernel_01019_Inbox_Critical.Wdf
2016-07-16 07:42 - 2016-07-16 07:42 - 000000003 ____N () C:\WINDOWS\SYSTEM32\DRIVERS\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2016-07-16 07:42 - 2016-07-16 07:42 - 000168800 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\msgpioclx.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000050528 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\msgpiowin32.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000008704 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\mshidkmdf.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000011776 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\mshidumdf.sys
2013-07-06 13:27 - 2013-07-06 13:27 - 000081696 ____N () C:\WINDOWS\SYSTEM32\DRIVERS\msidntfs.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000018784 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\msisadrv.sys
2017-08-12 09:06 - 2017-07-12 01:56 - 000277856 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\msiscsi.sys
2017-05-27 21:48 - 2017-03-04 02:36 - 000027136 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\mskssrv.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000078336 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\mslldp.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000010752 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\mspclock.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000010752 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\mspqm.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000361312 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\msrpc.sys
2016-07-16 07:43 - 2016-11-20 14:30 - 000179040 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\mssecflt.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000043360 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\mssmbios.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000012800 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\mstee.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000015872 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\MTConfig.sys
2017-07-15 16:40 - 2017-06-21 03:50 - 000126304 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\mup.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000063840 ____N (Marvell Semiconductor, Inc.) C:\WINDOWS\SYSTEM32\DRIVERS\mvumis.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000108896 ____N (Mellanox) C:\WINDOWS\SYSTEM32\DRIVERS\ndfltr.sys
2017-08-12 09:08 - 2017-07-12 02:09 - 001181024 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\ndis.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000050176 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\ndiscap.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000126464 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\NdisImPlatform.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000026112 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\ndistapi.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000063488 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\ndisuio.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000020480 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\NdisVirtualBus.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000189440 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\ndiswan.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000060928 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\ndproxy.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000125440 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\Ndu.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000090624 ____N () C:\WINDOWS\SYSTEM32\DRIVERS\NetAdapterCx.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000057184 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\netbios.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000279040 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\netbt.sys
2017-07-15 16:40 - 2017-07-07 03:37 - 000468320 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\netio.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000068608 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\npfs.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000026624 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\npsvctrig.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000041984 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\nsiproxy.sys
2017-08-12 09:08 - 2017-07-12 02:13 - 002253664 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\ntfs.sys
2016-07-16 07:43 - 2016-07-16 07:43 - 000019296 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\ntosext.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000007168 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\null.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000150368 _____ (NVIDIA Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\nvraid.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000166240 _____ (NVIDIA Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\nvstor.sys
2017-05-27 21:48 - 2017-03-04 02:30 - 000535552 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\nwifi.sys
2017-04-24 18:44 - 2017-04-24 18:44 - 000116888 _____ (O&O Software GmbH) C:\WINDOWS\SYSTEM32\DRIVERS\oodisr.sys
2017-04-24 18:44 - 2017-04-24 18:44 - 000041112 _____ (O&O Software GmbH) C:\WINDOWS\SYSTEM32\DRIVERS\oodisrh.sys
2017-04-24 18:44 - 2017-04-24 18:44 - 000265448 _____ (O&O Software GmbH) C:\WINDOWS\SYSTEM32\DRIVERS\oodivd.sys
2017-04-24 18:44 - 2017-04-24 18:44 - 000053992 _____ (O&O Software GmbH) C:\WINDOWS\SYSTEM32\DRIVERS\oodivdh.sys
2017-08-12 09:08 - 2017-07-12 02:00 - 000160608 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\pacer.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000096768 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\parport.sys
2017-05-27 21:49 - 2017-03-04 03:20 - 000128352 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\partmgr.sys
2017-05-27 21:46 - 2016-12-14 01:18 - 000335712 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\pci.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000016224 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\pciide.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000052576 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\pciidex.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000118112 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\pcmcia.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000051552 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\pcw.sys
2017-07-15 16:41 - 2017-07-07 03:44 - 000108896 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\pdc.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000723968 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\PEAuth.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000058720 ____N (Avago Technologies) C:\WINDOWS\SYSTEM32\DRIVERS\percsas2i.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000061792 ____N (Avago Technologies) C:\WINDOWS\SYSTEM32\DRIVERS\percsas3i.sys
2017-07-13 07:32 - 2017-07-13 07:32 - 000045056 _____ (The OpenVPN Project) C:\WINDOWS\SYSTEM32\DRIVERS\phantomtap.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000366592 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\portcls.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000119808 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\processr.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000048640 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\qwavedrv.sys
2016-05-19 09:33 - 2016-05-19 09:33 - 000001198 _____ () C:\WINDOWS\SYSTEM32\DRIVERS\ramps_0x01020200_26.dfu
