Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Chrome Infection. Yahoo Redirect, Replicating Maligning.exe and jjmvdfhhul ??


  • This topic is locked This topic is locked
7 replies to this topic

#1 rokittman

rokittman

  • Members
  • 235 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Burlington, Kentucky
  • Local time:07:24 AM

Posted 05 May 2018 - 09:01 AM

Hello Bleeping Computer,

Ran into a nasty bug(s) the other day, which appears to only run when Google Chrome is opened. I got lazy and installed a file without scanning it.

The first symptom I noticed were the Yahoo redirect search pages. GOD I hate Yahoo! I immediately knew I'd caught something. Then the desktop icons started appearing as about a dozen unwanted programs were installed. I was able to uninstall all of them with Revo Uninstaller, but the Yahoo redirects and random audio advertisements continued. That was weird!

I went to Task Manager to see what processes were open and noticed several instances of the Application jjmvdfhhul. Closing them only caused them to reopen. They would only stay closed if I exited Chrome, ended the Maligning.exe process and deleted that file from the Chrome folder. 

I ran MalwareBytes, Sophos, Junkware Removal Tool, Disk Cleanup, CCleaner and a few others in Safe Mode. MalwareBytes alone found over 200 Infections and PUPs. Still had the redirects, screen flashes and slow browser response.

I ended up deleting and reinstalling Chrome, which seems to have stopped the problem. But MalwareBytes is still detecting Trogens and PUPS no matter how many times I run and quarantine.

Additionally, I was actually in the process of trying to install BitDefender Free just before all this began. Strangely, each time I tried to install it, I would get the error that it was not compatible with my OS. Which I know in fact, it is. I have also opened a service ticket with BitDefender which they are looking into.

I've attached the two files generated by FRST. I'm hoping you can disinfect my system thoroughly. You've pulled my butt out of the wringer in the past. I know you can help me with this.

Also, when all this is done, I would love your recommendation on a maintenance plan with a set of programs for periodic scans that will keep my particular system clean and running smoothly. My system is not that powerful and I normally don't run Windows Firewall or Defender in lieu of MalwareBytes and a couple other scanners. I need to be more diligent about this in the future.

Thank you for your consideration,

- Dean -
 

Attached Files



BC AdBot (Login to Remove)

 


#2 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,843 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:07:24 AM

Posted 05 May 2018 - 09:57 AM

Hi

Welcome :)

I'll be helping you with your computer.

Please read this post completely before beginning. If there's anything that you do not understand, please don't hesitate to ask before proceeding.

Please take note of the guidelines for this fix:
  • Please note that I am a volunteer. I do have a family, a career, and other endeavors that may prevent immediate responses that meet your schedule. Do note that the differences in time zones could present a problem as well. Your patience and understanding will be greatly appreciated.
  • First of all, the procedures we are about to perform are specific to your problem and should only be used on this specific computer.
  • Do not make any changes to your computer that include installing/uninstalling programs, deleting files, modifying the registry, nor running scanners or tools of any kind unless specifically requested by me.
  • Please read ALL instructions carefully and perform the steps fully and in the order they are written.
  • If things appear to be better, let me know. Just because the symptoms no longer exist as before, does not mean that you are clean.
  • Continue to read and follow my instructions until I tell you that your machine is clean.
  • If you have any questions at all, please do not hesitate to ask before performing the task that I ask of you, and please wait for my reply before you proceed.
  • Scanning with programs and reading the logs do take a fair amount of time. Again, your patience will be necessary. :)
Let's begin... :)
  • Highlight the entire content of the quote box below.

Start::
C:\Windows\SearchIndexer.exe
BootExecute: autocheck autochk * ??ÿ??????????????1
HKU\S-1-5-21-2028123929-315541640-582885332-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2028123929-315541640-582885332-1000\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-21-2028123929-315541640-582885332-1000\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-2028123929-315541640-582885332-1000\...\Policies\Explorer: [NoInternetOpenWith] 1
Handler: WSWSVCUchrome - No CLSID Value
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2028123929-315541640-582885332-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symbaloo.com/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2028123929-315541640-582885332-1000 -> {1711FC25-F05A-40CE-B859-A0C1CF01FD18} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=omr&hsimp=yhs-001&type=86311178&param1=y6bdVFVIsvuYsgEClQfz8HyFH9tZCHsOZFHNP%2BYwJC1EMkQ%2FdZ7CSCK%2Feq2cy1wTbEyndtbYJaHBYUMC%2Bsxmo1U5Wkti%2BHaY1UuCSLOtkQuQZgk2B0bmUh5tjzntyMGFOvvxdRLMK1xW0AlJbf%2Fea9S1d8zx1h1lipR3tjpuGwhRstzEPtt07DfwB4OWXQOjxREYihB9h7kI2FdqqMgKpBKI8tR2bn6T3Zoz5cni6w8ozcRCwpL2Lb47nEwf9A4IKSvpRE7p9VFg2rpqbESZsA%3D%3D&p={searchTerms}
BHO: No Name -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> No File
BHO: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File
BHO-x32: No Name -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> No File
Toolbar: HKLM - No Name - {9A87E478-A2BD-44C4-9F8C-D3989A5271B1} - No File
CHR HomePage: Default -> hxxp://www.symbaloo.com/
CHR StartupUrls: Default -> "hxxps://www.symbaloo.com/"
CHR NewTab: Default -> Not-active:"chrome-extension://icpgjfneehieebagbmdbhnlpiopdcmna/main.html"
CHR DefaultSearchKeyword: Default -> lp
S2 WinService; C:\Users\Dean\AppData\Local\XService\XService.dll [X]
U5 UnlockerDriver5; D:\Unlocker\UnlockerDriver5.sys [12352 2018-03-31] ()
U3 a1so7x4d; C:\Windows\System32\Drivers\a1so7x4d.sys [0 ] (Advanced Micro Devices) <==== ATTENTION (zero byte File/Folder)
U3 a1so7x4d; C:\Windows\System32\Drivers\a1so7x4d.sys [0 ] (Advanced Micro Devices) <==== ATTENTION (zero byte File/Folder)
S3 COMMONFX.DLL; system32\COMMONFX.DLL [X]
S3 cpuz134; \??\C:\Users\Dean\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X] <==== ATTENTION
S3 CTAUDFX.DLL; system32\CTAUDFX.DLL [X]
S3 CTERFXFX.DLL; system32\CTERFXFX.DLL [X]
S3 CTSBLFX.DLL; system32\CTSBLFX.DLL [X]
U4 MediaMall Server; no ImagePath
S3 NTIOLib_1_0_C; \??\H:\NTIOLib_X64.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
C:\Windows\System32\Tasks\{65AF4565-BE59-4E65-8D5D-3CF279A304F1}
2018-05-04 17:40 - 2018-05-04 17:40 - 000003028 _____ C:\Windows\System32\Tasks\{75DCBDB9-68C4-494B-A2E8-5D5AAC90E73B}
2018-05-04 17:40 - 2018-05-04 17:40 - 000003028 _____ C:\Windows\System32\Tasks\{6E83F440-A064-445D-A14A-C9FFE1F3488F}
2018-05-04 17:40 - 2018-05-04 17:40 - 000003028 _____ C:\Windows\System32\Tasks\{6913CA7F-8318-4C75-881F-B12F8C0BCE53}
2018-05-04 17:40 - 2018-05-04 17:40 - 000003028 _____ C:\Windows\System32\Tasks\{38E59B47-8A8E-4CD8-B2D7-E4D32C7E9073}
2018-05-04 17:40 - 2018-05-04 17:40 - 000003028 _____ C:\Windows\System32\Tasks\{339977FA-456E-46EB-B6B1-C2FA418F11E2}
2018-05-04 17:39 - 2018-05-04 17:39 - 000003028 _____ C:\Windows\System32\Tasks\{93D16F67-2EEF-47CA-8B9A-5D2F2FB8DF38}
2018-05-04 17:39 - 2018-05-04 17:39 - 000003028 _____ C:\Windows\System32\Tasks\{8253449D-E5E5-4FF5-B4C5-02A220B798D2}
2018-05-04 17:39 - 2018-05-04 17:39 - 000003028 _____ C:\Windows\System32\Tasks\{357CF9DA-D014-442C-8DCE-B2BA88CA5A57}
2018-05-04 17:39 - 2018-05-04 17:39 - 000003028 _____ C:\Windows\System32\Tasks\{0BCD699D-9976-42E5-91F7-9F58A5DA096E}
2018-05-04 17:38 - 2018-05-04 17:38 - 000003028 _____ C:\Windows\System32\Tasks\{E5DC8FCF-4595-4876-BC89-7B7A5F2103B7}
2018-05-04 17:38 - 2018-05-04 17:38 - 000003028 _____ C:\Windows\System32\Tasks\{A1822A32-3C6D-408C-A314-92F07C54CD2A}
2018-05-04 17:38 - 2018-05-04 17:38 - 000003028 _____ C:\Windows\System32\Tasks\{2616C609-B554-4200-812D-6AE2F2F7F1E9}
C:\Windows\System32\Tasks\{0B8B6EA4-A214-4B9A-B253-2B480976BA7A}
2018-05-04 17:30 - 2018-05-04 17:30 - 000002930 _____ C:\Windows\System32\Tasks\{60A1BCED-53A4-47CA-9324-E404B3AB0744}
2018-05-04 17:30 - 2018-05-04 17:30 - 000002930 _____ C:\Windows\System32\Tasks\{1718A4AE-1D82-4CE1-B4E2-8C868E3F11BE}
2018-05-04 17:29 - 2018-05-04 17:29 - 000002930 _____ C:\Windows\System32\Tasks\{410D659A-DBEF-474F-8772-BDACCCC6C2BA}
C:\Windows\System32\Tasks\{0023ACB7-57ED-4343-8B69-50F299AE042D}
C:\Windows\System32\Tasks\LEYQPVHwvgCJZX
2018-05-03 20:53 - 2018-05-03 20:53 - 000002872 _____ C:\Windows\System32\Tasks\RLkqBnyOWmWtiyTNd2
2018-05-03 20:53 - 2018-05-03 20:53 - 000002860 _____ C:\Windows\System32\Tasks\waTTzezvPrMPuZrWXNR2
2018-05-03 20:53 - 2018-05-03 20:53 - 000002850 _____ C:\Windows\System32\Tasks\SblZmBRLKrukRom2



FirewallRules: [{8E25E924-D1D2-4A4A-9B43-653E11992B5F}] => (Allow) LPort=2869
FirewallRules: [{D84E18FD-46FF-4C1C-8DEE-9173115B642C}] => (Allow) LPort=1900
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
S2 HPSLPSVC; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S2 HPSLPSVC; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-13] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
U3 a1so7x4d; C:\Windows\System32\Drivers\a1so7x4d.sys [0 ] (Advanced Micro Devices) <==== ATTENTION (zero byte File/Folder)
S3 cpuz134; \??\C:\Users\Dean\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X] <==== ATTENTION
Task: {08D1466E-E6CD-4C6D-8CAC-5145EB2A8278} - \Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 -> No File <==== ATTENTION
Task: {5427F1EF-9AE8-43C4-BF45-35A5B40625D6} - \Steam-S-1-8-22-9865GUI -> No File <==== ATTENTION
Task: {69535777-9769-4FD4-9B85-39E0C5C5C3D0} - System32\Tasks\Fallout Explorer => C:\Windows\system32\rundll32.exe "C:\Program Files\Fallout Explorer\Fallout Explorer.dll",bmxlAP <==== ATTENTION
Task: {CE18CE31-E1C3-4A28-AB02-19F7D4315A52} - \DropboxUpdateTaskMachineUA -> No File <==== ATTENTION
Task: {D545D939-74DA-4D90-A5C3-07B1236542EA} - \NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {D8A4D4EB-B52F-45EB-A780-17003552709E} - \DropboxUpdateTaskMachineCore -> No File <==== ATTENTION
BHO: No Name -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> No File
BHO: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File
BHO-x32: No Name -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> No File
Toolbar: HKLM - No Name - {9A87E478-A2BD-44C4-9F8C-D3989A5271B1} - No File
FF Plugin HKU\S-1-5-21-2028123929-315541640-582885332-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Dean\AppData\Local\Google\Update\1.3.33.7\npGoogleUpdate3.dll [No File]
FF Plugin HKU\S-1-5-21-2028123929-315541640-582885332-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Dean\AppData\Local\Google\Update\1.3.33.7\npGoogleUpdate3.dll [No File]
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => -> No File
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => -> No File
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => -> No File
ShellIconOverlayIdentifiers: [1AMPCBOK] -> {04cd1f3e-81d5-4904-a3ab-e0f99a7d769d} => -> No File
ShellIconOverlayIdentifiers-x32: [1AMPCBOK] -> {04cd1f3e-81d5-4904-a3ab-e0f99a7d769d} => -> No File
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => -> No File
ContextMenuHandlers1: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers1: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers1: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} => -> No File
ContextMenuHandlers2: [AlcoholShellEx] -> {32020A01-506E-484D-A2A8-BE3CF17601C3} => -> No File
ContextMenuHandlers2: [AlcoholShellEx64] -> {AF67B665-D752-424E-9A03-C7C218F2844F} => -> No File
ContextMenuHandlers3: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => -> No File
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers6: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
Task: {08D1466E-E6CD-4C6D-8CAC-5145EB2A8278} - \Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 -> No File <==== ATTENTION
Task: {5427F1EF-9AE8-43C4-BF45-35A5B40625D6} - \Steam-S-1-8-22-9865GUI -> No File <==== ATTENTION
Task: {CE18CE31-E1C3-4A28-AB02-19F7D4315A52} - \DropboxUpdateTaskMachineUA -> No File <==== ATTENTION
Task: {D545D939-74DA-4D90-A5C3-07B1236542EA} - \NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {D8A4D4EB-B52F-45EB-A780-17003552709E} - \DropboxUpdateTaskMachineCore -> No File <==== ATTENTION
FF Plugin HKU\S-1-5-21-2028123929-315541640-582885332-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Dean\AppData\Local\Google\Update\1.3.33.7\npGoogleUpdate3.dll [No File]
FF Plugin HKU\S-1-5-21-2028123929-315541640-582885332-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Dean\AppData\Local\Google\Update\1.3.33.7\npGoogleUpdate3.dll [No File]
S2 WinService; C:\Users\Dean\AppData\Local\XService\XService.dll [X]
C:\Users\Dean\AppData\Local\XService
S3 cpuz134; \??\C:\Users\Dean\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X] <==== ATTENTION
Task: {259A6E60-78E5-48EA-9480-F164167E4001} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2028123929-315541640-582885332-1000Core => C:\Users\Dean\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {476E527D-7352-4793-BCFD-3AC64A61FDDC} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2028123929-315541640-582885332-1000UA => C:\Users\Dean\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-12-03] (Facebook Inc.)
Task: {4ABB75E6-7726-4F3D-A6B1-944C39E15DA8} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2028123929-315541640-582885332-1000Core => C:\Users\Dean\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-12-03] (Facebook Inc.)
Task: {4C4F763E-CA26-4545-96A0-7DD378B9B643} - System32\Tasks\troutman talkers recotroutman talkers reco => C:\Users\Dean\AppData\Local\Maligning.exe
Task: {5198CAE1-5ACD-455A-AD7D-895BE8F33D73} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2028123929-315541640-582885332-1000UA => C:\Users\Dean\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {97726AA6-D1E1-49C1-A5FF-2C2DF1337FEC} - System32\Tasks\signficantly_prohibitssignficantly_prohibits => C:\Users\Dean\AppData\Local\Cubbyhole.exe
Task: {99B3AEA3-339F-498F-9C4D-5DDB95A8C567} - System32\Tasks\signficantly_prohibits => C:\Users\Dean\AppData\Local\Cubbyhole.exe
Task: {E586FDD5-EFD4-4231-B26B-CC065697FC6F} - System32\Tasks\troutman talkers reco => C:\Users\Dean\AppData\Local\Maligning.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2028123929-315541640-582885332-1000Core.job => C:\Users\Dean\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2028123929-315541640-582885332-1000UA.job => C:\Users\Dean\AppData\Local\Facebook\Update\FacebookUpdate.exe
MSCONFIG\startupreg: Google Update => C:\Users\Dean\AppData\Local\Google\Update\1.3.33.7\GoogleUpdateCore.exe
MSCONFIG\startupreg: msiql => C:\Users\Dean\AppData\Local\Temp\00005626\msiql.exe /RUNNING
S3 cpuz134; \??\C:\Users\Dean\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X] <==== ATTENTION
2015-05-22 20:08 - 2015-05-22 20:08 - 000000000 _____ () C:\Users\Dean\AppData\Local\Temp.dat
MSCONFIG\startupreg: msiql => C:\Users\Dean\AppData\Local\Temp\00005626\msiql.exe /RUNNING
Description: Activation context generation failed for "C:\Program Files (x86)\Google\Chrome\Temp\scoped_dir6476_15759\old_chrome.exe".
MSCONFIG\startupreg: Applying => "C:\Program Files (x86)\kitzhaber\Cubbyhole.exe" jmvdfhh
MSCONFIG\startupreg: Bastards => "C:\Program Files (x86)\kitzhaber\Cubbyhole.exe" jmvdfhh
MSCONFIG\startupreg: Bayliss => "C:\Program Files (x86)\Transactions\Maligning.exe" jmvdfhh
MSCONFIG\startupreg: Erupted => "C:\Program Files (x86)\Transactions\Maligning.exe" jmvdfhh
MSCONFIG\startupreg: Henceforth => "C:\Program Files (x86)\Assimilation\Maligning.exe" jmvdfhh
MSCONFIG\startupreg: Klepper => "C:\Program Files (x86)\kitzhaber\Cubbyhole.exe" jmvdfhh
MSCONFIG\startupreg: Laminated => "C:\Program Files (x86)\Assimilation\Maligning.exe" jmvdfhh
MSCONFIG\startupreg: machinery => "C:\Program Files (x86)\Transactions\Maligning.exe" jmvdfhh
MSCONFIG\startupreg: monetarists => "C:\Program Files (x86)\feeler\monetarists.exe" jmvdfhh
MSCONFIG\startupreg: Morant => "C:\Program Files (x86)\Transactions\Maligning.exe" jmvdfhh
MSCONFIG\startupreg: Obe => "C:\Program Files (x86)\Assimilation\Maligning.exe" jmvdfhh
MSCONFIG\startupreg: Optimally => "C:\Program Files (x86)\Assimilation\Maligning.exe" jmvdfhh
MSCONFIG\startupreg: Profoundest => "C:\Program Files (x86)\Transactions\Maligning.exe" jmvdfhh
MSCONFIG\startupreg: Ranging => "C:\Program Files (x86)\kitzhaber\Cubbyhole.exe" jmvdfhh
CMD: BCDEDIT /ENUM ALL
CMD: fltmc instances
Folder: C:\Windows\System32\Drivers
Reg: Reg query "HKLM\SYSTEM\Select"
HOSTS:
Removeproxy:
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: ipconfig /flushdns
CMD: netsh winsock reset catalog
CMD: netsh int ip reset C:\resettcpip.txt
CMD: FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i"
CMD: Bitsadmin /Reset /Allusers
EMPTYTEMP:
Reboot:
End::

  • Right click on the highlighted text and select Copy.
  • Start FRST (FRST64) with Administrator privileges
  • Press the Fix button. FRST will process the lines copied above from the clipboard.
  • When finished, a log file (Fixlog.txt) will pop up and saved in the same location the tool was ran from.
Please copy and paste its contents in your next reply.


RQKuhw1.pngRogueKiller
  • Download the right version of RogueKiller for your Windows version (32 or 64-bit)
  • Once done, move the executable file to your Desktop, right-click on it and select Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users)
  • Click on the Start Scan button in the right panel, which will bring you to another tab, and click on it again (this time it'll be in the bottom right corner)
  • Wait for the scan to complete
  • On completion, the results will be displayed
  • Check every single entry (threat found), and click on the Remove Selected button
  • On completion, the results will be displayed. Click on the Open Report button in the bottom left corner, followed by the Open TXT button (also in the bottom left corner)
  • This will open the report in Notepad. Copy/paste its content in your next reply
zcMPezJ.pngAdwCleaner - Fix Mode
  • Download AdwCleaner and move it to your Desktop
  • Right-click on AdwCleaner.exe and select Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users)
  • Accept the EULA (I accept), then click on Scan
  • Let the scan complete. Once it's done, make sure that every item listed in the different tabs is checked and click on the Clean button. This will kill all active processes
    5ace519a6ff4a_Dashboard-firstrun.png.567
  • Once the cleaning process is complete, AdwCleaner will ask to restart your computer, do it
  • After the restart, a log will open when logging in. Please copy/paste the content of that log in your next reply
Your next reply(ies) should therefore contain:
  • Copy/pasted RogueKiller clean log
  • Copy/pasted AdwCleaner clean log
  • Copy/pasted Fixlog.txt log

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#3 rokittman

rokittman
  • Topic Starter

  • Members
  • 235 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Burlington, Kentucky
  • Local time:07:24 AM

Posted 05 May 2018 - 08:53 PM

Here are your scans.

