Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

my computer is infected with adware [Closed]

Started by brazzo , Jan 10 2018 06:07 AM

  • This topic is locked This topic is locked

#1
brazzo
Posted 10 January 2018 - 06:07 AM

brazzo

    New Member

  • Member
  • Pip
  • 9 posts

when browsing the web using chrome, I constantly get new tabs opened with ads to different sites and products. I also have ad banners with inappropriate content on nearly any website I visit. I installed adblocker ultimate extension for chrome but it didn't work.

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02.01.2018
Ran by salma (administrator) on SALMA (10-01-2018 03:54:56)
Running from C:\Users\salma\Desktop
Loaded Profiles: salma & 14f141 (Available Profiles: salma & 14f141)
Platform: Windows 10 Home Single Language Version 1607 14393.1944 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(LENOVO INCORPORATED.) C:\Program Files\lenovo\iMController\SystemAgentService.exe
(Affinegy, Inc.) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Pokki) C:\Users\salma\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
() C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.523\SSScheduler.exe
(Affinegy, Inc.) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe
(Affinegy, Inc.) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
(Power Software Ltd) C:\Program Files\PowerISO\PWRISOVM.EXE
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.10.572.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Pokki) C:\Users\salma\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Pokki) C:\Users\salma\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe
(Pokki) C:\Users\salma\AppData\Local\SweetLabs App Platform\Engine\ServiceStartMenuIndexer.exe
(Microsoft Corporation) C:\Windows\System32\SrTasks.exe
(Lenovo) C:\Program Files\lenovo\Lenovo Solution Center\LSCNotify.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.14393.1883_none_7ed84bd822106081\TiWorker.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Lenovo) C:\Users\salma\AppData\Local\Temp\LSC\LSCSetup.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corp.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [935104 2014-11-25] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [6613896 2016-06-28] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [IgfxTray] => C:\windows\system32\igfxtray.exe [401848 2017-06-12] ()
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2014-02-26] (Intel Corporation)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15813616 2014-10-25] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80880 2014-10-25] (Lenovo(beijing) Limited)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [246120 2018-01-10] (AVAST Software)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-06] (CyberLink Corp.)
HKLM-x32\...\Run: [InstaLAN] => C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe [1884576 2012-01-17] (Affinegy, Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-10-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [935288 2009-09-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [454792 2016-06-07] (Power Software Ltd)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-2885589384-1567697907-1413021575-1001\...\Run: [DVDFab VDrive] => C:\Program Files\DVDFab Virtual Drive\vdrive.exe [415720 2012-11-13] (Fengtao Software Inc.)
HKU\S-1-5-21-2885589384-1567697907-1413021575-1001\...\RunOnce: [Application Restart #6] => C:\Users\salma\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe [8629968 2017-12-13] (Pokki)
HKU\S-1-5-21-2885589384-1567697907-1413021575-1001\...\RunOnce: [Application Restart #4] => C:\Users\salma\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe [8629968 2017-12-13] (Pokki)
HKU\S-1-5-21-2885589384-1567697907-1413021575-1001\...\RunOnce: [Application Restart #3] => C:\Users\salma\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe [8629968 2017-12-13] (Pokki)
HKU\S-1-5-21-2885589384-1567697907-1413021575-1001\...\RunOnce: [  ISSetupPrerequisistes] => C:\Users\salma\AppData\Local\Temp\LSC\LSCSetup.exe [77343536 2018-01-10] (Lenovo) <==== ATTENTION
HKU\S-1-5-21-2885589384-1567697907-1413021575-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\Bubbles.scr [806400 2016-07-16] (Microsoft Corporation)
HKU\S-1-5-21-2885589384-1567697907-1413021575-1005\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2016-07-16] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2017-04-16]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.523\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\salma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2016-11-06]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
ProxyEnable: [S-1-5-21-2885589384-1567697907-1413021575-1001] => Proxy is enabled.
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{0a6c16ce-f7b5-4f0b-948d-de7f363b0df7}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{16998173-0b34-4b76-87a1-04298cef3296}: [DhcpNameServer] 192.168.2.1
 
Internet Explorer:
==================
HKU\S-1-5-21-2885589384-1567697907-1413021575-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-2885589384-1567697907-1413021575-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
HKU\S-1-5-21-2885589384-1567697907-1413021575-1005\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-2885589384-1567697907-1413021575-1005\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-2885589384-1567697907-1413021575-1005\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
SearchScopes: HKU\S-1-5-21-2885589384-1567697907-1413021575-1001 -> {7E468B71-D5B5-11E4-8266-C0389601237C} URL = hxxp://search.homepage-web.com/?src=omnibox&partner=lenovo&q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-08-27] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2016-08-16] (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27] (Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-08-27] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2016-08-16] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2016-05-17] (Microsoft Corporation)
 
FireFox:
========
FF DefaultProfile: 5qzs4vgy.default
FF ProfilePath: C:\Users\salma\AppData\Roaming\Mozilla\Firefox\Profiles\5qzs4vgy.default [2018-01-10]
FF Extension: (Avast SafePrice) - C:\Users\salma\AppData\Roaming\Mozilla\Firefox\Profiles\5qzs4vgy.default\Extensions\[email protected] [2017-11-11]
FF Extension: (Avast Online Security) - C:\Users\salma\AppData\Roaming\Mozilla\Firefox\Profiles\5qzs4vgy.default\Extensions\[email protected] [2017-11-11]
FF SearchPlugin: C:\Users\salma\AppData\Roaming\Mozilla\Firefox\Profiles\5qzs4vgy.default\searchplugins\Web Search.xml [2015-05-15]
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_20_0_0_267.dll [2016-01-02] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50709.0\npctrl.dll [2016-07-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_267.dll [2016-01-02] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-19] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50709.0\npctrl.dll [2016-07-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-18] (Google Inc.)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://homepage-web.com/?s=lenovo&m=home
CHR StartupUrls: Default -> "hxxp://homepage-web.com/?s=lenovo&m=start"
CHR Profile: C:\Users\salma\AppData\Local\Google\Chrome\User Data\Default [2018-01-10]
CHR Extension: (Slides) - C:\Users\salma\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-21]
CHR Extension: (AnmeRting) - C:\Users\salma\AppData\Local\Google\Chrome\User Data\Default\Extensions\amppmibcljoeejieoapielmokgbagbfi [2017-05-15]
CHR Extension: (Docs) - C:\Users\salma\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-21]
CHR Extension: (Google Drive) - C:\Users\salma\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\salma\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-08]
CHR Extension: (Google Search) - C:\Users\salma\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-20]
CHR Extension: (Botany Glossary Online) - C:\Users\salma\AppData\Local\Google\Chrome\User Data\Default\Extensions\efodpamllclgghjfaocjopngljlnfdki [2017-06-26]
CHR Extension: (Avast SafePrice) - C:\Users\salma\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-01-10]
CHR Extension: (Sheets) - C:\Users\salma\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-21]
CHR Extension: (Google Docs Offline) - C:\Users\salma\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-19]
CHR Extension: (Serfs Emancipation Day) - C:\Users\salma\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjhpggngpgmfhjcmbipomdpmpfcmcpnp [2017-03-31]
CHR Extension: (Chrome Web Store Payments) - C:\Users\salma\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-10-02]
CHR Extension: (AdBlocker Ultimate) - C:\Users\salma\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohahllgiabjaoigichmmfljhkcfikeof [2018-01-10]
CHR Extension: (Gmail) - C:\Users\salma\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Extension: (Chrome Media Router) - C:\Users\salma\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-01-10]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R4 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [138752 2016-06-28] () [File not signed]
R4 AffinegyService; C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe [563104 2012-01-17] (Affinegy, Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7538536 2018-01-10] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [301168 2018-01-10] (AVAST Software)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-10-07] (ELAN Microelectronics Corp.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-02-26] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373688 2017-06-12] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [533760 2014-06-03] (Lenovo)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584960 2014-05-21] (LENOVO INCORPORATED.)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2014-10-25] (Lenovo(beijing) Limited)
S3 LSC.Services.SystemService; C:\Program Files\lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [273544 2016-12-07] (Lenovo)
R4 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-27] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103704 2017-10-08] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [185096 2018-01-10] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [321512 2018-01-10] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [199448 2018-01-10] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [343768 2018-01-10] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [57696 2018-01-10] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [149344 2018-01-10] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [46976 2018-01-10] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [146664 2018-01-10] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [110336 2018-01-10] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84384 2018-01-10] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1025176 2018-01-10] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [457400 2018-01-10] (AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [204456 2018-01-10] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [358672 2018-01-10] (AVAST Software)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R1 dvdfabio; C:\windows\system32\drivers\dvdfabio.sys [12776 2012-11-13] (Fengtao Software Inc.)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2015-07-22] (Realtek )
R3 RtkBtFilter; C:\WINDOWS\system32\DRIVERS\RtkBtfilter.sys [615728 2015-06-04] (Realtek Semiconductor Corporation)
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [410880 2015-07-03] (Realsil Semiconductor Corporation)
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [3068160 2015-06-16] (Realtek Semiconductor Corp.)
R3 RTWlanE; C:\WINDOWS\System32\drivers\rtwlane.sys [5144064 2016-07-16] (Realtek Semiconductor Corporation )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 vdrive; C:\WINDOWS\System32\drivers\vdrive.sys [45544 2012-11-13] (Fengtao Software Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-01-10 03:54 - 2018-01-10 03:56 - 000022406 _____ C:\Users\salma\Desktop\FRST.txt
2018-01-10 03:54 - 2018-01-10 03:54 - 000000000 ____D C:\FRST
2018-01-10 03:52 - 2018-01-10 03:54 - 002393088 _____ (Farbar) C:\Users\salma\Desktop\FRST64.exe
2018-01-10 03:48 - 2018-01-10 03:48 - 000000018 _____ C:\WINDOWS\SysWOW64\taskSchedularLog.txt
2018-01-10 03:48 - 2018-01-10 03:48 - 000000000 ____D C:\Users\salma\AppData\Roaming\Lenovo
2018-01-10 03:48 - 2018-01-10 03:48 - 000000000 ____D C:\Users\salma\.QtWebEngineProcess
2018-01-10 03:48 - 2018-01-10 03:48 - 000000000 ____D C:\Users\salma\.LSC
2018-01-10 03:38 - 2018-01-10 03:38 - 000002169 _____ C:\Users\Public\Desktop\Lenovo Solution Center.lnk
2018-01-10 02:22 - 2018-01-10 02:22 - 000000000 ____D C:\ProgramData\SWCUTemp
2018-01-10 02:11 - 2018-01-10 02:12 - 000061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys
2018-01-10 02:11 - 2018-01-10 02:11 - 000061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys.151557907084302.151557913659302
2018-01-10 02:11 - 2018-01-10 02:09 - 000365680 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2018-01-10 02:10 - 2018-01-10 02:09 - 000149344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2017-12-27 13:55 - 2017-12-27 13:55 - 000468606 _____ ( ) C:\Users\salma\Downloads\your_file.exe
2017-12-27 13:44 - 2017-12-01 17:06 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-12-27 13:44 - 2017-12-01 17:06 - 000177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-12-18 14:46 - 2017-12-18 14:46 - 000091291 _____ C:\Users\salma\Downloads\Development countries.pptx
2017-12-13 08:25 - 2017-11-30 01:45 - 000982392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-12-13 08:25 - 2017-11-30 01:33 - 005688320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-12-13 08:25 - 2017-11-30 01:29 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-12-13 08:25 - 2017-11-30 01:28 - 007625728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-12-13 08:25 - 2017-11-30 01:28 - 000224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2017-12-13 08:25 - 2017-11-30 01:28 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2017-12-13 08:25 - 2017-11-30 01:28 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2017-12-13 08:25 - 2017-11-30 01:26 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2017-12-13 08:25 - 2017-11-30 01:25 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2017-12-13 08:25 - 2017-11-30 01:25 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscript.exe
2017-12-13 08:25 - 2017-11-30 01:25 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscript.exe
2017-12-13 08:25 - 2017-11-30 01:25 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2017-12-13 08:25 - 2017-11-30 01:25 - 000103424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscript.ocx
2017-12-13 08:25 - 2017-11-30 01:24 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2017-12-13 08:25 - 2017-11-30 01:24 - 000300544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2017-12-13 08:25 - 2017-11-30 01:24 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshext.dll
2017-12-13 08:25 - 2017-11-30 01:23 - 000670208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll
2017-12-13 08:25 - 2017-11-30 01:23 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2017-12-13 08:25 - 2017-11-30 01:23 - 000205824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrobj.dll
2017-12-13 08:25 - 2017-11-30 01:22 - 019411968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-12-13 08:25 - 2017-11-30 01:22 - 018366976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-12-13 08:25 - 2017-11-30 01:21 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-12-13 08:25 - 2017-11-30 01:17 - 000858624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2017-12-13 08:25 - 2017-11-30 01:17 - 000579072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2017-12-13 08:25 - 2017-11-30 01:16 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-12-13 08:25 - 2017-11-30 01:16 - 000238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2017-12-13 08:25 - 2017-11-30 01:15 - 001599488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-12-13 08:25 - 2017-11-30 01:15 - 000711168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2017-12-13 08:25 - 2017-11-30 01:14 - 000859136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2017-12-13 08:25 - 2017-11-30 01:14 - 000656896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2017-12-13 08:25 - 2017-11-30 00:15 - 001072240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-12-13 08:25 - 2017-11-29 23:53 - 022571520 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-12-13 08:25 - 2017-11-29 23:45 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-12-13 08:25 - 2017-11-29 23:42 - 000862208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-12-13 08:25 - 2017-11-29 23:39 - 000187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2017-12-13 08:25 - 2017-11-29 23:37 - 008118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-12-13 08:25 - 2017-11-29 23:37 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-12-13 08:25 - 2017-11-29 23:37 - 000388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2017-12-13 08:25 - 2017-11-29 23:37 - 000229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2017-12-13 08:25 - 2017-11-29 23:36 - 023674880 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-12-13 08:25 - 2017-11-29 23:36 - 001146880 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2017-12-13 08:25 - 2017-11-29 23:36 - 000761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2017-12-13 08:25 - 2017-11-29 23:36 - 000284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-12-13 08:25 - 2017-11-29 23:33 - 001013760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2017-12-13 08:25 - 2017-11-29 23:32 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2017-12-13 08:24 - 2017-11-30 01:24 - 000822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-12-13 08:24 - 2017-11-30 01:22 - 012205056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-12-13 08:24 - 2017-11-30 01:16 - 006066688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-12-13 08:24 - 2017-11-30 01:16 - 003662848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-12-13 08:24 - 2017-11-30 01:14 - 002028032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-12-13 08:24 - 2017-11-30 00:22 - 007780184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-12-13 08:24 - 2017-11-30 00:17 - 000983896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-12-13 08:24 - 2017-11-30 00:16 - 001090904 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-12-13 08:24 - 2017-11-30 00:16 - 000947544 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2017-12-13 08:24 - 2017-11-30 00:16 - 000811864 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2017-12-13 08:24 - 2017-11-29 23:50 - 007219200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-12-13 08:24 - 2017-11-29 23:45 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2017-12-13 08:24 - 2017-11-29 23:44 - 000173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2017-12-13 08:24 - 2017-11-29 23:42 - 000163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscript.exe
2017-12-13 08:24 - 2017-11-29 23:41 - 009129984 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-12-13 08:24 - 2017-11-29 23:40 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscript.exe
2017-12-13 08:24 - 2017-11-29 23:38 - 001081856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-12-13 08:24 - 2017-11-29 23:38 - 000243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrobj.dll
2017-12-13 08:24 - 2017-11-29 23:38 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-12-13 08:24 - 2017-11-29 23:37 - 000949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2017-12-13 08:24 - 2017-11-29 23:37 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-12-13 08:24 - 2017-11-29 23:37 - 000556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2017-12-13 08:24 - 2017-11-29 23:37 - 000099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshext.dll
2017-12-13 08:24 - 2017-11-29 23:36 - 013108224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-12-13 08:24 - 2017-11-29 23:36 - 004749824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-12-13 08:24 - 2017-11-29 23:34 - 004739584 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-12-13 08:24 - 2017-11-29 23:33 - 002097664 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-12-13 08:24 - 2017-11-29 23:33 - 001783296 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-12-13 08:24 - 2017-11-29 23:33 - 000583168 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-12-13 08:24 - 2017-11-29 23:32 - 000799744 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2017-12-12 22:41 - 2017-12-13 20:49 - 000960543 _____ C:\Users\salma\Desktop\mis powerpoint.pptx
2017-12-12 22:41 - 2017-12-12 22:41 - 000000165 ____H C:\Users\salma\Desktop\~$mis powerpoint.pptx
2017-12-12 06:38 - 2017-12-12 22:40 - 000961876 _____ C:\Users\salma\Desktop\Management information system.pptx
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-01-10 03:48 - 2016-09-20 09:38 - 000000000 ____D C:\Users\salma
2018-01-10 03:48 - 2016-07-16 03:36 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-01-10 03:48 - 2015-02-02 06:01 - 000000000 ____D C:\Users\salma\AppData\Local\Lenovo
2018-01-10 03:45 - 2016-06-27 16:01 - 000000000 ____D C:\ProgramData\Origin
2018-01-10 03:39 - 2016-09-20 09:56 - 000000000 ____D C:\WINDOWS\System32\Tasks\Lenovo
2018-01-10 03:37 - 2014-10-25 03:43 - 000000000 ____D C:\Program Files\lenovo
2018-01-10 03:31 - 2016-09-20 09:28 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-01-10 02:44 - 2014-10-25 03:43 - 000000000 ____D C:\WINDOWS\Downloaded Installations
2018-01-10 02:30 - 2015-02-01 01:15 - 000000000 ____D C:\Users\salma\AppData\Local\SweetLabs App Platform
2018-01-10 02:19 - 2016-09-20 09:30 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-01-10 02:19 - 2016-06-28 00:03 - 000000000 __SHD C:\Users\salma\IntelGraphicsProfiles
2018-01-10 02:18 - 2016-09-20 09:56 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-01-10 02:17 - 2016-07-15 22:04 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2018-01-10 02:12 - 2017-03-08 08:34 - 000003994 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2018-01-10 02:09 - 2017-11-11 03:51 - 000185096 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2018-01-10 02:09 - 2017-03-08 08:33 - 000343768 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbloga.sys
2018-01-10 02:09 - 2017-03-08 08:33 - 000321512 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2018-01-10 02:09 - 2017-03-08 08:33 - 000199448 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2018-01-10 02:09 - 2017-03-08 08:33 - 000057696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2018-01-10 02:09 - 2015-02-01 03:33 - 001025176 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2018-01-10 02:09 - 2015-02-01 03:33 - 000457400 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2018-01-10 02:09 - 2015-02-01 03:33 - 000358672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2018-01-10 02:09 - 2015-02-01 03:33 - 000204456 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2018-01-10 02:09 - 2015-02-01 03:33 - 000146664 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2018-01-10 02:09 - 2015-02-01 03:33 - 000110336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2018-01-10 02:09 - 2015-02-01 03:33 - 000084384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2018-01-10 02:09 - 2015-02-01 03:33 - 000046976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2018-01-10 02:09 - 2015-02-01 01:39 - 000002283 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-01-10 02:09 - 2015-02-01 01:39 - 000002271 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-01-10 02:07 - 2016-07-16 03:45 - 000000000 ____D C:\WINDOWS\INF
2018-01-10 02:05 - 2016-11-15 03:55 - 000004148 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{648E76D3-2D34-49AC-8EC4-6A552CC70FF1}
2018-01-10 02:05 - 2016-07-16 03:47 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-12-28 07:12 - 2016-07-16 03:47 - 000000000 ____D C:\WINDOWS\rescache
2017-12-27 14:17 - 2016-07-16 03:47 - 000000000 ___HD C:\Program Files\WindowsApps
2017-12-27 13:42 - 2017-06-26 17:07 - 000000000 ___SD C:\WINDOWS\UpdateAssistantV2
2017-12-18 06:44 - 2015-11-01 07:02 - 000002529 _____ C:\Users\salma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2017-12-18 01:25 - 2015-02-01 01:15 - 000000000 ____D C:\Users\salma\AppData\Local\Packages
2017-12-13 08:33 - 2015-02-13 19:00 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-12-13 08:30 - 2017-10-21 15:39 - 133326408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2017-12-13 08:30 - 2015-02-13 19:00 - 133326408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-12-12 08:50 - 2016-09-20 10:26 - 000000000 ___DC C:\WINDOWS\Panther
2017-12-12 08:46 - 2016-07-15 22:04 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2017-12-12 08:28 - 2016-09-20 10:08 - 000028578 _____ C:\WINDOWS\diagwrn.xml
2017-12-12 08:28 - 2016-09-20 10:08 - 000028578 _____ C:\WINDOWS\diagerr.xml
2017-12-12 08:06 - 2016-07-16 03:47 - 000000000 ____D C:\WINDOWS\Registration
2017-12-12 08:05 - 2017-09-29 07:18 - 000000000 ___HD C:\$WINDOWS.~BT
 
==================== Files in the root of some directories =======
 
2015-02-01 01:16 - 2016-06-27 20:01 - 000319714 _____ () C:\Users\salma\AppData\Local\BTServer.log
 