2016-05-19 09:33 - 2016-05-19 09:33 - 000001192 _____ () C:\WINDOWS\SYSTEM32\DRIVERS\ramps_0x01020200_26_0x01.dfu
2016-05-19 09:33 - 2016-05-19 09:33 - 000001204 _____ () C:\WINDOWS\SYSTEM32\DRIVERS\ramps_0x01020200_40.dfu
2016-05-19 09:33 - 2016-05-19 09:33 - 000001242 _____ () C:\WINDOWS\SYSTEM32\DRIVERS\ramps_0x01020200_40_0x01.dfu
2016-05-19 09:33 - 2016-05-19 09:33 - 000001204 _____ () C:\WINDOWS\SYSTEM32\DRIVERS\ramps_0x01020200_40_0x02.dfu
2016-05-19 09:33 - 2016-05-19 09:33 - 000001214 _____ () C:\WINDOWS\SYSTEM32\DRIVERS\ramps_0x01020200_40_0x03.dfu
2016-05-19 09:33 - 2016-05-19 09:33 - 000001228 _____ () C:\WINDOWS\SYSTEM32\DRIVERS\ramps_0x01020200_40_0x04.dfu
2016-05-19 09:33 - 2016-05-19 09:33 - 000000264 _____ () C:\WINDOWS\SYSTEM32\DRIVERS\ramps_0x01020201_26.dfu
2016-05-19 09:33 - 2016-05-19 09:33 - 000000264 _____ () C:\WINDOWS\SYSTEM32\DRIVERS\ramps_0x01020201_26_0x01.dfu
2016-05-19 09:33 - 2016-05-19 09:33 - 000000264 _____ () C:\WINDOWS\SYSTEM32\DRIVERS\ramps_0x01020201_40.dfu
2016-05-19 09:33 - 2016-05-19 09:33 - 000000296 _____ () C:\WINDOWS\SYSTEM32\DRIVERS\ramps_0x01020201_40_0x01.dfu
2016-05-19 09:33 - 2016-05-19 09:33 - 000000264 _____ () C:\WINDOWS\SYSTEM32\DRIVERS\ramps_0x01020201_40_0x02.dfu
2016-05-19 09:33 - 2016-05-19 09:33 - 000000264 _____ () C:\WINDOWS\SYSTEM32\DRIVERS\ramps_0x01020201_40_0x03.dfu
2016-05-19 09:33 - 2016-05-19 09:33 - 000000278 _____ () C:\WINDOWS\SYSTEM32\DRIVERS\ramps_0x01020201_40_0x04.dfu
2016-05-19 09:33 - 2016-05-19 09:33 - 000001796 _____ () C:\WINDOWS\SYSTEM32\DRIVERS\ramps_0x11020000_40.dfu
2016-05-19 09:33 - 2016-05-19 09:33 - 000001802 _____ () C:\WINDOWS\SYSTEM32\DRIVERS\ramps_0x11020100_40.dfu
2016-05-19 09:33 - 2016-05-19 09:33 - 000001802 _____ () C:\WINDOWS\SYSTEM32\DRIVERS\ramps_0x11020100_40_nf01.dfu
2016-05-19 09:33 - 2016-05-19 09:33 - 000001802 _____ () C:\WINDOWS\SYSTEM32\DRIVERS\ramps_0x11020100_40_SS01.dfu
2016-05-19 09:33 - 2016-05-19 09:33 - 000001926 _____ () C:\WINDOWS\SYSTEM32\DRIVERS\ramps_0x31010000_40.dfu
2016-05-19 09:33 - 2016-05-19 09:33 - 000001516 _____ () C:\WINDOWS\SYSTEM32\DRIVERS\ramps_0x31010000_40_0x01.dfu
2016-05-19 09:33 - 2016-05-19 09:33 - 000001926 _____ () C:\WINDOWS\SYSTEM32\DRIVERS\ramps_0x31010000_40_0x11.dfu
2016-05-19 09:33 - 2016-05-19 09:33 - 000001516 _____ () C:\WINDOWS\SYSTEM32\DRIVERS\ramps_0x31010000_40_0x12.dfu
2016-05-19 09:33 - 2016-05-19 09:33 - 000001926 _____ () C:\WINDOWS\SYSTEM32\DRIVERS\ramps_0x31010000_40_0x21.dfu
2016-05-19 09:33 - 2016-05-19 09:33 - 000001516 _____ () C:\WINDOWS\SYSTEM32\DRIVERS\ramps_0x31010000_40_0x22.dfu
2016-05-19 09:33 - 2016-05-19 09:33 - 000001926 _____ () C:\WINDOWS\SYSTEM32\DRIVERS\ramps_0x31010000_40_0xf0.dfu
2016-05-19 09:33 - 2016-05-19 09:33 - 000001516 _____ () C:\WINDOWS\SYSTEM32\DRIVERS\ramps_0x31010000_40_0xf1.dfu
2016-05-19 09:33 - 2016-05-19 09:33 - 000001516 _____ () C:\WINDOWS\SYSTEM32\DRIVERS\ramps_0x31010000_40_LV01.dfu
2016-05-19 09:33 - 2016-05-19 09:33 - 000001516 _____ () C:\WINDOWS\SYSTEM32\DRIVERS\ramps_0x31010000_40_SS01.dfu
2016-05-19 09:33 - 2016-05-19 09:33 - 000001922 _____ () C:\WINDOWS\SYSTEM32\DRIVERS\ramps_0x31010100_40.dfu
2016-05-19 09:33 - 2016-05-19 09:33 - 000001512 _____ () C:\WINDOWS\SYSTEM32\DRIVERS\ramps_0x31010100_40_0x01.dfu
2016-07-16 07:42 - 2016-07-16 07:42 - 000017408 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\rasacd.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000104960 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\rasl2tp.sys
2017-05-27 21:49 - 2017-04-27 20:03 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\raspppoe.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000096256 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\raspptp.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000077824 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\rassstp.sys
2017-05-27 21:49 - 2017-04-27 20:38 - 000431968 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\rdbss.sys
2016-07-16 07:41 - 2016-11-20 14:30 - 000026112 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\rdpbus.sys
2016-07-16 07:44 - 2016-11-20 14:30 - 000177152 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\rdpdr.sys
2016-07-16 07:43 - 2016-11-20 14:10 - 000029536 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\rdpvideominiport.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000267104 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\rdyboost.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000928608 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\refsv1.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000070144 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\registry.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000183808 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\rfcomm.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000039936 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\RfxVmt.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000147968 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\rmcast.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000034304 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\RNDISMP.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\rndismp6.sys
2017-07-15 16:41 - 2017-06-21 03:03 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\rootmdm.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000081408 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\rspndr.sys
2017-08-21 04:21 - 2017-08-21 04:21 - 000984032 _____ (Realtek ) C:\WINDOWS\SYSTEM32\DRIVERS\rt640x64.sys
2017-08-23 08:32 - 2017-08-23 08:32 - 000420832 _____ (Realsil Semiconductor Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\RtsUer.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000110432 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\sbp2port.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\scfilter.sys
2017-07-15 16:42 - 2017-06-21 03:52 - 000088416 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\scmbus.sys
2017-08-12 09:09 - 2017-07-12 01:24 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\scmdisk0101.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000173408 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\scsiport.sys
2017-07-09 10:39 - 2017-06-03 06:16 - 000279904 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\sdbus.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000095584 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\sdport.sys
2017-08-12 09:06 - 2017-07-12 02:00 - 000095584 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\sdstor.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000074592 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\SerCx.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000151904 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\SerCx2.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000025088 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\serenum.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000083968 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\serial.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000027648 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\sermouse.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000018432 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\sfloppy.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000044896 ____N (Silicon Integrated Systems Corp.) C:\WINDOWS\SYSTEM32\DRIVERS\sisraid2.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000081760 ____N (Silicon Integrated Systems) C:\WINDOWS\SYSTEM32\DRIVERS\sisraid4.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000022016 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\smclib.sys
