Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows 7 hangs on all boot options due to bad driver


  • This topic is locked This topic is locked
22 replies to this topic

#1 pleasehelpimlost

pleasehelpimlost

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:12:24 AM

Posted 19 July 2018 - 11:32 PM

To make a very long story short(er), I have a Windows 7 laptop that will not boot under any circumstances. My current situation is very similar to this thread (minus all the viruses):

https://msfn.org/board/topic/156087-solved-windows-failed-to-start-system-repair-cant-discover-pro/

 

That is, Windows is failing to boot due to this "BadDriver". I got the damn thing to boot once using low resolution mode, quickly uninstalled the video driver and rebooted (this has worked for this exact situation for me several times in the recent past on the same hardware) and now it wont boot.

 

I've tried every boot option, I've used everything in the startup repair options, I've manually restored the registry, I've used SFC /scannow, fixmbr, chkdsk, etc. Nothing has worked. I'm certain it has something to do with that "BadDriver" (video driver). 

 

Anyway, I followed along with the fix that worked there and quickly realized that the solution provided was custom-tailored in response to the FRST.txt provided. So, here is mine:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15.07.2018
Ran by SYSTEM on MININT-7SRHFGG (19-07-2018 19:53:55)
Running from e:\
Platform: Windows 7 Enterprise Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11
Boot Mode: Recovery
Default: ControlSet001
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.


Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/


==================== Registry (Whitelisted) ===========================


(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)


HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [729432 2015-05-27] (Alps Electric Co., Ltd.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8464600 2015-10-23] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_MAXX6] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1392856 2015-10-23] (Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => c:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [610048 2015-01-20] (Waves Audio Ltd.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [EmsService] => C:\Windows\system32\EmsServiceHelper.exe [3229536 2014-04-14] (Dell Inc.)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3113592 2015-08-25] (Logitech, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [IntelPROSet] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [4879776 2016-06-23] (Intel(R) Corporation)
HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [527792 2017-08-09] (Greenshot)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [316392 2018-05-11] (Adobe Systems, Incorporated)
HKLM\...\Run: [Sentinel Agent] => C:\Program Files\SentinelOne\Sentinel Agent 2.5.6.117\AgentUI.exe [1061848 2018-05-14] (SentinelOne, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [298296 2018-05-22] (Apple Inc.)
HKLM-x32\...\Run: [DcaTray] => C:\Program Files (x86)\DirectAccess Connectivity Assistant\DcaTray.exe [524288 2014-01-30] (Microsoft Corporation)
HKLM-x32\...\Run: [DesktopAuthority User Experience] => C:\Program Files (x86)\Dell\Desktop Authority\Client Files\9.20.1239\CBM\ScriptLogic.CBM.UserExperience.exe [791792 2014-05-08] (Dell Inc.)
HKLM-x32\...\Run: [PulseSecure] => C:\Program Files (x86)\Common Files\Juniper Networks\JamUI\Pulse.exe [2826584 2015-07-28] (Pulse Secure, LLC)
HKLM-x32\...\Run: [DialOutEZSysTray] => C:\Program Files (x86)\Tactical Software\DialOutEZ\DialOutEZTray.exe [498880 2016-05-25] (Tactical Software, LLC)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [526648 2016-09-05] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [231736 2016-09-05] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-12-19] (Oracle Corporation)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1871344 2018-06-29] (Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [1226240 2018-01-19] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [NVC] => C:\Program Files (x86)\Nortel\Nortel VPN Client\Nvc.exe [1717576 2011-01-12] (Avaya)
HKLM\...\Winlogon: [LegalNoticeCaption] Alaska Communications Systems, Inc.                  Legal Notice
HKLM\...\Winlogon: [LegalNoticeText] Access to this computer and any data stored and maintained therein is secured and restricted to authorized employees in the conduct of the business of any of the Alaska Communications Systems companies. Further use of this terminal is interpreted as acknowledgment that any unauthorized access may result in company action up to and including termination and/or criminal prosecution.
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\clyday\...\Policies\system: [HideLogoffScripts] 0
HKU\clyday\...\Policies\system: [HideLogonScripts] 0
HKU\mtye\...\Policies\system: [HideLogoffScripts] 0
HKU\mtye\...\Policies\system: [HideLogonScripts] 0
HKU\mtye\...\Policies\Explorer: [NoSMConfigurePrograms] 1
HKU\mtye\...\Policies\Explorer: [NoStartMenuMyMusic] 1
HKU\mtye\...\Policies\Explorer: [NoStartMenuMyGames] 1
HKU\mtye\...\Policies\Explorer: [NoSMMyPictures] 1
HKU\spagsoli\...\Policies\Explorer: [NoSMConfigurePrograms] 1
HKU\spagsoli\...\Policies\Explorer: [NoStartMenuMyMusic] 1
HKU\spagsoli\...\Policies\Explorer: [NoStartMenuMyGames] 1
HKU\spagsoli\...\Policies\Explorer: [NoSMMyPictures] 1
HKU\wbailey\...\Policies\system: [HideLogoffScripts] 0
HKU\wbailey\...\Policies\system: [HideLogonScripts] 0
HKU\wbailey\...\Policies\Explorer: [NoSMConfigurePrograms] 1
HKU\wbailey\...\Policies\Explorer: [NoStartMenuMyMusic] 1
HKU\wbailey\...\Policies\Explorer: [NoStartMenuMyGames] 1
HKU\wbailey\...\Policies\Explorer: [NoSMMyPictures] 1
HKU\wmerry\...\Run: [Lync] => C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe [23153352 2017-07-05] (Microsoft Corporation)
HKU\wmerry\...\Run: [Google Update] => C:\Users\wmerry\AppData\Local\Google\Update\1.3.33.17\GoogleUpdateCore.exe [601680 2018-05-17] (Google Inc.)
HKU\wmerry\...\Run: [Google Photos Backup] => C:\Users\wmerry\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe [3791704 2018-06-01] (Google, Inc)
HKU\wmerry\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\Bluestacks\HD-Agent.exe
HKU\wmerry\...\Run: [OffCAT] => C:\Users\wmerry\AppData\Local\Microsoft\OffCAT\OffCAT_RTS.exe [365440 2016-08-01] (Microsoft Corp.)
HKU\wmerry\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [886768 2018-06-29] (Adobe Systems Incorporated)
HKU\wmerry\...\Run: [GNE_DualMonitorTools] => C:\Program Files (x86)\Dual Monitor Tools\DMT.exe [790528 2017-07-22] (GNE)
HKU\wmerry\...\Policies\system: [HideLogoffScripts] 0
HKU\wmerry\...\Policies\system: [HideLogonScripts] 0
HKU\wpotter\...\Policies\system: [HideLogoffScripts] 0
HKU\wpotter\...\Policies\system: [HideLogonScripts] 0
HKU\zvolz9c\...\Policies\system: [HideLogoffScripts] 0
HKU\zvolz9c\...\Policies\system: [HideLogonScripts] 0
HKU\zvolz9c\...\Policies\Explorer: [NoSMConfigurePrograms] 1
HKU\zvolz9c\...\Policies\Explorer: [NoStartMenuMyMusic] 1
HKU\zvolz9c\...\Policies\Explorer: [NoStartMenuMyGames] 1
HKU\zvolz9c\...\Policies\Explorer: [NoSMMyPictures] 1
Startup: C:\Users\wmerry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneDrive for Business.lnk [2016-08-15]
ShortcutTarget: OneDrive for Business.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVE.EXE (Microsoft Corporation)
Startup: C:\Users\wmerry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2018-06-05]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)
GroupPolicy: Restriction - Chrome <==== ATTENTION
GroupPolicyScripts: Restriction <==== ATTENTION
GroupPolicyScripts\User: Restriction <==== ATTENTION


==================== Services (Whitelisted) ====================


(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


S2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2321384 2018-05-11] (Adobe Systems, Incorporated)
S2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2128872 2018-05-11] (Adobe Systems, Incorporated)
S2 ApHidMonitorService; C:\Program Files\DellTPad\HidMonitorSvc.exe [87384 2015-05-27] (Alps Electric Co., Ltd.)
S2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-04-27] (Apple Inc.)
S2 CcmExec; C:\Windows\CCM\CcmExec.exe [2169216 2018-02-24] (Microsoft Corporation)
S2 CipMsgProxyService; C:\Program Files (x86)\VMware\Plug-in Service\vmware-cip-msg-proxy.exe [1898472 2018-01-22] ()
S2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3705536 2017-07-03] (Microsoft Corporation)
S2 CmRcService; C:\Windows\CCM\RemCtrl\CmRcService.exe [699808 2017-07-13] (Microsoft Corporation)
S2 DACBMSvc; C:\Program Files (x86)\Dell\Desktop Authority\Client Files\9.20.1239\CBM\ScriptLogic.CBM.Agent.exe [777968 2014-05-08] (Dell Inc.)
S2 DAClientSvc; C:\Program Files (x86)\Dell\Desktop Authority\Client Files\9.20.1239\DAClientSvc.exe [2608368 2014-05-08] (Dell Inc.)
S2 DcaSvc; C:\Program Files (x86)\DirectAccess Connectivity Assistant\DcaSvc.exe [128000 2014-01-30] (Microsoft Corporation)
S2 EMS; C:\Windows\system32\EMSService.exe [1945440 2014-04-14] (Dell Inc.)
S2 iBtSiva; C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [172784 2016-07-23] (Intel Corporation)
S2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [373760 2016-10-25] (Intel Corporation)
S2 iked; C:\Program Files\ShrewSoft\VPN Client\iked.exe [1127736 2013-07-01] ()
S2 ipsecd; C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe [810808 2013-07-01] ()
S2 JuniperAccessService; C:\Program Files (x86)\Common Files\Juniper Networks\JUNS\dsAccessService.exe [162136 2015-07-28] (Pulse Secure, LLC)
S2 LogProcessorService; C:\Program Files\SentinelOne\Sentinel Agent 2.5.6.117\SentinelServiceHost.exe [5448056 2018-05-14] (SentinelOne, Inc.)
S3 lpasvc; C:\Program Files\Microsoft Policy Platform\policyHost.exe [50360 2016-09-18] (Microsoft Corporation)
S3 lppsvc; C:\Program Files\Microsoft Policy Platform\policyHost.exe [50360 2016-09-18] (Microsoft Corporation)
S2 Multiplicity; C:\Program Files (x86)\Stardock\Multiplicity2\MultiSrv.exe [124080 2012-11-26] (Stardock Software, Inc)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268704 2016-06-23] ()
S2 NvcSvcMgr; C:\Program Files (x86)\Nortel\Nortel VPN Client\NvcSvcMgr.exe [623960 2011-01-12] (Avaya)
S2 O2FLASH; C:\Windows\system32\DRIVERS\o2flash.exe [65536 2015-05-04] (BayHubTech/O2Micro International)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-02-28] (Riverbed Technology, Inc.)
S2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [291032 2015-10-23] (Realtek Semiconductor)
S2 SentinelAgent; C:\Program Files\SentinelOne\Sentinel Agent 2.5.6.117\SentinelAgent.exe [12479200 2018-05-14] (SentinelOne, Inc.)
S3 SentinelHelperService; C:\Program Files\SentinelOne\Sentinel Agent 2.5.6.117\SentinelHelperService.exe [546920 2018-05-14] (SentinelOne, Inc.)
S2 SentinelStaticEngine; C:\Program Files\SentinelOne\Sentinel Agent 2.5.6.117\SentinelStaticEngine.exe [6446976 2018-05-14] (SentinelOne, Inc.)
S2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe [2065808 2016-01-04] (SoftThinks SAS)
S3 smstsmgr; C:\Windows\CCM\TSManager.exe [322432 2018-02-24] (Microsoft Corporation)
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2015-11-12] (Microsoft Corporation)
S2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.1.6.0\WsAppService.exe [388608 2016-01-28] (Wondershare)
S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3732896 2016-06-23] (Intel® Corporation)
S3 BstHdAndroidSvc; "C:\Program Files (x86)\Bluestacks\HD-Service.exe" BstHdAndroidSvc Android [X]
S3 BstHdLogRotatorSvc; C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe [X]
S3 BstHdPlusAndroidSvc; "C:\Program Files (x86)\Bluestacks\HD-Plus-Service.exe" BstHdPlusAndroidSvc Android [X]
S3 cphs; %SystemRoot%\SysWow64\IntelCpHeciSvc.exe [X]


===================== Drivers (Whitelisted) ======================


(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


S0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36096 2015-10-23] (Advanced Micro Devices, Inc.)
S3 bcmnfcusb; C:\Windows\system32\drivers\bcmnfcusb7.sys [44288 2015-04-16] (Broadcom Corporation.)
S3 BthPan; C:\Windows\System32\DRIVERS\btath_pan.sys [97512 2016-04-22] (Qualcomm Atheros)
S3 btmaudio; C:\Windows\System32\drivers\btmaud.sys [87528 2015-10-13] (Motorola Solutions, Inc.)
S3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [141800 2015-10-13] (Motorola Solutions, Inc.)
S3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [1545704 2016-04-27] (Motorola Solutions, Inc.)
S0 CmgPCS; C:\Windows\System32\DRIVERS\CmgPCS.sys [158464 2014-03-21] (Dell Inc.)
S0 CmgShieldFFE; C:\Windows\System32\DRIVERS\CmgFFE.sys [406784 2014-04-09] (Dell Inc.)
S2 deserial; C:\Windows\System32\DRIVERS\deserial.sys [1671872 2016-05-25] (Tactical Software, LLC)
S3 dptf_acpi; C:\Windows\System32\DRIVERS\dptf_acpi.sys [55784 2015-10-30] (Intel Corporation)
S3 dptf_cpu; C:\Windows\System32\DRIVERS\dptf_cpu.sys [52200 2015-10-30] (Intel Corporation)
S3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [525800 2017-03-19] (Intel Corporation)
S3 esif_lf; C:\Windows\System32\DRIVERS\esif_lf.sys [260072 2015-10-30] (Intel Corporation)
S0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28008 2015-04-16] (Intel Corporation)
S3 ibtusb; C:\Windows\System32\DRIVERS\ibtusb.sys [355080 2016-07-31] (Intel Corporation)
S3 IntcAzAudAddService; C:\Windows\System32\drivers\RTDVHD64.sys [2740056 2015-10-23] (Realtek Semiconductor Corp.)
S3 ISCT; C:\Windows\system32\drivers\ISCTD.sys [44744 2015-04-16] ()
S3 iwsehub; C:\Windows\system32\drivers\iwsehub.sys [419120 2015-04-16] (Intel Corporation)
S3 iwsepal; C:\Windows\system32\drivers\iwsepal.sys [613168 2015-04-16] (Intel Corporation)
S1 jnprns; C:\Windows\System32\DRIVERS\jnprns.sys [507192 2015-07-28] (Juniper Networks)
S4 jnprTdi_814_60331; C:\WINDOWS\system32\Drivers\jnprTdi_814_60331.sys [108344 2015-07-28] (Pulse Secure, LLC)
S3 jnprva; C:\Windows\System32\DRIVERS\jnprva.sys [30072 2015-07-28] (Juniper Networks, Inc.)
S3 JnprVaMgr; C:\Windows\System32\DRIVERS\jnprvamgr.sys [45352 2015-07-28] (Juniper Networks, Inc.)
S3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [200792 2017-06-25] (Intel Corporation)
S3 mirrorv3; C:\Windows\System32\DRIVERS\rminiv3.sys [5632 2010-04-21] (Famatech International Corp.)
S3 NETwNs64; C:\Windows\System32\DRIVERS\Netwsw04.sys [3441424 2016-07-24] (Intel Corporation)
S2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-02-28] (Riverbed Technology, Inc.)
S3 NT_NvcA; C:\Windows\System32\DRIVERS\ntnvca.sys [44096 2011-01-11] (Nortel Networks)
S2 nvcwfpco; C:\Windows\System32\DRIVERS\nvcwfpco.sys [80448 2011-01-11] (Nortel Networks Corporation)
S3 O2FJ2RDR; C:\Windows\System32\DRIVERS\O2FJ2w7x64.sys [210592 2015-05-04] (BayHubTech/O2Micro )
S3 prepdrvr; C:\Windows\System32\DRIVERS\prepdrv.sys [26984 2013-09-11] (Microsoft Corporation)
S1 SentinelMonitor; C:\Program Files\SentinelOne\Sentinel Agent 2.5.6.117\SentinelMonitor.sys [446864 2018-05-15] (SentinelOne, Inc.)
S3 ST7007; C:\Windows\system32\drivers\ST7007.sys [69896 2015-04-16] (STMicroelectronics)
S3 ST_Accel; C:\Windows\System32\DRIVERS\ST_Accel.sys [75952 2015-05-27] (STMicroelectronics)
S3 swg3knmea05; C:\Windows\system32\drivers\swg3knmea05.sys [276720 2015-04-16] (Sierra Wireless Incorporated)
S3 swg3kser05; C:\Windows\system32\drivers\swg3kser05.sys [276720 2015-04-16] (Sierra Wireless Incorporated)
S3 swibus05; C:\Windows\system32\drivers\swibus05.sys [88848 2015-04-16] (Sierra Wireless Inc.)
S3 swibusflt05; C:\Windows\system32\drivers\swibusflt05.sys [88848 2015-04-16] (Sierra Wireless Inc.)
S3 swimbbbus05; C:\Windows\system32\drivers\swimbbbus05.sys [88848 2015-04-16] (Sierra Wireless Inc.)
S3 swimbbbusflt05; C:\Windows\system32\drivers\swimbbbusflt05.sys [88848 2015-04-16] (Sierra Wireless Inc.)
S3 swmbbnmea05; C:\Windows\system32\drivers\swmbbnmea05.sys [276720 2015-04-16] (Sierra Wireless Incorporated)
S3 swmbbser05; C:\Windows\system32\drivers\swmbbser05.sys [276720 2015-04-16] (Sierra Wireless Incorporated)
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [74120 2018-01-19] (Cisco Systems, Inc.)
S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam64_prewin8.sys [31920 2018-02-26] (Western Digital Technologies)
S2 WinisoCDBus; C:\Windows\System32\drivers\WinisoCDBus.sys [204032 2016-05-11] (WinISO.com)
S3 BstHdDrv; \??\C:\Program Files (x86)\Bluestacks\HD-Hypervisor-amd64.sys [X]
S3 BstkDrv; \??\C:\Program Files (x86)\Bluestacks\BstkDrv.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]


==================== NetSvcs (Whitelisted) ===================


(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)




==================== One Month Created files and folders ========


(If an entry is included in the fixlist, the file/folder will be moved.)


2018-07-19 19:45 - 2018-07-19 19:53 - 000000000 ____D C:\FRST
2018-07-19 18:55 - 2018-07-19 18:55 - 000000000 ____D C:\Windows\System32\configBak
2018-07-19 17:35 - 2018-07-19 17:35 - 000003462 _____ C:\Windows\System32\Tasks\AdobeGCInvoker-1.0-ANC54971L-hduser
2018-07-19 17:30 - 2018-07-19 17:32 - 000000000 ____D C:\Users\hduser\AppData\Roaming\Greenshot
2018-07-19 17:30 - 2018-07-19 17:30 - 000114304 _____ C:\Users\hduser\AppData\Local\GDIPFONTCACHEV1.DAT
2018-07-19 17:30 - 2018-07-19 17:30 - 000002276 _____ C:\Users\hduser\Desktop\Google Chrome.lnk
2018-07-19 17:30 - 2018-07-19 17:30 - 000000020 ___SH C:\Users\hduser\ntuser.ini
2018-07-19 17:30 - 2018-07-19 17:30 - 000000000 __SHD C:\Users\hduser\IntelGraphicsProfiles
2018-07-19 17:30 - 2018-07-19 17:30 - 000000000 ____D C:\Users\hduser\Documents\My Received Files
2018-07-19 17:30 - 2018-07-19 17:30 - 000000000 ____D C:\Users\hduser\AppData\Roaming\Logitech
2018-07-19 17:30 - 2018-07-19 17:30 - 000000000 ____D C:\Users\hduser\AppData\Roaming\Juniper Networks
2018-07-19 17:30 - 2018-07-19 17:30 - 000000000 ____D C:\Users\hduser\AppData\Roaming\Intel
2018-07-19 17:30 - 2018-07-19 17:30 - 000000000 ____D C:\Users\hduser\AppData\Roaming\ICAClient
2018-07-19 17:30 - 2018-07-19 17:30 - 000000000 ____D C:\Users\hduser\AppData\Roaming\Adobe
2018-07-19 17:30 - 2018-07-19 17:30 - 000000000 ____D C:\Users\hduser\AppData\Local\VirtualStore
2018-07-19 17:30 - 2018-07-19 17:30 - 000000000 ____D C:\Users\hduser\AppData\Local\Nortel
2018-07-19 17:30 - 2018-07-19 17:30 - 000000000 ____D C:\Users\hduser\AppData\Local\Greenshot
2018-07-19 17:30 - 2018-07-19 17:30 - 000000000 ____D C:\Users\hduser\AppData\Local\Google
2018-07-19 17:30 - 2018-07-19 17:30 - 000000000 ____D C:\Users\hduser\AppData\Local\Citrix
2018-07-19 17:30 - 2018-07-19 17:30 - 000000000 ____D C:\Users\hduser\AppData\Local\Adobe
2018-07-19 17:30 - 2018-07-19 17:30 - 000000000 ____D C:\Users\hduser\.cisco
2018-07-19 17:30 - 2018-07-19 17:30 - 000000000 ____D C:\users\hduser
2018-07-19 17:30 - 2017-04-26 07:56 - 000000000 ____D C:\Users\hduser\AppData\Roaming\Apple Computer
2018-07-19 17:30 - 2017-04-26 07:55 - 000000000 ____D C:\Users\hduser\AppData\Local\Apple Computer
2018-07-19 17:30 - 2017-04-26 07:51 - 000000000 ____D C:\Users\hduser\AppData\Roaming\Sun
2018-07-19 17:30 - 2017-04-26 07:51 - 000000000 ____D C:\Users\hduser\AppData\Local\Apple
2018-07-19 17:30 - 2016-11-15 00:22 - 000000000 ___HD C:\Users\hduser\Documents\afterSentDocuments
2018-07-19 17:30 - 2016-11-15 00:22 - 000000000 ___HD C:\Users\hduser\AppData\Local\afterSentDocuments
2018-07-19 17:30 - 2016-05-13 15:12 - 000000000 ____D C:\Users\hduser\AppData\Local\Microsoft Help
2018-07-19 17:30 - 2011-04-11 23:45 - 000000000 ____D C:\Users\hduser\AppData\Roaming\Media Center Programs
2018-07-19 17:13 - 2018-07-19 17:13 - 000431792 _____ C:\Windows\System32\FNTCACHE.DAT
2018-07-12 08:44 - 2018-07-12 08:44 - 000000000 ____D C:\Program Files (x86)\Visualware BCS
2018-07-11 15:38 - 2018-07-11 15:39 - 000000000 ____D C:\Users\wmerry\Desktop\Temp
2018-07-10 14:49 - 2018-07-10 14:49 - 000002185 _____ C:\Users\Public\Desktop\Google Earth Pro.lnk
2018-07-10 14:48 - 2018-07-10 14:48 - 000000000 ____D C:\Program Files\Google
2018-07-10 07:46 - 2018-07-10 07:46 - 000000037 _____ C:\Windows\SysWOW64\SmartFlow.txt
2018-07-10 07:22 - 2018-07-10 07:22 - 000000000 ____D C:\Windows\System32\o2fj2
2018-07-10 07:22 - 2014-06-18 14:34 - 000095744 _____ (BayHubTech/O2Micro ) C:\Windows\System32\SDIOAssist.exe
2018-07-10 07:20 - 2018-07-10 07:20 - 000000000 ____D C:\Windows\SysWOW64\SDA
2018-07-10 07:20 - 2018-07-10 07:20 - 000000000 ____D C:\Program Files (x86)\O2Micro
2018-07-10 07:19 - 2018-07-10 07:19 - 000003646 _____ C:\Windows\System32\Tasks\Intel PTT EK Recertification
2018-07-10 07:19 - 2015-10-30 02:32 - 002365328 _____ (Microsoft Corporation) C:\Windows\System32\WudfUpdate_01011.dll
2018-07-10 07:19 - 2015-10-30 02:32 - 001804688 _____ (Microsoft Corporation) C:\Windows\System32\WdfCoInstaller01011.dll
2018-07-10 07:19 - 2015-10-30 02:32 - 001804688 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\WdfCoInstaller01011.dll
2018-07-10 07:19 - 2015-10-30 02:32 - 001392792 _____ (Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
2018-07-10 07:19 - 2015-10-30 02:32 - 000971944 _____ (Microsoft Corporation) C:\Windows\System32\msvcr120.dll
2018-07-10 07:19 - 2015-10-30 02:32 - 000668840 _____ (Microsoft Corporation) C:\Windows\System32\msvcp120.dll
2018-07-10 07:19 - 2015-10-30 02:32 - 000260072 _____ (Intel Corporation) C:\Windows\System32\Drivers\esif_lf.sys
2018-07-10 07:19 - 2015-10-30 02:31 - 000055784 _____ (Intel Corporation) C:\Windows\System32\Drivers\dptf_acpi.sys
2018-07-10 07:19 - 2015-10-30 02:31 - 000052200 _____ (Intel Corporation) C:\Windows\System32\Drivers\dptf_cpu.sys
2018-07-10 07:17 - 2018-07-10 07:29 - 000000000 ____D C:\ProgramData\PCDr
2018-07-10 07:17 - 2018-07-10 07:17 - 000002169 _____ C:\Users\Public\Desktop\SupportAssist.lnk
2018-07-10 07:16 - 2018-07-10 07:17 - 000000000 ____D C:\Users\wmerry\Downloads\Dell
2018-07-10 07:16 - 2018-07-10 07:16 - 000003814 _____ C:\Windows\System32\Tasks\Dell SupportAssistAgent AutoUpdate
2018-07-10 07:16 - 2018-07-10 07:16 - 000000000 ____D C:\ProgramData\SupportAssist
2018-07-10 07:16 - 2018-07-10 07:16 - 000000000 ____D C:\ProgramData\Dell Inc
2018-07-09 11:59 - 2018-07-09 11:59 - 000002061 _____ C:\Users\wmerry\Desktop\MasterDocumentation.exe - Shortcut.lnk
2018-07-09 11:57 - 2018-07-09 11:57 - 000001600 _____ C:\Users\wmerry\Desktop\West Master Documents - Shortcut.lnk
2018-07-09 11:16 - 2018-07-11 08:00 - 000007603 ____H C:\Users\wmerry\AppData\Local\Resmon.ResmonCfg
2018-06-26 09:08 - 2018-06-26 09:08 - 000000000 ____D C:\Users\wmerry\AppData\Roaming\Meeting Center
2018-06-26 09:08 - 2018-06-26 09:08 - 000000000 ____D C:\Users\wmerry\AppData\Local\UMClient
2018-06-26 09:05 - 2018-06-26 09:09 - 000000000 ____D C:\Users\wmerry\AppData\Roaming\UMClient
2018-06-25 16:49 - 2018-06-25 16:49 - 000136704 _____ C:\Users\wmerry\Desktop\AK-SALI-FAIRBANKS BOROUGH is In-service.msg
2018-06-22 14:19 - 2018-06-22 14:19 - 000339551 _____ C:\Users\wmerry\Downloads\3500202-en.pdf
2018-06-21 14:21 - 2018-06-21 14:26 - 003157003 _____ C:\Users\wmerry\Desktop\MOA 2016 V.1.pdf
2018-06-21 14:20 - 2018-06-21 14:20 - 001135490 _____ C:\Users\wmerry\Desktop\MOA_NG911_1_23_2018.pdf
2018-06-20 11:34 - 2018-06-20 11:36 - 000000000 ____D C:\Users\wmerry\Downloads\ljM607_608_609_fs4_fw_2406048_029638
2018-06-20 10:25 - 2018-06-20 10:27 - 101199678 _____ C:\Users\wmerry\Downloads\ljM607_608_609_fs4_fw_2406048_029638.zip


==================== One Month Modified files and folders ========


(If an entry is included in the fixlist, the file/folder will be moved.)


