Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows Process Manager (32 bit) Virus


  • This topic is locked This topic is locked
6 replies to this topic

#1 frost101

frost101

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:09:14 PM

Posted 20 January 2018 - 01:35 PM

In my task manager, a program called Windows Process Manager (32bit) is running and usually slows my computer down like crazy. There are also programs with gibberish names that are populated around my computer that I can't remove. It's also redirecting my Chrome searches to bing search results using the citypage.today extension which I can't seem to remove. I've run Malwarebytes and as well as their MBAR tool but they were unable to detect the viruses. The virus is also blocking my ability to do certain tasks like re-enabling my window's defender virus protection and system restore. The problems in this post, https://www.bleepingcomputer.com/forums/t/668018/windows-process-manager-32-bit-and-igfxmtc-32-bit/ are identical to the ones I've been having. 

 

 

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17.01.2018 01
Ran by Kevin (administrator) on KEVINLELAPTOP (20-01-2018 12:15:41)
Running from F:\
Loaded Profiles: Kevin (Available Profiles: Kevin)
Platform: Windows 10 Home Version 1709 16299.125 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUS) C:\Program Files\ASUS\P4G\InsOnSrv.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
() C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
(Felix Logic) C:\Program Files (x86)\Cold Turkey\CTService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Copyright © 2017 Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(ASUS) C:\Program Files\ASUS\P4G\InsOnWMI.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_2.0.5.0_x64__8wekyb3d8bbwe\Microsoft.Notes.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
() C:\Windows\SysWOW64\UMonit64.exe
(f.lux Software LLC) C:\Users\Kevin\AppData\Local\FluxSoftware\Flux\flux.exe
(Spotify Ltd) C:\Users\Kevin\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Copyright © 2017 Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.274.0_x64__kzf8qxf38zg5c\SkypeHost.exe
() C:\Program Files (x86)\Raptr Inc\PlaysTV\QtWebEngineProcess.exe
() C:\Program Files (x86)\Raptr Inc\PlaysTV\QtWebEngineProcess.exe
() C:\Program Files (x86)\Raptr Inc\PlaysTV\QtWebEngineProcess.exe
() C:\Program Files (x86)\Raptr Inc\PlaysTV\QtWebEngineProcess.exe
() C:\Program Files (x86)\Raptr Inc\PlaysTV\QtWebEngineProcess.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_ep64.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Discord Inc.) C:\Users\Kevin\AppData\Local\Discord\app-0.0.300\Discord.exe
(Discord Inc.) C:\Users\Kevin\AppData\Local\Discord\app-0.0.300\Discord.exe
(Discord Inc.) C:\Users\Kevin\AppData\Local\Discord\app-0.0.300\Discord.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13650648 2013-08-20] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-06] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3348712 2015-06-22] (ELAN Microelectronics Corp.)
HKLM\...\Run: [UMonit64] => C:\Windows\SysWOW64\UMonit64.exe******************************************************************************************************************************* [40960 2013-03-14] ()
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-09-09] (Apple Inc.)
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [596640 2017-03-02] (Razer Inc.)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2013-05-01] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe [3576784 2012-12-19] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)
HKLM-x32\...\Run: [ROGNB] => C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe [463872 2013-05-15] ()
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67384 2016-09-01] (Apple Inc.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3567928 2018-01-08] (Dropbox, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation)
HKLM-x32\...\Run: [PlaysTV] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [51416 2017-12-12] (Copyright © 2017 Plays.tv, LLC)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1647080334-1320705266-513318729-1002\...\Run: [f.lux] => C:\Users\Kevin\AppData\Local\FluxSoftware\Flux\flux.exe [1678840 2017-10-10] (f.lux Software LLC)
HKU\S-1-5-21-1647080334-1320705266-513318729-1002\...\Run: [Google Update] => C:\Users\Kevin\AppData\Local\Google\Update\1.3.33.7\GoogleUpdateCore.exe [601680 2017-11-13] (Google Inc.)
HKU\S-1-5-21-1647080334-1320705266-513318729-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3111712 2017-12-15] (Valve Corporation)
HKU\S-1-5-21-1647080334-1320705266-513318729-1002\...\Run: [eblueMouseRun] => C:\Program Files (x86)\EBLUE MOUSE\ebluemon.exe [3637248 2013-11-15] ()
HKU\S-1-5-21-1647080334-1320705266-513318729-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9364696 2017-03-03] (Piriform Ltd)
HKU\S-1-5-21-1647080334-1320705266-513318729-1002\...\Run: [Spotify] => C:\Users\Kevin\AppData\Roaming\Spotify\Spotify.exe [21099408 2018-01-16] (Spotify Ltd)
HKU\S-1-5-21-1647080334-1320705266-513318729-1002\...\Run: [Spotify Web Helper] => C:\Users\Kevin\AppData\Roaming\Spotify\SpotifyWebHelper.exe [780688 2018-01-16] (Spotify Ltd)
Startup: C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\chrome - Shortcut.lnk [2015-05-13]
ShortcutTarget: chrome - Shortcut.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
GroupPolicy: Restriction <==== ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\..\Interfaces\{09f1186b-01e1-4aee-8c5f-46d7422dce43}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{1636a273-58da-4470-a77a-b3378a8c479b}: [DhcpNameServer] 192.168.1.1
 
Internet Explorer:
==================
HKU\S-1-5-21-1647080334-1320705266-513318729-1002\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-01-18] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2018-01-18] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2018-01-18] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll [2017-10-28] (Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2018-01-18] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-10-28] (Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-01-18] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-01-18] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-01-18] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-01-18] (Microsoft Corporation)
 
FireFox:
========
FF DefaultProfile: bomtgad5.default
FF DefaultProfile: lekevin@hotmail.com
FF ProfilePath: C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\bomtgad5.default [2018-01-16]
FF Homepage: Mozilla\Firefox\Profiles\bomtgad5.default -> hxxp://www.swagbucks.com/
perk.tv
FF Extension: (Firefox Hotfix) - C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\bomtgad5.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-09-09] [Legacy]
FF Extension: (Dashlane) - C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\bomtgad5.default\Extensions\jetpack-extension@dashlane.com.xpi [2016-08-31] [Legacy]
FF Extension: (Muter) - C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\bomtgad5.default\Extensions\muter@yxl.name [2016-04-30] [Legacy]
FF Extension: (Adblock Plus) - C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\bomtgad5.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-12-07] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_28_0_0_137.dll [2018-01-10] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_137.dll [2018-01-10] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-06-23] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-06-23] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-10-28] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-10-28] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-01-18] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-01-18] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll [2015-05-13] (Nexon)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-12-15] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-12-15] (NVIDIA Corporation)
FF Plugin-x32: @softnyxNpruntime -> C:\Game\SoftnyxGame\NyxLauncherIS\npSoftnyx.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-13] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-13] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-07-31] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1647080334-1320705266-513318729-1002: @tools.google.com/Google Update;version=3 -> C:\Users\Kevin\AppData\Local\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-13] (Google Inc.)
FF Plugin HKU\S-1-5-21-1647080334-1320705266-513318729-1002: @tools.google.com/Google Update;version=9 -> C:\Users\Kevin\AppData\Local\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-13] (Google Inc.)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://search.yahoo.com?type=714647&fr=spigot-yhp-ch
CHR StartupUrls: Default -> "hxxps://www.youtube.com/feed/subscriptions","hxxps://outlook.office365.com/owa/#path=/mail","hxxp://gokano.com/dashboard"
CHR Profile: C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default [2018-01-20]
CHR Extension: (MuteTab) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\acofndgbcimipbpeoplfjcapdbebbmca [2018-01-18]
CHR Extension: (BetterTTV) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2018-01-18]
CHR Extension: (Google Drive) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Honey) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2018-01-18]
CHR Extension: (Adblock Plus) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-01-18]
CHR Extension: (Google Search) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Search by Image (by Google)) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm [2018-01-18]
CHR Extension: (Subscriptions Grid For YouTube™) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcnjhgnfnmijfkmcddcmffeamphmmeed [2018-01-18]
CHR Extension: (Adobe Acrobat) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-01-19]
CHR Extension: (Google Docs Offline) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-01-19]
CHR Extension: (Imagus) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\immpkjjlgappgfkkfieppnmlhakdmaab [2017-12-22]
CHR Extension: (Grammarly for Chrome) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2018-01-18]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2018-01-18]
CHR Extension: (Steam Database) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdbmhfkmnlmbkgbabkdealhhbfhlmmon [2018-01-18]
CHR Extension: (The Great Suspender) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\klbibkeccnjlkjkiokjodocebajanakg [2018-01-18]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-30]
CHR Extension: (Enhanced Steam) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\okadibdjfemgnhjiembecghcbfknbfhg [2018-01-18]
CHR Extension: (Gmail) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-27]
CHR Extension: (Chrome Media Router) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-09]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-08-05] (Apple Inc.)
R2 ASUS InstantOn; C:\Program Files\ASUS\P4G\InsOnSrv.exe [277120 2013-07-23] (ASUS)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [72192 2012-12-19] () [File not signed]
R2 BcmBtRSupport; C:\WINDOWS\system32\BtwRSupportService.exe [2251992 2015-03-27] (Broadcom Corporation.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1494024 2017-10-16] ()
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [7761584 2017-12-23] (Microsoft Corporation)
R2 CTService; C:\Program Files (x86)\Cold Turkey\\CTService.exe [329728 2016-04-07] (Felix Logic) [File not signed]
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-03-06] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-03-06] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51016 2018-01-08] (Dropbox, Inc.)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [383016 2017-06-26] (EasyAntiCheat Ltd)
S2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2017-05-11] (Hi-Rez Studios) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel® Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-06-23] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-06-23] (Intel Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518080 2017-10-10] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518080 2017-10-10] (NVIDIA Corporation)
S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1931632 2015-04-29] (Electronic Arts)
R2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [55000 2017-12-12] (Copyright © 2017 Plays.tv, LLC)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [66872 2015-11-22] ()
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2016-09-24] ()
S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5436176 2015-02-17] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 bcbtums; C:\WINDOWS\system32\drivers\bcbtums.sys [173312 2015-03-27] (Broadcom Corporation.)
R3 BCM43XX; C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys [7585280 2017-09-29] (Broadcom Corporation)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-04-30] (Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-04-30] (Disc Soft Ltd)
R3 kbfiltr; C:\WINDOWS\System32\drivers\kbfiltr.sys [14992 2012-08-01] ( )
S3 massfilter_hs; C:\WINDOWS\system32\drivers\massfilter_hs.sys [20232 2012-06-20] (HandSet Incorporated)
R2 npf; C:\WINDOWS\System32\drivers\npf.sys [36600 2014-08-18] (Riverbed Technology, Inc.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_40aceccb38b252dc\nvlddmkm.sys [17028552 2017-12-18] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-10-10] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [50624 2017-10-10] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-12-15] (NVIDIA Corporation)
R2 plctrl; C:\Program Files\ASUS\P4G\plctrl.sys [14136 2013-07-23] (Windows ® Win 7 DDK provider)
R3 rzendpt; C:\WINDOWS\System32\drivers\rzendpt.sys [50392 2015-08-13] (Razer Inc)
R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [44144 2016-09-16] (Razer, Inc.)
R2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [137840 2016-10-08] (Razer, Inc.)
R1 UimBus; C:\WINDOWS\System32\drivers\UimBus.sys [102664 2014-10-29] ()
R1 Uim_DEVIM; C:\WINDOWS\System32\drivers\uim_devim.sys [25992 2014-10-29] ()
R1 Uim_IM; C:\WINDOWS\System32\drivers\uim_im.sys [700680 2014-10-29] ()
S4 vncxn; C:\WINDOWS\System32\drivers\yjbffr.sys [79064 2018-01-16] (Malwarebytes)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [47096 2017-12-27] (Wellbia.com Co., Ltd.)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-01-20 01:52 - 2018-01-20 12:15 - 000000000 ____D C:\FRST
2018-01-19 21:55 - 2018-01-19 22:23 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\63321A11.sys
2018-01-19 21:54 - 2018-01-19 23:11 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2018-01-18 22:36 - 2018-01-18 22:36 - 000079064 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\rhcnlu.sys
2018-01-18 21:09 - 2018-01-18 21:18 - 000000000 ____D C:\AdwCleaner
2018-01-18 21:09 - 2018-01-18 21:10 - 008206624 _____ (Malwarebytes) C:\Users\Kevin\Downloads\adwcleaner_7.0.7.0.exe
2018-01-18 21:09 - 2018-01-18 21:09 - 008198432 _____ (Malwarebytes) C:\Users\Kevin\Downloads\AdwCleaner.exe
2018-01-18 21:02 - 2018-01-18 21:02 - 007172032 _____ (AVAST Software) C:\Users\Kevin\Downloads\avast_free_antivirus_setup_online_f2a.exe
2018-01-18 21:02 - 2018-01-18 21:02 - 000000000 ____D C:\ProgramData\AVAST Software
2018-01-16 23:54 - 2018-01-16 23:54 - 000012872 _____ (SurfRight B.V.) C:\WINDOWS\system32\bootdelete.exe
2018-01-16 23:16 - 2018-01-16 23:16 - 000000085 _____ C:\WINDOWS\wininit.ini
2018-01-16 23:16 - 2018-01-16 23:16 - 000000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2018-01-16 23:14 - 2018-01-16 23:14 - 000055232 _____ C:\WINDOWS\system32\Drivers\hitmanpro37.sys
2018-01-16 23:13 - 2018-01-16 23:55 - 000000000 ____D C:\ProgramData\HitmanPro
2018-01-16 23:10 - 2018-01-17 00:03 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2018-01-16 23:10 - 2018-01-16 23:16 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2018-01-16 22:33 - 2018-01-16 22:33 - 000079064 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\yjbffr.sys
2018-01-16 21:44 - 2018-01-16 21:44 - 000002346 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-01-16 21:13 - 2018-01-18 09:56 - 000000000 ____D C:\Users\Kevin\AppData\Local\rangzdu
2018-01-16 21:09 - 2018-01-20 01:53 - 000000000 ____D C:\Users\Kevin\AppData\Local\spnrwib
2018-01-16 21:09 - 2018-01-20 01:53 - 000000000 ____D C:\Users\Kevin\AppData\Local\cwcubnm
2018-01-16 21:09 - 2018-01-16 21:09 - 000016798 _____ C:\WINDOWS\System32\Tasks\BattleGroup
2018-01-16 21:08 - 2018-01-19 23:45 - 002888192 _____ C:\WINDOWS\system32\auixmlbsvc.exe
2018-01-16 21:08 - 2018-01-16 22:37 - 000000000 ____D C:\Users\Kevin\AppData\Local\icpo
2018-01-16 21:08 - 2018-01-16 21:08 - 000000000 ____D C:\WINDOWS\SysWOW64\upkrdbo
2018-01-16 21:08 - 2018-01-16 21:08 - 000000000 ____D C:\WINDOWS\system32\upkrdbo
2018-01-16 21:08 - 2018-01-16 21:08 - 000000000 ____D C:\Users\Kevin\AppData\Roaming\et
2018-01-16 04:24 - 2018-01-16 04:24 - 000389120 _____ C:\WINDOWS\7cff58025464a7bc785c14576d98674f.exe
2018-01-16 04:24 - 2018-01-16 04:24 - 000051643 _____ C:\WINDOWS\uninstaller.dat
2018-01-13 19:15 - 2017-12-22 07:45 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-01-13 19:15 - 2017-12-22 07:45 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-01-11 19:36 - 2018-01-11 19:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2018-01-08 15:15 - 2018-01-08 15:15 - 000051016 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2018-01-08 15:15 - 2018-01-08 15:15 - 000045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2018-01-08 15:15 - 2018-01-08 15:15 - 000045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2018-01-08 15:15 - 2018-01-08 15:15 - 000045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2018-01-03 00:16 - 2018-01-03 00:16 - 000862836 _____ C:\Users\Kevin\Downloads\New-Hire-Forms-2017.pdf
2017-12-28 01:32 - 2018-01-03 16:54 - 000000000 ____D C:\Users\Kevin\AppData\Roaming\Adobe
2017-12-23 01:42 - 2017-12-23 01:42 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2017-12-23 01:42 - 2017-12-15 16:47 - 000143960 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2017-12-23 01:42 - 2017-09-13 17:20 - 000798008 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2017-12-23 01:42 - 2017-09-13 17:20 - 000490296 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2017-12-23 01:42 - 2017-09-13 17:19 - 000927544 _____ C:\WINDOWS\system32\vulkan-1.dll
2017-12-23 01:42 - 2017-09-13 17:19 - 000591160 _____ C:\WINDOWS\system32\vulkaninfo.exe
2017-12-23 01:38 - 2017-12-15 18:23 - 036350960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2017-12-23 01:38 - 2017-12-15 18:23 - 029381936 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2017-12-23 01:38 - 2017-12-15 18:23 - 023267096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2017-12-23 01:38 - 2017-12-15 18:23 - 013255032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2017-12-23 01:38 - 2017-12-15 18:23 - 010883744 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2017-12-23 01:38 - 2017-12-15 18:23 - 001990128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438871.dll
2017-12-23 01:38 - 2017-12-15 18:23 - 001674736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438871.dll
2017-12-23 01:38 - 2017-12-15 18:23 - 001321448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2017-12-23 01:38 - 2017-12-15 18:23 - 001135464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2017-12-23 01:38 - 2017-12-15 18:23 - 001101104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2017-12-23 01:38 - 2017-12-15 18:23 - 001038496 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2017-12-23 01:38 - 2017-12-15 18:23 - 001032688 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2017-12-23 01:38 - 2017-12-15 18:23 - 000980880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2017-12-23 01:38 - 2017-12-15 18:23 - 000933360 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2017-12-23 01:38 - 2017-12-15 18:23 - 000794392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2017-12-23 01:38 - 2017-12-15 18:23 - 000740144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2017-12-23 01:38 - 2017-12-15 18:23 - 000634224 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2017-12-23 01:38 - 2017-12-15 18:23 - 000616240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2017-12-23 01:38 - 2017-12-15 18:23 - 000599536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2017-12-23 01:38 - 2017-12-15 18:23 - 000506864 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2017-12-23 01:38 - 2017-12-15 18:23 - 000045496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2017-12-23 01:37 - 2017-12-15 18:23 - 040237456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2017-12-23 01:37 - 2017-12-15 18:23 - 035157488 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2017-12-23 01:37 - 2017-12-15 18:23 - 013867656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2017-12-23 01:37 - 2017-12-15 18:23 - 004202992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2017-12-23 01:37 - 2017-12-15 18:23 - 003615032 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2017-12-23 01:37 - 2017-12-15 18:23 - 000000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2017-12-23 01:37 - 2017-12-15 18:23 - 000000669 _____ C:\WINDOWS\system32\nv-vk64.json
2017-12-23 01:24 - 2017-12-23 01:24 - 000004000 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-12-23 01:18 - 2017-12-23 01:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlaysTV
2017-12-23 01:17 - 2018-01-20 12:02 - 000000000 ____D C:\Users\Kevin\AppData\Roaming\PlaysTV
2017-12-23 01:17 - 2017-12-23 01:17 - 000000000 ____D C:\Program Files (x86)\PlaysTV
2017-12-23 01:09 - 2017-12-23 01:09 - 000077504 _____ C:\Users\Kevin\Downloads\playstv_installer.exe
2017-12-21 22:16 - 2017-12-21 22:16 - 000000000 ____D C:\Users\Kevin\AppData\LocalLow\Dodge Roll
2017-12-21 15:11 - 2018-01-16 21:59 - 000000000 ____D C:\Users\Kevin\AppData\Local\Adobe
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-01-20 12:15 - 2017-09-29 07:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-01-20 12:14 - 2017-09-29 07:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-01-20 12:14 - 2017-09-29 07:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-01-20 12:13 - 2017-12-15 19:23 - 000003544 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update1
2018-01-20 12:13 - 2017-12-15 19:23 - 000003534 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update2
2018-01-20 12:13 - 2016-09-25 09:38 - 000000000 ____D C:\ProgramData\NVIDIA
2018-01-20 12:12 - 2015-09-22 21:55 - 000000000 ____D C:\Users\Kevin\AppData\Roaming\discord
2018-01-20 12:12 - 2014-06-20 18:26 - 000000074 _____ C:\Users\Kevin\AppData\Roaming\sp_data.sys
2018-01-20 12:01 - 2017-12-15 18:43 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-01-20 00:40 - 2017-12-15 19:23 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-01-20 00:27 - 2017-09-29 02:45 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2018-01-20 00:26 - 2016-02-23 17:30 - 000000000 ____D C:\Users\Kevin\AppData\Local\CrashDumps
2018-01-19 23:44 - 2014-08-21 17:58 - 000000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2018-01-19 23:43 - 2017-09-29 02:45 - 018612224 _____ C:\WINDOWS\system32\config\HARDWARE
2018-01-19 23:36 - 2017-09-08 21:40 - 000000000 ____D C:\Users\Kevin\AppData\Local\Spotify
2018-01-19 23:35 - 2017-09-08 21:40 - 000000000 ____D C:\Users\Kevin\AppData\Roaming\Spotify
2018-01-19 23:20 - 2017-12-15 18:52 - 000000000 ____D C:\Users\Kevin
2018-01-19 22:23 - 2014-11-04 17:12 - 000192952 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2018-01-19 20:41 - 2014-11-04 17:13 - 000192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2018-01-18 22:36 - 2017-09-29 07:46 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-01-18 22:21 - 2014-06-20 18:49 - 000000000 ____D C:\Program Files (x86)\Steam
2018-01-18 22:07 - 2017-12-15 18:52 - 000000000 ____D C:\Users\Kevin\AppData\Local\Packages
2018-01-18 19:53 - 2017-09-29 07:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-01-18 19:51 - 2017-09-29 07:44 - 000000000 ____D C:\WINDOWS\INF
2018-01-18 19:51 - 2013-05-01 03:32 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-01-17 00:15 - 2017-09-29 07:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-01-17 00:04 - 2017-12-15 18:43 - 000417152 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-01-16 23:09 - 2017-12-14 20:54 - 000000000 ___DC C:\WINDOWS\Panther
2018-01-16 23:09 - 2017-04-30 19:21 - 000000000 ____D C:\Users\Kevin\AppData\Roaming\DAEMON Tools Lite
2018-01-16 23:09 - 2014-09-03 18:00 - 000000000 ____D C:\Users\Kevin\AppData\Roaming\uTorrent
2018-01-16 22:44 - 2017-12-15 19:12 - 001039898 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-01-16 22:37 - 2017-09-29 07:46 - 000000000 ____D C:\Program Files\BattleGroup
2018-01-16 22:33 - 2017-09-29 07:46 - 000000000 ____D C:\WINDOWS\Provisioning
2018-01-16 22:00 - 2016-08-22 18:58 - 000000258 __RSH C:\ProgramData\ntuser.pol
2018-01-16 21:44 - 2014-06-20 18:34 - 000000000 ____D C:\Program Files (x86)\Google
2018-01-16 21:43 - 2017-12-15 19:23 - 000003416 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2018-01-16 21:43 - 2017-12-15 19:23 - 000003292 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2018-01-16 21:29 - 2017-08-13 11:26 - 000000000 ____D C:\Users\Kevin\AppData\LocalLow\uTorrent
2018-01-16 21:08 - 2016-05-02 16:17 - 000000000 ____D C:\Program Files\WinPcap
2018-01-15 16:25 - 2016-03-06 19:15 - 000000000 ___RD C:\Users\Kevin\Dropbox
2018-01-15 09:11 - 2017-09-29 07:46 - 000000000 ____D C:\WINDOWS\rescache
2018-01-13 21:15 - 2017-09-29 07:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-01-13 19:04 - 2017-09-29 07:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2018-01-13 19:04 - 2017-09-29 07:46 - 000000000 ___SD C:\WINDOWS\system32\F12
2018-01-13 19:04 - 2017-09-29 07:46 - 000000000 ____D C:\WINDOWS\TextInput
2018-01-13 19:04 - 2017-09-29 07:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2018-01-13 19:04 - 2017-09-29 07:46 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-01-13 19:04 - 2017-09-29 07:46 - 000000000 ____D C:\WINDOWS\system32\migwiz
2018-01-13 19:04 - 2017-09-29 07:46 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-01-13 19:04 - 2017-09-29 02:45 - 000000000 ____D C:\WINDOWS\system32\Dism
2018-01-11 23:23 - 2015-09-22 21:55 - 000000000 ____D C:\Users\Kevin\AppData\Local\Discord
2018-01-11 19:36 - 2016-03-06 19:12 - 000000000 ____D C:\Program Files (x86)\Dropbox
2018-01-10 02:24 - 2017-12-15 19:23 - 000004386 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2018-01-10 02:24 - 2017-09-29 07:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-01-10 02:24 - 2017-09-29 07:46 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-01-10 00:18 - 2014-06-20 20:31 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-01-10 00:16 - 2017-10-10 14:19 - 129365736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-01-10 00:16 - 2014-06-20 20:31 - 129365736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-01-08 22:27 - 2015-01-24 11:30 - 000000000 ____D C:\Users\Kevin\AppData\Local\NVIDIA Corporation
2018-01-05 22:39 - 2014-06-20 19:15 - 000000000 ____D C:\Users\Kevin\AppData\Local\Battle.net
2018-01-05 14:26 - 2016-04-15 20:29 - 000000000 ____D C:\Program Files (x86)\Overwatch
2018-01-04 22:37 - 2014-06-20 19:15 - 000000000 ____D C:\Program Files (x86)\Battle.net
2018-01-01 21:40 - 2017-04-03 21:46 - 000000000 ____D C:\Users\Kevin\AppData\Roaming\.minecraft
2017-12-27 12:22 - 2015-12-17 20:45 - 000047096 _____ (Wellbia.com Co., Ltd.) C:\WINDOWS\xhunter1.sys
2017-12-27 11:00 - 2013-11-01 16:50 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-12-23 01:54 - 2014-08-09 21:54 - 000000000 ____D C:\Users\Kevin\AppData\Local\NVIDIA
2017-12-23 01:42 - 2016-09-25 09:38 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2017-12-23 01:42 - 2014-06-20 19:15 - 000000000 ____D C:\Users\Kevin\AppData\Roaming\NVIDIA
2017-12-23 01:40 - 2016-09-25 09:37 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2017-12-23 01:24 - 2017-12-15 19:23 - 000003940 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-12-23 01:23 - 2017-12-15 19:23 - 000004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-12-23 01:23 - 2017-12-15 19:23 - 000003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-12-23 01:23 - 2017-12-15 19:23 - 000003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-12-23 01:23 - 2017-12-15 19:23 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-12-23 01:23 - 2017-12-15 19:23 - 000003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-12-23 01:23 - 2017-12-15 19:23 - 000003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-12-22 01:23 - 2015-01-20 18:54 - 000000000 ____D C:\Program Files (x86)\Cockatrice
 