Files to move or delete:
====================
C:\Users\salma\AppData\Local\Temp\LSC\LSCSetup.exe
 
 
Some files in TEMP:
====================
2016-10-24 07:58 - 2011-05-11 16:48 - 001974272 _____ () C:\Users\salma\AppData\Local\Temp\ImationLOCKv229.exe
2016-09-23 08:47 - 2016-09-23 09:01 - 064108904 _____ (SweetLabs,Inc.) C:\Users\salma\AppData\Local\Temp\oct1F9F.tmp.exe
2016-09-20 11:32 - 2016-09-22 07:00 - 128217808 _____ (SweetLabs,Inc.) C:\Users\salma\AppData\Local\Temp\oct72F5.tmp.exe
2017-05-23 11:48 - 2017-05-23 11:50 - 064118864 _____ (SweetLabs,Inc.) C:\Users\salma\AppData\Local\Temp\oct7AFD.tmp.exe
2017-10-21 12:32 - 2017-11-21 00:18 - 207829680 _____ (SweetLabs,Inc.) C:\Users\salma\AppData\Local\Temp\oct7D80.tmp.exe
2017-12-18 06:36 - 2017-12-18 06:39 - 041440856 _____ (SweetLabs,Inc.) C:\Users\salma\AppData\Local\Temp\oct7F75.tmp.exe
2017-11-25 10:55 - 2017-11-30 05:55 - 083131872 _____ (SweetLabs,Inc.) C:\Users\salma\AppData\Local\Temp\octA13D.tmp.exe
2017-12-09 04:52 - 2017-12-09 04:54 - 041373360 _____ (SweetLabs,Inc.) C:\Users\salma\AppData\Local\Temp\octBB37.tmp.exe
2017-08-17 19:52 - 2017-08-17 19:54 - 063610592 _____ (SweetLabs,Inc.) C:\Users\salma\AppData\Local\Temp\octE6D8.tmp.exe
2016-11-17 08:00 - 2016-11-17 08:03 - 064111920 _____ (SweetLabs,Inc.) C:\Users\salma\AppData\Local\Temp\octEF10.tmp.exe
2018-01-10 02:04 - 2018-01-10 02:05 - 005070952 _____ (Google Inc.) C:\Users\salma\AppData\Local\Temp\{53DFD25C-E6A3-4938-BFF0-128DCCDC4F51}-63.0.3239.132_63.0.3239.84_chrome_updater.exe
 
Some zero byte size files/folders:
==========================
C:\Windows\System32\Drivers\avc3.sys
C:\Windows\System32\Drivers\avchv.sys
C:\Windows\System32\Drivers\avckf.sys
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
C:\WINDOWS\system32\drivers\avc3.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION
C:\WINDOWS\system32\drivers\avchv.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION
C:\WINDOWS\system32\drivers\avckf.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION
 
LastRegBack: 2017-12-27 14:30
 
==================== End of FRST.txt ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02.01.2018
Ran by salma (10-01-2018 03:57:48)
Running from C:\Users\salma\Desktop
Windows 10 Home Single Language Version 1607 14393.1944 (X64) (2016-09-20 18:11:58)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
14f141 (S-1-5-21-2885589384-1567697907-1413021575-1005 - Limited - Enabled) => C:\Users\14f141
Administrator (S-1-5-21-2885589384-1567697907-1413021575-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2885589384-1567697907-1413021575-503 - Limited - Disabled)
Guest (S-1-5-21-2885589384-1567697907-1413021575-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2885589384-1567697907-1413021575-1003 - Limited - Enabled)
salma (S-1-5-21-2885589384-1567697907-1413021575-1001 - Administrator - Enabled) => C:\Users\salma
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-2885589384-1567697907-1413021575-1001\...\uTorrent) (Version: 3.4.7.42330 - BitTorrent Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 27.0.0.124 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.267 - Adobe Systems Incorporated)
Adobe Reader 9.2 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A92000000001}) (Version: 9.2.0 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{6E2E5B9E-BCCC-066F-BBB5-4DCA7289E2CD}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Settings (HKLM\...\WUCCCApp) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.9.2322 - AVAST Software)
Belkin Setup and Router Monitor (HKLM-x32\...\Belkin Setup and Router Monitor_is1) (Version:  - )
Catalyst Control Center Next Localization BR (HKLM\...\{15EEB07A-3FB9-FA4C-8EFF-697728CB1E5C}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{A63E3031-0522-18C6-F18F-7EE80973315F}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{A2966D0F-43BB-116D-C9C7-49612FBFD0AE}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{4C608ED2-535B-2119-3661-9E6F7DDB600F}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{9005C809-497A-FD45-CB96-76A3338E35B9}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{D84300A6-72F1-5771-B3B1-8FC71184AB38}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{56D13277-FA9F-2842-682D-DD7298973585}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{8D0C7788-D519-7B65-36F6-D0D21296F173}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{930FD2C7-D026-197D-94E4-CB5917CE7420}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{086D11E3-9CA4-DBEF-2B48-5A2EFFD53145}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{D0C1EAB6-92F1-EE91-04C2-5947EE150593}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{57EAA61A-CD02-DF34-0839-2549F57A334C}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{AA477FD2-347B-1732-5D8C-AF35AF1B9703}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{BBFC5953-2CB9-5932-1D47-52E4AA99737B}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{01E7D692-D785-743F-5A55-F00162D26A1C}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{5D8BA452-1264-7D13-E4EC-8236EC5B83FE}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{F49BA906-83DA-3F5A-5B24-03C8DE2A3936}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{5A466CAA-F071-D9EF-A799-EF63552DBE70}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{D7DC4DDB-3E0D-6F79-4258-4A461654B689}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{ACDFF800-6015-BEEC-8A27-7B1A80915273}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{A28B1FC5-3947-9D39-7FE5-A3CB18E16358}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.16.50 - Conexant)
CyberLink MediaStory (HKLM-x32\...\InstallShield_{55762F9A-FCE3-45d5-817B-051218658423}) (Version: 1.0.1314 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM\...\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
Dependency Package Update (HKLM\...\{0788641D-D31A-478D-BB34-C41564AE9F93}) (Version: 1.6.38.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{5252431C-288E-409D-ADCF-24407E0E6F70}) (Version: 1.6.25.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{FFED38DF-94DC-4FF9-96C1-A6990EDA6B03}) (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
DVDFab Virtual Drive version 1.4.1.0 (HKLM\...\DVDFab Virtual Drive_is1) (Version: 1.4.1.0 - Fengtao Software Inc.)
ELAN Touchpad 11.15.0.18_X64 (HKLM\...\Elantech) (Version: 11.15.0.18 - ELAN Microelectronic Corp.)
Energy Manager (HKLM-x32\...\{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.35 - Lenovo) Hidden
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.35 - Lenovo)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 63.0.3239.132 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Hightail for Lenovo (HKLM\...\{2F10E937-F6D7-4174-8AB9-B299E8FC5CEC}) (Version: 2.4.97.2857 - Hightail, Inc.)
Host App Service (HKU\S-1-5-21-2885589384-1567697907-1413021575-1001\...\SweetLabs_AP) (Version: 0.269.8.342 - Pokki)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.0.0.1098 - Intel Corporation)
Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.25.00 - Lenovo Group Limited)
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11105 - Realtek Semiconductor Corp.)
Lenovo FusionEngine  (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo) Hidden
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\InstallShield_{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.2105 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.2105 - CyberLink Corp.)
Lenovo Photo Master (HKLM-x32\...\{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.0.1823.01 - CyberLink Corp.) Hidden
Lenovo Photo Master (HKLM-x32\...\InstallShield_{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.0.1823.01 - CyberLink Corp.)
Lenovo PowerDVD10 (HKLM-x32\...\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.)
Lenovo SHAREit (HKLM-x32\...\Lenovo SHAREit_is1) (Version: 2.0.5.0 - Lenovo Group Limited)
Lenovo Solution Center (HKLM\...\{AFDE512F-7BCD-46B6-91C0-230812139EEF}) (Version: 3.4.002.006 - Lenovo)
Lenovo Web Start (HKU\S-1-5-21-2885589384-1567697907-1413021575-1001\...\Pokki_04bb6df446330549a2cb8d67fbd1a745025b7bd1) (Version: 1.0.2.53457 - Pokki)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0001.00 - Lenovo Group Limited) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2885589384-1567697907-1413021575-1001\...\OneDriveSetup.exe) (Version: 17.3.7131.1115 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50709.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 54.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 54.0.1 (x86 en-US)) (Version: 54.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 54.0.1.6388 - Mozilla)
OEM Application Profile (HKLM-x32\...\{315F1A48-D883-B234-7C79-15873574ACC1}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.10525 - CyberLink Corp.)
PowerISO (HKLM-x32\...\PowerISO) (Version: 6.6 - Power Software Ltd)
PX Profile Update (HKLM-x32\...\{954CFDDE-AF07-2AF9-9600-706E798D42BA}) (Version: 1.00.1. - AMD) Hidden
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.810.810.032714 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39052 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0238 - REALTEK Semiconductor Corp.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Start Menu (HKU\S-1-5-21-2885589384-1567697907-1413021575-1001\...\SweetLabs_Start_Menu) (Version: 0.269.8.342 - Pokki)
Start Menu (HKU\S-1-5-21-2885589384-1567697907-1413021575-1005\...\Pokki) (Version: 0.269.2.471 - Pokki)
The Sims 4 (HKLM-x32\...\VGhlU2ltczQ=_is1) (Version: 1 - )
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.0.732.20 - Electronic Arts Inc.)
Update for Skype for Business 2015 (KB3039776) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{0FA8AE0C-69AE-4F60-A1AB-F79C6BA5A999}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3118281) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{E34F92E8-F338-4749-BE58-E77D605FE648}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3118281) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{E34F92E8-F338-4749-BE58-E77D605FE648}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3118281) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{E34F92E8-F338-4749-BE58-E77D605FE648}) (Version:  - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{DE083343-D24D-4495-919E-18C65EC0F289}) (Version: 2.8.0.0 - Microsoft Corporation)
User Manuals (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo) Hidden
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)
Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation)
Windows 10 Upgrade Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17329 - Microsoft Corporation)
Windows Driver Package - Lenovo (ACPIVPC) System  (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid  (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
WinRAR 5.40 beta 2 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.2 - win.rar GmbH)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
ShellIconOverlayIdentifiers: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-01-10] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-01-10] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-01-10] (AVAST Software)
ContextMenuHandlers1: [DVDFABVirtualDrive] -> {71343FFB-3ECB-4FA7-BAAC-8DB614DE3C05} => C:\Program Files\DVDFab Virtual Drive\vdrive.dll [2012-11-13] (Fengtao Software Inc.)
ContextMenuHandlers1-x32: [DVDFABVirtualDrive32] -> {71343FFB-3ECB-4FA7-BAAC-8DB614DE3C04} => C:\Program Files\DVDFab Virtual Drive\vdrive32.dll [2012-11-13] (Fengtao Software Inc.)
ContextMenuHandlers1-x32: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2016-06-07] (Power Software Ltd)
ContextMenuHandlers1-x32: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2014-04-23] (Lenovo)
ContextMenuHandlers1-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-06-27] (Alexander Roshal)
ContextMenuHandlers1-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-06-27] (Alexander Roshal)
ContextMenuHandlers2: [DVDFABVirtualDrive] -> {71343FFB-3ECB-4FA7-BAAC-8DB614DE3C05} => C:\Program Files\DVDFab Virtual Drive\vdrive.dll [2012-11-13] (Fengtao Software Inc.)
ContextMenuHandlers2-x32: [DVDFABVirtualDrive32] -> {71343FFB-3ECB-4FA7-BAAC-8DB614DE3C04} => C:\Program Files\DVDFab Virtual Drive\vdrive32.dll [2012-11-13] (Fengtao Software Inc.)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-01-10] (AVAST Software)
ContextMenuHandlers4: [000LenovoFoldersContextMenu] -> {D2DB7BAA-9E12-4640-825C-B1EB36A3809A} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2016-06-07] (Power Software Ltd)
ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2014-04-23] (Lenovo)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2016-06-28] (Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-06-12] (Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-01-10] (AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-06-27] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-06-27] (Alexander Roshal)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {06EC000D-F01A-4254-B56A-D31D8AD574C2} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\salma\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Task: {2797B536-D0B3-4F36-A4A5-ABF81B162052} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.UpdateStatusService.exe [2016-12-07] ()
Task: {32F62B36-A0B2-4848-B9F6-4325093CBA4F} - System32\Tasks\SweetLabs App Platform => C:\Users\salma\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe [2017-12-13] (Pokki)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3ADD73D6-C0C7-4FB0-BA68-56BBFA61A832} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-12-07] (Lenovo)
Task: {42CBD109-E456-4C3A-ACCB-F73DE89EC58B} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2016-12-07] (Lenovo)
Task: {608290E0-E367-4FB4-BC82-55587E12E79C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-16] (Google Inc.)
Task: {8BC450E4-D4AD-4C42-9242-99CA64CBEC3D} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [2014-05-21] ()
Task: {9FB4BA76-169D-42D6-AAA1-20DD6310D5D4} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE [2013-03-08] (CyberLink Corp.)
Task: {B17F9F53-1647-4609-989C-AEDBB00FB442} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {B89DF890-11AD-4A29-BCA4-877C34FD9C6C} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-05-30] (Lenovo)
Task: {BE680B06-8513-4657-BC95-9A768E6644CF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-16] (Google Inc.)
Task: {C04DBCD2-39E7-4F74-9F25-EB681500FBE4} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-01-10] (AVAST Software)
Task: {C78E5607-9E63-45B6-82D9-2AD0AEF42B19} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-12-07] (Lenovo)
Task: {CC4BF8F3-64B5-42C1-A148-C9FCD99FA8B0} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-01-10] (AVAST Software)
Task: {DB5D2748-FAFB-45C2-874E-707DB13EC28B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {DCBFDBD8-D8CB-4E4A-A6C5-22519A739BB1} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {E1815E4A-7E83-4BE2-B009-D80B6EAB0E9A} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\windows\system32\rundll32.exe C:\windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {FC746190-FA66-4D2A-939B-3755EFAB3518} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {FEDD5780-7112-438F-9438-50A27FE5E0EC} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
==================== Loaded Modules (Whitelisted) ==============
 
2016-07-16 03:42 - 2016-07-16 03:42 - 000231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-10-21 15:17 - 2017-09-06 22:01 - 002681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2014-10-25 03:47 - 2012-04-24 02:43 - 000390632 ____N () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2016-06-14 12:37 - 2016-06-14 12:37 - 008909504 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2016-05-27 14:50 - 2017-06-12 00:56 - 000401848 _____ () C:\WINDOWS\system32\igfxTray.exe
2016-09-20 10:21 - 2016-09-20 10:21 - 000134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-17 10:05 - 2017-03-03 22:31 - 000474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-06-28 20:38 - 2016-06-28 20:38 - 000138752 _____ () C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
2016-09-20 09:31 - 2010-10-26 11:40 - 000049056 _____ () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
2015-06-25 16:34 - 2015-06-25 16:34 - 000014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2015-06-25 16:37 - 2015-06-25 16:37 - 000739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-06-25 16:35 - 2015-06-25 16:35 - 000014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2015-06-25 16:38 - 2015-06-25 16:38 - 000071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-25 15:53 - 2015-06-25 15:53 - 000011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2015-06-25 15:51 - 2015-06-25 15:51 - 002013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2017-12-27 14:10 - 2017-12-27 14:12 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.10.572.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-12-27 14:10 - 2017-12-27 14:12 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.10.572.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-03-17 10:06 - 2017-03-03 22:05 - 001401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-17 10:06 - 2017-03-03 22:12 - 009760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-17 10:06 - 2017-03-03 22:05 - 000757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-12-13 08:24 - 2017-11-29 23:32 - 001033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-12-13 08:25 - 2017-11-29 23:32 - 002424832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-12-13 08:25 - 2017-11-29 23:34 - 004853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2018-01-10 02:08 - 2018-01-03 01:20 - 004063064 _____ () C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.132\libglesv2.dll
2018-01-10 02:08 - 2018-01-03 01:20 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.132\libegl.dll
2015-10-08 03:55 - 2012-01-17 14:09 - 000022944 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinServicePS.dll
2015-10-08 03:55 - 2010-08-22 19:01 - 000325632 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtXml4.dll
2015-10-08 03:55 - 2010-08-22 19:01 - 007187456 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtGui4.dll
2015-10-08 03:55 - 2010-08-22 19:01 - 000847360 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtNetwork4.dll
2015-10-08 03:55 - 2010-08-22 19:01 - 001954304 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtCore4.dll
2015-10-08 03:55 - 2010-08-22 18:32 - 000119808 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\imageformats\qjpeg4.dll
2015-10-08 03:55 - 2012-01-17 13:27 - 000669696 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\gateways\GenericBelkinGatewayLOC.dll
2018-01-10 02:09 - 2018-01-10 02:09 - 000206152 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2018-01-10 02:09 - 2018-01-10 02:09 - 000058016 _____ () C:\Program Files\AVAST Software\Avast\module_lifetime.dll
2018-01-10 02:09 - 2018-01-10 02:09 - 000057504 _____ () C:\Program Files\AVAST Software\Avast\dll_loader.dll
2017-07-04 09:25 - 2017-07-04 09:25 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-01-10 02:09 - 2018-01-10 02:09 - 000289272 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2018-01-10 02:09 - 2018-01-10 02:09 - 000282560 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2014-10-25 03:05 - 2013-09-16 11:20 - 001242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2017-12-13 08:41 - 2017-12-13 08:41 - 044752080 _____ () C:\Users\salma\AppData\Local\SweetLabs App Platform\Engine\libPokki.dll
2016-06-14 12:38 - 2016-06-14 12:38 - 008909504 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2017-12-13 08:41 - 2017-12-13 08:41 - 001413856 _____ () C:\Users\salma\AppData\Local\SweetLabs App Platform\Engine\avcodec-54.dll
2017-12-13 08:41 - 2017-12-13 08:41 - 000164064 _____ () C:\Users\salma\AppData\Local\SweetLabs App Platform\Engine\avutil-51.dll
2017-12-13 08:41 - 2017-12-13 08:41 - 000235744 _____ () C:\Users\salma\AppData\Local\SweetLabs App Platform\Engine\avformat-54.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 05:25 - 2018-01-10 03:38 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2885589384-1567697907-1413021575-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\salma\Pictures\night.jpg
HKU\S-1-5-21-2885589384-1567697907-1413021575-1005\Control Panel\Desktop\\Wallpaper -> C:\windows\Web\Wallpaper\Lenovo\LenovoWallPaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
MSCONFIG\Services: AdaptiveSleepService => 2
MSCONFIG\Services: AffinegyService => 2
MSCONFIG\Services: LSCWinService => 3
MSCONFIG\Services: MaxthonUpdateSvc => 2
MSCONFIG\Services: RichVideo64 => 2
MSCONFIG\Services: rtop => 2
HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
HKLM\...\StartupApproved\Run: => "ETDCtrl"
HKLM\...\StartupApproved\Run: => "ForteConfig"
HKLM\...\StartupApproved\Run: => "cAudioFilterAgent"
HKLM\...\StartupApproved\Run: => "StartCN"
HKLM\...\StartupApproved\Run: => "IgfxTray"
HKLM\...\StartupApproved\Run32: => "Adobe Reader Speed Launcher"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKU\S-1-5-21-2885589384-1567697907-1413021575-1001\...\StartupApproved\StartupFolder: => "Send to OneNote.lnk"
HKU\S-1-5-21-2885589384-1567697907-1413021575-1001\...\StartupApproved\Run: => "DVDFab VDrive"
HKU\S-1-5-21-2885589384-1567697907-1413021575-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2885589384-1567697907-1413021575-1001\...\StartupApproved\Run: => "EADM"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [UDP Query User{FEBBFF4E-8AFD-4F69-AE1F-9ED0F3FF2491}C:\users\salma\appdata\roaming\utorrent\updates\3.4.7_42330.exe] => (Block) C:\users\salma\appdata\roaming\utorrent\updates\3.4.7_42330.exe
FirewallRules: [TCP Query User{1658BB87-0378-4C98-AEF1-7EA9AC012BC8}C:\users\salma\appdata\roaming\utorrent\updates\3.4.7_42330.exe] => (Block) C:\users\salma\appdata\roaming\utorrent\updates\3.4.7_42330.exe
FirewallRules: [{EA2DE6AE-28E4-424D-B87A-C3AA5E8BF5A1}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{39F80E00-B0F0-4C38-81CC-4E1B3687B433}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{EC6AAD4B-3C5B-43EA-AA47-2E2600AC395E}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe
FirewallRules: [{43A4E1AB-45A8-4CD8-B936-252AF789DF25}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe
FirewallRules: [{FE0E3596-0903-4532-89BB-CBEB4761FA7F}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
FirewallRules: [{B5518B9C-E04F-408B-BFA8-56966E803834}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
FirewallRules: [{2F9CDD38-A2AD-4581-9A0F-0B80D5C61E34}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{E09DF548-A57C-4176-96C8-57685F64CFF2}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{F7F80973-CEA6-478F-9E86-99F148153CC7}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{20904E21-8543-4C31-8025-98F75647EB7B}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoPlus.exe
FirewallRules: [{D37A0369-CD3C-4960-99DF-509510723276}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\subsys\AdvPhotoEditor\PhotoDirector5.exe
FirewallRules: [{D847EEFB-CC16-40EE-876A-12466C3E4DE0}] => (Allow) LPort=55100
FirewallRules: [{80D59D3E-9340-4D49-8D63-33ADC068A1FB}] => (Allow) C:\Program Files\Lenovo PhotoMasterImport\PhotoMasterImport.exe
FirewallRules: [{BD79A9C0-98BE-4B48-80D1-E41207D379DE}] => (Allow) C:\Users\salma\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{EED03F83-2628-496C-B506-9E03BC8C7752}] => (Allow) C:\Users\salma\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{8E203D46-B878-4B6B-AA16-1F2BE570E433}] => (Allow) C:\Users\salma\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{89F57AB3-2624-4F45-AB04-0632E95BE604}] => (Allow) C:\Users\salma\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{99994E5B-B9D7-4F80-8D84-1983D8087247}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{11753418-7FCC-4D74-8F78-3779053B3B9D}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{74444511-8793-4C56-B04E-BBA81EFF5C0D}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{35B759B0-FBE9-4982-B0C3-07386F65F436}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [TCP Query User{D0A4C1CC-929D-4961-B9DC-B9957B0518DF}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [UDP Query User{E93169E5-1D1B-4AAA-A7E2-F5B3AEBD7ACD}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [{5F9E5B29-1058-4FB3-BAF8-45888F3465F2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7CE56A27-B182-49D1-8AAD-C0B568D85521}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{0F129F71-45B9-46E6-A6F2-054CC833D89A}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{31A15D34-156D-476E-A415-8C561C8AB121}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{0149933F-D8B0-443E-A015-31E5CCD990D6}] => (Allow) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
FirewallRules: [{100A9DAA-C46B-4BD9-A189-2AC3B829DBCB}] => (Allow) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
FirewallRules: [{76DBC74A-B2C7-4C2C-B050-33F9D4B517E2}] => (Allow) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
FirewallRules: [{2DE9A0C9-B143-4C02-B3FC-50645D114CE4}] => (Allow) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
FirewallRules: [{95E0DAF1-69F8-4FDB-A8A0-554D297D3235}] => (Allow) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
FirewallRules: [{0B737B9D-1D9A-431D-8E2D-66A3A3FE1AF8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0D3570A9-61A5-4724-8744-5EBEB7147A1B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4F419567-BCA6-4822-B199-2CB4240AD1E5}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{1A34221F-E449-4D5E-8C3E-472905D11996}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{E38883EE-9F9D-4633-9D56-C7FB72861724}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{0EE278F1-9963-4A90-8736-75DD20EB95C1}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{F7983CD9-4CD2-4ACF-B452-1E0E638230A4}] => (Allow) D:\Applications\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{619D8735-BB29-4FFE-A041-23F7E1D0F604}] => (Allow) D:\Applications\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{EF3486F3-D680-40CA-A3BC-F0E76D1390BD}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Restore Points =========================
 
