Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

System Restore failed / Infected and cannot use certain programs


  • This topic is locked This topic is locked
108 replies to this topic

#16 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,938 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:09:46 PM

Posted 29 November 2017 - 02:32 PM

Lets see a new set of logs. Open FRST, make sure the addition.txt is checked, and click on Scan.

 

Post the new FRST.txt and addition.txt logs.


No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


BC AdBot (Login to Remove)

 


#17 anthroxdx

anthroxdx
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Local time:08:46 PM

Posted 29 November 2017 - 08:54 PM

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-11-2017
Ran by Nick Brano (administrator) on NICKSPC (29-11-2017 20:50:36)
Running from C:\Users\Nick Brano\Desktop
Loaded Profiles: Nick Brano (Available Profiles: Nick Brano)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
(Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Realtime Soft Ltd) C:\Program Files\UltraMon\UltraMon.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [StartupDelayer] => C:\Program Files\r2 Studios\Startup Delayer\Startup Launcher.exe [1254400 2015-12-17] (r2 Studios)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-3757204901-3132025799-1142526092-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\UltraMon.scr [267200 2012-12-23] (Realtime Soft Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\UltraMon.lnk [2013-08-16]
ShortcutTarget: UltraMon.lnk -> C:\Windows\Installer\{9069EE0A-7615-4D86-AD80-CA263E936DA6}\IcoUltraMon.ico ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{31E461F7-2F8E-4800-B560-3667F8845207}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3757204901-3132025799-1142526092-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM-x32 -> DefaultScope value is missing
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: GetRight IE Helper -> {31FF080D-12A3-439A-A2EF-4BA95A3148E8} -> C:\Program Files (x86)\GetRight\xx2gr.dll [2009-10-19] (Headlight Software, Inc.)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-08-28] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05] (Adobe Systems Incorporated)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-08-28] (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05] (Adobe Systems Incorporated)
DPF: HKLM-x32 {00001026-A15C-11D4-97A4-0050BF0FBE67} hxxp://download.netmarble.net/web/nmstarter/NMStarter26_20131209.cab
DPF: HKLM-x32 {0A010259-4F31-42C7-9AE4-35A30D1A7C6D} hxxp://download.netmarble.net/web/NMGameCheck/NMGridDown.cab
DPF: HKLM-x32 {5C1B293E-DA77-4AFF-8B52-63DEF8C8A071} hxxp://download.netmarble.net/ActiveX/NMAutoUpdateX/NMAutoUpdateX_1.0.1.2.cab
DPF: HKLM-x32 {89F434A7-4A49-4394-AC02-007480331AE2} hxxp://download.netmarble.net/ActiveX/NMAutoUpdateX/SystemIDInfo/NMSystemIDInfo_1.0.0.3.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {D3AC6FD2-CB12-496A-99C5-949CCE9E7262} hxxp://gundam.netmarble.net/Component/SdgoSupportTool/SdgoSupportTool.CAB

FireFox:
========
FF ProfilePath: C:\Users\Nick Brano\AppData\Roaming\Mozilla\Firefox\Profiles\az5qv7v5.default [2017-11-29]
FF Homepage: Mozilla\Firefox\Profiles\az5qv7v5.default -> hxxp://abgx360.xecuter.com/verified.php
FF NetworkProxy: Mozilla\Firefox\Profiles\az5qv7v5.default -> http", "210.253.106.155"
FF Extension: (Adblocker X) - C:\Users\Nick Brano\AppData\Roaming\Mozilla\Firefox\Profiles\az5qv7v5.default\Extensions\@adblock57.xpi [2017-11-09]
FF Extension: (ClipConverter) - C:\Users\Nick Brano\AppData\Roaming\Mozilla\Firefox\Profiles\az5qv7v5.default\Extensions\clipconverter@clipconverter.cc.xpi [2015-08-28] [Lagacy]
FF Extension: (MEGA) - C:\Users\Nick Brano\AppData\Roaming\Mozilla\Firefox\Profiles\az5qv7v5.default\Extensions\firefox@mega.co.nz.xpi [2017-11-23]
FF Extension: (Foxdie) - C:\Users\Nick Brano\AppData\Roaming\Mozilla\Firefox\Profiles\az5qv7v5.default\Extensions\Foxdie@tanjihay.com [2016-10-23] [Lagacy] [not signed]
FF Extension: (Foxdie (Graphite)) - C:\Users\Nick Brano\AppData\Roaming\Mozilla\Firefox\Profiles\az5qv7v5.default\Extensions\FoxdieGraphite@tanjihay.com [2016-10-23] [Lagacy] [not signed]
FF Extension: (Auto Shutdown NG) - C:\Users\Nick Brano\AppData\Roaming\Mozilla\Firefox\Profiles\az5qv7v5.default\Extensions\jid0-HZ5UvAEiWWAxT9TKLuhEgUCARqo@jetpack.xpi [2016-10-27] [Lagacy]
FF Extension: (NicoFox) - C:\Users\Nick Brano\AppData\Roaming\Mozilla\Firefox\Profiles\az5qv7v5.default\Extensions\nicofox@littlebtc.xpi [2016-03-04] [Lagacy]
FF Extension: (Photobucket Uploader) - C:\Users\Nick Brano\AppData\Roaming\Mozilla\Firefox\Profiles\az5qv7v5.default\Extensions\pbupload@photobucket.com.xpi [2016-04-27] [Lagacy]
FF Extension: (Personas Plus) - C:\Users\Nick Brano\AppData\Roaming\Mozilla\Firefox\Profiles\az5qv7v5.default\Extensions\personas@christopher.beard.xpi [2017-11-10]
FF Extension: (SkipScreen) - C:\Users\Nick Brano\AppData\Roaming\Mozilla\Firefox\Profiles\az5qv7v5.default\Extensions\SkipScreen@SkipScreen.xpi [2016-04-27] [Lagacy]
FF Extension: (ReloadEvery) - C:\Users\Nick Brano\AppData\Roaming\Mozilla\Firefox\Profiles\az5qv7v5.default\Extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi [2016-03-13] [Lagacy]
FF Extension: (Video DownloadHelper) - C:\Users\Nick Brano\AppData\Roaming\Mozilla\Firefox\Profiles\az5qv7v5.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2017-11-17]
FF Extension: (Cookies Manager+) - C:\Users\Nick Brano\AppData\Roaming\Mozilla\Firefox\Profiles\az5qv7v5.default\Extensions\{bb6bc1bb-f824-4702-90cd-35e2fb24f25d} [2017-07-23] [Lagacy]
FF Extension: (Adblock Plus) - C:\Users\Nick Brano\AppData\Roaming\Mozilla\Firefox\Profiles\az5qv7v5.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-11-09]
FF Extension: (Disable Media WMF NV12 format) - C:\Users\Nick Brano\AppData\Roaming\Mozilla\Firefox\Profiles\az5qv7v5.default\features\{837c10ab-155e-4d87-8fcd-62518a8f7296}\disable-media-wmf-nv12@mozilla.org.xpi [2017-11-22] [Lagacy]
FF SearchPlugin: C:\Users\Nick Brano\AppData\Roaming\Mozilla\Firefox\Profiles\az5qv7v5.default\searchplugins\swagbucks.xml [2016-02-29]
FF ProfilePath: C:\Users\Nick Brano\AppData\Roaming\Broad Intelligence\MediaCoder\Profiles\5x0uib93.default [2011-03-25]
FF HKLM-x32\...\Firefox\Extensions: [{4E8E62B3-C793-464B-B1A5-E66CF3B3C425}] - C:\Users\Nick Brano\AppData\Local\{4E8E62B3-C793-464B-B1A5-E66CF3B3C425} => not found
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2013-03-07] [Lagacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [netsight@nielsen.com] - C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter1\FirefoxAddOns\netsight@nielsen.xpi => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_27_0_0_183.dll [2017-11-14] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-09-20] (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll [2013-07-14] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_183.dll [2017-11-14] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1218158.dll [2015-05-07] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-08-28] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-08-28] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @netmarble.net/NMStarter -> C:\Users\Nick Brano\AppData\Roaming\Netmarble\npNMStarter.dll [2013-05-08] (CJ E&M Corp.)
FF Plugin-x32: @netmarble.net/NMSystemInformer -> C:\Users\Nick Brano\AppData\Roaming\Netmarble\npNMSystemInformer.dll [2013-04-15] ( CJ Internet)
FF Plugin-x32: @playstation.com/PsndlCheck,version=1.00 -> C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll [2012-09-12] (Sony Computer Entertainment Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2011-09-05] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-12-18] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [2013-07-14] (Adobe Systems)
FF Plugin HKU\S-1-5-21-3757204901-3132025799-1142526092-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Nick Brano\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-03-10] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3757204901-3132025799-1142526092-1001: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2013-02-01] (Pando Networks)

Chrome:
=======
CHR NewTab: Default ->  Active:"chrome-extension://biphfmnpogelhhfabgjdakddplalpnkf/newtab/newtab.html"
CHR DefaultSearchURL: Default -> hxxp://search.trendingupnow.net/search?q={searchTerms}
CHR DefaultSearchKeyword: Default -> TrendingUpNow.net
CHR Profile: C:\Users\Nick Brano\AppData\Local\Google\Chrome\User Data\Default [2017-11-25]
CHR Extension: (Google Slides) - C:\Users\Nick Brano\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-09-25]
CHR Extension: (Google Docs) - C:\Users\Nick Brano\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-25]
CHR Extension: (Google Drive) - C:\Users\Nick Brano\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-01]
CHR Extension: (TrendingUpNow.net) - C:\Users\Nick Brano\AppData\Local\Google\Chrome\User Data\Default\Extensions\biphfmnpogelhhfabgjdakddplalpnkf [2016-08-28]
CHR Extension: (YouTube) - C:\Users\Nick Brano\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Google Search) - C:\Users\Nick Brano\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-01]
CHR Extension: (EyesDecide) - C:\Users\Nick Brano\AppData\Local\Google\Chrome\User Data\Default\Extensions\fekobajlmilfffkiaddchgbfaohhmopf [2016-10-09]
CHR Extension: (Google Sheets) - C:\Users\Nick Brano\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-09-25]
CHR Extension: (Google Docs Offline) - C:\Users\Nick Brano\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-06-11]
CHR Extension: (SwagButton) - C:\Users\Nick Brano\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngocbkfmikdgphklgmmehbjjlfgdemm [2016-08-28]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Nick Brano\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-08-28]
CHR Extension: (Gmail) - C:\Users\Nick Brano\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-25]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-30] (SUPERAntiSpyware.com)
S4 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2009-10-25] (Adobe Systems) [File not signed]
S4 Akamai; c:\program files (x86)\common files\akamai\netsession_win_2da1ebd.dll [3542616 2011-08-02] ()
S4 Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDevice.exe [55336 2015-06-29] ()
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-04-03] (Apple Inc.)
S4 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [405208 2014-07-03] (BlueStack Systems, Inc.)
S4 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384728 2014-07-03] (BlueStack Systems, Inc.)
S4 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [773848 2014-07-03] (BlueStack Systems, Inc.)
S4 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
S4 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-04-15] (LogMeIn, Inc.)
S4 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)
S4 MSCSPTISRV; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [45056 2006-12-14] (Sony Corporation) [File not signed]
R2 MSSQL$SQLEXPRESS; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [43044512 2015-04-03] (Microsoft Corporation)
S4 msvsmon100; C:\Program Files\Microsoft Visual Studio 10.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [5013840 2009-05-06] (Microsoft Corporation)
S4 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [537896 2008-12-12] (Nero AG)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3472368 2014-12-01] (INCA Internet Co., Ltd.)
S4 PACSPTISVR; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [57344 2006-12-14] () [File not signed]
R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [435328 2017-10-09] (Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [916096 2017-10-16] (Razer Inc.)
S4 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2017-07-19] ()
S4 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-02-28] (Riverbed Technology, Inc.)
S3 SEVPNCLIENT; C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe [4374072 2015-01-11] (SoftEther VPN Project at University of Tsukuba, Japan.)
S4 SonicStage Back-End Service; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SsBeSvc.exe [112184 2007-02-05] (Sony Corporation)
S4 SPTISRV; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SPTISRV.exe [69632 2006-12-14] (Sony Corporation) [File not signed]
S4 SQLAgent$SQLEXPRESS; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [380064 2015-04-03] (Microsoft Corporation)
S4 SSScsiSV; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SSScsiSV.exe [75320 2007-02-05] (Sony Corporation)
S4 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S4 TenorshareReibootService; C:\Program Files (x86)\ReiBoot\TenorshareReibootService.exe [33208 2017-01-18] (Tenorshare Co,Ltd)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [315768 2016-08-05] (Western Digital Technologies, Inc.)
S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 WD Backup Drive Helper; C:\Windows\SysWOW64\dllhost.exe /Processid:{4AB831D3-8315-414C-8A7A-303105288D0B}
S3 WD Backup Snapshot; C:\Windows\SysWOW64\dllhost.exe /Processid:{302480DF-3AC5-4400-BE7B-DD77AF93B6DD}

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ampa; C:\Windows\system32\ampa.sys [38320 2016-12-25] ()
S3 ampa; C:\Windows\SysWOW64\ampa.sys [38320 2016-12-25] ()
R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [123840 2010-04-23] (SlySoft, Inc.)
R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [123840 2010-04-23] (SlySoft, Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2009-08-04] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [13368 2009-07-06] ()
S3 BlackBox; C:\Windows\SysWow64\Drivers\BlackBox.sys [35712 2012-01-21] () [File not signed]
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [122072 2014-07-03] (BlueStack Systems)
S4 cjtg; C:\Windows\System32\drivers\chknrg.sys [79064 2017-11-24] (Malwarebytes)
S3 ck3pro; C:\Windows\System32\DRIVERS\ck3pro64.sys [97280 2010-07-14] (XECUTER)
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [272448 2011-09-13] (DT Soft Ltd)
S2 EMSLink; C:\Windows\System32\Drivers\EMSLink_amd64.sys [8832 2010-01-13] (EMS Production Limited.) [File not signed]
S4 MBAMSwissArmy; C:\Windows\System32\drivers\mbamswissarmy.sys [253880 2017-11-24] (Malwarebytes)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-15] ()
S3 Neo_VPN; C:\Windows\System32\DRIVERS\Neo_0030.sys [28768 2015-09-22] (SoftEther VPN Project at University of Tsukuba, Japan.)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-02-28] (Riverbed Technology, Inc.)
S3 pfc; C:\Windows\SysWOW64\drivers\pfc.sys [10368 2004-04-01] (Padus, Inc.) [File not signed]
S4 ruhbiv; C:\Windows\System32\drivers\yitrfe.sys [79064 2017-11-23] (Malwarebytes)
R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [52248 2016-10-30] (Razer Inc)
R3 rzmpos; C:\Windows\System32\DRIVERS\rzmpos.sys [48152 2016-10-30] (Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [43256 2017-07-18] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [137208 2017-07-16] (Razer, Inc.)
S3 SaiK0CD7; C:\Windows\System32\DRIVERS\SaiK0CD7.sys [183104 2011-09-20] (Saitek)
R3 SaiMini; C:\Windows\System32\DRIVERS\SaiMini.sys [24680 2012-06-26] (Saitek)
R3 SaiNtBus; C:\Windows\System32\drivers\SaiBus.sys [52200 2012-06-26] (Saitek)
S3 SaiU0CD7; C:\Windows\System32\DRIVERS\SaiU0CD7.sys [47168 2011-09-20] (Saitek)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 SEE; C:\Windows\System32\drivers\see.sys [38240 2015-01-11] (SoftEther VPN Project at University of Tsukuba, Japan.)
S3 TTDrv; C:\KOPLAYER\vbox\TTDrv.sys [261104 2015-12-22] (Oracle Corporation)
R3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam64_prewin8.sys [23200 2016-08-05] (Western Digital Technologies)
S3 WsAudio_Device; C:\Windows\System32\drivers\VirtualAudio.sys [31080 2013-09-03] (Wondershare)
S3 xb1usb; C:\Windows\System32\DRIVERS\xb1usb.sys [42760 2016-02-21] (Microsoft Corporation)
S3 udiskMgr; system32\drivers\qtwadg.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-11-29 20:20 - 2017-11-29 20:50 - 000023282 _____ C:\Users\Nick Brano\Desktop\FRST.txt
2017-11-29 13:31 - 2017-11-29 13:31 - 000140112 ____N C:\Windows\system32\Drivers\mbbloruy.sys
2017-11-28 12:19 - 2017-11-28 12:19 - 000000003 _____ C:\Users\Nick Brano\Desktop\gfds.txt
2017-11-28 06:43 - 2017-11-28 06:44 - 000482288 _____ C:\Windows\Minidump\112817-53367-01.dmp
2017-11-27 12:10 - 2017-11-28 23:32 - 000002299 _____ C:\Users\Nick Brano\Desktop\fixlist.txt
2017-11-26 18:41 - 2017-11-29 20:20 - 000000000 ____D C:\Users\Nick Brano\Desktop\FRST-OlderVersion
2017-11-26 13:38 - 2017-11-26 13:38 - 000255928 _____ (Malwarebytes) C:\Windows\system32\Drivers\6376F1BE.sys
2017-11-26 13:38 - 2017-11-26 13:38 - 000192952 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2017-11-26 01:34 - 2017-11-26 01:34 - 001005339 _____ C:\Users\Nick Brano\Desktop\Monster World IV USA, Europe En,Ja Virtual Console.zip
2017-11-25 22:26 - 2017-11-25 22:27 - 000000000 ____D C:\Users\Nick Brano\Documents\Genesis
2017-11-25 22:02 - 2017-11-25 22:02 - 000003106 _____ C:\Users\Nick Brano\Desktop\AdwCleaner[S2].txt
2017-11-25 21:29 - 2017-11-26 13:38 - 000000000 ____D C:\Users\Nick Brano\Desktop\New folder (14)
2017-11-25 21:28 - 2017-11-25 21:28 - 008261584 _____ (Malwarebytes) C:\Users\Nick Brano\Desktop\adwcleaner_7.0.4.0.exe
2017-11-25 21:18 - 2017-11-29 20:20 - 002391552 _____ (Farbar) C:\Users\Nick Brano\Desktop\FRST64.exe
2017-11-25 04:33 - 2017-11-25 04:33 - 000017344 _____ C:\Users\Nick Brano\Desktop\rk.txt
2017-11-25 01:45 - 2017-11-25 01:45 - 000000000 ____D C:\Users\Nick Brano\Desktop\Razer
2017-11-25 01:33 - 2017-11-25 01:33 - 026194416 _____ (Razer USA Ltd) C:\Users\Nick Brano\Desktop\j.exe
2017-11-25 01:33 - 2017-11-25 01:33 - 000000000 ____D C:\Program Files (x86)\PKGInstaller
2017-11-25 00:30 - 2017-11-25 00:30 - 000000000 ____D C:\Windows\CheckSur
2017-11-24 23:27 - 2017-11-25 00:50 - 000028272 _____ C:\Windows\system32\Drivers\TrueSight.sys
2017-11-24 23:26 - 2017-11-25 00:34 - 000000000 ____D C:\ProgramData\RogueKiller
2017-11-24 23:26 - 2017-11-24 23:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2017-11-24 23:26 - 2017-11-24 23:26 - 000000000 ____D C:\Program Files\RogueKiller
2017-11-24 23:25 - 2017-11-24 23:25 - 036141704 _____ (Adlice Software ) C:\Users\Nick Brano\Desktop\setup.exe
2017-11-24 21:58 - 2017-11-24 21:58 - 000000947 _____ C:\Users\Nick Brano\Desktop\bleep.txt
2017-11-24 21:41 - 2017-11-29 20:50 - 000000000 ____D C:\FRST
2017-11-24 06:26 - 2017-11-24 06:26 - 003222528 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-11-24 02:04 - 2017-11-24 02:04 - 000000000 ____D C:\SUPERDelete
2017-11-24 01:42 - 2017-11-29 01:42 - 000000520 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 53d24d4e-fc60-47c4-aac8-c86ca917dc82.job
2017-11-24 01:42 - 2017-11-27 02:01 - 000000000 ____D C:\Program Files\SUPERAntiSpyware
2017-11-24 01:42 - 2017-11-24 01:42 - 000003532 _____ C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 53d24d4e-fc60-47c4-aac8-c86ca917dc82
2017-11-24 01:42 - 2017-11-24 01:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2017-11-24 01:32 - 2017-11-24 14:54 - 000253880 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2017-11-24 01:31 - 2017-11-24 01:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-11-24 01:31 - 2017-11-24 01:31 - 000000000 ____D C:\Program Files\Malwarebytes
2017-11-24 01:31 - 2017-11-01 08:54 - 000077432 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-11-24 01:30 - 2017-11-24 01:30 - 000000000 ____D C:\ProgramData\MB2Migration
2017-11-24 01:23 - 2017-11-24 01:23 - 000000000 ____D C:\bleepr
2017-11-24 01:22 - 2017-11-24 01:23 - 000735680 _____ C:\Users\Nick Brano\Desktop\435049_intl_x64_zip.exe
2017-11-24 01:13 - 2017-11-24 01:21 - 000235146 _____ C:\TDSSKiller.3.1.0.15_24.11.2017_01.13.32_log.txt
2017-11-24 01:05 - 2017-11-24 01:07 - 000239624 _____ C:\TDSSKiller.3.1.0.15_24.11.2017_01.05.03_log.txt
2017-11-24 00:30 - 2017-11-26 21:22 - 000000000 ____D C:\Users\Nick Brano\AppData\Local\sbsimto
2017-11-24 00:25 - 2017-11-24 00:25 - 000079064 _____ (Malwarebytes) C:\Windows\system32\Drivers\chknrg.sys
2017-11-23 22:23 - 2017-11-23 22:23 - 005659763 _____ (Swearware) C:\Users\Nick Brano\Downloads\xbcv.exe
2017-11-23 22:02 - 2017-11-23 22:02 - 000079064 _____ (Malwarebytes) C:\Windows\system32\Drivers\yitrfe.sys
2017-11-23 21:59 - 2017-11-23 21:59 - 009542472 _____ C:\Users\Nick Brano\Desktop\Windows6.1-KB3177467-x64.msu
2017-11-23 19:38 - 2017-11-25 21:34 - 001841550 _____ C:\Windows\ntbtlog.txt
2017-11-23 15:25 - 2017-11-23 16:50 - 553492184 _____ C:\Users\Nick Brano\Downloads\Tokyo E-sports Festival Bakarhythm VS Arino Kacho.mkv
2017-11-23 02:07 - 2017-11-23 02:07 - 1500704348 _____ C:\Users\Nick Brano\Desktop\Tokyo E-sports Festival 2017-11-18 Bakarhythm vs Arino Kacho.mp4
2017-11-23 00:52 - 2017-11-23 00:52 - 000000059 _____ C:\Users\Nick Brano\Desktop\user.conf
2017-11-22 04:24 - 2017-11-22 04:35 - 000008088 _____ C:\Users\Nick Brano\Desktop\settings.xml
2017-11-22 04:14 - 2017-11-22 04:14 - 000000236 _____ C:\Users\Nick Brano\Desktop\client api.txt
2017-11-18 00:59 - 2017-11-18 02:34 - 000000000 ____D C:\Users\Nick Brano\Documents\20XX
2017-11-18 00:59 - 2010-06-02 04:55 - 000527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2017-11-18 00:59 - 2010-06-02 04:55 - 000518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2017-11-18 00:59 - 2010-06-02 04:55 - 000239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2017-11-18 00:59 - 2010-06-02 04:55 - 000176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2017-11-18 00:59 - 2010-06-02 04:55 - 000077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2017-11-18 00:59 - 2010-06-02 04:55 - 000074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2017-11-18 00:59 - 2010-05-26 11:41 - 002526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2017-11-18 00:59 - 2010-05-26 11:41 - 002401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2017-11-18 00:59 - 2010-05-26 11:41 - 002106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2017-11-18 00:59 - 2010-05-26 11:41 - 001998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2017-11-18 00:59 - 2010-05-26 11:41 - 001907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2017-11-18 00:59 - 2010-05-26 11:41 - 001868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2017-11-18 00:59 - 2010-05-26 11:41 - 000511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2017-11-18 00:59 - 2010-05-26 11:41 - 000470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2017-11-18 00:59 - 2010-05-26 11:41 - 000276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2017-11-18 00:59 - 2010-05-26 11:41 - 000248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2017-11-18 00:59 - 2009-09-04 17:44 - 000517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2017-11-18 00:59 - 2009-09-04 17:44 - 000515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2017-11-18 00:59 - 2009-09-04 17:44 - 000238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2017-11-18 00:59 - 2009-09-04 17:44 - 000176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2017-11-18 00:59 - 2009-09-04 17:44 - 000073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2017-11-18 00:59 - 2009-09-04 17:44 - 000069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2017-11-18 00:59 - 2009-09-04 17:29 - 005554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2017-11-18 00:59 - 2009-09-04 17:29 - 005501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2017-11-18 00:59 - 2009-09-04 17:29 - 002582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2017-11-18 00:59 - 2009-09-04 17:29 - 002475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2017-11-18 00:59 - 2009-09-04 17:29 - 001974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2017-11-18 00:59 - 2009-09-04 17:29 - 001892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2017-11-18 00:59 - 2009-09-04 17:29 - 000523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2017-11-18 00:59 - 2009-09-04 17:29 - 000453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2017-11-18 00:59 - 2009-09-04 17:29 - 000285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2017-11-18 00:59 - 2009-09-04 17:29 - 000235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2017-11-18 00:59 - 2009-03-16 14:18 - 000521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2017-11-18 00:59 - 2009-03-16 14:18 - 000517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2017-11-18 00:59 - 2009-03-16 14:18 - 000235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2017-11-18 00:59 - 2009-03-16 14:18 - 000174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2017-11-18 00:59 - 2009-03-16 14:18 - 000024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2017-11-18 00:59 - 2009-03-16 14:18 - 000022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2017-11-18 00:59 - 2009-03-09 15:27 - 005425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2017-11-18 00:59 - 2009-03-09 15:27 - 004178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2017-11-18 00:59 - 2009-03-09 15:27 - 002430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2017-11-18 00:59 - 2009-03-09 15:27 - 001846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2017-11-18 00:59 - 2009-03-09 15:27 - 000520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2017-11-18 00:59 - 2009-03-09 15:27 - 000453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2017-11-18 00:59 - 2008-10-27 10:04 - 000518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2017-11-18 00:59 - 2008-10-27 10:04 - 000514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2017-11-18 00:59 - 2008-10-27 10:04 - 000235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2017-11-18 00:59 - 2008-10-27 10:04 - 000175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2017-11-18 00:59 - 2008-10-27 10:04 - 000074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2017-11-18 00:59 - 2008-10-27 10:04 - 000070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2017-11-18 00:59 - 2008-10-27 10:04 - 000025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2017-11-18 00:59 - 2008-10-27 10:04 - 000023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2017-11-18 00:59 - 2008-10-15 06:22 - 005631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2017-11-18 00:59 - 2008-10-15 06:22 - 004379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2017-11-18 00:59 - 2008-10-15 06:22 - 002605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2017-11-18 00:59 - 2008-10-15 06:22 - 002036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2017-11-18 00:59 - 2008-10-15 06:22 - 000519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2017-11-18 00:59 - 2008-10-15 06:22 - 000452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2017-11-18 00:59 - 2008-07-31 10:41 - 000238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2017-11-18 00:59 - 2008-07-31 10:41 - 000177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2017-11-18 00:59 - 2008-07-31 10:41 - 000072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2017-11-18 00:59 - 2008-07-31 10:41 - 000068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2017-11-18 00:59 - 2008-07-31 10:40 - 000513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2017-11-18 00:59 - 2008-07-31 10:40 - 000509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2017-11-18 00:59 - 2008-07-10 11:01 - 000467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2017-11-18 00:59 - 2008-07-10 11:00 - 003851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2017-11-18 00:59 - 2008-07-10 11:00 - 001493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2017-11-18 00:59 - 2008-05-30 14:19 - 000511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2017-11-18 00:59 - 2008-05-30 14:19 - 000507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2017-11-18 00:59 - 2008-05-30 14:18 - 000238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2017-11-18 00:59 - 2008-05-30 14:18 - 000177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2017-11-18 00:59 - 2008-05-30 14:17 - 000068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2017-11-18 00:59 - 2008-05-30 14:17 - 000065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2017-11-18 00:59 - 2008-05-30 14:17 - 000025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2017-11-18 00:59 - 2008-05-30 14:16 - 000028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2017-11-18 00:59 - 2008-05-30 14:11 - 004991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2017-11-18 00:59 - 2008-05-30 14:11 - 003850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2017-11-18 00:59 - 2008-05-30 14:11 - 001941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2017-11-18 00:59 - 2008-05-30 14:11 - 001491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2017-11-18 00:59 - 2008-05-30 14:11 - 000540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2017-11-18 00:59 - 2008-05-30 14:11 - 000467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2017-11-18 00:58 - 2008-03-05 16:04 - 000489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2017-11-18 00:58 - 2008-03-05 16:03 - 000479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2017-11-18 00:58 - 2008-03-05 16:03 - 000238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2017-11-18 00:58 - 2008-03-05 16:03 - 000177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2017-11-18 00:58 - 2008-03-05 16:00 - 000028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2017-11-18 00:58 - 2008-03-05 16:00 - 000025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2017-11-18 00:58 - 2008-03-05 15:56 - 004910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2017-11-18 00:58 - 2008-03-05 15:56 - 003786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2017-11-18 00:58 - 2008-03-05 15:56 - 001860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2017-11-18 00:58 - 2008-03-05 15:56 - 001420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2017-11-18 00:58 - 2008-02-05 23:07 - 000529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2017-11-18 00:58 - 2008-02-05 23:07 - 000462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2017-11-18 00:58 - 2007-10-22 03:40 - 000411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2017-11-18 00:58 - 2007-10-22 03:39 - 000267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2017-11-18 00:58 - 2007-10-22 03:37 - 000021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2017-11-18 00:58 - 2007-10-22 03:37 - 000017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2017-11-18 00:58 - 2007-10-12 15:14 - 005081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2017-11-18 00:58 - 2007-10-12 15:14 - 003734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2017-11-18 00:58 - 2007-10-12 15:14 - 002006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2017-11-18 00:58 - 2007-10-12 15:14 - 001374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2017-11-18 00:58 - 2007-10-02 09:56 - 000508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2017-11-18 00:58 - 2007-10-02 09:56 - 000444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2017-11-18 00:58 - 2007-07-20 00:57 - 000411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2017-11-18 00:58 - 2007-07-20 00:57 - 000267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2017-11-18 00:58 - 2007-07-19 18:14 - 005073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2017-11-18 00:58 - 2007-07-19 18:14 - 003727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2017-11-18 00:58 - 2007-07-19 18:14 - 001985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2017-11-18 00:58 - 2007-07-19 18:14 - 001358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2017-11-18 00:58 - 2007-07-19 18:14 - 000508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2017-11-18 00:58 - 2007-07-19 18:14 - 000444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2017-11-18 00:58 - 2007-06-20 20:49 - 000409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2017-11-18 00:58 - 2007-06-20 20:46 - 000266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2017-11-18 00:58 - 2007-04-04 18:55 - 000403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2017-11-18 00:58 - 2007-04-04 18:55 - 000261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2017-11-18 00:58 - 2007-04-04 18:54 - 000107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2017-11-18 00:58 - 2007-03-15 16:57 - 000506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2017-11-18 00:58 - 2007-03-15 16:57 - 000443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2017-11-18 00:58 - 2007-03-12 16:42 - 004494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2017-11-18 00:58 - 2007-03-12 16:42 - 003495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2017-11-18 00:58 - 2007-03-12 16:42 - 001400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2017-11-18 00:58 - 2007-03-12 16:42 - 001123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2017-11-18 00:58 - 2007-03-05 12:42 - 000017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2017-11-18 00:58 - 2007-03-05 12:42 - 000015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2017-11-18 00:58 - 2007-01-24 15:27 - 000393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2017-11-18 00:58 - 2007-01-24 15:27 - 000255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2017-11-18 00:58 - 2006-11-29 13:06 - 000469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2017-11-18 00:58 - 2006-11-29 13:06 - 000440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2017-11-18 00:35 - 2017-11-18 00:39 - 000000000 ____D C:\Users\Nick Brano\AppData\Local\Steam
2017-11-17 12:13 - 2017-11-17 12:15 - 041733592 _____ C:\Users\Nick Brano\Desktop\sword-art-online-code-register1.apk
2017-11-17 05:47 - 2017-11-17 07:06 - 534930870 _____ C:\Users\Nick Brano\Downloads\249 Gekisha Boy.mkv
2017-11-16 00:47 - 2017-11-16 00:48 - 073072682 _____ C:\Users\Nick Brano\Desktop\dbz.japan.v3.8.1_c2.renzyyy.hp.iw.di.apk
2017-11-15 02:49 - 2017-10-18 02:31 - 000395976 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-11-15 02:49 - 2017-10-18 01:45 - 000347336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-11-15 02:49 - 2017-10-17 21:06 - 000344064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2017-11-15 02:49 - 2017-10-17 21:06 - 000327168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2017-11-15 02:49 - 2017-10-17 21:06 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2017-11-15 02:49 - 2017-10-17 21:06 - 000056320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2017-11-15 02:49 - 2017-10-17 21:06 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2017-11-15 02:49 - 2017-10-17 21:06 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2017-11-15 02:49 - 2017-10-17 21:06 - 000007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2017-11-15 02:49 - 2017-10-16 18:07 - 001680616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2017-11-15 02:49 - 2017-10-16 16:55 - 000339968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2017-11-15 02:49 - 2017-10-14 03:38 - 025731584 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-11-15 02:49 - 2017-10-14 03:23 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-11-15 02:49 - 2017-10-14 03:23 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-11-15 02:49 - 2017-10-14 03:13 - 002903552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-11-15 02:49 - 2017-10-14 03:12 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-11-15 02:49 - 2017-10-14 03:11 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-11-15 02:49 - 2017-10-14 03:11 - 000417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-11-15 02:49 - 2017-10-14 03:11 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-11-15 02:49 - 2017-10-14 03:11 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-11-15 02:49 - 2017-10-14 03:09 - 005979648 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-11-15 02:49 - 2017-10-14 03:05 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-11-15 02:49 - 2017-10-14 03:04 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-11-15 02:49 - 2017-10-14 03:02 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-11-15 02:49 - 2017-10-14 03:01 - 000816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-11-15 02:49 - 2017-10-14 03:01 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-11-15 02:49 - 2017-10-14 03:01 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-11-15 02:49 - 2017-10-14 03:00 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-11-15 02:49 - 2017-10-14 02:55 - 000968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-11-15 02:49 - 2017-10-14 02:53 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-11-15 02:49 - 2017-10-14 02:47 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-11-15 02:49 - 2017-10-14 02:47 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-11-15 02:49 - 2017-10-14 02:46 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-11-15 02:49 - 2017-10-14 02:43 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-11-15 02:49 - 2017-10-14 02:43 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-11-15 02:49 - 2017-10-14 02:41 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-11-15 02:49 - 2017-10-14 02:40 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-11-15 02:49 - 2017-10-14 02:31 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-11-15 02:49 - 2017-10-14 02:30 - 015266816 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-11-15 02:49 - 2017-10-14 02:30 - 000726528 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-11-15 02:49 - 2017-10-14 02:29 - 000807936 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-11-15 02:49 - 2017-10-14 02:28 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-11-15 02:49 - 2017-10-14 02:27 - 002134528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-11-15 02:49 - 2017-10-14 02:21 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-11-15 02:49 - 2017-10-14 02:14 - 020269056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-11-15 02:49 - 2017-10-14 02:09 - 001544704 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-11-15 02:49 - 2017-10-14 02:03 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2017-11-15 02:49 - 2017-10-14 01:58 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-11-15 02:49 - 2017-10-14 01:53 - 000499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-11-15 02:49 - 2017-10-14 01:53 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2017-11-15 02:49 - 2017-10-14 01:52 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2017-11-15 02:49 - 2017-10-14 01:52 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2017-11-15 02:49 - 2017-10-14 01:51 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-11-15 02:49 - 2017-10-14 01:50 - 002293760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-11-15 02:49 - 2017-10-14 01:47 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2017-11-15 02:49 - 2017-10-14 01:47 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2017-11-15 02:49 - 2017-10-14 01:46 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2017-11-15 02:49 - 2017-10-14 01:45 - 000662016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-11-15 02:49 - 2017-10-14 01:45 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-11-15 02:49 - 2017-10-14 01:45 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2017-11-15 02:49 - 2017-10-14 01:38 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2017-11-15 02:49 - 2017-10-14 01:35 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2017-11-15 02:49 - 2017-10-14 01:35 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-11-15 02:49 - 2017-10-14 01:34 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2017-11-15 02:49 - 2017-10-14 01:33 - 004542464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-11-15 02:49 - 2017-10-14 01:33 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2017-11-15 02:49 - 2017-10-14 01:32 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-11-15 02:49 - 2017-10-14 01:31 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-11-15 02:49 - 2017-10-14 01:30 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2017-11-15 02:49 - 2017-10-14 01:28 - 013680128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-11-15 02:49 - 2017-10-14 01:25 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-11-15 02:49 - 2017-10-14 01:24 - 000694272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-11-15 02:49 - 2017-10-14 01:23 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-11-15 02:49 - 2017-10-14 01:23 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2017-11-15 02:49 - 2017-10-14 01:10 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-11-15 02:49 - 2017-10-14 01:07 - 001314304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-11-15 02:49 - 2017-10-14 01:04 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-11-15 02:49 - 2017-10-11 19:58 - 000382696 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2017-11-15 02:49 - 2017-10-11 19:55 - 014635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2017-11-15 02:49 - 2017-10-11 19:55 - 012574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2017-11-15 02:49 - 2017-10-11 19:55 - 002319872 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2017-11-15 02:49 - 2017-10-11 19:55 - 002222080 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2017-11-15 02:49 - 2017-10-11 19:55 - 002058240 _____ (Microsoft Corporation) C:\Windows\system32\Query.dll
2017-11-15 02:49 - 2017-10-11 19:55 - 000778240 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2017-11-15 02:49 - 2017-10-11 19:55 - 000491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2017-11-15 02:49 - 2017-10-11 19:55 - 000288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2017-11-15 02:49 - 2017-10-11 19:55 - 000151552 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2017-11-15 02:49 - 2017-10-11 19:55 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2017-11-15 02:49 - 2017-10-11 19:55 - 000100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2017-11-15 02:49 - 2017-10-11 19:55 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2017-11-15 02:49 - 2017-10-11 19:55 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2017-11-15 02:49 - 2017-10-11 19:55 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2017-11-15 02:49 - 2017-10-11 19:55 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2017-11-15 02:49 - 2017-10-11 19:55 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2017-11-15 02:49 - 2017-10-11 19:55 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2017-11-15 02:49 - 2017-10-11 19:55 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2017-11-15 02:49 - 2017-10-11 19:55 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2017-11-15 02:49 - 2017-10-11 19:55 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2017-11-15 02:49 - 2017-10-11 19:40 - 000308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2017-11-15 02:49 - 2017-10-11 19:39 - 000591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2017-11-15 02:49 - 2017-10-11 19:38 - 000249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2017-11-15 02:49 - 2017-10-11 19:38 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2017-11-15 02:49 - 2017-10-11 19:37 - 012574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2017-11-15 02:49 - 2017-10-11 19:37 - 011410944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2017-11-15 02:49 - 2017-10-11 19:37 - 001549824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2017-11-15 02:49 - 2017-10-11 19:37 - 001400320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2017-11-15 02:49 - 2017-10-11 19:37 - 001363968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Query.dll
2017-11-15 02:49 - 2017-10-11 19:37 - 000666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2017-11-15 02:49 - 2017-10-11 19:37 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2017-11-15 02:49 - 2017-10-11 19:37 - 000197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2017-11-15 02:49 - 2017-10-11 19:37 - 000111104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2017-11-15 02:49 - 2017-10-11 19:37 - 000104448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll
2017-11-15 02:49 - 2017-10-11 19:37 - 000070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2017-11-15 02:49 - 2017-10-11 19:37 - 000059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2017-11-15 02:49 - 2017-10-11 19:37 - 000034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2017-11-15 02:49 - 2017-10-11 19:37 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2017-11-15 02:49 - 2017-10-11 19:37 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2017-11-15 02:49 - 2017-10-11 19:26 - 000427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2017-11-15 02:49 - 2017-10-11 19:26 - 000164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-11-15 02:49 - 2017-10-11 19:25 - 000086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2017-11-15 02:49 - 2017-10-11 19:25 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll
2017-11-15 02:49 - 2017-10-11 19:24 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2017-11-15 02:49 - 2017-10-11 19:24 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2017-11-15 02:49 - 2017-10-11 19:24 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2017-11-15 02:49 - 2017-10-11 19:20 - 000113152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\luafv.sys
2017-11-15 02:49 - 2017-10-11 19:16 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2017-11-11 01:24 - 2017-11-11 01:24 - 000013203 _____ C:\Users\Nick Brano\Desktop\Sonic Pixel Pals.pdf
2017-11-08 02:57 - 2017-10-17 21:34 - 000134376 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2017-11-08 02:57 - 2017-10-17 21:30 - 000605184 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2017-11-08 02:57 - 2017-10-15 17:04 - 000407392 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2017-11-08 02:57 - 2017-10-04 08:04 - 002023936 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2017-11-08 02:57 - 2017-10-04 08:04 - 001570304 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2017-11-08 02:57 - 2017-10-04 08:04 - 000670208 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2017-11-08 02:57 - 2017-10-04 08:04 - 000603648 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2017-11-08 02:57 - 2017-10-04 08:04 - 000370688 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2017-11-08 02:57 - 2017-10-04 08:04 - 000241664 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2017-11-08 02:57 - 2017-10-04 08:04 - 000181760 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2017-11-08 02:57 - 2017-09-07 08:05 - 000995272 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2017-11-08 02:57 - 2017-09-07 08:05 - 000922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2017-11-08 02:57 - 2017-09-07 08:05 - 000066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2017-11-08 02:57 - 2017-09-07 08:05 - 000063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2017-11-08 02:57 - 2017-09-07 08:05 - 000022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2017-11-08 02:57 - 2017-09-07 08:05 - 000020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2017-11-08 02:57 - 2017-09-07 08:05 - 000019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2017-11-08 02:57 - 2017-09-07 08:05 - 000019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2017-11-08 02:57 - 2017-09-07 08:05 - 000017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2017-11-08 02:57 - 2017-09-07 08:05 - 000017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2017-11-08 02:57 - 2017-09-07 08:05 - 000017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2017-11-08 02:57 - 2017-09-07 08:05 - 000017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2017-11-08 02:57 - 2017-09-07 08:05 - 000016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2017-11-08 02:57 - 2017-09-07 08:05 - 000016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2017-11-08 02:57 - 2017-09-07 08:05 - 000015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2017-11-08 02:57 - 2017-09-07 08:05 - 000015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2017-11-08 02:57 - 2017-09-07 08:05 - 000014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2017-11-08 02:57 - 2017-09-07 08:05 - 000014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2017-11-08 02:57 - 2017-09-07 08:05 - 000014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2017-11-08 02:57 - 2017-09-07 08:05 - 000014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2017-11-08 02:57 - 2017-09-07 08:05 - 000013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2017-11-08 02:57 - 2017-09-07 08:05 - 000013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2017-11-08 02:57 - 2017-09-07 08:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2017-11-08 02:57 - 2017-09-07 08:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2017-11-08 02:57 - 2017-09-07 08:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2017-11-08 02:57 - 2017-09-07 08:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2017-11-08 02:57 - 2017-09-07 08:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2017-11-08 02:57 - 2017-09-07 08:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2017-11-08 02:57 - 2017-09-07 08:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2017-11-08 02:57 - 2017-09-07 08:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2017-11-08 02:57 - 2017-09-07 08:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2017-11-08 02:57 - 2017-09-07 08:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2017-11-08 02:57 - 2017-09-07 08:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2017-11-08 02:57 - 2017-09-07 08:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2017-11-08 02:57 - 2017-09-07 08:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2017-11-08 02:57 - 2017-09-07 08:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2017-11-08 02:57 - 2017-09-07 08:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2017-11-08 02:57 - 2017-09-07 08:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2017-11-08 02:57 - 2017-09-07 08:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2017-11-08 02:57 - 2017-09-07 08:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2017-11-08 02:57 - 2017-09-07 08:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2017-11-08 02:57 - 2017-09-07 08:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2017-11-08 02:57 - 2017-09-07 08:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2017-11-08 02:57 - 2017-09-07 08:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2017-11-08 02:57 - 2017-09-07 08:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2017-11-08 02:57 - 2017-09-07 08:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2017-11-03 11:24 - 2017-11-03 12:41 - 535058587 _____ C:\Users\Nick Brano\Downloads\248 PC Genjin 2.mkv