 

 

RogueKiller V12.12.16.0 (x64) [May  4 2018] (Free) by Adlice Software
 
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Dean [Administrator]
Started from : C:\Users\Dean\Desktop\RogueKiller_portable64.exe
Mode : Delete -- Date : 05/05/2018 20:53:41 (Duration : 00:34:11)
 
¤¤¤ Processes : 0 ¤¤¤
 
¤¤¤ Registry : 28 ¤¤¤
[PUP.Gen1] (X64) HKEY_USERS\S-1-5-21-2028123929-315541640-582885332-1000\Software\OCS -> Deleted
[PUP.Gen1] (X86) HKEY_USERS\S-1-5-21-2028123929-315541640-582885332-1000\Software\OCS -> Deleted
[Hj.Name] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Windows Indexer (C:\Windows\SearchIndexer.exe) -> Deleted
[Hj.Name] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Windows Indexer (C:\Windows\SearchIndexer.exe) -> Deleted
[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0  -> Replaced (2)
[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0  -> Replaced (2)
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-2028123929-315541640-582885332-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyComputer : 2  -> Replaced (1)
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-2028123929-315541640-582885332-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowControlPanel : 2  -> Replaced (1)
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-2028123929-315541640-582885332-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyDocs : 2  -> Replaced (1)
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-2028123929-315541640-582885332-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowDownloads : 2  -> Replaced (1)
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-2028123929-315541640-582885332-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 2  -> Replaced (1)
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-2028123929-315541640-582885332-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyMusic : 2  -> Replaced (1)
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-2028123929-315541640-582885332-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowUser : 0  -> Replaced (1)
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-2028123929-315541640-582885332-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyPics : 0  -> Replaced (1)
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-2028123929-315541640-582885332-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowRecentDocs : 0  -> Replaced (1)
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-2028123929-315541640-582885332-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowVideos : 0  -> Replaced (1)
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-2028123929-315541640-582885332-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowSetProgramAccessAndDefaults : 0  -> Replaced (1)
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-2028123929-315541640-582885332-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyComputer : 2  -> Replaced (1)
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-2028123929-315541640-582885332-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowControlPanel : 2  -> Replaced (1)
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-2028123929-315541640-582885332-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyDocs : 2  -> Replaced (1)
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-2028123929-315541640-582885332-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowDownloads : 2  -> Replaced (1)
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-2028123929-315541640-582885332-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 2  -> Replaced (1)
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-2028123929-315541640-582885332-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyMusic : 2  -> Replaced (1)
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-2028123929-315541640-582885332-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowUser : 0  -> Replaced (1)
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-2028123929-315541640-582885332-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyPics : 0  -> Replaced (1)
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-2028123929-315541640-582885332-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowRecentDocs : 0  -> Replaced (1)
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-2028123929-315541640-582885332-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowVideos : 0  -> Replaced (1)
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-2028123929-315541640-582885332-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowSetProgramAccessAndDefaults : 0  -> Replaced (1)
 
¤¤¤ Tasks : 1 ¤¤¤
[Hj.Shortcut] \{1BE48DDA-3D9D-4AF3-AF60-7784794ABB2E} -- "c:\program files (x86)\google\chrome\application\chrome.exe" (http://ui.skype.com/ui/0/6.18.0.105/en/abandoninstall?source=lightinstaller&page=tsBing) -> Deleted
 
¤¤¤ Files : 3 ¤¤¤
[PUP.AutoIt.Gen][File] C:\Users\Dean\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Disc Tools\GS Auto Clicker\GS Auto Clicker.lnk [LNK@] C:\PROGRA~2\GSAUTO~1\GSAUTO~1.EXE -> Deleted
[PUP.AutoIt.Gen][File] C:\Users\Dean\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GS Auto Clicker.lnk [LNK@] C:\PROGRA~2\GSAUTO~1\GSAUTO~1.EXE -> Deleted
[PUP.AutoIt.Gen][File] C:\Program Files (x86)\GSAutoClicker3\GSAutoClicker.exe -> Deleted
 
¤¤¤ WMI : 0 ¤¤¤
 
¤¤¤ Hosts File : 0 ¤¤¤
 
¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤
 
¤¤¤ Web browsers : 3 ¤¤¤
[PUP.Gen0][Chrome:Addon] Default : imgur Community Extension [ehoopddfhgaehhmphfcooacjdpmbjlao] -> Deleted
[PUM.HomePage][Chrome:Config] Default [SecurePrefs] : homepage [http://www.symbaloo.com/] -> Deleted
[PUM.HomePage][Chrome:Config] Default [SecurePrefs] : session.startup_urls [https://www.symbaloo.com/] -> Deleted
 
¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0:  +++++
--- User ---
[MBR] d6213f42709b94c3c601c3b71a092898
[BSP] 65faee726a46e44054b51a1dfc08f4dc : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 87016 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] EXTEN-LBA (0xf) [VISIBLE] Offset (sectors): 178416000 | Size: 199048 MB
User = LL1 ... OK
User = LL2 ... OK
 
+++++ PhysicalDrive1:  +++++
--- User ---
[MBR] ba098a80af6f6093a5043876a9c9549c
[BSP] 39cafd1868b028f49ee251c9be1f9a5a : Windows XP|VT.Unknown MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 63 | Size: 476937 MB [Windows XP Bootstrap | Windows XP Bootloader]
User = LL1 ... OK
User = LL2 ... OK
 
 
 
# -------------------------------
# Malwarebytes AdwCleaner 7.1.1.0
# -------------------------------
# Build:    04-27-2018
# Database: 2018-05-02.2
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    05-05-2018
# Duration: 00:00:11
# OS:       Windows 7 Ultimate
# Cleaned:  21
# Failed:   0
 
 
***** [ Services ] *****
 
No malicious services cleaned.
 
***** [ Folders ] *****
 
Deleted       C:\Windows\Syswow64\SSL
Deleted       C:\Windows\rss
 
***** [ Files ] *****
 
No malicious files cleaned.
 
***** [ DLL ] *****
 
No malicious DLLs cleaned.
 
***** [ WMI ] *****
 
No malicious WMI cleaned.
 
***** [ Shortcuts ] *****
 
No malicious shortcuts cleaned.
 
***** [ Tasks ] *****
 
No malicious tasks cleaned.
 
***** [ Registry ] *****
 
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E4B120E0-7A13-421E-8DC7-BE93C80EFBE9}
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\waTTzezvPrMPuZrWXNR2
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EBC1E756-985C-45BE-BC8C-90615CC83F34}
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RLkqBnyOWmWtiyTNd2
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{08D541C9-DA82-48F2-8AB3-42AFE3BE8CF5}
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{08D541C9-DA82-48F2-8AB3-42AFE3BE8CF5}
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\LEYQPVHwvgCJZX
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7FAD4E1A-26AF-4424-84CC-9DBEB776FA55}
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SblZmBRLKrukRom2
Deleted       HKCU\Software\PopWnd
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\436F6625D7B77354DBCD89DDC6CFAB1A
Deleted       HKLM\Software\Classes\Installer\Products\436F6625D7B77354DBCD89DDC6CFAB1A
Deleted       HKLM\Software\Classes\Installer\Features\436F6625D7B77354DBCD89DDC6CFAB1A
 
***** [ Chromium (and derivatives) ] *****
 
Deleted       Torrent Search
Deleted       imgur Community Extension
 
***** [ Chromium URLs ] *****
 
Deleted       Ask
Deleted       Ask
Deleted       AOL
Deleted       AOL
 
***** [ Firefox (and derivatives) ] *****
 
No malicious Firefox entries cleaned.
 
***** [ Firefox URLs ] *****
 
No malicious Firefox URLs cleaned.
 
 
*************************
 
[+] Delete Tracing Keys
[+] Reset Winsock
 
*************************
 
 
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########
 
 
 
Fix result of Farbar Recovery Scan Tool (x64) Version: 03.05.2018
Ran by Dean (05-05-2018 17:29:27) Run:1
Running from C:\Users\Dean\Desktop\Bleeping Computer Service\Farbar Recovery Scan Tool (FRST)
Loaded Profiles: Dean (Available Profiles: Dean & Administrator)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
C:\Windows\SearchIndexer.exe
BootExecute: autocheck autochk * ??ÿ??????????????1
HKU\S-1-5-21-2028123929-315541640-582885332-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2028123929-315541640-582885332-1000\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-21-2028123929-315541640-582885332-1000\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-2028123929-315541640-582885332-1000\...\Policies\Explorer: [NoInternetOpenWith] 1
Handler: WSWSVCUchrome - No CLSID Value
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2028123929-315541640-582885332-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symbaloo.com/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2028123929-315541640-582885332-1000 -> {1711FC25-F05A-40CE-B859-A0C1CF01FD18} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=omr&hsimp=yhs-001&type=86311178&param1=y6bdVFVIsvuYsgEClQfz8HyFH9tZCHsOZFHNP%2BYwJC1EMkQ%2FdZ7CSCK%2Feq2cy1wTbEyndtbYJaHBYUMC%2Bsxmo1U5Wkti%2BHaY1UuCSLOtkQuQZgk2B0bmUh5tjzntyMGFOvvxdRLMK1xW0AlJbf%2Fea9S1d8zx1h1lipR3tjpuGwhRstzEPtt07DfwB4OWXQOjxREYihB9h7kI2FdqqMgKpBKI8tR2bn6T3Zoz5cni6w8ozcRCwpL2Lb47nEwf9A4IKSvpRE7p9VFg2rpqbESZsA%3D%3D&p={searchTerms}
BHO: No Name -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> No File
BHO: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File
BHO-x32: No Name -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> No File
Toolbar: HKLM - No Name - {9A87E478-A2BD-44C4-9F8C-D3989A5271B1} - No File
CHR HomePage: Default -> hxxp://www.symbaloo.com/
CHR StartupUrls: Default -> "hxxps://www.symbaloo.com/"
CHR NewTab: Default -> Not-active:"chrome-extension://icpgjfneehieebagbmdbhnlpiopdcmna/main.html"
CHR DefaultSearchKeyword: Default -> lp
S2 WinService; C:\Users\Dean\AppData\Local\XService\XService.dll [X]
U5 UnlockerDriver5; D:\Unlocker\UnlockerDriver5.sys [12352 2018-03-31] ()
U3 a1so7x4d; C:\Windows\System32\Drivers\a1so7x4d.sys [0 ] (Advanced Micro Devices) <==== ATTENTION (zero byte File/Folder)
U3 a1so7x4d; C:\Windows\System32\Drivers\a1so7x4d.sys [0 ] (Advanced Micro Devices) <==== ATTENTION (zero byte File/Folder)
S3 COMMONFX.DLL; system32\COMMONFX.DLL [X]
S3 cpuz134; \??\C:\Users\Dean\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X] <==== ATTENTION
S3 CTAUDFX.DLL; system32\CTAUDFX.DLL [X]
S3 CTERFXFX.DLL; system32\CTERFXFX.DLL [X]
S3 CTSBLFX.DLL; system32\CTSBLFX.DLL [X]
U4 MediaMall Server; no ImagePath
S3 NTIOLib_1_0_C; \??\H:\NTIOLib_X64.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
C:\Windows\System32\Tasks\{65AF4565-BE59-4E65-8D5D-3CF279A304F1}
2018-05-04 17:40 - 2018-05-04 17:40 - 000003028 _____ C:\Windows\System32\Tasks\{75DCBDB9-68C4-494B-A2E8-5D5AAC90E73B}
2018-05-04 17:40 - 2018-05-04 17:40 - 000003028 _____ C:\Windows\System32\Tasks\{6E83F440-A064-445D-A14A-C9FFE1F3488F}
2018-05-04 17:40 - 2018-05-04 17:40 - 000003028 _____ C:\Windows\System32\Tasks\{6913CA7F-8318-4C75-881F-B12F8C0BCE53}
2018-05-04 17:40 - 2018-05-04 17:40 - 000003028 _____ C:\Windows\System32\Tasks\{38E59B47-8A8E-4CD8-B2D7-E4D32C7E9073}
2018-05-04 17:40 - 2018-05-04 17:40 - 000003028 _____ C:\Windows\System32\Tasks\{339977FA-456E-46EB-B6B1-C2FA418F11E2}
2018-05-04 17:39 - 2018-05-04 17:39 - 000003028 _____ C:\Windows\System32\Tasks\{93D16F67-2EEF-47CA-8B9A-5D2F2FB8DF38}
2018-05-04 17:39 - 2018-05-04 17:39 - 000003028 _____ C:\Windows\System32\Tasks\{8253449D-E5E5-4FF5-B4C5-02A220B798D2}
2018-05-04 17:39 - 2018-05-04 17:39 - 000003028 _____ C:\Windows\System32\Tasks\{357CF9DA-D014-442C-8DCE-B2BA88CA5A57}
2018-05-04 17:39 - 2018-05-04 17:39 - 000003028 _____ C:\Windows\System32\Tasks\{0BCD699D-9976-42E5-91F7-9F58A5DA096E}
2018-05-04 17:38 - 2018-05-04 17:38 - 000003028 _____ C:\Windows\System32\Tasks\{E5DC8FCF-4595-4876-BC89-7B7A5F2103B7}
2018-05-04 17:38 - 2018-05-04 17:38 - 000003028 _____ C:\Windows\System32\Tasks\{A1822A32-3C6D-408C-A314-92F07C54CD2A}
2018-05-04 17:38 - 2018-05-04 17:38 - 000003028 _____ C:\Windows\System32\Tasks\{2616C609-B554-4200-812D-6AE2F2F7F1E9}
C:\Windows\System32\Tasks\{0B8B6EA4-A214-4B9A-B253-2B480976BA7A}
2018-05-04 17:30 - 2018-05-04 17:30 - 000002930 _____ C:\Windows\System32\Tasks\{60A1BCED-53A4-47CA-9324-E404B3AB0744}
2018-05-04 17:30 - 2018-05-04 17:30 - 000002930 _____ C:\Windows\System32\Tasks\{1718A4AE-1D82-4CE1-B4E2-8C868E3F11BE}
2018-05-04 17:29 - 2018-05-04 17:29 - 000002930 _____ C:\Windows\System32\Tasks\{410D659A-DBEF-474F-8772-BDACCCC6C2BA}
C:\Windows\System32\Tasks\{0023ACB7-57ED-4343-8B69-50F299AE042D}
C:\Windows\System32\Tasks\LEYQPVHwvgCJZX
2018-05-03 20:53 - 2018-05-03 20:53 - 000002872 _____ C:\Windows\System32\Tasks\RLkqBnyOWmWtiyTNd2
2018-05-03 20:53 - 2018-05-03 20:53 - 000002860 _____ C:\Windows\System32\Tasks\waTTzezvPrMPuZrWXNR2
2018-05-03 20:53 - 2018-05-03 20:53 - 000002850 _____ C:\Windows\System32\Tasks\SblZmBRLKrukRom2
FirewallRules: [{8E25E924-D1D2-4A4A-9B43-653E11992B5F}] => (Allow) LPort=2869
FirewallRules: [{D84E18FD-46FF-4C1C-8DEE-9173115B642C}] => (Allow) LPort=1900
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
S2 HPSLPSVC; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S2 HPSLPSVC; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-13] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
U3 a1so7x4d; C:\Windows\System32\Drivers\a1so7x4d.sys [0 ] (Advanced Micro Devices) <==== ATTENTION (zero byte File/Folder)
S3 cpuz134; \??\C:\Users\Dean\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X] <==== ATTENTION
Task: {08D1466E-E6CD-4C6D-8CAC-5145EB2A8278} - \Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 -> No File <==== ATTENTION
Task: {5427F1EF-9AE8-43C4-BF45-35A5B40625D6} - \Steam-S-1-8-22-9865GUI -> No File <==== ATTENTION
Task: {69535777-9769-4FD4-9B85-39E0C5C5C3D0} - System32\Tasks\Fallout Explorer => C:\Windows\system32\rundll32.exe "C:\Program Files\Fallout Explorer\Fallout Explorer.dll",bmxlAP <==== ATTENTION
Task: {CE18CE31-E1C3-4A28-AB02-19F7D4315A52} - \DropboxUpdateTaskMachineUA -> No File <==== ATTENTION
Task: {D545D939-74DA-4D90-A5C3-07B1236542EA} - \NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {D8A4D4EB-B52F-45EB-A780-17003552709E} - \DropboxUpdateTaskMachineCore -> No File <==== ATTENTION
BHO: No Name -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> No File
BHO: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File
BHO-x32: No Name -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> No File
Toolbar: HKLM - No Name - {9A87E478-A2BD-44C4-9F8C-D3989A5271B1} - No File
FF Plugin HKU\S-1-5-21-2028123929-315541640-582885332-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Dean\AppData\Local\Google\Update\1.3.33.7\npGoogleUpdate3.dll [No File]
FF Plugin HKU\S-1-5-21-2028123929-315541640-582885332-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Dean\AppData\Local\Google\Update\1.3.33.7\npGoogleUpdate3.dll [No File]
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => -> No File
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => -> No File
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => -> No File
ShellIconOverlayIdentifiers: [1AMPCBOK] -> {04cd1f3e-81d5-4904-a3ab-e0f99a7d769d} => -> No File
ShellIconOverlayIdentifiers-x32: [1AMPCBOK] -> {04cd1f3e-81d5-4904-a3ab-e0f99a7d769d} => -> No File
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => -> No File
ContextMenuHandlers1: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers1: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers1: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} => -> No File
ContextMenuHandlers2: [AlcoholShellEx] -> {32020A01-506E-484D-A2A8-BE3CF17601C3} => -> No File
ContextMenuHandlers2: [AlcoholShellEx64] -> {AF67B665-D752-424E-9A03-C7C218F2844F} => -> No File
ContextMenuHandlers3: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => -> No File
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers6: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
Task: {08D1466E-E6CD-4C6D-8CAC-5145EB2A8278} - \Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 -> No File <==== ATTENTION
Task: {5427F1EF-9AE8-43C4-BF45-35A5B40625D6} - \Steam-S-1-8-22-9865GUI -> No File <==== ATTENTION
Task: {CE18CE31-E1C3-4A28-AB02-19F7D4315A52} - \DropboxUpdateTaskMachineUA -> No File <==== ATTENTION
Task: {D545D939-74DA-4D90-A5C3-07B1236542EA} - \NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {D8A4D4EB-B52F-45EB-A780-17003552709E} - \DropboxUpdateTaskMachineCore -> No File <==== ATTENTION
FF Plugin HKU\S-1-5-21-2028123929-315541640-582885332-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Dean\AppData\Local\Google\Update\1.3.33.7\npGoogleUpdate3.dll [No File]
FF Plugin HKU\S-1-5-21-2028123929-315541640-582885332-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Dean\AppData\Local\Google\Update\1.3.33.7\npGoogleUpdate3.dll [No File]
S2 WinService; C:\Users\Dean\AppData\Local\XService\XService.dll [X]
C:\Users\Dean\AppData\Local\XService
S3 cpuz134; \??\C:\Users\Dean\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X] <==== ATTENTION
Task: {259A6E60-78E5-48EA-9480-F164167E4001} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2028123929-315541640-582885332-1000Core => C:\Users\Dean\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {476E527D-7352-4793-BCFD-3AC64A61FDDC} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2028123929-315541640-582885332-1000UA => C:\Users\Dean\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-12-03] (Facebook Inc.)
Task: {4ABB75E6-7726-4F3D-A6B1-944C39E15DA8} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2028123929-315541640-582885332-1000Core => C:\Users\Dean\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-12-03] (Facebook Inc.)
Task: {4C4F763E-CA26-4545-96A0-7DD378B9B643} - System32\Tasks\troutman talkers recotroutman talkers reco => C:\Users\Dean\AppData\Local\Maligning.exe
Task: {5198CAE1-5ACD-455A-AD7D-895BE8F33D73} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2028123929-315541640-582885332-1000UA => C:\Users\Dean\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {97726AA6-D1E1-49C1-A5FF-2C2DF1337FEC} - System32\Tasks\signficantly_prohibitssignficantly_prohibits => C:\Users\Dean\AppData\Local\Cubbyhole.exe
Task: {99B3AEA3-339F-498F-9C4D-5DDB95A8C567} - System32\Tasks\signficantly_prohibits => C:\Users\Dean\AppData\Local\Cubbyhole.exe
Task: {E586FDD5-EFD4-4231-B26B-CC065697FC6F} - System32\Tasks\troutman talkers reco => C:\Users\Dean\AppData\Local\Maligning.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2028123929-315541640-582885332-1000Core.job => C:\Users\Dean\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2028123929-315541640-582885332-1000UA.job => C:\Users\Dean\AppData\Local\Facebook\Update\FacebookUpdate.exe
MSCONFIG\startupreg: Google Update => C:\Users\Dean\AppData\Local\Google\Update\1.3.33.7\GoogleUpdateCore.exe
MSCONFIG\startupreg: msiql => C:\Users\Dean\AppData\Local\Temp\00005626\msiql.exe /RUNNING
S3 cpuz134; \??\C:\Users\Dean\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X] <==== ATTENTION
2015-05-22 20:08 - 2015-05-22 20:08 - 000000000 _____ () C:\Users\Dean\AppData\Local\Temp.dat
MSCONFIG\startupreg: msiql => C:\Users\Dean\AppData\Local\Temp\00005626\msiql.exe /RUNNING
Description: Activation context generation failed for "C:\Program Files (x86)\Google\Chrome\Temp\scoped_dir6476_15759\old_chrome.exe".
MSCONFIG\startupreg: Applying => "C:\Program Files (x86)\kitzhaber\Cubbyhole.exe" jmvdfhh
MSCONFIG\startupreg: Bastards => "C:\Program Files (x86)\kitzhaber\Cubbyhole.exe" jmvdfhh
MSCONFIG\startupreg: Bayliss => "C:\Program Files (x86)\Transactions\Maligning.exe" jmvdfhh
MSCONFIG\startupreg: Erupted => "C:\Program Files (x86)\Transactions\Maligning.exe" jmvdfhh
MSCONFIG\startupreg: Henceforth => "C:\Program Files (x86)\Assimilation\Maligning.exe" jmvdfhh
MSCONFIG\startupreg: Klepper => "C:\Program Files (x86)\kitzhaber\Cubbyhole.exe" jmvdfhh
MSCONFIG\startupreg: Laminated => "C:\Program Files (x86)\Assimilation\Maligning.exe" jmvdfhh
MSCONFIG\startupreg: machinery => "C:\Program Files (x86)\Transactions\Maligning.exe" jmvdfhh
MSCONFIG\startupreg: monetarists => "C:\Program Files (x86)\feeler\monetarists.exe" jmvdfhh
MSCONFIG\startupreg: Morant => "C:\Program Files (x86)\Transactions\Maligning.exe" jmvdfhh
MSCONFIG\startupreg: Obe => "C:\Program Files (x86)\Assimilation\Maligning.exe" jmvdfhh
MSCONFIG\startupreg: Optimally => "C:\Program Files (x86)\Assimilation\Maligning.exe" jmvdfhh
MSCONFIG\startupreg: Profoundest => "C:\Program Files (x86)\Transactions\Maligning.exe" jmvdfhh
MSCONFIG\startupreg: Ranging => "C:\Program Files (x86)\kitzhaber\Cubbyhole.exe" jmvdfhh
CMD: BCDEDIT /ENUM ALL
CMD: fltmc instances
Folder: C:\Windows\System32\Drivers
Reg: Reg query "HKLM\SYSTEM\Select"
HOSTS:
Removeproxy:
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: ipconfig /flushdns
CMD: netsh winsock reset catalog
CMD: netsh int ip reset C:\resettcpip.txt
CMD: FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i"
CMD: Bitsadmin /Reset /Allusers
EMPTYTEMP:
Reboot:
 