13-12-2017 08:28:19 Windows Update
28-12-2017 06:59:46 Scheduled Checkpoint
10-01-2018 03:34:28 Installed Lenovo Solution Center.
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (01/10/2018 03:40:15 AM) (Source: LSC.Services.SystemService) (EventID: 0) (User: )
Description: Service cannot be started. The handle is invalid
 
Error: (01/10/2018 03:35:09 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
.
 
Error: (01/10/2018 02:18:46 AM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Enumerating user sessions to generate filter pools failed.
 
Details:
(HRESULT : 0x80040210) (0x80040210)
 
Error: (01/10/2018 02:15:04 AM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error
 
Error: (01/10/2018 02:14:40 AM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error
 
Error: (01/10/2018 02:13:01 AM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error
 
Error: (01/10/2018 02:12:28 AM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error
 
Error: (01/10/2018 02:12:21 AM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error
 
Error: (01/10/2018 02:03:18 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
 
Error: (01/10/2018 02:01:12 AM) (Source: COM) (EventID: 10031) (User: )
Description: An unmarshaling policy check was performed when unmarshaling a custom marshaled object and the class {2CD39202-3A2F-4935-9A86-65B919919A7F} was rejected
 
 
System errors:
=============
Error: (01/10/2018 03:35:25 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {784E29F4-5EBE-4279-9948-1E8FE941646D} did not register with DCOM within the required timeout.
 
Error: (01/10/2018 03:24:18 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {784E29F4-5EBE-4279-9948-1E8FE941646D} did not register with DCOM within the required timeout.
 
Error: (01/10/2018 02:45:50 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (01/10/2018 02:29:53 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Avast Antivirus service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 5000 milliseconds: Restart the service.
 
Error: (01/10/2018 02:24:03 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {784E29F4-5EBE-4279-9948-1E8FE941646D} did not register with DCOM within the required timeout.
 
Error: (01/10/2018 02:19:39 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.
 
Error: (01/10/2018 02:19:38 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the FontCache3.0.0.0 service to connect.
 
Error: (01/10/2018 02:19:17 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (01/10/2018 02:19:17 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (01/10/2018 02:19:10 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 and APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
 
CodeIntegrity:
===================================
  Date: 2016-09-20 10:32:43.360
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-09-20 10:32:43.352
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-09-20 10:32:43.338
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-09-20 10:32:43.324
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-4510U CPU @ 2.00GHz
Percentage of memory in use: 62%
Total physical RAM: 6036.27 MB
Available physical RAM: 2269.75 MB
Total Virtual: 14740.27 MB
Available Virtual: 10643.5 MB
 
==================== Drives ================================
 
Drive c: (Windows8_OS) (Fixed) (Total:889.56 GB) (Free:804.69 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.64 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 6D8EBA57)
 
Partition: GPT.
 
==================== End of Addition.txt ============================

  • 0

Advertisements

#2
JSntgRvr
Posted 10 January 2018 - 03:59 PM

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,579 posts
Hi

Welcome :)

I'll be helping you with your computer.

Please read this post completely before beginning. If there's anything that you do not understand, please don't hesitate to ask before proceeding.

Please take note of the guidelines for this fix:
  • Please note that I am a volunteer. I do have a family, a career, and other endeavors that may prevent immediate responses that meet your schedule. Do note that the differences in time zones could present a problem as well. Your patience and understanding will be greatly appreciated.
  • First of all, the procedures we are about to perform are specific to your problem and should only be used on this specific computer.
  • Do not make any changes to your computer that include installing/uninstalling programs, deleting files, modifying the registry, nor running scanners or tools of any kind unless specifically requested by me.
  • Please read ALL instructions carefully and perform the steps fully and in the order they are written.
  • If things appear to be better, let me know. Just because the symptoms no longer exist as before, does not mean that you are clean.
  • Continue to read and follow my instructions until I tell you that your machine is clean.
  • If you have any questions at all, please do not hesitate to ask before performing the task that I ask of you, and please wait for my reply before you proceed.
  • Scanning with programs and reading the logs do take a fair amount of time. Again, your patience will be necessary. :)
Let's begin... :)
  • Highlight the entire content of the quote box below.

Start::
HKU\S-1-5-21-2885589384-1567697907-1413021575-1001\...\RunOnce: [Application Restart #6] => C:\Users\salma\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe [8629968 2017-12-13] (Pokki)
HKU\S-1-5-21-2885589384-1567697907-1413021575-1001\...\RunOnce: [Application Restart #4] => C:\Users\salma\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe [8629968 2017-12-13] (Pokki)
HKU\S-1-5-21-2885589384-1567697907-1413021575-1001\...\RunOnce: [Application Restart #3] => C:\Users\salma\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe [8629968 2017-12-13] (Pokki)
FirewallRules: [{D847EEFB-CC16-40EE-876A-12466C3E4DE0}] => (Allow) LPort=55100
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-2885589384-1567697907-1413021575-1001\...\RunOnce: [ ISSetupPrerequisistes] => C:\Users\salma\AppData\Local\Temp\LSC\LSCSetup.exe [77343536 2018-01-10] (Lenovo) <==== ATTENTION
C:\WINDOWS\system32\drivers\avc3.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION
C:\WINDOWS\system32\drivers\avchv.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION
C:\WINDOWS\system32\drivers\avckf.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
(Lenovo) C:\Users\salma\AppData\Local\Temp\LSC\LSCSetup.exe
HKU\S-1-5-21-2885589384-1567697907-1413021575-1001\...\RunOnce: [ ISSetupPrerequisistes] => C:\Users\salma\AppData\Local\Temp\LSC\LSCSetup.exe [77343536 2018-01-10] (Lenovo) <==== ATTENTION
C:\Users\salma\AppData\Local\Temp\LSC\LSCSetup.exe
2016-10-24 07:58 - 2011-05-11 16:48 - 001974272 _____ () C:\Users\salma\AppData\Local\Temp\ImationLOCKv229.exe
2016-09-23 08:47 - 2016-09-23 09:01 - 064108904 _____ (SweetLabs,Inc.) C:\Users\salma\AppData\Local\Temp\*.tmp.exe
2018-01-10 02:04 - 2018-01-10 02:05 - 005070952 _____ (Google Inc.) C:\Users\salma\AppData\Local\Temp\{53DFD25C-E6A3-4938-BFF0-128DCCDC4F51}-63.0.3239.132_63.0.3239.84_chrome_updater.exe
CMD: fltmc instances
Folder: C:\Windows\System32\Drivers
Reg: Reg query "HKLM\SYSTEM\Select"
HOSTS:
CMD: Removeproxy
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: ipconfig /flushdns
CMD: netsh winsock reset catalog
CMD: netsh int ip reset C:\resettcpip.txt
CMD: FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i"
CMD: Bitsadmin /Reset /Allusers
EMPTYTEMP:
Reboot:
End::

  • Right click on the highlighted text and select Copy.
  • Start FRST (FRST64) with Administrator privileges
  • Press the Fix button. FRST will process the lines copied above from the clipboard.
  • When finished, a log file (Fixlog.txt) will pop up and saved in the same location the tool was ran from.
Please copy and paste its contents in your next reply.

Download AdwCleaner from here. Save the file to the desktop.

NOTE: If you are using IE 8 or above you may get a warning that stops the program from downloading. Just click on the warning and allow the download to complete.

Close all open windows and browsers.
  • XP users: Double click the AdwCleaner icon to start the program.
  • Vista/7/8/10 users: Right click the AdwCleaner icon on the desktop, click Run as administrator and accept the UAC prompt to run AdwCleaner.
    You will see the following console:
65MBhLLb.png
  • Click the Scan button and wait for the scan to finish.
  • After the Scan has finished the window may or may not show what it found and above, in the progress bar, you will see: Pending. Please uncheck elements you don't want to remove.
  • Click the Clean button.
  • Everything checked will be moved to Quarantine.
  • When the program has finished cleaning a report appears.Once done it will ask to reboot, allow this
adwcleaner_delete_restart.jpg
  • On reboot a log will be produced please copy / paste that in your next reply. This report is also saved to C:\AdwCleaner\AdwCleaner[C0].txt

  • 0

#3
brazzo
Posted 11 January 2018 - 03:38 AM

brazzo

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts

Thanks for your response. I'll paste the logs from the two reports in this reply. I'm still getting popup tabs in chrome with different ads.

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 02.01.2018
Ran by salma (11-01-2018 01:03:13) Run:1
Running from C:\Users\salma\Desktop
Loaded Profiles: salma (Available Profiles: salma & 14f141)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
HKU\S-1-5-21-2885589384-1567697907-1413021575-1001\...\RunOnce: [Application Restart #6] => C:\Users\salma\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe [8629968 2017-12-13] (Pokki)
HKU\S-1-5-21-2885589384-1567697907-1413021575-1001\...\RunOnce: [Application Restart #4] => C:\Users\salma\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe [8629968 2017-12-13] (Pokki)
HKU\S-1-5-21-2885589384-1567697907-1413021575-1001\...\RunOnce: [Application Restart #3] => C:\Users\salma\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe [8629968 2017-12-13] (Pokki)
FirewallRules: [{D847EEFB-CC16-40EE-876A-12466C3E4DE0}] => (Allow) LPort=55100
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-2885589384-1567697907-1413021575-1001\...\RunOnce: [ ISSetupPrerequisistes] => C:\Users\salma\AppData\Local\Temp\LSC\LSCSetup.exe [77343536 2018-01-10] (Lenovo) <==== ATTENTION
C:\WINDOWS\system32\drivers\avc3.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION
C:\WINDOWS\system32\drivers\avchv.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION
C:\WINDOWS\system32\drivers\avckf.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
(Lenovo) C:\Users\salma\AppData\Local\Temp\LSC\LSCSetup.exe
HKU\S-1-5-21-2885589384-1567697907-1413021575-1001\...\RunOnce: [ ISSetupPrerequisistes] => C:\Users\salma\AppData\Local\Temp\LSC\LSCSetup.exe [77343536 2018-01-10] (Lenovo) <==== ATTENTION
C:\Users\salma\AppData\Local\Temp\LSC\LSCSetup.exe
2016-10-24 07:58 - 2011-05-11 16:48 - 001974272 _____ () C:\Users\salma\AppData\Local\Temp\ImationLOCKv229.exe
2016-09-23 08:47 - 2016-09-23 09:01 - 064108904 _____ (SweetLabs,Inc.) C:\Users\salma\AppData\Local\Temp\*.tmp.exe
2018-01-10 02:04 - 2018-01-10 02:05 - 005070952 _____ (Google Inc.) C:\Users\salma\AppData\Local\Temp\{53DFD25C-E6A3-4938-BFF0-128DCCDC4F51}-63.0.3239.132_63.0.3239.84_chrome_updater.exe
CMD: fltmc instances
Folder: C:\Windows\System32\Drivers
Reg: Reg query "HKLM\SYSTEM\Select"
HOSTS:
CMD: Removeproxy
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: ipconfig /flushdns
CMD: netsh winsock reset catalog
CMD: netsh int ip reset C:\resettcpip.txt
CMD: FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i"
CMD: Bitsadmin /Reset /Allusers
EMPTYTEMP:
Reboot:
 
*****************
 
"HKU\S-1-5-21-2885589384-1567697907-1413021575-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Application Restart #6" => not found
"HKU\S-1-5-21-2885589384-1567697907-1413021575-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Application Restart #4" => not found
"HKU\S-1-5-21-2885589384-1567697907-1413021575-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Application Restart #3" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D847EEFB-CC16-40EE-876A-12466C3E4DE0}" => removed successfully
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
"HKU\S-1-5-21-2885589384-1567697907-1413021575-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\ ISSetupPrerequisistes" => not found
"C:\WINDOWS\system32\drivers\avc3.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION" => not found
"C:\WINDOWS\system32\drivers\avchv.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION" => not found
"C:\WINDOWS\system32\drivers\avckf.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION" => not found
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui" => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => key not found
C:\Users\salma\AppData\Local\Temp\LSC\LSCSetup.exe => No running process found
"HKU\S-1-5-21-2885589384-1567697907-1413021575-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\ ISSetupPrerequisistes" => not found
"C:\Users\salma\AppData\Local\Temp\LSC\LSCSetup.exe" => not found
"C:\Users\salma\AppData\Local\Temp\ImationLOCKv229.exe" => not found
 
=========== "C:\Users\salma\AppData\Local\Temp\*.tmp.exe" ==========
 
not found
 
========= End -> "C:\Users\salma\AppData\Local\Temp\*.tmp.exe" ========
 
"C:\Users\salma\AppData\Local\Temp\{53DFD25C-E6A3-4938-BFF0-128DCCDC4F51}-63.0.3239.132_63.0.3239.84_chrome_updater.exe" => not found
 
========= fltmc instances =========
 
Filter                Volume Name                              Altitude        Instance Name       Frame   SprtFtrs  VlStatus
--------------------  -------------------------------------  ------------  ----------------------  -----   --------  --------
FileInfo                                                         40500     FileInfo                  0     00000007  
FileInfo                                                         40500     FileInfo                  0     00000007  
FileInfo              \Device\HarddiskVolume3                    40500     FileInfo                  0     00000007  
FileInfo              C:                                         40500     FileInfo                  0     00000007  
FileInfo              D:                                         40500     FileInfo                  0     00000007  
FileInfo                                                         40500     FileInfo                  0     00000007  
FileInfo              \Device\HarddiskVolume9                    40500     FileInfo                  0     00000007  Detached
FileInfo              \Device\Mup                                40500     FileInfo                  0     00000007  
Wof                                                              40700     Wof Instance              0     00000007  
Wof                   C:                                         40700     Wof Instance              0     00000007  
Wof                   D:                                         40700     Wof Instance              0     00000007  
Wof                                                              40700     Wof Instance              0     00000007  
aswMonFlt                                                       320700     aswMonFlt Instance        0     00000004  
aswMonFlt                                                       320700     aswMonFlt Instance        0     00000004  
aswMonFlt             \Device\HarddiskVolume3                   320700     aswMonFlt Instance        0     00000004  
aswMonFlt             C:                                        320700     aswMonFlt Instance        0     00000004  
aswMonFlt             D:                                        320700     aswMonFlt Instance        0     00000004  
aswMonFlt                                                       320700     aswMonFlt Instance        0     00000004  
aswMonFlt             \Device\HarddiskVolume9                   320700     aswMonFlt Instance        0     00000004  Detached
aswMonFlt             \Device\Mup                               320700     aswMonFlt Instance        0     00000004  
aswSP                                                           388401     aswSP Instance            0     00000004  
aswSP                                                           388401     aswSP Instance            0     00000004  
aswSP                 \Device\HarddiskVolume3                   388401     aswSP Instance            0     00000004  
aswSP                 C:                                        388401     aswSP Instance            0     00000004  
aswSP                 D:                                        388401     aswSP Instance            0     00000004  
aswSP                                                           388401     aswSP Instance            0     00000004  
aswSP                 \Device\HarddiskVolume9                   388401     aswSP Instance            0     00000004  Detached
aswSnx                                                          137600     aswSnx Instance           0     00000000  
aswSnx                                                          137600     aswSnx Instance           0     00000000  
aswSnx                \Device\HarddiskVolume3                   137600     aswSnx Instance           0     00000000  
aswSnx                C:                                        137600     aswSnx Instance           0     00000000  
aswSnx                D:                                        137600     aswSnx Instance           0     00000000  
aswSnx                                                          137600     aswSnx Instance           0     00000000  
aswSnx                \Device\HarddiskVolume9                   137600     aswSnx Instance           0     00000000  Detached
aswSnx                \Device\Mup                               137600     aswSnx Instance           0     00000000  
luafv                 C:                                        135000     luafv                     0     00000007  
npsvctrig             \Device\NamedPipe                          46000     npsvctrig                 0     00000000  
wcifs                 C:                                        189900     wcifs Instance            0     00000007  
 
========= End of CMD: =========
 
 
========================= Folder: C:\Windows\System32\Drivers ========================
 