2018-07-19 17:36 - 2018-03-19 07:24 - 000000000 ____D C:\ProgramData\Sentinel
2018-07-19 17:36 - 2009-07-13 20:45 - 000019328 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-07-19 17:36 - 2009-07-13 20:45 - 000019328 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-07-19 17:35 - 2017-10-10 14:27 - 000000000 ____D C:\Program Files (x86)\Dell Backup and Recovery
2018-07-19 17:35 - 2016-05-16 17:31 - 000018960 _____ (Logitech, Inc.) C:\Windows\System32\Drivers\LNonPnP.sys
2018-07-19 17:35 - 2016-04-12 12:06 - 000000000 ____D C:\Program Files (x86)\Intel
2018-07-19 17:35 - 2009-07-13 19:20 - 000000000 ____D C:\Windows\inf
2018-07-19 17:31 - 2009-07-13 21:13 - 000863384 _____ C:\Windows\System32\PerfStringBackup.INI
2018-07-19 17:15 - 2015-11-12 09:39 - 000000601 _____ C:\Windows\SMSCFG.INI
2018-07-19 17:13 - 2009-07-13 21:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-07-13 07:56 - 2017-11-22 12:13 - 000001627 _____ C:\Users\wmerry\Desktop\ACS Sparks Prod.lnk
2018-07-13 07:56 - 2016-04-12 12:07 - 000000568 _____ C:\Windows\System32\config\netlogon.ftl
2018-07-13 07:52 - 2017-01-18 13:02 - 000000540 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-335968984-468744214-619646970-2938.job
2018-07-13 07:40 - 2017-01-18 13:02 - 000000636 _____ C:\Windows\Tasks\G2MUploadTask-S-1-5-21-335968984-468744214-619646970-2938.job
2018-07-12 16:57 - 2016-08-05 09:33 - 000000000 ____D C:\Users\wmerry\Documents\Outlook Files
2018-07-12 11:43 - 2016-05-17 09:17 - 000000000 ___HD C:\Users\wmerry\AppData\Local\Deployment
2018-07-12 10:32 - 2016-05-13 16:54 - 000000000 ____D C:\Users\wmerry\Documents\scratch
2018-07-12 07:35 - 2016-04-12 12:14 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-07-11 14:57 - 2016-05-13 17:10 - 000000000 ____D C:\Users\wmerry\AppData\Roaming\VMware
2018-07-11 14:42 - 2009-07-13 19:20 - 000000000 __RHD C:\Users\Public\Libraries
2018-07-11 14:41 - 2016-07-29 11:00 - 000000000 ___HD C:\Users\wmerry\AppData\Local\Bluestacks
2018-07-10 13:52 - 2017-07-08 10:12 - 000000000 ____D C:\Users\wmerry\AppData\Local\GoToMeeting
2018-07-10 07:37 - 2015-11-12 09:32 - 000000000 ____D C:\Windows\Panther
2018-07-10 07:34 - 2016-07-11 11:27 - 000000000 ___HD C:\Users\wmerry\AppData\Local\CrashDumps
2018-07-10 07:28 - 2016-05-13 16:35 - 000000000 __SHD C:\Users\wmerry\IntelGraphicsProfiles
2018-07-10 07:28 - 2016-05-13 14:27 - 000114304 ____H C:\Users\wmerry\AppData\Local\GDIPFONTCACHEV1.DAT
2018-07-10 07:27 - 2016-04-12 13:18 - 000011909 __RSH C:\ProgramData\ntuser.pol
2018-07-10 07:23 - 2016-04-12 12:06 - 000000000 ____D C:\Program Files\Intel
2018-07-10 07:22 - 2016-07-19 01:42 - 000000000 ____D C:\ProgramData\Package Cache
2018-07-10 07:20 - 2017-02-01 22:15 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2018-07-10 07:19 - 2017-10-10 14:25 - 000000000 ____D C:\ProgramData\Intel
2018-07-10 07:17 - 2016-06-02 08:43 - 000000000 ____D C:\Program Files\Dell
2018-07-10 07:08 - 2016-05-13 14:26 - 000001422 __RSH C:\Users\wmerry\ntuser.pol
2018-07-10 07:08 - 2016-05-13 14:26 - 000000000 ___HD C:\users\wmerry
2018-07-09 16:32 - 2016-06-02 11:30 - 000000000 ____D C:\Users\wmerry\AppData\Local\SAP
2018-07-09 16:32 - 2016-06-02 11:26 - 000000000 ____D C:\Users\wmerry\AppData\Roaming\SAP
2018-07-06 14:24 - 2016-05-13 12:34 - 000000000 ____D C:\Desktop Authority
2018-07-05 11:17 - 2016-05-13 16:54 - 000000000 ____D C:\Users\wmerry\Documents\Switching
2018-07-05 10:07 - 2016-08-15 09:53 - 000000000 ___RD C:\Users\wmerry\OneDrive - Alaska Communications
2018-07-05 08:12 - 2016-05-16 07:16 - 000000000 ____D C:\Users\wmerry\AppData\Local\ElevatedDiagnostics
2018-07-05 07:19 - 2018-03-19 07:24 - 000000000 ____D C:\Program Files\SentinelOne
2018-06-28 07:35 - 2016-09-14 11:34 - 000000000 ____D C:\Users\wmerry\AppData\Local\IE Tab
2018-06-26 09:05 - 2009-07-13 21:32 - 000000000 ____D C:\Windows\Downloaded Program Files
2018-06-26 07:10 - 2016-05-16 18:14 - 000000000 ____D C:\Program Files (x86)\Notepad++
2018-06-26 07:09 - 2018-02-27 23:30 - 000000000 ____D C:\Users\wmerry\Downloads\Scratch
2018-06-25 10:13 - 2016-05-13 16:54 - 000000000 ____D C:\Users\wmerry\Documents\Putty_Logs
2018-06-21 15:34 - 2018-02-15 16:57 - 014349824 _____ C:\Users\wmerry\Desktop\MOA 2016 V.1.vsd
2018-06-21 07:24 - 2017-08-09 11:23 - 000000000 ____D C:\Users\wmerry\Desktop\MOA 2016 V.1


Some files in TEMP:
====================
2017-06-22 12:02 - 2017-09-28 04:12 - 000861856 _____ (Actual Tools) C:\Users\wmerry\AppData\Local\Temp\aimemb.dll
2017-06-22 12:01 - 2017-09-28 04:12 - 002459808 _____ (Actual Tools) C:\Users\wmerry\AppData\Local\Temp\aimemb64.dll
2017-04-17 07:22 - 2017-04-17 07:22 - 103174736 _____ (jitsi.org) C:\Users\wmerry\AppData\Local\Temp\alaska-voice-2.23.01.82-x86.exe
2017-09-11 11:43 - 2017-09-11 11:44 - 103275088 _____ (jitsi.org) C:\Users\wmerry\AppData\Local\Temp\alaska-voice-2.24.02.42-x86.exe
2016-06-17 08:05 - 2016-05-13 19:31 - 000669136 _____ (Actual Tools) C:\Users\wmerry\AppData\Local\Temp\ammemb.dll
2016-06-17 08:05 - 2016-05-13 19:31 - 001966032 _____ (Actual Tools) C:\Users\wmerry\AppData\Local\Temp\ammemb64.dll
2018-07-11 14:41 - 2016-07-27 04:58 - 000962072 _____ (BlueStack Systems, Inc.) C:\Users\wmerry\AppData\Local\Temp\BluestacksUninstaller.exe
2017-09-26 17:08 - 2017-09-26 17:08 - 002612600 _____ (Microsoft Corporation) C:\Users\wmerry\AppData\Local\Temp\DefaultPack.EXE
2016-06-01 15:05 - 2016-06-01 15:05 - 000394240 _____ (Dell Inc.) C:\Users\wmerry\AppData\Local\Temp\EmsCleanup(0).exe
2016-05-13 16:58 - 2016-06-01 15:12 - 000394240 _____ (Dell Inc.) C:\Users\wmerry\AppData\Local\Temp\EmsCleanup.exe
2018-07-11 14:41 - 2016-07-27 04:58 - 000187416 _____ (BlueStack Systems) C:\Users\wmerry\AppData\Local\Temp\HD-LibraryHandler.dll
2018-07-11 14:41 - 2016-07-27 04:55 - 000246808 _____ (BlueStack Systems) C:\Users\wmerry\AppData\Local\Temp\HD-Logger-Native.dll
2017-02-03 08:31 - 2017-02-03 08:31 - 000035680 _____ () C:\Users\wmerry\AppData\Local\Temp\i4jdel0.exe
2016-11-15 08:37 - 2016-11-15 08:37 - 000037888 _____ () C:\Users\wmerry\AppData\Local\Temp\javasysmo1535365330149249242.dll
2016-05-17 17:19 - 2016-05-17 17:19 - 000037888 _____ () C:\Users\wmerry\AppData\Local\Temp\javasysmo1604393578114536112.dll
2017-02-01 15:37 - 2017-02-01 15:37 - 000037888 _____ () C:\Users\wmerry\AppData\Local\Temp\javasysmo210278602342837436.dll
2017-04-17 07:28 - 2017-04-17 07:28 - 000037888 _____ () C:\Users\wmerry\AppData\Local\Temp\javasysmo3931813672747369696.dll
2017-04-17 07:22 - 2017-04-17 07:22 - 000037888 _____ () C:\Users\wmerry\AppData\Local\Temp\javasysmo421167831397955023.dll
2017-09-11 11:46 - 2017-09-11 11:46 - 000037888 _____ () C:\Users\wmerry\AppData\Local\Temp\javasysmo5436373684806915026.dll
2016-11-17 05:08 - 2016-11-17 05:08 - 000037888 _____ () C:\Users\wmerry\AppData\Local\Temp\javasysmo6748206847801337551.dll
2016-09-29 08:08 - 2016-09-29 08:08 - 000037888 _____ () C:\Users\wmerry\AppData\Local\Temp\javasysmo7055581313639117948.dll
2017-09-11 11:43 - 2017-09-11 11:43 - 000037888 _____ () C:\Users\wmerry\AppData\Local\Temp\javasysmo7867081409201725386.dll
2016-05-18 06:16 - 2016-05-18 06:16 - 000037888 _____ () C:\Users\wmerry\AppData\Local\Temp\javasysmo8933533497508737143.dll
2016-05-13 17:20 - 2015-07-02 12:36 - 000098760 _____ () C:\Users\wmerry\AppData\Local\Temp\LMkRstPt.exe
2016-06-01 14:04 - 2016-06-01 14:05 - 004211112 _____ () C:\Users\wmerry\AppData\Local\Temp\npp.6.9.2.Installer.exe
2016-12-20 13:17 - 2016-12-20 13:18 - 002858376 _____ () C:\Users\wmerry\AppData\Local\Temp\npp.7.2.2.Installer.exe
2017-03-06 17:34 - 2017-03-06 17:34 - 002903480 _____ () C:\Users\wmerry\AppData\Local\Temp\npp.7.3.2.Installer.exe
2017-04-07 07:44 - 2017-04-07 07:45 - 002982992 _____ () C:\Users\wmerry\AppData\Local\Temp\npp.7.3.3.Installer.exe
2018-03-30 09:38 - 2018-03-30 09:38 - 004299968 _____ (Don HO don.h@free.fr) C:\Users\wmerry\AppData\Local\Temp\npp.7.5.6.Installer.exe
2017-02-08 17:20 - 2017-02-08 17:20 - 000040448 _____ () C:\Users\wmerry\AppData\Local\Temp\proxy_vole512591731342519799.dll
2001-12-19 11:45 - 2001-12-19 11:45 - 000023552 _____ () C:\Users\wmerry\AppData\Local\Temp\VCdControlTool.exe
2016-05-13 17:01 - 2016-05-13 17:01 - 225473920 _____ (Igor Pavlov) C:\Users\wmerry\AppData\Local\Temp\VMware-viclient.exe
2015-08-02 15:58 - 2015-08-02 15:58 - 000118784 _____ () C:\Users\wmerry\AppData\Local\Temp\xmlUpdater.exe


==================== Known DLLs (Whitelisted) =========================




==================== Bamital & volsnap ======================


(There is no automatic fix for files that do not pass verification.)


C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\dnsapi.dll => MD5 is legit
C:\Windows\SysWOW64\dnsapi.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


==================== Association (Whitelisted) =============




==================== Restore Points  =========================


Restore point date: 2018-07-19 17:13


==================== Memory info =========================== 


Percentage of memory in use: 10%
Total physical RAM: 8088.05 MB
Available physical RAM: 7217.36 MB
Total Virtual: 8086.25 MB
Available Virtual: 7215.33 MB


==================== Drives ================================


Drive c: (Windows) (Fixed) (Total:238.13 GB) (Free:66.46 GB) NTFS
Drive e: (UUI) (Removable) (Total:1.85 GB) (Free:1.85 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (System Reserved) (Fixed) (Total:0.34 GB) (Free:0.26 GB) NTFS ==>[system with boot components (obtained from drive)]




==================== MBR & Partition Table ==================


========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 238.5 GB) (Disk ID: 0935FC5C)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=238.1 GB) - (Type=07 NTFS)


========================================================
Disk: 1 (Size: 1.9 GB) (Disk ID: 25EFC979)
Partition 1: (Active) - (Size=1.9 GB) - (Type=0C)


LastRegBack: 2018-07-07 00:03


==================== End of FRST.txt ============================

I get the feeling it has something to do with this:

S3 VGPU; System32\drivers\rdvgkmd.sys [X]

But I'm not too sure what to do about it. I'd try and remove it using a fixlist.txt but I have no experience with this, I'm not sure what the syntax is, and I'm exhausted after working about 13 hours with most of them spent on this. Someone, please help.


Edited by pleasehelpimlost, 19 July 2018 - 11:33 PM.


BC AdBot (Login to Remove)

 


#2 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,750 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:04:24 AM

Posted 20 July 2018 - 05:21 PM

I am sorry, but we do not work on businesses computers. I am sure Alaska Communications Systems, Inc. has an IT management depatment.

 

HKLM\...\Winlogon: [LegalNoticeCaption] Alaska Communications Systems, Inc. Legal Notice

HKLM\...\Winlogon: [LegalNoticeText] Access to this computer and any data stored and maintained therein is secured and restricted to authorized employees in the conduct of the business of any of the Alaska Communications Systems companies. Further use of this terminal is interpreted as acknowledgment that any unauthorized access may result in company action up to and including termination and/or criminal prosecution.

 


No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#3 pleasehelpimlost

pleasehelpimlost
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:12:24 AM

Posted 20 July 2018 - 05:52 PM

I am a new systems administrator at Alaska Communications, recently promoted from the helpdesk, and I will be the only one working on it. I just need to get Windows to stop trying to load whatever driver it's getting stuck on, that's it. Please, I just need some help. Just links to relevant resources even. Everything I've found so far has not worked. I'm desperate here, I'll take whatever I can get. 



#4 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,750 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:04:24 AM

Posted 20 July 2018 - 05:54 PM

Can you reach the Advanced Menu tapping at F8 during startup?


No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#5 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,750 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:04:24 AM

Posted 20 July 2018 - 06:05 PM

Download the enclosed file. Attached File  Fixlist.txt   835bytes   6 downloadsSave it in the same location FRST is saved. Open FRST as you did before. This time around, click on the Fix button. A log will be produced in the same location FRST is saved, Fixlog.txt. Please paste this report on your next reply


No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#6 pleasehelpimlost

pleasehelpimlost
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:12:24 AM

Posted 20 July 2018 - 06:23 PM

Thank you so much, I can't tell you how much I appreciate your help. Yes, I can get into advanced startup options with F8, system recovery options, and to a command prompt with no issues. I just ran your fixlist.txt, and here is the fixlog.txt:

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 15.07.2018
Ran by SYSTEM (20-07-2018 15:19:54) Run:4
Running from e:\
Boot Mode: Recovery
==============================================


fixlist content:
*****************
S3 BstHdAndroidSvc; "C:\Program Files (x86)\Bluestacks\HD-Service.exe" BstHdAndroidSvc Android [X] 
S3 BstHdLogRotatorSvc; C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe [X] 
S3 BstHdPlusAndroidSvc; "C:\Program Files (x86)\Bluestacks\HD-Plus-Service.exe" BstHdPlusAndroidSvc Android [X] 
S3 cphs; %SystemRoot%\SysWow64\IntelCpHeciSvc.exe [X] 
S3 BstHdDrv; \??\C:\Program Files (x86)\Bluestacks\HD-Hypervisor-amd64.sys [X] 
S3 BstkDrv; \??\C:\Program Files (x86)\Bluestacks\BstkDrv.sys [X] 
S3 VGPU; System32\drivers\rdvgkmd.sys [X] 
cmd: del /q C:\Users\wmerry\AppData\Local\Temp\*.*
cmd: del /q C:\Users\clyday\AppData\Local\Temp\*.*
cmd: del /q C:\Users\mtye\AppData\Local\Temp\*.*
cmd: del /q C:\Users\spagsoli\AppData\Local\Temp\*.*
cmd: del /q C:\Users\wbailey\AppData\Local\Temp\*.*
CMD: BCDEDIT /ENUM ALL
*****************


"HKLM\System\ControlSet001\Services\BstHdAndroidSvc" => removed successfully
BstHdAndroidSvc => service removed successfully
"HKLM\System\ControlSet001\Services\BstHdLogRotatorSvc" => removed successfully
BstHdLogRotatorSvc => service removed successfully
"HKLM\System\ControlSet001\Services\BstHdPlusAndroidSvc" => removed successfully
BstHdPlusAndroidSvc => service removed successfully
"HKLM\System\ControlSet001\Services\cphs" => removed successfully
cphs => service removed successfully
"HKLM\System\ControlSet001\Services\BstHdDrv" => removed successfully
BstHdDrv => service removed successfully
"HKLM\System\ControlSet001\Services\BstkDrv" => removed successfully
BstkDrv => service removed successfully
"HKLM\System\ControlSet001\Services\VGPU" => removed successfully
VGPU => service removed successfully


========= del /q C:\Users\wmerry\AppData\Local\Temp\*.* =========


C:\Users\wmerry\AppData\Local\Temp\VS055AC.vsd
Access is denied.
C:\Users\wmerry\AppData\Local\Temp\VS0B1CB.vsdx
Access is denied.


========= End of CMD: =========




========= del /q C:\Users\clyday\AppData\Local\Temp\*.* =========




========= End of CMD: =========




========= del /q C:\Users\mtye\AppData\Local\Temp\*.* =========




========= End of CMD: =========




========= del /q C:\Users\spagsoli\AppData\Local\Temp\*.* =========




========= End of CMD: =========




========= del /q C:\Users\wbailey\AppData\Local\Temp\*.* =========




========= End of CMD: =========




========= BCDEDIT /ENUM ALL =========




Windows Boot Manager
--------------------
identifier              {bootmgr}
device                  partition=Y:
path                    \bootmgr
description             Windows Boot Manager
locale                  en-US
inherit                 {globalsettings}
default                 {default}
resumeobject            {db6dbdd4-00e6-11e6-82da-f8cab82e8349}
displayorder            {default}
toolsdisplayorder       {memdiag}
timeout                 30


Windows Boot Loader
-------------------
identifier              {default}
device                  partition=C:
path                    \WINDOWS\system32\winload.exe
description             Windows 7
locale                  en-US
inherit                 {bootloadersettings}
recoverysequence        {current}
recoveryenabled         Yes
osdevice                partition=C:
systemroot              \WINDOWS
resumeobject            {db6dbdd4-00e6-11e6-82da-f8cab82e8349}
nx                      OptIn


Windows Boot Loader
-------------------
identifier              {current}
device                  ramdisk=[C:]\Recovery\db6dbdd6-00e6-11e6-82da-f8cab82e8349\Winre.wim,{db6dbdd7-00e6-11e6-82da-f8cab82e8349}
path                    \windows\system32\winload.exe
description             Windows Recovery Environment
inherit                 {bootloadersettings}
osdevice                ramdisk=[C:]\Recovery\db6dbdd6-00e6-11e6-82da-f8cab82e8349\Winre.wim,{db6dbdd7-00e6-11e6-82da-f8cab82e8349}
systemroot              \windows
nx                      OptIn
winpe                   Yes


Resume from Hibernate
---------------------
identifier              {db6dbdd4-00e6-11e6-82da-f8cab82e8349}
device                  partition=C:
path                    \WINDOWS\system32\winresume.exe
description             Windows Resume Application
locale                  en-US
inherit                 {resumeloadersettings}
filedevice              partition=C:
filepath                \hiberfil.sys
debugoptionenabled      No


Windows Memory Tester
---------------------
identifier              {memdiag}
device                  partition=Y:
path                    \boot\memtest.exe
description             Windows Memory Diagnostic
locale                  en-US
inherit                 {globalsettings}
badmemoryaccess         Yes


EMS Settings
------------
identifier              {emssettings}
bootems                 Yes


Debugger Settings
-----------------
identifier              {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200


RAM Defects
-----------
identifier              {badmemory}


Global Settings
---------------
identifier              {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}


Boot Loader Settings
--------------------
identifier              {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}


Hypervisor Settings
-------------------
identifier              {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200


Resume Loader Settings
----------------------
identifier              {resumeloadersettings}
inherit                 {globalsettings}


Device options
--------------
identifier              {db6dbdd7-00e6-11e6-82da-f8cab82e8349}
description             Ramdisk Options
ramdisksdidevice        partition=C:
ramdisksdipath          \Recovery\db6dbdd6-00e6-11e6-82da-f8cab82e8349\boot.sdi


========= End of CMD: =========




==== End of Fixlog 15:19:56 ====


#7 pleasehelpimlost

pleasehelpimlost
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:12:24 AM

Posted 20 July 2018 - 06:51 PM

So I tried booting into safe mode, and low-resolution video mode with no luck. Startup repair still fails and returns that "BadDriver" error. SFC /scannow wont run normally due to a pending reboot. I've tried to clear them by running DISM like so:

DISM /image:D:\ /cleanup-image /revertpendingactions

But of course it requires a reboot to apply, and I can't boot, so it effectively does nothing. 

 

However, SFC will still run like this:

sfc /SCANNOW /OFFBOOTDIR=c:\ /OFFWINDIR=d:\Windows

Though it doesn't find any issues anyway, it returns:

Windows Resource Protection did not find any integrity Violations.

Also worth noting is that there is no reboot.xml, pending.xml or cleanup.xml present in Windows\winsxs. Which (I think) means that the pending reboot much be in the registry, but for some reason the option to load a hive is greyed out if I launch regedit from a command prompt. It doesn't seem to matter whether its ran from WinPE, a bootable Windows 7 Enterprise x64 USB, or from the built-in System Recovery Options, either. I'm not sure the pending reboot matters though.