*****************
 
C:\Windows\SearchIndexer.exe => moved successfully
HKLM\System\CurrentControlSet\Control\Session Manager\\BootExecute => value restored successfully
"HKU\S-1-5-21-2028123929-315541640-582885332-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoLowDiskSpaceChecks" => removed successfully
"HKU\S-1-5-21-2028123929-315541640-582885332-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\LinkResolveIgnoreLinkInfo" => removed successfully
"HKU\S-1-5-21-2028123929-315541640-582885332-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoResolveSearch" => removed successfully
"HKU\S-1-5-21-2028123929-315541640-582885332-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoInternetOpenWith" => removed successfully
"HKLM\Software\Classes\PROTOCOLS\Handler\WSWSVCUchrome" => removed successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKU\S-1-5-21-2028123929-315541640-582885332-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => removed successfully
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
"HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
"HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
"HKU\S-1-5-21-2028123929-315541640-582885332-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{1711FC25-F05A-40CE-B859-A0C1CF01FD18}" => removed successfully
HKLM\Software\Classes\CLSID\{1711FC25-F05A-40CE-B859-A0C1CF01FD18} => not found
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}" => removed successfully
HKLM\Software\Classes\CLSID\{3049C3E9-B461-4BC5-8870-4C09146192CA} => not found
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}" => removed successfully
HKLM\Software\Classes\CLSID\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} => not found
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{3049C3E9-B461-4BC5-8870-4C09146192CA} => not found
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{9A87E478-A2BD-44C4-9F8C-D3989A5271B1}" => removed successfully
HKLM\Software\Classes\CLSID\{9A87E478-A2BD-44C4-9F8C-D3989A5271B1} => not found
"Chrome HomePage" => removed successfully
"Chrome StartupUrls" => removed successfully
"Chrome NewTab" => removed successfully
"Chrome DefaultSearchKeyword" => removed successfully
"HKLM\System\CurrentControlSet\Services\WinService" => removed successfully
WinService => service removed successfully
"HKLM\System\CurrentControlSet\Services\UnlockerDriver5" => removed successfully
UnlockerDriver5 => service removed successfully
"HKLM\System\CurrentControlSet\Services\a1so7x4d" => removed successfully
a1so7x4d => service removed successfully
a1so7x4d => service not found.
"HKLM\System\CurrentControlSet\Services\COMMONFX.DLL" => removed successfully
COMMONFX.DLL => service removed successfully
"HKLM\System\CurrentControlSet\Services\cpuz134" => removed successfully
cpuz134 => service removed successfully
"HKLM\System\CurrentControlSet\Services\CTAUDFX.DLL" => removed successfully
CTAUDFX.DLL => service removed successfully
"HKLM\System\CurrentControlSet\Services\CTERFXFX.DLL" => removed successfully
CTERFXFX.DLL => service removed successfully
"HKLM\System\CurrentControlSet\Services\CTSBLFX.DLL" => removed successfully
CTSBLFX.DLL => service removed successfully
"HKLM\System\CurrentControlSet\Services\MediaMall Server" => removed successfully
MediaMall Server => service removed successfully
"HKLM\System\CurrentControlSet\Services\NTIOLib_1_0_C" => removed successfully
NTIOLib_1_0_C => service removed successfully
"HKLM\System\CurrentControlSet\Services\Synth3dVsc" => removed successfully
Synth3dVsc => service removed successfully
"HKLM\System\CurrentControlSet\Services\tsusbhub" => removed successfully
tsusbhub => service removed successfully
"HKLM\System\CurrentControlSet\Services\VGPU" => removed successfully
VGPU => service removed successfully
C:\Windows\System32\Tasks\{65AF4565-BE59-4E65-8D5D-3CF279A304F1} => moved successfully
C:\Windows\System32\Tasks\{75DCBDB9-68C4-494B-A2E8-5D5AAC90E73B} => moved successfully
C:\Windows\System32\Tasks\{6E83F440-A064-445D-A14A-C9FFE1F3488F} => moved successfully
C:\Windows\System32\Tasks\{6913CA7F-8318-4C75-881F-B12F8C0BCE53} => moved successfully
C:\Windows\System32\Tasks\{38E59B47-8A8E-4CD8-B2D7-E4D32C7E9073} => moved successfully
C:\Windows\System32\Tasks\{339977FA-456E-46EB-B6B1-C2FA418F11E2} => moved successfully
C:\Windows\System32\Tasks\{93D16F67-2EEF-47CA-8B9A-5D2F2FB8DF38} => moved successfully
C:\Windows\System32\Tasks\{8253449D-E5E5-4FF5-B4C5-02A220B798D2} => moved successfully
C:\Windows\System32\Tasks\{357CF9DA-D014-442C-8DCE-B2BA88CA5A57} => moved successfully
C:\Windows\System32\Tasks\{0BCD699D-9976-42E5-91F7-9F58A5DA096E} => moved successfully
C:\Windows\System32\Tasks\{E5DC8FCF-4595-4876-BC89-7B7A5F2103B7} => moved successfully
C:\Windows\System32\Tasks\{A1822A32-3C6D-408C-A314-92F07C54CD2A} => moved successfully
C:\Windows\System32\Tasks\{2616C609-B554-4200-812D-6AE2F2F7F1E9} => moved successfully
C:\Windows\System32\Tasks\{0B8B6EA4-A214-4B9A-B253-2B480976BA7A} => moved successfully
C:\Windows\System32\Tasks\{60A1BCED-53A4-47CA-9324-E404B3AB0744} => moved successfully
C:\Windows\System32\Tasks\{1718A4AE-1D82-4CE1-B4E2-8C868E3F11BE} => moved successfully
C:\Windows\System32\Tasks\{410D659A-DBEF-474F-8772-BDACCCC6C2BA} => moved successfully
C:\Windows\System32\Tasks\{0023ACB7-57ED-4343-8B69-50F299AE042D} => moved successfully
C:\Windows\System32\Tasks\LEYQPVHwvgCJZX => moved successfully
C:\Windows\System32\Tasks\RLkqBnyOWmWtiyTNd2 => moved successfully
C:\Windows\System32\Tasks\waTTzezvPrMPuZrWXNR2 => moved successfully
C:\Windows\System32\Tasks\SblZmBRLKrukRom2 => moved successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8E25E924-D1D2-4A4A-9B43-653E11992B5F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D84E18FD-46FF-4C1C-8DEE-9173115B642C}" => removed successfully
"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender" => removed successfully
"HKLM\SOFTWARE\Policies\Google" => removed successfully
"HKLM\System\CurrentControlSet\Services\HPSLPSVC" => removed successfully
HPSLPSVC => service removed successfully
HPSLPSVC => service not found.
a1so7x4d => service not found.
cpuz134 => service not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{08D1466E-E6CD-4C6D-8CAC-5145EB2A8278}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{08D1466E-E6CD-4C6D-8CAC-5145EB2A8278}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5427F1EF-9AE8-43C4-BF45-35A5B40625D6}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5427F1EF-9AE8-43C4-BF45-35A5B40625D6}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Steam-S-1-8-22-9865GUI" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{69535777-9769-4FD4-9B85-39E0C5C5C3D0}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{69535777-9769-4FD4-9B85-39E0C5C5C3D0}" => removed successfully
C:\Windows\System32\Tasks\Fallout Explorer => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Fallout Explorer" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CE18CE31-E1C3-4A28-AB02-19F7D4315A52}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CE18CE31-E1C3-4A28-AB02-19F7D4315A52}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DropboxUpdateTaskMachineUA" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D545D939-74DA-4D90-A5C3-07B1236542EA}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D545D939-74DA-4D90-A5C3-07B1236542EA}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D8A4D4EB-B52F-45EB-A780-17003552709E}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D8A4D4EB-B52F-45EB-A780-17003552709E}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DropboxUpdateTaskMachineCore" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA} => not found
HKLM\Software\Classes\CLSID\{3049C3E9-B461-4BC5-8870-4C09146192CA} => not found
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} => not found
HKLM\Software\Classes\CLSID\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} => not found
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA} => not found
HKLM\Software\Wow6432Node\Classes\CLSID\{3049C3E9-B461-4BC5-8870-4C09146192CA} => not found
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{9A87E478-A2BD-44C4-9F8C-D3989A5271B1}" => not found
HKLM\Software\Classes\CLSID\{9A87E478-A2BD-44C4-9F8C-D3989A5271B1} => not found
"HKU\S-1-5-21-2028123929-315541640-582885332-1000\Software\MozillaPlugins\@tools.google.com/Google Update;version=3" => removed successfully
"C:\Users\Dean\AppData\Local\Google\Update\1.3.33.7\npGoogleUpdate3.dll" => not found
"HKU\S-1-5-21-2028123929-315541640-582885332-1000\Software\MozillaPlugins\@tools.google.com/Google Update;version=9" => removed successfully
"C:\Users\Dean\AppData\Local\Google\Update\1.3.33.7\npGoogleUpdate3.dll" => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ GoogleDriveBlacklisted => not found
HKLM\Software\Classes\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ GoogleDriveSynced => not found
HKLM\Software\Classes\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ GoogleDriveSyncing => not found
HKLM\Software\Classes\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => not found
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\1AMPCBOK" => removed successfully
HKLM\Software\Classes\CLSID\{04cd1f3e-81d5-4904-a3ab-e0f99a7d769d} => not found
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\1AMPCBOK" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{04cd1f3e-81d5-4904-a3ab-e0f99a7d769d} => not found
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\GDContextMenu" => removed successfully
HKLM\Software\Classes\CLSID\{BB02B294-8425-42E5-983F-41A1FA970CD6} => not found
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\SimpleShlExt" => removed successfully
HKLM\Software\Classes\CLSID\{45203D3B-3D73-4497-8AFE-D29950AC6C55} => not found
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR" => removed successfully
HKLM\Software\Classes\CLSID\{B41DB860-64E4-11D2-9906-E49FADC173CA} => not found
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR32" => removed successfully
HKLM\Software\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA} => not found
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WondershareVideoConverterFileOpreation" => removed successfully
HKLM\Software\Classes\CLSID\{FEB746CA-95C2-485F-B386-C30D4E56D22E} => not found
"HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\AlcoholShellEx" => removed successfully
HKLM\Software\Classes\CLSID\{32020A01-506E-484D-A2A8-BE3CF17601C3} => not found
"HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\AlcoholShellEx64" => removed successfully
HKLM\Software\Classes\CLSID\{AF67B665-D752-424E-9A03-C7C218F2844F} => not found
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\UnlockerShellExtension" => removed successfully
HKLM\Software\Classes\CLSID\{DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => not found
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C}" => removed successfully
HKLM\Software\Classes\CLSID\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => not found
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\GDContextMenu" => removed successfully
HKLM\Software\Classes\CLSID\{BB02B294-8425-42E5-983F-41A1FA970CD6} => not found
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\Gadgets" => removed successfully
HKLM\Software\Classes\CLSID\{6B9228DA-9C15-419e-856C-19E768A13BDC} => not found
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR" => removed successfully
HKLM\Software\Classes\CLSID\{B41DB860-64E4-11D2-9906-E49FADC173CA} => not found
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR32" => removed successfully
HKLM\Software\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA} => not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{08D1466E-E6CD-4C6D-8CAC-5145EB2A8278} => could not remove. Access Denied.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => could not remove. Access Denied.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5427F1EF-9AE8-43C4-BF45-35A5B40625D6} => could not remove. Access Denied.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Steam-S-1-8-22-9865GUI => could not remove. Access Denied.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CE18CE31-E1C3-4A28-AB02-19F7D4315A52} => could not remove. Access Denied.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DropboxUpdateTaskMachineUA => could not remove. Access Denied.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D545D939-74DA-4D90-A5C3-07B1236542EA} => could not remove. Access Denied.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => could not remove. Access Denied.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D8A4D4EB-B52F-45EB-A780-17003552709E} => could not remove. Access Denied.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DropboxUpdateTaskMachineCore => could not remove. Access Denied.
HKU\S-1-5-21-2028123929-315541640-582885332-1000\Software\MozillaPlugins\@tools.google.com/Google Update;version=3 => not found
"C:\Users\Dean\AppData\Local\Google\Update\1.3.33.7\npGoogleUpdate3.dll" => not found
HKU\S-1-5-21-2028123929-315541640-582885332-1000\Software\MozillaPlugins\@tools.google.com/Google Update;version=9 => not found
"C:\Users\Dean\AppData\Local\Google\Update\1.3.33.7\npGoogleUpdate3.dll" => not found
WinService => service not found.
"C:\Users\Dean\AppData\Local\XService" => not found
cpuz134 => service not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{259A6E60-78E5-48EA-9480-F164167E4001}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{259A6E60-78E5-48EA-9480-F164167E4001}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2028123929-315541640-582885332-1000Core => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-2028123929-315541640-582885332-1000Core" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{476E527D-7352-4793-BCFD-3AC64A61FDDC}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{476E527D-7352-4793-BCFD-3AC64A61FDDC}" => removed successfully
C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2028123929-315541640-582885332-1000UA => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FacebookUpdateTaskUserS-1-5-21-2028123929-315541640-582885332-1000UA" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4ABB75E6-7726-4F3D-A6B1-944C39E15DA8}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4ABB75E6-7726-4F3D-A6B1-944C39E15DA8}" => removed successfully
C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2028123929-315541640-582885332-1000Core => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FacebookUpdateTaskUserS-1-5-21-2028123929-315541640-582885332-1000Core" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4C4F763E-CA26-4545-96A0-7DD378B9B643}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4C4F763E-CA26-4545-96A0-7DD378B9B643}" => removed successfully
C:\Windows\System32\Tasks\troutman talkers recotroutman talkers reco => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\troutman talkers recotroutman talkers reco" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5198CAE1-5ACD-455A-AD7D-895BE8F33D73}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5198CAE1-5ACD-455A-AD7D-895BE8F33D73}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2028123929-315541640-582885332-1000UA => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-2028123929-315541640-582885332-1000UA" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{97726AA6-D1E1-49C1-A5FF-2C2DF1337FEC}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{97726AA6-D1E1-49C1-A5FF-2C2DF1337FEC}" => removed successfully
C:\Windows\System32\Tasks\signficantly_prohibitssignficantly_prohibits => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\signficantly_prohibitssignficantly_prohibits" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{99B3AEA3-339F-498F-9C4D-5DDB95A8C567}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{99B3AEA3-339F-498F-9C4D-5DDB95A8C567}" => removed successfully
C:\Windows\System32\Tasks\signficantly_prohibits => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\signficantly_prohibits" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E586FDD5-EFD4-4231-B26B-CC065697FC6F}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E586FDD5-EFD4-4231-B26B-CC065697FC6F}" => removed successfully
C:\Windows\System32\Tasks\troutman talkers reco => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\troutman talkers reco" => removed successfully
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2028123929-315541640-582885332-1000Core.job => moved successfully
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2028123929-315541640-582885332-1000UA.job => moved successfully
"HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Google Update" => removed successfully
"HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\msiql" => removed successfully
cpuz134 => service not found.
C:\Users\Dean\AppData\Local\Temp.dat => moved successfully
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\msiql => not found
Description: Activation context generation failed for "C:\Program Files (x86)\Google\Chrome\Temp\scoped_dir6476_15759\old_chrome.exe". => Error: No automatic fix found for this entry.
"HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Applying" => removed successfully
"HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Bastards" => removed successfully
"HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Bayliss" => removed successfully
"HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Erupted" => removed successfully
"HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Henceforth" => removed successfully
"HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Klepper" => removed successfully
"HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Laminated" => removed successfully
"HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\machinery" => removed successfully
"HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\monetarists" => removed successfully
"HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Morant" => removed successfully
"HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Obe" => removed successfully
"HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Optimally" => removed successfully
"HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Profoundest" => removed successfully
"HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Ranging" => removed successfully
 
========= BCDEDIT /ENUM ALL =========
 
 
Windows Boot Manager
--------------------
identifier              {bootmgr}
device                  partition=\Device\HarddiskVolume1
description             Windows Boot Manager
locale                  en-US
inherit                 {globalsettings}
default                 {current}
resumeobject            {5e158a4c-4f39-11e8-a34c-806e6f6e6963}
displayorder            {b1e0493e-5f6a-11e1-82bc-99687c6d3660}
                        {current}
toolsdisplayorder       {memdiag}
timeout                 0
 
Windows Boot Loader
-------------------
identifier              {current}
device                  partition=C:
path                    \Windows\system32\osloader.exe
description             WINDOWS FAST MODE
inherit                 {bootloadersettings}
recoveryenabled         Yes
nointegritychecks       Yes
osdevice                partition=C:
systemroot              \Windows
kernel                  ntkrnlmp.exe
resumeobject            {5e158a4c-4f39-11e8-a34c-806e6f6e6963}
nx                      OptIn
 
Windows Boot Loader
-------------------
identifier              {b1e0493e-5f6a-11e1-82bc-99687c6d3660}
device                  partition=C:
path                    \Windows\system32\winload.exe
description             Windows 7
locale                  en-US
inherit                 {bootloadersettings}
recoverysequence        {b1e0493f-5f6a-11e1-82bc-99687c6d3660}
recoveryenabled         Yes
osdevice                partition=C:
systemroot              \Windows
resumeobject            {b1e0493d-5f6a-11e1-82bc-99687c6d3660}
nx                      OptIn
 
Windows Boot Loader
-------------------
identifier              {b1e0493f-5f6a-11e1-82bc-99687c6d3660}
device                  ramdisk=[C:]\Recovery\b1e0493f-5f6a-11e1-82bc-99687c6d3660\Winre.wim,{b1e04940-5f6a-11e1-82bc-99687c6d3660}
path                    \windows\system32\winload.exe
description             Windows Recovery Environment
inherit                 {bootloadersettings}
osdevice                ramdisk=[C:]\Recovery\b1e0493f-5f6a-11e1-82bc-99687c6d3660\Winre.wim,{b1e04940-5f6a-11e1-82bc-99687c6d3660}
systemroot              \windows
nx                      OptIn
winpe                   Yes
 
Resume from Hibernate
---------------------
identifier              {5e158a4c-4f39-11e8-a34c-806e6f6e6963}
device                  partition=C:
path                    \Windows\system32\winresume.exe
description             WINDOWS FAST MODE
inherit                 {resumeloadersettings}
filedevice              partition=C:
filepath                \hiberfil.sys
debugoptionenabled      No
 
Resume from Hibernate
---------------------
identifier              {b1e0493d-5f6a-11e1-82bc-99687c6d3660}
device                  partition=C:
path                    \Windows\system32\winresume.exe
description             Windows Resume Application
locale                  en-US
inherit                 {resumeloadersettings}
filedevice              partition=C:
filepath                \hiberfil.sys
debugoptionenabled      No
 
Windows Memory Tester
---------------------
identifier              {memdiag}
device                  partition=\Device\HarddiskVolume1
path                    \boot\memtest.exe
description             Windows Memory Diagnostic
locale                  en-US
inherit                 {globalsettings}
badmemoryaccess         Yes
 
EMS Settings
------------
identifier              {emssettings}
bootems                 Yes
 
Debugger Settings
-----------------
identifier              {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200
 
RAM Defects
-----------
identifier              {badmemory}
 
Global Settings
---------------
identifier              {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}
 
Boot Loader Settings
--------------------
identifier              {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}
 
Hypervisor Settings
-------------------
identifier              {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200
 
Resume Loader Settings
----------------------
identifier              {resumeloadersettings}
inherit                 {globalsettings}
 
Device options
--------------
identifier              {b1e04940-5f6a-11e1-82bc-99687c6d3660}
description             Ramdisk Options
ramdisksdidevice        partition=C:
ramdisksdipath          \Recovery\b1e0493f-5f6a-11e1-82bc-99687c6d3660\boot.sdi
 
========= End of CMD: =========
 
 
========= fltmc instances =========
 
Filter                Volume Name                              Altitude        Instance Name      Frame  VlStatus
--------------------  -------------------------------------  ------------  ---------------------  -----  --------
MBAMChameleon         \Device\Mup                             400900       MBAMChameleon            0    
MBAMChameleon         C:                                      400900       MBAMChameleon            0    
MBAMChameleon         E:                                      400900       MBAMChameleon            0    
MBAMChameleon         D:                                      400900       MBAMChameleon            0    
MBAMChameleon                                                 400900       MBAMChameleon            0    
MBAMChameleon         \Device\HarddiskVolumeShadowCopy16      400900       MBAMChameleon            0    
MBAMChameleon         \Device\HarddiskVolumeShadowCopy5       400900       MBAMChameleon            0    
MBAMProtection        C:                                      328800       MBAMProtection           0    
MBAMProtection        E:                                      328800       MBAMProtection           0    
MBAMProtection        D:                                      328800       MBAMProtection           0    
MBAMProtection                                                328800       MBAMProtection           0    
MBAMProtection        \Device\HarddiskVolumeShadowCopy16      328800       MBAMProtection           0    
MBAMProtection        \Device\HarddiskVolumeShadowCopy5       328800       MBAMProtection           0    
KLIF                  \Device\Mup                             320400       KLIF                     0    
KLIF                  C:                                      320400       KLIF                     0    
KLIF                  E:                                      320400       KLIF                     0    
KLIF                  D:                                      320400       KLIF                     0    
KLIF                                                          320400       KLIF                     0    
MBAMFarflt            C:                                      268150       MBAMFarflt               0    
MBAMFarflt            E:                                      268150       MBAMFarflt               0    
MBAMFarflt            D:                                      268150       MBAMFarflt               0    
MBAMFarflt                                                    268150       MBAMFarflt               0    
luafv                 C:                                      135000       luafv                    0    
FileInfo              \Device\Mup                              45000       FileInfo                 0    
FileInfo              C:                                       45000       FileInfo                 0    
FileInfo              E:                                       45000       FileInfo                 0    
FileInfo              D:                                       45000       FileInfo                 0    
FileInfo                                                       45000       FileInfo                 0    
FileInfo              \Device\HarddiskVolumeShadowCopy16       45000       FileInfo                 0    
FileInfo              \Device\HarddiskVolumeShadowCopy5        45000       FileInfo                 0    
 