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-11-29 20:50 - 2009-07-13 21:34 - 027787264 _____ C:\Windows\system32\config\HARDWARE
2017-11-29 20:30 - 2009-07-13 23:45 - 000013792 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-11-29 20:30 - 2009-07-13 23:45 - 000013792 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-11-29 20:18 - 2010-09-18 22:05 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-11-29 13:00 - 2010-03-21 20:39 - 000000000 ____D C:\Program Files (x86)\Trillian
2017-11-29 12:44 - 2016-08-27 21:05 - 000000000 ____D C:\Users\Nick Brano\AppData\Local\CrashDumps
2017-11-29 11:36 - 2017-08-20 22:27 - 000000000 ____D C:\Users\Nick Brano\.TianTianVM
2017-11-29 11:33 - 2016-11-16 00:37 - 000000000 ____D C:\Users\Nick Brano\AppData\LocalLow\Mozilla
2017-11-28 06:43 - 2010-02-02 19:33 - 000000000 ____D C:\Windows\Minidump
2017-11-27 12:35 - 2009-10-22 20:47 - 000000000 ___RD C:\Users\Nick Brano\Virtual Machines
2017-11-27 12:28 - 2009-10-25 19:56 - 000000000 ____D C:\Program Files (x86)\Mytoolsoft Watermark Software
2017-11-27 12:21 - 2009-07-14 00:13 - 000880898 _____ C:\Windows\system32\PerfStringBackup.INI
2017-11-27 12:21 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\inf
2017-11-26 23:05 - 2016-02-03 14:26 - 000015781 _____ C:\Users\Nick Brano\Desktop\Timesheet.xlsx
2017-11-26 15:38 - 2009-10-21 23:57 - 000000000 ____D C:\Gens
2017-11-26 15:14 - 2015-06-03 13:26 - 000000000 ____D C:\Program Files (x86)\iExplorer
2017-11-26 15:14 - 2010-08-29 23:16 - 000000000 ____D C:\Program Files (x86)\FlashFXP 4
2017-11-26 15:14 - 2009-10-22 21:49 - 000000000 ____D C:\Program Files (x86)\Xbox Backup Creator
2017-11-26 01:32 - 2009-10-21 22:47 - 000000000 ____D C:\Users\Nick Brano\Documents\VGM
2017-11-25 23:30 - 2015-09-17 23:17 - 000000000 ____D C:\Users\Nick Brano\AppData\LocalLow\uTorrent
2017-11-25 23:30 - 2009-10-22 21:00 - 000000000 ____D C:\Users\Nick Brano\AppData\Roaming\uTorrent
2017-11-25 22:07 - 2014-01-22 18:50 - 000000000 ____D C:\AdwCleaner
2017-11-25 21:45 - 2010-06-13 14:35 - 000000000 ____D C:\Users\Nick Brano\AppData\LocalLow\Temp
2017-11-25 21:41 - 2009-07-13 22:20 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2017-11-25 01:48 - 2012-08-15 21:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2017-11-25 01:46 - 2012-08-15 21:17 - 000000000 ____D C:\ProgramData\Razer
2017-11-24 06:18 - 2017-06-19 18:02 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-11-24 06:18 - 2016-10-13 12:09 - 000000000 ____D C:\Users\Nick Brano\AppData\Roaming\LibreELEC
2017-11-24 06:18 - 2016-06-23 23:53 - 000000000 ____D C:\Users\Nick Brano\Desktop\FOBSver1.07
2017-11-24 06:18 - 2015-04-19 03:03 - 000000000 ____D C:\Windows\system32\appraiser
2017-11-24 06:18 - 2014-07-01 18:05 - 000000000 ____D C:\Users\Nick Brano\Desktop\Avanti-ffmpeg-GUI-080
2017-11-24 06:18 - 2014-04-28 07:14 - 000000000 ___SD C:\Windows\system32\CompatTel
2017-11-24 06:18 - 2011-08-21 23:21 - 000000000 ____D C:\Users\Nick Brano\AppData\Roaming\Notepad++
2017-11-24 06:18 - 2010-03-21 18:12 - 000000000 ____D C:\Windows\pss
2017-11-24 06:18 - 2009-10-22 21:12 - 000000000 ____D C:\Users\Nick Brano\AppData\Roaming\Winamp
2017-11-24 06:18 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\TAPI
2017-11-24 06:18 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\PolicyDefinitions
2017-11-24 06:18 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\IME
2017-11-24 05:20 - 2015-08-06 16:03 - 000000000 ____D C:\ProgramData\Package Cache
2017-11-24 03:42 - 2017-04-22 12:40 - 005041120 _____ C:\Windows\system32\FNTCACHE.DAT
2017-11-24 01:31 - 2014-06-16 05:02 - 000000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2017-11-24 01:31 - 2009-10-23 01:53 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-11-24 01:08 - 2013-08-11 01:19 - 000000000 ____D C:\Program Files (x86)\VMLaunch
2017-11-22 03:15 - 2016-07-07 00:13 - 000000000 ____D C:\Program Files (x86)\FlashFXP 5
2017-11-19 22:36 - 2010-09-24 17:40 - 000000000 ____D C:\Program Files (x86)\Steam
2017-11-18 00:48 - 2010-09-24 17:46 - 000000000 ____D C:\Users\Nick Brano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2017-11-17 00:55 - 2010-05-10 13:35 - 000000132 _____ C:\Users\Nick Brano\AppData\Roaming\Adobe PNG Format CS5 Prefs
2017-11-17 00:31 - 2012-04-22 13:53 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-11-17 00:31 - 2009-10-22 18:21 - 000000000 ____D C:\Users\Nick Brano\AppData\Roaming\Mozilla
2017-11-16 02:02 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\rescache
2017-11-15 23:30 - 2015-09-25 00:00 - 000002211 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-11-15 11:21 - 2009-07-13 23:57 - 000001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-11-15 03:21 - 2013-07-11 05:49 - 000000000 ____D C:\Windows\system32\MRT
2017-11-15 02:52 - 2017-10-11 11:27 - 127017032 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2017-11-15 02:52 - 2009-10-22 22:31 - 127017032 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-11-14 11:30 - 2016-12-16 22:24 - 000003330 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-11-14 11:30 - 2016-12-16 22:24 - 000003202 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-11-14 00:29 - 2014-08-27 00:28 - 000000000 ____D C:\Users\Nick Brano\AppData\Local\Adobe
2017-11-14 00:28 - 2014-12-13 00:41 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-11-14 00:28 - 2014-12-13 00:41 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-11-14 00:28 - 2010-10-12 15:19 - 000000000 ____D C:\Windows\system32\Macromed
2017-11-14 00:28 - 2009-10-22 18:29 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2017-11-11 01:51 - 2015-01-11 19:28 - 000000000 ____D C:\Program Files\SoftEther VPN Client
2017-11-08 03:01 - 2010-01-21 15:22 - 000875274 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2017-11-04 09:57 - 2009-07-14 00:08 - 000032600 _____ C:\Windows\Tasks\SCHEDLGU.TXT

==================== Files in the root of some directories =======

2010-07-12 20:20 - 2013-06-01 23:48 - 000000132 _____ () C:\Users\Nick Brano\AppData\Roaming\Adobe BMP Format CS5 Prefs
2010-05-19 00:24 - 2014-05-22 21:36 - 000000132 _____ () C:\Users\Nick Brano\AppData\Roaming\Adobe GIF Format CS5 Prefs
2010-05-10 13:35 - 2017-11-17 00:55 - 000000132 _____ () C:\Users\Nick Brano\AppData\Roaming\Adobe PNG Format CS5 Prefs
2013-03-07 23:17 - 2014-07-01 20:04 - 000000132 _____ () C:\Users\Nick Brano\AppData\Roaming\Adobe PNG Format CS6 Prefs
2014-02-16 05:34 - 2014-02-20 05:10 - 000000132 _____ () C:\Users\Nick Brano\AppData\Roaming\Adobe Targa Format CS5 Prefs
2011-04-02 13:21 - 2012-12-11 05:30 - 000002307 _____ () C:\Users\Nick Brano\AppData\Roaming\ASSDraw3.cfg
2013-06-20 02:51 - 2013-06-20 02:51 - 000000560 _____ () C:\Users\Nick Brano\AppData\Roaming\AutoGK.ini
2011-03-30 01:28 - 2011-03-30 01:28 - 000000996 _____ () C:\Users\Nick Brano\AppData\Roaming\DVDSubEdit.ini
2013-05-19 06:04 - 2013-05-19 06:04 - 004034040 _____ (Reincubate Ltd) C:\Users\Nick Brano\AppData\Roaming\iphonebackupextractor-latest.exe
2010-03-21 21:44 - 2010-03-21 21:45 - 000000035 _____ () C:\Users\Nick Brano\AppData\Roaming\SetValue.bat
2011-02-23 20:46 - 2011-02-23 22:35 - 000000052 _____ () C:\Users\Nick Brano\AppData\Roaming\Syscfg.ini
2009-12-10 14:39 - 2009-12-10 14:39 - 000000600 _____ () C:\Users\Nick Brano\AppData\Roaming\winscp.rnd
2010-03-21 17:44 - 2010-03-21 18:01 - 000011146 ___SH () C:\Users\Nick Brano\AppData\Local\3N4Om
2013-12-04 04:04 - 2013-12-04 04:04 - 000001456 _____ () C:\Users\Nick Brano\AppData\Local\Adobe Save for Web 12.0 Prefs
2009-12-19 13:38 - 2010-02-27 20:47 - 000009728 _____ () C:\Users\Nick Brano\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-02-24 23:23 - 2017-06-23 23:39 - 000000600 _____ () C:\Users\Nick Brano\AppData\Local\PUTTY.RND
2015-09-14 22:34 - 2015-09-14 22:34 - 000000218 _____ () C:\Users\Nick Brano\AppData\Local\recently-used.xbel
2010-09-20 02:32 - 2016-06-17 23:48 - 000007603 _____ () C:\Users\Nick Brano\AppData\Local\Resmon.ResmonCfg
2010-09-18 12:38 - 2010-09-18 12:38 - 000000000 _____ () C:\Users\Nick Brano\AppData\Local\Tqoviwawan.bin
2010-09-18 12:38 - 2010-09-18 12:38 - 000000120 _____ () C:\Users\Nick Brano\AppData\Local\Vrizobesitefes.dat

Some files in TEMP:
====================
2017-11-28 20:26 - 2017-11-28 20:26 - 002391552 _____ (Farbar) C:\Users\Nick Brano\AppData\Local\Temp\34A.tmp.exe
2017-11-28 20:26 - 2017-11-28 20:26 - 002391552 _____ (Farbar) C:\Users\Nick Brano\AppData\Local\Temp\669E.tmp.exe
2017-11-28 20:25 - 2017-11-28 20:25 - 002391552 _____ (Farbar) C:\Users\Nick Brano\AppData\Local\Temp\B22E.tmp.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
C:\Windows\system32\drivers\mbbloruy.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION

LastRegBack: 2017-11-29 04:03

==================== End of FRST.txt ============================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-11-2017
Ran by Nick Brano (29-11-2017 20:51:10)
Running from C:\Users\Nick Brano\Desktop
Windows 7 Professional Service Pack 1 (X64) (2009-10-22 23:09:46)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3757204901-3132025799-1142526092-500 - Administrator - Enabled)
Guest (S-1-5-21-3757204901-3132025799-1142526092-501 - Limited - Enabled)
Nick Brano (S-1-5-21-3757204901-3132025799-1142526092-1001 - Administrator - Enabled) => C:\Users\Nick Brano

