Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

vdmlkhu.exe windows process making CPU usage 100% all the time


  • This topic is locked This topic is locked
29 replies to this topic

#1 misomisomiso

misomisomiso

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:35 AM

Posted 23 October 2017 - 02:50 PM

Hi all. Adding onto what the title says, I suspect my ASUS laptop being infected with some type of malware due to how slow it has been acting. I noticed "vdmlkhu.exe" when I open Task Manager, and could not find any info about this process when I googled it, which makes me more suspicious. I have Windows 8.1, and don't do much besides Youtube, and using ArcGIS for school work. I share my laptop with my family, so I am thinking perhaps one of my family members accidentally did/downloaded something that potentially infected our laptop. Other than the laptop running slow, I cannot open Windows Defender. I have tried to remove it on my own (Rkill, Malwarebytes, HitmanPro), but I wasn't successful. Although, these programs did find other forms of malware and were successful in removing it, but "vdmlkhu.exe" still exists, because HitmanPro showed a screen where it said that it failed to remove it, after rebooting (and it's still currently a running process in Task Manager). I could provide the logs from RKill/MB/HitmanPro if needed, but for now I have attached the files generated by FRST.

 

Attached File  FRST.txt   56.62KB   15 downloads

Attached File  Addition.txt   57.85KB   8 downloads

 

Please help me, thank you so much for reading this.



BC AdBot (Login to Remove)

 


#2 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,559 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:12:35 AM

Posted 23 October 2017 - 03:52 PM

Hi

Welcome :)

I'll be helping you with your computer.

Please read this post completely before beginning. If there's anything that you do not understand, please don't hesitate to ask before proceeding.

Please take note of the guidelines for this fix:
  • Please note that I am a volunteer. I do have a family, a career, and other endeavors that may prevent immediate responses that meet your schedule. Do note that the differences in time zones could present a problem as well. Your patience and understanding will be greatly appreciated.
  • First of all, the procedures we are about to perform are specific to your problem and should only be used on this specific computer.
  • Do not make any changes to your computer that include installing/uninstalling programs, deleting files, modifying the registry, nor running scanners or tools of any kind unless specifically requested by me.
  • Please read ALL instructions carefully and perform the steps fully and in the order they are written.
  • If things appear to be better, let me know. Just because the symptoms no longer exist as before, does not mean that you are clean.
  • Continue to read and follow my instructions until I tell you that your machine is clean.
  • If you have any questions at all, please do not hesitate to ask before performing the task that I ask of you, and please wait for my reply before you proceed.
  • Scanning with programs and reading the logs do take a fair amount of time. Again, your patience will be necessary. :)
Let's begin... :)
  • Highlight the entire content of the quote box below.

Start::
FirewallRules: [{BA823A81-F9F9-4509-AD11-50871818A3D4}] => (Allow) LPort=1900
FirewallRules: [{C020560D-B2F6-4AFB-9602-E7FE4F36FA22}] => (Allow) LPort=2869
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
URLSearchHook: [S-1-5-21-783362037-2445262872-3955296449-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10232017145727845] ATTENTION => Default URLSearchHook is missing
CHR Extension: (New XKit) - C:\Users\Connie\AppData\Local\Google\Chrome\User Data\Default\Extensions\inobiceghmpkaklcknpniboilbjmlald [2017-10-01] [UpdateUrl: hxxps://new-xkit.github.io/XKit/Extensions/dist/page/FirefoxUpdate.json] <==== ATTENTION
C:\WINDOWS\system32\drivers\wdbknqtx.sys
C:\Users\Miso\AppData\Local\cwcvpok
Task: {5B3C8B44-549C-477E-9FE6-32643882F3B4} - \Microsoft\Windows\Setup\EOSNotify -> No File <==== ATTENTION
Task: {8520A89B-CC62-4B83-81DC-95D3A85A631D} - \Midtown Maker -> No File <==== ATTENTION
CustomCLSID: HKU\S-1-5-21-783362037-2445262872-3955296449-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10232017145724579_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\Connie\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-783362037-2445262872-3955296449-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10232017145724579_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Connie\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-783362037-2445262872-3955296449-1001_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\Connie\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-783362037-2445262872-3955296449-1001_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Connie\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => No File
Task: {5B3C8B44-549C-477E-9FE6-32643882F3B4} - \Microsoft\Windows\Setup\EOSNotify -> No File <==== ATTENTION
Task: {8520A89B-CC62-4B83-81DC-95D3A85A631D} - \Midtown Maker -> No File <==== ATTENTION
Shortcut: C:\Users\Connie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Int?rnet Ex?l?r?r.lnk -> C:\Users\Connie\AppData\Roaming\Browsers\exe.erolpxei.bat (No File) <==== Cyrillic
Shortcut: C:\Users\Connie\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\G?ogle ?hr?m? (2).lnk -> C:\Users\Connie\AppData\Roaming\Browsers\exe.emorhc.bat (No File) <==== Cyrillic
Shortcut: C:\Users\Connie\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\G?ogle ?hr?m?.lnk -> C:\Users\Connie\AppData\Roaming\Browsers\exe.emorhc.bat (No File) <==== Cyrillic
2017-10-10 19:49 - 2017-10-10 19:49 - 002890043 _____ () C:\Users\Connie\AppData\Local\Temp\body.exe
2017-10-10 20:08 - 2017-10-10 20:08 - 004029848 _____ (Easeware ) C:\Users\Connie\AppData\Local\Temp\FD52.tmp.exe
HOSTS:
Removeproxy:
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: ipconfig /flushdns
CMD: netsh winsock reset catalog
CMD: netsh int ip reset C:\resettcpip.txt
CMD: FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i"
CMD: Bitsadmin /Reset /Allusers
EMPTYTEMP:
Reboot:
End::

  • Right click on the highlighted text and select Copy.
  • Start FRST (FRST64) with Administrator privileges
  • Press the Fix button. FRST will process the lines copied above from the clipboard.
  • When finished, a log file (Fixlog.txt) will pop up and saved in the same location the tool was ran from.
Please copy and paste its contents in your next reply.

Please download Junkware Removal Tool to your Desktop.
  • Please close your security software to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click it and select Run as administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete, depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your Desktop and will automatically open.
  • Please post the contents of JRT.txt into your reply.
Download AdwCleaner from here. Save the file to the desktop.

NOTE: If you are using IE 8 or above you may get a warning that stops the program from downloading. Just click on the warning and allow the download to complete.

Close all open windows and browsers.
  • XP users: Double click the AdwCleaner icon to start the program.
  • Vista/7/8/10 users: Right click the AdwCleaner icon on the desktop, click Run as administrator and accept the UAC prompt to run AdwCleaner.
    You will see the following console:
65MBhLLb.png
  • Click the Scan button and wait for the scan to finish.
  • After the Scan has finished the window may or may not show what it found and above, in the progress bar, you will see: Pending. Please uncheck elements you don't want to remove.
  • Click the Clean button.
  • Everything checked will be moved to Quarantine.
  • When the program has finished cleaning a report appears.Once done it will ask to reboot, allow this
adwcleaner_delete_restart.jpg
  • On reboot a log will be produced please copy / paste that in your next reply. This report is also saved to C:\AdwCleaner\AdwCleaner[C0].txt

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#3 misomisomiso

misomisomiso
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:35 AM

Posted 23 October 2017 - 04:32 PM

Hi

Welcome :)

I'll be helping you with your computer.

Please read this post completely before beginning. If there's anything that you do not understand, please don't hesitate to ask before proceeding.

Please take note of the guidelines for this fix:

  • Please note that I am a volunteer. I do have a family, a career, and other endeavors that may prevent immediate responses that meet your schedule. Do note that the differences in time zones could present a problem as well. Your patience and understanding will be greatly appreciated.
  • First of all, the procedures we are about to perform are specific to your problem and should only be used on this specific computer.
  • Do not make any changes to your computer that include installing/uninstalling programs, deleting files, modifying the registry, nor running scanners or tools of any kind unless specifically requested by me.
  • Please read ALL instructions carefully and perform the steps fully and in the order they are written.
  • If things appear to be better, let me know. Just because the symptoms no longer exist as before, does not mean that you are clean.
  • Continue to read and follow my instructions until I tell you that your machine is clean.
  • If you have any questions at all, please do not hesitate to ask before performing the task that I ask of you, and please wait for my reply before you proceed.
  • Scanning with programs and reading the logs do take a fair amount of time. Again, your patience will be necessary. :)
Let's begin... :)
  • Highlight the entire content of the quote box below.

Start::
FirewallRules: [{BA823A81-F9F9-4509-AD11-50871818A3D4}] => (Allow) LPort=1900
FirewallRules: [{C020560D-B2F6-4AFB-9602-E7FE4F36FA22}] => (Allow) LPort=2869
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
URLSearchHook: [S-1-5-21-783362037-2445262872-3955296449-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10232017145727845] ATTENTION => Default URLSearchHook is missing
CHR Extension: (New XKit) - C:\Users\Connie\AppData\Local\Google\Chrome\User Data\Default\Extensions\inobiceghmpkaklcknpniboilbjmlald [2017-10-01] [UpdateUrl: hxxps://new-xkit.github.io/XKit/Extensions/dist/page/FirefoxUpdate.json] <==== ATTENTION
C:\WINDOWS\system32\drivers\wdbknqtx.sys
C:\Users\Miso\AppData\Local\cwcvpok
Task: {5B3C8B44-549C-477E-9FE6-32643882F3B4} - \Microsoft\Windows\Setup\EOSNotify -> No File <==== ATTENTION
Task: {8520A89B-CC62-4B83-81DC-95D3A85A631D} - \Midtown Maker -> No File <==== ATTENTION
CustomCLSID: HKU\S-1-5-21-783362037-2445262872-3955296449-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10232017145724579_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\Connie\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-783362037-2445262872-3955296449-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10232017145724579_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Connie\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-783362037-2445262872-3955296449-1001_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\Connie\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-783362037-2445262872-3955296449-1001_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Connie\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => No File
Task: {5B3C8B44-549C-477E-9FE6-32643882F3B4} - \Microsoft\Windows\Setup\EOSNotify -> No File <==== ATTENTION
Task: {8520A89B-CC62-4B83-81DC-95D3A85A631D} - \Midtown Maker -> No File <==== ATTENTION
Shortcut: C:\Users\Connie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Int?rnet Ex?l?r?r.lnk -> C:\Users\Connie\AppData\Roaming\Browsers\exe.erolpxei.bat (No File) <==== Cyrillic
Shortcut: C:\Users\Connie\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\G?ogle ?hr?m? (2).lnk -> C:\Users\Connie\AppData\Roaming\Browsers\exe.emorhc.bat (No File) <==== Cyrillic
Shortcut: C:\Users\Connie\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\G?ogle ?hr?m?.lnk -> C:\Users\Connie\AppData\Roaming\Browsers\exe.emorhc.bat (No File) <==== Cyrillic
2017-10-10 19:49 - 2017-10-10 19:49 - 002890043 _____ () C:\Users\Connie\AppData\Local\Temp\body.exe
2017-10-10 20:08 - 2017-10-10 20:08 - 004029848 _____ (Easeware ) C:\Users\Connie\AppData\Local\Temp\FD52.tmp.exe
HOSTS:
Removeproxy:
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: ipconfig /flushdns
CMD: netsh winsock reset catalog
CMD: netsh int ip reset C:\resettcpip.txt
CMD: FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i"
CMD: Bitsadmin /Reset /Allusers
EMPTYTEMP:
Reboot:
End::

  • Right click on the highlighted text and select Copy.
  • Start FRST (FRST64) with Administrator privileges
  • Press the Fix button. FRST will process the lines copied above from the clipboard.
  • When finished, a log file (Fixlog.txt) will pop up and saved in the same location the tool was ran from.
Please copy and paste its contents in your next reply.

Please download Junkware Removal Tool to your Desktop.
  • Please close your security software to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click it and select Run as administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete, depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your Desktop and will automatically open.
  • Please post the contents of JRT.txt into your reply.
Download AdwCleaner from here. Save the file to the desktop.

NOTE: If you are using IE 8 or above you may get a warning that stops the program from downloading. Just click on the warning and allow the download to complete.

Close all open windows and browsers.
  • XP users: Double click the AdwCleaner icon to start the program.
  • Vista/7/8/10 users: Right click the AdwCleaner icon on the desktop, click Run as administrator and accept the UAC prompt to run AdwCleaner.
    You will see the following console:
65MBhLLb.png
  • Click the Scan button and wait for the scan to finish.
  • After the Scan has finished the window may or may not show what it found and above, in the progress bar, you will see: Pending. Please uncheck elements you don't want to remove.
  • Click the Clean button.
  • Everything checked will be moved to Quarantine.
  • When the program has finished cleaning a report appears.Once done it will ask to reboot, allow this
adwcleaner_delete_restart.jpg
  • On reboot a log will be produced please copy / paste that in your next reply. This report is also saved to C:\AdwCleaner\AdwCleaner[C0].txt

 

 

Hi JSntgRvr,

 

Thank you so much for your reply. I have completed the FRST scan, here are the results:

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 23-10-2017 01

Ran by Connie (23-10-2017 17:09:08) Run:4
Running from C:\Users\Connie\Downloads
Loaded Profiles: Connie (Available Profiles: Connie & Miso & Administrator & Guest)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
FirewallRules: [{BA823A81-F9F9-4509-AD11-50871818A3D4}] => (Allow) LPort=1900
FirewallRules: [{C020560D-B2F6-4AFB-9602-E7FE4F36FA22}] => (Allow) LPort=2869
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
URLSearchHook: [S-1-5-21-783362037-2445262872-3955296449-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10232017145727845] ATTENTION => Default URLSearchHook is missing
CHR Extension: (New XKit) - C:\Users\Connie\AppData\Local\Google\Chrome\User Data\Default\Extensions\inobiceghmpkaklcknpniboilbjmlald [2017-10-01] [UpdateUrl: hxxps://new-xkit.github.io/XKit/Extensions/dist/page/FirefoxUpdate.json] <==== ATTENTION
C:\WINDOWS\system32\drivers\wdbknqtx.sys
C:\Users\Miso\AppData\Local\cwcvpok
Task: {5B3C8B44-549C-477E-9FE6-32643882F3B4} - \Microsoft\Windows\Setup\EOSNotify -> No File <==== ATTENTION
Task: {8520A89B-CC62-4B83-81DC-95D3A85A631D} - \Midtown Maker -> No File <==== ATTENTION
CustomCLSID: HKU\S-1-5-21-783362037-2445262872-3955296449-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10232017145724579_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\Connie\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-783362037-2445262872-3955296449-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10232017145724579_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Connie\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-783362037-2445262872-3955296449-1001_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\Connie\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-783362037-2445262872-3955296449-1001_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Connie\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => No File
Task: {5B3C8B44-549C-477E-9FE6-32643882F3B4} - \Microsoft\Windows\Setup\EOSNotify -> No File <==== ATTENTION
Task: {8520A89B-CC62-4B83-81DC-95D3A85A631D} - \Midtown Maker -> No File <==== ATTENTION
Shortcut: C:\Users\Connie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Int?rnet Ex?l?r?r.lnk -> C:\Users\Connie\AppData\Roaming\Browsers\exe.erolpxei.bat (No File) <==== Cyrillic
Shortcut: C:\Users\Connie\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\G?ogle ?hr?m? (2).lnk -> C:\Users\Connie\AppData\Roaming\Browsers\exe.emorhc.bat (No File) <==== Cyrillic
Shortcut: C:\Users\Connie\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\G?ogle ?hr?m?.lnk -> C:\Users\Connie\AppData\Roaming\Browsers\exe.emorhc.bat (No File) <==== Cyrillic
2017-10-10 19:49 - 2017-10-10 19:49 - 002890043 _____ () C:\Users\Connie\AppData\Local\Temp\body.exe
2017-10-10 20:08 - 2017-10-10 20:08 - 004029848 _____ (Easeware ) C:\Users\Connie\AppData\Local\Temp\FD52.tmp.exe
HOSTS:
Removeproxy:
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: ipconfig /flushdns
CMD: netsh winsock reset catalog
CMD: netsh int ip reset C:\resettcpip.txt
CMD: FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i"
CMD: Bitsadmin /Reset /Allusers
EMPTYTEMP:
Reboot:
 
*****************
 
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BA823A81-F9F9-4509-AD11-50871818A3D4} => value not found.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C020560D-B2F6-4AFB-9602-E7FE4F36FA22} => value not found.
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => key not found. 
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => key not found. 
URLSearchHook: [S-1-5-21-783362037-2445262872-3955296449-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10232017145727845] ATTENTION => Default URLSearchHook is missing => Error: No automatic fix found for this entry.
CHR Extension: (New XKit) - C:\Users\Connie\AppData\Local\Google\Chrome\User Data\Default\Extensions\inobiceghmpkaklcknpniboilbjmlald [2017-10-01] [UpdateUrl: hxxps://new-xkit.github.io/XKit/Extensions/dist/page/FirefoxUpdate.json] <==== ATTENTION => Error: No automatic fix found for this entry.
Could not move "C:\WINDOWS\system32\drivers\wdbknqtx.sys" => Scheduled to move on reboot.
 
"C:\Users\Miso\AppData\Local\cwcvpok" folder move:
 
Could not move "C:\Users\Miso\AppData\Local\cwcvpok" => Scheduled to move on reboot.
 
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5B3C8B44-549C-477E-9FE6-32643882F3B4} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5B3C8B44-549C-477E-9FE6-32643882F3B4} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\EOSNotify => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{8520A89B-CC62-4B83-81DC-95D3A85A631D} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8520A89B-CC62-4B83-81DC-95D3A85A631D} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Midtown Maker => key removed successfully
CustomCLSID: HKU\S-1-5-21-783362037-2445262872-3955296449-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10232017145724579_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\Connie\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => No File => Error: No automatic fix found for this entry.
CustomCLSID: HKU\S-1-5-21-783362037-2445262872-3955296449-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10232017145724579_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Connie\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => No File => Error: No automatic fix found for this entry.
HKU\S-1-5-21-783362037-2445262872-3955296449-1001_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04} => key removed successfully
HKU\S-1-5-21-783362037-2445262872-3955296449-1001_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5B3C8B44-549C-477E-9FE6-32643882F3B4} => key not found. 
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\EOSNotify => key not found. 
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8520A89B-CC62-4B83-81DC-95D3A85A631D} => key not found. 
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Midtown Maker => key not found. 
"C:\Users\Connie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Int?rnet Ex?l?r?r.lnk" => Could not move.
"C:\Users\Connie\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\G?ogle ?hr?m? (2).lnk" => Could not move.
"C:\Users\Connie\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\G?ogle ?hr?m?.lnk" => Could not move.
C:\Users\Connie\AppData\Local\Temp\body.exe => moved successfully
C:\Users\Connie\AppData\Local\Temp\FD52.tmp.exe => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
 
========= RemoveProxy: =========
 
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-21-783362037-2445262872-3955296449-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-783362037-2445262872-3955296449-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
 
 
========= End of RemoveProxy: =========
 
 
========= netsh advfirewall reset =========
 
Ok.
 
 
========= End of CMD: =========
 
 
========= netsh advfirewall set allprofiles state ON =========
 
Ok.
 
 
========= End of CMD: =========
 
 
========= ipconfig /flushdns =========
 
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========= End of CMD: =========
 
 
========= netsh winsock reset catalog =========
 
 
Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.
 
 
========= End of CMD: =========
 
 
========= netsh int ip reset C:\resettcpip.txt =========
 
Resetting Global, OK!
Resetting Interface, OK!
Resetting Neighbor, OK!
Resetting Path, OK!
Resetting , failed.
Access is denied.
 
Resetting , OK!
Restart the computer to complete this action.
 
 
========= End of CMD: =========
 
 
========= FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i" =========
 
Failed to clear log Microsoft-Windows-DxpTaskRingtone/Analytic. The system cannot find the file specified.
Failed to clear log Microsoft-Windows-USBVideo/Analytic. The instance name passed was not recognized as valid by a WMI data provider.
 
========= End of CMD: =========
 
 
========= Bitsadmin /Reset /Allusers =========
 
 
BITSADMIN version 3.0 [ 7.7.9600 ]
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.
 
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
 
0 out of 0 jobs canceled.
 
========= End of CMD: =========
 
 
=========== EmptyTemp: ==========
 
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 3209036 B
Java, Flash, Steam htmlcache => 59679665 B
Windows/system/drivers => 151038432 B
Edge => 0 B
Chrome => 671832849 B
Firefox => 317333886 B
Opera => 0 B
 
Temp, IE cache, history, cookies, recent:
Default => 24576 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 54010 B
NetworkService => 463864 B
Connie => 1128237049 B
Miso => 165260 B
Administrator => 20861 B
Guest => 0 B
 
RecycleBin => 2006070535 B
EmptyTemp: => 4 GB temporary data Removed.
 
================================
 
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 23-10-2017 17:21:41)
 
C:\WINDOWS\system32\drivers\wdbknqtx.sys => Is moved successfully
"C:\Users\Miso\AppData\Local\cwcvpok" => Could not move
 
==== End of Fixlog 17:21:44 ====

 

However, I am having trouble with Step #2, with Junkware Removal. I am running JRT as administrator, but I get this prompt:

Attached File  jrterror.jpg   45.07KB   0 downloads

 

Please advise, thank you :)

 

EDIT: I have completed the part with AdwCleaner. Here are the results after reboot:

 

# AdwCleaner 7.0.3.1 - Logfile created on Mon Oct 23 21:33:32 2017

# Updated on 2017/29/09 by Malwarebytes 
# Running on Windows 8.1 (X64)
# Mode: clean
 
***** [ Services ] *****
 
No malicious services deleted.
 
***** [ Folders ] *****
 
No malicious folders deleted.
 
***** [ Files ] *****
 
No malicious files deleted.
 
***** [ DLL ] *****
 
No malicious DLLs cleaned.
 
***** [ WMI ] *****
 
No malicious WMI cleaned.
 
***** [ Shortcuts ] *****
 
No malicious shortcuts cleaned.
 
***** [ Tasks ] *****
 
No malicious tasks deleted.
 
***** [ Registry ] *****
 
No malicious registry entries deleted.
 
***** [ Firefox (and derivatives) ] *****
 
No malicious Firefox entries deleted.
 
***** [ Chromium (and derivatives) ] *****
 
Plugin deleted: SoundCloud Downloader Free - 
Plugin deleted: SoundCloud Downloader Free - 
 
 
*************************
 
::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0
 
 
 
*************************
 
 
C:/AdwCleaner/AdwCleaner[S0].txt - [1451 B] - [2017/10/23 21:29:53]
 
 
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########

Edited by misomisomiso, 23 October 2017 - 04:45 PM.


#4 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,559 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:12:35 AM

Posted 23 October 2017 - 07:39 PM

We will need to run the fix in the Recovery Environment.

Please download Farbar Recovery Scan Tool and save it to a flash drive.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

Please also download the attached file and save it in the same location the FRST64 is saved in the flash drive.

Insert the USB drive in the infected computer.

Boot to the Recovery Console's Command prompt.

Entry points into the Windows Recovery Environment (WinRE).

You can access WinRE features through the Boot Options menu, which can be launched from Windows in a few different ways:
  • Option 1: From the login screen, click Shutdown, then hold down the Shift key while selecting Restart.
  • Option 2: In Windows 10, select Start > Settings > Update & security > Recovery > under Advanced Startup, click Restart now.
  • Option 3: Boot to recovery media.
  • Option 4: Use a hardware recovery button (or button combination) configured by the OEM (Computer Manufacturer).
After any of these actions is performed, all user sessions are signed off and the Boot Options menu is displayed. The PC will restart into the WinRE and the selected feature is launched.

On the boot options, select Troubleshooting > Advanced Options > Command prompt.

Once in the Command Prompt:
  • In the command window type in notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select "Computer" and find your flash drive letter and close the notepad.
  • In the command window type e:\frst (for x64 bit version type e:\frst64) and press Enter
    Note: Replace letter e with the drive letter of your flash drive.
  • The tool will start to run.
  • When the tool opens click Yes to disclaimer.
  • Press the Fix button.
  • It will make a log (Fixlog.txt) in the flash drive. Please copy and paste it to your reply.

Edited by JSntgRvr, 23 October 2017 - 07:51 PM.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#5 misomisomiso

misomisomiso
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:35 AM

Posted 23 October 2017 - 08:56 PM

We will need to run the fix in the Recovery Environment.

Please download Farbar Recovery Scan Tool and save it to a flash drive.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

Please also download the attached file attachicon.gifFixlist.txt and save it in the same location the FRST64 is saved in the flash drive.

Insert the USB drive in the infected computer.

Boot to the Recovery Console's Command prompt.

Entry points into the Windows Recovery Environment (WinRE).

You can access WinRE features through the Boot Options menu, which can be launched from Windows in a few different ways:

  • Option 1: From the login screen, click Shutdown, then hold down the Shift key while selecting Restart.
  • Option 2: In Windows 10, select Start > Settings > Update & security > Recovery > under Advanced Startup, click Restart now.
  • Option 3: Boot to recovery media.
  • Option 4: Use a hardware recovery button (or button combination) configured by the OEM (Computer Manufacturer).
After any of these actions is performed, all user sessions are signed off and the Boot Options menu is displayed. The PC will restart into the WinRE and the selected feature is launched.

On the boot options, select Troubleshooting > Advanced Options > Command prompt.

Once in the Command Prompt:
  • In the command window type in notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select "Computer" and find your flash drive letter and close the notepad.
  • In the command window type e:\frst (for x64 bit version type e:\frst64) and press Enter
    Note: Replace letter e with the drive letter of your flash drive.
  • The tool will start to run.
  • When the tool opens click Yes to disclaimer.
  • Press the Fix button.
  • It will make a log (Fixlog.txt) in the flash drive. Please copy and paste it to your reply.