========= End of CMD: =========
 
 
========================= Folder: C:\Windows\System32\Drivers ========================
 
2009-07-13 20:06 - 2009-07-13 20:06 - 000068096 ____A [64EDD3F59DB321947969FDF1DD747323] (Microsoft Corporation) C:\Windows\System32\Drivers\1394bus.sys
2012-02-27 22:32 - 2010-11-20 06:44 - 000229888 ____A [A87D604AEA360176311474C87A63BB88] (Microsoft Corporation) C:\Windows\System32\Drivers\1394ohci.sys
2009-07-13 20:06 - 2009-07-13 20:06 - 000060288 ____A [E0A8525A951ADDB4655BC2068566407D] (Microsoft Corporation) C:\Windows\System32\Drivers\61883.sys
2018-04-21 12:20 - 2018-02-10 14:35 - 000334528 ____A [DCA5495CA17AEB2F4FD8AC60812C3999] (Microsoft Corporation) C:\Windows\System32\Drivers\acpi.sys
2012-02-27 22:31 - 2010-11-20 05:30 - 000012800 ____A [99F8E788246D495CE3794D7E7821D2CA] (Microsoft Corporation) C:\Windows\System32\Drivers\acpipmi.sys
2009-06-10 16:36 - 2009-07-13 21:52 - 000491088 ____A [2F6B34B83843F0C5118B63AC634F5BF4] (Adaptec, Inc.) C:\Windows\System32\Drivers\adp94xx.sys
2009-07-13 17:59 - 2009-07-13 21:52 - 000339536 ____A [597F78224EE9224EA1A13D6350CED962] (Adaptec, Inc.) C:\Windows\System32\Drivers\adpahci.sys
2009-07-13 17:59 - 2009-07-13 21:52 - 000182864 ____A [E109549C90F62FB570B9540C4B148E54] (Adaptec, Inc.) C:\Windows\System32\Drivers\adpu320.sys
2017-05-24 06:10 - 2017-04-04 10:53 - 000496128 ____A [0DC2A9882540DEA4A55B08785E09D8FC] (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys
2009-07-13 20:10 - 2009-07-13 20:10 - 000060416 ____A [7ECFF9B22276B73F43A99A15A6094E90] (Microsoft Corporation) C:\Windows\System32\Drivers\agilevpn.sys
2018-04-21 12:20 - 2018-02-10 14:35 - 000060608 ____A [466BF4170DC41BB939F1F9AB8F97F8F5] (Microsoft Corporation) C:\Windows\System32\Drivers\AGP440.sys
2009-07-13 19:19 - 2009-07-13 21:52 - 000015440 ____A [5812713A477A3AD7363C7438CA2EE038] (Acer Laboratories Inc.) C:\Windows\System32\Drivers\aliide.sys
2009-07-13 19:19 - 2009-07-13 21:52 - 000015440 ____A [1FF8B4431C353CE385C875F194924C0C] (Microsoft Corporation) C:\Windows\System32\Drivers\amdide.sys
2009-07-13 19:19 - 2009-07-13 19:19 - 000064512 ____A [7024F087CFF1833A806193EF9D22CDA9] (Microsoft Corporation) C:\Windows\System32\Drivers\amdk8.sys
2009-07-13 19:19 - 2009-07-13 19:19 - 000060928 ____A [1E56388B3FE0D031C44144EB8C4D6217] (Microsoft Corporation) C:\Windows\System32\Drivers\amdppm.sys
2012-02-25 05:30 - 2011-03-11 02:41 - 000107904 ____A [D4121AE6D0C0E7E13AA221AA57EF2D49] (Advanced Micro Devices) C:\Windows\System32\Drivers\amdsata.sys
2009-06-10 16:37 - 2009-07-13 21:52 - 000194128 ____A [F67F933E79241ED32FF46A4F29B5120B] (AMD Technologies Inc.) C:\Windows\System32\Drivers\amdsbs.sys
2012-02-25 05:30 - 2011-03-11 02:41 - 000027008 ____A [540DAF1CEA6094886D72126FD7C33048] (Advanced Micro Devices) C:\Windows\System32\Drivers\amdxata.sys
2018-04-21 12:20 - 2018-03-30 21:06 - 000062464 ____A [97F6A05C12DCD5DD8D94F12207199F8F] (Microsoft Corporation) C:\Windows\System32\Drivers\appid.sys
2009-07-13 17:59 - 2009-07-13 21:52 - 000087632 ____A [C484F8CEB1717C540242531DB7845C4E] (Adaptec, Inc.) C:\Windows\System32\Drivers\arc.sys
2009-07-13 17:59 - 2009-07-13 21:52 - 000097856 ____A [019AF6924AEFE7839F61C830227FE79C] (Adaptec, Inc.) C:\Windows\System32\Drivers\arcsas.sys
2009-07-13 20:10 - 2009-07-13 20:10 - 000023040 ____A [769765CE2CC62867468CEA93969B2242] (Microsoft Corporation) C:\Windows\System32\Drivers\asyncmac.sys
2009-07-13 19:19 - 2009-07-13 21:52 - 000024128 ____A [02062C0B390B7729EDC9E69C680A6F3C] (Microsoft Corporation) C:\Windows\System32\Drivers\atapi.sys
2013-09-15 19:52 - 2013-08-04 22:25 - 000155584 ____A [059F00DEF82BF41E433B7ED465847726] (Microsoft Corporation) C:\Windows\System32\Drivers\ataport.sys
2012-11-16 15:37 - 2012-11-16 15:37 - 000053248 ____A [F9A20D4BECB720A56820BE2EF7800969] (Advanced Micro Devices, Inc.) C:\Windows\System32\Drivers\ati2erec.dll
2016-04-01 02:31 - 2016-04-01 02:31 - 000104976 ____A [738CD83A9C61ADFD00984433DBA3DC78] (Advanced Micro Devices) C:\Windows\System32\Drivers\AtihdW76.sys
2012-11-16 17:08 - 2012-11-16 17:08 - 011922944 ____A [5B871F3E4A4A6C4693A413E3138B51D0] (Advanced Micro Devices, Inc.) C:\Windows\System32\Drivers\atikmdag.sys
2012-11-16 15:39 - 2012-11-16 15:39 - 000359936 ____A [9BE1140CE8D2C5E878F136A7B85D41B3] (Advanced Micro Devices, Inc.) C:\Windows\System32\Drivers\atikmpag.sys
2009-07-13 17:59 - 2009-06-10 16:36 - 000655825 ____A [EDFAB0AAC634DEBA2ED5FD247CC5EB69] () C:\Windows\System32\Drivers\ativcaxx.cpa
2009-07-13 17:59 - 2009-06-10 16:36 - 000000929 ____A [D2A43D354DCB723BEEBDE3670E65DC46] () C:\Windows\System32\Drivers\ativcaxx.vp
2009-07-13 17:59 - 2009-06-10 16:36 - 000002096 ____A [28E860FB66A500412E0E0ABE74AE4C28] () C:\Windows\System32\Drivers\ativdkxx.vp
2009-07-13 17:59 - 2009-06-10 16:36 - 000002096 ____A [33A2234290EA767DA0EC9FBD5F4BBD19] () C:\Windows\System32\Drivers\ativokxx.vp
2009-07-13 17:59 - 2009-06-10 16:36 - 000002096 ____A [D9BC8AB4EE63B7F4CB5C6A70AB9D9F30] () C:\Windows\System32\Drivers\ativpkxx.vp
2009-07-13 17:59 - 2009-06-10 16:36 - 000019392 ____A [2397C0F43FD7D630F9F4CB9A06887D31] () C:\Windows\System32\Drivers\ativvpxx.vp
2009-07-13 20:06 - 2009-07-13 20:06 - 000048768 ____A [16FABE84916623D0607E4A975544032C] (Microsoft Corporation) C:\Windows\System32\Drivers\avc.sys
2009-07-13 20:06 - 2009-07-13 20:06 - 000017664 ____A [155F536D6181508929F4FE177F4167CE] (Microsoft Corporation) C:\Windows\System32\Drivers\avcstrm.sys
2009-06-10 16:34 - 2009-06-10 16:34 - 000270848 ____A [B5ACE6968304A3900EEB1EBFD9622DF2] (Broadcom Corporation) C:\Windows\System32\Drivers\b57nd60a.sys
2009-07-13 19:31 - 2009-07-13 21:52 - 000028240 ____A [F4DE2AE7A9E1BADAC70BC71EA2C17612] (Microsoft Corporation) C:\Windows\System32\Drivers\battc.sys
2009-07-13 20:00 - 2009-07-13 20:00 - 000006656 ____A [16A47CE2DECC9B099349A5F840654746] (Microsoft Corporation) C:\Windows\System32\Drivers\beep.sys
2009-07-13 19:35 - 2009-07-13 19:35 - 000045056 ____A [61583EE3C3A17003C4ACD0475646B4D3] (Microsoft Corporation) C:\Windows\System32\Drivers\blbdrive.sys
2016-11-10 07:13 - 2016-10-05 10:54 - 000090112 ____A [ABA3984C822E4D3F889699912D85D6C5] (Microsoft Corporation) C:\Windows\System32\Drivers\bowser.sys
2009-07-13 21:19 - 2009-06-10 16:41 - 000018432 ____A [F09EEE9EDC320B5E1501F749FDE686C8] (Brother Industries, Ltd.) C:\Windows\System32\Drivers\BrFiltLo.sys
2009-07-13 21:20 - 2009-06-10 16:41 - 000008704 ____A [B114D3098E9BDB8BEA8B053685831BE6] (Brother Industries, Ltd.) C:\Windows\System32\Drivers\BrFiltUp.sys
2009-07-13 21:05 - 2009-07-13 21:01 - 000095232 ____A [5C2F352A4E961D72518261257AAE204B] (Microsoft Corporation) C:\Windows\System32\Drivers\bridge.sys
2009-07-13 21:19 - 2009-07-13 21:19 - 000286720 ____A [43BEA8D483BF1870F018E2D02E06A5BD] (Brother Industries Ltd.) C:\Windows\System32\Drivers\BrSerId.sys
2009-07-13 21:20 - 2009-06-10 16:41 - 000047104 ____A [A6ECA2151B08A09CACECA35C07F05B42] (Brother Industries Ltd.) C:\Windows\System32\Drivers\BrSerWdm.sys
2009-07-13 21:20 - 2009-06-10 16:41 - 000014976 ____A [B79968002C277E869CF38BD22CD61524] (Brother Industries Ltd.) C:\Windows\System32\Drivers\BrUsbMdm.sys
2009-07-13 21:20 - 2009-06-10 16:41 - 000014720 ____A [A87528880231C54E75EA7A44943B38BF] (Brother Industries Ltd.) C:\Windows\System32\Drivers\BrUsbSer.sys
2009-07-13 20:06 - 2009-07-13 20:06 - 000041984 ____A [CF98190A94F62E405C8CB255018B2315] (Microsoft Corporation) C:\Windows\System32\Drivers\bthenum.sys
2009-07-13 20:06 - 2009-07-13 20:06 - 000072192 ____A [9DA669F11D1F894AB4EB69BF546A42E8] (Microsoft Corporation) C:\Windows\System32\Drivers\bthmodem.sys
2017-07-19 06:27 - 2017-07-06 00:56 - 000119296 ____A [5A8951D195AFEF979C4AB02A129EBC37] (Microsoft Corporation) C:\Windows\System32\Drivers\bthpan.sys
2012-09-06 05:08 - 2012-07-06 16:07 - 000552960 ____A [738D0E9272F59EB7A1449C3EC118E6C4] (Microsoft Corporation) C:\Windows\System32\Drivers\bthport.sys
2012-02-25 05:30 - 2011-04-27 23:54 - 000080384 ____A [F188B7394D81010767B6DF3178519A37] (Microsoft Corporation) C:\Windows\System32\Drivers\BTHUSB.SYS
2009-06-10 16:34 - 2009-06-10 16:34 - 000468480 ____A [3E5B191307609F7514148C6832BB0842] (Broadcom Corporation) C:\Windows\System32\Drivers\bxvbda.sys
2009-07-13 19:19 - 2009-07-13 19:19 - 000092160 ____A [B8BD2BB284668C84865658C77574381A] (Microsoft Corporation) C:\Windows\System32\Drivers\cdfs.sys
2014-04-19 20:56 - 2012-04-24 03:01 - 000010864 ____A [13E531377E9BAA6E37F6471E0E8277AC] (Corel Corporation) C:\Windows\System32\Drivers\cdr4_xp.sys
2014-04-19 20:56 - 2012-04-24 03:01 - 000011376 ____A [DAEF5180E390E56F354FE6D69D354EBC] (Corel Corporation) C:\Windows\System32\Drivers\cdralw2k.sys
2012-02-27 22:31 - 2010-11-20 05:19 - 000147456 ____A [F036CE71586E93D94DAB220D7BDF4416] (Microsoft Corporation) C:\Windows\System32\Drivers\cdrom.sys
2009-07-13 20:06 - 2009-07-13 20:06 - 000045568 ____A [D7CD5C4E1B71FA62050515314CFB52CF] (Microsoft Corporation) C:\Windows\System32\Drivers\circlass.sys
2012-02-27 22:32 - 2010-11-20 09:32 - 000179072 ____A [ACFAD0B512226C7A83C7CB09FD55A9AD] (Microsoft Corporation) C:\Windows\System32\Drivers\Classpnp.sys
2009-07-13 19:31 - 2009-07-13 19:31 - 000017664 ____A [0840155D0BDDF1190F84A663C284BD33] (Microsoft Corporation) C:\Windows\System32\Drivers\CmBatt.sys
2009-07-13 19:19 - 2009-07-13 21:52 - 000017488 ____A [E19D3F095812725D88F9001985B94EDD] (CMD Technology, Inc.) C:\Windows\System32\Drivers\cmdide.sys
2016-12-17 09:42 - 2016-11-20 10:07 - 000467392 ____A [A98CED39AD91B445E2E442A9BD67E8B4] (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys
2010-03-18 20:39 - 2010-03-18 20:39 - 000158808 ____A [F38ACFF40E9EDC2B3476EDD724CEA4A0] (Creative Technology Ltd) C:\Windows\System32\Drivers\COMMONFX.sys
2009-07-13 19:31 - 2009-07-13 21:52 - 000021584 ____A [102DE219C3F61415F964C88E9085AD14] (Microsoft Corporation) C:\Windows\System32\Drivers\compbatt.sys
2012-02-27 22:31 - 2010-11-20 06:33 - 000038912 ____A [03EDB043586CCEBA243D689BDDA370A8] (Microsoft Corporation) C:\Windows\System32\Drivers\CompositeBus.sys
2009-07-13 20:01 - 2009-07-13 21:47 - 000039504 ____A [3E588B60EC061686BA05D33574A344C6] (Microsoft Corporation) C:\Windows\System32\Drivers\crashdmp.sys
2009-07-13 20:01 - 2009-07-13 21:47 - 000024144 ____A [1C827878A998C18847245FE1F34EE597] (Microsoft Corporation) C:\Windows\System32\Drivers\crcdisk.sys
2012-02-27 22:33 - 2010-11-20 05:27 - 000514560 ____A [54DA3DFD29ED9F1619B6F53F3CE55E49] (Microsoft Corporation) C:\Windows\System32\Drivers\csc.sys
2010-03-18 20:50 - 2010-03-18 20:50 - 002190936 ____A [4EF45FF9F4DD7CCA6348394F87328A2C] (Creative Technology Ltd.) C:\Windows\System32\Drivers\CT0531FL.SYS
2010-03-18 20:50 - 2010-03-18 20:50 - 000580696 ____A [095C566746217CD1482EDE40A70D87D2] (Creative Technology Ltd) C:\Windows\System32\Drivers\ctac32k.sys
2010-03-18 20:50 - 2010-03-18 20:50 - 000866264 ____A [157E2196FCCD002A2EDF3B06DF7B0C9A] (Creative Technology Ltd) C:\Windows\System32\Drivers\ctaud2k.sys
2010-03-18 20:39 - 2010-03-18 20:39 - 000706648 ____A [17979EE857E930CBFDF24A12E89D77A1] (Creative Technology Ltd) C:\Windows\System32\Drivers\CTAUDFX.sys
2010-03-18 20:40 - 2010-03-18 20:40 - 000141912 ____A [FE3EAE37536C02D087E5C5D339663779] (Creative Technology Ltd) C:\Windows\System32\Drivers\CTERFXFX.sys
2010-03-18 20:51 - 2010-03-18 20:51 - 001828440 ____A [7BE64E0F47F4323AE8E07F84745443AC] (Creative Technology Ltd.) C:\Windows\System32\Drivers\CTMMFILT.SYS
2010-03-18 20:51 - 2010-03-18 20:51 - 000221272 ____A [85EA378116E2C4385993BA5124536FFC] (Creative Technology Ltd.) C:\Windows\System32\Drivers\ctoss2k.sys
2010-03-18 20:51 - 2010-03-18 20:51 - 000016984 ____A [4E4FDAB4A7CF5AF56E3FA1FE35E8AD3C] (Creative Technology Ltd) C:\Windows\System32\Drivers\ctprxy2k.sys
2010-03-18 20:40 - 2010-03-18 20:40 - 000681048 ____A [4A7DE2E30B2B9253933A157401EC76D5] (Creative Technology Ltd) C:\Windows\System32\Drivers\CTSBLFX.sys
2010-03-18 20:51 - 2010-03-18 20:51 - 000290392 ____A [065ADE032A044D518AB1407D3586B7D5] (Creative Technology Ltd) C:\Windows\System32\Drivers\ctsfm2k.sys
2018-04-21 12:20 - 2017-12-31 21:41 - 000106496 ____A [7D2D2284833760A82308CF09F7618E8B] (Microsoft Corporation) C:\Windows\System32\Drivers\dfsc.sys
2012-05-16 16:25 - 2009-03-02 14:12 - 000053816 ____A [2D589A2C024B2FB238535DB9F7B3597D] (Samsung Electronics Co., Ltd.) C:\Windows\System32\Drivers\DGIVECP.SYS
2009-07-13 19:37 - 2009-07-13 19:37 - 000040448 ____A [13096B05847EC78F0977F2C0F79E9AB3] (Microsoft Corporation) C:\Windows\System32\Drivers\discache.sys
2016-08-03 15:44 - 2016-01-20 20:51 - 000073664 ____A [616387BBD83372220B09DE95F4E67BBC] (Microsoft Corporation) C:\Windows\System32\Drivers\disk.sys
2014-04-11 05:12 - 2014-02-03 22:35 - 000027584 ____A [B3222734D80013D2C73841B0C549FA63] (Microsoft Corporation) C:\Windows\System32\Drivers\Diskdump.sys
2016-01-22 22:02 - 2015-12-08 14:54 - 000116736 ____A [C51B07394A087DA666A410DBFD26663A] (Microsoft Corporation) C:\Windows\System32\Drivers\drmk.sys
2016-01-22 22:02 - 2015-12-08 14:11 - 000005632 ____A [26FE888505E5A945B0536AF9A2A27A6F] (Microsoft Corporation) C:\Windows\System32\Drivers\drmkaud.sys
2009-07-13 19:19 - 2009-07-13 21:47 - 000028736 ____A [839B5FE3D48E9F35B22C21A3D5103F6C] (Microsoft Corporation) C:\Windows\System32\Drivers\Dumpata.sys
2009-07-13 19:21 - 2009-07-13 21:43 - 000055128 ____A [814DB88F2641691575A455CF25354098] (Microsoft Corporation) C:\Windows\System32\Drivers\dumpfve.sys
2009-07-13 19:38 - 2009-07-13 19:38 - 000016896 ____A [BF24D6F2ED97FE830BFD52B246F98E67] (Microsoft Corporation) C:\Windows\System32\Drivers\dxapi.sys
2009-07-13 19:38 - 2009-07-13 19:38 - 000098816 ____A [FEDE0629ECB23650D48989517D4914DA] (Microsoft Corporation) C:\Windows\System32\Drivers\dxg.sys
2017-07-19 06:28 - 2017-05-16 11:35 - 000986856 ____A [5CEF80AE869336376F550ECAE91E424A] (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
2017-07-19 06:27 - 2017-05-16 11:35 - 000265448 ____A [1792FCF97D2420514F9102C18B015B29] (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms1.sys
2009-06-10 16:36 - 2009-07-13 21:47 - 000530496 ____A [0E5DA5369A0FCAEA12456DD852545184] (Emulex) C:\Windows\System32\Drivers\elxstor.sys
2010-03-18 20:51 - 2010-03-18 20:51 - 000147544 ____A [F380FF5D6D80CECC6DBBC15569757613] (Creative Technology Ltd) C:\Windows\System32\Drivers\emupia2k.sys
2007-03-15 10:18 - 2007-03-15 10:18 - 000150016 ____A [947B36A9223D7730B73A7B03D5FFD269] (VIA - IC Ensemble, Inc.) C:\Windows\System32\Drivers\Envy24HF.sys
2018-04-21 12:20 - 2018-02-10 13:25 - 000009728 ____A [9002EED07FD7FCFF6B8C5C06B454AC19] (Microsoft Corporation) C:\Windows\System32\Drivers\errdev.sys
2012-03-13 19:49 - 2013-05-10 12:13 - 000059976 ____A [719A58254E395D36D2FF1FCE0A1405F7] (CHENGDU YIWO Tech Development Co., Ltd) C:\Windows\System32\Drivers\eubakup.sys
2012-03-13 19:49 - 2013-05-10 12:21 - 000048200 ____A [E8E8AEF41F72C5D97E44FF3BAF59A521] () C:\Windows\System32\Drivers\EUBKMON.sys
2012-03-13 19:49 - 2013-05-10 12:16 - 000018504 ____A [2CB95E7500E5DA37CA51A86D9CCDBF1C] (CHENGDU YIWO Tech Development Co., Ltd) C:\Windows\System32\Drivers\eudskacs.sys
2012-03-13 19:49 - 2013-05-10 12:24 - 000189000 ____A [FB1C5B5C0B0AB7FB04A457AAE7496771] (CHENGDU YIWO Tech Development Co., Ltd) C:\Windows\System32\Drivers\EuFdDisk.sys
2009-06-10 16:34 - 2009-06-10 16:34 - 003286016 ____A [DC5D737F51BE844D8C82C695EB17372F] (Broadcom Corporation) C:\Windows\System32\Drivers\evbda.sys
2017-04-22 16:05 - 2017-03-10 11:55 - 000195584 ____A [7E45F8B117419ABA3BB26579F6E70324] (Microsoft Corporation) C:\Windows\System32\Drivers\exfat.sys
2018-05-05 08:17 - 2018-05-05 08:56 - 000112864 ____A [556F12926B94D36821D4ABFC6F02EB1D] (Malwarebytes) C:\Windows\System32\Drivers\farflt.sys
2017-04-22 16:05 - 2017-03-10 11:55 - 000205312 ____A [6EDFA237D25433C03F42FBFDB16BDD24] (Microsoft Corporation) C:\Windows\System32\Drivers\fastfat.sys
2009-07-13 20:00 - 2009-07-13 20:00 - 000029696 ____A [D765D19CD8EF61F650C384F62FAC00AB] (Microsoft Corporation) C:\Windows\System32\Drivers\fdc.sys
2009-07-13 19:34 - 2009-07-13 21:47 - 000070224 ____A [655661BE46B5F5F3FD454E2C3095B930] (Microsoft Corporation) C:\Windows\System32\Drivers\fileinfo.sys
2009-07-13 19:25 - 2009-07-13 19:25 - 000034304 ____A [5F671AB5BC87EEA04EC38A6CD5962A47] (Microsoft Corporation) C:\Windows\System32\Drivers\filetrace.sys
2009-07-13 20:00 - 2009-07-13 20:00 - 000024576 ____A [C172A0F53008EAEB8EA33FE10E177AF5] (Microsoft Corporation) C:\Windows\System32\Drivers\flpydisk.sys
2018-04-21 12:20 - 2017-12-31 22:21 - 000288488 ____A [DC591A7A196E99EFB5A48D708CB989FD] (Microsoft Corporation) C:\Windows\System32\Drivers\fltMgr.sys
2012-04-12 20:31 - 2012-03-01 02:46 - 000023408 ____A [6BD9295CC032DD3077C671FCCF579A7B] (Microsoft Corporation) C:\Windows\System32\Drivers\fs_rec.sys
2009-07-13 19:26 - 2009-07-13 21:47 - 000055376 ____A [D43703496149971890703B4B1B723EAC] (Microsoft Corporation) C:\Windows\System32\Drivers\fsdepends.sys
2013-04-13 11:32 - 2013-01-24 02:01 - 000223752 ____A [8F6322049018354F45F05A2FD2D4E5E0] (Microsoft Corporation) C:\Windows\System32\Drivers\fvevol.sys
2018-04-21 12:20 - 2018-01-12 12:44 - 000287976 ____A [3358D5C8287B18A91DC00A962E444413] (Microsoft Corporation) C:\Windows\System32\Drivers\FWPKCLNT.SYS
2009-07-13 19:38 - 2009-07-13 21:47 - 000065088 ____A [8C778D335C9D272CFD3298AB02ABE3B6] (Microsoft Corporation) C:\Windows\System32\Drivers\GAGP30KX.SYS
2009-06-10 16:30 - 2009-06-10 16:30 - 003440660 ____A [7F29903CB8F5590D52DB0C9F97049A25] () C:\Windows\System32\Drivers\gm.dls
2009-07-13 18:13 - 2009-06-10 16:30 - 000000646 ____A [7111BFA692A22E4B3C07F1E6C6FF6F72] () C:\Windows\System32\Drivers\gmreadme.txt
2010-03-18 20:52 - 2010-03-18 20:52 - 001360984 ____A [82B68F585110AE8500A6D23623AE1F74] (Creative Technology Ltd) C:\Windows\System32\Drivers\ha10kx2k.sys
2007-04-10 04:40 - 2007-04-10 04:40 - 002050344 ____A [1F90486D1F0FE733B08EC72F2FE9EEBD] (Creative Technology Ltd) C:\Windows\System32\Drivers\ha20x2k.sys
2010-03-18 20:52 - 2010-03-18 20:52 - 000259672 ____A [83F647F9ACE9192556F758E528024F68] (Creative Technology Ltd) C:\Windows\System32\Drivers\haP16v2k.sys
2010-03-18 20:52 - 2010-03-18 20:52 - 000295000 ____A [E815D29361DE89D24C8DBE3E5A7006C9] (Creative Technology Ltd) C:\Windows\System32\Drivers\haP17v2k.sys
2009-07-13 18:53 - 2009-06-10 16:31 - 000031232 ____A [F2523EF6460FC42405B12248338AB2F0] (Hauppauge Computer Works, Inc.) C:\Windows\System32\Drivers\hcw85cir.sys
2012-02-27 22:31 - 2010-11-20 06:43 - 000122368 ____A [97BFED39B6B79EB12CDDBFEED51F56BB] (Microsoft Corporation) C:\Windows\System32\Drivers\hdaudbus.sys
2012-02-27 22:31 - 2010-11-20 06:44 - 000350208 ____A [975761C778E33CD22498059B91E7373A] (Microsoft Corporation) C:\Windows\System32\Drivers\HdAudio.sys
