Pubblicità
PROBLEMA Rilevato da NOD32 questo virus: Win32/RiskWare.HackAV
- Autore discussione derek1939
- Data d'inizio
Pubblicità
- Stato
danilo79
Utente Èlite
- Messaggi
- 1,814
- Reazioni
- 550
- Punteggio
- 108
Ciao
Esegui queste scansioni:
Malwarebyte antimalware scaricalo da qui https://it.malwarebytes.com/
fai la scansione ed elimina cio che trova e posta il log generato
Scarica tdsskiller da qui www.bleepingcomputer.com/download/tdsskiller/
Segui questa guida per il programmahttp://www.why-tech.it/come-rimuovere-defi...t-dal-pc-1.html
Posta il log report
Poi ,esegui una scansione con roguekiller...
Scaricalo da qui...
http://www.adlice.com/download/roguekiller/
Segui questa guida per usare il programma
http://it.ccm.net/faq/3204-come-usare
Cancella solo le voci di colore rosso...
Posta il.report
Infine scarica frst da quihttps://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/
scarica la versione adatta al tuo sistema operativo 32 o 64 bit
posiziona l eseguibile sul desktop
tasto dx sopra eseguibile--apri come amministratore
una volta aperto clicca su scan
postare log frst.txt e addition.txt
Ciao
Esegui queste scansioni:
Malwarebyte antimalware scaricalo da qui https://it.malwarebytes.com/
fai la scansione ed elimina cio che trova e posta il log generato
Scarica tdsskiller da qui www.bleepingcomputer.com/download/tdsskiller/
Segui questa guida per il programmahttp://www.why-tech.it/come-rimuovere-defi...t-dal-pc-1.html
Posta il log report
Poi ,esegui una scansione con roguekiller...
Scaricalo da qui...
http://www.adlice.com/download/roguekiller/
Segui questa guida per usare il programma
http://it.ccm.net/faq/3204-come-usare
Cancella solo le voci di colore rosso...
Posta il.report
Infine scarica frst da quihttps://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/
scarica la versione adatta al tuo sistema operativo 32 o 64 bit
posiziona l eseguibile sul desktop
tasto dx sopra eseguibile--apri come amministratore
una volta aperto clicca su scan
postare log frst.txt e addition.txt
Ciao
Innanzitutto grazie dell'aiuto.
Sono riuscito a fare tutte le scansioni.
Allego tutti i vari log...
MALWAREBYTES:
TDSSKILLER:
ROGUEKILLER:
ADDITION:
FRST:
Attendo info... :)
Sono riuscito a fare tutte le scansioni.
Allego tutti i vari log...
MALWAREBYTES:
Codice:
Malwarebytes
www.malwarebytes.com
-Dettagli log-
Data scansione: 19/03/18
Ora scansione: 10:20
File di log: c0abb415-2b56-11e8-89c2-8c89a5dc4082.json
Amministratore: Sì
-Informazioni software-
Versione: 3.3.1.2183
Versione componenti: 1.0.262
Aggiorna versione pacchetto: 1.0.4406
Licenza: Free
-Informazioni sistema-
SO: Windows 7 Service Pack 1
CPU: x64
File system: NTFS
Utente: Windows-PC\Admin
-Riepilogo scansione-
Tipo di scansione: Ricerca elementi nocivi
Risultati: Completata
Elementi analizzati: 436887
Minacce rilevate: 0
(Nessun elemento nocivo rilevato)
Minacce messe in quarantena: 0
(Nessun elemento nocivo rilevato)
Tempo impiegato: 5 min, 15 sec
-Opzioni di scansione-
Memoria: Attivata
Esecuzioni automatiche: Attivata
File system: Attivata
Archivi compressi: Attivata
Rootkit: Disattivata
Analisi euristica: Attivata
PUP: Rilevare
PUM: Rilevare
-Dettagli scansione-
Processo: 0
(Nessun elemento nocivo rilevato)
Modulo: 0
(Nessun elemento nocivo rilevato)