 

 

Done. Here are the results:

 

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 23-10-2017 01

Ran by SYSTEM (23-10-2017 21:45:26) Run:5
Running from d:\
Boot Mode: Recovery
==============================================
 
fixlist content:
*****************
C:\WINDOWS\system32\mbbuzdxsvc.exe
C:\Users\Connie\AppData\Local\cwcvpok
C:\Users\Miso\AppData\Local\cwcvpok
C:\Users\Connie\AppData\Local\atrpvul
Folder: C:\Windows\System32\Drivers
*****************
 
C:\WINDOWS\system32\mbbuzdxsvc.exe => moved successfully
C:\Users\Connie\AppData\Local\cwcvpok => moved successfully
C:\Users\Miso\AppData\Local\cwcvpok => moved successfully
C:\Users\Connie\AppData\Local\atrpvul => moved successfully
 
========================= Folder: C:\Windows\System32\Drivers ========================
 
2013-07-21 23:09 - 2013-07-21 23:09 - 000000000 ____A [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\1043_ASUSTEK_Q501LA_Q515LA_V50.MRK
2013-08-22 03:38 - 2013-08-22 03:38 - 000231424 ___AC [E1832BD9FD7E0FC2DC9FA5935DE3E8C1] (Microsoft Corporation) C:\Windows\System32\Drivers\1394ohci.sys
2013-08-21 22:57 - 2013-08-22 04:43 - 000108896 ____A [AD508A1A46EC21B740AB31C28EFDFDB1] (LSI) C:\Windows\System32\Drivers\3ware.sys
2014-11-21 01:15 - 2014-11-21 01:15 - 000533824 ___AC [E796AE43DDD1844281DB4D57294D17C0] (Microsoft Corporation) C:\Windows\System32\Drivers\acpi.sys
2013-08-22 03:37 - 2013-08-22 04:49 - 000079712 ____A [AC8279D229398BCF05C3154ADCA86813] (Microsoft Corporation) C:\Windows\System32\Drivers\acpiex.sys
2013-08-22 03:39 - 2013-08-22 03:38 - 000010240 ___AC [A8970D9BF23CD309E0403978A1B58F3F] (Microsoft Corporation) C:\Windows\System32\Drivers\acpipagr.sys
2013-08-22 03:39 - 2013-08-22 03:38 - 000012288 ___AC [111A89C99C5B4F1A7BCE5F643DD86F65] (Microsoft Corporation) C:\Windows\System32\Drivers\acpipmi.sys
2013-08-22 03:39 - 2013-08-22 03:38 - 000010752 ___AC [5758387D68A20AE7D3245011B07E36E7] (Microsoft Corporation) C:\Windows\System32\Drivers\acpitime.sys
2013-08-21 23:01 - 2013-08-22 04:43 - 000782176 ____A [7C1FDF1B48298CBA7CE4BDD4978951AD] (PMC-Sierra) C:\Windows\System32\Drivers\adp80xx.sys
2016-10-01 11:05 - 2015-10-13 09:10 - 000559616 ____A [A460C3AF3755A2A79A3C8EFE72E147B5] (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys
2016-12-21 03:58 - 2016-07-07 14:32 - 000095744 ____A [D5ECE7E7F349EB3C4B152AFF3577280D] (Microsoft Corporation) C:\Windows\System32\Drivers\agilevpn.sys
2013-08-22 03:39 - 2013-08-22 04:43 - 000062304 ___AC [7DFAEBA9AD62D20102B576D5CAC45EC8] (Microsoft Corporation) C:\Windows\System32\Drivers\AGP440.sys
2016-12-21 04:03 - 2015-03-19 17:56 - 000080384 ____A [FE14D249D39368CA62D8DA6BC94AC694] (Microsoft Corporation) C:\Windows\System32\Drivers\ahcache.sys
2013-03-12 20:12 - 2013-03-12 20:12 - 000017152 ____A [16F6F6B7903B913AB41AB848C8BB5658] (ASUSTek Computer Inc.) C:\Windows\System32\Drivers\AiCharger.sys
2013-08-22 00:46 - 2013-08-22 00:46 - 000095744 ___AC [7589DE749DB6F71A68489DCE04158729] (Microsoft Corporation) C:\Windows\System32\Drivers\amdk8.sys
2013-08-22 00:46 - 2013-08-22 00:46 - 000098816 ___AC [B46D2D89AFF8A9490FA8C98C7A5616E3] (Microsoft Corporation) C:\Windows\System32\Drivers\amdppm.sys
2013-08-21 23:01 - 2013-08-22 04:43 - 000079200 ____A [D2BF2F94A47D332814910FD47C6BBCD2] (Advanced Micro Devices) C:\Windows\System32\Drivers\amdsata.sys
2013-08-21 22:57 - 2013-08-22 04:43 - 000259424 ____A [A8E04943C7BBA7219AA50400272C3C6E] (AMD Technologies Inc.) C:\Windows\System32\Drivers\amdsbs.sys
2013-08-21 23:01 - 2013-08-22 04:43 - 000025952 ____A [CEA5F4F27CFC08E3A44D576811B35F50] (Advanced Micro Devices) C:\Windows\System32\Drivers\amdxata.sys
2013-04-30 22:46 - 2013-04-30 22:46 - 000165344 ____A [843ED44EC945DDF7268BA769C9091A40] (Windows ® Win 7 DDK provider) C:\Windows\System32\Drivers\AmpPal.sys
2014-11-21 01:15 - 2014-11-21 01:15 - 000082944 ____A [415DD71628795197F7AFC176CBADC74E] (Microsoft Corporation) C:\Windows\System32\Drivers\appid.sys
2013-08-21 23:01 - 2013-08-22 04:43 - 000114016 ____A [65045784366F7EC5FB4E71BCF923187B] (PMC-Sierra, Inc.) C:\Windows\System32\Drivers\arcsas.sys
2013-07-21 23:08 - 2012-05-30 19:47 - 000021152 ____A [A9F2301B8D28BB4D887F5AEBB55ACB3A] (ASUS) C:\Windows\System32\Drivers\AsHIDSwitch64.sys
2013-06-28 15:45 - 2013-06-28 15:45 - 000065784 ____A [74D09AC81A7BD9E5361B3F623F78608A] (ASUS Corporation) C:\Windows\System32\Drivers\AsusTP.sys
2013-08-22 03:39 - 2013-08-22 03:38 - 000026624 ____A [3DB7721F06BC2FEDB25029EA23AB27DA] (Microsoft Corporation) C:\Windows\System32\Drivers\asyncmac.sys
2013-08-22 04:22 - 2013-08-22 04:43 - 000026464 ___AC [74B14192CF79A72F7536B27CB8814FBD] (Microsoft Corporation) C:\Windows\System32\Drivers\atapi.sys
2013-08-22 04:22 - 2013-08-22 04:43 - 000199520 ___AC [38E1F4E0148A24C65D215F14D57B0711] (Microsoft Corporation) C:\Windows\System32\Drivers\ataport.sys
2013-08-22 03:39 - 2013-08-22 03:39 - 000050688 ___AC [8CC7F7E4AFCBA605921B137ED7992C68] (Microsoft Corporation) C:\Windows\System32\Drivers\BasicDisplay.sys
2017-04-11 11:38 - 2017-03-12 07:04 - 000033792 ___AC [195BD339B4B782B42C19489DCFB4D110] (Microsoft Corporation) C:\Windows\System32\Drivers\BasicRender.sys
2013-08-22 03:40 - 2013-08-22 04:49 - 000035168 ___AC [99387C515F80270F097F6DD9B5315649] (Microsoft Corporation) C:\Windows\System32\Drivers\battc.sys
2013-08-21 22:57 - 2013-08-12 15:25 - 000017624 ____A [C1ABB0F7E3BEA48A0417BDF6FF14AB21] (Windows ® Win 7 DDK provider) C:\Windows\System32\Drivers\bcmfn2.sys
2013-08-22 03:40 - 2013-08-22 03:40 - 000007680 ____A [EC19013E4CF87609534165DF897274D6] (Microsoft Corporation) C:\Windows\System32\Drivers\beep.sys
2016-11-10 18:28 - 2016-10-04 12:39 - 000101376 ____A [4938A9236300A356F97E378491EE4844] (Microsoft Corporation) C:\Windows\System32\Drivers\bowser.sys
2014-11-21 01:16 - 2014-11-21 01:16 - 000115712 ____A [F3C060444777A59FC63D920719E43CCD] (Microsoft Corporation) C:\Windows\System32\Drivers\bridge.sys
2014-11-21 00:52 - 2014-11-21 00:52 - 000019456 ___AC [1C89EF529DB7DCA98E801EFDCC8437DE] (Microsoft Corporation) C:\Windows\System32\Drivers\BtaMPM.sys
2013-08-22 03:38 - 2013-08-22 03:38 - 000036992 ___AC [A8F23D453A424FF4DE04989C4727ECC7] (Microsoft Corporation) C:\Windows\System32\Drivers\BthAvrcpTg.sys
2014-11-21 01:15 - 2014-11-21 01:15 - 000053248 ___AC [1104A31260CCF4318C884E0AE6C513BF] (Microsoft Corporation) C:\Windows\System32\Drivers\bthenum.sys
2016-12-21 04:00 - 2015-03-08 18:02 - 000057856 ___AC [272A62B660A48AEF366F8A1836CED19F] (Microsoft Corporation) C:\Windows\System32\Drivers\bthhfenum.sys
2013-08-22 03:38 - 2013-08-22 03:38 - 000030720 ___AC [71FE2A48E4C93DDB9798C024880B6C07] (Microsoft Corporation) C:\Windows\System32\Drivers\BthhfHid.sys
2014-11-21 00:52 - 2014-11-21 00:52 - 000226304 ___AC [D30C67473A2E229662D21F27EAA9AAA5] (Microsoft Corporation) C:\Windows\System32\Drivers\BthLEEnum.sys
2014-11-21 01:15 - 2014-11-21 01:15 - 000064000 ___AC [EF4B9E7C9AD88C00C18A12B0D22D1894] (Microsoft Corporation) C:\Windows\System32\Drivers\bthmodem.sys
2017-07-11 11:44 - 2017-07-06 00:52 - 000119296 ___AC [D0AF91AF656E25AD8617EFA5B52EF457] (Microsoft Corporation) C:\Windows\System32\Drivers\bthpan.sys
2016-12-21 04:00 - 2015-05-11 10:17 - 001201664 ___AC [0CC00ADC1B84C93FB46E1A0974E956E1] (Microsoft Corporation) C:\Windows\System32\Drivers\bthport.sys
2014-11-21 01:15 - 2014-11-21 01:15 - 000081920 ___AC [08EA90955AED2D959EE67DF6EDF0E2B6] (Microsoft Corporation) C:\Windows\System32\Drivers\BTHUSB.SYS
2013-04-23 14:50 - 2013-04-23 14:50 - 001385272 ____A [00C8888A6E77AC48EB9945C601A1568F] (Motorola Solutions, Inc.) C:\Windows\System32\Drivers\btmhsf.sys
2013-08-21 22:57 - 2013-08-22 04:43 - 000531296 ____A [A4A73F631FE2AA2826FBE4A399B04DEF] (Broadcom Corporation) C:\Windows\System32\Drivers\bxvbda.sys
2013-08-22 03:40 - 2013-08-22 03:40 - 000088576 ____A [2FA6510E33F7DEFEC03658B74101A9B9] (Microsoft Corporation) C:\Windows\System32\Drivers\cdfs.sys
2013-08-22 00:46 - 2013-08-22 00:46 - 000164352 ___AC [C6796EA22B513E3457514D92DCDB1A3D] (Microsoft Corporation) C:\Windows\System32\Drivers\cdrom.sys
2013-08-22 03:38 - 2013-08-22 03:38 - 000044032 ___AC [BE9936EDD3267FAAFF94A7835867F00B] (Microsoft Corporation) C:\Windows\System32\Drivers\circlass.sys
2017-03-13 18:21 - 2016-05-06 13:59 - 000331608 ____A [F9ED4FFE6EBAC59F564323848974C3B4] (Microsoft Corporation) C:\Windows\System32\Drivers\Classpnp.sys
2017-08-08 11:18 - 2017-07-08 12:14 - 000376672 ____A [39D72BA91AFE3C81C1AB0DE41AA07EF3] (Microsoft Corporation) C:\Windows\System32\Drivers\clfs.sys
2013-08-22 03:39 - 2013-08-22 03:39 - 000025472 ___AC [EF6EF85DADC3184A10D8F2F7159973CB] (Microsoft Corporation) C:\Windows\System32\Drivers\CmBatt.sys
2016-12-14 10:10 - 2016-10-10 10:18 - 000022360 ____A [53517BC5BC4DD8B1FC860300A193E992] (Microsoft Corporation) C:\Windows\System32\Drivers\cmimcext.sys
2017-03-14 19:31 - 2017-01-21 13:37 - 000567152 ____A [C8823A6ECE66B997C8E9F413D1D671E7] (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys
2013-08-22 03:39 - 2013-08-22 03:38 - 000036352 ___AC [03AAED827C36F35D70900558B8274905] (Microsoft Corporation) C:\Windows\System32\Drivers\CompositeBus.sys
2013-08-22 05:25 - 2013-08-22 05:25 - 000043008 ____A [A1FF7DFBFBE164CF92603C651D304DD2] (Microsoft Corporation) C:\Windows\System32\Drivers\condrv.sys
2013-08-22 03:40 - 2013-08-22 04:43 - 000068960 ____A [FA47B0AA255B7CF4519E995C6404AE22] (Microsoft Corporation) C:\Windows\System32\Drivers\crashdmp.sys
2013-08-22 03:39 - 2013-08-22 04:50 - 000057696 ____A [315BA4BC19316D72B2E037534E048B93] (Microsoft Corporation) C:\Windows\System32\Drivers\dam.sys
2017-04-11 11:38 - 2017-01-10 14:37 - 000138752 ____A [4FED6AD69C9EE1EE7FD3C88437138855] (Microsoft Corporation) C:\Windows\System32\Drivers\dfsc.sys
2017-09-12 11:52 - 2017-07-07 19:14 - 000100184 ___AC [BF6D8575DDF30384939B2D5251F27C1F] (Microsoft Corporation) C:\Windows\System32\Drivers\disk.sys
2013-08-22 03:40 - 2013-08-22 04:43 - 000036192 ____A [224C2CB37497472C345CB2A02DF11363] (Microsoft Corporation) C:\Windows\System32\Drivers\Diskdump.sys
2013-08-22 03:40 - 2013-08-22 03:40 - 000013312 ____A [407B4FC1AEE5C19AC2ED7118CBB271E9] (Microsoft Corporation) C:\Windows\System32\Drivers\Dmpusbstor.sys
2013-08-22 03:37 - 2013-08-22 03:37 - 000029696 ____A [EB70A894708D1BC176AFD690FF06085F] (Microsoft Corporation) C:\Windows\System32\Drivers\dmvsc.sys
2013-07-21 23:08 - 2013-04-21 18:13 - 000068072 ____A [68E2849CF59D54557F5CC6911EE5B26F] (Intel Corporation) C:\Windows\System32\Drivers\DptfDevDram.sys
2013-07-21 23:08 - 2013-04-21 18:13 - 000057216 ____A [76C91DB88A8CEE7711F41ADF08128522] (Intel Corporation) C:\Windows\System32\Drivers\DptfDevPch.sys
2013-07-21 23:08 - 2013-04-21 18:13 - 000120256 ____A [82D5BA44F3A32EE7D41D2E8B4361AD9B] (Intel Corporation) C:\Windows\System32\Drivers\DptfDevProc.sys
2013-07-21 23:08 - 2013-04-21 18:13 - 000200808 ____A [66AA3E34E06A32B60573926DD861D70E] (Intel Corporation) C:\Windows\System32\Drivers\DptfManager.sys
2014-11-21 01:15 - 2014-11-21 01:15 - 000089088 ___AC [F00B189ECA74DDF408AD934ADDC72477] (Microsoft Corporation) C:\Windows\System32\Drivers\drmk.sys
2014-11-21 01:15 - 2014-11-21 01:15 - 000014528 ___AC [00C594D5A1DBD22AD8B2902B9F6EFF94] (Microsoft Corporation) C:\Windows\System32\Drivers\drmkaud.sys
2013-08-22 03:39 - 2013-08-22 04:39 - 000033632 ____A [05F5C162881BE293956C60456EDB0092] (Microsoft Corporation) C:\Windows\System32\Drivers\Dumpata.sys
2017-03-13 18:21 - 2016-06-18 12:06 - 000072408 ____A [C5196B53CA2F8FC637D20DEC386CFBE2] (Microsoft Corporation) C:\Windows\System32\Drivers\dumpfve.sys
2016-12-21 03:58 - 2015-03-12 20:03 - 000154432 ___AC [95E295FD19F80B3AD33629B5AEFEC9C7] (Microsoft Corporation) C:\Windows\System32\Drivers\dumpsd.sys
2017-05-09 09:46 - 2017-04-09 14:00 - 001548640 ____A [24C40570BAFEA48E9CB2B87008DCA152] (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
2017-05-09 09:46 - 2017-04-09 14:00 - 000388448 ____A [0711E11DF676BC41B641ED31F9772517] (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms1.sys
2013-08-22 03:38 - 2013-08-22 04:43 - 000082784 ____A [43531A5993380CC5113242C29D265FD9] (Microsoft Corporation) C:\Windows\System32\Drivers\EhStorClass.sys
2013-08-22 03:37 - 2013-08-22 04:43 - 000114016 ___AC [6F8E738A9505A388B1157FDDE7B3101B] (Microsoft Corporation) C:\Windows\System32\Drivers\EhStorTcgDrv.sys
2013-08-22 03:38 - 2013-08-22 03:38 - 000010240 ___AC [DFFFAE1442BA4076E18EED5E406FA0D3] (Microsoft Corporation) C:\Windows\System32\Drivers\errdev.sys
2013-08-21 22:57 - 2013-08-22 04:43 - 003357024 ____A [114BCFDF367FF37C3F1B0A96AF542E4D] (Broadcom Corporation) C:\Windows\System32\Drivers\evbda.sys
2013-08-22 03:40 - 2013-08-22 03:40 - 000200704 ____A [7729D294A555C7AEB281ED8E4D0E01E4] (Microsoft Corporation) C:\Windows\System32\Drivers\exfat.sys
2017-10-10 18:13 - 2017-10-11 16:11 - 000110016 ____A [20046A5DB1466EBD0DCAEB84D00C5432] (Malwarebytes) C:\Windows\System32\Drivers\farflt.sys
2013-08-22 03:40 - 2013-08-22 04:49 - 000217952 ____A [7C4E0D5900B2A1D11EDD626D6DDB937B] (Microsoft Corporation) C:\Windows\System32\Drivers\fastfat.sys
2013-08-22 03:40 - 2013-08-22 03:40 - 000030720 ___AC [5D8402613E778B3BD45E687A8372710B] (Microsoft Corporation) C:\Windows\System32\Drivers\fdc.sys
2014-11-21 00:52 - 2014-11-21 00:52 - 000079192 ____A [BCFD8B149B3ADF92D0DB1E909CAF0265] (Microsoft Corporation) C:\Windows\System32\Drivers\fileinfo.sys
2013-08-22 03:39 - 2013-08-22 03:39 - 000034816 ____A [A1A66C4FDAFD6B0289523232AFB7D8AF] (Microsoft Corporation) C:\Windows\System32\Drivers\filetrace.sys
2013-08-22 03:40 - 2013-08-22 03:40 - 000025088 ___AC [BE743083CF7063C486A4398E3AEFE59A] (Microsoft Corporation) C:\Windows\System32\Drivers\flpydisk.sys
2014-11-21 01:15 - 2014-11-21 01:15 - 000354112 ____A [C1FB505A73FA2E9019D32444AB33B75A] (Microsoft Corporation) C:\Windows\System32\Drivers\fltMgr.sys
2013-08-22 05:25 - 2013-08-22 05:25 - 000030048 ____A [09F460AFEDCA03F3BF6E07D1CCC9AC42] (Microsoft Corporation) C:\Windows\System32\Drivers\fs_rec.sys
2014-11-21 01:15 - 2014-11-21 01:15 - 000061248 ____A [A7C31B168F371E8E6796219F23E354DB] (Microsoft Corporation) C:\Windows\System32\Drivers\fsdepends.sys
2017-03-13 18:22 - 2016-06-18 12:06 - 000590688 ____A [D4AB6EE3D715BC44C00277FD934FAACF] (Microsoft Corporation) C:\Windows\System32\Drivers\fvevol.sys
2017-08-08 11:18 - 2017-06-06 20:25 - 000428888 ____A [2AA78D58E9EEA2D2F04CC3EB6817B0D4] (Microsoft Corporation) C:\Windows\System32\Drivers\FWPKCLNT.SYS
2013-08-22 00:46 - 2013-08-22 00:46 - 000027136 ___AC [9591D0B9351ED489EAFD9D1CE52A8015] (Microsoft Corporation) C:\Windows\System32\Drivers\fxppm.sys
2013-08-22 03:39 - 2013-08-22 04:43 - 000065888 ____A [FC3EF65EE20D39F8749C2218DBA681CA] (Microsoft Corporation) C:\Windows\System32\Drivers\GAGP30KX.SYS
2013-08-21 23:51 - 2013-06-18 06:41 - 003440660 ____A [7F29903CB8F5590D52DB0C9F97049A25] () C:\Windows\System32\Drivers\gm.dls
2013-08-21 23:51 - 2013-06-18 06:41 - 000000646 ____A [7111BFA692A22E4B3C07F1E6C6FF6F72] () C:\Windows\System32\Drivers\gmreadme.txt
2014-11-21 01:15 - 2014-11-21 01:15 - 000076800 ___AC [D4B7ED39C7900384D9E5C1283F1E7926] (Microsoft Corporation) C:\Windows\System32\Drivers\hdaudbus.sys
2013-08-22 03:39 - 2013-08-22 03:39 - 000026624 ___AC [10A70BC1871CD955D85CD88372724906] (Microsoft Corporation) C:\Windows\System32\Drivers\hidbatt.sys
2016-12-21 04:00 - 2015-01-29 19:01 - 000097792 ___AC [42F88B57CAE42FC10059C887B3FCFCEA] (Microsoft Corporation) C:\Windows\System32\Drivers\hidbth.sys
2017-03-13 18:21 - 2016-05-13 15:08 - 000111616 ___AC [177D76B32D417537FAADFF90237A508B] (Microsoft Corporation) C:\Windows\System32\Drivers\hidclass.sys
2013-08-22 03:37 - 2013-08-22 03:37 - 000041472 ___AC [C241A8BAFBBFC90176EA0F5240EACC17] (Microsoft Corporation) C:\Windows\System32\Drivers\hidi2c.sys
2013-08-22 03:39 - 2013-08-22 03:39 - 000045568 ____A [9BDDEE26255421017E161CCB9D5EDA95] (Microsoft Corporation) C:\Windows\System32\Drivers\hidir.sys
2017-03-13 18:21 - 2016-05-13 15:08 - 000032512 ___AC [24E6C1F418BACEE4E7D18266F48FF2EA] (Microsoft Corporation) C:\Windows\System32\Drivers\hidparse.sys
2017-03-13 18:21 - 2016-05-13 15:08 - 000032768 ___AC [49676FEC898AB2A11B157F848269A56E] (Microsoft Corporation) C:\Windows\System32\Drivers\hidusb.sys
2017-10-11 16:05 - 2017-10-23 10:54 - 000055232 ____A [D8B279B390DCF00AA20FB599EB37AD5F] () C:\Windows\System32\Drivers\hitmanpro37.sys
2013-08-21 22:57 - 2013-08-22 04:43 - 000064352 ____A [A6AACEA4C785789BDA5912AD1FEDA80D] (Hewlett-Packard Company) C:\Windows\System32\Drivers\HpSAMD.sys
2017-07-11 11:44 - 2017-06-15 14:02 - 000990040 ____A [61C5D4EF4BE4EA271B90135490C67447] (Microsoft Corporation) C:\Windows\System32\Drivers\http.sys
2013-08-22 03:40 - 2013-08-22 04:39 - 000024416 ____A [90656C0B3864804B090434EFC582404F] (Microsoft Corporation) C:\Windows\System32\Drivers\hwpolicy.sys
2013-08-22 03:37 - 2013-08-22 03:37 - 000013824 ____A [6D6F9E3BF0484967E52F7E846BFF1CA1] (Microsoft Corporation) C:\Windows\System32\Drivers\hyperkbd.sys
2013-08-22 03:39 - 2013-08-22 03:39 - 000022016 ____A [907C870F8C31F8DDD6F090857B46AB25] (Microsoft Corporation) C:\Windows\System32\Drivers\HyperVideo.sys
2016-12-21 04:03 - 2014-11-03 22:54 - 000108544 ___AC [49EE0AE9E5B64FFBBD06D55C4984B598] (Microsoft Corporation) C:\Windows\System32\Drivers\i8042prt.sys
2013-08-21 22:57 - 2013-07-30 10:47 - 000024568 ____A [5D90E32E36CE5D4C535D17CE08AEAF05] (Intel Corporation) C:\Windows\System32\Drivers\iaLPSSi_GPIO.sys
2013-08-21 22:57 - 2013-07-25 11:05 - 000099320 ____A [DD05E7E80F52ADE9AEB292819920F32C] (Intel Corporation) C:\Windows\System32\Drivers\iaLPSSi_I2C.sys
2013-07-21 23:08 - 2013-05-02 17:54 - 000677360 ____A [0A34D806EF2767E62CAFEA1A150A8830] (Intel Corporation) C:\Windows\System32\Drivers\iaStorA.sys
2013-08-21 23:01 - 2013-08-09 16:39 - 000651248 ____A [08BFE413B0B4AA8DFA4B5684CE06D3DC] (Intel Corporation) C:\Windows\System32\Drivers\iaStorAV.sys
2013-08-21 23:01 - 2013-08-22 04:43 - 000412000 ____A [A2200C3033FA4EF249FC096A7A7D02A2] (Intel Corporation) C:\Windows\System32\Drivers\iaStorV.sys
2013-06-03 10:58 - 2013-06-03 10:58 - 000115656 ____A [6C23262230188DAE2E8D27B7F21CCC02] (Intel Corporation) C:\Windows\System32\Drivers\ibtusb.sys
2013-10-01 09:02 - 2013-10-01 09:02 - 004177920 ____A [16D939A13CFB82DEE0B9DB12E45C7B4E] (Intel Corporation) C:\Windows\System32\Drivers\igdkmd64.sys
2013-05-30 15:39 - 2013-05-30 15:39 - 000021048 ____A [E18725531054FE222115873AC1CCB02B] () C:\Windows\System32\Drivers\ikbevent.sys
2013-05-30 15:39 - 2013-05-30 15:39 - 000021048 ____A [45060257BCA3D60204FEC29F6E6DE458] () C:\Windows\System32\Drivers\imsevent.sys
2013-07-21 23:06 - 2013-05-28 01:32 - 000442368 ____A [0E0B99617ED3FDB6C5F0E2D62709B5DF] (Intel® Corporation) C:\Windows\System32\Drivers\IntcDAud.sys
2013-08-22 14:56 - 2013-08-22 14:51 - 000039320 ____A [DB65573521AB51941F4FA799D0968136] (Intel Corporation) C:\Windows\System32\Drivers\intelaud.sys
2013-08-22 04:22 - 2013-08-22 04:43 - 000018272 ____A [4E448FCFFD00E8D657CD9E48D3E47157] (Microsoft Corporation) C:\Windows\System32\Drivers\intelide.sys
2013-10-05 15:58 - 2013-05-31 12:30 - 000016344 ____A [BB23D21358B2EEFFBD88F2898B52096D] (Intel Corporation) C:\Windows\System32\Drivers\IntelMEFWVer.dll
2014-11-21 01:15 - 2014-11-21 01:15 - 000039744 ___AC [A770340FC02B999EF0DE6C2A6BC8437C] (Microsoft Corporation) C:\Windows\System32\Drivers\intelpep.sys
2013-08-22 00:46 - 2013-08-22 00:46 - 000098816 ___AC [47E74A8E53C7C24DCE38311E1451C1D9] (Microsoft Corporation) C:\Windows\System32\Drivers\intelppm.sys
2013-08-22 03:35 - 2013-08-22 03:35 - 000084992 ____A [9DB76D7F9E4E53EFE5DD8C53DE837514] (Microsoft Corporation) C:\Windows\System32\Drivers\ipfltdrv.sys
2016-12-21 04:02 - 2016-02-03 07:14 - 000080896 ____A [C800DCD904016B2BF6AB541083770A3A] (Microsoft Corporation) C:\Windows\System32\Drivers\IPMIDrv.sys
2014-11-21 00:52 - 2014-11-21 00:52 - 000142848 ____A [B7342B3C58E91107F6E946A93D9D4EFD] (Microsoft Corporation) C:\Windows\System32\Drivers\ipnat.sys
2013-08-22 03:37 - 2013-08-22 03:37 - 000118784 ____A [D826F4874A372FAE2F42478E0975EA02] (Microsoft Corporation) C:\Windows\System32\Drivers\irda.sys
2013-08-22 03:38 - 2013-08-22 03:38 - 000017920 ____A [AE44C526AB5F8A487D941CEB57B10C97] (Microsoft Corporation) C:\Windows\System32\Drivers\irenum.sys
2013-08-22 03:40 - 2013-08-22 04:43 - 000021856 ___AC [8AFEEA3955AA43616A60F133B1D25F21] (Microsoft Corporation) C:\Windows\System32\Drivers\isapnp.sys
2013-05-30 15:39 - 2013-05-30 15:39 - 000046568 ____A [4EE2423C38F43D37F8497A672FD10BDC] () C:\Windows\System32\Drivers\ISCTD64.sys
2013-08-22 14:56 - 2013-08-22 14:51 - 000026008 ____A [2C04ACF9070282AC9AA837C52CA3C128] (Intel Corporation) C:\Windows\System32\Drivers\iwdbus.sys
2016-12-21 04:03 - 2014-11-04 11:25 - 000059712 ___AC [5917AFE4A3F695A54B99C1849C8207FE] (Microsoft Corporation) C:\Windows\System32\Drivers\kbdclass.sys
2016-12-21 04:03 - 2014-11-03 22:54 - 000032256 ___AC [8CD840A062F6BDF41DDE3ACB96164B72] (Microsoft Corporation) C:\Windows\System32\Drivers\kbdhid.sys
2013-07-21 23:08 - 2012-08-01 19:22 - 000014992 ____A [A8080BEBCDB7A16495CE1205921DCAC5] ( ) C:\Windows\System32\Drivers\kbfiltr.sys
2013-08-22 03:38 - 2013-08-22 03:38 - 000019456 ___AC [813871C7D402A05F2E3A7075F9584A05] (Microsoft Corporation) C:\Windows\System32\Drivers\kdnic.sys
2014-11-21 01:15 - 2014-11-21 01:15 - 000295424 ____A [1DD05F4857C2188744B9E864658949DD] (Microsoft Corporation) C:\Windows\System32\Drivers\ks.sys
2016-10-01 10:44 - 2016-08-22 08:06 - 000100184 ____A [304DA394D958BC3B62AF6DF514005B01] (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys
2016-10-01 10:44 - 2016-05-18 15:16 - 000178016 ____A [3D4AE520CD6F6FFE549DD195C1F515BE] (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
2013-08-22 03:39 - 2013-08-22 03:39 - 000021248 ____A [11AFB527AA370B1DAFD5C36F35F6D45F] (Microsoft Corporation) C:\Windows\System32\Drivers\ksthunk.sys
2013-08-22 03:36 - 2013-08-22 03:36 - 000059392 ____A [C09010B3680860131631F53E8FE7BAD8] (Microsoft Corporation) C:\Windows\System32\Drivers\lltdio.sys
2013-08-21 22:57 - 2013-08-22 04:43 - 000109408 ____A [C755AE4635457AA2A11F79C0DF857ABC] (LSI Corporation) C:\Windows\System32\Drivers\lsi_sas.sys
2013-08-21 22:57 - 2013-08-22 04:43 - 000093536 ____A [ADAC09CBE7A2040B7F68B5E5C9A75141] (LSI Corporation) C:\Windows\System32\Drivers\lsi_sas2.sys
2013-08-21 22:57 - 2013-08-22 04:43 - 000081760 ____A [04D1274BB9BBCCF12BD12374002AA191] (LSI Corporation) C:\Windows\System32\Drivers\lsi_sas3.sys
2013-08-21 22:57 - 2013-08-22 04:43 - 000082784 ____A [327469EEF3833D0C584B7E88A76AEC0C] (LSI Corporation) C:\Windows\System32\Drivers\lsi_sss.sys
2014-11-21 00:52 - 2014-11-21 00:52 - 000124416 ____A [DDEE191AB32DFC22C6465002ECDF5EE4] (Microsoft Corporation) C:\Windows\System32\Drivers\luafv.sys
2017-10-10 18:13 - 2017-10-04 09:15 - 000077440 ____A [11B9D886D7AE2F2F5C6BC03D7C52FD31] () C:\Windows\System32\Drivers\mbae64.sys
2017-10-10 18:13 - 2017-10-11 16:11 - 000045504 ____A [30F7226AC3603A18FC86DFBEA5EBB13D] (Malwarebytes) C:\Windows\System32\Drivers\mbam.sys
2013-08-22 03:39 - 2013-08-22 03:39 - 000022016 ____A [C895E3FAE8628EAA4ADE0F52862CA575] (Microsoft Corporation) C:\Windows\System32\Drivers\mcd.sys
2013-08-21 22:57 - 2013-08-22 04:43 - 000056672 ____A [EB5C03A070F30D64A6DF80E53B22F53F] (LSI Corporation) C:\Windows\System32\Drivers\megasas.sys
2013-08-21 22:57 - 2013-08-22 04:43 - 000575840 ____A [F6F13533196DE7A582D422B0241E4363] (LSI Corporation, Inc.) C:\Windows\System32\Drivers\megasr.sys
2013-08-22 03:40 - 2013-08-22 03:40 - 000040960 ____A [8B38C44F69259987C95135C9627E2378] (Microsoft Corporation) C:\Windows\System32\Drivers\modem.sys
2013-08-22 03:36 - 2013-08-22 03:36 - 000030208 ___AC [601589000CC90F0DF8DA2CC254A3CCC9] (Microsoft Corporation) C:\Windows\System32\Drivers\monitor.sys
2016-12-21 04:03 - 2014-11-04 11:25 - 000051008 ___AC [08374E4E5B8914DE6067CBA99F61E930] (Microsoft Corporation) C:\Windows\System32\Drivers\mouclass.sys
2016-12-21 04:03 - 2014-11-03 22:54 - 000030208 ___AC [5FCBAB60598AE119E02B4C27DE6B99EA] (Microsoft Corporation) C:\Windows\System32\Drivers\mouhid.sys
2017-06-14 14:58 - 2017-05-10 10:19 - 000101720 ____A [E5E8665272EBCD87A0A632314F0D221D] (Microsoft Corporation) C:\Windows\System32\Drivers\mountmgr.sys
2014-11-21 01:16 - 2014-11-21 01:16 - 000074240 ____A [6FC047578785B0435F4E2660946D1ADC] (Microsoft Corporation) C:\Windows\System32\Drivers\mpsdrv.sys
2016-10-12 15:26 - 2016-09-08 06:00 - 000140800 ____A [3F818C1518DA702C8F10259095C9BDE0] (Microsoft Corporation) C:\Windows\System32\Drivers\mrxdav.sys
2017-04-11 11:38 - 2017-06-14 14:19 - 000401408 ____A [E2FC654EC895E92A022794329BFC53EC] (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb.sys
2017-10-11 15:22 - 2017-09-07 13:32 - 000285184 ____A [AFE6DC2E57E876175BA074AD2CB5594F] (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb10.sys
2017-04-11 11:38 - 2017-06-14 14:19 - 000201728 ____A [B37B58F9F80A51098C42663D5FA5F2BA] (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb20.sys
2013-08-22 05:25 - 2013-08-22 05:25 - 000030208 ____A [D13329FBF8345B28AB30F44CC247DC08] (Microsoft Corporation) C:\Windows\System32\Drivers\msfs.sys
2013-10-05 16:07 - 2013-10-05 16:07 - 000000000 ___AH [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\Msft_Kernel_btmaux_01009.Wdf
2016-09-29 14:13 - 2016-09-29 14:13 - 000000000 ___AH [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\Msft_Kernel_btmhsf_01011.Wdf
2016-09-29 14:12 - 2016-09-29 14:12 - 000000000 ___AH [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\Msft_Kernel_DptfDevDram_01011.Wdf
2016-09-29 14:12 - 2016-09-29 14:12 - 000000000 ___AH [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\Msft_Kernel_DptfDevPch_01011.Wdf
2016-09-29 14:12 - 2016-09-29 14:12 - 000000000 ___AH [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\Msft_Kernel_DptfDevProc_01011.Wdf
2016-09-29 14:12 - 2016-09-29 14:12 - 000000000 ___AH [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\Msft_Kernel_DptfManager_01011.Wdf
2017-01-05 18:50 - 2017-01-05 18:50 - 000000000 ___AH [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\Msft_Kernel_netaapl64_01009.Wdf
2016-09-29 14:12 - 2016-09-29 14:12 - 000000000 ___AH [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2016-09-28 18:14 - 2016-09-28 18:14 - 000000000 ___AH [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2016-09-28 03:19 - 2016-09-28 03:19 - 000000000 ___AH [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2013-07-10 18:02 - 2013-07-10 18:02 - 000000000 ___AH [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\Msft_User_WUDFUsbccidDriver_01_11_00.Wdf
2013-08-22 03:39 - 2013-06-18 06:52 - 000000003 ____A [933222B19FF3E7EA5F65517EA1F7D57E] () C:\Windows\System32\Drivers\MsftWdf_Kernel_01013_Inbox_Critical.Wdf
2013-08-22 03:49 - 2013-06-18 07:20 - 000000003 ____A [933222B19FF3E7EA5F65517EA1F7D57E] () C:\Windows\System32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2014-11-21 01:15 - 2014-11-21 01:15 - 000146752 ____A [8DF1254093B5C354CE725EB6B9B0DE19] (Microsoft Corporation) C:\Windows\System32\Drivers\msgpioclx.sys
2013-08-22 03:38 - 2013-08-22 04:43 - 000041824 ___AC [C6B474E46F9E543B875981ED3FFE6ADD] (Microsoft Corporation) C:\Windows\System32\Drivers\msgpiowin32.sys
2013-08-22 03:39 - 2013-08-22 03:39 - 000008192 ____A [65C92EB9D08DB5C69F28C7FFD4E84E31] (Microsoft Corporation) C:\Windows\System32\Drivers\mshidkmdf.sys
2013-08-22 03:39 - 2013-08-22 03:39 - 000009728 ____A [52299F086AC2DAFD100DD5DC4A8614BA] (Microsoft Corporation) C:\Windows\System32\Drivers\mshidumdf.sys
2013-08-22 03:39 - 2013-08-22 04:43 - 000017248 ___AC [36D92AF3343C3A3E57FEF11C449AEA4C] (Microsoft Corporation) C:\Windows\System32\Drivers\msisadrv.sys
2017-08-08 11:18 - 2017-06-11 16:14 - 000276320 ___AC [C378ED678D1316721A40E1F60FB76184] (Microsoft Corporation) C:\Windows\System32\Drivers\msiscsi.sys
2013-08-22 03:39 - 2013-08-22 03:39 - 000010624 ____A [A9BBBD2BAE6142253B9195E949AC2E8D] (Microsoft Corporation) C:\Windows\System32\Drivers\mskssrv.sys
2014-11-21 01:16 - 2014-11-21 01:16 - 000066560 ____A [51B3AC0560848CD6D65AC2033E293113] (Microsoft Corporation) C:\Windows\System32\Drivers\mslldp.sys
2013-08-22 03:39 - 2013-08-22 03:39 - 000006784 ____A [1E88171579B218115C7A772F8DE04BD8] (Microsoft Corporation) C:\Windows\System32\Drivers\mspqm.sys
2013-08-22 05:25 - 2013-08-22 05:25 - 000366432 ____A [BBE2A455053E63BECBF42C2F9B21FAE0] (Microsoft Corporation) C:\Windows\System32\Drivers\msrpc.sys
2013-08-22 03:39 - 2013-08-22 04:49 - 000037728 ___AC [8D6B7D515C5CBCDB75B928A0B73C3C5E] (Microsoft Corporation) C:\Windows\System32\Drivers\mssmbios.sys
2013-08-22 03:38 - 2013-08-22 03:38 - 000007936 ____A [115019AE01E0EB9C048530D2928AB4A2] (Microsoft Corporation) C:\Windows\System32\Drivers\mstee.sys
2013-08-22 03:37 - 2013-08-22 03:37 - 000013312 ___AC [96D604A35070360F0DD4A7A8AF410B5E] (Microsoft Corporation) C:\Windows\System32\Drivers\MTConfig.sys
2017-03-13 18:21 - 2016-04-06 13:21 - 000114528 ____A [438EA7A2D8D4F9B8AFB64748ACA70BA8] (Microsoft Corporation) C:\Windows\System32\Drivers\mup.sys
2013-08-21 22:57 - 2013-08-22 04:43 - 000063840 ____A [B8C35C94DCB2DFEAF03BB42131F2F77F] (Marvell Semiconductor, Inc.) C:\Windows\System32\Drivers\mvumis.sys
2017-10-10 18:13 - 2017-10-10 19:53 - 000094144 ____A [482F6D603BDCC825768D86D8228BD65F] (Malwarebytes) C:\Windows\System32\Drivers\mwac.sys
2017-04-11 11:38 - 2017-01-18 18:18 - 001113944 ____A [FFAA6C6E798FBA448FA7628A1B277F5C] (Microsoft Corporation) C:\Windows\System32\Drivers\ndis.sys
2014-11-21 01:16 - 2014-11-21 01:16 - 000043008 ____A [8CECC8DA55F3274181FD1EA28AD76664] (Microsoft Corporation) C:\Windows\System32\Drivers\ndiscap.sys
2014-11-21 01:16 - 2014-11-21 01:16 - 000126464 ____A [269882812E9A68FFF1AFE1283D428322] (Microsoft Corporation) C:\Windows\System32\Drivers\NdisImPlatform.sys
2014-11-21 01:16 - 2014-11-21 01:16 - 000024576 ____A [82821F4EEC776B4CF11695A38F3ABA46] (Microsoft Corporation) C:\Windows\System32\Drivers\ndistapi.sys
2013-08-22 03:37 - 2013-08-22 03:37 - 000060416 ____A [B832B35055BA2B7B4181861FF94D8E59] (Microsoft Corporation) C:\Windows\System32\Drivers\ndisuio.sys
2013-08-22 03:36 - 2013-08-22 03:36 - 000016384 ____A [1F58E48EF75F34C35D8E93A0DC535CFE] (Microsoft Corporation) C:\Windows\System32\Drivers\NdisVirtualBus.sys
2017-03-13 18:21 - 2016-04-05 14:37 - 000205824 ____A [C3755FCF9A0B5C6FE8ED9E873B85D3CE] (Microsoft Corporation) C:\Windows\System32\Drivers\ndiswan.sys
2014-11-21 01:16 - 2014-11-21 01:16 - 000072192 ____A [DDD7F92A83F74D1476B71FBA9530A8DC] (Microsoft Corporation) C:\Windows\System32\Drivers\ndproxy.sys
2014-11-21 01:16 - 2014-11-21 01:16 - 000103424 ____A [3083926D1CC5B56EA0786527B557DD1B] (Microsoft Corporation) C:\Windows\System32\Drivers\Ndu.sys
2016-03-28 08:41 - 2016-03-28 08:41 - 000023040 ____A [EE00C544C025958AF50C7B199F3C8595] (Apple Inc.) C:\Windows\System32\Drivers\netaapl64.sys
2014-11-21 01:16 - 2014-11-21 01:16 - 000048128 ____A [42FF4975D032CAE558AE4BB8448F6E5A] (Microsoft Corporation) C:\Windows\System32\Drivers\netbios.sys
2017-09-12 11:52 - 2017-08-10 19:27 - 000281600 ____A [0FE750800DEEE91D22399D081371BA79] (Microsoft Corporation) C:\Windows\System32\Drivers\netbt.sys
2017-07-11 11:44 - 2017-05-31 13:20 - 000470360 ____A [D8BBF2E779040E5BCBA68E08A9F52734] (Microsoft Corporation) C:\Windows\System32\Drivers\netio.sys
2014-11-21 01:15 - 2014-11-21 01:15 - 000087040 ____A [D4DCE03870314D3354F3501F9DDD4123] (Microsoft Corporation) C:\Windows\System32\Drivers\netvsc63.sys
2013-09-25 18:52 - 2013-09-25 18:52 - 003589600 ____A [31D3E4959C410A7DEC2109CA8BF369AD] (Intel Corporation) C:\Windows\System32\Drivers\NETwbw02.sys
2013-10-08 18:52 - 2013-10-08 18:52 - 003648480 ____A [CE01BC8C2B3CBDD4A6EBD25331E48F4B] (Intel Corporation) C:\Windows\System32\Drivers\NETwew02.sys
2013-09-25 18:52 - 2013-09-25 18:52 - 009122084 ____A [F679F73C8961BDF31F677F617EB16E8B] () C:\Windows\System32\Drivers\Netwfw02.dat
2013-08-22 05:25 - 2013-08-22 05:25 - 000058880 ____A [8F44A2F57C9F1A19AC9C6288C10FB351] (Microsoft Corporation) C:\Windows\System32\Drivers\npfs.sys
2013-08-22 03:38 - 2013-08-22 03:38 - 000023040 ___AC [CBDB4F0871C88DF930FC0E8588CA67FC] (Microsoft Corporation) C:\Windows\System32\Drivers\npsvctrig.sys
2017-09-12 11:52 - 2017-08-13 09:19 - 000040960 ____A [018510D88536798852DAE12F9BA6E138] (Microsoft Corporation) C:\Windows\System32\Drivers\nsiproxy.sys
2017-10-11 15:23 - 2017-09-08 19:50 - 002013016 ____A [E3D85D09B28ABA9DE3F9300BE3E7C9F6] (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys
2013-08-22 05:25 - 2013-08-22 05:25 - 000005632 ____A [EF1B290FC9F0E47CC0B537292BEE5904] (Microsoft Corporation) C:\Windows\System32\Drivers\null.sys
2013-08-22 03:39 - 2013-08-22 04:43 - 000124768 ____A [6934A936A7369DFE37B7DBA93F5E5E49] (Microsoft Corporation) C:\Windows\System32\Drivers\NV_AGP.SYS
2013-08-21 23:01 - 2013-08-22 04:43 - 000150368 ____A [BC6B5942AFF25EBAF62DE43C3807EDF8] (NVIDIA Corporation) C:\Windows\System32\Drivers\nvraid.sys
2013-08-21 23:01 - 2013-08-22 04:43 - 000168288 ____A [1F43ABFFAC3D6CA356851D517392966E] (NVIDIA Corporation) C:\Windows\System32\Drivers\nvstor.sys
2017-10-11 15:23 - 2017-09-13 05:32 - 000445952 ____A [BB78990894F14D725EBD301E1945BF0F] (Microsoft Corporation) C:\Windows\System32\Drivers\nwifi.sys
2014-11-21 01:16 - 2014-11-21 01:16 - 000151040 ____A [FC0141B4A5AD6D637D883C1A89FC45C5] (Microsoft Corporation) C:\Windows\System32\Drivers\pacer.sys
2016-10-12 15:25 - 2016-08-11 10:33 - 000096256 ___AC [57DCE4FB0467986AE78E1C6FC5240D32] (Microsoft Corporation) C:\Windows\System32\Drivers\parport.sys
2014-11-21 01:15 - 2014-11-21 01:15 - 000088896 ____A [BAFF6122CFC9F95CA175AD8C348179A4] (Microsoft Corporation) C:\Windows\System32\Drivers\partmgr.sys
2014-11-21 01:15 - 2014-11-21 01:15 - 000280384 ___AC [91ED124E261EA8FAA1C0FFDF2A71B0C4] (Microsoft Corporation) C:\Windows\System32\Drivers\pci.sys
2013-08-22 04:22 - 2013-08-22 04:43 - 000014688 ___AC [346E38FCC6859A727DD28AFAD1F0AFF4] (Microsoft Corporation) C:\Windows\System32\Drivers\pciide.sys
2013-08-22 04:22 - 2013-08-22 04:43 - 000048992 ___AC [5D4D6146346B82EB3CA4EE0C5573193C] (Microsoft Corporation) C:\Windows\System32\Drivers\pciidex.sys
2013-08-22 03:40 - 2013-08-22 04:49 - 000114528 ___AC [4D3BDCC1C7B40C9D7B6AD990E6DEC397] (Microsoft Corporation) C:\Windows\System32\Drivers\pcmcia.sys
2013-08-22 00:46 - 2013-08-22 04:39 - 000050016 ____A [BF28771D1436C88BE1D297D3098B0F7D] (Microsoft Corporation) C:\Windows\System32\Drivers\pcw.sys
2017-08-08 11:18 - 2017-07-07 19:16 - 000086360 ____A [E6B3ACBA06BAF48594557FCCBFA66FD2] (Microsoft Corporation) C:\Windows\System32\Drivers\pdc.sys
2014-11-21 00:52 - 2014-11-21 00:52 - 000663040 ____A [0ECEE590F2E2EF969FB74A6FC583A1E6] (Microsoft Corporation) C:\Windows\System32\Drivers\PEAuth.sys
2014-11-21 01:15 - 2014-11-21 01:15 - 000272384 ___AC [C76097CA941FA7CAFEDB1E557969025C] (Microsoft Corporation) C:\Windows\System32\Drivers\portcls.sys
2013-08-22 00:46 - 2013-08-22 00:46 - 000092160 ___AC [ECD373F9571C745894367CC2635EA44F] (Microsoft Corporation) C:\Windows\System32\Drivers\processr.sys
2016-02-02 04:45 - 2016-02-02 04:45 - 000018456 ____A [DD3FD48D69F5FBBB21D46D1514C1C2DB] (Secunia) C:\Windows\System32\Drivers\psi_mf_amd64.sys
2014-11-21 01:16 - 2014-11-21 01:16 - 000047104 ____A [83868EB2924E6BC21A54337C65D614D1] (Microsoft Corporation) C:\Windows\System32\Drivers\qwavedrv.sys
2014-11-21 01:16 - 2014-11-21 01:16 - 000017408 ____A [B337B1F1E82A83E20A1743E008E25C0F] (Microsoft Corporation) C:\Windows\System32\Drivers\rasacd.sys
2016-12-21 04:03 - 2016-02-02 10:16 - 000112640 ____A [235624C147E3CB4C288D5D3D8E8D64A2] (Microsoft Corporation) C:\Windows\System32\Drivers\rasl2tp.sys
2013-08-22 03:36 - 2013-08-22 03:36 - 000084992 ____A [5247F308C4103CDC4FE12AE1D235800A] (Microsoft Corporation) C:\Windows\System32\Drivers\raspppoe.sys
2013-08-22 03:35 - 2013-08-22 03:35 - 000107520 ____A [E075CC071022BD4E9BE7C024717C0E0A] (Microsoft Corporation) C:\Windows\System32\Drivers\raspptp.sys
2014-11-21 01:16 - 2014-11-21 01:16 - 000093696 ____A [41F631007A158FEBB67F0E2AD1601BBA] (Microsoft Corporation) C:\Windows\System32\Drivers\rassstp.sys
2017-03-13 18:22 - 2016-04-06 10:20 - 000402432 ____A [D67ED4AB59D1EF66B05AD1A81AC28B26] (Microsoft Corporation) C:\Windows\System32\Drivers\rdbss.sys
2013-08-22 03:39 - 2013-08-22 03:38 - 000022528 ___AC [6B21EBF892CD8CACB71669B35AB5DE32] (Microsoft Corporation) C:\Windows\System32\Drivers\rdpbus.sys
2014-11-21 00:25 - 2014-11-21 00:25 - 000195584 ____A [680C1DAE268B6FB67FA21B389A8B79EF] (Microsoft Corporation) C:\Windows\System32\Drivers\rdpdr.sys
2014-11-21 01:17 - 2014-11-21 01:17 - 000027456 ____A [BC8A79C625568DDB7DCA49D0C2741A64] (Microsoft Corporation) C:\Windows\System32\Drivers\rdpvideominiport.sys
2014-11-21 00:52 - 2014-11-21 00:52 - 000249688 ____A [A26AEC49F318FEE141DDDB2C5F99B3E6] (Microsoft Corporation) C:\Windows\System32\Drivers\rdyboost.sys
2016-12-14 10:10 - 2016-10-12 13:11 - 000922968 ____A [2D39BCFA4DD1081B8F282B623456B858] (Microsoft Corporation) C:\Windows\System32\Drivers\refs.sys
2016-12-21 04:00 - 2015-01-29 19:00 - 000167424 ___AC [DC66AE45816614D2999DCD3834DCCC4E] (Microsoft Corporation) C:\Windows\System32\Drivers\rfcomm.sys
2016-10-01 11:10 - 2015-11-05 00:59 - 000145408 ____A [A7D51169CA28B0AA9B5DE2B7EFB5C3C9] (Microsoft Corporation) C:\Windows\System32\Drivers\rmcast.sys
2013-08-22 03:38 - 2013-08-22 03:38 - 000032256 ____A [4A24C61ED665DB4D13B93FACA06350CA] (Microsoft Corporation) C:\Windows\System32\Drivers\RNDISMP.sys
2014-11-21 01:16 - 2014-11-21 01:16 - 000011776 ____A [9746BA79DE0CA5EB5104406A9ED62D01] (Microsoft Corporation) C:\Windows\System32\Drivers\rootmdm.sys
2013-08-22 03:36 - 2013-08-22 03:36 - 000080384 ____A [2D05A5508F4685412F2B89E8C2189ABC] (Microsoft Corporation) C:\Windows\System32\Drivers\rspndr.sys
2013-08-21 22:57 - 2013-06-18 06:46 - 000591360 ____A [19764658C1468C2C0CEF133D28414A6B] (Realtek ) C:\Windows\System32\Drivers\Rt630x64.sys
2013-10-05 16:03 - 2013-06-03 04:18 - 000583849 ____A [C78E74CC8B944F989D739D91A19E6050] () C:\Windows\System32\Drivers\RTAIODAT.DAT
2013-10-05 16:03 - 2013-06-04 05:36 - 003441992 ____A [6C7970A8E0546A4D9466E0045C7DB199] (Realtek Semiconductor Corp.) C:\Windows\System32\Drivers\RTKVHD64.sys
2013-10-05 16:05 - 2013-01-15 01:37 - 000327240 ____A [E7B780F2E7A124264AA487C13107BDFF] (Realtek Semiconductor Corp.) C:\Windows\System32\Drivers\RtsUVStor.sys
2016-09-29 14:13 - 2016-09-29 14:13 - 000171198 ____A [B3AFE4F5F1346377D9C1F6E00C8BB682] () C:\Windows\System32\Drivers\RTWAVES40.dat
2013-08-22 00:46 - 2013-08-22 04:39 - 000107872 ___AC [C624A1B32211C3166EDB3F4AB02A30B7] (Microsoft Corporation) C:\Windows\System32\Drivers\sbp2port.sys
2017-04-11 11:38 - 2016-12-24 17:21 - 000040960 ____A [FA7ABD857DEB0FE3C94CC39A4C845E66] (Microsoft Corporation) C:\Windows\System32\Drivers\scfilter.sys
2013-08-22 03:39 - 2013-08-22 04:43 - 000170848 ____A [1C4EB3ACEA98CAD8FC7CF50F629FF0C6] (Microsoft Corporation) C:\Windows\System32\Drivers\scsiport.sys
2016-12-21 03:58 - 2015-03-12 20:03 - 000239424 ___AC [C54B6B2170BF628FD42F799A66956D75] (Microsoft Corporation) C:\Windows\System32\Drivers\sdbus.sys
2014-11-21 00:52 - 2014-11-21 00:52 - 000079192 ___AC [0B1E929D11A8E358106955603FAC65E8] (Microsoft Corporation) C:\Windows\System32\Drivers\sdstor.sys
2013-08-22 07:36 - 2013-08-22 07:35 - 000023040 ____A [3EA8A16169C26AFBEB544E0E48421186] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) C:\Windows\System32\Drivers\secdrv.sys
2017-05-11 08:27 - 2016-10-18 13:14 - 000021984 ____A [07F83829E7429E60298440CD1E601A6A] () C:\Windows\System32\Drivers\semav6msr64.sys
2013-08-22 03:38 - 2013-08-22 04:43 - 000069472 ____A [DB2FF24CE0BDD15FE75870AFE312BA89] (Microsoft Corporation) C:\Windows\System32\Drivers\SerCx.sys
2014-11-21 00:52 - 2014-11-21 00:52 - 000146776 ____A [0044B31F93946D5D41982314381FE431] (Microsoft Corporation) C:\Windows\System32\Drivers\SerCx2.sys
2016-10-12 15:25 - 2016-08-11 10:33 - 000023040 ___AC [1F0135949A6AD6025F363F80FE268251] (Microsoft Corporation) C:\Windows\System32\Drivers\serenum.sys
2016-10-12 15:25 - 2016-08-11 10:33 - 000083456 ___AC [81633C87B42B63BA484A6177179AC750] (Microsoft Corporation) C:\Windows\System32\Drivers\serial.sys
2016-12-21 04:03 - 2014-11-03 22:55 - 000026112 ___AC [148195AE95D9BC7375A08846439FDAC1] (Microsoft Corporation) C:\Windows\System32\Drivers\sermouse.sys
2013-08-22 03:40 - 2013-08-22 03:40 - 000017408 ___AC [472B7A5AC181C050888DB454663DD764] (Microsoft Corporation) C:\Windows\System32\Drivers\sfloppy.sys
2013-08-21 23:01 - 2013-08-22 04:43 - 000044896 ____A [2F518D13DD6F3053837FE606F1A2EA1F] (Silicon Integrated Systems Corp.) C:\Windows\System32\Drivers\sisraid2.sys
2013-08-21 23:01 - 2013-08-22 04:43 - 000081760 ____A [1AC9A200A9C49C4508F04AAFFCA34A3F] (Silicon Integrated Systems) C:\Windows\System32\Drivers\sisraid4.sys
2013-08-22 03:40 - 2013-08-22 03:40 - 000019968 ____A [8C0773703184485D57975B6C1ED48730] (Microsoft Corporation) C:\Windows\System32\Drivers\smclib.sys
2017-04-11 11:38 - 2017-01-11 09:28 - 000422744 ___AC [F6AF6499C3788105EA7AF1DA27769A77] (Microsoft Corporation) C:\Windows\System32\Drivers\spaceport.sys
2013-08-22 03:38 - 2013-08-22 04:43 - 000072032 ____A [F337BE11071818FC3F5DC2940B6BDE34] (Microsoft Corporation) C:\Windows\System32\Drivers\SpbCx.sys
2017-10-11 15:22 - 2017-09-07 13:33 - 000415744 ____A [3D0CA97EA01210E0BC032EB6FDCCF03D] (Microsoft Corporation) C:\Windows\System32\Drivers\srv.sys
2017-10-11 15:22 - 2017-09-07 13:33 - 000686592 ____A [FD4A645C5BA587257A97D7AC46212F4A] (Microsoft Corporation) C:\Windows\System32\Drivers\srv2.sys
2017-10-11 15:22 - 2017-09-07 13:32 - 000243200 ____A [D3EAE998706531157CBEA3F5218435BC] (Microsoft Corporation) C:\Windows\System32\Drivers\srvnet.sys
2013-08-21 22:57 - 2013-08-22 04:43 - 000031072 ____A [366DEA74BBA65B362BCCFC6FC2ADFD8B] (Promise Technology, Inc.) C:\Windows\System32\Drivers\stexstor.sys
2013-08-22 03:40 - 2013-08-22 04:43 - 000107872 ____A [0ED2E318ABB68C1A35A8B8038BDB4C90] (Microsoft Corporation) C:\Windows\System32\Drivers\storahci.sys
2017-07-11 11:44 - 2017-05-15 14:09 - 000057688 ___AC [1D5A045F59D216448FCDE3A8D69970E2] (Microsoft Corporation) C:\Windows\System32\Drivers\stornvme.sys
2017-07-11 11:44 - 2017-05-15 12:03 - 000379744 ____A [9E3AAB0E51B252DB581832ACD60C7A70] (Microsoft Corporation) C:\Windows\System32\Drivers\storport.sys
2013-08-22 03:37 - 2013-08-22 04:36 - 000045888 ____A [548759755BC73DAD663250239D7E0B9F] (Microsoft Corporation) C:\Windows\System32\Drivers\storvsc.sys
2013-08-22 03:39 - 2013-08-22 03:39 - 000067584 ____A [FF184501F8F556147BBBDE571315C137] (Microsoft Corporation) C:\Windows\System32\Drivers\stream.sys
2014-11-21 01:15 - 2014-11-21 01:15 - 000014144 ___AC [65454187E0F8B6C0DCECB0287D06EC43] (Microsoft Corporation) C:\Windows\System32\Drivers\swenum.sys
2013-08-22 03:39 - 2013-08-22 03:39 - 000029696 ____A [B13A57CE2F17B8C789E895E15F115DB0] (Microsoft Corporation) C:\Windows\System32\Drivers\tape.sys
2014-11-21 01:15 - 2014-11-21 01:15 - 000021824 ____A [A57A897E3F87B8E9F30A627C42779A76] (Microsoft Corporation) C:\Windows\System32\Drivers\tbs.sys
2017-08-08 11:18 - 2017-06-07 17:48 - 002457936 ____A [4C58B60C1E6A2946D6E3D67A36E5E03E] (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2014-11-21 01:53 - 2014-11-21 01:53 - 000049152 ____A [41CF802064F72E55F50CA0A221FD36D4] (Microsoft Corporation) C:\Windows\System32\Drivers\tcpipreg.sys
2013-08-22 05:25 - 2013-08-22 05:25 - 000030208 ____A [3C7361E0A5A6966DB957B94ECF924A9E] (Microsoft Corporation) C:\Windows\System32\Drivers\tdi.sys
2017-08-08 11:18 - 2017-08-01 19:17 - 000107520 ____A [576FA545FAB846B06E79B324160DE25C] (Microsoft Corporation) C:\Windows\System32\Drivers\tdx.sys
2013-10-05 15:57 - 2013-05-31 12:30 - 000099800 ____A [CFBDB416E1DC172327C099DB122FE15D] (Intel Corporation) C:\Windows\System32\Drivers\TeeDriverx64.sys
2014-11-21 00:25 - 2014-11-21 00:25 - 000037216 ___AC [232D185D2337F141311D0CF1983E1431] (Microsoft Corporation) C:\Windows\System32\Drivers\terminpt.sys
2017-06-14 14:58 - 2017-05-15 11:58 - 000121184 ____A [2B45645D0F1E950674CECE5606CF5E4E] (Microsoft Corporation) C:\Windows\System32\Drivers\tm.sys
2016-12-21 04:00 - 2015-09-29 04:24 - 000155480 ___AC [80A2FC1A089A71F2DBE5D8394FFB009F] (Microsoft Corporation) C:\Windows\System32\Drivers\tpm.sys
2013-08-22 03:37 - 2013-08-22 03:37 - 000056320 ____A [BF8F54CA37E9C9D6582C31C5761F8C93] (Microsoft Corporation) C:\Windows\System32\Drivers\TsUsbFlt.sys
2014-11-21 01:15 - 2014-11-21 01:15 - 000029696 ___AC [20185BEB7512EDE4EFECDFA148AC9F99] (Microsoft Corporation) C:\Windows\System32\Drivers\TsUsbGD.sys
2016-12-21 04:02 - 2015-09-04 11:24 - 000154112 ____A [E85916632CD3B9E9B546968DB950BF42] (Microsoft Corporation) C:\Windows\System32\Drivers\tunnel.sys
2013-08-22 03:39 - 2013-08-22 04:43 - 000064864 ____A [F6EEAD052943B5A3104C1405BB856C54] (Microsoft Corporation) C:\Windows\System32\Drivers\UAGP35.SYS
2013-08-22 03:37 - 2013-08-22 04:43 - 000074080 ___AC [FE6067B1FD4E63650C667B33D080565B] (Microsoft Corporation) C:\Windows\System32\Drivers\uaspstor.sys
2014-11-21 01:15 - 2014-11-21 01:15 - 000189248 ___AC [807F8CF3E973305FC435C61CBBEE2A49] (Microsoft Corporation) C:\Windows\System32\Drivers\UCX01000.SYS
2016-12-21 03:58 - 2015-03-12 18:02 - 000316416 ____A [C61EAF8E1E4B2F62BA4FDF457440B2C6] (Microsoft Corporation) C:\Windows\System32\Drivers\udfs.sys
2013-08-22 03:40 - 2013-08-22 04:39 - 000026976 ___AC [9578691F297E1B1F519970FE6D47CB21] (Microsoft Corporation) C:\Windows\System32\Drivers\uefi.sys
2013-08-22 03:39 - 2013-08-22 04:43 - 000065888 ____A [5EAB5117DDB24FC4D39E6FFFCF1837B9] (Microsoft Corporation) C:\Windows\System32\Drivers\ULIAGPKX.SYS
2013-08-22 03:39 - 2013-08-22 03:38 - 000046080 ___AC [DA34C39A18E60E7C3FA0630566408034] (Microsoft Corporation) C:\Windows\System32\Drivers\umbus.sys
2013-08-22 03:39 - 2013-08-22 03:38 - 000011776 ___AC [AE8294875E5446E359B1E8035D40C05E] (Microsoft Corporation) C:\Windows\System32\Drivers\umpass.sys
2013-06-20 18:36 - 2013-06-20 18:36 - 000206744 ____A [524BFB402B1AB1007ED91E94D6AB6F72] (Windows ® Win 7 DDK provider) C:\Windows\System32\Drivers\usb3Hub.sys
2016-12-21 03:58 - 2015-04-24 18:25 - 000020992 ____A [312BB35275EB15145F4B6D1FFCE56C50] (Microsoft Corporation) C:\Windows\System32\Drivers\usb8023.sys
2016-03-28 08:41 - 2016-03-28 08:41 - 000054784 ____A [F957092C63CD71D85903CA0D8370F473] (Apple, Inc.) C:\Windows\System32\Drivers\usbaapl64.sys
2014-11-21 00:52 - 2014-11-21 00:52 - 000121088 ___AC [DF355EB0199198728027962DCFCDE5FB] (Microsoft Corporation) C:\Windows\System32\Drivers\USBAUDIO.sys
2013-08-22 03:39 - 2013-08-22 03:39 - 000032512 ____A [5D45329A96B1A417DC7F59FDEABC0DDE] (Microsoft Corporation) C:\Windows\System32\Drivers\USBCAMD2.sys
2014-11-21 01:15 - 2014-11-21 01:15 - 000143680 ___AC [FF78D053A05E5A394F4E3C1816CC65A8] (Microsoft Corporation) C:\Windows\System32\Drivers\usbccgp.sys
2014-11-21 01:15 - 2014-11-21 01:15 - 000098304 ___AC [0139248F6B95CF0D837B5B46A2722D40] (Microsoft Corporation) C:\Windows\System32\Drivers\usbcir.sys
2016-12-21 03:58 - 2015-10-10 22:34 - 000027992 ____A [9A2B3A98D7982372CA36A823F673EFB8] (Microsoft Corporation) C:\Windows\System32\Drivers\usbd.sys
2016-12-21 04:02 - 2016-01-08 17:38 - 000091992 ___AC [C996CBEF922B5653A01E3F50DDCE2F86] (Microsoft Corporation) C:\Windows\System32\Drivers\usbehci.sys
2016-12-21 03:58 - 2015-10-10 22:34 - 000462168 ____A [CD81683F4553677B9BF5163A922153EB] (Microsoft Corporation) C:\Windows\System32\Drivers\usbhub.sys
2016-12-21 03:58 - 2015-10-10 22:34 - 000468824 ___AC [5C90D5379B53590FBB24BBAD4FA682EE] (Microsoft Corporation) C:\Windows\System32\Drivers\USBHUB3.SYS
2016-12-21 03:58 - 2015-10-10 10:41 - 000030208 ____A [A0F0484C97D6441ED6A75D7426ECCC9E] (Microsoft Corporation) C:\Windows\System32\Drivers\usbohci.sys
2016-12-21 03:58 - 2015-10-10 22:34 - 000443224 ____A [D25F0093A71FFB355160358DD70B0373] (Microsoft Corporation) C:\Windows\System32\Drivers\usbport.sys
2013-08-22 03:36 - 2013-08-22 03:36 - 000026112 ___AC [4D655E3B684BE9B0F7FFD8A2935C348C] (Microsoft Corporation) C:\Windows\System32\Drivers\usbprint.sys
2013-08-22 03:39 - 2013-08-22 03:39 - 000030720 ____A [3431FBFAC156EB7FEF9B936EC2A77AF6] (Microsoft Corporation) C:\Windows\System32\Drivers\usbrpm.sys
2016-10-01 10:37 - 2016-01-31 11:16 - 000148832 ___AC [9D168BFA334D47BE404367EB58D4E130] (Microsoft Corporation) C:\Windows\System32\Drivers\USBSTOR.SYS
2016-12-21 03:58 - 2015-10-10 10:41 - 000037376 ____A [FC974B03C8B87455F44F734C8F31A3C8] (Microsoft Corporation) C:\Windows\System32\Drivers\usbuhci.sys
2014-11-21 01:15 - 2014-11-21 01:15 - 000212736 ___AC [5C8F604F6DC74177CDD8372D7B1ADFF0] (Microsoft Corporation) C:\Windows\System32\Drivers\usbvideo.sys
2016-12-21 03:58 - 2015-04-15 22:17 - 000325464 ___AC [44603DA5A87FB491EF59C889EBBB4DDB] (Microsoft Corporation) C:\Windows\System32\Drivers\USBXHCI.SYS
2013-08-22 03:38 - 2013-08-22 04:37 - 000037728 ___AC [FEB26E3B8345A7E8D62F945C4AE86562] (Microsoft Corporation) C:\Windows\System32\Drivers\vdrvroot.sys
2014-11-21 00:52 - 2014-11-21 00:52 - 000175960 ____A [A026EDEAA5EECAE0B08E2748B616D4BD] (Microsoft Corporation) C:\Windows\System32\Drivers\VerifierExt.sys
2016-11-10 18:28 - 2016-10-09 14:59 - 000551256 ___AC [8ABB4BABF59F092DF0B43778D8FD1884] (Microsoft Corporation) C:\Windows\System32\Drivers\vhdmp.sys
2013-08-22 04:22 - 2013-08-22 04:43 - 000019808 ____A [06D38968028E9AB19DE9B618C7B6D199] (VIA Technologies, Inc.) C:\Windows\System32\Drivers\viaide.sys
2013-08-22 03:39 - 2013-08-22 03:39 - 000049152 ____A [608BD5400EFD2307A5F8DDDC87775734] (Microsoft Corporation) C:\Windows\System32\Drivers\videoprt.sys
2014-11-21 01:15 - 2014-11-21 01:15 - 000089368 ____A [A53E798C06D729CCF8459968B4372F6E] (Microsoft Corporation) C:\Windows\System32\Drivers\vmbkmcl.sys
2014-11-21 01:15 - 2014-11-21 01:15 - 000097048 ____A [511AD3FF957A0127E6BD336FF6F89C38] (Microsoft Corporation) C:\Windows\System32\Drivers\vmbus.sys
2013-08-22 03:37 - 2013-08-22 03:37 - 000021760 ____A [DA40BEA0A863CE768C940CA9723BF81F] (Microsoft Corporation) C:\Windows\System32\Drivers\VMBusHID.sys
2013-08-22 03:38 - 2013-08-22 03:38 - 000011264 ____A [0BF5CAD281E25F1418E5B8875DC5ADD1] (Microsoft Corporation) C:\Windows\System32\Drivers\vmgencounter.sys
2013-08-22 03:38 - 2013-08-22 03:38 - 000007168 ____A [1A063730F221B2746FF00457AE17E4F0] (Microsoft Corporation) C:\Windows\System32\Drivers\vms3cap.sys
2014-11-21 01:15 - 2014-11-21 01:15 - 000049944 ____A [8B9486B64E5FC17FB9CC04CA10B77A34] (Microsoft Corporation) C:\Windows\System32\Drivers\vmstorfl.sys
2016-10-01 10:29 - 2016-04-10 22:21 - 000074584 ___AC [436E1A724E7E683F6B612D3D58F04241] (Microsoft Corporation) C:\Windows\System32\Drivers\volmgr.sys
2017-08-08 11:18 - 2017-07-07 19:46 - 000377688 ____A [7DD4EAE2E680948D9AFF3E1B5234C1D3] (Microsoft Corporation) C:\Windows\System32\Drivers\volmgrx.sys
2016-12-21 03:57 - 2016-03-14 08:50 - 000316760 ___AC [17F7B0F2298D97F4B6C7A69511033D3D] (Microsoft Corporation) C:\Windows\System32\Drivers\volsnap.sys
2016-12-21 03:58 - 2016-01-26 11:15 - 000072024 ____A [DAC438FB5FF85A9E72806E2341D5D732] (Microsoft Corporation) C:\Windows\System32\Drivers\vpci.sys
2013-08-21 23:01 - 2013-08-22 04:43 - 000168800 ____A [4539F45F9F4C9757A86A56C949421E07] (VIA Technologies Inc.,Ltd) C:\Windows\System32\Drivers\vsmraid.sys
2013-08-21 23:01 - 2013-08-22 04:43 - 000305504 ____A [0849B7260F26FE05EA56DED0672E2F4B] (VIA Corporation) C:\Windows\System32\Drivers\VSTXRAID.SYS
2016-10-12 15:25 - 2016-08-12 16:03 - 000024576 ____A [71066FF95C487327E44C8AF1B72EBE8B] (Microsoft Corporation) C:\Windows\System32\Drivers\vwifibus.sys
2016-10-12 15:25 - 2016-08-12 16:02 - 000071680 ____A [29AB43937FFDA0B0FB56984226E698C6] (Microsoft Corporation) C:\Windows\System32\Drivers\vwififlt.sys
2016-10-12 15:25 - 2016-08-12 16:01 - 000038912 ____A [8B8624A93E3F88CB923AEB05B6313227] (Microsoft Corporation) C:\Windows\System32\Drivers\vwifimp.sys
2013-08-22 03:39 - 2013-08-22 03:39 - 000026752 ___AC [0910AB9ED404C1434E2D0376C2AD5D8B] (Microsoft Corporation) C:\Windows\System32\Drivers\wacompen.sys
2014-11-21 01:16 - 2014-11-21 01:16 - 000080896 ____A [6505C9E72910F91D4C317EECF22D1DE6] (Microsoft Corporation) C:\Windows\System32\Drivers\wanarp.sys
2014-11-21 00:52 - 2014-11-21 00:52 - 000054272 ____A [9CC0003FB8ED3763B977B43F1012FF63] (Microsoft Corporation) C:\Windows\System32\Drivers\watchdog.sys
2017-04-11 11:38 - 2017-02-10 06:37 - 000046600 ____A [F2E08D1C067FEFC3A42D21FD4810F1D3] (Microsoft Corporation) C:\Windows\System32\Drivers\WdBoot.sys
2017-10-23 17:43 - 2017-10-23 17:43 - 000116560 ____N [5E6BCFBBC941571AEE9F0B3099199986] () C:\Windows\System32\Drivers\wdbuxaeh.sys
2013-08-22 05:25 - 2013-08-22 05:25 - 000839488 ____A [CB6C63FF8342B467E2EF76E98D5B934D] (Microsoft Corporation) C:\Windows\System32\Drivers\Wdf01000.sys
2017-04-11 11:38 - 2017-01-12 08:51 - 000274776 ____A [E234820E6B84ABA5E84E00227F505AE8] (Microsoft Corporation) C:\Windows\System32\Drivers\WdFilter.sys
2013-08-22 05:25 - 2013-08-22 05:25 - 000060224 ____A [42C23552FC0BF2BAB9053BE6E4DC3D13] (Microsoft Corporation) C:\Windows\System32\Drivers\WdfLdr.sys
2017-04-11 11:38 - 2017-01-12 08:51 - 000117592 ____A [A74AD6D80AC26E1B5DD276FC927F2BAC] (Microsoft Corporation) C:\Windows\System32\Drivers\WdNisDrv.sys
2013-08-22 03:40 - 2013-08-22 04:39 - 000038240 ____A [2E0AF5B354ED1BB10314353B6A625B68] (Microsoft Corporation) C:\Windows\System32\Drivers\werkernel.sys
2016-10-01 10:33 - 2014-11-10 10:06 - 000136512 ____A [715ABA3DD164D06457A2A3C92F6EA9D5] (Microsoft Corporation) C:\Windows\System32\Drivers\wfplwfs.sys
2014-11-21 01:15 - 2014-11-21 01:15 - 000033600 ____A [5F66B7BB330AA80067FC66149A692620] (Microsoft Corporation) C:\Windows\System32\Drivers\wimmount.sys
2014-11-21 01:15 - 2014-11-21 01:15 - 000061208 ____A [10A78656BF6126245631705E45F9B9CF] (Microsoft Corporation) C:\Windows\System32\Drivers\winhv.sys
2016-12-21 03:58 - 2015-10-10 10:40 - 000078848 ___AC [3AF1FA17F1C4ACBDB660D8F98B1A9C13] (Microsoft Corporation) C:\Windows\System32\Drivers\winusb.sys
2013-08-22 03:40 - 2013-08-22 03:40 - 000016384 ___AC [2834D9D3B4F554A39C72F00EA3F0E128] (Microsoft Corporation) C:\Windows\System32\Drivers\wmiacpi.sys
2013-08-22 05:25 - 2013-08-22 05:25 - 000018272 ____A [1FE5DDC32243469E6FA4440C02775A34] (Microsoft Corporation) C:\Windows\System32\Drivers\wmilib.sys
2014-11-21 01:17 - 2014-11-21 01:17 - 000157016 ____A [7FC5667DF73D4B04AA457CC3A4180E09] (Microsoft Corporation) C:\Windows\System32\Drivers\wof.sys
2014-11-21 01:17 - 2014-11-21 01:17 - 000054784 ____A [A2468CC3509394A33C4C32F99563D845] (Microsoft Corporation) C:\Windows\System32\Drivers\wpcfltr.sys
2013-08-22 03:38 - 2013-08-22 04:36 - 000026976 ____A [9F2904B55F6CECCD1A8D986B5CE2609A] (Microsoft Corporation) C:\Windows\System32\Drivers\WpdUpFltr.sys
2013-08-22 05:25 - 2013-08-22 05:25 - 000023392 ____A [38CAE0D33091C6F3B542F230E70ED44B] (Microsoft Corporation) C:\Windows\System32\Drivers\WppRecorder.sys
2017-10-21 16:07 - 2017-10-23 17:41 - 000034752 ____A [7CA09731EB7FC99B910C7F239E57720F] () C:\Windows\System32\Drivers\WPRO_41_2001.sys
2013-08-22 03:40 - 2013-08-22 03:40 - 000021504 ____A [AE072B0339D0A18E455DC21666CAD572] (Microsoft Corporation) C:\Windows\System32\Drivers\ws2ifsl.sys
2014-11-21 01:15 - 2014-11-21 01:15 - 000113664 ____A [481286719402E4BAEFEA0604AB1B5113] (Microsoft Corporation) C:\Windows\System32\Drivers\WUDFPf.sys
2014-11-21 01:15 - 2014-11-21 01:15 - 000226304 ____A [D7B4859227B02BCC1055B279A63C937F] (Microsoft Corporation) C:\Windows\System32\Drivers\WUDFRd.sys
2014-11-21 00:00 - 2017-07-11 20:38 - 000000000 ____D [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\en-US
2014-11-21 00:00 - 2014-11-21 00:00 - 000011776 ____A [CCA2D0FF42F019AA8D85BF2FB6E15F41] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\1394ohci.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000010240 ____A [B5DA56EFD818F1C893E2107EC968CE05] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\acpi.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000021504 ____A [3606D04BC7E6E305737BEC91CC8A6D0D] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\afd.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000002560 ____A [A6B3942C1A97C929F4670B7B63370FF8] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\AGP440.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000014336 ____A [3B950A7C26EC075CC10D42826A2A4DF8] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\amdk8.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000014336 ____A [BBF7FD5AB839E2AA43D3B0ED9E39A0D0] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\amdppm.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000007168 ____A [CD43E5E2C950394ECD31F48E679FD97B] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\ataport.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000007680 ____A [5FEAB7F5FF9E12200DA263C7C868FDFC] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\battc.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000003584 ____A [2EA0F0337ABE762EB176210C5A0E683C] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\BthA2DP.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000002560 ____A [40FE2A1CCF317A94B5FD56D497E79A13] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\BthAvrcpTg.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000002048 ____A [9E9A08BA6542B63C0231DD321F0030C1] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\bthenum.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000003072 ____A [4B3767CBC898F2B2888AB20C3235D106] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\bthhfenum.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000002048 ____A [0C6D47DDFA425E40ADC00DD502195310] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\BthhfHid.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000012800 ____A [5DC5D6A51716CA7F90CFB74E7C599C8B] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\BthLEEnum.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000003072 ____A [02F4FEF291855F17E1B1E659D8BC221B] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\BthMini.SYS.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000004608 ____A [5433113535C5AAE479DA3A154D9A861C] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\bthpan.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000032768 ____A [5FB5B412D00636CC62BC3066AF8B1229] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\bthport.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000002560 ____A [D755E6687A0EE30DE68DB7A3318C7534] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\BTHUSB.SYS.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000002560 ____A [DB12C55AE25DEA570948972948084FD0] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\cdrom.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000005632 ____A [1F619FB6D31D68F205AE220C3BF206E2] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\disk.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000005632 ____A [D783AC74060F59166C0637C0DB2DCEA0] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\dumpsd.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000008192 ____A [51DF0DF6DB0D673B9C02D54FCAC2CC50] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\EhStorTcgDrv.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000005120 ____A [102577751A4F9B0A571B17404447A38B] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\fltmgr.sys.mui
2014-11-21 00:53 - 2014-11-21 00:53 - 000021504 ____A [926EEDC62C2FCD647BC0D04675EE853E] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\fvevol.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000007680 ____A [71E571A0593B9904BBC95A09C7E5B7A1] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\fwpkclnt.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000002560 ____A [FAC96A2530D79BBE22C2905A6FEDCF46] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\GAGP30KX.SYS.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000004096 ____A [99CD0F950160DEC012C3E557392DD925] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\hdaudbus.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000003072 ____A [747F9203A6DF183606D1CBA3924012FD] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\HdAudio.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000003072 ____A [14AE860A5AEAFC68EB6CF3B16DF98376] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\hidbth.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000006144 ____A [6BDAE5E18E43D55D879A38C17246B11B] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\hidclass.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000003584 ____A [ED627E47A085C7D7046904681C5EDC64] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\hidi2c.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000038400 ____A [2AE5E1E320C912D7ADA1141A791E6B0E] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\http.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000010240 ____A [E4ABFFE744B447B16D7E404DD370EDEF] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\i8042prt.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000014336 ____A [92471F1B99E986EAED0A5A1E39B707A5] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\intelppm.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000006144 ____A [CE20CC9255F7A42651AA98EFB37017DB] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\IPMIDrv.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000004096 ____A [B535EE71D2A9E7F372C6EDA3CC08E5D9] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\ipnat.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000003584 ____A [89F45D27D843BB126CE75506EECAB27E] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\isapnp.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000004608 ____A [A13626BF0E5BE4EC425110ED6398289D] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\kbdclass.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000002560 ____A [70F8E3861137B366290C76CC87DCC7A6] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\kbdhid.sys.mui
2014-11-21 00:52 - 2014-11-21 00:52 - 000002048 ____A [89044CB6A2E99FCD6892CC6F95FA052E] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\ks.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000006656 ____A [589F4B32669697DCC86C87796AB9002A] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\luafv.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000003584 ____A [14C735491D0B03CD54D429DD35BED47A] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\modem.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000004096 ____A [2BDE3CAEF7E91D3EDE75004A70015488] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\mouclass.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000002560 ____A [A375D5A8086D30B50CDBED853D2DDA33] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\mouhid.sys.mui
2016-10-01 10:48 - 2015-07-15 09:15 - 000002560 ____A [4AF392CEEDBEBEB4276A4B846690EDA7] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\mountmgr.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000055296 ____A [D0CE1060C18401B68D3B83C68FB5A4B5] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\mrxsmb.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000002560 ____A [867F15AFDDF027A72DACF055AFA74BB5] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\mshidkmdf.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000002560 ____A [CAE33B50C378B0E89A2F0FA1501B20CC] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\mshidumdf.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000008704 ____A [A1F415FFCBC26FA88C3644AC094F5DB7] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\mslldp.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000003072 ____A [2CFB49C6E6E1EB57545A83D4655C6056] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\mssmbios.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000002560 ____A [C4634B62A436D99F46284D14188D7AB1] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\MTConfig.sys.mui
2017-03-13 18:21 - 2015-01-10 01:07 - 000012800 ____A [78BAA3F54ED5AC8082D1AA985E0109EF] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\mup.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000057856 ____A [F450E013F78D0A5F1F17A96CB1233A27] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\ndis.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000005632 ____A [35B1981AFD2DAC97DBE60ED3060CA3B0] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\ndiscap.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000011264 ____A [8C4A2BA8EB99FD7CDF936EB9E696EAE0] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\NdisImPlatform.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000003072 ____A [8105B2BCB7472FE152999DBC1BBC1293] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\ndisuio.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000002560 ____A [9CDF5709BBAAB7058D7E25116962B91E] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\NdisVirtualBus.sys.mui
2014-11-21 01:47 - 2014-11-21 01:47 - 000084992 ____A [0A132F1DD6167033D8942BDE1A9CA978] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\ntfs.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000002560 ____A [9A288DB3E2E4DFF9D50848F918A0D205] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\NV_AGP.SYS.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000014336 ____A [8408E3E07817356E554343A1858C046C] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\nwifi.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000017408 ____A [AAE0D51E60BA789F37E6F10CCDDA3B98] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\pacer.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000003584 ____A [46E64135EC40C997D0A1505F5D25F617] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\parport.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000002560 ____A [5F4FDF4706FB6E2A59DA1FD2273F01F2] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\partmgr.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000008192 ____A [6CDB4C7AE4EA0337A3072F14817C67F4] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\pci.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000004096 ____A [78E7F147FA21050EE167BF2F6F402250] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\pcmcia.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000002048 ____A [A7AC203417A1933936DC1CF897FCEBBB] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\pdc.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000002560 ____A [EAD2F339CE0D4167A7A6310364FCBD39] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\pnpmem.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000004096 ____A [7C2DB6B9CD440A339FE0702F35B377C1] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\portcls.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000014336 ____A [2E16897A12A9CB0B49CA832C290F11A4] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\processr.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000002560 ____A [F3B786F1518B985EB2DF6154D460D6F3] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\qwavedrv.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000005632 ____A [555F9097CDC4EBFAB371523CC6569A5A] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\rdbss.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000002560 ____A [51D107C9434AAB4C7FF006881AA3D684] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\rdpdr.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000008192 ____A [CD7D055498F2CBA489DE234AF2859994] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\refs.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000003072 ____A [CE456D3022A8963259DC2E247DAB4C1F] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\RNDISMP.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000003072 ____A [D05D2E5DAC0E94A098F7C83CA9F0D9FF] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\rndismp6.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000003072 ____A [CE456D3022A8963259DC2E247DAB4C1F] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\rndismpx.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000002560 ____A [E740847276E386D2DB79F83EABFBAB2E] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\scfilter.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000003072 ____A [4B5307E8DF2F798C72E80FD1F77CCCCD] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\scsiport.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000005632 ____A [8BFA30900E037CBE612A30824304AED4] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\sdbus.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000003072 ____A [ABF5E3081386BB6328A0A2609EB05842] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\sdstor.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000003584 ____A [6646B085AFD4E8A457D8D1BA27167C48] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\sercx.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000008704 ____A [9F79EA2950BCF1BFD87EFFB333DDD928] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\sercx2.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000010240 ____A [F5BEC30FE6093C89C0380B617F1D9D7E] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\serial.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000005120 ____A [6E7CBABB993BC0E1ACBEDD2769F133FF] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\sermouse.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000002560 ____A [8FC0CC5F7BF27FB1A293D7EE66FC3C2F] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\serscan.sys.mui
2016-10-12 15:26 - 2016-01-24 06:35 - 000040960 ____A [9144FCF3AD8DAB06127F7AF7D2969AFD] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\spaceport.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000004096 ____A [55DD1A8228C09A259606001D1C60C009] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\spbcx.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000002560 ____A [B19FFEAD517844AAC7DCFF652D900469] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\srv.sys.mui
2017-07-11 11:44 - 2017-05-03 08:04 - 000068096 ____A [EA180252C871E1A4566B2F362A9E7800] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\srv2.sys.mui
2016-12-14 10:10 - 2016-03-11 07:12 - 000086528 ____A [6FD95912A5A219D79F376A2839567EBC] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\tcpip.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000008192 ____A [38FD7DF71EF1938646FE6BE00A5C51B7] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\tpm.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000003072 ____A [5A9FA86928CC75DD03C0923AD2C39BAF] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\tsusbflt.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000007680 ____A [7A444882987D5D96C18BB5CFBCD2B386] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\tunnel.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000002560 ____A [F038F9F62D356510CEB7EC7453643599] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\UAGP35.SYS.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000012288 ____A [5504447B7B5F3ADD660F51C7CAD2C195] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\UCX01000.SYS.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000002560 ____A [667AF0980B238CE5BE2E8552C7DBCCF4] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\ULIAGPKX.SYS.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000003072 ____A [21B25F46EC3B0D49BB2041333C5B39B0] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\umbus.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000002560 ____A [F1298FD692F5E9C9EAFBE917E0DC500B] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\USBAUDIO.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000003072 ____A [17FA2B0B3DDF42A80EBAB4F44C07D26F] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\usbehci.sys.mui
2014-11-21 01:15 - 2014-11-21 01:15 - 000014336 ____A [1F85505E3AD14BBF433FFF8A1514757D] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\usbhub.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000020480 ____A [F911CF1E512B09123ED2D8634A4E66FA] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\USBHUB3.SYS.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000026112 ____A [D23E6B1CAD00F60CCA8F12E49D3E91C0] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\usbport.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000002048 ____A [B2A62B9ACA3A68AB872EB5638D7E8FCA] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\usbrpm.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000002560 ____A [8532FAE8E484F5B08318013F1532738D] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\USBSTOR.SYS.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000002560 ____A [9925DB33B91939166DAEE12CA7C412A4] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\usbvideo.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000014848 ____A [09A5B9D1965B98C60E01DAF6FED40BFA] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\USBXHCI.SYS.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000005120 ____A [02BD6A9AD41077AA823B399A304EEE44] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\vdrvroot.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000013312 ____A [2028053C56B3A17EEBF75BB96834DAA7] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\vhdmp.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000002560 ____A [427A9E28038A6C0E80646621C6D02BA2] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\volmgrx.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000023552 ____A [7F4A513CB90D51EB39CA955CF0FE23DB] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\volsnap.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000002048 ____A [26E9F6CFBF2DC479ADBC7319D7369296] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\vwifibus.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000004096 ____A [79BFC84AEDA75F27E398394B398EB477] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\wacompen.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000002560 ____A [CA1844B4098F1D6C2520699A7242C5C4] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\wdf01000.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000002560 ____A [BFEE4840A672728A70ABDC452654B37C] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\wfplwfs.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000013824 ____A [096724B4585F818F3E879F579C8AA13C] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\wmbclass.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000002048 ____A [2B0B166692208DDA856662C490ABF0B3] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\WpdUpFltr.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000002048 ____A [7C0AE658C7BE463B68BEC51E9AEFE203] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\ws2ifsl.sys.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000002560 ____A [61F2D3C5CAB218B914825B23B3E68AAF] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\wudfpf.sys.mui
2013-08-22 05:36 - 2017-10-23 13:09 - 000000000 ____D [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\etc
2013-08-22 05:25 - 2017-10-23 13:09 - 000000035 ____A [90C8F3BA7DB5CB3562298C2E11C97C52] () C:\Windows\System32\Drivers\etc\hosts
2013-08-22 07:36 - 2013-08-22 07:35 - 000003683 ____A [18413B90E1B291EC3E777A845C37CFEE] () C:\Windows\System32\Drivers\etc\lmhosts.sam
2013-08-22 05:25 - 2013-08-22 05:25 - 000000407 ____A [B65A1232FB4B35827CE7C5E2F8EC8947] () C:\Windows\System32\Drivers\etc\networks
2013-08-22 05:25 - 2013-08-22 05:25 - 000001358 ____A [7700D22FA108234E623D65FA72D9E29C] () C:\Windows\System32\Drivers\etc\protocol
2013-08-22 05:25 - 2013-08-22 05:25 - 000017463 ____A [D9E1A01B480D961B7CF0509D597A92D6] () C:\Windows\System32\Drivers\etc\services
2013-08-22 07:33 - 2016-11-14 19:25 - 000000000 ____D [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\UMDF
2014-11-21 01:15 - 2014-11-21 01:15 - 000088576 ___AC [6C2117ABA0F9C6B9238DA92A4179EF1F] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\EhStorPwdDrv.dll
2014-11-21 01:15 - 2014-11-21 01:15 - 000054272 ___AC [9E5A866A051CA31C84156A6803606E51] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\HidBthLE.dll
2014-11-21 01:15 - 2014-11-21 01:15 - 000297984 ___AC [B751B25DD96BEDEEF32A075544A10803] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\WpdFs.dll
2014-11-21 01:15 - 2014-11-21 01:15 - 000970240 ___AC [35F42821BAD4E305072B36C0720B85D5] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\WpdMtpDr.dll
2012-07-25 18:12 - 2012-07-25 19:08 - 000102912 ____A [C83D612D0D745DD4E72C741599C116C5] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\WUDFUsbccidDriver.dll
2014-11-21 00:00 - 2014-11-21 00:25 - 000000000 ____D [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\UMDF\en-US
2014-11-21 00:00 - 2014-11-21 00:00 - 000002560 ____A [BE37860FC26885A492DE883F3938F639] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\en-US\HidBthLE.dll.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000002048 ____A [E5A318E3FAD0729EB0934117322E5594] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\en-US\hidscanner.dll.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000002560 ____A [EF3547EAF8B3AC95BCF36CB84B3C32DC] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\en-US\idtsec.dll.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000005632 ____A [7FFEA04D96C5961BBAC8253890661D4D] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\en-US\LocationProvider.dll.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000002560 ____A [AD4D7D1BF668CC7BACE7CAABF4344D4B] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\en-US\mgtdyn.dll.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000009728 ____A [EE3C4AFD2A446B676A9A3FFA92294F04] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\en-US\SensorsHIDClassDriver.dll.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000002560 ____A [7B6E6AE3E171D15C17B16A63810AEDEC] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\en-US\WpdMtpDr.dll.mui
2014-11-21 00:00 - 2014-11-21 00:00 - 000006144 ____A [4D56FE5E7334CD9C1D956F207D18E4EE] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\en-US\WUDFUsbccidDriver.dll.mui
 
====== End of Folder: ======
 
 
==== End of Fixlog 21:49:10 ====


#6 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,559 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:12:35 AM

Posted 24 October 2017 - 12:33 PM

  • Highlight the entire content of the quote box below.

Start::
C:\Windows\System32\Drivers\wdbuxaeh.sys
End::

  • Right click on the highlighted text and select Copy.
  • Start FRST (FRST64) with Administrator privileges
  • Press the Fix button. FRST will process the lines copied above from the clipboard.
  • When finished, a log file (Fixlog.txt) will pop up and saved in the same location the tool was ran from.
Please copy and paste its contents in your next reply.

Lets try JRT once again.

Please download Junkware Removal Tool to your Desktop.
  • Please close your security software to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click it and select Run as administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete, depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your Desktop and will automatically open.
  • Please post the contents of JRT.txt into your reply.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#7 misomisomiso

misomisomiso
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:35 AM

Posted 24 October 2017 - 05:02 PM

 

  • Highlight the entire content of the quote box below.

Start::
C:\Windows\System32\Drivers\wdbuxaeh.sys
End::

  • Right click on the highlighted text and select Copy.
  • Start FRST (FRST64) with Administrator privileges
  • Press the Fix button. FRST will process the lines copied above from the clipboard.
  • When finished, a log file (Fixlog.txt) will pop up and saved in the same location the tool was ran from.
Please copy and paste its contents in your next reply.

Lets try JRT once again.

Please download Junkware Removal Tool to your Desktop.
  • Please close your security software to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click it and select Run as administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete, depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your Desktop and will automatically open.
  • Please post the contents of JRT.txt into your reply.

 

 

Fixlog.txt

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 23-10-2017 01

Ran by Connie (24-10-2017 17:50:46) Run:6
Running from C:\Users\Connie\Downloads
Loaded Profiles: Connie (Available Profiles: Connie & Miso & Administrator & Guest)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
C:\WINDOWS\system32\mbbuzdxsvc.exe
C:\Users\Connie\AppData\Local\cwcvpok
C:\Users\Miso\AppData\Local\cwcvpok
C:\Users\Connie\AppData\Local\atrpvul
Folder: C:\Windows\System32\Drivers
*****************
 
C:\WINDOWS\system32\mbbuzdxsvc.exe => moved successfully
 
"C:\Users\Connie\AppData\Local\cwcvpok" folder move:
 
Could not move "C:\Users\Connie\AppData\Local\cwcvpok" => Scheduled to move on reboot.
 
"C:\Users\Miso\AppData\Local\cwcvpok" => not found.
"C:\Users\Connie\AppData\Local\atrpvul" => not found.
 
========================= Folder: C:\Windows\System32\Drivers ========================
 
2013-07-22 03:09 - 2013-07-22 03:09 - 000000000 ____A [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\1043_ASUSTEK_Q501LA_Q515LA_V50.MRK
2013-08-22 07:38 - 2013-08-22 07:38 - 000231424 ___AC [E1832BD9FD7E0FC2DC9FA5935DE3E8C1] (Microsoft Corporation) C:\Windows\System32\Drivers\1394ohci.sys
2013-08-22 02:57 - 2013-08-22 08:43 - 000108896 ____A [AD508A1A46EC21B740AB31C28EFDFDB1] (LSI) C:\Windows\System32\Drivers\3ware.sys
2014-11-21 05:15 - 2014-11-21 05:15 - 000533824 ___AC [E796AE43DDD1844281DB4D57294D17C0] (Microsoft Corporation) C:\Windows\System32\Drivers\acpi.sys
2013-08-22 07:37 - 2013-08-22 08:49 - 000079712 ____A [AC8279D229398BCF05C3154ADCA86813] (Microsoft Corporation) C:\Windows\System32\Drivers\acpiex.sys
2013-08-22 07:39 - 2013-08-22 07:38 - 000010240 ___AC [A8970D9BF23CD309E0403978A1B58F3F] (Microsoft Corporation) C:\Windows\System32\Drivers\acpipagr.sys
2013-08-22 07:39 - 2013-08-22 07:38 - 000012288 ___AC [111A89C99C5B4F1A7BCE5F643DD86F65] (Microsoft Corporation) C:\Windows\System32\Drivers\acpipmi.sys
2013-08-22 07:39 - 2013-08-22 07:38 - 000010752 ___AC [5758387D68A20AE7D3245011B07E36E7] (Microsoft Corporation) C:\Windows\System32\Drivers\acpitime.sys
2013-08-22 03:01 - 2013-08-22 08:43 - 000782176 ____A [7C1FDF1B48298CBA7CE4BDD4978951AD] (PMC-Sierra) C:\Windows\System32\Drivers\adp80xx.sys
2016-10-01 15:05 - 2015-10-13 13:10 - 000559616 ____A [A460C3AF3755A2A79A3C8EFE72E147B5] (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys
2016-12-21 07:58 - 2016-07-07 18:32 - 000095744 ____A [D5ECE7E7F349EB3C4B152AFF3577280D] (Microsoft Corporation) C:\Windows\System32\Drivers\agilevpn.sys
2013-08-22 07:39 - 2013-08-22 08:43 - 000062304 ___AC [7DFAEBA9AD62D20102B576D5CAC45EC8] (Microsoft Corporation) C:\Windows\System32\Drivers\AGP440.sys
2016-12-21 08:03 - 2015-03-19 21:56 - 000080384 ____A [FE14D249D39368CA62D8DA6BC94AC694] (Microsoft Corporation) C:\Windows\System32\Drivers\ahcache.sys
2013-03-13 00:12 - 2013-03-13 00:12 - 000017152 ____A [16F6F6B7903B913AB41AB848C8BB5658] (ASUSTek Computer Inc.) C:\Windows\System32\Drivers\AiCharger.sys
2013-08-22 04:46 - 2013-08-22 04:46 - 000095744 ___AC [7589DE749DB6F71A68489DCE04158729] (Microsoft Corporation) C:\Windows\System32\Drivers\amdk8.sys
2013-08-22 04:46 - 2013-08-22 04:46 - 000098816 ___AC [B46D2D89AFF8A9490FA8C98C7A5616E3] (Microsoft Corporation) C:\Windows\System32\Drivers\amdppm.sys
2013-08-22 03:01 - 2013-08-22 08:43 - 000079200 ____A [D2BF2F94A47D332814910FD47C6BBCD2] (Advanced Micro Devices) C:\Windows\System32\Drivers\amdsata.sys
2013-08-22 02:57 - 2013-08-22 08:43 - 000259424 ____A [A8E04943C7BBA7219AA50400272C3C6E] (AMD Technologies Inc.) C:\Windows\System32\Drivers\amdsbs.sys
2013-08-22 03:01 - 2013-08-22 08:43 - 000025952 ____A [CEA5F4F27CFC08E3A44D576811B35F50] (Advanced Micro Devices) C:\Windows\System32\Drivers\amdxata.sys
2013-05-01 02:46 - 2013-05-01 02:46 - 000165344 ____A [843ED44EC945DDF7268BA769C9091A40] (Windows ® Win 7 DDK provider) C:\Windows\System32\Drivers\AmpPal.sys
2014-11-21 05:15 - 2014-11-21 05:15 - 000082944 ____A [415DD71628795197F7AFC176CBADC74E] (Microsoft Corporation) C:\Windows\System32\Drivers\appid.sys
2013-08-22 03:01 - 2013-08-22 08:43 - 000114016 ____A [65045784366F7EC5FB4E71BCF923187B] (PMC-Sierra, Inc.) C:\Windows\System32\Drivers\arcsas.sys
2013-07-22 03:08 - 2012-05-30 23:47 - 000021152 ____A [A9F2301B8D28BB4D887F5AEBB55ACB3A] (ASUS) C:\Windows\System32\Drivers\AsHIDSwitch64.sys
2013-06-28 19:45 - 2013-06-28 19:45 - 000065784 ____A [74D09AC81A7BD9E5361B3F623F78608A] (ASUS Corporation) C:\Windows\System32\Drivers\AsusTP.sys
2013-08-22 07:39 - 2013-08-22 07:38 - 000026624 ____A [3DB7721F06BC2FEDB25029EA23AB27DA] (Microsoft Corporation) C:\Windows\System32\Drivers\asyncmac.sys
2013-08-22 08:22 - 2013-08-22 08:43 - 000026464 ___AC [74B14192CF79A72F7536B27CB8814FBD] (Microsoft Corporation) C:\Windows\System32\Drivers\atapi.sys
2013-08-22 08:22 - 2013-08-22 08:43 - 000199520 ___AC [38E1F4E0148A24C65D215F14D57B0711] (Microsoft Corporation) C:\Windows\System32\Drivers\ataport.sys
2013-08-22 07:39 - 2013-08-22 07:39 - 000050688 ___AC [8CC7F7E4AFCBA605921B137ED7992C68] (Microsoft Corporation) C:\Windows\System32\Drivers\BasicDisplay.sys
2017-04-11 15:38 - 2017-03-12 11:04 - 000033792 ___AC [195BD339B4B782B42C19489DCFB4D110] (Microsoft Corporation) C:\Windows\System32\Drivers\BasicRender.sys
2013-08-22 07:40 - 2013-08-22 08:49 - 000035168 ___AC [99387C515F80270F097F6DD9B5315649] (Microsoft Corporation) C:\Windows\System32\Drivers\battc.sys
2013-08-22 02:57 - 2013-08-12 19:25 - 000017624 ____A [C1ABB0F7E3BEA48A0417BDF6FF14AB21] (Windows ® Win 7 DDK provider) C:\Windows\System32\Drivers\bcmfn2.sys
2013-08-22 07:40 - 2013-08-22 07:40 - 000007680 ____A [EC19013E4CF87609534165DF897274D6] (Microsoft Corporation) C:\Windows\System32\Drivers\beep.sys
2016-11-10 22:28 - 2016-10-04 16:39 - 000101376 ____A [4938A9236300A356F97E378491EE4844] (Microsoft Corporation) C:\Windows\System32\Drivers\bowser.sys
2014-11-21 05:16 - 2014-11-21 05:16 - 000115712 ____A [F3C060444777A59FC63D920719E43CCD] (Microsoft Corporation) C:\Windows\System32\Drivers\bridge.sys
2014-11-21 04:52 - 2014-11-21 04:52 - 000019456 ___AC [1C89EF529DB7DCA98E801EFDCC8437DE] (Microsoft Corporation) C:\Windows\System32\Drivers\BtaMPM.sys
2013-08-22 07:38 - 2013-08-22 07:38 - 000036992 ___AC [A8F23D453A424FF4DE04989C4727ECC7] (Microsoft Corporation) C:\Windows\System32\Drivers\BthAvrcpTg.sys
2014-11-21 05:15 - 2014-11-21 05:15 - 000053248 ___AC [1104A31260CCF4318C884E0AE6C513BF] (Microsoft Corporation) C:\Windows\System32\Drivers\bthenum.sys
2016-12-21 08:00 - 2015-03-08 22:02 - 000057856 ___AC [272A62B660A48AEF366F8A1836CED19F] (Microsoft Corporation) C:\Windows\System32\Drivers\bthhfenum.sys
2013-08-22 07:38 - 2013-08-22 07:38 - 000030720 ___AC [71FE2A48E4C93DDB9798C024880B6C07] (Microsoft Corporation) C:\Windows\System32\Drivers\BthhfHid.sys
2014-11-21 04:52 - 2014-11-21 04:52 - 000226304 ___AC [D30C67473A2E229662D21F27EAA9AAA5] (Microsoft Corporation) C:\Windows\System32\Drivers\BthLEEnum.sys
2014-11-21 05:15 - 2014-11-21 05:15 - 000064000 ___AC [EF4B9E7C9AD88C00C18A12B0D22D1894] (Microsoft Corporation) C:\Windows\System32\Drivers\bthmodem.sys
2017-07-11 15:44 - 2017-07-06 04:52 - 000119296 ___AC [D0AF91AF656E25AD8617EFA5B52EF457] (Microsoft Corporation) C:\Windows\System32\Drivers\bthpan.sys
2016-12-21 08:00 - 2015-05-11 14:17 - 001201664 ___AC [0CC00ADC1B84C93FB46E1A0974E956E1] (Microsoft Corporation) C:\Windows\System32\Drivers\bthport.sys
2014-11-21 05:15 - 2014-11-21 05:15 - 000081920 ___AC [08EA90955AED2D959EE67DF6EDF0E2B6] (Microsoft Corporation) C:\Windows\System32\Drivers\BTHUSB.SYS
2013-04-23 18:50 - 2013-04-23 18:50 - 001385272 ____A [00C8888A6E77AC48EB9945C601A1568F] (Motorola Solutions, Inc.) C:\Windows\System32\Drivers\btmhsf.sys
2013-08-22 02:57 - 2013-08-22 08:43 - 000531296 ____A [A4A73F631FE2AA2826FBE4A399B04DEF] (Broadcom Corporation) C:\Windows\System32\Drivers\bxvbda.sys
2013-08-22 07:40 - 2013-08-22 07:40 - 000088576 ____A [2FA6510E33F7DEFEC03658B74101A9B9] (Microsoft Corporation) C:\Windows\System32\Drivers\cdfs.sys
2013-08-22 04:46 - 2013-08-22 04:46 - 000164352 ___AC [C6796EA22B513E3457514D92DCDB1A3D] (Microsoft Corporation) C:\Windows\System32\Drivers\cdrom.sys
2013-08-22 07:38 - 2013-08-22 07:38 - 000044032 ___AC [BE9936EDD3267FAAFF94A7835867F00B] (Microsoft Corporation) C:\Windows\System32\Drivers\circlass.sys
2017-03-13 22:21 - 2016-05-06 17:59 - 000331608 ____A [F9ED4FFE6EBAC59F564323848974C3B4] (Microsoft Corporation) C:\Windows\System32\Drivers\Classpnp.sys
2017-08-08 15:18 - 2017-07-08 16:14 - 000376672 ____A [39D72BA91AFE3C81C1AB0DE41AA07EF3] (Microsoft Corporation) C:\Windows\System32\Drivers\clfs.sys
2013-08-22 07:39 - 2013-08-22 07:39 - 000025472 ___AC [EF6EF85DADC3184A10D8F2F7159973CB] (Microsoft Corporation) C:\Windows\System32\Drivers\CmBatt.sys
2016-12-14 14:10 - 2016-10-10 14:18 - 000022360 ____A [53517BC5BC4DD8B1FC860300A193E992] (Microsoft Corporation) C:\Windows\System32\Drivers\cmimcext.sys
2017-03-14 23:31 - 2017-01-21 17:37 - 000567152 ____A [C8823A6ECE66B997C8E9F413D1D671E7] (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys
2013-08-22 07:39 - 2013-08-22 07:38 - 000036352 ___AC [03AAED827C36F35D70900558B8274905] (Microsoft Corporation) C:\Windows\System32\Drivers\CompositeBus.sys
2013-08-22 09:25 - 2013-08-22 09:25 - 000043008 ____A [A1FF7DFBFBE164CF92603C651D304DD2] (Microsoft Corporation) C:\Windows\System32\Drivers\condrv.sys
2013-08-22 07:40 - 2013-08-22 08:43 - 000068960 ____A [FA47B0AA255B7CF4519E995C6404AE22] (Microsoft Corporation) C:\Windows\System32\Drivers\crashdmp.sys
2013-08-22 07:39 - 2013-08-22 08:50 - 000057696 ____A [315BA4BC19316D72B2E037534E048B93] (Microsoft Corporation) C:\Windows\System32\Drivers\dam.sys
2017-04-11 15:38 - 2017-01-10 18:37 - 000138752 ____A [4FED6AD69C9EE1EE7FD3C88437138855] (Microsoft Corporation) C:\Windows\System32\Drivers\dfsc.sys
2017-09-12 15:52 - 2017-07-07 23:14 - 000100184 ___AC [BF6D8575DDF30384939B2D5251F27C1F] (Microsoft Corporation) C:\Windows\System32\Drivers\disk.sys
2013-08-22 07:40 - 2013-08-22 08:43 - 000036192 ____A [224C2CB37497472C345CB2A02DF11363] (Microsoft Corporation) C:\Windows\System32\Drivers\Diskdump.sys
2013-08-22 07:40 - 2013-08-22 07:40 - 000013312 ____A [407B4FC1AEE5C19AC2ED7118CBB271E9] (Microsoft Corporation) C:\Windows\System32\Drivers\Dmpusbstor.sys
2013-08-22 07:37 - 2013-08-22 07:37 - 000029696 ____A [EB70A894708D1BC176AFD690FF06085F] (Microsoft Corporation) C:\Windows\System32\Drivers\dmvsc.sys
2013-07-22 03:08 - 2013-04-21 22:13 - 000068072 ____A [68E2849CF59D54557F5CC6911EE5B26F] (Intel Corporation) C:\Windows\System32\Drivers\DptfDevDram.sys
2013-07-22 03:08 - 2013-04-21 22:13 - 000057216 ____A [76C91DB88A8CEE7711F41ADF08128522] (Intel Corporation) C:\Windows\System32\Drivers\DptfDevPch.sys
2013-07-22 03:08 - 2013-04-21 22:13 - 000120256 ____A [82D5BA44F3A32EE7D41D2E8B4361AD9B] (Intel Corporation) C:\Windows\System32\Drivers\DptfDevProc.sys
2013-07-22 03:08 - 2013-04-21 22:13 - 000200808 ____A [66AA3E34E06A32B60573926DD861D70E] (Intel Corporation) C:\Windows\System32\Drivers\DptfManager.sys
2014-11-21 05:15 - 2014-11-21 05:15 - 000089088 ___AC [F00B189ECA74DDF408AD934ADDC72477] (Microsoft Corporation) C:\Windows\System32\Drivers\drmk.sys
2014-11-21 05:15 - 2014-11-21 05:15 - 000014528 ___AC [00C594D5A1DBD22AD8B2902B9F6EFF94] (Microsoft Corporation) C:\Windows\System32\Drivers\drmkaud.sys
2013-08-22 07:39 - 2013-08-22 08:39 - 000033632 ____A [05F5C162881BE293956C60456EDB0092] (Microsoft Corporation) C:\Windows\System32\Drivers\Dumpata.sys
2017-03-13 22:21 - 2016-06-18 16:06 - 000072408 ____A [C5196B53CA2F8FC637D20DEC386CFBE2] (Microsoft Corporation) C:\Windows\System32\Drivers\dumpfve.sys
2016-12-21 07:58 - 2015-03-13 00:03 - 000154432 ___AC [95E295FD19F80B3AD33629B5AEFEC9C7] (Microsoft Corporation) C:\Windows\System32\Drivers\dumpsd.sys
2017-05-09 13:46 - 2017-04-09 18:00 - 001548640 ____A [24C40570BAFEA48E9CB2B87008DCA152] (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
2017-05-09 13:46 - 2017-04-09 18:00 - 000388448 ____A [0711E11DF676BC41B641ED31F9772517] (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms1.sys
2013-08-22 07:38 - 2013-08-22 08:43 - 000082784 ____A [43531A5993380CC5113242C29D265FD9] (Microsoft Corporation) C:\Windows\System32\Drivers\EhStorClass.sys
2013-08-22 07:37 - 2013-08-22 08:43 - 000114016 ___AC [6F8E738A9505A388B1157FDDE7B3101B] (Microsoft Corporation) C:\Windows\System32\Drivers\EhStorTcgDrv.sys
2013-08-22 07:38 - 2013-08-22 07:38 - 000010240 ___AC [DFFFAE1442BA4076E18EED5E406FA0D3] (Microsoft Corporation) C:\Windows\System32\Drivers\errdev.sys
2013-08-22 02:57 - 2013-08-22 08:43 - 003357024 ____A [114BCFDF367FF37C3F1B0A96AF542E4D] (Broadcom Corporation) C:\Windows\System32\Drivers\evbda.sys
2013-08-22 07:40 - 2013-08-22 07:40 - 000200704 ____A [7729D294A555C7AEB281ED8E4D0E01E4] (Microsoft Corporation) C:\Windows\System32\Drivers\exfat.sys
2017-10-10 22:13 - 2017-10-11 20:11 - 000110016 ____A [20046A5DB1466EBD0DCAEB84D00C5432] (Malwarebytes) C:\Windows\System32\Drivers\farflt.sys
2013-08-22 07:40 - 2013-08-22 08:49 - 000217952 ____A [7C4E0D5900B2A1D11EDD626D6DDB937B] (Microsoft Corporation) C:\Windows\System32\Drivers\fastfat.sys
2013-08-22 07:40 - 2013-08-22 07:40 - 000030720 ___AC [5D8402613E778B3BD45E687A8372710B] (Microsoft Corporation) C:\Windows\System32\Drivers\fdc.sys
2014-11-21 04:52 - 2014-11-21 04:52 - 000079192 ____A [BCFD8B149B3ADF92D0DB1E909CAF0265] (Microsoft Corporation) C:\Windows\System32\Drivers\fileinfo.sys
2013-08-22 07:39 - 2013-08-22 07:39 - 000034816 ____A [A1A66C4FDAFD6B0289523232AFB7D8AF] (Microsoft Corporation) C:\Windows\System32\Drivers\filetrace.sys
2013-08-22 07:40 - 2013-08-22 07:40 - 000025088 ___AC [BE743083CF7063C486A4398E3AEFE59A] (Microsoft Corporation) C:\Windows\System32\Drivers\flpydisk.sys
2014-11-21 05:15 - 2014-11-21 05:15 - 000354112 ____A [C1FB505A73FA2E9019D32444AB33B75A] (Microsoft Corporation) C:\Windows\System32\Drivers\fltMgr.sys
2013-08-22 09:25 - 2013-08-22 09:25 - 000030048 ____A [09F460AFEDCA03F3BF6E07D1CCC9AC42] (Microsoft Corporation) C:\Windows\System32\Drivers\fs_rec.sys
2014-11-21 05:15 - 2014-11-21 05:15 - 000061248 ____A [A7C31B168F371E8E6796219F23E354DB] (Microsoft Corporation) C:\Windows\System32\Drivers\fsdepends.sys
2017-03-13 22:22 - 2016-06-18 16:06 - 000590688 ____A [D4AB6EE3D715BC44C00277FD934FAACF] (Microsoft Corporation) C:\Windows\System32\Drivers\fvevol.sys
2017-08-08 15:18 - 2017-06-07 00:25 - 000428888 ____A [2AA78D58E9EEA2D2F04CC3EB6817B0D4] (Microsoft Corporation) C:\Windows\System32\Drivers\FWPKCLNT.SYS
2013-08-22 04:46 - 2013-08-22 04:46 - 000027136 ___AC [9591D0B9351ED489EAFD9D1CE52A8015] (Microsoft Corporation) C:\Windows\System32\Drivers\fxppm.sys
2013-08-22 07:39 - 2013-08-22 08:43 - 000065888 ____A [FC3EF65EE20D39F8749C2218DBA681CA] (Microsoft Corporation) C:\Windows\System32\Drivers\GAGP30KX.SYS
2013-08-22 03:51 - 2013-06-18 10:41 - 003440660 ____A [7F29903CB8F5590D52DB0C9F97049A25] () C:\Windows\System32\Drivers\gm.dls
2013-08-22 03:51 - 2013-06-18 10:41 - 000000646 ____A [7111BFA692A22E4B3C07F1E6C6FF6F72] () C:\Windows\System32\Drivers\gmreadme.txt
2014-11-21 05:15 - 2014-11-21 05:15 - 000076800 ___AC [D4B7ED39C7900384D9E5C1283F1E7926] (Microsoft Corporation) C:\Windows\System32\Drivers\hdaudbus.sys
2013-08-22 07:39 - 2013-08-22 07:39 - 000026624 ___AC [10A70BC1871CD955D85CD88372724906] (Microsoft Corporation) C:\Windows\System32\Drivers\hidbatt.sys
2016-12-21 08:00 - 2015-01-29 23:01 - 000097792 ___AC [42F88B57CAE42FC10059C887B3FCFCEA] (Microsoft Corporation) C:\Windows\System32\Drivers\hidbth.sys
2017-03-13 22:21 - 2016-05-13 19:08 - 000111616 ___AC [177D76B32D417537FAADFF90237A508B] (Microsoft Corporation) C:\Windows\System32\Drivers\hidclass.sys
2013-08-22 07:37 - 2013-08-22 07:37 - 000041472 ___AC [C241A8BAFBBFC90176EA0F5240EACC17] (Microsoft Corporation) C:\Windows\System32\Drivers\hidi2c.sys
2013-08-22 07:39 - 2013-08-22 07:39 - 000045568 ____A [9BDDEE26255421017E161CCB9D5EDA95] (Microsoft Corporation) C:\Windows\System32\Drivers\hidir.sys
2017-03-13 22:21 - 2016-05-13 19:08 - 000032512 ___AC [24E6C1F418BACEE4E7D18266F48FF2EA] (Microsoft Corporation) C:\Windows\System32\Drivers\hidparse.sys
2017-03-13 22:21 - 2016-05-13 19:08 - 000032768 ___AC [49676FEC898AB2A11B157F848269A56E] (Microsoft Corporation) C:\Windows\System32\Drivers\hidusb.sys
2017-10-11 20:05 - 2017-10-23 14:54 - 000055232 ____A [D8B279B390DCF00AA20FB599EB37AD5F] () C:\Windows\System32\Drivers\hitmanpro37.sys
2013-08-22 02:57 - 2013-08-22 08:43 - 000064352 ____A [A6AACEA4C785789BDA5912AD1FEDA80D] (Hewlett-Packard Company) C:\Windows\System32\Drivers\HpSAMD.sys
2017-07-11 15:44 - 2017-06-15 18:02 - 000990040 ____A [61C5D4EF4BE4EA271B90135490C67447] (Microsoft Corporation) C:\Windows\System32\Drivers\http.sys
2013-08-22 07:40 - 2013-08-22 08:39 - 000024416 ____A [90656C0B3864804B090434EFC582404F] (Microsoft Corporation) C:\Windows\System32\Drivers\hwpolicy.sys
2013-08-22 07:37 - 2013-08-22 07:37 - 000013824 ____A [6D6F9E3BF0484967E52F7E846BFF1CA1] (Microsoft Corporation) C:\Windows\System32\Drivers\hyperkbd.sys
2013-08-22 07:39 - 2013-08-22 07:39 - 000022016 ____A [907C870F8C31F8DDD6F090857B46AB25] (Microsoft Corporation) C:\Windows\System32\Drivers\HyperVideo.sys
2016-12-21 08:03 - 2014-11-04 02:54 - 000108544 ___AC [49EE0AE9E5B64FFBBD06D55C4984B598] (Microsoft Corporation) C:\Windows\System32\Drivers\i8042prt.sys
2013-08-22 02:57 - 2013-07-30 14:47 - 000024568 ____A [5D90E32E36CE5D4C535D17CE08AEAF05] (Intel Corporation) C:\Windows\System32\Drivers\iaLPSSi_GPIO.sys
2013-08-22 02:57 - 2013-07-25 15:05 - 000099320 ____A [DD05E7E80F52ADE9AEB292819920F32C] (Intel Corporation) C:\Windows\System32\Drivers\iaLPSSi_I2C.sys
2013-07-22 03:08 - 2013-05-02 21:54 - 000677360 ____A [0A34D806EF2767E62CAFEA1A150A8830] (Intel Corporation) C:\Windows\System32\Drivers\iaStorA.sys
2013-08-22 03:01 - 2013-08-09 20:39 - 000651248 ____A [08BFE413B0B4AA8DFA4B5684CE06D3DC] (Intel Corporation) C:\Windows\System32\Drivers\iaStorAV.sys
2013-08-22 03:01 - 2013-08-22 08:43 - 000412000 ____A [A2200C3033FA4EF249FC096A7A7D02A2] (Intel Corporation) C:\Windows\System32\Drivers\iaStorV.sys
2013-06-03 14:58 - 2013-06-03 14:58 - 000115656 ____A [6C23262230188DAE2E8D27B7F21CCC02] (Intel Corporation) C:\Windows\System32\Drivers\ibtusb.sys
2013-10-01 13:02 - 2013-10-01 13:02 - 004177920 ____A [16D939A13CFB82DEE0B9DB12E45C7B4E] (Intel Corporation) C:\Windows\System32\Drivers\igdkmd64.sys
2013-05-30 19:39 - 2013-05-30 19:39 - 000021048 ____A [E18725531054FE222115873AC1CCB02B] () C:\Windows\System32\Drivers\ikbevent.sys
2013-05-30 19:39 - 2013-05-30 19:39 - 000021048 ____A [45060257BCA3D60204FEC29F6E6DE458] () C:\Windows\System32\Drivers\imsevent.sys
2013-07-22 03:06 - 2013-05-28 05:32 - 000442368 ____A [0E0B99617ED3FDB6C5F0E2D62709B5DF] (Intel® Corporation) C:\Windows\System32\Drivers\IntcDAud.sys
2013-08-22 18:56 - 2013-08-22 18:51 - 000039320 ____A [DB65573521AB51941F4FA799D0968136] (Intel Corporation) C:\Windows\System32\Drivers\intelaud.sys
2013-08-22 08:22 - 2013-08-22 08:43 - 000018272 ____A [4E448FCFFD00E8D657CD9E48D3E47157] (Microsoft Corporation) C:\Windows\System32\Drivers\intelide.sys
2013-10-05 19:58 - 2013-05-31 16:30 - 000016344 ____A [BB23D21358B2EEFFBD88F2898B52096D] (Intel Corporation) C:\Windows\System32\Drivers\IntelMEFWVer.dll
2014-11-21 05:15 - 2014-11-21 05:15 - 000039744 ___AC [A770340FC02B999EF0DE6C2A6BC8437C] (Microsoft Corporation) C:\Windows\System32\Drivers\intelpep.sys
2013-08-22 04:46 - 2013-08-22 04:46 - 000098816 ___AC [47E74A8E53C7C24DCE38311E1451C1D9] (Microsoft Corporation) C:\Windows\System32\Drivers\intelppm.sys
2013-08-22 07:35 - 2013-08-22 07:35 - 000084992 ____A [9DB76D7F9E4E53EFE5DD8C53DE837514] (Microsoft Corporation) C:\Windows\System32\Drivers\ipfltdrv.sys
2016-12-21 08:02 - 2016-02-03 11:14 - 000080896 ____A [C800DCD904016B2BF6AB541083770A3A] (Microsoft Corporation) C:\Windows\System32\Drivers\IPMIDrv.sys
2014-11-21 04:52 - 2014-11-21 04:52 - 000142848 ____A [B7342B3C58E91107F6E946A93D9D4EFD] (Microsoft Corporation) C:\Windows\System32\Drivers\ipnat.sys
2013-08-22 07:37 - 2013-08-22 07:37 - 000118784 ____A [D826F4874A372FAE2F42478E0975EA02] (Microsoft Corporation) C:\Windows\System32\Drivers\irda.sys
2013-08-22 07:38 - 2013-08-22 07:38 - 000017920 ____A [AE44C526AB5F8A487D941CEB57B10C97] (Microsoft Corporation) C:\Windows\System32\Drivers\irenum.sys
2013-08-22 07:40 - 2013-08-22 08:43 - 000021856 ___AC [8AFEEA3955AA43616A60F133B1D25F21] (Microsoft Corporation) C:\Windows\System32\Drivers\isapnp.sys
2013-05-30 19:39 - 2013-05-30 19:39 - 000046568 ____A [4EE2423C38F43D37F8497A672FD10BDC] () C:\Windows\System32\Drivers\ISCTD64.sys
2013-08-22 18:56 - 2013-08-22 18:51 - 000026008 ____A [2C04ACF9070282AC9AA837C52CA3C128] (Intel Corporation) C:\Windows\System32\Drivers\iwdbus.sys
2016-12-21 08:03 - 2014-11-04 15:25 - 000059712 ___AC [5917AFE4A3F695A54B99C1849C8207FE] (Microsoft Corporation) C:\Windows\System32\Drivers\kbdclass.sys
2016-12-21 08:03 - 2014-11-04 02:54 - 000032256 ___AC [8CD840A062F6BDF41DDE3ACB96164B72] (Microsoft Corporation) C:\Windows\System32\Drivers\kbdhid.sys
2013-07-22 03:08 - 2012-08-01 23:22 - 000014992 ____A [A8080BEBCDB7A16495CE1205921DCAC5] ( ) C:\Windows\System32\Drivers\kbfiltr.sys
2013-08-22 07:38 - 2013-08-22 07:38 - 000019456 ___AC [813871C7D402A05F2E3A7075F9584A05] (Microsoft Corporation) C:\Windows\System32\Drivers\kdnic.sys
2014-11-21 05:15 - 2014-11-21 05:15 - 000295424 ____A [1DD05F4857C2188744B9E864658949DD] (Microsoft Corporation) C:\Windows\System32\Drivers\ks.sys
2016-10-01 14:44 - 2016-08-22 12:06 - 000100184 ____A [304DA394D958BC3B62AF6DF514005B01] (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys
2016-10-01 14:44 - 2016-05-18 19:16 - 000178016 ____A [3D4AE520CD6F6FFE549DD195C1F515BE] (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
2013-08-22 07:39 - 2013-08-22 07:39 - 000021248 ____A [11AFB527AA370B1DAFD5C36F35F6D45F] (Microsoft Corporation) C:\Windows\System32\Drivers\ksthunk.sys
2013-08-22 07:36 - 2013-08-22 07:36 - 000059392 ____A [C09010B3680860131631F53E8FE7BAD8] (Microsoft Corporation) C:\Windows\System32\Drivers\lltdio.sys
2013-08-22 02:57 - 2013-08-22 08:43 - 000109408 ____A [C755AE4635457AA2A11F79C0DF857ABC] (LSI Corporation) C:\Windows\System32\Drivers\lsi_sas.sys
2013-08-22 02:57 - 2013-08-22 08:43 - 000093536 ____A [ADAC09CBE7A2040B7F68B5E5C9A75141] (LSI Corporation) C:\Windows\System32\Drivers\lsi_sas2.sys
2013-08-22 02:57 - 2013-08-22 08:43 - 000081760 ____A [04D1274BB9BBCCF12BD12374002AA191] (LSI Corporation) C:\Windows\System32\Drivers\lsi_sas3.sys
2013-08-22 02:57 - 2013-08-22 08:43 - 000082784 ____A [327469EEF3833D0C584B7E88A76AEC0C] (LSI Corporation) C:\Windows\System32\Drivers\lsi_sss.sys
2014-11-21 04:52 - 2014-11-21 04:52 - 000124416 ____A [DDEE191AB32DFC22C6465002ECDF5EE4] (Microsoft Corporation) C:\Windows\System32\Drivers\luafv.sys
2017-10-10 22:13 - 2017-10-04 13:15 - 000077440 ____A [11B9D886D7AE2F2F5C6BC03D7C52FD31] () C:\Windows\System32\Drivers\mbae64.sys
2017-10-10 22:13 - 2017-10-11 20:11 - 000045504 ____A [30F7226AC3603A18FC86DFBEA5EBB13D] (Malwarebytes) C:\Windows\System32\Drivers\mbam.sys
2013-08-22 07:39 - 2013-08-22 07:39 - 000022016 ____A [C895E3FAE8628EAA4ADE0F52862CA575] (Microsoft Corporation) C:\Windows\System32\Drivers\mcd.sys
2013-08-22 02:57 - 2013-08-22 08:43 - 000056672 ____A [EB5C03A070F30D64A6DF80E53B22F53F] (LSI Corporation) C:\Windows\System32\Drivers\megasas.sys
2013-08-22 02:57 - 2013-08-22 08:43 - 000575840 ____A [F6F13533196DE7A582D422B0241E4363] (LSI Corporation, Inc.) C:\Windows\System32\Drivers\megasr.sys
2013-08-22 07:40 - 2013-08-22 07:40 - 000040960 ____A [8B38C44F69259987C95135C9627E2378] (Microsoft Corporation) C:\Windows\System32\Drivers\modem.sys
2013-08-22 07:36 - 2013-08-22 07:36 - 000030208 ___AC [601589000CC90F0DF8DA2CC254A3CCC9] (Microsoft Corporation) C:\Windows\System32\Drivers\monitor.sys
2016-12-21 08:03 - 2014-11-04 15:25 - 000051008 ___AC [08374E4E5B8914DE6067CBA99F61E930] (Microsoft Corporation) C:\Windows\System32\Drivers\mouclass.sys
2016-12-21 08:03 - 2014-11-04 02:54 - 000030208 ___AC [5FCBAB60598AE119E02B4C27DE6B99EA] (Microsoft Corporation) C:\Windows\System32\Drivers\mouhid.sys
2017-06-14 18:58 - 2017-05-10 14:19 - 000101720 ____A [E5E8665272EBCD87A0A632314F0D221D] (Microsoft Corporation) C:\Windows\System32\Drivers\mountmgr.sys
2014-11-21 05:16 - 2014-11-21 05:16 - 000074240 ____A [6FC047578785B0435F4E2660946D1ADC] (Microsoft Corporation) C:\Windows\System32\Drivers\mpsdrv.sys
2016-10-12 19:26 - 2016-09-08 10:00 - 000140800 ____A [3F818C1518DA702C8F10259095C9BDE0] (Microsoft Corporation) C:\Windows\System32\Drivers\mrxdav.sys
2017-04-11 15:38 - 2017-06-14 18:19 - 000401408 ____A [E2FC654EC895E92A022794329BFC53EC] (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb.sys
2017-10-11 19:22 - 2017-09-07 17:32 - 000285184 ____A [AFE6DC2E57E876175BA074AD2CB5594F] (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb10.sys
2017-04-11 15:38 - 2017-06-14 18:19 - 000201728 ____A [B37B58F9F80A51098C42663D5FA5F2BA] (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb20.sys
2013-08-22 09:25 - 2013-08-22 09:25 - 000030208 ____A [D13329FBF8345B28AB30F44CC247DC08] (Microsoft Corporation) C:\Windows\System32\Drivers\msfs.sys
2013-10-05 20:07 - 2013-10-05 20:07 - 000000000 ___AH [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\Msft_Kernel_btmaux_01009.Wdf
2016-09-29 18:13 - 2016-09-29 18:13 - 000000000 ___AH [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\Msft_Kernel_btmhsf_01011.Wdf
2016-09-29 18:12 - 2016-09-29 18:12 - 000000000 ___AH [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\Msft_Kernel_DptfDevDram_01011.Wdf
2016-09-29 18:12 - 2016-09-29 18:12 - 000000000 ___AH [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\Msft_Kernel_DptfDevPch_01011.Wdf
2016-09-29 18:12 - 2016-09-29 18:12 - 000000000 ___AH [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\Msft_Kernel_DptfDevProc_01011.Wdf
2016-09-29 18:12 - 2016-09-29 18:12 - 000000000 ___AH [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\Msft_Kernel_DptfManager_01011.Wdf
2017-01-05 22:50 - 2017-01-05 22:50 - 000000000 ___AH [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\Msft_Kernel_netaapl64_01009.Wdf
2016-09-29 18:12 - 2016-09-29 18:12 - 000000000 ___AH [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2016-09-28 22:14 - 2016-09-28 22:14 - 000000000 ___AH [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2016-09-28 07:19 - 2016-09-28 07:19 - 000000000 ___AH [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2013-07-10 22:02 - 2013-07-10 22:02 - 000000000 ___AH [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\Msft_User_WUDFUsbccidDriver_01_11_00.Wdf
2013-08-22 07:39 - 2013-06-18 10:52 - 000000003 ____A [933222B19FF3E7EA5F65517EA1F7D57E] () C:\Windows\System32\Drivers\MsftWdf_Kernel_01013_Inbox_Critical.Wdf
2013-08-22 07:49 - 2013-06-18 11:20 - 000000003 ____A [933222B19FF3E7EA5F65517EA1F7D57E] () C:\Windows\System32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2014-11-21 05:15 - 2014-11-21 05:15 - 000146752 ____A [8DF1254093B5C354CE725EB6B9B0DE19] (Microsoft Corporation) C:\Windows\System32\Drivers\msgpioclx.sys
2013-08-22 07:38 - 2013-08-22 08:43 - 000041824 ___AC [C6B474E46F9E543B875981ED3FFE6ADD] (Microsoft Corporation) C:\Windows\System32\Drivers\msgpiowin32.sys
2013-08-22 07:39 - 2013-08-22 07:39 - 000008192 ____A [65C92EB9D08DB5C69F28C7FFD4E84E31] (Microsoft Corporation) C:\Windows\System32\Drivers\mshidkmdf.sys
2013-08-22 07:39 - 2013-08-22 07:39 - 000009728 ____A [52299F086AC2DAFD100DD5DC4A8614BA] (Microsoft Corporation) C:\Windows\System32\Drivers\mshidumdf.sys
2013-08-22 07:39 - 2013-08-22 08:43 - 000017248 ___AC [36D92AF3343C3A3E57FEF11C449AEA4C] (Microsoft Corporation) C:\Windows\System32\Drivers\msisadrv.sys
2017-08-08 15:18 - 2017-06-11 20:14 - 000276320 ___AC [C378ED678D1316721A40E1F60FB76184] (Microsoft Corporation) C:\Windows\System32\Drivers\msiscsi.sys
2013-08-22 07:39 - 2013-08-22 07:39 - 000010624 ____A [A9BBBD2BAE6142253B9195E949AC2E8D] (Microsoft Corporation) C:\Windows\System32\Drivers\mskssrv.sys
2014-11-21 05:16 - 2014-11-21 05:16 - 000066560 ____A [51B3AC0560848CD6D65AC2033E293113] (Microsoft Corporation) C:\Windows\System32\Drivers\mslldp.sys
2013-08-22 07:39 - 2013-08-22 07:39 - 000006784 ____A [1E88171579B218115C7A772F8DE04BD8] (Microsoft Corporation) C:\Windows\System32\Drivers\mspqm.sys
2013-08-22 09:25 - 2013-08-22 09:25 - 000366432 ____A [BBE2A455053E63BECBF42C2F9B21FAE0] (Microsoft Corporation) C:\Windows\System32\Drivers\msrpc.sys
2013-08-22 07:39 - 2013-08-22 08:49 - 000037728 ___AC [8D6B7D515C5CBCDB75B928A0B73C3C5E] (Microsoft Corporation) C:\Windows\System32\Drivers\mssmbios.sys
2013-08-22 07:38 - 2013-08-22 07:38 - 000007936 ____A [115019AE01E0EB9C048530D2928AB4A2] (Microsoft Corporation) C:\Windows\System32\Drivers\mstee.sys
2013-08-22 07:37 - 2013-08-22 07:37 - 000013312 ___AC [96D604A35070360F0DD4A7A8AF410B5E] (Microsoft Corporation) C:\Windows\System32\Drivers\MTConfig.sys
2017-03-13 22:21 - 2016-04-06 17:21 - 000114528 ____A [438EA7A2D8D4F9B8AFB64748ACA70BA8] (Microsoft Corporation) C:\Windows\System32\Drivers\mup.sys
2013-08-22 02:57 - 2013-08-22 08:43 - 000063840 ____A [B8C35C94DCB2DFEAF03BB42131F2F77F] (Marvell Semiconductor, Inc.) C:\Windows\System32\Drivers\mvumis.sys
2017-10-10 22:13 - 2017-10-10 23:53 - 000094144 ____A [482F6D603BDCC825768D86D8228BD65F] (Malwarebytes) C:\Windows\System32\Drivers\mwac.sys
2017-04-11 15:38 - 2017-01-18 22:18 - 001113944 ____A [FFAA6C6E798FBA448FA7628A1B277F5C] (Microsoft Corporation) C:\Windows\System32\Drivers\ndis.sys
2014-11-21 05:16 - 2014-11-21 05:16 - 000043008 ____A [8CECC8DA55F3274181FD1EA28AD76664] (Microsoft Corporation) C:\Windows\System32\Drivers\ndiscap.sys
2014-11-21 05:16 - 2014-11-21 05:16 - 000126464 ____A [269882812E9A68FFF1AFE1283D428322] (Microsoft Corporation) C:\Windows\System32\Drivers\NdisImPlatform.sys
2014-11-21 05:16 - 2014-11-21 05:16 - 000024576 ____A [82821F4EEC776B4CF11695A38F3ABA46] (Microsoft Corporation) C:\Windows\System32\Drivers\ndistapi.sys
2013-08-22 07:37 - 2013-08-22 07:37 - 000060416 ____A [B832B35055BA2B7B4181861FF94D8E59] (Microsoft Corporation) C:\Windows\System32\Drivers\ndisuio.sys
2013-08-22 07:36 - 2013-08-22 07:36 - 000016384 ____A [1F58E48EF75F34C35D8E93A0DC535CFE] (Microsoft Corporation) C:\Windows\System32\Drivers\NdisVirtualBus.sys
2017-03-13 22:21 - 2016-04-05 18:37 - 000205824 ____A [C3755FCF9A0B5C6FE8ED9E873B85D3CE] (Microsoft Corporation) C:\Windows\System32\Drivers\ndiswan.sys
2014-11-21 05:16 - 2014-11-21 05:16 - 000072192 ____A [DDD7F92A83F74D1476B71FBA9530A8DC] (Microsoft Corporation) C:\Windows\System32\Drivers\ndproxy.sys
2014-11-21 05:16 - 2014-11-21 05:16 - 000103424 ____A [3083926D1CC5B56EA0786527B557DD1B] (Microsoft Corporation) C:\Windows\System32\Drivers\Ndu.sys
2016-03-28 12:41 - 2016-03-28 12:41 - 000023040 ____A [EE00C544C025958AF50C7B199F3C8595] (Apple Inc.) C:\Windows\System32\Drivers\netaapl64.sys
2014-11-21 05:16 - 2014-11-21 05:16 - 000048128 ____A [42FF4975D032CAE558AE4BB8448F6E5A] (Microsoft Corporation) C:\Windows\System32\Drivers\netbios.sys
2017-09-12 15:52 - 2017-08-10 23:27 - 000281600 ____A [0FE750800DEEE91D22399D081371BA79] (Microsoft Corporation) C:\Windows\System32\Drivers\netbt.sys
2017-07-11 15:44 - 2017-05-31 17:20 - 000470360 ____A [D8BBF2E779040E5BCBA68E08A9F52734] (Microsoft Corporation) C:\Windows\System32\Drivers\netio.sys
2014-11-21 05:15 - 2014-11-21 05:15 - 000087040 ____A [D4DCE03870314D3354F3501F9DDD4123] (Microsoft Corporation) C:\Windows\System32\Drivers\netvsc63.sys
2013-09-25 22:52 - 2013-09-25 22:52 - 003589600 ____A [31D3E4959C410A7DEC2109CA8BF369AD] (Intel Corporation) C:\Windows\System32\Drivers\NETwbw02.sys
2013-10-08 22:52 - 2013-10-08 22:52 - 003648480 ____A [CE01BC8C2B3CBDD4A6EBD25331E48F4B] (Intel Corporation) C:\Windows\System32\Drivers\NETwew02.sys
2013-09-25 22:52 - 2013-09-25 22:52 - 009122084 ____A [F679F73C8961BDF31F677F617EB16E8B] () C:\Windows\System32\Drivers\Netwfw02.dat
2013-08-22 09:25 - 2013-08-22 09:25 - 000058880 ____A [8F44A2F57C9F1A19AC9C6288C10FB351] (Microsoft Corporation) C:\Windows\System32\Drivers\npfs.sys
2013-08-22 07:38 - 2013-08-22 07:38 - 000023040 ___AC [CBDB4F0871C88DF930FC0E8588CA67FC] (Microsoft Corporation) C:\Windows\System32\Drivers\npsvctrig.sys
2017-09-12 15:52 - 2017-08-13 13:19 - 000040960 ____A [018510D88536798852DAE12F9BA6E138] (Microsoft Corporation) C:\Windows\System32\Drivers\nsiproxy.sys
2017-10-11 19:23 - 2017-09-08 23:50 - 002013016 ____A [E3D85D09B28ABA9DE3F9300BE3E7C9F6] (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys
2013-08-22 09:25 - 2013-08-22 09:25 - 000005632 ____A [EF1B290FC9F0E47CC0B537292BEE5904] (Microsoft Corporation) C:\Windows\System32\Drivers\null.sys
2013-08-22 07:39 - 2013-08-22 08:43 - 000124768 ____A [6934A936A7369DFE37B7DBA93F5E5E49] (Microsoft Corporation) C:\Windows\System32\Drivers\NV_AGP.SYS
2013-08-22 03:01 - 2013-08-22 08:43 - 000150368 ____A [BC6B5942AFF25EBAF62DE43C3807EDF8] (NVIDIA Corporation) C:\Windows\System32\Drivers\nvraid.sys
2013-08-22 03:01 - 2013-08-22 08:43 - 000168288 ____A [1F43ABFFAC3D6CA356851D517392966E] (NVIDIA Corporation) C:\Windows\System32\Drivers\nvstor.sys
2017-10-11 19:23 - 2017-09-13 09:32 - 000445952 ____A [BB78990894F14D725EBD301E1945BF0F] (Microsoft Corporation) C:\Windows\System32\Drivers\nwifi.sys
2014-11-21 05:16 - 2014-11-21 05:16 - 000151040 ____A [FC0141B4A5AD6D637D883C1A89FC45C5] (Microsoft Corporation) C:\Windows\System32\Drivers\pacer.sys
2016-10-12 19:25 - 2016-08-11 14:33 - 000096256 ___AC [57DCE4FB0467986AE78E1C6FC5240D32] (Microsoft Corporation) C:\Windows\System32\Drivers\parport.sys
2014-11-21 05:15 - 2014-11-21 05:15 - 000088896 ____A [BAFF6122CFC9F95CA175AD8C348179A4] (Microsoft Corporation) C:\Windows\System32\Drivers\partmgr.sys
2014-11-21 05:15 - 2014-11-21 05:15 - 000280384 ___AC [91ED124E261EA8FAA1C0FFDF2A71B0C4] (Microsoft Corporation) C:\Windows\System32\Drivers\pci.sys
2013-08-22 08:22 - 2013-08-22 08:43 - 000014688 ___AC [346E38FCC6859A727DD28AFAD1F0AFF4] (Microsoft Corporation) C:\Windows\System32\Drivers\pciide.sys
2013-08-22 08:22 - 2013-08-22 08:43 - 000048992 ___AC [5D4D6146346B82EB3CA4EE0C5573193C] (Microsoft Corporation) C:\Windows\System32\Drivers\pciidex.sys
2013-08-22 07:40 - 2013-08-22 08:49 - 000114528 ___AC [4D3BDCC1C7B40C9D7B6AD990E6DEC397] (Microsoft Corporation) C:\Windows\System32\Drivers\pcmcia.sys
2013-08-22 04:46 - 2013-08-22 08:39 - 000050016 ____A [BF28771D1436C88BE1D297D3098B0F7D] (Microsoft Corporation) C:\Windows\System32\Drivers\pcw.sys
2017-08-08 15:18 - 2017-07-07 23:16 - 000086360 ____A [E6B3ACBA06BAF48594557FCCBFA66FD2] (Microsoft Corporation) C:\Windows\System32\Drivers\pdc.sys
2014-11-21 04:52 - 2014-11-21 04:52 - 000663040 ____A [0ECEE590F2E2EF969FB74A6FC583A1E6] (Microsoft Corporation) C:\Windows\System32\Drivers\PEAuth.sys
2014-11-21 05:15 - 2014-11-21 05:15 - 000272384 ___AC [C76097CA941FA7CAFEDB1E557969025C] (Microsoft Corporation) C:\Windows\System32\Drivers\portcls.sys
2013-08-22 04:46 - 2013-08-22 04:46 - 000092160 ___AC [ECD373F9571C745894367CC2635EA44F] (Microsoft Corporation) C:\Windows\System32\Drivers\processr.sys
2016-02-02 08:45 - 2016-02-02 08:45 - 000018456 ____A [DD3FD48D69F5FBBB21D46D1514C1C2DB] (Secunia) C:\Windows\System32\Drivers\psi_mf_amd64.sys
2014-11-21 05:16 - 2014-11-21 05:16 - 000047104 ____A [83868EB2924E6BC21A54337C65D614D1] (Microsoft Corporation) C:\Windows\System32\Drivers\qwavedrv.sys
2014-11-21 05:16 - 2014-11-21 05:16 - 000017408 ____A [B337B1F1E82A83E20A1743E008E25C0F] (Microsoft Corporation) C:\Windows\System32\Drivers\rasacd.sys
2016-12-21 08:03 - 2016-02-02 14:16 - 000112640 ____A [235624C147E3CB4C288D5D3D8E8D64A2] (Microsoft Corporation) C:\Windows\System32\Drivers\rasl2tp.sys
2013-08-22 07:36 - 2013-08-22 07:36 - 000084992 ____A [5247F308C4103CDC4FE12AE1D235800A] (Microsoft Corporation) C:\Windows\System32\Drivers\raspppoe.sys
2013-08-22 07:35 - 2013-08-22 07:35 - 000107520 ____A [E075CC071022BD4E9BE7C024717C0E0A] (Microsoft Corporation) C:\Windows\System32\Drivers\raspptp.sys
2014-11-21 05:16 - 2014-11-21 05:16 - 000093696 ____A [41F631007A158FEBB67F0E2AD1601BBA] (Microsoft Corporation) C:\Windows\System32\Drivers\rassstp.sys
2017-03-13 22:22 - 2016-04-06 14:20 - 000402432 ____A [D67ED4AB59D1EF66B05AD1A81AC28B26] (Microsoft Corporation) C:\Windows\System32\Drivers\rdbss.sys
2013-08-22 07:39 - 2013-08-22 07:38 - 000022528 ___AC [6B21EBF892CD8CACB71669B35AB5DE32] (Microsoft Corporation) C:\Windows\System32\Drivers\rdpbus.sys
2014-11-21 04:25 - 2014-11-21 04:25 - 000195584 ____A [680C1DAE268B6FB67FA21B389A8B79EF] (Microsoft Corporation) C:\Windows\System32\Drivers\rdpdr.sys
2014-11-21 05:17 - 2014-11-21 05:17 - 000027456 ____A [BC8A79C625568DDB7DCA49D0C2741A64] (Microsoft Corporation) C:\Windows\System32\Drivers\rdpvideominiport.sys
2014-11-21 04:52 - 2014-11-21 04:52 - 000249688 ____A [A26AEC49F318FEE141DDDB2C5F99B3E6] (Microsoft Corporation) C:\Windows\System32\Drivers\rdyboost.sys
2016-12-14 14:10 - 2016-10-12 17:11 - 000922968 ____A [2D39BCFA4DD1081B8F282B623456B858] (Microsoft Corporation) C:\Windows\System32\Drivers\refs.sys
2016-12-21 08:00 - 2015-01-29 23:00 - 000167424 ___AC [DC66AE45816614D2999DCD3834DCCC4E] (Microsoft Corporation) C:\Windows\System32\Drivers\rfcomm.sys
2016-10-01 15:10 - 2015-11-05 04:59 - 000145408 ____A [A7D51169CA28B0AA9B5DE2B7EFB5C3C9] (Microsoft Corporation) C:\Windows\System32\Drivers\rmcast.sys
2013-08-22 07:38 - 2013-08-22 07:38 - 000032256 ____A [4A24C61ED665DB4D13B93FACA06350CA] (Microsoft Corporation) C:\Windows\System32\Drivers\RNDISMP.sys
2014-11-21 05:16 - 2014-11-21 05:16 - 000011776 ____A [9746BA79DE0CA5EB5104406A9ED62D01] (Microsoft Corporation) C:\Windows\System32\Drivers\rootmdm.sys
2013-08-22 07:36 - 2013-08-22 07:36 - 000080384 ____A [2D05A5508F4685412F2B89E8C2189ABC] (Microsoft Corporation) C:\Windows\System32\Drivers\rspndr.sys
2013-08-22 02:57 - 2013-06-18 10:46 - 000591360 ____A [19764658C1468C2C0CEF133D28414A6B] (Realtek ) C:\Windows\System32\Drivers\Rt630x64.sys
2013-10-05 20:03 - 2013-06-03 08:18 - 000583849 ____A [C78E74CC8B944F989D739D91A19E6050] () C:\Windows\System32\Drivers\RTAIODAT.DAT
2013-10-05 20:03 - 2013-06-04 09:36 - 003441992 ____A [6C7970A8E0546A4D9466E0045C7DB199] (Realtek Semiconductor Corp.) C:\Windows\System32\Drivers\RTKVHD64.sys
2013-10-05 20:05 - 2013-01-15 05:37 - 000327240 ____A [E7B780F2E7A124264AA487C13107BDFF] (Realtek Semiconductor Corp.) C:\Windows\System32\Drivers\RtsUVStor.sys
2016-09-29 18:13 - 2016-09-29 18:13 - 000171198 ____A [B3AFE4F5F1346377D9C1F6E00C8BB682] () C:\Windows\System32\Drivers\RTWAVES40.dat
2013-08-22 04:46 - 2013-08-22 08:39 - 000107872 ___AC [C624A1B32211C3166EDB3F4AB02A30B7] (Microsoft Corporation) C:\Windows\System32\Drivers\sbp2port.sys
2017-04-11 15:38 - 2016-12-24 21:21 - 000040960 ____A [FA7ABD857DEB0FE3C94CC39A4C845E66] (Microsoft Corporation) C:\Windows\System32\Drivers\scfilter.sys
2013-08-22 07:39 - 2013-08-22 08:43 - 000170848 ____A [1C4EB3ACEA98CAD8FC7CF50F629FF0C6] (Microsoft Corporation) C:\Windows\System32\Drivers\scsiport.sys
2016-12-21 07:58 - 2015-03-13 00:03 - 000239424 ___AC [C54B6B2170BF628FD42F799A66956D75] (Microsoft Corporation) C:\Windows\System32\Drivers\sdbus.sys
2014-11-21 04:52 - 2014-11-21 04:52 - 000079192 ___AC [0B1E929D11A8E358106955603FAC65E8] (Microsoft Corporation) C:\Windows\System32\Drivers\sdstor.sys
2013-08-22 11:36 - 2013-08-22 11:35 - 000023040 ____A [3EA8A16169C26AFBEB544E0E48421186] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) C:\Windows\System32\Drivers\secdrv.sys
2017-05-11 12:27 - 2016-10-18 17:14 - 000021984 ____A [07F83829E7429E60298440CD1E601A6A] () C:\Windows\System32\Drivers\semav6msr64.sys
2013-08-22 07:38 - 2013-08-22 08:43 - 000069472 ____A [DB2FF24CE0BDD15FE75870AFE312BA89] (Microsoft Corporation) C:\Windows\System32\Drivers\SerCx.sys
2014-11-21 04:52 - 2014-11-21 04:52 - 000146776 ____A [0044B31F93946D5D41982314381FE431] (Microsoft Corporation) C:\Windows\System32\Drivers\SerCx2.sys
2016-10-12 19:25 - 2016-08-11 14:33 - 000023040 ___AC [1F0135949A6AD6025F363F80FE268251] (Microsoft Corporation) C:\Windows\System32\Drivers\serenum.sys
2016-10-12 19:25 - 2016-08-11 14:33 - 000083456 ___AC [81633C87B42B63BA484A6177179AC750] (Microsoft Corporation) C:\Windows\System32\Drivers\serial.sys
2016-12-21 08:03 - 2014-11-04 02:55 - 000026112 ___AC [148195AE95D9BC7375A08846439FDAC1] (Microsoft Corporation) C:\Windows\System32\Drivers\sermouse.sys
2013-08-22 07:40 - 2013-08-22 07:40 - 000017408 ___AC [472B7A5AC181C050888DB454663DD764] (Microsoft Corporation) C:\Windows\System32\Drivers\sfloppy.sys
2013-08-22 03:01 - 2013-08-22 08:43 - 000044896 ____A [2F518D13DD6F3053837FE606F1A2EA1F] (Silicon Integrated Systems Corp.) C:\Windows\System32\Drivers\sisraid2.sys
2013-08-22 03:01 - 2013-08-22 08:43 - 000081760 ____A [1AC9A200A9C49C4508F04AAFFCA34A3F] (Silicon Integrated Systems) C:\Windows\System32\Drivers\sisraid4.sys
2013-08-22 07:40 - 2013-08-22 07:40 - 000019968 ____A [8C0773703184485D57975B6C1ED48730] (Microsoft Corporation) C:\Windows\System32\Drivers\smclib.sys
2017-04-11 15:38 - 2017-01-11 13:28 - 000422744 ___AC [F6AF6499C3788105EA7AF1DA27769A77] (Microsoft Corporation) C:\Windows\System32\Drivers\spaceport.sys
2013-08-22 07:38 - 2013-08-22 08:43 - 000072032 ____A [F337BE11071818FC3F5DC2940B6BDE34] (Microsoft Corporation) C:\Windows\System32\Drivers\SpbCx.sys
2017-10-11 19:22 - 2017-09-07 17:33 - 000415744 ____A [3D0CA97EA01210E0BC032EB6FDCCF03D] (Microsoft Corporation) C:\Windows\System32\Drivers\srv.sys
2017-10-11 19:22 - 2017-09-07 17:33 - 000686592 ____A [FD4A645C5BA587257A97D7AC46212F4A] (Microsoft Corporation) C:\Windows\System32\Drivers\srv2.sys
2017-10-11 19:22 - 2017-09-07 17:32 - 000243200 ____A [D3EAE998706531157CBEA3F5218435BC] (Microsoft Corporation) C:\Windows\System32\Drivers\srvnet.sys
2013-08-22 02:57 - 2013-08-22 08:43 - 000031072 ____A [366DEA74BBA65B362BCCFC6FC2ADFD8B] (Promise Technology, Inc.) C:\Windows\System32\Drivers\stexstor.sys
2013-08-22 07:40 - 2013-08-22 08:43 - 000107872 ____A [0ED2E318ABB68C1A35A8B8038BDB4C90] (Microsoft Corporation) C:\Windows\System32\Drivers\storahci.sys
2017-07-11 15:44 - 2017-05-15 18:09 - 000057688 ___AC [1D5A045F59D216448FCDE3A8D69970E2] (Microsoft Corporation) C:\Windows\System32\Drivers\stornvme.sys
2017-07-11 15:44 - 2017-05-15 16:03 - 000379744 ____A [9E3AAB0E51B252DB581832ACD60C7A70] (Microsoft Corporation) C:\Windows\System32\Drivers\storport.sys
2013-08-22 07:37 - 2013-08-22 08:36 - 000045888 ____A [548759755BC73DAD663250239D7E0B9F] (Microsoft Corporation) C:\Windows\System32\Drivers\storvsc.sys
2013-08-22 07:39 - 2013-08-22 07:39 - 000067584 ____A [FF184501F8F556147BBBDE571315C137] (Microsoft Corporation) C:\Windows\System32\Drivers\stream.sys
2014-11-21 05:15 - 2014-11-21 05:15 - 000014144 ___AC [65454187E0F8B6C0DCECB0287D06EC43] (Microsoft Corporation) C:\Windows\System32\Drivers\swenum.sys
2013-08-22 07:39 - 2013-08-22 07:39 - 000029696 ____A [B13A57CE2F17B8C789E895E15F115DB0] (Microsoft Corporation) C:\Windows\System32\Drivers\tape.sys
2014-11-21 05:15 - 2014-11-21 05:15 - 000021824 ____A [A57A897E3F87B8E9F30A627C42779A76] (Microsoft Corporation) C:\Windows\System32\Drivers\tbs.sys
2017-08-08 15:18 - 2017-06-07 21:48 - 002457936 ____A [4C58B60C1E6A2946D6E3D67A36E5E03E] (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2014-11-21 05:53 - 2014-11-21 05:53 - 000049152 ____A [41CF802064F72E55F50CA0A221FD36D4] (Microsoft Corporation) C:\Windows\System32\Drivers\tcpipreg.sys
2013-08-22 09:25 - 2013-08-22 09:25 - 000030208 ____A [3C7361E0A5A6966DB957B94ECF924A9E] (Microsoft Corporation) C:\Windows\System32\Drivers\tdi.sys
2017-08-08 15:18 - 2017-08-01 23:17 - 000107520 ____A [576FA545FAB846B06E79B324160DE25C] (Microsoft Corporation) C:\Windows\System32\Drivers\tdx.sys
2013-10-05 19:57 - 2013-05-31 16:30 - 000099800 ____A [CFBDB416E1DC172327C099DB122FE15D] (Intel Corporation) C:\Windows\System32\Drivers\TeeDriverx64.sys
2014-11-21 04:25 - 2014-11-21 04:25 - 000037216 ___AC [232D185D2337F141311D0CF1983E1431] (Microsoft Corporation) C:\Windows\System32\Drivers\terminpt.sys
2017-06-14 18:58 - 2017-05-15 15:58 - 000121184 ____A [2B45645D0F1E950674CECE5606CF5E4E] (Microsoft Corporation) C:\Windows\System32\Drivers\tm.sys
2016-12-21 08:00 - 2015-09-29 08:24 - 000155480 ___AC [80A2FC1A089A71F2DBE5D8394FFB009F] (Microsoft Corporation) C:\Windows\System32\Drivers\tpm.sys
2013-08-22 07:37 - 2013-08-22 07:37 - 000056320 ____A [BF8F54CA37E9C9D6582C31C5761F8C93] (Microsoft Corporation) C:\Windows\System32\Drivers\TsUsbFlt.sys
2014-11-21 05:15 - 2014-11-21 05:15 - 000029696 ___AC [20185BEB7512EDE4EFECDFA148AC9F99] (Microsoft Corporation) C:\Windows\System32\Drivers\TsUsbGD.sys
2016-12-21 08:02 - 2015-09-04 15:24 - 000154112 ____A [E85916632CD3B9E9B546968DB950BF42] (Microsoft Corporation) C:\Windows\System32\Drivers\tunnel.sys
2013-08-22 07:39 - 2013-08-22 08:43 - 000064864 ____A [F6EEAD052943B5A3104C1405BB856C54] (Microsoft Corporation) C:\Windows\System32\Drivers\UAGP35.SYS
2013-08-22 07:37 - 2013-08-22 08:43 - 000074080 ___AC [FE6067B1FD4E63650C667B33D080565B] (Microsoft Corporation) C:\Windows\System32\Drivers\uaspstor.sys
2014-11-21 05:15 - 2014-11-21 05:15 - 000189248 ___AC [807F8CF3E973305FC435C61CBBEE2A49] (Microsoft Corporation) C:\Windows\System32\Drivers\UCX01000.SYS
2016-12-21 07:58 - 2015-03-12 22:02 - 000316416 ____A [C61EAF8E1E4B2F62BA4FDF457440B2C6] (Microsoft Corporation) C:\Windows\System32\Drivers\udfs.sys
2013-08-22 07:40 - 2013-08-22 08:39 - 000026976 ___AC [9578691F297E1B1F519970FE6D47CB21] (Microsoft Corporation) C:\Windows\System32\Drivers\uefi.sys
2013-08-22 07:39 - 2013-08-22 08:43 - 000065888 ____A [5EAB5117DDB24FC4D39E6FFFCF1837B9] (Microsoft Corporation) C:\Windows\System32\Drivers\ULIAGPKX.SYS
2013-08-22 07:39 - 2013-08-22 07:38 - 000046080 ___AC [DA34C39A18E60E7C3FA0630566408034] (Microsoft Corporation) C:\Windows\System32\Drivers\umbus.sys
2013-08-22 07:39 - 2013-08-22 07:38 - 000011776 ___AC [AE8294875E5446E359B1E8035D40C05E] (Microsoft Corporation) C:\Windows\System32\Drivers\umpass.sys
2013-06-20 22:36 - 2013-06-20 22:36 - 000206744 ____A [524BFB402B1AB1007ED91E94D6AB6F72] (Windows ® Win 7 DDK provider) C:\Windows\System32\Drivers\usb3Hub.sys
2016-12-21 07:58 - 2015-04-24 22:25 - 000020992 ____A [312BB35275EB15145F4B6D1FFCE56C50] (Microsoft Corporation) C:\Windows\System32\Drivers\usb8023.sys
2016-03-28 12:41 - 2016-03-28 12:41 - 000054784 ____A [F957092C63CD71D85903CA0D8370F473] (Apple, Inc.) C:\Windows\System32\Drivers\usbaapl64.sys
2014-11-21 04:52 - 2014-11-21 04:52 - 000121088 ___AC [DF355EB0199198728027962DCFCDE5FB] (Microsoft Corporation) C:\Windows\System32\Drivers\USBAUDIO.sys
2013-08-22 07:39 - 2013-08-22 07:39 - 000032512 ____A [5D45329A96B1A417DC7F59FDEABC0DDE] (Microsoft Corporation) C:\Windows\System32\Drivers\USBCAMD2.sys
2014-11-21 05:15 - 2014-11-21 05:15 - 000143680 ___AC [FF78D053A05E5A394F4E3C1816CC65A8] (Microsoft Corporation) C:\Windows\System32\Drivers\usbccgp.sys
2014-11-21 05:15 - 2014-11-21 05:15 - 000098304 ___AC [0139248F6B95CF0D837B5B46A2722D40] (Microsoft Corporation) C:\Windows\System32\Drivers\usbcir.sys
2016-12-21 07:58 - 2015-10-11 02:34 - 000027992 ____A [9A2B3A98D7982372CA36A823F673EFB8] (Microsoft Corporation) C:\Windows\System32\Drivers\usbd.sys
2016-12-21 08:02 - 2016-01-08 21:38 - 000091992 ___AC [C996CBEF922B5653A01E3F50DDCE2F86] (Microsoft Corporation) C:\Windows\System32\Drivers\usbehci.sys
2016-12-21 07:58 - 2015-10-11 02:34 - 000462168 ____A [CD81683F4553677B9BF5163A922153EB] (Microsoft Corporation) C:\Windows\System32\Drivers\usbhub.sys
2016-12-21 07:58 - 2015-10-11 02:34 - 000468824 ___AC [5C90D5379B53590FBB24BBAD4FA682EE] (Microsoft Corporation) C:\Windows\System32\Drivers\USBHUB3.SYS
2016-12-21 07:58 - 2015-10-10 14:41 - 000030208 ____A [A0F0484C97D6441ED6A75D7426ECCC9E] (Microsoft Corporation) C:\Windows\System32\Drivers\usbohci.sys
2016-12-21 07:58 - 2015-10-11 02:34 - 000443224 ____A [D25F0093A71FFB355160358DD70B0373] (Microsoft Corporation) C:\Windows\System32\Drivers\usbport.sys
2013-08-22 07:36 - 2013-08-22 07:36 - 000026112 ___AC [4D655E3B684BE9B0F7FFD8A2935C348C] (Microsoft Corporation) C:\Windows\System32\Drivers\usbprint.sys
2013-08-22 07:39 - 2013-08-22 07:39 - 000030720 ____A [3431FBFAC156EB7FEF9B936EC2A77AF6] (Microsoft Corporation) C:\Windows\System32\Drivers\usbrpm.sys
2016-10-01 14:37 - 2016-01-31 15:16 - 000148832 ___AC [9D168BFA334D47BE404367EB58D4E130] (Microsoft Corporation) C:\Windows\System32\Drivers\USBSTOR.SYS
2016-12-21 07:58 - 2015-10-10 14:41 - 000037376 ____A [FC974B03C8B87455F44F734C8F31A3C8] (Microsoft Corporation) C:\Windows\System32\Drivers\usbuhci.sys
2014-11-21 05:15 - 2014-11-21 05:15 - 000212736 ___AC [5C8F604F6DC74177CDD8372D7B1ADFF0] (Microsoft Corporation) C:\Windows\System32\Drivers\usbvideo.sys
2016-12-21 07:58 - 2015-04-16 02:17 - 000325464 ___AC [44603DA5A87FB491EF59C889EBBB4DDB] (Microsoft Corporation) C:\Windows\System32\Drivers\USBXHCI.SYS
2013-08-22 07:38 - 2013-08-22 08:37 - 000037728 ___AC [FEB26E3B8345A7E8D62F945C4AE86562] (Microsoft Corporation) C:\Windows\System32\Drivers\vdrvroot.sys
2014-11-21 04:52 - 2014-11-21 04:52 - 000175960 ____A [A026EDEAA5EECAE0B08E2748B616D4BD] (Microsoft Corporation) C:\Windows\System32\Drivers\VerifierExt.sys
2016-11-10 22:28 - 2016-10-09 18:59 - 000551256 ___AC [8ABB4BABF59F092DF0B43778D8FD1884] (Microsoft Corporation) C:\Windows\System32\Drivers\vhdmp.sys
2013-08-22 08:22 - 2013-08-22 08:43 - 000019808 ____A [06D38968028E9AB19DE9B618C7B6D199] (VIA Technologies, Inc.) C:\Windows\System32\Drivers\viaide.sys
2013-08-22 07:39 - 2013-08-22 07:39 - 000049152 ____A [608BD5400EFD2307A5F8DDDC87775734] (Microsoft Corporation) C:\Windows\System32\Drivers\videoprt.sys
2014-11-21 05:15 - 2014-11-21 05:15 - 000089368 ____A [A53E798C06D729CCF8459968B4372F6E] (Microsoft Corporation) C:\Windows\System32\Drivers\vmbkmcl.sys
2014-11-21 05:15 - 2014-11-21 05:15 - 000097048 ____A [511AD3FF957A0127E6BD336FF6F89C38] (Microsoft Corporation) C:\Windows\System32\Drivers\vmbus.sys
2013-08-22 07:37 - 2013-08-22 07:37 - 000021760 ____A [DA40BEA0A863CE768C940CA9723BF81F] (Microsoft Corporation) C:\Windows\System32\Drivers\VMBusHID.sys
2013-08-22 07:38 - 2013-08-22 07:38 - 000011264 ____A [0BF5CAD281E25F1418E5B8875DC5ADD1] (Microsoft Corporation) C:\Windows\System32\Drivers\vmgencounter.sys
2013-08-22 07:38 - 2013-08-22 07:38 - 000007168 ____A [1A063730F221B2746FF00457AE17E4F0] (Microsoft Corporation) C:\Windows\System32\Drivers\vms3cap.sys
2014-11-21 05:15 - 2014-11-21 05:15 - 000049944 ____A [8B9486B64E5FC17FB9CC04CA10B77A34] (Microsoft Corporation) C:\Windows\System32\Drivers\vmstorfl.sys
2016-10-01 14:29 - 2016-04-11 02:21 - 000074584 ___AC [436E1A724E7E683F6B612D3D58F04241] (Microsoft Corporation) C:\Windows\System32\Drivers\volmgr.sys
2017-08-08 15:18 - 2017-07-07 23:46 - 000377688 ____A [7DD4EAE2E680948D9AFF3E1B5234C1D3] (Microsoft Corporation) C:\Windows\System32\Drivers\volmgrx.sys
2016-12-21 07:57 - 2016-03-14 12:50 - 000316760 ___AC [17F7B0F2298D97F4B6C7A69511033D3D] (Microsoft Corporation) C:\Windows\System32\Drivers\volsnap.sys
2016-12-21 07:58 - 2016-01-26 15:15 - 000072024 ____A [DAC438FB5FF85A9E72806E2341D5D732] (Microsoft Corporation) C:\Windows\System32\Drivers\vpci.sys
2013-08-22 03:01 - 2013-08-22 08:43 - 000168800 ____A [4539F45F9F4C9757A86A56C949421E07] (VIA Technologies Inc.,Ltd) C:\Windows\System32\Drivers\vsmraid.sys
2013-08-22 03:01 - 2013-08-22 08:43 - 000305504 ____A [0849B7260F26FE05EA56DED0672E2F4B] (VIA Corporation) C:\Windows\System32\Drivers\VSTXRAID.SYS
2016-10-12 19:25 - 2016-08-12 20:03 - 000024576 ____A [71066FF95C487327E44C8AF1B72EBE8B] (Microsoft Corporation) C:\Windows\System32\Drivers\vwifibus.sys
2016-10-12 19:25 - 2016-08-12 20:02 - 000071680 ____A [29AB43937FFDA0B0FB56984226E698C6] (Microsoft Corporation) C:\Windows\System32\Drivers\vwififlt.sys
2016-10-12 19:25 - 2016-08-12 20:01 - 000038912 ____A [8B8624A93E3F88CB923AEB05B6313227] (Microsoft Corporation) C:\Windows\System32\Drivers\vwifimp.sys
2013-08-22 07:39 - 2013-08-22 07:39 - 000026752 ___AC [0910AB9ED404C1434E2D0376C2AD5D8B] (Microsoft Corporation) C:\Windows\System32\Drivers\wacompen.sys
2014-11-21 05:16 - 2014-11-21 05:16 - 000080896 ____A [6505C9E72910F91D4C317EECF22D1DE6] (Microsoft Corporation) C:\Windows\System32\Drivers\wanarp.sys
2014-11-21 04:52 - 2014-11-21 04:52 - 000054272 ____A [9CC0003FB8ED3763B977B43F1012FF63] (Microsoft Corporation) C:\Windows\System32\Drivers\watchdog.sys
2017-04-11 15:38 - 2017-02-10 10:37 - 000046600 ____A [F2E08D1C067FEFC3A42D21FD4810F1D3] (Microsoft Corporation) C:\Windows\System32\Drivers\WdBoot.sys
2017-10-23 21:43 - 2017-10-23 21:43 - 000116560 ____N [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\wdbuxaeh.sys
2013-08-22 09:25 - 2013-08-22 09:25 - 000839488 ____A [CB6C63FF8342B467E2EF76E98D5B934D] (Microsoft Corporation) C:\Windows\System32\Drivers\Wdf01000.sys
2017-04-11 15:38 - 2017-01-12 12:51 - 000274776 ____A [E234820E6B84ABA5E84E00227F505AE8] (Microsoft Corporation) C:\Windows\System32\Drivers\WdFilter.sys
2013-08-22 09:25 - 2013-08-22 09:25 - 000060224 ____A [42C23552FC0BF2BAB9053BE6E4DC3D13] (Microsoft Corporation) C:\Windows\System32\Drivers\WdfLdr.sys
2017-04-11 15:38 - 2017-01-12 12:51 - 000117592 ____A [A74AD6D80AC26E1B5DD276FC927F2BAC] (Microsoft Corporation) C:\Windows\System32\Drivers\WdNisDrv.sys
2013-08-22 07:40 - 2013-08-22 08:39 - 000038240 ____A [2E0AF5B354ED1BB10314353B6A625B68] (Microsoft Corporation) C:\Windows\System32\Drivers\werkernel.sys
2016-10-01 14:33 - 2014-11-10 14:06 - 000136512 ____A [715ABA3DD164D06457A2A3C92F6EA9D5] (Microsoft Corporation) C:\Windows\System32\Drivers\wfplwfs.sys
2014-11-21 05:15 - 2014-11-21 05:15 - 000033600 ____A [5F66B7BB330AA80067FC66149A692620] (Microsoft Corporation) C:\Windows\System32\Drivers\wimmount.sys
2014-11-21 05:15 - 2014-11-21 05:15 - 000061208 ____A [10A78656BF6126245631705E45F9B9CF] (Microsoft Corporation) C:\Windows\System32\Drivers\winhv.sys
2016-12-21 07:58 - 2015-10-10 14:40 - 000078848 ___AC [3AF1FA17F1C4ACBDB660D8F98B1A9C13] (Microsoft Corporation) C:\Windows\System32\Drivers\winusb.sys
2013-08-22 07:40 - 2013-08-22 07:40 - 000016384 ___AC [2834D9D3B4F554A39C72F00EA3F0E128] (Microsoft Corporation) C:\Windows\System32\Drivers\wmiacpi.sys
2013-08-22 09:25 - 2013-08-22 09:25 - 000018272 ____A [1FE5DDC32243469E6FA4440C02775A34] (Microsoft Corporation) C:\Windows\System32\Drivers\wmilib.sys
2014-11-21 05:17 - 2014-11-21 05:17 - 000157016 ____A [7FC5667DF73D4B04AA457CC3A4180E09] (Microsoft Corporation) C:\Windows\System32\Drivers\wof.sys
2014-11-21 05:17 - 2014-11-21 05:17 - 000054784 ____A [A2468CC3509394A33C4C32F99563D845] (Microsoft Corporation) C:\Windows\System32\Drivers\wpcfltr.sys
2013-08-22 07:38 - 2013-08-22 08:36 - 000026976 ____A [9F2904B55F6CECCD1A8D986B5CE2609A] (Microsoft Corporation) C:\Windows\System32\Drivers\WpdUpFltr.sys
2013-08-22 09:25 - 2013-08-22 09:25 - 000023392 ____A [38CAE0D33091C6F3B542F230E70ED44B] (Microsoft Corporation) C:\Windows\System32\Drivers\WppRecorder.sys
2017-10-21 20:07 - 2017-10-23 21:51 - 000034752 ____A [7CA09731EB7FC99B910C7F239E57720F] () C:\Windows\System32\Drivers\WPRO_41_2001.sys
2013-08-22 07:40 - 2013-08-22 07:40 - 000021504 ____A [AE072B0339D0A18E455DC21666CAD572] (Microsoft Corporation) C:\Windows\System32\Drivers\ws2ifsl.sys
2014-11-21 05:15 - 2014-11-21 05:15 - 000113664 ____A [481286719402E4BAEFEA0604AB1B5113] (Microsoft Corporation) C:\Windows\System32\Drivers\WUDFPf.sys
2014-11-21 05:15 - 2014-11-21 05:15 - 000226304 ____A [D7B4859227B02BCC1055B279A63C937F] (Microsoft Corporation) C:\Windows\System32\Drivers\WUDFRd.sys
2014-11-21 04:00 - 2017-07-12 00:38 - 000000000 ____D [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\en-US
2014-11-21 04:00 - 2014-11-21 04:00 - 000011776 ____A [CCA2D0FF42F019AA8D85BF2FB6E15F41] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\1394ohci.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000010240 ____A [B5DA56EFD818F1C893E2107EC968CE05] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\acpi.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000021504 ____A [3606D04BC7E6E305737BEC91CC8A6D0D] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\afd.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000002560 ____A [A6B3942C1A97C929F4670B7B63370FF8] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\AGP440.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000014336 ____A [3B950A7C26EC075CC10D42826A2A4DF8] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\amdk8.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000014336 ____A [BBF7FD5AB839E2AA43D3B0ED9E39A0D0] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\amdppm.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000007168 ____A [CD43E5E2C950394ECD31F48E679FD97B] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\ataport.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000007680 ____A [5FEAB7F5FF9E12200DA263C7C868FDFC] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\battc.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000003584 ____A [2EA0F0337ABE762EB176210C5A0E683C] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\BthA2DP.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000002560 ____A [40FE2A1CCF317A94B5FD56D497E79A13] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\BthAvrcpTg.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000002048 ____A [9E9A08BA6542B63C0231DD321F0030C1] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\bthenum.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000003072 ____A [4B3767CBC898F2B2888AB20C3235D106] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\bthhfenum.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000002048 ____A [0C6D47DDFA425E40ADC00DD502195310] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\BthhfHid.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000012800 ____A [5DC5D6A51716CA7F90CFB74E7C599C8B] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\BthLEEnum.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000003072 ____A [02F4FEF291855F17E1B1E659D8BC221B] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\BthMini.SYS.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000004608 ____A [5433113535C5AAE479DA3A154D9A861C] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\bthpan.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000032768 ____A [5FB5B412D00636CC62BC3066AF8B1229] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\bthport.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000002560 ____A [D755E6687A0EE30DE68DB7A3318C7534] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\BTHUSB.SYS.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000002560 ____A [DB12C55AE25DEA570948972948084FD0] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\cdrom.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000005632 ____A [1F619FB6D31D68F205AE220C3BF206E2] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\disk.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000005632 ____A [D783AC74060F59166C0637C0DB2DCEA0] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\dumpsd.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000008192 ____A [51DF0DF6DB0D673B9C02D54FCAC2CC50] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\EhStorTcgDrv.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000005120 ____A [102577751A4F9B0A571B17404447A38B] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\fltmgr.sys.mui
2014-11-21 04:53 - 2014-11-21 04:53 - 000021504 ____A [926EEDC62C2FCD647BC0D04675EE853E] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\fvevol.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000007680 ____A [71E571A0593B9904BBC95A09C7E5B7A1] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\fwpkclnt.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000002560 ____A [FAC96A2530D79BBE22C2905A6FEDCF46] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\GAGP30KX.SYS.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000004096 ____A [99CD0F950160DEC012C3E557392DD925] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\hdaudbus.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000003072 ____A [747F9203A6DF183606D1CBA3924012FD] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\HdAudio.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000003072 ____A [14AE860A5AEAFC68EB6CF3B16DF98376] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\hidbth.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000006144 ____A [6BDAE5E18E43D55D879A38C17246B11B] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\hidclass.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000003584 ____A [ED627E47A085C7D7046904681C5EDC64] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\hidi2c.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000038400 ____A [2AE5E1E320C912D7ADA1141A791E6B0E] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\http.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000010240 ____A [E4ABFFE744B447B16D7E404DD370EDEF] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\i8042prt.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000014336 ____A [92471F1B99E986EAED0A5A1E39B707A5] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\intelppm.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000006144 ____A [CE20CC9255F7A42651AA98EFB37017DB] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\IPMIDrv.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000004096 ____A [B535EE71D2A9E7F372C6EDA3CC08E5D9] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\ipnat.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000003584 ____A [89F45D27D843BB126CE75506EECAB27E] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\isapnp.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000004608 ____A [A13626BF0E5BE4EC425110ED6398289D] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\kbdclass.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000002560 ____A [70F8E3861137B366290C76CC87DCC7A6] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\kbdhid.sys.mui
2014-11-21 04:52 - 2014-11-21 04:52 - 000002048 ____A [89044CB6A2E99FCD6892CC6F95FA052E] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\ks.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000006656 ____A [589F4B32669697DCC86C87796AB9002A] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\luafv.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000003584 ____A [14C735491D0B03CD54D429DD35BED47A] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\modem.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000004096 ____A [2BDE3CAEF7E91D3EDE75004A70015488] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\mouclass.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000002560 ____A [A375D5A8086D30B50CDBED853D2DDA33] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\mouhid.sys.mui
2016-10-01 14:48 - 2015-07-15 13:15 - 000002560 ____A [4AF392CEEDBEBEB4276A4B846690EDA7] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\mountmgr.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000055296 ____A [D0CE1060C18401B68D3B83C68FB5A4B5] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\mrxsmb.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000002560 ____A [867F15AFDDF027A72DACF055AFA74BB5] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\mshidkmdf.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000002560 ____A [CAE33B50C378B0E89A2F0FA1501B20CC] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\mshidumdf.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000008704 ____A [A1F415FFCBC26FA88C3644AC094F5DB7] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\mslldp.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000003072 ____A [2CFB49C6E6E1EB57545A83D4655C6056] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\mssmbios.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000002560 ____A [C4634B62A436D99F46284D14188D7AB1] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\MTConfig.sys.mui
2017-03-13 22:21 - 2015-01-10 05:07 - 000012800 ____A [78BAA3F54ED5AC8082D1AA985E0109EF] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\mup.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000057856 ____A [F450E013F78D0A5F1F17A96CB1233A27] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\ndis.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000005632 ____A [35B1981AFD2DAC97DBE60ED3060CA3B0] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\ndiscap.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000011264 ____A [8C4A2BA8EB99FD7CDF936EB9E696EAE0] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\NdisImPlatform.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000003072 ____A [8105B2BCB7472FE152999DBC1BBC1293] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\ndisuio.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000002560 ____A [9CDF5709BBAAB7058D7E25116962B91E] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\NdisVirtualBus.sys.mui
2014-11-21 05:47 - 2014-11-21 05:47 - 000084992 ____A [0A132F1DD6167033D8942BDE1A9CA978] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\ntfs.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000002560 ____A [9A288DB3E2E4DFF9D50848F918A0D205] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\NV_AGP.SYS.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000014336 ____A [8408E3E07817356E554343A1858C046C] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\nwifi.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000017408 ____A [AAE0D51E60BA789F37E6F10CCDDA3B98] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\pacer.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000003584 ____A [46E64135EC40C997D0A1505F5D25F617] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\parport.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000002560 ____A [5F4FDF4706FB6E2A59DA1FD2273F01F2] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\partmgr.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000008192 ____A [6CDB4C7AE4EA0337A3072F14817C67F4] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\pci.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000004096 ____A [78E7F147FA21050EE167BF2F6F402250] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\pcmcia.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000002048 ____A [A7AC203417A1933936DC1CF897FCEBBB] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\pdc.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000002560 ____A [EAD2F339CE0D4167A7A6310364FCBD39] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\pnpmem.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000004096 ____A [7C2DB6B9CD440A339FE0702F35B377C1] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\portcls.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000014336 ____A [2E16897A12A9CB0B49CA832C290F11A4] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\processr.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000002560 ____A [F3B786F1518B985EB2DF6154D460D6F3] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\qwavedrv.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000005632 ____A [555F9097CDC4EBFAB371523CC6569A5A] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\rdbss.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000002560 ____A [51D107C9434AAB4C7FF006881AA3D684] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\rdpdr.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000008192 ____A [CD7D055498F2CBA489DE234AF2859994] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\refs.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000003072 ____A [CE456D3022A8963259DC2E247DAB4C1F] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\RNDISMP.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000003072 ____A [D05D2E5DAC0E94A098F7C83CA9F0D9FF] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\rndismp6.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000003072 ____A [CE456D3022A8963259DC2E247DAB4C1F] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\rndismpx.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000002560 ____A [E740847276E386D2DB79F83EABFBAB2E] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\scfilter.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000003072 ____A [4B5307E8DF2F798C72E80FD1F77CCCCD] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\scsiport.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000005632 ____A [8BFA30900E037CBE612A30824304AED4] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\sdbus.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000003072 ____A [ABF5E3081386BB6328A0A2609EB05842] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\sdstor.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000003584 ____A [6646B085AFD4E8A457D8D1BA27167C48] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\sercx.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000008704 ____A [9F79EA2950BCF1BFD87EFFB333DDD928] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\sercx2.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000010240 ____A [F5BEC30FE6093C89C0380B617F1D9D7E] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\serial.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000005120 ____A [6E7CBABB993BC0E1ACBEDD2769F133FF] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\sermouse.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000002560 ____A [8FC0CC5F7BF27FB1A293D7EE66FC3C2F] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\serscan.sys.mui
2016-10-12 19:26 - 2016-01-24 10:35 - 000040960 ____A [9144FCF3AD8DAB06127F7AF7D2969AFD] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\spaceport.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000004096 ____A [55DD1A8228C09A259606001D1C60C009] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\spbcx.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000002560 ____A [B19FFEAD517844AAC7DCFF652D900469] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\srv.sys.mui
2017-07-11 15:44 - 2017-05-03 12:04 - 000068096 ____A [EA180252C871E1A4566B2F362A9E7800] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\srv2.sys.mui
2016-12-14 14:10 - 2016-03-11 11:12 - 000086528 ____A [6FD95912A5A219D79F376A2839567EBC] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\tcpip.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000008192 ____A [38FD7DF71EF1938646FE6BE00A5C51B7] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\tpm.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000003072 ____A [5A9FA86928CC75DD03C0923AD2C39BAF] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\tsusbflt.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000007680 ____A [7A444882987D5D96C18BB5CFBCD2B386] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\tunnel.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000002560 ____A [F038F9F62D356510CEB7EC7453643599] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\UAGP35.SYS.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000012288 ____A [5504447B7B5F3ADD660F51C7CAD2C195] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\UCX01000.SYS.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000002560 ____A [667AF0980B238CE5BE2E8552C7DBCCF4] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\ULIAGPKX.SYS.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000003072 ____A [21B25F46EC3B0D49BB2041333C5B39B0] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\umbus.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000002560 ____A [F1298FD692F5E9C9EAFBE917E0DC500B] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\USBAUDIO.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000003072 ____A [17FA2B0B3DDF42A80EBAB4F44C07D26F] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\usbehci.sys.mui
2014-11-21 05:15 - 2014-11-21 05:15 - 000014336 ____A [1F85505E3AD14BBF433FFF8A1514757D] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\usbhub.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000020480 ____A [F911CF1E512B09123ED2D8634A4E66FA] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\USBHUB3.SYS.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000026112 ____A [D23E6B1CAD00F60CCA8F12E49D3E91C0] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\usbport.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000002048 ____A [B2A62B9ACA3A68AB872EB5638D7E8FCA] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\usbrpm.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000002560 ____A [8532FAE8E484F5B08318013F1532738D] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\USBSTOR.SYS.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000002560 ____A [9925DB33B91939166DAEE12CA7C412A4] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\usbvideo.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000014848 ____A [09A5B9D1965B98C60E01DAF6FED40BFA] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\USBXHCI.SYS.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000005120 ____A [02BD6A9AD41077AA823B399A304EEE44] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\vdrvroot.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000013312 ____A [2028053C56B3A17EEBF75BB96834DAA7] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\vhdmp.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000002560 ____A [427A9E28038A6C0E80646621C6D02BA2] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\volmgrx.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000023552 ____A [7F4A513CB90D51EB39CA955CF0FE23DB] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\volsnap.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000002048 ____A [26E9F6CFBF2DC479ADBC7319D7369296] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\vwifibus.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000004096 ____A [79BFC84AEDA75F27E398394B398EB477] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\wacompen.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000002560 ____A [CA1844B4098F1D6C2520699A7242C5C4] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\wdf01000.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000002560 ____A [BFEE4840A672728A70ABDC452654B37C] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\wfplwfs.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000013824 ____A [096724B4585F818F3E879F579C8AA13C] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\wmbclass.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000002048 ____A [2B0B166692208DDA856662C490ABF0B3] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\WpdUpFltr.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000002048 ____A [7C0AE658C7BE463B68BEC51E9AEFE203] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\ws2ifsl.sys.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000002560 ____A [61F2D3C5CAB218B914825B23B3E68AAF] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\wudfpf.sys.mui
2013-08-22 09:36 - 2017-10-23 17:09 - 000000000 ____D [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\etc
2013-08-22 09:25 - 2017-10-23 17:09 - 000000035 ____A [90C8F3BA7DB5CB3562298C2E11C97C52] () C:\Windows\System32\Drivers\etc\hosts
2013-08-22 11:36 - 2013-08-22 11:35 - 000003683 ____A [18413B90E1B291EC3E777A845C37CFEE] () C:\Windows\System32\Drivers\etc\lmhosts.sam
2013-08-22 09:25 - 2013-08-22 09:25 - 000000407 ____A [B65A1232FB4B35827CE7C5E2F8EC8947] () C:\Windows\System32\Drivers\etc\networks
2013-08-22 09:25 - 2013-08-22 09:25 - 000001358 ____A [7700D22FA108234E623D65FA72D9E29C] () C:\Windows\System32\Drivers\etc\protocol
2013-08-22 09:25 - 2013-08-22 09:25 - 000017463 ____A [D9E1A01B480D961B7CF0509D597A92D6] () C:\Windows\System32\Drivers\etc\services
2013-08-22 11:33 - 2016-11-14 23:25 - 000000000 ____D [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\UMDF
2014-11-21 05:15 - 2014-11-21 05:15 - 000088576 ___AC [6C2117ABA0F9C6B9238DA92A4179EF1F] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\EhStorPwdDrv.dll
2014-11-21 05:15 - 2014-11-21 05:15 - 000054272 ___AC [9E5A866A051CA31C84156A6803606E51] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\HidBthLE.dll
2014-11-21 05:15 - 2014-11-21 05:15 - 000297984 ___AC [B751B25DD96BEDEEF32A075544A10803] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\WpdFs.dll
2014-11-21 05:15 - 2014-11-21 05:15 - 000970240 ___AC [35F42821BAD4E305072B36C0720B85D5] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\WpdMtpDr.dll
2012-07-25 22:12 - 2012-07-25 23:08 - 000102912 ____A [C83D612D0D745DD4E72C741599C116C5] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\WUDFUsbccidDriver.dll
2014-11-21 04:00 - 2014-11-21 04:25 - 000000000 ____D [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\UMDF\en-US
2014-11-21 04:00 - 2014-11-21 04:00 - 000002560 ____A [BE37860FC26885A492DE883F3938F639] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\en-US\HidBthLE.dll.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000002048 ____A [E5A318E3FAD0729EB0934117322E5594] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\en-US\hidscanner.dll.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000002560 ____A [EF3547EAF8B3AC95BCF36CB84B3C32DC] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\en-US\idtsec.dll.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000005632 ____A [7FFEA04D96C5961BBAC8253890661D4D] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\en-US\LocationProvider.dll.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000002560 ____A [AD4D7D1BF668CC7BACE7CAABF4344D4B] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\en-US\mgtdyn.dll.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000009728 ____A [EE3C4AFD2A446B676A9A3FFA92294F04] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\en-US\SensorsHIDClassDriver.dll.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000002560 ____A [7B6E6AE3E171D15C17B16A63810AEDEC] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\en-US\WpdMtpDr.dll.mui
2014-11-21 04:00 - 2014-11-21 04:00 - 000006144 ____A [4D56FE5E7334CD9C1D956F207D18E4EE] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\en-US\WUDFUsbccidDriver.dll.mui
 
====== End of Folder: ======
 
 
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 24-10-2017 17:52:28)
 
"C:\Users\Connie\AppData\Local\cwcvpok" => Could not move
 
==== End of Fixlog 17:52:31 ====

 

And for the JRT step, I'm getting the same error as before :( and yeah, I'm running it as administrator.

 

I know you didn't ask, but I don't see vdmlkhu.exe as a running process anymore (woohoo?) but now I see another sketchy process in task manager: mbbuzdxsvc.exe (or maybe it was always there and I never noticed)

 

But...thank you for your help so far, though. I really, really appreciate it!


Edited by misomisomiso, 24 October 2017 - 07:11 PM.


#8 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,559 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:12:35 AM

Posted 25 October 2017 - 03:27 PM

If you ran the previous fix in Normal Mode, the fixlog.txt should be in C:\Users\Connie\Downloads. The fixlog shown is not the one. But seems that was uneffective, so will need to run the fix in the Recovery Environment.

Please download Farbar Recovery Scan Tool and save it to a flash drive.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

Please also download the attached file and save it in the same location the FRST64 is saved in the flash drive.

Insert the USB drive in the infected computer.

Boot to the Recovery Console's Command prompt.
 

Once in the Command Prompt:

  • In the command window type in notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select "Computer" and find your flash drive letter and close the notepad.
  • In the command window type e:\frst (for x64 bit version type e:\frst64) and press Enter
    Note: Replace letter e with the drive letter of your flash drive.
  • The tool will start to run.
  • When the tool opens click Yes to disclaimer.
  • Press the Fix button.
  • It will make a log (Fixlog.txt) in the flash drive. Please copy and paste it to your reply.

Edited by JSntgRvr, 25 October 2017 - 03:32 PM.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#9 misomisomiso

misomisomiso
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:35 AM

Posted 25 October 2017 - 07:22 PM

 

If you ran the previous fix in Normal Mode, the fixlog.txt should be in C:\Users\Connie\Downloads. The fixlog shown is not the one. But seems that was uneffective, so will need to run the fix in the Recovery Environment.

Please download Farbar Recovery Scan Tool and save it to a flash drive.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

Please also download the attached file attachicon.gifFixlist.txt and save it in the same location the FRST64 is saved in the flash drive.

Insert the USB drive in the infected computer.

Boot to the Recovery Console's Command prompt.
 

Once in the Command Prompt:

  • In the command window type in notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select "Computer" and find your flash drive letter and close the notepad.
  • In the command window type e:\frst (for x64 bit version type e:\frst64) and press Enter
    Note: Replace letter e with the drive letter of your flash drive.
  • The tool will start to run.
  • When the tool opens click Yes to disclaimer.
  • Press the Fix button.
  • It will make a log (Fixlog.txt) in the flash drive. Please copy and paste it to your reply.

 

Oh, really? I'm sorry... I thought I did it correctly.

Also, I spoke too soon about vdmlkhuexe :( It's back. (I haven't installed/uninstalled anything since starting this thread).

Here are the contents of the Fixlog.txt from my flash drive:

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 23-10-2017 01

Ran by SYSTEM (25-10-2017 20:13:38) Run:7
Running from d:\
Boot Mode: Recovery
==============================================
 
fixlist content:
*****************
C:\Windows\System32\Drivers\wdbuxaeh.sys
C:\Windows\System32\mbbuzdxsvc.exe
*****************
 
"C:\Windows\System32\Drivers\wdbuxaeh.sys" => not found.
C:\Windows\System32\mbbuzdxsvc.exe => moved successfully
 
==== End of Fixlog 20:13:38 ====


#10 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,559 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:12:35 AM

Posted 26 October 2017 - 12:46 PM

Great!

 

 One more scan:

favicon-32x32.png Please download Malwarebytes to your desktop.

  • Double-click mb3-setup-1878.1878-3.5.1.2522.exe and follow the prompts to install the program.
  • Once the program has fully updated, Proceed with the Scan options and select "Threat Scan".
  • The Scan Pane is the introduction to scan-related options in the program. When you click Scan in the Menu Pane, you will see the screen shown below.

02-malwarebytes-premium-scan-methods.jpg


  • After a scan has been executed, scan results are displayed.
  • Put a checkmark on all detected and click on "Quarantine Selected"
  • Selected reports may be viewed on screen, or exported to a text file for later viewing. Please note that only manual (on demand) scans are available for users of the free version of Malwarebytes.

You may export to your clipboard or to a text (TXT) file. Export to a .txt file and post its contents.

 


No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#11 misomisomiso

misomisomiso
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:35 AM

Posted 26 October 2017 - 06:27 PM

Great!

 

 One more scan:

favicon-32x32.png Please download Malwarebytes to your desktop.

  • Double-click mb3-setup-1878.1878-3.5.1.2522.exe and follow the prompts to install the program.
  • Once the program has fully updated, Proceed with the Scan options and select "Threat Scan".
  • The Scan Pane is the introduction to scan-related options in the program. When you click Scan in the Menu Pane, you will see the screen shown below.

02-malwarebytes-premium-scan-methods.jpg


  • After a scan has been executed, scan results are displayed.
  • Put a checkmark on all detected and click on "Quarantine Selected"
  • Selected reports may be viewed on screen, or exported to a text file for later viewing. Please note that only manual (on demand) scans are available for users of the free version of Malwarebytes.

You may export to your clipboard or to a text (TXT) file. Export to a .txt file and post its contents.

 

 

Wait, what's great? Did the Fixlog come up clean?

And if I already have Malwarebytes installed, can I just run mines? It's version 3.2.2

Or did you want me to uninstall it and use the one you linked?

Thanks so far!


Edited by misomisomiso, 26 October 2017 - 06:27 PM.


#12 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,559 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:12:35 AM

Posted 26 October 2017 - 07:48 PM

We were able to identify and remove the rootkit. Use the version installed to scan.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#13 misomisomiso

misomisomiso
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:35 AM

Posted 26 October 2017 - 08:18 PM

We were able to identify and remove the rootkit. Use the version installed to scan.

 

Here's Malwarebyte's summary:

 

Malwarebytes

www.malwarebytes.com
 
-Log Details-
Scan Date: 10/26/17
Scan Time: 8:52 PM
Log File: 27f6931c-bab1-11e7-bf19-d850e605aa85.json
Administrator: Yes
 
-Software Information-
Version: 3.2.2.2029
Components Version: 1.0.212
Update Package Version: 1.0.3104
License: Free
 
-System Information-
OS: Windows 8.1
CPU: x64
File System: NTFS
User: Cats\Connie
 
-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 534274
Threats Detected: 0
(No malicious items detected)
Threats Quarantined: 0
(No malicious items detected)
Time Elapsed: 10 min, 11 sec
 
-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect
 
-Scan Details-
Process: 0
(No malicious items detected)
 
Module: 0
(No malicious items detected)
 
Registry Key: 0
(No malicious items detected)
 
Registry Value: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Data Stream: 0
(No malicious items detected)
 
Folder: 0
(No malicious items detected)
 
File: 0
(No malicious items detected)
 
Physical Sector: 0
(No malicious items detected)
 
 
(end)

 

Looks like things are clean, but are they really? Here's a screenshot of my task manager after the Malwarebytes scan:

Attached File  cats.jpg   423.74KB   0 downloads

But if you say it's fine, then I will trust your word. Let me know :)



#14 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,559 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:12:35 AM

Posted 27 October 2017 - 12:10 PM

Print these instruction as the tool we are about to run may restart the computer various times.

Download version 1.10.2.1002 of Malwarebytes Anti Rootkit (MBAR)

  • Run the exe as administrator by right clicking and select run as administrator.
  • Click ok to extract.
  • After extraction MBAR should start.
  • Click next.
  • Update by hitting the update button.
  • After the update completes hit next.
  • Deselect sectors and system below. Hit the scan button. Please let it finish the scan. This rootkit may slow your machine down and MBAR may look like it will freeze but it will continue to scan. Please allow it to do so.
  • If you get the following error message:

Could not load DDA driver


  • Click Yes and your computer will reboot.
  • After the reboot, the MBAR window should automatically open.

Note: If your Desktop is missing/black, do not worry. This is normal. Please proceed with the remaining instructions below.


  • Click Next followed by Next.
  • Uncheck System and Sectors. Click Scan.
  • If the scan successfully completes, please skip to the Remediation bullet points below.
  • If you receive the same message, "Could not load DDA driver", click Yes.
  • Click OK. Your computer will automatically boot into the Recovery Environment. Proceed with the instructions below afterwards.
  • If Windows did not boot into the recovery environment hold the SHIFT key and click restart computer while holding the shift key down. You should then boot into the boot options menu. Select repair your computer from the list and follow the instructions below.
  • If still not successful from an administrator command prompt in normal windows run the following command:

bcdedit.exe /set {bootmgr} displaybootmenu yes


  • Windows 7:

    Select your desired keyboard layout and click Next.


    Select your user account, enter your user account password (leave blank if you don't have one and click OK.


    Click Command Prompt.


 
  • Windows 10:

    Click Troubleshoot.


    Click Advanced Options followed by Command Prompt.


    Select your account and enter your password if you have one.


 
  • Command Prompt in Recovery Environment:

 
  • Type the following text below into the Command Prompt and press Enter on the keyboard:

BCDEDIT |Find "osdevice"



Note the osdevice partition letter, then type.



X:\mbstart.cmd



Where X is the osdevice letter, and press Enter


  • The tool will start to run.
  • The MBAR window should automatically open.
  • Click Next followed by Next.
  • Uncheck System and Sectors. Click Scan.

 
  • Remediation:

If threats are detected, click the Cleanup button.


If you are prompted to restart, please hit Yes


Upon completion of the scan or after the reboot, two files named  mbar-log.txt and system-log.txt will be created.


Both files can be found in the extracted MBAR folder on your Desktop.


Please attach both files in your next reply.


No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#15 misomisomiso

misomisomiso
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:35 AM

Posted 27 October 2017 - 07:52 PM

Print these instruction as the tool we are about to run may restart the computer various times.

Download version 1.10.2.1002 of Malwarebytes Anti Rootkit (MBAR)

  • Run the exe as administrator by right clicking and select run as administrator.
  • Click ok to extract.
  • After extraction MBAR should start.
  • Click next.
  • Update by hitting the update button.
  • After the update completes hit next.
  • Deselect sectors and system below. Hit the scan button. Please let it finish the scan. This rootkit may slow your machine down and MBAR may look like it will freeze but it will continue to scan. Please allow it to do so.
  • If you get the following error message:

Could not load DDA driver


  • Click Yes and your computer will reboot.
  • After the reboot, the MBAR window should automatically open.

Note: If your Desktop is missing/black, do not worry. This is normal. Please proceed with the remaining instructions below.


  • Click Next followed by Next.
  • Uncheck System and Sectors. Click Scan.
  • If the scan successfully completes, please skip to the Remediation bullet points below.
  • If you receive the same message, "Could not load DDA driver", click Yes.
  • Click OK. Your computer will automatically boot into the Recovery Environment. Proceed with the instructions below afterwards.
  • If Windows did not boot into the recovery environment hold the SHIFT key and click restart computer while holding the shift key down. You should then boot into the boot options menu. Select repair your computer from the list and follow the instructions below.
  • If still not successful from an administrator command prompt in normal windows run the following command:

bcdedit.exe /set {bootmgr} displaybootmenu yes


  • Windows 7:

    Select your desired keyboard layout and click Next.


    Select your user account, enter your user account password (leave blank if you don't have one and click OK.


    Click Command Prompt.


 
  • Windows 10:

    Click Troubleshoot.


    Click Advanced Options followed by Command Prompt.


    Select your account and enter your password if you have one.


 
  • Command Prompt in Recovery Environment:

 
  • Type the following text below into the Command Prompt and press Enter on the keyboard:

BCDEDIT |Find "osdevice"



Note the osdevice partition letter, then type.



X:\mbstart.cmd



Where X is the osdevice letter, and press Enter


  • The tool will start to run.
  • The MBAR window should automatically open.
  • Click Next followed by Next.
  • Uncheck System and Sectors. Click Scan.

 
  • Remediation:

If threats are detected, click the Cleanup button.


If you are prompted to restart, please hit Yes


Upon completion of the scan or after the reboot, two files named  mbar-log.txt and system-log.txt will be created.


Both files can be found in the extracted MBAR folder on your Desktop.


Please attach both files in your next reply.

 

 

Hi JSntgRvr,
I have downloaded the MBAR from your link, but nothing happens after I right click it, and run it as administrator.

No errors, or anything, pops up.

Should I try opening it in Safe Mode, or something?

Please advise, thank you!






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users