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3757204901-3132025799-1142526092-1001\...\uTorrent) (Version: 3.5.0.44090 - BitTorrent Inc.)
7-Zip 9.34 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0934-000001000000}) (Version: 9.34.00.0 - Igor Pavlov)
abgx360 v1.0.6 (HKLM-x32\...\abgx360) (Version:  - )
Acrobat.com (HKLM-x32\...\{C86E7C99-E4AD-79C7-375B-1AEF9A91EC2B}) (Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.2.443 - Adobe Systems Incorporated)
ActiveState Tcl Dev Kit 5.3.0 (HKLM-x32\...\TclDevKit 5.3.0) (Version: 5.3.0 - ActiveState Software Inc.)
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.1 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 13.0.0.83 - Adobe Systems Incorporated)
Adobe Audition 1.5 (HKLM-x32\...\{86EF9FC4-F209-4520-B7E1-C7FF0EEBDFFF}) (Version: 1.5 - Adobe Systems)
Adobe Bridge 1.0 (HKLM-x32\...\{B74D4E10-6884-0000-0000-000000000103}) (Version: 001.000.004 - Adobe Systems)
Adobe Connect 9 Add-in (HKU\S-1-5-21-3757204901-3132025799-1142526092-1001\...\Adobe Connect 9 Add-in) (Version: 11,9,976,291 - Adobe Systems Incorporated)
Adobe Creative Suite 5 Master Collection (HKLM-x32\...\{288DB08D-0708-4A94-B055-55B99E39EB62}) (Version: 5.0 - Adobe Systems Incorporated)
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.183 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.01) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.01 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.8.158 - Adobe Systems, Inc.)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Adobe® Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 3.2.0 - Adobe Systems Incorporated)
Aegisub 3.0.4 (HKLM-x32\...\{24BC8B57-716C-444F-B46B-A3349B9164C5}_is1) (Version: 3.0.4 - Aegisub Team)
AIM 7 (HKLM-x32\...\AIM_7) (Version:  - )
Akamai NetSession Interface (HKLM-x32\...\Akamai) (Version:  - )
Akamai NetSession Interface (HKU\S-1-5-21-3757204901-3132025799-1142526092-1001\...\Akamai) (Version:  - Akamai Technologies, Inc)
Alt.Binz 0.39.4 (HKLM-x32\...\Alt.Binz) (Version: 0.39.4 - Rdl)
AMD Catalyst Install Manager (HKLM\...\{FAF03106-1653-15E1-3C0C-E7AE4FAE6EBF}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.)
Antares Autotune VST RTAS TDM v5.08 (HKLM-x32\...\Antares Autotune VST RTAS TDM_is1) (Version:  - Team AiR 2007)
AnyDVD (HKLM-x32\...\AnyDVD) (Version: 6.6.4.8 - SlySoft)
AnyToISO (HKLM-x32\...\AnyToISO_is1) (Version: 3.6.1 - CrystalIdea Software, Inc.)
AOMEI Partition Assistant Standard Edition 6.1 (HKLM-x32\...\{02F850ED-FD0E-4ED1-BE0B-54981f5BD3D4}_is1) (Version:  - AOMEI Technology Co., Ltd.)
Apple Application Support (32-bit) (HKLM-x32\...\{D2FE6376-E549-4F63-A2C5-CA24DA035DE4}) (Version: 5.6 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{BB109E24-EE90-485B-A28B-ADDEFB40540B}) (Version: 5.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{0A596141-97D5-45FA-9281-98DFAF48D579}) (Version: 10.3.2.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
ARAX Disk Doctor Data Recovery (HKLM-x32\...\ARAX Disk Doctor Data Recovery) (Version:  - )
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version:  - )
AutoKeyPresser (HKU\S-1-5-21-3757204901-3132025799-1142526092-1001\...\c6d7245a676d074a) (Version: 0.0.0.2 - Microsoft)
Avidemux 2.6 (32-bit) (HKLM-x32\...\Avidemux 2.6) (Version: 2.6.7.8981 - )
AviSynth 2.5 (HKLM-x32\...\AviSynth) (Version:  - )
AVS Update Manager 1.0 (HKLM-x32\...\AVS Update Manager_is1) (Version:  - Online Media Technologies Ltd.)
AVS Video Converter 6 (HKLM-x32\...\AVS4YOU Video Converter 6_is1) (Version:  - Online Media Technologies Ltd.)
AVS4YOU Software Navigator 1.4 (HKLM-x32\...\AVS4YOU Software Navigator_is1) (Version:  - Online Media Technologies Ltd.)
Binload v1.0.5 (HKLM-x32\...\9255-7804-2440-4211) (Version: v1.0.5 - Binload)
BitTorrent (HKU\S-1-5-21-3757204901-3132025799-1142526092-1001\...\BitTorrent) (Version: 7.8.2.30587 - BitTorrent Inc.)
bl (HKLM-x32\...\{2A075BB4-E976-4278-BF3F-E5C6945D84C0}) (Version: 1.0.0 - Your Company Name) Hidden
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.8.12.3119 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{1AFACC2A-9A60-43EF-ABDB-2CEECA5EA77F}) (Version: 0.8.12.3119 - BlueStack Systems, Inc.)
Boilsoft Video Splitter 6.34 (HKLM-x32\...\{24549038-9956-4EE5-976D-4419AAEA7DD5}_is1) (Version:  - Boilsoft, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Brad Smith Easy SFV Creator (C:\Program Files (x86)\Brad Smith\Easy SFV Creator\) (HKLM-x32\...\ST6UNST #2) (Version:  - )
Brad Smith Easy SFV Creator (HKLM-x32\...\ST6UNST #1) (Version:  - )
Bruteforce Save Data (HKLM-x32\...\Bruteforce Save Data) (Version:  - )
Bulk Rename Utility 3.0.0.1 (64-bit) (HKLM\...\Bulk Rename Utility Installation_is1) (Version:  - TGRMN Software)
BulletProof FTP Server (remove only) (HKLM-x32\...\BulletProof FTP Server_is1) (Version: 2.3.1 (Build 26) - DigitalCandle, Inc)
BulletProof FTP Server 2010 (remove only) (HKLM-x32\...\BulletProof FTP Server 2010_is1) (Version:  - BulletProof Software LLC)
CCleaner (HKLM\...\CCleaner) (Version: 5.29 - Piriform)
Combined Community Codec Pack 2014-01-17 (HKLM-x32\...\Combined Community Codec Pack_is1) (Version: 2014.01.17.0 - CCCP Project)
Content Manager Assistant for PlayStation® (HKLM-x32\...\{961D5D7E-3DEC-4E3B-9065-EA8074923B18}) (Version: 3.31.7643.1 - Sony Computer Entertainment Inc.)
ConvertHelper 3.2 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1) (Version:  - DownloadHelper)
CPUID CPU-Z 1.66.1 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 4.41.0314.0232 - DT Soft Ltd)
Dailymotion Mass Uploader (HKLM-x32\...\{B35D74AE-A323-E232-1E11-4C8D961FDA24}) (Version: 0.1.1 - Dailymotion) Hidden
Dailymotion Mass Uploader (HKLM-x32\...\com.dailymotion.massuploader) (Version: 0.1.1 - Dailymotion)
Data Lifeguard Diagnostic for Windows 1.31 (HKLM-x32\...\{519C4DB6-B53B-4F5C-8297-89B2BE949FA5}_is1) (Version:  - Western Digital Corporation)
DB Browser for SQLite (HKLM-x32\...\SqliteBrowser3) (Version: 3.8.0 - oldsch00l)
Delete Virtual-Mate Launcher (HKLM-x32\...\{56C64E81-FC93-4cb9-9EBF-953662950D3B}_is1) (Version: 1.0.0 - Interlex Inc.)
Deluge 1.3.12 (HKLM-x32\...\Deluge) (Version:  - )
Dolby Axon - 1.5.1.1 (HKLM-x32\...\{17936630-5344-4F18-9970-616129E2A114}_is1) (Version: 1.5.1.1 - Dolby Laboratories)
Dotfuscator Software Services - Community Edition (HKLM-x32\...\{8B916626-D225-496A-83ED-EDBE9E907432}) (Version: 5.0.1600.0 - PreEmptive Solutions)
Dropbox (HKU\S-1-5-21-3757204901-3132025799-1142526092-1001\...\Dropbox) (Version: 1.6.18 - Dropbox, Inc.)
DVD Decrypter (Remove Only) (HKLM-x32\...\DVD Decrypter) (Version:  - )
DVD Shrink 3.2 (HKLM-x32\...\DVD Shrink_is1) (Version:  - DVD Shrink)
E.M. Magic Swf2Avi V6.7 (HKLM-x32\...\E.M. Magic Swf2Avi_is1) (Version:  - EffectMatrix, Inc.)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Exact Audio Copy 0.99pb5 (HKLM-x32\...\Exact Audio Copy) (Version: 0.99pb5 - Andre Wiethoff)
EximiousSoft GIF Creator V5.76 (HKLM-x32\...\EximiousSoft GIF Creator_is1) (Version:  - EximiousSoft)
Feedback Tool (HKLM-x32\...\{13A5E785-5197-4EAD-8EE3-D660271E49BC}) (Version: 1.2.0 - Microsoft Corporation)
Feedback Tool (HKLM-x32\...\{90024193-9F13-4877-89D5-A1CDF0CBBF28}) (Version: 1.1.0 - Microsoft Corporation)
File Name Converter (HKLM-x32\...\{FF1C62C5-AF43-46F7-87A4-8B4B9CAEDF23}) (Version: 4.1 - SoundTells)
FileZilla Client 3.20.0 (HKLM-x32\...\FileZilla Client) (Version: 3.20.0 - Tim Kosse)
FL Studio 9 (HKLM-x32\...\FL Studio 9) (Version:  - Image-Line)
FLAC Frontend (HKLM-x32\...\{B1615F2A-105F-48FD-AA3E-0BDF8B3EE644}) (Version: 2.0.6 - Xiph.org)
FlashFXP 4 (HKLM-x32\...\FlashFXP 4) (Version: 4.4.0.1990 - OpenSight Software LLC)
FlashFXP 5 (HKLM-x32\...\FlashFXP 5) (Version: 5.2.0.3900 - OpenSight Software LLC)
Flip 3.4.1 (HKLM-x32\...\flip.exe) (Version: 3.4.1 - Atmel)
foobar2000 v1.3.13 (HKLM-x32\...\foobar2000) (Version: 1.3.13 - Peter Pawlowski)
Game Extractor 2.0 (HKLM-x32\...\Game Extractor) (Version: 2.0 - WATTO Studios)
GDR 5520 for SQL Server 2008 (KB2977321) (HKLM-x32\...\KB2977321) (Version: 10.3.5520.0 - Microsoft Corporation)
GDR 5538 for SQL Server 2008 (KB3045305) (HKLM-x32\...\KB3045305) (Version: 10.3.5538.0 - Microsoft Corporation)
GetRight (HKLM-x32\...\GetRight Pro_is1) (Version:  - Headlight Software, Inc.)
GetRight (HKLM-x32\...\GetRight_is1) (Version:  - Headlight Software, Inc.)
GIF Movie Gear 4.2.3 (HKLM-x32\...\GIF Movie Gear_is1) (Version:  - gamani productions)
GNU Aspell 0.50-3 (HKLM-x32\...\GNU Aspell_is1) (Version:  - GNU)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.1.47.5133 - Gretech Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 62.0.3202.94 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
GrabIt 1.7.2 Beta 4 (build 997) (HKLM-x32\...\GrabIt_is1) (Version:  - Ilan Shemes)
GWX Control Panel (HKLM-x32\...\UltimateOutsider_GwxControlPanel) (Version:  - UltimateOutsider)
HandBrake 0.9.6 (HKLM-x32\...\HandBrake) (Version: 0.9.6 - )
Hardcore (HKLM-x32\...\Hardcore) (Version:  - Image-Line)
HashCheck Shell Extension (x86-32) (HKLM-x32\...\HashCheck Shell Extension) (Version: 2.1.11.1 - Kai Liu)
HashCheck Shell Extension (x86-64) (HKLM\...\HashCheck Shell Extension) (Version: 2.1.11.1 - Kai Liu)
Hex Workshop v6 (HKLM\...\{48FE73F3-4C3A-4871-BCD0-A7726A08BD64}) (Version: 6.0.1.4603 - BreakPoint Software)
HiDownloadPlatinum (HKLM-x32\...\HiDownload Platinum_is1) (Version:  - )
HiJackThis (HKLM-x32\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro)
Horizon (HKLM-x32\...\{6b384f34-10c8-4c10-ba08-345168bda7e8}) (Version: 2.9.0 - Daring Development Inc.)
Horizon (HKLM-x32\...\{6BCA2AC7-7BC2-4011-BE10-143BDFD43D6C}) (Version: 2.9.0 - Daring Development Inc.) Hidden
Horizon v2.5.11.1 (HKLM-x32\...\d4cfeebc-b821-40b7-9f81-d366b1466f03_is1) (Version: 2.5.11.1 - Daring Development Inc.)
HP Officejet 4630 series Basic Device Software (HKLM\...\{7713C051-8615-4C52-B681-B11E72265AE0}) (Version: 32.1.145.46951 - Hewlett-Packard Co.)
HxD Hex Editor version 1.7.7.0 (HKLM-x32\...\HxD Hex Editor_is1) (Version: 1.7.7.0 - Maël Hörz)
HyperCam 2 (HKLM-x32\...\HyperCam 2) (Version: 2.25.01 - Hyperionics Technology LLC)
iBackup Viewer 3.60.01 (HKLM-x32\...\{5B428966-3054-41E3-B0F8-008EE30BD019}_is1) (Version:  - iMacTools)
iExplorer 3.9.10.0 (HKLM-x32\...\{7FD8B0C1-CDDA-4B4D-A577-B2E3570EA3A3}_is1) (Version:  - Macroplant LLC)
iFunbox (v3.0.3939.1352) (HKLM-x32\...\iFunbox_is1) (Version: v3.0.3939.1352 - iFunbox DevTeam)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Interlok driver setup x64 (HKLM\...\{25613C10-27D2-410B-942B-D922D5C3A7BE}) (Version: 5.8.10 - PACE Anti-Piracy)
iPhone Backup Extractor (HKU\S-1-5-21-3757204901-3132025799-1142526092-1001\...\iPhone Backup Extractor) (Version: 4.0.15.0 - Reincubate Ltd)
iPrep v008.8 (HKLM-x32\...\iPrep) (Version: v008.8 - X-Projects.org)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.36 - Irfan Skiljan)
iTunes (HKLM\...\{02F95875-9527-49CC-B32F-970ADAEBD1EF}) (Version: 12.6.2.20 - Apple Inc.)
iWisoft Flash SWF to Video Converter 3.4 (HKLM-x32\...\iWisoft Flash SWF to Video Converter_is1) (Version: 3.4.0 - www.flash-swf-converter.com)
Japanese Fonts Support For Adobe Reader 9 (HKLM-x32\...\{AC76BA86-7AD7-5760-0000-900000000003}) (Version: 9.0.0 - Adobe Systems Incorporated)
Jasc Animation Shop 3 (HKLM-x32\...\{174D5678-D941-433C-BD23-58A5C7B0D36D}) (Version: 3.05.0000 - Jasc Software Inc)
Jasc Animation Shop 3 (HKLM-x32\...\{7C4196CA-CA41-4F34-9C08-7724E7705D52}) (Version: 3.11 - Jasc Software Inc)
Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
JDownloader (HKLM-x32\...\JDownloader) (Version: 0.89 - AppWork UG (haftungsbeschränkt))
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
KeyHoleTV (HKLM-x32\...\KeyHoleTV) (Version:  - )
K-Lite Codec Pack 9.4.8 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.4.8 - )
KOPLAYER Pro version: 1.4.1055 (HKLM\...\KOPLAYER_is1) (Version:  - KOPLAYER Team)
KShutdown (HKLM-x32\...\KShutdown) (Version: 4.0 - Konrad Twardowski)
Lame ACM MP3 Codec (HKLM-x32\...\LameACM) (Version:  - )
Logitech Harmony Remote Software 7 (HKLM-x32\...\{5C6F884D-680C-448B-B4C9-22296EE1B206}) (Version: 7.7.0.0 - Logitech)
LogMeIn Hamachi (HKLM-x32\...\{AAA70FA9-D9FF-49FB-A98C-5F21ED3692E2}) (Version: 2.2.0.214 - LogMeIn, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.214 - LogMeIn, Inc.)
MakeMKV v1.4.12_beta (HKLM-x32\...\MakeMKV) (Version: v1.4.12_beta - GuinpinSoft inc)
Malwarebytes version 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
Massive File Renamer (HKLM-x32\...\Massive File Renamer 1.6.0) (Version: 1.6.0 - Ivan Ridao Freitas)
MediaCoder 0.7.5.4799 (HKLM-x32\...\MediaCoder) (Version: 0.7.5.4799 - Broad Intelligence)
MediaCoder x64 2011-RC2 RC2 (HKLM-x32\...\MediaCoder x64) (Version: 2011-RC2 - Broad Intelligence)
MediaCoder x64 2011-RC3 (HKLM\...\MediaCoder x64) (Version: 2011-RC3 - Broad Intelligence)
Medieval CUE Splitter (HKLM-x32\...\{B96D2269-568B-4CBF-9332-12FAE8B158F7}) (Version: 1.2.0 - Medieval Software)
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft Help 3.0 Beta 1 (HKLM-x32\...\Microsoft Help 3.0 Beta 1) (Version:  - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office FrontPage 2003 (HKLM-x32\...\{90170409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Rise Of Nations (HKLM-x32\...\RiseOfNations 1.0) (Version:  - Microsoft)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 (HKLM-x32\...\Microsoft SQL Server 10 Release) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 Browser (HKLM-x32\...\{C688457E-03FD-4941-923B-A27F4D42A7DD}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Management Objects (HKLM-x32\...\{5ED5ACBD-785B-4799-BE2E-96354E0D3262}) (Version: 10.0.1600.24 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{2738C4AA-420E-4E13-ADEF-B5AB250E3EF1}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files  (HKLM-x32\...\{59C245FC-343C-4FEC-B3CB-B6F12B561C20}) (Version: 10.3.5538.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1 English (HKLM-x32\...\{20753F0A-D82A-4D65-9DB6-5319570C75DB}) (Version: 3.5.5802.0 - Microsoft Corporation)
Microsoft SQL Server Database Publishing Wizard 1.4 (HKLM-x32\...\{ACE28263-76A4-4BF5-B6F4-8BD719595969}) (Version: 10.1.2507.2 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{0826F9E4-787E-481D-83E0-BC6A57B056D5}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft Sync Framework SDK v1.0 (HKLM-x32\...\{06078930-8072-4DAF-ADEC-3EB95C0AEEB8}) (Version: 1.0.1503.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{887868A2-D6DE-3255-AA92-AA0B5A59B874}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  Beta 1 x64 Designtime - 10.0.20506 (HKLM\...\{B5C4C7B1-BAD7-31EF-80D2-EDF31E0091EE}) (Version: 10.0.20506 - Microsoft Corporation)
Microsoft Visual C++ 2010  Beta 1 x64 Runtime - 10.0.20506 (HKLM\...\{471437C1-D545-3D5B-9703-E886B0B83DE7}) (Version: 10.0.20506 - Microsoft Corporation)
Microsoft Visual C++ 2010  Beta 1 x86 Runtime - 10.0.20506 (HKLM-x32\...\{E1333354-E77C-3644-8CAB-EE6103A2BDA6}) (Version: 10.0.20506 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{650c9b4a-60ec-4e4e-8d8e-32d85ce3b7c5}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package (HKLM-x32\...\Microsoft Visual J# 2.0 Redistributable Package) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2010 Professional Beta 1 - ENU (HKLM-x32\...\Microsoft Visual Studio 2010 Professional Beta 1 - ENU) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2010 Remote Debugger - ENU (HKLM\...\Microsoft Visual Studio 2010 Remote Debugger - ENU) (Version:  - Microsoft Corporation)
Microsoft Visual Studio Macro Tools (HKLM-x32\...\Microsoft Visual Studio Macro Tools) (Version:  - Microsoft Corporation)
MiniCoder (HKLM-x32\...\{CA8056BC-05E8-41FB-82C2-4750568CD379}) (Version: 1.3.3 - MiniTheatre)
mIRC (HKLM-x32\...\mIRC) (Version: 7.22 - mIRC Co. Ltd.)
MKVToolNix 15.0.0 (64-bit) (HKLM-x32\...\MKVtoolnix) (Version: 15.0.0 - Moritz Bunkus)
Mozilla Firefox 4.0b7 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 4.0b7 (x86 en-US)) (Version: 4.0b7 - Mozilla)
Mozilla Firefox 57.0 (x64 en-US) (HKLM\...\Mozilla Firefox 57.0 (x64 en-US)) (Version: 57.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 57.0.0.6525 - Mozilla)
Mozilla Thunderbird 45.7.1 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 45.7.1 (x86 en-US)) (Version: 45.7.1 - Mozilla)
Mp3tag v2.70 (HKLM-x32\...\Mp3tag) (Version: v2.70 - Florian Heidenreich)
MPC-HC 1.7.1 (HKLM-x32\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.1.0 - MPC-HC Team)
MPC-HC 1.7.2.5 (763d9bf) Nightly (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.2.5 - MPC-HC Team)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
MultiEx Commander 4.5.1 Release Candidate 1 (Alpha) (HKLM-x32\...\MultiEx Commander_is1) (Version:  - XeNTaX)
Namoroka (3.6) (HKLM-x32\...\Namoroka (3.6)) (Version: 3.6 (en-US) - Mozilla)
Nero 8 (HKLM-x32\...\{1CA7ACD6-B21B-4240-AA05-4FC55F6E1033}) (Version: 8.3.465 - Nero AG)
Netmarble Game Plugin 버전 1.0.2 (HKLM-x32\...\{8102980C-B65F-474D-8192-11DEEF20C2D9}_is1) (Version: 1.0.2 - CJ E&M)
Noise Reduction Plug-in 2.0i (HKLM-x32\...\{DC35AABA-EA0A-41C1-8462-F60A201DFF9B}) (Version: 2.0.455 - Sony)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 5.9.3 - )
NVIDIA Photoshop Plug-ins 64 bit (HKLM-x32\...\{5E386C5B-CDE7-435A-B5C9-EC73A1B0553A}) (Version: 8.50 - )
NVIDIA PhysX (HKLM-x32\...\{8A809006-C25A-4A3A-9DAB-94659BCDB107}) (Version: 9.10.0224 - NVIDIA Corporation)
Oblivion - Construction Set (HKLM-x32\...\{23D683DD-93C6-48E6-B84E-78B57778F126}) (Version: 1.00.0000 - Bethesda Softworks)
OGPlanet Game Launcher (HKLM-x32\...\OGPlanet Game Launcher US) (Version: 1.0.0 - OGPlanet, Inc.)
OGPlanet Game Launcher (HKLM-x32\...\OGPlanet Game Launcher) (Version: 3.0.0 - OGPlanet, Inc.)
OpenMG Limited Patch 4.7-07-14-05-01 (HKLM-x32\...\OpenMG HotFix4.7-07-13-22-01) (Version:  - )
OpenMG Secure Module 4.7.00 (HKLM-x32\...\{CCD663AE-610D-4BDF-AAB0-E914B044527D}) (Version: 4.7.00.12140 - Sony Corporation) Hidden
OpenMG Secure Module 4.7.00 (HKLM-x32\...\InstallShield_{CCD663AE-610D-4BDF-AAB0-E914B044527D}) (Version: 4.7.00.12140 - Sony Corporation)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.8 - Pando Networks Inc.)
Patch - Trillian Astra 6.0 Build 61 (HKLM-x32\...\Patch - Trillian Astra 6.0 Build 61) (Version: 6.0 Build 61 - Crackingpatching.com Team)
PBP Unpacker v0.94 (HKLM-x32\...\PBP Unpacker_is1) (Version:  - pdc)
PDF Settings CS5 (HKLM-x32\...\{A78FE97A-C0C8-49CE-89D0-EDD524A17392}) (Version: 10.0 - Adobe Systems Incorporated) Hidden
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
PerformanceTest v7.0 (64-bit) (HKLM\...\PerformanceTest 7_is1) (Version: 7.0 - Passmark Software)
ph (HKLM-x32\...\{185F9795-9663-4F13-9EF9-307A282ADB5A}) (Version: 1.0.0 - Your Company Name) Hidden
PhoneRescue (HKLM-x32\...\PhoneRescue) (Version: 3.2.3.0 - iMobie Inc.)
PL-2303 USB-to-Serial (HKLM-x32\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: 1.3.0 - Prolific Technology INC)
Platform (HKLM-x32\...\{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.) Hidden
PlayStation®Network Downloader (HKLM-x32\...\{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}) (Version: 3.00.14935 - Sony Computer Entertainment Inc.)
Plex Media Server (HKLM-x32\...\{4083e0fa-f188-4146-a257-61608ff30764}) (Version: 0.9.1606 - Plex, Inc.)
Plex Media Server (HKLM-x32\...\{D25B8260-DE45-48FB-8858-29E665EFA8B4}) (Version: 0.9.1606 - Plex, Inc.) Hidden
PoiZone (HKLM-x32\...\PoiZone) (Version:  - Image-Line)
Pokémon Mystery Gift Editor (HKLM-x32\...\Pokémon Mystery Gift Editor) (Version:  - Grovyle91)
PP助手5.0 (HKLM-x32\...\PP助手5.0) (Version: 5.0.3.1142 - 广州爱禾网络技术有限公司)
PS3 Media Server (HKLM-x32\...\PS3 Media Server) (Version: 1.82.0 - PS3 Media Server)
PSXMemTool 1.20b (remove only) (HKLM-x32\...\PSXMemTool) (Version:  - )
PuTTY release 0.68 (64-bit) (HKLM\...\{DB149DDE-903A-4B5E-93C4-46BBEC48F0C2}) (Version: 0.68.0.0 - Simon Tatham)
PxMergeModule (HKLM-x32\...\{024521CF-C07E-4F8E-8481-0D75695E03AF}) (Version: 1.00.0000 - Your Company Name) Hidden
qBittorrent 3.3.6 (HKLM-x32\...\qBittorrent) (Version: 3.3.6 - The qBittorrent project)
Quick AVI Creator (HKU\S-1-5-21-3757204901-3132025799-1142526092-1001\...\Quick AVI Creator) (Version:  - )
QuickPar 0.9 (HKLM-x32\...\QuickPar) (Version: 0.9 - Peter B. Clements)
QuickTime (HKLM-x32\...\{57752979-A1C9-4C02-856B-FBB27AC4E02C}) (Version: 7.69.80.9 - Apple Inc.)
Raptr (HKLM-x32\...\Raptr) (Version:  - )
RaySource 2.1.10.8366 (HKLM-x32\...\RaySource) (Version: 2.1.10.8366 - RaySource Group)
Razer Chroma SDK Core Components (HKLM-x32\...\Razer Chroma SDK) (Version: 2.7.5 - Razer Inc.)
Razer Imperator (HKLM-x32\...\{C05905B9-775A-4894-A4DF-B57C15250958}) (Version: 2.02.00 - Razer USA Ltd.)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.21.00.830 - Razer Inc.)
Realtek 8136 8168 8169 Ethernet Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0005 - Realtek)
ReiBoot  (HKLM-x32\...\ReiBoot) (Version:  - Tenorshare, Inc.)
Remote Control USB Driver (HKLM-x32\...\{8471021C-F529-43DE-84DF-3612E10F58C4}) (Version: 2.3.2.317 - )
Rise of Nations Thrones and Patriots (HKLM-x32\...\RiseofNationsExpansion 1.0) (Version:  - )
RogueKiller version 12.11.25.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12.11.25.0 - Adlice Software)
RPG MAKER VX Ace RTP (HKLM-x32\...\RPGVXAce_RTP_is1) (Version: 1.00 - Enterbrain)
RPGƒcƒN[ƒ‹VX RTP (HKLM-x32\...\RPGƒcƒN[ƒ‹VX RTP_is1) (Version: 1.02 - Enterbrain)
Sawer (HKLM-x32\...\Sawer) (Version:  - Image-Line)
SDFormatter (HKLM-x32\...\{A5355F15-F98B-4704-9BAE-E53B9FE48F48}) (Version: 3.1.0 - SD Association)
Service Pack 3 for SQL Server 2008 (KB2546951) (HKLM-x32\...\KB2546951) (Version: 10.3.5500.0 - Microsoft Corporation)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.103 - Skype Technologies S.A.)
SmartboyCart 1.15 (HKLM-x32\...\SmartboyCart 1.15) (Version:  - )
SoftEther VPN Client (HKLM\...\softether_sevpnclient) (Version: 4.12.9514 - SoftEther VPN Project)
SonicStage 4.3 (HKLM-x32\...\{A0EB195B-5876-48E6-879D-33D4B2102610}) (Version: 4.3 - Sony Corporation)
Sophos Anti-Rootkit 1.5.4 (HKLM-x32\...\Sophos-AntiRootkit) (Version: 1.5.4 - Sophos Plc)
Sound Forge Pro 10.0 (HKLM-x32\...\{9660B18F-EC12-11DF-B006-0013D3D69929}) (Version: 10.0.491 - Sony)
Spelling Dictionaries Support For Adobe Reader 9 (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
SQL Server Compact Tools for Visual Studio 2010 Beta 1 ENU (HKLM-x32\...\{848306F5-1F48-4AD4-8ED7-EF2483430257}) (Version: 4.0.8032.0 - Microsoft Corporation)
Sql Server Customer Experience Improvement Program (HKLM-x32\...\{C965F01C-76EA-4BD7-973E-46236AE312D7}) (Version: 10.3.5500.0 - Microsoft Corporation) Hidden
SQL Server System CLR Types (HKLM-x32\...\{F1849D02-0162-44E2-9784-225B9C829CC3}) (Version: 10.0.1600.24 - Microsoft Corporation)
SQLite Expert Personal 3.5.76 (HKLM-x32\...\SQLite Expert Personal 3_is1) (Version:  - Bogdan Ureche)
Startup Delayer v3.0 (build 366) (HKLM-x32\...\Startup Delayer) (Version: 3.0 (build 366) - r2 Studios)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Subtitle Edit 3.4.13 (HKLM-x32\...\SubtitleEdit_is1) (Version: 3.4.13.0 - Nikse)
Subtitle Workshop 2.51 (HKLM-x32\...\SubtitleWorkshop) (Version:  - )
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1250 - SUPERAntiSpyware.com)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Restore Explorer (HKLM-x32\...\{6788AB8A-4D71-42E0-8125-B95A9C47D51D}) (Version: 0.0.05.76 - Nic Bedford)
Tag&Rename 3.6.6 (HKLM-x32\...\Tag&Rename_is1) (Version: 3.6.6 - Softpointer Inc)
TeraCopy 2.3 (HKLM\...\TeraCopy_is1) (Version:  - Code Sector)
The Compressonator 1.50 (HKLM-x32\...\{5C46703D-92EE-40d9-BCF8-DEADBEEFBBBB}) (Version: 1.50 - AMD)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 8.01 - Ghisler Software GmbH)
Toxic Biohazard (HKLM-x32\...\Toxic Biohazard) (Version:  - Image-Line)
TransMac version 11.1 (HKLM-x32\...\TransMac_is1) (Version: 11.1 - Acute Systems)
Trillian (HKLM-x32\...\Trillian) (Version:  - Cerulean Studios, LLC)
UltraMon (HKLM\...\{9069EE0A-7615-4D86-AD80-CA263E936DA6}) (Version: 3.2.2 - Realtime Soft Ltd)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
VIA Platform Device Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.)
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2010 Prerequisites - English (HKLM\...\{29DBFBCC-221D-3BB2-B898-E6EF073A58D2}) (Version: 10.0.20506 - Microsoft Corporation)
VOB Cutter 1.0 (HKLM-x32\...\VOB Cutter_is1) (Version:  - spgsoft.com)
VobSub v2.23 (Remove Only) (HKLM-x32\...\VobSub) (Version:  - )
WBFS Manager 3.0 (HKLM-x32\...\WBFS Manager 3.0) (Version: 3.0 - AlexDP)
WD Backup (HKLM-x32\...\{46162462-824f-4ea9-a312-38841e3dab7d}) (Version: 1.6.6060.18987 - Western Digital Technologies, Inc.)
WD Backup (HKLM-x32\...\{9669966E-5595-4820-A879-DD48B3DF05BF}) (Version: 1.6.6060.18987 - Western Digital Technologies, Inc) Hidden
WD Drive Utilities (HKLM-x32\...\{06628A2D-167D-4F5E-8C98-60CFA0B161D1}) (Version: 1.4.0.92 - Western Digital Technologies, Inc.) Hidden
WD Drive Utilities (HKLM-x32\...\{7c73600b-2542-4641-a960-74bed274be03}) (Version: 1.4.0.92 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{A2D70EE4-2462-4F04-9955-5761E3F3F47A}) (Version: 1.4.0.92 - Western Digital Technologies, Inc.) Hidden
WD Security (HKLM-x32\...\{f1fc402c-35fd-40c0-97e4-5bee07891caf}) (Version: 1.4.0.92 - Western Digital Technologies, Inc.)
WhoCrashed 5.02 (HKLM\...\WhoCrashed_is1) (Version:  - Resplendence Software Projects Sp.)
Win32DiskImager version 0.9.5 (HKLM-x32\...\{D074CE74-912A-4AD3-A0BF-3937D9D01F17}_is1) (Version: 0.9.5 - ImageWriter Developers)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Winamp Detector Plug-in (HKU\S-1-5-21-3757204901-3132025799-1142526092-1001\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
WinDirStat 1.1.2 (HKU\S-1-5-21-3757204901-3132025799-1142526092-1001\...\WinDirStat) (Version:  - )
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Media Encoder 9 Series x64 Edition (HKLM\...\Windows Media Encoder 9) (Version:  - )
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows XP Mode (HKLM\...\{1374CC63-B520-4f3f-98E8-E9020BF01CFF}) (Version: 1.3.7600.16423 - Microsoft Corporation)
WinHue 3 version RC 2 (HKLM-x32\...\{F16560B0-47D1-4122-A0A4-9104FDF62AC1}_is1) (Version: RC 2 - Pascal Pharand)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
Wireshark 1.12.1 (64-bit) (HKLM-x32\...\Wireshark) (Version: 1.12.1 - The Wireshark developer community, hxxp://www.wireshark.org)
x264vfw - H.264/MPEG-4 AVC codec (remove only) (HKLM-x32\...\x264vfw) (Version:  - )
XECUTER CK3 PRO - USB (HKLM-x32\...\{B5734BB9-56FC-4937-88F2-AB34ABF49821}) (Version: 1.2.25 - XECUTER)
Xfire (remove only) (HKLM-x32\...\Xfire) (Version:  - )
Xilisoft AVI to SWF Converter 6 (HKLM-x32\...\Xilisoft AVI to SWF Converter 6) (Version: 6.5.2.0216 - Xilisoft)
Xilisoft SWF Converter 6 (HKLM-x32\...\Xilisoft SWF Converter 6) (Version: 6.5.5.0426 - Xilisoft)
XLink Kai (HKLM-x32\...\{2773B836-AC66-4178-A414-C5A0F9F5D805}) (Version: 7.4.18.0 - Team XLink)
XMedia Recode version 3.2.0.2 (HKLM-x32\...\{DDA3C325-47B2-4730-9672-BF3771C08799}_is1) (Version: 3.2.0.2 - XMedia Recode)
XnView 2.04 (HKLM-x32\...\XnView_is1) (Version: 2.04 - Gougelet Pierre-e)
Xpert (HKLM-x32\...\{0FA1BC74-DA5E-4A42-9F99-2D03C33BCAE0}) (Version: 2.0.0 - Xpert2)
xy-VSFilter 3.0.0.211 (HKLM-x32\...\xy-VSFilter_is1) (Version: 3.0.0.211 - xy-VSFilter Team)
Y-cam Setup (HKLM-x32\...\{365B0FA3-6638-43CF-B47E-1D4219B73D85}_is1) (Version: 1.4.000 - Y-cam)
zbattle.net 1.09 SR-1 beta (HKLM-x32\...\zbattle.net_is1) (Version:  - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3757204901-3132025799-1142526092-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Nick Brano\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3757204901-3132025799-1142526092-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nick Brano\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3757204901-3132025799-1142526092-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nick Brano\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3757204901-3132025799-1142526092-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nick Brano\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3757204901-3132025799-1142526092-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nick Brano\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nick Brano\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll [2013-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nick Brano\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll [2013-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nick Brano\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll [2013-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nick Brano\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll [2013-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32-x32: [AAADesktopTips] -> {4562B511-62E9-4533-B7B2-56A8BB10B482} => C:\Program Files (x86)\Common Files\Thunder Network\KanKan\xappex.1.1.1.38.(657).dll [2012-05-29] (深圳市迅雷网络技术有限公司)
ShellIconOverlayIdentifiers-x32-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nick Brano\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll [2013-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nick Brano\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll [2013-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nick Brano\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll [2013-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32-x32: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nick Brano\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll [2013-03-12] (Dropbox, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2014-06-22] (Igor Pavlov)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\..\Acrobat Elements\ContextMenu64.dll [2011-09-05] (Adobe Systems Inc.)
ContextMenuHandlers1-x32: [AVS Video Converter 6] -> {6230EF55-8E71-4F40-861A-DBA282584FF5} => C:\Program Files (x86)\AVS4YOU\AVSVideoConverter6\AVSVideoConverterShExt.dll [2010-03-15] (Online Media Technologies Ltd.)
ContextMenuHandlers1-x32-x32: [Brad Smith.Easy SFV Creator.2.5.5.sfv] -> {67FDD158-4C57-4672-A93C-AEDFAACA693F} => C:\Program Files (x86)\Brad Smith\Easy SFV Creator\BSEasySFVCreatorContext.dll [2002-04-13] (Brad Smith)
ContextMenuHandlers1-x32-x32: [HexWorkshopContextMenu] -> {DB34D5DC-D41A-482E-A5EF-8FA0F88761DA} => C:\Program Files\BreakPoint Software\Hex Workshop v6\hwext64.dll [2008-12-10] (BreakPoint Software, Inc.)
ContextMenuHandlers1-x32-x32: [Notepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_04.dll [2011-07-18] ()
ContextMenuHandlers1-x32-x32-x32: [TagRename_ContextMenu] -> {7C5E74A0-D5E0-11D0-A9BF-E886A83B9BE5} => C:\Program Files (x86)\TagRename\TRshell.dll [2009-01-09] (Softpointer Inc)
ContextMenuHandlers1-x32-x32-x32: [TR] -> {6A982F05-85C0-48c4-B17E-407176B160AD} => C:\Program Files (x86)\TagRename\TRshell64.dll [2008-05-17] ()
ContextMenuHandlers1-x32-x32-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-06-10] (Alexander Roshal)
ContextMenuHandlers1-x32-x32-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-06-10] (Alexander Roshal)
ContextMenuHandlers2: [HexWorkshopContextMenu] -> {DB34D5DC-D41A-482E-A5EF-8FA0F88761DA} => C:\Program Files\BreakPoint Software\Hex Workshop v6\hwext64.dll [2008-12-10] (BreakPoint Software, Inc.)
ContextMenuHandlers3: [HashCheck Shell Extension] -> {705977C7-86CB-4743-BFAF-6908BD19B7B0} => C:\Windows\system32\ShellExt\HashCheck.dll [2009-07-03] (code.kliu.org)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2014-06-22] (Igor Pavlov)
ContextMenuHandlers4: [TR] -> {6A982F05-85C0-48c4-B17E-407176B160AD} => C:\Program Files (x86)\TagRename\TRshell64.dll [2008-05-17] ()
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-06-10] (Alexander Roshal)
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-06-10] (Alexander Roshal)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2012-11-16] (Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [TR] -> {6A982F05-85C0-48c4-B17E-407176B160AD} => C:\Program Files (x86)\TagRename\TRshell64.dll [2008-05-17] ()
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\..\Acrobat Elements\ContextMenu64.dll [2011-09-05] (Adobe Systems Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers6-x32: [TagRename_ContextMenu] -> {7C5E74A0-D5E0-11D0-A9BF-E886A83B9BE5} => C:\Program Files (x86)\TagRename\TRshell.dll [2009-01-09] (Softpointer Inc)
ContextMenuHandlers6-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-06-10] (Alexander Roshal)
ContextMenuHandlers6-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-06-10] (Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-3757204901-3132025799-1142526092-1001: [DropboxExt] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nick Brano\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll [2013-03-12] (Dropbox, Inc.)
ContextMenuHandlers4_S-1-5-21-3757204901-3132025799-1142526092-1001: [DropboxExt] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nick Brano\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll [2013-03-12] (Dropbox, Inc.)
ContextMenuHandlers5_S-1-5-21-3757204901-3132025799-1142526092-1001: [DropboxExt] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nick Brano\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll [2013-03-12] (Dropbox, Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0EF252F2-C271-4300-9490-C9DAB8647565} - System32\Tasks\Shutdown in => shutdown [Argument = –s –f –t 0]
Task: {64D75FC9-DFD8-4D8B-94D4-CA6961A8D4FA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-24] (Google Inc.)
Task: {73E03A8A-235B-43F7-827C-19BBE1579AE4} - System32\Tasks\Shutdown in 4 hours => shutdown [Argument = -s -f -t 0]
Task: {8DA96216-79CD-4BB0-A9D8-AAA3B1464B60} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-24] (Google Inc.)
Task: {C43BAB8D-4BB8-4539-8D87-75E321315974} - System32\Tasks\CCleanerSkipUAC => C:\Program Files (x86)\CCleaner\CCleaner.exe [2017-04-10] (Piriform Ltd)
Task: {F2F21C74-1321-4F46-B2B5-51E583F3BA9C} - System32\Tasks\SUPERAntiSpyware Scheduled Task 53d24d4e-fc60-47c4-aac8-c86ca917dc82 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 53d24d4e-fc60-47c4-aac8-c86ca917dc82.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


Shortcut: C:\Users\Nick Brano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Yamb 2.1.0.0 beta 2\Yamb - Website.lnk -> hxxp://yamb.unite-video.com
Shortcut: C:\Users\Nick Brano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\wwPacker\Remove wwPacker (Uninstall).lnk -> C:\Program Files (x86)\wwPacker\wwpacker-uninstall.bat ()
Shortcut: C:\Users\Nick Brano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\wwPacker\wwPacker - Custom.lnk -> C:\Program Files (x86)\wwPacker\_wwpacker-Custom.bat ()
Shortcut: C:\Users\Nick Brano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\wwPacker\wwPacker - DLCRegion.lnk -> C:\Program Files (x86)\wwPacker\_wwpacker-DLCRegion.bat ()
Shortcut: C:\Users\Nick Brano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\wwPacker\wwPacker - FakeSign.lnk -> C:\Program Files (x86)\wwPacker\_wwpacker-FakeSign.bat ()
Shortcut: C:\Users\Nick Brano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\wwPacker\wwPacker - FreeTheBug.lnk -> C:\Program Files (x86)\wwPacker\_wwpacker-FreeTheBug.bat ()
Shortcut: C:\Users\Nick Brano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\wwPacker\wwPacker - IOS35-Plus.lnk -> C:\Program Files (x86)\wwPacker\_wwpacker-IOS35-Plus.bat ()
Shortcut: C:\Users\Nick Brano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\wwPacker\wwPacker - IOS35.lnk -> C:\Program Files (x86)\wwPacker\_wwpacker-IOS35.bat ()
Shortcut: C:\Users\Nick Brano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\wwPacker\wwPacker - JustSign.lnk -> C:\Program Files (x86)\wwPacker\_wwpacker-JustSign.bat ()
Shortcut: C:\Users\Nick Brano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\wwPacker\wwPacker - Loader.lnk -> C:\Program Files (x86)\wwPacker\_wwpacker-Loader.bat ()
Shortcut: C:\Users\Nick Brano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\wwPacker\wwPacker - NoMod.lnk -> C:\Program Files (x86)\wwPacker\_wwpacker-NoMod.bat ()
Shortcut: C:\Users\Nick Brano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\wwPacker\wwPacker - RegionFree-Plus.lnk -> C:\Program Files (x86)\wwPacker\_wwpacker-RegionFree-Plus.bat ()
Shortcut: C:\Users\Nick Brano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\wwPacker\wwPacker - RegionFree.lnk -> C:\Program Files (x86)\wwPacker\_wwpacker-RegionFree.bat ()
Shortcut: C:\Users\Nick Brano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\wwPacker\wwUnpacker - Content.lnk -> C:\Program Files (x86)\wwPacker\__wwunpacker-Content.bat ()
Shortcut: C:\Users\Nick Brano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\wwPacker\wwUnpacker.lnk -> C:\Program Files (x86)\wwPacker\__wwunpacker.bat ()
Shortcut: C:\Users\Nick Brano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MediaCoder\MediaCoder CLI Version.lnk -> C:\Program Files (x86)\MediaCoder\opencli.bat ()
Shortcut: C:\Users\Nick Brano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader\JDownloader Support.lnk -> hxxp://jdownloader.org/knowledge/inde
Shortcut: C:\Users\Nick Brano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 9\Additional\SynthMaker website.lnk -> hxxp://www.synthmaker.co.uk

==================== Loaded Modules (Whitelisted) ==============

2009-10-23 01:29 - 2008-05-17 00:12 - 000048896 _____ () C:\Program Files (x86)\TagRename\TRshell64.dll
2011-07-18 16:04 - 2011-07-18 16:04 - 000301568 _____ () C:\Program Files (x86)\Notepad++\NppShell_04.dll
2017-07-13 19:50 - 2017-07-13 19:50 - 001354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-01-13 13:56 - 2017-01-13 13:56 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\29341988.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\29341988.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMSwissArmy => ""="Driver"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

There are 7865 more sites.

IE restricted site: HKU\S-1-5-21-3757204901-3132025799-1142526092-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-3757204901-3132025799-1142526092-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3757204901-3132025799-1142526092-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-3757204901-3132025799-1142526092-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-3757204901-3132025799-1142526092-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-3757204901-3132025799-1142526092-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-3757204901-3132025799-1142526092-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-3757204901-3132025799-1142526092-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-3757204901-3132025799-1142526092-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3757204901-3132025799-1142526092-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-3757204901-3132025799-1142526092-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-3757204901-3132025799-1142526092-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-3757204901-3132025799-1142526092-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-3757204901-3132025799-1142526092-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-3757204901-3132025799-1142526092-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-3757204901-3132025799-1142526092-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-3757204901-3132025799-1142526092-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-3757204901-3132025799-1142526092-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-3757204901-3132025799-1142526092-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-3757204901-3132025799-1142526092-1001\...\123simsen.com -> www.123simsen.com

There are 7865 more sites.


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:34 - 2017-11-25 21:41 - 000000035 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3757204901-3132025799-1142526092-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Nick Brano\AppData\Local\Realtime Soft\UltraMon\UltraMon Wallpaper.bmp
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\Services: !SASCORE => 2
MSCONFIG\Services: Adobe LM Service => 2
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: Akamai => 2
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: Apple Mobile Device => 3
MSCONFIG\Services: BDESVC => 3
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: BstHdAndroidSvc => 2
MSCONFIG\Services: BstHdLogRotatorSvc => 2
MSCONFIG\Services: BstHdUpdaterSvc => 2
MSCONFIG\Services: FLEXnet Licensing Service => 2
MSCONFIG\Services: FLEXnet Licensing Service 64 => 2
MSCONFIG\Services: Hamachi2Svc => 2
MSCONFIG\Services: IDriverT => 3
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: LMIGuardianSvc => 2
MSCONFIG\Services: MBAMScheduler => 2
MSCONFIG\Services: MBAMService => 3
MSCONFIG\Services: MSCSPTISRV => 3
MSCONFIG\Services: NMIndexingService => 3
MSCONFIG\Services: PACSPTISVR => 3
MSCONFIG\Services: Razer Game Scanner Service => 2
MSCONFIG\Services: rpcapd => 3
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: SonicStage Back-End Service => 3
MSCONFIG\Services: SPTISRV => 3
MSCONFIG\Services: SSScsiSV => 3
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: SwitchBoard => 3
MSCONFIG\Services: TenorshareReibootService => 2
MSCONFIG\Services: wscsvc => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Content Manager Assistant for PlayStation®.lnk => C:\Windows\pss\Content Manager Assistant for PlayStation®.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Leftsider32.lnk => C:\Windows\pss\Leftsider32.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Leftsider64.lnk => C:\Windows\pss\Leftsider64.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^RocketDock.lnk => C:\Windows\pss\RocketDock.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SoftEther VPN Client Manager Startup.lnk => C:\Windows\pss\SoftEther VPN Client Manager Startup.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^UberIcon.lnk => C:\Windows\pss\UberIcon.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^VirtuaWin.lnk => C:\Windows\pss\VirtuaWin.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Yzshadow.lnk => C:\Windows\pss\Yzshadow.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Nick Brano^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Nick Brano^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^ungovernable.lnk => C:\Windows\pss\ungovernable.lnk.Startup
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS4ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Aim => "C:\Program Files (x86)\AIM\aim.exe" /d locale=en-US
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\Nick Brano\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: AMD AVT => Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} => "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: DelaypluginInstall => C:\ProgramData\iSkysoft\iTube Studio\DelayPluginI.exe
MSCONFIG\startupreg: DriveUtilitiesHelper => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe
MSCONFIG\startupreg: FlashPlayerUpdate => C:\Windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe -p
MSCONFIG\startupreg: Grid Service => "C:\Program Files (x86)\GridService\peer.exe" -n Grid
MSCONFIG\startupreg: HDAudDeck => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
MSCONFIG\startupreg: IDM => wscript "C:\Users\Nick Brano\AppData\Roaming\Adobe\Flash Player\SpeedCache\idm.vbs" "C:\Users\Nick Brano\AppData\Roaming\Adobe\Flash Player\SpeedCache\idm.bat"
MSCONFIG\startupreg: iFunBox => C:\Program Files (x86)\i-Funbox DevTeam\iFunBox_x64.exe /tray
MSCONFIG\startupreg: iFunBox Fast App Install Handler => C:\Program Files (x86)\i-Funbox DevTeam\iFunBox_x64.exe /tray
MSCONFIG\startupreg: IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} => "C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: JMB36X IDE Setup => C:\Windows\RaidTool\xInsIDE.exe
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: Malwarebytes' Anti-Malware => "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: NielsenOnline => C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenOnline.exe
MSCONFIG\startupreg: nonpaying => "C:\Program Files (x86)\staffer\nonpaying.exe"
MSCONFIG\startupreg: One Insight Research => C:\Users\Nick Brano\AppData\Local\One Insight Research\One Insight Research.exe
MSCONFIG\startupreg: Pando Media Booster => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
MSCONFIG\startupreg: ProfilerU => C:\Program Files\SmartTechnology\Software\ProfilerU.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Raptr => C:\PROGRA~2\Raptr\raptrstub.exe --startup
MSCONFIG\startupreg: Razer Imperator Driver => C:\Program Files (x86)\Razer\Imperator\RazerImperatorSysTray.exe
MSCONFIG\startupreg: Razer Synapse => "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
MSCONFIG\startupreg: SaiMfd => C:\Program Files\SmartTechnology\Software\SaiMfd.exe
MSCONFIG\startupreg: SilentCleanService => C:\Program Files (x86)\iMobie\PhoneRescue\${CHECK_RUNSERVICE_NAME}
MSCONFIG\startupreg: SoftEther VPN Client UI Helper => "C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe" /uihelp
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: UDisk => C:\Program Files (x86)\115\UDown\UDown.exe /m
MSCONFIG\startupreg: uTorrent => "C:\Users\Nick Brano\AppData\Roaming\uTorrent\uTorrent.exe"
MSCONFIG\startupreg: WD Drive Unlocker => C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
MSCONFIG\startupreg: WDAppManager => C:\Program Files (x86)\Western Digital\WD App Manager\AppManagerLauncher.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [VirtualPC-In-TCP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-UDP-2] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-UDP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{9CCA1D59-4D46-4E8F-A630-E05F13CB00CB}] => (Allow) C:\Users\Nick Brano\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{458D73A1-50D5-4B8D-8346-2DDD3248CCBF}] => (Allow) C:\Users\Nick Brano\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{9ABE2CF9-5C08-464A-8B78-DAA072548C9A}C:\koplayer\vbox\vboxheadless.exe] => (Allow) C:\koplayer\vbox\vboxheadless.exe
FirewallRules: [UDP Query User{010B9AE5-18A2-48B2-BE72-B17E4202FFD4}C:\koplayer\vbox\vboxheadless.exe] => (Allow) C:\koplayer\vbox\vboxheadless.exe
DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe] => Enabled:Logitech Harmony Remote Software 7
DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\FlashFXP\FlashFXP.exe] => Enabled:FlashFXP v3
DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\FlashFXP 4\FlashFXP.exe] => Enabled:FlashFXP v3
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe] => Enabled:Logitech Harmony Remote Software 7
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\FlashFXP\FlashFXP.exe] => Enabled:FlashFXP v3
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\FlashFXP 4\FlashFXP.exe] => Enabled:FlashFXP v3
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\BulletProof FTP Server 2010\bpftpserver-2010.exe] => Enabled:BulletProof FTP Server 2010 (http://www.bpftpserver.com)
StandardProfile\AuthorizedApplications: [C:\Netmarble\NetmarbleDownLoaderNet\GridDownload.exe] => Enabled:GridDownload.exe************************************************************************************************************************* (the data entry has 823 more characters).