#8 pleasehelpimlost

pleasehelpimlost
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:12:24 AM

Posted 20 July 2018 - 07:23 PM

Also I don't know if it helps, but here is the startup repair summary:

Problem signature:
  Problem Event Name: StartupRepairOffline
  Problem Signature 01: 6.1.7600.16385
  Problem Signature 02: 6.1.7600.16385
  Problem Signature 03: unknown
  Problem Signature 04: 21198720
  Problem Signature 05: ManualRepair
  Problem Signature 06: 11
  Problem Signature 07: BadDriver
  OS Version: 6.1.7601.2.1.0.256.1
  Locale ID: 1033

And the detailed log:

Startup Repair diagnosis and repair log
---------------------------
Last successful boot time: ‎7/‎20/‎2018 1:13:07 AM (GMT)
Number of repair attempts: 11


Session details
---------------------------
System Disk = \Device\Harddisk0
Windows directory = D:\WINDOWS
AutoChk Run = 0
Number of root causes = 1


Test Performed: 
---------------------------
Name: Check for updates
Result: Completed successfully. Error code =  0x0
Time taken = 0 ms


Test Performed: 
---------------------------
Name: System disk test
Result: Completed successfully. Error code =  0x0
Time taken = 31 ms


Test Performed: 
---------------------------
Name: Disk failure diagnosis
Result: Completed successfully. Error code =  0x0
Time taken = 327 ms


Test Performed: 
---------------------------
Name: Disk metadata test
Result: Completed successfully. Error code =  0x0
Time taken = 0 ms


Test Performed: 
---------------------------
Name: Target OS test
Result: Completed successfully. Error code =  0x0
Time taken = 16 ms


Test Performed: 
---------------------------
Name: Volume content check
Result: Completed successfully. Error code =  0x0
Time taken = 16 ms


Test Performed: 
---------------------------
Name: Boot manager diagnosis
Result: Completed successfully. Error code =  0x0
Time taken = 0 ms


Test Performed: 
---------------------------
Name: System boot log diagnosis
Result: Completed successfully. Error code =  0x0
Time taken = 15 ms


Test Performed: 
---------------------------
Name: Event log diagnosis
Result: Completed successfully. Error code =  0x0
Time taken = 16 ms


Test Performed: 
---------------------------
Name: Internal state check
Result: Completed successfully. Error code =  0x0
Time taken = 0 ms


Test Performed: 
---------------------------
Name: Boot status test
Result: Completed successfully. Error code =  0x0
Time taken = 0 ms


Root cause found: 
---------------------------
Boot status indicates that the OS booted successfully.


---------------------------
---------------------------
Session details
---------------------------
System Disk = \Device\Harddisk0
Windows directory = D:\WINDOWS
AutoChk Run = 0
Number of root causes = 1


Test Performed: 
---------------------------
Name: Check for updates
Result: Completed successfully. Error code =  0x0
Time taken = 0 ms


Test Performed: 
---------------------------
Name: System disk test
Result: Completed successfully. Error code =  0x0
Time taken = 0 ms


Test Performed: 
---------------------------
Name: Disk failure diagnosis
Result: Completed successfully. Error code =  0x0
Time taken = 328 ms


Test Performed: 
---------------------------
Name: Disk metadata test
Result: Completed successfully. Error code =  0x0
Time taken = 0 ms


Test Performed: 
---------------------------
Name: Target OS test
Result: Completed successfully. Error code =  0x0
Time taken = 15 ms


Test Performed: 
---------------------------
Name: Volume content check
Result: Completed successfully. Error code =  0x0
Time taken = 16 ms


Test Performed: 
---------------------------
Name: Boot manager diagnosis
Result: Completed successfully. Error code =  0x0
Time taken = 0 ms


Test Performed: 
---------------------------
Name: System boot log diagnosis
Result: Completed successfully. Error code =  0x0
Time taken = 0 ms


Test Performed: 
---------------------------
Name: Event log diagnosis
Result: Completed successfully. Error code =  0x0
Time taken = 31 ms


Test Performed: 
---------------------------
Name: Internal state check
Result: Completed successfully. Error code =  0x0
Time taken = 0 ms


Test Performed: 
---------------------------
Name: Boot status test
Result: Completed successfully. Error code =  0x0
Time taken = 0 ms


Test Performed: 
---------------------------
Name: Setup state check
Result: Completed successfully. Error code =  0x0
Time taken = 156 ms


Test Performed: 
---------------------------
Name: Registry hives test
Result: Completed successfully. Error code =  0x0
Time taken = 1357 ms


Test Performed: 
---------------------------
Name: Windows boot log diagnosis
Result: Completed successfully. Error code =  0x0
Time taken = 0 ms


Test Performed: 
---------------------------
Name: Bugcheck analysis
Result: Completed successfully. Error code =  0x0
Time taken = 312 ms


Test Performed: 
---------------------------
Name: Access control test
Result: Completed successfully. Error code =  0x0
Time taken = 5148 ms


Test Performed: 
---------------------------
Name: File system test (chkdsk)
Result: Completed successfully. Error code =  0x0
Time taken = 21450 ms


Test Performed: 
---------------------------
Name: Software installation log diagnosis
Result: Completed successfully. Error code =  0x0
Time taken = 0 ms


Root cause found: 
---------------------------
A recent driver installation or upgrade may be preventing the system from starting.


Repair action: System files integrity check and repair
Result: Failed. Error code =  0x490
Time taken = 184877 ms


---------------------------
---------------------------
Session details
---------------------------
System Disk = \Device\Harddisk0
Windows directory = D:\WINDOWS
AutoChk Run = 0
Number of root causes = 0


Test Performed: 
---------------------------
Name: Check for updates
Result: Completed successfully. Error code =  0x0
Time taken = 0 ms


Test Performed: 
---------------------------
Name: System disk test
Result: Completed successfully. Error code =  0x0
Time taken = 0 ms


Test Performed: 
---------------------------
Name: Disk failure diagnosis
Result: Completed successfully. Error code =  0x0
Time taken = 327 ms


Test Performed: 
---------------------------
Name: Disk metadata test
Result: Completed successfully. Error code =  0x0
Time taken = 0 ms


Test Performed: 
---------------------------
Name: Target OS test
Result: Completed successfully. Error code =  0x0
Time taken = 16 ms


Test Performed: 
---------------------------
Name: Volume content check
Result: Completed successfully. Error code =  0x0
Time taken = 31 ms


Test Performed: 
---------------------------
Name: Boot manager diagnosis
Result: Completed successfully. Error code =  0x0
Time taken = 0 ms


Test Performed: 
---------------------------
Name: System boot log diagnosis
Result: Completed successfully. Error code =  0x0
Time taken = 0 ms


Test Performed: 
---------------------------
Name: Event log diagnosis
Result: Completed successfully. Error code =  0x0
Time taken = 16 ms


Test Performed: 
---------------------------
Name: Internal state check
Result: Completed successfully. Error code =  0x0
Time taken = 0 ms


Test Performed: 
---------------------------
Name: Boot status test
Result: Completed successfully. Error code =  0x0
Time taken = 0 ms


Test Performed: 
---------------------------
Name: Setup state check
Result: Completed successfully. Error code =  0x0
Time taken = 156 ms


Test Performed: 
---------------------------
Name: Registry hives test
Result: Completed successfully. Error code =  0x0
Time taken = 1341 ms


---------------------------
---------------------------

The only interesting bit appears to be this:

 

Root cause found: 
---------------------------
A recent driver installation or upgrade may be preventing the system from starting.


Repair action: System files integrity check and repair
Result: Failed. Error code =  0x490
Time taken = 184877 ms

Edited by pleasehelpimlost, 20 July 2018 - 07:27 PM.


#9 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,750 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:04:24 AM

Posted 20 July 2018 - 07:28 PM

Try this command:

bcdedit /set {default} bootstatuspolicy ignoreallfailures

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#10 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,750 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:04:24 AM

Posted 20 July 2018 - 08:10 PM

Any improvement?

Download the enclosed file. Attached File  Fixlist.txt   208bytes   7 downloads Save it in the same location FRST is saved. Open FRST as you did before. This time around, click on the Fix button. A log will be produced in the same location FRST is saved, Fixlog.txt. Please paste this report on your next reply

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#11 pleasehelpimlost

pleasehelpimlost
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:12:24 AM

Posted 21 July 2018 - 10:05 AM

Sorry for the delay, I'm off now and had some obligations outside of work yesterday I had to leave on time for. I'm about to swing by the office to grab that laptop though. I sincerely appreciate your help, I'll keep you updated.

#12 pleasehelpimlost

pleasehelpimlost
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:12:24 AM

Posted 21 July 2018 - 12:09 PM

Okay, I ran this:

bcdedit /set {default} bootstatuspolicy ignoreallfailures 

Then proceeded to try each boot option available:

 

Normal startup - Fail (hangs)

Safe Mode - Fail (Loads all drivers, then hangs after amdkmpfd.sys, same behavior as before)

Last Known Good Configuration - Fail (hangs)

Low Resolution Video Mode - Fail (hangs)

 

No luck so far.

 

It was able to boot into low-resolution video mode before I uninstalled the display driver, so it's got to be related to that somehow. I think whatever generic default display driver Windows uses in place of that may not be working. I have a rough idea of how to fix that, if I could only identify exactly which driver is the "BadDriver" startup repair keeps complaining about, and where the file is physically located on the drive. On that note, these microsoft articles might be useful when investigating from that angle:

 

https://support.microsoft.com/en-us/help/816104/how-to-replace-a-driver-by-using-recovery-console-in-windows-server-20

https://support.microsoft.com/en-us/help/927525/after-you-install-a-device-or-update-a-driver-for-a-device-windows-vis

 

I'm not about to do anything remotely invasive though, as for all I know my theories could be dead wrong. Luckily I have access to dozens of laptops with identical hardware and the same OS though, so I could theoretically pull known good drivers from them if needed. I also have driver packs from dell, and a Windows 7 Enterprise x64 bootable USB drive if that helps at all.

 

Also, if all else fails, I cloned the drive before running that fixlist, so I can always start over from there if we somehow break it more.


Edited by pleasehelpimlost, 21 July 2018 - 02:42 PM.


#13 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,750 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:04:24 AM

Posted 21 July 2018 - 02:43 PM

Download the enclosed file. Attached File  Fixlist.txt   271bytes   7 downloads Save it in the same location FRST is saved. Open FRST as you did before. This time around, click on the Fix button. A log will be produced in the same location FRST is saved, Fixlog.txt. Please paste this report on your next reply


No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#14 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,750 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:04:24 AM

Posted 21 July 2018 - 02:46 PM

Try this command also:

 

bcdedit /set {default} bootstatuspolicy displayallfailures


No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#15 pleasehelpimlost

pleasehelpimlost
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:12:24 AM

Posted 21 July 2018 - 04:29 PM

I ran the bcdedit command, then the fix, then ran another scan with FRST after.

 

Here is the fixlog.txt:

Fix result of Farbar Recovery Scan Tool (x64) Version: 15.07.2018
Ran by SYSTEM (21-07-2018 13:13:49) Run:5
Running from e:\
Boot Mode: Recovery
==============================================

fixlist content:
*****************
Unlock: C:\Users\wmerry\AppData\Local\Temp\VS055AC.vsd
Unlock: C:\Users\wmerry\AppData\Local\Temp\VS0B1CB.vsdx
C:\Users\wmerry\AppData\Local\Temp\VS055AC.vsd
C:\Users\wmerry\AppData\Local\Temp\VS0B1CB.vsdx
Folder: C:\Windows\System32\Drivers
CMD: BCDEDIT /ENUM ALL

*****************

"C:\Users\wmerry\AppData\Local\Temp\VS055AC.vsd" => was unlocked
"C:\Users\wmerry\AppData\Local\Temp\VS0B1CB.vsdx" => was unlocked
C:\Users\wmerry\AppData\Local\Temp\VS055AC.vsd => moved successfully
C:\Users\wmerry\AppData\Local\Temp\VS0B1CB.vsdx => moved successfully

========================= Folder: C:\Windows\System32\Drivers ========================