2017-09-29 05:41 - 2017-09-29 05:41 - 000237056 ____A [08312DEEF0D3F8647AA53AD90A69094E] (Microsoft Corporation) C:\Windows\System32\Drivers\1394ohci.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000107416 ____A [645009E711BBF117CCEE917A03FB0CDD] (LSI) C:\Windows\System32\Drivers\3ware.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000733592 ____A [91A59E1A94F1A267FA9F8F6FC9AA9497] (Microsoft Corporation) C:\Windows\System32\Drivers\acpi.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000020480 ____A [44EA35A4B397898A83BF1B9B4B8DAE35] (Microsoft Corporation) C:\Windows\System32\Drivers\AcpiDev.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000127896 ____A [91D113A1532B8AB1E25B7DE5AB3C2F83] (Microsoft Corporation) C:\Windows\System32\Drivers\acpiex.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000012800 ____A [620BB2682BA625DF037072D89F44F6EE] (Microsoft Corporation) C:\Windows\System32\Drivers\acpipagr.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000014336 ____A [B9805A3C479390CEAEA5AEF5E4A90A2E] (Microsoft Corporation) C:\Windows\System32\Drivers\acpipmi.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000013312 ____A [ABD4EB55C661143B015BD0B9B47B235C] (Microsoft Corporation) C:\Windows\System32\Drivers\acpitime.sys
2013-02-17 09:48 - 2014-10-25 03:54 - 000035600 ____A [AF7A18603B0B82DFA5B420456FAF2201] (Lenovo Corporation) C:\Windows\System32\Drivers\AcpiVpc.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 001135512 ____A [8C58BD711FAD5F11E8CFDBC5CED973A5] (PMC-Sierra) C:\Windows\System32\Drivers\adp80xx.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000614296 ____A [6FB5A2026B16D596DEABF550E7A4BD82] (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000108032 ____A [ED0EE10911C16AD8B21B9003C90E968F] (Microsoft Corporation) C:\Windows\System32\Drivers\agilevpn.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000240640 ____A [56166D110D3ECFFC595E5FA02D9BA491] (Microsoft Corporation) C:\Windows\System32\Drivers\ahcache.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000180224 ____A [62619E31AFF88F906A7E793AC4A9FF51] (Microsoft Corporation) C:\Windows\System32\Drivers\amdk8.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000178176 ____A [735142DD039BEB35632765C41FC6E397] (Microsoft Corporation) C:\Windows\System32\Drivers\amdppm.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000083352 ____A [F1C16AABA27E9E153AEC7BD2AB853F30] (Advanced Micro Devices) C:\Windows\System32\Drivers\amdsata.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000258592 ____A [C834D0F1ECB8473E9E6D18EE1BCEECB2] (AMD Technologies Inc.) C:\Windows\System32\Drivers\amdsbs.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000027032 ____A [49203D2FFE30CBB36BE66A0E70F3D954] (Advanced Micro Devices) C:\Windows\System32\Drivers\amdxata.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000191008 ____A [3692C75C47285D388C886D162F54C430] (Microsoft Corporation) C:\Windows\System32\Drivers\appid.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000018432 ____A [1E085E2302D568F0CE041732B3E887B0] (Microsoft Corporation) C:\Windows\System32\Drivers\applockerfltr.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000131992 ____A [B42C83DE28776B80DBA1310C56DD4F74] (PMC-Sierra, Inc.) C:\Windows\System32\Drivers\arcsas.sys
2017-11-11 03:51 - 2018-01-10 02:09 - 000185096 ____A [6212832F13B296DDBC85B24E22EDB5EC] (AVAST Software) C:\Windows\System32\Drivers\aswArPot.sys
2017-03-08 08:33 - 2018-01-10 02:09 - 000321512 ____A [9E3CAA4E0E81BDC0E529BF3B32F9A08F] (AVAST Software) C:\Windows\System32\Drivers\aswbidsdrivera.sys
2017-03-08 08:33 - 2018-01-10 02:09 - 000199448 ____A [FD31AC49D034541FF25BD6B158153035] (AVAST Software) C:\Windows\System32\Drivers\aswbidsha.sys
2017-03-08 08:33 - 2018-01-10 02:09 - 000343768 ____A [47DF29AA4FBE5A290B309D7F9109233E] (AVAST Software) C:\Windows\System32\Drivers\aswbloga.sys
2017-03-08 08:33 - 2018-01-10 02:09 - 000057696 ____A [0C9979B3B4B8472EB4286DFBBE37DEDA] (AVAST Software) C:\Windows\System32\Drivers\aswbuniva.sys
2018-01-10 02:10 - 2018-01-10 02:09 - 000149344 ____A [98A539F491E18AD6B9A9B62D6588F86E] (AVAST Software) C:\Windows\System32\Drivers\aswHdsKe.sys
2015-02-01 03:33 - 2018-01-10 02:09 - 000046976 ____A [0A857F3B9D698BDABAE369906E7E785E] (AVAST Software) C:\Windows\System32\Drivers\aswHwid.sys
2015-02-01 03:33 - 2018-01-10 02:09 - 000146664 ____A [EB132BE4994AFCE8BF37D4A6C4B4627B] (AVAST Software) C:\Windows\System32\Drivers\aswMonFlt.sys
2015-02-01 03:33 - 2017-07-24 16:33 - 000146664 ____A [580B81A80E0FDD35EBD92F8C5591181F] (AVAST Software) C:\Windows\System32\Drivers\aswmonflt.sys.150094287278103
2015-02-01 03:33 - 2018-01-10 02:09 - 000110336 ____A [C59C55F8A6ADCDB0A0550C2A4DA54AAC] (AVAST Software) C:\Windows\System32\Drivers\aswRdr2.sys
2015-02-01 03:33 - 2018-01-10 02:09 - 000084384 ____A [EEE0BE78C10DD68D6ABB076E88D60B96] (AVAST Software) C:\Windows\System32\Drivers\aswRvrt.sys
2015-02-01 03:33 - 2018-01-10 02:09 - 001025176 ____A [A2287AC5418073C2A584814C8B2997F8] (AVAST Software) C:\Windows\System32\Drivers\aswSnx.sys
2015-02-01 03:33 - 2018-01-10 02:09 - 000457400 ____A [32E1CDA6291ACE8803CC21D426600B31] (AVAST Software) C:\Windows\System32\Drivers\aswSP.sys
2015-02-01 03:33 - 2016-07-13 08:09 - 000473592 ____A [51EBFBA074F2002F4DBF76C0AF4DF95D] (AVAST Software) C:\Windows\System32\Drivers\aswsp.sys.146842633075002
2015-02-01 03:33 - 2016-07-13 08:12 - 000473592 ____A [CC98A75D1E39C018CD061697B144B90F] (AVAST Software) C:\Windows\System32\Drivers\aswsp.sys.146842633834305
2015-02-01 03:33 - 2018-01-10 02:09 - 000204456 ____A [CFED6D223DFB776AD9FCF1661F0B8D1C] (AVAST Software) C:\Windows\System32\Drivers\aswStm.sys
2015-02-01 03:33 - 2017-09-23 02:43 - 000199312 ____A [D52C712E76F03204DA488BCC6391E123] (AVAST Software) C:\Windows\System32\Drivers\aswstm.sys.150616463179705
2015-02-01 03:33 - 2018-01-10 02:09 - 000358672 ____A [BC5A2D81EACCC1791AA19C45E1A083CC] (AVAST Software) C:\Windows\System32\Drivers\aswVmm.sys
2015-02-01 03:33 - 2017-07-04 09:25 - 000360792 ____A [7931BD782515E22AA005B01AD1C4424F] (AVAST Software) C:\Windows\System32\Drivers\aswvmm.sys.149918921696806
2017-09-29 05:41 - 2017-09-29 05:41 - 000028160 ____A [C2151380227CD1F7DDA2401C1F151367] (Microsoft Corporation) C:\Windows\System32\Drivers\asyncmac.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000028568 ____A [6191B9B2EE0E8CB957C683B9B341CC86] (Microsoft Corporation) C:\Windows\System32\Drivers\atapi.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000194456 ____A [D180C7FB83CB30387EFF061B49E323E6] (Microsoft Corporation) C:\Windows\System32\Drivers\ataport.sys
2016-08-04 01:48 - 2016-08-04 01:48 - 000060960 ____A [33A1D7D47835969570C34D911496DF12] (Advanced Micro Devices, Inc.) C:\Windows\System32\Drivers\ati2erec.dll
2016-08-04 01:48 - 2016-08-04 01:48 - 026706464 ____A [0FD987AF0917051B73AC3772063CE345] (Advanced Micro Devices, Inc.) C:\Windows\System32\Drivers\atikmdag.sys
2016-08-04 01:48 - 2016-08-04 01:48 - 000518176 ____A [610080DFF91184EC9058030A626597E9] (Advanced Micro Devices, Inc.) C:\Windows\System32\Drivers\atikmpag.sys
2015-02-01 02:58 - 2015-02-01 02:58 - 000000000 ____A [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\avc3.sys
2015-02-01 02:58 - 2015-02-01 02:58 - 000000000 ____A [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\avchv.sys
2015-02-01 02:58 - 2015-02-01 02:58 - 000000000 ____A [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\avckf.sys
2017-09-29 05:42 - 2017-09-29 05:42 - 000060312 ____A [A5E8423AB9369A303254790D39E03D0F] (Microsoft Corporation) C:\Windows\System32\Drivers\bam.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000058880 ____A [2A7267AA15E508F6D05A5B562F1FD1CE] (Microsoft Corporation) C:\Windows\System32\Drivers\BasicDisplay.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000034816 ____A [191AE4CE10193F0DE6ECCA57AF43EA7D] (Microsoft Corporation) C:\Windows\System32\Drivers\BasicRender.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000039832 ____A [B19B0EC8F75528E577EE4EF7AD608A68] (Microsoft Corporation) C:\Windows\System32\Drivers\battc.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000009728 ____A [739D089777D2B66DBE7201E5EA4BA2D7] (Windows ® Win 7 DDK provider) C:\Windows\System32\Drivers\bcmfn2.sys
2017-09-29 05:42 - 2017-09-29 05:42 - 000010240 ____A [EDDAA3A563E7EB71C991FE91249C7D81] (Microsoft Corporation) C:\Windows\System32\Drivers\beep.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000101888 ____A [D030A1203680D66716F4E74053468627] (Microsoft Corporation) C:\Windows\System32\Drivers\bowser.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000116736 ____A [167408B38458ECAE545C57527BC99024] (Microsoft Corporation) C:\Windows\System32\Drivers\bridge.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000023040 ____A [D2C5B02A3C303E2315F0C84DE366BBA4] (Microsoft Corporation) C:\Windows\System32\Drivers\BtaMPM.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000045056 ____A [A4863B7B1F0DB513D6E34547BACC211A] (Microsoft Corporation) C:\Windows\System32\Drivers\BthAvrcpTg.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000105472 ____A [82BD96D56574231AD0E9BBF293EA2E7F] (Microsoft Corporation) C:\Windows\System32\Drivers\bthenum.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000107008 ____A [9C9EE272C11252C651C5DE6A1AC1EDAA] (Microsoft Corporation) C:\Windows\System32\Drivers\bthhfenum.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000031232 ____A [69734E386826ED857C889330F35B4D9C] (Microsoft Corporation) C:\Windows\System32\Drivers\BthhfHid.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000083968 ____A [338B8D45C7DFB03DB7957188E16C9661] (Microsoft Corporation) C:\Windows\System32\Drivers\bthl2cap.sys
2017-09-29 05:40 - 2017-09-29 05:40 - 000067584 ____A [A94AFAEA86F5F792BB4ECA095B231464] (Microsoft Corporation) C:\Windows\System32\Drivers\bthmodem.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000129536 ____A [4F58D8C265FFA943878CF7F922432847] (Microsoft Corporation) C:\Windows\System32\Drivers\bthpan.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 001014784 ____A [96AB0419865F2BA24B6FFAEBBF687D30] (Microsoft Corporation) C:\Windows\System32\Drivers\bthport.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000085504 ____A [55C836530A9602255BFB4F5D9DA2B737] (Microsoft Corporation) C:\Windows\System32\Drivers\BTHUSB.SYS
2017-09-29 05:41 - 2017-09-29 05:41 - 000037784 ____A [39E7437FC59CDD7A303ABD514E462E8B] (Microsoft Corporation) C:\Windows\System32\Drivers\bttflt.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000039424 ____A [522888590B0C19BC8128119060AE7901] (Microsoft Corporation) C:\Windows\System32\Drivers\buttonconverter.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000533912 ____A [A921805C1ED3253DF48FCA4D724173EB] (QLogic Corporation) C:\Windows\System32\Drivers\bxvbda.sys
2017-09-29 05:40 - 2017-09-29 05:40 - 000060312 ____A [2AB01CE5E233A6FBA3E91BD57772AA4B] (Microsoft Corporation) C:\Windows\System32\Drivers\CAD.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000122368 ____A [F6F97879F53AD57194C6BC8272FD73EA] (Microsoft Corporation) C:\Windows\System32\Drivers\capimg.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000093184 ____A [9E82A95D77AC78C84BA75FF896B060BF] (Microsoft Corporation) C:\Windows\System32\Drivers\cdfs.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000159744 ____A [6D83565C1652E80447EDEA6947FA89D7] (Microsoft Corporation) C:\Windows\System32\Drivers\cdrom.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000078744 ____A [39ACF04B3C31E36C2FD9D08E20E50EAB] (Microsoft Corporation) C:\Windows\System32\Drivers\CEA.sys
2015-05-19 00:30 - 2015-05-19 00:30 - 001543912 ____A [579B8A665076612D65107D3C7F80CBF7] (Conexant Systems Inc.) C:\Windows\System32\Drivers\CHDRT64.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000141208 ____A [74A59AF129FBA5BDB23F8BCCF2CB87CA] (Chelsio Communications) C:\Windows\System32\Drivers\cht4dx64.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000357272 ____A [D81954CE5E016FD716EDDB2B2FD9BA58] (Chelsio Communications) C:\Windows\System32\Drivers\cht4sx64.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 001723288 ____A [F9A8570805807FFD66488F0A858E1308] (Chelsio Communications) C:\Windows\System32\Drivers\cht4vx64.sys
2017-09-29 05:40 - 2017-09-29 05:40 - 000049152 ____A [9798D58461706930190F1F2F6BF21D80] (Microsoft Corporation) C:\Windows\System32\Drivers\circlass.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000403352 ____A [ECC5538B63A59433EFCB1B6B07B4CE92] (Microsoft Corporation) C:\Windows\System32\Drivers\Classpnp.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000384000 ____A [CC8F32D22A8616F3A38FE43B23611CC5] (Microsoft Corporation) C:\Windows\System32\Drivers\cldflt.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000373656 ____A [DD75A7EA5E017CD438F6959C77C518B0] (Microsoft Corporation) C:\Windows\System32\Drivers\clfs.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 001007512 ____A [0F83CF4020B740E655FD1F16F205D6F2] (Microsoft Corporation) C:\Windows\System32\Drivers\ClipSp.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000029696 ____A [2BA3BA38B5A6A667B0EAEC477276707B] (Microsoft Corporation) C:\Windows\System32\Drivers\CmBatt.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000028568 ____A [D03D8CE249E56CB8730C9B68070B3128] (Microsoft Corporation) C:\Windows\System32\Drivers\cmimcext.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000676384 ____A [BBCBD9538087448D2D35915E3D1DBE1D] (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000039320 ____A [C65AF00EF12A1755E7CA370B0C71935D] (Microsoft Corporation) C:\Windows\System32\Drivers\cnghwassist.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000055704 ____A [65602B0DB49199647FECB2D1212147BE] (Microsoft Corporation) C:\Windows\System32\Drivers\condrv.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000085912 ____A [CFC52E0DAA2A166F820B64C7E69F2352] (Microsoft Corporation) C:\Windows\System32\Drivers\crashdmp.sys
2016-09-20 09:32 - 2014-11-26 10:01 - 000004664 ____A [7285FEA47B86D8010C0E74A0265663C6] () C:\Windows\System32\Drivers\CxSfPt.dat
2017-09-29 05:42 - 2017-09-29 05:42 - 000081304 ____A [72BE43ABD786E86AAE7EA2193201E100] (Microsoft Corporation) C:\Windows\System32\Drivers\dam.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000045056 ____A [2815014369223622056AEEB694C97A77] (Microsoft Corporation) C:\Windows\System32\Drivers\devauthe.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000151040 ____A [9910E9CFF5ECDCB225F82E72CE9DE459] (Microsoft Corporation) C:\Windows\System32\Drivers\dfsc.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000094104 ____A [811173C821171BB910219E53C7FD97AD] (Microsoft Corporation) C:\Windows\System32\Drivers\disk.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000038808 ____A [64DE1EFFA2D1DABE314D180CBA96A6E8] (Microsoft Corporation) C:\Windows\System32\Drivers\Diskdump.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000015360 ____A [A57FE4C5DBA7EEAEE6D2DABD14EC4A6D] (Microsoft Corporation) C:\Windows\System32\Drivers\Dmpusbstor.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000046592 ____A [569FE16775E15A49DC904DE20BF8CAA0] (Microsoft Corporation) C:\Windows\System32\Drivers\dmvsc.sys
2017-09-29 05:40 - 2017-09-29 05:40 - 000096768 ____A [C0A469AC69B3934424350A23A3EF5CDA] (Microsoft Corporation) C:\Windows\System32\Drivers\drmk.sys
2017-09-29 05:40 - 2017-09-29 05:40 - 000016224 ____A [F4800922F4ABA619585CE320A72E6389] (Microsoft Corporation) C:\Windows\System32\Drivers\drmkaud.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000035736 ____A [81F3B917B75C436CECF4D3CD0E349724] (Microsoft Corporation) C:\Windows\System32\Drivers\Dumpata.sys
2017-09-29 05:43 - 2017-09-29 05:43 - 000091152 ____A [34FCF4D7956137A2EAB740CB4CCA5545] (Microsoft Corporation) C:\Windows\System32\Drivers\dumpfve.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000187288 ____A [56438469FE6EE0F50807ED7580840B54] (Microsoft Corporation) C:\Windows\System32\Drivers\dumpsd.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000032256 ____A [4BFDD041919A38D740E241F2FBCA22F0] (Microsoft Corporation) C:\Windows\System32\Drivers\dumpsdport.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000025600 ____A [C553147AB11C2D142660347BF134AFE6] (Microsoft Corporation) C:\Windows\System32\Drivers\Dumpstorport.sys
2015-02-01 03:12 - 2012-11-13 10:24 - 000012776 ____A [B86210650F0B2E8B60F1B227ADA5E9E3] (Fengtao Software Inc.) C:\Windows\System32\Drivers\dvdfabio.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 002573208 ____A [6981B287013ABCC74E2122761AB68AA7] (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000408096 ____A [AB7C29E978A28FB0EE274A3908E601CE] (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms1.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000749976 ____A [0B7D7A6DDB0830FB5F5A49AC6A0BDCF4] (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms2.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000087960 ____A [260BBD6B1ED06298E509B452354EDB91] (Microsoft Corporation) C:\Windows\System32\Drivers\EhStorClass.sys
2017-09-29 05:40 - 2017-09-29 05:40 - 000118680 ____A [F3BEBDC1B9DBA32F183079EAE6244837] (Microsoft Corporation) C:\Windows\System32\Drivers\EhStorTcgDrv.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000013824 ____A [1B63CA857FD03FD0A5A1379F2996784F] (Microsoft Corporation) C:\Windows\System32\Drivers\errdev.sys
2015-10-07 01:11 - 2015-10-07 01:11 - 000525512 ____A [6BD85B39B7B23F03B24CF641ED29147B] (ELAN Microelectronics Corp.) C:\Windows\System32\Drivers\ETD.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 003419032 ____A [C99D40C97841E0A7F0F90B8629593A97] (QLogic Corporation) C:\Windows\System32\Drivers\evbda.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000354304 ____A [F1ACA42D448E3986565EA54275EEEA65] (Microsoft Corporation) C:\Windows\System32\Drivers\exfat.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000371608 ____A [0AF4B36754A6EAE794EE4398E219A9E1] (Microsoft Corporation) C:\Windows\System32\Drivers\fastfat.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000032768 ____A [7CD8426A33F06EB72BFEC51F7C264AF8] (Microsoft Corporation) C:\Windows\System32\Drivers\fdc.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000055808 ____A [DE51BBBCF358188F9736F031546F9908] (Microsoft Corporation) C:\Windows\System32\Drivers\filecrypt.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000085400 ____A [822F664952B0F8D11BB6BD2F11779602] (Microsoft Corporation) C:\Windows\System32\Drivers\fileinfo.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000036864 ____A [5A4935682A0D47A4EAC4BE3C2ACF74D6] (Microsoft Corporation) C:\Windows\System32\Drivers\filetrace.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000026624 ____A [60641F22D1D38EAD197C25F0339C9712] (Microsoft Corporation) C:\Windows\System32\Drivers\flpydisk.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000398744 ____A [0C98D8F7867A8644EDA43865B15908C0] (Microsoft Corporation) C:\Windows\System32\Drivers\fltMgr.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000034200 ____A [BB82CC2F51F7C3D5DCD13FA3B040D8F8] (Microsoft Corporation) C:\Windows\System32\Drivers\fs_rec.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000062872 ____A [FB55F4ACC55261B25B3FF1B5BF87F10A] (Microsoft Corporation) C:\Windows\System32\Drivers\fsdepends.sys
2017-09-29 05:43 - 2017-09-29 05:43 - 000727448 ____A [11C39CA2326F1F1DBEC11C7A3D26A6A4] (Microsoft Corporation) C:\Windows\System32\Drivers\fvevol.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000441240 ____A [B73B5FFA16F32B914AB772028883257D] (Microsoft Corporation) C:\Windows\System32\Drivers\FWPKCLNT.SYS
2017-09-29 05:41 - 2017-09-29 05:41 - 000020992 ____A [8B34E3F794F652082D7E8AF112F71681] (Microsoft Corporation) C:\Windows\System32\Drivers\genericusbfn.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 003440660 ____A [7F29903CB8F5590D52DB0C9F97049A25] () C:\Windows\System32\Drivers\gm.dls
2017-09-29 05:41 - 2017-09-29 05:41 - 000000646 ____A [7111BFA692A22E4B3C07F1E6C6FF6F72] () C:\Windows\System32\Drivers\gmreadme.txt
2017-09-29 05:41 - 2017-09-29 05:41 - 000008192 ____A [C7DEA3458E50B691E69EFF0B47CBCCDB] (Microsoft Corporation) C:\Windows\System32\Drivers\gpuenergydrv.sys
2017-09-29 05:40 - 2017-09-29 05:40 - 000086016 ____A [99A34FD1F6431A10D8C3BB50E170D0F2] (Microsoft Corporation) C:\Windows\System32\Drivers\hdaudbus.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000038296 ____A [2443FC6EEB9CF092B62127D867901B02] (Microsoft Corporation) C:\Windows\System32\Drivers\hidbatt.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000114688 ____A [205043CDC16ADE85E252DD54AE925161] (Microsoft Corporation) C:\Windows\System32\Drivers\hidbth.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000187392 ____A [820BCBD636AF30B53D57F0899F6BDD94] (Microsoft Corporation) C:\Windows\System32\Drivers\hidclass.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000052224 ____A [B521DDDC9038C066B1B957BF063A531A] (Microsoft Corporation) C:\Windows\System32\Drivers\hidi2c.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000050584 ____A [5AC0EBFA76E93273A806176D3178E986] (Microsoft Corporation) C:\Windows\System32\Drivers\hidinterrupt.sys
2017-09-29 05:40 - 2017-09-29 05:40 - 000046592 ____A [366AC0E05EBF5D5C375F65CD8BC7F0DF] (Microsoft Corporation) C:\Windows\System32\Drivers\hidir.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000045568 ____A [B64B7AEBF86FCF5BE73961A0417076F3] (Microsoft Corporation) C:\Windows\System32\Drivers\hidparse.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000040960 ____A [7CB54D02746024648FCE184FC3F941FF] (Microsoft Corporation) C:\Windows\System32\Drivers\hidusb.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000063520 ____A [835FB95D85D362057A72D21A48C2C7F8] (Hewlett-Packard Company) C:\Windows\System32\Drivers\HpSAMD.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 001103768 ____A [82C0A5B7D21442D063FFAFD0B6AAC086] (Microsoft Corporation) C:\Windows\System32\Drivers\http.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000073112 ____A [9F2CFC90306532866C62BDCDFD2532AA] (Microsoft Corporation) C:\Windows\System32\Drivers\hvservice.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000129432 ____A [8198CD4194504DFFF4A8A0AAFA7FB3B6] (Microsoft Corporation) C:\Windows\System32\Drivers\hvsocket.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000029592 ____A [3C65EBF7F1BFD98426C355D66876ECEE] (Microsoft Corporation) C:\Windows\System32\Drivers\hwpolicy.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000016896 ____A [7E00234C67A322988AFEA717D5609C9E] (Microsoft Corporation) C:\Windows\System32\Drivers\hyperkbd.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000028160 ____A [FBF5BB641DE99AE1DF4835E88D4F8993] (Microsoft Corporation) C:\Windows\System32\Drivers\HyperVideo.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000105984 ____A [56FF074E50F9042FD2856AB3418F4B18] (Microsoft Corporation) C:\Windows\System32\Drivers\i8042prt.sys
2017-09-29 05:40 - 2017-09-29 05:40 - 000036864 ____A [B5EC43755E62591197DE5CBBDAA9FEB7] (Intel® Corporation) C:\Windows\System32\Drivers\iagpio.sys
2017-09-29 05:40 - 2017-09-29 05:40 - 000091648 ____A [D8CA23F9C5FEF44296FDE1E005C06EC0] (Intel® Corporation) C:\Windows\System32\Drivers\iai2c.sys
2017-09-29 05:40 - 2017-09-29 05:40 - 000079360 ____A [7B769C9D19C013F94874C4B15D59A005] (Intel Corporation) C:\Windows\System32\Drivers\iaLPSS2i_GPIO2.sys
2017-09-29 05:40 - 2017-09-29 05:40 - 000088576 ____A [E0F1B3A2A70FABE3BE1C9140BB55E607] (Intel Corporation) C:\Windows\System32\Drivers\iaLPSS2i_GPIO2_BXT_P.sys
2017-09-29 05:40 - 2017-09-29 05:40 - 000171520 ____A [89A869BCC0588A3009ECB875B09ECD39] (Intel Corporation) C:\Windows\System32\Drivers\iaLPSS2i_I2C.sys
2017-09-29 05:40 - 2017-09-29 05:40 - 000174592 ____A [2E693DF3C02A0859DB8DE25772751100] (Intel Corporation) C:\Windows\System32\Drivers\iaLPSS2i_I2C_BXT_P.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000038128 ____A [16A10CCEDCF5AC4CAAE43DC9FC40392F] (Intel Corporation) C:\Windows\System32\Drivers\iaLPSSi_GPIO.sys
2017-09-29 05:40 - 2017-09-29 05:40 - 000113152 ____A [EB82A11613326691508D9ED9A4FE29E7] (Intel Corporation) C:\Windows\System32\Drivers\iaLPSSi_I2C.sys
2014-02-26 08:11 - 2014-02-26 08:11 - 000645992 ____A [815499B59D675E42A70894118E7A6422] (Intel Corporation) C:\Windows\System32\Drivers\iaStorA.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000674200 ____A [435883A27A376B125BD4DF888417C85F] (Intel Corporation) C:\Windows\System32\Drivers\iaStorAV.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000412056 ____A [7118E4390C4ACDE61E280CE52BCAF44E] (Intel Corporation) C:\Windows\System32\Drivers\iaStorV.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000526232 ____A [9DBE8C359ABACE1BE1BBAB687D114506] (Mellanox) C:\Windows\System32\Drivers\ibbus.sys