==================== Restore Points =========================


==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: udiskMgr
Description: udiskMgr
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: udiskMgr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Hamachi Network Interface
Description: Hamachi Network Interface
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: LogMeIn, Inc.
Service: hamachi
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: VPN Client Adapter - VPN
Description: VPN Client Adapter - VPN
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: SoftEther VPN Project
Service: Neo_VPN
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/29/2017 12:33:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.1.7601.23537, time stamp: 0x57c44efe
Faulting module name: anyshellext.dll, version: 1.1.0.5, time stamp: 0x51cd842d
Exception code: 0xc0000005
Fault offset: 0x0000000000026f0e
Faulting process id: 0x65c
Faulting application start time: 0x01d3692d238ecde1
Faulting application path: C:\Windows\Explorer.EXE
Faulting module path: C:\Program Files (x86)\AnyToISO\anyshellext.dll
Report Id: 6f13a384-d52b-11e7-855b-00261896e240

Error: (11/27/2017 12:09:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: WebStatistics.exe, version: 0.0.0.0, time stamp: 0x58774728
Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e
Exception code: 0xc0000417
Fault offset: 0x0008af3e
Faulting process id: 0x159c
Faulting application start time: 0x01d367a2874116c7
Faulting application path: C:\KOPLAYER\UserData\KOPLAYER\WebStatistics.exe
Faulting module path: C:\KOPLAYER\UserData\KOPLAYER\MSVCR100.dll
Report Id: c8877061-d395-11e7-8890-00261896e240

Error: (11/25/2017 10:03:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: adwcleaner_7.0.4.0.exe, version: 7.0.4.0, time stamp: 0x59f3de9c
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc000041d
Fault offset: 0x73954f69
Faulting process id: 0xb98
Faulting application start time: 0x01d36662174a66b9
Faulting application path: C:\Users\Nick Brano\Desktop\adwcleaner_7.0.4.0.exe
Faulting module path: unknown
Report Id: 6194a79e-d256-11e7-9b54-00261896e240


System errors:
=============
Error: (11/29/2017 08:20:10 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
 and APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

Error: (11/29/2017 08:19:39 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
 and APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

Error: (11/29/2017 08:18:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The EMS Inter-Link driver V3.0 service failed to start due to the following error:
Windows cannot verify the digital signature for this file. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Error: (11/29/2017 11:16:09 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
 and APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

Error: (11/29/2017 11:15:39 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
 and APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

Error: (11/29/2017 11:14:01 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The EMS Inter-Link driver V3.0 service failed to start due to the following error:
Windows cannot verify the digital signature for this file. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Error: (11/28/2017 11:47:41 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Razer Chroma SDK Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (11/28/2017 11:47:41 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Razer Chroma SDK Server service terminated unexpectedly.  It has done this 1 time(s).

Error: (11/28/2017 08:46:10 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
 and APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

Error: (11/28/2017 08:45:47 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
 and APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.


CodeIntegrity:
===================================
  Date: 2017-11-29 20:18:00.545
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\EMSLink_amd64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-11-29 20:18:00.483
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\EMSLink_amd64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-11-29 11:14:01.551
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\EMSLink_amd64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-11-29 11:14:01.489
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\EMSLink_amd64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-11-28 20:44:09.974
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\EMSLink_amd64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-11-28 20:44:09.928
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\EMSLink_amd64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-11-28 20:21:32.077
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\EMSLink_amd64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-11-28 20:21:32.014
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\EMSLink_amd64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-11-28 11:20:33.430
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\EMSLink_amd64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-11-28 11:20:33.367
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\EMSLink_amd64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Intel® Core™ i7 CPU 860 @ 2.80GHz
Percentage of memory in use: 20%
Total physical RAM: 8190.05 MB
Available physical RAM: 6502.31 MB
Total Virtual: 16378.29 MB
Available Virtual: 14767.51 MB

==================== Drives ================================

Drive c: (Nick's Master HD) (Fixed) (Total:596.17 GB) (Free:23.01 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive e: (Nick's Slave HD) (Fixed) (Total:596.07 GB) (Free:7.59 GB) NTFS
Drive f: (Nick's External HD) (Fixed) (Total:3725.87 GB) (Free:2196.85 GB) NTFS
Drive h: (Nick's Camera HD) (Fixed) (Total:931.51 GB) (Free:38.14 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: 669D669D)
Partition 1: (Active) - (Size=596.2 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: 1616B55D)
Partition 1: (Active) - (Size=596.1 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 3726 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 3 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 04F32A31)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Attached Files



#18 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,938 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:09:46 PM

Posted 30 November 2017 - 12:53 PM

  • Highlight the entire content of the quote box below.

Start::
CMD: fltmc instances
Folder: C:\Windows\System32\Drivers
Reg: Reg query "HKEY_LOCAL_MACHINE\SYSTEM\Select"
End::

  • Right click on the highlighted text and select Copy.
  • Start FRST (FRST64) with Administrator privileges
  • Press the Fix button. FRST will process the lines copied above from the clipboard.
  • When finished, a log file (Fixlog.txt) will pop up and saved in the same location the tool was ran from.
Please copy and paste its contents in your next reply.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#19 anthroxdx

anthroxdx
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Local time:08:46 PM

Posted 30 November 2017 - 12:55 PM

Fix result of Farbar Recovery Scan Tool (x64) Version: 29-11-2017
Ran by Nick Brano (30-11-2017 12:54:21) Run:13
Running from C:\Users\Nick Brano\Desktop
Loaded Profiles: Nick Brano (Available Profiles: Nick Brano)
Boot Mode: Normal
==============================================

fixlist content:
*****************
CMD: fltmc instances
Folder: C:\Windows\System32\Drivers
Reg: Reg query "HKEY_LOCAL_MACHINE\SYSTEM\Select"

*****************


========= fltmc instances =========

Filter                Volume Name                              Altitude        Instance Name      Frame  VlStatus
--------------------  -------------------------------------  ------------  ---------------------  -----  --------
luafv                 C:                                      135000       luafv                    0    
nspiuaok              \Device\Mup                              45666       nspiuaok Instance        0    
nspiuaok              C:                                       45666       nspiuaok Instance        0    
FileInfo              \Device\Mup                              45000       FileInfo                 0    
FileInfo              C:                                       45000       FileInfo                 0    
FileInfo              E:                                       45000       FileInfo                 0    
FileInfo              F:                                       45000       FileInfo                 0    
FileInfo              H:                                       45000       FileInfo                 0    
FileInfo              \Device\ADVirtualDisk\Volume             45000       FileInfo                 0    

========= End of CMD: =========


========================= Folder: C:\Windows\System32\Drivers ========================