2017-08-12 09:06 - 2017-08-01 15:20 - 000557408 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\spaceport.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000079200 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\SpbCx.sys
2017-08-10 16:03 - 2017-08-10 16:58 - 000196152 _____ (Duplex Secure Ltd) C:\WINDOWS\SYSTEM32\DRIVERS\sptd2.sys
2017-05-27 21:49 - 2017-04-27 19:51 - 000409600 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\srv.sys
2017-05-27 21:49 - 2017-04-27 19:51 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\srv2.sys
2016-11-20 14:11 - 2016-11-20 14:11 - 000248320 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\srvnet.sys
2014-01-22 08:52 - 2014-01-22 08:52 - 000026368 _____ (DEVGURU Co., LTD.) C:\WINDOWS\SYSTEM32\DRIVERS\ss_conn_usb_driver.sys
2016-09-05 08:47 - 2017-05-18 22:17 - 000131984 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\SYSTEM32\DRIVERS\ssudbus.sys
2014-01-22 08:52 - 2014-01-22 08:52 - 000036608 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\SYSTEM32\DRIVERS\ssudcdf.sys
2014-01-22 08:52 - 2014-01-22 08:52 - 000206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\SYSTEM32\DRIVERS\ssuddmgr.sys
2016-09-05 08:47 - 2017-05-18 22:17 - 000166288 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\SYSTEM32\DRIVERS\ssudmdm.sys
2014-01-22 08:52 - 2014-01-22 08:52 - 000206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\SYSTEM32\DRIVERS\ssudobex.sys
2016-09-05 08:47 - 2016-09-05 08:47 - 000064640 _____ (QUALCOMM Incorporated) C:\WINDOWS\SYSTEM32\DRIVERS\ssudqcfilter.sys
2014-01-22 08:52 - 2014-01-22 08:52 - 000070400 _____ (DEVGURU Co., LTD.) C:\WINDOWS\SYSTEM32\DRIVERS\ssudrmnet.sys
2014-01-22 08:52 - 2014-01-22 08:52 - 000206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\SYSTEM32\DRIVERS\ssudserd.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000031072 ____N (Promise Technology, Inc.) C:\WINDOWS\SYSTEM32\DRIVERS\stexstor.sys
2017-05-27 21:50 - 2017-03-04 03:08 - 000130912 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\storahci.sys
2017-08-12 09:09 - 2017-07-12 02:17 - 000081760 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\stornvme.sys
2017-07-09 10:39 - 2017-06-03 05:49 - 000509280 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\storport.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000078336 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\storqosflt.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000032096 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\storufs.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000036192 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\storvsc.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000074240 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\stream.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000017760 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\swenum.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000064000 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\Synth3dVsc.sys
2016-04-21 05:10 - 2016-04-21 05:10 - 000027136 _____ (The OpenVPN Project) C:\WINDOWS\SYSTEM32\DRIVERS\tap0901.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000030720 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\tape.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000026976 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\tbs.sys
2017-08-12 09:09 - 2017-08-01 15:13 - 002532192 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\tcpip.sys
2017-07-15 16:40 - 2017-07-07 02:46 - 000052224 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\tcpipreg.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000040288 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\tdi.sys
2017-08-12 09:09 - 2017-08-01 15:27 - 000118112 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\tdx.sys
2017-08-22 15:32 - 2016-11-28 06:55 - 000035112 _____ (TeamViewer GmbH) C:\WINDOWS\SYSTEM32\DRIVERS\teamviewervpn.sys
2016-01-20 01:50 - 2016-01-20 01:50 - 000202032 _____ (Intel Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\TeeDriverW8x64.sys
2016-07-16 07:41 - 2016-11-20 14:30 - 000038752 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\terminpt.sys
2017-07-09 10:39 - 2017-06-03 06:11 - 000128864 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\tm.sys
2017-05-27 21:46 - 2016-11-11 06:00 - 000219488 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\tpm.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000061440 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\TsUsbFlt.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000034304 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\TsUsbGD.sys
2016-07-16 07:41 - 2016-11-20 14:30 - 000123392 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\tsusbhub.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000158208 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\tunnel.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000077152 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\uaspstor.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000095744 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\UcmCx.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000108544 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\UcmTcpciCx.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000050688 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\UcmUcsi.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000210272 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\Ucx01000.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000045568 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\Udecx.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000320000 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\udfs.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000028512 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\uefi.sys
2016-07-16 07:43 - 2016-11-20 14:30 - 000040288 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\UevAgentDriver.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000263008 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\ufx01000.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000096608 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\UfxChipidea.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000137056 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\ufxsynopsys.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000056832 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\umbus.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000013824 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\umpass.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000028512 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\urschipidea.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000057696 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\urscx01000.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000027488 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\urssynopsys.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000023040 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\usb8023.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\usb80236.sys