2017-06-12 00:56 - 2017-06-12 00:56 - 007970232 ____A [EEBA67845830AA226BC8863B7365BF63] (Intel Corporation) C:\Windows\System32\Drivers\igdkmd64.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000039424 ____A [42CAF6216A6E516DC56BA319ACC7EEC5] (Microsoft Corporation) C:\Windows\System32\Drivers\IndirectKmd.sys
2016-05-12 05:32 - 2016-05-12 05:32 - 000481768 ____A [E300D1E37B737ED14F7A08CD5604E5D9] (Intel® Corporation) C:\Windows\System32\Drivers\IntcDAud.sys
2013-12-14 15:42 - 2013-12-14 15:34 - 000039320 ____A [4011430BC9DA46ADFAE9915EFEC312FB] (Intel Corporation) C:\Windows\System32\Drivers\intelaud.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000019352 ____A [40943C1CD031ACE06A8374AD56B9E5EA] (Microsoft Corporation) C:\Windows\System32\Drivers\intelide.sys
2014-10-25 03:07 - 2013-09-16 11:20 - 000016344 ____A [DFDA21923BF4BE5B5686A41623E38B3E] (Intel Corporation) C:\Windows\System32\Drivers\IntelMEFWVer.dll
2017-09-29 05:41 - 2017-09-29 05:41 - 000130640 ____A [327D9CCF5492543AEF3979F9EEAD02BE] (Microsoft Corporation) C:\Windows\System32\Drivers\intelpep.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000198656 ____A [10F2757836F41BFAEA2AE19F6FE869B2] (Microsoft Corporation) C:\Windows\System32\Drivers\intelppm.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000038912 ____A [8387E90B551B9B7F32EDC69909591E9E] (Microsoft Corporation) C:\Windows\System32\Drivers\invdimm.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000056728 ____A [E207078E0E1BB3524277DB9077E4148E] (Microsoft Corporation) C:\Windows\System32\Drivers\iorate.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000085504 ____A [FD8F64B7B345E539F2EA7F72846F83B4] (Microsoft Corporation) C:\Windows\System32\Drivers\ipfltdrv.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000092056 ____A [8AAB863E72A4F9C578FED2EE3541545B] (Microsoft Corporation) C:\Windows\System32\Drivers\IPMIDrv.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000214016 ____A [7BEC2AF23F586EFF0DB4DBF4331B0C70] (Microsoft Corporation) C:\Windows\System32\Drivers\ipnat.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000026112 ____A [35A54F19E703D4FE5919F812F6CC5D0A] (Microsoft Corporation) C:\Windows\System32\Drivers\ipt.sys
2017-09-29 05:42 - 2017-09-29 05:42 - 000119808 ____A [359CDDBC825959DA28FA886B3C271B53] (Microsoft Corporation) C:\Windows\System32\Drivers\irda.sys
2017-09-29 05:42 - 2017-09-29 05:42 - 000019968 ____A [F88664A2A82DDA456180FFF95A771765] (Microsoft Corporation) C:\Windows\System32\Drivers\irenum.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000022936 ____A [2296B158C43C306B0AC5B4D57EA9F0E1] (Microsoft Corporation) C:\Windows\System32\Drivers\isapnp.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000063384 ____A [E320F986BBE0CD9324EA0A193EBF29B1] (Microsoft Corporation) C:\Windows\System32\Drivers\kbdclass.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000040448 ____A [AFF5DDCC1A79217C9526FF5E01A69E89] (Microsoft Corporation) C:\Windows\System32\Drivers\kbdhid.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000023040 ____A [916E62AF3386F7A74603E5C545F6FF2D] (Microsoft Corporation) C:\Windows\System32\Drivers\kdnic.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000394752 ____A [C6E3A33CC4D5A62ED7EE852EACA55A3F] (Microsoft Corporation) C:\Windows\System32\Drivers\ks.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000139672 ____A [69FA8BEBADF807089FEFCD3F59CFAC1E] (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000170904 ____A [C1081E2B36F77781167FD9401119B98E] (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000027136 ____A [DD8C4726127CFE313233372D70787C37] (Microsoft Corporation) C:\Windows\System32\Drivers\ksthunk.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000065024 ____A [CB5A6E117502156794F0DA9E61506006] (Microsoft Corporation) C:\Windows\System32\Drivers\lltdio.sys
2018-01-10 02:11 - 2018-01-10 02:12 - 000061304 ____A [FB9372BC10F162645F64884A47B5F79D] () C:\Windows\System32\Drivers\lpsport.sys
2017-07-24 16:34 - 2017-07-24 16:34 - 000061304 ____A [FB9372BC10F162645F64884A47B5F79D] () C:\Windows\System32\Drivers\lpsport.sys.150094287139002.150616461346902
2017-07-24 16:34 - 2017-09-23 03:03 - 000061304 ____A [FB9372BC10F162645F64884A47B5F79D] () C:\Windows\System32\Drivers\lpsport.sys.150094287139002.150817455484402
2018-01-10 02:11 - 2018-01-10 02:11 - 000061304 ____A [FB9372BC10F162645F64884A47B5F79D] () C:\Windows\System32\Drivers\lpsport.sys.151557907084302.151557913659302
2017-09-29 05:41 - 2017-09-29 05:41 - 000108064 ____A [20048BEE892138A745B1C23EBB0E069F] (LSI Corporation) C:\Windows\System32\Drivers\lsi_sas.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000123800 ____A [9EAB16572B576979D585DDEDB12417CD] (LSI Corporation) C:\Windows\System32\Drivers\lsi_sas2i.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000103320 ____A [3B7B359C0870317106DF3438D4FF491D] (Avago Technologies) C:\Windows\System32\Drivers\lsi_sas3i.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000082840 ____A [2DE03BA338A4B0ACDB416A30F1C7D56F] (LSI Corporation) C:\Windows\System32\Drivers\lsi_sss.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000124928 ____A [15752BA87D1B0AB4EEF352A0FDEE8742] (Microsoft Corporation) C:\Windows\System32\Drivers\luafv.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000505240 ____A [BF56CB9D02DEE8CA9CBA50220BE16F15] (Microsoft Corporation) C:\Windows\System32\Drivers\mausbhost.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000055840 ____A [01BDEE1FFF6D2216797DFEE4ABD937D9] (Microsoft Corporation) C:\Windows\System32\Drivers\mausbip.sys
2017-09-29 05:42 - 2017-09-29 05:42 - 000023552 ____A [8EBBA9BA25AF5E62B30231BC1474994F] (Microsoft Corporation) C:\Windows\System32\Drivers\mcd.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000059800 ____A [C7B8B5053D646CBD30BE1BA6B487D396] (Avago Technologies) C:\Windows\System32\Drivers\megasas.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000063520 ____A [EB8ED3204499DDB2D3BA094A4563EE3E] (Avago Technologies) C:\Windows\System32\Drivers\MegaSas2i.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000575896 ____A [F1C1D4E752DE1D58295040E5BE8813AF] (LSI Corporation, Inc.) C:\Windows\System32\Drivers\megasr.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000078848 ____A [47BF82E2A6D11279C8501E08518AB835] (Microsoft Corporation) C:\Windows\System32\Drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys
2015-05-14 03:03 - 2015-05-14 03:03 - 000030893 ____A [40F24A4A58D758D10E0BCE72F050988A] () C:\Windows\System32\Drivers\Mixer.ini
2017-09-29 05:41 - 2017-09-29 05:41 - 000842648 ____A [16B078D1089FEA98710C9D07C152DCEE] (Mellanox) C:\Windows\System32\Drivers\mlx4_bus.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000043520 ____A [20C57CE47B1A877C48A4B68E9A4E21FA] (Microsoft Corporation) C:\Windows\System32\Drivers\mmcss.sys
2017-09-29 05:42 - 2017-09-29 05:42 - 000042496 ____A [A4467A5C080318F0CCCF5ED463821F8B] (Microsoft Corporation) C:\Windows\System32\Drivers\modem.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000038912 ____A [78BE85C1F1C7F3AF6C87BCE127007D5A] (Microsoft Corporation) C:\Windows\System32\Drivers\monitor.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000057240 ____A [8E262B34A8BD184B4B3025AA8C396B00] (Microsoft Corporation) C:\Windows\System32\Drivers\mouclass.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000032768 ____A [C094A555F148495EA130D3BBC5232D5E] (Microsoft Corporation) C:\Windows\System32\Drivers\mouhid.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000103320 ____A [6434BC884502E95EEA2379C92DD22B60] (Microsoft Corporation) C:\Windows\System32\Drivers\mountmgr.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000075776 ____A [F36E4074C66DD31855A8D79EF0AE8066] (Microsoft Corporation) C:\Windows\System32\Drivers\mpsdrv.sys
2017-09-29 05:42 - 2017-09-29 05:42 - 000143872 ____A [215D672CB71987CD98EB2298EFB84DDC] (Microsoft Corporation) C:\Windows\System32\Drivers\mrxdav.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000496536 ____A [6FC2E733C7172B6BFAD383B108E56F92] (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb.sys
2017-09-29 05:41 - 2017-09-29 06:42 - 000285696 ____A [69CD4C0B17BE0E45F44D7140E3AA28D7] (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb10.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000231456 ____A [F1BD645617435B5295AFBE13A8C2CF85] (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb20.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000031232 ____A [AE111778CA6AC08862B3C713F0413333] (Microsoft Corporation) C:\Windows\System32\Drivers\msfs.sys
2015-02-01 01:26 - 2015-02-01 01:26 - 000000000 ____A [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\Msft_Kernel_ldiagio_uefi_01009.Wdf
2016-09-20 09:30 - 2016-09-20 09:30 - 000000000 ____A [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2014-04-03 10:16 - 2014-04-03 10:16 - 000000000 ____A [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2015-04-22 20:16 - 2015-04-22 20:16 - 000000000 ____A [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2017-09-29 05:41 - 2017-09-29 05:41 - 000169880 ____A [127C23F4720C8902A3AB0FEE12205317] (Microsoft Corporation) C:\Windows\System32\Drivers\msgpioclx.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000049048 ____A [6DDDFCAB646BBBCFC583135C4430E10F] (Microsoft Corporation) C:\Windows\System32\Drivers\msgpiowin32.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000008704 ____A [01C6A86BEA8279E557A5056148F068BF] (Microsoft Corporation) C:\Windows\System32\Drivers\mshidkmdf.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000011776 ____A [F65ABC7DE945047147F17330F79732CB] (Microsoft Corporation) C:\Windows\System32\Drivers\mshidumdf.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000027136 ____A [3737FE486929AFC48F1D10677B698E52] (Microsoft Corporation) C:\Windows\System32\Drivers\mshwnclx.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000018840 ____A [05B23012427801E710BDD12720B9020B] (Microsoft Corporation) C:\Windows\System32\Drivers\msisadrv.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000279448 ____A [2DC0765992CFECE3B13F3BFD20E69DCC] (Microsoft Corporation) C:\Windows\System32\Drivers\msiscsi.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000033280 ____A [B25B2CD3E052D68075A3814AAA0C6421] (Microsoft Corporation) C:\Windows\System32\Drivers\mskssrv.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000084480 ____A [C3F5EA6B9041A30B4F11BE2E7863E487] (Microsoft Corporation) C:\Windows\System32\Drivers\mslldp.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000010752 ____A [601D666820F0408B896791D19BE6D258] (Microsoft Corporation) C:\Windows\System32\Drivers\mspclock.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000010752 ____A [46E61FBA0097E48E5628C74A3F72233A] (Microsoft Corporation) C:\Windows\System32\Drivers\mspqm.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000376864 ____A [4EB9B77179BDEE89C496E60D4BF85CC1] (Microsoft Corporation) C:\Windows\System32\Drivers\msrpc.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000040856 ____A [CBD56E0B55FB3672BA80382EC2F8835C] (Microsoft Corporation) C:\Windows\System32\Drivers\mssmbios.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000012800 ____A [5734B2A36D3BB13A638E5305EEEC582D] (Microsoft Corporation) C:\Windows\System32\Drivers\mstee.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000016896 ____A [85270E0DC6907C6B99F72A36F17AED34] (Microsoft Corporation) C:\Windows\System32\Drivers\MTConfig.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000123800 ____A [DB5B1539F5EBB3DD3A7ED25ADBC4D6D9] (Microsoft Corporation) C:\Windows\System32\Drivers\mup.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000063896 ____A [3C57FF3BCF496D24C39C2198158864BB] (Marvell Semiconductor, Inc.) C:\Windows\System32\Drivers\mvumis.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000108952 ____A [77B047B109CE758A017F58FAE5038D0D] (Mellanox) C:\Windows\System32\Drivers\ndfltr.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 001278872 ____A [9D46AAE948FF894FE979E518E2FC1532] (Microsoft Corporation) C:\Windows\System32\Drivers\ndis.sys
2017-09-29 05:42 - 2017-09-29 05:42 - 000050688 ____A [067AE5BA349CC35AF8975D22DC483DDF] (Microsoft Corporation) C:\Windows\System32\Drivers\ndiscap.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000128000 ____A [6FC4D7EB5D38CFB7966405036116F065] (Microsoft Corporation) C:\Windows\System32\Drivers\NdisImPlatform.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000027136 ____A [ED7CC4E16B76B2603C9F827188EA63B4] (Microsoft Corporation) C:\Windows\System32\Drivers\ndistapi.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000065024 ____A [8D977AFC195A3F4B15B05D02B2BD0292] (Microsoft Corporation) C:\Windows\System32\Drivers\ndisuio.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000021504 ____A [DC1D26D62F40B7552BCF49D92774F0C5] (Microsoft Corporation) C:\Windows\System32\Drivers\NdisVirtualBus.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000192000 ____A [66F56AC744101DB870934D0EB31C2426] (Microsoft Corporation) C:\Windows\System32\Drivers\ndiswan.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000062464 ____A [AC908EF74DB5BC1DC7FB2BF0205D4FF1] (Microsoft Corporation) C:\Windows\System32\Drivers\ndproxy.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000124416 ____A [A791792DC412CCD83DA0AF6871682552] (Microsoft Corporation) C:\Windows\System32\Drivers\Ndu.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000132608 ____A [BE79982A50AC88BC0765F3AFECFCB596] (Microsoft Corporation) C:\Windows\System32\Drivers\NetAdapterCx.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000057752 ____A [AAC1622CA213F7DA660A04FD51B730C3] (Microsoft Corporation) C:\Windows\System32\Drivers\netbios.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000316928 ____A [401C17200AA0433D94EA61695F111DC3] (Microsoft Corporation) C:\Windows\System32\Drivers\netbt.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000535960 ____A [468F74FAA1F54F8C12C061E56A01ABE2] (Microsoft Corporation) C:\Windows\System32\Drivers\netio.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000192512 ____A [FD1DA80FF495D4B928A65F40FCCCF387] (Microsoft Corporation) C:\Windows\System32\Drivers\netvsc.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000073216 ____A [84EB8F01B140618518AFF30B9951F132] (Microsoft Corporation) C:\Windows\System32\Drivers\npfs.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000026112 ____A [5CB8082E51DE7D19042F0FF8C517CB0D] (Microsoft Corporation) C:\Windows\System32\Drivers\npsvctrig.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000044544 ____A [958921BB7AE2671983743FDA0DD587C4] (Microsoft Corporation) C:\Windows\System32\Drivers\nsiproxy.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 002400664 ____A [0DB37D28BF3CF9FCBB79CA6912064866] (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000019864 ____A [48E2DF9C503F73A48E07FC1BFB6EAF7A] (Microsoft Corporation) C:\Windows\System32\Drivers\ntosext.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000007168 ____A [0D1E03A5F87F4DE04D97622C686910A2] (Microsoft Corporation) C:\Windows\System32\Drivers\null.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000088576 ____A [532F27A2B62D70C327E763F035AED6C1] (Microsoft Corporation) C:\Windows\System32\Drivers\nvdimmn.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000150424 ____A [7E04652EB1A476BC0A72ECDC613AF0C5] (NVIDIA Corporation) C:\Windows\System32\Drivers\nvraid.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000166296 ____A [880B3E874914DAEF97119876543AE117] (NVIDIA Corporation) C:\Windows\System32\Drivers\nvstor.sys
2017-09-29 05:42 - 2017-09-29 05:42 - 000528896 ____A [3A26F5D024839EDAE48BFD2349C233CE] (Microsoft Corporation) C:\Windows\System32\Drivers\nwifi.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000152984 ____A [5818FE76C3C6AE0CA723EBE483BF447F] (Microsoft Corporation) C:\Windows\System32\Drivers\pacer.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000098816 ____A [2E07EC2C1622F5E7B535D62DCD61F3AB] (Microsoft Corporation) C:\Windows\System32\Drivers\parport.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000165784 ____A [269884AAC55AE567A0A955703C62CA29] (Microsoft Corporation) C:\Windows\System32\Drivers\partmgr.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000362904 ____A [5B329AD314E26B77DF4B603B8E65CA60] (Microsoft Corporation) C:\Windows\System32\Drivers\pci.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000016280 ____A [E5AF806815ED797086629741F29E4156] (Microsoft Corporation) C:\Windows\System32\Drivers\pciide.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000053144 ____A [220445F0717DA97F56512DCACEB185F6] (Microsoft Corporation) C:\Windows\System32\Drivers\pciidex.sys
2017-09-29 05:40 - 2017-09-29 05:40 - 000119704 ____A [2A631D447B988AFBE847CBAA8E5CC298] (Microsoft Corporation) C:\Windows\System32\Drivers\pcmcia.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000053144 ____A [ACD510CF2B631A2D36B2CFB7D31E22FD] (Microsoft Corporation) C:\Windows\System32\Drivers\pcw.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000123288 ____A [1796112EB89559910BC18865A29C8894] (Microsoft Corporation) C:\Windows\System32\Drivers\pdc.sys
2017-09-29 05:42 - 2017-09-29 05:42 - 000723968 ____A [F21127EDE5D72090A1B029AFF4AFFD17] (Microsoft Corporation) C:\Windows\System32\Drivers\PEAuth.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000058776 ____A [35FD028E4323018202C0B7D115FD3AEF] (Avago Technologies) C:\Windows\System32\Drivers\percsas2i.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000061848 ____A [F9F3D8BE9BC9241CC726197261362AC4] (Avago Technologies) C:\Windows\System32\Drivers\percsas3i.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000100352 ____A [36D43EA5517F3F4AAAC8EE061C957EF1] (Microsoft Corporation) C:\Windows\System32\Drivers\pmem.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000016896 ____A [59048555B59FD69287CFAB6022B5CC86] (Microsoft Corporation) C:\Windows\System32\Drivers\pnpmem.sys
2017-09-29 05:40 - 2017-09-29 05:40 - 000379392 ____A [B838D96B1F1B156698C52084D3696B5B] (Microsoft Corporation) C:\Windows\System32\Drivers\portcls.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000177152 ____A [B1111C47F128C946BDC87A18E44007EB] (Microsoft Corporation) C:\Windows\System32\Drivers\processr.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000049152 ____A [16F9A6B593B52EB18F7ECB9D251BDF7A] (Microsoft Corporation) C:\Windows\System32\Drivers\qwavedrv.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000039832 ____A [13600C467512147E99052806F2C1307A] (Microsoft Corporation) C:\Windows\System32\Drivers\ramdisk.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000017920 ____A [F57D1DE0C9522BCD590A69D044641B5A] (Microsoft Corporation) C:\Windows\System32\Drivers\rasacd.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000106496 ____A [E0220BB6580D34001D4D1D133052DAA4] (Microsoft Corporation) C:\Windows\System32\Drivers\rasl2tp.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000082944 ____A [12EE1D92F4E5FAE4B6F65195A2016CE5] (Microsoft Corporation) C:\Windows\System32\Drivers\raspppoe.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000097280 ____A [C6010D36B68FB534D1B1245978C9921D] (Microsoft Corporation) C:\Windows\System32\Drivers\raspptp.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000078336 ____A [91CE469015979E5B3C3DBC2C41A476E8] (Microsoft Corporation) C:\Windows\System32\Drivers\rassstp.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000426904 ____A [D8E3DCD99EE553522EF2237A0051E663] (Microsoft Corporation) C:\Windows\System32\Drivers\rdbss.sys
2017-09-29 05:41 - 2017-09-29 06:42 - 000027136 ____A [8A5285B38A203D15110E142DE68406DD] (Microsoft Corporation) C:\Windows\System32\Drivers\rdpbus.sys
2017-09-29 05:42 - 2017-09-29 06:42 - 000182784 ____A [DF83769C92527DB50653F8FB57D001FF] (Microsoft Corporation) C:\Windows\System32\Drivers\rdpdr.sys
2017-09-29 05:42 - 2017-09-29 06:42 - 000030616 ____A [4D1A63ACEC42A88E52AFC4E84A8CE9EE] (Microsoft Corporation) C:\Windows\System32\Drivers\rdpvideominiport.sys
2017-09-29 05:42 - 2017-09-29 05:42 - 000282520 ____A [12AF835862F2B6B2FB9DEA8BA2288587] (Microsoft Corporation) C:\Windows\System32\Drivers\rdyboost.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 001849752 ____A [FB0577F6BC9E07549CEACF5224327499] (Microsoft Corporation) C:\Windows\System32\Drivers\refs.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000936856 ____A [4136BCA61BCDCC79DCE145F9CB639CD6] (Microsoft Corporation) C:\Windows\System32\Drivers\refsv1.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000189440 ____A [5BF7698021DB13B55753FD921BEBE318] (Microsoft Corporation) C:\Windows\System32\Drivers\rfcomm.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000043008 ____A [A52F611E08BB6D54267772BE7110E25E] (Microsoft Corporation) C:\Windows\System32\Drivers\RfxVmt.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000103936 ____A [BBC228CA2F96B784B01FE7F1C5E3CFBB] (Microsoft Corporation) C:\Windows\System32\Drivers\rhproxy.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000149504 ____A [76DD394A9C1DDABBEC00A3DC5250E80E] (Microsoft Corporation) C:\Windows\System32\Drivers\rmcast.sys
2017-09-29 05:42 - 2017-09-29 05:42 - 000035328 ____A [8AAC4807C34765804A277CFFE08D5848] (Microsoft Corporation) C:\Windows\System32\Drivers\RNDISMP.sys
2017-09-29 05:42 - 2017-09-29 05:42 - 000013312 ____A [F352CFA03B63916117D1D2A1529253A9] (Microsoft Corporation) C:\Windows\System32\Drivers\rootmdm.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000080896 ____A [27B80E5766B114621980F82FB78E912A] (Microsoft Corporation) C:\Windows\System32\Drivers\rspndr.sys
2015-07-22 17:56 - 2015-07-22 17:56 - 000886528 ____A [CF0F908B50CD8FB12B7B69DA56A44681] (Realtek ) C:\Windows\System32\Drivers\rt640x64.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000059904 ___RA [008C4CAFB968C89CE81379553DC3F634] (Realtek) C:\Windows\System32\Drivers\rteth.sys
2015-06-04 10:41 - 2015-06-04 10:41 - 000615728 ____A [9EE3AE4BA7406194F109EFC2864DD35B] (Realtek Semiconductor Corporation) C:\Windows\System32\Drivers\RtkBtfilter.sys
2015-07-03 09:00 - 2015-07-03 09:00 - 000410880 ____A [87CCF37EC2858FCF7689F8FC0B72F39A] (Realsil Semiconductor Corporation) C:\Windows\System32\Drivers\RtsUer.sys
2015-06-16 07:22 - 2015-06-16 07:22 - 003068160 ____A [14F73F34745B8EEF780181910B3BF41F] (Realtek Semiconductor Corp.) C:\Windows\System32\Drivers\rtsuvc.sys
2014-10-25 03:17 - 2013-08-08 00:27 - 000329944 ____A [28B356BAB74470786867BF4DC261E17C] (Realtek Semiconductor Corp.) C:\Windows\System32\Drivers\RtsUVStor.sys
2017-09-29 05:40 - 2017-09-29 05:40 - 006320640 ____A [8337DEB89F47A29ABC0C64757BBEF522] (Realtek Semiconductor Corporation ) C:\Windows\System32\Drivers\rtwlane.sys
2016-09-20 09:31 - 2013-08-08 08:41 - 000001432 ____A [3C05C261093EE05BFC2F7F0FCB8DA33B] () C:\Windows\System32\Drivers\SamSfPa.dat
2017-09-29 05:41 - 2017-09-29 05:41 - 000109976 ____A [324FA3C337EB54B43448F7B08444DC8D] (Microsoft Corporation) C:\Windows\System32\Drivers\sbp2port.sys
2016-06-27 19:41 - 2016-05-24 15:06 - 000137280 ____A [81912490882BE0F971B582AD1C33CA57] (Power Software Ltd) C:\Windows\System32\Drivers\scdemu.sys
2017-09-29 05:42 - 2017-09-29 05:42 - 000043008 ____A [62A33CE69DB508BCEC63F4D3BFF400CE] (Microsoft Corporation) C:\Windows\System32\Drivers\scfilter.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000118168 ____A [7B057373146CC4E5A1F1DA665EA55DC7] (Microsoft Corporation) C:\Windows\System32\Drivers\scmbus.sys