2009-07-13 19:06 - 2009-07-13 19:06 - 000068096 ____A [64EDD3F59DB321947969FDF1DD747323] (Microsoft Corporation) C:\Windows\System32\Drivers\1394bus.sys
2011-02-22 13:44 - 2010-11-20 05:44 - 000229888 ____A [A87D604AEA360176311474C87A63BB88] (Microsoft Corporation) C:\Windows\System32\Drivers\1394ohci.sys
2017-11-26 13:38 - 2017-11-26 13:38 - 000255928 ____A [BDFA7A13CC73B180BBDF1ABA280E1CF7] (Malwarebytes) C:\Windows\System32\Drivers\6376F1BE.sys
2011-02-22 13:43 - 2010-11-20 08:32 - 000334208 ____A [D81D9E70B8A6DD14D42D7B4EFA65D5F2] (Microsoft Corporation) C:\Windows\System32\Drivers\acpi.sys
2011-02-22 13:43 - 2010-11-20 04:30 - 000012800 ____A [99F8E788246D495CE3794D7E7821D2CA] (Microsoft Corporation) C:\Windows\System32\Drivers\acpipmi.sys
2008-06-27 06:51 - 2010-04-11 13:04 - 000086584 ____A [D44BCAF639E4E45307C2BC80715273D5] (Adobe Systems, Inc.) C:\Windows\System32\Drivers\adfs.sys
2009-06-10 15:36 - 2009-07-13 20:52 - 000491088 ____A [2F6B34B83843F0C5118B63AC634F5BF4] (Adaptec, Inc.) C:\Windows\System32\Drivers\adp94xx.sys
2009-07-13 16:59 - 2009-07-13 20:52 - 000339536 ____A [597F78224EE9224EA1A13D6350CED962] (Adaptec, Inc.) C:\Windows\System32\Drivers\adpahci.sys
2009-07-13 16:59 - 2009-07-13 20:52 - 000182864 ____A [E109549C90F62FB570B9540C4B148E54] (Adaptec, Inc.) C:\Windows\System32\Drivers\adpu320.sys
2017-05-10 02:28 - 2017-04-04 09:53 - 000496128 ____A [0DC2A9882540DEA4A55B08785E09D8FC] (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys
2009-07-13 19:10 - 2009-07-13 19:10 - 000060416 ____A [7ECFF9B22276B73F43A99A15A6094E90] (Microsoft Corporation) C:\Windows\System32\Drivers\agilevpn.sys
2009-07-13 18:38 - 2009-07-13 20:52 - 000061008 ____A [608C14DBA7299D8CB6ED035A68A15799] (Microsoft Corporation) C:\Windows\System32\Drivers\AGP440.sys
2009-07-13 18:19 - 2009-07-13 20:52 - 000015440 ____A [5812713A477A3AD7363C7438CA2EE038] (Acer Laboratories Inc.) C:\Windows\System32\Drivers\aliide.sys
2009-07-13 18:19 - 2009-07-13 20:52 - 000015440 ____A [1FF8B4431C353CE385C875F194924C0C] (Microsoft Corporation) C:\Windows\System32\Drivers\amdide.sys
2009-07-13 18:19 - 2009-07-13 18:19 - 000064512 ____A [7024F087CFF1833A806193EF9D22CDA9] (Microsoft Corporation) C:\Windows\System32\Drivers\amdk8.sys
2009-07-13 18:19 - 2009-07-13 18:19 - 000060928 ____A [1E56388B3FE0D031C44144EB8C4D6217] (Microsoft Corporation) C:\Windows\System32\Drivers\amdppm.sys
2011-04-27 02:54 - 2011-03-11 01:41 - 000107904 ____A [D4121AE6D0C0E7E13AA221AA57EF2D49] (Advanced Micro Devices) C:\Windows\System32\Drivers\amdsata.sys
2009-06-10 15:37 - 2009-07-13 20:52 - 000194128 ____A [F67F933E79241ED32FF46A4F29B5120B] (AMD Technologies Inc.) C:\Windows\System32\Drivers\amdsbs.sys
2011-04-27 02:54 - 2011-03-11 01:41 - 000027008 ____A [540DAF1CEA6094886D72126FD7C33048] (Advanced Micro Devices) C:\Windows\System32\Drivers\amdxata.sys
2010-04-23 11:31 - 2010-04-23 11:31 - 000123840 ____A [76A79621E1B0D9E6919B3C422101CBC9] (SlySoft, Inc.) C:\Windows\System32\Drivers\AnyDVD.sys
2009-10-23 00:03 - 2005-10-18 16:00 - 000021376 ____A [4CB340D7DDFBCB52BBE6979FDE6106B3] (Texas Instruments) C:\Windows\System32\Drivers\ApLoader.sys
2017-10-11 11:20 - 2017-09-13 10:00 - 000062464 ____A [C16B5B379A2A79702CC5FF923EAAE3FD] (Microsoft Corporation) C:\Windows\System32\Drivers\appid.sys
2009-07-13 16:59 - 2009-07-13 20:52 - 000087632 ____A [C484F8CEB1717C540242531DB7845C4E] (Adaptec, Inc.) C:\Windows\System32\Drivers\arc.sys
2009-07-13 16:59 - 2009-07-13 20:52 - 000097856 ____A [019AF6924AEFE7839F61C830227FE79C] (Adaptec, Inc.) C:\Windows\System32\Drivers\arcsas.sys
2009-07-15 22:38 - 2009-07-15 22:38 - 000015416 ____A [19B006B181E3875FD254F7B67ACF1E7C] () C:\Windows\System32\Drivers\ASACPI.sys
2009-07-13 19:10 - 2009-07-13 19:10 - 000023040 ____A [769765CE2CC62867468CEA93969B2242] (Microsoft Corporation) C:\Windows\System32\Drivers\asyncmac.sys
2009-07-13 18:19 - 2009-07-13 20:52 - 000024128 ____A [02062C0B390B7729EDC9E69C680A6F3C] (Microsoft Corporation) C:\Windows\System32\Drivers\atapi.sys
2013-09-10 18:26 - 2013-08-04 21:25 - 000155584 ____A [059F00DEF82BF41E433B7ED465847726] (Microsoft Corporation) C:\Windows\System32\Drivers\ataport.sys
2012-11-16 14:37 - 2012-11-16 14:37 - 000053248 ____A [F9A20D4BECB720A56820BE2EF7800969] (Advanced Micro Devices, Inc.) C:\Windows\System32\Drivers\ati2erec.dll
2009-07-24 01:49 - 2009-07-24 01:49 - 000119312 ____A [3B9014FB7CE9E20FD726321C7DB7D8B0] (ATI Technologies, Inc.) C:\Windows\System32\Drivers\AtiHdmi.sys
2016-04-01 01:31 - 2016-04-01 01:31 - 000104976 ____A [738CD83A9C61ADFD00984433DBA3DC78] (Advanced Micro Devices) C:\Windows\System32\Drivers\AtihdW76.sys
2012-11-16 16:08 - 2012-11-16 16:08 - 011922944 ____A [5B871F3E4A4A6C4693A413E3138B51D0] (Advanced Micro Devices, Inc.) C:\Windows\System32\Drivers\atikmdag.sys
2012-11-16 14:39 - 2012-11-16 14:39 - 000359936 ____A [9BE1140CE8D2C5E878F136A7B85D41B3] (Advanced Micro Devices, Inc.) C:\Windows\System32\Drivers\atikmpag.sys
2009-07-13 16:59 - 2009-06-10 15:36 - 000655825 ____A [EDFAB0AAC634DEBA2ED5FD247CC5EB69] () C:\Windows\System32\Drivers\ativcaxx.cpa
2009-07-13 16:59 - 2009-06-10 15:36 - 000000929 ____A [D2A43D354DCB723BEEBDE3670E65DC46] () C:\Windows\System32\Drivers\ativcaxx.vp
2009-07-13 16:59 - 2009-06-10 15:36 - 000002096 ____A [28E860FB66A500412E0E0ABE74AE4C28] () C:\Windows\System32\Drivers\ativdkxx.vp
2009-07-13 16:59 - 2009-06-10 15:36 - 000002096 ____A [33A2234290EA767DA0EC9FBD5F4BBD19] () C:\Windows\System32\Drivers\ativokxx.vp
2009-07-13 16:59 - 2009-06-10 15:36 - 000002096 ____A [D9BC8AB4EE63B7F4CB5C6A70AB9D9F30] () C:\Windows\System32\Drivers\ativpkxx.vp
2009-07-13 16:59 - 2009-06-10 15:36 - 000019392 ____A [2397C0F43FD7D630F9F4CB9A06887D31] () C:\Windows\System32\Drivers\ativvpxx.vp
2009-06-10 15:34 - 2009-06-10 15:34 - 000270848 ____A [B5ACE6968304A3900EEB1EBFD9622DF2] (Broadcom Corporation) C:\Windows\System32\Drivers\b57nd60a.sys
2009-07-13 18:31 - 2009-07-13 20:52 - 000028240 ____A [F4DE2AE7A9E1BADAC70BC71EA2C17612] (Microsoft Corporation) C:\Windows\System32\Drivers\battc.sys
2009-07-13 19:00 - 2009-07-13 19:00 - 000006656 ____A [16A47CE2DECC9B099349A5F840654746] (Microsoft Corporation) C:\Windows\System32\Drivers\beep.sys
2009-07-13 18:35 - 2009-07-13 18:35 - 000045056 ____A [61583EE3C3A17003C4ACD0475646B4D3] (Microsoft Corporation) C:\Windows\System32\Drivers\blbdrive.sys
2016-11-09 04:46 - 2016-10-05 09:54 - 000090112 ____A [ABA3984C822E4D3F889699912D85D6C5] (Microsoft Corporation) C:\Windows\System32\Drivers\bowser.sys
2009-07-13 20:19 - 2009-06-10 15:41 - 000018432 ____A [F09EEE9EDC320B5E1501F749FDE686C8] (Brother Industries, Ltd.) C:\Windows\System32\Drivers\BrFiltLo.sys
2009-07-13 20:20 - 2009-06-10 15:41 - 000008704 ____A [B114D3098E9BDB8BEA8B053685831BE6] (Brother Industries, Ltd.) C:\Windows\System32\Drivers\BrFiltUp.sys
2009-07-13 20:05 - 2009-07-13 20:01 - 000095232 ____A [5C2F352A4E961D72518261257AAE204B] (Microsoft Corporation) C:\Windows\System32\Drivers\bridge.sys
2009-07-13 20:19 - 2009-07-13 20:19 - 000286720 ____A [43BEA8D483BF1870F018E2D02E06A5BD] (Brother Industries Ltd.) C:\Windows\System32\Drivers\BrSerId.sys
2009-07-13 20:20 - 2009-06-10 15:41 - 000047104 ____A [A6ECA2151B08A09CACECA35C07F05B42] (Brother Industries Ltd.) C:\Windows\System32\Drivers\BrSerWdm.sys
2009-07-13 20:20 - 2009-06-10 15:41 - 000014976 ____A [B79968002C277E869CF38BD22CD61524] (Brother Industries Ltd.) C:\Windows\System32\Drivers\BrUsbMdm.sys
2009-07-13 20:20 - 2009-06-10 15:41 - 000014720 ____A [A87528880231C54E75EA7A44943B38BF] (Brother Industries Ltd.) C:\Windows\System32\Drivers\BrUsbSer.sys
2009-07-13 19:06 - 2009-07-13 19:06 - 000041984 ____A [CF98190A94F62E405C8CB255018B2315] (Microsoft Corporation) C:\Windows\System32\Drivers\bthenum.sys
2009-07-13 19:06 - 2009-07-13 19:06 - 000072192 ____A [9DA669F11D1F894AB4EB69BF546A42E8] (Microsoft Corporation) C:\Windows\System32\Drivers\bthmodem.sys
2017-07-12 03:04 - 2017-07-05 23:56 - 000119296 ____A [5A8951D195AFEF979C4AB02A129EBC37] (Microsoft Corporation) C:\Windows\System32\Drivers\bthpan.sys
2012-08-15 02:26 - 2012-07-06 15:07 - 000552960 ____A [738D0E9272F59EB7A1449C3EC118E6C4] (Microsoft Corporation) C:\Windows\System32\Drivers\bthport.sys
2011-07-12 17:42 - 2011-04-27 22:54 - 000080384 ____A [F188B7394D81010767B6DF3178519A37] (Microsoft Corporation) C:\Windows\System32\Drivers\BTHUSB.SYS
2009-06-10 15:34 - 2009-06-10 15:34 - 000468480 ____A [3E5B191307609F7514148C6832BB0842] (Broadcom Corporation) C:\Windows\System32\Drivers\bxvbda.sys
2009-07-13 18:19 - 2009-07-13 18:19 - 000092160 ____A [B8BD2BB284668C84865658C77574381A] (Microsoft Corporation) C:\Windows\System32\Drivers\cdfs.sys
2010-05-03 00:59 - 2009-06-23 02:00 - 000010224 ____N [7DC54D1D7B66EBFC09F1DEFCF32DFA3F] (Sonic Solutions) C:\Windows\System32\Drivers\cdr4_xp.sys
2010-05-03 00:59 - 2009-06-23 02:00 - 000010224 ____N [BF22B3F663E6D1662E6159AB8EA7D113] (Sonic Solutions) C:\Windows\System32\Drivers\cdralw2k.sys
2011-02-22 13:43 - 2010-11-20 04:19 - 000147456 ____A [F036CE71586E93D94DAB220D7BDF4416] (Microsoft Corporation) C:\Windows\System32\Drivers\cdrom.sys
2017-11-24 00:25 - 2017-11-24 00:25 - 000079064 ____A [8C17F3795DAE9A0ECDE4B3A3B0740E5F] (Malwarebytes) C:\Windows\System32\Drivers\chknrg.sys
2009-07-13 19:06 - 2009-07-13 19:06 - 000045568 ____A [D7CD5C4E1B71FA62050515314CFB52CF] (Microsoft Corporation) C:\Windows\System32\Drivers\circlass.sys
2011-07-23 14:26 - 2010-07-14 09:19 - 000097280 ____A [162BF76C12A81013C73C3205190999F1] (XECUTER) C:\Windows\System32\Drivers\ck3pro64.sys
2011-02-22 13:43 - 2010-11-20 08:32 - 000179072 ____A [ACFAD0B512226C7A83C7CB09FD55A9AD] (Microsoft Corporation) C:\Windows\System32\Drivers\Classpnp.sys
2009-07-13 18:31 - 2009-07-13 18:31 - 000017664 ____A [0840155D0BDDF1190F84A663C284BD33] (Microsoft Corporation) C:\Windows\System32\Drivers\CmBatt.sys
2009-07-13 18:19 - 2009-07-13 20:52 - 000017488 ____A [E19D3F095812725D88F9001985B94EDD] (CMD Technology, Inc.) C:\Windows\System32\Drivers\cmdide.sys
2016-12-13 13:31 - 2016-11-20 09:07 - 000467392 ____A [A98CED39AD91B445E2E442A9BD67E8B4] (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys
2009-07-13 18:31 - 2009-07-13 20:52 - 000021584 ____A [102DE219C3F61415F964C88E9085AD14] (Microsoft Corporation) C:\Windows\System32\Drivers\compbatt.sys
2011-02-22 13:43 - 2010-11-20 05:33 - 000038912 ____A [03EDB043586CCEBA243D689BDDA370A8] (Microsoft Corporation) C:\Windows\System32\Drivers\CompositeBus.sys
2009-07-13 19:01 - 2009-07-13 20:47 - 000039504 ____A [3E588B60EC061686BA05D33574A344C6] (Microsoft Corporation) C:\Windows\System32\Drivers\crashdmp.sys
2009-07-13 19:01 - 2009-07-13 20:47 - 000024144 ____A [1C827878A998C18847245FE1F34EE597] (Microsoft Corporation) C:\Windows\System32\Drivers\crcdisk.sys
2011-02-22 13:44 - 2010-11-20 04:27 - 000514560 ____A [54DA3DFD29ED9F1619B6F53F3CE55E49] (Microsoft Corporation) C:\Windows\System32\Drivers\csc.sys
2016-10-13 01:29 - 2016-09-08 09:55 - 000106496 ____A [9B38580063D281A99E68EF5813022A5F] (Microsoft Corporation) C:\Windows\System32\Drivers\dfsc.sys
2009-07-13 18:37 - 2009-07-13 18:37 - 000040448 ____A [13096B05847EC78F0977F2C0F79E9AB3] (Microsoft Corporation) C:\Windows\System32\Drivers\discache.sys
2016-03-17 00:27 - 2016-01-20 19:51 - 000073664 ____A [616387BBD83372220B09DE95F4E67BBC] (Microsoft Corporation) C:\Windows\System32\Drivers\disk.sys
2014-04-08 14:50 - 2014-02-03 21:35 - 000027584 ____A [B3222734D80013D2C73841B0C549FA63] (Microsoft Corporation) C:\Windows\System32\Drivers\Diskdump.sys
2016-02-06 22:58 - 2015-12-08 13:54 - 000116736 ____A [C51B07394A087DA666A410DBFD26663A] (Microsoft Corporation) C:\Windows\System32\Drivers\drmk.sys
2016-02-06 22:58 - 2015-12-08 13:11 - 000005632 ____A [26FE888505E5A945B0536AF9A2A27A6F] (Microsoft Corporation) C:\Windows\System32\Drivers\drmkaud.sys
2011-09-13 22:13 - 2011-09-13 22:13 - 000272448 ____A [1CECD1252261153C7873B5D9EB259D65] (DT Soft Ltd) C:\Windows\System32\Drivers\dtsoftbus01.sys
2009-07-13 18:19 - 2009-07-13 20:47 - 000028736 ____A [839B5FE3D48E9F35B22C21A3D5103F6C] (Microsoft Corporation) C:\Windows\System32\Drivers\Dumpata.sys
2009-07-13 18:21 - 2009-07-13 20:43 - 000055128 ____A [814DB88F2641691575A455CF25354098] (Microsoft Corporation) C:\Windows\System32\Drivers\dumpfve.sys
2009-07-13 18:38 - 2009-07-13 18:38 - 000016896 ____A [BF24D6F2ED97FE830BFD52B246F98E67] (Microsoft Corporation) C:\Windows\System32\Drivers\dxapi.sys
2009-07-13 18:38 - 2009-07-13 18:38 - 000098816 ____A [FEDE0629ECB23650D48989517D4914DA] (Microsoft Corporation) C:\Windows\System32\Drivers\dxg.sys
2017-07-12 03:04 - 2017-05-16 10:35 - 000986856 ____A [5CEF80AE869336376F550ECAE91E424A] (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
2017-07-12 03:04 - 2017-05-16 10:35 - 000265448 ____A [1792FCF97D2420514F9102C18B015B29] (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms1.sys
2010-01-01 12:20 - 2010-01-01 12:20 - 000034472 ____A [A14D6E3EF78F6D6AC42F98D633F2400A] (Elaborate Bytes AG) C:\Windows\System32\Drivers\ElbyCDIO.sys
2009-06-10 15:36 - 2009-07-13 20:47 - 000530496 ____A [0E5DA5369A0FCAEA12456DD852545184] (Emulex) C:\Windows\System32\Drivers\elxstor.sys
2013-10-09 22:15 - 2010-01-13 13:55 - 000008832 ____A [EBFA0B19ACC6315E54F1B9F1E2A7B5BA] (EMS Production Limited.) C:\Windows\System32\Drivers\EMSLink_amd64.sys
2009-07-13 18:31 - 2009-07-13 18:31 - 000009728 ____A [34A3C54752046E79A126E15C51DB409B] (Microsoft Corporation) C:\Windows\System32\Drivers\errdev.sys
2009-06-10 15:34 - 2009-06-10 15:34 - 003286016 ____A [DC5D737F51BE844D8C82C695EB17372F] (Broadcom Corporation) C:\Windows\System32\Drivers\evbda.sys
2017-05-10 02:28 - 2017-03-10 10:55 - 000195584 ____A [7E45F8B117419ABA3BB26579F6E70324] (Microsoft Corporation) C:\Windows\System32\Drivers\exfat.sys
2009-10-23 00:03 - 2005-06-06 08:18 - 000014494 ____A [0DAFD8C9D0F092759F186A641454066C] (USTC) C:\Windows\System32\Drivers\ezwinit.sys
2009-10-23 00:03 - 2005-07-18 10:52 - 000014720 ____A [BC61402BC653144CF0D0B356EA68962C] (USTC) C:\Windows\System32\Drivers\ezwinit2.sys
2009-10-23 00:03 - 2006-01-12 14:00 - 000012672 ____A [CDFE94EEA35B06F40D70B1970A3073BB] (USTC) C:\Windows\System32\Drivers\ezwrit3.sys
2009-10-23 00:03 - 2006-01-12 14:07 - 000012544 ____A [0D91D4AB659949976FED061CEAC602AB] (USTC) C:\Windows\System32\Drivers\ezwrite2.sys
2009-10-23 00:03 - 2005-10-27 09:14 - 000005733 ____A [072FB1E70290949EBE72EFC1A5B9052F] () C:\Windows\System32\Drivers\ezwriter.inf
2009-10-23 00:03 - 2006-01-12 14:09 - 000012544 ____A [0D91D4AB659949976FED061CEAC602AB] (USTC) C:\Windows\System32\Drivers\ezwriter.sys
2017-05-10 02:28 - 2017-03-10 10:55 - 000205312 ____A [6EDFA237D25433C03F42FBFDB16BDD24] (Microsoft Corporation) C:\Windows\System32\Drivers\fastfat.sys
2009-07-13 19:00 - 2009-07-13 19:00 - 000029696 ____A [D765D19CD8EF61F650C384F62FAC00AB] (Microsoft Corporation) C:\Windows\System32\Drivers\fdc.sys
2009-07-13 18:34 - 2009-07-13 20:47 - 000070224 ____A [655661BE46B5F5F3FD454E2C3095B930] (Microsoft Corporation) C:\Windows\System32\Drivers\fileinfo.sys
2009-07-13 18:25 - 2009-07-13 18:25 - 000034304 ____A [5F671AB5BC87EEA04EC38A6CD5962A47] (Microsoft Corporation) C:\Windows\System32\Drivers\filetrace.sys
2009-07-13 19:00 - 2009-07-13 19:00 - 000024576 ____A [C172A0F53008EAEB8EA33FE10E177AF5] (Microsoft Corporation) C:\Windows\System32\Drivers\flpydisk.sys
2011-02-22 13:43 - 2010-11-20 08:33 - 000289664 ____A [DA6B67270FD9DB3697B20FCE94950741] (Microsoft Corporation) C:\Windows\System32\Drivers\fltMgr.sys
2012-04-11 02:00 - 2012-03-01 01:46 - 000023408 ____A [6BD9295CC032DD3077C671FCCF579A7B] (Microsoft Corporation) C:\Windows\System32\Drivers\fs_rec.sys
2009-07-13 18:26 - 2009-07-13 20:47 - 000055376 ____A [D43703496149971890703B4B1B723EAC] (Microsoft Corporation) C:\Windows\System32\Drivers\fsdepends.sys
2007-06-27 08:05 - 2007-06-27 08:05 - 000063808 ____A [54891A87BA8DBFAC580A3D256F4D2CEB] (FTDI Ltd.) C:\Windows\System32\Drivers\ftdibus.sys
2007-06-27 08:03 - 2007-06-27 08:03 - 000083776 ____A [7C98F85966A11D1A4214FA8B48BE6A44] (FTDI Ltd.) C:\Windows\System32\Drivers\ftser2k.sys
2013-04-10 04:29 - 2013-01-24 01:01 - 000223752 ____A [8F6322049018354F45F05A2FD2D4E5E0] (Microsoft Corporation) C:\Windows\System32\Drivers\fvevol.sys
2017-07-12 03:04 - 2017-05-29 23:56 - 000287976 ____A [0F2573E43C95ECC25F0F03A056052948] (Microsoft Corporation) C:\Windows\System32\Drivers\FWPKCLNT.SYS
2009-07-13 18:38 - 2009-07-13 20:47 - 000065088 ____A [8C778D335C9D272CFD3298AB02ABE3B6] (Microsoft Corporation) C:\Windows\System32\Drivers\GAGP30KX.SYS
2013-12-24 05:13 - 2012-08-21 13:01 - 000033240 ____A [8E98D21EE06192492A5671A6144D092F] (GEAR Software Inc.) C:\Windows\System32\Drivers\GEARAspiWDM.sys
2009-06-10 15:30 - 2009-06-10 15:30 - 003440660 ____A [7F29903CB8F5590D52DB0C9F97049A25] () C:\Windows\System32\Drivers\gm.dls
2009-07-13 17:13 - 2009-06-10 15:30 - 000000646 ____A [7111BFA692A22E4B3C07F1E6C6FF6F72] () C:\Windows\System32\Drivers\gmreadme.txt
2009-03-18 17:35 - 2009-03-18 17:35 - 000033856 ___AH [1E6438D4EA6E1174A3B3B1EDC4DE660B] (LogMeIn, Inc.) C:\Windows\System32\Drivers\hamachi.sys
2009-07-13 17:53 - 2009-06-10 15:31 - 000031232 ____A [F2523EF6460FC42405B12248338AB2F0] (Hauppauge Computer Works, Inc.) C:\Windows\System32\Drivers\hcw85cir.sys
2011-02-22 13:43 - 2010-11-20 05:43 - 000122368 ____A [97BFED39B6B79EB12CDDBFEED51F56BB] (Microsoft Corporation) C:\Windows\System32\Drivers\hdaudbus.sys
2011-02-22 13:43 - 2010-11-20 05:44 - 000350208 ____A [975761C778E33CD22498059B91E7373A] (Microsoft Corporation) C:\Windows\System32\Drivers\HdAudio.sys
2009-07-13 18:31 - 2009-07-13 18:31 - 000026624 ____A [78E86380454A7B10A5EB255DC44A355F] (Microsoft Corporation) C:\Windows\System32\Drivers\hidbatt.sys
2009-07-13 19:06 - 2009-07-13 19:06 - 000100864 ____A [7FD2A313F7AFE5C4DAB14798C48DD104] (Microsoft Corporation) C:\Windows\System32\Drivers\hidbth.sys
2013-10-08 21:24 - 2013-07-02 23:05 - 000076800 ____A [597C3699384E53CC59587ED50CCE5CA2] (Microsoft Corporation) C:\Windows\System32\Drivers\hidclass.sys
2009-07-13 19:06 - 2009-07-13 19:06 - 000046592 ____A [0A77D29F311B88CFAE3B13F9C1A73825] (Microsoft Corporation) C:\Windows\System32\Drivers\hidir.sys
2013-10-08 21:24 - 2013-07-02 23:05 - 000032896 ____A [856E76B3641746ABBC2946BED1372098] (Microsoft Corporation) C:\Windows\System32\Drivers\hidparse.sys
2011-02-22 13:43 - 2010-11-20 05:43 - 000030208 ____A [9592090A7E2B61CD582B612B6DF70536] (Microsoft Corporation) C:\Windows\System32\Drivers\hidusb.sys
2011-02-22 13:43 - 2010-11-20 08:33 - 000078720 ____A [39D2ABCD392F3D8A6DCE7B60AE7B8EFC] (Hewlett-Packard Company) C:\Windows\System32\Drivers\HpSAMD.sys
2017-07-12 03:04 - 2017-06-15 15:23 - 000753664 ____A [CF5C9BD985120781200D35FD445D0BD5] (Microsoft Corporation) C:\Windows\System32\Drivers\http.sys
2011-02-22 13:43 - 2010-11-20 08:33 - 000014720 ____A [A5462BD6884960C9DC85ED49D34FF392] (Microsoft Corporation) C:\Windows\System32\Drivers\hwpolicy.sys
2009-07-13 18:19 - 2009-07-13 18:19 - 000105472 ____A [FA55C73D4AFFA7EE23AC4BE53B4592D3] (Microsoft Corporation) C:\Windows\System32\Drivers\i8042prt.sys
2011-04-27 02:54 - 2011-03-11 01:41 - 000410496 ____A [AAAF44DB3BD0B9D1FB6969B23ECC8366] (Intel Corporation) C:\Windows\System32\Drivers\iaStorV.sys
2009-07-13 16:59 - 2009-07-13 20:48 - 000044112 ____A [5C18831C61933628F5BB0EA2675B9D21] (Intel Corp./ICP vortex GmbH) C:\Windows\System32\Drivers\iirsp.sys
2009-05-21 14:40 - 2009-05-21 14:40 - 000075336 ____A [4BFA4E7C68EFE0FB6A15C9F40385A2AE] (PACE Anti-Piracy, Inc.) C:\Windows\System32\Drivers\iLokDrvr.sys
2009-07-13 18:19 - 2009-07-13 20:48 - 000016960 ____A [F00F20E70C6EC3AA366910083A0518AA] (Microsoft Corporation) C:\Windows\System32\Drivers\intelide.sys
2009-07-13 18:19 - 2009-07-13 18:19 - 000062464 ____A [ADA036632C664CAA754079041CF1F8C1] (Microsoft Corporation) C:\Windows\System32\Drivers\intelppm.sys
2011-02-22 13:43 - 2010-11-20 05:52 - 000082944 ____A [C9F0E1BD74365A8771590E9008D22AB6] (Microsoft Corporation) C:\Windows\System32\Drivers\ipfltdrv.sys
2011-02-22 13:43 - 2010-11-20 05:04 - 000078848 ____A [0FC1AEA580957AA8817B8F305D18CA3A] (Microsoft Corporation) C:\Windows\System32\Drivers\IPMIDrv.sys
2009-07-13 19:10 - 2009-07-13 19:10 - 000116224 ____A [AF9B39A7E7B6CAA203B3862582E9F2D0] (Microsoft Corporation) C:\Windows\System32\Drivers\ipnat.sys
2009-07-13 19:09 - 2009-07-13 19:09 - 000120320 ____A [05360B1EA5A2ABF620D1D96EBD8BD8F1] (Microsoft Corporation) C:\Windows\System32\Drivers\irda.sys
2009-07-13 19:08 - 2009-07-13 19:08 - 000017920 ____A [3ABF5E7213EB28966D55D58B515D5CE9] (Microsoft Corporation) C:\Windows\System32\Drivers\irenum.sys
2009-07-13 18:31 - 2009-07-13 20:48 - 000020544 ____A [2F7B28DC3E1183E5EB418DF55C204F38] (Microsoft Corporation) C:\Windows\System32\Drivers\isapnp.sys
2011-09-17 14:55 - 2009-07-18 00:18 - 000109480 ____A [2224ABC439D115A44EDB5630A92C1D7E] (JMicron Technology Corp.) C:\Windows\System32\Drivers\jraid.sys
2009-07-13 18:19 - 2009-07-13 20:48 - 000050768 ____A [BC02336F1CBA7DCC7D1213BB588A68A5] (Microsoft Corporation) C:\Windows\System32\Drivers\kbdclass.sys
2011-02-22 13:43 - 2010-11-20 05:33 - 000033280 ____A [0705EFF5B42A9DB58548EEC3B26BB484] (Microsoft Corporation) C:\Windows\System32\Drivers\kbdhid.sys
2011-02-22 13:43 - 2010-11-20 05:33 - 000243712 ____A [24FBF5CC5C04150073C315A7C83521EE] (Microsoft Corporation) C:\Windows\System32\Drivers\ks.sys
2017-10-11 11:20 - 2017-09-13 10:32 - 000095464 ____A [DFE85B031220F8E0271716BBB3C4C8FF] (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys
2017-10-11 11:20 - 2017-09-13 10:32 - 000154856 ____A [70D7302DD70B979637179BFD8295C924] (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
2009-07-13 19:00 - 2009-07-13 19:00 - 000020992 ____A [6869281E78CB31A43E969F06B57347C4] (Microsoft Corporation) C:\Windows\System32\Drivers\ksthunk.sys
2009-07-13 19:08 - 2009-07-13 19:08 - 000060928 ____A [1538831CF8AD2979A04C423779465827] (Microsoft Corporation) C:\Windows\System32\Drivers\lltdio.sys
2009-07-13 16:59 - 2009-07-13 20:48 - 000114752 ____A [1A93E54EB0ECE102495A51266DCDB6A6] (LSI Corporation) C:\Windows\System32\Drivers\lsi_fc.sys
2009-07-13 16:59 - 2009-07-13 20:48 - 000106560 ____A [1047184A9FDC8BDBFF857175875EE810] (LSI Corporation) C:\Windows\System32\Drivers\lsi_sas.sys
2009-07-13 16:59 - 2009-07-13 20:48 - 000065600 ____A [30F5C0DE1EE8B5BC9306C1F0E4A75F93] (LSI Corporation) C:\Windows\System32\Drivers\lsi_sas2.sys
2009-07-13 16:59 - 2009-07-13 20:48 - 000115776 ____A [0504EACAFF0D3C8AED161C4B0D369D4A] (LSI Corporation) C:\Windows\System32\Drivers\lsi_scsi.sys
2017-11-15 02:49 - 2017-10-11 19:20 - 000113152 ____A [5416CEB2916BBE635288C4D1075B045E] (Microsoft Corporation) C:\Windows\System32\Drivers\luafv.sys
2017-11-24 01:31 - 2017-11-01 08:54 - 000077432 ____A [7D0520A12B31E6858B3BB7E675AFA34E] () C:\Windows\System32\Drivers\mbae64.sys
2017-11-26 13:38 - 2017-11-26 13:38 - 000192952 ____A [24C3F7C13C2490BFE9CD6AC40B9EAA5E] (Malwarebytes) C:\Windows\System32\Drivers\mbamchameleon.sys
2017-11-24 01:32 - 2017-11-24 14:54 - 000253880 ____A [B047B9CE5A0D800E6D713B43D0405221] (Malwarebytes) C:\Windows\System32\Drivers\mbamswissarmy.sys
2017-11-30 06:31 - 2017-11-30 06:31 - 000140112 ____N [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\mbbosvyc.sys
2009-07-13 19:01 - 2009-07-13 19:01 - 000022016 ____A [3C9F072F9DCA856B9FB7A20CBD4281AC] (Microsoft Corporation) C:\Windows\System32\Drivers\mcd.sys
2009-06-10 15:37 - 2009-07-13 20:48 - 000035392 ____A [A55805F747C6EDB6A9080D7C633BD0F4] (LSI Corporation) C:\Windows\System32\Drivers\megasas.sys
2009-07-13 16:59 - 2009-07-13 20:48 - 000284736 ____A [BAF74CE0072480C3B6B7C13B2A94D6B3] (LSI Corporation, Inc.) C:\Windows\System32\Drivers\MegaSR.sys
2009-07-13 19:10 - 2009-07-13 19:10 - 000040448 ____A [800BA92F7010378B09F9ED9270F07137] (Microsoft Corporation) C:\Windows\System32\Drivers\modem.sys
2009-07-13 18:38 - 2009-07-13 18:38 - 000030208 ____A [B03D591DC7DA45ECE20B3B467E6AADAA] (Microsoft Corporation) C:\Windows\System32\Drivers\monitor.sys
2009-07-13 18:19 - 2009-07-13 20:48 - 000049216 ____A [7D27EA49F3C1F687D357E77A470AEA99] (Microsoft Corporation) C:\Windows\System32\Drivers\mouclass.sys
2009-07-13 19:00 - 2009-07-13 19:00 - 000031232 ____A [D3BF052C40B0C4166D9FD86A4288C1E6] (Microsoft Corporation) C:\Windows\System32\Drivers\mouhid.sys
2017-06-14 03:49 - 2017-05-07 10:33 - 000094440 ____A [072D8646E23ECF8A3F5F0157017B4DB6] (Microsoft Corporation) C:\Windows\System32\Drivers\mountmgr.sys
2011-02-22 13:43 - 2010-11-20 08:33 - 000155008 ____A [A44B420D30BD56E145D6A2BC8768EC58] (Microsoft Corporation) C:\Windows\System32\Drivers\mpio.sys
2009-07-13 19:08 - 2009-07-13 19:08 - 000077312 ____A [6C38C9E45AE0EA2FA5E551F2ED5E978F] (Microsoft Corporation) C:\Windows\System32\Drivers\mpsdrv.sys
2016-10-13 01:29 - 2016-09-08 09:55 - 000142336 ____A [98DB1790F0A584E0A2528B92B052417F] (Microsoft Corporation) C:\Windows\System32\Drivers\mrxdav.sys
2017-10-11 11:20 - 2017-09-13 09:53 - 000159744 ____A [767C6DF04C5758B9F0790D400541B44F] (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb.sys
2017-10-11 11:20 - 2017-09-13 09:53 - 000291328 ____A [BD55F604FFABC911F8E5500186AE70E5] (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb10.sys
2017-10-11 11:20 - 2017-09-13 09:53 - 000129536 ____A [92EECFB046D4706A4B8D699A4069B6EC] (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb20.sys
2011-02-22 13:43 - 2010-11-20 08:33 - 000031104 ____A [C25F0BAFA182CBCA2DD3C851C2E75796] (Microsoft Corporation) C:\Windows\System32\Drivers\msahci.sys
2011-02-22 13:43 - 2010-11-20 08:33 - 000140672 ____A [DB801A638D011B9633829EB6F663C900] (Microsoft Corporation) C:\Windows\System32\Drivers\msdsm.sys
2009-07-13 18:19 - 2009-07-13 18:19 - 000026112 ____A [AA3FB40E17CE1388FA1BEDAB50EA8F96] (Microsoft Corporation) C:\Windows\System32\Drivers\msfs.sys
2014-10-26 03:43 - 2014-10-26 03:43 - 000000000 ___AH [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\Msft_Kernel_netaapl64_01009.Wdf
2016-05-23 15:44 - 2016-05-23 15:44 - 000000000 ___AH [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\Msft_Kernel_nnfwdk64_01009.Wdf
2012-08-15 21:22 - 2012-08-15 21:22 - 000000000 ___AH [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\Msft_Kernel_rzendpt_01009.Wdf
2015-12-02 19:02 - 2015-12-02 19:02 - 000000000 ___AH [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\Msft_Kernel_rzmpos_01009.Wdf
2012-08-15 21:23 - 2012-08-15 21:23 - 000000000 ___AH [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\Msft_Kernel_rzudd_01009.Wdf
2012-08-15 23:52 - 2012-08-15 23:52 - 000000000 ___AH [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\Msft_Kernel_SaiK0CD7_01009.Wdf
2012-08-15 21:31 - 2012-08-15 21:31 - 000000000 ___AH [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\Msft_Kernel_WinUsb_01009.Wdf
2009-10-22 22:33 - 2009-10-22 22:33 - 000000000 ___AH [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\Msft_Kernel_xusb21_01009.Wdf
2009-10-22 21:01 - 2009-10-22 21:01 - 000000000 ___AH [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2009-12-10 13:12 - 2009-12-10 13:12 - 000000000 ___AH [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2012-11-15 05:31 - 2012-06-02 09:35 - 000000003 ____A [933222B19FF3E7EA5F65517EA1F7D57E] () C:\Windows\System32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2012-11-15 05:24 - 2012-06-02 09:57 - 000000003 ____A [933222B19FF3E7EA5F65517EA1F7D57E] () C:\Windows\System32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2009-07-13 19:06 - 2009-07-13 19:06 - 000008192 ____A [F9D215A46A8B9753F61767FA72A20326] (Microsoft Corporation) C:\Windows\System32\Drivers\mshidkmdf.sys
2009-07-13 18:19 - 2009-07-13 20:48 - 000015424 ____A [D916874BBD4F8B07BFB7FA9B3CCAE29D] (Microsoft Corporation) C:\Windows\System32\Drivers\msisadrv.sys
2014-04-08 14:50 - 2014-02-03 21:35 - 000274880 ____A [96BB922A0981BC7432C8CF52B5410FE6] (Microsoft Corporation) C:\Windows\System32\Drivers\msiscsi.sys
2009-07-13 19:00 - 2009-07-13 19:00 - 000011136 ____A [49CCF2C4FEA34FFAD8B1B59D49439366] (Microsoft Corporation) C:\Windows\System32\Drivers\mskssrv.sys
2009-07-13 19:00 - 2009-07-13 19:00 - 000007168 ____A [BDD71ACE35A232104DDD349EE70E1AB3] (Microsoft Corporation) C:\Windows\System32\Drivers\mspclock.sys
2009-07-13 19:00 - 2009-07-13 19:00 - 000006784 ____A [4ED981241DB27C3383D72092B618A1D0] (Microsoft Corporation) C:\Windows\System32\Drivers\mspqm.sys
2011-02-22 13:44 - 2010-11-20 08:33 - 000366976 ____A [759A9EEB0FA9ED79DA1FB7D4EF78866D] (Microsoft Corporation) C:\Windows\System32\Drivers\msrpc.sys
2009-07-13 18:31 - 2009-07-13 20:48 - 000032320 ____A [0EED230E37515A0EAEE3C2E1BC97B288] (Microsoft Corporation) C:\Windows\System32\Drivers\mssmbios.sys
2009-07-13 19:00 - 2009-07-13 19:00 - 000008064 ____A [2E66F9ECB30B4221A318C92AC2250779] (Microsoft Corporation) C:\Windows\System32\Drivers\mstee.sys
2009-07-13 19:02 - 2009-07-13 19:02 - 000015360 ____A [7EA404308934E675BFFDE8EDF0757BCD] (Microsoft Corporation) C:\Windows\System32\Drivers\MTConfig.sys
2009-07-13 18:23 - 2009-07-13 20:48 - 000060496 ____A [F9A18612FD3526FE473C1BDA678D61C8] (Microsoft Corporation) C:\Windows\System32\Drivers\mup.sys
2016-02-06 22:59 - 2015-10-12 23:57 - 000950720 ____A [F7309F42555F8AAB7144A51A1F2585B0] (Microsoft Corporation) C:\Windows\System32\Drivers\ndis.sys
2009-07-13 19:08 - 2009-07-13 19:08 - 000035328 ____A [9F9A1F53AAD7DA4D6FEF5BB73AB811AC] (Microsoft Corporation) C:\Windows\System32\Drivers\ndiscap.sys
2009-07-13 19:10 - 2009-07-13 19:10 - 000024064 ____A [30639C932D9FEF22B31268FE25A1B6E5] (Microsoft Corporation) C:\Windows\System32\Drivers\ndistapi.sys
2011-02-22 13:43 - 2010-11-20 05:50 - 000056832 ____A [136185F9FB2CC61E573E676AA5402356] (Microsoft Corporation) C:\Windows\System32\Drivers\ndisuio.sys
2011-02-22 13:43 - 2010-11-20 05:52 - 000164352 ____A [53F7305169863F0A2BDDC49E116C2E11] (Microsoft Corporation) C:\Windows\System32\Drivers\ndiswan.sys
2011-02-22 13:43 - 2010-11-20 05:52 - 000057856 ____A [015C0D8E0E0421B4CFD48CFFE2825879] (Microsoft Corporation) C:\Windows\System32\Drivers\ndproxy.sys
2015-08-10 02:44 - 2015-08-10 02:44 - 000028768 ____A [DAED75AD4EE2BDD36457A90049DBFAF8] (SoftEther VPN Project at University of Tsukuba, Japan.) C:\Windows\System32\Drivers\Neo_0012.sys
2015-08-10 01:00 - 2015-08-10 01:00 - 000028768 ____A [DAED75AD4EE2BDD36457A90049DBFAF8] (SoftEther VPN Project at University of Tsukuba, Japan.) C:\Windows\System32\Drivers\Neo_0017.sys
2015-09-22 19:33 - 2015-09-22 19:33 - 000028768 ____A [DAED75AD4EE2BDD36457A90049DBFAF8] (SoftEther VPN Project at University of Tsukuba, Japan.) C:\Windows\System32\Drivers\Neo_0030.sys
2015-06-07 10:26 - 2015-06-07 10:26 - 000028768 ____A [DAED75AD4EE2BDD36457A90049DBFAF8] (SoftEther VPN Project at University of Tsukuba, Japan.) C:\Windows\System32\Drivers\Neo_0053.sys
2015-06-07 01:20 - 2015-06-07 01:20 - 000028768 ____A [DAED75AD4EE2BDD36457A90049DBFAF8] (SoftEther VPN Project at University of Tsukuba, Japan.) C:\Windows\System32\Drivers\Neo_0095.sys
2015-01-11 19:29 - 2015-01-11 19:29 - 000028768 ____A [DAED75AD4EE2BDD36457A90049DBFAF8] (SoftEther VPN Project at University of Tsukuba, Japan.) C:\Windows\System32\Drivers\Neo_0103.sys
2015-08-09 16:11 - 2015-08-09 16:11 - 000028768 ____A [DAED75AD4EE2BDD36457A90049DBFAF8] (SoftEther VPN Project at University of Tsukuba, Japan.) C:\Windows\System32\Drivers\Neo_0111.sys
2013-07-25 16:53 - 2013-07-25 16:53 - 000023040 ____A [EE00C544C025958AF50C7B199F3C8595] (Apple Inc.) C:\Windows\System32\Drivers\netaapl64.sys
2009-07-13 19:09 - 2009-07-13 19:09 - 000044544 ____A [86743D9F5D2B1048062B14B1D84501C4] (Microsoft Corporation) C:\Windows\System32\Drivers\netbios.sys
2017-09-13 11:12 - 2017-08-11 01:00 - 000262656 ____A [734837208CAFD6E0959A7A0333C95C9D] (Microsoft Corporation) C:\Windows\System32\Drivers\netbt.sys
2017-07-12 03:04 - 2017-05-29 23:56 - 000377576 ____A [0A3848951C6C8922DD04CCC3808F2B83] (Microsoft Corporation) C:\Windows\System32\Drivers\netio.sys
2009-07-13 16:59 - 2009-07-13 20:48 - 000051264 ____A [77889813BE4D166CDAB78DDBA990DA92] (IBM Corporation) C:\Windows\System32\Drivers\nfrd960.sys
2013-02-28 20:49 - 2013-02-28 20:49 - 000036600 ____A [DE7FCC77F4A503AF4CA6A47D49B3713D] (Riverbed Technology, Inc.) C:\Windows\System32\Drivers\npf.sys
2009-07-13 18:19 - 2009-07-13 18:19 - 000044032 ____A [1E4C4AB5C9B8DD13179BBDC75A2A01F7] (Microsoft Corporation) C:\Windows\System32\Drivers\npfs.sys
2017-09-13 11:12 - 2017-08-11 00:58 - 000026112 ____A [BE313E566EEA2A4B7F9AAC9782A567D4] (Microsoft Corporation) C:\Windows\System32\Drivers\nsiproxy.sys
2017-11-15 02:49 - 2017-10-16 18:07 - 001680616 ____A [1065D9AFE491706EB00AD3CBB76C9E54] (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys
2009-07-13 18:19 - 2009-07-13 18:19 - 000006144 ____A [9899284589F75FA8724FF3D16AED75C1] (Microsoft Corporation) C:\Windows\System32\Drivers\null.sys
2009-07-13 18:38 - 2009-07-13 20:48 - 000122960 ____A [270D7CD42D6E3979F6DD0146650F0E05] (Microsoft Corporation) C:\Windows\System32\Drivers\NV_AGP.SYS
2011-04-27 02:54 - 2011-03-11 01:41 - 000148352 ____A [0A92CB65770442ED0DC44834632F66AD] (NVIDIA Corporation) C:\Windows\System32\Drivers\nvraid.sys
2011-04-27 02:54 - 2011-03-11 01:41 - 000166272 ____A [DAB0E87525C10052BF65F06152F37E4A] (NVIDIA Corporation) C:\Windows\System32\Drivers\nvstor.sys
2017-10-11 11:20 - 2017-09-13 10:05 - 000324608 ____A [9FB2A095B1166CB3C9A06651863B3452] (Microsoft Corporation) C:\Windows\System32\Drivers\nwifi.sys
2009-07-13 19:06 - 2009-07-13 19:06 - 000072832 ____A [3589478E4B22CE21B41FA1BFC0B8B8A0] (Microsoft Corporation) C:\Windows\System32\Drivers\ohci1394.sys
2011-02-22 13:43 - 2010-11-20 05:52 - 000131584 ____A [0557CF5A2556BD58E26384169D72438D] (Microsoft Corporation) C:\Windows\System32\Drivers\pacer.sys
2009-07-13 19:00 - 2009-07-13 19:00 - 000097280 ____A [0086431C29C35BE1DBC43F52CC273887] (Microsoft Corporation) C:\Windows\System32\Drivers\parport.sys
2012-05-09 04:01 - 2012-03-17 02:58 - 000075120 ____A [E9766131EEADE40A27DC27D2D68FBA9C] (Microsoft Corporation) C:\Windows\System32\Drivers\partmgr.sys
2011-02-22 13:43 - 2010-11-20 08:33 - 000184704 ____A [94575C0571D1462A0F70BDE6BD6EE6B3] (Microsoft Corporation) C:\Windows\System32\Drivers\pci.sys
2009-07-13 18:19 - 2009-07-13 20:45 - 000012352 ____A [B5B8B5EF2E5CB34DF8DCF8831E3534FA] (Microsoft Corporation) C:\Windows\System32\Drivers\pciide.sys
2009-07-13 18:19 - 2009-07-13 20:45 - 000048720 ____A [144497DAA145BA0F7BE896064146C058] (Microsoft Corporation) C:\Windows\System32\Drivers\pciidex.sys
2009-07-13 18:31 - 2009-07-13 20:45 - 000220752 ____A [B2E81D4E87CE48589F98CB8C05B01F2F] (Microsoft Corporation) C:\Windows\System32\Drivers\pcmcia.sys
2009-07-13 18:19 - 2009-07-13 20:45 - 000050768 ____A [D6B9C2E1A11A3A4B26A182FFEF18F603] (Microsoft Corporation) C:\Windows\System32\Drivers\pcw.sys
2016-09-21 00:27 - 2016-06-14 12:11 - 000663552 ____A [EA4D67448BE493D543F1730D6CD04694] (Microsoft Corporation) C:\Windows\System32\Drivers\PEAuth.sys
2016-02-06 22:58 - 2015-12-08 13:12 - 000230400 ____A [647599CAE8CA0EF2FB09C4B150BC97FF] (Microsoft Corporation) C:\Windows\System32\Drivers\portcls.sys
2009-07-13 18:19 - 2009-07-13 18:19 - 000060416 ____A [0D922E23C041EFB1C3FAC2A6F943C9BF] (Microsoft Corporation) C:\Windows\System32\Drivers\processr.sys
2010-04-11 12:00 - 2011-11-03 03:01 - 000056208 ____N [BC08F7F3C53CBEE68670ED1314E290FD] (Rovi Corporation) C:\Windows\System32\Drivers\PxHlpa64.sys
2009-06-10 15:37 - 2009-07-13 20:45 - 001524816 ____A [A53A15A11EBFD21077463EE2C7AFEEF0] (QLogic Corporation) C:\Windows\System32\Drivers\ql2300.sys
2009-07-13 16:59 - 2009-07-13 20:45 - 000128592 ____A [4F6D12B51DE1AAEFF7DC58C4D75423C8] (QLogic Corporation) C:\Windows\System32\Drivers\ql40xx.sys
2009-07-13 19:09 - 2009-07-13 19:09 - 000046592 ____A [76707BB36430888D9CE9D705398ADB6C] (Microsoft Corporation) C:\Windows\System32\Drivers\qwavedrv.sys
2009-07-13 19:10 - 2009-07-13 19:10 - 000014848 ____A [5A0DA8AD5762FA2D91678A8A01311704] (Microsoft Corporation) C:\Windows\System32\Drivers\rasacd.sys
2011-02-22 13:43 - 2010-11-20 05:52 - 000129536 ____A [471815800AE33E6F1C32FB1B97C490CA] (Microsoft Corporation) C:\Windows\System32\Drivers\rasl2tp.sys