2016-12-21 13:20 - 2016-12-21 13:20 - 000054784 _____ (Apple, Inc.) C:\WINDOWS\SYSTEM32\DRIVERS\usbaapl64.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000132096 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\USBAUDIO.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000036864 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\USBCAMD2.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000169312 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\usbccgp.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000102400 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\usbcir.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000032608 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\usbd.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000096096 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\usbehci.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000501088 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\usbhub.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000535904 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\USBHUB3.SYS
2016-07-16 07:41 - 2016-07-16 07:41 - 000030208 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\usbohci.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000455520 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\usbport.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000027648 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\usbprint.sys
2016-07-16 07:43 - 2016-07-16 07:43 - 000032256 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\usbrpm.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000069120 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\usbser.sys
2017-07-15 16:38 - 2017-06-21 03:36 - 000129888 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\USBSTOR.SYS
2016-07-16 07:41 - 2016-07-16 07:41 - 000035328 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\usbuhci.sys
2016-11-20 14:10 - 2016-11-20 14:10 - 000226816 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\usbvideo.sys
2017-07-09 10:39 - 2017-06-03 05:50 - 000381792 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\USBXHCI.SYS
2016-07-16 07:41 - 2016-07-16 07:41 - 000053088 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\vdrvroot.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000201056 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\VerifierExt.sys
2017-08-12 09:06 - 2017-07-12 02:01 - 000715104 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\vhdmp.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000032256 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\vhf.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000050176 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\videoprt.sys
2017-08-12 09:06 - 2017-08-01 15:20 - 000079712 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\vmbkmcl.sys
2017-08-12 09:06 - 2017-08-01 14:52 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\vmbkmclr.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000104288 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\vmbus.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000025088 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\VMBusHID.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000013312 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\vmgencounter.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000010240 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\vmgid.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000009216 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\vms3cap.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000046944 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\vmstorfl.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000080224 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\volmgr.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000367456 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\volmgrx.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000391520 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\volsnap.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000016224 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\volume.sys
2016-11-20 14:10 - 2016-11-20 14:10 - 000074080 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\vpci.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000166752 ____N (VIA Technologies Inc.,Ltd) C:\WINDOWS\SYSTEM32\DRIVERS\vsmraid.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000305504 ____N (VIA Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\VSTXRAID.SYS
2016-07-16 07:42 - 2016-07-16 07:42 - 000026624 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\vwifibus.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000073216 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\vwififlt.sys
2017-05-27 21:50 - 2017-04-27 20:02 - 000040448 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\vwifimp.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000030208 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\wacompen.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000079872 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\wanarp.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000056320 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\watchdog.sys
2016-11-20 14:11 - 2016-11-20 14:11 - 000119648 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\wcifs.sys
2017-08-12 09:07 - 2017-07-12 01:25 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\wcnfs.sys
2016-07-16 07:43 - 2016-07-16 07:43 - 000044056 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\WdBoot.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000861296 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\Wdf01000.sys
2016-07-16 07:43 - 2016-07-16 07:43 - 000290144 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\WdFilter.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000061040 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\WdfLdr.sys
2017-07-15 16:40 - 2017-06-21 02:56 - 000719872 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\WdiWiFi.sys
2016-07-16 07:43 - 2016-07-16 07:43 - 000123232 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\WdNisDrv.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000039776 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\werkernel.sys
2017-08-12 09:08 - 2017-07-12 02:01 - 000156000 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\wfplwfs.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000035680 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\wimmount.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000107032 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\WindowsTrustedRT.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000017944 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\WindowsTrustedRTProxy.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000031584 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\winhv.sys
2016-11-20 14:10 - 2016-11-20 14:10 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\winhvr.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000032096 ____N (Mellanox) C:\WINDOWS\SYSTEM32\DRIVERS\winmad.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\winusb.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000064864 ____N (Mellanox) C:\WINDOWS\SYSTEM32\DRIVERS\winverbs.sys
2016-07-16 07:41 - 2016-07-16 07:41 - 000018432 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\wmiacpi.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000020320 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\wmilib.sys
2016-11-20 14:05 - 2016-11-20 14:05 - 000199008 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\wof.sys