Chiave di registro: 0
(Nessun elemento nocivo rilevato)
Valore di registro: 0
(Nessun elemento nocivo rilevato)
Dati di registro: 0
(Nessun elemento nocivo rilevato)
Flusso di dati: 0
(Nessun elemento nocivo rilevato)
Cartella: 0
(Nessun elemento nocivo rilevato)
File: 0
(Nessun elemento nocivo rilevato)
Settore fisico: 0
(Nessun elemento nocivo rilevato)
(end)TDSSKILLER:
Codice:
10:23:02.0853 0x1650 TDSS rootkit removing tool 3.1.0.16 Jan 24 2018 17:27:43
10:23:08.0833 0x1650 ============================================================
10:23:08.0833 0x1650 Current date / time: 2018/03/19 10:23:08.0833
10:23:08.0833 0x1650 SystemInfo:
10:23:08.0833 0x1650
10:23:08.0833 0x1650 OS Version: 6.1.7601 ServicePack: 1.0
10:23:08.0833 0x1650 Product type: Workstation
10:23:08.0833 0x1650 ComputerName: WINDOWS-PC
10:23:08.0833 0x1650 UserName: Admin
10:23:08.0833 0x1650 Windows directory: C:\Windows
10:23:08.0833 0x1650 System windows directory: C:\Windows
10:23:08.0833 0x1650 Running under WOW64
10:23:08.0833 0x1650 Processor architecture: Intel x64
10:23:08.0833 0x1650 Number of processors: 4
10:23:08.0833 0x1650 Page size: 0x1000
10:23:08.0833 0x1650 Boot type: Normal boot
10:23:08.0833 0x1650 CodeIntegrityOptions = 0x00000001
10:23:08.0833 0x1650 ============================================================
10:23:09.0090 0x1650 KLMD registered as C:\Windows\system32\drivers\84645255.sys
10:23:09.0090 0x1650 KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 7601.24059, osProperties = 0x1
10:23:09.0448 0x1650 System UUID: {24B1663F-459B-C1F4-25B2-73AF4B8A44E6}
10:23:09.0735 0x1650 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:23:09.0735 0x1650 Drive \Device\Harddisk1\DR1 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:23:09.0746 0x1650 Drive \Device\Harddisk2\DR2 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:23:09.0761 0x1650 Drive \Device\Harddisk3\DR3 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:23:09.0769 0x1650 ============================================================
10:23:09.0769 0x1650 \Device\Harddisk0\DR0:
10:23:09.0769 0x1650 MBR partitions:
10:23:09.0769 0x1650 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1D1C3D81
10:23:09.0769 0x1650 \Device\Harddisk1\DR1:
10:23:09.0999 0x1650 MBR partitions:
10:23:09.0999 0x1650 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07800
10:23:09.0999 0x1650 \Device\Harddisk2\DR2:
10:23:09.0999 0x1650 MBR partitions:
10:23:09.0999 0x1650 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x29FC5248
10:23:09.0999 0x1650 \Device\Harddisk2\DR2\Partition2: MBR, Type 0x7, StartLBA 0x29FC5287, BlocksNum 0x103BF9BA
10:23:09.0999 0x1650 \Device\Harddisk3\DR3:
10:23:09.0999 0x1650 MBR partitions:
10:23:10.0008 0x1650 \Device\Harddisk3\DR3\Partition1: MBR, Type 0x7, StartLBA 0x3F05, BlocksNum 0x746FDBFB
10:23:10.0008 0x1650 ============================================================
10:23:10.0009 0x1650 C: <-> \Device\Harddisk0\DR0\Partition1
10:23:10.0027 0x1650 G: <-> \Device\Harddisk2\DR2\Partition1
10:23:10.0043 0x1650 I: <-> \Device\Harddisk3\DR3\Partition1
10:23:10.0069 0x1650 H: <-> \Device\Harddisk2\DR2\Partition2
10:23:10.0100 0x1650 L: <-> \Device\Harddisk1\DR1\Partition1
10:23:10.0100 0x1650 ============================================================