2017-10-10 14:21 - 2016-05-05 02:07 - 000571283 ____A [D5ED47C48ED483458D15D908B0998E50] () C:\Windows\System32\Drivers\000c0006003c121000.bseq
2017-10-10 14:21 - 2016-05-05 02:18 - 000554840 ____A [E94E12AF000FC840A7623C6E189EEC61] () C:\Windows\System32\Drivers\000c0006003c121000.sfi
2017-10-10 14:21 - 2016-05-05 02:07 - 000000017 ____A [F6485EE29D822084E97B690E0B61A223] () C:\Windows\System32\Drivers\000c0023013c121000.bseq
2017-10-10 14:21 - 2016-05-05 02:07 - 000601621 ____A [C24B8C04E7E6819C2EF32A2CE3DDD4F1] () C:\Windows\System32\Drivers\020c0006003c121000.bseq
2017-10-10 14:21 - 2016-05-05 02:18 - 000584264 ____A [97FFBBAECF6CC5C2246300611A098ACB] () C:\Windows\System32\Drivers\020c0006003c121000.sfi
2017-10-10 14:21 - 2016-05-05 02:07 - 000000017 ____A [F6485EE29D822084E97B690E0B61A223] () C:\Windows\System32\Drivers\020c0023013c121000.bseq
2009-07-13 16:06 - 2009-07-13 16:06 - 000068096 ____A [64EDD3F59DB321947969FDF1DD747323] (Microsoft Corporation) C:\Windows\System32\Drivers\1394bus.sys
2010-11-20 19:23 - 2010-11-20 19:23 - 000229888 ____A [A87D604AEA360176311474C87A63BB88] (Microsoft Corporation) C:\Windows\System32\Drivers\1394ohci.sys
2017-10-10 14:21 - 2016-06-28 03:19 - 000604147 ____A [C18D66663868C8E81FD12D21E65FC223] () C:\Windows\System32\Drivers\370b12060002340e00.bseq
2017-10-10 14:21 - 2016-06-28 03:31 - 000586708 ____A [F41F8757616A900AB4F88A4A19A22048] () C:\Windows\System32\Drivers\370b12060002340e00.sfi
2017-10-10 14:21 - 2016-06-28 03:19 - 000009121 ____A [31DD667F5D2E73090AF376F1466EFB2D] () C:\Windows\System32\Drivers\370b12060002340e00_selftest.bseq
2017-10-10 14:21 - 2016-06-28 03:31 - 000009504 ____A [86ABDE9D29E029D221566AD2153BB2C9] () C:\Windows\System32\Drivers\370b12060002340e00_selftest.sfi
2017-10-10 14:21 - 2016-06-28 03:19 - 000000057 ____A [42CA857A390890DDA668AF3670367806] () C:\Windows\System32\Drivers\370b122300251a1000.bseq
2017-10-10 14:21 - 2016-06-28 03:19 - 000000053 ____A [8F64B2964EC802A2F58154ABB99DD679] () C:\Windows\System32\Drivers\370b122300251a1000_Android.bseq
2017-10-10 14:21 - 2016-05-05 02:07 - 000601621 ____A [D78C9B1AC86665FBB2A14C36027C3C31] () C:\Windows\System32\Drivers\370c1206001a260f00.bseq
2017-10-10 14:21 - 2016-05-05 02:18 - 000584264 ____A [A7B42B9BB33F40689BDA23BA737C0AAE] () C:\Windows\System32\Drivers\370c1206001a260f00.sfi
2017-10-10 14:21 - 2016-05-05 02:07 - 000000022 ____A [C36565E79B54D2992E41A3B6070C7480] () C:\Windows\System32\Drivers\370c1223013c121000.bseq
2017-10-10 14:21 - 2016-05-05 02:07 - 000000018 ____A [977F546496E4D5626A61EB97F8461255] () C:\Windows\System32\Drivers\370c1223013c121000_Android.bseq
2010-11-20 19:23 - 2010-11-20 19:23 - 000334208 ____A [D81D9E70B8A6DD14D42D7B4EFA65D5F2] (Microsoft Corporation) C:\Windows\System32\Drivers\acpi.sys
2010-11-20 19:23 - 2010-11-20 19:23 - 000012800 ____A [99F8E788246D495CE3794D7E7821D2CA] (Microsoft Corporation) C:\Windows\System32\Drivers\acpipmi.sys
2015-07-22 07:36 - 2018-01-19 02:55 - 000258464 ___RA [56FCC24867F2C87BF96EE9D17A4CC20E] (Cisco Systems, Inc.) C:\Windows\System32\Drivers\acsock64.sys
2009-06-10 12:36 - 2009-07-13 17:52 - 000491088 ____A [2F6B34B83843F0C5118B63AC634F5BF4] (Adaptec, Inc.) C:\Windows\System32\Drivers\adp94xx.sys
2009-07-13 13:59 - 2009-07-13 17:52 - 000339536 ____A [597F78224EE9224EA1A13D6350CED962] (Adaptec, Inc.) C:\Windows\System32\Drivers\adpahci.sys
2009-07-13 13:59 - 2009-07-13 17:52 - 000182864 ____A [E109549C90F62FB570B9540C4B148E54] (Adaptec, Inc.) C:\Windows\System32\Drivers\adpu320.sys
2015-11-12 15:49 - 2015-11-12 15:49 - 000497664 ____A [9A4A1EEE802BF2F878EE8EAB407B21B7] (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys
2009-07-13 16:10 - 2009-07-13 16:10 - 000060416 ____A [7ECFF9B22276B73F43A99A15A6094E90] (Microsoft Corporation) C:\Windows\System32\Drivers\agilevpn.sys
2009-07-13 15:38 - 2009-07-13 17:52 - 000061008 ____A [608C14DBA7299D8CB6ED035A68A15799] (Microsoft Corporation) C:\Windows\System32\Drivers\AGP440.sys
2009-07-13 15:19 - 2009-07-13 17:52 - 000015440 ____A [5812713A477A3AD7363C7438CA2EE038] (Acer Laboratories Inc.) C:\Windows\System32\Drivers\aliide.sys
2009-07-13 15:19 - 2009-07-13 17:52 - 000015440 ____A [1FF8B4431C353CE385C875F194924C0C] (Microsoft Corporation) C:\Windows\System32\Drivers\amdide.sys
2009-07-13 15:19 - 2009-07-13 15:19 - 000064512 ____A [7024F087CFF1833A806193EF9D22CDA9] (Microsoft Corporation) C:\Windows\System32\Drivers\amdk8.sys
2015-10-23 09:01 - 2015-10-23 09:01 - 000036096 ____A [8A375CB3B6D1A56A2AEEE72A5F1D0926] (Advanced Micro Devices, Inc.) C:\Windows\System32\Drivers\amdkmpfd.sys
2009-07-13 15:19 - 2009-07-13 15:19 - 000060928 ____A [1E56388B3FE0D031C44144EB8C4D6217] (Microsoft Corporation) C:\Windows\System32\Drivers\amdppm.sys
2015-11-12 12:12 - 2015-11-12 12:12 - 000107904 ____A [D4121AE6D0C0E7E13AA221AA57EF2D49] (Advanced Micro Devices) C:\Windows\System32\Drivers\amdsata.sys
2009-06-10 12:37 - 2009-07-13 17:52 - 000194128 ____A [F67F933E79241ED32FF46A4F29B5120B] (AMD Technologies Inc.) C:\Windows\System32\Drivers\amdsbs.sys
2015-11-12 12:12 - 2015-11-12 12:12 - 000027008 ____A [540DAF1CEA6094886D72126FD7C33048] (Advanced Micro Devices) C:\Windows\System32\Drivers\amdxata.sys
2015-05-27 16:42 - 2015-05-27 16:42 - 000566576 ____A [346B4EA2D8A08000D88D6FC430BE9313] (Alps Electric Co., Ltd.) C:\Windows\System32\Drivers\Apfiltr.sys
2016-12-19 23:07 - 2016-10-11 07:03 - 000062464 ____A [FCE5C79717A487BDC71F3DEC78A684CA] (Microsoft Corporation) C:\Windows\System32\Drivers\appid.sys
2009-07-13 13:59 - 2009-07-13 17:52 - 000087632 ____A [C484F8CEB1717C540242531DB7845C4E] (Adaptec, Inc.) C:\Windows\System32\Drivers\arc.sys
2009-07-13 13:59 - 2009-07-13 17:52 - 000097856 ____A [019AF6924AEFE7839F61C830227FE79C] (Adaptec, Inc.) C:\Windows\System32\Drivers\arcsas.sys
2009-07-13 16:10 - 2009-07-13 16:10 - 000023040 ____A [769765CE2CC62867468CEA93969B2242] (Microsoft Corporation) C:\Windows\System32\Drivers\asyncmac.sys
2009-07-13 15:19 - 2009-07-13 17:52 - 000024128 ____A [02062C0B390B7729EDC9E69C680A6F3C] (Microsoft Corporation) C:\Windows\System32\Drivers\atapi.sys
2015-11-12 12:23 - 2015-11-12 12:23 - 000155584 ____A [059F00DEF82BF41E433B7ED465847726] (Microsoft Corporation) C:\Windows\System32\Drivers\ataport.sys
2009-06-10 12:34 - 2009-06-10 12:34 - 000270848 ____A [B5ACE6968304A3900EEB1EBFD9622DF2] (Broadcom Corporation) C:\Windows\System32\Drivers\b57nd60a.sys
2009-07-13 15:31 - 2009-07-13 17:52 - 000028240 ____A [F4DE2AE7A9E1BADAC70BC71EA2C17612] (Microsoft Corporation) C:\Windows\System32\Drivers\battc.sys
2015-04-16 20:45 - 2015-04-16 20:45 - 000006746 ____A [2332E262804FD5EA5DC8908DECA80AB4] () C:\Windows\System32\Drivers\BCM20791B5_002.006.013.0011.0091_i2c.ncd
2015-04-16 20:45 - 2015-04-16 20:45 - 000000563 ____A [0404EA855659C4E7D5898B7C2DCB8D9F] () C:\Windows\System32\Drivers\BCM20791B5_002.006.013.0011.0091_pre.ncd
2015-04-16 20:45 - 2015-04-16 20:45 - 000044800 ____A [D3D1DA3A2E8DBD9F3A9A28DE31EC1A54] (Broadcom Corporation.) C:\Windows\System32\Drivers\bcmnfcusb.sys
2015-04-16 20:45 - 2015-04-16 20:45 - 000044288 ____A [127E7A2F899E807948490720825D7312] (Broadcom Corporation.) C:\Windows\System32\Drivers\bcmnfcusb7.sys
2009-07-13 16:00 - 2009-07-13 16:00 - 000006656 ____A [16A47CE2DECC9B099349A5F840654746] (Microsoft Corporation) C:\Windows\System32\Drivers\beep.sys
2009-07-13 15:35 - 2009-07-13 15:35 - 000045056 ____A [61583EE3C3A17003C4ACD0475646B4D3] (Microsoft Corporation) C:\Windows\System32\Drivers\blbdrive.sys
2016-11-14 23:08 - 2016-10-05 06:54 - 000090112 ____A [ABA3984C822E4D3F889699912D85D6C5] (Microsoft Corporation) C:\Windows\System32\Drivers\bowser.sys
2009-07-13 17:19 - 2009-06-10 12:41 - 000018432 ____A [F09EEE9EDC320B5E1501F749FDE686C8] (Brother Industries, Ltd.) C:\Windows\System32\Drivers\BrFiltLo.sys
2009-07-13 17:20 - 2009-06-10 12:41 - 000008704 ____A [B114D3098E9BDB8BEA8B053685831BE6] (Brother Industries, Ltd.) C:\Windows\System32\Drivers\BrFiltUp.sys
2009-07-13 17:05 - 2009-07-13 17:01 - 000095232 ____A [5C2F352A4E961D72518261257AAE204B] (Microsoft Corporation) C:\Windows\System32\Drivers\bridge.sys
2009-07-13 17:19 - 2009-07-13 17:19 - 000286720 ____A [43BEA8D483BF1870F018E2D02E06A5BD] (Brother Industries Ltd.) C:\Windows\System32\Drivers\BrSerId.sys
2009-07-13 17:20 - 2009-06-10 12:41 - 000047104 ____A [A6ECA2151B08A09CACECA35C07F05B42] (Brother Industries Ltd.) C:\Windows\System32\Drivers\BrSerWdm.sys
2009-07-13 17:20 - 2009-06-10 12:41 - 000014976 ____A [B79968002C277E869CF38BD22CD61524] (Brother Industries Ltd.) C:\Windows\System32\Drivers\BrUsbMdm.sys
2009-07-13 17:20 - 2009-06-10 12:41 - 000014720 ____A [A87528880231C54E75EA7A44943B38BF] (Brother Industries Ltd.) C:\Windows\System32\Drivers\BrUsbSer.sys
2016-05-16 18:10 - 2016-04-22 16:16 - 000097512 ____A [53A74F17933BD827D145C5186F9CF394] (Qualcomm Atheros) C:\Windows\System32\Drivers\btath_pan.sys
2016-05-16 18:10 - 2016-04-22 16:16 - 000601240 ____A [DAC6F7424AD84C53DA02C1C4BDC7A790] (Qualcomm Atheros) C:\Windows\System32\Drivers\btfilter.sys
2009-07-13 16:06 - 2009-07-13 16:06 - 000041984 ____A [CF98190A94F62E405C8CB255018B2315] (Microsoft Corporation) C:\Windows\System32\Drivers\bthenum.sys
2009-07-13 16:06 - 2009-07-13 16:06 - 000072192 ____A [9DA669F11D1F894AB4EB69BF546A42E8] (Microsoft Corporation) C:\Windows\System32\Drivers\bthmodem.sys
2009-07-13 16:07 - 2009-07-13 16:07 - 000118784 ____A [02DD601B708DD0667E1331FA8518E9FF] (Microsoft Corporation) C:\Windows\System32\Drivers\bthpan.sys
2015-11-12 12:14 - 2015-11-12 12:14 - 000552960 ____A [738D0E9272F59EB7A1449C3EC118E6C4] (Microsoft Corporation) C:\Windows\System32\Drivers\bthport.sys
2015-11-12 12:14 - 2015-11-12 12:14 - 000080384 ____A [F188B7394D81010767B6DF3178519A37] (Microsoft Corporation) C:\Windows\System32\Drivers\BTHUSB.SYS
2015-10-13 16:59 - 2015-10-13 16:59 - 000087528 ____A [8700D743A6AD7C837EDB2F0720D82249] (Motorola Solutions, Inc.) C:\Windows\System32\Drivers\btmaud.sys
2015-10-13 16:59 - 2015-10-13 16:59 - 000141800 ____A [127BB6D8409287107DE5D8F6BF5074EE] (Motorola Solutions, Inc.) C:\Windows\System32\Drivers\btmaux.sys
2016-04-27 17:41 - 2016-04-27 17:41 - 001545704 ____A [5A3BE91E27DD47DF29BBD76358F700ED] (Motorola Solutions, Inc.) C:\Windows\System32\Drivers\btmhsf.sys
2009-06-10 12:34 - 2009-06-10 12:34 - 000468480 ____A [3E5B191307609F7514148C6832BB0842] (Broadcom Corporation) C:\Windows\System32\Drivers\bxvbda.sys
2009-07-13 15:19 - 2009-07-13 15:19 - 000092160 ____A [B8BD2BB284668C84865658C77574381A] (Microsoft Corporation) C:\Windows\System32\Drivers\cdfs.sys
2010-11-20 19:23 - 2010-11-20 19:23 - 000147456 ____A [F036CE71586E93D94DAB220D7BDF4416] (Microsoft Corporation) C:\Windows\System32\Drivers\cdrom.sys
2009-07-13 16:06 - 2009-07-13 16:06 - 000045568 ____A [D7CD5C4E1B71FA62050515314CFB52CF] (Microsoft Corporation) C:\Windows\System32\Drivers\circlass.sys
2010-11-20 19:24 - 2010-11-20 19:24 - 000179072 ____A [ACFAD0B512226C7A83C7CB09FD55A9AD] (Microsoft Corporation) C:\Windows\System32\Drivers\Classpnp.sys
2009-07-13 15:31 - 2009-07-13 15:31 - 000017664 ____A [0840155D0BDDF1190F84A663C284BD33] (Microsoft Corporation) C:\Windows\System32\Drivers\CmBatt.sys
2009-07-13 15:19 - 2009-07-13 17:52 - 000017488 ____A [E19D3F095812725D88F9001985B94EDD] (CMD Technology, Inc.) C:\Windows\System32\Drivers\cmdide.sys
2014-04-14 16:47 - 2014-04-14 16:47 - 000000128 ____A [C86CD50F05A7FB589B0EC42C4EE9A666] () C:\Windows\System32\Drivers\CMGCrypt.mac
2014-04-14 16:47 - 2014-04-14 16:47 - 000417536 ____A [06CC667D9CAD948C0B830F7989ADC6A4] (CREDANT Technologies, Inc.) C:\Windows\System32\Drivers\CMGCrypt.sys
2016-06-02 08:43 - 2014-04-09 17:29 - 000406784 ____A [C0801F4D5C4FD38543E5D2FC5754992C] (Dell Inc.) C:\Windows\System32\Drivers\CmgFFE.sys
2014-03-21 19:51 - 2014-03-21 19:51 - 000158464 ____A [0D8A540B442A1069EF69528CD7631470] (Dell Inc.) C:\Windows\System32\Drivers\CmgPCS.sys
2016-12-19 23:08 - 2016-11-20 06:07 - 000467392 ____A [A98CED39AD91B445E2E442A9BD67E8B4] (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys
2009-07-13 15:31 - 2009-07-13 17:52 - 000021584 ____A [102DE219C3F61415F964C88E9085AD14] (Microsoft Corporation) C:\Windows\System32\Drivers\compbatt.sys
2010-11-20 19:23 - 2010-11-20 19:23 - 000038912 ____A [03EDB043586CCEBA243D689BDDA370A8] (Microsoft Corporation) C:\Windows\System32\Drivers\CompositeBus.sys
2009-07-13 16:01 - 2009-07-13 17:47 - 000039504 ____A [3E588B60EC061686BA05D33574A344C6] (Microsoft Corporation) C:\Windows\System32\Drivers\crashdmp.sys
2009-07-13 16:01 - 2009-07-13 17:47 - 000024144 ____A [1C827878A998C18847245FE1F34EE597] (Microsoft Corporation) C:\Windows\System32\Drivers\crcdisk.sys
2010-11-20 19:24 - 2010-11-20 19:24 - 000514560 ____A [54DA3DFD29ED9F1619B6F53F3CE55E49] (Microsoft Corporation) C:\Windows\System32\Drivers\csc.sys
2016-09-05 01:02 - 2016-09-05 01:02 - 000142000 ____A [6C9CF7CB91048B306341346924CC2E08] (Citrix Systems, Inc.) C:\Windows\System32\Drivers\ctxusbm.sys
2018-02-10 13:57 - 2018-02-10 13:57 - 000041608 ____A [518EABDF50319B2769EB06DDFF4B29CA] (Dell Inc.) C:\Windows\System32\Drivers\DDDriver64Dcsa.sys
2018-02-10 13:57 - 2018-02-10 13:57 - 000041208 ____A [59DE5F7356E4610219DF36E617956FEC] (Dell Computer Corporation) C:\Windows\System32\Drivers\DellProf.sys
2016-07-12 11:25 - 2016-05-25 16:59 - 001671872 ____A [89EF959D8F090B33C69D8388BDB55B3D] (Tactical Software, LLC) C:\Windows\System32\Drivers\deserial.sys
2016-10-17 22:07 - 2016-09-08 06:55 - 000106496 ____A [9B38580063D281A99E68EF5813022A5F] (Microsoft Corporation) C:\Windows\System32\Drivers\dfsc.sys
2009-07-13 15:37 - 2009-07-13 15:37 - 000040448 ____A [13096B05847EC78F0977F2C0F79E9AB3] (Microsoft Corporation) C:\Windows\System32\Drivers\discache.sys
2016-05-13 12:08 - 2016-01-20 16:51 - 000073664 ____A [616387BBD83372220B09DE95F4E67BBC] (Microsoft Corporation) C:\Windows\System32\Drivers\disk.sys
2015-11-12 12:38 - 2015-11-12 12:38 - 000027584 ____A [B3222734D80013D2C73841B0C549FA63] (Microsoft Corporation) C:\Windows\System32\Drivers\Diskdump.sys
2015-11-12 14:58 - 2015-11-12 14:58 - 000029696 ____A [0D6F52996F950AD19FF9FD58F91C161E] (Microsoft Corporation) C:\Windows\System32\Drivers\dmvsc.sys
2018-07-10 07:19 - 2015-10-30 02:31 - 000055784 ____A [225C4E9280B2AE38DCAA5E2FEFC437C2] (Intel Corporation) C:\Windows\System32\Drivers\dptf_acpi.sys
2018-07-10 07:19 - 2015-10-30 02:31 - 000052200 ____A [4DD17AA07FA0A75E79B47E5B7F18964D] (Intel Corporation) C:\Windows\System32\Drivers\dptf_cpu.sys
2016-01-19 22:29 - 2016-01-19 22:29 - 000116736 ____A [C51B07394A087DA666A410DBFD26663A] (Microsoft Corporation) C:\Windows\System32\Drivers\drmk.sys
2016-01-19 22:29 - 2016-01-19 22:29 - 000005632 ____A [26FE888505E5A945B0536AF9A2A27A6F] (Microsoft Corporation) C:\Windows\System32\Drivers\drmkaud.sys
2009-07-13 15:19 - 2009-07-13 17:47 - 000028736 ____A [839B5FE3D48E9F35B22C21A3D5103F6C] (Microsoft Corporation) C:\Windows\System32\Drivers\Dumpata.sys
2009-07-13 15:21 - 2009-07-13 17:43 - 000055128 ____A [814DB88F2641691575A455CF25354098] (Microsoft Corporation) C:\Windows\System32\Drivers\dumpfve.sys
2009-07-13 15:38 - 2009-07-13 15:38 - 000016896 ____A [BF24D6F2ED97FE830BFD52B246F98E67] (Microsoft Corporation) C:\Windows\System32\Drivers\dxapi.sys
2009-07-13 15:38 - 2009-07-13 15:38 - 000098816 ____A [FEDE0629ECB23650D48989517D4914DA] (Microsoft Corporation) C:\Windows\System32\Drivers\dxg.sys
2016-05-13 13:36 - 2016-04-08 23:01 - 000986344 ____A [3A9D7D464BDB3B70D7ECF689ADABBD4D] (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
2016-05-13 13:36 - 2016-04-08 23:01 - 000264936 ____A [4371705697BBB2CAA7C7523058109CE9] (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms1.sys
2017-10-10 14:22 - 2017-03-19 06:37 - 000525800 ____A [DF0CF9184BD89EF3B46677C2F3823EE3] (Intel Corporation) C:\Windows\System32\Drivers\e1d62x64.sys
2009-06-10 12:35 - 2009-06-10 12:35 - 000145792 ____A [EDC6E9C057C9D7F83EEA22B4CEF5DCAD] (Intel Corporation) C:\Windows\System32\Drivers\E1G6032E.sys
2009-06-10 12:36 - 2009-07-13 17:47 - 000530496 ____A [0E5DA5369A0FCAEA12456DD852545184] (Emulex) C:\Windows\System32\Drivers\elxstor.sys
2009-07-13 15:31 - 2009-07-13 15:31 - 000009728 ____A [34A3C54752046E79A126E15C51DB409B] (Microsoft Corporation) C:\Windows\System32\Drivers\errdev.sys
2018-07-10 07:19 - 2015-10-30 02:32 - 000260072 ____A [A63C10A6A6B09FED00046DDD313C2CC1] (Intel Corporation) C:\Windows\System32\Drivers\esif_lf.sys
2009-06-10 12:34 - 2009-06-10 12:34 - 003286016 ____A [DC5D737F51BE844D8C82C695EB17372F] (Broadcom Corporation) C:\Windows\System32\Drivers\evbda.sys
2009-07-13 15:23 - 2009-07-13 15:23 - 000195072 ____A [A510C654EC00C1E9BDD91EEB3A59823B] (Microsoft Corporation) C:\Windows\System32\Drivers\exfat.sys
2009-07-13 15:23 - 2009-07-13 15:23 - 000204800 ____A [0ADC83218B66A6DB380C330836F3E36D] (Microsoft Corporation) C:\Windows\System32\Drivers\fastfat.sys
2015-11-12 14:58 - 2015-11-12 14:58 - 000032768 ____A [5294FB24A9B76FE96D2A0DABF0158AC3] (Microsoft Corporation) C:\Windows\System32\Drivers\fcvsc.sys
2009-07-13 16:00 - 2009-07-13 16:00 - 000029696 ____A [D765D19CD8EF61F650C384F62FAC00AB] (Microsoft Corporation) C:\Windows\System32\Drivers\fdc.sys
2017-10-10 14:21 - 2016-05-05 02:07 - 000000121 ____A [6347F0E7A8CF1BE0234EA60F76728928] () C:\Windows\System32\Drivers\ffffffffffffffff00.bseq
2017-10-10 14:21 - 2016-05-05 02:18 - 000030192 ____A [C176C18DC2EDE27A8A52400871F99377] () C:\Windows\System32\Drivers\ffffffffffffffff00.sfi
2009-07-13 15:34 - 2009-07-13 17:47 - 000070224 ____A [655661BE46B5F5F3FD454E2C3095B930] (Microsoft Corporation) C:\Windows\System32\Drivers\fileinfo.sys
2009-07-13 15:25 - 2009-07-13 15:25 - 000034304 ____A [5F671AB5BC87EEA04EC38A6CD5962A47] (Microsoft Corporation) C:\Windows\System32\Drivers\filetrace.sys
2009-07-13 16:00 - 2009-07-13 16:00 - 000024576 ____A [C172A0F53008EAEB8EA33FE10E177AF5] (Microsoft Corporation) C:\Windows\System32\Drivers\flpydisk.sys
2010-11-20 19:24 - 2010-11-20 19:24 - 000289664 ____A [DA6B67270FD9DB3697B20FCE94950741] (Microsoft Corporation) C:\Windows\System32\Drivers\fltMgr.sys
2015-11-12 12:32 - 2015-11-12 12:32 - 000023408 ____A [6BD9295CC032DD3077C671FCCF579A7B] (Microsoft Corporation) C:\Windows\System32\Drivers\fs_rec.sys
2009-07-13 15:26 - 2009-07-13 17:47 - 000055376 ____A [D43703496149971890703B4B1B723EAC] (Microsoft Corporation) C:\Windows\System32\Drivers\fsdepends.sys
2015-11-12 13:20 - 2015-11-12 13:20 - 000223752 ____A [8F6322049018354F45F05A2FD2D4E5E0] (Microsoft Corporation) C:\Windows\System32\Drivers\fvevol.sys
2016-09-19 07:23 - 2016-07-07 07:36 - 000287976 ____A [1140F1415D3CF49B4038CD346C2AE91A] (Microsoft Corporation) C:\Windows\System32\Drivers\FWPKCLNT.SYS
2009-07-13 15:38 - 2009-07-13 17:47 - 000065088 ____A [8C778D335C9D272CFD3298AB02ABE3B6] (Microsoft Corporation) C:\Windows\System32\Drivers\GAGP30KX.SYS
2009-06-10 12:30 - 2009-06-10 12:30 - 003440660 ____A [7F29903CB8F5590D52DB0C9F97049A25] () C:\Windows\System32\Drivers\gm.dls
2009-07-13 14:13 - 2009-06-10 12:30 - 000000646 ____A [7111BFA692A22E4B3C07F1E6C6FF6F72] () C:\Windows\System32\Drivers\gmreadme.txt
2018-03-21 10:30 - 2017-10-23 16:39 - 000083008 ____A [B23BDC42F7F8EB7A37587FA029B81ADE] (VMware, Inc.) C:\Windows\System32\Drivers\hcmon.sys
2009-07-13 14:53 - 2009-06-10 12:31 - 000031232 ____A [F2523EF6460FC42405B12248338AB2F0] (Hauppauge Computer Works, Inc.) C:\Windows\System32\Drivers\hcw85cir.sys
2010-11-20 19:23 - 2010-11-20 19:23 - 000122368 ____A [97BFED39B6B79EB12CDDBFEED51F56BB] (Microsoft Corporation) C:\Windows\System32\Drivers\hdaudbus.sys
2015-04-16 20:45 - 2015-04-16 20:45 - 000066848 ____A [4282D0B2F308E4605306EC5B02DD368E] (Intel Corporation) C:\Windows\System32\Drivers\HECIx64.sys
2009-07-13 15:31 - 2009-07-13 15:31 - 000026624 ____A [78E86380454A7B10A5EB255DC44A355F] (Microsoft Corporation) C:\Windows\System32\Drivers\hidbatt.sys
2009-07-13 16:06 - 2009-07-13 16:06 - 000100864 ____A [7FD2A313F7AFE5C4DAB14798C48DD104] (Microsoft Corporation) C:\Windows\System32\Drivers\hidbth.sys
2015-11-12 12:27 - 2015-11-12 12:27 - 000076800 ____A [597C3699384E53CC59587ED50CCE5CA2] (Microsoft Corporation) C:\Windows\System32\Drivers\hidclass.sys
2009-07-13 16:06 - 2009-07-13 16:06 - 000046592 ____A [0A77D29F311B88CFAE3B13F9C1A73825] (Microsoft Corporation) C:\Windows\System32\Drivers\hidir.sys
2015-11-12 12:27 - 2015-11-12 12:27 - 000032896 ____A [856E76B3641746ABBC2946BED1372098] (Microsoft Corporation) C:\Windows\System32\Drivers\hidparse.sys
2010-11-20 19:23 - 2010-11-20 19:23 - 000030208 ____A [9592090A7E2B61CD582B612B6DF70536] (Microsoft Corporation) C:\Windows\System32\Drivers\hidusb.sys
2010-11-20 19:23 - 2010-11-20 19:23 - 000078720 ____A [39D2ABCD392F3D8A6DCE7B60AE7B8EFC] (Hewlett-Packard Company) C:\Windows\System32\Drivers\HpSAMD.sys
2015-11-12 14:16 - 2015-11-12 14:16 - 000754688 ____A [F61634BEC53F73702A10DE69F6DCAF57] (Microsoft Corporation) C:\Windows\System32\Drivers\http.sys
2010-11-20 19:24 - 2010-11-20 19:24 - 000014720 ____A [A5462BD6884960C9DC85ED49D34FF392] (Microsoft Corporation) C:\Windows\System32\Drivers\hwpolicy.sys
2015-11-12 14:58 - 2015-11-12 14:58 - 000013824 ____A [81B84C6C272EF19508AD49367026DDF4] (Microsoft Corporation) C:\Windows\System32\Drivers\hyperkbd.sys
2009-07-13 15:19 - 2009-07-13 15:19 - 000105472 ____A [FA55C73D4AFFA7EE23AC4BE53B4592D3] (Microsoft Corporation) C:\Windows\System32\Drivers\i8042prt.sys
2014-08-14 16:30 - 2014-08-14 16:30 - 000569152 ____A [CCFA835960E35F30D28A868E0B3B8722] (Intel Corporation) C:\Windows\System32\Drivers\iaStor.sys
2015-04-16 20:45 - 2015-04-16 20:45 - 000670056 ____A [9863EC0FB887C0AD0C3A20AC3BF91629] (Intel Corporation) C:\Windows\System32\Drivers\iaStorA.sys
2015-04-16 20:45 - 2015-04-16 20:45 - 000028008 ____A [AB28B4CE85BE2261276ECD3482A0AED9] (Intel Corporation) C:\Windows\System32\Drivers\iaStorF.sys
2015-11-12 12:12 - 2015-11-12 12:12 - 000410496 ____A [AAAF44DB3BD0B9D1FB6969B23ECC8366] (Intel Corporation) C:\Windows\System32\Drivers\iaStorV.sys
2016-02-03 13:28 - 2016-07-31 03:12 - 000355080 ____A [8F18C8C4568751DB8116EF3CBD65550A] (Intel Corporation) C:\Windows\System32\Drivers\ibtusb.sys
2016-10-25 01:06 - 2016-10-25 01:06 - 007966200 ____A [703B6B74DCA108B7F30B3594363BFD42] (Intel Corporation) C:\Windows\System32\Drivers\igdkmd64.sys
2009-07-13 13:59 - 2009-07-13 17:48 - 000044112 ____A [5C18831C61933628F5BB0EA2675B9D21] (Intel Corp./ICP vortex GmbH) C:\Windows\System32\Drivers\iirsp.sys
2016-05-12 05:32 - 2016-05-12 05:32 - 000481768 ____A [E300D1E37B737ED14F7A08CD5604E5D9] (Intel(R) Corporation) C:\Windows\System32\Drivers\IntcDAud.sys
2009-07-13 15:19 - 2009-07-13 17:48 - 000016960 ____A [F00F20E70C6EC3AA366910083A0518AA] (Microsoft Corporation) C:\Windows\System32\Drivers\intelide.sys
2017-06-26 13:15 - 2017-06-26 13:15 - 000021136 ____A [64B1A093B4F10031629F173E99DB2D85] (Intel Corporation) C:\Windows\System32\Drivers\IntelMEFWVer.dll
2009-07-13 15:19 - 2009-07-13 15:19 - 000062464 ____A [ADA036632C664CAA754079041CF1F8C1] (Microsoft Corporation) C:\Windows\System32\Drivers\intelppm.sys
2010-11-20 19:24 - 2010-11-20 19:24 - 000082944 ____A [C9F0E1BD74365A8771590E9008D22AB6] (Microsoft Corporation) C:\Windows\System32\Drivers\ipfltdrv.sys
2010-11-20 19:23 - 2010-11-20 19:23 - 000078848 ____A [0FC1AEA580957AA8817B8F305D18CA3A] (Microsoft Corporation) C:\Windows\System32\Drivers\IPMIDrv.sys
2009-07-13 16:10 - 2009-07-13 16:10 - 000116224 ____A [AF9B39A7E7B6CAA203B3862582E9F2D0] (Microsoft Corporation) C:\Windows\System32\Drivers\ipnat.sys
2009-07-13 16:09 - 2009-07-13 16:09 - 000120320 ____A [05360B1EA5A2ABF620D1D96EBD8BD8F1] (Microsoft Corporation) C:\Windows\System32\Drivers\irda.sys
2009-07-13 16:08 - 2009-07-13 16:08 - 000017920 ____A [3ABF5E7213EB28966D55D58B515D5CE9] (Microsoft Corporation) C:\Windows\System32\Drivers\irenum.sys
2009-07-13 15:31 - 2009-07-13 17:48 - 000020544 ____A [2F7B28DC3E1183E5EB418DF55C204F38] (Microsoft Corporation) C:\Windows\System32\Drivers\isapnp.sys
2015-04-16 20:45 - 2015-04-16 20:45 - 000044744 ____A [35C0995BCDB0E45D1EEBE4FB582D1563] () C:\Windows\System32\Drivers\ISCTD.sys
2014-06-17 18:28 - 2014-06-17 18:28 - 000020024 ____A [C8A3C909F0EFF13CAE0C17503B1F5DB2] (Intel Corporation) C:\Windows\System32\Drivers\iusb3hcs.sys
2015-04-16 20:45 - 2015-04-16 20:45 - 000383472 ____A [923030D5F4B1C801AE5219551F7B490B] (Intel Corporation) C:\Windows\System32\Drivers\iusb3hub.sys
2015-04-16 20:45 - 2015-04-16 20:45 - 000795120 ____A [234E2245AF65CFC021874F64C40E206B] (Intel Corporation) C:\Windows\System32\Drivers\iusb3xhc.sys
2015-04-16 20:45 - 2015-04-16 20:45 - 000419120 ____A [E56655187A650AA6A0E2A82C8C762D40] (Intel Corporation) C:\Windows\System32\Drivers\iwsehub.sys
2015-04-16 20:45 - 2015-04-16 20:45 - 000613168 ____A [4409A14A9BFDAF00726A25C85C90AD8F] (Intel Corporation) C:\Windows\System32\Drivers\iwsepal.sys
2016-07-07 12:27 - 2015-07-28 09:49 - 000507192 ____A [6D15D02704D1947A3BBB9638D0001593] (Juniper Networks) C:\Windows\System32\Drivers\jnprns.sys
2016-07-07 12:27 - 2015-07-28 12:54 - 000108344 ____A [16A972C3186718CA42F9EDD77A268EFE] (Pulse Secure, LLC) C:\Windows\System32\Drivers\jnprTdi_814_60331.sys
2015-07-28 09:49 - 2015-07-28 09:49 - 000030072 ____A [44C9235408780F1F6299FA809A2C4FCE] (Juniper Networks, Inc.) C:\Windows\System32\Drivers\jnprva.sys
2015-07-28 09:49 - 2015-07-28 09:49 - 000045352 ____A [43389A5F75966CB4715253F1B3EAD392] (Juniper Networks, Inc.) C:\Windows\System32\Drivers\jnprvamgr.sys
2009-07-13 15:19 - 2009-07-13 17:48 - 000050768 ____A [BC02336F1CBA7DCC7D1213BB588A68A5] (Microsoft Corporation) C:\Windows\System32\Drivers\kbdclass.sys
2010-11-20 19:23 - 2010-11-20 19:23 - 000033280 ____A [0705EFF5B42A9DB58548EEC3B26BB484] (Microsoft Corporation) C:\Windows\System32\Drivers\kbdhid.sys
2010-11-20 19:24 - 2010-11-20 19:24 - 000243712 ____A [24FBF5CC5C04150073C315A7C83521EE] (Microsoft Corporation) C:\Windows\System32\Drivers\ks.sys
2016-12-19 23:08 - 2016-11-21 10:16 - 000095464 ____A [F54475BA70B5CDA4EF11DC44BFB07F40] (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys
2016-12-19 23:08 - 2016-11-21 10:16 - 000154856 ____A [ED1D1E1AAACF08438F9BCF731C8CA168] (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
2009-07-13 16:00 - 2009-07-13 16:00 - 000020992 ____A [6869281E78CB31A43E969F06B57347C4] (Microsoft Corporation) C:\Windows\System32\Drivers\ksthunk.sys
2015-06-17 18:25 - 2015-06-17 18:25 - 000087696 ____A [EAB70270BDDCFEF56FCC7425C2D9883D] (Logitech, Inc.) C:\Windows\System32\Drivers\LEqdUsb.sys
2015-06-17 18:25 - 2015-06-17 18:25 - 000023184 ____A [5EBB7C1FC685D45A1D3D8B2B9A656E48] (Logitech, Inc.) C:\Windows\System32\Drivers\LHidEqd.sys
2015-06-17 18:25 - 2015-06-17 18:25 - 000086672 ____A [AFDFA4A6B0F7B15AA38E494FD4595741] (Logitech, Inc.) C:\Windows\System32\Drivers\LHidFilt.Sys
2009-07-13 16:08 - 2009-07-13 16:08 - 000060928 ____A [1538831CF8AD2979A04C423779465827] (Microsoft Corporation) C:\Windows\System32\Drivers\lltdio.sys
2015-06-17 18:25 - 2015-06-17 18:25 - 000069264 ____A [C3E82B320F34C97F32B8026F4C249BEF] (Logitech, Inc.) C:\Windows\System32\Drivers\LMouFilt.Sys
2016-05-16 17:31 - 2018-07-19 17:35 - 000018960 ____A [64AEB5790901EA8854884981F104CAA6] (Logitech, Inc.) C:\Windows\System32\Drivers\LNonPnP.sys
2009-07-13 13:59 - 2009-07-13 17:48 - 000114752 ____A [1A93E54EB0ECE102495A51266DCDB6A6] (LSI Corporation) C:\Windows\System32\Drivers\lsi_fc.sys
2009-07-13 13:59 - 2009-07-13 17:48 - 000106560 ____A [1047184A9FDC8BDBFF857175875EE810] (LSI Corporation) C:\Windows\System32\Drivers\lsi_sas.sys
2009-07-13 13:59 - 2009-07-13 17:48 - 000065600 ____A [30F5C0DE1EE8B5BC9306C1F0E4A75F93] (LSI Corporation) C:\Windows\System32\Drivers\lsi_sas2.sys
2009-07-13 13:59 - 2009-07-13 17:48 - 000115776 ____A [0504EACAFF0D3C8AED161C4B0D369D4A] (LSI Corporation) C:\Windows\System32\Drivers\lsi_scsi.sys
2009-07-13 15:26 - 2009-07-13 15:26 - 000113152 ____A [43D0F98E1D56CCDDB0D5254CFF7B356E] (Microsoft Corporation) C:\Windows\System32\Drivers\luafv.sys
2009-07-13 16:01 - 2009-07-13 16:01 - 000022016 ____A [3C9F072F9DCA856B9FB7A20CBD4281AC] (Microsoft Corporation) C:\Windows\System32\Drivers\mcd.sys
2009-06-10 12:37 - 2009-07-13 17:48 - 000035392 ____A [A55805F747C6EDB6A9080D7C633BD0F4] (LSI Corporation) C:\Windows\System32\Drivers\megasas.sys
2009-07-13 13:59 - 2009-07-13 17:48 - 000284736 ____A [BAF74CE0072480C3B6B7C13B2A94D6B3] (LSI Corporation, Inc.) C:\Windows\System32\Drivers\MegaSR.sys
2009-07-13 16:10 - 2009-07-13 16:10 - 000040448 ____A [800BA92F7010378B09F9ED9270F07137] (Microsoft Corporation) C:\Windows\System32\Drivers\modem.sys
2009-07-13 15:38 - 2009-07-13 15:38 - 000030208 ____A [B03D591DC7DA45ECE20B3B467E6AADAA] (Microsoft Corporation) C:\Windows\System32\Drivers\monitor.sys
2009-07-13 15:19 - 2009-07-13 17:48 - 000049216 ____A [7D27EA49F3C1F687D357E77A470AEA99] (Microsoft Corporation) C:\Windows\System32\Drivers\mouclass.sys
2009-07-13 16:00 - 2009-07-13 16:00 - 000031232 ____A [D3BF052C40B0C4166D9FD86A4288C1E6] (Microsoft Corporation) C:\Windows\System32\Drivers\mouhid.sys
2016-10-17 22:07 - 2016-06-14 09:21 - 000094440 ____A [8ADB5445B29941CB41AF2846FD5C93C7] (Microsoft Corporation) C:\Windows\System32\Drivers\mountmgr.sys
2010-11-20 19:23 - 2010-11-20 19:23 - 000155008 ____A [A44B420D30BD56E145D6A2BC8768EC58] (Microsoft Corporation) C:\Windows\System32\Drivers\mpio.sys
2009-07-13 16:08 - 2009-07-13 16:08 - 000077312 ____A [6C38C9E45AE0EA2FA5E551F2ED5E978F] (Microsoft Corporation) C:\Windows\System32\Drivers\mpsdrv.sys
2016-10-17 22:07 - 2016-09-08 06:55 - 000142336 ____A [98DB1790F0A584E0A2528B92B052417F] (Microsoft Corporation) C:\Windows\System32\Drivers\mrxdav.sys
2016-12-19 23:08 - 2016-11-20 07:58 - 000159744 ____A [8A6DD6FDCCC010F7C6480EE7D0C3B92E] (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb.sys
2016-12-19 23:07 - 2016-11-20 07:57 - 000291328 ____A [68C12354AEA8FB5B559F5F69EF1C0DF0] (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb10.sys
2016-12-19 23:08 - 2016-11-20 07:57 - 000129536 ____A [307E956C0DE630EE0ACE657233C0E83F] (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb20.sys
2010-11-20 19:23 - 2010-11-20 19:23 - 000031104 ____A [C25F0BAFA182CBCA2DD3C851C2E75796] (Microsoft Corporation) C:\Windows\System32\Drivers\msahci.sys
2010-11-20 19:23 - 2010-11-20 19:23 - 000140672 ____A [DB801A638D011B9633829EB6F663C900] (Microsoft Corporation) C:\Windows\System32\Drivers\msdsm.sys
2009-07-13 15:19 - 2009-07-13 15:19 - 000026112 ____A [AA3FB40E17CE1388FA1BEDAB50EA8F96] (Microsoft Corporation) C:\Windows\System32\Drivers\msfs.sys
2016-04-12 12:06 - 2016-04-12 12:06 - 000000000 ___AH [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\Msft_Kernel_Apfiltr_01009.Wdf
2017-10-10 14:22 - 2017-10-10 14:22 - 000000000 ___AH [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\Msft_Kernel_btmaux_01009.Wdf
2017-10-10 14:22 - 2017-10-10 14:22 - 000000000 ___AH [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\Msft_Kernel_btmhsf_01011.Wdf
2016-04-12 12:06 - 2016-04-12 12:06 - 000000000 ___AH [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\Msft_Kernel_dptf_acpi_01011.Wdf
2016-04-12 12:06 - 2016-04-12 12:06 - 000000000 ___AH [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\Msft_Kernel_dptf_cpu_01011.Wdf
2016-04-12 12:06 - 2016-04-12 12:06 - 000000000 ___AH [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\Msft_Kernel_esif_lf_01011.Wdf
2018-06-13 11:49 - 2018-06-13 11:49 - 000000000 ___AH [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\Msft_Kernel_ser2pl64_01009.Wdf
2016-04-12 12:06 - 2016-04-12 12:06 - 000000000 ___AH [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\Msft_Kernel_ST_Accel_01009.Wdf
2016-04-12 12:06 - 2016-04-12 12:06 - 000000000 ___AH [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2016-04-12 12:06 - 2016-04-12 12:06 - 000000000 ___AH [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\Msft_User_esif_umdf_01_11_00.Wdf
2016-05-13 16:32 - 2016-05-13 16:32 - 000000000 ___AH [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2016-05-17 22:26 - 2016-05-17 22:26 - 000000000 ___AH [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2015-11-12 12:26 - 2015-11-12 12:26 - 000000003 ____A [933222B19FF3E7EA5F65517EA1F7D57E] () C:\Windows\System32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2015-11-12 12:58 - 2015-11-12 12:58 - 000000003 ____A [933222B19FF3E7EA5F65517EA1F7D57E] () C:\Windows\System32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2009-07-13 16:06 - 2009-07-13 16:06 - 000008192 ____A [F9D215A46A8B9753F61767FA72A20326] (Microsoft Corporation) C:\Windows\System32\Drivers\mshidkmdf.sys
2009-07-13 15:19 - 2009-07-13 17:48 - 000015424 ____A [D916874BBD4F8B07BFB7FA9B3CCAE29D] (Microsoft Corporation) C:\Windows\System32\Drivers\msisadrv.sys
2015-11-12 12:38 - 2015-11-12 12:38 - 000274880 ____A [96BB922A0981BC7432C8CF52B5410FE6] (Microsoft Corporation) C:\Windows\System32\Drivers\msiscsi.sys
2009-07-13 16:00 - 2009-07-13 16:00 - 000011136 ____A [49CCF2C4FEA34FFAD8B1B59D49439366] (Microsoft Corporation) C:\Windows\System32\Drivers\mskssrv.sys
2009-07-13 16:00 - 2009-07-13 16:00 - 000007168 ____A [BDD71ACE35A232104DDD349EE70E1AB3] (Microsoft Corporation) C:\Windows\System32\Drivers\mspclock.sys
2009-07-13 16:00 - 2009-07-13 16:00 - 000006784 ____A [4ED981241DB27C3383D72092B618A1D0] (Microsoft Corporation) C:\Windows\System32\Drivers\mspqm.sys
2010-11-20 19:24 - 2010-11-20 19:24 - 000366976 ____A [759A9EEB0FA9ED79DA1FB7D4EF78866D] (Microsoft Corporation) C:\Windows\System32\Drivers\msrpc.sys
2009-07-13 15:31 - 2009-07-13 17:48 - 000032320 ____A [0EED230E37515A0EAEE3C2E1BC97B288] (Microsoft Corporation) C:\Windows\System32\Drivers\mssmbios.sys
2009-07-13 16:00 - 2009-07-13 16:00 - 000008064 ____A [2E66F9ECB30B4221A318C92AC2250779] (Microsoft Corporation) C:\Windows\System32\Drivers\mstee.sys
2009-07-13 16:02 - 2009-07-13 16:02 - 000015360 ____A [7EA404308934E675BFFDE8EDF0757BCD] (Microsoft Corporation) C:\Windows\System32\Drivers\MTConfig.sys
2015-11-12 14:00 - 2015-11-12 14:00 - 000104896 ____A [AA0C2BA3782E92BD85E2264BE418E67C] (Microsoft Corporation) C:\Windows\System32\Drivers\mup.sys
2015-11-12 15:49 - 2015-11-12 15:49 - 000950720 ____A [F7309F42555F8AAB7144A51A1F2585B0] (Microsoft Corporation) C:\Windows\System32\Drivers\ndis.sys
2009-07-13 16:08 - 2009-07-13 16:08 - 000035328 ____A [9F9A1F53AAD7DA4D6FEF5BB73AB811AC] (Microsoft Corporation) C:\Windows\System32\Drivers\ndiscap.sys
2009-07-13 16:10 - 2009-07-13 16:10 - 000024064 ____A [30639C932D9FEF22B31268FE25A1B6E5] (Microsoft Corporation) C:\Windows\System32\Drivers\ndistapi.sys
2010-11-20 19:24 - 2010-11-20 19:24 - 000056832 ____A [136185F9FB2CC61E573E676AA5402356] (Microsoft Corporation) C:\Windows\System32\Drivers\ndisuio.sys
2010-11-20 19:24 - 2010-11-20 19:24 - 000164352 ____A [53F7305169863F0A2BDDC49E116C2E11] (Microsoft Corporation) C:\Windows\System32\Drivers\ndiswan.sys
2010-11-20 19:24 - 2010-11-20 19:24 - 000057856 ____A [015C0D8E0E0421B4CFD48CFFE2825879] (Microsoft Corporation) C:\Windows\System32\Drivers\ndproxy.sys
2009-07-13 16:09 - 2009-07-13 16:09 - 000044544 ____A [86743D9F5D2B1048062B14B1D84501C4] (Microsoft Corporation) C:\Windows\System32\Drivers\netbios.sys
2016-06-24 22:53 - 2016-05-11 06:58 - 000262144 ____A [E47D571FEC2C76E867935109AB2A770C] (Microsoft Corporation) C:\Windows\System32\Drivers\netbt.sys
2016-09-19 07:23 - 2016-07-07 07:36 - 000377576 ____A [5545D2CB5DC6855ADAE275D50FEC1CFF] (Microsoft Corporation) C:\Windows\System32\Drivers\netio.sys
2015-05-27 16:42 - 2015-05-27 16:42 - 003549068 ____A [B194445606A1FBF926D2457515EA4A23] () C:\Windows\System32\Drivers\Netwfw02.dat
2016-07-24 21:29 - 2016-07-24 21:29 - 009212864 ____A [0796DE989A5D1E134D731D221DADC256] () C:\Windows\System32\Drivers\Netwfw04.dat
2015-05-27 16:42 - 2015-05-27 16:42 - 003438872 ____A [C748556F948B0559C0EFF577E5C6F09C] (Intel Corporation) C:\Windows\System32\Drivers\Netwsw02.sys
2016-07-24 21:29 - 2016-07-24 21:29 - 003441424 ____A [A5024179A0E4019BF5FDD4EFF6334D50] (Intel Corporation) C:\Windows\System32\Drivers\Netwsw04.sys
2009-07-13 13:59 - 2009-07-13 17:48 - 000051264 ____A [77889813BE4D166CDAB78DDBA990DA92] (IBM Corporation) C:\Windows\System32\Drivers\nfrd960.sys
2013-02-28 17:49 - 2013-02-28 17:49 - 000036600 ____A [DE7FCC77F4A503AF4CA6A47D49B3713D] (Riverbed Technology, Inc.) C:\Windows\System32\Drivers\npf.sys
2009-07-13 15:19 - 2009-07-13 15:19 - 000044032 ____A [1E4C4AB5C9B8DD13179BBDC75A2A01F7] (Microsoft Corporation) C:\Windows\System32\Drivers\npfs.sys
2009-07-13 15:21 - 2009-07-13 15:21 - 000024576 ____A [E7F5AE18AF4168178A642A9247C63001] (Microsoft Corporation) C:\Windows\System32\Drivers\nsiproxy.sys
2016-03-14 21:25 - 2016-03-14 21:25 - 001684416 ____A [47B2D0B31BDC3EBE6090228E2BA3764D] (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys
2011-01-11 09:20 - 2011-01-11 09:20 - 000044096 ____A [B1E0C3B8DA8AC3EB7763881F5608C059] (Nortel Networks) C:\Windows\System32\Drivers\ntnvca.sys
2009-07-13 15:19 - 2009-07-13 15:19 - 000006144 ____A [9899284589F75FA8724FF3D16AED75C1] (Microsoft Corporation) C:\Windows\System32\Drivers\null.sys
2009-07-13 15:38 - 2009-07-13 17:48 - 000122960 ____A [270D7CD42D6E3979F6DD0146650F0E05] (Microsoft Corporation) C:\Windows\System32\Drivers\NV_AGP.SYS
2011-01-11 09:20 - 2011-01-11 09:20 - 000080448 ____A [60655E464793B00B8E25E5DCA88C5CAF] (Nortel Networks Corporation) C:\Windows\System32\Drivers\nvcwfpco.sys
2015-11-12 12:12 - 2015-11-12 12:12 - 000148352 ____A [0A92CB65770442ED0DC44834632F66AD] (NVIDIA Corporation) C:\Windows\System32\Drivers\nvraid.sys
2015-11-12 12:12 - 2015-11-12 12:12 - 000166272 ____A [DAB0E87525C10052BF65F06152F37E4A] (NVIDIA Corporation) C:\Windows\System32\Drivers\nvstor.sys
2009-07-13 16:07 - 2009-07-13 16:07 - 000318976 ____A [1EA3749C4114DB3E3161156FFFFA6B33] (Microsoft Corporation) C:\Windows\System32\Drivers\nwifi.sys
2015-05-04 16:58 - 2015-05-04 16:58 - 000210592 ____A [59E028ED21D8C9F26DC9A5A110A90A9B] (BayHubTech/O2Micro ) C:\Windows\System32\Drivers\O2FJ2w7x64.sys
2015-05-04 16:58 - 2015-05-04 16:58 - 000065536 ____A [BBD0246FB5DCFF52C0AACC27212DDC55] (BayHubTech/O2Micro International) C:\Windows\System32\Drivers\o2flash.exe
2009-07-13 16:06 - 2009-07-13 16:06 - 000072832 ____A [3589478E4B22CE21B41FA1BFC0B8B8A0] (Microsoft Corporation) C:\Windows\System32\Drivers\ohci1394.sys
2010-11-20 19:24 - 2010-11-20 19:24 - 000131584 ____A [0557CF5A2556BD58E26384169D72438D] (Microsoft Corporation) C:\Windows\System32\Drivers\pacer.sys
2009-07-13 16:00 - 2009-07-13 16:00 - 000097280 ____A [0086431C29C35BE1DBC43F52CC273887] (Microsoft Corporation) C:\Windows\System32\Drivers\parport.sys
2015-11-12 13:13 - 2015-11-12 13:13 - 000075120 ____A [E9766131EEADE40A27DC27D2D68FBA9C] (Microsoft Corporation) C:\Windows\System32\Drivers\partmgr.sys
2010-11-20 19:23 - 2010-11-20 19:23 - 000184704 ____A [94575C0571D1462A0F70BDE6BD6EE6B3] (Microsoft Corporation) C:\Windows\System32\Drivers\pci.sys
2009-07-13 15:19 - 2009-07-13 17:45 - 000012352 ____A [B5B8B5EF2E5CB34DF8DCF8831E3534FA] (Microsoft Corporation) C:\Windows\System32\Drivers\pciide.sys
2009-07-13 15:19 - 2009-07-13 17:45 - 000048720 ____A [144497DAA145BA0F7BE896064146C058] (Microsoft Corporation) C:\Windows\System32\Drivers\pciidex.sys
2009-07-13 15:31 - 2009-07-13 17:45 - 000220752 ____A [B2E81D4E87CE48589F98CB8C05B01F2F] (Microsoft Corporation) C:\Windows\System32\Drivers\pcmcia.sys
2009-07-13 15:19 - 2009-07-13 17:45 - 000050768 ____A [D6B9C2E1A11A3A4B26A182FFEF18F603] (Microsoft Corporation) C:\Windows\System32\Drivers\pcw.sys
2016-10-17 22:07 - 2016-06-14 09:11 - 000663552 ____A [EA4D67448BE493D543F1730D6CD04694] (Microsoft Corporation) C:\Windows\System32\Drivers\PEAuth.sys
2016-01-19 22:29 - 2016-01-19 22:29 - 000230400 ____A [647599CAE8CA0EF2FB09C4B150BC97FF] (Microsoft Corporation) C:\Windows\System32\Drivers\portcls.sys
2013-09-11 14:07 - 2013-09-11 14:07 - 000026984 ____A [C117970D3AE17FCDBA683D1D318B0440] (Microsoft Corporation) C:\Windows\System32\Drivers\PrepDrv.sys
2009-07-13 15:19 - 2009-07-13 15:19 - 000060416 ____A [0D922E23C041EFB1C3FAC2A6F943C9BF] (Microsoft Corporation) C:\Windows\System32\Drivers\processr.sys
2009-06-10 12:37 - 2009-07-13 17:45 - 001524816 ____A [A53A15A11EBFD21077463EE2C7AFEEF0] (QLogic Corporation) C:\Windows\System32\Drivers\ql2300.sys
2009-07-13 13:59 - 2009-07-13 17:45 - 000128592 ____A [4F6D12B51DE1AAEFF7DC58C4D75423C8] (QLogic Corporation) C:\Windows\System32\Drivers\ql40xx.sys
2009-07-13 16:09 - 2009-07-13 16:09 - 000046592 ____A [76707BB36430888D9CE9D705398ADB6C] (Microsoft Corporation) C:\Windows\System32\Drivers\qwavedrv.sys
2009-07-13 16:10 - 2009-07-13 16:10 - 000014848 ____A [5A0DA8AD5762FA2D91678A8A01311704] (Microsoft Corporation) C:\Windows\System32\Drivers\rasacd.sys
2010-11-20 19:24 - 2010-11-20 19:24 - 000129536 ____A [471815800AE33E6F1C32FB1B97C490CA] (Microsoft Corporation) C:\Windows\System32\Drivers\rasl2tp.sys
2009-07-13 16:10 - 2009-07-13 16:10 - 000092672 ____A [855C9B1CD4756C5E9A2AA58A15F58C25] (Microsoft Corporation) C:\Windows\System32\Drivers\raspppoe.sys
2010-11-20 19:24 - 2010-11-20 19:24 - 000111104 ____A [F92A2C41117A11A00BE01CA01A7FCDE9] (Microsoft Corporation) C:\Windows\System32\Drivers\raspptp.sys
2009-07-13 16:10 - 2009-07-13 16:10 - 000083968 ____A [E8B1E447B008D07FF47D016C2B0EEECB] (Microsoft Corporation) C:\Windows\System32\Drivers\rassstp.sys
2015-11-12 14:00 - 2015-11-12 14:00 - 000310272 ____A [71B6F78D6444CCE6F77BC42917A4E8F7] (Microsoft Corporation) C:\Windows\System32\Drivers\rdbss.sys
2009-07-13 16:17 - 2009-07-13 16:17 - 000024064 ____A [302DA2A0539F2CF54D7C6CC30C1F2D8D] (Microsoft Corporation) C:\Windows\System32\Drivers\rdpbus.sys
2009-07-13 16:16 - 2009-07-13 16:16 - 000007680 ____A [CEA6CC257FC9B7715F1C2B4849286D24] (Microsoft Corporation) C:\Windows\System32\Drivers\RDPCDD.sys
2010-11-20 19:25 - 2010-11-20 19:25 - 000165888 ____A [1B6163C503398B23FF8B939C67747683] (Microsoft Corporation) C:\Windows\System32\Drivers\rdpdr.sys
2009-07-13 16:16 - 2009-07-13 16:16 - 000007680 ____A [BB5971A4F00659529A5C44831AF22365] (Microsoft Corporation) C:\Windows\System32\Drivers\RDPENCDD.sys
2009-07-13 16:16 - 2009-07-13 16:16 - 000008192 ____A [216F3FA57533D98E1F74DED70113177A] (Microsoft Corporation) C:\Windows\System32\Drivers\RDPREFMP.sys
2015-11-12 12:23 - 2015-11-12 12:23 - 000019456 ____A [313F68E1A3E6345A4F47A36B07062F34] (Microsoft Corporation) C:\Windows\System32\Drivers\rdpvideominiport.sys
2015-11-12 13:29 - 2015-11-12 13:29 - 000212480 ____A [FE571E088C2D83619D2D48D4E961BF41] (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys
2010-11-20 19:24 - 2010-11-20 19:24 - 000213888 ____A [34ED295FA0121C241BFEF24764FC4520] (Microsoft Corporation) C:\Windows\System32\Drivers\rdyboost.sys
2009-07-13 16:06 - 2009-07-13 16:06 - 000158720 ____A [3DD798846E2C28102B922C56E71B7932] (Microsoft Corporation) C:\Windows\System32\Drivers\rfcomm.sys
2015-12-14 22:46 - 2015-12-14 22:46 - 000146944 ____A [5BD6B1EC997FF3DD779D62E05D2079A8] (Microsoft Corporation) C:\Windows\System32\Drivers\rmcast.sys
2010-04-21 06:02 - 2010-04-21 06:02 - 000005632 ____A [090EE52AFDFF9932909C480BDDA0C8CE] (Famatech International Corp.) C:\Windows\System32\Drivers\rminiv3.sys
2015-11-12 12:14 - 2015-11-12 12:14 - 000041472 ____A [0E01641D96889BDEB22DE12D30575B08] (Microsoft Corporation) C:\Windows\System32\Drivers\RNDISMP.sys
2009-07-13 16:10 - 2009-07-13 16:10 - 000011264 ____A [388D3DD1A6457280F3BADBA9F3ACD6B1] (Microsoft Corporation) C:\Windows\System32\Drivers\rootmdm.sys
2009-07-13 16:08 - 2009-07-13 16:08 - 000076800 ____A [DDC86E4F8E7456261E637E3552E804FF] (Microsoft Corporation) C:\Windows\System32\Drivers\rspndr.sys
2015-10-23 09:00 - 2015-10-23 09:00 - 000002236 ____A [CEBF884E9972D1A47F2A17C5E57C95C9] () C:\Windows\System32\Drivers\RTAIODAT.DAT
2015-10-23 09:00 - 2015-10-23 09:00 - 002740056 ____A [A89FD916E7291D6818FD757D56CD80F0] (Realtek Semiconductor Corp.) C:\Windows\System32\Drivers\RTDVHD64.sys
2010-11-20 19:23 - 2010-11-20 19:23 - 000103808 ____A [AC03AF3329579FFFB455AA2DAABBE22B] (Microsoft Corporation) C:\Windows\System32\Drivers\sbp2port.sys
2010-11-20 19:24 - 2010-11-20 19:24 - 000029696 ____A [253F38D0D7074C02FF8DEB9836C97D2B] (Microsoft Corporation) C:\Windows\System32\Drivers\scfilter.sys
2010-11-20 19:24 - 2010-11-20 19:24 - 000171392 ____A [1B1E264203D4EF9D3DA1987AD70355AB] (Microsoft Corporation) C:\Windows\System32\Drivers\scsiport.sys
2010-11-20 19:23 - 2010-11-20 19:23 - 000109056 ____A [111E0EBC0AD79CB0FA014B907B231CF0] (Microsoft Corporation) C:\Windows\System32\Drivers\sdbus.sys
2009-07-13 18:36 - 2009-06-10 12:37 - 000023040 ____A [3EA8A16169C26AFBEB544E0E48421186] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) C:\Windows\System32\Drivers\secdrv.sys
2017-10-30 22:51 - 2017-10-30 22:51 - 000227248 ____A [993C3A575688F8B46B3C0A11232BC962] (Prolific Technology Inc.) C:\Windows\System32\Drivers\ser2pl64.sys
2009-07-13 16:00 - 2009-07-13 16:00 - 000023552 ____A [CB624C0035412AF0DEBEC78C41F5CA1B] (Microsoft Corporation) C:\Windows\System32\Drivers\serenum.sys
2009-07-13 16:00 - 2009-07-13 16:00 - 000094208 ____A [C1D8E28B2C2ADFAEC4BA89E9FDA69BD6] (Microsoft Corporation) C:\Windows\System32\Drivers\serial.sys
2009-07-13 16:00 - 2009-07-13 16:00 - 000026624 ____A [1C545A7D0691CC4A027396535691C3E3] (Microsoft Corporation) C:\Windows\System32\Drivers\sermouse.sys
2009-07-13 16:01 - 2009-07-13 16:01 - 000014336 ____A [A554811BCD09279536440C964AE35BBF] (Microsoft Corporation) C:\Windows\System32\Drivers\sffdisk.sys
2009-07-13 16:01 - 2009-07-13 16:01 - 000013824 ____A [FF414F0BAEFEBA59BC6C04B3DB0B87BF] (Microsoft Corporation) C:\Windows\System32\Drivers\sffp_mmc.sys
2010-11-20 19:23 - 2010-11-20 19:23 - 000014336 ____A [DD85B78243A19B59F0637DCF284DA63C] (Microsoft Corporation) C:\Windows\System32\Drivers\sffp_sd.sys
2009-07-13 16:01 - 2009-07-13 16:01 - 000016896 ____A [A9D601643A1647211A1EE2EC4E433FF4] (Microsoft Corporation) C:\Windows\System32\Drivers\sfloppy.sys
2009-06-10 12:37 - 2009-07-13 17:45 - 000043584 ____A [843CAF1E5FDE1FFD5FF768F23A51E2E1] (Silicon Integrated Systems Corp.) C:\Windows\System32\Drivers\sisraid2.sys
2009-07-13 13:59 - 2009-07-13 17:45 - 000080464 ____A [6A6C106D42E9FFFF8B9FCB4F754F6DA4] (Silicon Integrated Systems) C:\Windows\System32\Drivers\sisraid4.sys
2009-07-13 16:09 - 2009-07-13 16:09 - 000093184 ____A [548260A7B8654E024DC30BF8A7C5BAA4] (Microsoft Corporation) C:\Windows\System32\Drivers\smb.sys
2009-07-13 16:00 - 2009-07-13 16:00 - 000020992 ____A [A80348BA03E96C70852959655CA3E084] (Microsoft Corporation) C:\Windows\System32\Drivers\smclib.sys
2009-07-13 12:27 - 2009-07-13 17:45 - 000019008 ____A [B9E31E5CACDFE584F34F730A677803F9] (Microsoft Corporation) C:\Windows\System32\Drivers\spldr.sys
2009-06-10 12:48 - 2009-06-10 12:48 - 000426496 ____A [FFF95479C7AB1550F0750A5D01744211] (Microsoft Corporation) C:\Windows\System32\Drivers\spsys.sys
2016-09-19 07:48 - 2016-08-12 08:26 - 000464896 ____A [EC666682FE8344CF7E6ED69E74FA9F4F] (Microsoft Corporation) C:\Windows\System32\Drivers\srv.sys
2016-09-19 07:48 - 2016-08-12 08:26 - 000405504 ____A [E450C0318DCE8ED28ED272C8806B8495] (Microsoft Corporation) C:\Windows\System32\Drivers\srv2.sys
2016-09-19 07:48 - 2016-08-12 08:26 - 000168960 ____A [9C12C78AD36C23D925711A4640228225] (Microsoft Corporation) C:\Windows\System32\Drivers\srvnet.sys
2015-05-27 16:42 - 2015-05-27 16:42 - 000075952 ____A [6A53BFF6E4F0D5581C201C7912EFA49B] (STMicroelectronics) C:\Windows\System32\Drivers\ST_Accel.sys
2015-04-16 20:45 - 2015-04-16 20:45 - 000069896 ____A [9E7956263A2A7A421E727B9B144BFF1B] (STMicroelectronics) C:\Windows\System32\Drivers\ST7007.sys
2016-04-12 12:06 - 2011-07-15 21:31 - 000022128 ____A [E4EA2412FB1B8AEE33667A9CC6D456A4] (ST Microelectronics) C:\Windows\System32\Drivers\stdcfltn.sys
2009-07-13 13:59 - 2009-07-13 17:45 - 000024656 ____A [F3817967ED533D08327DC73BC4D5542A] (Promise Technology) C:\Windows\System32\Drivers\stexstor.sys
2015-11-12 12:38 - 2015-11-12 12:38 - 000190912 ____A [A3F0BC5897F9D3786A3CB695B163633A] (Microsoft Corporation) C:\Windows\System32\Drivers\storport.sys
2015-11-12 14:58 - 2015-11-12 14:58 - 000045872 ____A [9465E05C3DB663D8F221E5DFC11AC410] (Microsoft Corporation) C:\Windows\System32\Drivers\storvsc.sys
2015-11-12 14:36 - 2015-11-12 14:36 - 000069888 ____A [36E0DDD19038C92B7C7709BFA03F813F] (Microsoft Corporation) C:\Windows\System32\Drivers\stream.sys
2009-07-13 16:00 - 2009-07-13 17:45 - 000012496 ____A [D01EC09B6711A5F8E7E6564A4D0FBC90] (Microsoft Corporation) C:\Windows\System32\Drivers\swenum.sys
2015-04-16 20:45 - 2015-04-16 20:45 - 000276720 ____A [A9E885D94D52022899CD28813C649461] (Sierra Wireless Incorporated) C:\Windows\System32\Drivers\swg3knmea05.sys
2015-04-16 20:45 - 2015-04-16 20:45 - 000276720 ____A [D0A9DB2684CD2F1FFE774E8AF941775A] (Sierra Wireless Incorporated) C:\Windows\System32\Drivers\swg3kser05.sys
2015-04-16 20:45 - 2015-04-16 20:45 - 000088848 ____A [E11BD15F17F80BDCAE6F6575CFD71470] (Sierra Wireless Inc.) C:\Windows\System32\Drivers\swibus05.sys
2015-04-16 20:45 - 2015-04-16 20:45 - 000088848 ____A [E11BD15F17F80BDCAE6F6575CFD71470] (Sierra Wireless Inc.) C:\Windows\System32\Drivers\swibusflt05.sys
2015-04-16 20:45 - 2015-04-16 20:45 - 000088848 ____A [E11BD15F17F80BDCAE6F6575CFD71470] (Sierra Wireless Inc.) C:\Windows\System32\Drivers\swimbbbus05.sys
2015-04-16 20:45 - 2015-04-16 20:45 - 000088848 ____A [E11BD15F17F80BDCAE6F6575CFD71470] (Sierra Wireless Inc.) C:\Windows\System32\Drivers\swimbbbusflt05.sys
2015-04-16 20:45 - 2015-04-16 20:45 - 000276720 ____A [A9E885D94D52022899CD28813C649461] (Sierra Wireless Incorporated) C:\Windows\System32\Drivers\swmbbnmea05.sys
2015-04-16 20:45 - 2015-04-16 20:45 - 000276720 ____A [D0A9DB2684CD2F1FFE774E8AF941775A] (Sierra Wireless Incorporated) C:\Windows\System32\Drivers\swmbbser05.sys
2015-11-12 14:58 - 2015-11-12 14:58 - 000056624 ____A [F81FA6348D98004D56A8B7511337ECC5] (Microsoft Corporation) C:\Windows\System32\Drivers\Synth3dVsc.sys
2009-07-13 16:01 - 2009-07-13 16:01 - 000029184 ____A [6E316C01CBA8B785FE495F5CC4F48C6F] (Microsoft Corporation) C:\Windows\System32\Drivers\tape.sys
2016-09-19 07:23 - 2016-07-07 07:36 - 001896168 ____A [B2875D7ABB82867DC3AA03D991940201] (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2016-09-19 07:23 - 2016-07-07 07:08 - 000046080 ____A [7FE5586314EE7D6AA8483264A089E5AF] (Microsoft Corporation) C:\Windows\System32\Drivers\tcpipreg.sys
2010-11-20 19:24 - 2010-11-20 19:24 - 000026624 ____A [6F020A220388ECA0AB6062DC27BD16B6] (Microsoft Corporation) C:\Windows\System32\Drivers\tdi.sys
2009-07-13 16:16 - 2009-07-13 16:16 - 000015872 ____A [3371D21011695B16333A3934340C4E7C] (Microsoft Corporation) C:\Windows\System32\Drivers\tdpipe.sys
2015-11-12 13:09 - 2015-11-12 13:09 - 000023552 ____A [51C5ECEB1CDEE2468A1748BE550CFBC8] (Microsoft Corporation) C:\Windows\System32\Drivers\tdtcp.sys
2015-11-12 15:49 - 2015-11-12 15:49 - 000118272 ____A [AA77EB517D2F07A947294F260E3ACA83] (Microsoft Corporation) C:\Windows\System32\Drivers\tdx.sys
2017-06-25 03:58 - 2017-06-25 03:58 - 000200792 ____A [8475C778719EEDE15602C1D3FBE4809E] (Intel Corporation) C:\Windows\System32\Drivers\TeeDriverx64.sys
2010-11-20 19:23 - 2010-11-20 19:23 - 000063360 ____A [561E7E1F06895D78DE991E01DD0FB6E5] (Microsoft Corporation) C:\Windows\System32\Drivers\termdd.sys
2015-11-12 12:23 - 2015-11-12 12:23 - 000029696 ____A [EF4469AB69EB15E5D3754E6AEAFBCD3D] (Microsoft Corporation) C:\Windows\System32\Drivers\terminpt.sys
2016-01-22 12:48 - 2016-01-22 12:48 - 000039936 ____A [19BEDA57F3E0A06B8D5EB6D619BD5624] (Microsoft Corporation) C:\Windows\System32\Drivers\tssecsrv.sys
2015-11-12 12:35 - 2015-11-12 12:35 - 000056832 ____A [E9981ECE8D894CEF7038FD1D040EB426] (Microsoft Corporation) C:\Windows\System32\Drivers\TsUsbFlt.sys
2015-11-12 12:35 - 2015-11-12 12:35 - 000029696 ____A [D34789988234DCC8FA55FA9A485AF0EC] (Microsoft Corporation) C:\Windows\System32\Drivers\TsUsbGD.sys
2011-04-11 23:44 - 2010-11-20 19:23 - 000117248 ____A [E1748D04AE40118B62BC18AC86032192] (Microsoft Corporation) C:\Windows\System32\Drivers\tsusbhub.sys
2010-11-20 19:24 - 2010-11-20 19:24 - 000125440 ____A [3566A8DAAFA27AF944F5D705EAA64894] (Microsoft Corporation) C:\Windows\System32\Drivers\tunnel.sys
2009-07-13 15:38 - 2009-07-13 17:45 - 000064080 ____A [B4DD609BD7E282BFC683CEC7EAAAAD67] (Microsoft Corporation) C:\Windows\System32\Drivers\UAGP35.SYS
2010-11-20 19:23 - 2010-11-20 19:23 - 000328192 ____A [FF4232A1A64012BAA1FD97C7B67DF593] (Microsoft Corporation) C:\Windows\System32\Drivers\udfs.sys
2009-07-13 15:38 - 2009-07-13 17:45 - 000064592 ____A [4BFE1BC28391222894CBF1E7D0E42320] (Microsoft Corporation) C:\Windows\System32\Drivers\ULIAGPKX.SYS
2010-11-20 19:23 - 2010-11-20 19:23 - 000048640 ____A [DC54A574663A895C8763AF0FA1FF7561] (Microsoft Corporation) C:\Windows\System32\Drivers\umbus.sys
2009-07-13 16:06 - 2009-07-13 16:06 - 000009728 ____A [B2E8E8CB557B156DA5493BBDDCC1474D] (Microsoft Corporation) C:\Windows\System32\Drivers\umpass.sys
2015-11-12 13:15 - 2015-11-12 13:15 - 000019968 ____A [92B3172E8C14C1444682F510843A9988] (Microsoft Corporation) C:\Windows\System32\Drivers\usb8023.sys
2015-11-05 16:23 - 2015-11-05 16:23 - 000054784 ____A [F957092C63CD71D85903CA0D8370F473] (Apple, Inc.) C:\Windows\System32\Drivers\usbaapl64.sys
2015-11-12 12:26 - 2015-11-12 12:26 - 000109824 ____A [B0435098C81D04CAFFF80DDB746CD3A2] (Microsoft Corporation) C:\Windows\System32\Drivers\USBAUDIO.sys
2010-11-20 19:24 - 2010-11-20 19:24 - 000032896 ____A [292A8E03B3FCE04E39B5BE9B14132030] (Microsoft Corporation) C:\Windows\System32\Drivers\USBCAMD2.sys
2016-10-17 22:14 - 2016-08-16 12:40 - 000099840 ____A [28B81917A195B67617AF7DCF4DFE5736] (Microsoft Corporation) C:\Windows\System32\Drivers\usbccgp.sys
2015-11-12 12:26 - 2015-11-12 12:26 - 000100864 ____A [80B0F7D5CCF86CEB5D402EAAF61FEC31] (Microsoft Corporation) C:\Windows\System32\Drivers\usbcir.sys
2016-10-17 22:14 - 2016-08-16 12:40 - 000007808 ____A [614A71B78C6807D95A30A89B5A69669A] (Microsoft Corporation) C:\Windows\System32\Drivers\usbd.sys
2016-10-17 22:14 - 2016-08-16 12:40 - 000056320 ____A [B626F048318DAE65A3317F0592BE592C] (Microsoft Corporation) C:\Windows\System32\Drivers\usbehci.sys
2016-10-17 22:14 - 2016-08-16 12:40 - 000343552 ____A [390109E8E05BA00375DCB1ED64DC60AF] (Microsoft Corporation) C:\Windows\System32\Drivers\usbhub.sys
2016-10-17 22:14 - 2016-08-16 12:40 - 000025600 ____A [B4DF0F4C1D9D25DFE1DAD1D8670F1D4F] (Microsoft Corporation) C:\Windows\System32\Drivers\usbohci.sys
2016-10-17 22:14 - 2016-08-16 12:40 - 000327168 ____A [43F6BED028FA27D3F3CE852EDBBE0F81] (Microsoft Corporation) C:\Windows\System32\Drivers\usbport.sys
2009-07-13 16:38 - 2009-07-13 16:38 - 000025088 ____A [73188F58FB384E75C4063D29413CEE3D] (Microsoft Corporation) C:\Windows\System32\Drivers\usbprint.sys
2010-11-20 19:24 - 2010-11-20 19:24 - 000031744 ____A [C3EC945DEC43C00E2AD4C98DDDD064C7] (Microsoft Corporation) C:\Windows\System32\Drivers\usbrpm.sys
2016-03-14 21:31 - 2016-03-14 21:31 - 000091648 ____A [D029DD09E22EB24318A8FC3D8138BA43] (Microsoft Corporation) C:\Windows\System32\Drivers\USBSTOR.SYS
2016-10-17 22:14 - 2016-08-16 12:40 - 000030720 ____A [CFEAAF96E666E3DCBD8F6DFF516784AE] (Microsoft Corporation) C:\Windows\System32\Drivers\usbuhci.sys
2015-11-12 12:26 - 2015-11-12 12:26 - 000185344 ____A [1F775DA4CF1A3A1834207E975A72E9D7] (Microsoft Corporation) C:\Windows\System32\Drivers\usbvideo.sys
2009-07-13 16:01 - 2009-07-13 17:45 - 000036432 ____A [C5C876CCFC083FF3B128F933823E87BD] (Microsoft Corporation) C:\Windows\System32\Drivers\vdrvroot.sys
2013-06-30 15:07 - 2013-06-30 15:07 - 000024064 ____A [E4DA1D85CCCB610DFF0C0E116900E17F] (Shrew Soft Inc) C:\Windows\System32\Drivers\vfilter.sys
2009-07-13 15:38 - 2009-07-13 15:38 - 000029184 ____A [53E92A310193CB3C03BEA963DE7D9CFC] (Microsoft Corporation) C:\Windows\System32\Drivers\vga.sys
2009-07-13 15:38 - 2009-07-13 15:38 - 000029184 ____A [DA4DA3F5E02943C2DC8C6ED875DE68DD] (Microsoft Corporation) C:\Windows\System32\Drivers\vgapnp.sys
2010-11-20 19:23 - 2010-11-20 19:23 - 000215936 ____A [2CE2DF28C83AEAF30084E1B1EB253CBB] (Microsoft Corporation) C:\Windows\System32\Drivers\vhdmp.sys
2009-07-13 15:19 - 2009-07-13 17:45 - 000017488 ____A [E5689D93FFE4E5D66C0178761240DD54] (VIA Technologies, Inc.) C:\Windows\System32\Drivers\viaide.sys
2009-07-13 15:38 - 2009-07-13 15:38 - 000129024 ____A [E7353D59C9842BC7299FAEB7E7E09340] (Microsoft Corporation) C:\Windows\System32\Drivers\videoprt.sys
2013-06-30 15:07 - 2013-06-30 15:07 - 000017408 ____A [A99CA064AD11266FE7067A79BF78BBB5] (Shrew Soft Inc) C:\Windows\System32\Drivers\virtualnet.sys
2015-11-12 14:58 - 2015-11-12 14:58 - 000089392 ____A [E138F5AB128FD70E17C1081CB5A85AD3] (Microsoft Corporation) C:\Windows\System32\Drivers\vmbkmcl.sys
2015-11-12 14:58 - 2015-11-12 14:58 - 000097072 ____A [7376977DC1551172A32F60101376FA3B] (Microsoft Corporation) C:\Windows\System32\Drivers\vmbus.sys
2015-11-12 14:58 - 2015-11-12 14:58 - 000021760 ____A [6A5A85FCDB84034A9BA02E87A6A19C95] (Microsoft Corporation) C:\Windows\System32\Drivers\VMBusHID.sys
2015-11-12 14:58 - 2015-11-12 14:58 - 000011264 ____A [75A9C1A74DD92EFC82931F255080C1B7] (Microsoft Corporation) C:\Windows\System32\Drivers\vmgencounter.sys
2015-11-12 14:58 - 2015-11-12 14:58 - 000007168 ____A [52D6EBA3D743612917879534CB4A5CAE] (Microsoft Corporation) C:\Windows\System32\Drivers\vms3cap.sys
2011-04-11 23:44 - 2010-11-20 19:23 - 000046464 ____A [7785DC213270D2FC066538DAF94087E7] (Microsoft Corporation) C:\Windows\System32\Drivers\vmstorfl.sys
2010-11-20 19:23 - 2010-11-20 19:23 - 000071552 ____A [D2AAFD421940F640B407AEFAAEBD91B0] (Microsoft Corporation) C:\Windows\System32\Drivers\volmgr.sys
2010-11-20 19:24 - 2010-11-20 19:24 - 000363392 ____A [A255814907C89BE58B79EF2F189B843B] (Microsoft Corporation) C:\Windows\System32\Drivers\volmgrx.sys
2010-11-20 19:23 - 2010-11-20 19:23 - 000295808 ____A [0D08D2F3B3FF84E433346669B5E0F639] (Microsoft Corporation) C:\Windows\System32\Drivers\volsnap.sys
2015-07-22 07:38 - 2018-01-19 03:04 - 000074120 ____A [1BD8D125A46369CE6C5BDC678074D18A] (Cisco Systems, Inc.) C:\Windows\System32\Drivers\vpnva64-6.sys
2009-06-10 12:37 - 2009-07-13 17:45 - 000161872 ____A [5E2016EA6EBACA03C04FEAC5F330D997] (VIA Technologies Inc.,Ltd) C:\Windows\System32\Drivers\vsmraid.sys
2009-07-13 16:07 - 2009-07-13 16:07 - 000024576 ____A [36D4720B72B5C5D9CB2B9C29E9DF67A1] (Microsoft Corporation) C:\Windows\System32\Drivers\vwifibus.sys
2009-07-13 16:07 - 2009-07-13 16:07 - 000059904 ____A [6A3D66263414FF0D6FA754C646612F3F] (Microsoft Corporation) C:\Windows\System32\Drivers\vwififlt.sys
2009-07-13 16:07 - 2009-07-13 16:07 - 000017920 ____A [6A638FC4BFDDC4D9B186C28C91BD1A01] (Microsoft Corporation) C:\Windows\System32\Drivers\vwifimp.sys
2009-07-13 16:02 - 2009-07-13 16:02 - 000027776 ____A [4E9440F4F152A7B944CB1663D3935A3E] (Microsoft Corporation) C:\Windows\System32\Drivers\wacompen.sys
2010-11-20 19:24 - 2010-11-20 19:24 - 000088576 ____A [356AFD78A6ED4457169241AC3965230C] (Microsoft Corporation) C:\Windows\System32\Drivers\wanarp.sys
2009-07-13 15:37 - 2009-07-13 15:37 - 000042496 ____A [FC438D1430B28618E2D0C7C332A710AD] (Microsoft Corporation) C:\Windows\System32\Drivers\watchdog.sys
2009-07-13 15:19 - 2009-07-13 17:45 - 000021056 ____A [72889E16FF12BA0F235467D6091B17DC] (Microsoft Corporation) C:\Windows\System32\Drivers\wd.sys
2018-02-26 18:33 - 2018-02-26 18:33 - 000031920 ____A [3D1BC9986A72E0116207AD85B3F66C42] (Western Digital Technologies) C:\Windows\System32\Drivers\wdcsam64_prewin8.sys
2015-11-12 12:26 - 2015-11-12 12:26 - 000785624 ____A [E2C933EDBC389386EBE6D2BA953F43D8] (Microsoft Corporation) C:\Windows\System32\Drivers\Wdf01000.sys
2018-07-10 07:19 - 2015-10-30 02:32 - 001804688 ____A [EBFD84585A06AE69147236136BA67B73] (Microsoft Corporation) C:\Windows\System32\Drivers\WdfCoInstaller01011.dll
2015-11-12 12:26 - 2015-11-12 12:26 - 000054376 ____A [AEA0A67275CFBA0E463E00C6E9A1DDAE] (Microsoft Corporation) C:\Windows\System32\Drivers\WdfLdr.sys
2009-07-13 16:09 - 2009-07-13 16:09 - 000012800 ____A [611B23304BF067451A9FDEE01FBDD725] (Microsoft Corporation) C:\Windows\System32\Drivers\wfplwf.sys
2009-07-13 15:29 - 2009-07-13 17:45 - 000022096 ____A [05ECAEC3E4529A7153B3136CEB49F0EC] (Microsoft Corporation) C:\Windows\System32\Drivers\wimmount.sys
2015-11-12 14:58 - 2015-11-12 14:58 - 000061232 ____A [FBFE9479452934031333C6B3A7B5E5C1] (Microsoft Corporation) C:\Windows\System32\Drivers\winhv.sys
2016-06-14 07:54 - 2016-05-11 22:07 - 000204032 ____A [BC67C1E4B36063968E54C3B2E4DB8978] (WinISO.com) C:\Windows\System32\Drivers\WinisoCDBus.sys
2010-11-20 19:23 - 2010-11-20 19:23 - 000041984 ____A [FE88B288356E7B47B74B13372ADD906D] (Microsoft Corporation) C:\Windows\System32\Drivers\winusb.sys
2009-07-13 15:31 - 2009-07-13 15:31 - 000014336 ____A [F6FF8944478594D0E414D3F048F0D778] (Microsoft Corporation) C:\Windows\System32\Drivers\wmiacpi.sys
2009-07-13 15:19 - 2009-07-13 17:45 - 000016464 ____A [FC146F46872D4C5B529B89A5131FD1E6] (Microsoft Corporation) C:\Windows\System32\Drivers\wmilib.sys
2009-07-13 16:10 - 2009-07-13 16:10 - 000021504 ____A [6BCC1D7D2FD2453957C5479A32364E52] (Microsoft Corporation) C:\Windows\System32\Drivers\ws2ifsl.sys
2015-11-12 12:58 - 2015-11-12 12:58 - 000087040 ____A [AB886378EEB55C6C75B4F2D14B6C869F] (Microsoft Corporation) C:\Windows\System32\Drivers\WUDFPf.sys
2015-11-12 12:58 - 2015-11-12 12:58 - 000198656 ____A [DDA4CAF29D8C0A297F886BFE561E6659] (Microsoft Corporation) C:\Windows\System32\Drivers\WUDFRd.sys
2011-04-11 23:38 - 2016-10-18 00:14 - 000000000 ____D [00000000000000000000000000000000] () C:\Windows\System32\Drivers\en-US
2011-04-11 23:38 - 2011-04-11 23:38 - 000011776 ____A [54DB21D20958E3D690BCC9F85E760354] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\1394ohci.sys.mui
2011-04-11 23:38 - 2011-04-11 23:38 - 000009216 ____A [32022C811A44B86FF45D20ACAB6D9BF6] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\acpi.sys.mui
2011-04-11 23:38 - 2011-04-11 23:38 - 000014848 ____A [E6A5E6AD9C6F4F30061068F321C0EC5A] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\afd.sys.mui
2011-04-11 23:38 - 2011-04-11 23:38 - 000002560 ____A [112E5E0E93886F5F4662F8AB16A41953] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\AGP440.sys.mui
2011-04-11 23:38 - 2011-04-11 23:38 - 000002048 ____A [431EEF89634DC46CCADD489A5E242D96] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\amdide.sys.mui
2011-04-11 23:38 - 2011-04-11 23:38 - 000014336 ____A [5A407CCC623EF4748FCFD65D8BF36E53] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\amdk8.sys.mui
2011-04-11 23:38 - 2011-04-11 23:38 - 000014336 ____A [02EF6091D3B2E3DD52148D69B084CC6A] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\amdppm.sys.mui
2011-04-11 23:38 - 2011-04-11 23:38 - 000003072 ____A [0AB55BC2F5C3B1F6DD41C4A8F2C598AE] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\ataport.sys.mui
2011-04-11 23:38 - 2011-04-11 23:38 - 000003072 ____A [2990593CBE18904D5EC0D8D012F56BE0] (ATI Technologies Inc.) C:\Windows\System32\Drivers\en-US\atikmdag.sys.mui
2011-04-11 23:38 - 2011-04-11 23:38 - 000007168 ____A [39C77D306B5BC4EE5B84F257BD8C11D4] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\battc.sys.mui
2011-04-11 23:38 - 2011-04-11 23:38 - 000025600 ____A [D33E31F95C553085F8F008269716AE3C] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\bfe.dll.mui
2011-04-11 23:38 - 2011-04-11 23:38 - 000002560 ____A [19772EAF65F4DC67D258A0204BDF53BB] (Brother Industries Ltd.) C:\Windows\System32\Drivers\en-US\BrParwdm.sys.mui
2011-04-11 23:38 - 2011-04-11 23:38 - 000010240 ____A [E2D40298D837850BE3D3ED553D557916] (Brother Industries Ltd.) C:\Windows\System32\Drivers\en-US\BrSerIb.sys.mui
2011-04-11 23:38 - 2011-04-11 23:38 - 000010240 ____A [FFFAE2F485EE4846D3926D8143DC52D0] (Brother Industries Ltd.) C:\Windows\System32\Drivers\en-US\BrSerId.sys.mui
2011-04-11 23:38 - 2011-04-11 23:38 - 000002048 ____A [996AD950DC5511CAC3E23887F36D00CE] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\bthenum.sys.mui
2011-04-11 23:38 - 2011-04-11 23:38 - 000004608 ____A [9F6C0ED8C73E45B8B39E93C4F19EC51D] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\bthpan.sys.mui
2011-04-11 23:38 - 2011-04-11 23:38 - 000007680 ____A [E811F270074C90EFFB62E26419C5A478] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\bthport.sys.mui
2011-04-11 23:38 - 2011-04-11 23:38 - 000002560 ____A [427AFD042BF91F651AAAF2F8333946D3] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\BTHUSB.SYS.mui
2011-04-11 23:38 - 2011-04-11 23:38 - 000002048 ____A [E4AD0963F2B4C256C9B752809FF5A17D] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\cdrom.sys.mui
2011-04-11 23:38 - 2011-04-11 23:38 - 000002048 ____A [E113E3358247C4399ACAA9394A13CAC1] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\disk.sys.mui
2011-04-11 23:38 - 2011-04-11 23:38 - 000002560 ____A [4DF602FA4237A02CFBA5443807ACE756] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\Dot4usb.sys.mui
2011-04-11 23:38 - 2011-04-11 23:38 - 000005120 ____A [9F29D656CAA5CB37DC988FC1B0899728] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\fltmgr.sys.mui
2011-04-11 23:38 - 2011-04-11 23:38 - 000014336 ____A [F376F1DB8D6B5C7D4AACA77016547269] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\fvevol.sys.mui
2011-04-11 23:38 - 2011-04-11 23:38 - 000002560 ____A [F800E677010DCCC1D1F3DD80C1208ADD] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\GAGP30KX.SYS.mui
2011-04-11 23:38 - 2011-04-11 23:38 - 000004096 ____A [CF9ED88D2707FB6175D56A8EEF56AE2A] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\hdaudbus.sys.mui
2011-04-11 23:38 - 2011-04-11 23:38 - 000003072 ____A [C9AFAE18805C92774E55D85C34687D98] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\HdAudio.sys.mui
2011-04-11 23:38 - 2011-04-11 23:38 - 000003072 ____A [6289F615503FABB5721E885F76C21094] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\hidbth.sys.mui
2011-04-11 23:38 - 2011-04-11 23:38 - 000032256 ____A [E7385B794486432C74CA8CBEAE1E957C] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\http.sys.mui
2011-04-11 23:38 - 2011-04-11 23:38 - 000010240 ____A [7932917F9F40083310D3C597CA89138A] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\i8042prt.sys.mui
2011-04-11 23:38 - 2011-04-11 23:38 - 000014336 ____A [A9DAE67F67C8736EAB89BE629A100134] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\intelppm.sys.mui
2011-04-11 23:38 - 2011-04-11 23:38 - 000006144 ____A [32E82AD8C30775AF16F8FCB6B233768E] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\IPMIDrv.sys.mui
2011-04-11 23:38 - 2011-04-11 23:38 - 000003584 ____A [13121C32919056A572109E59591E3DD1] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\ipnat.sys.mui
2011-04-11 23:38 - 2011-04-11 23:38 - 000003584 ____A [095EE8818E7CFEEFCA144737D5EE7EC5] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\isapnp.sys.mui
2011-04-11 23:38 - 2011-04-11 23:38 - 000004608 ____A [07E46CC39BDC4296D798560E248C4C8F] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\kbdclass.sys.mui
2011-04-11 23:38 - 2011-04-11 23:38 - 000002560 ____A [7776875C8810B7995B7F8935A73C5675] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\kbdhid.sys.mui
2011-04-11 23:38 - 2011-04-11 23:38 - 000006144 ____A [09654F384E8F48403AFEED23EC29D98A] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\luafv.sys.mui
2011-04-11 23:38 - 2011-04-11 23:38 - 000003584 ____A [B9D5D5C08D86E45933607821949F64A3] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\modem.sys.mui
2011-04-11 23:38 - 2011-04-11 23:38 - 000004096 ____A [586AF4C75447643EA998E7AFE717F6B3] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\mouclass.sys.mui
2011-04-11 23:38 - 2011-04-11 23:38 - 000002560 ____A [A15D1C07F7CF3AF5F8595187D7B2D7BA] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\mouhid.sys.mui
2015-11-12 15:06 - 2015-11-12 15:06 - 000002560 ____A [DCB0BF8BEDF446B36EE1A77C0D86F31F] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\mountmgr.sys.mui
2011-04-11 23:38 - 2011-04-11 23:38 - 000026624 ____A [5824985855E951FD7081EDA73014159F] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\mpio.sys.mui
2011-04-11 23:38 - 2011-04-11 23:38 - 000005632 ____A [21DDE99325EE591D56E838F65372FCDC] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\msdsm.sys.mui
2011-04-11 23:38 - 2011-04-11 23:38 - 000003072 ____A [21AD775A1C84C086E630D3C8BEE807FF] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\mssmbios.sys.mui
2011-04-11 23:38 - 2011-04-11 23:38 - 000002560 ____A [CD483881C9EEAA0A092BADB0E9E31D44] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\MTConfig.sys.mui
2015-11-12 14:00 - 2015-11-12 14:00 - 000012800 ____A [8129E93C338F8E40619784FF4D003063] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\mup.sys.mui
2011-04-11 23:38 - 2011-04-11 23:38 - 000035328 ____A [C3DB52AAA8F7FBE7BB48BBE1552FD9D4] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\ndis.sys.mui
2011-04-11 23:38 - 2011-04-11 23:38 - 000005632 ____A [0E5C3B2A88938BFA39A3660525EED627] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\ndiscap.sys.mui
2011-04-11 23:38 - 2011-04-11 23:38 - 000003072 ____A [82364E6C73DE7B0D9A14ED696663691D] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\ndisuio.sys.mui
2011-04-11 23:38 - 2011-04-11 23:38 - 000059904 ____A [826CC149F7AE403090D8EE13421907D3] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\ntfs.sys.mui
2011-04-11 23:38 - 2011-04-11 23:38 - 000002560 ____A [402C5F373E3348172A21E2C4E47FE9A5] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\NV_AGP.SYS.mui
2011-04-11 23:38 - 2011-04-11 23:38 - 000013824 ____A [4A911620A8D4A92B4829088313262C65] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\nwifi.sys.mui
2011-04-11 23:38 - 2011-04-11 23:38 - 000011776 ____A [FCF1928FC42F3FF495AABBF531925912] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\ohci1394.sys.mui
2011-04-11 23:38 - 2011-04-11 23:38 - 000015360 ____A [FE8EE46359CCA5797116E999AC9027E8] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\pacer.sys.mui
2011-04-11 23:38 - 2011-04-11 23:38 - 000003584 ____A [1897DD879E564636B62C7438BEDD7ED8] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\parport.sys.mui
2011-04-11 23:38 - 2011-04-11 23:38 - 000002560 ____A [5B7B4A639557BCCBF6CFB19D01CED6F6] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\partmgr.sys.mui
2011-04-11 23:38 - 2011-04-11 23:38 - 000008192 ____A [852A0E7E335D7403456C5493C3602DFA] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\pci.sys.mui
2011-04-11 23:38 - 2011-04-11 23:38 - 000004096 ____A [C4179FB59F7C58207724DD200A50A623] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\pcmcia.sys.mui
2011-04-11 23:38 - 2011-04-11 23:38 - 000002560 ____A [A32BF5D2ABCE0A52AC08759883100FA1] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\pnpmem.sys.mui
2011-04-11 23:38 - 2011-04-11 23:38 - 000003584 ____A [FD3DC59E253F1588CFDC984A08D5AB06] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\portcls.sys.mui
2011-04-11 23:38 - 2011-04-11 23:38 - 000014336 ____A [12EE9100FC4EE882DC9D807518EA456F] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\processr.sys.mui
2011-04-11 23:38 - 2011-04-11 23:38 - 000003584 ____A [9AE150B07FBB235F7DD98B016B728245] (SCM Microsystems, Inc.) C:\Windows\System32\Drivers\en-US\pscr.sys.mui
2011-04-11 23:38 - 2011-04-11 23:38 - 000002560 ____A [EBF10A20E41E54D35E24BB1477B3790A] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\qwavedrv.sys.mui
2011-04-11 23:38 - 2011-04-11 23:38 - 000004608 ____A [836EC1DA853C3CC5AFA72FF1C56FECC1] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\rdbss.sys.mui
2011-04-11 23:38 - 2011-04-11 23:38 - 000002560 ____A [6289416B950764322B45E9C55A5645B4] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\rdpwd.sys.mui
2011-04-11 23:38 - 2011-04-11 23:38 - 000006144 ____A [D5ACC340A830BE7A51DE61F5A84B3AA3] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\rdvgkmd.sys.mui
2011-04-11 23:38 - 2011-04-11 23:38 - 000003072 ____A [0A86155D9CF13C36C1C11097895B7D23] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\RNDISMP.sys.mui
2011-04-11 23:38 - 2011-04-11 23:38 - 000003072 ____A [69A5BEFB6D15DB21FEA9ACC7E514B29E] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\rndismp6.sys.mui
2011-04-11 23:38 - 2011-04-11 23:38 - 000003072 ____A [0A86155D9CF13C36C1C11097895B7D23] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\rndismpx.sys.mui
2011-04-11 23:38 - 2011-04-11 23:38 - 000002560 ____A [68A170329824FD91839D15DA6CB616C8] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\scfilter.sys.mui
2011-04-11 23:38 - 2011-04-11 23:38 - 000003072 ____A [67BDCDBBB8FB81865DCDB07142471C81] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\scsiport.sys.mui
2011-04-11 23:38 - 2011-04-11 23:38 - 000010240 ____A [28FDCD5276E588B1C82E8390C331A672] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\serial.sys.mui
2011-04-11 23:38 - 2011-04-11 23:38 - 000005120 ____A [EC3DB882F53F67457701F2674E16A255] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\sermouse.sys.mui
2011-04-11 23:38 - 2011-04-11 23:38 - 000002560 ____A [531E4F70FCD5D5A278EAB6E2D1849847] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\serscan.sys.mui
2011-04-11 23:38 - 2011-04-11 23:38 - 000002560 ____A [8B900D6E6253E72975747D40F0B4CE4D] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\srv.sys.mui
2011-04-11 23:38 - 2011-04-11 23:38 - 000044032 ____A [147A70680DFE10726938C932C529C500] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\tcpip.sys.mui
2016-05-13 12:06 - 2016-02-05 10:53 - 000008192 ____A [132547D30ECBC0DEE0E52A4B1F19D085] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\tpm.sys.mui
2015-11-12 12:35 - 2015-11-12 12:35 - 000003072 ____A [D02386F421B7BA79B3DD70002BA84AB1] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\tsusbflt.sys.mui
2011-04-11 23:38 - 2011-04-11 23:38 - 000004096 ____A [E3E1BC6EF907645E1AFD3E4E287C37BB] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\tsusbhub.sys.mui
2011-04-11 23:38 - 2011-04-11 23:38 - 000007680 ____A [00D0ADEB9470F4E73C675F4271579AEE] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\tunnel.sys.mui
2011-04-11 23:38 - 2011-04-11 23:38 - 000002560 ____A [258EE691A306B61FD78F6EA2AE68EC4D] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\UAGP35.SYS.mui
2011-04-11 23:38 - 2011-04-11 23:38 - 000002560 ____A [0603331E5CCDC80476C869C22AB49CEC] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\ULIAGPKX.SYS.mui
2011-04-11 23:38 - 2011-04-11 23:38 - 000003072 ____A [B1EF6396D59394A839242635B193C19D] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\umbus.sys.mui
2016-10-17 22:14 - 2016-08-16 13:03 - 000003072 ____A [1C6483E6D529CBE8F0B5139F8E25F531] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\usbehci.sys.mui
2016-10-17 22:14 - 2016-08-16 13:03 - 000011776 ____A [0014F46198699E0755D24D78F27CA4E7] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\usbhub.sys.mui
2016-10-17 22:14 - 2016-08-16 13:03 - 000024576 ____A [28128F7C040AA9C0DB2A2494D460DFA1] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\usbport.sys.mui
2011-04-11 23:38 - 2011-04-11 23:38 - 000002048 ____A [A477495EDAB1FC652C3E7F48D9879E61] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\usbrpm.sys.mui
2011-04-11 23:38 - 2011-04-11 23:38 - 000003584 ____A [B6CBD22F79E099E7B9C7AD30B0EB3E33] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\vdrvroot.sys.mui
2011-04-11 23:38 - 2011-04-11 23:38 - 000003584 ____A [9EA0366724437C0448BC242C90D073BF] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\vhdmp.sys.mui
2011-04-11 23:38 - 2011-04-11 23:38 - 000002560 ____A [8B43588430EBA0E1C4C6B2909B3FA616] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\volmgrx.sys.mui
2011-04-11 23:38 - 2011-04-11 23:38 - 000023552 ____A [308E04CFA8407B0C7099C9D40BC19023] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\volsnap.sys.mui
2011-04-11 23:38 - 2011-04-11 23:38 - 000002048 ____A [AC0CDAA74A6DF9FA99D39BA5E3E32852] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\vwifibus.sys.mui
2011-04-11 23:38 - 2011-04-11 23:38 - 000004096 ____A [4820660F8636CA590F6DDE44037C240A] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\wacompen.sys.mui
2011-04-11 23:38 - 2011-04-11 23:38 - 000002048 ____A [29F6CD4D49286520658A9F8257DB95ED] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\wd.sys.mui
2015-11-12 13:23 - 2015-11-12 13:23 - 000002560 ____A [986A09DC5E1645ED4733065547DCC5DD] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\wdf01000.sys.mui
2011-04-11 23:38 - 2011-04-11 23:38 - 000002048 ____A [FA13EB401D8A26D185C6D0B2AA1427E5] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\ws2ifsl.sys.mui
2009-07-13 19:20 - 2018-07-19 17:35 - 000000000 ____D [00000000000000000000000000000000] () C:\Windows\System32\Drivers\etc
2009-07-13 18:34 - 2018-04-06 15:00 - 000001052 ____A [D606DB76F93CE45760860B392996AA21] () C:\Windows\System32\Drivers\etc\hosts
2018-03-22 13:57 - 2017-01-17 09:35 - 000000964 ____A [D167E2F90CE7141DDD3706FB891E1601] () C:\Windows\System32\Drivers\etc\hosts.bak
2009-07-13 18:35 - 2009-06-10 13:00 - 000003683 ____A [18413B90E1B291EC3E777A845C37CFEE] () C:\Windows\System32\Drivers\etc\lmhosts.sam
2009-07-13 18:34 - 2009-06-10 13:00 - 000000407 ____A [B65A1232FB4B35827CE7C5E2F8EC8947] () C:\Windows\System32\Drivers\etc\networks
2009-07-13 18:34 - 2009-06-10 13:00 - 000001358 ____A [7700D22FA108234E623D65FA72D9E29C] () C:\Windows\System32\Drivers\etc\protocol
2009-07-13 12:40 - 2009-06-10 13:00 - 000001540 ____A [585600E0107AB42866AD68F9ED998F58] () C:\Windows\System32\Drivers\etc\quotes
2009-07-13 18:34 - 2016-06-02 11:31 - 000021259 ____A [DAC5AB0C7EBAFCC3FE186B9E961AFAD1] () C:\Windows\System32\Drivers\etc\services
2009-07-13 19:20 - 2018-07-10 07:26 - 000000000 ____D [00000000000000000000000000000000] () C:\Windows\System32\Drivers\UMDF
2018-07-10 07:19 - 2015-10-30 02:32 - 000830624 ____A [DE3CD12716EE1AD11E068540E8624F3E] (Intel Corporation) C:\Windows\System32\Drivers\UMDF\esif_umdf.dll
2015-04-16 20:45 - 2015-04-16 20:45 - 000932080 ____A [1A1D57B4328461F9130FA2150087BFD8] (Sierra Wireless Inc.) C:\Windows\System32\Drivers\UMDF\LocationHelper.dll
2015-04-16 20:45 - 2015-04-16 20:45 - 000095472 ____A [DC2D50C0CD70004201065F67AF12CBD3] (Sierra Wireless Incorporated) C:\Windows\System32\Drivers\UMDF\swg3kloc05.dll
2015-04-16 20:45 - 2015-04-16 20:45 - 000095472 ____A [DC2D50C0CD70004201065F67AF12CBD3] (Sierra Wireless Incorporated) C:\Windows\System32\Drivers\UMDF\swmbbloc05.dll
2010-11-20 19:24 - 2010-11-20 19:24 - 000109056 ____A [8F1E572C5DF084ECD65C3CBCD720534C] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\usbdr.dll
2009-07-13 16:21 - 2009-07-13 17:41 - 000299520 ____A [91D6F0AB79AA36FFB932157865206F35] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\WpdFs.dll
2015-11-12 14:23 - 2015-11-12 14:23 - 001195008 ____A [E506DF49926F3086124F629D3352976E] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\WpdMtpDr.dll
2011-04-11 23:38 - 2011-04-11 23:38 - 000000000 ____D [00000000000000000000000000000000] () C:\Windows\System32\Drivers\UMDF\en-US
2011-04-11 23:38 - 2011-04-11 23:38 - 000002560 ____A [5D15B0705E707F02D71B9547007D2727] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\en-US\WpdMtpDr.dll.mui
2011-04-11 23:38 - 2011-04-11 23:38 - 000006144 ____A [930D103D5C3BE0F6074C67C0F3296602] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\en-US\WUDFUsbccidDriver.dll.mui

====== End of Folder: ======


========= BCDEDIT /ENUM ALL =========


Windows Boot Manager
--------------------
identifier              {bootmgr}
device                  partition=Y:
path                    \bootmgr
description             Windows Boot Manager
locale                  en-US
inherit                 {globalsettings}
default                 {default}
resumeobject            {db6dbdd4-00e6-11e6-82da-f8cab82e8349}
displayorder            {default}
toolsdisplayorder       {memdiag}
timeout                 30

Windows Boot Loader
-------------------
identifier              {default}
device                  partition=C:
path                    \WINDOWS\system32\winload.exe
description             Windows 7
locale                  en-US
inherit                 {bootloadersettings}
recoverysequence        {current}
recoveryenabled         Yes
osdevice                partition=C:
systemroot              \WINDOWS
resumeobject            {db6dbdd4-00e6-11e6-82da-f8cab82e8349}
nx                      OptIn
bootstatuspolicy        DisplayAllFailures

Windows Boot Loader
-------------------
identifier              {current}
device                  ramdisk=[C:]\Recovery\db6dbdd6-00e6-11e6-82da-f8cab82e8349\Winre.wim,{db6dbdd7-00e6-11e6-82da-f8cab82e8349}
path                    \windows\system32\winload.exe
description             Windows Recovery Environment
inherit                 {bootloadersettings}
osdevice                ramdisk=[C:]\Recovery\db6dbdd6-00e6-11e6-82da-f8cab82e8349\Winre.wim,{db6dbdd7-00e6-11e6-82da-f8cab82e8349}
systemroot              \windows
nx                      OptIn
winpe                   Yes

Resume from Hibernate
---------------------
identifier              {db6dbdd4-00e6-11e6-82da-f8cab82e8349}
device                  partition=C:
path                    \WINDOWS\system32\winresume.exe
description             Windows Resume Application
locale                  en-US
inherit                 {resumeloadersettings}
filedevice              partition=C:
filepath                \hiberfil.sys
debugoptionenabled      No

Windows Memory Tester
---------------------
identifier              {memdiag}
device                  partition=Y:
path                    \boot\memtest.exe
description             Windows Memory Diagnostic
locale                  en-US
inherit                 {globalsettings}
badmemoryaccess         Yes

EMS Settings
------------
identifier              {emssettings}
bootems                 Yes

Debugger Settings
-----------------
identifier              {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200

RAM Defects
-----------
identifier              {badmemory}

Global Settings
---------------
identifier              {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}

Boot Loader Settings
--------------------
identifier              {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}

Hypervisor Settings
-------------------
identifier              {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200

Resume Loader Settings
----------------------
identifier              {resumeloadersettings}
inherit                 {globalsettings}

Device options
--------------
identifier              {db6dbdd7-00e6-11e6-82da-f8cab82e8349}
description             Ramdisk Options
ramdisksdidevice        partition=C:
ramdisksdipath          \Recovery\db6dbdd6-00e6-11e6-82da-f8cab82e8349\boot.sdi

========= End of CMD: =========


==== End of Fixlog 13:13:53 ==== 

Here is the updated FRST.txt

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15.07.2018
Ran by SYSTEM on MININT-98K3G8Q (21-07-2018 13:14:13)
Running from e:\
Platform: Windows 7 Enterprise Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11
Boot Mode: Recovery
Default: ControlSet001
[b]ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.[/b]

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [729432 2015-05-27] (Alps Electric Co., Ltd.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8464600 2015-10-23] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_MAXX6] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1392856 2015-10-23] (Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => c:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [610048 2015-01-20] (Waves Audio Ltd.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [EmsService] => C:\Windows\system32\EmsServiceHelper.exe [3229536 2014-04-14] (Dell Inc.)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3113592 2015-08-25] (Logitech, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [IntelPROSet] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [4879776 2016-06-23] (Intel(R) Corporation)
HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [527792 2017-08-09] (Greenshot)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [316392 2018-05-11] (Adobe Systems, Incorporated)
HKLM\...\Run: [Sentinel Agent] => C:\Program Files\SentinelOne\Sentinel Agent 2.5.6.117\AgentUI.exe [1061848 2018-05-14] (SentinelOne, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [298296 2018-05-22] (Apple Inc.)
HKLM-x32\...\Run: [DcaTray] => C:\Program Files (x86)\DirectAccess Connectivity Assistant\DcaTray.exe [524288 2014-01-30] (Microsoft Corporation)
HKLM-x32\...\Run: [DesktopAuthority User Experience] => C:\Program Files (x86)\Dell\Desktop Authority\Client Files\9.20.1239\CBM\ScriptLogic.CBM.UserExperience.exe [791792 2014-05-08] (Dell Inc.)
HKLM-x32\...\Run: [PulseSecure] => C:\Program Files (x86)\Common Files\Juniper Networks\JamUI\Pulse.exe [2826584 2015-07-28] (Pulse Secure, LLC)
HKLM-x32\...\Run: [DialOutEZSysTray] => C:\Program Files (x86)\Tactical Software\DialOutEZ\DialOutEZTray.exe [498880 2016-05-25] (Tactical Software, LLC)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [526648 2016-09-05] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [231736 2016-09-05] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-12-19] (Oracle Corporation)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1871344 2018-06-29] (Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [1226240 2018-01-19] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [NVC] => C:\Program Files (x86)\Nortel\Nortel VPN Client\Nvc.exe [1717576 2011-01-12] (Avaya)
HKLM\...\Winlogon: [LegalNoticeCaption] Alaska Communications Systems, Inc.                  Legal Notice
HKLM\...\Winlogon: [LegalNoticeText] Access to this computer and any data stored and maintained therein is secured and restricted to authorized employees in the conduct of the business of any of the Alaska Communications Systems companies. Further use of this terminal is interpreted as acknowledgment that any unauthorized access may result in company action up to and including termination and/or criminal prosecution.
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\clyday\...\Policies\system: [HideLogoffScripts] 0
HKU\clyday\...\Policies\system: [HideLogonScripts] 0
HKU\mtye\...\Policies\system: [HideLogoffScripts] 0
HKU\mtye\...\Policies\system: [HideLogonScripts] 0
HKU\mtye\...\Policies\Explorer: [NoSMConfigurePrograms] 1
HKU\mtye\...\Policies\Explorer: [NoStartMenuMyMusic] 1
HKU\mtye\...\Policies\Explorer: [NoStartMenuMyGames] 1
HKU\mtye\...\Policies\Explorer: [NoSMMyPictures] 1
HKU\spagsoli\...\Policies\Explorer: [NoSMConfigurePrograms] 1
HKU\spagsoli\...\Policies\Explorer: [NoStartMenuMyMusic] 1
HKU\spagsoli\...\Policies\Explorer: [NoStartMenuMyGames] 1
HKU\spagsoli\...\Policies\Explorer: [NoSMMyPictures] 1
HKU\wbailey\...\Policies\system: [HideLogoffScripts] 0
HKU\wbailey\...\Policies\system: [HideLogonScripts] 0
HKU\wbailey\...\Policies\Explorer: [NoSMConfigurePrograms] 1
HKU\wbailey\...\Policies\Explorer: [NoStartMenuMyMusic] 1
HKU\wbailey\...\Policies\Explorer: [NoStartMenuMyGames] 1
HKU\wbailey\...\Policies\Explorer: [NoSMMyPictures] 1
HKU\wmerry\...\Run: [Lync] => C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe [23153352 2017-07-05] (Microsoft Corporation)
HKU\wmerry\...\Run: [Google Update] => C:\Users\wmerry\AppData\Local\Google\Update\1.3.33.17\GoogleUpdateCore.exe [601680 2018-05-17] (Google Inc.)
HKU\wmerry\...\Run: [Google Photos Backup] => C:\Users\wmerry\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe [3791704 2018-06-01] (Google, Inc)
HKU\wmerry\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\Bluestacks\HD-Agent.exe
HKU\wmerry\...\Run: [OffCAT] => C:\Users\wmerry\AppData\Local\Microsoft\OffCAT\OffCAT_RTS.exe [365440 2016-08-01] (Microsoft Corp.)
HKU\wmerry\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [886768 2018-06-29] (Adobe Systems Incorporated)
HKU\wmerry\...\Run: [GNE_DualMonitorTools] => C:\Program Files (x86)\Dual Monitor Tools\DMT.exe [790528 2017-07-22] (GNE)
HKU\wmerry\...\Policies\system: [HideLogoffScripts] 0
HKU\wmerry\...\Policies\system: [HideLogonScripts] 0
HKU\wpotter\...\Policies\system: [HideLogoffScripts] 0
HKU\wpotter\...\Policies\system: [HideLogonScripts] 0
HKU\zvolz9c\...\Policies\system: [HideLogoffScripts] 0
HKU\zvolz9c\...\Policies\system: [HideLogonScripts] 0
HKU\zvolz9c\...\Policies\Explorer: [NoSMConfigurePrograms] 1
HKU\zvolz9c\...\Policies\Explorer: [NoStartMenuMyMusic] 1
HKU\zvolz9c\...\Policies\Explorer: [NoStartMenuMyGames] 1
HKU\zvolz9c\...\Policies\Explorer: [NoSMMyPictures] 1
Startup: C:\Users\wmerry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneDrive for Business.lnk [2016-08-15]
ShortcutTarget: OneDrive for Business.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVE.EXE (Microsoft Corporation)
Startup: C:\Users\wmerry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2018-06-05]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)
GroupPolicy: Restriction - Chrome <==== ATTENTION
GroupPolicyScripts: Restriction <==== ATTENTION
GroupPolicyScripts\User: Restriction <==== ATTENTION

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2321384 2018-05-11] (Adobe Systems, Incorporated)
S2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2128872 2018-05-11] (Adobe Systems, Incorporated)
S2 ApHidMonitorService; C:\Program Files\DellTPad\HidMonitorSvc.exe [87384 2015-05-27] (Alps Electric Co., Ltd.)
S2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-04-27] (Apple Inc.)
S2 CcmExec; C:\Windows\CCM\CcmExec.exe [2169216 2018-02-24] (Microsoft Corporation)
S2 CipMsgProxyService; C:\Program Files (x86)\VMware\Plug-in Service\vmware-cip-msg-proxy.exe [1898472 2018-01-22] ()
S2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3705536 2017-07-03] (Microsoft Corporation)
S2 CmRcService; C:\Windows\CCM\RemCtrl\CmRcService.exe [699808 2017-07-13] (Microsoft Corporation)
S2 DACBMSvc; C:\Program Files (x86)\Dell\Desktop Authority\Client Files\9.20.1239\CBM\ScriptLogic.CBM.Agent.exe [777968 2014-05-08] (Dell Inc.)
S2 DAClientSvc; C:\Program Files (x86)\Dell\Desktop Authority\Client Files\9.20.1239\DAClientSvc.exe [2608368 2014-05-08] (Dell Inc.)
S2 DcaSvc; C:\Program Files (x86)\DirectAccess Connectivity Assistant\DcaSvc.exe [128000 2014-01-30] (Microsoft Corporation)
S2 EMS; C:\Windows\system32\EMSService.exe [1945440 2014-04-14] (Dell Inc.)
S2 iBtSiva; C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [172784 2016-07-23] (Intel Corporation)
S2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [373760 2016-10-25] (Intel Corporation)
S2 iked; C:\Program Files\ShrewSoft\VPN Client\iked.exe [1127736 2013-07-01] ()
S2 ipsecd; C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe [810808 2013-07-01] ()
S2 JuniperAccessService; C:\Program Files (x86)\Common Files\Juniper Networks\JUNS\dsAccessService.exe [162136 2015-07-28] (Pulse Secure, LLC)
S2 LogProcessorService; C:\Program Files\SentinelOne\Sentinel Agent 2.5.6.117\SentinelServiceHost.exe [5448056 2018-05-14] (SentinelOne, Inc.)
S3 lpasvc; C:\Program Files\Microsoft Policy Platform\policyHost.exe [50360 2016-09-18] (Microsoft Corporation)
S3 lppsvc; C:\Program Files\Microsoft Policy Platform\policyHost.exe [50360 2016-09-18] (Microsoft Corporation)
S2 Multiplicity; C:\Program Files (x86)\Stardock\Multiplicity2\MultiSrv.exe [124080 2012-11-26] (Stardock Software, Inc)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268704 2016-06-23] ()
S2 NvcSvcMgr; C:\Program Files (x86)\Nortel\Nortel VPN Client\NvcSvcMgr.exe [623960 2011-01-12] (Avaya)
S2 O2FLASH; C:\Windows\system32\DRIVERS\o2flash.exe [65536 2015-05-04] (BayHubTech/O2Micro International)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-02-28] (Riverbed Technology, Inc.)
S2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [291032 2015-10-23] (Realtek Semiconductor)
S2 SentinelAgent; C:\Program Files\SentinelOne\Sentinel Agent 2.5.6.117\SentinelAgent.exe [12479200 2018-05-14] (SentinelOne, Inc.)
S3 SentinelHelperService; C:\Program Files\SentinelOne\Sentinel Agent 2.5.6.117\SentinelHelperService.exe [546920 2018-05-14] (SentinelOne, Inc.)
S2 SentinelStaticEngine; C:\Program Files\SentinelOne\Sentinel Agent 2.5.6.117\SentinelStaticEngine.exe [6446976 2018-05-14] (SentinelOne, Inc.)
S2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe [2065808 2016-01-04] (SoftThinks SAS)
S3 smstsmgr; C:\Windows\CCM\TSManager.exe [322432 2018-02-24] (Microsoft Corporation)
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2015-11-12] (Microsoft Corporation)
S2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.1.6.0\WsAppService.exe [388608 2016-01-28] (Wondershare)
S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3732896 2016-06-23] (Intel® Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36096 2015-10-23] (Advanced Micro Devices, Inc.)
S3 bcmnfcusb; C:\Windows\system32\drivers\bcmnfcusb7.sys [44288 2015-04-16] (Broadcom Corporation.)
S3 BthPan; C:\Windows\System32\DRIVERS\btath_pan.sys [97512 2016-04-22] (Qualcomm Atheros)
S3 btmaudio; C:\Windows\System32\drivers\btmaud.sys [87528 2015-10-13] (Motorola Solutions, Inc.)
S3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [141800 2015-10-13] (Motorola Solutions, Inc.)
S3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [1545704 2016-04-27] (Motorola Solutions, Inc.)
S0 CmgPCS; C:\Windows\System32\DRIVERS\CmgPCS.sys [158464 2014-03-21] (Dell Inc.)
S0 CmgShieldFFE; C:\Windows\System32\DRIVERS\CmgFFE.sys [406784 2014-04-09] (Dell Inc.)
S2 deserial; C:\Windows\System32\DRIVERS\deserial.sys [1671872 2016-05-25] (Tactical Software, LLC)
S3 dptf_acpi; C:\Windows\System32\DRIVERS\dptf_acpi.sys [55784 2015-10-30] (Intel Corporation)
S3 dptf_cpu; C:\Windows\System32\DRIVERS\dptf_cpu.sys [52200 2015-10-30] (Intel Corporation)
S3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [525800 2017-03-19] (Intel Corporation)
S3 esif_lf; C:\Windows\System32\DRIVERS\esif_lf.sys [260072 2015-10-30] (Intel Corporation)
S0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28008 2015-04-16] (Intel Corporation)
S3 ibtusb; C:\Windows\System32\DRIVERS\ibtusb.sys [355080 2016-07-31] (Intel Corporation)
S3 IntcAzAudAddService; C:\Windows\System32\drivers\RTDVHD64.sys [2740056 2015-10-23] (Realtek Semiconductor Corp.)
S3 ISCT; C:\Windows\system32\drivers\ISCTD.sys [44744 2015-04-16] ()
S3 iwsehub; C:\Windows\system32\drivers\iwsehub.sys [419120 2015-04-16] (Intel Corporation)
S3 iwsepal; C:\Windows\system32\drivers\iwsepal.sys [613168 2015-04-16] (Intel Corporation)
S1 jnprns; C:\Windows\System32\DRIVERS\jnprns.sys [507192 2015-07-28] (Juniper Networks)
S4 jnprTdi_814_60331; C:\WINDOWS\system32\Drivers\jnprTdi_814_60331.sys [108344 2015-07-28] (Pulse Secure, LLC)
S3 jnprva; C:\Windows\System32\DRIVERS\jnprva.sys [30072 2015-07-28] (Juniper Networks, Inc.)
S3 JnprVaMgr; C:\Windows\System32\DRIVERS\jnprvamgr.sys [45352 2015-07-28] (Juniper Networks, Inc.)
S3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [200792 2017-06-25] (Intel Corporation)
S3 mirrorv3; C:\Windows\System32\DRIVERS\rminiv3.sys [5632 2010-04-21] (Famatech International Corp.)
S3 NETwNs64; C:\Windows\System32\DRIVERS\Netwsw04.sys [3441424 2016-07-24] (Intel Corporation)
S2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-02-28] (Riverbed Technology, Inc.)
S3 NT_NvcA; C:\Windows\System32\DRIVERS\ntnvca.sys [44096 2011-01-11] (Nortel Networks)
S2 nvcwfpco; C:\Windows\System32\DRIVERS\nvcwfpco.sys [80448 2011-01-11] (Nortel Networks Corporation)
S3 O2FJ2RDR; C:\Windows\System32\DRIVERS\O2FJ2w7x64.sys [210592 2015-05-04] (BayHubTech/O2Micro )
S3 prepdrvr; C:\Windows\System32\DRIVERS\prepdrv.sys [26984 2013-09-11] (Microsoft Corporation)
S1 SentinelMonitor; C:\Program Files\SentinelOne\Sentinel Agent 2.5.6.117\SentinelMonitor.sys [446864 2018-05-15] (SentinelOne, Inc.)
S3 ST7007; C:\Windows\system32\drivers\ST7007.sys [69896 2015-04-16] (STMicroelectronics)
S3 ST_Accel; C:\Windows\System32\DRIVERS\ST_Accel.sys [75952 2015-05-27] (STMicroelectronics)
S3 swg3knmea05; C:\Windows\system32\drivers\swg3knmea05.sys [276720 2015-04-16] (Sierra Wireless Incorporated)
S3 swg3kser05; C:\Windows\system32\drivers\swg3kser05.sys [276720 2015-04-16] (Sierra Wireless Incorporated)
S3 swibus05; C:\Windows\system32\drivers\swibus05.sys [88848 2015-04-16] (Sierra Wireless Inc.)
S3 swibusflt05; C:\Windows\system32\drivers\swibusflt05.sys [88848 2015-04-16] (Sierra Wireless Inc.)
S3 swimbbbus05; C:\Windows\system32\drivers\swimbbbus05.sys [88848 2015-04-16] (Sierra Wireless Inc.)
S3 swimbbbusflt05; C:\Windows\system32\drivers\swimbbbusflt05.sys [88848 2015-04-16] (Sierra Wireless Inc.)
S3 swmbbnmea05; C:\Windows\system32\drivers\swmbbnmea05.sys [276720 2015-04-16] (Sierra Wireless Incorporated)
S3 swmbbser05; C:\Windows\system32\drivers\swmbbser05.sys [276720 2015-04-16] (Sierra Wireless Incorporated)
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [74120 2018-01-19] (Cisco Systems, Inc.)
S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam64_prewin8.sys [31920 2018-02-26] (Western Digital Technologies)
S2 WinisoCDBus; C:\Windows\System32\drivers\WinisoCDBus.sys [204032 2016-05-11] (WinISO.com)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-07-21 11:59 - 2018-07-21 11:59 - 000000002 _____ C:\Windows\ntbtlog.txt
2018-07-21 09:36 - 2018-07-21 09:38 - 000000000 ____D C:\setupapi.app.backup
2018-07-20 08:00 - 2015-04-16 20:46 - 000279144 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
2018-07-19 19:45 - 2018-07-21 13:14 - 000000000 ____D C:\FRST
2018-07-19 18:55 - 2018-07-19 18:55 - 000000000 ____D C:\Windows\System32\configBak
2018-07-19 17:35 - 2018-07-19 17:35 - 000003462 _____ C:\Windows\System32\Tasks\AdobeGCInvoker-1.0-ANC54971L-hduser
2018-07-19 17:30 - 2018-07-19 17:32 - 000000000 ____D C:\Users\hduser\AppData\Roaming\Greenshot
2018-07-19 17:30 - 2018-07-19 17:30 - 000114304 _____ C:\Users\hduser\AppData\Local\GDIPFONTCACHEV1.DAT
2018-07-19 17:30 - 2018-07-19 17:30 - 000002276 _____ C:\Users\hduser\Desktop\Google Chrome.lnk
2018-07-19 17:30 - 2018-07-19 17:30 - 000000020 ___SH C:\Users\hduser\ntuser.ini
2018-07-19 17:30 - 2018-07-19 17:30 - 000000000 __SHD C:\Users\hduser\IntelGraphicsProfiles
2018-07-19 17:30 - 2018-07-19 17:30 - 000000000 ____D C:\Users\hduser\Documents\My Received Files
2018-07-19 17:30 - 2018-07-19 17:30 - 000000000 ____D C:\Users\hduser\AppData\Roaming\Logitech
2018-07-19 17:30 - 2018-07-19 17:30 - 000000000 ____D C:\Users\hduser\AppData\Roaming\Juniper Networks
2018-07-19 17:30 - 2018-07-19 17:30 - 000000000 ____D C:\Users\hduser\AppData\Roaming\Intel
2018-07-19 17:30 - 2018-07-19 17:30 - 000000000 ____D C:\Users\hduser\AppData\Roaming\ICAClient
2018-07-19 17:30 - 2018-07-19 17:30 - 000000000 ____D C:\Users\hduser\AppData\Roaming\Adobe
2018-07-19 17:30 - 2018-07-19 17:30 - 000000000 ____D C:\Users\hduser\AppData\Local\VirtualStore
2018-07-19 17:30 - 2018-07-19 17:30 - 000000000 ____D C:\Users\hduser\AppData\Local\Nortel
2018-07-19 17:30 - 2018-07-19 17:30 - 000000000 ____D C:\Users\hduser\AppData\Local\Greenshot
2018-07-19 17:30 - 2018-07-19 17:30 - 000000000 ____D C:\Users\hduser\AppData\Local\Google
2018-07-19 17:30 - 2018-07-19 17:30 - 000000000 ____D C:\Users\hduser\AppData\Local\Citrix
2018-07-19 17:30 - 2018-07-19 17:30 - 000000000 ____D C:\Users\hduser\AppData\Local\Adobe
2018-07-19 17:30 - 2018-07-19 17:30 - 000000000 ____D C:\Users\hduser\.cisco
2018-07-19 17:30 - 2018-07-19 17:30 - 000000000 ____D C:\users\hduser
2018-07-19 17:30 - 2017-04-26 07:56 - 000000000 ____D C:\Users\hduser\AppData\Roaming\Apple Computer
2018-07-19 17:30 - 2017-04-26 07:55 - 000000000 ____D C:\Users\hduser\AppData\Local\Apple Computer
2018-07-19 17:30 - 2017-04-26 07:51 - 000000000 ____D C:\Users\hduser\AppData\Roaming\Sun
2018-07-19 17:30 - 2017-04-26 07:51 - 000000000 ____D C:\Users\hduser\AppData\Local\Apple
2018-07-19 17:30 - 2016-11-15 00:22 - 000000000 ___HD C:\Users\hduser\Documents\afterSentDocuments
2018-07-19 17:30 - 2016-11-15 00:22 - 000000000 ___HD C:\Users\hduser\AppData\Local\afterSentDocuments
2018-07-19 17:30 - 2016-05-13 15:12 - 000000000 ____D C:\Users\hduser\AppData\Local\Microsoft Help
2018-07-19 17:30 - 2011-04-11 23:45 - 000000000 ____D C:\Users\hduser\AppData\Roaming\Media Center Programs
2018-07-19 17:13 - 2018-07-19 17:13 - 000431792 _____ C:\Windows\System32\FNTCACHE.DAT
2018-07-12 08:44 - 2018-07-12 08:44 - 000000000 ____D C:\Program Files (x86)\Visualware BCS
2018-07-11 15:38 - 2018-07-11 15:39 - 000000000 ____D C:\Users\wmerry\Desktop\Temp
2018-07-10 14:49 - 2018-07-10 14:49 - 000002185 _____ C:\Users\Public\Desktop\Google Earth Pro.lnk
2018-07-10 14:48 - 2018-07-10 14:48 - 000000000 ____D C:\Program Files\Google
2018-07-10 07:46 - 2018-07-10 07:46 - 000000037 _____ C:\Windows\SysWOW64\SmartFlow.txt
2018-07-10 07:22 - 2018-07-10 07:22 - 000000000 ____D C:\Windows\System32\o2fj2
2018-07-10 07:22 - 2014-06-18 14:34 - 000095744 _____ (BayHubTech/O2Micro ) C:\Windows\System32\SDIOAssist.exe
2018-07-10 07:20 - 2018-07-10 07:20 - 000000000 ____D C:\Windows\SysWOW64\SDA
2018-07-10 07:20 - 2018-07-10 07:20 - 000000000 ____D C:\Program Files (x86)\O2Micro
2018-07-10 07:19 - 2018-07-10 07:19 - 000003646 _____ C:\Windows\System32\Tasks\Intel PTT EK Recertification
2018-07-10 07:19 - 2015-10-30 02:32 - 002365328 _____ (Microsoft Corporation) C:\Windows\System32\WudfUpdate_01011.dll
2018-07-10 07:19 - 2015-10-30 02:32 - 001804688 _____ (Microsoft Corporation) C:\Windows\System32\WdfCoInstaller01011.dll
2018-07-10 07:19 - 2015-10-30 02:32 - 001804688 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\WdfCoInstaller01011.dll
2018-07-10 07:19 - 2015-10-30 02:32 - 001392792 _____ (Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
2018-07-10 07:19 - 2015-10-30 02:32 - 000971944 _____ (Microsoft Corporation) C:\Windows\System32\msvcr120.dll
2018-07-10 07:19 - 2015-10-30 02:32 - 000668840 _____ (Microsoft Corporation) C:\Windows\System32\msvcp120.dll
2018-07-10 07:19 - 2015-10-30 02:32 - 000260072 _____ (Intel Corporation) C:\Windows\System32\Drivers\esif_lf.sys
2018-07-10 07:19 - 2015-10-30 02:31 - 000055784 _____ (Intel Corporation) C:\Windows\System32\Drivers\dptf_acpi.sys
2018-07-10 07:19 - 2015-10-30 02:31 - 000052200 _____ (Intel Corporation) C:\Windows\System32\Drivers\dptf_cpu.sys
2018-07-10 07:17 - 2018-07-10 07:29 - 000000000 ____D C:\ProgramData\PCDr
2018-07-10 07:17 - 2018-07-10 07:17 - 000002169 _____ C:\Users\Public\Desktop\SupportAssist.lnk
2018-07-10 07:16 - 2018-07-10 07:17 - 000000000 ____D C:\Users\wmerry\Downloads\Dell
2018-07-10 07:16 - 2018-07-10 07:16 - 000003814 _____ C:\Windows\System32\Tasks\Dell SupportAssistAgent AutoUpdate
2018-07-10 07:16 - 2018-07-10 07:16 - 000000000 ____D C:\ProgramData\SupportAssist
2018-07-10 07:16 - 2018-07-10 07:16 - 000000000 ____D C:\ProgramData\Dell Inc
2018-07-09 11:59 - 2018-07-09 11:59 - 000002061 _____ C:\Users\wmerry\Desktop\MasterDocumentation.exe - Shortcut.lnk
2018-07-09 11:57 - 2018-07-09 11:57 - 000001600 _____ C:\Users\wmerry\Desktop\West Master Documents - Shortcut.lnk
2018-07-09 11:16 - 2018-07-11 08:00 - 000007603 ____H C:\Users\wmerry\AppData\Local\Resmon.ResmonCfg
2018-06-26 09:08 - 2018-06-26 09:08 - 000000000 ____D C:\Users\wmerry\AppData\Roaming\Meeting Center
2018-06-26 09:08 - 2018-06-26 09:08 - 000000000 ____D C:\Users\wmerry\AppData\Local\UMClient
2018-06-26 09:05 - 2018-06-26 09:09 - 000000000 ____D C:\Users\wmerry\AppData\Roaming\UMClient
2018-06-25 16:49 - 2018-06-25 16:49 - 000136704 _____ C:\Users\wmerry\Desktop\AK-SALI-FAIRBANKS BOROUGH is In-service.msg
2018-06-22 14:19 - 2018-06-22 14:19 - 000339551 _____ C:\Users\wmerry\Downloads\3500202-en.pdf
2018-06-21 14:21 - 2018-06-21 14:26 - 003157003 _____ C:\Users\wmerry\Desktop\MOA 2016 V.1.pdf
2018-06-21 14:20 - 2018-06-21 14:20 - 001135490 _____ C:\Users\wmerry\Desktop\MOA_NG911_1_23_2018.pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-07-19 17:36 - 2018-03-19 07:24 - 000000000 ____D C:\ProgramData\Sentinel
2018-07-19 17:36 - 2009-07-13 20:45 - 000019328 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-07-19 17:36 - 2009-07-13 20:45 - 000019328 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-07-19 17:35 - 2017-10-10 14:27 - 000000000 ____D C:\Program Files (x86)\Dell Backup and Recovery
2018-07-19 17:35 - 2016-05-16 17:31 - 000018960 _____ (Logitech, Inc.) C:\Windows\System32\Drivers\LNonPnP.sys
2018-07-19 17:35 - 2016-04-12 12:06 - 000000000 ____D C:\Program Files (x86)\Intel
2018-07-19 17:35 - 2009-07-13 19:20 - 000000000 ____D C:\Windows\inf
2018-07-19 17:31 - 2009-07-13 21:13 - 000863384 _____ C:\Windows\System32\PerfStringBackup.INI
2018-07-19 17:15 - 2015-11-12 09:39 - 000000601 _____ C:\Windows\SMSCFG.INI
2018-07-19 17:13 - 2009-07-13 21:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-07-13 07:56 - 2017-11-22 12:13 - 000001627 _____ C:\Users\wmerry\Desktop\ACS Sparks Prod.lnk
2018-07-13 07:56 - 2016-04-12 12:07 - 000000568 _____ C:\Windows\System32\config\netlogon.ftl
2018-07-13 07:52 - 2017-01-18 13:02 - 000000540 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-335968984-468744214-619646970-2938.job
2018-07-13 07:40 - 2017-01-18 13:02 - 000000636 _____ C:\Windows\Tasks\G2MUploadTask-S-1-5-21-335968984-468744214-619646970-2938.job
2018-07-12 16:57 - 2016-08-05 09:33 - 000000000 ____D C:\Users\wmerry\Documents\Outlook Files
2018-07-12 11:43 - 2016-05-17 09:17 - 000000000 ___HD C:\Users\wmerry\AppData\Local\Deployment
2018-07-12 10:32 - 2016-05-13 16:54 - 000000000 ____D C:\Users\wmerry\Documents\scratch
2018-07-12 07:35 - 2016-04-12 12:14 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-07-11 14:57 - 2016-05-13 17:10 - 000000000 ____D C:\Users\wmerry\AppData\Roaming\VMware
2018-07-11 14:42 - 2009-07-13 19:20 - 000000000 __RHD C:\Users\Public\Libraries
2018-07-11 14:41 - 2016-07-29 11:00 - 000000000 ___HD C:\Users\wmerry\AppData\Local\Bluestacks
2018-07-10 13:52 - 2017-07-08 10:12 - 000000000 ____D C:\Users\wmerry\AppData\Local\GoToMeeting
2018-07-10 07:37 - 2015-11-12 09:32 - 000000000 ____D C:\Windows\Panther
2018-07-10 07:34 - 2016-07-11 11:27 - 000000000 ___HD C:\Users\wmerry\AppData\Local\CrashDumps
2018-07-10 07:28 - 2016-05-13 16:35 - 000000000 __SHD C:\Users\wmerry\IntelGraphicsProfiles
2018-07-10 07:28 - 2016-05-13 14:27 - 000114304 ____H C:\Users\wmerry\AppData\Local\GDIPFONTCACHEV1.DAT
2018-07-10 07:27 - 2016-04-12 13:18 - 000011909 __RSH C:\ProgramData\ntuser.pol
2018-07-10 07:23 - 2016-04-12 12:06 - 000000000 ____D C:\Program Files\Intel
2018-07-10 07:22 - 2016-07-19 01:42 - 000000000 ____D C:\ProgramData\Package Cache
2018-07-10 07:20 - 2017-02-01 22:15 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2018-07-10 07:19 - 2017-10-10 14:25 - 000000000 ____D C:\ProgramData\Intel
2018-07-10 07:17 - 2016-06-02 08:43 - 000000000 ____D C:\Program Files\Dell
2018-07-10 07:08 - 2016-05-13 14:26 - 000001422 __RSH C:\Users\wmerry\ntuser.pol
2018-07-10 07:08 - 2016-05-13 14:26 - 000000000 ____D C:\users\wmerry
2018-07-09 16:32 - 2016-06-02 11:30 - 000000000 ____D C:\Users\wmerry\AppData\Local\SAP
2018-07-09 16:32 - 2016-06-02 11:26 - 000000000 ____D C:\Users\wmerry\AppData\Roaming\SAP
2018-07-06 14:24 - 2016-05-13 12:34 - 000000000 ____D C:\Desktop Authority
2018-07-05 11:17 - 2016-05-13 16:54 - 000000000 ____D C:\Users\wmerry\Documents\Switching
2018-07-05 10:07 - 2016-08-15 09:53 - 000000000 ___RD C:\Users\wmerry\OneDrive - Alaska Communications
2018-07-05 08:12 - 2016-05-16 07:16 - 000000000 ____D C:\Users\wmerry\AppData\Local\ElevatedDiagnostics
2018-07-05 07:19 - 2018-03-19 07:24 - 000000000 ____D C:\Program Files\SentinelOne
2018-06-28 07:35 - 2016-09-14 11:34 - 000000000 ____D C:\Users\wmerry\AppData\Local\IE Tab
2018-06-26 09:05 - 2009-07-13 21:32 - 000000000 ____D C:\Windows\Downloaded Program Files
2018-06-26 07:10 - 2016-05-16 18:14 - 000000000 ____D C:\Program Files (x86)\Notepad++
2018-06-26 07:09 - 2018-02-27 23:30 - 000000000 ____D C:\Users\wmerry\Downloads\Scratch
2018-06-25 10:13 - 2016-05-13 16:54 - 000000000 ____D C:\Users\wmerry\Documents\Putty_Logs
2018-06-21 15:34 - 2018-02-15 16:57 - 014349824 _____ C:\Users\wmerry\Desktop\MOA 2016 V.1.vsd
2018-06-21 07:24 - 2017-08-09 11:23 - 000000000 ____D C:\Users\wmerry\Desktop\MOA 2016 V.1

==================== Known DLLs (Whitelisted) =========================


==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\dnsapi.dll => MD5 is legit
C:\Windows\SysWOW64\dnsapi.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== Association (Whitelisted) =============


==================== Restore Points  =========================

Restore point date: 2018-07-20 12:21
Restore point date: 2018-07-20 12:21

==================== Memory info =========================== 

Percentage of memory in use: 10%
Total physical RAM: 8088.05 MB
Available physical RAM: 7234.46 MB
Total Virtual: 8086.25 MB
Available Virtual: 7233.96 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:238.13 GB) (Free:64.62 GB) NTFS
Drive e: () (Removable) (Total:7.62 GB) (Free:4.19 GB) NTFS
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (System Reserved) (Fixed) (Total:0.34 GB) (Free:0.26 GB) NTFS ==>[system with boot components (obtained from drive)]


==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 238.5 GB) (Disk ID: 5B5214B9)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=238.1 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 7.6 GB) (Disk ID: 25EF38AF)
Partition 1: (Active) - (Size=7.6 GB) - (Type=07 NTFS)

LastRegBack: 2018-07-07 00:03

==================== End of FRST.txt ============================

I can also provide the setapi.app.log file which lists all driver changes on the laptop from day one. Though I imagine only the last few most recent changes are likely relevant.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users