2009-07-13 19:10 - 2009-07-13 19:10 - 000092672 ____A [855C9B1CD4756C5E9A2AA58A15F58C25] (Microsoft Corporation) C:\Windows\System32\Drivers\raspppoe.sys
2011-02-22 13:43 - 2010-11-20 05:52 - 000111104 ____A [F92A2C41117A11A00BE01CA01A7FCDE9] (Microsoft Corporation) C:\Windows\System32\Drivers\raspptp.sys
2009-07-13 19:10 - 2009-07-13 19:10 - 000083968 ____A [E8B1E447B008D07FF47D016C2B0EEECB] (Microsoft Corporation) C:\Windows\System32\Drivers\rassstp.sys
2011-02-22 13:44 - 2010-11-20 04:27 - 000309248 ____A [77F665941019A1594D887A74F301FA2F] (Microsoft Corporation) C:\Windows\System32\Drivers\rdbss.sys
2009-07-13 19:17 - 2009-07-13 19:17 - 000024064 ____A [302DA2A0539F2CF54D7C6CC30C1F2D8D] (Microsoft Corporation) C:\Windows\System32\Drivers\rdpbus.sys
2009-07-13 19:16 - 2009-07-13 19:16 - 000007680 ____A [CEA6CC257FC9B7715F1C2B4849286D24] (Microsoft Corporation) C:\Windows\System32\Drivers\RDPCDD.sys
2011-02-22 13:43 - 2010-11-20 06:06 - 000165888 ____A [1B6163C503398B23FF8B939C67747683] (Microsoft Corporation) C:\Windows\System32\Drivers\rdpdr.sys
2009-07-13 19:16 - 2009-07-13 19:16 - 000007680 ____A [BB5971A4F00659529A5C44831AF22365] (Microsoft Corporation) C:\Windows\System32\Drivers\RDPENCDD.sys
2009-07-13 19:16 - 2009-07-13 19:16 - 000008192 ____A [216F3FA57533D98E1F74DED70113177A] (Microsoft Corporation) C:\Windows\System32\Drivers\RDPREFMP.sys
2012-10-24 04:32 - 2012-08-23 09:10 - 000019456 ____A [313F68E1A3E6345A4F47A36B07062F34] (Microsoft Corporation) C:\Windows\System32\Drivers\rdpvideominiport.sys
2014-10-14 14:59 - 2014-07-16 20:21 - 000212480 ____A [FE571E088C2D83619D2D48D4E961BF41] (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys
2011-02-22 13:43 - 2010-11-20 08:33 - 000213888 ____A [34ED295FA0121C241BFEF24764FC4520] (Microsoft Corporation) C:\Windows\System32\Drivers\rdyboost.sys
2007-02-15 19:56 - 2007-02-15 19:56 - 000014032 ____A [8015D36E5AB9B231507B2BCF0CEB0C73] (Elaborate Bytes AG) C:\Windows\System32\Drivers\RegKill.sys
2009-07-13 19:06 - 2009-07-13 19:06 - 000158720 ____A [3DD798846E2C28102B922C56E71B7932] (Microsoft Corporation) C:\Windows\System32\Drivers\rfcomm.sys
2016-02-06 22:58 - 2015-11-05 04:53 - 000146944 ____A [5BD6B1EC997FF3DD779D62E05D2079A8] (Microsoft Corporation) C:\Windows\System32\Drivers\rmcast.sys
2012-09-12 03:44 - 2012-07-04 15:26 - 000041472 ____A [0E01641D96889BDEB22DE12D30575B08] (Microsoft Corporation) C:\Windows\System32\Drivers\RNDISMP.sys
2009-07-13 19:10 - 2009-07-13 19:10 - 000011264 ____A [388D3DD1A6457280F3BADBA9F3ACD6B1] (Microsoft Corporation) C:\Windows\System32\Drivers\rootmdm.sys
2009-07-13 19:08 - 2009-07-13 19:08 - 000076800 ____A [DDC86E4F8E7456261E637E3552E804FF] (Microsoft Corporation) C:\Windows\System32\Drivers\rspndr.sys
2011-06-10 05:34 - 2011-06-10 05:34 - 000539240 ____A [EE082E06A82FF630351D1E0EBBD3D8D0] (Realtek ) C:\Windows\System32\Drivers\Rt64win7.sys
2016-10-30 08:08 - 2016-10-30 08:08 - 000052248 ____A [53AD100D0500FEA97C47EFA8FDD5F2B7] (Razer Inc) C:\Windows\System32\Drivers\rzendpt.sys
2016-10-30 08:08 - 2016-10-30 08:08 - 000048152 ____A [B1EC5E403363E26CC102B5241B9B246F] (Razer Inc) C:\Windows\System32\Drivers\rzmpos.sys
2017-08-02 18:50 - 2017-07-18 17:02 - 000043256 ____A [93CAAF677105116CA82C97AE849EB783] (Razer, Inc.) C:\Windows\System32\Drivers\rzpmgrk.sys
2014-11-13 14:45 - 2017-07-16 14:40 - 000137208 ____A [D4A299C595D35264B5CFD12490A138DC] (Razer, Inc.) C:\Windows\System32\Drivers\rzpnk.sys
2016-10-30 08:08 - 2016-10-30 08:08 - 000204824 ____A [C87957DBF0B18C6445FC03220370C87F] (Razer Inc) C:\Windows\System32\Drivers\rzudd.sys
2012-06-26 09:38 - 2012-06-26 09:38 - 000052200 ____A [4BA85056D51E4F63FB408E2BE6AA1066] (Saitek) C:\Windows\System32\Drivers\SaiBus.sys
2011-09-20 08:32 - 2011-09-20 08:32 - 000183104 ____A [2E6A17E1160B488C784FEE9E55EBD5E2] (Saitek) C:\Windows\System32\Drivers\SaiK0CD7.sys
2012-06-26 09:38 - 2012-06-26 09:38 - 000024680 ____A [85C9ACF89D132237EA00211B8727DA4A] (Saitek) C:\Windows\System32\Drivers\SaiMini.sys
2011-09-20 08:32 - 2011-09-20 08:32 - 000047168 ____A [C15DDCCE5FAD5BA211CF01558219AB21] (Saitek) C:\Windows\System32\Drivers\SaiU0CD7.sys
2011-02-22 13:43 - 2010-11-20 08:33 - 000103808 ____A [AC03AF3329579FFFB455AA2DAABBE22B] (Microsoft Corporation) C:\Windows\System32\Drivers\sbp2port.sys
2011-02-22 13:43 - 2010-11-20 05:09 - 000029696 ____A [253F38D0D7074C02FF8DEB9836C97D2B] (Microsoft Corporation) C:\Windows\System32\Drivers\scfilter.sys
2011-02-22 13:43 - 2010-11-20 08:33 - 000171392 ____A [1B1E264203D4EF9D3DA1987AD70355AB] (Microsoft Corporation) C:\Windows\System32\Drivers\scsiport.sys
2009-07-13 21:36 - 2009-06-10 15:37 - 000023040 ____A [3EA8A16169C26AFBEB544E0E48421186] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) C:\Windows\System32\Drivers\secdrv.sys
2015-01-11 19:49 - 2015-01-11 19:49 - 000038240 ____A [3E027E177C0FABC1047A3079FD106A8C] (SoftEther VPN Project at University of Tsukuba, Japan.) C:\Windows\System32\Drivers\see.sys
2009-07-13 19:00 - 2009-07-13 19:00 - 000023552 ____A [CB624C0035412AF0DEBEC78C41F5CA1B] (Microsoft Corporation) C:\Windows\System32\Drivers\serenum.sys
2009-07-13 19:00 - 2009-07-13 19:00 - 000094208 ____A [C1D8E28B2C2ADFAEC4BA89E9FDA69BD6] (Brother Industries Ltd.) C:\Windows\System32\Drivers\serial.sys
2009-07-13 19:00 - 2009-07-13 19:00 - 000026624 ____A [1C545A7D0691CC4A027396535691C3E3] (Microsoft Corporation) C:\Windows\System32\Drivers\sermouse.sys
2009-07-13 19:35 - 2009-07-13 19:35 - 000012288 ____A [DECACB6921DED1A38642642685D77DAC] (Microsoft Corporation) C:\Windows\System32\Drivers\serscan.sys
2009-07-13 19:01 - 2009-07-13 19:01 - 000014336 ____A [A554811BCD09279536440C964AE35BBF] (Microsoft Corporation) C:\Windows\System32\Drivers\sffdisk.sys
2009-07-13 19:01 - 2009-07-13 19:01 - 000013824 ____A [FF414F0BAEFEBA59BC6C04B3DB0B87BF] (Microsoft Corporation) C:\Windows\System32\Drivers\sffp_mmc.sys
2011-02-22 13:43 - 2010-11-20 05:34 - 000014336 ____A [DD85B78243A19B59F0637DCF284DA63C] (Microsoft Corporation) C:\Windows\System32\Drivers\sffp_sd.sys
2009-07-13 19:01 - 2009-07-13 19:01 - 000016896 ____A [A9D601643A1647211A1EE2EC4E433FF4] (Microsoft Corporation) C:\Windows\System32\Drivers\sfloppy.sys
2009-06-10 15:37 - 2009-07-13 20:45 - 000043584 ____A [843CAF1E5FDE1FFD5FF768F23A51E2E1] (Silicon Integrated Systems Corp.) C:\Windows\System32\Drivers\sisraid2.sys
2009-07-13 16:59 - 2009-07-13 20:45 - 000080464 ____A [6A6C106D42E9FFFF8B9FCB4F754F6DA4] (Silicon Integrated Systems) C:\Windows\System32\Drivers\sisraid4.sys
2009-07-13 19:09 - 2009-07-13 19:09 - 000093184 ____A [548260A7B8654E024DC30BF8A7C5BAA4] (Microsoft Corporation) C:\Windows\System32\Drivers\smb.sys
2009-07-13 19:00 - 2009-07-13 19:00 - 000020992 ____A [A80348BA03E96C70852959655CA3E084] (Microsoft Corporation) C:\Windows\System32\Drivers\smclib.sys
2009-07-13 15:27 - 2009-07-13 20:45 - 000019008 ____A [B9E31E5CACDFE584F34F730A677803F9] (Microsoft Corporation) C:\Windows\System32\Drivers\spldr.sys
2009-06-10 15:48 - 2009-06-10 15:48 - 000426496 ____A [FFF95479C7AB1550F0750A5D01744211] (Microsoft Corporation) C:\Windows\System32\Drivers\spsys.sys
2017-10-11 11:20 - 2017-09-07 09:55 - 000461312 ____A [72E6A150A8C8530B201832D1C801CDE6] (Microsoft Corporation) C:\Windows\System32\Drivers\srv.sys
2017-10-11 11:20 - 2017-09-07 09:55 - 000405504 ____A [C4F67ABCC5033D334613F28F9E782809] (Microsoft Corporation) C:\Windows\System32\Drivers\srv2.sys
2017-10-11 11:20 - 2017-09-07 09:55 - 000168448 ____A [C53CB62B0E57488AAE41FDA0FF8A0AB9] (Microsoft Corporation) C:\Windows\System32\Drivers\srvnet.sys
2009-07-13 16:59 - 2009-07-13 20:45 - 000024656 ____A [F3817967ED533D08327DC73BC4D5542A] (Promise Technology) C:\Windows\System32\Drivers\stexstor.sys
2014-04-08 14:50 - 2014-02-03 21:35 - 000190912 ____A [A3F0BC5897F9D3786A3CB695B163633A] (Microsoft Corporation) C:\Windows\System32\Drivers\storport.sys
2011-02-22 13:43 - 2010-11-20 08:34 - 000034688 ____A [D34E4943D5AC096C8EDEEBFD80D76E23] (Microsoft Corporation) C:\Windows\System32\Drivers\storvsc.sys
2015-06-10 01:04 - 2015-04-10 22:19 - 000069888 ____A [36E0DDD19038C92B7C7709BFA03F813F] (Microsoft Corporation) C:\Windows\System32\Drivers\stream.sys
2009-07-13 19:00 - 2009-07-13 20:45 - 000012496 ____A [D01EC09B6711A5F8E7E6564A4D0FBC90] (Microsoft Corporation) C:\Windows\System32\Drivers\swenum.sys
2009-07-13 19:01 - 2009-07-13 19:01 - 000029184 ____A [6E316C01CBA8B785FE495F5CC4F48C6F] (Microsoft Corporation) C:\Windows\System32\Drivers\tape.sys
2017-07-12 03:04 - 2017-05-29 23:56 - 001895656 ____A [7FB36A0A036ADDACE0A868E4A43C1C27] (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2016-08-17 08:45 - 2016-07-07 10:08 - 000046080 ____A [7FE5586314EE7D6AA8483264A089E5AF] (Microsoft Corporation) C:\Windows\System32\Drivers\tcpipreg.sys
2011-02-22 13:43 - 2010-11-20 04:22 - 000026624 ____A [6F020A220388ECA0AB6062DC27BD16B6] (Microsoft Corporation) C:\Windows\System32\Drivers\tdi.sys
2009-07-13 19:16 - 2009-07-13 19:16 - 000015872 ____A [3371D21011695B16333A3934340C4E7C] (Microsoft Corporation) C:\Windows\System32\Drivers\tdpipe.sys
2012-03-14 04:31 - 2012-02-16 23:57 - 000023552 ____A [51C5ECEB1CDEE2468A1748BE550CFBC8] (Microsoft Corporation) C:\Windows\System32\Drivers\tdtcp.sys
2017-08-09 01:10 - 2017-07-29 09:56 - 000117248 ____A [4DD986720F7CB7A8A5D1226793097B9A] (Microsoft Corporation) C:\Windows\System32\Drivers\tdx.sys
2011-02-22 13:43 - 2010-11-20 08:33 - 000063360 ____A [561E7E1F06895D78DE991E01DD0FB6E5] (Microsoft Corporation) C:\Windows\System32\Drivers\termdd.sys
2017-11-24 23:27 - 2017-11-25 00:50 - 000028272 ____A [0D5A09B08568760AE85A801FCBC0F83D] () C:\Windows\System32\Drivers\TrueSight.sys
2017-10-11 11:20 - 2017-08-13 16:45 - 000040448 ____A [2CF58216424757ED29605B4F18EC443C] (Microsoft Corporation) C:\Windows\System32\Drivers\tssecsrv.sys
2013-11-12 16:36 - 2013-10-01 21:22 - 000056832 ____A [E9981ECE8D894CEF7038FD1D040EB426] (Microsoft Corporation) C:\Windows\System32\Drivers\TsUsbFlt.sys
2011-02-22 13:43 - 2010-11-20 05:51 - 000125440 ____A [3566A8DAAFA27AF944F5D705EAA64894] (Microsoft Corporation) C:\Windows\System32\Drivers\tunnel.sys
2009-10-23 00:03 - 2005-12-14 16:06 - 000005584 ____A [9B4DA0FA05089630B1B169C2EA835CE1] () C:\Windows\System32\Drivers\tusbez.bin
2009-10-23 00:03 - 2006-01-12 11:49 - 000006979 ____A [066D90AF2E080E820595FE8F8DDEE07B] () C:\Windows\System32\Drivers\TUSBEZ3.BIN
2009-07-13 18:38 - 2009-07-13 20:45 - 000064080 ____A [B4DD609BD7E282BFC683CEC7EAAAAD67] (Microsoft Corporation) C:\Windows\System32\Drivers\UAGP35.SYS
2011-02-22 13:43 - 2010-11-20 04:26 - 000328192 ____A [FF4232A1A64012BAA1FD97C7B67DF593] (Microsoft Corporation) C:\Windows\System32\Drivers\udfs.sys
2009-07-13 18:38 - 2009-07-13 20:45 - 000064592 ____A [4BFE1BC28391222894CBF1E7D0E42320] (Microsoft Corporation) C:\Windows\System32\Drivers\ULIAGPKX.SYS
2011-02-22 13:43 - 2010-11-20 05:44 - 000048640 ____A [DC54A574663A895C8763AF0FA1FF7561] (Microsoft Corporation) C:\Windows\System32\Drivers\umbus.sys
2009-07-13 19:06 - 2009-07-13 19:06 - 000009728 ____A [B2E8E8CB557B156DA5493BBDDCC1474D] (Microsoft Corporation) C:\Windows\System32\Drivers\umpass.sys
2013-03-13 04:16 - 2013-02-11 23:12 - 000019968 ____A [92B3172E8C14C1444682F510843A9988] (Microsoft Corporation) C:\Windows\System32\Drivers\usb8023.sys
2015-06-10 22:08 - 2015-06-10 22:08 - 000054784 ____A [F957092C63CD71D85903CA0D8370F473] (Apple, Inc.) C:\Windows\System32\Drivers\usbaapl64.sys
2013-10-08 21:24 - 2013-07-12 05:40 - 000109824 ____A [B0435098C81D04CAFFF80DDB746CD3A2] (Microsoft Corporation) C:\Windows\System32\Drivers\USBAUDIO.sys
2011-02-22 13:43 - 2010-11-20 05:44 - 000032896 ____A [292A8E03B3FCE04E39B5BE9B14132030] (Microsoft Corporation) C:\Windows\System32\Drivers\USBCAMD2.sys
2017-11-15 02:49 - 2017-10-17 21:06 - 000099840 ____A [9E68E917FB4B5C983438969643F53BEF] (Microsoft Corporation) C:\Windows\System32\Drivers\usbccgp.sys
2013-10-08 21:24 - 2013-07-12 05:41 - 000100864 ____A [80B0F7D5CCF86CEB5D402EAAF61FEC31] (Microsoft Corporation) C:\Windows\System32\Drivers\usbcir.sys
2017-11-15 02:49 - 2017-10-17 21:06 - 000007808 ____A [D017EED379FFE7CCFF0F825D53AB8096] (Microsoft Corporation) C:\Windows\System32\Drivers\usbd.sys
2017-11-15 02:49 - 2017-10-17 21:06 - 000056320 ____A [3F9D3902CE931E2A28DD8452AE915B67] (Microsoft Corporation) C:\Windows\System32\Drivers\usbehci.sys
2017-11-15 02:49 - 2017-10-17 21:06 - 000344064 ____A [86B65EEBC03B936DE8B26E5A18D98FA2] (Microsoft Corporation) C:\Windows\System32\Drivers\usbhub.sys
2017-11-15 02:49 - 2017-10-17 21:06 - 000025600 ____A [099C2931C6F73EB1B9E13C560F61B50D] (Microsoft Corporation) C:\Windows\System32\Drivers\usbohci.sys
2017-11-15 02:49 - 2017-10-17 21:06 - 000327168 ____A [03BE4B07FADA1FEA51480453EA229642] (Microsoft Corporation) C:\Windows\System32\Drivers\usbport.sys
2009-07-13 19:38 - 2009-07-13 19:38 - 000025088 ____A [73188F58FB384E75C4063D29413CEE3D] (Microsoft Corporation) C:\Windows\System32\Drivers\usbprint.sys
2011-02-22 13:43 - 2010-11-20 06:37 - 000031744 ____A [C3EC945DEC43C00E2AD4C98DDDD064C7] (Microsoft Corporation) C:\Windows\System32\Drivers\usbrpm.sys
2016-03-17 00:26 - 2016-02-03 13:07 - 000091648 ____A [D029DD09E22EB24318A8FC3D8138BA43] (Microsoft Corporation) C:\Windows\System32\Drivers\USBSTOR.SYS
2017-11-15 02:49 - 2017-10-17 21:06 - 000030720 ____A [5D7651347C7D702F4A5DE53603DC024F] (Microsoft Corporation) C:\Windows\System32\Drivers\usbuhci.sys
2013-10-08 21:24 - 2013-07-12 05:41 - 000185344 ____A [1F775DA4CF1A3A1834207E975A72E9D7] (Microsoft Corporation) C:\Windows\System32\Drivers\usbvideo.sys
2009-07-13 19:01 - 2009-07-13 20:45 - 000036432 ____A [C5C876CCFC083FF3B128F933823E87BD] (Microsoft Corporation) C:\Windows\System32\Drivers\vdrvroot.sys
2009-07-13 18:38 - 2009-07-13 18:38 - 000029184 ____A [53E92A310193CB3C03BEA963DE7D9CFC] (Microsoft Corporation) C:\Windows\System32\Drivers\vga.sys
2009-07-13 18:38 - 2009-07-13 18:38 - 000029184 ____A [DA4DA3F5E02943C2DC8C6ED875DE68DD] (Microsoft Corporation) C:\Windows\System32\Drivers\vgapnp.sys
2011-02-22 13:44 - 2010-11-20 08:34 - 000215936 ____A [2CE2DF28C83AEAF30084E1B1EB253CBB] (Microsoft Corporation) C:\Windows\System32\Drivers\vhdmp.sys
2009-10-22 22:05 - 2009-07-09 22:07 - 001222144 ____A [627270F2103D41086BAB9675A3315DAB] (VIA Technologies, Inc.) C:\Windows\System32\Drivers\viahduaa.sys
2009-07-13 18:19 - 2009-07-13 20:45 - 000017488 ____A [E5689D93FFE4E5D66C0178761240DD54] (VIA Technologies, Inc.) C:\Windows\System32\Drivers\viaide.sys
2009-07-13 18:38 - 2009-07-13 18:38 - 000129024 ____A [E7353D59C9842BC7299FAEB7E7E09340] (Microsoft Corporation) C:\Windows\System32\Drivers\videoprt.sys
2014-12-17 04:53 - 2013-09-03 12:29 - 000031080 ____A [ADD2FE1A9F4EE41A6D724819550D4E1F] (Wondershare) C:\Windows\System32\Drivers\VirtualAudio.sys
2011-02-22 13:43 - 2010-11-20 08:34 - 000199552 ____A [86EA3E79AE350FEA5331A1303054005F] (Microsoft Corporation) C:\Windows\System32\Drivers\vmbus.sys
2011-02-22 13:43 - 2010-11-20 04:57 - 000021760 ____A [7DE90B48F210D29649380545DB45A187] (Microsoft Corporation) C:\Windows\System32\Drivers\VMBusHID.sys
2011-02-22 13:43 - 2010-11-20 04:57 - 000006656 ____A [E60C0A09F997826C7627B244195AB581] (Microsoft Corporation) C:\Windows\System32\Drivers\vms3cap.sys
2011-02-22 13:43 - 2010-11-20 08:34 - 000046464 ____A [7785DC213270D2FC066538DAF94087E7] (Microsoft Corporation) C:\Windows\System32\Drivers\vmstorfl.sys
2011-02-22 13:43 - 2010-11-20 08:34 - 000071552 ____A [D2AAFD421940F640B407AEFAAEBD91B0] (Microsoft Corporation) C:\Windows\System32\Drivers\volmgr.sys
2017-08-09 01:10 - 2017-07-07 10:33 - 000363752 ____A [85C5468BC395819AE2A0C747334BA14C] (Microsoft Corporation) C:\Windows\System32\Drivers\volmgrx.sys
2011-02-22 13:44 - 2010-11-20 08:34 - 000295808 ____A [0D08D2F3B3FF84E433346669B5E0F639] (Microsoft Corporation) C:\Windows\System32\Drivers\volsnap.sys
2011-02-22 13:44 - 2010-11-20 08:34 - 000194944 ____A [B4A73CA4EF9A02B9738CEA9AD5FE5917] (Microsoft Corporation) C:\Windows\System32\Drivers\vpchbus.sys
2011-02-22 13:44 - 2010-11-20 06:35 - 000059392 ____A [E675FB2B48C54F09895482E2253B289C] (Microsoft Corporation) C:\Windows\System32\Drivers\vpcnfltr.sys
2011-02-22 13:44 - 2010-11-20 06:35 - 000095232 ____A [5FB42082B0D19A0268705F1DD343DF20] (Microsoft Corporation) C:\Windows\System32\Drivers\vpcusb.sys
2011-02-22 13:44 - 2010-11-20 06:35 - 000016384 ____A [63F4E10873BEB4124028C6D1A66B0968] (Microsoft Corporation) C:\Windows\System32\Drivers\vpcuxd.sys
2011-02-22 13:44 - 2010-11-20 08:34 - 000360832 ____A [207B6539799CC1C112661A9B620DD233] (Microsoft Corporation) C:\Windows\System32\Drivers\vpcvmm.sys
2009-06-10 15:37 - 2009-07-13 20:45 - 000161872 ____A [5E2016EA6EBACA03C04FEAC5F330D997] (VIA Technologies Inc.,Ltd) C:\Windows\System32\Drivers\vsmraid.sys
2009-07-13 19:07 - 2009-07-13 19:07 - 000024576 ____A [36D4720B72B5C5D9CB2B9C29E9DF67A1] (Microsoft Corporation) C:\Windows\System32\Drivers\vwifibus.sys
2009-07-13 19:07 - 2009-07-13 19:07 - 000059904 ____A [6A3D66263414FF0D6FA754C646612F3F] (Microsoft Corporation) C:\Windows\System32\Drivers\vwififlt.sys
2009-07-13 19:07 - 2009-07-13 19:07 - 000017920 ____A [6A638FC4BFDDC4D9B186C28C91BD1A01] (Microsoft Corporation) C:\Windows\System32\Drivers\vwifimp.sys
2009-07-13 19:02 - 2009-07-13 19:02 - 000027776 ____A [4E9440F4F152A7B944CB1663D3935A3E] (Microsoft Corporation) C:\Windows\System32\Drivers\wacompen.sys
2011-02-22 13:43 - 2010-11-20 05:52 - 000088576 ____A [356AFD78A6ED4457169241AC3965230C] (Microsoft Corporation) C:\Windows\System32\Drivers\wanarp.sys
2009-07-13 18:37 - 2009-07-13 18:37 - 000042496 ____A [FC438D1430B28618E2D0C7C332A710AD] (Microsoft Corporation) C:\Windows\System32\Drivers\watchdog.sys
2009-07-13 18:19 - 2009-07-13 20:45 - 000021056 ____A [72889E16FF12BA0F235467D6091B17DC] (Microsoft Corporation) C:\Windows\System32\Drivers\wd.sys
2016-08-05 10:34 - 2016-08-05 10:34 - 000023200 ____A [CC46CB1B492D69A5EF554F807DA01729] (Western Digital Technologies) C:\Windows\System32\Drivers\wdcsam64_prewin8.sys
2013-10-08 21:25 - 2013-06-25 17:55 - 000785624 ____A [E2C933EDBC389386EBE6D2BA953F43D8] (Microsoft Corporation) C:\Windows\System32\Drivers\Wdf01000.sys
2016-02-21 19:01 - 2016-02-21 19:01 - 001804696 ____A [AD9F7D4EDD18067202D3BE7E00074134] (Microsoft Corporation) C:\Windows\System32\Drivers\WdfCoInstaller01011.dll
2012-11-15 05:31 - 2012-07-25 23:55 - 000054376 ____A [AEA0A67275CFBA0E463E00C6E9A1DDAE] (Microsoft Corporation) C:\Windows\System32\Drivers\WdfLdr.sys
2009-07-13 19:09 - 2009-07-13 19:09 - 000012800 ____A [611B23304BF067451A9FDEE01FBDD725] (Microsoft Corporation) C:\Windows\System32\Drivers\wfplwf.sys
2009-07-13 18:29 - 2009-07-13 20:45 - 000022096 ____A [05ECAEC3E4529A7153B3136CEB49F0EC] (Microsoft Corporation) C:\Windows\System32\Drivers\wimmount.sys
2011-02-22 13:43 - 2010-11-20 08:33 - 000052096 ____A [B4A1002206F6810EABC027DBBCE3B737] (Microsoft Corporation) C:\Windows\System32\Drivers\winhv.sys
2011-02-22 13:43 - 2010-11-20 05:43 - 000041984 ____A [FE88B288356E7B47B74B13372ADD906D] (Microsoft Corporation) C:\Windows\System32\Drivers\winusb.sys
2009-07-13 18:31 - 2009-07-13 18:31 - 000014336 ____A [F6FF8944478594D0E414D3F048F0D778] (Microsoft Corporation) C:\Windows\System32\Drivers\wmiacpi.sys
2009-07-13 18:19 - 2009-07-13 20:45 - 000016464 ____A [FC146F46872D4C5B529B89A5131FD1E6] (Microsoft Corporation) C:\Windows\System32\Drivers\wmilib.sys
2009-07-13 19:10 - 2009-07-13 19:10 - 000021504 ____A [6BCC1D7D2FD2453957C5479A32364E52] (Microsoft Corporation) C:\Windows\System32\Drivers\ws2ifsl.sys
2009-07-13 19:39 - 2009-07-13 19:39 - 000023040 ____A [8D918B1DB190A4D9B1753A66FA8C96E8] (Microsoft Corporation) C:\Windows\System32\Drivers\WSDPrint.sys
2009-07-13 19:35 - 2009-07-13 19:35 - 000025088 ____A [4A2A5C50DD1A63577D3ACA94269FBC7F] (Microsoft Corporation) C:\Windows\System32\Drivers\WSDScan.sys
2012-11-15 05:24 - 2012-07-25 21:26 - 000087040 ____A [AB886378EEB55C6C75B4F2D14B6C869F] (Microsoft Corporation) C:\Windows\System32\Drivers\WUDFPf.sys
2012-11-15 05:24 - 2012-07-25 21:26 - 000198656 ____A [DDA4CAF29D8C0A297F886BFE561E6659] (Microsoft Corporation) C:\Windows\System32\Drivers\WUDFRd.sys
2016-02-21 19:01 - 2016-02-21 19:01 - 000042760 ____A [F0AE983ABA93D6A0327FC21B9ABED1C3] (Microsoft Corporation) C:\Windows\System32\Drivers\xb1usb.sys
2009-08-13 21:10 - 2009-08-13 21:10 - 000073984 ____A [2EE48CFCE7CA8E0DB4C44C7476C0943B] (Microsoft Corporation) C:\Windows\System32\Drivers\xusb21.sys
2017-11-23 22:02 - 2017-11-23 22:02 - 000079064 ____A [8C17F3795DAE9A0ECDE4B3A3B0740E5F] (Malwarebytes) C:\Windows\System32\Drivers\yitrfe.sys
2009-10-22 20:44 - 2011-02-22 13:49 - 000000000 ____D [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\ar-SA
2011-02-22 13:43 - 2010-11-20 08:29 - 000003072 ____A [E659B553ADC70A4A8230CA26B248304D] (Microsoft Corporation) C:\Windows\System32\Drivers\ar-SA\vpchbus.sys.mui
2011-02-22 13:43 - 2010-11-20 08:36 - 000002048 ____A [9081A1A83A5709DC3B9507536C0370BE] (Microsoft Corporation) C:\Windows\System32\Drivers\ar-SA\vpcnfltr.sys.mui
2011-02-22 13:43 - 2010-11-20 08:31 - 000002048 ____A [4AC5D3F42C16586F1B76FDBBFD5945B7] (Microsoft Corporation) C:\Windows\System32\Drivers\ar-SA\vpcusb.sys.mui
2011-02-22 13:43 - 2010-11-20 08:37 - 000002048 ____A [957672858BA8FA6FEE5FD678C7423BCB] (Microsoft Corporation) C:\Windows\System32\Drivers\ar-SA\vpcuxd.sys.mui
2011-02-22 13:43 - 2010-11-20 08:33 - 000014336 ____A [7F7DA52E3223FB83974BDC28FAF5688B] (Microsoft Corporation) C:\Windows\System32\Drivers\ar-SA\vpcvmm.sys.mui
2009-10-22 20:44 - 2011-02-22 13:49 - 000000000 ____D [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\cs-CZ
2011-02-22 13:43 - 2010-11-20 08:32 - 000003584 ____A [48E0AFF8F85673E3AEA884C83D5198C8] (Microsoft Corporation) C:\Windows\System32\Drivers\cs-CZ\vpchbus.sys.mui
2011-02-22 13:43 - 2010-11-20 08:31 - 000002048 ____A [0AE36E0AD79C3BA246CAA9264BF0584A] (Microsoft Corporation) C:\Windows\System32\Drivers\cs-CZ\vpcnfltr.sys.mui
2011-02-22 13:43 - 2010-11-20 08:26 - 000002048 ____A [9A149DE1033EB10F78415364347C2E66] (Microsoft Corporation) C:\Windows\System32\Drivers\cs-CZ\vpcusb.sys.mui
2011-02-22 13:43 - 2010-11-20 08:31 - 000002048 ____A [C5A27D6B2ACA0BAFB19A5DBAE49C06BF] (Microsoft Corporation) C:\Windows\System32\Drivers\cs-CZ\vpcuxd.sys.mui
2011-02-22 13:43 - 2010-11-20 08:31 - 000014336 ____A [6CF9305915A604054284CE5F8893A870] (Microsoft Corporation) C:\Windows\System32\Drivers\cs-CZ\vpcvmm.sys.mui
2009-10-22 20:44 - 2011-02-22 13:49 - 000000000 ____D [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\da-DK
2011-02-22 13:44 - 2010-11-20 08:30 - 000003584 ____A [998037AB01D106F294A9A2EE055247DF] (Microsoft Corporation) C:\Windows\System32\Drivers\da-DK\vpchbus.sys.mui
2011-02-22 13:44 - 2010-11-20 08:30 - 000002048 ____A [37928223999883F491FC3ABA76E26F2D] (Microsoft Corporation) C:\Windows\System32\Drivers\da-DK\vpcnfltr.sys.mui
2011-02-22 13:44 - 2010-11-20 08:33 - 000002048 ____A [8121D443BC4D97D34B76C4EF33A97874] (Microsoft Corporation) C:\Windows\System32\Drivers\da-DK\vpcusb.sys.mui
2011-02-22 13:44 - 2010-11-20 08:32 - 000002048 ____A [63EB2290E5217516CE1CB2D539092A81] (Microsoft Corporation) C:\Windows\System32\Drivers\da-DK\vpcuxd.sys.mui
2011-02-22 13:44 - 2010-11-20 08:29 - 000014336 ____A [4E7E0B3C544E6E4050BEB3056D526AAF] (Microsoft Corporation) C:\Windows\System32\Drivers\da-DK\vpcvmm.sys.mui
2009-10-22 20:44 - 2011-02-22 13:49 - 000000000 ____D [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\de-DE
2011-02-22 13:43 - 2010-11-20 08:05 - 000003584 ____A [5FC42A326E0223859F9BE30533CB717C] (Microsoft Corporation) C:\Windows\System32\Drivers\de-DE\vpchbus.sys.mui
2011-02-22 13:43 - 2010-11-20 08:03 - 000002048 ____A [BE6F89153C1BD9795FB7BC1DBDA816F4] (Microsoft Corporation) C:\Windows\System32\Drivers\de-DE\vpcnfltr.sys.mui
2011-02-22 13:43 - 2010-11-20 07:57 - 000002048 ____A [A1D2DB6EBD4D2D0D7DF500760D079908] (Microsoft Corporation) C:\Windows\System32\Drivers\de-DE\vpcusb.sys.mui
2011-02-22 13:43 - 2010-11-20 08:00 - 000002048 ____A [DF5AF4C8D450E145B952393D8530C679] (Microsoft Corporation) C:\Windows\System32\Drivers\de-DE\vpcuxd.sys.mui
2011-02-22 13:43 - 2010-11-20 08:04 - 000014336 ____A [39A9A583FBB23C11FDD6AEFE8DFB0256] (Microsoft Corporation) C:\Windows\System32\Drivers\de-DE\vpcvmm.sys.mui
2009-10-22 20:44 - 2011-02-22 13:49 - 000000000 ____D [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\el-GR
2011-02-22 13:43 - 2010-11-20 08:31 - 000004096 ____A [D29EFBF66049ADE6ED3E971135D5E11B] (Microsoft Corporation) C:\Windows\System32\Drivers\el-GR\vpchbus.sys.mui
2011-02-22 13:43 - 2010-11-20 08:25 - 000002048 ____A [B3B9FA3367C3D031E38DC3E027973711] (Microsoft Corporation) C:\Windows\System32\Drivers\el-GR\vpcnfltr.sys.mui
2011-02-22 13:43 - 2010-11-20 08:24 - 000002560 ____A [F797E8A0AAF165D033658885619275EE] (Microsoft Corporation) C:\Windows\System32\Drivers\el-GR\vpcusb.sys.mui
2011-02-22 13:43 - 2010-11-20 08:36 - 000002560 ____A [9FA2AA1B432C950E3056BBD42182188A] (Microsoft Corporation) C:\Windows\System32\Drivers\el-GR\vpcuxd.sys.mui
2011-02-22 13:43 - 2010-11-20 08:28 - 000014848 ____A [36093689C001047A9822E934DD369FAF] (Microsoft Corporation) C:\Windows\System32\Drivers\el-GR\vpcvmm.sys.mui
2009-07-14 00:37 - 2017-11-15 06:30 - 000000000 ____D [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\en-US
2009-07-14 00:35 - 2009-07-13 21:29 - 000011776 ____A [54DB21D20958E3D690BCC9F85E760354] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\1394ohci.sys.mui
2009-07-14 00:35 - 2009-07-13 21:23 - 000009216 ____A [32022C811A44B86FF45D20ACAB6D9BF6] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\acpi.sys.mui
2009-07-14 00:35 - 2009-07-13 21:30 - 000014848 ____A [E6A5E6AD9C6F4F30061068F321C0EC5A] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\afd.sys.mui
2009-07-14 00:35 - 2009-07-13 21:25 - 000002560 ____A [112E5E0E93886F5F4662F8AB16A41953] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\AGP440.sys.mui
2009-07-14 00:35 - 2009-07-13 21:25 - 000002048 ____A [431EEF89634DC46CCADD489A5E242D96] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\amdide.sys.mui
2009-07-14 00:35 - 2009-07-13 21:28 - 000014336 ____A [5A407CCC623EF4748FCFD65D8BF36E53] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\amdk8.sys.mui
2009-07-14 00:35 - 2009-07-13 21:28 - 000014336 ____A [02EF6091D3B2E3DD52148D69B084CC6A] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\amdppm.sys.mui
2009-07-14 00:35 - 2009-07-13 21:29 - 000003072 ____A [0AB55BC2F5C3B1F6DD41C4A8F2C598AE] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\ataport.sys.mui
2009-07-14 00:35 - 2009-07-13 21:29 - 000003072 ____A [2990593CBE18904D5EC0D8D012F56BE0] (ATI Technologies Inc.) C:\Windows\System32\Drivers\en-US\atikmdag.sys.mui
2009-07-14 00:35 - 2009-07-13 21:27 - 000007168 ____A [39C77D306B5BC4EE5B84F257BD8C11D4] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\battc.sys.mui
2009-07-14 00:35 - 2009-07-13 21:30 - 000025600 ____A [D33E31F95C553085F8F008269716AE3C] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\bfe.dll.mui
2009-07-14 00:35 - 2009-07-13 21:28 - 000002560 ____A [19772EAF65F4DC67D258A0204BDF53BB] (Brother Industries Ltd.) C:\Windows\System32\Drivers\en-US\BrParwdm.sys.mui
2009-07-14 00:35 - 2009-07-13 21:25 - 000010240 ____A [E2D40298D837850BE3D3ED553D557916] (Brother Industries Ltd.) C:\Windows\System32\Drivers\en-US\BrSerIb.sys.mui
2009-07-14 00:35 - 2009-07-13 21:30 - 000010240 ____A [FFFAE2F485EE4846D3926D8143DC52D0] (Brother Industries Ltd.) C:\Windows\System32\Drivers\en-US\BrSerId.sys.mui
2009-07-14 00:35 - 2009-07-13 21:30 - 000002048 ____A [996AD950DC5511CAC3E23887F36D00CE] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\bthenum.sys.mui
2009-07-14 00:35 - 2009-07-13 21:27 - 000004608 ____A [9F6C0ED8C73E45B8B39E93C4F19EC51D] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\bthpan.sys.mui
2009-07-14 00:35 - 2009-07-13 21:27 - 000007680 ____A [E811F270074C90EFFB62E26419C5A478] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\bthport.sys.mui
2009-07-14 00:35 - 2009-07-13 21:30 - 000002560 ____A [427AFD042BF91F651AAAF2F8333946D3] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\BTHUSB.SYS.mui
2009-07-14 00:35 - 2009-07-13 21:29 - 000002048 ____A [E4AD0963F2B4C256C9B752809FF5A17D] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\cdrom.sys.mui
2009-07-14 00:35 - 2009-07-13 21:29 - 000002048 ____A [E113E3358247C4399ACAA9394A13CAC1] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\disk.sys.mui
2009-07-14 00:35 - 2009-07-13 21:28 - 000002560 ____A [4DF602FA4237A02CFBA5443807ACE756] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\Dot4usb.sys.mui
2009-07-14 00:35 - 2009-07-13 21:23 - 000005120 ____A [9F29D656CAA5CB37DC988FC1B0899728] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\fltmgr.sys.mui
2009-07-14 00:35 - 2009-07-13 21:30 - 000014336 ____A [F376F1DB8D6B5C7D4AACA77016547269] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\fvevol.sys.mui
2009-07-14 00:35 - 2009-07-13 21:29 - 000002560 ____A [F800E677010DCCC1D1F3DD80C1208ADD] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\GAGP30KX.SYS.mui
2009-07-14 00:35 - 2009-07-13 21:28 - 000004096 ____A [CF9ED88D2707FB6175D56A8EEF56AE2A] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\hdaudbus.sys.mui
2009-07-14 00:35 - 2009-07-13 21:30 - 000003072 ____A [C9AFAE18805C92774E55D85C34687D98] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\HdAudio.sys.mui
2009-07-14 00:35 - 2009-07-13 21:24 - 000003072 ____A [6289F615503FABB5721E885F76C21094] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\hidbth.sys.mui
2009-07-14 00:35 - 2009-07-13 21:30 - 000032256 ____A [E7385B794486432C74CA8CBEAE1E957C] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\http.sys.mui
2009-07-14 00:35 - 2009-07-13 21:29 - 000010240 ____A [7932917F9F40083310D3C597CA89138A] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\i8042prt.sys.mui
2009-07-14 00:35 - 2009-07-13 21:28 - 000014336 ____A [A9DAE67F67C8736EAB89BE629A100134] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\intelppm.sys.mui
2011-02-22 13:43 - 2010-11-20 08:11 - 000006144 ____A [32E82AD8C30775AF16F8FCB6B233768E] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\IPMIDrv.sys.mui
2009-07-14 00:35 - 2009-07-13 21:23 - 000003584 ____A [13121C32919056A572109E59591E3DD1] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\ipnat.sys.mui
2009-07-14 00:35 - 2009-07-13 21:30 - 000003584 ____A [095EE8818E7CFEEFCA144737D5EE7EC5] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\isapnp.sys.mui
2011-02-22 13:43 - 2010-11-20 08:10 - 000004608 ____A [07E46CC39BDC4296D798560E248C4C8F] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\kbdclass.sys.mui
2009-07-14 00:35 - 2009-07-13 21:24 - 000002560 ____A [7776875C8810B7995B7F8935A73C5675] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\kbdhid.sys.mui
2009-07-14 00:35 - 2009-07-13 21:29 - 000006144 ____A [09654F384E8F48403AFEED23EC29D98A] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\luafv.sys.mui
2009-07-14 00:35 - 2009-07-13 21:28 - 000003584 ____A [B9D5D5C08D86E45933607821949F64A3] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\modem.sys.mui
2009-07-14 00:35 - 2009-07-13 21:26 - 000004096 ____A [586AF4C75447643EA998E7AFE717F6B3] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\mouclass.sys.mui
2009-07-14 00:35 - 2009-07-13 21:24 - 000002560 ____A [A15D1C07F7CF3AF5F8595187D7B2D7BA] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\mouhid.sys.mui
2016-02-06 23:00 - 2015-07-15 13:02 - 000002560 ____A [DCB0BF8BEDF446B36EE1A77C0D86F31F] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\mountmgr.sys.mui
2009-07-14 00:35 - 2009-07-13 21:27 - 000026624 ____A [5824985855E951FD7081EDA73014159F] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\mpio.sys.mui
2009-07-14 00:35 - 2009-07-13 21:29 - 000005632 ____A [21DDE99325EE591D56E838F65372FCDC] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\msdsm.sys.mui
2009-07-14 00:35 - 2009-07-13 21:24 - 000003072 ____A [21AD775A1C84C086E630D3C8BEE807FF] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\mssmbios.sys.mui
2009-07-14 00:35 - 2009-07-13 21:27 - 000002560 ____A [CD483881C9EEAA0A092BADB0E9E31D44] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\MTConfig.sys.mui
2009-07-14 00:35 - 2009-07-13 21:29 - 000035328 ____A [C3DB52AAA8F7FBE7BB48BBE1552FD9D4] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\ndis.sys.mui
2009-07-14 00:35 - 2009-07-13 21:29 - 000005632 ____A [0E5C3B2A88938BFA39A3660525EED627] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\ndiscap.sys.mui
2009-07-14 00:35 - 2009-07-13 21:23 - 000003072 ____A [82364E6C73DE7B0D9A14ED696663691D] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\ndisuio.sys.mui
2009-07-14 00:35 - 2009-07-13 21:26 - 000059904 ____A [826CC149F7AE403090D8EE13421907D3] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\ntfs.sys.mui
2009-07-14 00:35 - 2009-07-13 21:24 - 000002560 ____A [402C5F373E3348172A21E2C4E47FE9A5] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\NV_AGP.SYS.mui
2009-07-14 00:35 - 2009-07-13 21:23 - 000013824 ____A [4A911620A8D4A92B4829088313262C65] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\nwifi.sys.mui
2009-07-14 00:35 - 2009-07-13 21:29 - 000011776 ____A [FCF1928FC42F3FF495AABBF531925912] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\ohci1394.sys.mui
2009-07-14 00:35 - 2009-07-13 21:25 - 000015360 ____A [FE8EE46359CCA5797116E999AC9027E8] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\pacer.sys.mui
2009-07-14 00:35 - 2009-07-13 21:29 - 000003584 ____A [1897DD879E564636B62C7438BEDD7ED8] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\parport.sys.mui
2009-07-14 00:35 - 2009-07-13 21:29 - 000002560 ____A [5B7B4A639557BCCBF6CFB19D01CED6F6] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\partmgr.sys.mui
2009-07-14 00:35 - 2009-07-13 21:29 - 000008192 ____A [852A0E7E335D7403456C5493C3602DFA] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\pci.sys.mui
2009-07-14 00:35 - 2009-07-13 21:28 - 000004096 ____A [C4179FB59F7C58207724DD200A50A623] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\pcmcia.sys.mui
2009-07-14 00:35 - 2009-07-13 21:26 - 000002560 ____A [A32BF5D2ABCE0A52AC08759883100FA1] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\pnpmem.sys.mui
2009-07-14 00:35 - 2009-07-13 21:23 - 000003584 ____A [FD3DC59E253F1588CFDC984A08D5AB06] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\portcls.sys.mui
2009-07-14 00:35 - 2009-07-13 21:29 - 000014336 ____A [12EE9100FC4EE882DC9D807518EA456F] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\processr.sys.mui
2009-07-14 00:35 - 2009-07-13 21:30 - 000003584 ____A [9AE150B07FBB235F7DD98B016B728245] (SCM Microsystems, Inc.) C:\Windows\System32\Drivers\en-US\pscr.sys.mui
2009-07-14 00:35 - 2009-07-13 21:24 - 000002560 ____A [EBF10A20E41E54D35E24BB1477B3790A] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\qwavedrv.sys.mui
2009-07-14 00:35 - 2009-07-13 21:25 - 000004608 ____A [836EC1DA853C3CC5AFA72FF1C56FECC1] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\rdbss.sys.mui
2011-02-22 13:43 - 2010-11-20 08:01 - 000002560 ____A [6289416B950764322B45E9C55A5645B4] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\rdpwd.sys.mui
2009-07-14 00:35 - 2009-07-13 21:28 - 000003072 ____A [0A86155D9CF13C36C1C11097895B7D23] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\RNDISMP.sys.mui
2009-07-14 00:35 - 2009-07-13 21:25 - 000003072 ____A [69A5BEFB6D15DB21FEA9ACC7E514B29E] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\rndismp6.sys.mui
2009-07-14 00:35 - 2009-07-13 21:28 - 000003072 ____A [0A86155D9CF13C36C1C11097895B7D23] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\rndismpx.sys.mui
2009-07-14 00:35 - 2009-07-13 21:30 - 000002560 ____A [68A170329824FD91839D15DA6CB616C8] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\scfilter.sys.mui
2009-07-14 00:35 - 2009-07-13 21:24 - 000003072 ____A [67BDCDBBB8FB81865DCDB07142471C81] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\scsiport.sys.mui