2009-07-13 19:31 - 2009-07-13 19:31 - 000026624 ____A [78E86380454A7B10A5EB255DC44A355F] (Microsoft Corporation) C:\Windows\System32\Drivers\hidbatt.sys
2009-07-13 20:06 - 2009-07-13 20:06 - 000100864 ____A [7FD2A313F7AFE5C4DAB14798C48DD104] (Microsoft Corporation) C:\Windows\System32\Drivers\hidbth.sys
2018-04-21 12:20 - 2018-01-12 12:16 - 000076288 ____A [6B02DE33BDDCCE332984349476003421] (Microsoft Corporation) C:\Windows\System32\Drivers\hidclass.sys
2009-07-13 20:06 - 2009-07-13 20:06 - 000046592 ____A [0A77D29F311B88CFAE3B13F9C1A73825] (Microsoft Corporation) C:\Windows\System32\Drivers\hidir.sys
2018-04-21 12:20 - 2018-01-12 12:15 - 000032896 ____A [D15D2C01BF9E478DBB4A133629C6DB72] (Microsoft Corporation) C:\Windows\System32\Drivers\hidparse.sys
2018-04-21 12:20 - 2018-01-12 12:16 - 000030208 ____A [6F5E5CC271EB0C17688D892A3D4B83F6] (Microsoft Corporation) C:\Windows\System32\Drivers\hidusb.sys
2018-03-25 14:36 - 2018-03-25 14:36 - 000023112 ____A [63C0BE20A6DB9824951E5C2D4116503C] () C:\Windows\System32\Drivers\hitmanpro35.sys
2012-02-27 22:32 - 2010-11-20 09:33 - 000078720 ____A [39D2ABCD392F3D8A6DCE7B60AE7B8EFC] (Hewlett-Packard Company) C:\Windows\System32\Drivers\HpSAMD.sys
2018-04-21 12:20 - 2017-12-31 21:41 - 000754176 ____A [93C367EA831FB39DEE3BA96539A187FB] (Microsoft Corporation) C:\Windows\System32\Drivers\http.sys
2012-10-20 19:50 - 2015-05-31 14:00 - 000013184 ____A [538B54768C16BBD4F1E750E12A87F555] () C:\Windows\System32\Drivers\hugoio64.sys
2012-02-27 22:32 - 2010-11-20 09:33 - 000014720 ____A [A5462BD6884960C9DC85ED49D34FF392] (Microsoft Corporation) C:\Windows\System32\Drivers\hwpolicy.sys
2009-07-13 19:19 - 2009-07-13 19:19 - 000105472 ____A [FA55C73D4AFFA7EE23AC4BE53B4592D3] (Microsoft Corporation) C:\Windows\System32\Drivers\i8042prt.sys
2012-02-25 05:30 - 2011-03-11 02:41 - 000410496 ____A [AAAF44DB3BD0B9D1FB6969B23ECC8366] (Intel Corporation) C:\Windows\System32\Drivers\iaStorV.sys
2009-09-23 20:23 - 2009-09-23 20:23 - 006180832 ____A [24CC43ECDEEFD4C19FBBEE4951B647F1] (Intel Corporation) C:\Windows\System32\Drivers\igdkmd64.sys
2009-07-13 17:59 - 2009-07-13 21:48 - 000044112 ____A [5C18831C61933628F5BB0EA2675B9D21] (Intel Corp./ICP vortex GmbH) C:\Windows\System32\Drivers\iirsp.sys
2009-07-13 19:19 - 2009-07-13 21:48 - 000016960 ____A [F00F20E70C6EC3AA366910083A0518AA] (Microsoft Corporation) C:\Windows\System32\Drivers\intelide.sys
2009-07-13 19:19 - 2009-07-13 19:19 - 000062464 ____A [ADA036632C664CAA754079041CF1F8C1] (Microsoft Corporation) C:\Windows\System32\Drivers\intelppm.sys
2012-02-27 22:32 - 2010-11-20 06:52 - 000082944 ____A [C9F0E1BD74365A8771590E9008D22AB6] (Microsoft Corporation) C:\Windows\System32\Drivers\ipfltdrv.sys
2012-02-27 22:31 - 2010-11-20 06:04 - 000078848 ____A [0FC1AEA580957AA8817B8F305D18CA3A] (Microsoft Corporation) C:\Windows\System32\Drivers\IPMIDrv.sys
2009-07-13 20:10 - 2009-07-13 20:10 - 000116224 ____A [AF9B39A7E7B6CAA203B3862582E9F2D0] (Microsoft Corporation) C:\Windows\System32\Drivers\ipnat.sys
2009-07-13 20:09 - 2009-07-13 20:09 - 000120320 ____A [05360B1EA5A2ABF620D1D96EBD8BD8F1] (Microsoft Corporation) C:\Windows\System32\Drivers\irda.sys
2009-07-13 20:08 - 2009-07-13 20:08 - 000017920 ____A [3ABF5E7213EB28966D55D58B515D5CE9] (Microsoft Corporation) C:\Windows\System32\Drivers\irenum.sys
2018-04-21 12:20 - 2018-02-10 14:35 - 000020160 ____A [905E9D664F38B93B53FA05422165F5B5] (Microsoft Corporation) C:\Windows\System32\Drivers\isapnp.sys
2010-07-29 01:25 - 2010-07-29 01:25 - 000029720 ____A [BD5BF20EC242E003A2F570B8754A56D1] (Initio Corporation) C:\Windows\System32\Drivers\ivusb.sys
2009-07-13 19:19 - 2009-07-13 21:48 - 000050768 ____A [BC02336F1CBA7DCC7D1213BB588A68A5] (Microsoft Corporation) C:\Windows\System32\Drivers\kbdclass.sys
2012-02-27 22:31 - 2010-11-20 06:33 - 000033280 ____A [0705EFF5B42A9DB58548EEC3B26BB484] (Microsoft Corporation) C:\Windows\System32\Drivers\kbdhid.sys
2012-04-13 14:54 - 2012-04-13 14:54 - 000458544 ____A [549F9D454E9E6697B108F16C569B505A] (Kaspersky Lab ZAO) C:\Windows\System32\Drivers\kl1.sys
2014-03-02 01:55 - 2012-05-29 16:55 - 000085336 ____A [4A1F944A8DD63213B8C0E7245583BDB1] (Kaspersky Lab) C:\Windows\System32\Drivers\klflt.sys
2014-03-02 01:55 - 2012-05-29 16:55 - 000640344 ____A [08DF1B7A82837B92096EC7597C00889A] (Kaspersky Lab) C:\Windows\System32\Drivers\klif.sys
2012-03-27 19:34 - 2012-03-27 19:34 - 000030000 ____A [A7DFA9A2554143667E830E8ABE452D70] (Kaspersky Lab ZAO) C:\Windows\System32\Drivers\klim6.sys
2012-05-25 20:38 - 2012-05-25 20:38 - 000029016 ____A [E6FAA395058F7BAF0F3529CDBA9B7133] (Kaspersky Lab) C:\Windows\System32\Drivers\klkbdflt.sys
2012-05-25 20:30 - 2012-05-25 20:30 - 000027992 ____A [D398DABD44FDDDBED305442BB7BCDB29] (Kaspersky Lab) C:\Windows\System32\Drivers\klmouflt.sys
2012-05-12 18:13 - 2012-05-12 18:13 - 000054064 ____A [B9B2AEEE5E17B2CEBC034FF2748577A0] (Kaspersky Lab) C:\Windows\System32\Drivers\kltdi.sys
2009-04-29 17:28 - 2009-04-29 17:28 - 000030208 ____A [07071C1E3CD8F0F9114AAC8B072CA1E5] (Windows ® Codename Longhorn DDK provider) C:\Windows\System32\Drivers\KMWDFILTER.sys
2012-05-24 12:34 - 2012-05-24 12:34 - 000172888 ____A [8E880E08D7453DB58DAC36C2C48FFD45] (Kaspersky Lab) C:\Windows\System32\Drivers\kneps.sys
2012-02-27 22:32 - 2010-11-20 06:33 - 000243712 ____A [24FBF5CC5C04150073C315A7C83521EE] (Microsoft Corporation) C:\Windows\System32\Drivers\ks.sys
2018-04-21 12:20 - 2018-03-30 22:09 - 000095424 ____A [3AD32A7492566426ACE83DAE4F2B8E47] (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys
2018-04-21 12:20 - 2018-03-30 22:09 - 000154816 ____A [DD0240A36E1CE9F1600D2A4ADF540AB2] (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
2009-07-13 20:00 - 2009-07-13 20:00 - 000020992 ____A [6869281E78CB31A43E969F06B57347C4] (Microsoft Corporation) C:\Windows\System32\Drivers\ksthunk.sys
2013-04-15 15:51 - 2013-04-15 15:51 - 000410008 ____A [305BB2AC00D46542E0A653AB63F4ABB1] (Logitech) C:\Windows\System32\Drivers\ladfGSCamd64.sys
2013-04-15 15:51 - 2013-04-15 15:51 - 000102808 ____A [28CDDC7D478A6313F55077416DCBD0DE] (Logitech) C:\Windows\System32\Drivers\ladfGSRamd64.sys
2009-11-23 21:37 - 2009-11-23 21:37 - 000022408 ____A [FA529FB35694C24BF98A9EF67C1CD9D0] (Logitech Inc.) C:\Windows\System32\Drivers\LGBusEnum.sys
2009-11-23 21:38 - 2009-11-23 21:38 - 000016008 ____A [94B29CE153765E768F004FB3440BE2B0] (Logitech Inc.) C:\Windows\System32\Drivers\LGVirHid.sys
2012-09-18 05:32 - 2012-09-18 05:32 - 000075064 ____A [E536A1D8502D0CA79B928CAB9EAEB807] (Logitech, Inc.) C:\Windows\System32\Drivers\LHidFilt.Sys
2009-07-13 20:08 - 2009-07-13 20:08 - 000060928 ____A [1538831CF8AD2979A04C423779465827] (Microsoft Corporation) C:\Windows\System32\Drivers\lltdio.sys
2012-09-18 05:32 - 2012-09-18 05:32 - 000061240 ____A [2E6D0110DACC769AE478ADE6C2572E37] (Logitech, Inc.) C:\Windows\System32\Drivers\LMouFilt.Sys
2013-10-10 20:51 - 2013-10-10 20:51 - 000018960 ____A [64AEB5790901EA8854884981F104CAA6] (Logitech, Inc.) C:\Windows\System32\Drivers\LNonPnP.sys
2009-07-13 17:59 - 2009-07-13 21:48 - 000114752 ____A [1A93E54EB0ECE102495A51266DCDB6A6] (LSI Corporation) C:\Windows\System32\Drivers\lsi_fc.sys
2009-07-13 17:59 - 2009-07-13 21:48 - 000106560 ____A [1047184A9FDC8BDBFF857175875EE810] (LSI Corporation) C:\Windows\System32\Drivers\lsi_sas.sys
2009-07-13 17:59 - 2009-07-13 21:48 - 000065600 ____A [30F5C0DE1EE8B5BC9306C1F0E4A75F93] (LSI Corporation) C:\Windows\System32\Drivers\lsi_sas2.sys
2009-07-13 17:59 - 2009-07-13 21:48 - 000115776 ____A [0504EACAFF0D3C8AED161C4B0D369D4A] (LSI Corporation) C:\Windows\System32\Drivers\lsi_scsi.sys
2017-11-24 09:25 - 2017-10-11 20:20 - 000113152 ____A [5416CEB2916BBE635288C4D1075B045E] (Microsoft Corporation) C:\Windows\System32\Drivers\luafv.sys
2012-09-18 05:32 - 2012-09-18 05:32 - 000042808 ____A [E63D9C01BF354657CF77A8DF3109BEE4] (Logitech, Inc.) C:\Windows\System32\Drivers\LUsbFilt.sys
2018-05-05 08:17 - 2018-03-19 12:57 - 000076192 ____A [0AE7DAAA8524C8D1A4C2414296EF329E] () C:\Windows\System32\Drivers\mbae64.sys
2018-05-05 08:17 - 2018-05-05 08:56 - 000044768 ____A [84DED95846466C5BB53407288B074F52] (Malwarebytes) C:\Windows\System32\Drivers\mbam.sys
2018-05-05 08:17 - 2018-05-05 08:17 - 000193768 ____A [A276E01963EB0D8685AE56C40FFC0E86] (Malwarebytes) C:\Windows\System32\Drivers\MbamChameleon.sys
2018-05-05 08:17 - 2018-05-05 08:17 - 000253664 ____A [351BF8F77B0A15A7B5A2AE098C52A387] (Malwarebytes) C:\Windows\System32\Drivers\mbamswissarmy.sys
2009-07-13 20:01 - 2009-07-13 20:01 - 000022016 ____A [3C9F072F9DCA856B9FB7A20CBD4281AC] (Microsoft Corporation) C:\Windows\System32\Drivers\mcd.sys
2009-06-10 16:37 - 2009-07-13 21:48 - 000035392 ____A [A55805F747C6EDB6A9080D7C633BD0F4] (LSI Corporation) C:\Windows\System32\Drivers\megasas.sys
2009-07-13 17:59 - 2009-07-13 21:48 - 000284736 ____A [BAF74CE0072480C3B6B7C13B2A94D6B3] (LSI Corporation, Inc.) C:\Windows\System32\Drivers\MegaSR.sys
2009-07-13 20:10 - 2009-07-13 20:10 - 000040448 ____A [800BA92F7010378B09F9ED9270F07137] (Microsoft Corporation) C:\Windows\System32\Drivers\modem.sys
2009-07-13 19:38 - 2009-07-13 19:38 - 000030208 ____A [B03D591DC7DA45ECE20B3B467E6AADAA] (Microsoft Corporation) C:\Windows\System32\Drivers\monitor.sys
2009-07-13 19:19 - 2009-07-13 21:48 - 000049216 ____A [7D27EA49F3C1F687D357E77A470AEA99] (Microsoft Corporation) C:\Windows\System32\Drivers\mouclass.sys
2009-07-13 20:00 - 2009-07-13 20:00 - 000031232 ____A [D3BF052C40B0C4166D9FD86A4288C1E6] (Microsoft Corporation) C:\Windows\System32\Drivers\mouhid.sys
2017-06-16 17:44 - 2017-05-07 11:33 - 000094440 ____A [072D8646E23ECF8A3F5F0157017B4DB6] (Microsoft Corporation) C:\Windows\System32\Drivers\mountmgr.sys
2015-03-04 19:34 - 2015-03-04 19:34 - 000280376 ____A [73150F67D20270FF95A021A22E64F28A] (Microsoft Corporation) C:\Windows\System32\Drivers\MpFilter.sys
2012-02-27 22:32 - 2010-11-20 09:33 - 000155008 ____A [A44B420D30BD56E145D6A2BC8768EC58] (Microsoft Corporation) C:\Windows\System32\Drivers\mpio.sys
2018-04-21 12:20 - 2017-12-31 21:54 - 000077312 ____A [6D9BB8B53394B62540A3971FCE2BE8DB] (Microsoft Corporation) C:\Windows\System32\Drivers\mpsdrv.sys
2016-10-12 06:14 - 2016-09-08 10:55 - 000142336 ____A [98DB1790F0A584E0A2528B92B052417F] (Microsoft Corporation) C:\Windows\System32\Drivers\mrxdav.sys
2018-04-21 12:20 - 2018-03-30 20:59 - 000160256 ____A [441EF1EAAB2C3D72C008E0E04B6893ED] (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb.sys
2018-04-21 12:20 - 2018-03-30 20:58 - 000291328 ____A [F66F7BB60A5C877C5BF67295E972D5D1] (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb10.sys
2018-04-21 12:20 - 2018-03-30 20:58 - 000129536 ____A [118CBEA1AEFA2A976623F13BFC8A8B05] (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb20.sys
2012-02-27 22:32 - 2010-11-20 09:33 - 000031104 ____A [C25F0BAFA182CBCA2DD3C851C2E75796] (Microsoft Corporation) C:\Windows\System32\Drivers\msahci.sys
2012-02-27 22:32 - 2010-11-20 09:33 - 000140672 ____A [DB801A638D011B9633829EB6F663C900] (Microsoft Corporation) C:\Windows\System32\Drivers\msdsm.sys
2009-07-13 20:06 - 2009-07-13 20:06 - 000061440 ____A [72949A24D37A20A54B3D4D3DADBB55E9] (Microsoft Corporation) C:\Windows\System32\Drivers\msdv.sys
2009-07-13 19:19 - 2009-07-13 19:19 - 000026112 ____A [AA3FB40E17CE1388FA1BEDAB50EA8F96] (Microsoft Corporation) C:\Windows\System32\Drivers\msfs.sys
2016-09-17 11:45 - 2016-09-17 11:45 - 000000000 ___AH [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\Msft_Kernel_avchv_01009.Wdf
2012-02-25 00:41 - 2012-02-25 00:41 - 000000000 ___AH [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2012-07-11 22:07 - 2012-07-11 22:07 - 000000000 ___AH [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2012-12-05 22:21 - 2012-06-02 10:35 - 000000003 ____A [933222B19FF3E7EA5F65517EA1F7D57E] () C:\Windows\System32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2012-12-05 22:11 - 2012-06-02 10:57 - 000000003 ____A [933222B19FF3E7EA5F65517EA1F7D57E] () C:\Windows\System32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2009-07-13 20:06 - 2009-07-13 20:06 - 000008192 ____A [F9D215A46A8B9753F61767FA72A20326] (Microsoft Corporation) C:\Windows\System32\Drivers\mshidkmdf.sys
2018-04-21 12:20 - 2018-02-10 14:35 - 000015040 ____A [6FE3DBEEA730A857CA3DF603B7DEADA2] (Microsoft Corporation) C:\Windows\System32\Drivers\msisadrv.sys
2014-04-11 05:12 - 2014-02-03 22:35 - 000274880 ____A [96BB922A0981BC7432C8CF52B5410FE6] (Microsoft Corporation) C:\Windows\System32\Drivers\msiscsi.sys
2009-07-13 20:00 - 2009-07-13 20:00 - 000011136 ____A [49CCF2C4FEA34FFAD8B1B59D49439366] (Microsoft Corporation) C:\Windows\System32\Drivers\mskssrv.sys
2009-07-13 20:00 - 2009-07-13 20:00 - 000007168 ____A [BDD71ACE35A232104DDD349EE70E1AB3] (Microsoft Corporation) C:\Windows\System32\Drivers\mspclock.sys
2009-07-13 20:00 - 2009-07-13 20:00 - 000006784 ____A [4ED981241DB27C3383D72092B618A1D0] (Microsoft Corporation) C:\Windows\System32\Drivers\mspqm.sys
2018-04-21 12:20 - 2018-02-10 14:35 - 000367296 ____A [94275393BB85D1E2B74BFEFEC386B4A0] (Microsoft Corporation) C:\Windows\System32\Drivers\msrpc.sys
2018-04-21 12:20 - 2018-02-10 14:35 - 000031936 ____A [1FC0BF25FFCB9F751BCBC6C6AC577078] (Microsoft Corporation) C:\Windows\System32\Drivers\mssmbios.sys
2009-07-13 20:00 - 2009-07-13 20:00 - 000008064 ____A [2E66F9ECB30B4221A318C92AC2250779] (Microsoft Corporation) C:\Windows\System32\Drivers\mstee.sys
2009-07-13 20:02 - 2009-07-13 20:02 - 000015360 ____A [7EA404308934E675BFFDE8EDF0757BCD] (Microsoft Corporation) C:\Windows\System32\Drivers\MTConfig.sys
2009-07-13 19:23 - 2009-07-13 21:48 - 000060496 ____A [F9A18612FD3526FE473C1BDA678D61C8] (Microsoft Corporation) C:\Windows\System32\Drivers\mup.sys
2018-05-05 08:17 - 2018-05-05 13:20 - 000093816 ____A [CBF0B4466DF21C0DED0AB9D992E79604] (Malwarebytes) C:\Windows\System32\Drivers\mwac.sys
2018-04-21 12:21 - 2017-12-31 22:21 - 000948968 ____A [261F27367EB6EA6478B940811F0A6F03] (Microsoft Corporation) C:\Windows\System32\Drivers\ndis.sys
2009-07-13 20:08 - 2009-07-13 20:08 - 000035328 ____A [9F9A1F53AAD7DA4D6FEF5BB73AB811AC] (Microsoft Corporation) C:\Windows\System32\Drivers\ndiscap.sys
2018-04-21 12:20 - 2017-12-31 21:55 - 000024064 ____A [3F217F77899654833B650ED6A1372BE4] (Microsoft Corporation) C:\Windows\System32\Drivers\ndistapi.sys
2012-02-27 22:31 - 2010-11-20 06:50 - 000056832 ____A [136185F9FB2CC61E573E676AA5402356] (Microsoft Corporation) C:\Windows\System32\Drivers\ndisuio.sys
2012-02-27 22:32 - 2010-11-20 06:52 - 000164352 ____A [53F7305169863F0A2BDDC49E116C2E11] (Microsoft Corporation) C:\Windows\System32\Drivers\ndiswan.sys
2018-04-21 12:20 - 2017-12-31 21:55 - 000058368 ____A [E46AF308E96F7730F59B0F250A884CD6] (Microsoft Corporation) C:\Windows\System32\Drivers\ndproxy.sys
2018-04-21 12:20 - 2017-12-31 21:55 - 000045056 ____A [2E19EB10185992AB08BC3688AACA4CE2] (Microsoft Corporation) C:\Windows\System32\Drivers\netbios.sys
2017-11-24 09:25 - 2017-08-11 02:00 - 000262656 ____A [734837208CAFD6E0959A7A0333C95C9D] (Microsoft Corporation) C:\Windows\System32\Drivers\netbt.sys
2018-04-21 12:20 - 2018-01-12 12:44 - 000377064 ____A [617EF17748C1B7B9F5A6D767340FB74F] (Microsoft Corporation) C:\Windows\System32\Drivers\netio.sys
2009-07-13 17:59 - 2009-07-13 21:48 - 000051264 ____A [77889813BE4D166CDAB78DDBA990DA92] (IBM Corporation) C:\Windows\System32\Drivers\nfrd960.sys
2011-02-11 17:23 - 2011-02-11 17:23 - 000035344 ____A [351533ACC2A069B94E80BBFC177E8FDF] (CACE Technologies, Inc.) C:\Windows\System32\Drivers\npf.sys
2009-07-13 19:19 - 2009-07-13 19:19 - 000044032 ____A [1E4C4AB5C9B8DD13179BBDC75A2A01F7] (Microsoft Corporation) C:\Windows\System32\Drivers\npfs.sys
2017-11-24 09:25 - 2017-08-11 01:58 - 000026112 ____A [BE313E566EEA2A4B7F9AAC9782A567D4] (Microsoft Corporation) C:\Windows\System32\Drivers\nsiproxy.sys
2018-04-21 12:21 - 2017-12-31 22:21 - 001680616 ____A [A97B92D11270695B15C3663BCCB737D3] (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys
2009-07-13 19:19 - 2009-07-13 19:19 - 000006144 ____A [9899284589F75FA8724FF3D16AED75C1] (Microsoft Corporation) C:\Windows\System32\Drivers\null.sys
2018-04-21 12:20 - 2018-02-10 14:35 - 000122560 ____A [7425A6B64F5D37D0565F2581B886E5E3] (Microsoft Corporation) C:\Windows\System32\Drivers\NV_AGP.SYS
2018-04-13 01:14 - 2018-04-13 01:14 - 000235432 ____A [F4BAC852B1F4298E44A77E51645A6758] (NVIDIA Corporation) C:\Windows\System32\Drivers\nvhda64v.sys
2018-04-13 01:15 - 2018-04-13 01:15 - 017371168 ____A [C45EF0E9E1C510E7395DF5C69EB3CF2B] (NVIDIA Corporation) C:\Windows\System32\Drivers\nvlddmkm.sys
2012-02-25 05:30 - 2011-03-11 02:41 - 000148352 ____A [0A92CB65770442ED0DC44834632F66AD] (NVIDIA Corporation) C:\Windows\System32\Drivers\nvraid.sys
2012-02-25 05:30 - 2011-03-11 02:41 - 000166272 ____A [DAB0E87525C10052BF65F06152F37E4A] (NVIDIA Corporation) C:\Windows\System32\Drivers\nvstor.sys
2018-01-17 23:37 - 2017-12-14 22:03 - 000059240 ____A [036A8C30C662397A2D882D9AFF99089F] (NVIDIA Corporation) C:\Windows\System32\Drivers\nvvad64v.sys
2017-12-30 16:49 - 2017-11-15 21:41 - 000057792 ____A [0E171374583E0A9AB76245CF1673EEEF] (NVIDIA Corporation) C:\Windows\System32\Drivers\nvvhci.sys
2017-11-24 09:25 - 2017-09-13 11:05 - 000324608 ____A [9FB2A095B1166CB3C9A06651863B3452] (Microsoft Corporation) C:\Windows\System32\Drivers\nwifi.sys
2009-07-13 20:06 - 2009-07-13 20:06 - 000072832 ____A [3589478E4B22CE21B41FA1BFC0B8B8A0] (Microsoft Corporation) C:\Windows\System32\Drivers\ohci1394.sys
2018-04-21 12:20 - 2017-12-31 21:55 - 000131584 ____A [4CE827A5433451551E99C2C1D20E4A43] (Microsoft Corporation) C:\Windows\System32\Drivers\pacer.sys
2009-07-13 20:00 - 2009-07-13 20:00 - 000097280 ____A [0086431C29C35BE1DBC43F52CC273887] (Microsoft Corporation) C:\Windows\System32\Drivers\parport.sys
2012-05-14 14:39 - 2012-03-17 03:58 - 000075120 ____A [E9766131EEADE40A27DC27D2D68FBA9C] (Microsoft Corporation) C:\Windows\System32\Drivers\partmgr.sys
2018-04-21 12:20 - 2018-02-10 14:35 - 000185024 ____A [481DADB90C1D4E9F19328079C7A9E63D] (Microsoft Corporation) C:\Windows\System32\Drivers\pci.sys
2009-07-13 19:19 - 2009-07-13 21:45 - 000012352 ____A [B5B8B5EF2E5CB34DF8DCF8831E3534FA] (Microsoft Corporation) C:\Windows\System32\Drivers\pciide.sys
2009-07-13 19:19 - 2009-07-13 21:45 - 000048720 ____A [144497DAA145BA0F7BE896064146C058] (Microsoft Corporation) C:\Windows\System32\Drivers\pciidex.sys
2009-07-13 19:31 - 2009-07-13 21:45 - 000220752 ____A [B2E81D4E87CE48589F98CB8C05B01F2F] (Microsoft Corporation) C:\Windows\System32\Drivers\pcmcia.sys
2009-07-13 19:19 - 2009-07-13 21:45 - 000050768 ____A [D6B9C2E1A11A3A4B26A182FFEF18F603] (Microsoft Corporation) C:\Windows\System32\Drivers\pcw.sys
2016-09-24 08:33 - 2016-06-14 13:11 - 000663552 ____A [EA4D67448BE493D543F1730D6CD04694] (Microsoft Corporation) C:\Windows\System32\Drivers\PEAuth.sys
2010-03-18 20:52 - 2010-03-18 20:52 - 000016472 ____A [811E61FDFDBE6EB7BBDA440242B17186] (Creative Technology Ltd.) C:\Windows\System32\Drivers\pfmodnt.sys
2016-01-22 22:02 - 2015-12-08 14:12 - 000230400 ____A [647599CAE8CA0EF2FB09C4B150BC97FF] (Microsoft Corporation) C:\Windows\System32\Drivers\portcls.sys
2013-12-17 04:39 - 2013-12-17 04:39 - 000028528 ____A [C83829C280F0207677B7AAA151EF9C4D] (MediaMall Technologies, Inc.) C:\Windows\System32\Drivers\povrtdev.sys
2009-07-13 19:19 - 2009-07-13 19:19 - 000060416 ____A [0D922E23C041EFB1C3FAC2A6F943C9BF] (Microsoft Corporation) C:\Windows\System32\Drivers\processr.sys
2010-09-01 04:30 - 2010-09-01 04:30 - 000017976 ____A [FB46E9A827A8799EBD7BFA9128C91F37] (Secunia) C:\Windows\System32\Drivers\psi_mf.sys
2016-02-02 08:45 - 2016-02-02 08:45 - 000018456 ____A [DD3FD48D69F5FBBB21D46D1514C1C2DB] (Secunia) C:\Windows\System32\Drivers\psi_mf_amd64.sys
2014-04-19 20:56 - 2012-06-22 03:01 - 000056336 ____A [07D57B890DD5693A6AB660CBAE8F91B4] (Corel Corporation) C:\Windows\System32\Drivers\PxHlpa64.sys
2009-06-10 16:37 - 2009-07-13 21:45 - 001524816 ____A [A53A15A11EBFD21077463EE2C7AFEEF0] (QLogic Corporation) C:\Windows\System32\Drivers\ql2300.sys
2009-07-13 17:59 - 2009-07-13 21:45 - 000128592 ____A [4F6D12B51DE1AAEFF7DC58C4D75423C8] (QLogic Corporation) C:\Windows\System32\Drivers\ql40xx.sys
2009-07-13 20:09 - 2009-07-13 20:09 - 000046592 ____A [76707BB36430888D9CE9D705398ADB6C] (Microsoft Corporation) C:\Windows\System32\Drivers\qwavedrv.sys
2009-07-13 20:10 - 2009-07-13 20:10 - 000014848 ____A [5A0DA8AD5762FA2D91678A8A01311704] (Microsoft Corporation) C:\Windows\System32\Drivers\rasacd.sys
2012-02-27 22:32 - 2010-11-20 06:52 - 000129536 ____A [471815800AE33E6F1C32FB1B97C490CA] (Microsoft Corporation) C:\Windows\System32\Drivers\rasl2tp.sys
2009-07-13 20:10 - 2009-07-13 20:10 - 000092672 ____A [855C9B1CD4756C5E9A2AA58A15F58C25] (Microsoft Corporation) C:\Windows\System32\Drivers\raspppoe.sys
2012-02-27 22:32 - 2010-11-20 06:52 - 000111104 ____A [F92A2C41117A11A00BE01CA01A7FCDE9] (Microsoft Corporation) C:\Windows\System32\Drivers\raspptp.sys
2009-07-13 20:10 - 2009-07-13 20:10 - 000083968 ____A [E8B1E447B008D07FF47D016C2B0EEECB] (Microsoft Corporation) C:\Windows\System32\Drivers\rassstp.sys
2017-12-01 07:13 - 2017-10-11 20:20 - 000317440 ____A [FB45727105E27756B3252572A138FA19] (Microsoft Corporation) C:\Windows\System32\Drivers\rdbss.sys
2009-07-13 20:17 - 2009-07-13 20:17 - 000024064 ____A [302DA2A0539F2CF54D7C6CC30C1F2D8D] (Microsoft Corporation) C:\Windows\System32\Drivers\rdpbus.sys
2009-07-13 20:16 - 2009-07-13 20:16 - 000007680 ____A [CEA6CC257FC9B7715F1C2B4849286D24] (Microsoft Corporation) C:\Windows\System32\Drivers\RDPCDD.sys
2012-02-27 22:32 - 2010-11-20 07:06 - 000165888 ____A [1B6163C503398B23FF8B939C67747683] (Microsoft Corporation) C:\Windows\System32\Drivers\rdpdr.sys
2009-07-13 20:16 - 2009-07-13 20:16 - 000007680 ____A [BB5971A4F00659529A5C44831AF22365] (Microsoft Corporation) C:\Windows\System32\Drivers\RDPENCDD.sys
2009-07-13 20:16 - 2009-07-13 20:16 - 000008192 ____A [216F3FA57533D98E1F74DED70113177A] (Microsoft Corporation) C:\Windows\System32\Drivers\RDPREFMP.sys
2014-03-29 16:10 - 2012-08-23 10:10 - 000019456 ____A [313F68E1A3E6345A4F47A36B07062F34] (Microsoft Corporation) C:\Windows\System32\Drivers\rdpvideominiport.sys
2014-10-15 16:07 - 2014-07-16 21:21 - 000212480 ____A [FE571E088C2D83619D2D48D4E961BF41] (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys
2018-04-21 12:20 - 2017-12-31 22:21 - 000213736 ____A [F4287A980C0AA41DE3073F053E5EA73C] (Microsoft Corporation) C:\Windows\System32\Drivers\rdyboost.sys
2015-12-23 22:26 - 2016-12-21 14:52 - 000040240 ____A [498C3D4D44382A96812A0E0FF28D575B] (VS Revo Group) C:\Windows\System32\Drivers\revoflt.sys
2009-07-13 20:06 - 2009-07-13 20:06 - 000158720 ____A [3DD798846E2C28102B922C56E71B7932] (Microsoft Corporation) C:\Windows\System32\Drivers\rfcomm.sys
2015-12-15 08:19 - 2015-11-05 05:53 - 000146944 ____A [5BD6B1EC997FF3DD779D62E05D2079A8] (Microsoft Corporation) C:\Windows\System32\Drivers\rmcast.sys
2012-09-19 05:20 - 2012-07-04 16:26 - 000041472 ____A [0E01641D96889BDEB22DE12D30575B08] (Microsoft Corporation) C:\Windows\System32\Drivers\RNDISMP.sys
2009-07-13 20:10 - 2009-07-13 20:10 - 000011264 ____A [388D3DD1A6457280F3BADBA9F3ACD6B1] (Microsoft Corporation) C:\Windows\System32\Drivers\rootmdm.sys
2009-07-13 20:08 - 2009-07-13 20:08 - 000076800 ____A [DDC86E4F8E7456261E637E3552E804FF] (Microsoft Corporation) C:\Windows\System32\Drivers\rspndr.sys
2013-10-10 21:00 - 2013-10-10 20:58 - 000708200 ____A [BD9BA262CF26EFE9A9867EBE32D12164] (Realtek ) C:\Windows\System32\Drivers\Rt64win7.sys
2010-08-12 14:03 - 2010-08-12 14:03 - 000748648 ____A [A4F7F9BB5576BF1D3A57F785C5DBEDB7] (Realtek Semiconductor Corporation ) C:\Windows\System32\Drivers\RTL8192cu.sys
2015-12-31 22:30 - 2012-09-19 03:30 - 008228240 ____A [38F1942A79CCB2CAF570F3A4D2E9A272] (Realtek Semiconductor Corp.) C:\Windows\System32\Drivers\rtsuvc.sys
2014-04-19 21:06 - 2012-06-20 01:00 - 000028304 ____A [CC8BE8C0D2B549193E1B0E430F4C1717] (Corel Corporation) C:\Windows\System32\Drivers\Sahdad64.sys
2014-04-19 21:06 - 2012-06-20 01:00 - 000020112 ____A [8DF9EE8B6DEE33A77CCF03047B1B002C] (Corel Corporation) C:\Windows\System32\Drivers\Saibad64.sys
2014-04-19 21:06 - 2012-06-20 01:00 - 000027792 ____A [E193BA11DF7D9383A1B2848088DDEE35] (Corel Corporation) C:\Windows\System32\Drivers\SaibVdAd64.sys
2012-02-27 22:32 - 2010-11-20 09:33 - 000103808 ____A [AC03AF3329579FFFB455AA2DAABBE22B] (Microsoft Corporation) C:\Windows\System32\Drivers\sbp2port.sys
2012-02-27 22:31 - 2010-11-20 06:09 - 000029696 ____A [253F38D0D7074C02FF8DEB9836C97D2B] (Microsoft Corporation) C:\Windows\System32\Drivers\scfilter.sys
2012-02-27 22:32 - 2010-11-20 09:33 - 000171392 ____A [1B1E264203D4EF9D3DA1987AD70355AB] (Microsoft Corporation) C:\Windows\System32\Drivers\scsiport.sys
2009-07-13 22:36 - 2009-06-10 16:37 - 000023040 ____A [3EA8A16169C26AFBEB544E0E48421186] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) C:\Windows\System32\Drivers\secdrv.sys
2009-07-13 20:00 - 2009-07-13 20:00 - 000023552 ____A [CB624C0035412AF0DEBEC78C41F5CA1B] (Microsoft Corporation) C:\Windows\System32\Drivers\serenum.sys
2009-07-13 20:00 - 2009-07-13 20:00 - 000094208 ____A [C1D8E28B2C2ADFAEC4BA89E9FDA69BD6] (Microsoft Corporation) C:\Windows\System32\Drivers\serial.sys
2009-07-13 20:00 - 2009-07-13 20:00 - 000026624 ____A [1C545A7D0691CC4A027396535691C3E3] (Microsoft Corporation) C:\Windows\System32\Drivers\sermouse.sys
2009-07-13 20:35 - 2009-07-13 20:35 - 000012288 ____A [DECACB6921DED1A38642642685D77DAC] (Microsoft Corporation) C:\Windows\System32\Drivers\serscan.sys
2009-07-13 20:01 - 2009-07-13 20:01 - 000014336 ____A [A554811BCD09279536440C964AE35BBF] (Microsoft Corporation) C:\Windows\System32\Drivers\sffdisk.sys
2009-07-13 20:01 - 2009-07-13 20:01 - 000013824 ____A [FF414F0BAEFEBA59BC6C04B3DB0B87BF] (Microsoft Corporation) C:\Windows\System32\Drivers\sffp_mmc.sys
2012-02-27 22:31 - 2010-11-20 06:34 - 000014336 ____A [DD85B78243A19B59F0637DCF284DA63C] (Microsoft Corporation) C:\Windows\System32\Drivers\sffp_sd.sys
2009-07-13 20:01 - 2009-07-13 20:01 - 000016896 ____A [A9D601643A1647211A1EE2EC4E433FF4] (Microsoft Corporation) C:\Windows\System32\Drivers\sfloppy.sys
2009-06-10 16:37 - 2009-07-13 21:45 - 000043584 ____A [843CAF1E5FDE1FFD5FF768F23A51E2E1] (Silicon Integrated Systems Corp.) C:\Windows\System32\Drivers\sisraid2.sys
2009-07-13 17:59 - 2009-07-13 21:45 - 000080464 ____A [6A6C106D42E9FFFF8B9FCB4F754F6DA4] (Silicon Integrated Systems) C:\Windows\System32\Drivers\sisraid4.sys
2009-07-13 20:09 - 2009-07-13 20:09 - 000093184 ____A [548260A7B8654E024DC30BF8A7C5BAA4] (Microsoft Corporation) C:\Windows\System32\Drivers\smb.sys
2009-07-13 20:00 - 2009-07-13 20:00 - 000020992 ____A [A80348BA03E96C70852959655CA3E084] (Microsoft Corporation) C:\Windows\System32\Drivers\smclib.sys
2009-07-13 16:27 - 2009-07-13 21:45 - 000019008 ____A [B9E31E5CACDFE584F34F730A677803F9] (Microsoft Corporation) C:\Windows\System32\Drivers\spldr.sys
2009-06-10 16:48 - 2009-06-10 16:48 - 000426496 ____A [FFF95479C7AB1550F0750A5D01744211] (Microsoft Corporation) C:\Windows\System32\Drivers\spsys.sys
2012-04-25 21:06 - 2013-05-13 17:34 - 000564824 ____A [D6AB7C13FCDD2E4CAC35244D2C172D9A] (Duplex Secure Ltd.) C:\Windows\System32\Drivers\sptd.sys
2018-04-21 12:21 - 2017-12-31 21:42 - 000460288 ____A [8980499A526581794A20B12E2E264661] (Microsoft Corporation) C:\Windows\System32\Drivers\srv.sys
2018-04-21 12:20 - 2017-12-31 21:42 - 000406016 ____A [9B90A439B97EBBD2A9ABEFFBBC1EEC71] (Microsoft Corporation) C:\Windows\System32\Drivers\srv2.sys
2018-04-21 12:20 - 2017-12-31 21:42 - 000168448 ____A [9E30361776E07AD940791927A0FC9B3A] (Microsoft Corporation) C:\Windows\System32\Drivers\srvnet.sys
2012-05-16 16:25 - 2009-03-02 14:12 - 000011576 ____A [0211AB46B73A2623B86C1CFCB30579AB] (Samsung Electronics) C:\Windows\System32\Drivers\SSPORT.SYS
2009-07-13 17:59 - 2009-07-13 21:45 - 000024656 ____A [F3817967ED533D08327DC73BC4D5542A] (Promise Technology) C:\Windows\System32\Drivers\stexstor.sys
2014-04-11 05:12 - 2014-02-03 22:35 - 000190912 ____A [A3F0BC5897F9D3786A3CB695B163633A] (Microsoft Corporation) C:\Windows\System32\Drivers\storport.sys
2012-02-27 22:32 - 2010-11-20 09:34 - 000034688 ____A [D34E4943D5AC096C8EDEEBFD80D76E23] (Microsoft Corporation) C:\Windows\System32\Drivers\storvsc.sys
2015-05-23 11:21 - 2015-05-23 11:21 - 000069888 ____A [36E0DDD19038C92B7C7709BFA03F813F] (Microsoft Corporation) C:\Windows\System32\Drivers\stream.sys
2018-04-21 12:20 - 2018-02-10 14:35 - 000012096 ____A [10DCD3BDFA785E1482EC02304A7E9B96] (Microsoft Corporation) C:\Windows\System32\Drivers\swenum.sys
2009-07-13 20:01 - 2009-07-13 20:01 - 000029184 ____A [6E316C01CBA8B785FE495F5CC4F48C6F] (Microsoft Corporation) C:\Windows\System32\Drivers\tape.sys
2018-04-21 12:21 - 2018-01-12 12:44 - 001894120 ____A [8A54B9C4206FBAB2CEE3525CFD365241] (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2016-08-22 18:27 - 2016-07-07 11:08 - 000046080 ____A [7FE5586314EE7D6AA8483264A089E5AF] (Microsoft Corporation) C:\Windows\System32\Drivers\tcpipreg.sys
2012-02-27 22:31 - 2010-11-20 05:22 - 000026624 ____A [6F020A220388ECA0AB6062DC27BD16B6] (Microsoft Corporation) C:\Windows\System32\Drivers\tdi.sys
2009-07-13 20:16 - 2009-07-13 20:16 - 000015872 ____A [3371D21011695B16333A3934340C4E7C] (Microsoft Corporation) C:\Windows\System32\Drivers\tdpipe.sys
2012-04-03 15:52 - 2012-02-17 00:57 - 000023552 ____A [51C5ECEB1CDEE2468A1748BE550CFBC8] (Microsoft Corporation) C:\Windows\System32\Drivers\tdtcp.sys
2017-11-24 09:25 - 2017-07-29 10:56 - 000117248 ____A [4DD986720F7CB7A8A5D1226793097B9A] (Microsoft Corporation) C:\Windows\System32\Drivers\tdx.sys
2018-04-21 12:20 - 2018-02-10 14:35 - 000063168 ____A [AC24D7A7D9EEDE11E2926F9001BEAFB5] (Microsoft Corporation) C:\Windows\System32\Drivers\termdd.sys
2017-11-24 09:25 - 2017-08-13 17:45 - 000040448 ____A [2CF58216424757ED29605B4F18EC443C] (Microsoft Corporation) C:\Windows\System32\Drivers\tssecsrv.sys
2014-03-27 15:38 - 2013-10-01 22:22 - 000056832 ____A [E9981ECE8D894CEF7038FD1D040EB426] (Microsoft Corporation) C:\Windows\System32\Drivers\TsUsbFlt.sys
2012-02-27 22:31 - 2010-11-20 06:51 - 000125440 ____A [3566A8DAAFA27AF944F5D705EAA64894] (Microsoft Corporation) C:\Windows\System32\Drivers\tunnel.sys
2009-07-13 19:38 - 2009-07-13 21:45 - 000064080 ____A [B4DD609BD7E282BFC683CEC7EAAAAD67] (Microsoft Corporation) C:\Windows\System32\Drivers\UAGP35.SYS
2012-02-27 22:32 - 2010-11-20 05:26 - 000328192 ____A [FF4232A1A64012BAA1FD97C7B67DF593] (Microsoft Corporation) C:\Windows\System32\Drivers\udfs.sys
2018-04-21 12:20 - 2018-02-10 14:35 - 000064192 ____A [B70E26A57F35ECA5199E6D6B9592A67C] (Microsoft Corporation) C:\Windows\System32\Drivers\ULIAGPKX.SYS
2012-02-27 22:31 - 2010-11-20 06:44 - 000048640 ____A [DC54A574663A895C8763AF0FA1FF7561] (Microsoft Corporation) C:\Windows\System32\Drivers\umbus.sys
2009-07-13 20:06 - 2009-07-13 20:06 - 000009728 ____A [B2E8E8CB557B156DA5493BBDDCC1474D] (Microsoft Corporation) C:\Windows\System32\Drivers\umpass.sys
2013-04-04 21:35 - 2013-02-12 00:12 - 000019968 ____A [92B3172E8C14C1444682F510843A9988] (Microsoft Corporation) C:\Windows\System32\Drivers\usb8023.sys
2013-10-20 08:53 - 2013-07-12 06:40 - 000109824 ____A [B0435098C81D04CAFFF80DDB746CD3A2] (Microsoft Corporation) C:\Windows\System32\Drivers\USBAUDIO.sys
2012-02-27 22:31 - 2010-11-20 06:44 - 000032896 ____A [292A8E03B3FCE04E39B5BE9B14132030] (Microsoft Corporation) C:\Windows\System32\Drivers\USBCAMD2.sys
2017-11-24 09:25 - 2017-10-17 22:06 - 000099840 ____A [9E68E917FB4B5C983438969643F53BEF] (Microsoft Corporation) C:\Windows\System32\Drivers\usbccgp.sys
2013-10-20 08:53 - 2013-07-12 06:41 - 000100864 ____A [80B0F7D5CCF86CEB5D402EAAF61FEC31] (Microsoft Corporation) C:\Windows\System32\Drivers\usbcir.sys
2017-11-24 09:25 - 2017-10-17 22:06 - 000007808 ____A [D017EED379FFE7CCFF0F825D53AB8096] (Microsoft Corporation) C:\Windows\System32\Drivers\usbd.sys
2017-11-24 09:25 - 2017-10-17 22:06 - 000056320 ____A [3F9D3902CE931E2A28DD8452AE915B67] (Microsoft Corporation) C:\Windows\System32\Drivers\usbehci.sys
2017-11-24 09:25 - 2017-10-17 22:06 - 000344064 ____A [86B65EEBC03B936DE8B26E5A18D98FA2] (Microsoft Corporation) C:\Windows\System32\Drivers\usbhub.sys
2017-11-24 09:25 - 2017-10-17 22:06 - 000025600 ____A [099C2931C6F73EB1B9E13C560F61B50D] (Microsoft Corporation) C:\Windows\System32\Drivers\usbohci.sys
2017-11-24 09:25 - 2017-10-17 22:06 - 000327168 ____A [03BE4B07FADA1FEA51480453EA229642] (Microsoft Corporation) C:\Windows\System32\Drivers\usbport.sys
2009-07-13 20:38 - 2009-07-13 20:38 - 000025088 ____A [73188F58FB384E75C4063D29413CEE3D] (Microsoft Corporation) C:\Windows\System32\Drivers\usbprint.sys
2012-02-27 22:31 - 2010-11-20 07:37 - 000031744 ____A [C3EC945DEC43C00E2AD4C98DDDD064C7] (Microsoft Corporation) C:\Windows\System32\Drivers\usbrpm.sys
2013-10-20 08:53 - 2013-07-03 00:40 - 000042496 ____A [9661DA76B4531B2DA272ECCE25A8AF24] (Microsoft Corporation) C:\Windows\System32\Drivers\usbscan.sys
2016-08-03 15:42 - 2016-02-03 14:07 - 000091648 ____A [D029DD09E22EB24318A8FC3D8138BA43] (Microsoft Corporation) C:\Windows\System32\Drivers\USBSTOR.SYS
2017-11-24 09:25 - 2017-10-17 22:06 - 000030720 ____A [5D7651347C7D702F4A5DE53603DC024F] (Microsoft Corporation) C:\Windows\System32\Drivers\usbuhci.sys
2013-10-20 08:53 - 2013-07-12 06:41 - 000185344 ____A [1F775DA4CF1A3A1834207E975A72E9D7] (Microsoft Corporation) C:\Windows\System32\Drivers\usbvideo.sys
2018-04-21 12:20 - 2018-02-10 14:35 - 000036032 ____A [7BDCE021786C3DCCFD2C22EBF643EE36] (Microsoft Corporation) C:\Windows\System32\Drivers\vdrvroot.sys
2009-07-13 19:38 - 2009-07-13 19:38 - 000029184 ____A [53E92A310193CB3C03BEA963DE7D9CFC] (Microsoft Corporation) C:\Windows\System32\Drivers\vga.sys
2009-07-13 19:38 - 2009-07-13 19:38 - 000029184 ____A [DA4DA3F5E02943C2DC8C6ED875DE68DD] (Microsoft Corporation) C:\Windows\System32\Drivers\vgapnp.sys
2012-02-27 22:32 - 2010-11-20 09:34 - 000215936 ____A [2CE2DF28C83AEAF30084E1B1EB253CBB] (Microsoft Corporation) C:\Windows\System32\Drivers\vhdmp.sys
2009-07-13 19:19 - 2009-07-13 21:45 - 000017488 ____A [E5689D93FFE4E5D66C0178761240DD54] (VIA Technologies, Inc.) C:\Windows\System32\Drivers\viaide.sys
2018-04-21 12:20 - 2018-03-30 21:02 - 000129536 ____A [C1F3764873059A6B47F19D61E893DBC7] (Microsoft Corporation) C:\Windows\System32\Drivers\videoprt.sys
2012-02-27 22:32 - 2010-11-20 09:34 - 000199552 ____A [86EA3E79AE350FEA5331A1303054005F] (Microsoft Corporation) C:\Windows\System32\Drivers\vmbus.sys
2012-02-27 22:31 - 2010-11-20 05:57 - 000021760 ____A [7DE90B48F210D29649380545DB45A187] (Microsoft Corporation) C:\Windows\System32\Drivers\VMBusHID.sys
2012-02-27 22:31 - 2010-11-20 05:57 - 000006656 ____A [E60C0A09F997826C7627B244195AB581] (Microsoft Corporation) C:\Windows\System32\Drivers\vms3cap.sys
2012-02-27 22:32 - 2010-11-20 09:34 - 000046464 ____A [7785DC213270D2FC066538DAF94087E7] (Microsoft Corporation) C:\Windows\System32\Drivers\vmstorfl.sys
2018-04-21 12:20 - 2018-02-10 14:35 - 000068288 ____A [8EDE91FBAC7BF7605323C517C717A253] (Microsoft Corporation) C:\Windows\System32\Drivers\volmgr.sys
2017-11-24 09:25 - 2017-07-07 11:33 - 000363752 ____A [85C5468BC395819AE2A0C747334BA14C] (Microsoft Corporation) C:\Windows\System32\Drivers\volmgrx.sys
2012-02-27 22:32 - 2010-11-20 09:34 - 000295808 ____A [0D08D2F3B3FF84E433346669B5E0F639] (Microsoft Corporation) C:\Windows\System32\Drivers\volsnap.sys
2009-06-10 16:37 - 2009-07-13 21:45 - 000161872 ____A [5E2016EA6EBACA03C04FEAC5F330D997] (VIA Technologies Inc.,Ltd) C:\Windows\System32\Drivers\vsmraid.sys
2009-07-13 20:07 - 2009-07-13 20:07 - 000024576 ____A [36D4720B72B5C5D9CB2B9C29E9DF67A1] (Microsoft Corporation) C:\Windows\System32\Drivers\vwifibus.sys
2009-07-13 20:07 - 2009-07-13 20:07 - 000059904 ____A [6A3D66263414FF0D6FA754C646612F3F] (Microsoft Corporation) C:\Windows\System32\Drivers\vwififlt.sys
2009-07-13 20:07 - 2009-07-13 20:07 - 000017920 ____A [6A638FC4BFDDC4D9B186C28C91BD1A01] (Microsoft Corporation) C:\Windows\System32\Drivers\vwifimp.sys
2009-07-13 20:02 - 2009-07-13 20:02 - 000027776 ____A [4E9440F4F152A7B944CB1663D3935A3E] (Microsoft Corporation) C:\Windows\System32\Drivers\wacompen.sys
2018-04-21 12:20 - 2017-12-31 21:55 - 000088576 ____A [DC4CB3626E7423B9D83CF1B4857FDF15] (Microsoft Corporation) C:\Windows\System32\Drivers\wanarp.sys
2009-07-13 19:37 - 2009-07-13 19:37 - 000042496 ____A [FC438D1430B28618E2D0C7C332A710AD] (Microsoft Corporation) C:\Windows\System32\Drivers\watchdog.sys
2009-07-13 19:19 - 2009-07-13 21:45 - 000021056 ____A [72889E16FF12BA0F235467D6091B17DC] (Microsoft Corporation) C:\Windows\System32\Drivers\wd.sys
2008-05-06 16:06 - 2008-05-06 16:06 - 000014464 ____A [A3D04EBF5227886029B4532F20D026F7] (Western Digital Technologies) C:\Windows\System32\Drivers\wdcsam64.sys
2013-10-20 08:53 - 2013-06-25 18:55 - 000785624 ____A [E2C933EDBC389386EBE6D2BA953F43D8] (Microsoft Corporation) C:\Windows\System32\Drivers\Wdf01000.sys
2012-12-05 22:21 - 2012-07-26 00:55 - 000054376 ____A [AEA0A67275CFBA0E463E00C6E9A1DDAE] (Microsoft Corporation) C:\Windows\System32\Drivers\WdfLdr.sys
2009-07-13 20:09 - 2009-07-13 20:09 - 000012800 ____A [611B23304BF067451A9FDEE01FBDD725] (Microsoft Corporation) C:\Windows\System32\Drivers\wfplwf.sys