2016-07-16 07:44 - 2016-07-16 07:44 - 000030560 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\WpdUpFltr.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000031584 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\WppRecorder.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000022528 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\ws2ifsl.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000099328 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\WUDFPf.sys
2016-07-16 07:42 - 2016-07-16 07:42 - 000216064 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\WUDFRd.sys
2017-05-27 21:46 - 2017-03-04 02:34 - 000258560 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\xboxgip.sys
2016-11-20 14:10 - 2016-11-20 14:10 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\xinputhid.sys
2017-08-09 18:08 - 2017-08-13 03:45 - 000000000 ____D () C:\WINDOWS\SYSTEM32\DRIVERS\en-US
2016-11-20 14:03 - 2016-11-20 14:03 - 000012288 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\1394ohci.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000010752 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\acpi.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000022528 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\afd.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000004096 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\agilevpn.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000014848 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\amdk8.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000014848 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\amdppm.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000007680 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\ataport.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000008192 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\battc.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000003072 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\BthAvrcpTg.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000003072 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\bthenum.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000003584 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\bthhfenum.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000002560 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\BthhfHid.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000013824 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\BthLEEnum.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000004096 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\BthMini.SYS.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000005120 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\bthpan.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000015872 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\bthport.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000003584 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\BTHUSB.SYS.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000003072 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\cdrom.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000006144 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\disk.sys.mui
2016-11-20 14:04 - 2016-11-20 14:04 - 000004608 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\dmvsc.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000007168 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\dumpsd.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000008704 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\EhStorTcgDrv.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000005632 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\fltmgr.sys.mui
2016-11-20 14:04 - 2016-11-20 14:04 - 000022528 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\fvevol.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000008192 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\fwpkclnt.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000005120 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\hidbth.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000006656 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\hidclass.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000004096 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\hidi2c.sys.mui
2017-08-12 09:07 - 2017-07-12 01:49 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\http.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000018432 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\hvservice.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000010752 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\i8042prt.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000003072 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\IndirectKmd.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000014848 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\intelppm.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000002560 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\iorate.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000006144 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\IPMIDrv.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000004608 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\ipnat.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000004096 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\isapnp.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000004608 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\kbdclass.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000003072 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\kbdhid.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000003072 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\ks.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000007168 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\luafv.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000004096 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\modem.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000004608 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\mouclass.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000003072 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\mouhid.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000003072 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\mountmgr.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000062464 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\mrxsmb.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000002560 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\msgpiowin32.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000003072 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\mshidkmdf.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000003072 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\mshidumdf.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000009216 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\mslldp.sys.mui
2016-11-20 14:04 - 2016-11-20 14:04 - 000003072 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\mssecflt.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000003584 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\mssmbios.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000003072 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\MTConfig.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000013312 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\mup.sys.mui
2017-05-27 21:49 - 2017-03-04 03:18 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\ndis.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000006656 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\ndiscap.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000011776 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\NdisImPlatform.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000003584 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\ndisuio.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000002560 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\NdisVirtualBus.sys.mui
2016-11-20 14:04 - 2016-11-20 14:04 - 000009216 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\netvsc.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000099328 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\ntfs.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000014848 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\nwifi.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000017920 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\pacer.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000004096 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\parport.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000003072 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\partmgr.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000008704 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\pci.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000004608 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\pcmcia.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000002560 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\pdc.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000003072 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\pnpmem.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000014848 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\processr.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000003072 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\qwavedrv.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000006144 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\rdbss.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000003072 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\rdpdr.sys.mui
2016-11-20 14:04 - 2016-11-20 14:04 - 000008192 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\rdvgkmd.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000008704 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\refsv1.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000003072 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\rfcomm.sys.mui
2016-11-20 14:04 - 2016-11-20 14:04 - 000003072 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\rfxvmt.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000003584 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\RNDISMP.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000003584 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\rndismp6.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000003584 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\rndismpx.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000003072 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\scfilter.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000004096 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\scmbus.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000019456 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\scmdisk0101.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000003584 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\scsiport.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000007168 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\sdbus.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000003584 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\sdstor.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000004096 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\sercx.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000009216 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\sercx2.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000010752 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\serial.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000005632 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\sermouse.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000003072 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\serscan.sys.mui
2016-11-20 14:10 - 2016-11-20 14:10 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\spaceport.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000004608 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\spbcx.sys.mui
2016-11-20 14:04 - 2016-11-20 14:04 - 000003072 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\srv.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000078848 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\srv2.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000009216 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\storqosflt.sys.mui
2016-11-20 14:04 - 2016-11-20 14:04 - 000008704 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\synth3dvsc.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000109568 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\tcpip.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000008704 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\tpm.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000003584 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\tsusbflt.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000004608 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\tsusbhub.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000008192 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\tunnel.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000012800 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\ucx01000.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000003584 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\umbus.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000003584 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\usbehci.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000014848 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\usbhub.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000022016 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\USBHUB3.SYS.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000026624 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\usbport.sys.mui
2016-11-20 14:04 - 2016-11-20 14:04 - 000002560 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\usbrpm.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000003072 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\usbstor.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000003072 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\usbvideo.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000015360 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\USBXHCI.SYS.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000011264 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\vdrvroot.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000011264 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\vhdmp.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000003072 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\vhf.sys.mui
2016-11-20 14:04 - 2016-11-20 14:04 - 000003072 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\vmbus.sys.mui