2017-09-29 05:42 - 2017-09-29 05:42 - 000175512 ____A [AB4DB5667AD3AAD3BEC29F9BBBFACB25] (Microsoft Corporation) C:\Windows\System32\Drivers\scsiport.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000285080 ____A [429FAA2D3AC8AE4A0086801ADB9D3F1A] (Microsoft Corporation) C:\Windows\System32\Drivers\sdbus.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000033176 ____A [6D3853838864886B4F10B074282772E0] (Microsoft Corporation) C:\Windows\System32\Drivers\SDFRd.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000097688 ____A [0E28A82A41FC00DB73DD0AD5660B5209] (Microsoft Corporation) C:\Windows\System32\Drivers\sdport.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000096664 ____A [C289832A3174DC9D393C7603C511DF79] (Microsoft Corporation) C:\Windows\System32\Drivers\sdstor.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000074784 ____A [75A27472AFD009255DBDE52038E3BDB5] (Microsoft Corporation) C:\Windows\System32\Drivers\SerCx.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000154520 ____A [84005F54308109A022413D628E966412] (Microsoft Corporation) C:\Windows\System32\Drivers\SerCx2.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000025088 ____A [40384793F74CFFA45BCC38DF65E978EC] (Microsoft Corporation) C:\Windows\System32\Drivers\serenum.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000084992 ____A [699470AD24D67908991A777716A352FD] (Microsoft Corporation) C:\Windows\System32\Drivers\serial.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000028160 ____A [92453F065F52A8EF0328A926B2C9502F] (Microsoft Corporation) C:\Windows\System32\Drivers\sermouse.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000017920 ____A [1D8920C40F19B5FBA5F4897779840AD1] (Microsoft Corporation) C:\Windows\System32\Drivers\sfloppy.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000044952 ____A [A871F9CC9CF388DC7193D22EF8D8C8DF] (Silicon Integrated Systems Corp.) C:\Windows\System32\Drivers\sisraid2.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000081816 ____A [D30FC341550CC364880950152AE8B1C5] (Silicon Integrated Systems) C:\Windows\System32\Drivers\sisraid4.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000034200 ____A [7FB6AF2146295743003CDFA5D41E2114] (Microsoft Corporation) C:\Windows\System32\Drivers\SleepStudyHelper.sys
2017-09-29 05:42 - 2017-09-29 05:42 - 000021504 ____A [5D798558A0D77530A35AEBF7E0385AB8] (Microsoft Corporation) C:\Windows\System32\Drivers\smclib.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000171416 ____A [884F95FC62BF9BCA97064A5D509BBC1E] (Microsoft Corporation) C:\Windows\System32\Drivers\spacedump.sys
2018-01-10 04:56 - 2018-01-10 04:56 - 000571288 ____A [0D802FD61230221D2B79B0744989AA0B] (Microsoft Corporation) C:\Windows\System32\Drivers\spaceport.sys
2017-09-29 05:42 - 2017-09-29 06:42 - 000056216 ____A [CCECE7E96B4F7B0E9F0FC82F6DADA917] (Microsoft Corporation) C:\Windows\System32\Drivers\SpatialGraphFilter.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000081816 ____A [545507AF670BC88B89200A118513ED9A] (Microsoft Corporation) C:\Windows\System32\Drivers\SpbCx.sys
2017-09-29 05:41 - 2018-01-10 04:58 - 000422912 ____A [450EF7C2F2238FA6AE9389205FA4D8E9] (Microsoft Corporation) C:\Windows\System32\Drivers\srv.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000726016 ____A [E6F18F234E0848BA7D6FD3B3700D50B0] (Microsoft Corporation) C:\Windows\System32\Drivers\srv2.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000258560 ____A [FE7D52F9B83E2CC670E660529E930858] (Microsoft Corporation) C:\Windows\System32\Drivers\srvnet.sys
2016-07-22 04:51 - 2016-09-05 04:47 - 000131712 ____A [9593475FBC857A05D93BFF4FA7323C2B] (Samsung Electronics Co., Ltd.) C:\Windows\System32\Drivers\ssudbus.sys
2016-07-22 04:51 - 2016-09-05 04:47 - 000165504 ____A [592FF34A2FD6C6351B8A3AA76B2C0A9E] (Samsung Electronics Co., Ltd.) C:\Windows\System32\Drivers\ssudmdm.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000031128 ____A [162A805E13B3C0DD06AE8B6FC1900156] (Promise Technology, Inc.) C:\Windows\System32\Drivers\stexstor.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000149400 ____A [2F6634F70BC69D3B66EAA38AF65633C2] (Microsoft Corporation) C:\Windows\System32\Drivers\storahci.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000103320 ____A [DA0097E6C70EA25F6020CC97C7828F70] (Microsoft Corporation) C:\Windows\System32\Drivers\stornvme.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000559512 ____A [86166524C1AF08D58A06650F87A1E051] (Microsoft Corporation) C:\Windows\System32\Drivers\storport.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000079872 ____A [57377953F5688158054BC8CB5A243115] (Microsoft Corporation) C:\Windows\System32\Drivers\storqosflt.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000045464 ____A [E874CF906FF8B6582ABD311881ABDE1D] (Microsoft Corporation) C:\Windows\System32\Drivers\storufs.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000039320 ____A [9B431079624306B5659B3B7208A71C75] (Microsoft Corporation) C:\Windows\System32\Drivers\storvsc.sys
2017-09-29 05:42 - 2017-09-29 05:42 - 000075264 ____A [10D81F0372D0CCEC7F51AF0594582B19] (Microsoft Corporation) C:\Windows\System32\Drivers\stream.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000018328 ____A [027B27E4B9DB3931D64159B81BD915A0] (Microsoft Corporation) C:\Windows\System32\Drivers\swenum.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000064512 ____A [AB15F9FDCD11D5283891BC956E8C5C95] (Microsoft Corporation) C:\Windows\System32\Drivers\Synth3dVsc.sys
2017-09-29 05:42 - 2017-09-29 05:42 - 000031232 ____A [C1787BCABA41E38D4EAAC1C79C3CAD51] (Microsoft Corporation) C:\Windows\System32\Drivers\tape.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000028056 ____A [91D8B244BF00AB268BB4712B63E0BC4F] (Microsoft Corporation) C:\Windows\System32\Drivers\tbs.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 002773400 ____A [420A2A36A7E04D137DB35126C0C451A3] (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000051712 ____A [74A1BF4093FA7B7D6C9366A39911A78E] (Microsoft Corporation) C:\Windows\System32\Drivers\tcpipreg.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000040344 ____A [CF6E1B77CD5BA19FE2092C0731044696] (Microsoft Corporation) C:\Windows\System32\Drivers\tdi.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000121240 ____A [571D82ABAC428D902ACA0CF60373C039] (Microsoft Corporation) C:\Windows\System32\Drivers\tdx.sys
2013-11-04 05:13 - 2013-09-16 11:20 - 000099288 ____A [E0EF6C1399A9B1AAA0B28590411BED04] (Intel Corporation) C:\Windows\System32\Drivers\TeeDriverx64.sys
2017-09-29 05:41 - 2017-09-29 06:42 - 000037272 ____A [B4B68E1DB59456419D9E49645729502A] (Microsoft Corporation) C:\Windows\System32\Drivers\terminpt.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000128408 ____A [23E31ECBCE378EC3B5E008EDEE688ED0] (Microsoft Corporation) C:\Windows\System32\Drivers\tm.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000229272 ____A [1658D060057C85DEC82BFCB018C4C22F] (Microsoft Corporation) C:\Windows\System32\Drivers\tpm.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000062976 ____A [8D811209E34358EAD3FD8E40F657E59C] (Microsoft Corporation) C:\Windows\System32\Drivers\TsUsbFlt.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000035328 ____A [68DE1735FB020AE8948BD7B60F2EBD3B] (Microsoft Corporation) C:\Windows\System32\Drivers\TsUsbGD.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000106496 ____A [ACD39B0E5CFDA7B1AB7DF33FC5CC0E46] (Microsoft Corporation) C:\Windows\System32\Drivers\tunnel.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000079256 ____A [04FC2C7F73AE58BF0DD674164E28A6DF] (Microsoft Corporation) C:\Windows\System32\Drivers\uaspstor.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000114688 ____A [772425EEAE19FDB2360ADBBA1D0F9788] (Microsoft Corporation) C:\Windows\System32\Drivers\UcmCx.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000146944 ____A [950A3E42167904CAB9AA64863C31CEB5] (Microsoft Corporation) C:\Windows\System32\Drivers\UcmTcpciCx.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000057344 ____A [C2954CB6F27A2BC633402AFEB4BAB87A] (Microsoft Corporation) C:\Windows\System32\Drivers\UcmUcsi.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000227224 ____A [E6E91B3980A495D2A9D28A09580EA993] (Microsoft Corporation) C:\Windows\System32\Drivers\Ucx01000.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000045056 ____A [DACA289DFFA7658C04FEF6DCFA2AA9CE] (Microsoft Corporation) C:\Windows\System32\Drivers\Udecx.sys
2017-09-29 05:42 - 2017-09-29 05:42 - 000323072 ____A [12383D410AEF99AD6979A8EFD3D61888] (Microsoft Corporation) C:\Windows\System32\Drivers\udfs.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000028568 ____A [AB7FE51D818B6059C2F56FA62268CCAC] (Microsoft Corporation) C:\Windows\System32\Drivers\uefi.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000266648 ____A [58447F28E697A93521DD20530A8D50ED] (Microsoft Corporation) C:\Windows\System32\Drivers\ufx01000.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000097312 ____A [69ED2D00A7787D9D84E6C90CE0B02B2D] (Microsoft Corporation) C:\Windows\System32\Drivers\UfxChipidea.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000140696 ____A [F061EC57330FBC597A4E7298BE667780] (Microsoft Corporation) C:\Windows\System32\Drivers\ufxsynopsys.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000056320 ____A [D40BCED160D332005AF612E1228825E6] (Microsoft Corporation) C:\Windows\System32\Drivers\umbus.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000014336 ____A [64CF24D7B1FA4975C52A31BF4C82EB73] (Microsoft Corporation) C:\Windows\System32\Drivers\umpass.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000028568 ____A [ACE4C3B4C7D17B154FFC5BBE5F7A9835] (Microsoft Corporation) C:\Windows\System32\Drivers\urschipidea.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000060824 ____A [A46B550A3EA21518D5BCEBC99BD7D678] (Microsoft Corporation) C:\Windows\System32\Drivers\urscx01000.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000027544 ____A [EB738F830D3E7EA62A218F101EF91FD4] (Microsoft Corporation) C:\Windows\System32\Drivers\urssynopsys.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000023040 ____A [27AB45FC946C9EDB107AB3EF6E553294] (Microsoft Corporation) C:\Windows\System32\Drivers\usb8023.sys
2017-09-29 05:42 - 2017-09-29 05:42 - 000037376 ____A [C7CA04A225BCA4DC48C33EDD61F95978] (Microsoft Corporation) C:\Windows\System32\Drivers\USBCAMD2.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000168856 ____A [B43E28E5CF868517EEC0923AB2BC366B] (Microsoft Corporation) C:\Windows\System32\Drivers\usbccgp.sys
2017-09-29 05:40 - 2017-09-29 05:40 - 000102912 ____A [1080D80B5F6D249F23BAE1C0C36233A4] (Microsoft Corporation) C:\Windows\System32\Drivers\usbcir.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000032152 ____A [119288567F7C69403E1E952B93FC5D52] (Microsoft Corporation) C:\Windows\System32\Drivers\usbd.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000095640 ____A [EE162DA2C92026A5B96ED89737975AA8] (Microsoft Corporation) C:\Windows\System32\Drivers\usbehci.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000513944 ____A [C27FEE9758E3BEDE4D48B5EDBE1122CF] (Microsoft Corporation) C:\Windows\System32\Drivers\usbhub.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000555416 ____A [E392C1CFB32FA6F8CD69B570188AD718] (Microsoft Corporation) C:\Windows\System32\Drivers\USBHUB3.SYS
2017-09-29 05:41 - 2017-09-29 05:41 - 000030720 ____A [44B954306BB2B311E070EDA276FECAB1] (Microsoft Corporation) C:\Windows\System32\Drivers\usbohci.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000454040 ____A [59C9DB31F8AF49F49EAA33141BDFF116] (Microsoft Corporation) C:\Windows\System32\Drivers\usbport.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000027136 ____A [EEF26F9034F0608B93D4D239534BB0BA] (Microsoft Corporation) C:\Windows\System32\Drivers\usbprint.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000071680 ____A [913CFF365DB1803525DBD2AA8B8188B4] (Microsoft Corporation) C:\Windows\System32\Drivers\usbser.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000130968 ____A [441CAE778B6A1FF6E618E37814A7A52A] (Microsoft Corporation) C:\Windows\System32\Drivers\USBSTOR.SYS
2017-09-29 05:41 - 2017-09-29 05:41 - 000035328 ____A [2D6BB2157B37B2D9DABF8C218F2A805B] (Microsoft Corporation) C:\Windows\System32\Drivers\usbuhci.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000437656 ____A [0B22D76E3BE6DA40AEE26C21217CBE58] (Microsoft Corporation) C:\Windows\System32\Drivers\USBXHCI.SYS
2015-02-01 03:12 - 2012-11-13 10:24 - 000045544 ____A [9AB9343BE779B5E9E3EEE36E17A2C9E0] (Fengtao Software Inc.) C:\Windows\System32\Drivers\vdrive.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000054680 ____A [C77C537077822D8EA529AD4EBFD971D6] (Microsoft Corporation) C:\Windows\System32\Drivers\vdrvroot.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000225688 ____A [9D4EEE333603F3675685F644053499D5] (Microsoft Corporation) C:\Windows\System32\Drivers\VerifierExt.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000713624 ____A [F40CD2F44533F2618B5CA29BC03EEE81] (Microsoft Corporation) C:\Windows\System32\Drivers\vhdmp.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000034816 ____A [E10FEBB566E1F0A3936AB304F338637E] (Microsoft Corporation) C:\Windows\System32\Drivers\vhf.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000044544 ____A [7109AB8A15BD9DD822858F74D903CE33] (Microsoft Corporation) C:\Windows\System32\Drivers\videoprt.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000081304 ____A [590BA79E8FDAFFC131E7DCFD2E78C60D] (Microsoft Corporation) C:\Windows\System32\Drivers\vmbkmcl.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000080384 ____A [568A8061E46DF2ECC5F17EB6F5E23FC1] (Microsoft Corporation) C:\Windows\System32\Drivers\vmbkmclr.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000109976 ____A [164E6B2919FF12911F63C7EC526ED669] (Microsoft Corporation) C:\Windows\System32\Drivers\vmbus.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000025088 ____A [DC9E0600B356258E31403789119C78A9] (Microsoft Corporation) C:\Windows\System32\Drivers\VMBusHID.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000013312 ____A [3B5DDF1061930A0A891FA63DB0CB878B] (Microsoft Corporation) C:\Windows\System32\Drivers\vmgencounter.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000010240 ____A [B24F74B2710B66F647419697BDB9E163] (Microsoft Corporation) C:\Windows\System32\Drivers\vmgid.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000009216 ____A [F0FA6B67B16EEFDEF8E8AFAD47A4F9B8] (Microsoft Corporation) C:\Windows\System32\Drivers\vms3cap.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000047512 ____A [A12CFAAA0F113A25D8CEFE58B1CBB207] (Microsoft Corporation) C:\Windows\System32\Drivers\vmstorfl.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000043008 ____A [D81F6B790519A60F3D1788B45D04B749] (Microsoft Corporation) C:\Windows\System32\Drivers\vnvdimm.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000083864 ____A [CD1474E804C0417BF2DC840AC5DF98EA] (Microsoft Corporation) C:\Windows\System32\Drivers\volmgr.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000373144 ____A [6D6CACED512C1EF1FEAC215E37E3A9BC] (Microsoft Corporation) C:\Windows\System32\Drivers\volmgrx.sys
2017-09-29 05:42 - 2017-09-29 05:42 - 000401304 ____A [6AF9BCB1FFD127B8F4E7E7B9FF9351EA] (Microsoft Corporation) C:\Windows\System32\Drivers\volsnap.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000015392 ____A [72A95A844D6BAF2924A4C15BEDFD6BCA] (Microsoft Corporation) C:\Windows\System32\Drivers\volume.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000075160 ____A [702273C7C1BE9D366BAF1305D382F03C] (Microsoft Corporation) C:\Windows\System32\Drivers\vpci.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000166808 ____A [075CE3C9E77D2666AFA888951E5F07A9] (VIA Technologies Inc.,Ltd) C:\Windows\System32\Drivers\vsmraid.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000305560 ____A [26D00E85BE4726B114335250FCDEDA89] (VIA Corporation) C:\Windows\System32\Drivers\VSTXRAID.SYS
2017-09-29 05:42 - 2017-09-29 05:42 - 000027136 ____A [3DFDB573E4D49EA8F416B573525B7A86] (Microsoft Corporation) C:\Windows\System32\Drivers\vwifibus.sys
2017-09-29 05:42 - 2017-09-29 05:42 - 000076800 ____A [A40FA64655AB5B8773A96A821616C5FC] (Microsoft Corporation) C:\Windows\System32\Drivers\vwififlt.sys
2017-09-29 05:42 - 2017-09-29 05:42 - 000040448 ____A [477C9F0F6C308327AE1233C7885B2D51] (Microsoft Corporation) C:\Windows\System32\Drivers\vwifimp.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000030720 ____A [5B5430522E0BDF2A753D758710BE7C5E] (Microsoft Corporation) C:\Windows\System32\Drivers\wacompen.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000080896 ____A [478193CE0AAD5C8515568592F1F640D1] (Microsoft Corporation) C:\Windows\System32\Drivers\wanarp.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000056320 ____A [A45F860BD52CFC4CD3B11D0FF9C371B9] (Microsoft Corporation) C:\Windows\System32\Drivers\watchdog.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000147864 ____A [85619C22A0C938F93407363C7B0467B7] (Microsoft Corporation) C:\Windows\System32\Drivers\wcifs.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000076288 ____A [9DE3FDFF295F2534DF0A8B6FC4F06355] (Microsoft Corporation) C:\Windows\System32\Drivers\wcnfs.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000044608 ____A [6FD8F1FBED780A7F3DF329C834E52AC5] (Microsoft Corporation) C:\Windows\System32\Drivers\WdBoot.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000918240 ____A [FCC960498E3CD899F0A429F7CF9E77AD] (Microsoft Corporation) C:\Windows\System32\Drivers\Wdf01000.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000309144 ____A [7D182F0F227FC141C5D2085175BE05F6] (Microsoft Corporation) C:\Windows\System32\Drivers\WdFilter.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000061664 ____A [5F61503AB1F12CCA3C71EA80C0775B42] (Microsoft Corporation) C:\Windows\System32\Drivers\WdfLdr.sys
2017-09-29 05:42 - 2017-09-29 05:42 - 000770048 ____A [943FE2802DAB5644B188AE0EC2EF4740] (Microsoft Corporation) C:\Windows\System32\Drivers\WdiWiFi.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000119192 ____A [0D38C257A7B34A818726BA2F323B196E] (Microsoft Corporation) C:\Windows\System32\Drivers\WdNisDrv.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000033792 ____A [DF58AA71FBA55E15F572C93447696DEC] (Microsoft Corporation) C:\Windows\System32\Drivers\wdnsfltr.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000045464 ____A [FB6F68C86C080A04EACDC5BFC88BE8E5] (Microsoft Corporation) C:\Windows\System32\Drivers\werkernel.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000163736 ____A [4EAE206AF1D880C9C06FB4ACD17F0506] (Microsoft Corporation) C:\Windows\System32\Drivers\wfplwfs.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000035736 ____A [C8D3FC38426E990E2787771678B19C6D] (Microsoft Corporation) C:\Windows\System32\Drivers\wimmount.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000071248 ____A [0484B0D01EA6F7017519EBDDBADE759D] (Microsoft Corporation) C:\Windows\System32\Drivers\WindowsTrustedRT.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000018000 ____A [813EE0F4D4B8D599DB1968682D080732] (Microsoft Corporation) C:\Windows\System32\Drivers\WindowsTrustedRTProxy.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000031640 ____A [1EC4B1D57475559C5574E376B89B164F] (Microsoft Corporation) C:\Windows\System32\Drivers\winhv.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000062464 ____A [71B8C69B7F11C7945ECBA5D38554C062] (Microsoft Corporation) C:\Windows\System32\Drivers\winhvr.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000032152 ____A [E23475E9150E6A50B12DB176EA5CDD56] (Mellanox) C:\Windows\System32\Drivers\winmad.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000225280 ____A [3E27B5B573DCC8DE15A93F61C01713B6] (Microsoft Corporation) C:\Windows\System32\Drivers\winnat.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000092672 ____A [E92F3539C4758F6A9F4B80CBAC75B3E6] (Microsoft Corporation) C:\Windows\System32\Drivers\winusb.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000064920 ____A [59126AFCC64270747B5CC9B44A4A48F4] (Mellanox) C:\Windows\System32\Drivers\winverbs.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000018432 ____A [E8C793ED028E132771988760819E3754] (Microsoft Corporation) C:\Windows\System32\Drivers\wmiacpi.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000020376 ____A [B9378F1750FB92F9349EA1A1FA1D7C94] (Microsoft Corporation) C:\Windows\System32\Drivers\wmilib.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000209304 ____A [8D6E6F6C233AF450C50FA615530B44D2] (Microsoft Corporation) C:\Windows\System32\Drivers\wof.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000030104 ____A [9EAE1EF282864674355B4B81DF6AE935] (Microsoft Corporation) C:\Windows\System32\Drivers\WpdUpFltr.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000033176 ____A [3426A393ABED54935C3CFE417E049D2E] (Microsoft Corporation) C:\Windows\System32\Drivers\WppRecorder.sys
2017-09-29 05:42 - 2017-09-29 05:42 - 000023040 ____A [367B3ED0C688AFE28C376B0230814567] (Microsoft Corporation) C:\Windows\System32\Drivers\ws2ifsl.sys
2014-10-25 03:54 - 2012-06-13 16:10 - 000102376 ____A [72B4E9DF6456C43C42A1419B09486045] ("CyberLink) C:\Windows\System32\Drivers\wsvd.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000115200 ____A [BD5E68B369DF3453A0A87663C6C5476D] (Microsoft Corporation) C:\Windows\System32\Drivers\WUDFPf.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000259584 ____A [A86A249314FD0A780214028B0C31A386] (Microsoft Corporation) C:\Windows\System32\Drivers\WUDFRd.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000281600 ____A [2244A4CEFE8F9C74091369ACE2E9EBC6] (Microsoft Corporation) C:\Windows\System32\Drivers\xboxgip.sys
2017-09-29 05:41 - 2017-09-29 05:41 - 000046592 ____A [4A91B49C6B1E41151D47CB919ADF013A] (Microsoft Corporation) C:\Windows\System32\Drivers\xinputhid.sys
2017-09-29 06:41 - 2017-09-29 06:42 - 000000000 ____D [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\en-US