==================== Files in the root of some directories =======
 
2014-06-20 18:26 - 2018-01-20 12:12 - 000000074 _____ () C:\Users\Kevin\AppData\Roaming\sp_data.sys
2015-08-03 13:18 - 2015-08-03 13:18 - 028976243 _____ () C:\Users\Kevin\AppData\Local\package.nw.new
 
Some files in TEMP:
====================
2018-01-16 21:07 - 2018-01-16 21:07 - 000016384 _____ (noOrg) C:\Users\Kevin\AppData\Local\Temp\cubesta.exe
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2018-01-15 09:09
 
==================== End of FRST.txt ============================
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17.01.2018 01
Ran by Kevin (20-01-2018 12:18:50)
Running from F:\
Windows 10 Home Version 1709 16299.125 (X64) (2017-12-16 01:25:48)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-1647080334-1320705266-513318729-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1647080334-1320705266-513318729-503 - Limited - Disabled)
Guest (S-1-5-21-1647080334-1320705266-513318729-501 - Limited - Disabled)
Kevin (S-1-5-21-1647080334-1320705266-513318729-1002 - Administrator - Enabled) => C:\Users\Kevin
WDAGUtilityAccount (S-1-5-21-1647080334-1320705266-513318729-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-1647080334-1320705266-513318729-1002\...\uTorrent) (Version: 3.5.0.43916 - BitTorrent Inc.)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated)
Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.137 - Adobe Systems Incorporated)
Age of Empires III - The Asian Dynasties (HKLM-x32\...\{C43C1415-3DFC-4089-9A32-0BECF28A6046}) (Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Empires III - The Asian Dynasties (HKLM-x32\...\InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III - The WarChiefs (HKLM-x32\...\{1C08A24C-B168-407E-A826-68FAF5F20710}) (Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Empires III - The WarChiefs (HKLM-x32\...\InstallShield_{1C08A24C-B168-407E-A826-68FAF5F20710}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III (HKLM-x32\...\{70F8B183-99EB-4304-BA35-080E2DFFD2A3}) (Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Empires III (HKLM-x32\...\InstallShield_{70F8B183-99EB-4304-BA35-080E2DFFD2A3}) (Version: 1.00.0000 - Microsoft Game Studios)
Apple Application Support (32-bit) (HKLM-x32\...\{29DB9165-5FC1-48F0-9188-26123F526848}) (Version: 5.0.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{5905C8CF-1C88-4478-A48E-4E458AD1BC7E}) (Version: 5.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{D4D86CB2-2370-4691-8272-3869EDED6C64}) (Version: 10.0.0.18 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.3.4 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 3.0.5 - ASUS)
ASUS ROG Gaming Mouse (HKLM-x32\...\{3B9E171F-A955-4834-B877-447C0A437260}) (Version: 2.00.025 - ASUS)
ASUS Screen Saver (HKLM\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.1 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0014 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.5 - ASUS)
ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.18.159 - ASUS Cloud Corporation)
ASUSDVD (HKLM-x32\...\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5230.52 - CyberLink Corp.) Hidden
ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5230.52 - CyberLink Corp.)
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.310 - ASUSTEK)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0030 - ASUS)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 6.30.223.99 - Broadcom Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.28 - Piriform)
ChromecastApp (HKU\S-1-5-21-1647080334-1320705266-513318729-1002\...\{079ede36-133d-44b0-8053-c7c1fa8d2e0d}_is1) (Version: 1.5.1693.0 - Google Inc.)
Cold Turkey (HKLM-x32\...\{6498E673-B9C2-4544-A722-1E854B5B573E}_is1) (Version: 2.1.2 - Felix Logic)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Discord (HKU\S-1-5-21-1647080334-1320705266-513318729-1002\...\Discord) (Version: 0.0.300 - Discord Inc.)
Dolphin (HKLM-x32\...\Dolphin) (Version: 5.0 - Dolphin Team)
Dropbox (HKLM-x32\...\Dropbox) (Version: 41.4.80 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.59.1 - Dropbox, Inc.) Hidden
EBLUE Mouse Driver (HKLM-x32\...\{650A34BA-50BC-4D85-B10F-C4EC1B4FCEF3}_is1) (Version: 1.0 - EBLUE)
ELAN Touchpad 11.5.19.2_X64_WHQL (HKLM\...\Elantech) (Version: 11.5.19.2 - ELAN Microelectronic Corp.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
f.lux (HKU\S-1-5-21-1647080334-1320705266-513318729-1002\...\Flux) (Version:  - f.lux Software LLC)
Galería de fotos (HKLM-x32\...\{8F7FECEC-088F-431D-A5FB-2B59E1E69943}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerie de photos (HKLM-x32\...\{446CC8CE-0E90-44F7-ADD0-774B243EF090}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.3.0.3 - Genesys Logic)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 63.0.3239.132 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
HandBrake 0.10.5 (HKLM-x32\...\HandBrake) (Version: 0.10.5 - )
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
HL-2270DW (HKLM-x32\...\{E2A97415-BD97-4867-B906-05E39E9EE51F}) (Version: 1.0.7.0 - Brother Industries, Ltd.)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.10.1372 - Intel Corporation)
iTunes (HKLM\...\{9946A4F7-E0FD-4A33-82D1-06CBFFBBB9F9}) (Version: 12.5.1.21 - Apple Inc.)
Java 8 Update 151 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\{79BF4901-1EC4-4726-B3C2-A7859706C6E7}) (Version: 3.0.0 - Riot Games) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.0) (Version: 3.0.0 - Riot Games)
LOOT version 0.9.0 (HKLM-x32\...\{BF634210-A0D4-443F-A657-0DCE38040374}_is1) (Version: 0.9.0 - LOOT Team)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0015-0000-0000-0000000FF1CE}_Access_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0016-0000-0000-0000000FF1CE}_EXCEL_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0018-0000-0000-0000000FF1CE}_POWERPOINT_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001B-0000-0000-0000000FF1CE}_WORD_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.8431.2153 - Microsoft Corporation)
Microsoft Office Access 2007 (HKLM-x32\...\Access) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Excel 2007 (HKLM-x32\...\EXCEL) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office PowerPoint 2007 (HKLM-x32\...\POWERPOINT) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Word 2007 (HKLM-x32\...\WORD) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1647080334-1320705266-513318729-1002\...\OneDriveSetup.exe) (Version: 17.3.7131.1115 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
MK LOL (HKU\S-1-5-21-1647080334-1320705266-513318729-1002\...\MK LOL) (Version:  - )
MouseRecorder v1.0.51 (HKLM-x32\...\MouseRecorder_is1) (Version: 1.0.51 - Bartels Media GmbH)
Movie Maker (HKLM-x32\...\{022C7C52-B294-4346-88BC-C7C2FF7FF1B7}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{13F3CEA5-9E2C-4C4E-9F0F-D0DB389CF4A9}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{5BABDA39-61CF-41EE-992D-4054B6649A9B}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{A17946CA-18E5-4CF0-8D55-A56D804718F8}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{E0B5FDF0-6940-44B2-8204-CFA746A6B4AF}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{ED6C77F9-4D7E-447C-9EC0-9A212D075535}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 47.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 47.0.1 (x86 en-US)) (Version: 47.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.1.6018 - Mozilla)
MyBitCast 2.0 (HKLM-x32\...\MyBitCast) (Version: 2.0 - ASUS)
Nexon Game Manager (HKLM-x32\...\{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}) (Version:  - )
Nexon Launcher (HKLM-x32\...\Nexon Nexon Launcher) (Version: 1.3.0 - Nexon)
NVIDIA 3D Vision Driver 388.71 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 388.71 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.10.0.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.10.0.95 - NVIDIA Corporation)
NVIDIA Graphics Driver 388.71 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.71 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.35.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.35.1 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.8431.2153 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.8431.2153 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.8431.2153 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.8326.2076 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 9.5.12.2862 - Electronic Arts, Inc.)
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
PlaysTV (HKLM-x32\...\PlaysTV) (Version: 1.27.5-r125535-release - Plays.tv, LLC)
Process Hacker 2.39 (r124) (HKLM\...\Process_Hacker2_is1) (Version: 2.39.0.124 - wj32)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
Qualcomm Atheros Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.17 - Qualcomm Atheros Inc.)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.20.17.302 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7023 - Realtek Semiconductor Corp.)
Roblox Player for Kevin (HKU\S-1-5-21-1647080334-1320705266-513318729-1002\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version:  - Roblox Corporation)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype™ 7.30 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.30.105 - Skype Technologies S.A.)
Sony Vegas Pro Pre-Cracked By Exµs 11.0 (HKLM-x32\...\Sony Vegas Pro Pre-Cracked By Exµs) (Version: 11.0 - TheMrExus)
Spotify (HKU\S-1-5-21-1647080334-1320705266-513318729-1002\...\Spotify) (Version: 1.0.72.117.g6bd7cc73 - Spotify AB)
TeamSpeak 3 Client (HKU\S-1-5-21-1647080334-1320705266-513318729-1002\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.39052 - TeamViewer)
TikiOne Steam Cleaner (HKLM-x32\...\TikiOneSteamCleaner) (Version:  - Jonathan Lermitage)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0015-0000-0000-0000000FF1CE}_Access_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0016-0000-0000-0000000FF1CE}_EXCEL_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0018-0000-0000-0000000FF1CE}_POWERPOINT_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-001B-0000-0000-0000000FF1CE}_WORD_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{DE083343-D24D-4495-919E-18C65EC0F289}) (Version: 2.8.0.0 - Microsoft Corporation)
USB GamePad (HKLM-x32\...\{B8CDAD75-96FB-48A5-A2AE-6515DDEB7BFA}) (Version: 3.85 - My Company Name)
Vegas Pro 11.0 (64-bit) (HKLM\...\{CF411A4F-5ED9-11E1-B971-F04DA23A5C58}) (Version: 11.0.595 - Sony)
Viper Plagiarism Scanner (HKLM-x32\...\{2D9F8754-84AB-4C46-8243-9EADF23A63EE}}_is1) (Version: 4.101.6129.30432 - All Answers Ltd)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.6955 - Broadcom Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - CACE Technologies)
WinRAR 5.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
WinZip 18.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240E3}) (Version: 18.5.11111 - WinZip Computing, S.L. )
Wrye Bash (HKLM-x32\...\Wrye Bash) (Version: 0.3.0.6 - Wrye & Wrye Bash Development Team)
ZTE Handset USB Driver (HKLM\...\{01D42BF0-ED08-463f-8A28-99EB6FEE962B}) (Version:  - ZTE Corporation)
ZTE Handset USB Driver (HKLM\...\{D2D77DC2-8299-11D1-8949-444553540000}_is1) (Version: 5.2104.1.02B02 - ZTE Corporation)
影像中心 (HKLM-x32\...\{631C4E4F-6FDC-4CC0-A067-E9876A9BA7FD}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
照片库 (HKLM-x32\...\{017E337D-D709-437C-83DB-71F82AA78BF6}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-1647080334-1320705266-513318729-1002_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\Kevin\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1647080334-1320705266-513318729-1002_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Kevin\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll (Google Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-08] (Dropbox, Inc.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-08] (Dropbox, Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-08-27] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-08-27] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2014-06-06] (WinZip Computing, S.L.)
ContextMenuHandlers3: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2325} => C:\WINDOWS\system32\mscoree.dll [2017-09-29] (Microsoft Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-08] (Dropbox, Inc.)
ContextMenuHandlers4: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2014-06-06] (WinZip Computing, S.L.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-08] (Dropbox, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-12-15] (NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-08-27] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-08-27] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2014-06-06] (WinZip Computing, S.L.)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {01D97544-351B-41F9-9B60-FF02EB9292EC} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {0FA2CD45-20D4-4E2C-9289-3628F1694D11} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {1015888C-F520-4B40-8C22-461F0FD18B9F} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-10-10] (NVIDIA Corporation)
Task: {145C8DEF-D2CA-4744-9CBF-38E5B7051E36} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-03-03] (Piriform Ltd)
Task: {16946B78-4E59-4CF4-963D-16EBC3F9FECD} - System32\Tasks\{77AEBD09-2A2E-4E6D-ABEA-D35D5FC48F96} => C:\WINDOWS\system32\pcalua.exe -a C:\ProgramData\NexonUS\NGM\NGM.exe -c -mode:uninstall -dll:ngm.nexon.net/ngm/NGM/Bin/NGMDll.dll -game:0 -locale:US -load_from_local
Task: {1E154793-DC57-4883-8A4B-6C11B71773BD} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.)
Task: {23FC9E03-AD21-4F62-A1F1-C075D184C49B} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-01-10] (Adobe Systems Incorporated)
Task: {2493E071-4EA4-43F6-A226-0E27F3006AD1} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1647080334-1320705266-513318729-1002UA1d257f1814b29f4 => C:\Users\Kevin\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-22] (Google Inc.)
Task: {2522E1E3-0E71-473E-B9B8-60290E2CC22A} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {26247C0B-2DF4-4B56-BCC1-E423D76F1254} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {283F20B2-5DBA-44C4-9888-A6B9E39C7F58} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3D961FD4-0CC5-4AE9-8852-9DB7C54DA06B} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-01-18] (Microsoft Corporation)
Task: {41E9AEAF-6CD0-4212-90B7-F42027E8D9A7} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {41EFD7B9-350F-486B-9FF3-BC075637C89D} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-01-18] ()
Task: {4627D4BC-3406-4B9B-9EB3-322506FB4A53} - System32\Tasks\ASUS InstantOn Config => C:\Program Files\ASUS\P4G\InsOnCfg.exe
Task: {4758A50D-4AFD-46D1-99D8-4795DCDDA228} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-10-10] (NVIDIA Corporation)
Task: {4ABC9768-1C7C-46C1-BD71-A5E09C8A067F} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-10-10] (NVIDIA Corporation)
Task: {4D6B75F3-DBC2-4825-A427-F2E0D127390B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1647080334-1320705266-513318729-1002Core => C:\Users\Kevin\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-22] (Google Inc.)
Task: {4FC4E09C-0764-490B-B1FD-1C605F9CD51C} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2015-02-12] ()
Task: {50F85D78-8C5C-4477-B1E1-42C8D66C5E15} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2013-07-09] ()
Task: {55AAC5AE-05D0-432A-AAFC-F35F9E17BE7C} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-12-23] (Microsoft Corporation)
Task: {59D18D3E-271A-44DC-AF12-5DA4C3806A17} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-01-18] (Microsoft Corporation)
Task: {6012A0D7-36D9-440E-B8E0-A7C3A07AA760} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-01-18] ()
Task: {673158E2-9D98-49CD-97C1-F33B66C87AA7} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2018-01-10] (Microsoft Corporation)
Task: {6B840ACD-6FE8-4018-84C8-A15B5380D706} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-10-10] (NVIDIA Corporation)
Task: {714495D1-5D61-48D5-ADA6-0AACC816F138} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {71E22FA2-F71C-4A6A-B4EF-04111888C936} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2013-06-03] (ASUS)
Task: {75DFF104-9C4F-47B3-97F6-E213F3C61177} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {789F1D1E-FF0D-4AB3-B25E-80452D3A11C2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {7F76DD05-6603-47A4-A790-39EACF39BBC6} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {90F317BA-832E-429E-8182-B6BF72D83CE8} - System32\Tasks\BattleGroup => C:\WINDOWS\system32\rundll32.exe "C:\Program Files\BattleGroup\BattleGroup.dll",VSJjrBB <==== ATTENTION
Task: {96D2F435-B371-4DBF-B454-1E3070E5D646} - System32\Tasks\{9EA96BD6-EF57-4F5D-8063-521D295FED76} => C:\WINDOWS\system32\pcalua.exe -a "C:\Riot Games\League of Legends\lol.launcher.exe" -d "C:\Riot Games\League of Legends"
Task: {9893EF46-D996-410F-9631-9C1F56694267} - System32\Tasks\CTServiceInstaller => C:\Program Files (x86)\Cold Turkey\\CTServiceInstaller.exe [2016-04-07] (Felix Belzile)
Task: {9C63984B-8C0C-4A58-8209-73CC5490D62E} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-03-06] (Dropbox, Inc.)
Task: {9D74CC74-F4EA-4DE6-98E4-B36642559ABE} - System32\Tasks\{3F1F226C-FEE1-46E7-86BF-36FD4C309D3A} => C:\WINDOWS\system32\pcalua.exe -a C:\Crossfire\CrossFire\CF_G4box.exe -d C:\Crossfire\CrossFire
Task: {A1186697-F1D9-431C-99AE-CE2819FAAF30} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-10-10] (NVIDIA Corporation)
Task: {A7CE2537-D663-46BC-9C5C-E6BD6EA7F996} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-10-10] (NVIDIA Corporation)
Task: {A942AFA0-38C1-4468-847F-C674D280C405} - System32\Tasks\{021930FA-A59A-4E8E-AC50-A9DB86F5F39E} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files (x86)\Hi-Rez Studios\HiRezGamesDiagAndSupport.exe" -c uninstall=17
Task: {AD1D9D94-AD48-4132-907E-19D5226F203E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Task: {B00B336D-0A63-48DC-A0F9-F2293B8F4D69} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {B2FC9568-7477-428D-8C13-38BE686A153F} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-09-18] (ASUSTek Computer Inc.)
Task: {B6E63080-E08A-4487-A5E4-0A37DD9E24B4} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {BA48EEC4-234D-4272-8057-BE5BDD6DFC1D} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2013-07-23] (ASUS)
Task: {C271E993-8346-47B3-BB8C-05568EFCE900} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1647080334-1320705266-513318729-1002UA => C:\Users\Kevin\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-22] (Google Inc.)
Task: {C6B53477-9AB7-4987-BCD0-311672FF3219} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [2013-07-31] (ASUSTeK Computer Inc.)
Task: {C972D266-2590-404F-96CF-828E2A3DB291} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {CF3BB0C0-F977-48D5-9006-39D7DA5CEC92} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-10-10] (NVIDIA Corporation)
Task: {E15442CE-5647-4748-9680-F557D84DF021} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-03-06] (Dropbox, Inc.)
Task: {EBA1CE94-4EF2-4D7B-97AC-8CAA4B278D79} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {F5F2A2CF-9673-4207-8319-F5F040F649B4} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-10-10] (NVIDIA Corporation)
Task: {F830E72C-EACD-4A52-A7C0-C717149597B0} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {F8A1B60B-D5CB-4E44-AE6E-0DA3FEEA6346} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-01-18] (Microsoft Corporation)
Task: {FAFB927F-F4FD-4BBA-9256-155BF0A65368} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1647080334-1320705266-513318729-1002Core1d257f1811f4395 => C:\Users\Kevin\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-22] (Google Inc.)
Task: {FF9BC408-5C69-465D-B7C7-5BA09E247F16} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-12-23] (Microsoft Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\CTServiceInstaller.job => C:\Program Files (x86)\Cold Turkey\CTServiceInstaller.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1647080334-1320705266-513318729-1002Core.job => C:\Users\Kevin\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1647080334-1320705266-513318729-1002UA.job => C:\Users\Kevin\AppData\Local\Google\Update\GoogleUpdate.exe
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
Shortcut: C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TikiOne Steam Cleaner\TikiOne Steam Cleaner.lnk -> C:\Program Files (x86)\TikiOne Steam Cleaner\tikione-steam-cleaner.bat ()
 
ShortcutWithArgument: C:\Users\Kevin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\63800cb8dd33f2e7\SwagButton.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=gngocbkfmikdgphklgmmehbjjlfgdemm
ShortcutWithArgument: C:\Users\Kevin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\2fae1f4995fc9e7f\NexonLauncher.lnk -> C:\Nexon\Nexon Launcher\bin\nexon_client\nexon_client.exe (Nexon) -> --user-data-dir="C:\Users\Kevin\AppData\Local\NexonLauncher\User Data" --profile-directory=Default --app-id=dobbaijafcbikgimjpakclacfgeagffm
 
==================== Loaded Modules (Whitelisted) ==============
 
2017-09-29 07:41 - 2017-09-29 07:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2016-09-01 17:12 - 2016-09-01 17:12 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-09-01 17:12 - 2016-09-01 17:12 - 001353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2012-12-19 00:10 - 2012-12-19 00:10 - 000072192 _____ () C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
2017-02-11 11:21 - 2017-10-10 19:05 - 001267136 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2015-11-22 15:20 - 2015-11-22 15:20 - 000066872 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2016-09-24 16:20 - 2016-09-24 16:21 - 000189264 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2013-07-23 10:54 - 2013-07-23 10:54 - 000031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2016-05-06 12:13 - 2018-01-18 19:49 - 008929480 _____ () C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\1033\GrooveIntlResource.dll
2017-12-15 19:34 - 2017-12-15 19:34 - 000948736 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_2.0.5.0_x64__8wekyb3d8bbwe\e_sqlite3.dll
2017-12-15 19:34 - 2017-12-15 19:34 - 002360512 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_2.0.5.0_x64__8wekyb3d8bbwe\Microsoft.Applications.Telemetry.Windows.dll
2017-12-15 19:34 - 2017-12-15 19:35 - 000381440 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_2.0.5.0_x64__8wekyb3d8bbwe\Microsoft.Notes.Upgrade.dll
2017-09-29 07:41 - 2017-09-29 07:41 - 004069888 _____ () C:\Windows\System32\Windows.UI.Input.Inking.Analysis.dll
2017-12-15 20:26 - 2017-12-15 20:26 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-12-15 20:26 - 2017-12-15 20:26 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2013-11-01 17:01 - 2013-03-14 03:46 - 000040960 _____ () C:\Windows\SysWOW64\UMonit64.exe
2018-01-16 21:44 - 2018-01-03 03:20 - 004063064 _____ () C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.132\libglesv2.dll
2018-01-16 21:44 - 2018-01-03 03:20 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.132\libegl.dll
2018-01-19 09:13 - 2018-01-19 09:13 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.274.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-01-19 09:13 - 2018-01-19 09:13 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.274.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-01-19 09:13 - 2018-01-19 09:14 - 024677376 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.274.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-01-03 12:58 - 2018-01-03 12:59 - 002550272 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.274.0_x64__kzf8qxf38zg5c\skypert.dll
2018-01-19 09:13 - 2018-01-19 09:13 - 000667648 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.274.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2017-12-12 14:22 - 2017-12-12 14:22 - 000020184 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\QtWebEngineProcess.exe
2017-12-15 20:26 - 2017-12-15 20:26 - 000975872 _____ () c:\windows\system32\FaceProcessor.dll
2017-12-15 20:26 - 2017-12-15 20:26 - 000269696 _____ () c:\windows\system32\FaceProcessorCore.dll
2017-09-29 07:41 - 2017-09-29 07:41 - 001357464 _____ () c:\windows\system32\FaceTrackerInternal.dll
2016-05-02 16:17 - 2014-03-02 21:35 - 000075776 _____ () C:\Program Files (x86)\Cold Turkey\PcapDotNet.Core.dll
2017-12-12 14:22 - 2017-12-12 14:22 - 000033280 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\cx_Logging.cp35-win32.pyd
2017-12-12 14:22 - 2017-12-12 14:22 - 000103424 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32api.pyd
2017-12-12 14:22 - 2017-12-12 14:22 - 000111616 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pywintypes35.dll
2017-12-12 14:22 - 2017-12-12 14:22 - 000041984 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32process.pyd
2017-12-12 14:22 - 2017-12-12 14:22 - 000405504 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pythoncom35.dll
2017-12-12 14:22 - 2017-12-12 14:22 - 000173568 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32gui.pyd
2017-12-12 14:22 - 2017-12-12 14:22 - 001934336 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtGui.pyd
2017-12-12 14:22 - 2017-12-12 14:22 - 000077824 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\sip.pyd
2017-12-12 14:22 - 2017-12-12 14:22 - 001780736 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtCore.pyd
2017-12-12 14:22 - 2017-12-12 14:22 - 000505856 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtNetwork.pyd
2017-12-12 14:22 - 2017-12-12 14:22 - 003812864 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWidgets.pyd
2017-02-11 11:22 - 2017-10-10 19:05 - 001040320 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2013-04-29 15:17 - 2013-04-29 15:17 - 000587264 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2013-04-27 09:24 - 2013-04-27 09:24 - 000071680 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\checkmetro.dll
2017-01-16 05:40 - 2017-01-16 05:40 - 000143824 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll
2017-12-12 14:22 - 2017-12-12 14:22 - 000021504 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32event.pyd
2017-12-12 14:22 - 2017-12-12 14:22 - 000113171 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\libvlc.dll
2017-12-12 14:22 - 2017-12-12 14:22 - 002396691 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\libvlccore.dll
2017-12-12 14:22 - 2017-12-12 14:22 - 000124416 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32file.pyd
2017-12-12 14:22 - 2017-12-12 14:22 - 000084992 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtSvg.pyd
2017-12-12 14:22 - 2017-12-12 14:22 - 000152064 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWebEngineWidgets.pyd
2017-12-12 14:22 - 2017-12-12 14:22 - 000033792 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWebEngineCore.pyd
2017-12-12 14:22 - 2017-12-12 14:22 - 000032256 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWebChannel.pyd
2017-12-12 14:22 - 2017-12-12 14:22 - 000035328 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\simplejson._speedups.pyd
2017-12-12 14:22 - 2017-12-12 14:22 - 000372736 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32com.shell.shell.pyd
2017-12-12 14:22 - 2017-12-12 14:22 - 000013824 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\libEGL.dll
2017-12-12 14:22 - 2017-12-12 14:22 - 001983488 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\libGLESv2.dll
2017-12-12 14:22 - 2017-12-12 14:22 - 002658512 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\ltc_host_ex.DLL
2017-12-12 14:22 - 2017-12-12 14:22 - 000090112 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWinExtras.pyd
2017-12-12 14:22 - 2017-12-12 14:22 - 000027667 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\plugins\audio_output\libdirectsound_plugin.dll
2017-12-12 14:22 - 2017-12-12 14:22 - 000031251 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\plugins\audio_output\libwaveout_plugin.dll
2017-12-12 14:22 - 2017-12-12 14:22 - 000066579 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\plugins\video_output\libdirectdraw_plugin.dll
2013-11-01 16:55 - 2013-06-23 21:05 - 001199576 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2018-01-11 23:22 - 2018-01-08 17:52 - 001891832 _____ () C:\Users\Kevin\AppData\Local\Discord\app-0.0.300\ffmpeg.dll
2018-01-11 23:22 - 2018-01-08 17:52 - 001937912 _____ () C:\Users\Kevin\AppData\Local\Discord\app-0.0.300\libglesv2.dll
2018-01-11 23:22 - 2018-01-08 17:52 - 000095736 _____ () C:\Users\Kevin\AppData\Local\Discord\app-0.0.300\libegl.dll
2018-01-11 23:23 - 2018-01-11 23:23 - 009804280 _____ () \\?\C:\Users\Kevin\AppData\Roaming\discord\0.0.300\modules\discord_voice\discord_voice.node
2018-01-11 23:23 - 2018-01-11 23:23 - 001505784 _____ () \\?\C:\Users\Kevin\AppData\Roaming\discord\0.0.300\modules\discord_utils\discord_utils.node
2018-01-11 23:23 - 2018-01-11 23:23 - 000513016 _____ () \\?\C:\Users\Kevin\AppData\Roaming\discord\0.0.300\modules\discord_erlpack\discord_erlpack.node
2018-01-11 23:23 - 2018-01-11 23:23 - 002662904 _____ () \\?\C:\Users\Kevin\AppData\Roaming\discord\0.0.300\modules\discord_rpc\discord_rpc.node
2018-01-11 23:23 - 2018-01-11 23:23 - 001517048 _____ () \\?\C:\Users\Kevin\AppData\Roaming\discord\0.0.300\modules\discord_game_utils\discord_game_utils.node
2017-02-11 11:23 - 2017-10-10 19:05 - 070805952 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\S-1-5-21-1647080334-1320705266-513318729-1002\...\sharepoint.com -> hxxps://cometmail-files.sharepoint.com
IE restricted site: HKU\S-1-5-21-1647080334-1320705266-513318729-1002\...\skype.com -> hxxps://apps.skype.com
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 07:25 - 2018-01-16 22:01 - 000013472 _____ C:\WINDOWS\system32\Drivers\etc\hosts
 
127.0.0.1 gf.tools.avast.com
127.0.0.1 pair.ff.avast.com
127.0.0.1 ipm-provider.ff.avast.com
127.0.0.1 ipm-provider.ff.avast.com
127.0.0.1 ipm-provider.ff.avast.com
127.0.0.1 id.avast.com
127.0.0.1 v4618535.iavs9x.u.avast.com
127.0.0.1 v4618535.ivps9x.u.avast.com
127.0.0.1 v4618535.ivps9tiny.u.avast.com
127.0.0.1 v4618535.vpsnitro.u.avast.com
127.0.0.1 v4618535.vpsnitrotiny.u.avast.com
127.0.0.1 v4618535.iavs5x.u.avast.com
127.0.0.1 v7.stats.avast.com
127.0.0.1 v7.stats.avast.com
127.0.0.1 v7event.stats.avast.com
127.0.0.1 sm00.avast.com
127.0.0.1 submit5.avast.com
127.0.0.1 geoip.avast.com
127.0.0.1 w9448963.iavs9x.u.avast.com
127.0.0.1 w9448963.ivps9x.u.avast.com
127.0.0.1 w9448963.ivps9tiny.u.avast.com
127.0.0.1 w9448963.vpsnitro.u.avast.com
127.0.0.1 w9448963.vpsnitrotiny.u.avast.com
127.0.0.1 w9448963.iavs5x.u.avast.com
127.0.0.1 v7.stats.avast.com
127.0.0.1 v7.stats.avast.com
127.0.0.1 v7event.stats.avast.com
127.0.0.1 sm00.avast.com
127.0.0.1 submit5.avast.com
127.0.0.1 geoip.avast.com
 
There are 332 more lines.
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-1647080334-1320705266-513318729-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Kevin\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\firestorm_by_tatasz-d8od9lx.png
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: HiPatchService => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: Origin Client Service => 3
MSCONFIG\Services: TeamViewer => 2
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "XboxStat"
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "ASUSPRP"
HKLM\...\StartupApproved\Run32: => "ASUSWebStorage"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "ROGNB"
HKLM\...\StartupApproved\Run32: => "BrStsMon00"
HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "ETDCtrl"
HKU\S-1-5-21-1647080334-1320705266-513318729-1002\...\StartupApproved\StartupFolder: => "chrome - Shortcut.lnk"
HKU\S-1-5-21-1647080334-1320705266-513318729-1002\...\StartupApproved\Run: => "MKLOL"
HKU\S-1-5-21-1647080334-1320705266-513318729-1002\...\StartupApproved\Run: => "MK LOL"
HKU\S-1-5-21-1647080334-1320705266-513318729-1002\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1647080334-1320705266-513318729-1002\...\StartupApproved\Run: => "Google Update"
HKU\S-1-5-21-1647080334-1320705266-513318729-1002\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1647080334-1320705266-513318729-1002\...\StartupApproved\Run: => "eblueMouseRun"
HKU\S-1-5-21-1647080334-1320705266-513318729-1002\...\StartupApproved\Run: => "Spotify"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{86CC97C7-8F03-4C00-A3C2-41B5AC21A256}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{DA274523-DFB3-4204-98CB-DC50D2844BF9}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{22DACF83-D3F2-4079-BEFA-24597C0899AB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Metro 2033 Redux\metro.exe
FirewallRules: [{AA31F1A4-8473-4C45-8016-6EA21F491257}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Metro 2033 Redux\metro.exe
FirewallRules: [UDP Query User{0E1A2E22-C1C2-4B10-A1FB-ACC805E07C3F}C:\program files (x86)\steam\steamapps\common\dmc devil may cry\binaries\win32\dmc-devilmaycry.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dmc devil may cry\binaries\win32\dmc-devilmaycry.exe
FirewallRules: [TCP Query User{78B5E4FE-0873-424E-9662-46986CBB713F}C:\program files (x86)\steam\steamapps\common\dmc devil may cry\binaries\win32\dmc-devilmaycry.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dmc devil may cry\binaries\win32\dmc-devilmaycry.exe
FirewallRules: [{9F71CE56-34B5-46AB-AEAF-F688E37CD265}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Overcooked\Overcooked.exe
FirewallRules: [{12B03151-37FD-41AC-8759-53DB6E494DCF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Overcooked\Overcooked.exe
FirewallRules: [{DFACAD0D-8CE3-4D78-ABA4-7665067B815B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DmC Devil May Cry\Binaries\Win32\DMC-DevilMayCry.exe
FirewallRules: [{CEB63A09-36E8-4B35-8619-B89764370887}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DmC Devil May Cry\Binaries\Win32\DMC-DevilMayCry.exe
FirewallRules: [{F2511986-9284-4B76-B826-12B0A72DE274}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Super Meat Boy\SuperMeatBoy.exe
FirewallRules: [{DCCC20A7-1A4B-4E28-AB79-204E92F08003}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Super Meat Boy\SuperMeatBoy.exe
FirewallRules: [{8806A7A2-B86F-4D24-9526-29F6FA34230A}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3y.exe
FirewallRules: [{20E4F0DE-DC2B-4298-B4F1-34D8377492B1}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3y.exe
FirewallRules: [{3796C0D0-3369-4443-A4AE-328EAD1B28F4}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3x.exe
FirewallRules: [{6AB2EF64-1772-41AB-9BA0-4414DA0DCD07}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3x.exe
FirewallRules: [{0062FDC1-B774-46CA-8983-896FBBD78439}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3.exe
FirewallRules: [{5F65B2D3-B8E9-404E-8524-E12496140086}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3.exe
FirewallRules: [{71F5B8A3-2AD8-4FB6-8255-667BDF540AD5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{57BCC529-8946-49DF-A255-FA5F5E674072}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [UDP Query User{71F48775-8868-4328-899B-1052A3679416}C:\nexon\library\combatarms\appdata\engine.exe] => (Allow) C:\nexon\library\combatarms\appdata\engine.exe
FirewallRules: [TCP Query User{18106317-011B-491D-BCA9-D63FFDAA9EF2}C:\nexon\library\combatarms\appdata\engine.exe] => (Allow) C:\nexon\library\combatarms\appdata\engine.exe
FirewallRules: [{3D504D70-9044-4946-98BF-811E4298E9EE}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{BCFE0A5A-E095-4109-9F39-FCCB0C5AF2F2}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{4E640DBE-72BB-4EA3-8E96-12177CF49EAB}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{C18442C4-79F1-4DD6-BDD5-17F445A5237F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [UDP Query User{E17BF46F-D924-4368-B096-0A7D65157CF7}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{C6B193D1-B2B0-4655-B000-B38BAB37D16B}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{8511D026-A9CD-411E-A902-981499FAB15D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Slime Rancher\SlimeRancher.exe
FirewallRules: [{E4013BFB-7B54-412A-98DA-7EC3B2993E47}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Slime Rancher\SlimeRancher.exe
FirewallRules: [{A9F472F5-C909-4A96-AC1F-6EE92C6B8543}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{F1FBA714-D8E9-4DC7-A8FE-886B0268F22D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Game Dev Tycoon\nw.exe
FirewallRules: [{4CFC446C-6291-403C-A8C3-87856BC94B27}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Game Dev Tycoon\nw.exe
FirewallRules: [{83666BE7-D5B0-49A3-955F-9B623A5E23F8}] => (Allow) D:\Black Desert Online\bin64\BlackDesert64.exe
FirewallRules: [{4DA9936E-B471-463C-8773-D0F797C4F2CB}] => (Allow) D:\Black Desert Online\bin\BlackDesert32.exe
FirewallRules: [{C4741631-6F5D-4DC1-9DEE-9DED7947604C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\outtheresomewhere\ots.exe
FirewallRules: [{8F48A915-8725-44EB-A0B4-87E92756ADFD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\outtheresomewhere\ots.exe
FirewallRules: [{6BE56C90-7C24-40C9-9A52-7A209589CD1A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{9FB70EF9-868A-411E-B7AF-900F27ECF52F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [UDP Query User{F01EB9A5-AD3D-48F5-869E-6EC3FEF03DD8}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{4C0C9366-6FE4-48BD-8031-D860556684CE}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{C3441B54-2A5A-43D8-8621-A187D0D08462}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{FF3932AE-9A48-4EC2-8803-5917B5BF233C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Recettear\custom.exe
FirewallRules: [{C7B96509-8789-4284-8691-5C29C9519B6B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Recettear\custom.exe
FirewallRules: [{068FFB5D-8A12-4A58-B8F5-7AC64DC3560D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Recettear\recettear.exe
FirewallRules: [{672A9147-8B5C-4C66-92F8-A4362C5667F9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Recettear\recettear.exe
FirewallRules: [{F040FCC2-F6C3-462E-828F-57BE89ED37FD}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{74CB95F7-8EBF-4637-B6D1-A11DFF83750C}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{536E6124-2852-4F3D-80F7-5473A4D84641}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{2E6B5A9F-0348-4569-BC7E-A8D48191DF21}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{7C47C651-5943-4252-94E6-94B439BAF89A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{972A99A2-66BE-451C-83AB-2A3253D1DA9D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0E636EA2-409C-4B80-A3B6-A671AE887150}] => (Allow) C:\Nexon\Library\combatarms\appdata\NMService.exe
FirewallRules: [{73E38879-5C91-413D-A8E3-AB1623C069C2}] => (Allow) C:\Nexon\Library\combatarms\appdata\NMService.exe
FirewallRules: [{05EE996B-49E5-4BB7-802D-98E73DF1B5D9}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B68AB454-90C3-4C94-8766-AC65D415DD87}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{25C01C6C-DAC3-4460-A68F-B57A167E562A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{CBB2C3F6-51CD-4F45-88ED-76C9E615FFFE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{0F81012A-E1F7-411E-ADBB-0590CC774A7D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{1ACAD561-229D-4466-89DC-C38C7D92CD1F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{1BA78CDB-0A44-4B8B-92E9-5F9C2C9B7C16}] => (Allow) C:\ProgramData\NexonUS\NGM\NGM.exe
FirewallRules: [{E73F7BE1-EBAA-42C1-8797-B00241E51C9F}] => (Allow) C:\ProgramData\NexonUS\NGM\NGM.exe
FirewallRules: [{82027F47-BFF8-4007-9258-DA877280F2F7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{82214675-F920-4BD3-AC6F-32EA15003CAB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5549CE4C-ECDD-4A12-AD4A-3020B8AF9B4E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{E85D5F05-1E55-4810-94FE-65BF4CD0BC85}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{4E475060-25A8-4E45-B176-AEF077D86C3D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{409CA43A-5FD9-4539-A903-D18BACE213B1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{4BE79FB8-B29B-42BC-B6F2-04E7B3A924AA}] => (Allow) C:\Users\Kevin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{2D41E624-9DA9-4743-8000-4AB9DB440ACD}] => (Allow) C:\Users\Kevin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [UDP Query User{C3527572-1D01-449F-822F-636A4279D18E}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{B7EF78B5-5498-4D4B-A574-4F94FA6A979B}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{5CFDA60D-F36A-4D16-A6A0-737E01DEE555}] => (Allow) E:\install\Data\Disk1\setup.exe
FirewallRules: [{411741B4-C67D-408E-A5CA-302C68B54636}] => (Allow) E:\install\Data\Disk1\setup.exe
FirewallRules: [{8730C9DF-3FC5-43D5-AD51-CF101011A54C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{1AED9F29-51D0-42DA-AD25-FEC981273BE2}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{16537D1F-7A8E-43E2-A0F1-21BB0E21B45E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E5E14F24-F2EE-4EFE-B16F-EC7E32F727F9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{0C2C45C0-6122-4D6E-B66D-D1A6A4ACD5DB}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{4C85DDCB-8F3B-459E-8894-079FA992ABC1}] => (Allow) LPort=2869
FirewallRules: [{037906A0-EA0B-4353-8B10-388C0254F270}] => (Allow) LPort=1900
FirewallRules: [{BFE3D415-13FD-4E00-BD7B-3A1A95369CE0}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{E58C8180-9DFA-41C6-BF6F-81279D8F21F1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{6F528BA8-E321-4BD9-8711-C57C9F11934F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{8C02AF93-CEB5-4CDB-BE76-E4D02CA71569}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{66E7430D-01D1-4E1A-9301-0F17DE79C041}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{C1F6A648-D1DA-4FEF-8F1C-B15C68742E90}] => (Allow) C:\ProgramData\NexonUS\NGM\NGM.exe
FirewallRules: [{9AF2A731-FA57-4B3A-9BF8-A5C0A42EE120}] => (Allow) C:\ProgramData\NexonUS\NGM\NGM.exe
FirewallRules: [{E0C78096-9F84-4A40-B332-6D08C0748F41}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [{33E43F14-C765-4A80-AAC2-21CE9173807D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [TCP Query User{69FCA11E-F8B9-438B-AF28-A8F3E2B79A9E}C:\users\kevin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\kevin\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{81DD8A49-4CC6-42F6-8684-077757FC6087}C:\users\kevin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\kevin\appdata\roaming\spotify\spotify.exe
FirewallRules: [{2BA74172-4924-4BE7-A39C-45F47587581B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{35E48040-0346-4379-B2CB-397EE17938BE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{ABA79CA1-1864-4353-B00A-35F90885E126}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{7B09E95E-E8DF-47D6-A2A6-54C5D52F2DEB}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [UDP Query User{63EFE2F8-3A85-4284-9FE8-CCA56C666C8F}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [{B995BD14-6F74-4EBB-87DB-89CE1EFFE908}] => (Allow) C:\Program Files (x86)\MouseRecorder\MouseRecorder.exe
FirewallRules: [TCP Query User{7D94E01D-E5FC-44D7-BE3E-A8835BCEC4E5}C:\ygopro-1.033.7-v2-percy\ygopro_vs.exe] => (Allow) C:\ygopro-1.033.7-v2-percy\ygopro_vs.exe
FirewallRules: [UDP Query User{C91164E3-9587-4DA7-96F4-0C6FD0987561}C:\ygopro-1.033.7-v2-percy\ygopro_vs.exe] => (Allow) C:\ygopro-1.033.7-v2-percy\ygopro_vs.exe
FirewallRules: [{87BAA98A-D66C-4F3B-8978-CA26F819D1F0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Mad Games Tycoon\MadGamesTycoon.exe
FirewallRules: [{2DA60185-0546-4DD1-8CD2-46A3085ACFA5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Mad Games Tycoon\MadGamesTycoon.exe
FirewallRules: [{0E3868B7-3CA5-43DE-A38B-DA7DE0E0B28B}] => (Allow) C:\Steam Library 2\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{99924170-2C1D-4AFB-A776-B8B08E863F8C}] => (Allow) C:\Steam Library 2\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [TCP Query User{99143034-C965-41AF-93D1-02C73170436D}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [UDP Query User{C769E377-7BE7-4FF1-8B24-131FA555234A}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [TCP Query User{C6A38682-3B70-4B19-B112-C0344DC0267F}C:\ygopro-1.033.7-v2-percy\ygopro_vs.exe] => (Allow) C:\ygopro-1.033.7-v2-percy\ygopro_vs.exe
FirewallRules: [UDP Query User{1824DB31-EF9D-405E-AB5B-51669206CBEB}C:\ygopro-1.033.7-v2-percy\ygopro_vs.exe] => (Allow) C:\ygopro-1.033.7-v2-percy\ygopro_vs.exe
FirewallRules: [TCP Query User{F2E769C2-DDAF-4FAC-AD0F-5051849B2DAE}C:\users\kevin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\kevin\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{ECB1A8E5-8C98-4F1D-9A7A-7CC04CDD6398}C:\users\kevin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\kevin\appdata\roaming\spotify\spotify.exe
FirewallRules: [{1FCC0172-4ADF-408F-B88A-5BEDF445F339}] => (Allow) C:\Nexon\Library\combatarms\appdata\NMService.exe
FirewallRules: [{78CDDA0D-CC28-44C9-A51A-3D6B96D7327C}] => (Allow) C:\Nexon\Library\combatarms\appdata\NMService.exe
FirewallRules: [{4A700205-AA19-440E-80E6-9DAB2834381B}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{E09BDAF1-536B-48CC-9A8E-A8B098F7EC6F}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{59604013-9C0C-4369-A659-C2848EDFC23E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{BE039026-E592-46B7-97A4-424ABAFB66E9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{09561C6C-31BC-4D47-9865-7E4D5397318C}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{A118279B-3402-4A8B-8792-A2147FC90D7E}] => (Allow) C:\WINDOWS\system32\rundll32.exe
FirewallRules: [{9C48A1DD-01C1-4B1B-BFFC-0CA29B99271E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{B2B5E58B-112C-4595-B7C7-0C18DDBE1A26}] => (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [{09557CD2-5104-4782-B016-3E3FF525D174}] => (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [{2A2FA7C3-0536-40B6-8322-3113087F54D3}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
 
==================== Restore Points =========================
 
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (01/20/2018 12:40:31 AM) (Source: HiRezSoftwareManagerSvc) (EventID: 0) (User: )
Description: Service cannot be started. System.Xml.XmlException: Root element is missing.
   at System.Xml.XmlTextReaderImpl.Throw(Exception e)
   at System.Xml.XmlTextReaderImpl.ParseDocumentContent()
   at System.Xml.XmlLoader.Load(XmlDocument doc, XmlReader reader, Boolean preserveWhitespace)
   at System.Xml.XmlDocument.Load(XmlReader reader)
   at System.Xml.XmlDocument.Load(String filename)
   at Hirez.Utilities.HirezConfigSettings.LoadConfigDocument(String filePath)
   at Hirez.Utilities.HirezConfigSettings.ReadSetting(String filePath, String key)
   at Hirez.Patcher.PatchNetworkClient.(NewMessageCallback )
   at Hirez.Patcher.PatchNetworkClient..ctor(String appConfigFilePath, NewMessageCallback logCallback)
   at Hirez.Patcher.HiPatchService.InternalStart()
   at Hirez.Patcher.HiPatchService.OnStart(String[] badDontWorkMicrosoftBugArgs)
   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
 
Error: (01/20/2018 12:11:24 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Microsoft.Notes.exe, version: 2.0.5.0, time stamp: 0x5a30c8be
Faulting module name: CoreUIComponents.dll, version: 10.0.16299.15, time stamp: 0x35d247d6
Exception code: 0xc0000005
Fault offset: 0x000000000008e1f4
Faulting process id: 0x1c74
Faulting application start time: 0x01d391b50d4b1149
Faulting application path: C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_2.0.5.0_x64__8wekyb3d8bbwe\Microsoft.Notes.exe
Faulting module path: C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
Report Id: cabd0d38-5770-42bc-96a5-a7277930b502
Faulting package full name: Microsoft.MicrosoftStickyNotes_2.0.5.0_x64__8wekyb3d8bbwe
Faulting package-relative application ID: App
 
Error: (01/20/2018 12:10:07 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest".Error in manifest or policy file "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" on line 1.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Please use sxstrace.exe for detailed diagnosis.
 
Error: (01/20/2018 12:06:58 AM) (Source: HiRezSoftwareManagerSvc) (EventID: 0) (User: )
Description: Service cannot be started. System.Xml.XmlException: Root element is missing.
   at System.Xml.XmlTextReaderImpl.Throw(Exception e)
   at System.Xml.XmlTextReaderImpl.ParseDocumentContent()
   at System.Xml.XmlTextReaderImpl.Read()
   at System.Xml.XmlLoader.Load(XmlDocument doc, XmlReader reader, Boolean preserveWhitespace)
   at System.Xml.XmlDocument.Load(XmlReader reader)
   at System.Xml.XmlDocument.Load(String filename)
   at Hirez.Utilities.HirezConfigSettings.LoadConfigDocument(String filePath)
   at Hirez.Utilities.HirezConfigSettings.ReadSetting(String filePath, String key)
   at Hirez.Patcher.PatchNetworkClient.(NewMessageCallback )
   at Hirez.Patcher.PatchNetworkClient..ctor(String appConfigFilePath, NewMessageCallback logCallback)
   at Hirez.Patcher.HiPatchService.InternalStart()
   at Hirez.Patcher.HiPatchService.OnStart(String[] badDontWorkMicrosoftBugArgs)
   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
 
Error: (01/19/2018 11:33:39 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe".Error in manifest or policy file "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe" on line 0.
Invalid Xml syntax.
 
Error: (01/19/2018 09:20:53 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: KEVINLELAPTOP)
Description: Package Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe+App was terminated because it took too long to suspend.
 
Error: (01/19/2018 09:12:37 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: UpdateChecker.exe, version: 0.0.0.0, time stamp: 0x54dc4378
Faulting module name: alvupdt.dll, version: 1.0.0.10, time stamp: 0x5510b8fc
Exception code: 0xc0000005
Fault offset: 0x00016eb6
Faulting process id: 0x3d90
Faulting application start time: 0x01d391374b482e72
Faulting application path: C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe
Faulting module path: C:\Program Files (x86)\ASUS\ASUS Live Update\alvupdt.dll
Report Id: 4b10c6c9-ff11-4bed-ae59-25cab1411f2e
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (01/18/2018 09:34:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: bad_module_info, version: 0.0.0.0, time stamp: 0x00000000
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc00001a5
Fault offset: 0x6a67188b
Faulting process id: 0x29dc
Faulting application start time: 0x01d390d57b8b46dc
Faulting application path: bad_module_info
Faulting module path: unknown
Report Id: 7f122532-71ad-483c-b268-c70d31476af1
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (01/18/2018 07:53:08 PM) (Source: MsiInstaller) (EventID: 1002) (User: NT AUTHORITY)
Description: Unexpected or missing value (name: 'PackageCode', value: 'GUID') in key 'HKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219'
 
Error: (01/18/2018 07:53:08 PM) (Source: MsiInstaller) (EventID: 1002) (User: NT AUTHORITY)
Description: Unexpected or missing value (name: 'PackageCode', value: 'GUID') in key 'HKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219'
 
 
System errors:
=============
Error: (01/20/2018 12:20:24 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (01/20/2018 12:06:42 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Intel® Management and Security Application Local Management Service service hung on starting.
 
Error: (01/20/2018 12:04:48 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {4EB61BAC-A3B6-4760-9581-655041EF4D69} did not register with DCOM within the required timeout.
 
Error: (01/20/2018 12:04:02 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {784E29F4-5EBE-4279-9948-1E8FE941646D} did not register with DCOM within the required timeout.
 
Error: (01/20/2018 12:02:57 PM) (Source: DCOM) (EventID: 10016) (User: KEVINLELAPTOP)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user KevinLeLaptop\Kevin SID (S-1-5-21-1647080334-1320705266-513318729-1002) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (01/20/2018 12:02:46 PM) (Source: DCOM) (EventID: 10010) (User: KEVINLELAPTOP)
Description: The server Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe!App.AppXy9rh3t8m2jfpvhhxp6y2ksgeq77vymbq.mca did not register with DCOM within the required timeout.
 
Error: (01/20/2018 12:02:20 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (01/20/2018 12:40:36 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (01/20/2018 12:40:36 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (01/20/2018 12:40:36 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
 
CodeIntegrity:
===================================
  Date: 2018-01-20 12:21:02.841
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Raptr Inc\PlaysTV\ltc_help64-125533.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2018-01-20 12:21:02.839
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Raptr Inc\PlaysTV\ltc_help64-125533.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2018-01-20 12:21:02.830
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Raptr Inc\PlaysTV\ltc_help64-125533.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2018-01-20 12:21:02.829
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Raptr Inc\PlaysTV\ltc_help64-125533.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2018-01-20 12:21:00.367
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Raptr Inc\PlaysTV\ltc_help64-125533.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2018-01-20 12:21:00.366
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Raptr Inc\PlaysTV\ltc_help64-125533.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2018-01-20 12:21:00.363
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Raptr Inc\PlaysTV\ltc_help64-125533.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2018-01-20 12:21:00.361
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Raptr Inc\PlaysTV\ltc_help64-125533.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2018-01-20 12:20:51.962
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Raptr Inc\PlaysTV\ltc_help64-125533.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2018-01-20 12:20:51.961
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Raptr Inc\PlaysTV\ltc_help64-125533.dll that did not meet the Microsoft signing level requirements.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-4700HQ CPU @ 2.40GHz
Percentage of memory in use: 45%
Total physical RAM: 12205.48 MB
Available physical RAM: 6638.29 MB
Total Virtual: 14061.48 MB
Available Virtual: 7369.86 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:371.82 GB) (Free:69.43 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (DATA) (Fixed) (Total:537.8 GB) (Free:490.59 GB) NTFS
Drive f: (ESD-USB) (Removable) (Total:31.99 GB) (Free:11.15 GB) FAT32
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 5B98F280)
 
Partition: GPT.
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 57.6 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
==================== End of Addition.txt ============================

 

Attached Files



BC AdBot (Login to Remove)

 


#2 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,194 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:11:14 PM

Posted 20 January 2018 - 10:29 PM

Hi

Welcome :)

I'll be helping you with your computer.

Please read this post completely before beginning. If there's anything that you do not understand, please don't hesitate to ask before proceeding.

Please take note of the guidelines for this fix:

  • Please note that I am a volunteer. I do have a family, a career, and other endeavors that may prevent immediate responses that meet your schedule. Do note that the differences in time zones could present a problem as well. Your patience and understanding will be greatly appreciated.
  • First of all, the procedures we are about to perform are specific to your problem and should only be used on this specific computer.
  • Do not make any changes to your computer that include installing/uninstalling programs, deleting files, modifying the registry, nor running scanners or tools of any kind unless specifically requested by me.
  • Please read ALL instructions carefully and perform the steps fully and in the order they are written.
  • If things appear to be better, let me know. Just because the symptoms no longer exist as before, does not mean that you are clean.
  • Continue to read and follow my instructions until I tell you that your machine is clean.
  • If you have any questions at all, please do not hesitate to ask before performing the task that I ask of you, and please wait for my reply before you proceed.
  • Scanning with programs and reading the logs do take a fair amount of time. Again, your patience will be necessary. :)

Let's begin... :)
 

  • Highlight the entire content of the quote box below.

Start::  
FirewallRules: [{4C85DDCB-8F3B-459E-8894-079FA992ABC1}] => (Allow) LPort=2869
FirewallRules: [{037906A0-EA0B-4353-8B10-388C0254F270}] => (Allow) LPort=1900
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
GroupPolicy: Restriction <==== ATTENTION
Task: {01D97544-351B-41F9-9B60-FF02EB9292EC} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {0FA2CD45-20D4-4E2C-9289-3628F1694D11} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {2522E1E3-0E71-473E-B9B8-60290E2CC22A} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {26247C0B-2DF4-4B56-BCC1-E423D76F1254} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {41E9AEAF-6CD0-4212-90B7-F42027E8D9A7} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {714495D1-5D61-48D5-ADA6-0AACC816F138} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {75DFF104-9C4F-47B3-97F6-E213F3C61177} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {7F76DD05-6603-47A4-A790-39EACF39BBC6} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {90F317BA-832E-429E-8182-B6BF72D83CE8} - System32\Tasks\BattleGroup => C:\WINDOWS\system32\rundll32.exe "C:\Program Files\BattleGroup\BattleGroup.dll",VSJjrBB <==== ATTENTION
Task: {B00B336D-0A63-48DC-A0F9-F2293B8F4D69} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {B6E63080-E08A-4487-A5E4-0A37DD9E24B4} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {C972D266-2590-404F-96CF-828E2A3DB291} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {F830E72C-EACD-4A52-A7C0-C717149597B0} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
FF Plugin-x32: @softnyxNpruntime -> C:\Game\SoftnyxGame\NyxLauncherIS\npSoftnyx.dll [No File]
Task: {01D97544-351B-41F9-9B60-FF02EB9292EC} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {0FA2CD45-20D4-4E2C-9289-3628F1694D11} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {2522E1E3-0E71-473E-B9B8-60290E2CC22A} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {26247C0B-2DF4-4B56-BCC1-E423D76F1254} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {41E9AEAF-6CD0-4212-90B7-F42027E8D9A7} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {714495D1-5D61-48D5-ADA6-0AACC816F138} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {75DFF104-9C4F-47B3-97F6-E213F3C61177} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {7F76DD05-6603-47A4-A790-39EACF39BBC6} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {B00B336D-0A63-48DC-A0F9-F2293B8F4D69} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {B6E63080-E08A-4487-A5E4-0A37DD9E24B4} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {C972D266-2590-404F-96CF-828E2A3DB291} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {F830E72C-EACD-4A52-A7C0-C717149597B0} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
2018-01-16 21:07 - 2018-01-16 21:07 - 000016384 _____ (noOrg) C:\Users\Kevin\AppData\Local\Temp\cubesta.exe
C:\Users\Kevin\AppData\Local\rangzdu
2018-01-16 21:09 - 2018-01-20 01:53 - 000000000 ____D C:\Users\Kevin\AppData\Local\spnrwib
2018-01-16 21:09 - 2018-01-20 01:53 - 000000000 ____D C:\Users\Kevin\AppData\Local\cwcubnm
C:\Users\Kevin\AppData\Local\icpo
2018-01-16 21:08 - 2018-01-16 21:08 - 000000000 ____D C:\WINDOWS\SysWOW64\upkrdbo
2018-01-16 21:08 - 2018-01-16 21:08 - 000000000 ____D C:\WINDOWS\system32\upkrdbo
2014-06-20 18:26 - 2018-01-20 12:12 - 000000074 _____ () C:\Users\Kevin\AppData\Roaming\sp_data.sys
2015-08-03 13:18 - 2015-08-03 13:18 - 028976243 _____ () C:\Users\Kevin\AppData\Local\package.nw.new
2018-01-16 21:07 - 2018-01-16 21:07 - 000016384 _____ (noOrg) C:\Users\Kevin\AppData\Local\Temp\cubesta.exe
CMD: fltmc instances
Folder: C:\Windows\System32\Drivers
Reg: Reg query "HKLM\SYSTEM\Select"
CMD: Removeproxy
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: ipconfig /flushdns
CMD: netsh winsock reset catalog
CMD: netsh int ip reset C:\resettcpip.txt
CMD: FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i"
CMD: Bitsadmin /Reset /Allusers
EMPTYTEMP:
Reboot:
End::

  • Right click on the highlighted text and select Copy.
  • Start FRST (FRST64) with Administrator privileges
  • Press the Fix button. FRST will process the lines copied above from the clipboard.
  • When finished, a log file (Fixlog.txt) will pop up and saved in the same location the tool was ran from.

Please copy and paste its contents in your next reply.

Download AdwCleaner from here. Save the file to the desktop.

NOTE: If you are using IE 8 or above you may get a warning that stops the program from downloading. Just click on the warning and allow the download to complete.

Close all open windows and browsers.

  • XP users: Double click the AdwCleaner icon to start the program.
  • Vista/7/8/10 users: Right click the AdwCleaner icon on the desktop, click Run as administrator and accept the UAC prompt to run AdwCleaner.
    You will see the following console:

65MBhLLb.png

  • Click the Scan button and wait for the scan to finish.
  • After the Scan has finished the window may or may not show what it found and above, in the progress bar, you will see: Pending. Please uncheck elements you don't want to remove.
  • Click the Clean button.
  • Everything checked will be moved to Quarantine.
  • When the program has finished cleaning a report appears.Once done it will ask to reboot, allow this

adwcleaner_delete_restart.jpg

  • On reboot a log will be produced please copy / paste that in your next reply. This report is also saved to C:\AdwCleaner\AdwCleaner[C0].txt

 

RQKuhw1.pngRogueKiller

  • Download the right version of RogueKiller for your Windows version (32 or 64-bit)
  • Once done, move the executable file to your Desktop, right-click on it and select Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users)
  • Click on the Start Scan button in the right panel, which will bring you to another tab, and click on it again (this time it'll be in the bottom right corner)
  • Wait for the scan to complete
  • On completion, the results will be displayed
  • Check every single entry (threat found), and click on the Remove Selected button
  • On completion, the results will be displayed. Click on the Open Report button in the bottom left corner, followed by the Open TXT button (also in the bottom left corner)
  • This will open the report in Notepad. Copy/paste its content in your next reply

 

 


No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#3 frost101

frost101
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:09:14 PM

Posted 21 January 2018 - 04:53 PM

Fix result of Farbar Recovery Scan Tool (x64) Version: 21.01.2018
Ran by Kevin (21-01-2018 13:26:13) Run:1
Running from F:\
Loaded Profiles: Kevin (Available Profiles: Kevin)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
  
FirewallRules: [{4C85DDCB-8F3B-459E-8894-079FA992ABC1}] => (Allow) LPort=2869
FirewallRules: [{037906A0-EA0B-4353-8B10-388C0254F270}] => (Allow) LPort=1900
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
GroupPolicy: Restriction <==== ATTENTION
Task: {01D97544-351B-41F9-9B60-FF02EB9292EC} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {0FA2CD45-20D4-4E2C-9289-3628F1694D11} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {2522E1E3-0E71-473E-B9B8-60290E2CC22A} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {26247C0B-2DF4-4B56-BCC1-E423D76F1254} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {41E9AEAF-6CD0-4212-90B7-F42027E8D9A7} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {714495D1-5D61-48D5-ADA6-0AACC816F138} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {75DFF104-9C4F-47B3-97F6-E213F3C61177} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {7F76DD05-6603-47A4-A790-39EACF39BBC6} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {90F317BA-832E-429E-8182-B6BF72D83CE8} - System32\Tasks\BattleGroup => C:\WINDOWS\system32\rundll32.exe "C:\Program Files\BattleGroup\BattleGroup.dll",VSJjrBB <==== ATTENTION
Task: {B00B336D-0A63-48DC-A0F9-F2293B8F4D69} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {B6E63080-E08A-4487-A5E4-0A37DD9E24B4} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {C972D266-2590-404F-96CF-828E2A3DB291} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {F830E72C-EACD-4A52-A7C0-C717149597B0} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
FF Plugin-x32: @softnyxNpruntime -> C:\Game\SoftnyxGame\NyxLauncherIS\npSoftnyx.dll [No File]
Task: {01D97544-351B-41F9-9B60-FF02EB9292EC} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {0FA2CD45-20D4-4E2C-9289-3628F1694D11} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {2522E1E3-0E71-473E-B9B8-60290E2CC22A} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {26247C0B-2DF4-4B56-BCC1-E423D76F1254} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {41E9AEAF-6CD0-4212-90B7-F42027E8D9A7} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {714495D1-5D61-48D5-ADA6-0AACC816F138} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {75DFF104-9C4F-47B3-97F6-E213F3C61177} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {7F76DD05-6603-47A4-A790-39EACF39BBC6} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {B00B336D-0A63-48DC-A0F9-F2293B8F4D69} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {B6E63080-E08A-4487-A5E4-0A37DD9E24B4} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {C972D266-2590-404F-96CF-828E2A3DB291} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {F830E72C-EACD-4A52-A7C0-C717149597B0} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
2018-01-16 21:07 - 2018-01-16 21:07 - 000016384 _____ (noOrg) C:\Users\Kevin\AppData\Local\Temp\cubesta.exe
C:\Users\Kevin\AppData\Local\rangzdu
2018-01-16 21:09 - 2018-01-20 01:53 - 000000000 ____D C:\Users\Kevin\AppData\Local\spnrwib
2018-01-16 21:09 - 2018-01-20 01:53 - 000000000 ____D C:\Users\Kevin\AppData\Local\cwcubnm
C:\Users\Kevin\AppData\Local\icpo
2018-01-16 21:08 - 2018-01-16 21:08 - 000000000 ____D C:\WINDOWS\SysWOW64\upkrdbo
2018-01-16 21:08 - 2018-01-16 21:08 - 000000000 ____D C:\WINDOWS\system32\upkrdbo
2014-06-20 18:26 - 2018-01-20 12:12 - 000000074 _____ () C:\Users\Kevin\AppData\Roaming\sp_data.sys
2015-08-03 13:18 - 2015-08-03 13:18 - 028976243 _____ () C:\Users\Kevin\AppData\Local\package.nw.new
2018-01-16 21:07 - 2018-01-16 21:07 - 000016384 _____ (noOrg) C:\Users\Kevin\AppData\Local\Temp\cubesta.exe
CMD: fltmc instances
Folder: C:\Windows\System32\Drivers
Reg: Reg query "HKLM\SYSTEM\Select"
CMD: Removeproxy
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: ipconfig /flushdns
CMD: netsh winsock reset catalog
CMD: netsh int ip reset C:\resettcpip.txt
CMD: FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i"
CMD: Bitsadmin /Reset /Allusers
EMPTYTEMP:
Reboot:
 
*****************
 
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4C85DDCB-8F3B-459E-8894-079FA992ABC1}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{037906A0-EA0B-4353-8B10-388C0254F270}" => removed successfully
"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender" => removed successfully
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{01D97544-351B-41F9-9B60-FF02EB9292EC} => could not remove key. ErrorCode1: 0x00000002
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{01D97544-351B-41F9-9B60-FF02EB9292EC}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0FA2CD45-20D4-4E2C-9289-3628F1694D11}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0FA2CD45-20D4-4E2C-9289-3628F1694D11}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2522E1E3-0E71-473E-B9B8-60290E2CC22A}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2522E1E3-0E71-473E-B9B8-60290E2CC22A}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{26247C0B-2DF4-4B56-BCC1-E423D76F1254}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{26247C0B-2DF4-4B56-BCC1-E423D76F1254}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{41E9AEAF-6CD0-4212-90B7-F42027E8D9A7}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{41E9AEAF-6CD0-4212-90B7-F42027E8D9A7}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{714495D1-5D61-48D5-ADA6-0AACC816F138}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{714495D1-5D61-48D5-ADA6-0AACC816F138}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{75DFF104-9C4F-47B3-97F6-E213F3C61177}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{75DFF104-9C4F-47B3-97F6-E213F3C61177}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7F76DD05-6603-47A4-A790-39EACF39BBC6}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7F76DD05-6603-47A4-A790-39EACF39BBC6}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{90F317BA-832E-429E-8182-B6BF72D83CE8}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{90F317BA-832E-429E-8182-B6BF72D83CE8}" => removed successfully
C:\WINDOWS\System32\Tasks\BattleGroup => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BattleGroup" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B00B336D-0A63-48DC-A0F9-F2293B8F4D69}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B00B336D-0A63-48DC-A0F9-F2293B8F4D69}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B6E63080-E08A-4487-A5E4-0A37DD9E24B4}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B6E63080-E08A-4487-A5E4-0A37DD9E24B4}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C972D266-2590-404F-96CF-828E2A3DB291}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C972D266-2590-404F-96CF-828E2A3DB291}" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager => key not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F830E72C-EACD-4A52-A7C0-C717149597B0}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F830E72C-EACD-4A52-A7C0-C717149597B0}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@softnyxNpruntime" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{01D97544-351B-41F9-9B60-FF02EB9292EC}" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{01D97544-351B-41F9-9B60-FF02EB9292EC} => key not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => key not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0FA2CD45-20D4-4E2C-9289-3628F1694D11} => key not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d => key not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2522E1E3-0E71-473E-B9B8-60290E2CC22A} => key not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d => key not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{26247C0B-2DF4-4B56-BCC1-E423D76F1254} => key not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d => key not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{41E9AEAF-6CD0-4212-90B7-F42027E8D9A7} => key not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => key not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{714495D1-5D61-48D5-ADA6-0AACC816F138} => key not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => key not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{75DFF104-9C4F-47B3-97F6-E213F3C61177} => key not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => key not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7F76DD05-6603-47A4-A790-39EACF39BBC6} => key not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d => key not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B00B336D-0A63-48DC-A0F9-F2293B8F4D69} => key not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d => key not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B6E63080-E08A-4487-A5E4-0A37DD9E24B4} => key not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd => key not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C972D266-2590-404F-96CF-828E2A3DB291} => key not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager => key not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F830E72C-EACD-4A52-A7C0-C717149597B0} => key not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => key not found
C:\Users\Kevin\AppData\Local\Temp\cubesta.exe => moved successfully
C:\Users\Kevin\AppData\Local\rangzdu => moved successfully
C:\Users\Kevin\AppData\Local\spnrwib => moved successfully
C:\Users\Kevin\AppData\Local\cwcubnm => moved successfully
C:\Users\Kevin\AppData\Local\icpo => moved successfully
C:\WINDOWS\SysWOW64\upkrdbo => moved successfully
C:\WINDOWS\system32\upkrdbo => moved successfully
C:\Users\Kevin\AppData\Roaming\sp_data.sys => moved successfully
C:\Users\Kevin\AppData\Local\package.nw.new => moved successfully
"C:\Users\Kevin\AppData\Local\Temp\cubesta.exe" => not found
 
========= fltmc instances =========
 
Filter                Volume Name                              Altitude        Instance Name       Frame   SprtFtrs  VlStatus
--------------------  -------------------------------------  ------------  ----------------------  -----   --------  --------
FileInfo                                                         40500     FileInfo                  0     00000007  
FileInfo                                                         40500     FileInfo                  0     00000007  
FileInfo              C:                                         40500     FileInfo                  0     00000007  
FileInfo                                                         40500     FileInfo                  0     00000007  
FileInfo              D:                                         40500     FileInfo                  0     00000007  
FileInfo              F:                                         40500     FileInfo                  0     00000007  
FileInfo              \Device\Mup                                40500     FileInfo                  0     00000007  
Wof                                                              40700     Wof Instance              0     00000007  
Wof                   C:                                         40700     Wof Instance              0     00000007  
Wof                                                              40700     Wof Instance              0     00000007  
Wof                   D:                                         40700     Wof Instance              0     00000007  
luafv                 C:                                        135000     luafv                     0     00000007  
npsvctrig             \Device\NamedPipe                          46000     npsvctrig                 0     00000000  
wcifs                 C:                                        189900     wcifs Instance            0     00000007  
 
========= End of CMD: =========
 
 
========================= Folder: C:\Windows\System32\Drivers ========================
 
2013-08-27 20:56 - 2013-08-27 20:56 - 000000000 ____A [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\1043_ASUSTEK_G750JW_G750JX_G750JXA_V70_WIN8.MRK
2017-09-29 07:41 - 2017-09-29 07:41 - 000237056 ____A [08312DEEF0D3F8647AA53AD90A69094E] (Microsoft Corporation) C:\Windows\System32\Drivers\1394ohci.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000107416 ____A [645009E711BBF117CCEE917A03FB0CDD] (LSI) C:\Windows\System32\Drivers\3ware.sys
2018-01-19 21:55 - 2018-01-19 22:23 - 000255928 ____A [BDFA7A13CC73B180BBDF1ABA280E1CF7] (Malwarebytes) C:\Windows\System32\Drivers\63321A11.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000733592 ____A [91A59E1A94F1A267FA9F8F6FC9AA9497] (Microsoft Corporation) C:\Windows\System32\Drivers\acpi.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000020480 ____A [44EA35A4B397898A83BF1B9B4B8DAE35] (Microsoft Corporation) C:\Windows\System32\Drivers\AcpiDev.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000127896 ____A [91D113A1532B8AB1E25B7DE5AB3C2F83] (Microsoft Corporation) C:\Windows\System32\Drivers\acpiex.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000012800 ____A [620BB2682BA625DF037072D89F44F6EE] (Microsoft Corporation) C:\Windows\System32\Drivers\acpipagr.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000014336 ____A [B9805A3C479390CEAEA5AEF5E4A90A2E] (Microsoft Corporation) C:\Windows\System32\Drivers\acpipmi.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000013312 ____A [ABD4EB55C661143B015BD0B9B47B235C] (Microsoft Corporation) C:\Windows\System32\Drivers\acpitime.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 001135512 ____A [8C58BD711FAD5F11E8CFDBC5CED973A5] (PMC-Sierra) C:\Windows\System32\Drivers\adp80xx.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000614296 ____A [6FB5A2026B16D596DEABF550E7A4BD82] (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000108032 ____A [ED0EE10911C16AD8B21B9003C90E968F] (Microsoft Corporation) C:\Windows\System32\Drivers\agilevpn.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000240640 ____A [56166D110D3ECFFC595E5FA02D9BA491] (Microsoft Corporation) C:\Windows\System32\Drivers\ahcache.sys
2012-09-18 13:51 - 2012-09-18 13:51 - 000017152 ____A [16F6F6B7903B913AB41AB848C8BB5658] (ASUSTek Computer Inc.) C:\Windows\System32\Drivers\AiCharger.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000180224 ____A [62619E31AFF88F906A7E793AC4A9FF51] (Microsoft Corporation) C:\Windows\System32\Drivers\amdk8.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000178176 ____A [735142DD039BEB35632765C41FC6E397] (Microsoft Corporation) C:\Windows\System32\Drivers\amdppm.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000083352 ____A [F1C16AABA27E9E153AEC7BD2AB853F30] (Advanced Micro Devices) C:\Windows\System32\Drivers\amdsata.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000258592 ____A [C834D0F1ECB8473E9E6D18EE1BCEECB2] (AMD Technologies Inc.) C:\Windows\System32\Drivers\amdsbs.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000027032 ____A [49203D2FFE30CBB36BE66A0E70F3D954] (Advanced Micro Devices) C:\Windows\System32\Drivers\amdxata.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000191008 ____A [3692C75C47285D388C886D162F54C430] (Microsoft Corporation) C:\Windows\System32\Drivers\appid.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000018432 ____A [1E085E2302D568F0CE041732B3E887B0] (Microsoft Corporation) C:\Windows\System32\Drivers\applockerfltr.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000131992 ____A [B42C83DE28776B80DBA1310C56DD4F74] (PMC-Sierra, Inc.) C:\Windows\System32\Drivers\arcsas.sys
2015-05-13 05:44 - 2015-05-13 05:44 - 000019976 ____A [7222DC0F811BBD1B4B4A7C28B7C31AE5] (ASUS) C:\Windows\System32\Drivers\AsHIDSwitch64.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000028160 ____A [C2151380227CD1F7DDA2401C1F151367] (Microsoft Corporation) C:\Windows\System32\Drivers\asyncmac.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000028568 ____A [6191B9B2EE0E8CB957C683B9B341CC86] (Microsoft Corporation) C:\Windows\System32\Drivers\atapi.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000194456 ____A [D180C7FB83CB30387EFF061B49E323E6] (Microsoft Corporation) C:\Windows\System32\Drivers\ataport.sys
2017-12-15 20:26 - 2017-12-15 20:26 - 000059800 ____A [0565247091903FA6C148EF3A9A7F4D9A] (Microsoft Corporation) C:\Windows\System32\Drivers\bam.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000058880 ____A [2A7267AA15E508F6D05A5B562F1FD1CE] (Microsoft Corporation) C:\Windows\System32\Drivers\BasicDisplay.sys
2017-12-15 20:26 - 2017-12-15 20:26 - 000034816 ____A [2E1EE0F10FAF1250D1AC05BFB0E6BD3D] (Microsoft Corporation) C:\Windows\System32\Drivers\BasicRender.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000039832 ____A [B19B0EC8F75528E577EE4EF7AD608A68] (Microsoft Corporation) C:\Windows\System32\Drivers\battc.sys
2015-03-27 10:33 - 2015-03-27 10:33 - 000173312 ____A [6FED40EC0DB11DF1B2AD08621FBDDED6] (Broadcom Corporation.) C:\Windows\System32\Drivers\bcbtums.sys
2013-11-01 17:00 - 2013-03-10 10:09 - 000068804 ____A [02722C2ABDFF682E4A4BDC056C0FEAC2] () C:\Windows\System32\Drivers\BCM20702A1_001.002.014.1159.1174.hex
2015-03-27 10:33 - 2015-03-27 10:33 - 000070105 ____A [64A5717211F14028613175D47F5BD8DF] () C:\Windows\System32\Drivers\BCM20702A1_001.002.014.1443.1479.hex
2017-09-29 07:41 - 2017-09-29 07:41 - 000009728 ____A [739D089777D2B66DBE7201E5EA4BA2D7] (Windows ® Win 7 DDK provider) C:\Windows\System32\Drivers\bcmfn2.sys
2017-09-29 07:40 - 2017-09-29 07:40 - 007585280 ____A [E6618C2CAEEE8A2644FD46B98304954A] (Broadcom Corporation) C:\Windows\System32\Drivers\BCMWL63a.SYS
2017-09-29 07:42 - 2017-09-29 07:42 - 000010240 ____A [EDDAA3A563E7EB71C991FE91249C7D81] (Microsoft Corporation) C:\Windows\System32\Drivers\beep.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000101888 ____A [D030A1203680D66716F4E74053468627] (Microsoft Corporation) C:\Windows\System32\Drivers\bowser.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000116736 ____A [167408B38458ECAE545C57527BC99024] (Microsoft Corporation) C:\Windows\System32\Drivers\bridge.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000023040 ____A [D2C5B02A3C303E2315F0C84DE366BBA4] (Microsoft Corporation) C:\Windows\System32\Drivers\BtaMPM.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000045056 ____A [A4863B7B1F0DB513D6E34547BACC211A] (Microsoft Corporation) C:\Windows\System32\Drivers\BthAvrcpTg.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000105472 ____A [82BD96D56574231AD0E9BBF293EA2E7F] (Microsoft Corporation) C:\Windows\System32\Drivers\bthenum.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000107008 ____A [9C9EE272C11252C651C5DE6A1AC1EDAA] (Microsoft Corporation) C:\Windows\System32\Drivers\bthhfenum.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000031232 ____A [69734E386826ED857C889330F35B4D9C] (Microsoft Corporation) C:\Windows\System32\Drivers\BthhfHid.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000083968 ____A [338B8D45C7DFB03DB7957188E16C9661] (Microsoft Corporation) C:\Windows\System32\Drivers\bthl2cap.sys
2017-09-29 07:40 - 2017-09-29 07:40 - 000067584 ____A [A94AFAEA86F5F792BB4ECA095B231464] (Microsoft Corporation) C:\Windows\System32\Drivers\bthmodem.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000129536 ____A [4F58D8C265FFA943878CF7F922432847] (Microsoft Corporation) C:\Windows\System32\Drivers\bthpan.sys
2017-12-15 20:26 - 2017-12-15 20:26 - 001015296 ____A [D970480A59C314CC344118D7B185D7E6] (Microsoft Corporation) C:\Windows\System32\Drivers\bthport.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000085504 ____A [55C836530A9602255BFB4F5D9DA2B737] (Microsoft Corporation) C:\Windows\System32\Drivers\BTHUSB.SYS
2017-09-29 07:41 - 2017-09-29 07:41 - 000037784 ____A [39E7437FC59CDD7A303ABD514E462E8B] (Microsoft Corporation) C:\Windows\System32\Drivers\bttflt.sys
2015-03-27 10:33 - 2015-03-27 10:33 - 000188160 ____A [8B8B304DF17084338326BC4ACC2716C5] (Broadcom Corporation.) C:\Windows\System32\Drivers\btwampfl.sys
2013-11-01 17:00 - 2013-01-19 18:18 - 000044912 ____A [1D1591BB5356D4160C15F754886EEE98] (Broadcom Corporation.) C:\Windows\System32\Drivers\btwpanfl.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000039424 ____A [522888590B0C19BC8128119060AE7901] (Microsoft Corporation) C:\Windows\System32\Drivers\buttonconverter.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000533912 ____A [A921805C1ED3253DF48FCA4D724173EB] (QLogic Corporation) C:\Windows\System32\Drivers\bxvbda.sys
2017-09-29 07:40 - 2017-09-29 07:40 - 000060312 ____A [2AB01CE5E233A6FBA3E91BD57772AA4B] (Microsoft Corporation) C:\Windows\System32\Drivers\CAD.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000122368 ____A [F6F97879F53AD57194C6BC8272FD73EA] (Microsoft Corporation) C:\Windows\System32\Drivers\capimg.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000093184 ____A [9E82A95D77AC78C84BA75FF896B060BF] (Microsoft Corporation) C:\Windows\System32\Drivers\cdfs.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000159744 ____A [6D83565C1652E80447EDEA6947FA89D7] (Microsoft Corporation) C:\Windows\System32\Drivers\cdrom.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000078744 ____A [39ACF04B3C31E36C2FD9D08E20E50EAB] (Microsoft Corporation) C:\Windows\System32\Drivers\CEA.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000141208 ____A [74A59AF129FBA5BDB23F8BCCF2CB87CA] (Chelsio Communications) C:\Windows\System32\Drivers\cht4dx64.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000357272 ____A [D81954CE5E016FD716EDDB2B2FD9BA58] (Chelsio Communications) C:\Windows\System32\Drivers\cht4sx64.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 001723288 ____A [F9A8570805807FFD66488F0A858E1308] (Chelsio Communications) C:\Windows\System32\Drivers\cht4vx64.sys
2017-09-29 07:40 - 2017-09-29 07:40 - 000049152 ____A [9798D58461706930190F1F2F6BF21D80] (Microsoft Corporation) C:\Windows\System32\Drivers\circlass.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000403352 ____A [ECC5538B63A59433EFCB1B6B07B4CE92] (Microsoft Corporation) C:\Windows\System32\Drivers\Classpnp.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000384000 ____A [CC8F32D22A8616F3A38FE43B23611CC5] (Microsoft Corporation) C:\Windows\System32\Drivers\cldflt.sys
2017-12-15 20:26 - 2017-12-15 20:26 - 000373656 ____A [59D46CE57A49353A733D162DBA65A4FA] (Microsoft Corporation) C:\Windows\System32\Drivers\clfs.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 001007512 ____A [0F83CF4020B740E655FD1F16F205D6F2] (Microsoft Corporation) C:\Windows\System32\Drivers\ClipSp.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000029696 ____A [2BA3BA38B5A6A667B0EAEC477276707B] (Microsoft Corporation) C:\Windows\System32\Drivers\CmBatt.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000028568 ____A [D03D8CE249E56CB8730C9B68070B3128] (Microsoft Corporation) C:\Windows\System32\Drivers\cmimcext.sys
2017-12-15 20:26 - 2017-12-15 20:26 - 000677272 ____A [58EF380A20B212FF5E0E337A2F36EBF7] (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000039320 ____A [C65AF00EF12A1755E7CA370B0C71935D] (Microsoft Corporation) C:\Windows\System32\Drivers\cnghwassist.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000055704 ____A [65602B0DB49199647FECB2D1212147BE] (Microsoft Corporation) C:\Windows\System32\Drivers\condrv.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000085912 ____A [CFC52E0DAA2A166F820B64C7E69F2352] (Microsoft Corporation) C:\Windows\System32\Drivers\crashdmp.sys
2017-09-29 07:42 - 2017-09-29 07:42 - 000081304 ____A [72BE43ABD786E86AAE7EA2193201E100] (Microsoft Corporation) C:\Windows\System32\Drivers\dam.sys
2018-01-08 15:15 - 2018-01-08 15:15 - 000045640 ____A [FCC89FED34A5FD03B27A2B577A40ACF8] (Dropbox, Inc.) C:\Windows\System32\Drivers\dbx-canary.sys
2018-01-08 15:15 - 2018-01-08 15:15 - 000045672 ____A [728BE4B36BA453779AEC6459DDDB320B] (Dropbox, Inc.) C:\Windows\System32\Drivers\dbx-dev.sys
2018-01-08 15:15 - 2018-01-08 15:15 - 000045640 ____A [FCC89FED34A5FD03B27A2B577A40ACF8] (Dropbox, Inc.) C:\Windows\System32\Drivers\dbx-stable.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000045056 ____A [2815014369223622056AEEB694C97A77] (Microsoft Corporation) C:\Windows\System32\Drivers\devauthe.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000151040 ____A [9910E9CFF5ECDCB225F82E72CE9DE459] (Microsoft Corporation) C:\Windows\System32\Drivers\dfsc.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000094104 ____A [811173C821171BB910219E53C7FD97AD] (Microsoft Corporation) C:\Windows\System32\Drivers\disk.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000038808 ____A [64DE1EFFA2D1DABE314D180CBA96A6E8] (Microsoft Corporation) C:\Windows\System32\Drivers\Diskdump.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000015360 ____A [A57FE4C5DBA7EEAEE6D2DABD14EC4A6D] (Microsoft Corporation) C:\Windows\System32\Drivers\Dmpusbstor.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000046592 ____A [569FE16775E15A49DC904DE20BF8CAA0] (Microsoft Corporation) C:\Windows\System32\Drivers\dmvsc.sys
2017-09-29 07:40 - 2017-09-29 07:40 - 000096768 ____A [C0A469AC69B3934424350A23A3EF5CDA] (Microsoft Corporation) C:\Windows\System32\Drivers\drmk.sys
2017-09-29 07:40 - 2017-09-29 07:40 - 000016224 ____A [F4800922F4ABA619585CE320A72E6389] (Microsoft Corporation) C:\Windows\System32\Drivers\drmkaud.sys
2017-04-30 19:21 - 2017-04-30 19:21 - 000030264 ____A [679FF716052109392D870F6A6C4A3535] (Disc Soft Ltd) C:\Windows\System32\Drivers\dtlitescsibus.sys
2017-04-30 19:21 - 2017-04-30 19:21 - 000047672 ____A [E23FDD696839A4790682CA66C48D3F2F] (Disc Soft Ltd) C:\Windows\System32\Drivers\dtliteusbbus.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000035736 ____A [81F3B917B75C436CECF4D3CD0E349724] (Microsoft Corporation) C:\Windows\System32\Drivers\Dumpata.sys
2017-09-29 07:43 - 2017-09-29 07:43 - 000091152 ____A [34FCF4D7956137A2EAB740CB4CCA5545] (Microsoft Corporation) C:\Windows\System32\Drivers\dumpfve.sys
2017-12-15 20:26 - 2017-12-15 20:26 - 000187288 ____A [E02FC3CB42A41EC3D2780005882A9BA9] (Microsoft Corporation) C:\Windows\System32\Drivers\dumpsd.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000032256 ____A [4BFDD041919A38D740E241F2FBCA22F0] (Microsoft Corporation) C:\Windows\System32\Drivers\dumpsdport.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000025600 ____A [C553147AB11C2D142660347BF134AFE6] (Microsoft Corporation) C:\Windows\System32\Drivers\Dumpstorport.sys
2017-12-15 20:26 - 2017-12-15 20:26 - 002573208 ____A [0DF6B436F579E1DD23C8EBD61EE749E8] (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000408096 ____A [AB7C29E978A28FB0EE274A3908E601CE] (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms1.sys
2017-12-15 20:26 - 2017-12-15 20:26 - 000749976 ____A [DDDAB127C9ED3ADD2CF0F58310C7D10D] (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms2.sys
2016-10-31 23:05 - 2017-06-26 21:53 - 000734248 ____A [0BABB0BBC36C2624F343CC88EA87581B] () C:\Windows\System32\Drivers\EasyAntiCheat.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000087960 ____A [260BBD6B1ED06298E509B452354EDB91] (Microsoft Corporation) C:\Windows\System32\Drivers\EhStorClass.sys
2017-09-29 07:40 - 2017-09-29 07:40 - 000118680 ____A [F3BEBDC1B9DBA32F183079EAE6244837] (Microsoft Corporation) C:\Windows\System32\Drivers\EhStorTcgDrv.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000013824 ____A [1B63CA857FD03FD0A5A1379F2996784F] (Microsoft Corporation) C:\Windows\System32\Drivers\errdev.sys
2015-06-22 03:40 - 2015-06-22 03:40 - 000447576 ____A [2F38AFC3C6FB3B49945C980A7A3ACE89] (ELAN Microelectronics Corp.) C:\Windows\System32\Drivers\ETD.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 003419032 ____A [C99D40C97841E0A7F0F90B8629593A97] (QLogic Corporation) C:\Windows\System32\Drivers\evbda.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000354304 ____A [F1ACA42D448E3986565EA54275EEEA65] (Microsoft Corporation) C:\Windows\System32\Drivers\exfat.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000371608 ____A [0AF4B36754A6EAE794EE4398E219A9E1] (Microsoft Corporation) C:\Windows\System32\Drivers\fastfat.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000032768 ____A [7CD8426A33F06EB72BFEC51F7C264AF8] (Microsoft Corporation) C:\Windows\System32\Drivers\fdc.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000055808 ____A [DE51BBBCF358188F9736F031546F9908] (Microsoft Corporation) C:\Windows\System32\Drivers\filecrypt.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000085400 ____A [822F664952B0F8D11BB6BD2F11779602] (Microsoft Corporation) C:\Windows\System32\Drivers\fileinfo.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000036864 ____A [5A4935682A0D47A4EAC4BE3C2ACF74D6] (Microsoft Corporation) C:\Windows\System32\Drivers\filetrace.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000026624 ____A [60641F22D1D38EAD197C25F0339C9712] (Microsoft Corporation) C:\Windows\System32\Drivers\flpydisk.sys
2017-12-15 20:26 - 2017-12-15 20:26 - 000398744 ____A [8F0A9F3BEBEE86A88BC82B222488B2FD] (Microsoft Corporation) C:\Windows\System32\Drivers\fltMgr.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000034200 ____A [BB82CC2F51F7C3D5DCD13FA3B040D8F8] (Microsoft Corporation) C:\Windows\System32\Drivers\fs_rec.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000062872 ____A [FB55F4ACC55261B25B3FF1B5BF87F10A] (Microsoft Corporation) C:\Windows\System32\Drivers\fsdepends.sys
2017-09-29 07:43 - 2017-09-29 07:43 - 000727448 ____A [11C39CA2326F1F1DBEC11C7A3D26A6A4] (Microsoft Corporation) C:\Windows\System32\Drivers\fvevol.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000441240 ____A [B73B5FFA16F32B914AB772028883257D] (Microsoft Corporation) C:\Windows\System32\Drivers\FWPKCLNT.SYS
2014-06-23 13:53 - 2012-08-21 14:01 - 000033240 ____A [8E98D21EE06192492A5671A6144D092F] (GEAR Software Inc.) C:\Windows\System32\Drivers\GEARAspiWDM.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000020992 ____A [8B34E3F794F652082D7E8AF112F71681] (Microsoft Corporation) C:\Windows\System32\Drivers\genericusbfn.sys
2013-11-01 17:01 - 2013-03-21 21:06 - 000091368 ____A [1CAC7DC83D77DB9FD9099E7D97B1329E] (GenesysLogic) C:\Windows\System32\Drivers\GeneStor.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 003440660 ____A [7F29903CB8F5590D52DB0C9F97049A25] () C:\Windows\System32\Drivers\gm.dls
2017-09-29 07:41 - 2017-09-29 07:41 - 000000646 ____A [7111BFA692A22E4B3C07F1E6C6FF6F72] () C:\Windows\System32\Drivers\gmreadme.txt
2017-09-29 07:41 - 2017-09-29 07:41 - 000008192 ____A [C7DEA3458E50B691E69EFF0B47CBCCDB] (Microsoft Corporation) C:\Windows\System32\Drivers\gpuenergydrv.sys
2017-09-29 07:40 - 2017-09-29 07:40 - 000086016 ____A [99A34FD1F6431A10D8C3BB50E170D0F2] (Microsoft Corporation) C:\Windows\System32\Drivers\hdaudbus.sys
2013-11-01 16:55 - 2013-06-23 21:05 - 000064624 ____A [2BB3EAE2EA641515D4B205CAB29E1624] (Intel Corporation) C:\Windows\System32\Drivers\HECIx64.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000038296 ____A [2443FC6EEB9CF092B62127D867901B02] (Microsoft Corporation) C:\Windows\System32\Drivers\hidbatt.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000114688 ____A [205043CDC16ADE85E252DD54AE925161] (Microsoft Corporation) C:\Windows\System32\Drivers\hidbth.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000187392 ____A [820BCBD636AF30B53D57F0899F6BDD94] (Microsoft Corporation) C:\Windows\System32\Drivers\hidclass.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000052224 ____A [B521DDDC9038C066B1B957BF063A531A] (Microsoft Corporation) C:\Windows\System32\Drivers\hidi2c.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000050584 ____A [5AC0EBFA76E93273A806176D3178E986] (Microsoft Corporation) C:\Windows\System32\Drivers\hidinterrupt.sys
2017-09-29 07:40 - 2017-09-29 07:40 - 000046592 ____A [366AC0E05EBF5D5C375F65CD8BC7F0DF] (Microsoft Corporation) C:\Windows\System32\Drivers\hidir.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000045568 ____A [B64B7AEBF86FCF5BE73961A0417076F3] (Microsoft Corporation) C:\Windows\System32\Drivers\hidparse.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000040960 ____A [7CB54D02746024648FCE184FC3F941FF] (Microsoft Corporation) C:\Windows\System32\Drivers\hidusb.sys
2018-01-16 23:14 - 2018-01-16 23:14 - 000055232 ____A [D8B279B390DCF00AA20FB599EB37AD5F] () C:\Windows\System32\Drivers\hitmanpro37.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000063520 ____A [835FB95D85D362057A72D21A48C2C7F8] (Hewlett-Packard Company) C:\Windows\System32\Drivers\HpSAMD.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 001103768 ____A [82C0A5B7D21442D063FFAFD0B6AAC086] (Microsoft Corporation) C:\Windows\System32\Drivers\http.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000073112 ____A [9F2CFC90306532866C62BDCDFD2532AA] (Microsoft Corporation) C:\Windows\System32\Drivers\hvservice.sys
2017-12-15 20:26 - 2017-12-15 20:26 - 000129432 ____A [128138F2B7AE31E252630714859B36C9] (Microsoft Corporation) C:\Windows\System32\Drivers\hvsocket.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000029592 ____A [3C65EBF7F1BFD98426C355D66876ECEE] (Microsoft Corporation) C:\Windows\System32\Drivers\hwpolicy.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000016896 ____A [7E00234C67A322988AFEA717D5609C9E] (Microsoft Corporation) C:\Windows\System32\Drivers\hyperkbd.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000028160 ____A [FBF5BB641DE99AE1DF4835E88D4F8993] (Microsoft Corporation) C:\Windows\System32\Drivers\HyperVideo.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000105984 ____A [56FF074E50F9042FD2856AB3418F4B18] (Microsoft Corporation) C:\Windows\System32\Drivers\i8042prt.sys
2017-09-29 07:40 - 2017-09-29 07:40 - 000036864 ____A [B5EC43755E62591197DE5CBBDAA9FEB7] (Intel® Corporation) C:\Windows\System32\Drivers\iagpio.sys
2017-09-29 07:40 - 2017-09-29 07:40 - 000091648 ____A [D8CA23F9C5FEF44296FDE1E005C06EC0] (Intel® Corporation) C:\Windows\System32\Drivers\iai2c.sys
2017-09-29 07:40 - 2017-09-29 07:40 - 000079360 ____A [7B769C9D19C013F94874C4B15D59A005] (Intel Corporation) C:\Windows\System32\Drivers\iaLPSS2i_GPIO2.sys
2017-09-29 07:40 - 2017-09-29 07:40 - 000088576 ____A [E0F1B3A2A70FABE3BE1C9140BB55E607] (Intel Corporation) C:\Windows\System32\Drivers\iaLPSS2i_GPIO2_BXT_P.sys
2017-09-29 07:40 - 2017-09-29 07:40 - 000171520 ____A [89A869BCC0588A3009ECB875B09ECD39] (Intel Corporation) C:\Windows\System32\Drivers\iaLPSS2i_I2C.sys
2017-09-29 07:40 - 2017-09-29 07:40 - 000174592 ____A [2E693DF3C02A0859DB8DE25772751100] (Intel Corporation) C:\Windows\System32\Drivers\iaLPSS2i_I2C_BXT_P.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000038128 ____A [16A10CCEDCF5AC4CAAE43DC9FC40392F] (Intel Corporation) C:\Windows\System32\Drivers\iaLPSSi_GPIO.sys
2017-09-29 07:40 - 2017-09-29 07:40 - 000113152 ____A [EB82A11613326691508D9ED9A4FE29E7] (Intel Corporation) C:\Windows\System32\Drivers\iaLPSSi_I2C.sys
2013-08-27 20:55 - 2013-08-08 20:31 - 000644968 ____A [57CD95DEB3529181BCC931DD2DFB2341] (Intel Corporation) C:\Windows\System32\Drivers\iaStorA.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000674200 ____A [435883A27A376B125BD4DF888417C85F] (Intel Corporation) C:\Windows\System32\Drivers\iaStorAV.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000412056 ____A [7118E4390C4ACDE61E280CE52BCAF44E] (Intel Corporation) C:\Windows\System32\Drivers\iaStorV.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000526232 ____A [9DBE8C359ABACE1BE1BBAB687D114506] (Mellanox) C:\Windows\System32\Drivers\ibbus.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000039424 ____A [42CAF6216A6E516DC56BA319ACC7EEC5] (Microsoft Corporation) C:\Windows\System32\Drivers\IndirectKmd.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000019352 ____A [40943C1CD031ACE06A8374AD56B9E5EA] (Microsoft Corporation) C:\Windows\System32\Drivers\intelide.sys
2013-11-01 16:55 - 2013-06-23 21:05 - 000016344 ____A [33BE87306AB01D39CAE8DA81782AF421] (Intel Corporation) C:\Windows\System32\Drivers\IntelMEFWVer.dll
2017-09-29 07:41 - 2017-09-29 07:41 - 000130640 ____A [327D9CCF5492543AEF3979F9EEAD02BE] (Microsoft Corporation) C:\Windows\System32\Drivers\intelpep.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000198656 ____A [10F2757836F41BFAEA2AE19F6FE869B2] (Microsoft Corporation) C:\Windows\System32\Drivers\intelppm.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000038912 ____A [8387E90B551B9B7F32EDC69909591E9E] (Microsoft Corporation) C:\Windows\System32\Drivers\invdimm.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000056728 ____A [E207078E0E1BB3524277DB9077E4148E] (Microsoft Corporation) C:\Windows\System32\Drivers\iorate.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000085504 ____A [FD8F64B7B345E539F2EA7F72846F83B4] (Microsoft Corporation) C:\Windows\System32\Drivers\ipfltdrv.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000092056 ____A [8AAB863E72A4F9C578FED2EE3541545B] (Microsoft Corporation) C:\Windows\System32\Drivers\IPMIDrv.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000214016 ____A [7BEC2AF23F586EFF0DB4DBF4331B0C70] (Microsoft Corporation) C:\Windows\System32\Drivers\ipnat.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000026112 ____A [35A54F19E703D4FE5919F812F6CC5D0A] (Microsoft Corporation) C:\Windows\System32\Drivers\ipt.sys
2017-09-29 07:42 - 2017-09-29 07:42 - 000119808 ____A [359CDDBC825959DA28FA886B3C271B53] (Microsoft Corporation) C:\Windows\System32\Drivers\irda.sys
2017-09-29 07:42 - 2017-09-29 07:42 - 000019968 ____A [F88664A2A82DDA456180FFF95A771765] (Microsoft Corporation) C:\Windows\System32\Drivers\irenum.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000022936 ____A [2296B158C43C306B0AC5B4D57EA9F0E1] (Microsoft Corporation) C:\Windows\System32\Drivers\isapnp.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000063384 ____A [E320F986BBE0CD9324EA0A193EBF29B1] (Microsoft Corporation) C:\Windows\System32\Drivers\kbdclass.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000040448 ____A [AFF5DDCC1A79217C9526FF5E01A69E89] (Microsoft Corporation) C:\Windows\System32\Drivers\kbdhid.sys
2013-08-27 20:55 - 2012-08-01 21:22 - 000014992 ____A [A8080BEBCDB7A16495CE1205921DCAC5] ( ) C:\Windows\System32\Drivers\kbfiltr.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000023040 ____A [916E62AF3386F7A74603E5C545F6FF2D] (Microsoft Corporation) C:\Windows\System32\Drivers\kdnic.sys
2017-12-15 20:26 - 2017-12-15 20:26 - 000394752 ____A [09AE3B1F0C0C03EF7EA605DBDB6EAC11] (Microsoft Corporation) C:\Windows\System32\Drivers\ks.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000139672 ____A [69FA8BEBADF807089FEFCD3F59CFAC1E] (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000170904 ____A [C1081E2B36F77781167FD9401119B98E] (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000027136 ____A [DD8C4726127CFE313233372D70787C37] (Microsoft Corporation) C:\Windows\System32\Drivers\ksthunk.sys
2013-09-18 08:42 - 2013-09-18 08:42 - 000130248 ____A [4E5EA006CFFB96E0BAFC767D659AAB9A] (Qualcomm Atheros Co., Ltd.) C:\Windows\System32\Drivers\L1C63x64.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000065024 ____A [CB5A6E117502156794F0DA9E61506006] (Microsoft Corporation) C:\Windows\System32\Drivers\lltdio.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000108064 ____A [20048BEE892138A745B1C23EBB0E069F] (LSI Corporation) C:\Windows\System32\Drivers\lsi_sas.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000123800 ____A [9EAB16572B576979D585DDEDB12417CD] (LSI Corporation) C:\Windows\System32\Drivers\lsi_sas2i.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000103320 ____A [3B7B359C0870317106DF3438D4FF491D] (Avago Technologies) C:\Windows\System32\Drivers\lsi_sas3i.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000082840 ____A [2DE03BA338A4B0ACDB416A30F1C7D56F] (LSI Corporation) C:\Windows\System32\Drivers\lsi_sss.sys
2017-12-15 20:26 - 2017-12-15 20:26 - 000124928 ____A [9A497169E145FCE2D8AA7DBC67377F64] (Microsoft Corporation) C:\Windows\System32\Drivers\luafv.sys
2016-07-24 16:26 - 2012-06-20 10:51 - 000020232 ____A [D7F57860E779B84AB982E8F4F23E30D1] (HandSet Incorporated) C:\Windows\System32\Drivers\massfilter_hs.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000505240 ____A [BF56CB9D02DEE8CA9CBA50220BE16F15] (Microsoft Corporation) C:\Windows\System32\Drivers\mausbhost.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000055840 ____A [01BDEE1FFF6D2216797DFEE4ABD937D9] (Microsoft Corporation) C:\Windows\System32\Drivers\mausbip.sys
2014-11-04 17:12 - 2016-03-10 13:08 - 000027008 ____A [78BFF5425E044086E74E78650A359FBB] (Malwarebytes) C:\Windows\System32\Drivers\mbam.sys
2014-11-04 17:12 - 2018-01-19 22:23 - 000192952 ____A [24C3F7C13C2490BFE9CD6AC40B9EAA5E] (Malwarebytes) C:\Windows\System32\Drivers\mbamchameleon.sys
2014-11-04 17:13 - 2018-01-19 20:41 - 000192216 ____A [78488AF2AB2111D67B3C4044707A519B] (Malwarebytes) C:\Windows\System32\Drivers\MBAMSwissArmy.sys
2017-09-29 07:42 - 2017-09-29 07:42 - 000023552 ____A [8EBBA9BA25AF5E62B30231BC1474994F] (Microsoft Corporation) C:\Windows\System32\Drivers\mcd.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000059800 ____A [C7B8B5053D646CBD30BE1BA6B487D396] (Avago Technologies) C:\Windows\System32\Drivers\megasas.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000063520 ____A [EB8ED3204499DDB2D3BA094A4563EE3E] (Avago Technologies) C:\Windows\System32\Drivers\MegaSas2i.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000575896 ____A [F1C1D4E752DE1D58295040E5BE8813AF] (LSI Corporation, Inc.) C:\Windows\System32\Drivers\megasr.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000078848 ____A [47BF82E2A6D11279C8501E08518AB835] (Microsoft Corporation) C:\Windows\System32\Drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000842648 ____A [16B078D1089FEA98710C9D07C152DCEE] (Mellanox) C:\Windows\System32\Drivers\mlx4_bus.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000043520 ____A [20C57CE47B1A877C48A4B68E9A4E21FA] (Microsoft Corporation) C:\Windows\System32\Drivers\mmcss.sys
2017-09-29 07:42 - 2017-09-29 07:42 - 000042496 ____A [A4467A5C080318F0CCCF5ED463821F8B] (Microsoft Corporation) C:\Windows\System32\Drivers\modem.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000038912 ____A [78BE85C1F1C7F3AF6C87BCE127007D5A] (Microsoft Corporation) C:\Windows\System32\Drivers\monitor.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000057240 ____A [8E262B34A8BD184B4B3025AA8C396B00] (Microsoft Corporation) C:\Windows\System32\Drivers\mouclass.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000032768 ____A [C094A555F148495EA130D3BBC5232D5E] (Microsoft Corporation) C:\Windows\System32\Drivers\mouhid.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000103320 ____A [6434BC884502E95EEA2379C92DD22B60] (Microsoft Corporation) C:\Windows\System32\Drivers\mountmgr.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000075776 ____A [F36E4074C66DD31855A8D79EF0AE8066] (Microsoft Corporation) C:\Windows\System32\Drivers\mpsdrv.sys
2017-09-29 07:42 - 2017-09-29 07:42 - 000143872 ____A [215D672CB71987CD98EB2298EFB84DDC] (Microsoft Corporation) C:\Windows\System32\Drivers\mrxdav.sys
2017-12-15 20:26 - 2017-12-15 20:26 - 000495000 ____A [34898F29BF0E9A84E183046318D17814] (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb.sys
2017-12-15 20:26 - 2017-12-15 20:26 - 000285696 ____A [6537678DEEA2A5B079052D75E21E46DA] (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb10.sys
2017-12-15 20:26 - 2017-12-15 20:26 - 000230296 ____A [87FF93E7420C9068C0D5B2F3109809F4] (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb20.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000031232 ____A [AE111778CA6AC08862B3C713F0413333] (Microsoft Corporation) C:\Windows\System32\Drivers\msfs.sys
2014-06-21 01:41 - 2014-06-21 01:41 - 000000000 ____A [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2014-06-22 19:26 - 2014-06-22 19:26 - 000000000 ____A [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2013-05-01 03:25 - 2013-05-01 03:25 - 000000000 ____A [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\Msft_User_WUDFUsbccidDriver_01_11_00.Wdf
2017-09-29 07:41 - 2017-09-29 07:41 - 000169880 ____A [127C23F4720C8902A3AB0FEE12205317] (Microsoft Corporation) C:\Windows\System32\Drivers\msgpioclx.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000049048 ____A [6DDDFCAB646BBBCFC583135C4430E10F] (Microsoft Corporation) C:\Windows\System32\Drivers\msgpiowin32.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000008704 ____A [01C6A86BEA8279E557A5056148F068BF] (Microsoft Corporation) C:\Windows\System32\Drivers\mshidkmdf.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000011776 ____A [F65ABC7DE945047147F17330F79732CB] (Microsoft Corporation) C:\Windows\System32\Drivers\mshidumdf.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000027136 ____A [3737FE486929AFC48F1D10677B698E52] (Microsoft Corporation) C:\Windows\System32\Drivers\mshwnclx.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000018840 ____A [05B23012427801E710BDD12720B9020B] (Microsoft Corporation) C:\Windows\System32\Drivers\msisadrv.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000279448 ____A [2DC0765992CFECE3B13F3BFD20E69DCC] (Microsoft Corporation) C:\Windows\System32\Drivers\msiscsi.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000033280 ____A [B25B2CD3E052D68075A3814AAA0C6421] (Microsoft Corporation) C:\Windows\System32\Drivers\mskssrv.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000084480 ____A [C3F5EA6B9041A30B4F11BE2E7863E487] (Microsoft Corporation) C:\Windows\System32\Drivers\mslldp.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000010752 ____A [601D666820F0408B896791D19BE6D258] (Microsoft Corporation) C:\Windows\System32\Drivers\mspclock.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000010752 ____A [46E61FBA0097E48E5628C74A3F72233A] (Microsoft Corporation) C:\Windows\System32\Drivers\mspqm.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000376864 ____A [4EB9B77179BDEE89C496E60D4BF85CC1] (Microsoft Corporation) C:\Windows\System32\Drivers\msrpc.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000040856 ____A [CBD56E0B55FB3672BA80382EC2F8835C] (Microsoft Corporation) C:\Windows\System32\Drivers\mssmbios.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000012800 ____A [5734B2A36D3BB13A638E5305EEEC582D] (Microsoft Corporation) C:\Windows\System32\Drivers\mstee.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000016896 ____A [85270E0DC6907C6B99F72A36F17AED34] (Microsoft Corporation) C:\Windows\System32\Drivers\MTConfig.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000123800 ____A [DB5B1539F5EBB3DD3A7ED25ADBC4D6D9] (Microsoft Corporation) C:\Windows\System32\Drivers\mup.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000063896 ____A [3C57FF3BCF496D24C39C2198158864BB] (Marvell Semiconductor, Inc.) C:\Windows\System32\Drivers\mvumis.sys
2014-11-04 17:12 - 2016-03-10 13:09 - 000065408 ____A [898415AC0B5F1D2A9A48ABCB68A6DC4B] (Malwarebytes Corporation) C:\Windows\System32\Drivers\mwac.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000108952 ____A [77B047B109CE758A017F58FAE5038D0D] (Mellanox) C:\Windows\System32\Drivers\ndfltr.sys
2017-12-15 20:26 - 2017-12-15 20:26 - 001277848 ____A [44071DC1A957B2062E0C2EE14E05A607] (Microsoft Corporation) C:\Windows\System32\Drivers\ndis.sys
2017-09-29 07:42 - 2017-09-29 07:42 - 000050688 ____A [067AE5BA349CC35AF8975D22DC483DDF] (Microsoft Corporation) C:\Windows\System32\Drivers\ndiscap.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000128000 ____A [6FC4D7EB5D38CFB7966405036116F065] (Microsoft Corporation) C:\Windows\System32\Drivers\NdisImPlatform.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000027136 ____A [ED7CC4E16B76B2603C9F827188EA63B4] (Microsoft Corporation) C:\Windows\System32\Drivers\ndistapi.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000065024 ____A [8D977AFC195A3F4B15B05D02B2BD0292] (Microsoft Corporation) C:\Windows\System32\Drivers\ndisuio.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000021504 ____A [DC1D26D62F40B7552BCF49D92774F0C5] (Microsoft Corporation) C:\Windows\System32\Drivers\NdisVirtualBus.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000192000 ____A [66F56AC744101DB870934D0EB31C2426] (Microsoft Corporation) C:\Windows\System32\Drivers\ndiswan.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000062464 ____A [AC908EF74DB5BC1DC7FB2BF0205D4FF1] (Microsoft Corporation) C:\Windows\System32\Drivers\ndproxy.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000124416 ____A [A791792DC412CCD83DA0AF6871682552] (Microsoft Corporation) C:\Windows\System32\Drivers\Ndu.sys
2013-08-06 16:13 - 2013-08-06 16:13 - 000023040 ____A [EE00C544C025958AF50C7B199F3C8595] (Apple Inc.) C:\Windows\System32\Drivers\netaapl64.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000132608 ____A [BE79982A50AC88BC0765F3AFECFCB596] (Microsoft Corporation) C:\Windows\System32\Drivers\NetAdapterCx.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000057752 ____A [AAC1622CA213F7DA660A04FD51B730C3] (Microsoft Corporation) C:\Windows\System32\Drivers\netbios.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000316928 ____A [401C17200AA0433D94EA61695F111DC3] (Microsoft Corporation) C:\Windows\System32\Drivers\netbt.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000535960 ____A [468F74FAA1F54F8C12C061E56A01ABE2] (Microsoft Corporation) C:\Windows\System32\Drivers\netio.sys
2017-12-15 20:26 - 2017-12-15 20:26 - 000192512 ____A [19A981EC09C5C78A063FFF2E1E71CD28] (Microsoft Corporation) C:\Windows\System32\Drivers\netvsc.sys
2014-08-18 21:07 - 2014-08-18 21:07 - 000036600 ____A [DE7FCC77F4A503AF4CA6A47D49B3713D] (Riverbed Technology, Inc.) C:\Windows\System32\Drivers\npf.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000073216 ____A [84EB8F01B140618518AFF30B9951F132] (Microsoft Corporation) C:\Windows\System32\Drivers\npfs.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000026112 ____A [5CB8082E51DE7D19042F0FF8C517CB0D] (Microsoft Corporation) C:\Windows\System32\Drivers\npsvctrig.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000044544 ____A [958921BB7AE2671983743FDA0DD587C4] (Microsoft Corporation) C:\Windows\System32\Drivers\nsiproxy.sys
2017-12-15 20:26 - 2017-12-15 20:26 - 002395032 ____A [70750B27A72427B0ACAE2D6CD161946A] (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000019864 ____A [48E2DF9C503F73A48E07FC1BFB6EAF7A] (Microsoft Corporation) C:\Windows\System32\Drivers\ntosext.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000007168 ____A [0D1E03A5F87F4DE04D97622C686910A2] (Microsoft Corporation) C:\Windows\System32\Drivers\null.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000088576 ____A [532F27A2B62D70C327E763F035AED6C1] (Microsoft Corporation) C:\Windows\System32\Drivers\nvdimmn.sys
2017-04-07 18:48 - 2017-12-15 18:23 - 000225208 ____A [6DD0B2337F74336EB1F83C3866538F9B] (NVIDIA Corporation) C:\Windows\System32\Drivers\nvhda64v.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000150424 ____A [7E04652EB1A476BC0A72ECDC613AF0C5] (NVIDIA Corporation) C:\Windows\System32\Drivers\nvraid.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000166296 ____A [880B3E874914DAEF97119876543AE117] (NVIDIA Corporation) C:\Windows\System32\Drivers\nvstor.sys
2017-05-02 13:06 - 2017-10-10 19:05 - 000050624 ____A [E502016A185B5BB9DC341873F82CD49C] (NVIDIA Corporation) C:\Windows\System32\Drivers\nvvad64v.sys
2017-05-02 13:06 - 2017-12-15 18:23 - 000057792 ____A [7ED39FCEB91F0F93897349A4748699EA] (NVIDIA Corporation) C:\Windows\System32\Drivers\nvvhci.sys
2017-12-15 20:26 - 2017-12-15 20:26 - 000529408 ____A [8A9CD53B0FBE679116638120CCBB201E] (Microsoft Corporation) C:\Windows\System32\Drivers\nwifi.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000152984 ____A [5818FE76C3C6AE0CA723EBE483BF447F] (Microsoft Corporation) C:\Windows\System32\Drivers\pacer.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000098816 ____A [2E07EC2C1622F5E7B535D62DCD61F3AB] (Microsoft Corporation) C:\Windows\System32\Drivers\parport.sys
2017-12-15 20:26 - 2017-12-15 20:26 - 000166296 ____A [BD93CDE9A332C00BCB0836483271781F] (Microsoft Corporation) C:\Windows\System32\Drivers\partmgr.sys
2017-12-15 20:26 - 2017-12-15 20:26 - 000362904 ____A [FC0D7D7ADACA8A3746D31F9C710F9E2B] (Microsoft Corporation) C:\Windows\System32\Drivers\pci.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000016280 ____A [E5AF806815ED797086629741F29E4156] (Microsoft Corporation) C:\Windows\System32\Drivers\pciide.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000053144 ____A [220445F0717DA97F56512DCACEB185F6] (Microsoft Corporation) C:\Windows\System32\Drivers\pciidex.sys
2017-09-29 07:40 - 2017-09-29 07:40 - 000119704 ____A [2A631D447B988AFBE847CBAA8E5CC298] (Microsoft Corporation) C:\Windows\System32\Drivers\pcmcia.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000053144 ____A [ACD510CF2B631A2D36B2CFB7D31E22FD] (Microsoft Corporation) C:\Windows\System32\Drivers\pcw.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000123288 ____A [1796112EB89559910BC18865A29C8894] (Microsoft Corporation) C:\Windows\System32\Drivers\pdc.sys
2017-09-29 07:42 - 2017-09-29 07:42 - 000723968 ____A [F21127EDE5D72090A1B029AFF4AFFD17] (Microsoft Corporation) C:\Windows\System32\Drivers\PEAuth.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000058776 ____A [35FD028E4323018202C0B7D115FD3AEF] (Avago Technologies) C:\Windows\System32\Drivers\percsas2i.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000061848 ____A [F9F3D8BE9BC9241CC726197261362AC4] (Avago Technologies) C:\Windows\System32\Drivers\percsas3i.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000100352 ____A [36D43EA5517F3F4AAAC8EE061C957EF1] (Microsoft Corporation) C:\Windows\System32\Drivers\pmem.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000016896 ____A [59048555B59FD69287CFAB6022B5CC86] (Microsoft Corporation) C:\Windows\System32\Drivers\pnpmem.sys
2017-09-29 07:40 - 2017-09-29 07:40 - 000379392 ____A [B838D96B1F1B156698C52084D3696B5B] (Microsoft Corporation) C:\Windows\System32\Drivers\portcls.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000177152 ____A [B1111C47F128C946BDC87A18E44007EB] (Microsoft Corporation) C:\Windows\System32\Drivers\processr.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000049152 ____A [16F9A6B593B52EB18F7ECB9D251BDF7A] (Microsoft Corporation) C:\Windows\System32\Drivers\qwavedrv.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000039832 ____A [13600C467512147E99052806F2C1307A] (Microsoft Corporation) C:\Windows\System32\Drivers\ramdisk.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000017920 ____A [F57D1DE0C9522BCD590A69D044641B5A] (Microsoft Corporation) C:\Windows\System32\Drivers\rasacd.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000106496 ____A [E0220BB6580D34001D4D1D133052DAA4] (Microsoft Corporation) C:\Windows\System32\Drivers\rasl2tp.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000082944 ____A [12EE1D92F4E5FAE4B6F65195A2016CE5] (Microsoft Corporation) C:\Windows\System32\Drivers\raspppoe.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000097280 ____A [C6010D36B68FB534D1B1245978C9921D] (Microsoft Corporation) C:\Windows\System32\Drivers\raspptp.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000078336 ____A [91CE469015979E5B3C3DBC2C41A476E8] (Microsoft Corporation) C:\Windows\System32\Drivers\rassstp.sys
2017-12-15 20:26 - 2017-12-15 20:26 - 000428952 ____A [0945839C334DAAD62EB528F8A5C7F946] (Microsoft Corporation) C:\Windows\System32\Drivers\rdbss.sys
2017-09-29 07:41 - 2017-09-29 08:43 - 000027136 ____A [8A5285B38A203D15110E142DE68406DD] (Microsoft Corporation) C:\Windows\System32\Drivers\rdpbus.sys
2017-09-29 07:42 - 2017-09-29 08:43 - 000182784 ____A [DF83769C92527DB50653F8FB57D001FF] (Microsoft Corporation) C:\Windows\System32\Drivers\rdpdr.sys
2017-09-29 07:42 - 2017-09-29 08:43 - 000030616 ____A [4D1A63ACEC42A88E52AFC4E84A8CE9EE] (Microsoft Corporation) C:\Windows\System32\Drivers\rdpvideominiport.sys
2017-09-29 07:42 - 2017-09-29 07:42 - 000282520 ____A [12AF835862F2B6B2FB9DEA8BA2288587] (Microsoft Corporation) C:\Windows\System32\Drivers\rdyboost.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 001849752 ____A [FB0577F6BC9E07549CEACF5224327499] (Microsoft Corporation) C:\Windows\System32\Drivers\refs.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000936856 ____A [4136BCA61BCDCC79DCE145F9CB639CD6] (Microsoft Corporation) C:\Windows\System32\Drivers\refsv1.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000189440 ____A [5BF7698021DB13B55753FD921BEBE318] (Microsoft Corporation) C:\Windows\System32\Drivers\rfcomm.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000043008 ____A [A52F611E08BB6D54267772BE7110E25E] (Microsoft Corporation) C:\Windows\System32\Drivers\RfxVmt.sys
2018-01-18 22:36 - 2018-01-18 22:36 - 000079064 ____A [8C17F3795DAE9A0ECDE4B3A3B0740E5F] (Malwarebytes) C:\Windows\System32\Drivers\rhcnlu.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000103936 ____A [BBC228CA2F96B784B01FE7F1C5E3CFBB] (Microsoft Corporation) C:\Windows\System32\Drivers\rhproxy.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000149504 ____A [76DD394A9C1DDABBEC00A3DC5250E80E] (Microsoft Corporation) C:\Windows\System32\Drivers\rmcast.sys
2017-09-29 07:42 - 2017-09-29 07:42 - 000035328 ____A [8AAC4807C34765804A277CFFE08D5848] (Microsoft Corporation) C:\Windows\System32\Drivers\RNDISMP.sys
2017-09-29 07:42 - 2017-09-29 07:42 - 000013312 ____A [F352CFA03B63916117D1D2A1529253A9] (Microsoft Corporation) C:\Windows\System32\Drivers\rootmdm.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000080896 ____A [27B80E5766B114621980F82FB78E912A] (Microsoft Corporation) C:\Windows\System32\Drivers\rspndr.sys
2013-11-01 16:56 - 2013-08-20 04:48 - 000633381 ____A [1AD345105CB0D2CACC245B504D7E58AB] () C:\Windows\System32\Drivers\RTAIODAT.DAT
2017-09-29 07:41 - 2017-09-29 07:41 - 000059904 ___RA [008C4CAFB968C89CE81379553DC3F634] (Realtek) C:\Windows\System32\Drivers\rteth.sys
2013-11-01 16:56 - 2013-08-20 22:50 - 003591000 ____A [2BEE14AC102CF1259AC99ABF53291A8B] (Realtek Semiconductor Corp.) C:\Windows\System32\Drivers\RTKVHD64.sys
2016-09-25 09:36 - 2017-12-15 18:47 - 000316934 ____A [316F60E731D870DCE5A9B8FC801D8409] () C:\Windows\System32\Drivers\RTWAVES40.dat
2015-08-13 09:36 - 2015-08-13 09:36 - 000050392 ____A [55FFB814690A7D8A9E592B3DE1E0F6B6] (Razer Inc) C:\Windows\System32\Drivers\rzendpt.sys
2017-04-09 12:49 - 2016-09-16 18:12 - 000044144 ____A [30A186D6A2A2853EEFAD7011E212E41B] (Razer, Inc.) C:\Windows\System32\Drivers\rzpmgrk.sys
2015-06-27 19:06 - 2016-10-08 00:56 - 000137840 ____A [B4598C05D5440250633E25933FFF42B0] (Razer, Inc.) C:\Windows\System32\Drivers\rzpnk.sys
2015-08-13 09:36 - 2015-08-13 09:36 - 000202952 ____A [421497E425AFB40502013F362E4FA230] (Razer Inc) C:\Windows\System32\Drivers\rzudd.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000109976 ____A [324FA3C337EB54B43448F7B08444DC8D] (Microsoft Corporation) C:\Windows\System32\Drivers\sbp2port.sys
2017-09-29 07:42 - 2017-09-29 07:42 - 000043008 ____A [62A33CE69DB508BCEC63F4D3BFF400CE] (Microsoft Corporation) C:\Windows\System32\Drivers\scfilter.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000118168 ____A [7B057373146CC4E5A1F1DA665EA55DC7] (Microsoft Corporation) C:\Windows\System32\Drivers\scmbus.sys
2017-09-29 07:42 - 2017-09-29 07:42 - 000175512 ____A [AB4DB5667AD3AAD3BEC29F9BBBFACB25] (Microsoft Corporation) C:\Windows\System32\Drivers\scsiport.sys
2017-12-15 20:26 - 2017-12-15 20:26 - 000285080 ____A [0FB6CCFA52FE5AD0B8D86E8AB370EF34] (Microsoft Corporation) C:\Windows\System32\Drivers\sdbus.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000033176 ____A [6D3853838864886B4F10B074282772E0] (Microsoft Corporation) C:\Windows\System32\Drivers\SDFRd.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000097688 ____A [0E28A82A41FC00DB73DD0AD5660B5209] (Microsoft Corporation) C:\Windows\System32\Drivers\sdport.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000096664 ____A [C289832A3174DC9D393C7603C511DF79] (Microsoft Corporation) C:\Windows\System32\Drivers\sdstor.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000074784 ____A [75A27472AFD009255DBDE52038E3BDB5] (Microsoft Corporation) C:\Windows\System32\Drivers\SerCx.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000154520 ____A [84005F54308109A022413D628E966412] (Microsoft Corporation) C:\Windows\System32\Drivers\SerCx2.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000025088 ____A [40384793F74CFFA45BCC38DF65E978EC] (Microsoft Corporation) C:\Windows\System32\Drivers\serenum.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000084992 ____A [699470AD24D67908991A777716A352FD] (Microsoft Corporation) C:\Windows\System32\Drivers\serial.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000028160 ____A [92453F065F52A8EF0328A926B2C9502F] (Microsoft Corporation) C:\Windows\System32\Drivers\sermouse.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000017920 ____A [1D8920C40F19B5FBA5F4897779840AD1] (Microsoft Corporation) C:\Windows\System32\Drivers\sfloppy.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000044952 ____A [A871F9CC9CF388DC7193D22EF8D8C8DF] (Silicon Integrated Systems Corp.) C:\Windows\System32\Drivers\sisraid2.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000081816 ____A [D30FC341550CC364880950152AE8B1C5] (Silicon Integrated Systems) C:\Windows\System32\Drivers\sisraid4.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000034200 ____A [7FB6AF2146295743003CDFA5D41E2114] (Microsoft Corporation) C:\Windows\System32\Drivers\SleepStudyHelper.sys
2017-09-29 07:42 - 2017-09-29 07:42 - 000021504 ____A [5D798558A0D77530A35AEBF7E0385AB8] (Microsoft Corporation) C:\Windows\System32\Drivers\smclib.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000171416 ____A [884F95FC62BF9BCA97064A5D509BBC1E] (Microsoft Corporation) C:\Windows\System32\Drivers\spacedump.sys
2017-12-15 20:26 - 2017-12-15 20:26 - 000571288 ____A [215836D9719355A2C378300BDE31FB83] (Microsoft Corporation) C:\Windows\System32\Drivers\spaceport.sys
2017-09-29 07:42 - 2017-09-29 08:43 - 000056216 ____A [CCECE7E96B4F7B0E9F0FC82F6DADA917] (Microsoft Corporation) C:\Windows\System32\Drivers\SpatialGraphFilter.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000081816 ____A [545507AF670BC88B89200A118513ED9A] (Microsoft Corporation) C:\Windows\System32\Drivers\SpbCx.sys
2017-12-15 20:26 - 2017-12-15 20:26 - 000422912 ____A [65642DC3A9E30D0A13A0CF70BAE44CBF] (Microsoft Corporation) C:\Windows\System32\Drivers\srv.sys
2017-12-15 20:26 - 2017-12-15 20:26 - 000726016 ____A [C7DAAB9C4A77B3C3C38A7CB6158E82ED] (Microsoft Corporation) C:\Windows\System32\Drivers\srv2.sys
2017-12-15 20:26 - 2017-12-15 20:26 - 000259072 ____A [43480B3EE4D23F5AA8EE7C6D83B09487] (Microsoft Corporation) C:\Windows\System32\Drivers\srvnet.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000031128 ____A [162A805E13B3C0DD06AE8B6FC1900156] (Promise Technology, Inc.) C:\Windows\System32\Drivers\stexstor.sys
2017-12-15 20:26 - 2017-12-15 20:26 - 000149400 ____A [DD1F00B80DDD12252B7B228ABCE181A9] (Microsoft Corporation) C:\Windows\System32\Drivers\storahci.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000103320 ____A [DA0097E6C70EA25F6020CC97C7828F70] (Microsoft Corporation) C:\Windows\System32\Drivers\stornvme.sys
2017-12-15 20:26 - 2017-12-15 20:26 - 000559512 ____A [5D142E64915981077A8660DD6AEEE964] (Microsoft Corporation) C:\Windows\System32\Drivers\storport.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000079872 ____A [57377953F5688158054BC8CB5A243115] (Microsoft Corporation) C:\Windows\System32\Drivers\storqosflt.sys
2017-12-15 20:26 - 2017-12-15 20:26 - 000045464 ____A [B59D29E535AF7E82717C2AD2C57EEC67] (Microsoft Corporation) C:\Windows\System32\Drivers\storufs.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000039320 ____A [9B431079624306B5659B3B7208A71C75] (Microsoft Corporation) C:\Windows\System32\Drivers\storvsc.sys
2017-09-29 07:42 - 2017-09-29 07:42 - 000075264 ____A [10D81F0372D0CCEC7F51AF0594582B19] (Microsoft Corporation) C:\Windows\System32\Drivers\stream.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000018328 ____A [027B27E4B9DB3931D64159B81BD915A0] (Microsoft Corporation) C:\Windows\System32\Drivers\swenum.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000064512 ____A [AB15F9FDCD11D5283891BC956E8C5C95] (Microsoft Corporation) C:\Windows\System32\Drivers\Synth3dVsc.sys
2017-09-29 07:42 - 2017-09-29 07:42 - 000031232 ____A [C1787BCABA41E38D4EAAC1C79C3CAD51] (Microsoft Corporation) C:\Windows\System32\Drivers\tape.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000028056 ____A [91D8B244BF00AB268BB4712B63E0BC4F] (Microsoft Corporation) C:\Windows\System32\Drivers\tbs.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 002773400 ____A [420A2A36A7E04D137DB35126C0C451A3] (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000051712 ____A [74A1BF4093FA7B7D6C9366A39911A78E] (Microsoft Corporation) C:\Windows\System32\Drivers\tcpipreg.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000040344 ____A [CF6E1B77CD5BA19FE2092C0731044696] (Microsoft Corporation) C:\Windows\System32\Drivers\tdi.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000121240 ____A [571D82ABAC428D902ACA0CF60373C039] (Microsoft Corporation) C:\Windows\System32\Drivers\tdx.sys
2017-09-29 07:41 - 2017-09-29 08:43 - 000037272 ____A [B4B68E1DB59456419D9E49645729502A] (Microsoft Corporation) C:\Windows\System32\Drivers\terminpt.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000128408 ____A [23E31ECBCE378EC3B5E008EDEE688ED0] (Microsoft Corporation) C:\Windows\System32\Drivers\tm.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000229272 ____A [1658D060057C85DEC82BFCB018C4C22F] (Microsoft Corporation) C:\Windows\System32\Drivers\tpm.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000062976 ____A [8D811209E34358EAD3FD8E40F657E59C] (Microsoft Corporation) C:\Windows\System32\Drivers\TsUsbFlt.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000035328 ____A [68DE1735FB020AE8948BD7B60F2EBD3B] (Microsoft Corporation) C:\Windows\System32\Drivers\TsUsbGD.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000106496 ____A [ACD39B0E5CFDA7B1AB7DF33FC5CC0E46] (Microsoft Corporation) C:\Windows\System32\Drivers\tunnel.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000079256 ____A [04FC2C7F73AE58BF0DD674164E28A6DF] (Microsoft Corporation) C:\Windows\System32\Drivers\uaspstor.sys
2017-12-15 20:26 - 2017-12-15 20:26 - 000114688 ____A [E437FC4B1833F6B745184F78C4921FB8] (Microsoft Corporation) C:\Windows\System32\Drivers\UcmCx.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000146944 ____A [950A3E42167904CAB9AA64863C31CEB5] (Microsoft Corporation) C:\Windows\System32\Drivers\UcmTcpciCx.sys
2017-12-15 20:26 - 2017-12-15 20:26 - 000057344 ____A [149CBBB74DFC3E52F242029A27B0F8EB] (Microsoft Corporation) C:\Windows\System32\Drivers\UcmUcsi.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000227224 ____A [E6E91B3980A495D2A9D28A09580EA993] (Microsoft Corporation) C:\Windows\System32\Drivers\Ucx01000.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000045056 ____A [DACA289DFFA7658C04FEF6DCFA2AA9CE] (Microsoft Corporation) C:\Windows\System32\Drivers\Udecx.sys
2017-09-29 07:42 - 2017-09-29 07:42 - 000323072 ____A [12383D410AEF99AD6979A8EFD3D61888] (Microsoft Corporation) C:\Windows\System32\Drivers\udfs.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000028568 ____A [AB7FE51D818B6059C2F56FA62268CCAC] (Microsoft Corporation) C:\Windows\System32\Drivers\uefi.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000266648 ____A [58447F28E697A93521DD20530A8D50ED] (Microsoft Corporation) C:\Windows\System32\Drivers\ufx01000.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000097312 ____A [69ED2D00A7787D9D84E6C90CE0B02B2D] (Microsoft Corporation) C:\Windows\System32\Drivers\UfxChipidea.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000140696 ____A [F061EC57330FBC597A4E7298BE667780] (Microsoft Corporation) C:\Windows\System32\Drivers\ufxsynopsys.sys
2014-10-29 22:10 - 2014-10-29 22:10 - 000025992 ____A [A89AC2AB884152AFABB958488BE89D59] () C:\Windows\System32\Drivers\uim_devim.sys
2014-10-29 22:10 - 2014-10-29 22:10 - 000700680 ____A [7FB31576505F247D1FE2DCEF3A346E36] () C:\Windows\System32\Drivers\uim_im.sys
2014-10-29 22:10 - 2014-10-29 22:10 - 000102664 ____A [80C1E93EE673CCA6E7F8EAD5DC22FEE4] () C:\Windows\System32\Drivers\UimBus.sys
2014-10-29 22:10 - 2014-10-29 22:10 - 000556552 ____A [4E711FC0B57BB5620360B6B8A1EC6E30] () C:\Windows\System32\Drivers\UimFIO.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000056320 ____A [D40BCED160D332005AF612E1228825E6] (Microsoft Corporation) C:\Windows\System32\Drivers\umbus.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000014336 ____A [64CF24D7B1FA4975C52A31BF4C82EB73] (Microsoft Corporation) C:\Windows\System32\Drivers\umpass.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000028568 ____A [ACE4C3B4C7D17B154FFC5BBE5F7A9835] (Microsoft Corporation) C:\Windows\System32\Drivers\urschipidea.sys
2017-12-15 20:26 - 2017-12-15 20:26 - 000060824 ____A [ECE40EB976A5ACB366808AECF6B235BA] (Microsoft Corporation) C:\Windows\System32\Drivers\urscx01000.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000027544 ____A [EB738F830D3E7EA62A218F101EF91FD4] (Microsoft Corporation) C:\Windows\System32\Drivers\urssynopsys.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000023040 ____A [27AB45FC946C9EDB107AB3EF6E553294] (Microsoft Corporation) C:\Windows\System32\Drivers\usb8023.sys
2017-09-29 07:42 - 2017-09-29 07:42 - 000037376 ____A [C7CA04A225BCA4DC48C33EDD61F95978] (Microsoft Corporation) C:\Windows\System32\Drivers\USBCAMD2.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000168856 ____A [B43E28E5CF868517EEC0923AB2BC366B] (Microsoft Corporation) C:\Windows\System32\Drivers\usbccgp.sys
2017-09-29 07:40 - 2017-09-29 07:40 - 000102912 ____A [1080D80B5F6D249F23BAE1C0C36233A4] (Microsoft Corporation) C:\Windows\System32\Drivers\usbcir.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000032152 ____A [119288567F7C69403E1E952B93FC5D52] (Microsoft Corporation) C:\Windows\System32\Drivers\usbd.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000095640 ____A [EE162DA2C92026A5B96ED89737975AA8] (Microsoft Corporation) C:\Windows\System32\Drivers\usbehci.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000513944 ____A [C27FEE9758E3BEDE4D48B5EDBE1122CF] (Microsoft Corporation) C:\Windows\System32\Drivers\usbhub.sys
2017-12-15 20:26 - 2017-12-15 20:26 - 000555416 ____A [4FA9C956E569D0D380C2859542361780] (Microsoft Corporation) C:\Windows\System32\Drivers\USBHUB3.SYS
2017-09-29 07:41 - 2017-09-29 07:41 - 000030720 ____A [44B954306BB2B311E070EDA276FECAB1] (Microsoft Corporation) C:\Windows\System32\Drivers\usbohci.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000454040 ____A [59C9DB31F8AF49F49EAA33141BDFF116] (Microsoft Corporation) C:\Windows\System32\Drivers\usbport.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000027136 ____A [EEF26F9034F0608B93D4D239534BB0BA] (Microsoft Corporation) C:\Windows\System32\Drivers\usbprint.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000071680 ____A [913CFF365DB1803525DBD2AA8B8188B4] (Microsoft Corporation) C:\Windows\System32\Drivers\usbser.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000130968 ____A [441CAE778B6A1FF6E618E37814A7A52A] (Microsoft Corporation) C:\Windows\System32\Drivers\USBSTOR.SYS
2017-09-29 07:41 - 2017-09-29 07:41 - 000035328 ____A [2D6BB2157B37B2D9DABF8C218F2A805B] (Microsoft Corporation) C:\Windows\System32\Drivers\usbuhci.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000280576 ____A [68788AE61B2E6A7D97CAD73B632F5BF5] (Microsoft Corporation) C:\Windows\System32\Drivers\usbvideo.sys
2017-12-15 20:26 - 2017-12-15 20:26 - 000437144 ____A [41E5A6188180DC72BCECA999ED2532D4] (Microsoft Corporation) C:\Windows\System32\Drivers\USBXHCI.SYS
2017-09-29 07:41 - 2017-09-29 07:41 - 000054680 ____A [C77C537077822D8EA529AD4EBFD971D6] (Microsoft Corporation) C:\Windows\System32\Drivers\vdrvroot.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000225688 ____A [9D4EEE333603F3675685F644053499D5] (Microsoft Corporation) C:\Windows\System32\Drivers\VerifierExt.sys
2017-12-15 20:26 - 2017-12-15 20:26 - 000713624 ____A [EA64495B9FAF0052113890184DA57573] (Microsoft Corporation) C:\Windows\System32\Drivers\vhdmp.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000034816 ____A [E10FEBB566E1F0A3936AB304F338637E] (Microsoft Corporation) C:\Windows\System32\Drivers\vhf.sys
2016-07-24 16:26 - 2012-10-31 15:02 - 000032136 ____A [374B9894D0ABCFDB1A5893D208C83C88] (Via Telecom, Inc.) C:\Windows\System32\Drivers\viahsets.sys
2016-07-24 16:26 - 2012-11-09 14:14 - 000062728 ____A [FD738BAAF717D3F36B7A4B2776FF87A1] (VIA Telecom) C:\Windows\System32\Drivers\viahsser.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000044544 ____A [7109AB8A15BD9DD822858F74D903CE33] (Microsoft Corporation) C:\Windows\System32\Drivers\videoprt.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000081304 ____A [590BA79E8FDAFFC131E7DCFD2E78C60D] (Microsoft Corporation) C:\Windows\System32\Drivers\vmbkmcl.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000080384 ____A [568A8061E46DF2ECC5F17EB6F5E23FC1] (Microsoft Corporation) C:\Windows\System32\Drivers\vmbkmclr.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000109976 ____A [164E6B2919FF12911F63C7EC526ED669] (Microsoft Corporation) C:\Windows\System32\Drivers\vmbus.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000025088 ____A [DC9E0600B356258E31403789119C78A9] (Microsoft Corporation) C:\Windows\System32\Drivers\VMBusHID.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000013312 ____A [3B5DDF1061930A0A891FA63DB0CB878B] (Microsoft Corporation) C:\Windows\System32\Drivers\vmgencounter.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000010240 ____A [B24F74B2710B66F647419697BDB9E163] (Microsoft Corporation) C:\Windows\System32\Drivers\vmgid.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000009216 ____A [F0FA6B67B16EEFDEF8E8AFAD47A4F9B8] (Microsoft Corporation) C:\Windows\System32\Drivers\vms3cap.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000047512 ____A [A12CFAAA0F113A25D8CEFE58B1CBB207] (Microsoft Corporation) C:\Windows\System32\Drivers\vmstorfl.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000043008 ____A [D81F6B790519A60F3D1788B45D04B749] (Microsoft Corporation) C:\Windows\System32\Drivers\vnvdimm.sys
2017-12-15 20:26 - 2017-12-15 20:26 - 000082840 ____A [DCE032DE20AB85CFA92141F419CFE68E] (Microsoft Corporation) C:\Windows\System32\Drivers\volmgr.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000373144 ____A [6D6CACED512C1EF1FEAC215E37E3A9BC] (Microsoft Corporation) C:\Windows\System32\Drivers\volmgrx.sys
2017-12-15 20:26 - 2017-12-15 20:26 - 000401304 ____A [5B27846CF4B1C21AFB3A35A8336BA02F] (Microsoft Corporation) C:\Windows\System32\Drivers\volsnap.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000015392 ____A [72A95A844D6BAF2924A4C15BEDFD6BCA] (Microsoft Corporation) C:\Windows\System32\Drivers\volume.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000075160 ____A [702273C7C1BE9D366BAF1305D382F03C] (Microsoft Corporation) C:\Windows\System32\Drivers\vpci.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000166808 ____A [075CE3C9E77D2666AFA888951E5F07A9] (VIA Technologies Inc.,Ltd) C:\Windows\System32\Drivers\vsmraid.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000305560 ____A [26D00E85BE4726B114335250FCDEDA89] (VIA Corporation) C:\Windows\System32\Drivers\VSTXRAID.SYS
2017-09-29 07:42 - 2017-09-29 07:42 - 000027136 ____A [3DFDB573E4D49EA8F416B573525B7A86] (Microsoft Corporation) C:\Windows\System32\Drivers\vwifibus.sys
2017-09-29 07:42 - 2017-09-29 07:42 - 000076800 ____A [A40FA64655AB5B8773A96A821616C5FC] (Microsoft Corporation) C:\Windows\System32\Drivers\vwififlt.sys
2017-12-15 20:26 - 2017-12-15 20:26 - 000041472 ____A [0D34F98DBDF09D239533AC345C360F03] (Microsoft Corporation) C:\Windows\System32\Drivers\vwifimp.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000030720 ____A [5B5430522E0BDF2A753D758710BE7C5E] (Microsoft Corporation) C:\Windows\System32\Drivers\wacompen.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000080896 ____A [478193CE0AAD5C8515568592F1F640D1] (Microsoft Corporation) C:\Windows\System32\Drivers\wanarp.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000056320 ____A [A45F860BD52CFC4CD3B11D0FF9C371B9] (Microsoft Corporation) C:\Windows\System32\Drivers\watchdog.sys
2017-12-15 20:26 - 2017-12-15 20:26 - 000147864 ____A [A8DFD1465C05D9EFBDFD5C3A25B7F496] (Microsoft Corporation) C:\Windows\System32\Drivers\wcifs.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000076288 ____A [9DE3FDFF295F2534DF0A8B6FC4F06355] (Microsoft Corporation) C:\Windows\System32\Drivers\wcnfs.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000044608 ____A [6FD8F1FBED780A7F3DF329C834E52AC5] (Microsoft Corporation) C:\Windows\System32\Drivers\WdBoot.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000918240 ____A [FCC960498E3CD899F0A429F7CF9E77AD] (Microsoft Corporation) C:\Windows\System32\Drivers\Wdf01000.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000309144 ____A [7D182F0F227FC141C5D2085175BE05F6] (Microsoft Corporation) C:\Windows\System32\Drivers\WdFilter.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000061664 ____A [5F61503AB1F12CCA3C71EA80C0775B42] (Microsoft Corporation) C:\Windows\System32\Drivers\WdfLdr.sys
2017-12-15 20:26 - 2017-12-15 20:26 - 000770048 ____A [2D50C46EFE924BC24F63A45D2DB1AA3A] (Microsoft Corporation) C:\Windows\System32\Drivers\WdiWiFi.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000119192 ____A [0D38C257A7B34A818726BA2F323B196E] (Microsoft Corporation) C:\Windows\System32\Drivers\WdNisDrv.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000033792 ____A [DF58AA71FBA55E15F572C93447696DEC] (Microsoft Corporation) C:\Windows\System32\Drivers\wdnsfltr.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000045464 ____A [FB6F68C86C080A04EACDC5BFC88BE8E5] (Microsoft Corporation) C:\Windows\System32\Drivers\werkernel.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000163736 ____A [4EAE206AF1D880C9C06FB4ACD17F0506] (Microsoft Corporation) C:\Windows\System32\Drivers\wfplwfs.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000035736 ____A [C8D3FC38426E990E2787771678B19C6D] (Microsoft Corporation) C:\Windows\System32\Drivers\wimmount.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000071248 ____A [0484B0D01EA6F7017519EBDDBADE759D] (Microsoft Corporation) C:\Windows\System32\Drivers\WindowsTrustedRT.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000018000 ____A [813EE0F4D4B8D599DB1968682D080732] (Microsoft Corporation) C:\Windows\System32\Drivers\WindowsTrustedRTProxy.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000031640 ____A [1EC4B1D57475559C5574E376B89B164F] (Microsoft Corporation) C:\Windows\System32\Drivers\winhv.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000062464 ____A [71B8C69B7F11C7945ECBA5D38554C062] (Microsoft Corporation) C:\Windows\System32\Drivers\winhvr.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000032152 ____A [E23475E9150E6A50B12DB176EA5CDD56] (Mellanox) C:\Windows\System32\Drivers\winmad.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000225280 ____A [3E27B5B573DCC8DE15A93F61C01713B6] (Microsoft Corporation) C:\Windows\System32\Drivers\winnat.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000092672 ____A [E92F3539C4758F6A9F4B80CBAC75B3E6] (Microsoft Corporation) C:\Windows\System32\Drivers\winusb.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000064920 ____A [59126AFCC64270747B5CC9B44A4A48F4] (Mellanox) C:\Windows\System32\Drivers\winverbs.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000018432 ____A [E8C793ED028E132771988760819E3754] (Microsoft Corporation) C:\Windows\System32\Drivers\wmiacpi.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000020376 ____A [B9378F1750FB92F9349EA1A1FA1D7C94] (Microsoft Corporation) C:\Windows\System32\Drivers\wmilib.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000209304 ____A [8D6E6F6C233AF450C50FA615530B44D2] (Microsoft Corporation) C:\Windows\System32\Drivers\wof.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000030104 ____A [9EAE1EF282864674355B4B81DF6AE935] (Microsoft Corporation) C:\Windows\System32\Drivers\WpdUpFltr.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000033176 ____A [3426A393ABED54935C3CFE417E049D2E] (Microsoft Corporation) C:\Windows\System32\Drivers\WppRecorder.sys
2017-09-29 07:42 - 2017-09-29 07:42 - 000023040 ____A [367B3ED0C688AFE28C376B0230814567] (Microsoft Corporation) C:\Windows\System32\Drivers\ws2ifsl.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000115200 ____A [BD5E68B369DF3453A0A87663C6C5476D] (Microsoft Corporation) C:\Windows\System32\Drivers\WUDFPf.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000259584 ____A [A86A249314FD0A780214028B0C31A386] (Microsoft Corporation) C:\Windows\System32\Drivers\WUDFRd.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000281600 ____A [2244A4CEFE8F9C74091369ACE2E9EBC6] (Microsoft Corporation) C:\Windows\System32\Drivers\xboxgip.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000046592 ____A [4A91B49C6B1E41151D47CB919ADF013A] (Microsoft Corporation) C:\Windows\System32\Drivers\xinputhid.sys
2017-09-29 07:41 - 2017-09-29 07:41 - 000099328 ____A [F35431F069CA11C0E174AD75DF421CDE] (Microsoft Corporation) C:\Windows\System32\Drivers\xusb22.sys
2018-01-16 22:33 - 2018-01-16 22:33 - 000079064 ____A [8C17F3795DAE9A0ECDE4B3A3B0740E5F] (Malwarebytes) C:\Windows\System32\Drivers\yjbffr.sys
2016-07-24 16:26 - 2013-09-11 13:26 - 000175808 ____A [F2E6CB01BA68E225AD914152641CE0AA] (ZTE Corporation) C:\Windows\System32\Drivers\zghsnet.sys
2016-07-24 16:26 - 2014-03-17 08:58 - 000133960 ____A [0E7EDA15E73AA91800AB4C91F90916D0] (ZTE Corporation) C:\Windows\System32\Drivers\zghsser.sys
2017-09-29 08:41 - 2017-09-29 08:43 - 000000000 ____D [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\en-US
2017-09-29 08:41 - 2017-09-29 08:41 - 000012288 ____A [695B183DF8E788A2DB149727710386A9] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\1394OHCI.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000010752 ____A [3974420A3D670BB63BE4F8C77F61C8C0] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\acpi.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000022528 ____A [629C54B4EC33BF3D298EAFB6AE509517] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\afd.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000004096 ____A [56A32BD11A60AB7E279AFB727AC714C1] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\agilevpn.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000014848 ____A [195687350C3E063D4A63AEA3370DCF69] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\amdk8.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000014848 ____A [9142CDF52CAC9F12636DBE06EDD0DAB2] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\amdppm.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000007680 ____A [B321079B8CA78E836BE09347BA6BE44F] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\ataport.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000008192 ____A [7D896C9FEEAC289D95FFDE1567CDF5F5] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\battc.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000002560 ____A [36F938AE9CC237A64CF2E015151328EB] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\bthenum.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000002560 ____A [4C1E07D86716B7D0CA7DA67B34151B44] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\BthL2Cap.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000004096 ____A [D210701C3863F5C5D5DF915DC1022F4C] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\BthMini.SYS.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000005120 ____A [9D57672C27A16CB3CB8CA9F5DEFFC6EA] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\bthpan.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000016384 ____A [9516F017B3C61DF5B1556ECFE11F0192] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\bthport.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000003584 ____A [6E24891B7073D949B8C4F88E36F6A840] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\BTHUSB.SYS.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000002560 ____A [385D821F9DAACE2DCA7DD93150196995] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\CAD.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000003072 ____A [646F926E5278604396F9D3554462AE54] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\cdrom.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000003584 ____A [2DFDDDA8A33F1EA857A6C07DA7E52A3D] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\cmimcext.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000006144 ____A [B70C5E164D13C1FC681484A405D40FFB] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\disk.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000005632 ____A [C815E96566A8EEF84C4145E494952DFA] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\dmvsc.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000007168 ____A [2BD7B8FC13D5F18416E4CA20893F21A8] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\dumpsd.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000008704 ____A [EE5BB377D53EA58369B701360D9CD8DF] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\EhStorTcgDrv.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000005632 ____A [9385B7BACB15179F96D59A077C414AB1] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\fltmgr.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000023552 ____A [716A5514DDC71B3DF71088A244021571] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\fvevol.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000008192 ____A [5FF3F1D454DDCC40E687CE984B9BF54D] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\fwpkclnt.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000002560 ____A [60ED0F2109D0FB353A96E1571F757CFA] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\hidbatt.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000005120 ____A [374C46985E16D4987EC88E5FBF1C0EED] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\hidbth.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000006656 ____A [A78A36179DFB8458C58FE926656420CA] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\hidclass.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000004096 ____A [A7230A0F7F393E7DDFF00CF9D267C60F] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\hidi2c.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000038912 ____A [5E51D196487FD8865C33FA6BFF9BB580] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\http.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000018432 ____A [C03F39B6980A9ABF047A629827B14B70] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\hvservice.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000010752 ____A [A6A16902DA276C162B4BAACCC6028374] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\i8042prt.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000003072 ____A [BF1BE9F7FC316C27FC0972325A71F855] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\IndirectKmd.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000014848 ____A [5DBEBC5A7CF4EE003D9F2379D1BDFF66] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\intelppm.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000006656 ____A [3102D3489A6254F3012DEC8AE14E04E4] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\invdimm.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000002560 ____A [62A1DCC098D7E17712C317E178936759] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\iorate.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000006144 ____A [F8A41FA49482C0D6DA3F41D0EEF7D82F] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\IPMIDRV.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000004608 ____A [4D3F2366FD2570AD3263786097AB5689] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\ipnat.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000004096 ____A [1DBB5D00EAA014AB57EFE20DAC86FB59] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\isapnp.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000004608 ____A [62799AFF4BD0AEDFF8A08C00FDA880A3] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\kbdclass.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000003072 ____A [CB922350CCBE36408C49E41E013FF3A6] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\kbdhid.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000002560 ____A [1A76FFD6739B7AA60524A850288DCFD9] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\ks.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000007168 ____A [F6060C0D03C13747FF3A3221F76B6A22] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\luafv.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000004096 ____A [3DF3BDC7DFB5B0A16E98654E2F3BCB16] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\modem.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000004608 ____A [C751B253193AAEB6104AE4A5236781A5] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\mouclass.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000003072 ____A [002E5BB0297723867C01DFECEECE0D36] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\mouhid.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000003072 ____A [8BDECDED21FF99791F821CCD2064E93D] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\mountmgr.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000067072 ____A [7490388FB50A324AD9B957CBBE194EEC] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\mrxsmb.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000002560 ____A [30156A18353D76C0EE4311E6B3756245] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\msgpiowin32.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000003072 ____A [5DD6B7532AE7758299FC44B9A9ACE595] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\mshidkmdf.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000003072 ____A [446E67D75394D7FBB0E8D35239C035B0] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\mshidumdf.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000009216 ____A [A5D18151B51CF60E996A445DB55B765F] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\mslldp.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000003584 ____A [AFBECFF6C0A2D7D72ECBBE24C45366A9] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\mssmbios.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000003072 ____A [4DF3A0131AA29205C0C132D1DE00D89E] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\MTConfig.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000013312 ____A [7A776DC6B5340E695CE3EFA3A7AECDCE] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\mup.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000067072 ____A [EE0414F44251C545F2AC6DD63E83428A] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\ndis.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000006656 ____A [01D0E1CA06B23FB1D92420D508A8BF41] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\ndiscap.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000011776 ____A [277D0D42E3D5EF02CAB8454B483B7B6F] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\NdisImPlatform.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000003584 ____A [54B7DAAEFA7EA975949A3C9B6A97F33F] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\ndisuio.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000002560 ____A [7E18F92C07102073D5FF4906E4803CC5] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\NdisVirtualBus.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000010752 ____A [454A8CB401186081AB0DB2492B6FD36A] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\netvsc.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000099328 ____A [2B09A7D85F87A80FFA10E71402AA67FC] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\ntfs.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000015872 ____A [5FF1948721938F0E437E6FFECE819111] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\nvdimmn.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000016896 ____A [EE92B73D364D5A47EBC62ABF0C0EF505] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\nwifi.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000017920 ____A [472FE73D48DF0C99763B6CFCA64EB401] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\pacer.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000004096 ____A [2FB42249A6AC5E330FE619264F040192] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\parport.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000003072 ____A [BF30B0783ADE9E3A9F97980517A722FC] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\partmgr.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000008704 ____A [4199D34C765EAA32BC7022CFE54179E0] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\pci.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000004608 ____A [B4658F6767EA2754BE34676BB348008C] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\pcmcia.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000002560 ____A [BF35BD75E6BF1FCBF33175B37003D7E0] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\pdc.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000012288 ____A [27A402FBFA53073A376B0062302A0371] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\pmem.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000003072 ____A [3DCE0204BB6E89EA29652A23F3493EF2] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\pnpmem.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000014848 ____A [C56F14E2D03A78264EEEB2682F468ABD] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\processr.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000003072 ____A [46A70655674B61ADD4CAA5CBE4F33758] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\qwavedrv.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000006144 ____A [88604AED43FBB8E430FDE6583C6E7079] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\rdbss.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000003072 ____A [89B8F5A946C774A021C54162814A76DB] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\rdpdr.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000031232 ____A [E2DA9EC25011D5850974B88648AB807C] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\refs.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000008704 ____A [784567DDA05230CBAADED4201B9AC091] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\refsv1.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000003072 ____A [2049A6DA4D9E5184CE87D5D091F7B2F0] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\rfxvmt.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000003584 ____A [2A009E97EBDD3A29895BBED309DC5C11] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\RNDISMP.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000003072 ____A [94EFFE702941A275861577EFA4FFB527] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\scfilter.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000004096 ____A [99CA0574C9D9F89F0826D917900B83B9] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\scmbus.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000003584 ____A [5DD5C4E1B7DDEBBE59D12FC4BF63B084] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\scsiport.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000007168 ____A [BE6C88BD3735222A00EA3BE0D2D215F2] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\sdbus.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000003584 ____A [6BC44B8C64242AC7198F0B8549A82E06] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\sdstor.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000004096 ____A [85253E3F3045A96D8592F4F5136A4600] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\sercx.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000009216 ____A [FB1E1A13E2F5CF7D31FAE9A3B34C6BE3] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\sercx2.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000010752 ____A [14C03F2D0BF0E869F0DD7FC1C05507FF] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\serial.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000005632 ____A [9E7D88AB7B60EC2054A8842883D17FBD] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\sermouse.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000046080 ____A [53997944A0C0A199118B1152C25C4B7D] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\spaceport.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000004608 ____A [1E5CEE1FBD54C3E1FB7AFFB413BA2822] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\spbcx.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000003072 ____A [927F2B6808B2FF81367643CD3BC4314B] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\srv.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000083456 ____A [4BAF5EFDD57011615E90C1385E9BB50F] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\srv2.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000009216 ____A [235863E931C1578EFDCD3BED8A05E9F0] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\storqosflt.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000008704 ____A [6C90D631CA6B63A93E26FA86B1AF77EF] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\synth3dvsc.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000134656 ____A [A95DB63C3CDC5A67048420966DF9CC13] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\tcpip.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000009216 ____A [4036494849C380B5288786D6145352B8] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\tpm.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000003584 ____A [1CE426386B73716B166DBD95B3B18151] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\tsusbflt.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000008192 ____A [9D74914BA0662757E85107025A0C252B] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\tunnel.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000013824 ____A [14CCF38C133676F3C0C308EEEA134C51] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\ucx01000.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000003584 ____A [E81C121A52F369494C7CF4B7D2D0B746] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\UmBus.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000003584 ____A [C678277FF4DD33201BE8B34AB0B20EE2] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\usbehci.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000014848 ____A [707E4359A4338F6C3A29E00D6D347F8E] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\usbhub.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000024064 ____A [7603804D9527965EC8F3672A8FA35BE8] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\USBHUB3.SYS.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000026624 ____A [9E9D7EA7A1887573ABAE4F1B9040801F] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\usbport.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000003072 ____A [947EAF69A5A9FFBAF8054236931D288A] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\usbstor.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000003072 ____A [70ADBF5C540704A36A76049648AF7AE3] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\usbvideo.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000016384 ____A [9FE890F7F83F700AC011E8A776091C45] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\USBXHCI.SYS.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000011264 ____A [D6AC3B4CC958D2F3BC9A7C47BB5F19F0] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\vdrvroot.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000011264 ____A [B267ABCFFEB6944B7892E0509890A5CE] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\vhdmp.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000003072 ____A [C2CA437BF3FCBC912DB2B7D4D4922C5F] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\vhf.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000003072 ____A [5E01C941EFB7B99FA986B5AFB9651CFE] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\vmbus.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000006144 ____A [40D8D1F3B26EA9D675FA27F56A806953] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\vmstorfl.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000006656 ____A [3C30082372998406E9D95F7C31DDCDDF] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\vnvdimm.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000002560 ____A [11EEB1D20D7EC19ADC61C79062A9B672] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\volmgr.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000003072 ____A [8BC65D650E5C34E5555775558D3E1EC0] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\volmgrx.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000054272 ____A [D64E3CE712F723B22BB44CFF989269BE] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\volsnap.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000004608 ____A [9472B0AAEBBF65116C9F71607884CB56] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\wacompen.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000003584 ____A [E2262BD32B2DD1B363B5EE06C6DDA544] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\wdf01000.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000003584 ____A [FA73845B31525C144C83BD32BAAE5926] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\wfplwfs.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000028672 ____A [00C01E7A9B349194838E607572225527] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\winnat.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000015872 ____A [E17D5727C1CC26185294457E92E88D0F] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\wmbclass.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000005632 ____A [2E96C2FAAE3FBF2A7475DA5D42F9B4DC] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\wof.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000002560 ____A [DE688E174BA8D467C3366219A20678D7] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\WpdUpFltr.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000002560 ____A [D294EA19D0F1726B920D25E1419963AB] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\ws2ifsl.sys.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000003072 ____A [55255BC2FCF14D5FE0C16A30DBB43D90] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\wudfpf.sys.mui
2012-08-02 02:35 - 2012-08-02 02:35 - 000000000 ____D [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\es-ES
2017-09-29 07:46 - 2017-12-15 20:38 - 000000000 ____D [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\etc
2013-08-22 07:25 - 2018-01-16 22:01 - 000013472 ____A [5ED60FAA798CAD91DFEC7F8C700D11FB] () C:\Windows\System32\Drivers\etc\hosts
2016-07-27 21:08 - 2016-07-27 21:11 - 000000375 ____A [098EA2D40EB48E5115FC2E43B8AA63F2] () C:\Windows\System32\Drivers\etc\hosts.ics
2017-09-29 07:46 - 2017-09-29 07:44 - 000003683 ____A [18413B90E1B291EC3E777A845C37CFEE] () C:\Windows\System32\Drivers\etc\lmhosts.sam
2013-08-22 07:25 - 2013-08-22 07:25 - 000000407 ____A [B65A1232FB4B35827CE7C5E2F8EC8947] () C:\Windows\System32\Drivers\etc\networks
2013-08-22 07:25 - 2013-08-22 07:25 - 000001358 ____A [7700D22FA108234E623D65FA72D9E29C] () C:\Windows\System32\Drivers\etc\protocol
2013-08-22 07:25 - 2013-08-22 07:25 - 000017463 ____A [D9E1A01B480D961B7CF0509D597A92D6] () C:\Windows\System32\Drivers\etc\services
2012-08-02 02:30 - 2012-08-02 02:30 - 000000000 ____D [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\fr-FR
2017-09-29 07:46 - 2017-12-17 16:13 - 000000000 ____D [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\UMDF
2014-10-29 22:10 - 2014-10-29 22:10 - 000531720 ____A [BADD23026D66603BC4396F67E9D620E7] (Paragon Software Group) C:\Windows\System32\Drivers\UMDF\blockmounter.dll
2017-09-29 07:40 - 2017-09-29 07:40 - 000087040 ____A [280FE336722EBE70738355B937FB4D43] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\EhStorPwdDrv.dll
2017-09-29 07:41 - 2017-09-29 07:41 - 000203776 ____A [74CECA6E220B52C53090B20AD68D15BE] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\IddCx.dll
2017-09-29 07:41 - 2017-09-29 07:41 - 000176128 ____A [18B302DD5B0BBDF80870760544EE0DEA] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\Microsoft.Bluetooth.Profiles.HidOverGatt.dll
2017-09-29 07:41 - 2017-09-29 07:41 - 000714240 ____A [70153AF0985250B92C05D16449628909] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\NfcCx.dll
2017-09-29 07:41 - 2017-09-29 07:41 - 000026624 ____A [301228924EEDD63514E4705A0567E2A7] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\PosCx.dll
2017-09-29 07:41 - 2017-09-29 07:41 - 000026520 ____A [690B87917DB1D53F75833C319A5B2F00] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\SDFLauncher.dll
2017-09-29 07:41 - 2017-09-29 07:41 - 000199168 ____A [2A581D1145EC245C54F56A7E197B173E] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\SensorsCx.dll
2017-09-29 07:41 - 2017-09-29 07:41 - 000052736 ____A [29903312D69AF3A93FDDD28B1E8DBB7A] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\SMCCx.dll
2017-12-15 20:26 - 2017-12-15 20:26 - 000113152 ____A [30BF986751C2C9991F31A3340075D7C7] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\UcmCx.dll
2017-09-29 07:41 - 2017-09-29 07:41 - 000032768 ____A [79CD731B80173FF8CC62161265903BAB] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\uiccspb.dll
2017-09-29 07:41 - 2017-09-29 07:41 - 000283136 ____A [6C5DA330DE2E3D84BF39661FAADEB5FE] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\WpdFs.dll
2012-07-25 20:12 - 2012-07-25 21:08 - 000102912 ____A [C83D612D0D745DD4E72C741599C116C5] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\WUDFUsbccidDriver.dll
2017-09-29 08:41 - 2017-09-29 08:41 - 000000000 ____D [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\UMDF\en-US
2017-09-29 08:41 - 2017-09-29 08:41 - 000002560 ____A [A51C29FA409D1CC531DACD8D3A35C195] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\en-US\hidscanner.dll.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000007168 ____A [D851EB0E832770DB557220B6048B07B1] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\en-US\IddCx.dll.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000010752 ____A [DD7B319DEB3FA731185C88EE143F5744] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\en-US\idtsec.dll.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000010752 ____A [20BE2B40A7A9D9334828E084E03F4792] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\en-US\mgtdyn.dll.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000005120 ____A [41469C9F6232F559B3CE900118FD0F59] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\en-US\Microsoft.Bluetooth.Profiles.HidOverGatt.dll.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000006656 ____A [620FA0CBD0C78091A4313780C649A2F4] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\en-US\NfcCx.dll.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000002560 ____A [CD8C2FEB35E93CAA14AEA33146AF921E] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\en-US\SensorsCx.dll.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000003584 ____A [7D229A6B1D5C04967EF838AD0FCD575B] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\en-US\SensorsHid.dll.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000007168 ____A [FE509A904556CE47BE36E89A6C655075] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\en-US\UsbccidDriver.dll.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000003072 ____A [81ECE95524364EF8B83C9F4633A4EC43] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\en-US\wpdmtpdr.dll.mui
2017-09-29 08:41 - 2017-09-29 08:41 - 000007168 ____A [AD6A9952150FA7AD858220AC800EBE77] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\en-US\WUDFUsbccidDriver.dll.mui
2012-08-02 02:35 - 2012-08-02 02:35 - 000000000 ____D [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\UMDF\es-ES
2012-08-02 02:30 - 2012-08-02 02:30 - 000000000 ____D [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\UMDF\fr-FR
2012-08-02 02:40 - 2012-08-02 02:40 - 000000000 ____D [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\UMDF\zh-CN
2012-08-02 02:44 - 2012-08-02 02:44 - 000000000 ____D [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\UMDF\zh-HK
2012-08-02 02:40 - 2012-08-02 02:40 - 000000000 ____D [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\zh-CN
2012-08-02 02:44 - 2012-08-02 02:44 - 000000000 ____D [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\zh-HK
 
====== End of Folder: ======
 
 
========= Reg query "HKLM\SYSTEM\Select" =========
 
 
HKEY_LOCAL_MACHINE\SYSTEM\Select
    Current    REG_DWORD    0x1
    Default    REG_DWORD    0x1
    Failed    REG_DWORD    0x0
    LastKnownGood    REG_DWORD    0x1
 
 
 
========= End of Reg: =========
 
 
========= Removeproxy =========
 
'Removeproxy' is not recognized as an internal or external command,
operable program or batch file.
 
========= End of CMD: =========
 
 
========= netsh advfirewall reset =========
 
Ok.
 
 
========= End of CMD: =========
 
 
========= netsh advfirewall set allprofiles state ON =========
 
Ok.
 
 
========= End of CMD: =========
 
 
========= ipconfig /flushdns =========
 
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========= End of CMD: =========
 
 
========= netsh winsock reset catalog =========
 
 
Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.
 
 
========= End of CMD: =========
 
 
========= netsh int ip reset C:\resettcpip.txt =========
 
Resetting Compartment Forwarding, OK!
Resetting Compartment, OK!
Resetting Control Protocol, OK!
Resetting Echo Sequence Request, OK!
Resetting Global, OK!
Resetting Interface, OK!
Resetting Anycast Address, OK!
Resetting Multicast Address, OK!
Resetting Unicast Address, OK!
Resetting Neighbor, OK!
Resetting Path, OK!
Resetting Potential, OK!
Resetting Prefix Policy, OK!
Resetting Proxy Neighbor, OK!
Resetting Route, OK!
Resetting Site Prefix, OK!
Resetting Subinterface, OK!
Resetting Wakeup Pattern, OK!
Resetting Resolve Neighbor, OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , failed.
Access is denied.
 
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Restart the computer to complete this action.
 
 
========= End of CMD: =========
 
 
========= FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i" =========
 
Failed to clear log Microsoft-Windows-LiveId/Analytic. Access is denied.
Failed to clear log Microsoft-Windows-LiveId/Operational. Access is denied.
Failed to clear log Microsoft-Windows-USBVideo/Analytic. The instance name passed was not recognized as valid by a WMI data provider.
 
========= End of CMD: =========
 
 
========= Bitsadmin /Reset /Allusers =========
 
 
BITSADMIN version 3.0
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.
 
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
 
0 out of 0 jobs canceled.
 
========= End of CMD: =========
 
 
=========== EmptyTemp: ==========
 
BITS transfer queue => 7888896 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 36769032 B
Java, Flash, Steam htmlcache => 548133484 B
Windows/system/drivers => 3347090 B
Edge => 2846 B
Chrome => 845275382 B
Firefox => 13718046 B
Opera => 0 B
 
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 24963 B
systemprofile32 => 0 B
LocalService => 5742 B
NetworkService => 0 B
Kevin => 12381521 B
 
RecycleBin => 1616224880 B
EmptyTemp: => 2.9 GB temporary data Removed.
 
================================
 
 
The system needed a reboot.
 
==== End of Fixlog 13:27:42 ====
 
# AdwCleaner 7.0.7.0 - Logfile created on Sun Jan 21 19:41:42 2018
# Updated on 2018/18/01 by Malwarebytes 
# Running on Windows 10 Home (X64)
# Mode: clean
 
***** [ Services ] *****
 
No malicious services deleted.
 
***** [ Folders ] *****
 
No malicious folders deleted.
 
***** [ Files ] *****
 
No malicious files deleted.
 
***** [ DLL ] *****
 
No malicious DLLs cleaned.
 
***** [ WMI ] *****
 
No malicious WMI cleaned.
 
***** [ Shortcuts ] *****
 
No malicious shortcuts cleaned.
 
***** [ Tasks ] *****
 
No malicious tasks deleted.
 
***** [ Registry ] *****
 
No malicious registry entries deleted.
 
***** [ Firefox (and derivatives) ] *****
 
No malicious Firefox entries deleted.
 
***** [ Chromium (and derivatives) ] *****
 
SearchProvider deleted: Conduit - search.conduit.com
SearchProvider deleted: bookre.org - bookre.org
Startpage deleted: http://gokano.com/dashboard
Startpage deleted: http://gokano.com/dashboard
Startpage deleted: http://gokano.com/dashboard
Startpage deleted: http://gokano.com/dashboard
 
 
*************************
 
::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0
 
 
 
*************************
 
C:/AdwCleaner/AdwCleaner[C0].txt - [3180 B] - [2018/1/19 3:18:38]
C:/AdwCleaner/AdwCleaner[S0].txt - [2696 B] - [2018/1/19 3:18:7]
C:/AdwCleaner/AdwCleaner[S1].txt - [1652 B] - [2018/1/21 19:41:1]
 
 
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt ##########
 
 
RogueKiller V12.12.0.0 (x64) [Jan 15 2018] (Free) by Adlice Software
 
Operating System : Windows 10 (10.0.16299) 64 bits version
Started in : Normal mode
User : Kevin [Administrator]
Started from : C:\Users\Kevin\Desktop\RogueKiller_portable64.exe
Mode : Delete -- Date : 01/21/2018 13:55:59 (Duration : 01:21:52)
 
¤¤¤ Processes : 0 ¤¤¤
 
¤¤¤ Registry : 2 ¤¤¤
[PUM.SearchPage] (X64) HKEY_USERS\S-1-5-21-1647080334-1320705266-513318729-1002\Software\Microsoft\Internet Explorer\Main | Search Bar : Preserve  -> Replaced (http://search.msn.com/spbasic.htm)
[PUM.SearchPage] (X86) HKEY_USERS\S-1-5-21-1647080334-1320705266-513318729-1002\Software\Microsoft\Internet Explorer\Main | Search Bar : Preserve  -> Replaced (http://search.msn.com/spbasic.htm)
 
¤¤¤ Tasks : 0 ¤¤¤
 
¤¤¤ Files : 5 ¤¤¤
[PUP.uTorrentAds][File] C:\Users\Kevin\AppData\Roaming\uTorrent\updates\3.4.5_41372\utorrentie.exe -> Deleted
[PUP.uTorrentAds][File] C:\Users\Kevin\AppData\Roaming\uTorrent\updates\3.4.5_41712\utorrentie.exe -> Deleted
[PUP.uTorrentAds][File] C:\Users\Kevin\AppData\Roaming\uTorrent\updates\3.4.6_42094\utorrentie.exe -> Deleted
[PUP.uTorrentAds][File] C:\Users\Kevin\AppData\Roaming\uTorrent\updates\3.4.8_42449\utorrentie.exe -> Deleted
[PUP.uTorrentAds][File] C:\Users\Kevin\AppData\Roaming\uTorrent\updates\3.5.0_43916\utorrentie.exe -> Deleted
 
¤¤¤ WMI : 0 ¤¤¤
 
¤¤¤ Hosts File : 0 [Too big!] ¤¤¤
 
¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤
 
¤¤¤ Web browsers : 4 ¤¤¤
[PUP.Gen0][Chrome:Addon] Default : Honey [bmnlcjabgnpnenekpadlanbbkooimhnj] -> Deleted
[PUM.HomePage][Firefox:Config] bomtgad5.default : user_pref("browser.startup.homepage", "http://www.swagbucks.com/|perk.tv"); -> Replaced (about:home)
[PUP.Gen1|PUM.HomePage][Chrome:Config] Default [SecurePrefs] : homepage [http://search.yahoo.com?type=714647&fr=spigot-yhp-ch] -> Deleted
[PUM.HomePage][Chrome:Config] Default [SecurePrefs] : session.startup_urls [https://www.youtube.com/feed/subscriptions|https://outlook.office365.com/owa/#path=/mail|http://gokano.com/dashboard|https://encrypted.google.com] -> Deleted
 
¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: ST1000LM024 HN-M101MBB +++++
--- User ---
[MBR] 3db6499a8cfc97133c05db878a40a635
[BSP] 359f7e74cd5bfb32ea89655b1af5cfcd : Empty MBR Code
Partition table:
0 - [MAN-MOUNT] EFI system partition | Offset (sectors): 2048 | Size: 100 MB
1 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 206848 | Size: 900 MB
2 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 2050048 | Size: 128 MB
3 - Basic data partition | Offset (sectors): 2312192 | Size: 380739 MB
4 - [SYSTEM][MAN-MOUNT]  | Offset (sectors): 782067712 | Size: 807 MB
5 - Basic data partition | Offset (sectors): 783720448 | Size: 550703 MB
6 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 1911560192 | Size: 20490 MB
User = LL1 ... OK
User = LL2 ... OK
 
 


#4 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,194 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:11:14 PM

Posted 21 January 2018 - 07:10 PM

How is the computer doing?


No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#5 frost101

frost101
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:09:14 PM

Posted 21 January 2018 - 08:39 PM

I haven't seen the browser redirect and my anti-virus is working now, thank you! I haven't seen the windows process manager pop up either so I think everything is fixed now.

 

Thank you for your volunteer service, I'm going to be donating as a token of appreciation


Edited by frost101, 21 January 2018 - 08:42 PM.


#6 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,194 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:11:14 PM

Posted 21 January 2018 - 09:51 PM

Congratulations. :)

 

Use this program to remove the quarantined items:

 

Please download DelFix by Xplode and save to your Desktop.

  • Double-click on delfix.exe to run the tool.
    Vista/Windows 7/8/10 users right-click and select Run As Administrator.
  • Put a check mark next to these items:
    - Remove disinfection tools
    - Create registry backup
    delfix.jpg
    .
  • Click the "Run" button.
  • When the tool has finished, it will create and open a log report (DelFix.txt)

 

 

Always keep your antivirus active and updated.

 

Best regards. :)


No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#7 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,194 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:11:14 PM

Posted 25 January 2018 - 07:32 PM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users