2016-11-20 14:04 - 2016-11-20 14:04 - 000006144 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\vmstorfl.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000002560 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\volmgr.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000003072 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\volmgrx.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000004608 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\wacompen.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000003584 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\wdf01000.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000003584 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\wfplwfs.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000015872 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\wmbclass.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000005632 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\wof.sys.mui
2016-11-20 14:04 - 2016-11-20 14:04 - 000002560 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\WpdUpFltr.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000002560 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\ws2ifsl.sys.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000003072 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\en-US\wudfpf.sys.mui
2017-08-09 18:01 - 2017-08-22 10:31 - 000000000 ____D () C:\WINDOWS\SYSTEM32\DRIVERS\etc
2017-08-09 18:01 - 2017-08-28 07:17 - 000455044 ____N () C:\WINDOWS\SYSTEM32\DRIVERS\etc\hosts
2017-08-21 18:33 - 2017-08-17 21:19 - 000014415 _____ () C:\WINDOWS\SYSTEM32\DRIVERS\etc\hosts.20170821-183303.backup
2017-08-21 19:54 - 2017-08-21 18:33 - 000468031 ____R () C:\WINDOWS\SYSTEM32\DRIVERS\etc\hosts.20170821-195430.backup
2017-08-21 19:54 - 2017-08-21 19:54 - 000467705 ____R () C:\WINDOWS\SYSTEM32\DRIVERS\etc\hosts.20170821-195431.backup
2017-08-21 19:54 - 2017-08-21 19:54 - 000467235 ____R () C:\WINDOWS\SYSTEM32\DRIVERS\etc\hosts.20170821-195432.backup
2017-08-21 19:54 - 2017-08-21 19:54 - 000466745 _____ () C:\WINDOWS\SYSTEM32\DRIVERS\etc\hosts.20170821-195433.backup
2017-08-21 19:54 - 2017-08-21 19:54 - 000466745 _____ () C:\WINDOWS\SYSTEM32\DRIVERS\etc\hosts.20170821-195434.backup
2017-08-21 19:54 - 2017-08-21 19:54 - 000466706 ____R () C:\WINDOWS\SYSTEM32\DRIVERS\etc\hosts.20170821-195435.backup
2017-08-21 19:54 - 2017-08-21 19:54 - 000466706 _____ () C:\WINDOWS\SYSTEM32\DRIVERS\etc\hosts.20170821-195436.backup
2017-08-21 19:54 - 2017-08-21 19:54 - 000466661 ____R () C:\WINDOWS\SYSTEM32\DRIVERS\etc\hosts.20170821-195437.backup
2017-08-21 19:54 - 2017-08-21 19:54 - 000466544 ____R () C:\WINDOWS\SYSTEM32\DRIVERS\etc\hosts.20170821-195438.backup
2017-08-21 19:54 - 2017-08-21 19:54 - 000465971 ____R () C:\WINDOWS\SYSTEM32\DRIVERS\etc\hosts.20170821-195439.backup
2017-08-21 19:54 - 2017-08-21 19:54 - 000465319 ____R () C:\WINDOWS\SYSTEM32\DRIVERS\etc\hosts.20170821-195440.backup
2017-08-21 19:54 - 2017-08-21 19:54 - 000464701 ____R () C:\WINDOWS\SYSTEM32\DRIVERS\etc\hosts.20170821-195441.backup
2017-08-21 19:54 - 2017-08-21 19:54 - 000464133 ____R () C:\WINDOWS\SYSTEM32\DRIVERS\etc\hosts.20170821-195442.backup
2017-08-21 19:54 - 2017-08-21 19:54 - 000463650 ____R () C:\WINDOWS\SYSTEM32\DRIVERS\etc\hosts.20170821-195448.backup
2017-08-21 19:54 - 2017-08-21 19:54 - 000463583 ____R () C:\WINDOWS\SYSTEM32\DRIVERS\etc\hosts.20170821-195449.backup
2017-08-21 19:54 - 2017-08-21 19:54 - 000463466 ____R () C:\WINDOWS\SYSTEM32\DRIVERS\etc\hosts.20170821-195450.backup
2017-08-21 19:54 - 2017-08-21 19:54 - 000462895 ____R () C:\WINDOWS\SYSTEM32\DRIVERS\etc\hosts.20170821-195451.backup
2017-08-21 19:54 - 2017-08-21 19:54 - 000462241 ____R () C:\WINDOWS\SYSTEM32\DRIVERS\etc\hosts.20170821-195452.backup
2017-08-21 19:54 - 2017-08-21 19:54 - 000461668 ____R () C:\WINDOWS\SYSTEM32\DRIVERS\etc\hosts.20170821-195453.backup
2017-08-21 19:54 - 2017-08-21 19:54 - 000461016 ____R () C:\WINDOWS\SYSTEM32\DRIVERS\etc\hosts.20170821-195454.backup
2017-08-21 19:54 - 2017-08-21 19:54 - 000460443 ____R () C:\WINDOWS\SYSTEM32\DRIVERS\etc\hosts.20170821-195458.backup
2017-08-21 20:20 - 2017-08-21 20:20 - 000460406 ____R () C:\WINDOWS\SYSTEM32\DRIVERS\etc\hosts.20170821-202018.backup
2017-08-21 21:43 - 2017-08-21 20:20 - 000460220 ____R () C:\WINDOWS\SYSTEM32\DRIVERS\etc\hosts.20170821-214323.backup
2017-08-21 21:43 - 2017-08-21 21:43 - 000460100 ____R () C:\WINDOWS\SYSTEM32\DRIVERS\etc\hosts.20170821-214324.backup
2017-08-21 21:43 - 2017-08-21 21:43 - 000460073 ____R () C:\WINDOWS\SYSTEM32\DRIVERS\etc\hosts.20170821-214331.backup
2017-08-10 15:42 - 2017-08-10 15:46 - 000000509 _____ () C:\WINDOWS\SYSTEM32\DRIVERS\etc\hosts.ics
2017-08-09 18:01 - 2017-08-09 17:56 - 000003683 _____ () C:\WINDOWS\SYSTEM32\DRIVERS\etc\lmhosts.sam
2017-08-09 18:01 - 2017-08-09 17:56 - 000000407 _____ () C:\WINDOWS\SYSTEM32\DRIVERS\etc\networks
2017-08-09 18:01 - 2017-08-09 17:56 - 000001358 _____ () C:\WINDOWS\SYSTEM32\DRIVERS\etc\protocol
2017-08-09 18:01 - 2017-08-09 17:56 - 000017463 _____ () C:\WINDOWS\SYSTEM32\DRIVERS\etc\services
2017-08-09 18:01 - 2017-08-13 03:45 - 000000000 ____D () C:\WINDOWS\SYSTEM32\DRIVERS\UMDF
2016-07-16 07:41 - 2016-07-16 07:41 - 000086016 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\UMDF\EhStorPwdDrv.dll
2016-07-16 07:41 - 2016-07-16 07:41 - 000060928 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\UMDF\HidBthLE.dll
2016-07-16 07:42 - 2016-07-16 07:42 - 000158720 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\UMDF\IddCx.dll
2016-07-16 07:42 - 2016-07-16 07:42 - 000701440 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\UMDF\NfcCx.dll
2016-07-16 07:42 - 2016-07-16 07:42 - 000027136 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\UMDF\PosCx.dll
2016-07-16 07:42 - 2016-07-16 07:42 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\UMDF\SensorsCx.dll
2016-07-16 07:42 - 2016-07-16 07:42 - 000097280 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\UMDF\UcmCx.dll
2017-05-27 21:49 - 2017-04-27 19:34 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\UMDF\usbdr.dll
2016-07-16 07:41 - 2016-07-16 07:41 - 000287232 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\UMDF\WpdFs.dll
2016-07-16 07:41 - 2016-07-16 07:41 - 000947200 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\UMDF\WpdMtpDr.dll
2017-08-09 18:08 - 2017-08-09 18:08 - 000000000 ____D () C:\WINDOWS\SYSTEM32\DRIVERS\UMDF\en-US
2016-11-20 14:03 - 2016-11-20 14:03 - 000004608 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\UMDF\en-US\HidBthLE.dll.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000002560 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\UMDF\en-US\hidscanner.dll.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000007168 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\UMDF\en-US\IddCx.dll.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000010752 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\UMDF\en-US\idtsec.dll.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000010752 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\UMDF\en-US\mgtdyn.dll.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000006656 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\UMDF\en-US\NfcCx.dll.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000002560 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\UMDF\en-US\SensorsCx.dll.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000003584 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\UMDF\en-US\SensorsHid.dll.mui
2016-11-20 14:04 - 2016-11-20 14:04 - 000003072 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\UMDF\en-US\WpdMtpDr.dll.mui
2016-11-20 14:03 - 2016-11-20 14:03 - 000007168 ____N (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DRIVERS\UMDF\en-US\WUDFUsbccidDriver.dll.mui