2017-09-29 06:40 - 2017-09-29 06:40 - 000012288 ____A [695B183DF8E788A2DB149727710386A9] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\1394OHCI.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000010752 ____A [3974420A3D670BB63BE4F8C77F61C8C0] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\acpi.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000022528 ____A [629C54B4EC33BF3D298EAFB6AE509517] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\afd.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000004096 ____A [56A32BD11A60AB7E279AFB727AC714C1] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\agilevpn.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000014848 ____A [195687350C3E063D4A63AEA3370DCF69] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\amdk8.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000014848 ____A [9142CDF52CAC9F12636DBE06EDD0DAB2] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\amdppm.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000007680 ____A [B321079B8CA78E836BE09347BA6BE44F] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\ataport.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000008192 ____A [7D896C9FEEAC289D95FFDE1567CDF5F5] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\battc.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000002560 ____A [36F938AE9CC237A64CF2E015151328EB] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\bthenum.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000002560 ____A [4C1E07D86716B7D0CA7DA67B34151B44] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\BthL2Cap.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000004096 ____A [D210701C3863F5C5D5DF915DC1022F4C] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\BthMini.SYS.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000005120 ____A [9D57672C27A16CB3CB8CA9F5DEFFC6EA] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\bthpan.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000016384 ____A [9516F017B3C61DF5B1556ECFE11F0192] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\bthport.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000003584 ____A [6E24891B7073D949B8C4F88E36F6A840] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\BTHUSB.SYS.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000002560 ____A [385D821F9DAACE2DCA7DD93150196995] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\CAD.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000003072 ____A [646F926E5278604396F9D3554462AE54] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\cdrom.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000003584 ____A [2DFDDDA8A33F1EA857A6C07DA7E52A3D] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\cmimcext.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000006144 ____A [B70C5E164D13C1FC681484A405D40FFB] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\disk.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000005632 ____A [C815E96566A8EEF84C4145E494952DFA] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\dmvsc.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000007168 ____A [2BD7B8FC13D5F18416E4CA20893F21A8] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\dumpsd.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000008704 ____A [EE5BB377D53EA58369B701360D9CD8DF] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\EhStorTcgDrv.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000005632 ____A [9385B7BACB15179F96D59A077C414AB1] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\fltmgr.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000023552 ____A [716A5514DDC71B3DF71088A244021571] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\fvevol.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000008192 ____A [5FF3F1D454DDCC40E687CE984B9BF54D] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\fwpkclnt.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000002560 ____A [60ED0F2109D0FB353A96E1571F757CFA] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\hidbatt.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000005120 ____A [374C46985E16D4987EC88E5FBF1C0EED] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\hidbth.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000006656 ____A [A78A36179DFB8458C58FE926656420CA] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\hidclass.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000004096 ____A [A7230A0F7F393E7DDFF00CF9D267C60F] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\hidi2c.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000038912 ____A [5E51D196487FD8865C33FA6BFF9BB580] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\http.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000018432 ____A [C03F39B6980A9ABF047A629827B14B70] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\hvservice.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000010752 ____A [A6A16902DA276C162B4BAACCC6028374] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\i8042prt.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000003072 ____A [BF1BE9F7FC316C27FC0972325A71F855] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\IndirectKmd.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000014848 ____A [5DBEBC5A7CF4EE003D9F2379D1BDFF66] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\intelppm.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000006656 ____A [3102D3489A6254F3012DEC8AE14E04E4] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\invdimm.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000002560 ____A [62A1DCC098D7E17712C317E178936759] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\iorate.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000006144 ____A [F8A41FA49482C0D6DA3F41D0EEF7D82F] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\IPMIDRV.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000004608 ____A [4D3F2366FD2570AD3263786097AB5689] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\ipnat.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000004096 ____A [1DBB5D00EAA014AB57EFE20DAC86FB59] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\isapnp.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000004608 ____A [62799AFF4BD0AEDFF8A08C00FDA880A3] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\kbdclass.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000003072 ____A [CB922350CCBE36408C49E41E013FF3A6] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\kbdhid.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000002560 ____A [1A76FFD6739B7AA60524A850288DCFD9] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\ks.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000007168 ____A [F6060C0D03C13747FF3A3221F76B6A22] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\luafv.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000004096 ____A [3DF3BDC7DFB5B0A16E98654E2F3BCB16] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\modem.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000004608 ____A [C751B253193AAEB6104AE4A5236781A5] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\mouclass.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000003072 ____A [002E5BB0297723867C01DFECEECE0D36] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\mouhid.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000003072 ____A [8BDECDED21FF99791F821CCD2064E93D] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\mountmgr.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000067072 ____A [7490388FB50A324AD9B957CBBE194EEC] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\mrxsmb.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000002560 ____A [30156A18353D76C0EE4311E6B3756245] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\msgpiowin32.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000003072 ____A [5DD6B7532AE7758299FC44B9A9ACE595] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\mshidkmdf.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000003072 ____A [446E67D75394D7FBB0E8D35239C035B0] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\mshidumdf.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000009216 ____A [A5D18151B51CF60E996A445DB55B765F] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\mslldp.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000003584 ____A [AFBECFF6C0A2D7D72ECBBE24C45366A9] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\mssmbios.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000003072 ____A [4DF3A0131AA29205C0C132D1DE00D89E] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\MTConfig.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000013312 ____A [7A776DC6B5340E695CE3EFA3A7AECDCE] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\mup.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000067072 ____A [EE0414F44251C545F2AC6DD63E83428A] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\ndis.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000006656 ____A [01D0E1CA06B23FB1D92420D508A8BF41] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\ndiscap.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000011776 ____A [277D0D42E3D5EF02CAB8454B483B7B6F] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\NdisImPlatform.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000003584 ____A [54B7DAAEFA7EA975949A3C9B6A97F33F] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\ndisuio.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000002560 ____A [7E18F92C07102073D5FF4906E4803CC5] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\NdisVirtualBus.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000010752 ____A [454A8CB401186081AB0DB2492B6FD36A] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\netvsc.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000099328 ____A [2B09A7D85F87A80FFA10E71402AA67FC] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\ntfs.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000015872 ____A [5FF1948721938F0E437E6FFECE819111] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\nvdimmn.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000016896 ____A [EE92B73D364D5A47EBC62ABF0C0EF505] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\nwifi.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000017920 ____A [472FE73D48DF0C99763B6CFCA64EB401] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\pacer.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000004096 ____A [2FB42249A6AC5E330FE619264F040192] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\parport.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000003072 ____A [BF30B0783ADE9E3A9F97980517A722FC] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\partmgr.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000008704 ____A [4199D34C765EAA32BC7022CFE54179E0] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\pci.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000004608 ____A [B4658F6767EA2754BE34676BB348008C] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\pcmcia.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000002560 ____A [BF35BD75E6BF1FCBF33175B37003D7E0] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\pdc.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000012288 ____A [27A402FBFA53073A376B0062302A0371] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\pmem.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000003072 ____A [3DCE0204BB6E89EA29652A23F3493EF2] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\pnpmem.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000014848 ____A [C56F14E2D03A78264EEEB2682F468ABD] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\processr.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000003072 ____A [46A70655674B61ADD4CAA5CBE4F33758] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\qwavedrv.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000006144 ____A [88604AED43FBB8E430FDE6583C6E7079] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\rdbss.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000003072 ____A [89B8F5A946C774A021C54162814A76DB] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\rdpdr.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000031232 ____A [E2DA9EC25011D5850974B88648AB807C] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\refs.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000008704 ____A [784567DDA05230CBAADED4201B9AC091] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\refsv1.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000003072 ____A [2049A6DA4D9E5184CE87D5D091F7B2F0] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\rfxvmt.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000003584 ____A [2A009E97EBDD3A29895BBED309DC5C11] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\RNDISMP.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000003072 ____A [94EFFE702941A275861577EFA4FFB527] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\scfilter.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000004096 ____A [99CA0574C9D9F89F0826D917900B83B9] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\scmbus.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000003584 ____A [5DD5C4E1B7DDEBBE59D12FC4BF63B084] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\scsiport.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000007168 ____A [BE6C88BD3735222A00EA3BE0D2D215F2] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\sdbus.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000003584 ____A [6BC44B8C64242AC7198F0B8549A82E06] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\sdstor.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000004096 ____A [85253E3F3045A96D8592F4F5136A4600] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\sercx.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000009216 ____A [FB1E1A13E2F5CF7D31FAE9A3B34C6BE3] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\sercx2.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000010752 ____A [14C03F2D0BF0E869F0DD7FC1C05507FF] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\serial.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000005632 ____A [9E7D88AB7B60EC2054A8842883D17FBD] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\sermouse.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000046080 ____A [53997944A0C0A199118B1152C25C4B7D] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\spaceport.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000004608 ____A [1E5CEE1FBD54C3E1FB7AFFB413BA2822] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\spbcx.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000003072 ____A [927F2B6808B2FF81367643CD3BC4314B] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\srv.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000083456 ____A [4BAF5EFDD57011615E90C1385E9BB50F] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\srv2.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000009216 ____A [235863E931C1578EFDCD3BED8A05E9F0] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\storqosflt.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000008704 ____A [6C90D631CA6B63A93E26FA86B1AF77EF] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\synth3dvsc.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000134656 ____A [A95DB63C3CDC5A67048420966DF9CC13] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\tcpip.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000009216 ____A [4036494849C380B5288786D6145352B8] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\tpm.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000003584 ____A [1CE426386B73716B166DBD95B3B18151] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\tsusbflt.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000008192 ____A [9D74914BA0662757E85107025A0C252B] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\tunnel.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000013824 ____A [14CCF38C133676F3C0C308EEEA134C51] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\ucx01000.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000003584 ____A [E81C121A52F369494C7CF4B7D2D0B746] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\UmBus.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000003584 ____A [C678277FF4DD33201BE8B34AB0B20EE2] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\usbehci.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000014848 ____A [707E4359A4338F6C3A29E00D6D347F8E] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\usbhub.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000024064 ____A [7603804D9527965EC8F3672A8FA35BE8] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\USBHUB3.SYS.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000026624 ____A [9E9D7EA7A1887573ABAE4F1B9040801F] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\usbport.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000003072 ____A [947EAF69A5A9FFBAF8054236931D288A] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\usbstor.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000003072 ____A [70ADBF5C540704A36A76049648AF7AE3] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\usbvideo.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000016384 ____A [9FE890F7F83F700AC011E8A776091C45] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\USBXHCI.SYS.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000011264 ____A [D6AC3B4CC958D2F3BC9A7C47BB5F19F0] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\vdrvroot.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000011264 ____A [B267ABCFFEB6944B7892E0509890A5CE] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\vhdmp.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000003072 ____A [C2CA437BF3FCBC912DB2B7D4D4922C5F] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\vhf.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000003072 ____A [5E01C941EFB7B99FA986B5AFB9651CFE] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\vmbus.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000006144 ____A [40D8D1F3B26EA9D675FA27F56A806953] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\vmstorfl.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000006656 ____A [3C30082372998406E9D95F7C31DDCDDF] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\vnvdimm.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000002560 ____A [11EEB1D20D7EC19ADC61C79062A9B672] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\volmgr.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000003072 ____A [8BC65D650E5C34E5555775558D3E1EC0] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\volmgrx.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000054272 ____A [D64E3CE712F723B22BB44CFF989269BE] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\volsnap.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000004608 ____A [9472B0AAEBBF65116C9F71607884CB56] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\wacompen.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000003584 ____A [E2262BD32B2DD1B363B5EE06C6DDA544] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\wdf01000.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000003584 ____A [FA73845B31525C144C83BD32BAAE5926] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\wfplwfs.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000028672 ____A [00C01E7A9B349194838E607572225527] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\winnat.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000015872 ____A [E17D5727C1CC26185294457E92E88D0F] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\wmbclass.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000005632 ____A [2E96C2FAAE3FBF2A7475DA5D42F9B4DC] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\wof.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000002560 ____A [DE688E174BA8D467C3366219A20678D7] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\WpdUpFltr.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000002560 ____A [D294EA19D0F1726B920D25E1419963AB] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\ws2ifsl.sys.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000003072 ____A [55255BC2FCF14D5FE0C16A30DBB43D90] (Microsoft Corporation) C:\Windows\System32\Drivers\en-US\wudfpf.sys.mui
2017-09-29 05:46 - 2018-01-10 05:07 - 000000000 ____D [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\etc
2013-08-22 05:25 - 2018-01-10 03:38 - 000000824 ____A [3688374325B992DEF12793500307566D] () C:\Windows\System32\Drivers\etc\hosts
2015-10-08 03:55 - 2015-10-08 03:55 - 000000051 ____A [16BA9998C3289167F9AE3AB781381635] () C:\Windows\System32\Drivers\etc\lmhosts
2017-09-29 05:46 - 2017-09-29 05:44 - 000003683 ____A [18413B90E1B291EC3E777A845C37CFEE] () C:\Windows\System32\Drivers\etc\lmhosts.sam
2013-08-22 05:25 - 2013-08-22 05:25 - 000000407 ____A [B65A1232FB4B35827CE7C5E2F8EC8947] () C:\Windows\System32\Drivers\etc\networks
2013-08-22 05:25 - 2013-08-22 05:25 - 000001358 ____A [7700D22FA108234E623D65FA72D9E29C] () C:\Windows\System32\Drivers\etc\protocol
2013-08-22 05:25 - 2013-08-22 05:25 - 000017463 ____A [D9E1A01B480D961B7CF0509D597A92D6] () C:\Windows\System32\Drivers\etc\services
2017-09-29 05:46 - 2018-01-10 07:45 - 000000000 ____D [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\UMDF
2017-09-29 05:40 - 2017-09-29 05:40 - 000087040 ____A [280FE336722EBE70738355B937FB4D43] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\EhStorPwdDrv.dll
2017-09-29 05:41 - 2017-09-29 05:41 - 000203776 ____A [74CECA6E220B52C53090B20AD68D15BE] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\IddCx.dll
2012-08-10 17:06 - 2014-10-25 03:54 - 000075760 ____A [5B61CA67812695A6A58E1168DFF442F1] (Lenovo) C:\Windows\System32\Drivers\UMDF\LenovoVhid.dll
2014-10-25 03:43 - 2014-10-25 03:43 - 000250368 ____A [6D789873D687342EA5D0947AF190DA60] (Windows ® Win 7 DDK provider) C:\Windows\System32\Drivers\UMDF\LPIMController.dll
2017-09-29 05:41 - 2017-09-29 05:41 - 000176128 ____A [18B302DD5B0BBDF80870760544EE0DEA] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\Microsoft.Bluetooth.Profiles.HidOverGatt.dll
2017-09-29 05:41 - 2017-09-29 05:41 - 000714240 ____A [70153AF0985250B92C05D16449628909] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\NfcCx.dll
2017-09-29 05:41 - 2017-09-29 05:41 - 000026624 ____A [301228924EEDD63514E4705A0567E2A7] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\PosCx.dll
2017-09-29 05:41 - 2017-09-29 05:41 - 000026520 ____A [690B87917DB1D53F75833C319A5B2F00] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\SDFLauncher.dll
2017-09-29 05:41 - 2017-09-29 05:41 - 000199168 ____A [2A581D1145EC245C54F56A7E197B173E] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\SensorsCx.dll
2017-09-29 05:41 - 2017-09-29 05:41 - 000052736 ____A [29903312D69AF3A93FDDD28B1E8DBB7A] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\SMCCx.dll
2017-09-29 05:41 - 2017-09-29 05:41 - 000112640 ____A [063D41BDE16AD18E952DDDEC42473837] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\UcmCx.dll
2017-09-29 05:41 - 2017-09-29 05:41 - 000032768 ____A [79CD731B80173FF8CC62161265903BAB] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\uiccspb.dll
2017-09-29 05:41 - 2017-09-29 05:41 - 000283136 ____A [6C5DA330DE2E3D84BF39661FAADEB5FE] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\WpdFs.dll
2017-09-29 06:41 - 2017-09-29 06:41 - 000000000 ____D [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\UMDF\en-US
2017-09-29 06:40 - 2017-09-29 06:40 - 000002560 ____A [A51C29FA409D1CC531DACD8D3A35C195] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\en-US\hidscanner.dll.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000007168 ____A [D851EB0E832770DB557220B6048B07B1] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\en-US\IddCx.dll.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000010752 ____A [DD7B319DEB3FA731185C88EE143F5744] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\en-US\idtsec.dll.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000010752 ____A [20BE2B40A7A9D9334828E084E03F4792] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\en-US\mgtdyn.dll.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000005120 ____A [41469C9F6232F559B3CE900118FD0F59] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\en-US\Microsoft.Bluetooth.Profiles.HidOverGatt.dll.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000006656 ____A [620FA0CBD0C78091A4313780C649A2F4] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\en-US\NfcCx.dll.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000002560 ____A [CD8C2FEB35E93CAA14AEA33146AF921E] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\en-US\SensorsCx.dll.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000003584 ____A [7D229A6B1D5C04967EF838AD0FCD575B] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\en-US\SensorsHid.dll.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000007168 ____A [FE509A904556CE47BE36E89A6C655075] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\en-US\UsbccidDriver.dll.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000003072 ____A [81ECE95524364EF8B83C9F4633A4EC43] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\en-US\wpdmtpdr.dll.mui
2017-09-29 06:40 - 2017-09-29 06:40 - 000007168 ____A [AD6A9952150FA7AD858220AC800EBE77] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\en-US\WUDFUsbccidDriver.dll.mui
2016-09-20 09:30 - 2018-01-10 05:13 - 000000000 ___AD [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\System32\Drivers\UMDF\Lenovo
2014-05-21 17:27 - 2014-05-21 17:27 - 000201472 ____A [B0C8C04D4EE576777C2300100751092B] (Lenovo Inc.) C:\Windows\System32\Drivers\UMDF\Lenovo\devcon.exe
2014-03-20 14:16 - 2014-03-20 14:16 - 000013402 ____A [CF217CBF1106DB588CED5460EF6BA395] () C:\Windows\System32\Drivers\UMDF\Lenovo\lpimcontroller.cat
2014-02-25 17:53 - 2014-02-25 17:53 - 000250368 ____A [6D789873D687342EA5D0947AF190DA60] (Windows ® Win 7 DDK provider) C:\Windows\System32\Drivers\UMDF\Lenovo\LPIMController.dll
2014-02-25 17:53 - 2014-02-25 17:53 - 000005588 ____A [C5C4A3322A74FC2A84520009B38CD18A] () C:\Windows\System32\Drivers\UMDF\Lenovo\LPIMController.inf
2014-10-25 03:43 - 2014-10-25 03:43 - 000129024 ____A [BE95765DF0AFF010BAB358287932CE55] () C:\Windows\System32\Drivers\UMDF\Lenovo\SystemBatteryInfo.dll
2014-10-25 03:43 - 2014-10-25 03:43 - 000273408 ____A [A03C339B0BEB0E17E6A674ED949C680B] () C:\Windows\System32\Drivers\UMDF\Lenovo\SystemHardwareInfo.dll
2014-10-25 03:43 - 2014-10-25 03:43 - 000130560 ____A [E8929D3F532F028BB95E59A7E0C46F74] () C:\Windows\System32\Drivers\UMDF\Lenovo\SystemInformation.dll
2014-10-25 03:43 - 2014-10-25 03:43 - 000208384 ____A [3F0384503EDAC20481707854AFE6C91A] () C:\Windows\System32\Drivers\UMDF\Lenovo\SystemMemoryInfo.dll
2014-10-25 03:43 - 2014-10-25 03:43 - 000121344 ____A [FB4A6C456CA8F2C38AACCAF3C7BBA2EF] () C:\Windows\System32\Drivers\UMDF\Lenovo\SystemStorageInfo.dll
2014-10-25 03:43 - 2014-10-25 03:43 - 000000446 ____A [58528D6D7FB20B6205453C6349DD9779] () C:\Windows\System32\Drivers\UMDF\Lenovo\TaskConfig.xml
2014-02-25 17:53 - 2014-02-25 17:53 - 001778032 ____A [EBA353417C9A967882B26C911754BBAF] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\Lenovo\WdfCoinstaller01011.dll
2014-02-25 17:53 - 2014-02-25 17:53 - 000708168 ____A [4D96BEFF088BA6AB48FD3775F87C3438] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\Lenovo\winusbcoinstaller.dll
2014-02-25 17:53 - 2014-02-25 17:53 - 001002728 ____A [246900CE6474718730ECD4F873234CF5] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\Lenovo\winusbcoinstaller2.dll
2014-02-25 17:53 - 2014-02-25 17:53 - 002356592 ____A [D9B4BED45B1E6F83B05F5ABEB86F7EC6] (Microsoft Corporation) C:\Windows\System32\Drivers\UMDF\Lenovo\WudfUpdate_01011.dll
 