2009-07-13 19:29 - 2009-07-13 21:45 - 000022096 ____A [05ECAEC3E4529A7153B3136CEB49F0EC] (Microsoft Corporation) C:\Windows\System32\Drivers\wimmount.sys
2012-02-27 22:32 - 2010-11-20 09:33 - 000052096 ____A [B4A1002206F6810EABC027DBBCE3B737] (Microsoft Corporation) C:\Windows\System32\Drivers\winhv.sys
2012-02-27 22:32 - 2010-11-20 06:43 - 000041984 ____A [FE88B288356E7B47B74B13372ADD906D] (Microsoft Corporation) C:\Windows\System32\Drivers\winusb.sys
2018-04-21 12:20 - 2018-02-10 13:25 - 000014336 ____A [43471A750D4F3918AC92F5131AE252D3] (Microsoft Corporation) C:\Windows\System32\Drivers\wmiacpi.sys
2009-07-13 19:19 - 2009-07-13 21:45 - 000016464 ____A [FC146F46872D4C5B529B89A5131FD1E6] (Microsoft Corporation) C:\Windows\System32\Drivers\wmilib.sys
2009-07-13 20:10 - 2009-07-13 20:10 - 000021504 ____A [6BCC1D7D2FD2453957C5479A32364E52] (Microsoft Corporation) C:\Windows\System32\Drivers\ws2ifsl.sys
2012-12-05 22:11 - 2012-07-25 22:26 - 000087040 ____A [AB886378EEB55C6C75B4F2D14B6C869F] (Microsoft Corporation) C:\Windows\System32\Drivers\WUDFPf.sys
2012-12-05 22:11 - 2012-07-25 22:26 - 000198656 ____A [DDA4CAF29D8C0A297F886BFE561E6659] (Microsoft Corporation) C:\Windows\System32\Drivers\WUDFRd.sys
2009-07-14 01:37 - 2017-11-24 16:44 - 000000000 ___AD [00000000000000000000000000000000] () C:\Windows\System32\Drivers\en-US
2009-07-14 01:35 - 2009-07-13 22:29 - 000011776 ____A [54DB21D20958E3D690BCC9F85E760354] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\1394ohci.sys.mui
2009-07-14 01:35 - 2009-07-13 22:23 - 000009216 ____A [32022C811A44B86FF45D20ACAB6D9BF6] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\acpi.sys.mui
2009-07-14 01:35 - 2009-07-13 22:30 - 000014848 ____A [E6A5E6AD9C6F4F30061068F321C0EC5A] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\afd.sys.mui
2009-07-14 01:35 - 2009-07-13 22:25 - 000002560 ____A [112E5E0E93886F5F4662F8AB16A41953] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\AGP440.sys.mui
2009-07-14 01:35 - 2009-07-13 22:25 - 000002048 ____A [431EEF89634DC46CCADD489A5E242D96] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\amdide.sys.mui
2009-07-14 01:35 - 2009-07-13 22:28 - 000014336 ____A [5A407CCC623EF4748FCFD65D8BF36E53] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\amdk8.sys.mui
2009-07-14 01:35 - 2009-07-13 22:28 - 000014336 ____A [02EF6091D3B2E3DD52148D69B084CC6A] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\amdppm.sys.mui
2009-07-14 01:35 - 2009-07-13 22:29 - 000003072 ____A [0AB55BC2F5C3B1F6DD41C4A8F2C598AE] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\ataport.sys.mui
2009-07-14 01:35 - 2009-07-13 22:29 - 000003072 ____A [2990593CBE18904D5EC0D8D012F56BE0] (ATI Technologies Inc.) C:\Windows\System32\Drivers\en-US\atikmdag.sys.mui
2009-07-14 01:35 - 2009-07-13 22:27 - 000007168 ____A [39C77D306B5BC4EE5B84F257BD8C11D4] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\battc.sys.mui
2009-07-14 01:35 - 2009-07-13 22:30 - 000025600 ____A [D33E31F95C553085F8F008269716AE3C] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\bfe.dll.mui
2009-07-14 01:35 - 2009-07-13 22:28 - 000002560 ____A [19772EAF65F4DC67D258A0204BDF53BB] (Brother Industries Ltd.) C:\Windows\System32\Drivers\en-US\BrParwdm.sys.mui
2009-07-14 01:35 - 2009-07-13 22:25 - 000010240 ____A [E2D40298D837850BE3D3ED553D557916] (Brother Industries Ltd.) C:\Windows\System32\Drivers\en-US\BrSerIb.sys.mui
2009-07-14 01:35 - 2009-07-13 22:30 - 000010240 ____A [FFFAE2F485EE4846D3926D8143DC52D0] (Brother Industries Ltd.) C:\Windows\System32\Drivers\en-US\BrSerId.sys.mui
2009-07-14 01:35 - 2009-07-13 22:30 - 000002048 ____A [996AD950DC5511CAC3E23887F36D00CE] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\bthenum.sys.mui
2009-07-14 01:35 - 2009-07-13 22:27 - 000004608 ____A [9F6C0ED8C73E45B8B39E93C4F19EC51D] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\bthpan.sys.mui
2009-07-14 01:35 - 2009-07-13 22:27 - 000007680 ____A [E811F270074C90EFFB62E26419C5A478] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\bthport.sys.mui
2009-07-14 01:35 - 2009-07-13 22:30 - 000002560 ____A [427AFD042BF91F651AAAF2F8333946D3] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\BTHUSB.SYS.mui
2009-07-14 01:35 - 2009-07-13 22:29 - 000002048 ____A [E4AD0963F2B4C256C9B752809FF5A17D] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\cdrom.sys.mui
2009-07-14 01:35 - 2009-07-13 22:29 - 000002048 ____A [E113E3358247C4399ACAA9394A13CAC1] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\disk.sys.mui
2009-07-14 01:35 - 2009-07-13 22:28 - 000002560 ____A [4DF602FA4237A02CFBA5443807ACE756] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\Dot4usb.sys.mui
2009-07-14 01:35 - 2009-07-13 22:23 - 000005120 ____A [9F29D656CAA5CB37DC988FC1B0899728] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\fltmgr.sys.mui
2009-07-14 01:35 - 2009-07-13 22:30 - 000014336 ____A [F376F1DB8D6B5C7D4AACA77016547269] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\fvevol.sys.mui
2009-07-14 01:35 - 2009-07-13 22:29 - 000002560 ____A [F800E677010DCCC1D1F3DD80C1208ADD] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\GAGP30KX.SYS.mui
2009-07-14 01:35 - 2009-07-13 22:28 - 000004096 ____A [CF9ED88D2707FB6175D56A8EEF56AE2A] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\hdaudbus.sys.mui
2009-07-14 01:35 - 2009-07-13 22:30 - 000003072 ____A [C9AFAE18805C92774E55D85C34687D98] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\HdAudio.sys.mui
2009-07-14 01:35 - 2009-07-13 22:24 - 000003072 ____A [6289F615503FABB5721E885F76C21094] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\hidbth.sys.mui
2009-07-14 01:35 - 2009-07-13 22:30 - 000032256 ____A [E7385B794486432C74CA8CBEAE1E957C] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\http.sys.mui
2009-07-14 01:35 - 2009-07-13 22:29 - 000010240 ____A [7932917F9F40083310D3C597CA89138A] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\i8042prt.sys.mui
2009-07-14 01:35 - 2009-07-13 22:28 - 000014336 ____A [A9DAE67F67C8736EAB89BE629A100134] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\intelppm.sys.mui
2012-02-27 22:31 - 2010-11-20 09:11 - 000006144 ____A [32E82AD8C30775AF16F8FCB6B233768E] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\IPMIDrv.sys.mui
2009-07-14 01:35 - 2009-07-13 22:23 - 000003584 ____A [13121C32919056A572109E59591E3DD1] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\ipnat.sys.mui
2009-07-14 01:35 - 2009-07-13 22:30 - 000003584 ____A [095EE8818E7CFEEFCA144737D5EE7EC5] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\isapnp.sys.mui
2012-02-27 22:31 - 2010-11-20 09:10 - 000004608 ____A [07E46CC39BDC4296D798560E248C4C8F] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\kbdclass.sys.mui
2009-07-14 01:35 - 2009-07-13 22:24 - 000002560 ____A [7776875C8810B7995B7F8935A73C5675] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\kbdhid.sys.mui
2009-07-14 01:35 - 2009-07-13 22:29 - 000006144 ____A [09654F384E8F48403AFEED23EC29D98A] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\luafv.sys.mui
2009-07-14 01:35 - 2009-07-13 22:28 - 000003584 ____A [B9D5D5C08D86E45933607821949F64A3] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\modem.sys.mui
2009-07-14 01:35 - 2009-07-13 22:26 - 000004096 ____A [586AF4C75447643EA998E7AFE717F6B3] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\mouclass.sys.mui
2009-07-14 01:35 - 2009-07-13 22:24 - 000002560 ____A [A15D1C07F7CF3AF5F8595187D7B2D7BA] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\mouhid.sys.mui
2015-12-15 08:21 - 2015-07-15 14:02 - 000002560 ____A [DCB0BF8BEDF446B36EE1A77C0D86F31F] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\mountmgr.sys.mui
2009-07-14 01:35 - 2009-07-13 22:27 - 000026624 ____A [5824985855E951FD7081EDA73014159F] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\mpio.sys.mui
2009-07-14 01:35 - 2009-07-13 22:29 - 000005632 ____A [21DDE99325EE591D56E838F65372FCDC] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\msdsm.sys.mui
2009-07-14 01:35 - 2009-07-13 22:24 - 000003072 ____A [21AD775A1C84C086E630D3C8BEE807FF] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\mssmbios.sys.mui
2009-07-14 01:35 - 2009-07-13 22:27 - 000002560 ____A [CD483881C9EEAA0A092BADB0E9E31D44] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\MTConfig.sys.mui
2009-07-14 01:35 - 2009-07-13 22:29 - 000035328 ____A [C3DB52AAA8F7FBE7BB48BBE1552FD9D4] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\ndis.sys.mui
2009-07-14 01:35 - 2009-07-13 22:29 - 000005632 ____A [0E5C3B2A88938BFA39A3660525EED627] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\ndiscap.sys.mui
2009-07-14 01:35 - 2009-07-13 22:23 - 000003072 ____A [82364E6C73DE7B0D9A14ED696663691D] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\ndisuio.sys.mui
2009-07-14 01:35 - 2009-07-13 22:26 - 000059904 ____A [826CC149F7AE403090D8EE13421907D3] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\ntfs.sys.mui
2009-07-14 01:35 - 2009-07-13 22:24 - 000002560 ____A [402C5F373E3348172A21E2C4E47FE9A5] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\NV_AGP.SYS.mui
2009-07-14 01:35 - 2009-07-13 22:23 - 000013824 ____A [4A911620A8D4A92B4829088313262C65] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\nwifi.sys.mui
2009-07-14 01:35 - 2009-07-13 22:29 - 000011776 ____A [FCF1928FC42F3FF495AABBF531925912] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\ohci1394.sys.mui
2009-07-14 01:35 - 2009-07-13 22:25 - 000015360 ____A [FE8EE46359CCA5797116E999AC9027E8] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\pacer.sys.mui
2009-07-14 01:35 - 2009-07-13 22:29 - 000003584 ____A [1897DD879E564636B62C7438BEDD7ED8] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\parport.sys.mui
2009-07-14 01:35 - 2009-07-13 22:29 - 000002560 ____A [5B7B4A639557BCCBF6CFB19D01CED6F6] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\partmgr.sys.mui
2009-07-14 01:35 - 2009-07-13 22:29 - 000008192 ____A [852A0E7E335D7403456C5493C3602DFA] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\pci.sys.mui
2009-07-14 01:35 - 2009-07-13 22:28 - 000004096 ____A [C4179FB59F7C58207724DD200A50A623] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\pcmcia.sys.mui
2009-07-14 01:35 - 2009-07-13 22:26 - 000002560 ____A [A32BF5D2ABCE0A52AC08759883100FA1] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\pnpmem.sys.mui
2009-07-14 01:35 - 2009-07-13 22:23 - 000003584 ____A [FD3DC59E253F1588CFDC984A08D5AB06] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\portcls.sys.mui
2009-07-14 01:35 - 2009-07-13 22:29 - 000014336 ____A [12EE9100FC4EE882DC9D807518EA456F] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\processr.sys.mui
2009-07-14 01:35 - 2009-07-13 22:30 - 000003584 ____A [9AE150B07FBB235F7DD98B016B728245] (SCM Microsystems, Inc.) C:\Windows\System32\Drivers\en-US\pscr.sys.mui
2009-07-14 01:35 - 2009-07-13 22:24 - 000002560 ____A [EBF10A20E41E54D35E24BB1477B3790A] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\qwavedrv.sys.mui
2009-07-14 01:35 - 2009-07-13 22:25 - 000004608 ____A [836EC1DA853C3CC5AFA72FF1C56FECC1] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\rdbss.sys.mui
2012-02-27 22:31 - 2010-11-20 09:01 - 000002560 ____A [6289416B950764322B45E9C55A5645B4] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\rdpwd.sys.mui
2012-02-27 22:31 - 2010-11-20 09:13 - 000006144 ____A [D5ACC340A830BE7A51DE61F5A84B3AA3] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\rdvgkmd.sys.mui
2009-07-14 01:35 - 2009-07-13 22:28 - 000003072 ____A [0A86155D9CF13C36C1C11097895B7D23] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\RNDISMP.sys.mui
2009-07-14 01:35 - 2009-07-13 22:25 - 000003072 ____A [69A5BEFB6D15DB21FEA9ACC7E514B29E] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\rndismp6.sys.mui
2009-07-14 01:35 - 2009-07-13 22:28 - 000003072 ____A [0A86155D9CF13C36C1C11097895B7D23] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\rndismpx.sys.mui
2009-07-14 01:35 - 2009-07-13 22:30 - 000002560 ____A [68A170329824FD91839D15DA6CB616C8] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\scfilter.sys.mui
2009-07-14 01:35 - 2009-07-13 22:24 - 000003072 ____A [67BDCDBBB8FB81865DCDB07142471C81] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\scsiport.sys.mui
2009-07-14 01:35 - 2009-07-13 22:30 - 000010240 ____A [28FDCD5276E588B1C82E8390C331A672] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\serial.sys.mui
2009-07-14 01:35 - 2009-07-13 22:29 - 000005120 ____A [EC3DB882F53F67457701F2674E16A255] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\sermouse.sys.mui
2009-07-14 01:35 - 2009-07-13 22:26 - 000002560 ____A [531E4F70FCD5D5A278EAB6E2D1849847] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\serscan.sys.mui
2009-07-14 01:35 - 2009-07-13 22:25 - 000002560 ____A [8B900D6E6253E72975747D40F0B4CE4D] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\srv.sys.mui
2009-07-14 01:35 - 2009-07-13 22:28 - 000044032 ____A [147A70680DFE10726938C932C529C500] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\tcpip.sys.mui
2016-08-03 15:43 - 2016-02-05 14:53 - 000008192 ____A [132547D30ECBC0DEE0E52A4B1F19D085] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\tpm.sys.mui
2014-03-27 15:38 - 2013-10-02 00:38 - 000003072 ____A [D02386F421B7BA79B3DD70002BA84AB1] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\tsusbflt.sys.mui
2012-02-27 22:31 - 2010-11-20 09:11 - 000004096 ____A [E3E1BC6EF907645E1AFD3E4E287C37BB] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\tsusbhub.sys.mui
2009-07-14 01:35 - 2009-07-13 22:24 - 000007680 ____A [00D0ADEB9470F4E73C675F4271579AEE] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\tunnel.sys.mui
2009-07-14 01:35 - 2009-07-13 22:24 - 000002560 ____A [258EE691A306B61FD78F6EA2AE68EC4D] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\UAGP35.SYS.mui
2009-07-14 01:35 - 2009-07-13 22:23 - 000002560 ____A [0603331E5CCDC80476C869C22AB49CEC] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\ULIAGPKX.SYS.mui
2009-07-14 01:35 - 2009-07-13 22:29 - 000003072 ____A [B1EF6396D59394A839242635B193C19D] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\umbus.sys.mui
2017-11-24 09:25 - 2017-10-17 22:29 - 000003072 ____A [5E8FE83DC4ECB24D27A864AA0AC28A61] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\usbehci.sys.mui
2017-11-24 09:25 - 2017-10-17 22:29 - 000011776 ____A [7727F33D6C8F04492AB36F34808B43FE] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\usbhub.sys.mui
2017-11-24 09:25 - 2017-10-17 22:29 - 000024576 ____A [536FFFDE85B0E5FAA180FDD206156CA6] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\usbport.sys.mui
2009-07-14 01:35 - 2009-07-13 22:24 - 000002048 ____A [A477495EDAB1FC652C3E7F48D9879E61] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\usbrpm.sys.mui
2009-07-14 01:35 - 2009-07-13 22:26 - 000003584 ____A [B6CBD22F79E099E7B9C7AD30B0EB3E33] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\vdrvroot.sys.mui
2009-07-14 01:35 - 2009-07-13 22:29 - 000003584 ____A [9EA0366724437C0448BC242C90D073BF] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\vhdmp.sys.mui
2009-07-14 01:35 - 2009-07-13 22:23 - 000002560 ____A [8B43588430EBA0E1C4C6B2909B3FA616] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\volmgrx.sys.mui
2009-07-14 01:35 - 2009-07-13 22:28 - 000023552 ____A [308E04CFA8407B0C7099C9D40BC19023] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\volsnap.sys.mui
2009-07-14 01:35 - 2009-07-13 22:29 - 000002048 ____A [AC0CDAA74A6DF9FA99D39BA5E3E32852] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\vwifibus.sys.mui
2009-07-14 01:35 - 2009-07-13 22:27 - 000004096 ____A [4820660F8636CA590F6DDE44037C240A] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\wacompen.sys.mui
2009-07-14 01:35 - 2009-07-13 22:26 - 000002048 ____A [29F6CD4D49286520658A9F8257DB95ED] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\wd.sys.mui
2012-12-05 22:21 - 2012-07-26 00:47 - 000002560 ____A [986A09DC5E1645ED4733065547DCC5DD] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\wdf01000.sys.mui
2009-07-14 01:35 - 2009-07-13 22:29 - 000002048 ____A [FA13EB401D8A26D185C6D0B2AA1427E5] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\ws2ifsl.sys.mui
2009-07-13 23:20 - 2018-05-04 05:40 - 000000000 ___AD [00000000000000000000000000000000] () C:\Windows\System32\Drivers\etc
2018-01-10 20:33 - 2018-01-10 20:36 - 000004207 ____A [2B0263BC92E7663C7E81064BA517FDC9] () C:\Windows\System32\Drivers\etc\hosts.txt
2013-01-11 16:45 - 2013-01-11 16:45 - 000000051 ____A [16BA9998C3289167F9AE3AB781381635] () C:\Windows\System32\Drivers\etc\lmhosts
2009-07-13 22:35 - 2009-06-10 17:00 - 000003683 ____A [18413B90E1B291EC3E777A845C37CFEE] () C:\Windows\System32\Drivers\etc\lmhosts.sam
2009-07-13 22:34 - 2009-06-10 17:00 - 000000407 ____A [B65A1232FB4B35827CE7C5E2F8EC8947] () C:\Windows\System32\Drivers\etc\networks
2009-07-13 22:34 - 2009-06-10 17:00 - 000001358 ____A [7700D22FA108234E623D65FA72D9E29C] () C:\Windows\System32\Drivers\etc\protocol
2009-07-13 22:34 - 2009-06-10 17:00 - 000017463 ____A [D9E1A01B480D961B7CF0509D597A92D6] () C:\Windows\System32\Drivers\etc\services
2018-02-24 02:50 - 2018-02-24 02:50 - 000000000 ___AD [00000000000000000000000000000000] () C:\Windows\System32\Drivers\NVIDIA Corporation
2018-02-24 02:50 - 2018-04-21 12:33 - 000000000 ___AD [00000000000000000000000000000000] () C:\Windows\System32\Drivers\NVIDIA Corporation\Drs
2018-04-13 01:12 - 2018-04-13 01:12 - 000473960 ____A [5C1FA77A21683B4948DC186238AA3C98] (NVIDIA Corporation) C:\Windows\System32\Drivers\NVIDIA Corporation\Drs\dbInstaller.exe
2018-04-12 21:47 - 2018-04-12 21:47 - 001479692 ____A [E434469843825C2363799D823A56980A] () C:\Windows\System32\Drivers\NVIDIA Corporation\Drs\nvdrsdb.bin
2009-07-13 23:20 - 2017-07-05 03:46 - 000000000 ___AD [00000000000000000000000000000000] () C:\Windows\System32\Drivers\UMDF
2012-02-27 22:32 - 2010-11-20 09:27 - 000109056 ____A [8F1E572C5DF084ECD65C3CBCD720534C] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\usbdr.dll
2009-07-13 20:21 - 2009-07-13 21:41 - 000299520 ____A [91D6F0AB79AA36FFB932157865206F35] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\WpdFs.dll
2015-05-05 21:58 - 2015-01-28 23:19 - 001195008 ____A [E506DF49926F3086124F629D3352976E] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\WpdMtpDr.dll
2009-07-14 01:37 - 2009-07-14 01:37 - 000000000 ___AD [00000000000000000000000000000000] () C:\Windows\System32\Drivers\UMDF\en-US
2009-07-14 01:35 - 2009-07-13 22:24 - 000002560 ____A [5D15B0705E707F02D71B9547007D2727] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\en-US\WpdMtpDr.dll.mui
2009-07-14 01:35 - 2009-07-13 22:26 - 000006144 ____A [930D103D5C3BE0F6074C67C0F3296602] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\en-US\WUDFUsbccidDriver.dll.mui
 
====== End of Folder: ======
 
 
========= Reg query "HKLM\SYSTEM\Select" =========
 
 
HKEY_LOCAL_MACHINE\SYSTEM\Select
    Current    REG_DWORD    0x1
    Default    REG_DWORD    0x1
    Failed    REG_DWORD    0x0
    LastKnownGood    REG_DWORD    0x2
 
 
 
========= End of Reg: =========
 
Hosts restored successfully.
 
========= RemoveProxy: =========
 
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-2028123929-315541640-582885332-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-2028123929-315541640-582885332-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
 
 
========= End of RemoveProxy: =========
 
 
========= netsh advfirewall reset =========
 
Ok.
 
 
========= End of CMD: =========
 
 
========= netsh advfirewall set allprofiles state ON =========
 
Ok.
 
 
========= End of CMD: =========
 
 
========= ipconfig /flushdns =========
 
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========= End of CMD: =========
 
 
========= netsh winsock reset catalog =========
 
 
Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.
 
 
========= End of CMD: =========
 
 
========= netsh int ip reset C:\resettcpip.txt =========
 
Reseting Global, OK!
Reseting Interface, OK!
Restart the computer to complete this action.
 
 
========= End of CMD: =========
 
 
========= FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i" =========
 
 
========= End of CMD: =========
 
 
========= Bitsadmin /Reset /Allusers =========
 
 
BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.
 
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
 
Unable to cancel {8D9101E2-60CE-42FB-B0BC-28B246AE07A8}.
0 out of 1 jobs canceled.
 
========= End of CMD: =========
 
 
=========== EmptyTemp: ==========
 
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 4961025 B
Java, Flash, Steam htmlcache => 128631513 B
Windows/system/drivers => 541016 B
Edge => 0 B
Chrome => 198781271 B
Firefox => 98304 B
Opera => 0 B
 
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 35113 B
systemprofile32 => 0 B
LocalService => 32768 B
NetworkService => 1870 B
Dean => 6501231 B
Administrator.Rokitman => 23268195 B
 
RecycleBin => 0 B
EmptyTemp: => 354 MB temporary data Removed.
 
================================
 
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 05-05-2018 17:36:40)
 
 
Result of scheduled keys to remove after reboot:
 
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{08D1466E-E6CD-4C6D-8CAC-5145EB2A8278} => could not remove. Access Denied.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => could not remove. Access Denied.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5427F1EF-9AE8-43C4-BF45-35A5B40625D6} => could not remove. Access Denied.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Steam-S-1-8-22-9865GUI => could not remove. Access Denied.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CE18CE31-E1C3-4A28-AB02-19F7D4315A52} => could not remove. Access Denied.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DropboxUpdateTaskMachineUA => could not remove. Access Denied.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D545D939-74DA-4D90-A5C3-07B1236542EA} => could not remove. Access Denied.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => could not remove. Access Denied.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D8A4D4EB-B52F-45EB-A780-17003552709E} => could not remove. Access Denied.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DropboxUpdateTaskMachineCore => could not remove. Access Denied.
 
==== End of Fixlog 17:36:40 ====


#4 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,843 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:07:24 AM

Posted 05 May 2018 - 09:53 PM

How is it doing after that cleanup?

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#5 rokittman

rokittman
  • Topic Starter

  • Members
  • 235 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Burlington, Kentucky
  • Local time:07:24 AM

Posted 06 May 2018 - 06:57 AM

Seems pretty good. No weird applications running, No sketchy Services ~ that I can tell. CUP Usage is hovering around 5% with Chrome open.



#6 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,843 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:07:24 AM

Posted 06 May 2018 - 11:31 AM

Congratulations.

Use this application to remove quarantined items:

Please download DelFix by Xplode and save to your Desktop.
  • Double-click on delfix.exe to run the tool.
    Vista/Windows 7/8/10 users right-click and select Run As Administrator.
  • Put a check mark next to these items:
    - Remove disinfection tools
    - Create registry backup
    delfix.jpg
    .
  • Click the "Run" button.
  • When the tool has finished, it will create and open a log report (DelFix.txt)
Since there are no signs of infection anymore in your logs I guess we're done here.

Windows Updates

Keeping Windows up to date is one of the first steps in having a safe and secure system.Keeping your programs up-to-date

As for safe browsing habits, you can find tons of guides, tutorials, articles, etc. online that will highlight the basics you need to follow (only visit websites you trust, do not click on ads, do not download files from untrusted sources, use a password manager, always verify the URL of a website and make sure it's correctly typed, etc.), and even what you can do if you want to take it a step further (create a fake email address for spam emails, browse the web in a privacy mode, etc.). Here are a few:As you can see, there are plenty of resources out there. Simply Googling "good browsing habits" or "safe browsing habits" should allow you to find a lot of them.

Other recommendations

It's your job to be careful when browsing the web and downloading files if you don't want to get infected. Therefore, if you use your brain (common sense) when browsing the web, downloading programs and files, etc., you have far less chances to get infected by a malware. If for example you're not sure if a website is legitimate or not, or if a file is safe to download and execute, or if a program looks "too good" to be free, I suggest you to avoid going to that website, downloading that file or using that program.
Here are a few guides, tutorials, articles, etc. that you could read in order to learn more about computer protection and security to improve your current computer protection setup but also improve your good web browsing and computer usage practices :Best regards. :)

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#7 rokittman

rokittman
  • Topic Starter

  • Members
  • 235 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Burlington, Kentucky
  • Local time:07:24 AM

Posted 07 May 2018 - 05:19 AM

Thank you so much for your help. Everything seems to be running smoothly. I'll be going through the links in your reply and set up a better maintenance plan ~ and practice better surfing.    :thumbup2: And thank you for your prompt help. I know you guys are extremely busy with other people. I never expected to be serviced so quickly and it is certainly very much appreciated.

 

Best of luck to you and have a great day.

 

- Dean -



#8 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,843 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:07:24 AM

Posted 07 May 2018 - 01:48 PM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users