====== End of Folder: ======

C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

========= RemoveProxy: =========

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-21-1147769443-1841401927-1327021842-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value removed successfully
HKU\S-1-5-21-1147769443-1841401927-1327021842-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-1147769443-1841401927-1327021842-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully


========= End of RemoveProxy: =========


========= netsh advfirewall reset =========

Ok.


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Ok.


========= End of CMD: =========


========= ipconfig /flushdns =========


Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========


========= netsh winsock reset catalog =========


Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.


========= End of CMD: =========


========= netsh int ip reset C:\resettcpip.txt =========

Resetting Global, OK!
Resetting Interface, OK!
Resetting Unicast Address, OK!
Resetting Neighbor, OK!
Resetting Path, OK!
Resetting , failed.
Access is denied.

Resetting , OK!
Restart the computer to complete this action.


========= End of CMD: =========


========= FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i" =========

Failed to clear log Microsoft-Windows-LiveId/Analytic. Access is denied.
Failed to clear log Microsoft-Windows-LiveId/Operational. Access is denied.
Failed to clear log Microsoft-Windows-USBVideo/Analytic. The instance name passed was not recognized as valid by a WMI data provider.

========= End of CMD: =========


========= Bitsadmin /Reset /Allusers =========


BITSADMIN version 3.0
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

Unable to cancel {BDEAF83F-2883-4883-AD94-D23C61F93566}.
Unable to cancel {50858E8F-01C2-4CBF-8C4A-B478CDD55133}.
Unable to cancel {61A8860C-1A9B-4CA1-9C45-7219CEE2C4B0}.
{86D1BC53-CB0C-48B5-9262-1C65BBCE59BC} canceled.
{000EAAE0-58CA-438A-BDFB-60FEF9CFD30E} canceled.
{EE2640D5-F68B-4B8F-84D7-149E476C0FD4} canceled.
{2499BCBE-0CD3-4A57-B8BF-B07910B0B453} canceled.
{7D9DE4B8-FBFD-4739-9469-6DEA8B41E285} canceled.
{E996B293-45DE-452C-A2D5-1113CF5B2560} canceled.
6 out of 9 jobs canceled.

========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 58061 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 36700414 B
Java, Flash, Steam htmlcache => 291 B
Windows/system/drivers => 15391257 B
Edge => 4382061 B
Chrome => 0 B
Firefox => 30145744 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 24963 B
systemprofile32 => 432 B
LocalService => 0 B
NetworkService => 0 B
Justin => 6403153 B
Administrator => 26303 B

RecycleBin => 0 B
EmptyTemp: => 88.8 MB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 01-09-2017 19:18:57)

"C:\WINDOWS\SYSTEM32\MSBNWXQ.EXE" => Could not move

==== End of Fixlog 19:18:58 ====

 

What do i need to do next, thanks for your help so far, please continue with helping me, thank you so much...

Attached Files



#4 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,635 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:11:33 AM

Posted 01 September 2017 - 07:41 PM

We will need to run the fix in the Recovery Environment.

Please download Farbar Recovery Scan Tool and save it to a flash drive.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

Please also download the attached file and save it in the same location the FRST64 is saved in the flash drive.

Insert the USB drive in the infected computer.

Boot to the Recovery Console's Command prompt.

Entry points into the Windows Recovery Environment (WinRE).

You can access WinRE features through the Boot Options menu, which can be launched from Windows in a few different ways:

  • Option 1: From the login screen, click Shutdown, then hold down the Shift key while selecting Restart.
  • Option 2: In Windows 10, select Start > Settings > Update & security > Recovery > under Advanced Startup, click Restart now.
  • Option 3: Boot to recovery media.
  • Option 4: Use a hardware recovery button (or button combination) configured by the OEM (Computer Manufacturer).

After any of these actions is performed, all user sessions are signed off and the Boot Options menu is displayed. The PC will restart into the WinRE and the selected feature is launched.

On the boot options, select Troubleshooting > Advanced Options > Command prompt.

Once in the Command Prompt:

  • In the command window type in notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select "Computer" and find your flash drive letter and close the notepad.
  • In the command window type e:\frst (for x64 bit version type e:\frst64) and press Enter
    Note: Replace letter e with the drive letter of your flash drive.
  • The tool will start to run.
  • When the tool opens click Yes to disclaimer.
  • Press the Fix button.
  • It will make a log (Fixlog.txt) in the flash drive. Please copy and paste it to your reply.

 


No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#5 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,635 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:11:33 AM

Posted 04 September 2017 - 02:31 PM

Are you still with us?


No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#6 jp2130

jp2130
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:11:33 AM

Posted 05 September 2017 - 07:52 PM

Yes unfortunatley my windows 10 crashed and now my repair disk wont work, before this the computer wouldnt let me create backups or anything basically, my security programs wouldnt work or load, found a couple that would but the virus was inside folders thst they wouldnt mess with, also my usb drives became unusable for me to do the last step in the series of replies on this site, now figuring out how to reload windows 10 is proving to be difficult

#7 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,635 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:11:33 AM

Posted 05 September 2017 - 08:48 PM

Enter the BIOS Setup utility. Set Defaults, save and exit. See if that helps.


No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#8 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,635 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:11:33 AM

Posted 12 September 2017 - 03:46 PM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users