2009-07-14 00:35 - 2009-07-13 21:30 - 000010240 ____A [28FDCD5276E588B1C82E8390C331A672] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\serial.sys.mui
2009-07-14 00:35 - 2009-07-13 21:29 - 000005120 ____A [EC3DB882F53F67457701F2674E16A255] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\sermouse.sys.mui
2009-07-14 00:35 - 2009-07-13 21:26 - 000002560 ____A [531E4F70FCD5D5A278EAB6E2D1849847] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\serscan.sys.mui
2009-07-14 00:35 - 2009-07-13 21:25 - 000002560 ____A [8B900D6E6253E72975747D40F0B4CE4D] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\srv.sys.mui
2009-07-14 00:35 - 2009-07-13 21:28 - 000044032 ____A [147A70680DFE10726938C932C529C500] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\tcpip.sys.mui
2016-03-17 00:27 - 2016-02-05 13:53 - 000008192 ____A [132547D30ECBC0DEE0E52A4B1F19D085] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\tpm.sys.mui
2013-11-12 16:36 - 2013-10-01 23:38 - 000003072 ____A [D02386F421B7BA79B3DD70002BA84AB1] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\tsusbflt.sys.mui
2009-07-14 00:35 - 2009-07-13 21:24 - 000007680 ____A [00D0ADEB9470F4E73C675F4271579AEE] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\tunnel.sys.mui
2009-07-14 00:35 - 2009-07-13 21:24 - 000002560 ____A [258EE691A306B61FD78F6EA2AE68EC4D] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\UAGP35.SYS.mui
2009-07-14 00:35 - 2009-07-13 21:23 - 000002560 ____A [0603331E5CCDC80476C869C22AB49CEC] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\ULIAGPKX.SYS.mui
2009-07-14 00:35 - 2009-07-13 21:29 - 000003072 ____A [B1EF6396D59394A839242635B193C19D] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\umbus.sys.mui
2017-11-15 02:49 - 2017-10-17 21:29 - 000003072 ____A [5E8FE83DC4ECB24D27A864AA0AC28A61] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\usbehci.sys.mui
2017-11-15 02:49 - 2017-10-17 21:29 - 000011776 ____A [7727F33D6C8F04492AB36F34808B43FE] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\usbhub.sys.mui
2017-11-15 02:49 - 2017-10-17 21:29 - 000024576 ____A [536FFFDE85B0E5FAA180FDD206156CA6] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\usbport.sys.mui
2009-07-14 00:35 - 2009-07-13 21:24 - 000002048 ____A [A477495EDAB1FC652C3E7F48D9879E61] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\usbrpm.sys.mui
2009-07-14 00:35 - 2009-07-13 21:26 - 000003584 ____A [B6CBD22F79E099E7B9C7AD30B0EB3E33] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\vdrvroot.sys.mui
2009-07-14 00:35 - 2009-07-13 21:29 - 000003584 ____A [9EA0366724437C0448BC242C90D073BF] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\vhdmp.sys.mui
2009-07-14 00:35 - 2009-07-13 21:23 - 000002560 ____A [8B43588430EBA0E1C4C6B2909B3FA616] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\volmgrx.sys.mui
2009-07-14 00:35 - 2009-07-13 21:28 - 000023552 ____A [308E04CFA8407B0C7099C9D40BC19023] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\volsnap.sys.mui
2011-02-22 13:43 - 2010-11-20 08:03 - 000003584 ____A [F6B0C9D4F43BB1E5EA689D40A2C52680] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\vpchbus.sys.mui
2011-02-22 13:43 - 2010-11-20 08:02 - 000002048 ____A [F684DFE5E004F34D59149733E564497B] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\vpcnfltr.sys.mui
2011-02-22 13:43 - 2010-11-20 08:09 - 000002048 ____A [76D570A2FAF19AB3F852B512652565CE] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\vpcusb.sys.mui
2011-02-22 13:43 - 2010-11-20 08:02 - 000002048 ____A [9C795A9310A746C70F61C7EFC07D5DEF] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\vpcuxd.sys.mui
2011-02-22 13:43 - 2010-11-20 08:02 - 000013312 ____A [C6D91A610CCFE5003698C45473E13187] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\vpcvmm.sys.mui
2009-07-14 00:35 - 2009-07-13 21:29 - 000002048 ____A [AC0CDAA74A6DF9FA99D39BA5E3E32852] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\vwifibus.sys.mui
2009-07-14 00:35 - 2009-07-13 21:27 - 000004096 ____A [4820660F8636CA590F6DDE44037C240A] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\wacompen.sys.mui
2009-07-14 00:35 - 2009-07-13 21:26 - 000002048 ____A [29F6CD4D49286520658A9F8257DB95ED] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\wd.sys.mui
2012-11-15 05:31 - 2012-07-25 23:47 - 000002560 ____A [986A09DC5E1645ED4733065547DCC5DD] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\wdf01000.sys.mui
2009-07-14 00:35 - 2009-07-13 21:29 - 000002048 ____A [FA13EB401D8A26D185C6D0B2AA1427E5] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\ws2ifsl.sys.mui
2009-10-22 20:44 - 2011-02-22 13:49 - 000000000 ____D [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\es-ES
2011-02-22 13:43 - 2010-11-20 08:12 - 000003584 ____A [073CF076299E88372A868E033557290F] (Microsoft Corporation) C:\Windows\System32\Drivers\es-ES\vpchbus.sys.mui
2011-02-22 13:43 - 2010-11-20 08:03 - 000002048 ____A [01B1C86FA940E20657A2E396AF0E9B3A] (Microsoft Corporation) C:\Windows\System32\Drivers\es-ES\vpcnfltr.sys.mui
2011-02-22 13:43 - 2010-11-20 08:09 - 000002048 ____A [9F9DEDD3C795711AA70999C27E96B4F0] (Microsoft Corporation) C:\Windows\System32\Drivers\es-ES\vpcusb.sys.mui
2011-02-22 13:43 - 2010-11-20 08:00 - 000002048 ____A [5D7112A692CDF57884175E9B124F69E4] (Microsoft Corporation) C:\Windows\System32\Drivers\es-ES\vpcuxd.sys.mui
2011-02-22 13:43 - 2010-11-20 08:08 - 000014336 ____A [5F58E7444ADAA34970FB48322EC56CC6] (Microsoft Corporation) C:\Windows\System32\Drivers\es-ES\vpcvmm.sys.mui
2009-07-13 22:20 - 2017-11-25 21:41 - 000000000 ____D [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\etc
2009-07-13 21:34 - 2017-11-25 21:41 - 000000035 ____A [90C8F3BA7DB5CB3562298C2E11C97C52] () C:\Windows\System32\Drivers\etc\hosts
2009-10-23 02:22 - 2009-10-23 01:39 - 000000968 ____A [101CFDFB342578C78130DD2CB38C7413] () C:\Windows\System32\Drivers\etc\hosts.20091023-032225.backup
2009-07-13 21:34 - 2009-10-23 02:22 - 000347385 ___RA [C3AA1AAF3302A803DAF9E0F552444FA6] () C:\Windows\System32\Drivers\etc\hosts.20091104-125540.backup
2009-07-13 21:34 - 2009-11-04 12:55 - 000350887 ___RA [4527481ED80748596045B2FB91337BDA] () C:\Windows\System32\Drivers\etc\hosts.20091111-185347.backup
2009-07-13 21:34 - 2009-11-11 18:53 - 000352215 ___RA [ADADF4D76170DBC1137C7F273FE04B1D] () C:\Windows\System32\Drivers\etc\hosts.20091119-030018.backup
2009-07-13 21:34 - 2009-11-19 03:00 - 000356867 ___RA [EAA8BF73528F270E5E266ECCC9713320] () C:\Windows\System32\Drivers\etc\hosts.20091126-114114.backup
2009-07-13 21:34 - 2009-11-26 11:41 - 000358743 ___RA [3479B4250796804EE79AC99B783FD731] () C:\Windows\System32\Drivers\etc\hosts.20091208-013248.backup
2009-07-13 21:34 - 2009-12-08 01:32 - 000361765 ___RA [C34EAB046E3F8A4491A99BDFC4241503] () C:\Windows\System32\Drivers\etc\hosts.20091215-181235.backup
2009-07-13 21:34 - 2009-12-15 18:12 - 000363035 ___RA [1EAC429F565E827D403088887A1BF542] () C:\Windows\System32\Drivers\etc\hosts.20091222-132713.backup
2009-07-13 21:34 - 2009-12-22 13:27 - 000366695 ___RA [10544EB33903D91AE1F698E9D2072AEE] () C:\Windows\System32\Drivers\etc\hosts.20091228-190902.backup
2009-07-13 21:34 - 2009-12-28 19:09 - 000370891 ___RA [8D2E82687679B67DC11A1726BC5C877E] () C:\Windows\System32\Drivers\etc\hosts.20100103-145838.backup
2009-07-13 21:34 - 2010-01-03 14:58 - 000371467 ___RA [420CA7398D0B912F9E0FDCD3813B848F] () C:\Windows\System32\Drivers\etc\hosts.20100114-133056.backup
2009-07-13 21:34 - 2010-01-14 13:30 - 000373685 ___RA [2F536E70B989198139191DB59AF7F736] () C:\Windows\System32\Drivers\etc\hosts.20100128-014234.backup
2009-07-13 21:34 - 2010-01-28 01:42 - 000377989 ___RA [09EA6D8E38095FFBC295CD912240F633] () C:\Windows\System32\Drivers\etc\hosts.20100212-112151.backup
2009-07-13 21:34 - 2010-02-12 11:21 - 000378681 ___RA [B05604636870EE52A76B07DE015C6A1B] () C:\Windows\System32\Drivers\etc\hosts.20100223-153153.backup
2009-07-13 21:34 - 2010-02-23 15:31 - 000380383 ___RA [A06D12EEFF6EA6BF22B33907164C75CC] () C:\Windows\System32\Drivers\etc\hosts.20100308-005353.backup
2009-07-13 21:34 - 2010-03-08 00:53 - 000380487 ___RA [BF6F71305FFF2F2F03324D9EFF68D17B] () C:\Windows\System32\Drivers\etc\hosts.20100317-193754.backup
2009-07-13 21:34 - 2010-03-17 18:37 - 000380938 ___RA [D3BDC99D01C3201BA5782344D07F1A42] () C:\Windows\System32\Drivers\etc\hosts.20100326-010616.backup
2010-03-26 00:07 - 2010-03-26 00:06 - 000381190 ___RA [14A5C921EE1D0DB9A29B0D5237276A05] () C:\Windows\System32\Drivers\etc\hosts.20100326-010710.backup
2009-07-13 21:34 - 2010-03-26 00:07 - 000381190 ___RA [14A5C921EE1D0DB9A29B0D5237276A05] () C:\Windows\System32\Drivers\etc\hosts.20100329-123546.backup
2009-07-13 21:34 - 2010-03-29 11:35 - 000381190 ___RA [14A5C921EE1D0DB9A29B0D5237276A05] () C:\Windows\System32\Drivers\etc\hosts.20100410-021856.backup
2010-04-10 01:19 - 2010-04-10 01:18 - 000386134 ___RA [93941C940DE4D3625B1ECE2600DF9F3D] () C:\Windows\System32\Drivers\etc\hosts.20100410-021939.backup
2009-07-13 21:34 - 2010-04-11 12:17 - 000386165 ___RA [1141E25E9C536955A653EB1DD75E899A] () C:\Windows\System32\Drivers\etc\hosts.20100505-124142.backup
2009-07-13 21:34 - 2010-05-05 11:41 - 000393327 ___RA [99E4FE96E1E8DCBC510D2434FD8CCD5A] () C:\Windows\System32\Drivers\etc\hosts.20100607-031223.backup
2009-07-13 21:34 - 2010-06-07 02:12 - 000403931 ___RA [D198FC90C8EF7D146B887664B2D72C12] () C:\Windows\System32\Drivers\etc\hosts.20100607-132208.backup
2009-07-13 21:34 - 2010-06-07 12:22 - 000403931 ___RA [D198FC90C8EF7D146B887664B2D72C12] () C:\Windows\System32\Drivers\etc\hosts.20100703-134911.backup
2009-07-13 21:34 - 2010-07-03 12:49 - 000411661 ___RA [54A7F4A906F8D1D8D5D54CD8F2E06409] () C:\Windows\System32\Drivers\etc\hosts.20100723-024729.backup
2009-07-13 21:34 - 2010-07-23 01:47 - 000414957 ___RA [8730EBDBE249390B8499FF2CC9A0B4D3] () C:\Windows\System32\Drivers\etc\hosts.20100804-022916.backup
2009-07-13 21:34 - 2010-08-04 01:29 - 000415842 ___RA [2C804CCEC0F976890D138DB32C2995A0] () C:\Windows\System32\Drivers\etc\hosts.20100916-223549.backup
2009-07-13 21:34 - 2010-09-18 23:22 - 000419464 ___RA [90480323699B45FB27A0046C74FE6F56] () C:\Windows\System32\Drivers\etc\hosts.20100919-032540.backup
2009-07-13 21:34 - 2010-09-19 11:42 - 000419464 ___RA [90480323699B45FB27A0046C74FE6F56] () C:\Windows\System32\Drivers\etc\hosts.20100923-171640.backup
2009-07-13 21:34 - 2010-09-23 16:16 - 000419532 ___RA [CB6D012A5745883F5A87F88B8F5B02EC] () C:\Windows\System32\Drivers\etc\hosts.20101018-025713.backup
2009-07-13 21:34 - 2010-10-18 01:57 - 000422534 ___RA [3904FFA5ACFFBD7A9F1D3D98EF840BD1] () C:\Windows\System32\Drivers\etc\hosts.20101029-031336.backup
2009-07-13 21:34 - 2010-10-29 02:13 - 000424320 ___RA [B569A558360163E461A37CC2E26425D8] () C:\Windows\System32\Drivers\etc\hosts.20110130-032904.backup
2009-07-13 21:34 - 2011-01-30 03:29 - 000429322 ___RA [1649EB75700C260D8E2134E1432751BB] () C:\Windows\System32\Drivers\etc\hosts.20110508-160351.backup
2009-07-13 21:34 - 2011-05-08 15:03 - 000434029 ___RA [3418410A1E1DD2F3D27E3A1186428AD0] () C:\Windows\System32\Drivers\etc\hosts.20110603-031302.backup
2009-07-13 21:34 - 2011-06-03 02:13 - 000434909 ___RA [4E4480B879C0DDE06A1742F135A41C3D] () C:\Windows\System32\Drivers\etc\hosts.20110801-004118.backup
2011-10-18 23:38 - 2011-09-26 22:12 - 000000505 ____A [767A53CEA13807DB8F16D99EA764A04F] () C:\Windows\System32\Drivers\etc\hosts.20111019-003849.backup
2009-07-13 21:34 - 2011-10-18 23:38 - 000437608 ___RA [043DCF442AB8622638EC72AF14989155] () C:\Windows\System32\Drivers\etc\hosts.20111106-023727.backup
2009-07-13 21:34 - 2011-11-06 02:37 - 000437842 ___RA [14A52E037DA3F4E58AA84C1E9BBADF6C] () C:\Windows\System32\Drivers\etc\hosts.20111121-130824.backup
2009-07-13 21:34 - 2011-11-21 13:08 - 000438385 ___RA [78E65E3B6B44B23256B099CFB1C96EC0] () C:\Windows\System32\Drivers\etc\hosts.20111208-141629.backup
2009-07-13 21:34 - 2011-12-08 14:16 - 000438385 ___RA [78E65E3B6B44B23256B099CFB1C96EC0] () C:\Windows\System32\Drivers\etc\hosts.20120121-141305.backup
2009-07-13 21:34 - 2012-01-21 14:13 - 000439970 ___RA [1001ABE4876E6EA77139A5F56B736908] () C:\Windows\System32\Drivers\etc\hosts.20120125-205239.backup
2009-07-13 21:34 - 2012-01-25 20:52 - 000440783 ___RA [B21A23B904953523CA3A1BC4092F4F72] () C:\Windows\System32\Drivers\etc\hosts.20120206-031821.backup
2009-07-13 21:34 - 2012-02-06 03:18 - 000440869 ___RA [6D2922DA482D8B3FD5F837E2AC4EE554] () C:\Windows\System32\Drivers\etc\hosts.20120212-212729.backup
2009-07-13 21:34 - 2012-02-12 21:27 - 000441029 ___RA [25FAE1270E74D7FD9AAEBCBF4425DB8B] () C:\Windows\System32\Drivers\etc\hosts.20120223-034334.backup
2009-07-13 21:34 - 2012-02-23 03:43 - 000441098 ___RA [77B34F8D30C0751EF18328BBCADFD8A2] () C:\Windows\System32\Drivers\etc\hosts.20120306-041131.backup
2009-07-13 21:34 - 2012-03-06 04:11 - 000441158 ___RA [93D3E103E6DAC3A458688069CB54C28F] () C:\Windows\System32\Drivers\etc\hosts.20120406-045733.backup
2009-07-13 21:34 - 2012-04-06 03:57 - 000441807 ___RA [C63EBD21256B3524EDF701B23D6469EC] () C:\Windows\System32\Drivers\etc\hosts.20120501-045843.backup
2009-07-13 21:34 - 2012-05-01 03:58 - 000442533 ___RA [0C209AB432C3A1D33A6AC7FCFD7F6155] () C:\Windows\System32\Drivers\etc\hosts.20120602-050620.backup
2009-07-13 21:34 - 2012-06-02 04:06 - 000442566 ___RA [45751E011D50BFFB20C43267BD1431CF] () C:\Windows\System32\Drivers\etc\hosts.20120720-050024.backup
2009-07-13 21:34 - 2012-07-20 04:00 - 000443261 ___RA [9524EBF9C39161BD166DF5F2971D8DC4] () C:\Windows\System32\Drivers\etc\hosts.20120802-050414.backup
2009-07-13 21:34 - 2012-08-02 04:04 - 000443564 ___RA [C1CF355D585CD413A433770A1EE76C37] () C:\Windows\System32\Drivers\etc\hosts.20120820-051904.backup
2009-07-13 21:34 - 2012-08-20 04:19 - 000443788 ___RA [89B3FF2EA61F63A3D5AA0CE1ABB818DF] () C:\Windows\System32\Drivers\etc\hosts.20120909-045657.backup
2009-07-13 21:34 - 2012-09-25 18:35 - 000443942 ___RA [E289BA426E8BB0E616712661280FFCB2] () C:\Windows\System32\Drivers\etc\hosts.20121120-045407.backup
2009-07-13 21:34 - 2012-11-20 04:54 - 000444544 ___RA [CB3CE93C016006CA4671146514083848] () C:\Windows\System32\Drivers\etc\hosts.20121204-052029.backup
2012-12-04 05:20 - 2012-12-04 05:20 - 000444644 ___RA [343FF4375192B852D97B46E4BE17C5AA] () C:\Windows\System32\Drivers\etc\hosts.20121204-052037.backup
2009-07-13 21:34 - 2012-12-04 05:20 - 000444644 ___RA [343FF4375192B852D97B46E4BE17C5AA] () C:\Windows\System32\Drivers\etc\hosts.20130107-054703.backup
2009-07-13 21:34 - 2013-01-07 05:47 - 000444748 ___RA [2CD6F8EFABEC8C04E66666DC5B076A37] () C:\Windows\System32\Drivers\etc\hosts.20130220-184802.backup
2013-03-10 05:27 - 2013-03-07 01:49 - 000445542 ____A [A57C255BB69B2A28B960EE29B82EC88B] () C:\Windows\System32\Drivers\etc\hosts.20130310-062717.backup
2009-07-13 21:34 - 2013-03-10 05:27 - 000445801 ___RA [D6990DC8DB3F32019DCDF4B22319A40B] () C:\Windows\System32\Drivers\etc\hosts.20130327-053454.backup
2009-07-13 21:34 - 2013-03-27 04:34 - 000446089 ___RA [AFE1388029DB370D4C85D0A54A13712E] () C:\Windows\System32\Drivers\etc\hosts.20130425-164231.backup
2013-05-08 19:34 - 2013-04-28 13:20 - 000000027 ____A [6A4029CFF35FD4BA34C001C1ED5D9945] () C:\Windows\System32\Drivers\etc\hosts.20130508-203446.backup
2009-07-13 21:34 - 2013-05-08 19:34 - 000446982 ___RA [7304D0AA83CB57B32BDAD4D3AFDCFE16] () C:\Windows\System32\Drivers\etc\hosts.20130530-060139.backup
2009-07-13 21:34 - 2013-05-30 05:01 - 000447876 ___RA [496C5520D1FCD968CE64DC4551564E67] () C:\Windows\System32\Drivers\etc\hosts.20130607-053048.backup
2009-07-13 21:34 - 2013-06-07 04:30 - 000448644 ___RA [1A63B1608786A87E161FCA7757CF15A8] () C:\Windows\System32\Drivers\etc\hosts.20130628-062017.backup
2009-07-13 21:34 - 2013-06-28 05:20 - 000449089 ___RA [5167119996B50E75C5214BE72E19776A] () C:\Windows\System32\Drivers\etc\hosts.20130722-063835.backup
2009-07-13 21:34 - 2013-07-22 05:38 - 000449574 ___RA [2D1279EF0F318FCF27D196DEF0BA1AEF] () C:\Windows\System32\Drivers\etc\hosts.20130802-063816.backup
2009-07-13 21:34 - 2013-08-02 05:38 - 000449839 ___RA [D693BB7261A7F2BF5733FF6768D9841F] () C:\Windows\System32\Drivers\etc\hosts.20130816-050458.backup
2009-07-13 21:34 - 2013-08-16 04:04 - 000449839 ___RA [D693BB7261A7F2BF5733FF6768D9841F] () C:\Windows\System32\Drivers\etc\hosts.20130829-073817.backup
2009-07-13 21:34 - 2013-08-29 06:38 - 000449839 ___RA [D693BB7261A7F2BF5733FF6768D9841F] () C:\Windows\System32\Drivers\etc\hosts.20130921-064056.backup
2009-07-13 21:34 - 2013-09-21 05:40 - 000449839 ___RA [D693BB7261A7F2BF5733FF6768D9841F] () C:\Windows\System32\Drivers\etc\hosts.20131030-070522.backup
2009-07-13 21:34 - 2013-10-30 06:05 - 000449863 ___RA [310F94A74408E501867A521DFA749C99] () C:\Windows\System32\Drivers\etc\hosts.20131116-061742.backup
2009-07-13 21:34 - 2013-11-16 06:17 - 000449863 ___RA [310F94A74408E501867A521DFA749C99] () C:\Windows\System32\Drivers\etc\hosts.20131217-072029.backup
2009-07-13 21:34 - 2013-12-24 02:03 - 000449913 ___RA [52259F54378DEEA2FB0C47C2306D6C46] () C:\Windows\System32\Drivers\etc\hosts.20140306-073249.backup
2012-09-25 18:33 - 2012-09-25 18:35 - 000443942 ____A [E289BA426E8BB0E616712661280FFCB2] () C:\Windows\System32\Drivers\etc\hosts.umbrella
2009-07-13 21:35 - 2009-06-10 16:00 - 000003683 ____A [18413B90E1B291EC3E777A845C37CFEE] () C:\Windows\System32\Drivers\etc\lmhosts.sam
2009-07-13 21:34 - 2009-06-10 16:00 - 000000407 ____A [B65A1232FB4B35827CE7C5E2F8EC8947] () C:\Windows\System32\Drivers\etc\networks
2009-07-13 21:34 - 2009-06-10 16:00 - 000001358 ____A [7700D22FA108234E623D65FA72D9E29C] () C:\Windows\System32\Drivers\etc\protocol
2009-07-13 21:34 - 2009-06-10 16:00 - 000017463 ____A [D9E1A01B480D961B7CF0509D597A92D6] () C:\Windows\System32\Drivers\etc\services
2009-10-22 20:44 - 2011-02-22 13:49 - 000000000 ____D [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\fi-FI
2011-02-22 13:44 - 2010-11-20 08:26 - 000003584 ____A [704E6B208D30D7D952AC395D5BF6067B] (Microsoft Corporation) C:\Windows\System32\Drivers\fi-FI\vpchbus.sys.mui
2011-02-22 13:44 - 2010-11-20 08:28 - 000002048 ____A [3F2814447AFE326BDB40917B5E681DE7] (Microsoft Corporation) C:\Windows\System32\Drivers\fi-FI\vpcnfltr.sys.mui
2011-02-22 13:44 - 2010-11-20 08:27 - 000002048 ____A [B682474B428ECB5559258BB79833F799] (Microsoft Corporation) C:\Windows\System32\Drivers\fi-FI\vpcusb.sys.mui
2011-02-22 13:44 - 2010-11-20 08:25 - 000002048 ____A [6F5CF26A4F2FD4FA5612F903AA4275B1] (Microsoft Corporation) C:\Windows\System32\Drivers\fi-FI\vpcuxd.sys.mui
2011-02-22 13:44 - 2010-11-20 08:28 - 000014336 ____A [4FD4B31BDDB10872104DC9A5F7A6460B] (Microsoft Corporation) C:\Windows\System32\Drivers\fi-FI\vpcvmm.sys.mui
2009-10-22 20:44 - 2011-02-22 13:49 - 000000000 ____D [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\fr-FR
2011-02-22 13:43 - 2010-11-20 08:05 - 000003584 ____A [249339C91AFD576BF608739DB75ED358] (Microsoft Corporation) C:\Windows\System32\Drivers\fr-FR\vpchbus.sys.mui
2011-02-22 13:43 - 2010-11-20 08:07 - 000002048 ____A [E1CAA46C61CEC1D937F317ED4D29F090] (Microsoft Corporation) C:\Windows\System32\Drivers\fr-FR\vpcnfltr.sys.mui
2011-02-22 13:43 - 2010-11-20 08:06 - 000002048 ____A [B79B73BC694E7A3304D70711CA35F783] (Microsoft Corporation) C:\Windows\System32\Drivers\fr-FR\vpcusb.sys.mui
2011-02-22 13:43 - 2010-11-20 08:04 - 000002048 ____A [A26EA72C7291A35EC2372392F0EC5708] (Microsoft Corporation) C:\Windows\System32\Drivers\fr-FR\vpcuxd.sys.mui
2011-02-22 13:43 - 2010-11-20 08:09 - 000014336 ____A [4F16E2C9C447CDDC3C3C7C5CCECA0707] (Microsoft Corporation) C:\Windows\System32\Drivers\fr-FR\vpcvmm.sys.mui
2009-10-22 20:44 - 2011-02-22 13:49 - 000000000 ____D [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\he-IL
2011-02-22 13:44 - 2010-11-20 08:27 - 000003072 ____A [A243ACA0304F3CDEA1B3752ECB03029C] (Microsoft Corporation) C:\Windows\System32\Drivers\he-IL\vpchbus.sys.mui
2011-02-22 13:44 - 2010-11-20 08:27 - 000002048 ____A [BE532FA1FD2CE571035AD328608A3597] (Microsoft Corporation) C:\Windows\System32\Drivers\he-IL\vpcnfltr.sys.mui
2011-02-22 13:44 - 2010-11-20 08:33 - 000002048 ____A [E5D5224A7334C33204485C182FE4F844] (Microsoft Corporation) C:\Windows\System32\Drivers\he-IL\vpcusb.sys.mui
2011-02-22 13:44 - 2010-11-20 08:26 - 000002048 ____A [3DEAC4203C6DE4A668ECD7983E6FB617] (Microsoft Corporation) C:\Windows\System32\Drivers\he-IL\vpcuxd.sys.mui
2011-02-22 13:44 - 2010-11-20 08:30 - 000013824 ____A [F444D843CDD2015AE0FB07223F6EEBB0] (Microsoft Corporation) C:\Windows\System32\Drivers\he-IL\vpcvmm.sys.mui
2009-10-22 20:44 - 2011-02-22 13:49 - 000000000 ____D [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\hu-HU
2011-02-22 13:43 - 2010-11-20 08:37 - 000003584 ____A [1FCE3F882FE0008BCB3A2E7AEF6C5A87] (Microsoft Corporation) C:\Windows\System32\Drivers\hu-HU\vpchbus.sys.mui
2011-02-22 13:43 - 2010-11-20 08:38 - 000002048 ____A [55295DD928ECDFA7F4FCA1E74C854C5F] (Microsoft Corporation) C:\Windows\System32\Drivers\hu-HU\vpcnfltr.sys.mui
2011-02-22 13:43 - 2010-11-20 08:41 - 000002560 ____A [9A632918128B43EE694F681B7EF6B14B] (Microsoft Corporation) C:\Windows\System32\Drivers\hu-HU\vpcusb.sys.mui
2011-02-22 13:43 - 2010-11-20 08:39 - 000002560 ____A [11ED55E5C38D174AF2ED0455CBBCF374] (Microsoft Corporation) C:\Windows\System32\Drivers\hu-HU\vpcuxd.sys.mui
2011-02-22 13:43 - 2010-11-20 08:41 - 000014336 ____A [0C6BA1B400B5AC4206EF96649C677A8B] (Microsoft Corporation) C:\Windows\System32\Drivers\hu-HU\vpcvmm.sys.mui
2009-10-22 20:44 - 2011-02-22 13:49 - 000000000 ____D [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\it-IT
2011-02-22 13:43 - 2010-11-20 08:40 - 000003584 ____A [67A4149B532CA007C7E31AA005163BCA] (Microsoft Corporation) C:\Windows\System32\Drivers\it-IT\vpchbus.sys.mui
2011-02-22 13:43 - 2010-11-20 08:42 - 000002048 ____A [ECB5E545729771655BD8222DB33522F0] (Microsoft Corporation) C:\Windows\System32\Drivers\it-IT\vpcnfltr.sys.mui
2011-02-22 13:43 - 2010-11-20 08:37 - 000002048 ____A [461D3F1F816BE2017858223AD1147EF4] (Microsoft Corporation) C:\Windows\System32\Drivers\it-IT\vpcusb.sys.mui
2011-02-22 13:43 - 2010-11-20 08:35 - 000002048 ____A [C15C8FB4AFCF04669E3D31883ACE0A37] (Microsoft Corporation) C:\Windows\System32\Drivers\it-IT\vpcuxd.sys.mui
2011-02-22 13:43 - 2010-11-20 08:35 - 000014336 ____A [7CD1D615DAE4AE718505D124879DF5D1] (Microsoft Corporation) C:\Windows\System32\Drivers\it-IT\vpcvmm.sys.mui
2009-10-22 20:44 - 2011-02-22 13:49 - 000000000 ____D [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\ja-JP
2011-02-22 13:43 - 2010-11-20 07:59 - 000003072 ____A [9491CBFBE6473EBBE77E4277A945B95A] (Microsoft Corporation) C:\Windows\System32\Drivers\ja-JP\vpchbus.sys.mui
2011-02-22 13:43 - 2010-11-20 08:04 - 000002048 ____A [33CFC30DA7EC214A36C2DA877756751E] (Microsoft Corporation) C:\Windows\System32\Drivers\ja-JP\vpcnfltr.sys.mui
2011-02-22 13:43 - 2010-11-20 08:05 - 000002048 ____A [7139A775EAA052F712C5CA56536C281E] (Microsoft Corporation) C:\Windows\System32\Drivers\ja-JP\vpcusb.sys.mui
2011-02-22 13:43 - 2010-11-20 08:03 - 000002048 ____A [8E6AC2AE9882E949755EDF4252307188] (Microsoft Corporation) C:\Windows\System32\Drivers\ja-JP\vpcuxd.sys.mui
2011-02-22 13:43 - 2010-11-20 08:10 - 000013824 ____A [385E8EFB5D608C13E2E584C86A23870B] (Microsoft Corporation) C:\Windows\System32\Drivers\ja-JP\vpcvmm.sys.mui
2009-10-22 20:44 - 2011-02-22 13:49 - 000000000 ____D [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\ko-KR
2011-02-22 13:43 - 2010-11-20 09:33 - 000003072 ____A [E9FE77470B588FFD73CDBFDE8BE5204C] (Microsoft Corporation) C:\Windows\System32\Drivers\ko-KR\vpchbus.sys.mui
2011-02-22 13:43 - 2010-11-20 09:30 - 000002048 ____A [510DC165D92F1F270792B813C302FF11] (Microsoft Corporation) C:\Windows\System32\Drivers\ko-KR\vpcnfltr.sys.mui
2011-02-22 13:43 - 2010-11-20 09:30 - 000002048 ____A [320E655845237BCF40CD103863ACBF0A] (Microsoft Corporation) C:\Windows\System32\Drivers\ko-KR\vpcusb.sys.mui
2011-02-22 13:43 - 2010-11-20 09:32 - 000002048 ____A [F1865076B1C1A9598F0EEBD5F8DE93B6] (Microsoft Corporation) C:\Windows\System32\Drivers\ko-KR\vpcuxd.sys.mui
2011-02-22 13:43 - 2010-11-20 09:28 - 000013824 ____A [0AC4BC1B45BA779CBB02FA60DA707E31] (Microsoft Corporation) C:\Windows\System32\Drivers\ko-KR\vpcvmm.sys.mui
2009-10-22 20:44 - 2011-02-22 13:49 - 000000000 ____D [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\nb-NO
2011-02-22 13:43 - 2010-11-20 08:36 - 000003584 ____A [90477BAB43E6002353A456B3D4A335E2] (Microsoft Corporation) C:\Windows\System32\Drivers\nb-NO\vpchbus.sys.mui
2011-02-22 13:43 - 2010-11-20 08:29 - 000002048 ____A [3863F480EBCB684CD10F1D1206E75E5E] (Microsoft Corporation) C:\Windows\System32\Drivers\nb-NO\vpcnfltr.sys.mui
2011-02-22 13:43 - 2010-11-20 08:33 - 000002048 ____A [56F3EDE689ADCF180FB007DD09A3E002] (Microsoft Corporation) C:\Windows\System32\Drivers\nb-NO\vpcusb.sys.mui
2011-02-22 13:43 - 2010-11-20 08:36 - 000002048 ____A [A82814C3FF0553D79B638830E5451919] (Microsoft Corporation) C:\Windows\System32\Drivers\nb-NO\vpcuxd.sys.mui
2011-02-22 13:43 - 2010-11-20 08:32 - 000014336 ____A [6BC925CFE52DDB0CA183FE16FDC7D20A] (Microsoft Corporation) C:\Windows\System32\Drivers\nb-NO\vpcvmm.sys.mui
2009-10-22 20:44 - 2011-02-22 13:49 - 000000000 ____D [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\nl-NL
2011-02-22 13:43 - 2010-11-20 08:40 - 000003584 ____A [604A35F4978C4DA6B926BC558AD167EB] (Microsoft Corporation) C:\Windows\System32\Drivers\nl-NL\vpchbus.sys.mui
2011-02-22 13:43 - 2010-11-20 08:28 - 000002048 ____A [A626A839344ABA3EB6AECAEBA2752FD2] (Microsoft Corporation) C:\Windows\System32\Drivers\nl-NL\vpcnfltr.sys.mui
2011-02-22 13:43 - 2010-11-20 08:32 - 000002048 ____A [CC6E03D7A96B531A043C1C9CC8CA941A] (Microsoft Corporation) C:\Windows\System32\Drivers\nl-NL\vpcusb.sys.mui
2011-02-22 13:43 - 2010-11-20 08:29 - 000002048 ____A [B6092EA9AB900C9F45D75782C868EBC9] (Microsoft Corporation) C:\Windows\System32\Drivers\nl-NL\vpcuxd.sys.mui
2011-02-22 13:43 - 2010-11-20 08:30 - 000014336 ____A [77C75A965EB6F3750B9D339EAFF6F314] (Microsoft Corporation) C:\Windows\System32\Drivers\nl-NL\vpcvmm.sys.mui
2009-10-22 20:44 - 2011-02-22 13:49 - 000000000 ____D [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\pl-PL
2011-02-22 13:43 - 2010-11-20 08:45 - 000004096 ____A [FE60672272050DC7AC60725BF51AFDF0] (Microsoft Corporation) C:\Windows\System32\Drivers\pl-PL\vpchbus.sys.mui
2011-02-22 13:43 - 2010-11-20 08:35 - 000002048 ____A [D184FAE1F6851D3C547A090C3519E553] (Microsoft Corporation) C:\Windows\System32\Drivers\pl-PL\vpcnfltr.sys.mui
2011-02-22 13:43 - 2010-11-20 08:34 - 000002048 ____A [93DF19CA0A1BD5A4863A32FA3416F505] (Microsoft Corporation) C:\Windows\System32\Drivers\pl-PL\vpcusb.sys.mui
2011-02-22 13:43 - 2010-11-20 08:46 - 000002560 ____A [8C53812FC9CD9A86CDC1BE795BD519CB] (Microsoft Corporation) C:\Windows\System32\Drivers\pl-PL\vpcuxd.sys.mui
2011-02-22 13:43 - 2010-11-20 08:41 - 000014336 ____A [D2263DA40AA49C7B51556C1521B4BBE1] (Microsoft Corporation) C:\Windows\System32\Drivers\pl-PL\vpcvmm.sys.mui
2009-10-22 20:44 - 2011-02-22 13:49 - 000000000 ____D [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\pt-BR
2011-02-22 13:43 - 2010-11-20 08:45 - 000003584 ____A [869EDD169658F262C558231CA4C0F0DB] (Microsoft Corporation) C:\Windows\System32\Drivers\pt-BR\vpchbus.sys.mui
2011-02-22 13:43 - 2010-11-20 08:36 - 000002048 ____A [AD86FFCF0598E97D01A4AFD6A00EC6BB] (Microsoft Corporation) C:\Windows\System32\Drivers\pt-BR\vpcnfltr.sys.mui
2011-02-22 13:43 - 2010-11-20 08:43 - 000002048 ____A [AF05B9B2AF9036ED81C9D5BD1099BA41] (Microsoft Corporation) C:\Windows\System32\Drivers\pt-BR\vpcusb.sys.mui
2011-02-22 13:43 - 2010-11-20 08:46 - 000002048 ____A [F2A33C4D82EB6DFC58EDF9667A31D74A] (Microsoft Corporation) C:\Windows\System32\Drivers\pt-BR\vpcuxd.sys.mui
2011-02-22 13:43 - 2010-11-20 08:42 - 000014336 ____A [31D0469B48577DF63A0DD13BC3C682D1] (Microsoft Corporation) C:\Windows\System32\Drivers\pt-BR\vpcvmm.sys.mui
2009-10-22 20:44 - 2011-02-22 13:49 - 000000000 ____D [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\pt-PT
2011-02-22 13:44 - 2010-11-20 08:36 - 000003584 ____A [7E5CD354FC9C115B850A7E3CA8987061] (Microsoft Corporation) C:\Windows\System32\Drivers\pt-PT\vpchbus.sys.mui
2011-02-22 13:44 - 2010-11-20 08:36 - 000002048 ____A [8A6EABC412FDF8FF88F4B1D9A853E51C] (Microsoft Corporation) C:\Windows\System32\Drivers\pt-PT\vpcnfltr.sys.mui
2011-02-22 13:44 - 2010-11-20 08:43 - 000002048 ____A [EFF6EE3CD8E80BAE499107929E1264B0] (Microsoft Corporation) C:\Windows\System32\Drivers\pt-PT\vpcusb.sys.mui
2011-02-22 13:44 - 2010-11-20 08:45 - 000002048 ____A [677ED5AC3022BEE826B7C23CB85BD95E] (Microsoft Corporation) C:\Windows\System32\Drivers\pt-PT\vpcuxd.sys.mui
2011-02-22 13:44 - 2010-11-20 08:45 - 000014336 ____A [14A695A9BA2C1A41B2A441551890F5F7] (Microsoft Corporation) C:\Windows\System32\Drivers\pt-PT\vpcvmm.sys.mui
2009-10-22 20:44 - 2011-02-22 13:49 - 000000000 ____D [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\ro-RO
2011-02-22 13:43 - 2010-11-20 08:38 - 000003584 ____A [E1DD321F54F720036F46943C40756F1A] (Microsoft Corporation) C:\Windows\System32\Drivers\ro-RO\vpchbus.sys.mui
2011-02-22 13:43 - 2010-11-20 08:36 - 000002048 ____A [4D62D781A81EFFBFEC6B78026E27A8CF] (Microsoft Corporation) C:\Windows\System32\Drivers\ro-RO\vpcnfltr.sys.mui
2011-02-22 13:43 - 2010-11-20 08:36 - 000002048 ____A [518722DACBDD1DF61D786BD35B87290B] (Microsoft Corporation) C:\Windows\System32\Drivers\ro-RO\vpcusb.sys.mui
2011-02-22 13:43 - 2010-11-20 08:48 - 000002048 ____A [5EDD1D71E638DFAB043BF27947E72527] (Microsoft Corporation) C:\Windows\System32\Drivers\ro-RO\vpcuxd.sys.mui
2011-02-22 13:43 - 2010-11-20 08:49 - 000014336 ____A [A43EE90CE75CCCBA4E8993F44B18DB34] (Microsoft Corporation) C:\Windows\System32\Drivers\ro-RO\vpcvmm.sys.mui
2009-10-22 20:44 - 2011-02-22 13:49 - 000000000 ____D [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\ru-RU
2011-02-22 13:44 - 2010-11-20 08:46 - 000003584 ____A [C111F7A65AE0809FD23B6E9897277186] (Microsoft Corporation) C:\Windows\System32\Drivers\ru-RU\vpchbus.sys.mui
2011-02-22 13:44 - 2010-11-20 08:35 - 000002048 ____A [3741266A5C520AC63431003FE816C8A7] (Microsoft Corporation) C:\Windows\System32\Drivers\ru-RU\vpcnfltr.sys.mui
2011-02-22 13:44 - 2010-11-20 08:42 - 000002048 ____A [F57DE64BD8DF7628CE4531FC066B0388] (Microsoft Corporation) C:\Windows\System32\Drivers\ru-RU\vpcusb.sys.mui
2011-02-22 13:44 - 2010-11-20 08:46 - 000002048 ____A [74DCE318BCE066DDB25A7841FEA2FCE1] (Microsoft Corporation) C:\Windows\System32\Drivers\ru-RU\vpcuxd.sys.mui
2011-02-22 13:44 - 2010-11-20 08:41 - 000014336 ____A [80301A1CF0C32FF85A8361307AF7C165] (Microsoft Corporation) C:\Windows\System32\Drivers\ru-RU\vpcvmm.sys.mui
2009-10-22 20:44 - 2011-02-22 13:49 - 000000000 ____D [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\sv-SE
2011-02-22 13:44 - 2010-11-20 08:38 - 000003584 ____A [CC91AA67CFD45502EA812F6DC7490DDD] (Microsoft Corporation) C:\Windows\System32\Drivers\sv-SE\vpchbus.sys.mui
2011-02-22 13:44 - 2010-11-20 08:43 - 000002048 ____A [BD27A7B616E29B9BEB74CB07EFD3E6FF] (Microsoft Corporation) C:\Windows\System32\Drivers\sv-SE\vpcnfltr.sys.mui
2011-02-22 13:44 - 2010-11-20 08:35 - 000002048 ____A [3566EFCD17D93236BA03D98F8855C477] (Microsoft Corporation) C:\Windows\System32\Drivers\sv-SE\vpcusb.sys.mui
2011-02-22 13:44 - 2010-11-20 08:37 - 000002048 ____A [466A929F27A3B3E64A6BFB677BD00BED] (Microsoft Corporation) C:\Windows\System32\Drivers\sv-SE\vpcuxd.sys.mui
2011-02-22 13:44 - 2010-11-20 08:44 - 000013824 ____A [8323F0839027E8568AC9CD40AA8DDBAC] (Microsoft Corporation) C:\Windows\System32\Drivers\sv-SE\vpcvmm.sys.mui
2009-10-22 20:44 - 2011-02-22 13:49 - 000000000 ____D [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\th-TH
2011-02-22 13:43 - 2010-11-20 08:50 - 000003072 ____A [9C5418E616F605FEEBC9C34C3AABD53E] (Microsoft Corporation) C:\Windows\System32\Drivers\th-TH\vpchbus.sys.mui
2011-02-22 13:43 - 2010-11-20 08:37 - 000002048 ____A [457C2DF89AFA78221EE1A1C2E664193B] (Microsoft Corporation) C:\Windows\System32\Drivers\th-TH\vpcnfltr.sys.mui
2011-02-22 13:43 - 2010-11-20 08:46 - 000002048 ____A [26428A94D7B6F8DD03121531B78E0EA5] (Microsoft Corporation) C:\Windows\System32\Drivers\th-TH\vpcusb.sys.mui
2011-02-22 13:43 - 2010-11-20 08:39 - 000002048 ____A [7E50ED96A085FA9DE2AB3F9F608FA0BE] (Microsoft Corporation) C:\Windows\System32\Drivers\th-TH\vpcuxd.sys.mui
2011-02-22 13:43 - 2010-11-20 08:49 - 000014336 ____A [BE182FB38FC4390B9D5D3F53A3C62FC0] (Microsoft Corporation) C:\Windows\System32\Drivers\th-TH\vpcvmm.sys.mui
2009-10-22 20:44 - 2011-02-22 13:49 - 000000000 ____D [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\tr-TR
2011-02-22 13:44 - 2010-11-20 08:40 - 000003584 ____A [9FA7BC513B835E4DB306AC59B525C70D] (Microsoft Corporation) C:\Windows\System32\Drivers\tr-TR\vpchbus.sys.mui
2011-02-22 13:44 - 2010-11-20 08:35 - 000002048 ____A [2E5781B276EB4104EF91E57745521B6F] (Microsoft Corporation) C:\Windows\System32\Drivers\tr-TR\vpcnfltr.sys.mui
2011-02-22 13:44 - 2010-11-20 08:42 - 000002048 ____A [5ED0E82D25EC0AEC7DEB2A8469BDD84A] (Microsoft Corporation) C:\Windows\System32\Drivers\tr-TR\vpcusb.sys.mui
2011-02-22 13:44 - 2010-11-20 08:36 - 000002048 ____A [4A5CC1F7794270919522A363198297E2] (Microsoft Corporation) C:\Windows\System32\Drivers\tr-TR\vpcuxd.sys.mui
2011-02-22 13:44 - 2010-11-20 08:36 - 000014336 ____A [104CF6F201A9ADDE32A2B162940EAAEA] (Microsoft Corporation) C:\Windows\System32\Drivers\tr-TR\vpcvmm.sys.mui
2009-07-13 22:20 - 2015-05-13 03:16 - 000000000 ____D [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\UMDF
2009-07-13 19:21 - 2009-07-13 20:41 - 000299520 ____A [91D6F0AB79AA36FFB932157865206F35] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\WpdFs.dll
2015-05-13 02:54 - 2015-01-28 22:19 - 001195008 ____A [E506DF49926F3086124F629D3352976E] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\WpdMtpDr.dll
2009-07-14 00:37 - 2009-07-14 00:37 - 000000000 ____D [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\UMDF\en-US
2009-07-14 00:35 - 2009-07-13 21:24 - 000002560 ____A [5D15B0705E707F02D71B9547007D2727] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\en-US\WpdMtpDr.dll.mui
2009-07-14 00:35 - 2009-07-13 21:26 - 000006144 ____A [930D103D5C3BE0F6074C67C0F3296602] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\en-US\WUDFUsbccidDriver.dll.mui
2009-10-22 20:44 - 2011-02-22 13:49 - 000000000 ____D [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\zh-CN
2011-02-22 13:43 - 2010-11-20 09:25 - 000002560 ____A [41B539C509ED553A5EBB9C7071C016B7] (Microsoft Corporation) C:\Windows\System32\Drivers\zh-CN\vpchbus.sys.mui
2011-02-22 13:43 - 2010-11-20 09:27 - 000002048 ____A [43E07AAE0A1E86759AA86D9EA4001706] (Microsoft Corporation) C:\Windows\System32\Drivers\zh-CN\vpcnfltr.sys.mui
2011-02-22 13:43 - 2010-11-20 09:26 - 000002048 ____A [16D6BC487577618193FDB3DD4ACEDB8E] (Microsoft Corporation) C:\Windows\System32\Drivers\zh-CN\vpcusb.sys.mui
2011-02-22 13:43 - 2010-11-20 09:24 - 000002048 ____A [880F134D139167E9377BE1DCF72069B7] (Microsoft Corporation) C:\Windows\System32\Drivers\zh-CN\vpcuxd.sys.mui
2011-02-22 13:43 - 2010-11-20 09:24 - 000013824 ____A [9FAAD998F73FCBAAEF457679BCDF6B6D] (Microsoft Corporation) C:\Windows\System32\Drivers\zh-CN\vpcvmm.sys.mui
2009-10-22 20:44 - 2011-02-22 13:49 - 000000000 ____D [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\zh-TW
2011-02-22 13:43 - 2010-11-20 09:28 - 000002560 ____A [4C62B204602E3CDE64DC434F6DEA52A5] (Microsoft Corporation) C:\Windows\System32\Drivers\zh-TW\vpchbus.sys.mui
2011-02-22 13:43 - 2010-11-20 09:23 - 000002048 ____A [0DD462A331443AC2E267C315EFC42AD7] (Microsoft Corporation) C:\Windows\System32\Drivers\zh-TW\vpcnfltr.sys.mui
2011-02-22 13:43 - 2010-11-20 09:26 - 000002048 ____A [862E71CE5382B5D4CAD2BFF969CB30C8] (Microsoft Corporation) C:\Windows\System32\Drivers\zh-TW\vpcusb.sys.mui
2011-02-22 13:43 - 2010-11-20 09:25 - 000002048 ____A [5EA700C25A599427098E488BED448D4C] (Microsoft Corporation) C:\Windows\System32\Drivers\zh-TW\vpcuxd.sys.mui
2011-02-22 13:43 - 2010-11-20 09:28 - 000013824 ____A [78454B3278F45A6826C3B7B4CB6409A8] (Microsoft Corporation) C:\Windows\System32\Drivers\zh-TW\vpcvmm.sys.mui

====== End of Folder: ======


========= Reg query "HKEY_LOCAL_MACHINE\SYSTEM\Select" =========


HKEY_LOCAL_MACHINE\SYSTEM\Select
    Current    REG_DWORD    0x1
    Default    REG_DWORD    0x1
    Failed    REG_DWORD    0x0
    LastKnownGood    REG_DWORD    0x2



========= End of Reg: =========


==== End of Fixlog 12:54:33 ====

Attached Files



#20 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,938 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:09:46 PM

Posted 30 November 2017 - 01:13 PM

  • Highlight the entire content of the quote box below.

Start::
Reg: Reg delete HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\nspiuaok
Reg: Reg delete HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\nspiuaok
C:\Windows\System32\Drivers\mbb*
End::

  • Right click on the highlighted text and select Copy.
  • Start FRST (FRST64) with Administrator privileges
  • Press the Fix button. FRST will process the lines copied above from the clipboard.
  • When finished, a log file (Fixlog.txt) will pop up and saved in the same location the tool was ran from.

Please copy and paste its contents in your next reply.
 

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#21 anthroxdx

anthroxdx
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Local time:08:46 PM

Posted 30 November 2017 - 08:50 PM

Fix result of Farbar Recovery Scan Tool (x64) Version: 30-11-2017
Ran by Nick Brano (30-11-2017 20:43:46) Run:14
Running from C:\Users\Nick Brano\Desktop
Loaded Profiles: Nick Brano (Available Profiles: Nick Brano)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start::
Reg: Reg delete HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\nspiuaok
Reg: Reg delete HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\nspiuaok
C:\Windows\System32\Drivers\mbb*
End:
*****************

Start:: => Error: No automatic fix found for this entry.

========= Reg delete HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\nspiuaok =========

Permanently delete the registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\nspiuaok (Yes/No)? ERROR: The system was unable to find the specified registry key or value.


========= End of Reg: =========


========= Reg delete HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\nspiuaok =========

Permanently delete the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\nspiuaok (Yes/No)? ERROR: The system was unable to find the specified registry key or value.


========= End of Reg: =========


=========== "C:\Windows\System32\Drivers\mbb*" ==========

Could not move "C:\Windows\System32\Drivers\mbboruyb.sys" => Scheduled to move on reboot.

========= End -> "C:\Windows\System32\Drivers\mbb*" ========

End: => Error: No automatic fix found for this entry.

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 30-11-2017 20:47:46)

C:\Windows\System32\Drivers\mbboruyb.sys => Is moved successfully

==== End of Fixlog 20:47:46 ====

Attached Files



#22 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,938 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:09:46 PM

Posted 01 December 2017 - 03:12 PM

  • Highlight the entire content of the quote box below.

Start::
Reg: Reg query HKEY_LOCAL_MACHINE\SYSTEM\Select
Reg: Reg query "HKLM\SYSTEM\CurrentControlSet\Services" /v Start /s
C:\Windows\System32\Drivers\mbb*
CMD: dir /a-d /s /r C:\Windows\System32\drivers | find ":$DATA"
End::

  • Right click on the highlighted text and select Copy.
  • Start FRST (FRST64) with Administrator privileges
  • Press the Fix button. FRST will process the lines copied above from the clipboard.
  • When finished, a log file (Fixlog.txt) will pop up and saved in the same location the tool was ran from.
Please copy and paste its contents in your next reply.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#23 anthroxdx

anthroxdx
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Local time:08:46 PM

Posted 02 December 2017 - 12:17 AM

Fix result of Farbar Recovery Scan Tool (x64) Version: 30-11-2017
Ran by Nick Brano (02-12-2017 00:09:36) Run:15
Running from C:\Users\Nick Brano\Desktop
Loaded Profiles: Nick Brano (Available Profiles: Nick Brano)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Reg: Reg query HKEY_LOCAL_MACHINE\SYSTEM\Select
Reg: Reg query "HKLM\SYSTEM\CurrentControlSet\Services" /v Start /s
C:\Windows\System32\Drivers\mbb*
CMD: dir /a-d /s /r C:\Windows\System32\drivers | find ":$DATA"

*****************


========= Reg query HKEY_LOCAL_MACHINE\SYSTEM\Select =========


HKEY_LOCAL_MACHINE\SYSTEM\Select
    Current    REG_DWORD    0x1
    Default    REG_DWORD    0x1
    Failed    REG_DWORD    0x0
    LastKnownGood    REG_DWORD    0x2



========= End of Reg: =========


========= Reg query "HKLM\SYSTEM\CurrentControlSet\Services" /v Start /s =========


HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\!SASCORE
    Start    REG_DWORD    0x4

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\1394ohci
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ACPI
    Start    REG_DWORD    0x0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AcpiPmi
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\adfs
    Start    REG_DWORD    0x2

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Adobe LM Service
    Start    REG_DWORD    0x4

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AdobeARMservice
    Start    REG_DWORD    0x4

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\adp94xx
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\adpahci
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\adpu320
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AeLookupSvc
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AFD
    Start    REG_DWORD    0x1

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\agp440
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Akamai
    Start    REG_DWORD    0x4

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ALG
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\aliide
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AMD External Events Utility
    Start    REG_DWORD    0x4

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\amdide
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AmdK8
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\amdkmdag
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\amdkmdap
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AmdPPM
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\amdsata
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\amdsbs
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\amdxata
    Start    REG_DWORD    0x0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ampa
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AnyDVD
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AppID
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AppIDSvc
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Appinfo
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Apple Mobile Device
    Start    REG_DWORD    0x4

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Apple Mobile Device Service
    Start    REG_DWORD    0x2

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AppMgmt
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\arc
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\arcsas
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AsIO
    Start    REG_DWORD    0x1

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\aspnet_state
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AsUpIO
    Start    REG_DWORD    0x1

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AsyncMac
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\atapi
    Start    REG_DWORD    0x0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AtiHDAudioService
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AtiHdmiService
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\atikmdag
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AudioEndpointBuilder
    Start    REG_DWORD    0x2

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AudioSrv
    Start    REG_DWORD    0x2

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AxInstSV
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\b06bdrv
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\b57nd60a
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BDESVC
    Start    REG_DWORD    0x4

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Beep
    Start    REG_DWORD    0x1

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BFE
    Start    REG_DWORD    0x2

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BlackBox
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\blbdrive
    Start    REG_DWORD    0x1

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bonjour Service
    Start    REG_DWORD    0x4

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bowser
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BrFiltLo
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BrFiltUp
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BridgeMP
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Browser
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Brserid
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BrSerWdm
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BrUsbMdm
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BrUsbSer
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BstHdAndroidSvc
    Start    REG_DWORD    0x4

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BstHdDrv
    Start    REG_DWORD    0x2

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BstHdLogRotatorSvc
    Start    REG_DWORD    0x4

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BstHdUpdaterSvc
    Start    REG_DWORD    0x4

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BthEnum
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BTHMODEM
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BthPan
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BTHPORT
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bthserv
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BTHUSB
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\cdfs
    Start    REG_DWORD    0x4

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\cdrom
    Start    REG_DWORD    0x1

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CertPropSvc
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\circlass
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\cjtg
    Start    REG_DWORD    0x4

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ck3pro
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CLFS
    Start    REG_DWORD    0x0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\clr_optimization_v2.0.50727_32
    Start    REG_DWORD    0x4

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\clr_optimization_v2.0.50727_64
    Start    REG_DWORD    0x4

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\clr_optimization_v4.0.30319_32
    Start    REG_DWORD    0x2

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\clr_optimization_v4.0.30319_64
    Start    REG_DWORD    0x2

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CmBatt
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\cmdide
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CNG
    Start    REG_DWORD    0x0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Compbatt
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CompositeBus
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\COMSysApp
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\crcdisk
    Start    REG_DWORD    0x4

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CryptSvc
    Start    REG_DWORD    0x2

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CSC
    Start    REG_DWORD    0x1

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CscService
    Start    REG_DWORD    0x4

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DcomLaunch
    Start    REG_DWORD    0x2

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\defragsvc
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DfsC
    Start    REG_DWORD    0x1

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dhcp
    Start    REG_DWORD    0x2

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DiagTrack
    Start    REG_DWORD    0x2

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\discache
    Start    REG_DWORD    0x1

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Disk
    Start    REG_DWORD    0x0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache
    Start    REG_DWORD    0x2

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\dot3svc
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DPS
    Start    REG_DWORD    0x2

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\drmkaud
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\dtsoftbus01
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DXGKrnl
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EapHost
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ebdrv
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EFS
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ehRecvr
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ehSched
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ElbyCDIO
    Start    REG_DWORD    0x1

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\elxstor
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EMSLink
    Start    REG_DWORD    0x2

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ErrDev
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\eventlog
    Start    REG_DWORD    0x2

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventSystem
    Start    REG_DWORD    0x2

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\exfat
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\fastfat
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Fax
    Start    REG_DWORD    0x4

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\fdc
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\fdPHost
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\FDResPub
    Start    REG_DWORD    0x4

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\FileInfo
    Start    REG_DWORD    0x0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Filetrace
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\FLEXnet Licensing Service
    Start    REG_DWORD    0x4

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\FLEXnet Licensing Service 64
    Start    REG_DWORD    0x4

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\flpydisk
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\FltMgr
    Start    REG_DWORD    0x0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\FontCache
    Start    REG_DWORD    0x2

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\FontCache3.0.0.0
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\FsDepends
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Fs_Rec
    Start    REG_DWORD    0x0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\FTDIBUS
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\FTSER2K
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\fvevol
    Start    REG_DWORD    0x0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\gagp30kx
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\GEARAspiWDM
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\gpsvc
    Start    REG_DWORD    0x2

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\gupdate
    Start    REG_DWORD    0x2

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\gupdatem
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\hamachi
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Hamachi2Svc
    Start    REG_DWORD    0x4

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\hcw85cir
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\HdAudAddService
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\HDAudBus
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\HidBatt
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\HidBth
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\HidIr
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\hidserv
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\HidUsb
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\hkmsvc
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\HomeGroupListener
    Start    REG_DWORD    0x4

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\HomeGroupProvider
    Start    REG_DWORD    0x4

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\HpSAMD
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\HTTP
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\hwpolicy
    Start    REG_DWORD    0x0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\i8042prt
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\iaStorV
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IDriverT
    Start    REG_DWORD    0x4

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\idsvc
    Start    REG_DWORD    0x4

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IEEtwCollectorService
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\iirsp
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IKEEXT
    Start    REG_DWORD    0x2

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\intelide
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\intelppm
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IPBusEnum
    Start    REG_DWORD    0x2

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IpFilterDriver
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\iphlpsvc
    Start    REG_DWORD    0x2

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IPMIDRV
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IPNAT
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\iPod Service
    Start    REG_DWORD    0x4

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IRENUM
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\isapnp
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\iScsiPrt
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\kbdclass
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\kbdhid
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\KeyIso
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\KSecDD
    Start    REG_DWORD    0x0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\KSecPkg
    Start    REG_DWORD    0x0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ksthunk
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\KtmRm
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanServer
    Start    REG_DWORD    0x2

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters
    Start    REG_DWORD    0x2

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanWorkstation
    Start    REG_DWORD    0x2

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lltdio
    Start    REG_DWORD    0x2

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lltdsvc
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lmhosts
    Start    REG_DWORD    0x2

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LMIGuardianSvc
    Start    REG_DWORD    0x4

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LSI_FC
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LSI_SAS
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LSI_SAS2
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LSI_SCSI
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\luafv
    Start    REG_DWORD    0x2

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMService
    Start    REG_DWORD    0x4

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMSwissArmy
    Start    REG_DWORD    0x4

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Mcx2Svc
    Start    REG_DWORD    0x4

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\megasas
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MegaSR
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MMCSS
    Start    REG_DWORD    0x2

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Modem
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\monitor
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\mouclass
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\mouhid
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\mountmgr
    Start    REG_DWORD    0x0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MozillaMaintenance
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\mpio
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\mpsdrv
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MpsSvc
    Start    REG_DWORD    0x2

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MRxDAV
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\mrxsmb
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\mrxsmb10
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\mrxsmb20
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\msahci
    Start    REG_DWORD    0x0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSCSPTISRV
    Start    REG_DWORD    0x4

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\msdsm
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSDTC
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Msfs
    Start    REG_DWORD    0x1

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\mshidkmdf
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\msisadrv
    Start    REG_DWORD    0x0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSiSCSI
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\msiserver
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSKSSRV
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSPCLOCK
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSPQM
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MsRPC
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\mssmbios
    Start    REG_DWORD    0x1

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSSQL$SQLEXPRESS
    Start    REG_DWORD    0x2

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSSQLServerADHelper100
    Start    REG_DWORD    0x4

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSTEE
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\msvsmon100
    Start    REG_DWORD    0x4

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MTConfig
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MTsensor
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Mup
    Start    REG_DWORD    0x0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\napagent
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NativeWifiP
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NDIS
    Start    REG_DWORD    0x0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NdisCap
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NdisTapi
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Ndisuio
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NdisWan
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NDProxy
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Neo_VPN
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netaapl
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBIOS
    Start    REG_DWORD    0x1

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT
    Start    REG_DWORD    0x1

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netman
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetMsmqActivator
    Start    REG_DWORD    0x4

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetPipeActivator
    Start    REG_DWORD    0x4

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\netprofm
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetTcpActivator
    Start    REG_DWORD    0x4

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetTcpPortSharing
    Start    REG_DWORD    0x4

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\nfrd960
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NlaSvc
    Start    REG_DWORD    0x2

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NMIndexingService
    Start    REG_DWORD    0x4

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NPF
    Start    REG_DWORD    0x2

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Npfs
    Start    REG_DWORD    0x1

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\npggsvc
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\nsi
    Start    REG_DWORD    0x2

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\nsiproxy
    Start    REG_DWORD    0x1

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Ntfs
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Null
    Start    REG_DWORD    0x1

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\nvraid
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\nvstor
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\nv_agp
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\odserv
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ohci1394
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ose
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\p2pimsvc
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\p2psvc
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PACSPTISVR
    Start    REG_DWORD    0x4

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Parport
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\partmgr
    Start    REG_DWORD    0x0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PcaSvc
    Start    REG_DWORD    0x2

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\pci
    Start    REG_DWORD    0x0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\pciide
    Start    REG_DWORD    0x0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\pcmcia
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\pcw
    Start    REG_DWORD    0x0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PEAUTH
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PeerDistSvc
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PerfHost
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\pfc
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\pla
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PlugPlay
    Start    REG_DWORD    0x2

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Pml Driver HPZ12
    Start    REG_DWORD    0x4

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PNRPAutoReg
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PNRPsvc
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PolicyAgent
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Power
    Start    REG_DWORD    0x2

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PptpMiniport
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Processor
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ProfSvc
    Start    REG_DWORD    0x2

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ProtectedStorage
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Psched
    Start    REG_DWORD    0x1

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PxHlpa64
    Start    REG_DWORD    0x0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ql2300
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ql40xx
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\QWAVE
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\QWAVEdrv
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RasAcd
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RasAgileVpn
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RasAuto
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Rasl2tp
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RasMan
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RasPppoe
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RasSstp
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Razer Chroma SDK Server
    Start    REG_DWORD    0x2

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Razer Chroma SDK Service
    Start    REG_DWORD    0x2

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Razer Game Scanner Service
    Start    REG_DWORD    0x4

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\rdbss
    Start    REG_DWORD    0x1

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\rdpbus
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RDPCDD
    Start    REG_DWORD    0x1

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RDPDR
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RDPENCDD
    Start    REG_DWORD    0x1

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RDPREFMP
    Start    REG_DWORD    0x1

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RdpVideoMiniport
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RDPWD
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\rdyboost
    Start    REG_DWORD    0x0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess
    Start    REG_DWORD    0x4

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RFCOMM
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\rpcapd
    Start    REG_DWORD    0x4

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RpcEptMapper
    Start    REG_DWORD    0x2

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RpcLocator
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RpcSs
    Start    REG_DWORD    0x2

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\rspndr
    Start    REG_DWORD    0x2

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RTL8167
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ruhbiv
    Start    REG_DWORD    0x4

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\rzendpt
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\rzmpos
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\rzpmgrk
    Start    REG_DWORD    0x2

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\rzpnk
    Start    REG_DWORD    0x2

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\rzudd
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\s3cap
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SaiK0CD7
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SaiMini
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SaiNtBus
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SaiU0CD7
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SamSs
    Start    REG_DWORD    0x2

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SASDIFSV
    Start    REG_DWORD    0x1

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SASKUTIL
    Start    REG_DWORD    0x1

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sbp2port
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SCardSvr
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\scfilter
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Schedule
    Start    REG_DWORD    0x2

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SCPolicySvc
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SDRSVC
    Start    REG_DWORD    0x4

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\secdrv
    Start    REG_DWORD    0x4

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\seclogon
    Start    REG_DWORD    0x2

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SEE
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SENS
    Start    REG_DWORD    0x2

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SensrSvc
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Serenum
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Serial
    Start    REG_DWORD    0x1

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sermouse
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SessionEnv
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SEVPNCLIENT
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sffdisk
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sffp_mmc
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sffp_sd
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sfloppy
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess
    Start    REG_DWORD    0x2

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ShellHWDetection
    Start    REG_DWORD    0x2

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SiSRaid2
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SiSRaid4
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SkypeUpdate
    Start    REG_DWORD    0x4

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Smb
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SNMPTRAP
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SonicStage Back-End Service
    Start    REG_DWORD    0x4

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\spldr
    Start    REG_DWORD    0x0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Spooler
    Start    REG_DWORD    0x2

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sppsvc
    Start    REG_DWORD    0x2

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sppuinotify
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SPTISRV
    Start    REG_DWORD    0x4

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SQLAgent$SQLEXPRESS
    Start    REG_DWORD    0x4

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SQLBrowser
    Start    REG_DWORD    0x4

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SQLWriter
    Start    REG_DWORD    0x2

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srv
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srv2
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srvnet
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SSDPSRV
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SSScsiSV
    Start    REG_DWORD    0x4

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SstpSvc
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Steam Client Service
    Start    REG_DWORD    0x4

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\stexstor
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\StillCam
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\stisvc
    Start    REG_DWORD    0x2

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\storflt
    Start    REG_DWORD    0x0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\StorSvc
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\storvsc
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\swenum
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SwitchBoard
    Start    REG_DWORD    0x4

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\swprv
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SysMain
    Start    REG_DWORD    0x4

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TabletInputService
    Start    REG_DWORD    0x4

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TapiSrv
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip
    Start    REG_DWORD    0x0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TCPIP6
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\tcpipreg
    Start    REG_DWORD    0x2

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TDPIPE
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TDTCP
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\tdx
    Start    REG_DWORD    0x1

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TenorshareReibootService
    Start    REG_DWORD    0x4

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TermDD
    Start    REG_DWORD    0x1

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TermService
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Themes
    Start    REG_DWORD    0x2

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\THREADORDER
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TrkWks
    Start    REG_DWORD    0x2

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TrustedInstaller
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\tssecsrv
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TsUsbFlt
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TTDrv
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\tunnel
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\uagp35
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\udfs
    Start    REG_DWORD    0x4

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\udiskMgr
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\UI0Detect
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\uliagpkx
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\UltraMonUtility
    Start    REG_DWORD    0x2

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\umbus
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\UmPass
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\UmRdpService
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\upnphost
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\USBAAPL64
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\usbaudio
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\usbccgp
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\usbcir
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\usbehci
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\usbhub
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\usbohci
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\usbprint
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\USBSTOR
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\usbuhci
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\usbvideo
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\UxSms
    Start    REG_DWORD    0x2

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\VaultSvc
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vdrvroot
    Start    REG_DWORD    0x0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vds
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vga
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\VgaSave
    Start    REG_DWORD    0x1

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vhdmp
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\VIAHdAudAddService
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\viaide
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vmbus
    Start    REG_DWORD    0x0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\VMBusHID
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\volmgr
    Start    REG_DWORD    0x0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\volmgrx
    Start    REG_DWORD    0x0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\volsnap
    Start    REG_DWORD    0x0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vpcbus
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vpcnfltr
    Start    REG_DWORD    0x1

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vpcusb
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vpcuxd
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vpcvmm
    Start    REG_DWORD    0x1

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vsmraid
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\VSS
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vwifibus
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time
    Start    REG_DWORD    0x2

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WacomPen
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WANARP
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Wanarpv6
    Start    REG_DWORD    0x1

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WatAdminSvc
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wbengine
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WbioSrvc
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wcncsvc
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WcsPlugInService
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Wd
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WD Backup Drive Helper
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WD Backup Snapshot
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WDC_SAM
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WDDriveService
    Start    REG_DWORD    0x2

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Wdf01000
    Start    REG_DWORD    0x0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WdiServiceHost
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WdiSystemHost
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WebClient
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Wecsvc
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wercplsupport
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WerSvc
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WfpLwf
    Start    REG_DWORD    0x1

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WIMMount
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinDefend
    Start    REG_DWORD    0x4

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinHttpAutoProxySvc
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Winmgmt
    Start    REG_DWORD    0x2

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinRM
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Winsock
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinUsb
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Wlansvc
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wlidsvc
    Start    REG_DWORD    0x2

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WmiAcpi
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wmiApSrv
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WMPNetworkSvc
    Start    REG_DWORD    0x4

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WPCSvc
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WPDBusEnum
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ws2ifsl
    Start    REG_DWORD    0x1

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WsAudio_Device
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wscsvc
    Start    REG_DWORD    0x4

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WSDPrintDevice
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WSDScan
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WSearch
    Start    REG_DWORD    0x4

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv
    Start    REG_DWORD    0x2

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WudfPf
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WUDFRd
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wudfsvc
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WwanSvc
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\xb1usb
    Start    REG_DWORD    0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\xusb21
    Start    REG_DWORD    0x3

End of search: 508 match(es) found.


========= End of Reg: =========


=========== "C:\Windows\System32\Drivers\mbb*" ==========

Could not move "C:\Windows\System32\Drivers\mbboruyb.sys" => Scheduled to move on reboot.

========= End -> "C:\Windows\System32\Drivers\mbb*" ========


========= dir /a-d /s /r C:\Windows\System32\drivers | find ":$DATA" =========


========= End of CMD: =========


Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 02-12-2017 00:13:38)

C:\Windows\System32\Drivers\mbboruyb.sys => Is moved successfully

==== End of Fixlog 00:13:38 ====

Attached Files



#24 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,938 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:09:46 PM

Posted 02 December 2017 - 01:39 PM

That file, part of the SmartService Rootkit, is spawning renamed on every restart. Lets run an application to check the autoruns in your computer.

Download Autoruns by Mark Russinovich. Unzip the contents on its own folder. Open the folder, right click on Autoruns and select run as Administrator. Allow the program to scan the computer. When Ready, save the file as an Autoruns file and upload this file here.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#25 anthroxdx

anthroxdx
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Local time:08:46 PM

Posted 02 December 2017 - 01:53 PM

Submitted. It should say, "for JSntgRvr on the forum" in the comment for the submission.

 

I should also be around my computer to respond more since it's the weekend.



#26 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,938 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:09:46 PM

Posted 02 December 2017 - 06:00 PM

For some reason I am unable to read this file. Please save it as a .txt file and upload it to my channel once again.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#27 anthroxdx

anthroxdx
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Local time:08:46 PM

Posted 02 December 2017 - 06:02 PM

^ Reuploaded as a .txt.



#28 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,938 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:09:46 PM

Posted 02 December 2017 - 07:47 PM

Nothing uncommon on that report. Will consult with my colleagues. Will post back.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#29 anthroxdx

anthroxdx
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Local time:08:46 PM

Posted 02 December 2017 - 08:16 PM

If you want to know how my machine is running. Everything is running smoother thanks to your guidance and fixes. I noticed some odd processes. But not sure why there's certain things or 4-5 firefox.exe are running, unless that's how the new way Firefox does things.

 

However, System Restore and Razer Synapse refuse to do nothing when I try to run them.


Edited by anthroxdx, 02 December 2017 - 08:24 PM.


#30 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,938 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:09:46 PM

Posted 03 December 2017 - 12:41 PM

Lets check System Restore.
  • Highlight the entire content of the quote box below.

Start::
Reg: Reg query "HKLM\SYSTEM\CurrentControlSet\services\VSS" /s
Reg: Reg query "HKLM\SYSTEM\CurrentControlSet\services\RpcSs" /s
End::

  • Right click on the highlighted text and select Copy.
  • Start FRST (FRST64) with Administrator privileges
  • Press the Fix button. FRST will process the lines copied above from the clipboard.
  • When finished, a log file (Fixlog.txt) will pop up and saved in the same location the tool was ran from.
Please copy and paste its contents in your next reply.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif





3 user(s) are reading this topic

0 members, 3 guests, 0 anonymous users