====== End of Folder: ======
 
 
========= Reg query "HKLM\SYSTEM\Select" =========
 
 
HKEY_LOCAL_MACHINE\SYSTEM\Select
    Current    REG_DWORD    0x1
    Default    REG_DWORD    0x1
    Failed    REG_DWORD    0x0
    LastKnownGood    REG_DWORD    0x1
 
 
 
========= End of Reg: =========
 
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
 
========= Removeproxy =========
 
'Removeproxy' is not recognized as an internal or external command,
operable program or batch file.
 
========= End of CMD: =========
 
 
========= netsh advfirewall reset =========
 
Ok.
 
 
========= End of CMD: =========
 
 
========= netsh advfirewall set allprofiles state ON =========
 
Ok.
 
 
========= End of CMD: =========
 
 
========= ipconfig /flushdns =========
 
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========= End of CMD: =========
 
 
========= netsh winsock reset catalog =========
 
 
Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.
 
 
========= End of CMD: =========
 
 
========= netsh int ip reset C:\resettcpip.txt =========
 
Resetting Compartment Forwarding, OK!
Resetting Compartment, OK!
Resetting Control Protocol, OK!
Resetting Echo Sequence Request, OK!
Resetting Global, OK!
Resetting Interface, OK!
Resetting Anycast Address, OK!
Resetting Multicast Address, OK!
Resetting Unicast Address, OK!
Resetting Neighbor, OK!
Resetting Path, OK!
Resetting Potential, OK!
Resetting Prefix Policy, OK!
Resetting Proxy Neighbor, OK!
Resetting Route, OK!
Resetting Site Prefix, OK!
Resetting Subinterface, OK!
Resetting Wakeup Pattern, OK!
Resetting Resolve Neighbor, OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , failed.
Access is denied.
 
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Restart the computer to complete this action.
 
 
========= End of CMD: =========
 
 
========= FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i" =========
 
Failed to clear log DebugChannel. The requested operation cannot be performed over an enabled direct channel. The channel must first be disabled before performing the requested operation.
Failed to clear log Microsoft-RMS-MSIPC/Debug. The requested operation cannot be performed over an enabled direct channel. The channel must first be disabled before performing the requested operation.
Failed to clear log Microsoft-Windows-LiveId/Analytic. Access is denied.
Failed to clear log Microsoft-Windows-LiveId/Operational. Access is denied.
Failed to clear log Microsoft-Windows-USBVideo/Analytic. The instance name passed was not recognized as valid by a WMI data provider.
 
========= End of CMD: =========
 
 
========= Bitsadmin /Reset /Allusers =========
 
 
BITSADMIN version 3.0
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.
 
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
 
{CE608D65-13B9-41FB-975B-8537997FD7B2} canceled.
1 out of 1 jobs canceled.
 
========= End of CMD: =========
 
 
=========== EmptyTemp: ==========
 
BITS transfer queue => 6053888 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 14158894 B
Java, Flash, Steam htmlcache => 981 B
Windows/system/drivers => 542150 B
Edge => 13309320 B
Chrome => 797019314 B
Firefox => 381087563 B
Opera => 0 B
 
Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 1752 B
NetworkService => 0 B
salma => 10906390 B
14f141 => 16818 B
 
RecycleBin => 373437595 B
EmptyTemp: => 1.5 GB temporary data Removed.
 
================================
 
 
The system needed a reboot.
 
==== End of Fixlog 01:05:18 ====
 
# AdwCleaner 7.0.6.0 - Logfile created on Thu Jan 11 09:25:08 2018
# Updated on 2017/21/12 by Malwarebytes 
# Running on Windows 10 Home Single Language (X64)
# Mode: clean
 
***** [ Services ] *****
 
No malicious services deleted.
 
***** [ Folders ] *****
 
Deleted: C:\Users\salma\AppData\Local\SweetLabs App Platform
Deleted: C:\ProgramData\Pokki
Deleted: C:\ProgramData\Application Data\Pokki
Deleted: C:\Users\14f141\AppData\Local\Pokki
Deleted: C:\Users\All Users\Pokki
Deleted: C:\Users\Default\AppData\Local\Pokki
Deleted: C:\Users\Default User\AppData\Local\Pokki
Deleted: C:\Users\Public\Pokki
Deleted: C:\ProgramData\ByteFence
Deleted: C:\ProgramData\Application Data\ByteFence
Deleted: C:\Users\All Users\ByteFence
 
 
***** [ Files ] *****
 
Deleted: C:\Users\salma\AppData\Roaming\Mozilla\Firefox\Profiles\5qzs4vgy.default\searchplugins\Web Search.xml
Deleted: C:\Users\salma\AppData\Roaming\Mozilla\Firefox\Profiles\5qzs4vgy.default\SEARCHPLUGINS\WEB SEARCH.XML
Deleted: C:\Users\14f141\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\PC App Store.lnk
Deleted: C:\Users\salma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\PC App Store.lnk
Deleted: C:\Users\salma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
Deleted: C:\Windows\System32\VisualDiscoveryOff.ini
Deleted: C:\Windows\SysNative\VisualDiscoveryOff.ini
Deleted: C:\Windows\SysWOW64\VisualDiscoveryOff.ini
Deleted: C:\Windows\System32\VisualDiscovery.ini
Deleted: C:\Windows\SysWOW64\VisualDiscovery.ini
 
 
***** [ DLL ] *****
 
No malicious DLLs cleaned.
 
***** [ WMI ] *****
 
No malicious WMI cleaned.
 
***** [ Shortcuts ] *****
 
No malicious shortcuts cleaned.
 
***** [ Tasks ] *****
 
Deleted: SweetLabs App Platform
 
 
***** [ Registry ] *****
 
Deleted: [Key] - HKU\S-1-5-21-2885589384-1567697907-1413021575-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_AP
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_AP
Deleted: [Key] - HKU\S-1-5-21-2885589384-1567697907-1413021575-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_Start_Menu
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_Start_Menu
Deleted: [Key] - HKLM\SOFTWARE\LENOVO\VisualDiscovery
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{CB6BF8B6-E12B-42FA-A478-91BCCDE475DC}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{2E5FA7B4-61A2-4662-BBCE-62BBB20FC649}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{5D7F05E3-075A-43AF-8BC7-21E2F7F38845}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{617E26CE-E6E1-4C75-A68A-A001F2B98491}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{79FBDBEA-A722-4ABD-BEC0-B7D463F6BA0E}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{8128586C-DF69-4266-873F-CF4C6F705A7C}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{C1F9CFCE-A7DC-4072-8B31-1DEA57004C86}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{EA4AD895-2A7F-430E-B973-DEE6C4E743A9}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{EBF4B60F-A863-426F-BE6F-5DFE83BC574F}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{9AD5C084-B6E6-456A-8BA2-A559663780E5}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{70C7334A-66D9-46DE-A4E2-6B923C7DB94E}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{5780633B-414C-446F-8EB2-FF1C9A731C99}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{4EECDED2-40FB-4500-85B4-86FB0EBECA68}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{10A7F29D-4B00-40EC-B07D-8616DF8135E6}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{05FF6A00-76A3-4AA1-A9A4-A782152ABE60}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{02966FA9-C01A-47E7-A169-C83AEA1FB0BA}
Deleted: [Key] - HKCU\Software\Classes\AllFileSystemObjects\shell\pokki
Deleted: [Key] - HKCU\Software\Classes\Directory\shell\pokki
Deleted: [Key] - HKCU\Software\Classes\Drive\shell\pokki
Deleted: [Key] - HKCU\Software\Classes\lnkfile\shell\pokki
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\bytefence.com
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\en.bytefence.com
Deleted: [Key] - HKU\.DEFAULT\Software\ByteFence
Deleted: [Key] - HKU\S-1-5-18\Software\ByteFence
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|ByteFence.exe
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Reason\ReasonByteFence
Deleted: [Value] - HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store|C:\Program Files\ByteFence\Uninstall.exe
Deleted: [Key] - HKU\S-1-5-21-2885589384-1567697907-1413021575-1001\Software\SweetLabs App Platform
Deleted: [Key] - HKCU\Software\SweetLabs App Platform
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Deleted: [Key] - HKLM\SOFTWARE\VisualDiscovery
Deleted: [Key] - HKLM\SOFTWARE\Superfish Inc. VisualDiscovery
Deleted: [Key] - HKU\S-1-5-21-2885589384-1567697907-1413021575-1001\Software\csastats
Deleted: [Key] - HKCU\Software\csastats
Deleted: [Key] - HKU\S-1-5-21-2885589384-1567697907-1413021575-1001\Software\PRODUCTSETUP
Deleted: [Key] - HKCU\Software\PRODUCTSETUP
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_04bb6df446330549a2cb8d67fbd1a745025b7bd1
 
 
***** [ Firefox (and derivatives) ] *****
 
No malicious Firefox entries deleted.
 
***** [ Chromium (and derivatives) ] *****
 
No malicious Chromium entries deleted.
 
*************************
 
::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0
 
 
 
*************************
 
C:/AdwCleaner/AdwCleaner[S0].txt - [6915 B] - [2018/1/11 9:19:20]
 
 
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########

  • 0

#4
JSntgRvr
Posted 12 January 2018 - 12:30 PM

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,579 posts
How is the computer doing?
  • 0

#5
brazzo
Posted 12 January 2018 - 02:19 PM

brazzo

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
The performance is better but the ads are still showing
  • 0

#6
JSntgRvr
Posted 12 January 2018 - 02:25 PM

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,579 posts
Lets perform a set f scans.

favicon-32x32.png Please download Malwarebytes to your desktop.
  • Double-click mb3-setup-consumer-{version}.exe and follow the prompts to install the program.
  • Once the program has fully updated, Proceed with the Scan options and select "Threat Scan".
  • The Scan Pane is the introduction to scan-related options in the program. When you click Scan in the Menu Pane, you will see the screen shown below.
02-malwarebytes-premium-scan-methods.jpg
  • After a scan has been executed, scan results are displayed.
  • Put a checkmark on all detected and click on "Quarantine Selected"
  • Selected reports may be viewed on screen, or exported to a text file for later viewing. Please note that only manual (on demand) scans are available for users of the free version of Malwarebytes.
You may export to your clipboard or to a text (TXT) file. Export to a .txt file and post its contents.

RQKuhw1.pngRogueKiller
  • Download the right version of RogueKiller for your Windows version (32 or 64-bit)
  • Once done, move the executable file to your Desktop, right-click on it and select Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users)
  • Click on the Start Scan button in the right panel, which will bring you to another tab, and click on it again (this time it'll be in the bottom right corner)
  • Wait for the scan to complete
  • On completion, the results will be displayed
  • Check every single entry (threat found), and click on the Remove Selected button
  • On completion, the results will be displayed. Click on the Open Report button in the bottom left corner, followed by the Open TXT button (also in the bottom left corner)
  • This will open the report in Notepad. Copy/paste its content in your next reply

  • 0

#7
JSntgRvr
Posted 17 January 2018 - 03:32 PM

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,579 posts
Are we still on?
  • 0

#8
JSntgRvr
Posted 20 January 2018 - 03:24 PM

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,579 posts

Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.


  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP