Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Trojan.Yelloader, Adware.Linkury removal failed via 5 different scans. Win 8.1


  • This topic is locked This topic is locked
6 replies to this topic

#1 Gandolf1

Gandolf1

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:08:32 PM

Posted 21 February 2018 - 05:04 PM

Hello Bleeping Computer Team!

After running Malwarebytes with rootkit enabled, then ran ADWcleaner, then ran Zamura, then ran Hitman.  This is after 2 days of re-scanning.    I am still left with these viruses: (showing in Malwarebytes).

 

Adware.Tuto4PC
Adware.Linkury.Generic
Trojan.ProxyAgent
Trojan.Agent.Trace
Trojan.Yelloader
PUP.Optional.SystemHealer

 

I really worry about my banking info and passwords being taken.

 

BELOW IS THE LOG FROM FRST and ADDITIONAL:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21.02.2018
Ran by DoggoBrandle (administrator) on BRANDON (21-02-2018 14:51:57)
Running from D:\Downloads
Loaded Profiles: DoggoBrandle (Available Profiles: DoggoBrandle)
Platform: Windows 8.1 Pro N (Update) (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Hi-Rez Studios) D:\Smite\HiPatchService.exe
(HP) C:\Windows\System32\HPSIsvc.exe
(Copyright 2017.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9600.16384_x64__8wekyb3d8bbwe\glcnd.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Copyright 2017.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2568457363-4081483336-3709437035-1001\...\Run: [Steam] => D:\Steam Installation\steam.exe [3111712 2017-12-15] (Valve Corporation)
HKU\S-1-5-21-2568457363-4081483336-3709437035-1001\...\Run: [Discord] => C:\Users\DoggoBrandle\AppData\Local\Discord\app-0.0.300\Discord.exe [57821176 2018-01-08] (Discord Inc.)
HKU\S-1-5-21-2568457363-4081483336-3709437035-1001\...\Run: [Spotify] => C:\Users\DoggoBrandle\AppData\Roaming\Spotify\Spotify.exe [21325200 2018-02-20] (Spotify Ltd)
HKU\S-1-5-21-2568457363-4081483336-3709437035-1001\...\Run: [Spotify Web Helper] => C:\Users\DoggoBrandle\AppData\Roaming\Spotify\SpotifyWebHelper.exe [780688 2018-02-20] (Spotify Ltd)
HKU\S-1-5-21-2568457363-4081483336-3709437035-1001\...\MountPoints2: {01b4b116-14b9-11e8-9c10-d050992796d2} - "E:\SISetup.exe"
HKU\S-1-5-21-2568457363-4081483336-3709437035-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11776 2014-10-28] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2017-12-30]
ShortcutTarget: Killer Network Manager.lnk -> C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe (Rivet Networks)
GroupPolicy: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 24.116.0.53 24.116.2.50
Tcpip\..\Interfaces\{60D91EC2-4B88-4597-9CE0-4A5550D9AE4F}: [DhcpNameServer] 24.116.0.53 24.116.2.50

Internet Explorer:
==================
HKU\S-1-5-21-2568457363-4081483336-3709437035-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_151\bin\ssv.dll [2017-12-30] (Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-12-30] (Oracle Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll [2017-12-30] (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-12-30] (Oracle Corporation)

FireFox:
========
FF DefaultProfile: rbuwel8a.default
FF ProfilePath: C:\Users\DoggoBrandle\AppData\Roaming\Mozilla\Firefox\Profiles\rbuwel8a.default [2018-02-21]
FF Homepage: Mozilla\Firefox\Profiles\rbuwel8a.default -> about:home
FF Extension: (uBlock Origin) - C:\Users\DoggoBrandle\AppData\Roaming\Mozilla\Firefox\Profiles\rbuwel8a.default\Extensions\uBlock0@raymondhill.net.xpi [2018-02-20]
FF Plugin: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-12-30] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-12-30] (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin-x32: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-12-30] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-12-30] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-12-15] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-12-15] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2018-01-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2018-01-01] (Google Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\secure_cert.js [2018-02-20]

Chrome:
=======
CHR Profile: C:\Users\DoggoBrandle\AppData\Local\Google\Chrome\User Data\Default [2018-02-21]
CHR Extension: (Slides) - C:\Users\DoggoBrandle\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-01-01]
CHR Extension: (Docs) - C:\Users\DoggoBrandle\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-01-01]
CHR Extension: (Google Drive) - C:\Users\DoggoBrandle\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-01-01]
CHR Extension: (YouTube) - C:\Users\DoggoBrandle\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-01-01]
CHR Extension: (uBlock Origin) - C:\Users\DoggoBrandle\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2018-02-10]
CHR Extension: (High Contrast) - C:\Users\DoggoBrandle\AppData\Local\Google\Chrome\User Data\Default\Extensions\djcfdncoelnlbldjfhinnjlhdjlikmph [2018-01-01]
CHR Extension: (Sheets) - C:\Users\DoggoBrandle\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-01-01]
CHR Extension: (Web Player for Spotify™) - C:\Users\DoggoBrandle\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpcglidohpgnccfckgbgnflcbdmlcibj [2018-01-01]
CHR Extension: (Google Docs Offline) - C:\Users\DoggoBrandle\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-01-01]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\DoggoBrandle\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2018-01-21]
CHR Extension: (Chrome Web Store Payments) - C:\Users\DoggoBrandle\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-01-01]
CHR Extension: (Gmail) - C:\Users\DoggoBrandle\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-01-01]
CHR Extension: (Chrome Media Router) - C:\Users\DoggoBrandle\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-02-09]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [526888 2017-10-05] (EasyAntiCheat Ltd)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [520416 2014-01-28] (Futuremark)
R2 HiPatchService; D:\Smite\HiPatchService.exe [9728 2017-09-19] (Hi-Rez Studios) [File not signed]
S4 Killer Service V2; C:\Program Files\Killer Networking\Network Manager\KillerService.exe [451072 2015-11-24] (Rivet Networks) [File not signed]
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)
S4 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2017-12-15] (NVIDIA Corporation)
S4 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2017-12-15] (NVIDIA Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Copyright 2017.)
S4 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
S4 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 BfLwf; C:\Windows\system32\DRIVERS\bwcW8x64.sys [147528 2015-11-20] (Rivet Networks, LLC.)
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [47008 2016-07-26] ()
R3 Ke2200; C:\Windows\system32\DRIVERS\e22w8x64.sys [157752 2015-09-03] (Qualcomm Atheros, Inc.)
S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2010-03-05] (Marvell Semiconductor, Inc.)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-12-15] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50624 2017-12-15] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [57792 2017-12-15] (NVIDIA Corporation)
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [14024 2017-08-27] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
R1 ZAM; C:\Windows\System32\drivers\zam64.sys [203680 2018-02-21] (Zemana Ltd.)
R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2018-02-21] (Zemana Ltd.)
S3 nnqqqu; system32\drivers\ggkkkn.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-02-21 14:51 - 2018-02-21 14:51 - 000000000 ____D C:\FRST
2018-02-21 11:59 - 2018-02-21 11:59 - 000001883 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-02-21 11:59 - 2018-02-21 11:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-02-21 11:59 - 2017-11-29 09:11 - 000077432 _____ C:\Windows\system32\Drivers\mbae64.sys
2018-02-21 11:34 - 2018-02-21 11:34 - 000000000 ____D C:\Windows\system32\appraiser
2018-02-21 11:23 - 2015-07-30 07:04 - 000124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2018-02-21 11:23 - 2015-07-30 06:48 - 000103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2018-02-21 11:19 - 2018-01-21 04:09 - 000145080 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2018-02-21 11:19 - 2018-01-20 23:13 - 001994752 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2018-02-21 11:19 - 2018-01-20 23:13 - 001569280 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2018-02-21 11:19 - 2018-01-20 23:13 - 000749568 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2018-02-21 11:19 - 2018-01-20 23:13 - 000654336 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2018-02-21 11:19 - 2018-01-20 23:13 - 000604672 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2018-02-21 11:19 - 2018-01-20 23:13 - 000450048 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2018-02-21 11:19 - 2018-01-20 23:13 - 000378880 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2018-02-21 11:19 - 2018-01-20 23:13 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2018-02-21 11:19 - 2018-01-20 23:13 - 000236544 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2018-02-21 11:18 - 2018-02-10 01:44 - 025740288 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-02-21 11:18 - 2018-02-10 00:19 - 002900480 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-02-21 11:18 - 2018-02-10 00:16 - 000577536 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-02-21 11:18 - 2018-02-10 00:16 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2018-02-21 11:18 - 2018-02-10 00:09 - 005782016 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-02-21 11:18 - 2018-02-10 00:06 - 000816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-02-21 11:18 - 2018-02-10 00:06 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-02-21 11:18 - 2018-02-09 23:48 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2018-02-21 11:18 - 2018-02-09 23:47 - 000145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2018-02-21 11:18 - 2018-02-09 23:46 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2018-02-21 11:18 - 2018-02-09 23:41 - 001033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2018-02-21 11:18 - 2018-02-09 23:36 - 015283712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-02-21 11:18 - 2018-02-09 23:36 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-02-21 11:18 - 2018-02-09 23:34 - 000807936 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-02-21 11:18 - 2018-02-09 23:32 - 002134528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-02-21 11:18 - 2018-02-09 23:27 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-02-21 11:18 - 2018-02-09 23:20 - 020274176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-02-21 11:18 - 2018-02-09 23:14 - 001546240 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-02-21 11:18 - 2018-02-09 23:02 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-02-21 11:18 - 2018-02-09 22:57 - 000499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-02-21 11:18 - 2018-02-09 22:56 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2018-02-21 11:18 - 2018-02-09 22:54 - 002294272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-02-21 11:18 - 2018-02-09 22:49 - 000662528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-02-21 11:18 - 2018-02-09 22:49 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-02-21 11:18 - 2018-02-09 22:35 - 004498944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-02-21 11:18 - 2018-02-09 22:35 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2018-02-21 11:18 - 2018-02-09 22:35 - 000128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2018-02-21 11:18 - 2018-02-09 22:35 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2018-02-21 11:18 - 2018-02-09 22:33 - 013680640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-02-21 11:18 - 2018-02-09 22:32 - 000880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2018-02-21 11:18 - 2018-02-09 22:29 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-02-21 11:18 - 2018-02-09 22:27 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-02-21 11:18 - 2018-02-09 22:27 - 000694784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-02-21 11:18 - 2018-02-09 22:14 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-02-21 11:18 - 2018-02-09 22:10 - 001314304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-02-21 11:18 - 2018-02-09 22:08 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-02-21 11:18 - 2018-02-02 23:04 - 000686592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2018-02-21 11:18 - 2018-02-02 23:03 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2018-02-21 11:18 - 2018-02-02 16:53 - 007408984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-02-21 11:18 - 2018-02-01 11:51 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2018-02-21 11:18 - 2018-01-21 04:54 - 000419160 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2018-02-21 11:18 - 2018-01-12 18:18 - 002452824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2018-02-21 11:18 - 2018-01-12 14:42 - 000376664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2018-02-21 11:18 - 2018-01-12 11:31 - 004690944 _____ (Microsoft Corporation) C:\Windows\system32\xpsrchvw.exe
2018-02-21 11:18 - 2018-01-12 10:35 - 003553280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpsrchvw.exe
2018-02-21 11:18 - 2018-01-11 11:19 - 000032384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2018-02-21 11:18 - 2018-01-11 10:56 - 000504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2018-02-21 11:18 - 2018-01-11 10:07 - 000748032 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2018-02-21 11:18 - 2018-01-08 23:21 - 004168704 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-02-21 11:18 - 2018-01-08 23:18 - 000401920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2018-02-21 11:18 - 2017-12-15 05:23 - 000276312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2018-02-21 11:18 - 2017-12-05 09:56 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scfilter.sys
2018-02-21 11:18 - 2017-12-05 09:52 - 000242176 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2018-02-21 11:18 - 2017-12-05 09:45 - 000194560 _____ (Microsoft Corporation) C:\Windows\system32\SCardSvr.dll
2018-02-21 11:18 - 2017-12-05 09:42 - 000079360 _____ (Microsoft Corporation) C:\Windows\system32\SCardDlg.dll
2018-02-21 11:18 - 2017-12-05 09:32 - 000169984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2018-02-21 11:18 - 2017-12-05 09:10 - 000361472 _____ (Microsoft Corporation) C:\Windows\system32\rdpclip.exe
2018-02-21 11:18 - 2017-12-05 09:02 - 000186880 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2018-02-21 11:18 - 2017-12-05 08:58 - 000132608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2018-02-21 11:18 - 2017-12-05 08:24 - 000165376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdrom.sys
2018-02-21 11:18 - 2017-12-01 20:04 - 000082944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-02-21 11:18 - 2017-11-24 14:58 - 002608640 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2018-02-21 11:18 - 2017-11-24 14:56 - 000285184 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2018-02-21 11:18 - 2017-11-24 14:46 - 002170880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2018-02-21 11:18 - 2017-11-24 14:44 - 000236032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2018-02-21 11:18 - 2016-05-13 16:08 - 000111616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2018-02-21 11:18 - 2016-05-13 16:08 - 000032768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2018-02-21 11:17 - 2014-06-09 15:13 - 000035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2018-02-21 11:17 - 2014-06-09 15:13 - 000035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2018-02-21 10:55 - 2018-02-21 10:55 - 000001450 _____ C:\Users\DoggoBrandle\Desktop\firefox.exe - Shortcut.lnk
2018-02-21 09:27 - 2018-02-21 09:35 - 000000000 ____D C:\Windows\pss
2018-02-21 09:03 - 2018-02-21 09:03 - 000012872 _____ (SurfRight B.V.) C:\Windows\system32\bootdelete.exe
2018-02-21 09:03 - 2018-02-21 09:03 - 000001224 _____ C:\Windows\system32\bootdelete.lst
2018-02-21 08:55 - 2018-02-21 09:04 - 000000000 ____D C:\ProgramData\HitmanPro
2018-02-21 08:09 - 2018-02-21 14:51 - 000048237 _____ C:\Windows\ZAM.krnl.trace
2018-02-21 08:09 - 2018-02-21 14:51 - 000015123 _____ C:\Windows\ZAM_Guard.krnl.trace
2018-02-21 08:09 - 2018-02-21 08:09 - 000203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zamguard64.sys
2018-02-21 08:09 - 2018-02-21 08:09 - 000203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zam64.sys
2018-02-21 08:09 - 2018-02-21 08:09 - 000001164 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2018-02-21 08:09 - 2018-02-21 08:09 - 000000000 ____D C:\Users\DoggoBrandle\AppData\Local\Zemana
2018-02-21 08:09 - 2018-02-21 08:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2018-02-21 08:09 - 2018-02-21 08:09 - 000000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2018-02-20 19:47 - 2018-02-20 19:47 - 000000000 ____D C:\Users\DoggoBrandle\AppData\Roaming\.mono
2018-02-20 19:47 - 2018-02-20 19:47 - 000000000 ____D C:\Users\DoggoBrandle\AppData\Local\Colossal Order
2018-02-20 19:47 - 2018-02-20 19:47 - 000000000 ____D C:\ProgramData\.mono
2018-02-20 19:00 - 2018-02-21 10:51 - 000002118 _____ C:\Users\DoggoBrandle\Desktop\Rkill.txt
2018-02-20 18:55 - 2018-02-20 18:55 - 000001131 _____ C:\Users\DoggoBrandle\Desktop\adwcleaner_7.0.8.0.exe - Shortcut.lnk
2018-02-20 18:55 - 2018-02-20 18:55 - 000001026 _____ C:\Users\DoggoBrandle\Desktop\rkill.exe - Shortcut.lnk
2018-02-20 18:47 - 2018-02-20 18:47 - 007408984 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlmp.exe
2018-02-20 18:47 - 2018-02-20 18:47 - 000556032 _____ C:\ProgramData\MicrosoftUpd.exe
2018-02-20 18:47 - 2018-02-20 18:47 - 000278507 _____ C:\Users\DoggoBrandle\AppData\Local\StatKix.bin
2018-02-20 18:47 - 2018-02-20 18:47 - 000003472 _____ C:\Windows\System32\Tasks\MicrosoftUpd.exe
2018-02-20 18:46 - 2018-02-21 10:45 - 000000000 ____D C:\Users\DoggoBrandle\AppData\Local\pcdikzh
2018-02-20 18:46 - 2018-02-21 08:18 - 000000000 ____D C:\ProgramData\updater
2018-02-20 18:46 - 2018-02-20 18:47 - 000000003 _____ C:\ProgramData\updater.txt
2018-02-20 18:46 - 2018-02-20 18:46 - 018514008 _____ ( ) C:\Users\DoggoBrandle\AppData\Roaming\mysetup.exe
2018-02-20 18:46 - 2018-02-20 18:46 - 000140800 _____ C:\Users\DoggoBrandle\AppData\Local\installer.dat
2018-02-20 18:46 - 2018-02-20 18:46 - 000000001 _____ C:\Users\DoggoBrandle\AppData\Roaming\check.txt
2018-02-20 18:46 - 2018-02-20 18:46 - 000000000 ____D C:\ProgramData\4e02e9599fee4dd7a7bca15f69a83e23
2018-02-20 18:44 - 2018-02-20 18:44 - 000000679 _____ C:\Users\DoggoBrandle\Desktop\Cities Skylines All That Jazz.lnk
2018-02-20 18:44 - 2018-02-20 18:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cities Skylines All That Jazz
2018-02-20 18:43 - 2018-02-21 12:12 - 000000000 ____D C:\Users\DoggoBrandle\AppData\Local\restgnh
2018-02-20 18:43 - 2018-02-21 08:45 - 000000000 ____D C:\Users\DoggoBrandle\AppData\Local\sbskmvp
2018-02-20 18:42 - 2018-02-21 09:35 - 002888704 _____ C:\Windows\system32\lsouinesvc.exe
2018-02-20 18:42 - 2018-02-20 18:42 - 000000000 ____D C:\Windows\SysWOW64\pskhmrz
2018-02-20 18:42 - 2018-02-20 18:42 - 000000000 ____D C:\Windows\system32\pskhmrz
2018-02-20 18:42 - 2018-02-20 18:42 - 000000000 ____D C:\Users\DoggoBrandle\AppData\Roaming\et
2018-02-20 18:41 - 2018-02-20 18:41 - 001676288 _____ C:\Windows\b9d557f47de49f8ff651f188f9bd0490.dll
2018-02-20 18:32 - 2018-02-20 18:32 - 000000218 _____ C:\Users\DoggoBrandle\AppData\Local\recently-used.xbel
2018-02-20 16:08 - 2018-02-20 16:08 - 000000000 ____D C:\Users\DoggoBrandle\ernest hemingway_complete
2018-02-20 10:35 - 2018-02-21 10:38 - 000000000 ____D C:\AdwCleaner
2018-02-20 01:40 - 2018-02-20 01:40 - 000510464 _____ C:\Windows\aa56b0036e729170da32e8424c01de65.exe
2018-02-20 01:40 - 2018-02-20 01:40 - 000052398 _____ C:\Windows\uninstaller.dat
2018-02-19 07:43 - 2018-02-19 07:43 - 000000000 __SHD C:\Windows\ftpcache
2018-02-19 07:43 - 2018-02-19 07:43 - 000000000 ____D C:\Users\DoggoBrandle\AppData\Roaming\Macromedia
2018-02-19 07:42 - 2018-02-19 07:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2018-02-19 07:42 - 2010-04-07 06:04 - 000127800 _____ (HP) C:\Windows\system32\HPSIsvc.exe
2018-02-19 07:41 - 2010-03-05 16:41 - 001490656 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01007.dll
2018-02-19 07:41 - 2010-03-05 16:41 - 000082432 _____ C:\Windows\system32\mvusbews.dll
2018-02-19 07:41 - 2010-03-05 16:41 - 000020480 _____ (Marvell Semiconductor, Inc.) C:\Windows\system32\Drivers\mvusbews.sys
2018-02-19 07:41 - 2010-03-05 16:40 - 000049664 _____ C:\Windows\system32\HP1100SMs.dll
2018-02-19 07:41 - 2010-03-04 16:56 - 001695232 _____ C:\Windows\system32\HP1100SM.EXE
2018-02-19 07:41 - 2010-03-04 16:56 - 000289280 _____ C:\Windows\system32\HP1100LM.DLL
2018-02-19 07:39 - 2018-02-19 07:39 - 000000000 ____D C:\Program Files\HP
2018-02-19 07:39 - 2010-03-04 16:03 - 000350720 _____ C:\Windows\system32\mvhlewsi.dll
2018-02-17 20:59 - 2018-02-21 14:23 - 000003034 _____ C:\Windows\System32\Tasks\MSIAfterburner
2018-02-13 11:07 - 2018-02-21 14:24 - 000000000 __RDO C:\Users\DoggoBrandle\OneDrive
2018-02-13 11:07 - 2018-02-13 11:08 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-02-11 09:49 - 2018-02-11 09:49 - 000001215 _____ C:\Users\DoggoBrandle\Desktop\Sid Meiers Civilization VI Rise and Fall.lnk
2018-02-11 09:49 - 2018-02-11 09:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sid Meiers Civilization VI Rise and Fall
2018-02-05 11:29 - 2018-02-05 11:32 - 978829763 _____ C:\Users\DoggoBrandle\Old Boy 2003 720p Esub BluRay Dual Audio Hindi Korean GOPISAHI.mkv
2018-02-04 16:07 - 2018-02-17 08:32 - 000012028 _____ C:\Users\DoggoBrandle\Desktop\Job Apps.ods
2018-01-30 18:30 - 2003-05-14 22:47 - 1459978240 _____ C:\Users\DoggoBrandle\Zelda WindWaker.iso
2018-01-30 18:23 - 2009-12-04 14:25 - 000000000 ____D C:\Users\DoggoBrandle\The_Legend_Of_Zelda_The_Wind_Waker_USA_NGC-STARCUBE
2018-01-30 18:19 - 2018-01-30 19:16 - 000000000 ____D C:\Users\DoggoBrandle\Nintendo GameCube
2018-01-30 18:18 - 2018-01-30 18:21 - 1459978240 _____ C:\Users\DoggoBrandle\Super Mario Sunshine.iso
2018-01-30 18:17 - 2018-01-30 18:20 - 1200250377 _____ C:\Users\DoggoBrandle\The_Legend_Of_Zelda_The_Wind_Waker_USA_NGC-STARCUBE.rar
2018-01-30 15:57 - 2018-02-17 08:32 - 000059392 ___SH C:\Users\DoggoBrandle\Desktop\Thumbs.db
2018-01-30 15:57 - 2018-01-30 15:57 - 000001205 _____ C:\Users\DoggoBrandle\Desktop\ScreenShots - Shortcut.lnk
2018-01-29 17:04 - 2018-01-29 17:04 - 000000000 ____D C:\Program Files\Reference Assemblies
2018-01-29 17:04 - 2018-01-29 17:04 - 000000000 ____D C:\Program Files\MSBuild
2018-01-29 17:04 - 2018-01-29 17:04 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2018-01-29 17:04 - 2018-01-29 17:04 - 000000000 ____D C:\Program Files (x86)\MSBuild
2018-01-29 17:03 - 2013-08-02 21:48 - 001166520 _____ (Microsoft Corporation) C:\Windows\system32\PresentationNative_v0300.dll
2018-01-29 17:03 - 2013-08-02 21:41 - 000778936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationNative_v0300.dll
2018-01-27 17:01 - 2018-02-20 18:47 - 000000550 __RSH C:\ProgramData\ntuser.pol
2018-01-27 17:01 - 2018-01-27 17:01 - 001795952 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
2018-01-27 17:01 - 2018-01-27 17:01 - 001002728 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller2.dll
2018-01-27 17:01 - 2018-01-27 17:01 - 000000000 ____D C:\Users\DoggoBrandle\usb_driver
2018-01-25 17:40 - 2018-01-25 17:45 - 000000000 ____D C:\Users\DoggoBrandle\Mobile Suit Gundam Wing [720p.BRrip.x264.Dual-Audio][xRed]
2018-01-23 14:20 - 2018-01-23 14:20 - 000000770 _____ C:\Users\DoggoBrandle\Desktop\Dolphin - Shortcut.lnk

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-02-21 14:45 - 2017-12-30 20:10 - 000000000 ____D C:\Users\DoggoBrandle\AppData\LocalLow\Mozilla
2018-02-21 14:28 - 2017-12-30 19:51 - 000863592 _____ C:\Windows\system32\PerfStringBackup.INI
2018-02-21 14:28 - 2013-08-22 06:36 - 000000000 ____D C:\Windows\Inf
2018-02-21 14:23 - 2013-08-22 07:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-02-21 12:31 - 2017-12-30 19:54 - 000003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2568457363-4081483336-3709437035-1001
2018-02-21 12:25 - 2017-12-30 20:15 - 000000000 ____D C:\ProgramData\NVIDIA
2018-02-21 11:59 - 2018-01-09 14:29 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-02-21 11:52 - 2018-01-06 09:06 - 000000000 ____D C:\Users\DoggoBrandle\AppData\Local\Spotify
2018-02-21 11:49 - 2018-01-06 09:05 - 000000000 ____D C:\Users\DoggoBrandle\AppData\Roaming\Spotify
2018-02-21 11:36 - 2013-08-22 07:44 - 000411632 _____ C:\Windows\system32\FNTCACHE.DAT
2018-02-21 11:34 - 2018-01-03 11:25 - 000000000 ___SD C:\Windows\system32\CompatTel
2018-02-21 11:24 - 2013-08-22 08:20 - 000000000 ____D C:\Windows\CbsTemp
2018-02-21 11:02 - 2017-12-31 00:38 - 000000000 ____D C:\Users\DoggoBrandle\AppData\Local\CrashDumps
2018-02-21 09:35 - 2013-08-22 06:25 - 011796480 _____ C:\Windows\system32\config\HARDWARE
2018-02-21 08:47 - 2017-12-30 20:08 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-02-21 08:41 - 2017-12-30 20:08 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-02-21 08:41 - 2017-12-30 19:48 - 000000000 ____D C:\Users\DoggoBrandle
2018-02-21 08:18 - 2013-08-22 08:36 - 000000000 ____D C:\Program Files\Windows NT
2018-02-21 08:18 - 2013-08-22 06:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2018-02-20 18:57 - 2018-01-01 08:56 - 000002250 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-02-20 18:57 - 2017-12-30 20:08 - 000000998 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2018-02-20 18:57 - 2017-12-30 19:48 - 000001422 _____ C:\Users\DoggoBrandle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2018-02-20 18:46 - 2017-12-30 20:13 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-02-19 18:25 - 2017-12-31 00:38 - 000000000 ____D C:\Users\DoggoBrandle\AppData\Local\Battle.net
2018-02-18 21:04 - 2017-12-31 01:05 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
2018-02-16 18:58 - 2017-12-31 00:38 - 000000000 ____D C:\Users\DoggoBrandle\AppData\Roaming\Battle.net
2018-02-16 13:04 - 2018-01-04 12:21 - 000000000 ____D C:\Users\DoggoBrandle\AppData\Roaming\vlc
2018-02-13 13:39 - 2013-08-22 08:36 - 000000000 ____D C:\Windows\AppReadiness
2018-02-13 13:34 - 2017-12-30 19:48 - 000000000 ____D C:\Users\DoggoBrandle\AppData\Local\Packages
2018-02-13 13:34 - 2013-08-22 08:36 - 000000000 ___HD C:\Program Files\WindowsApps
2018-02-05 13:38 - 2018-01-03 11:31 - 000835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-02-05 13:38 - 2018-01-03 11:31 - 000177648 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-02-02 17:02 - 2018-01-01 15:42 - 000000000 ____D C:\Users\DoggoBrandle\AppData\Roaming\deluge
2018-01-31 12:02 - 2013-08-22 08:36 - 000000000 ____D C:\Windows\rescache
2018-01-29 17:57 - 2017-12-31 22:33 - 000000000 ____D C:\Users\DoggoBrandle\AppData\Roaming\discord

==================== Files in the root of some directories =======

2018-02-20 18:47 - 2018-02-20 18:47 - 000556032 _____ () C:\ProgramData\MicrosoftUpd.exe
2018-02-20 18:46 - 2018-02-20 18:46 - 000000001 _____ () C:\Users\DoggoBrandle\AppData\Roaming\check.txt
2018-01-02 15:54 - 2018-01-02 15:54 - 000000000 _____ () C:\Users\DoggoBrandle\AppData\Roaming\FC29FA0894FE.ini
2018-02-20 18:46 - 2018-02-20 18:46 - 018514008 _____ (                                                            ) C:\Users\DoggoBrandle\AppData\Roaming\mysetup.exe
2017-12-30 20:01 - 2017-12-30 20:01 - 000000000 _____ () C:\Users\DoggoBrandle\AppData\Local\Driver_LOM_8161Present.flag
2018-02-20 18:46 - 2018-02-20 18:46 - 000140800 _____ () C:\Users\DoggoBrandle\AppData\Local\installer.dat
2018-02-20 18:32 - 2018-02-20 18:32 - 000000218 _____ () C:\Users\DoggoBrandle\AppData\Local\recently-used.xbel
2018-02-20 18:47 - 2018-02-20 18:47 - 000278507 _____ () C:\Users\DoggoBrandle\AppData\Local\StatKix.bin

Some files in TEMP:
====================
2018-02-20 18:40 - 2018-02-20 18:40 - 000024576 _____ (1010 Vine Street) C:\Users\DoggoBrandle\AppData\Local\Temp\capi.exe
2018-02-20 18:45 - 2018-02-20 18:45 - 000020480 _____ () C:\Users\DoggoBrandle\AppData\Local\Temp\cubesta.exe
2018-02-20 18:47 - 2018-02-20 18:47 - 001527488 _____ (Microsoft Corporation) C:\Users\DoggoBrandle\AppData\Local\Temp\dbghelp.dll
2018-01-20 15:48 - 2018-01-20 15:48 - 033012904 _____ (ArenaNet) C:\Users\DoggoBrandle\AppData\Local\Temp\Gw2.exe
2018-02-20 18:40 - 2018-02-20 18:40 - 004426136 _____ (Indigo Rose Corporation) C:\Users\DoggoBrandle\AppData\Local\Temp\ing.exe
2018-02-20 18:46 - 2018-02-20 18:46 - 003276750 _____ () C:\Users\DoggoBrandle\AppData\Local\Temp\OneSystemCare.exe
2018-02-20 18:46 - 2018-02-20 18:46 - 000412672 _____ () C:\Users\DoggoBrandle\AppData\Local\Temp\setup.exe
2018-02-19 07:39 - 2010-04-07 06:07 - 000607800 ____R (HP) C:\Users\DoggoBrandle\AppData\Local\Temp\siinst.exe
2018-02-19 07:39 - 2010-04-06 14:41 - 000270336 ____R (HP) C:\Users\DoggoBrandle\AppData\Local\Temp\strings.dll
2018-02-20 18:47 - 2018-02-20 18:47 - 000167616 _____ (Microsoft Corporation) C:\Users\DoggoBrandle\AppData\Local\Temp\symsrv.dll
2018-02-20 18:40 - 2018-02-20 18:40 - 001464832 _____ () C:\Users\DoggoBrandle\AppData\Local\Temp\XvidCodecInstaller.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-02-20 05:18

==================== End of FRST.txt ============================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21.02.2018
Ran by DoggoBrandle (21-02-2018 14:52:24)
Running from D:\Downloads
Windows 8.1 Pro N (Update) (X64) (2017-12-31 02:48:33)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2568457363-4081483336-3709437035-500 - Administrator - Disabled)
DoggoBrandle (S-1-5-21-2568457363-4081483336-3709437035-1001 - Administrator - Enabled) => C:\Users\DoggoBrandle
Guest (S-1-5-21-2568457363-4081483336-3709437035-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2568457363-4081483336-3709437035-1003 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

3DMark 11 (HKLM\...\{FD67BFA0-E205-47AA-BA09-123B3B72DB5E}) (Version: 1.0.132.0 - Futuremark) Hidden
3DMark 11 (HKLM-x32\...\{f9e83b9c-ab7e-4005-8f32-4ea69703a5e4}) (Version: 1.0.132.0 - Futuremark)
7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Cities Skylines All That Jazz (HKLM-x32\...\Cities Skylines All That Jazz_is1) (Version:  - )
CPUID CPU-Z 1.82.1 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.82.1 - )
CPUID HWMonitor 1.34 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.34 - )
CrystalDiskInfo 7.5.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 7.5.0 - Crystal Dew World)
Deluge 1.3.15 (HKLM-x32\...\Deluge) (Version:  - )
Destiny 2 (HKLM-x32\...\Destiny 2) (Version:  - Blizzard Entertainment)
Discord (HKU\S-1-5-21-2568457363-4081483336-3709437035-1001\...\Discord) (Version: 0.0.300 - Discord Inc.)
EVGA Precision X 4.2.1 (HKLM-x32\...\PrecisionX) (Version: 4.2.1 - EVGA Corporation)
foobar2000 v1.3.17 (HKLM-x32\...\foobar2000) (Version: 1.3.17 - Peter Pawlowski)
Futuremark SystemInfo (HKLM-x32\...\{032DC00A-51D1-4D28-BFB7-1D0E85291E11}) (Version: 4.25.366 - Futuremark)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 64.0.3282.167 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Guild Wars 2 (HKLM\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version:  - EFD Software)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
HP LaserJet Professional P1100-P1560-P1600 Series (HKLM\...\HP LaserJet Professional P1100-P1560-P1600 Series) (Version:  - )
Intel® Chipset Device Software (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1153 - Intel Corporation)
Java 8 Update 151 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
Java 8 Update 151 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
Killer Bandwidth Control Filter Driver (HKLM\...\{45B07659-B355-492D-8177-12AD31E7E3E6}) (Version: 1.1.56.1651 - Rivet Networks) Hidden
Killer E220x Drivers (HKLM\...\{419E1AB9-3E42-42C5-B00E-E5E09DBEAA19}) (Version: 1.1.56.1651 - Rivet Networks) Hidden
Killer Network Manager (HKLM\...\{9E99C063-B796-4595-BA4D-F957F6CE5E83}) (Version: 1.1.56.1651 - Rivet Networks) Hidden
Killer Performance Suite (HKLM-x32\...\{DB8A465E-67BE-4450-9C9A-FECEA6222B95}) (Version: 1.1.56.1651 - Rivet Networks)
LibreOffice 5.4.4.2 (HKLM\...\{36E72E7B-9992-4C69-88B1-5E466E4A1386}) (Version: 5.4.4.2 - The Document Foundation)
Malwarebytes version 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.11.25325 (HKLM-x32\...\{6c6356fe-cbfa-4944-9bed-a9e99f45cb7a}) (Version: 14.11.25325.0 - Microsoft Corporation)
Mozilla Firefox 58.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 58.0.2 (x64 en-US)) (Version: 58.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0.3 - Mozilla)
MSI Afterburner 4.4.2 (HKLM-x32\...\Afterburner) (Version: 4.4.2 - MSI Co., LTD)
NVIDIA 3D Vision Controller Driver 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 388.71 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 388.71 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.11.0.73 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.11.0.73 - NVIDIA Corporation)
NVIDIA Graphics Driver 388.71 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.71 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.35.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.35.1 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Path of Exile (HKLM-x32\...\{90A4562F-D4A1-4B65-906D-41F236CF6902}) (Version: 3.1.2.25465 - Grinding Gear Games) Hidden
Path of Exile (HKLM-x32\...\{c3ba73de-2cf5-4555-b661-659c7efd22ee}) (Version: 3.1.2.25465 - Grinding Gear Games)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 3.1.0 - pdfforge GmbH)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7004 - Realtek Semiconductor Corp.)
Sid Meiers Civilization VI Khmer and Indonesia Civilization and Scenario Pack (HKLM-x32\...\Sid Meiers Civilization VI Khmer and Indonesia C~FC623E80_is1) (Version:  - )
Sid Meiers Civilization VI Rise and Fall (HKLM-x32\...\Sid Meiers Civilization VI Rise and Fall_is1) (Version:  - )
Sid.Meiers.Civilization.VI.Deluxe.Edition+7DLC version 1.0 (HKLM-x32\...\{2335A5A4-3ECA-4716-8D24-D57F6589D3E5}}_is1) (Version: 1.0 - Ali213.net)
Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 5.1.4574.1 - Hi-Rez Studios)
Spotify (HKU\S-1-5-21-2568457363-4081483336-3709437035-1001\...\Spotify) (Version: 1.0.74.380.g1fcff12a - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SumatraPDF (HKLM\...\SumatraPDF) (Version: 3.1.2 - Krzysztof Kowalczyk)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.8 - VideoLAN)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
World of Warcraft Public Test (HKLM-x32\...\World of Warcraft Public Test) (Version:  - Blizzard Entertainment)
Zemana AntiMalware (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.74.0.150 - Zemana Ltd.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll [2018-02-21] ()
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Windows\system32\mscoree.dll [2013-08-22] (Microsoft Corporation)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2017-12-15] (NVIDIA Corporation)
ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll [2018-02-21] ()
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {004F2E97-88B3-42C5-B452-DEDB59F99432} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-01-01] (Google Inc.)
Task: {2FB09BA6-F8F8-4E2F-A380-AFEBDC0ABB59} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [2017-12-15] ()
Task: {518E8D70-CFB2-4E3A-9605-1ECA299BD6C0} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-12-15] (NVIDIA Corporation)
Task: {74034905-BFD3-4DF0-AE61-907EBAD3F8A6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-01-01] (Google Inc.)
Task: {A2AB8271-538E-4CD8-BE54-E748143FF3A0} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-12-15] (NVIDIA Corporation)
Task: {AD586D65-2103-4FD9-AD4F-76D2072F07E7} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-12-15] (NVIDIA Corporation)
Task: {B73D65FA-FA2B-43EE-A3AA-9DD4AD85B6F2} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-12-15] (NVIDIA Corporation)
Task: {C0E25FF7-25F4-4C37-955E-9AAE39EBA2C3} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-12-15] (NVIDIA Corporation)
Task: {C7A95E45-A3AF-42B6-97BB-683C24A4DDD2} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-12-15] (NVIDIA Corporation)
Task: {E0F9A8FE-6553-46F1-ACFA-2F72A564A412} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-12-15] (NVIDIA Corporation)
Task: {F1435FAC-ABD8-4924-9356-F8D1F93F8BBD} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-12-15] (NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2018-02-19 07:41 - 2010-03-04 16:56 - 000289280 _____ () C:\Windows\System32\HP1100LM.DLL
2018-02-19 07:42 - 2010-03-04 16:56 - 000074240 _____ () C:\Windows\system32\spool\PRTPROCS\x64\HP1100PP.DLL
2017-12-15 02:04 - 2017-12-15 02:04 - 000725288 _____ () C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
2017-12-14 10:56 - 2017-12-14 10:56 - 000071680 _____ () C:\Program Files (x86)\MSI Afterburner\RTMUI.dll
2017-12-14 10:56 - 2017-12-14 10:56 - 000056832 _____ () C:\Program Files (x86)\MSI Afterburner\RTFC.dll
2017-12-14 10:56 - 2017-12-14 10:56 - 000232448 _____ () C:\Program Files (x86)\MSI Afterburner\RTCore.dll
2017-12-14 10:56 - 2017-12-14 10:56 - 000357888 _____ () C:\Program Files (x86)\MSI Afterburner\RTUI.dll
2017-12-14 10:57 - 2017-12-14 10:57 - 000566784 _____ () C:\Program Files (x86)\MSI Afterburner\RTHAL.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\DoggoBrandle\AppData\Local\Temp:$DATA​ [16]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 06:25 - 2013-08-22 06:25 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2568457363-4081483336-3709437035-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\DoggoBrandle\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 24.116.0.53 - 24.116.2.50
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\Services: Killer Service V2 => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: NvContainerLocalSystem => 3
MSCONFIG\Services: NvContainerNetworkService => 3
MSCONFIG\Services: NVDisplay.ContainerLocalSystem => 2
MSCONFIG\Services: NvTelemetryContainer => 2
MSCONFIG\Services: Steam Client Service => 3
HKLM\...\StartupApproved\StartupFolder: => "Killer Network Manager.lnk"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-2568457363-4081483336-3709437035-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2568457363-4081483336-3709437035-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-2568457363-4081483336-3709437035-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-2568457363-4081483336-3709437035-1001\...\StartupApproved\Run: => "Spotify Web Helper"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{0ED731F3-D432-466B-9E85-36C08C7E564D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{6E3CE00B-31DF-4B2F-8566-47255FE77D5F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{B1CD9BC2-CB66-4276-BFB6-53420F7775D3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{8D1E84D2-864F-4A74-90E4-A35C52481F8D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{5C4A784F-CACE-4B4B-A884-FF4E49E4E169}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{0200325F-80D5-4079-A562-915ADFD2A8AE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{BDAFD573-68D0-42EF-A27B-E2548C02E5DA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{7BDA14EC-7827-4B7D-B06B-8964471F4DF2}] => (Allow) D:\Steam Installation\Steam.exe
FirewallRules: [{F1EDA805-0F45-4122-920C-EB7A2A69F796}] => (Allow) D:\Steam Installation\Steam.exe
FirewallRules: [{9A55E36B-59B4-41FD-8633-374BF07C3FB2}] => (Allow) D:\Steam Installation\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{53853B61-1B2A-4B24-B6BD-9EFCAAA8699F}] => (Allow) D:\Steam Installation\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{D16E13CC-A334-494C-9940-1E133B57CE8E}] => (Allow) D:\Steam Installation\steamapps\common\The Witcher 3\bin\x64\witcher3.exe
FirewallRules: [{AC5A46BD-956A-46EB-9E85-E4C9AE5E7D0D}] => (Allow) D:\Steam Installation\steamapps\common\The Witcher 3\bin\x64\witcher3.exe
FirewallRules: [{6F5E4EF1-F65D-4E1D-8F2C-62CE52A301E4}] => (Allow) D:\Battle.net\Destiny 2\destiny2.exe
FirewallRules: [{7E8431E1-80F9-4CCC-B7A5-7BE4DFD1C673}] => (Allow) D:\Battle.net\Destiny 2\destiny2.exe
FirewallRules: [TCP Query User{8DC737DF-962E-4BB4-8D09-9E38B2D24BE5}D:\deluge install\deluge.exe] => (Allow) D:\deluge install\deluge.exe
FirewallRules: [UDP Query User{98BB097E-E5CC-47E9-9D2E-8583A21AF422}D:\deluge install\deluge.exe] => (Allow) D:\deluge install\deluge.exe
FirewallRules: [TCP Query User{5E73D2F8-B83B-4682-A092-4824EC95A4C6}D:\sid meiers civilization vi\base\binaries\win64steam\civilizationvi.exe] => (Allow) D:\sid meiers civilization vi\base\binaries\win64steam\civilizationvi.exe
FirewallRules: [UDP Query User{14AA2430-6954-4AE3-B8A4-E5FBABC5AB74}D:\sid meiers civilization vi\base\binaries\win64steam\civilizationvi.exe] => (Allow) D:\sid meiers civilization vi\base\binaries\win64steam\civilizationvi.exe
FirewallRules: [TCP Query User{E8FE694D-529C-4E21-A707-6D4C1AFDA0A6}D:\battle.net\heroes of the storm\versions\base60821\heroesofthestorm_x64.exe] => (Allow) D:\battle.net\heroes of the storm\versions\base60821\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{09E82187-9BE9-4733-9F0A-08E062A25F23}D:\battle.net\heroes of the storm\versions\base60821\heroesofthestorm_x64.exe] => (Allow) D:\battle.net\heroes of the storm\versions\base60821\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{CDED0622-6382-4B8D-B521-70B1A36DAC1D}C:\users\doggobrandle\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\doggobrandle\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{59C063AD-6781-4CF1-AEBE-732936D304FA}C:\users\doggobrandle\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\doggobrandle\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{44BDEAF9-B995-4BA2-A452-2ADE41BCCAB9}D:\sid meiers civilization vi khmer and indonesia civilization and scenario pack\base\binaries\win64steam\civilizationvi.exe] => (Allow) D:\sid meiers civilization vi khmer and indonesia civilization and scenario pack\base\binaries\win64steam\civilizationvi.exe
FirewallRules: [UDP Query User{96D310BE-7F25-4DAF-81ED-A7EAFB363698}D:\sid meiers civilization vi khmer and indonesia civilization and scenario pack\base\binaries\win64steam\civilizationvi.exe] => (Allow) D:\sid meiers civilization vi khmer and indonesia civilization and scenario pack\base\binaries\win64steam\civilizationvi.exe
FirewallRules: [TCP Query User{3B4882C1-0B25-453C-AA97-FF7523E64BAF}C:\users\doggobrandle\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\doggobrandle\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{612F6713-7ADC-4962-B663-AB164BDA6F06}C:\users\doggobrandle\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\doggobrandle\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{7EC3BF20-6F85-41F8-BA78-B379BB22DE19}D:\battle.net\heroes of the storm\versions\base61129\heroesofthestorm_x64.exe] => (Allow) D:\battle.net\heroes of the storm\versions\base61129\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{EB2E4C0F-4917-4B51-9E3C-34C572E201C4}D:\battle.net\heroes of the storm\versions\base61129\heroesofthestorm_x64.exe] => (Allow) D:\battle.net\heroes of the storm\versions\base61129\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{B80D16C8-EEC4-44D1-9D85-DE3963EA37B1}D:\smite\hirezgames\smite\binaries\win32\smite.exe] => (Allow) D:\smite\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [UDP Query User{72E23E68-8B75-43D7-B2F4-EBF868CEA4BF}D:\smite\hirezgames\smite\binaries\win32\smite.exe] => (Allow) D:\smite\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [TCP Query User{06B019A3-6F90-4914-B4CF-6F02CDFE7C9A}D:\battle.net\heroes of the storm\versions\base61361\heroesofthestorm_x64.exe] => (Allow) D:\battle.net\heroes of the storm\versions\base61361\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{2DB93E06-E1BE-46F6-9B92-102192973C78}D:\battle.net\heroes of the storm\versions\base61361\heroesofthestorm_x64.exe] => (Allow) D:\battle.net\heroes of the storm\versions\base61361\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{1A403388-45BF-4807-A589-DD670A7A28BD}D:\games\sid meiers civilization vi rise and fall\base\binaries\win64steam\civilizationvi.exe] => (Allow) D:\games\sid meiers civilization vi rise and fall\base\binaries\win64steam\civilizationvi.exe
FirewallRules: [UDP Query User{5D1392C8-D752-4903-91FF-7A8AEF81BAD9}D:\games\sid meiers civilization vi rise and fall\base\binaries\win64steam\civilizationvi.exe] => (Allow) D:\games\sid meiers civilization vi rise and fall\base\binaries\win64steam\civilizationvi.exe
FirewallRules: [{BC8EB8F7-A2EA-4076-9C69-8E887249E7B1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{3435D57A-2E88-485A-BDA4-060A8C6A775A}D:\battle.net\heroes of the storm\versions\base62212\heroesofthestorm_x64.exe] => (Allow) D:\battle.net\heroes of the storm\versions\base62212\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{8B4F09D1-7D4D-43FC-A4A9-62BCBCD110C0}D:\battle.net\heroes of the storm\versions\base62212\heroesofthestorm_x64.exe] => (Allow) D:\battle.net\heroes of the storm\versions\base62212\heroesofthestorm_x64.exe

==================== Restore Points =========================

21-02-2018 11:19:17 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/21/2018 02:24:35 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x8007007B
Command-line arguments:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=7476d79f-8e48-49b4-ab63-4d0b813a16e4;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (02/21/2018 02:24:22 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x8007007B
Command-line arguments:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=7476d79f-8e48-49b4-ab63-4d0b813a16e4;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (02/21/2018 01:15:37 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program firefox.exe version 58.0.2.6611 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 13d8

Start Time: 01d3ab4f7dc1094a

Termination Time: 15

Application Path: C:\Program Files\Mozilla Firefox\firefox.exe

Report Id: f7312a30-1743-11e8-9c19-d050992796d2

Faulting package full name:

Faulting package-relative application ID:

Error: (02/21/2018 12:13:28 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x8007007B
Command-line arguments:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=7476d79f-8e48-49b4-ab63-4d0b813a16e4;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (02/21/2018 12:13:25 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x8007007B
Command-line arguments:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=7476d79f-8e48-49b4-ab63-4d0b813a16e4;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (02/21/2018 11:49:08 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x8007007B
Command-line arguments:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=7476d79f-8e48-49b4-ab63-4d0b813a16e4;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (02/21/2018 11:37:20 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x8007007B
Command-line arguments:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=7476d79f-8e48-49b4-ab63-4d0b813a16e4;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (02/21/2018 11:19:23 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.


System errors:
=============
Error: (02/21/2018 11:39:07 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Application Experience Service service failed to start due to the following error:
The system cannot find the file specified.

Error: (02/21/2018 11:09:02 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Application Experience Service service failed to start due to the following error:
The system cannot find the file specified.

Error: (02/21/2018 11:06:20 AM) (Source: DCOM) (EventID: 10005) (User: BRANDON)
Description: DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server:
{9E175B68-F52A-11D8-B9A5-505054503030}

Error: (02/21/2018 11:06:20 AM) (Source: DCOM) (EventID: 10005) (User: BRANDON)
Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server:
{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (02/21/2018 11:06:12 AM) (Source: DCOM) (EventID: 10005) (User: BRANDON)
Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server:
{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (02/21/2018 11:06:07 AM) (Source: DCOM) (EventID: 10005) (User: BRANDON)
Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server:
{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (02/21/2018 11:04:02 AM) (Source: DCOM) (EventID: 10005) (User: BRANDON)
Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server:
{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (02/21/2018 11:03:13 AM) (Source: DCOM) (EventID: 10005) (User: BRANDON)
Description: DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server:
{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}


Windows Defender:
===================================
Date: 2018-02-14 08:07:46.929
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {1DE17333-A328-462A-8C93-352BE5BA4CB0}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2018-02-07 07:31:13.460
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {D4A0A778-5B64-4222-9BCF-C9FF2E818573}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2018-01-27 13:16:10.798
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {60342B86-4FFF-4BA5-9CAF-8203108C328F}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2018-01-25 16:22:48.740
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {604229D5-FE4B-4B43-996E-CCEDEFC46AF6}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2018-01-24 19:16:13.674
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {EFD4E7AF-B77B-41B4-9A85-AE017A2F6AF8}
Scan Type: Antimalware
Scan Parameters: Quick Scan

==================== Memory info ===========================

Processor: Intel® Core™ i5-4690K CPU @ 3.50GHz
Percentage of memory in use: 14%
Total physical RAM: 12239.39 MB
Available physical RAM: 10489.98 MB
Total Virtual: 13007.39 MB
Available Virtual: 10699.94 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:97.14 GB) (Free:20.05 GB) NTFS
Drive d: (New Volume) (Fixed) (Total:833.86 GB) (Free:507.77 GB) NTFS

\\?\Volume{f6e786b6-3baa-499d-ae51-7ca321b84183}\ (Recovery) (Fixed) (Total:0.29 GB) (Free:0.06 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 7D8D11A2)

Partition: GPT.

==================== End of Addition.txt ============================


Edited by Gandolf1, 21 February 2018 - 06:34 PM.


BC AdBot (Login to Remove)

 


#2 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,444 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:11:32 PM

Posted 21 February 2018 - 07:12 PM

Hi

Welcome :)

I'll be helping you with your computer.

Please read this post completely before beginning. If there's anything that you do not understand, please don't hesitate to ask before proceeding.

Please take note of the guidelines for this fix:

  • Please note that I am a volunteer. I do have a family, a career, and other endeavors that may prevent immediate responses that meet your schedule. Do note that the differences in time zones could present a problem as well. Your patience and understanding will be greatly appreciated.
  • First of all, the procedures we are about to perform are specific to your problem and should only be used on this specific computer.
  • Do not make any changes to your computer that include installing/uninstalling programs, deleting files, modifying the registry, nor running scanners or tools of any kind unless specifically requested by me.
  • Please read ALL instructions carefully and perform the steps fully and in the order they are written.
  • If things appear to be better, let me know. Just because the symptoms no longer exist as before, does not mean that you are clean.
  • Continue to read and follow my instructions until I tell you that your machine is clean.
  • If you have any questions at all, please do not hesitate to ask before performing the task that I ask of you, and please wait for my reply before you proceed.
  • Scanning with programs and reading the logs do take a fair amount of time. Again, your patience will be necessary. :)

Let's begin... :)
 

  • Highlight the entire content of the quote box below.

Start::  
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
GroupPolicy: Restriction <==== ATTENTION
2018-02-20 18:40 - 2018-02-20 18:40 - 000024576 _____ (1010 Vine Street) C:\Users\DoggoBrandle\AppData\Local\Temp\capi.exe
2018-02-20 18:45 - 2018-02-20 18:45 - 000020480 _____ () C:\Users\DoggoBrandle\AppData\Local\Temp\cubesta.exe
2018-02-20 18:47 - 2018-02-20 18:47 - 001527488 _____ (Microsoft Corporation) C:\Users\DoggoBrandle\AppData\Local\Temp\dbghelp.dll
2018-01-20 15:48 - 2018-01-20 15:48 - 033012904 _____ (ArenaNet) C:\Users\DoggoBrandle\AppData\Local\Temp\Gw2.exe
2018-02-20 18:40 - 2018-02-20 18:40 - 004426136 _____ (Indigo Rose Corporation) C:\Users\DoggoBrandle\AppData\Local\Temp\ing.exe
2018-02-20 18:46 - 2018-02-20 18:46 - 003276750 _____ () C:\Users\DoggoBrandle\AppData\Local\Temp\OneSystemCare.exe
2018-02-20 18:46 - 2018-02-20 18:46 - 000412672 _____ () C:\Users\DoggoBrandle\AppData\Local\Temp\setup.exe
2018-02-19 07:39 - 2010-04-07 06:07 - 000607800 ____R (HP) C:\Users\DoggoBrandle\AppData\Local\Temp\siinst.exe
2018-02-19 07:39 - 2010-04-06 14:41 - 000270336 ____R (HP) C:\Users\DoggoBrandle\AppData\Local\Temp\strings.dll
2018-02-20 18:47 - 2018-02-20 18:47 - 000167616 _____ (Microsoft Corporation) C:\Users\DoggoBrandle\AppData\Local\Temp\symsrv.dll
2018-02-20 18:40 - 2018-02-20 18:40 - 001464832 _____ () C:\Users\DoggoBrandle\AppData\Local\Temp\XvidCodecInstaller.exe
AlternateDataStreams: C:\Users\DoggoBrandle\AppData\Local\Temp:$DATA? [16]

2018-02-20 18:47 - 2018-02-20 18:47 - 000556032 _____ () C:\ProgramData\MicrosoftUpd.exe
2018-02-20 18:46 - 2018-02-20 18:46 - 000000001 _____ () C:\Users\DoggoBrandle\AppData\Roaming\check.txt
2018-01-02 15:54 - 2018-01-02 15:54 - 000000000 _____ () C:\Users\DoggoBrandle\AppData\Roaming\FC29FA0894FE.ini
2018-02-20 18:46 - 2018-02-20 18:46 - 018514008 _____ (                                                            ) C:\Users\DoggoBrandle\AppData\Roaming\mysetup.exe
2017-12-30 20:01 - 2017-12-30 20:01 - 000000000 _____ () C:\Users\DoggoBrandle\AppData\Local\Driver_LOM_8161Present.flag
2018-02-20 18:46 - 2018-02-20 18:46 - 000140800 _____ () C:\Users\DoggoBrandle\AppData\Local\installer.dat
2018-02-20 18:32 - 2018-02-20 18:32 - 000000218 _____ () C:\Users\DoggoBrandle\AppData\Local\recently-used.xbel
2018-02-20 18:47 - 2018-02-20 18:47 - 000278507 _____ () C:\Users\DoggoBrandle\AppData\Local\StatKix.bin

C:\Users\DoggoBrandle\AppData\Local\pcdikzh

C:\Windows\SysWOW64\pskhmrz
2018-02-20 18:42 - 2018-02-20 18:42 - 000000000 ____D C:\Windows\system32\pskhmrz

C:\Users\DoggoBrandle\AppData\Local\restgnh
2018-02-20 18:43 - 2018-02-21 08:45 - 000000000 ____D C:\Users\DoggoBrandle\AppData\Local\sbskmvp
CMD: fltmc instances
Folder: C:\Windows\System32\Drivers
Reg: Reg query "HKLM\SYSTEM\Select"
HOSTS:
Removeproxy:
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: ipconfig /flushdns
CMD: netsh winsock reset catalog
CMD: netsh int ip reset C:\resettcpip.txt
CMD: FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i"
CMD: Bitsadmin /Reset /Allusers
EMPTYTEMP:
Reboot:
End::

  • Right click on the highlighted text and select Copy.
  • Start FRST (FRST64) with Administrator privileges
  • Press the Fix button. FRST will process the lines copied above from the clipboard.
  • When finished, a log file (Fixlog.txt) will pop up and saved in the same location the tool was ran from.

Please copy and paste its contents in your next reply.

Download AdwCleaner from here. Save the file to the desktop.

NOTE: If you are using IE 8 or above you may get a warning that stops the program from downloading. Just click on the warning and allow the download to complete.

Close all open windows and browsers.

  • XP users: Double click the AdwCleaner icon to start the program.
  • Vista/7/8/10 users: Right click the AdwCleaner icon on the desktop, click Run as administrator and accept the UAC prompt to run AdwCleaner.
    You will see the following console:

65MBhLLb.png


  • Click the Scan button and wait for the scan to finish.
  • After the Scan has finished the window may or may not show what it found and above, in the progress bar, you will see: Pending. Please uncheck elements you don't want to remove.
  • Click the Clean button.
  • Everything checked will be moved to Quarantine.
  • When the program has finished cleaning a report appears.Once done it will ask to reboot, allow this

adwcleaner_delete_restart.jpg


  • On reboot a log will be produced please copy / paste that in your next reply. This report is also saved to C:\AdwCleaner\AdwCleaner[C0].txt

 


No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#3 Gandolf1

Gandolf1
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:08:32 PM

Posted 21 February 2018 - 07:53 PM

Hello J,

  Thank you for the swift reply!   below is the fix log:

Also ADW scan showed: no problems, log attached after Farbar Fix Log.

 

 

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 21.02.2018
Ran by DoggoBrandle (21-02-2018 17:42:42) Run:1
Running from D:\Downloads
Loaded Profiles: DoggoBrandle (Available Profiles: DoggoBrandle)
Boot Mode: Normal
==============================================

fixlist content:
*****************
 
    HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
    GroupPolicy: Restriction <==== ATTENTION
    2018-02-20 18:40 - 2018-02-20 18:40 - 000024576 _____ (1010 Vine Street) C:\Users\DoggoBrandle\AppData\Local\Temp\capi.exe
    2018-02-20 18:45 - 2018-02-20 18:45 - 000020480 _____ () C:\Users\DoggoBrandle\AppData\Local\Temp\cubesta.exe
    2018-02-20 18:47 - 2018-02-20 18:47 - 001527488 _____ (Microsoft Corporation) C:\Users\DoggoBrandle\AppData\Local\Temp\dbghelp.dll
    2018-01-20 15:48 - 2018-01-20 15:48 - 033012904 _____ (ArenaNet) C:\Users\DoggoBrandle\AppData\Local\Temp\Gw2.exe
    2018-02-20 18:40 - 2018-02-20 18:40 - 004426136 _____ (Indigo Rose Corporation) C:\Users\DoggoBrandle\AppData\Local\Temp\ing.exe
    2018-02-20 18:46 - 2018-02-20 18:46 - 003276750 _____ () C:\Users\DoggoBrandle\AppData\Local\Temp\OneSystemCare.exe
    2018-02-20 18:46 - 2018-02-20 18:46 - 000412672 _____ () C:\Users\DoggoBrandle\AppData\Local\Temp\setup.exe
    2018-02-19 07:39 - 2010-04-07 06:07 - 000607800 ____R (HP) C:\Users\DoggoBrandle\AppData\Local\Temp\siinst.exe
    2018-02-19 07:39 - 2010-04-06 14:41 - 000270336 ____R (HP) C:\Users\DoggoBrandle\AppData\Local\Temp\strings.dll
    2018-02-20 18:47 - 2018-02-20 18:47 - 000167616 _____ (Microsoft Corporation) C:\Users\DoggoBrandle\AppData\Local\Temp\symsrv.dll
    2018-02-20 18:40 - 2018-02-20 18:40 - 001464832 _____ () C:\Users\DoggoBrandle\AppData\Local\Temp\XvidCodecInstaller.exe
    AlternateDataStreams: C:\Users\DoggoBrandle\AppData\Local\Temp:$DATA? [16]
    2018-02-20 18:47 - 2018-02-20 18:47 - 000556032 _____ () C:\ProgramData\MicrosoftUpd.exe
    2018-02-20 18:46 - 2018-02-20 18:46 - 000000001 _____ () C:\Users\DoggoBrandle\AppData\Roaming\check.txt
    2018-01-02 15:54 - 2018-01-02 15:54 - 000000000 _____ () C:\Users\DoggoBrandle\AppData\Roaming\FC29FA0894FE.ini
    2018-02-20 18:46 - 2018-02-20 18:46 - 018514008 _____ (                                                            ) C:\Users\DoggoBrandle\AppData\Roaming\mysetup.exe
    2017-12-30 20:01 - 2017-12-30 20:01 - 000000000 _____ () C:\Users\DoggoBrandle\AppData\Local\Driver_LOM_8161Present.flag
    2018-02-20 18:46 - 2018-02-20 18:46 - 000140800 _____ () C:\Users\DoggoBrandle\AppData\Local\installer.dat
    2018-02-20 18:32 - 2018-02-20 18:32 - 000000218 _____ () C:\Users\DoggoBrandle\AppData\Local\recently-used.xbel
    2018-02-20 18:47 - 2018-02-20 18:47 - 000278507 _____ () C:\Users\DoggoBrandle\AppData\Local\StatKix.bin
    C:\Users\DoggoBrandle\AppData\Local\pcdikzh
    C:\Windows\SysWOW64\pskhmrz
    2018-02-20 18:42 - 2018-02-20 18:42 - 000000000 ____D C:\Windows\system32\pskhmrz
    C:\Users\DoggoBrandle\AppData\Local\restgnh
    2018-02-20 18:43 - 2018-02-21 08:45 - 000000000 ____D C:\Users\DoggoBrandle\AppData\Local\sbskmvp
    CMD: fltmc instances
    Folder: C:\Windows\System32\Drivers
    Reg: Reg query "HKLM\SYSTEM\Select"
    HOSTS:
    Removeproxy:
    CMD: netsh advfirewall reset
    CMD: netsh advfirewall set allprofiles state ON
    CMD: ipconfig /flushdns
    CMD: netsh winsock reset catalog
    CMD: netsh int ip reset C:\resettcpip.txt
    CMD: FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i"
    CMD: Bitsadmin /Reset /Allusers
    EMPTYTEMP:
    Reboot:
    
*****************

"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender" => removed successfully
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\Users\DoggoBrandle\AppData\Local\Temp\capi.exe => moved successfully
C:\Users\DoggoBrandle\AppData\Local\Temp\cubesta.exe => moved successfully
C:\Users\DoggoBrandle\AppData\Local\Temp\dbghelp.dll => moved successfully
C:\Users\DoggoBrandle\AppData\Local\Temp\Gw2.exe => moved successfully
C:\Users\DoggoBrandle\AppData\Local\Temp\ing.exe => moved successfully
C:\Users\DoggoBrandle\AppData\Local\Temp\OneSystemCare.exe => moved successfully
C:\Users\DoggoBrandle\AppData\Local\Temp\setup.exe => moved successfully
C:\Users\DoggoBrandle\AppData\Local\Temp\siinst.exe => moved successfully
C:\Users\DoggoBrandle\AppData\Local\Temp\strings.dll => moved successfully
C:\Users\DoggoBrandle\AppData\Local\Temp\symsrv.dll => moved successfully
C:\Users\DoggoBrandle\AppData\Local\Temp\XvidCodecInstaller.exe => moved successfully
C:\Users\DoggoBrandle\AppData\Local\Temp => ":$DATA?" ADS could not remove.
C:\ProgramData\MicrosoftUpd.exe => moved successfully
C:\Users\DoggoBrandle\AppData\Roaming\check.txt => moved successfully
C:\Users\DoggoBrandle\AppData\Roaming\FC29FA0894FE.ini => moved successfully
C:\Users\DoggoBrandle\AppData\Roaming\mysetup.exe => moved successfully
C:\Users\DoggoBrandle\AppData\Local\Driver_LOM_8161Present.flag => moved successfully
C:\Users\DoggoBrandle\AppData\Local\installer.dat => moved successfully
C:\Users\DoggoBrandle\AppData\Local\recently-used.xbel => moved successfully
C:\Users\DoggoBrandle\AppData\Local\StatKix.bin => moved successfully
C:\Users\DoggoBrandle\AppData\Local\pcdikzh => moved successfully
C:\Windows\SysWOW64\pskhmrz => moved successfully
C:\Windows\system32\pskhmrz => moved successfully
C:\Users\DoggoBrandle\AppData\Local\restgnh => moved successfully
C:\Users\DoggoBrandle\AppData\Local\sbskmvp => moved successfully

========= fltmc instances =========

Filter                Volume Name                              Altitude        Instance Name       Frame   SprtFtrs  VlStatus
--------------------  -------------------------------------  ------------  ----------------------  -----   --------  --------
FileInfo                                                         45000     FileInfo                  0     00000003  
FileInfo              \Device\HarddiskVolume2                    45000     FileInfo                  0     00000003  
FileInfo              C:                                         45000     FileInfo                  0     00000003  
FileInfo              D:                                         45000     FileInfo                  0     00000003  
FileInfo              \Device\HarddiskVolumeShadowCopy1          45000     FileInfo                  0     00000003  
FileInfo              \Device\Mup                                45000     FileInfo                  0     00000003  
ZAM                                                              80681     ZAMDefaultFilter          0     00000000  
ZAM                   \Device\HarddiskVolume2                    80681     ZAMDefaultFilter          0     00000000  
ZAM                   C:                                         80681     ZAMDefaultFilter          0     00000000  
ZAM                   D:                                         80681     ZAMDefaultFilter          0     00000000  
ZAM                   \Device\HarddiskVolumeShadowCopy1          80681     ZAMDefaultFilter          0     00000000  
ZAM                   \Device\Mup                                80681     ZAMDefaultFilter          0     00000000  
luafv                 C:                                        135000     luafv                     0     00000003  
npsvctrig             \Device\NamedPipe                          46000     npsvctrig                 0     00000000  

========= End of CMD: =========


========================= Folder: C:\Windows\System32\Drivers ========================

2013-08-22 04:38 - 2013-08-22 04:38 - 000231424 ___AC [E1832BD9FD7E0FC2DC9FA5935DE3E8C1] (Microsoft Corporation) C:\Windows\System32\Drivers\1394ohci.sys
2013-08-21 23:57 - 2013-08-22 05:43 - 000108896 ____A [AD508A1A46EC21B740AB31C28EFDFDB1] (LSI) C:\Windows\System32\Drivers\3ware.sys
2018-01-03 10:26 - 2014-10-06 23:44 - 000533824 ___AC [E796AE43DDD1844281DB4D57294D17C0] (Microsoft Corporation) C:\Windows\System32\Drivers\acpi.sys
2013-08-22 04:37 - 2013-08-22 05:49 - 000079712 ____A [AC8279D229398BCF05C3154ADCA86813] (Microsoft Corporation) C:\Windows\System32\Drivers\acpiex.sys
2013-08-22 04:39 - 2013-08-22 04:38 - 000010240 ___AC [A8970D9BF23CD309E0403978A1B58F3F] (Microsoft Corporation) C:\Windows\System32\Drivers\acpipagr.sys
2013-08-22 04:39 - 2013-08-22 04:38 - 000012288 ___AC [111A89C99C5B4F1A7BCE5F643DD86F65] (Microsoft Corporation) C:\Windows\System32\Drivers\acpipmi.sys
2013-08-22 04:39 - 2013-08-22 04:38 - 000010752 ___AC [5758387D68A20AE7D3245011B07E36E7] (Microsoft Corporation) C:\Windows\System32\Drivers\acpitime.sys
2013-08-22 00:01 - 2013-08-22 05:43 - 000782176 ____A [7C1FDF1B48298CBA7CE4BDD4978951AD] (PMC-Sierra) C:\Windows\System32\Drivers\adp80xx.sys
2018-01-18 21:40 - 2018-01-01 22:38 - 000559616 ____A [2CD583BC31DBAAF0F180D8B32F6D261F] (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys
2018-01-03 10:30 - 2016-07-07 15:32 - 000095744 ____A [D5ECE7E7F349EB3C4B152AFF3577280D] (Microsoft Corporation) C:\Windows\System32\Drivers\agilevpn.sys
2013-08-22 04:39 - 2013-08-22 05:43 - 000062304 ___AC [7DFAEBA9AD62D20102B576D5CAC45EC8] (Microsoft Corporation) C:\Windows\System32\Drivers\AGP440.sys
2018-01-03 10:27 - 2014-12-11 17:51 - 000075776 ____A [F0CB6DB513CAC393D04A0FCE0A59E1BF] (Microsoft Corporation) C:\Windows\System32\Drivers\ahcache.sys
2013-08-22 01:46 - 2013-08-22 01:46 - 000095744 ___AC [7589DE749DB6F71A68489DCE04158729] (Microsoft Corporation) C:\Windows\System32\Drivers\amdk8.sys
2013-08-22 01:46 - 2013-08-22 01:46 - 000098816 ___AC [B46D2D89AFF8A9490FA8C98C7A5616E3] (Microsoft Corporation) C:\Windows\System32\Drivers\amdppm.sys
2013-08-22 00:01 - 2013-08-22 05:43 - 000079200 ____A [D2BF2F94A47D332814910FD47C6BBCD2] (Advanced Micro Devices) C:\Windows\System32\Drivers\amdsata.sys
2013-08-21 23:57 - 2013-08-22 05:43 - 000259424 ____A [A8E04943C7BBA7219AA50400272C3C6E] (AMD Technologies Inc.) C:\Windows\System32\Drivers\amdsbs.sys
2013-08-22 00:01 - 2013-08-22 05:43 - 000025952 ____A [CEA5F4F27CFC08E3A44D576811B35F50] (Advanced Micro Devices) C:\Windows\System32\Drivers\amdxata.sys
2018-02-21 11:18 - 2017-12-01 20:04 - 000082944 ____A [5A65CED67889CBDBC807791E530C0F1E] (Microsoft Corporation) C:\Windows\System32\Drivers\appid.sys
2013-08-22 00:01 - 2013-08-22 05:43 - 000114016 ____A [65045784366F7EC5FB4E71BCF923187B] (PMC-Sierra, Inc.) C:\Windows\System32\Drivers\arcsas.sys
2013-08-22 04:39 - 2013-08-22 04:38 - 000026624 ____A [3DB7721F06BC2FEDB25029EA23AB27DA] (Microsoft Corporation) C:\Windows\System32\Drivers\asyncmac.sys
2013-08-22 05:22 - 2013-08-22 05:43 - 000026464 ___AC [74B14192CF79A72F7536B27CB8814FBD] (Microsoft Corporation) C:\Windows\System32\Drivers\atapi.sys
2013-08-22 05:22 - 2013-08-22 05:43 - 000199520 ___AC [38E1F4E0148A24C65D215F14D57B0711] (Microsoft Corporation) C:\Windows\System32\Drivers\ataport.sys
2013-08-22 04:39 - 2013-08-22 04:39 - 000050688 ___AC [8CC7F7E4AFCBA605921B137ED7992C68] (Microsoft Corporation) C:\Windows\System32\Drivers\BasicDisplay.sys
2018-01-03 10:30 - 2017-11-08 08:55 - 000032256 ___AC [BF002CF6CA41491665F7D3DCA51B7EFB] (Microsoft Corporation) C:\Windows\System32\Drivers\BasicRender.sys
2013-08-22 04:40 - 2013-08-22 05:49 - 000035168 ___AC [99387C515F80270F097F6DD9B5315649] (Microsoft Corporation) C:\Windows\System32\Drivers\battc.sys
2013-08-21 23:57 - 2013-08-12 16:25 - 000017624 ____A [C1ABB0F7E3BEA48A0417BDF6FF14AB21] (Windows ® Win 7 DDK provider) C:\Windows\System32\Drivers\bcmfn2.sys
2013-08-22 04:40 - 2013-08-22 04:40 - 000007680 ____A [EC19013E4CF87609534165DF897274D6] (Microsoft Corporation) C:\Windows\System32\Drivers\beep.sys
2018-01-03 10:30 - 2016-10-04 13:39 - 000101376 ____A [4938A9236300A356F97E378491EE4844] (Microsoft Corporation) C:\Windows\System32\Drivers\bowser.sys
2018-01-03 10:25 - 2014-10-28 19:45 - 000115712 ____A [F3C060444777A59FC63D920719E43CCD] (Microsoft Corporation) C:\Windows\System32\Drivers\bridge.sys
2018-01-01 00:07 - 2013-11-23 00:13 - 000019456 ___AC [1C89EF529DB7DCA98E801EFDCC8437DE] (Microsoft Corporation) C:\Windows\System32\Drivers\BtaMPM.sys
2013-08-22 04:38 - 2013-08-22 04:38 - 000036992 ___AC [A8F23D453A424FF4DE04989C4727ECC7] (Microsoft Corporation) C:\Windows\System32\Drivers\BthAvrcpTg.sys
2018-01-03 10:25 - 2014-10-28 19:46 - 000057856 ___AC [67343511D80BF3D6D9EEDB5BA8D0B06B] (Microsoft Corporation) C:\Windows\System32\Drivers\bthhfenum.sys
2013-08-22 04:38 - 2013-08-22 04:38 - 000030720 ___AC [71FE2A48E4C93DDB9798C024880B6C07] (Microsoft Corporation) C:\Windows\System32\Drivers\BthhfHid.sys
2013-08-22 04:36 - 2013-08-22 04:36 - 000063488 ____A [07E33226AD218A2A162662A05CAFB52F] (Microsoft Corporation) C:\Windows\System32\Drivers\bthmodem.sys
2015-11-20 17:35 - 2015-11-20 17:35 - 000147528 ____A [1B29BED0A85F33A3A470297AE261B405] (Rivet Networks, LLC.) C:\Windows\System32\Drivers\bwcW8x64.sys
2013-08-21 23:57 - 2013-08-22 05:43 - 000531296 ____A [A4A73F631FE2AA2826FBE4A399B04DEF] (Broadcom Corporation) C:\Windows\System32\Drivers\bxvbda.sys
2013-08-22 04:40 - 2013-08-22 04:40 - 000088576 ____A [2FA6510E33F7DEFEC03658B74101A9B9] (Microsoft Corporation) C:\Windows\System32\Drivers\cdfs.sys
2018-02-21 11:18 - 2017-12-05 08:24 - 000165376 ____A [D61EDE3D49B04E703AEC3B111C763F42] (Microsoft Corporation) C:\Windows\System32\Drivers\cdrom.sys
2013-08-22 04:38 - 2013-08-22 04:38 - 000044032 ___AC [BE9936EDD3267FAAFF94A7835867F00B] (Microsoft Corporation) C:\Windows\System32\Drivers\circlass.sys
2018-01-03 10:25 - 2014-10-15 01:32 - 000337728 ____A [2787A73C848128C950385CB3A63A6B91] (Microsoft Corporation) C:\Windows\System32\Drivers\Classpnp.sys
2018-02-21 11:18 - 2018-01-12 14:42 - 000376664 ____A [CCAB2A390FF4929F86AFA1F02520A981] (Microsoft Corporation) C:\Windows\System32\Drivers\clfs.sys
2013-08-22 04:39 - 2013-08-22 04:39 - 000025472 ___AC [EF6EF85DADC3184A10D8F2F7159973CB] (Microsoft Corporation) C:\Windows\System32\Drivers\CmBatt.sys
2018-01-03 10:30 - 2016-10-10 11:18 - 000022360 ____A [53517BC5BC4DD8B1FC860300A193E992] (Microsoft Corporation) C:\Windows\System32\Drivers\cmimcext.sys
2018-01-18 21:40 - 2018-01-02 00:56 - 000567656 ____A [136D2C32FA5E49AF93D4B37D8055F230] (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys
2013-08-22 04:39 - 2013-08-22 04:38 - 000036352 ___AC [03AAED827C36F35D70900558B8274905] (Microsoft Corporation) C:\Windows\System32\Drivers\CompositeBus.sys
2013-08-22 06:25 - 2013-08-22 06:25 - 000043008 ____A [A1FF7DFBFBE164CF92603C651D304DD2] (Microsoft Corporation) C:\Windows\System32\Drivers\condrv.sys
2013-08-22 04:40 - 2013-08-22 05:43 - 000068960 ____A [FA47B0AA255B7CF4519E995C6404AE22] (Microsoft Corporation) C:\Windows\System32\Drivers\crashdmp.sys
2018-01-03 10:30 - 2017-01-21 12:22 - 000559104 ____A [4C23917A28A50F59588EEF109ECDCBA4] (Microsoft Corporation) C:\Windows\System32\Drivers\csc.sys
2013-08-22 04:39 - 2013-08-22 05:50 - 000057696 ____A [315BA4BC19316D72B2E037534E048B93] (Microsoft Corporation) C:\Windows\System32\Drivers\dam.sys
2018-01-18 21:40 - 2018-01-01 22:38 - 000138752 ____A [D1049D4D1311D43F6FCF180CAA5BF78B] (Microsoft Corporation) C:\Windows\System32\Drivers\dfsc.sys
2018-01-03 10:30 - 2017-07-07 20:14 - 000100184 ___AC [BF6D8575DDF30384939B2D5251F27C1F] (Microsoft Corporation) C:\Windows\System32\Drivers\disk.sys
2013-08-22 04:40 - 2013-08-22 05:43 - 000036192 ____A [224C2CB37497472C345CB2A02DF11363] (Microsoft Corporation) C:\Windows\System32\Drivers\Diskdump.sys
2013-08-22 04:40 - 2013-08-22 04:40 - 000013312 ____A [407B4FC1AEE5C19AC2ED7118CBB271E9] (Microsoft Corporation) C:\Windows\System32\Drivers\Dmpusbstor.sys
2013-08-22 04:37 - 2013-08-22 04:37 - 000029696 ____A [EB70A894708D1BC176AFD690FF06085F] (Microsoft Corporation) C:\Windows\System32\Drivers\dmvsc.sys
2018-01-03 10:25 - 2014-10-28 19:47 - 000089088 ____A [F00B189ECA74DDF408AD934ADDC72477] (Microsoft Corporation) C:\Windows\System32\Drivers\drmk.sys
2018-01-03 10:26 - 2014-10-28 20:58 - 000014528 ____A [00C594D5A1DBD22AD8B2902B9F6EFF94] (Microsoft Corporation) C:\Windows\System32\Drivers\drmkaud.sys
2013-08-22 04:39 - 2013-08-22 05:39 - 000033632 ____A [05F5C162881BE293956C60456EDB0092] (Microsoft Corporation) C:\Windows\System32\Drivers\Dumpata.sys
2018-01-18 21:40 - 2016-06-18 13:06 - 000072408 ____A [C5196B53CA2F8FC637D20DEC386CFBE2] (Microsoft Corporation) C:\Windows\System32\Drivers\dumpfve.sys
2018-01-03 10:16 - 2014-10-12 19:43 - 000153920 ___AC [B02118A776C368F7EE1A8CC81378D265] (Microsoft Corporation) C:\Windows\System32\Drivers\dumpsd.sys
2018-01-03 10:30 - 2017-10-14 06:04 - 001548624 ____A [670E7F15CEEA22C34CED8F4D0EC161BF] (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
2018-01-03 10:30 - 2017-04-09 15:00 - 000388448 ____A [0711E11DF676BC41B641ED31F9772517] (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms1.sys
2015-09-03 09:46 - 2015-09-03 09:46 - 000157752 ____A [7F82B592EB7C093002DBF8EC847EF5D9] (Qualcomm Atheros, Inc.) C:\Windows\System32\Drivers\e22w8x64.sys
2013-08-22 04:38 - 2013-08-22 05:43 - 000082784 ____A [43531A5993380CC5113242C29D265FD9] (Microsoft Corporation) C:\Windows\System32\Drivers\EhStorClass.sys
2013-08-22 04:37 - 2013-08-22 05:43 - 000114016 ___AC [6F8E738A9505A388B1157FDDE7B3101B] (Microsoft Corporation) C:\Windows\System32\Drivers\EhStorTcgDrv.sys
2013-08-22 04:38 - 2013-08-22 04:38 - 000010240 ___AC [DFFFAE1442BA4076E18EED5E406FA0D3] (Microsoft Corporation) C:\Windows\System32\Drivers\errdev.sys
2013-08-21 23:57 - 2013-08-22 05:43 - 003357024 ____A [114BCFDF367FF37C3F1B0A96AF542E4D] (Broadcom Corporation) C:\Windows\System32\Drivers\evbda.sys
2013-08-22 04:40 - 2013-08-22 04:40 - 000200704 ____A [7729D294A555C7AEB281ED8E4D0E01E4] (Microsoft Corporation) C:\Windows\System32\Drivers\exfat.sys
2013-08-22 04:40 - 2013-08-22 05:49 - 000217952 ____A [7C4E0D5900B2A1D11EDD626D6DDB937B] (Microsoft Corporation) C:\Windows\System32\Drivers\fastfat.sys
2013-08-22 04:40 - 2013-08-22 04:40 - 000030720 ___AC [5D8402613E778B3BD45E687A8372710B] (Microsoft Corporation) C:\Windows\System32\Drivers\fdc.sys
2018-01-01 00:38 - 2014-02-22 09:00 - 000079192 ____A [BCFD8B149B3ADF92D0DB1E909CAF0265] (Microsoft Corporation) C:\Windows\System32\Drivers\fileinfo.sys
2013-08-22 04:39 - 2013-08-22 04:39 - 000034816 ____A [A1A66C4FDAFD6B0289523232AFB7D8AF] (Microsoft Corporation) C:\Windows\System32\Drivers\filetrace.sys
2013-08-22 04:40 - 2013-08-22 04:40 - 000025088 ___AC [BE743083CF7063C486A4398E3AEFE59A] (Microsoft Corporation) C:\Windows\System32\Drivers\flpydisk.sys
2018-01-18 21:40 - 2018-01-01 23:39 - 000354648 ____A [E8F02B7A595B9E7F0A38BDB1C40C60A5] (Microsoft Corporation) C:\Windows\System32\Drivers\fltMgr.sys
2013-08-22 06:25 - 2013-08-22 06:25 - 000030048 ____A [09F460AFEDCA03F3BF6E07D1CCC9AC42] (Microsoft Corporation) C:\Windows\System32\Drivers\fs_rec.sys
2018-01-03 10:25 - 2014-10-15 01:32 - 000061248 ____A [A7C31B168F371E8E6796219F23E354DB] (Microsoft Corporation) C:\Windows\System32\Drivers\fsdepends.sys
2018-01-18 21:40 - 2018-01-02 01:00 - 000590680 ____A [B25A3FD917CB8F77CA5A70861D84671A] (Microsoft Corporation) C:\Windows\System32\Drivers\fvevol.sys
2018-01-03 10:30 - 2017-06-06 21:25 - 000428888 ____A [2AA78D58E9EEA2D2F04CC3EB6817B0D4] (Microsoft Corporation) C:\Windows\System32\Drivers\FWPKCLNT.SYS
2013-08-22 01:46 - 2013-08-22 01:46 - 000027136 ___AC [9591D0B9351ED489EAFD9D1CE52A8015] (Microsoft Corporation) C:\Windows\System32\Drivers\fxppm.sys
2013-08-22 04:39 - 2013-08-22 05:43 - 000065888 ____A [FC3EF65EE20D39F8749C2218DBA681CA] (Microsoft Corporation) C:\Windows\System32\Drivers\GAGP30KX.SYS
2013-08-22 00:51 - 2013-06-18 07:41 - 003440660 ____A [7F29903CB8F5590D52DB0C9F97049A25] () C:\Windows\System32\Drivers\gm.dls
2013-08-22 00:51 - 2013-06-18 07:41 - 000000646 ____A [7111BFA692A22E4B3C07F1E6C6FF6F72] () C:\Windows\System32\Drivers\gmreadme.txt
2018-01-03 10:25 - 2014-07-24 04:45 - 000076800 ___AC [D4B7ED39C7900384D9E5C1283F1E7926] (Microsoft Corporation) C:\Windows\System32\Drivers\hdaudbus.sys
2013-08-22 04:38 - 2013-08-22 04:38 - 000395776 ___AC [56F69F7C25FB67C970997D7066DBC593] (Microsoft Corporation) C:\Windows\System32\Drivers\HdAudio.sys
2013-08-22 04:39 - 2013-08-22 04:39 - 000026624 ___AC [10A70BC1871CD955D85CD88372724906] (Microsoft Corporation) C:\Windows\System32\Drivers\hidbatt.sys
2013-08-22 04:38 - 2013-08-22 04:38 - 000096768 ___AC [1EA1B4FABB8CC348E73CA90DBA22E104] (Microsoft Corporation) C:\Windows\System32\Drivers\hidbth.sys
2018-02-21 11:18 - 2016-05-13 16:08 - 000111616 ____A [177D76B32D417537FAADFF90237A508B] (Microsoft Corporation) C:\Windows\System32\Drivers\hidclass.sys
2013-08-22 04:37 - 2013-08-22 04:37 - 000041472 ___AC [C241A8BAFBBFC90176EA0F5240EACC17] (Microsoft Corporation) C:\Windows\System32\Drivers\hidi2c.sys
2013-08-22 04:39 - 2013-08-22 04:39 - 000045568 ____A [9BDDEE26255421017E161CCB9D5EDA95] (Microsoft Corporation) C:\Windows\System32\Drivers\hidir.sys
2018-02-21 11:18 - 2018-01-11 11:19 - 000032384 ____A [EA838162788113182037FEB164584943] (Microsoft Corporation) C:\Windows\System32\Drivers\hidparse.sys
2018-02-21 11:18 - 2016-05-13 16:08 - 000032768 ____A [49676FEC898AB2A11B157F848269A56E] (Microsoft Corporation) C:\Windows\System32\Drivers\hidusb.sys
2013-08-21 23:57 - 2013-08-22 05:43 - 000064352 ____A [A6AACEA4C785789BDA5912AD1FEDA80D] (Hewlett-Packard Company) C:\Windows\System32\Drivers\HpSAMD.sys
2018-01-18 21:40 - 2018-01-01 23:35 - 000989528 ____A [E45EB7AE6C890F2C8DE8F160AC641C8A] (Microsoft Corporation) C:\Windows\System32\Drivers\http.sys
2013-08-22 04:40 - 2013-08-22 05:39 - 000024416 ____A [90656C0B3864804B090434EFC582404F] (Microsoft Corporation) C:\Windows\System32\Drivers\hwpolicy.sys
2013-08-22 04:37 - 2013-08-22 04:37 - 000013824 ____A [6D6F9E3BF0484967E52F7E846BFF1CA1] (Microsoft Corporation) C:\Windows\System32\Drivers\hyperkbd.sys
2013-08-22 04:39 - 2013-08-22 04:39 - 000022016 ____A [907C870F8C31F8DDD6F090857B46AB25] (Microsoft Corporation) C:\Windows\System32\Drivers\HyperVideo.sys
2018-01-03 10:25 - 2014-10-06 20:29 - 000107520 ___AC [D887446F3F6051C60C26F4FD1FC8D43F] (Microsoft Corporation) C:\Windows\System32\Drivers\i8042prt.sys
2013-08-21 23:57 - 2013-07-30 11:47 - 000024568 ____A [5D90E32E36CE5D4C535D17CE08AEAF05] (Intel Corporation) C:\Windows\System32\Drivers\iaLPSSi_GPIO.sys
2013-08-21 23:57 - 2013-07-25 12:05 - 000099320 ____A [DD05E7E80F52ADE9AEB292819920F32C] (Intel Corporation) C:\Windows\System32\Drivers\iaLPSSi_I2C.sys
2013-08-22 00:01 - 2013-08-09 17:39 - 000651248 ____A [08BFE413B0B4AA8DFA4B5684CE06D3DC] (Intel Corporation) C:\Windows\System32\Drivers\iaStorAV.sys
2013-08-22 00:01 - 2013-08-22 05:43 - 000412000 ____A [A2200C3033FA4EF249FC096A7A7D02A2] (Intel Corporation) C:\Windows\System32\Drivers\iaStorV.sys
2013-08-22 05:22 - 2013-08-22 05:43 - 000018272 ____A [4E448FCFFD00E8D657CD9E48D3E47157] (Microsoft Corporation) C:\Windows\System32\Drivers\intelide.sys
2015-06-24 02:02 - 2015-06-24 02:02 - 000018720 ____A [DFBC2F1F7E348E1C193D445FE9ADFCB2] (Intel Corporation) C:\Windows\System32\Drivers\IntelMEFWVer.dll
2018-01-03 10:16 - 2014-10-12 19:43 - 000039744 ___AC [A770340FC02B999EF0DE6C2A6BC8437C] (Microsoft Corporation) C:\Windows\System32\Drivers\intelpep.sys
2013-08-22 01:46 - 2013-08-22 01:46 - 000098816 ___AC [47E74A8E53C7C24DCE38311E1451C1D9] (Microsoft Corporation) C:\Windows\System32\Drivers\intelppm.sys
2013-08-22 04:35 - 2013-08-22 04:35 - 000084992 ____A [9DB76D7F9E4E53EFE5DD8C53DE837514] (Microsoft Corporation) C:\Windows\System32\Drivers\ipfltdrv.sys
2018-01-03 10:25 - 2014-07-24 04:46 - 000079872 ____A [9C096BF5E10CA8BFA56F32522A89FAF1] (Microsoft Corporation) C:\Windows\System32\Drivers\IPMIDrv.sys
2018-01-01 00:07 - 2013-11-27 05:02 - 000142848 ____A [B7342B3C58E91107F6E946A93D9D4EFD] (Microsoft Corporation) C:\Windows\System32\Drivers\ipnat.sys
2013-08-22 04:37 - 2013-08-22 04:37 - 000118784 ____A [D826F4874A372FAE2F42478E0975EA02] (Microsoft Corporation) C:\Windows\System32\Drivers\irda.sys
2013-08-22 04:38 - 2013-08-22 04:38 - 000017920 ____A [AE44C526AB5F8A487D941CEB57B10C97] (Microsoft Corporation) C:\Windows\System32\Drivers\irenum.sys
2013-08-22 04:40 - 2013-08-22 05:43 - 000021856 ___AC [8AFEEA3955AA43616A60F133B1D25F21] (Microsoft Corporation) C:\Windows\System32\Drivers\isapnp.sys
2016-07-26 14:48 - 2016-07-26 14:48 - 000047008 ____A [1ECC1A421B0AEBF9A6934451FBFD7848] () C:\Windows\System32\Drivers\ISCTD64.sys
2018-01-03 10:25 - 2014-10-06 23:54 - 000059712 ___AC [A1D4D34A56DF1D5122CDB265038A2E72] (Microsoft Corporation) C:\Windows\System32\Drivers\kbdclass.sys
2018-01-03 10:25 - 2014-10-06 20:29 - 000032256 ___AC [4A34D7084B862A92F3ABC4969166B3D3] (Microsoft Corporation) C:\Windows\System32\Drivers\kbdhid.sys
2013-08-22 12:12 - 2013-08-22 12:12 - 000022272 ____A [DB7A09BC90DF20F44F16F8B0F9ED3491] (Microsoft Corporation) C:\Windows\System32\Drivers\kbldfltr.sys
2013-08-22 04:38 - 2013-08-22 04:38 - 000019456 ___AC [813871C7D402A05F2E3A7075F9584A05] (Microsoft Corporation) C:\Windows\System32\Drivers\kdnic.sys
2018-01-03 10:25 - 2014-07-04 05:59 - 000295424 ____A [1DD05F4857C2188744B9E864658949DD] (Microsoft Corporation) C:\Windows\System32\Drivers\ks.sys
2018-01-03 10:16 - 2016-08-22 09:06 - 000100184 ____A [304DA394D958BC3B62AF6DF514005B01] (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys
2018-01-03 10:16 - 2016-05-18 16:16 - 000178016 ____A [3D4AE520CD6F6FFE549DD195C1F515BE] (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
2013-08-22 04:39 - 2013-08-22 04:39 - 000021248 ____A [11AFB527AA370B1DAFD5C36F35F6D45F] (Microsoft Corporation) C:\Windows\System32\Drivers\ksthunk.sys
2013-08-22 04:36 - 2013-08-22 04:36 - 000059392 ____A [C09010B3680860131631F53E8FE7BAD8] (Microsoft Corporation) C:\Windows\System32\Drivers\lltdio.sys
2013-08-21 23:57 - 2013-08-22 05:43 - 000109408 ____A [C755AE4635457AA2A11F79C0DF857ABC] (LSI Corporation) C:\Windows\System32\Drivers\lsi_sas.sys
2013-08-21 23:57 - 2013-08-22 05:43 - 000093536 ____A [ADAC09CBE7A2040B7F68B5E5C9A75141] (LSI Corporation) C:\Windows\System32\Drivers\lsi_sas2.sys
2013-08-21 23:57 - 2013-08-22 05:43 - 000081760 ____A [04D1274BB9BBCCF12BD12374002AA191] (LSI Corporation) C:\Windows\System32\Drivers\lsi_sas3.sys
2013-08-21 23:57 - 2013-08-22 05:43 - 000082784 ____A [327469EEF3833D0C584B7E88A76AEC0C] (LSI Corporation) C:\Windows\System32\Drivers\lsi_sss.sys
2018-01-03 10:30 - 2017-10-10 09:36 - 000124416 ____A [B0AF753AF28303BB69C67BD85F06FFC9] (Microsoft Corporation) C:\Windows\System32\Drivers\luafv.sys
2018-02-21 11:59 - 2017-11-29 09:11 - 000077432 ____A [680AF1647150CF9B061FF40E71C7396A] () C:\Windows\System32\Drivers\mbae64.sys
2018-02-21 17:04 - 2018-02-21 17:04 - 000253880 ____A [B047B9CE5A0D800E6D713B43D0405221] (Malwarebytes) C:\Windows\System32\Drivers\mbamswissarmy.sys
2013-08-22 04:39 - 2013-08-22 04:39 - 000022016 ____A [C895E3FAE8628EAA4ADE0F52862CA575] (Microsoft Corporation) C:\Windows\System32\Drivers\mcd.sys
2013-08-21 23:57 - 2013-08-22 05:43 - 000056672 ____A [EB5C03A070F30D64A6DF80E53B22F53F] (LSI Corporation) C:\Windows\System32\Drivers\megasas.sys
2013-08-21 23:57 - 2013-08-22 05:43 - 000575840 ____A [F6F13533196DE7A582D422B0241E4363] (LSI Corporation, Inc.) C:\Windows\System32\Drivers\megasr.sys
2013-08-22 04:40 - 2013-08-22 04:40 - 000040960 ____A [8B38C44F69259987C95135C9627E2378] (Microsoft Corporation) C:\Windows\System32\Drivers\modem.sys
2013-08-22 04:36 - 2013-08-22 04:36 - 000030208 ___AC [601589000CC90F0DF8DA2CC254A3CCC9] (Microsoft Corporation) C:\Windows\System32\Drivers\monitor.sys
2018-01-03 10:25 - 2014-10-06 23:54 - 000051008 ___AC [2A2F8D5284E59815169A88F1FC9CEE28] (Microsoft Corporation) C:\Windows\System32\Drivers\mouclass.sys
2018-01-03 10:25 - 2014-10-06 20:29 - 000030208 ___AC [91223A2AE2955B3E0DA3DB79C3A897A6] (Microsoft Corporation) C:\Windows\System32\Drivers\mouhid.sys
2018-01-03 10:30 - 2017-05-10 11:19 - 000101720 ____A [E5E8665272EBCD87A0A632314F0D221D] (Microsoft Corporation) C:\Windows\System32\Drivers\mountmgr.sys
2018-01-03 10:25 - 2014-10-28 19:45 - 000074240 ____A [6FC047578785B0435F4E2660946D1ADC] (Microsoft Corporation) C:\Windows\System32\Drivers\mpsdrv.sys
2018-01-03 10:30 - 2016-09-08 07:00 - 000140800 ____A [3F818C1518DA702C8F10259095C9BDE0] (Microsoft Corporation) C:\Windows\System32\Drivers\mrxdav.sys
2018-02-21 11:18 - 2018-01-08 23:18 - 000401920 ____A [466CC6D831D880426820449EE363686E] (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb.sys
2018-01-03 10:30 - 2017-09-07 14:32 - 000285184 ____A [AFE6DC2E57E876175BA074AD2CB5594F] (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb10.sys
2018-01-03 10:30 - 2017-02-01 12:44 - 000201728 ____A [B37B58F9F80A51098C42663D5FA5F2BA] (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb20.sys
2013-08-22 06:25 - 2013-08-22 06:25 - 000030208 ____A [D13329FBF8345B28AB30F44CC247DC08] (Microsoft Corporation) C:\Windows\System32\Drivers\msfs.sys
2013-08-22 04:39 - 2013-06-18 07:52 - 000000003 ____A [933222B19FF3E7EA5F65517EA1F7D57E] () C:\Windows\System32\Drivers\MsftWdf_Kernel_01013_Inbox_Critical.Wdf
2013-08-22 04:49 - 2013-06-18 08:20 - 000000003 ____A [933222B19FF3E7EA5F65517EA1F7D57E] () C:\Windows\System32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2018-01-03 10:25 - 2014-08-14 17:36 - 000146752 ____A [8DF1254093B5C354CE725EB6B9B0DE19] (Microsoft Corporation) C:\Windows\System32\Drivers\msgpioclx.sys
2013-08-22 04:38 - 2013-08-22 05:43 - 000041824 ___AC [C6B474E46F9E543B875981ED3FFE6ADD] (Microsoft Corporation) C:\Windows\System32\Drivers\msgpiowin32.sys
2013-08-22 04:39 - 2013-08-22 04:39 - 000008192 ____A [65C92EB9D08DB5C69F28C7FFD4E84E31] (Microsoft Corporation) C:\Windows\System32\Drivers\mshidkmdf.sys
2013-08-22 04:39 - 2013-08-22 04:39 - 000009728 ____A [52299F086AC2DAFD100DD5DC4A8614BA] (Microsoft Corporation) C:\Windows\System32\Drivers\mshidumdf.sys
2013-08-22 04:39 - 2013-08-22 05:43 - 000017248 ___AC [36D92AF3343C3A3E57FEF11C449AEA4C] (Microsoft Corporation) C:\Windows\System32\Drivers\msisadrv.sys
2018-02-21 11:18 - 2017-12-15 05:23 - 000276312 ____A [25A878547BB010C640BB47680D40AF6B] (Microsoft Corporation) C:\Windows\System32\Drivers\msiscsi.sys
2013-08-22 04:39 - 2013-08-22 04:39 - 000010624 ____A [A9BBBD2BAE6142253B9195E949AC2E8D] (Microsoft Corporation) C:\Windows\System32\Drivers\mskssrv.sys
2018-01-03 10:25 - 2014-10-28 19:45 - 000066560 ____A [51B3AC0560848CD6D65AC2033E293113] (Microsoft Corporation) C:\Windows\System32\Drivers\mslldp.sys
2013-08-22 04:39 - 2013-08-22 04:39 - 000007040 ____A [7B2128EB875DCBC006E6A913211006D6] (Microsoft Corporation) C:\Windows\System32\Drivers\mspclock.sys
2013-08-22 04:39 - 2013-08-22 04:39 - 000006784 ____A [1E88171579B218115C7A772F8DE04BD8] (Microsoft Corporation) C:\Windows\System32\Drivers\mspqm.sys
2013-08-22 06:25 - 2013-08-22 06:25 - 000366432 ____A [BBE2A455053E63BECBF42C2F9B21FAE0] (Microsoft Corporation) C:\Windows\System32\Drivers\msrpc.sys
2013-08-22 04:39 - 2013-08-22 05:49 - 000037728 ___AC [8D6B7D515C5CBCDB75B928A0B73C3C5E] (Microsoft Corporation) C:\Windows\System32\Drivers\mssmbios.sys
2013-08-22 04:38 - 2013-08-22 04:38 - 000007936 ____A [115019AE01E0EB9C048530D2928AB4A2] (Microsoft Corporation) C:\Windows\System32\Drivers\mstee.sys
2013-08-22 04:37 - 2013-08-22 04:37 - 000013312 ___AC [96D604A35070360F0DD4A7A8AF410B5E] (Microsoft Corporation) C:\Windows\System32\Drivers\MTConfig.sys
2013-08-22 04:40 - 2013-08-22 05:49 - 000078688 ____A [619CA29326B82372621DB2C0964D8365] (Microsoft Corporation) C:\Windows\System32\Drivers\mup.sys
2013-08-21 23:57 - 2013-08-22 05:43 - 000063840 ____A [B8C35C94DCB2DFEAF03BB42131F2F77F] (Marvell Semiconductor, Inc.) C:\Windows\System32\Drivers\mvumis.sys
2018-02-19 07:41 - 2010-03-05 16:41 - 000020480 ____A [8FA52B6049596FE2FDBC8A5E8B14EBFC] (Marvell Semiconductor, Inc.) C:\Windows\System32\Drivers\mvusbews.sys
2018-01-03 10:30 - 2017-01-18 19:18 - 001113944 ____A [FFAA6C6E798FBA448FA7628A1B277F5C] (Microsoft Corporation) C:\Windows\System32\Drivers\ndis.sys
2018-01-03 10:25 - 2014-10-28 19:46 - 000043008 ____A [8CECC8DA55F3274181FD1EA28AD76664] (Microsoft Corporation) C:\Windows\System32\Drivers\ndiscap.sys
2018-01-03 10:25 - 2014-10-28 19:45 - 000126464 ____A [269882812E9A68FFF1AFE1283D428322] (Microsoft Corporation) C:\Windows\System32\Drivers\NdisImPlatform.sys
2018-01-18 21:40 - 2014-11-07 21:00 - 000024576 ____A [DC1D9F692C2AD84C214584C28501C1F7] (Microsoft Corporation) C:\Windows\System32\Drivers\ndistapi.sys
2013-08-22 04:37 - 2013-08-22 04:37 - 000060416 ____A [B832B35055BA2B7B4181861FF94D8E59] (Microsoft Corporation) C:\Windows\System32\Drivers\ndisuio.sys
2013-08-22 04:36 - 2013-08-22 04:36 - 000016384 ____A [1F58E48EF75F34C35D8E93A0DC535CFE] (Microsoft Corporation) C:\Windows\System32\Drivers\NdisVirtualBus.sys
2013-08-22 04:35 - 2013-08-22 04:35 - 000220672 ____A [DEC29080202D4F9F17F55E18BCFCC41A] (Microsoft Corporation) C:\Windows\System32\Drivers\ndiswan.sys
2018-01-18 21:40 - 2018-01-01 22:39 - 000072192 ____A [4F5178EEF4CC259F0A8CF56C2F16ADDB] (Microsoft Corporation) C:\Windows\System32\Drivers\ndproxy.sys
2018-01-03 10:25 - 2014-10-28 19:45 - 000103424 ____A [3083926D1CC5B56EA0786527B557DD1B] (Microsoft Corporation) C:\Windows\System32\Drivers\Ndu.sys
2018-01-18 21:40 - 2018-01-01 22:39 - 000048128 ____A [AD6A78E25BBC916354753A500C4E73C8] (Microsoft Corporation) C:\Windows\System32\Drivers\netbios.sys
2018-01-03 10:30 - 2017-08-10 20:27 - 000281600 ____A [0FE750800DEEE91D22399D081371BA79] (Microsoft Corporation) C:\Windows\System32\Drivers\netbt.sys
2018-01-03 10:30 - 2017-05-31 14:20 - 000470360 ____A [D8BBF2E779040E5BCBA68E08A9F52734] (Microsoft Corporation) C:\Windows\System32\Drivers\netio.sys
2018-01-03 10:25 - 2014-10-28 19:46 - 000087040 ____A [D4DCE03870314D3354F3501F9DDD4123] (Microsoft Corporation) C:\Windows\System32\Drivers\netvsc63.sys
2013-08-22 06:25 - 2013-08-22 06:25 - 000058880 ____A [8F44A2F57C9F1A19AC9C6288C10FB351] (Microsoft Corporation) C:\Windows\System32\Drivers\npfs.sys
2013-08-22 04:38 - 2013-08-22 04:38 - 000023040 ___AC [CBDB4F0871C88DF930FC0E8588CA67FC] (Microsoft Corporation) C:\Windows\System32\Drivers\npsvctrig.sys
2018-01-03 10:30 - 2017-08-13 10:19 - 000040960 ____A [018510D88536798852DAE12F9BA6E138] (Microsoft Corporation) C:\Windows\System32\Drivers\nsiproxy.sys
2018-01-18 21:40 - 2018-01-01 23:39 - 002013016 ____A [EE9B628D84DE372953A6D30AAB02DBD6] (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys
2013-08-22 06:25 - 2013-08-22 06:25 - 000005632 ____A [EF1B290FC9F0E47CC0B537292BEE5904] (Microsoft Corporation) C:\Windows\System32\Drivers\null.sys
2013-08-22 04:39 - 2013-08-22 05:43 - 000124768 ____A [6934A936A7369DFE37B7DBA93F5E5E49] (Microsoft Corporation) C:\Windows\System32\Drivers\NV_AGP.SYS
2017-12-30 20:13 - 2017-12-15 17:21 - 000225208 ____A [6DD0B2337F74336EB1F83C3866538F9B] (NVIDIA Corporation) C:\Windows\System32\Drivers\nvhda64v.sys
2017-12-30 20:13 - 2017-12-15 17:21 - 016854840 ____A [81AAC25D5AF2948D54EC05FDF782510E] (NVIDIA Corporation) C:\Windows\System32\Drivers\nvlddmkm.sys
2013-08-22 00:01 - 2013-08-22 05:43 - 000150368 ____A [BC6B5942AFF25EBAF62DE43C3807EDF8] (NVIDIA Corporation) C:\Windows\System32\Drivers\nvraid.sys
2013-08-22 00:01 - 2013-08-22 05:43 - 000168288 ____A [1F43ABFFAC3D6CA356851D517392966E] (NVIDIA Corporation) C:\Windows\System32\Drivers\nvstor.sys
2017-12-30 20:13 - 2017-12-15 17:21 - 000050624 ____A [CC96143828750E44313B9412694FE0E0] (NVIDIA Corporation) C:\Windows\System32\Drivers\nvvad64v.sys
2017-12-30 20:13 - 2017-12-15 17:21 - 000057792 ____A [7ED39FCEB91F0F93897349A4748699EA] (NVIDIA Corporation) C:\Windows\System32\Drivers\nvvhci.sys
2018-01-18 21:40 - 2018-01-01 22:38 - 000445952 ____A [F3A70F2C79D91B7C95F78E959DEDAD0E] (Microsoft Corporation) C:\Windows\System32\Drivers\nwifi.sys
2018-01-18 21:40 - 2018-01-01 22:38 - 000151040 ____A [DEF4D00D1E55B1E29138A1541D0B82D3] (Microsoft Corporation) C:\Windows\System32\Drivers\pacer.sys
2018-01-03 10:30 - 2016-08-11 11:33 - 000096256 ___AC [57DCE4FB0467986AE78E1C6FC5240D32] (Microsoft Corporation) C:\Windows\System32\Drivers\parport.sys
2018-01-03 10:25 - 2014-10-15 01:32 - 000088896 ____A [BAFF6122CFC9F95CA175AD8C348179A4] (Microsoft Corporation) C:\Windows\System32\Drivers\partmgr.sys
2018-01-03 10:25 - 2014-07-24 08:28 - 000280384 ___AC [91ED124E261EA8FAA1C0FFDF2A71B0C4] (Microsoft Corporation) C:\Windows\System32\Drivers\pci.sys
2013-08-22 05:22 - 2013-08-22 05:43 - 000014688 ___AC [346E38FCC6859A727DD28AFAD1F0AFF4] (Microsoft Corporation) C:\Windows\System32\Drivers\pciide.sys
2013-08-22 05:22 - 2013-08-22 05:43 - 000048992 ___AC [5D4D6146346B82EB3CA4EE0C5573193C] (Microsoft Corporation) C:\Windows\System32\Drivers\pciidex.sys
2013-08-22 04:40 - 2013-08-22 05:49 - 000114528 ___AC [4D3BDCC1C7B40C9D7B6AD990E6DEC397] (Microsoft Corporation) C:\Windows\System32\Drivers\pcmcia.sys
2013-08-22 01:46 - 2013-08-22 05:39 - 000050016 ____A [BF28771D1436C88BE1D297D3098B0F7D] (Microsoft Corporation) C:\Windows\System32\Drivers\pcw.sys
2018-01-03 10:30 - 2017-07-07 20:16 - 000086360 ____A [E6B3ACBA06BAF48594557FCCBFA66FD2] (Microsoft Corporation) C:\Windows\System32\Drivers\pdc.sys
2018-01-01 00:37 - 2014-02-22 05:09 - 000663040 ____A [0ECEE590F2E2EF969FB74A6FC583A1E6] (Microsoft Corporation) C:\Windows\System32\Drivers\PEAuth.sys
2018-01-03 10:28 - 2014-10-28 19:46 - 000272384 ___AC [C76097CA941FA7CAFEDB1E557969025C] (Microsoft Corporation) C:\Windows\System32\Drivers\portcls.sys
2013-08-22 01:46 - 2013-08-22 01:46 - 000092160 ___AC [ECD373F9571C745894367CC2635EA44F] (Microsoft Corporation) C:\Windows\System32\Drivers\processr.sys
2018-01-03 10:25 - 2014-10-28 19:47 - 000047104 ____A [83868EB2924E6BC21A54337C65D614D1] (Microsoft Corporation) C:\Windows\System32\Drivers\qwavedrv.sys
2018-01-03 10:25 - 2014-10-28 19:48 - 000017408 ____A [B337B1F1E82A83E20A1743E008E25C0F] (Microsoft Corporation) C:\Windows\System32\Drivers\rasacd.sys
2013-08-22 04:35 - 2013-08-22 04:35 - 000120832 ____A [BBB6272B7F46C4640A8CDB8A70C3450F] (Microsoft Corporation) C:\Windows\System32\Drivers\rasl2tp.sys
2013-08-22 04:36 - 2013-08-22 04:36 - 000084992 ____A [5247F308C4103CDC4FE12AE1D235800A] (Microsoft Corporation) C:\Windows\System32\Drivers\raspppoe.sys
2013-08-22 04:35 - 2013-08-22 04:35 - 000107520 ____A [E075CC071022BD4E9BE7C024717C0E0A] (Microsoft Corporation) C:\Windows\System32\Drivers\raspptp.sys
2018-01-03 10:25 - 2014-10-28 19:45 - 000093696 ____A [41F631007A158FEBB67F0E2AD1601BBA] (Microsoft Corporation) C:\Windows\System32\Drivers\rassstp.sys
2018-01-18 21:40 - 2018-01-01 22:39 - 000402432 ____A [3560C2D5A5DAC09BF81F5C5CD0029192] (Microsoft Corporation) C:\Windows\System32\Drivers\rdbss.sys
2013-08-22 04:39 - 2013-08-22 04:38 - 000022528 ___AC [6B21EBF892CD8CACB71669B35AB5DE32] (Microsoft Corporation) C:\Windows\System32\Drivers\rdpbus.sys
2013-08-22 12:12 - 2013-08-22 12:12 - 000195584 ____A [680C1DAE268B6FB67FA21B389A8B79EF] (Microsoft Corporation) C:\Windows\System32\Drivers\rdpdr.sys
2018-01-03 10:25 - 2014-10-28 20:56 - 000027456 ____A [BC8A79C625568DDB7DCA49D0C2741A64] (Microsoft Corporation) C:\Windows\System32\Drivers\rdpvideominiport.sys
2018-01-18 21:40 - 2018-01-02 01:00 - 000242520 ____A [468F9F3886DD3320357ECDBFF838DBBF] (Microsoft Corporation) C:\Windows\System32\Drivers\rdyboost.sys
2018-01-03 10:30 - 2016-10-12 14:11 - 000922968 ____A [2D39BCFA4DD1081B8F282B623456B858] (Microsoft Corporation) C:\Windows\System32\Drivers\refs.sys
2018-01-03 10:30 - 2015-11-05 01:59 - 000145408 ____A [A7D51169CA28B0AA9B5DE2B7EFB5C3C9] (Microsoft Corporation) C:\Windows\System32\Drivers\rmcast.sys
2013-08-22 04:38 - 2013-08-22 04:38 - 000032256 ____A [4A24C61ED665DB4D13B93FACA06350CA] (Microsoft Corporation) C:\Windows\System32\Drivers\RNDISMP.sys
2018-01-03 10:25 - 2014-10-28 19:48 - 000011776 ____A [9746BA79DE0CA5EB5104406A9ED62D01] (Microsoft Corporation) C:\Windows\System32\Drivers\rootmdm.sys
2013-08-22 04:36 - 2013-08-22 04:36 - 000080384 ____A [2D05A5508F4685412F2B89E8C2189ABC] (Microsoft Corporation) C:\Windows\System32\Drivers\rspndr.sys
2017-12-30 21:41 - 2017-12-30 21:13 - 000620273 ____A [DFA16A1C41989C28074E00C40D67C23C] () C:\Windows\System32\Drivers\RTAIODAT.DAT
2017-12-30 21:41 - 2017-12-30 21:13 - 003564376 ____A [E9740A3BC0AE6EA035FF7ECE3A1B27B6] (Realtek Semiconductor Corp.) C:\Windows\System32\Drivers\RTKVHD64.sys
2017-12-30 21:41 - 2017-12-30 21:13 - 005694504 ____A [95DDBF20B9C6A7A85079773494046B7D] () C:\Windows\System32\Drivers\rtvienna.dat
2013-08-22 01:46 - 2013-08-22 05:39 - 000107872 ___AC [C624A1B32211C3166EDB3F4AB02A30B7] (Microsoft Corporation) C:\Windows\System32\Drivers\sbp2port.sys
2018-02-21 11:18 - 2017-12-05 09:56 - 000040960 ____A [DEA731D96816F1F67C32F49E4EF248DD] (Microsoft Corporation) C:\Windows\System32\Drivers\scfilter.sys
2013-08-22 04:39 - 2013-08-22 05:43 - 000170848 ____A [1C4EB3ACEA98CAD8FC7CF50F629FF0C6] (Microsoft Corporation) C:\Windows\System32\Drivers\scsiport.sys
2018-01-03 10:16 - 2014-10-12 19:43 - 000238912 ___AC [7B7C482CF48E6EE33664340D1A78E6FE] (Microsoft Corporation) C:\Windows\System32\Drivers\sdbus.sys
2018-01-01 00:38 - 2014-02-22 08:49 - 000079192 ___AC [0B1E929D11A8E358106955603FAC65E8] (Microsoft Corporation) C:\Windows\System32\Drivers\sdstor.sys
2013-08-22 08:36 - 2013-08-22 08:34 - 000023040 ____A [3EA8A16169C26AFBEB544E0E48421186] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) C:\Windows\System32\Drivers\secdrv.sys
2013-08-22 04:38 - 2013-08-22 05:43 - 000069472 ____A [DB2FF24CE0BDD15FE75870AFE312BA89] (Microsoft Corporation) C:\Windows\System32\Drivers\SerCx.sys
2018-01-01 00:05 - 2013-10-25 18:54 - 000146776 ____A [0044B31F93946D5D41982314381FE431] (Microsoft Corporation) C:\Windows\System32\Drivers\SerCx2.sys
2018-01-03 10:30 - 2016-08-11 11:33 - 000023040 ___AC [1F0135949A6AD6025F363F80FE268251] (Microsoft Corporation) C:\Windows\System32\Drivers\serenum.sys
2018-01-03 10:30 - 2016-08-11 11:33 - 000083456 ___AC [81633C87B42B63BA484A6177179AC750] (Microsoft Corporation) C:\Windows\System32\Drivers\serial.sys
2018-01-03 10:25 - 2014-10-06 20:30 - 000026112 ___AC [96B01F117057FB4DAE0FF919ACB55770] (Microsoft Corporation) C:\Windows\System32\Drivers\sermouse.sys
2013-08-22 04:40 - 2013-08-22 04:40 - 000017408 ___AC [472B7A5AC181C050888DB454663DD764] (Microsoft Corporation) C:\Windows\System32\Drivers\sfloppy.sys
2013-08-22 00:01 - 2013-08-22 05:43 - 000044896 ____A [2F518D13DD6F3053837FE606F1A2EA1F] (Silicon Integrated Systems Corp.) C:\Windows\System32\Drivers\sisraid2.sys
2013-08-22 00:01 - 2013-08-22 05:43 - 000081760 ____A [1AC9A200A9C49C4508F04AAFFCA34A3F] (Silicon Integrated Systems) C:\Windows\System32\Drivers\sisraid4.sys
2013-08-22 04:40 - 2013-08-22 04:40 - 000019968 ____A [8C0773703184485D57975B6C1ED48730] (Microsoft Corporation) C:\Windows\System32\Drivers\smclib.sys
2018-01-03 10:30 - 2017-01-11 10:28 - 000422744 ___AC [F6AF6499C3788105EA7AF1DA27769A77] (Microsoft Corporation) C:\Windows\System32\Drivers\spaceport.sys
2013-08-22 04:38 - 2013-08-22 05:43 - 000072032 ____A [F337BE11071818FC3F5DC2940B6BDE34] (Microsoft Corporation) C:\Windows\System32\Drivers\SpbCx.sys
2018-01-18 21:40 - 2018-01-01 22:38 - 000416256 ____A [CA62440584866C8435AF39E70C8CDDDD] (Microsoft Corporation) C:\Windows\System32\Drivers\srv.sys
2018-02-21 11:18 - 2018-02-02 23:04 - 000686592 ____A [9770D34D1DACA4A9C57D22D64A9E8E09] (Microsoft Corporation) C:\Windows\System32\Drivers\srv2.sys
2018-02-21 11:18 - 2018-02-02 23:03 - 000243712 ____A [B15C5053F127BE389F3980620D475EB0] (Microsoft Corporation) C:\Windows\System32\Drivers\srvnet.sys
2013-08-21 23:57 - 2013-08-22 05:43 - 000031072 ____A [366DEA74BBA65B362BCCFC6FC2ADFD8B] (Promise Technology, Inc.) C:\Windows\System32\Drivers\stexstor.sys
2013-08-22 04:40 - 2013-08-22 05:43 - 000107872 ____A [0ED2E318ABB68C1A35A8B8038BDB4C90] (Microsoft Corporation) C:\Windows\System32\Drivers\storahci.sys
2018-01-03 10:30 - 2017-05-15 15:09 - 000057688 ___AC [1D5A045F59D216448FCDE3A8D69970E2] (Microsoft Corporation) C:\Windows\System32\Drivers\stornvme.sys
2018-01-03 10:30 - 2017-10-05 00:17 - 000380248 ____A [485C591A57553EA3AC7C742E1010DAFC] (Microsoft Corporation) C:\Windows\System32\Drivers\storport.sys
2013-08-22 04:37 - 2013-08-22 05:36 - 000045888 ____A [548759755BC73DAD663250239D7E0B9F] (Microsoft Corporation) C:\Windows\System32\Drivers\storvsc.sys
2018-01-03 10:30 - 2017-01-12 08:03 - 000066560 ____A [B3A905F6E860F1C58264592F8393E322] (Microsoft Corporation) C:\Windows\System32\Drivers\storvsp.sys
2013-08-22 04:39 - 2013-08-22 04:39 - 000067584 ____A [FF184501F8F556147BBBDE571315C137] (Microsoft Corporation) C:\Windows\System32\Drivers\stream.sys
2018-01-03 10:26 - 2014-10-28 20:59 - 000014144 ___AC [65454187E0F8B6C0DCECB0287D06EC43] (Microsoft Corporation) C:\Windows\System32\Drivers\swenum.sys
2017-12-30 19:48 - 2013-08-22 05:40 - 000040664 ____A [3C32FF010F869BC184DF71290477384E] (The OpenVPN Project) C:\Windows\System32\Drivers\tap0901.sys
2013-08-22 04:39 - 2013-08-22 04:39 - 000029696 ____A [B13A57CE2F17B8C789E895E15F115DB0] (Microsoft Corporation) C:\Windows\System32\Drivers\tape.sys
2018-01-03 10:25 - 2014-10-28 21:13 - 000021824 ____A [A57A897E3F87B8E9F30A627C42779A76] (Microsoft Corporation) C:\Windows\System32\Drivers\tbs.sys
2018-02-21 11:18 - 2018-01-12 18:18 - 002452824 ____A [12D04D8C02F16D8D7346A494E524507D] (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2018-01-18 21:40 - 2014-03-06 02:19 - 000049152 ____A [41CF802064F72E55F50CA0A221FD36D4] (Microsoft Corporation) C:\Windows\System32\Drivers\tcpipreg.sys
2013-08-22 06:25 - 2013-08-22 06:25 - 000030208 ____A [3C7361E0A5A6966DB957B94ECF924A9E] (Microsoft Corporation) C:\Windows\System32\Drivers\tdi.sys
2018-01-03 10:30 - 2017-08-01 20:17 - 000107520 ____A [576FA545FAB846B06E79B324160DE25C] (Microsoft Corporation) C:\Windows\System32\Drivers\tdx.sys
2015-06-12 05:54 - 2015-06-12 05:54 - 000183584 ____A [5AC258A5845A72B91C675F44050058B2] (Intel Corporation) C:\Windows\System32\Drivers\TeeDriverW8x64.sys
2013-08-22 12:12 - 2013-08-22 12:12 - 000037216 ___AC [232D185D2337F141311D0CF1983E1431] (Microsoft Corporation) C:\Windows\System32\Drivers\terminpt.sys
2018-01-03 10:30 - 2017-05-15 12:58 - 000121184 ____A [2B45645D0F1E950674CECE5606CF5E4E] (Microsoft Corporation) C:\Windows\System32\Drivers\tm.sys
2013-08-22 04:37 - 2013-08-22 05:49 - 000159584 ___AC [82F909359600D3603FE852DB7F135626] (Microsoft Corporation) C:\Windows\System32\Drivers\tpm.sys
2013-08-22 04:37 - 2013-08-22 04:37 - 000056320 ____A [BF8F54CA37E9C9D6582C31C5761F8C93] (Microsoft Corporation) C:\Windows\System32\Drivers\TsUsbFlt.sys
2018-01-03 10:25 - 2014-10-28 19:46 - 000029696 ___AC [20185BEB7512EDE4EFECDFA148AC9F99] (Microsoft Corporation) C:\Windows\System32\Drivers\TsUsbGD.sys
2013-08-22 04:35 - 2013-08-22 04:35 - 000154112 ____A [C8E0E78B5D284C2FF59BDFFDAF997242] (Microsoft Corporation) C:\Windows\System32\Drivers\tunnel.sys
2013-08-22 04:39 - 2013-08-22 05:43 - 000064864 ____A [F6EEAD052943B5A3104C1405BB856C54] (Microsoft Corporation) C:\Windows\System32\Drivers\UAGP35.SYS
2013-08-22 04:37 - 2013-08-22 05:43 - 000074080 ___AC [FE6067B1FD4E63650C667B33D080565B] (Microsoft Corporation) C:\Windows\System32\Drivers\uaspstor.sys
2018-01-03 10:25 - 2014-10-06 23:54 - 000189248 ___AC [807F8CF3E973305FC435C61CBBEE2A49] (Microsoft Corporation) C:\Windows\System32\Drivers\UCX01000.SYS
2013-08-22 04:40 - 2013-08-22 04:40 - 000316928 ____A [1EC649F112896FAE33250F0B97AC5D0B] (Microsoft Corporation) C:\Windows\System32\Drivers\udfs.sys
2013-08-22 04:40 - 2013-08-22 05:39 - 000026976 ___AC [9578691F297E1B1F519970FE6D47CB21] (Microsoft Corporation) C:\Windows\System32\Drivers\uefi.sys
2013-08-22 04:39 - 2013-08-22 05:43 - 000065888 ____A [5EAB5117DDB24FC4D39E6FFFCF1837B9] (Microsoft Corporation) C:\Windows\System32\Drivers\ULIAGPKX.SYS
2013-08-22 04:39 - 2013-08-22 04:38 - 000046080 ___AC [DA34C39A18E60E7C3FA0630566408034] (Microsoft Corporation) C:\Windows\System32\Drivers\umbus.sys
2013-08-22 04:39 - 2013-08-22 04:38 - 000011776 ___AC [AE8294875E5446E359B1E8035D40C05E] (Microsoft Corporation) C:\Windows\System32\Drivers\umpass.sys
2013-08-22 04:38 - 2013-08-22 04:38 - 000020992 ____A [A5A402FE30B5E0831F4EB6A112104811] (Microsoft Corporation) C:\Windows\System32\Drivers\usb8023.sys
2013-08-22 04:39 - 2013-08-22 04:39 - 000032512 ____A [5D45329A96B1A417DC7F59FDEABC0DDE] (Microsoft Corporation) C:\Windows\System32\Drivers\USBCAMD2.sys
2018-01-03 10:30 - 2017-09-06 16:07 - 000158552 ___AC [621317D14B93CBFBD5694767EFB6B40A] (Microsoft Corporation) C:\Windows\System32\Drivers\usbccgp.sys
2018-01-03 10:25 - 2014-10-28 19:47 - 000098304 ___AC [0139248F6B95CF0D837B5B46A2722D40] (Microsoft Corporation) C:\Windows\System32\Drivers\usbcir.sys
2018-01-03 10:30 - 2015-10-10 23:34 - 000027992 ___AC [9A2B3A98D7982372CA36A823F673EFB8] (Microsoft Corporation) C:\Windows\System32\Drivers\usbd.sys
2018-01-03 10:30 - 2016-01-08 18:38 - 000091992 ___AC [C996CBEF922B5653A01E3F50DDCE2F86] (Microsoft Corporation) C:\Windows\System32\Drivers\usbehci.sys
2018-01-03 10:30 - 2017-09-06 14:17 - 000461144 ___AC [E30B159760053C5A1297D2CD08046CD7] (Microsoft Corporation) C:\Windows\System32\Drivers\usbhub.sys
2018-01-03 10:25 - 2014-10-08 02:24 - 000467776 ___AC [FAA564A13576F9284546BF016D27B551] (Microsoft Corporation) C:\Windows\System32\Drivers\USBHUB3.SYS
2018-01-03 10:30 - 2015-10-10 11:41 - 000030208 ___AC [A0F0484C97D6441ED6A75D7426ECCC9E] (Microsoft Corporation) C:\Windows\System32\Drivers\usbohci.sys
2018-01-03 10:30 - 2017-09-06 14:17 - 000443224 ___AC [735623CABA16621A6892B70A38CB1E5A] (Microsoft Corporation) C:\Windows\System32\Drivers\usbport.sys
2013-08-22 04:36 - 2013-08-22 04:36 - 000026112 ___AC [4D655E3B684BE9B0F7FFD8A2935C348C] (Microsoft Corporation) C:\Windows\System32\Drivers\usbprint.sys
2013-08-22 04:39 - 2013-08-22 04:39 - 000030720 ____A [3431FBFAC156EB7FEF9B936EC2A77AF6] (Microsoft Corporation) C:\Windows\System32\Drivers\usbrpm.sys
2018-01-03 10:15 - 2016-01-31 12:16 - 000148832 ___AC [9D168BFA334D47BE404367EB58D4E130] (Microsoft Corporation) C:\Windows\System32\Drivers\USBSTOR.SYS
2018-01-03 10:30 - 2015-10-10 11:41 - 000037376 ___AC [FC974B03C8B87455F44F734C8F31A3C8] (Microsoft Corporation) C:\Windows\System32\Drivers\usbuhci.sys
2018-01-03 10:25 - 2014-10-06 23:54 - 000324928 ___AC [1A20F03700D2B2ED775E38D751EF2F63] (Microsoft Corporation) C:\Windows\System32\Drivers\USBXHCI.SYS
2013-08-22 04:38 - 2013-08-22 05:37 - 000037728 ___AC [FEB26E3B8345A7E8D62F945C4AE86562] (Microsoft Corporation) C:\Windows\System32\Drivers\vdrvroot.sys
2013-11-19 12:44 - 2013-11-19 12:44 - 000175960 ____A [A026EDEAA5EECAE0B08E2748B616D4BD] (Microsoft Corporation) C:\Windows\System32\Drivers\VerifierExt.sys
2018-01-03 10:30 - 2016-10-09 15:59 - 000551256 ___AC [8ABB4BABF59F092DF0B43778D8FD1884] (Microsoft Corporation) C:\Windows\System32\Drivers\vhdmp.sys
2013-08-22 05:22 - 2013-08-22 05:43 - 000019808 ____A [06D38968028E9AB19DE9B618C7B6D199] (VIA Technologies, Inc.) C:\Windows\System32\Drivers\viaide.sys
2018-01-18 21:40 - 2018-01-01 22:38 - 000220160 ____A [B3E4A4979435A1D68B3F609DDFC3BC6F] (Microsoft Corporation) C:\Windows\System32\Drivers\Vid.sys
2013-08-22 04:39 - 2013-08-22 04:39 - 000049152 ____A [608BD5400EFD2307A5F8DDDC87775734] (Microsoft Corporation) C:\Windows\System32\Drivers\videoprt.sys
2018-01-03 10:25 - 2014-10-28 20:56 - 000089368 ____A [A53E798C06D729CCF8459968B4372F6E] (Microsoft Corporation) C:\Windows\System32\Drivers\vmbkmcl.sys
2018-01-18 21:40 - 2018-01-01 22:39 - 000076800 ____A [515BDB797B74F600805C86CE1E8E697F] (Microsoft Corporation) C:\Windows\System32\Drivers\vmbkmclr.sys
2018-01-03 10:25 - 2014-10-28 20:56 - 000097048 ____A [511AD3FF957A0127E6BD336FF6F89C38] (Microsoft Corporation) C:\Windows\System32\Drivers\vmbus.sys
2013-08-22 04:37 - 2013-08-22 04:37 - 000021760 ____A [DA40BEA0A863CE768C940CA9723BF81F] (Microsoft Corporation) C:\Windows\System32\Drivers\VMBusHID.sys
2018-01-18 21:40 - 2018-01-01 22:38 - 000130048 ____A [E88815D0B7642CBBD240E0AB18004B96] (Microsoft Corporation) C:\Windows\System32\Drivers\vmbusr.sys
2013-08-22 04:38 - 2013-08-22 04:38 - 000011264 ____A [0BF5CAD281E25F1418E5B8875DC5ADD1] (Microsoft Corporation) C:\Windows\System32\Drivers\vmgencounter.sys
2013-08-22 04:38 - 2013-08-22 04:38 - 000007168 ____A [1A063730F221B2746FF00457AE17E4F0] (Microsoft Corporation) C:\Windows\System32\Drivers\vms3cap.sys
2018-01-03 10:25 - 2014-10-28 20:56 - 000049944 ____A [8B9486B64E5FC17FB9CC04CA10B77A34] (Microsoft Corporation) C:\Windows\System32\Drivers\vmstorfl.sys
2018-01-03 10:14 - 2016-04-10 23:21 - 000074584 ___AC [436E1A724E7E683F6B612D3D58F04241] (Microsoft Corporation) C:\Windows\System32\Drivers\volmgr.sys
2018-01-03 10:30 - 2017-07-07 20:46 - 000377688 ____A [7DD4EAE2E680948D9AFF3E1B5234C1D3] (Microsoft Corporation) C:\Windows\System32\Drivers\volmgrx.sys
2018-01-03 10:25 - 2014-06-18 19:13 - 000310080 ___AC [64CA2B4A49A8EAF495E435623ECCE7DB] (Microsoft Corporation) C:\Windows\System32\Drivers\volsnap.sys
2018-01-03 10:25 - 2014-10-06 23:44 - 000069952 ____A [EF31713EE4C7CCFE4049F7E7F15645A2] (Microsoft Corporation) C:\Windows\System32\Drivers\vpci.sys
2018-01-03 10:30 - 2017-08-10 20:27 - 000065536 ____A [25A6BA75D7A1F63399F318213DC85EAC] (Microsoft Corporation) C:\Windows\System32\Drivers\vpcivsp.sys
2013-08-22 00:01 - 2013-08-22 05:43 - 000168800 ____A [4539F45F9F4C9757A86A56C949421E07] (VIA Technologies Inc.,Ltd) C:\Windows\System32\Drivers\vsmraid.sys
2013-08-22 00:01 - 2013-08-22 05:43 - 000305504 ____A [0849B7260F26FE05EA56DED0672E2F4B] (VIA Corporation) C:\Windows\System32\Drivers\VSTXRAID.SYS
2018-01-03 10:30 - 2016-08-12 17:03 - 000024576 ____A [71066FF95C487327E44C8AF1B72EBE8B] (Microsoft Corporation) C:\Windows\System32\Drivers\vwifibus.sys
2018-01-03 10:30 - 2016-08-12 17:02 - 000071680 ____A [29AB43937FFDA0B0FB56984226E698C6] (Microsoft Corporation) C:\Windows\System32\Drivers\vwififlt.sys
2018-01-03 10:30 - 2016-08-12 17:01 - 000038912 ____A [8B8624A93E3F88CB923AEB05B6313227] (Microsoft Corporation) C:\Windows\System32\Drivers\vwifimp.sys
2013-08-22 04:39 - 2013-08-22 04:39 - 000026752 ___AC [0910AB9ED404C1434E2D0376C2AD5D8B] (Microsoft Corporation) C:\Windows\System32\Drivers\wacompen.sys
2018-01-18 21:40 - 2018-01-01 22:37 - 000080384 ____A [FCAFB80B6BB215E908EA1E9F598FEBCB] (Microsoft Corporation) C:\Windows\System32\Drivers\wanarp.sys
2018-01-01 00:37 - 2014-02-22 05:14 - 000054272 ____A [9CC0003FB8ED3763B977B43F1012FF63] (Microsoft Corporation) C:\Windows\System32\Drivers\watchdog.sys
2018-01-03 10:30 - 2017-02-10 07:37 - 000046600 ____A [F2E08D1C067FEFC3A42D21FD4810F1D3] (Microsoft Corporation) C:\Windows\System32\Drivers\WdBoot.sys
2013-08-22 06:25 - 2013-08-22 06:25 - 000839488 ____A [CB6C63FF8342B467E2EF76E98D5B934D] (Microsoft Corporation) C:\Windows\System32\Drivers\Wdf01000.sys
2018-01-03 10:30 - 2017-01-12 09:51 - 000274776 ____A [E234820E6B84ABA5E84E00227F505AE8] (Microsoft Corporation) C:\Windows\System32\Drivers\WdFilter.sys
2013-08-22 06:25 - 2013-08-22 06:25 - 000060224 ____A [42C23552FC0BF2BAB9053BE6E4DC3D13] (Microsoft Corporation) C:\Windows\System32\Drivers\WdfLdr.sys
2018-01-03 10:30 - 2017-01-12 09:51 - 000117592 ____A [A74AD6D80AC26E1B5DD276FC927F2BAC] (Microsoft Corporation) C:\Windows\System32\Drivers\WdNisDrv.sys
2013-08-22 04:40 - 2013-08-22 05:39 - 000038240 ____A [2E0AF5B354ED1BB10314353B6A625B68] (Microsoft Corporation) C:\Windows\System32\Drivers\werkernel.sys
2018-01-18 21:40 - 2018-01-02 00:56 - 000136536 ____A [B3E08E32BD082100928C6BA18AE5E526] (Microsoft Corporation) C:\Windows\System32\Drivers\wfplwfs.sys
2018-01-03 10:25 - 2014-10-28 21:09 - 000033600 ____A [5F66B7BB330AA80067FC66149A692620] (Microsoft Corporation) C:\Windows\System32\Drivers\wimmount.sys
2018-01-03 10:25 - 2014-10-28 20:56 - 000061208 ____A [10A78656BF6126245631705E45F9B9CF] (Microsoft Corporation) C:\Windows\System32\Drivers\winhv.sys
2018-01-03 10:30 - 2017-04-09 13:40 - 000048128 ____A [6AEA666B3EDCBA26C1016370302333FF] (Microsoft Corporation) C:\Windows\System32\Drivers\winhvr.sys
2013-08-22 04:38 - 2013-08-22 04:37 - 000078848 ___AC [AC263C2F66405589528995AA41040599] (Microsoft Corporation) C:\Windows\System32\Drivers\winusb.sys
2013-08-22 04:40 - 2013-08-22 04:40 - 000016384 ___AC [2834D9D3B4F554A39C72F00EA3F0E128] (Microsoft Corporation) C:\Windows\System32\Drivers\wmiacpi.sys
2013-08-22 06:25 - 2013-08-22 06:25 - 000018272 ____A [1FE5DDC32243469E6FA4440C02775A34] (Microsoft Corporation) C:\Windows\System32\Drivers\wmilib.sys
2018-01-03 10:25 - 2014-03-13 05:35 - 000157016 ____A [7FC5667DF73D4B04AA457CC3A4180E09] (Microsoft Corporation) C:\Windows\System32\Drivers\wof.sys
2018-01-03 10:25 - 2014-10-28 20:57 - 000054784 ____A [A2468CC3509394A33C4C32F99563D845] (Microsoft Corporation) C:\Windows\System32\Drivers\wpcfltr.sys
2013-08-22 06:25 - 2013-08-22 06:25 - 000023392 ____A [38CAE0D33091C6F3B542F230E70ED44B] (Microsoft Corporation) C:\Windows\System32\Drivers\WppRecorder.sys
2013-08-22 04:40 - 2013-08-22 04:40 - 000021504 ____A [AE072B0339D0A18E455DC21666CAD572] (Microsoft Corporation) C:\Windows\System32\Drivers\ws2ifsl.sys
2018-01-03 10:25 - 2014-10-28 19:46 - 000113664 ____A [481286719402E4BAEFEA0604AB1B5113] (Microsoft Corporation) C:\Windows\System32\Drivers\WUDFPf.sys
2018-01-03 10:25 - 2014-10-28 19:46 - 000226304 ____A [D7B4859227B02BCC1055B279A63C937F] (Microsoft Corporation) C:\Windows\System32\Drivers\WUDFRd.sys
2018-02-21 08:09 - 2018-02-21 08:09 - 000203680 ____A [21E13F2CB269DEFEAE5E1D09887D47BB] (Zemana Ltd.) C:\Windows\System32\Drivers\zam64.sys
2018-02-21 08:09 - 2018-02-21 08:09 - 000203680 ____A [21E13F2CB269DEFEAE5E1D09887D47BB] (Zemana Ltd.) C:\Windows\System32\Drivers\zamguard64.sys
2013-08-22 12:10 - 2018-01-18 21:52 - 000000000 ____D [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\en-US
2013-08-22 12:09 - 2013-08-22 12:09 - 000011776 ____A [CCA2D0FF42F019AA8D85BF2FB6E15F41] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\1394ohci.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000010240 ____A [B5DA56EFD818F1C893E2107EC968CE05] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\acpi.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000021504 ____A [3606D04BC7E6E305737BEC91CC8A6D0D] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\afd.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000002560 ____A [A6B3942C1A97C929F4670B7B63370FF8] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\AGP440.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000014336 ____A [3B950A7C26EC075CC10D42826A2A4DF8] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\amdk8.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000014336 ____A [BBF7FD5AB839E2AA43D3B0ED9E39A0D0] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\amdppm.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000007168 ____A [CD43E5E2C950394ECD31F48E679FD97B] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\ataport.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000007680 ____A [5FEAB7F5FF9E12200DA263C7C868FDFC] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\battc.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000003584 ____A [2EA0F0337ABE762EB176210C5A0E683C] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\BthA2DP.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000002560 ____A [40FE2A1CCF317A94B5FD56D497E79A13] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\BthAvrcpTg.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000002048 ____A [9E9A08BA6542B63C0231DD321F0030C1] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\bthenum.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000003072 ____A [4B3767CBC898F2B2888AB20C3235D106] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\bthhfenum.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000002048 ____A [0C6D47DDFA425E40ADC00DD502195310] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\BthhfHid.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000012800 ____A [5DC5D6A51716CA7F90CFB74E7C599C8B] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\BthLEEnum.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000003072 ____A [02F4FEF291855F17E1B1E659D8BC221B] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\BthMini.SYS.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000004608 ____A [5433113535C5AAE479DA3A154D9A861C] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\bthpan.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000032768 ____A [5FB5B412D00636CC62BC3066AF8B1229] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\bthport.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000002560 ____A [D755E6687A0EE30DE68DB7A3318C7534] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\BTHUSB.SYS.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000002560 ____A [DB12C55AE25DEA570948972948084FD0] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\cdrom.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000005632 ____A [1F619FB6D31D68F205AE220C3BF206E2] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\disk.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000005632 ____A [D783AC74060F59166C0637C0DB2DCEA0] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\dumpsd.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000008192 ____A [51DF0DF6DB0D673B9C02D54FCAC2CC50] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\EhStorTcgDrv.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000005120 ____A [102577751A4F9B0A571B17404447A38B] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\fltmgr.sys.mui
2018-01-01 00:38 - 2014-02-22 07:56 - 000021504 ____A [926EEDC62C2FCD647BC0D04675EE853E] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\fvevol.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000007680 ____A [71E571A0593B9904BBC95A09C7E5B7A1] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\fwpkclnt.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000002560 ____A [FAC96A2530D79BBE22C2905A6FEDCF46] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\GAGP30KX.SYS.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000004096 ____A [99CD0F950160DEC012C3E557392DD925] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\hdaudbus.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000003072 ____A [747F9203A6DF183606D1CBA3924012FD] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\HdAudio.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000003072 ____A [14AE860A5AEAFC68EB6CF3B16DF98376] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\hidbth.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000006144 ____A [6BDAE5E18E43D55D879A38C17246B11B] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\hidclass.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000003584 ____A [ED627E47A085C7D7046904681C5EDC64] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\hidi2c.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000038400 ____A [2AE5E1E320C912D7ADA1141A791E6B0E] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\http.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000010240 ____A [E4ABFFE744B447B16D7E404DD370EDEF] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\i8042prt.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000014336 ____A [92471F1B99E986EAED0A5A1E39B707A5] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\intelppm.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000006144 ____A [CE20CC9255F7A42651AA98EFB37017DB] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\IPMIDrv.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000004096 ____A [B535EE71D2A9E7F372C6EDA3CC08E5D9] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\ipnat.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000003584 ____A [89F45D27D843BB126CE75506EECAB27E] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\isapnp.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000004608 ____A [A13626BF0E5BE4EC425110ED6398289D] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\kbdclass.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000002560 ____A [70F8E3861137B366290C76CC87DCC7A6] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\kbdhid.sys.mui
2018-01-01 00:38 - 2014-02-22 07:49 - 000002048 ____A [89044CB6A2E99FCD6892CC6F95FA052E] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\ks.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000006656 ____A [589F4B32669697DCC86C87796AB9002A] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\luafv.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000003584 ____A [14C735491D0B03CD54D429DD35BED47A] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\modem.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000004096 ____A [2BDE3CAEF7E91D3EDE75004A70015488] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\mouclass.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000002560 ____A [A375D5A8086D30B50CDBED853D2DDA33] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\mouhid.sys.mui
2018-01-03 10:28 - 2015-07-15 10:15 - 000002560 ____A [4AF392CEEDBEBEB4276A4B846690EDA7] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\mountmgr.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000055296 ____A [D0CE1060C18401B68D3B83C68FB5A4B5] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\mrxsmb.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000002560 ____A [867F15AFDDF027A72DACF055AFA74BB5] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\mshidkmdf.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000002560 ____A [CAE33B50C378B0E89A2F0FA1501B20CC] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\mshidumdf.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000008704 ____A [A1F415FFCBC26FA88C3644AC094F5DB7] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\mslldp.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000003072 ____A [2CFB49C6E6E1EB57545A83D4655C6056] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\mssmbios.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000002560 ____A [C4634B62A436D99F46284D14188D7AB1] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\MTConfig.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000057856 ____A [F450E013F78D0A5F1F17A96CB1233A27] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\ndis.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000005632 ____A [35B1981AFD2DAC97DBE60ED3060CA3B0] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\ndiscap.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000011264 ____A [8C4A2BA8EB99FD7CDF936EB9E696EAE0] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\NdisImPlatform.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000003072 ____A [8105B2BCB7472FE152999DBC1BBC1293] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\ndisuio.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000002560 ____A [9CDF5709BBAAB7058D7E25116962B91E] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\NdisVirtualBus.sys.mui
2018-01-18 21:40 - 2014-02-22 07:42 - 000084992 ____A [0A132F1DD6167033D8942BDE1A9CA978] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\ntfs.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000002560 ____A [9A288DB3E2E4DFF9D50848F918A0D205] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\NV_AGP.SYS.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000014336 ____A [8408E3E07817356E554343A1858C046C] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\nwifi.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000017408 ____A [AAE0D51E60BA789F37E6F10CCDDA3B98] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\pacer.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000003584 ____A [46E64135EC40C997D0A1505F5D25F617] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\parport.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000002560 ____A [5F4FDF4706FB6E2A59DA1FD2273F01F2] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\partmgr.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000008192 ____A [6CDB4C7AE4EA0337A3072F14817C67F4] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\pci.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000004096 ____A [78E7F147FA21050EE167BF2F6F402250] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\pcmcia.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000002048 ____A [A7AC203417A1933936DC1CF897FCEBBB] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\pdc.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000002560 ____A [EAD2F339CE0D4167A7A6310364FCBD39] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\pnpmem.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000004096 ____A [7C2DB6B9CD440A339FE0702F35B377C1] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\portcls.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000014336 ____A [2E16897A12A9CB0B49CA832C290F11A4] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\processr.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000002560 ____A [F3B786F1518B985EB2DF6154D460D6F3] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\qwavedrv.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000005632 ____A [555F9097CDC4EBFAB371523CC6569A5A] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\rdbss.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000002560 ____A [51D107C9434AAB4C7FF006881AA3D684] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\rdpdr.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000008192 ____A [CD7D055498F2CBA489DE234AF2859994] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\refs.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000003072 ____A [CE456D3022A8963259DC2E247DAB4C1F] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\RNDISMP.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000003072 ____A [D05D2E5DAC0E94A098F7C83CA9F0D9FF] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\rndismp6.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000003072 ____A [CE456D3022A8963259DC2E247DAB4C1F] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\rndismpx.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000002560 ____A [E740847276E386D2DB79F83EABFBAB2E] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\scfilter.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000003072 ____A [4B5307E8DF2F798C72E80FD1F77CCCCD] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\scsiport.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000005632 ____A [8BFA30900E037CBE612A30824304AED4] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\sdbus.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000003072 ____A [ABF5E3081386BB6328A0A2609EB05842] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\sdstor.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000003584 ____A [6646B085AFD4E8A457D8D1BA27167C48] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\sercx.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000008704 ____A [9F79EA2950BCF1BFD87EFFB333DDD928] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\sercx2.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000010240 ____A [F5BEC30FE6093C89C0380B617F1D9D7E] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\serial.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000005120 ____A [6E7CBABB993BC0E1ACBEDD2769F133FF] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\sermouse.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000002560 ____A [8FC0CC5F7BF27FB1A293D7EE66FC3C2F] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\serscan.sys.mui
2018-01-03 10:30 - 2016-01-24 07:35 - 000040960 ____A [9144FCF3AD8DAB06127F7AF7D2969AFD] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\spaceport.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000004096 ____A [55DD1A8228C09A259606001D1C60C009] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\spbcx.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000002560 ____A [B19FFEAD517844AAC7DCFF652D900469] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\srv.sys.mui
2018-01-03 10:30 - 2017-05-03 09:04 - 000068096 ____A [EA180252C871E1A4566B2F362A9E7800] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\srv2.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000008192 ____A [7DA60A617A1F2AD846F239F48E894818] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\storvsp.sys.mui
2018-01-03 10:30 - 2016-03-11 08:12 - 000086528 ____A [6FD95912A5A219D79F376A2839567EBC] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\tcpip.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000008192 ____A [38FD7DF71EF1938646FE6BE00A5C51B7] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\tpm.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000003072 ____A [5A9FA86928CC75DD03C0923AD2C39BAF] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\tsusbflt.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000007680 ____A [7A444882987D5D96C18BB5CFBCD2B386] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\tunnel.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000002560 ____A [F038F9F62D356510CEB7EC7453643599] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\UAGP35.SYS.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000012288 ____A [5504447B7B5F3ADD660F51C7CAD2C195] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\UCX01000.SYS.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000002560 ____A [667AF0980B238CE5BE2E8552C7DBCCF4] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\ULIAGPKX.SYS.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000003072 ____A [21B25F46EC3B0D49BB2041333C5B39B0] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\umbus.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000002560 ____A [F1298FD692F5E9C9EAFBE917E0DC500B] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\USBAUDIO.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000003072 ____A [17FA2B0B3DDF42A80EBAB4F44C07D26F] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\usbehci.sys.mui
2018-01-03 10:25 - 2014-07-24 06:41 - 000014336 ____A [1F85505E3AD14BBF433FFF8A1514757D] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\usbhub.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000020480 ____A [F911CF1E512B09123ED2D8634A4E66FA] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\USBHUB3.SYS.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000026112 ____A [D23E6B1CAD00F60CCA8F12E49D3E91C0] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\usbport.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000002048 ____A [B2A62B9ACA3A68AB872EB5638D7E8FCA] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\usbrpm.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000002560 ____A [8532FAE8E484F5B08318013F1532738D] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\USBSTOR.SYS.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000002560 ____A [9925DB33B91939166DAEE12CA7C412A4] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\usbvideo.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000014848 ____A [09A5B9D1965B98C60E01DAF6FED40BFA] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\USBXHCI.SYS.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000005120 ____A [02BD6A9AD41077AA823B399A304EEE44] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\vdrvroot.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000013312 ____A [2028053C56B3A17EEBF75BB96834DAA7] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\vhdmp.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000012288 ____A [0C3B799952EDF13A5E7980B077D831ED] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\Vid.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000060928 ____A [D447181BBE61E6E56801749A30A50D6F] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\vmswitch.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000002560 ____A [427A9E28038A6C0E80646621C6D02BA2] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\volmgrx.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000023552 ____A [7F4A513CB90D51EB39CA955CF0FE23DB] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\volsnap.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000002048 ____A [26E9F6CFBF2DC479ADBC7319D7369296] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\vwifibus.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000004096 ____A [79BFC84AEDA75F27E398394B398EB477] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\wacompen.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000002560 ____A [CA1844B4098F1D6C2520699A7242C5C4] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\wdf01000.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000002560 ____A [BFEE4840A672728A70ABDC452654B37C] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\wfplwfs.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000013824 ____A [096724B4585F818F3E879F579C8AA13C] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\wmbclass.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000002048 ____A [7C0AE658C7BE463B68BEC51E9AEFE203] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\ws2ifsl.sys.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000002560 ____A [61F2D3C5CAB218B914825B23B3E68AAF] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\wudfpf.sys.mui
2013-08-22 06:36 - 2013-08-22 08:36 - 000000000 ____D [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\etc
2013-08-22 06:25 - 2013-08-22 06:25 - 000000824 ____A [3688374325B992DEF12793500307566D] () C:\Windows\System32\Drivers\etc\hosts
2013-08-22 08:36 - 2013-08-22 08:34 - 000003683 ____A [18413B90E1B291EC3E777A845C37CFEE] () C:\Windows\System32\Drivers\etc\lmhosts.sam
2013-08-22 06:25 - 2013-08-22 06:25 - 000000407 ____A [B65A1232FB4B35827CE7C5E2F8EC8947] () C:\Windows\System32\Drivers\etc\networks
2013-08-22 06:25 - 2013-08-22 06:25 - 000001358 ____A [7700D22FA108234E623D65FA72D9E29C] () C:\Windows\System32\Drivers\etc\protocol
2013-08-22 06:25 - 2013-08-22 06:25 - 000017463 ____A [D9E1A01B480D961B7CF0509D597A92D6] () C:\Windows\System32\Drivers\etc\services
2013-08-22 08:33 - 2018-01-03 11:25 - 000000000 ____D [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\UMDF
2018-01-03 10:25 - 2014-10-28 19:29 - 000088576 ___AC [6C2117ABA0F9C6B9238DA92A4179EF1F] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\EhStorPwdDrv.dll
2018-01-03 10:25 - 2014-10-28 19:29 - 000054272 ___AC [9E5A866A051CA31C84156A6803606E51] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\HidBthLE.dll
2013-08-22 12:10 - 2013-08-22 12:12 - 000000000 ____D [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\UMDF\en-US
2013-08-22 12:09 - 2013-08-22 12:09 - 000002560 ____A [BE37860FC26885A492DE883F3938F639] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\en-US\HidBthLE.dll.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000002048 ____A [E5A318E3FAD0729EB0934117322E5594] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\en-US\hidscanner.dll.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000002560 ____A [EF3547EAF8B3AC95BCF36CB84B3C32DC] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\en-US\idtsec.dll.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000005632 ____A [7FFEA04D96C5961BBAC8253890661D4D] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\en-US\LocationProvider.dll.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000002560 ____A [AD4D7D1BF668CC7BACE7CAABF4344D4B] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\en-US\mgtdyn.dll.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000009728 ____A [EE3C4AFD2A446B676A9A3FFA92294F04] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\en-US\SensorsHIDClassDriver.dll.mui
2013-08-22 12:09 - 2013-08-22 12:09 - 000006144 ____A [4D56FE5E7334CD9C1D956F207D18E4EE] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\en-US\WUDFUsbccidDriver.dll.mui

====== End of Folder: ======


========= Reg query "HKLM\SYSTEM\Select" =========


HKEY_LOCAL_MACHINE\SYSTEM\Select
    Current    REG_DWORD    0x1
    Default    REG_DWORD    0x1
    Failed    REG_DWORD    0x0
    LastKnownGood    REG_DWORD    0x1



========= End of Reg: =========

C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-2568457363-4081483336-3709437035-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-2568457363-4081483336-3709437035-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully


========= End of RemoveProxy: =========


========= netsh advfirewall reset =========

Ok.


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Ok.


========= End of CMD: =========


========= ipconfig /flushdns =========


Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========


========= netsh winsock reset catalog =========


Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.


========= End of CMD: =========


========= netsh int ip reset C:\resettcpip.txt =========

Resetting Global, OK!
Resetting Interface, OK!
Resetting Unicast Address, OK!
Resetting Neighbor, OK!
Resetting Path, OK!
Resetting , failed.
Access is denied.

Resetting , OK!
Restart the computer to complete this action.


========= End of CMD: =========


========= FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i" =========


========= End of CMD: =========


========= Bitsadmin /Reset /Allusers =========


BITSADMIN version 3.0 [ 7.7.9600 ]
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

{2E6A0975-7269-41EA-8B9A-C34D4A7A5827} canceled.
{073FFC29-8310-4227-9D82-4403989364DF} canceled.
2 out of 2 jobs canceled.

========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 105532498 B
Java, Flash, Steam htmlcache => 446 B
Windows/system/drivers => 7061091 B
Edge => 0 B
Chrome => 157660868 B
Firefox => 217772419 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 128 B
LocalService => 17283 B
NetworkService => 88306 B
DoggoBrandle => 647916820 B

RecycleBin => 14664 B
EmptyTemp: => 1.1 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 17:43:18 ====

 

 

# AdwCleaner 7.0.8.0 - Logfile created on Thu Feb 22 00:49:23 2018
# Updated on 2018/08/02 by Malwarebytes
# Database: 02-21-2018.1
# Running on Windows 8.1 Pro N (X64)
# Mode: scan
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries.

*************************

C:/AdwCleaner/AdwCleaner[C0].txt - [1142 B] - [2018/2/20 17:59:52]
C:/AdwCleaner/AdwCleaner[C1].txt - [2790 B] - [2018/2/21 2:15:34]
C:/AdwCleaner/AdwCleaner[C2].txt - [1478 B] - [2018/2/21 15:47:25]
C:/AdwCleaner/AdwCleaner[S0].txt - [1120 B] - [2018/2/20 17:36:6]
C:/AdwCleaner/AdwCleaner[S1].txt - [3178 B] - [2018/2/21 2:4:12]
C:/AdwCleaner/AdwCleaner[S2].txt - [1470 B] - [2018/2/21 15:45:0]
C:/AdwCleaner/AdwCleaner[S3].txt - [1432 B] - [2018/2/21 17:38:29]


########## EOF - C:\AdwCleaner\AdwCleaner[S4].txt ##########



#4 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,444 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:11:32 PM

Posted 21 February 2018 - 10:29 PM

That looks clear. How is the computer doing?


No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#5 Gandolf1

Gandolf1
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:08:32 PM

Posted 21 February 2018 - 11:17 PM

Hello J,

I am so surprised!  There appear to be all normal processes running in task manager, and Malwarebytes scan picked up nothing this evening.   Yet your fix SEEMS to have eliminated the issue right away! 

 

If i understand what i am reading in the log, your fix included refreshing network settings and moving some AppData files (to where?).   

 

This seems great and i am very pleased with the quick work.  I do envy your expertise!



#6 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,444 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:11:32 PM

Posted 22 February 2018 - 02:21 PM

Congratulations. Files and folders are moved to FRST quarantine folder. Please use this application to remove quarantined items:

 

Please download DelFix by Xplode and save to your Desktop.

  • Double-click on delfix.exe to run the tool.
    Vista/Windows 7/8/10 users right-click and select Run As Administrator.
  • Put a check mark next to these items:
    - Remove disinfection tools
    - Create registry backup
    delfix.jpg
    .
  • Click the "Run" button.
  • When the tool has finished, it will create and open a log report (DelFix.txt)

 

Always keep your antivirus active and updated.

 

Best regards. :)


No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#7 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,444 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:11:32 PM

Posted 25 February 2018 - 10:27 PM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users