10:23:10.0100 0x1650 Initialize success
10:23:10.0100 0x1650 ============================================================
10:23:27.0248 0x17d0 ============================================================
10:23:27.0248 0x17d0 Scan started
10:23:27.0248 0x17d0 Mode: Manual; SigCheck; TDLFS;
10:23:27.0248 0x17d0 ============================================================
10:23:27.0248 0x17d0 KSN ping started
10:23:27.0586 0x17d0 KSN ping finished: true
10:23:28.0627 0x17d0 ================ Scan system memory ========================
10:23:28.0627 0x17d0 System memory - ok
10:23:28.0627 0x17d0 ================ Scan services =============================
10:23:28.0656 0x17d0 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
10:23:28.0685 0x17d0 1394ohci - ok
10:23:28.0703 0x17d0 [ DCA5495CA17AEB2F4FD8AC60812C3999, 20A3FC0349294584C340C76D674EE5CA37BA69C886DDA6886CBCCFA437A51BD8 ] ACPI C:\Windows\system32\drivers\ACPI.sys
10:23:28.0739 0x17d0 ACPI - ok
10:23:28.0742 0x17d0 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
10:23:28.0775 0x17d0 AcpiPmi - ok
10:23:28.0815 0x17d0 [ CA805DA983594B01F3554464B2E5158F, AC311C5D59AA1FA2B1B3CDB9CCEABEC85878BF6CA6106253186909AA9EB3C1BA ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
10:23:28.0827 0x17d0 AdobeARMservice - ok
10:23:28.0916 0x17d0 [ 2486BBFDAE393D3F212A7AD521F75B7F, 7D6A8082053E8C626429F17074081F705BCC8217C12C35DDFFDA0635E623DED5 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:23:28.0936 0x17d0 AdobeFlashPlayerUpdateSvc - ok
10:23:28.0947 0x17d0 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
10:23:28.0965 0x17d0 adp94xx - ok
10:23:28.0977 0x17d0 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
10:23:29.0001 0x17d0 adpahci - ok
10:23:29.0011 0x17d0 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
10:23:29.0027 0x17d0 adpu320 - ok
10:23:29.0034 0x17d0 [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
10:23:29.0073 0x17d0 AeLookupSvc - ok
10:23:29.0118 0x17d0 [ 0DC2A9882540DEA4A55B08785E09D8FC, 69B15724B0034F9915AACE109A6C596D6AF2DA350FC18C9A0CD98C81CB7EDEE3 ] AFD C:\Windows\system32\drivers\afd.sys
10:23:29.0184 0x17d0 AFD - ok
10:23:29.0189 0x17d0 [ 466BF4170DC41BB939F1F9AB8F97F8F5, 603BF9DA00AABF2CC9FA89865EBCF0CDAADB77D147D0B9FC30480DA7D8215C61 ] agp440 C:\Windows\system32\drivers\agp440.sys
10:23:29.0223 0x17d0 agp440 - ok
10:23:29.0243 0x17d0 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
10:23:29.0278 0x17d0 ALG - ok
10:23:29.0285 0x17d0 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
10:23:29.0299 0x17d0 aliide - ok
10:23:29.0306 0x17d0 [ 962227630779043B5C1D4CD157ABB912, AAEB8F7C0D987206CE0C6293F7468880FF79876AE497DDA0785C13BDB4B91998 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
10:23:29.0382 0x17d0 AMD External Events Utility - ok
10:23:29.0389 0x17d0 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\DRIVERS\amdide.sys
10:23:29.0399 0x17d0 amdide - ok
10:23:29.0415 0x17d0 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
10:23:29.0452 0x17d0 AmdK8 - ok
10:23:29.0751 0x17d0 [ 56D6631761EC37745F0DF16BCDC4CAF4, CA144875715959227B324B0EA92344198FEE07FCC74F4B6A577FF09F525C4DC7 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
10:23:30.0177 0x17d0 amdkmdag - ok
10:23:30.0206 0x17d0 [ 2D9005EA0BFD25C740E53C8DD3C069E0, 5FF02EE7EFCAB12D4FFDF20E77D9E1713D45D001FB231D866F4BAEBA848B4274 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
10:23:30.0235 0x17d0 amdkmdap - ok
10:23:30.0239 0x17d0 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
10:23:30.0279 0x17d0 AmdPPM - ok
10:23:30.0285 0x17d0 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
10:23:30.0302 0x17d0 amdsata - ok
10:23:30.0311 0x17d0 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
10:23:30.0324 0x17d0 amdsbs - ok
10:23:30.0328 0x17d0 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
10:23:30.0336 0x17d0 amdxata - ok
10:23:30.0348 0x17d0 [ 7D146657683BD88FF09EFF302E6727D7, A98EDBBBD939FEA0129E4EE1314379164A079D3D9EA020B4FACCE3AC74760394 ] AndnetBus C:\Windows\system32\DRIVERS\lgandnetbus64.sys
10:23:30.0399 0x17d0 AndnetBus - ok
10:23:30.0415 0x17d0 [ 7D409E9EDEB18FBDC250986FD6A08878, 19D90F748FDADC9F4BE65C20033477E9D511DD752A4F87EF558F3A71BF5FE8FC ] AndNetDiag C:\Windows\system32\DRIVERS\lgandnetdiag64.sys
10:23:30.0426 0x17d0 AndNetDiag - ok
10:23:30.0429 0x17d0 [ 6047D76F4BF701C4D2244F45005B7D87, 3B924499DAE203D28D7D01FCF27F16356454D7FC95CBB5E31D18DE7E8608E87B ] ANDNetModem C:\Windows\system32\DRIVERS\lgandnetmodem64.sys
10:23:30.0438 0x17d0 ANDNetModem - ok
10:23:30.0443 0x17d0 [ 59A91DB6DC35DB38C86D642683958703, 368ED9AA1074E05CA393149642BEE664DA15146D45769C35C65FDAEAC4E45E29 ] AppID C:\Windows\system32\drivers\appid.sys
10:23:30.0476 0x17d0 AppID - ok
10:23:30.0485 0x17d0 [ 9FFAF35A8926685C8E0263A3B888C92A, 016D84EF6F2660D7A1D1BDB995E418D11068347E6CE73A51160CBAA587B3E882 ] AppIDSvc C:\Windows\System32\appidsvc.dll
10:23:30.0517 0x17d0 AppIDSvc - ok
10:23:30.0526 0x17d0 [ D92C0D871FBA258CBF2126EABFE31447, 62E2C3CF0E3BB6A4C6AC101333728E447960B182C11F7B1900CA5C6E4B46D02C ] Appinfo C:\Windows\System32\appinfo.dll
10:23:30.0564 0x17d0 Appinfo - ok
10:23:30.0588 0x17d0 [ E0CBB79ADB89A233928AF60FB2B729DE, CA2C2660686A9D8BD9DB940469221FCD70379AC9837B8620B074C0ED683BEC41 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:23:30.0611 0x17d0 Apple Mobile Device Service - ok
10:23:30.0621 0x17d0 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
10:23:30.0650 0x17d0 AppMgmt - ok
10:23:30.0653 0x17d0 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
10:23:30.0681 0x17d0 arc - ok
10:23:30.0685 0x17d0 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
10:23:30.0696 0x17d0 arcsas - ok
10:23:30.0716 0x17d0 [ B29B39713E36AEDC517AEF58321B52D9, 016FFC93CB5BA15E6FA48B3334F69E8D80D0FC9B51B0477B4D4CEE0186303ABC ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
10:23:30.0727 0x17d0 aspnet_state - ok
10:23:30.0748 0x17d0 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
10:23:30.0873 0x17d0 AsyncMac - ok
10:23:30.0900 0x17d0 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\DRIVERS\atapi.sys
10:23:30.0914 0x17d0 atapi - ok
10:23:30.0936 0x17d0 [ 2B3B05C0A7768BF033217EB8F33F9C35, F7B13158440CAE46EC93F29BA47A960194A5A2AD71B5BF628AF4661CEE096402 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
10:23:30.0963 0x17d0 AtiHDAudioService - ok
10:23:30.0982 0x17d0 [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:23:31.0037 0x17d0 AudioEndpointBuilder - ok
10:23:31.0067 0x17d0 [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioSrv C:\Windows\System32\Audiosrv.dll
10:23:31.0115 0x17d0 AudioSrv - ok
10:23:31.0133 0x17d0 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
10:23:31.0190 0x17d0 AxInstSV - ok
10:23:31.0222 0x17d0 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
10:23:31.0307 0x17d0 b06bdrv - ok
10:23:31.0314 0x17d0 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
10:23:31.0362 0x17d0 b57nd60a - ok
10:23:31.0369 0x17d0 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
10:23:31.0430 0x17d0 BDESVC - ok
10:23:31.0432 0x17d0 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
10:23:31.0482 0x17d0 Beep - ok
10:23:31.0505 0x17d0 [ E3ED6C06462FDDE33100F7E45E8F5213, 71AA528F8912106FDAD83175A7529CF94B5B19093D2C63C25FAC198587286F87 ] BFE C:\Windows\System32\bfe.dll
10:23:31.0546 0x17d0 BFE - ok
10:23:31.0594 0x17d0 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
10:23:31.0813 0x17d0 BITS - ok
10:23:31.0842 0x17d0 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
10:23:31.0923 0x17d0 blbdrive - ok
10:23:31.0948 0x17d0 [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
10:23:31.0995 0x17d0 Bonjour Service - ok
10:23:32.0009 0x17d0 [ ABA3984C822E4D3F889699912D85D6C5, 2251FA135CC290DA13DAE4743F393C7CC9E6A737C054707CB8D72C369D1FFACB ] bowser C:\Windows\system32\DRIVERS\bowser.sys
10:23:32.0077 0x17d0 bowser - ok
10:23:32.0083 0x17d0 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
10:23:32.0132 0x17d0 BrFiltLo - ok
10:23:32.0144 0x17d0 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
10:23:32.0163 0x17d0 BrFiltUp - ok
10:23:32.0168 0x17d0 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
10:23:32.0187 0x17d0 Browser - ok
10:23:32.0199 0x17d0 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
10:23:32.0233 0x17d0 Brserid - ok
10:23:32.0240 0x17d0 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
10:23:32.0274 0x17d0 BrSerWdm - ok
10:23:32.0280 0x17d0 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
10:23:32.0343 0x17d0 BrUsbMdm - ok
10:23:32.0354 0x17d0 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
10:23:32.0434 0x17d0 BrUsbSer - ok
10:23:32.0437 0x17d0 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
10:23:32.0452 0x17d0 BthEnum - ok
10:23:32.0469 0x17d0 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
10:23:32.0542 0x17d0 BTHMODEM - ok
10:23:32.0567 0x17d0 [ 5A8951D195AFEF979C4AB02A129EBC37, 48FD4A921E51B6DD306A1248EB9A1A6AEC5F59E49528423BF2F40600B3AF1D08 ] BthPan C:\Windows\system32\drivers\bthpan.sys
10:23:33.0011 0x17d0 BthPan - ok
10:23:33.0024 0x17d0 [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
10:23:33.0057 0x17d0 BTHPORT - ok
10:23:33.0062 0x17d0 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
10:23:33.0145 0x17d0 bthserv - ok
10:23:33.0155 0x17d0 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
10:23:33.0185 0x17d0 BTHUSB - ok
10:23:33.0190 0x17d0 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
10:23:33.0237 0x17d0 cdfs - ok
10:23:33.0254 0x17d0 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
10:23:33.0313 0x17d0 cdrom - ok
10:23:33.0320 0x17d0 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
10:23:33.0363 0x17d0 CertPropSvc - ok
10:23:33.0370 0x17d0 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
10:23:33.0414 0x17d0 circlass - ok
10:23:33.0440 0x17d0 [ 570AFE6421B88EFC2484556A33A0C1C9, 8FEEF40EF9061AC34E76F99DE04E5258E646D5CFFBDB86C38D76344D0765D056 ] CLFS C:\Windows\system32\CLFS.sys
10:23:33.0468 0x17d0 CLFS - ok
10:23:33.0483 0x17d0 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:23:33.0510 0x17d0 clr_optimization_v2.0.50727_32 - ok
10:23:33.0526 0x17d0 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:23:33.0557 0x17d0 clr_optimization_v2.0.50727_64 - ok
10:23:33.0584 0x17d0 [ 7761FBD826C16A007D6386FBFB846241, 7E9DD121488C8652F33059EBCA648D2319B9D3328EEA3F2AEBA1BFB90C0805EB ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:23:33.0635 0x17d0 clr_optimization_v4.0.30319_32 - ok
10:23:33.0646 0x17d0 [ 35F81FD0318AFABFB1956431CFA3EAE5, E4CDF2E9558A237B28194BCB1ADA5E798C484E7B0262DAF1AB94A69F326CC91E ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:23:33.0671 0x17d0 clr_optimization_v4.0.30319_64 - ok
10:23:33.0703 0x17d0 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
10:23:33.0792 0x17d0 CmBatt - ok
10:23:33.0795 0x17d0 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
10:23:33.0805 0x17d0 cmdide - ok
10:23:33.0816 0x17d0 [ A98CED39AD91B445E2E442A9BD67E8B4, B4189DEEF1C0EE22AE983119047B1A40FFDD8F3E163DFFABD7C2706231B0B1B0 ] CNG C:\Windows\system32\Drivers\cng.sys
10:23:33.0850 0x17d0 CNG - ok
10:23:33.0854 0x17d0 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
10:23:33.0882 0x17d0 Compbatt - ok
10:23:33.0888 0x17d0 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
10:23:33.0911 0x17d0 CompositeBus - ok
10:23:33.0923 0x17d0 COMSysApp - ok
10:23:33.0928 0x17d0 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
10:23:33.0938 0x17d0 crcdisk - ok
10:23:33.0983 0x17d0 [ EC0550300E899BD69BDB5937E684D348, 982E5FB213F6DE07F061D4FE201CA69D99572398ED41C953E0B3358C3FD9EBF6 ] CryptSvc C:\Windows\system32\cryptsvc.dll
10:23:34.0057 0x17d0 CryptSvc - ok
10:23:34.0082 0x17d0 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
10:23:34.0115 0x17d0 CSC - ok
10:23:34.0138 0x17d0 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
10:23:34.0206 0x17d0 CscService - ok
10:23:34.0211 0x17d0 [ A4700D1F78539C0ED32FA50E64F9C692, 5CB03B5F36307BA152245BAD29CB2AC703BBE8197ABC0338A7092ADEA1C3221A ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys
10:23:34.0222 0x17d0 dc3d - ok
10:23:34.0234 0x17d0 [ BA6C9EE518A11DA4AD061B223EBED3D3, 0FDDEF3FFB375712567212BD7D31DA91AB97F8CE0D468C5FC6D4918CDF204B5A ] DcomLaunch C:\Windows\system32\rpcss.dll
10:23:34.0265 0x17d0 DcomLaunch - ok
10:23:34.0287 0x17d0 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
10:23:34.0323 0x17d0 defragsvc - ok
10:23:34.0327 0x17d0 [ 7D2D2284833760A82308CF09F7618E8B, A78F9369D4614D305D2F8E3CD2C697107781DD83A695022A192B2D8E1E21A05D ] DfsC C:\Windows\system32\Drivers\dfsc.sys
10:23:34.0347 0x17d0 DfsC - ok
10:23:34.0351 0x17d0 [ 30710AEFCE721CEEE0F35EB6A01C263C, FB062EC86474D38BBC38E11E2618A9505001C287430B495C482977BBE58017C8 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
10:23:34.0368 0x17d0 dg_ssudbus - ok
10:23:34.0376 0x17d0 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
10:23:34.0410 0x17d0 Dhcp - ok
10:23:34.0448 0x17d0 [ EE9954237F15BE4DD9304D12E4D305ED, F295C9BAF20F0E669B673AFCC16B4969EE31B6A3808980DAB93D9B0F167DA3C0 ] DiagTrack C:\Windows\system32\diagtrack.dll
10:23:34.0538 0x17d0 DiagTrack - ok
10:23:34.0583 0x17d0 [ 64F6A6B21B25528F7368928C0171C8E3, B9D56EA97E57501D567D71965C1CD57C85DA1C7EAF958B38F3D199457DD4D2E3 ] Disc Soft Lite Bus Service C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
10:23:34.0653 0x17d0 Disc Soft Lite Bus Service - ok
10:23:34.0697 0x17d0 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
10:23:34.0741 0x17d0 discache - ok
10:23:34.0748 0x17d0 [ 616387BBD83372220B09DE95F4E67BBC, 5E2D5280BB775576E7CDE3FA6BDE494E183123635E5908CF7EBF1FF52966D07D ] Disk C:\Windows\system32\drivers\disk.sys
10:23:34.0787 0x17d0 Disk - ok
10:23:34.0791 0x17d0 [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc C:\Windows\system32\DRIVERS\dmvsc.sys
10:23:34.0850 0x17d0 dmvsc - ok
10:23:34.0855 0x17d0 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
10:23:34.0875 0x17d0 Dnscache - ok
10:23:34.0901 0x17d0 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
10:23:34.0957 0x17d0 dot3svc - ok
10:23:34.0982 0x17d0 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
10:23:35.0059 0x17d0 DPS - ok
10:23:35.0126 0x17d0 [ 2E26AD284F99A38C95D1089E1F3C512A, 5505E5FBA0FEC5C65EACD3C9844FF25534C91C3247CF63FB307017E8137840E6 ] DragonUpdater C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
10:23:35.0192 0x17d0 DragonUpdater - ok
10:23:35.0204 0x17d0 [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
10:23:35.0238 0x17d0 drmkaud - ok
10:23:35.0243 0x17d0 [ 679FF716052109392D870F6A6C4A3535, BEF1784448CCA4AF1D67ED68BD0C7CFE01A7719E98CACF92C2DCBFAA916DC57E ] dtlitescsibus C:\Windows\system32\DRIVERS\dtlitescsibus.sys
10:23:35.0253 0x17d0 dtlitescsibus - ok
10:23:35.0265 0x17d0 [ E23FDD696839A4790682CA66C48D3F2F, F5F0721BDA751968224E52E75D0C309A3E084C430CD98E85A55AF622D16B9A44 ] dtliteusbbus C:\Windows\system32\DRIVERS\dtliteusbbus.sys
10:23:35.0293 0x17d0 dtliteusbbus - ok
10:23:35.0318 0x17d0 [ 5CEF80AE869336376F550ECAE91E424A, 49152AC35556A5629AE7A4A762FDB2112FAD1C9CDB91E6196172809F74A3149A ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
10:23:35.0355 0x17d0 DXGKrnl - ok
10:23:35.0365 0x17d0 [ A97BC08F54CF30078CF4277E86215D5B, D24DDB425A6E9A56D798CB3A23B4C41EBC368E6F3E3A1B1BC39E0C19D62BB592 ] eamonm C:\Windows\system32\DRIVERS\eamonm.sys
10:23:35.0390 0x17d0 eamonm - ok
10:23:35.0394 0x17d0 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
10:23:35.0434 0x17d0 EapHost - ok
10:23:35.0519 0x17d0 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
10:23:35.0717 0x17d0 ebdrv - ok
10:23:35.0727 0x17d0 [ 9C6259B513678AA94709EBD898F601E5, C06452B2E096756A79DD6C6308CAB2223A6AD7F1181E1B2B43A22BFEE6E1AC6B ] EFS C:\Windows\System32\lsass.exe
10:23:35.0776 0x17d0 EFS - ok
10:23:35.0792 0x17d0 [ FB5EE88FAEF99242670942F8BB3E73D5, 1824BD46D2BD2ABA4DC9D6AE0031BADC04C14C01E3268BE4E4881FD61C92562C ] ehdrv C:\Windows\system32\DRIVERS\ehdrv.sys
10:23:35.0813 0x17d0 ehdrv - ok
10:23:35.0844 0x17d0 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
10:23:35.0918 0x17d0 ehRecvr - ok
10:23:35.0929 0x17d0 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
10:23:35.0975 0x17d0 ehSched - ok
10:23:36.0034 0x17d0 [ 370E1609D922EC4C2BE899C49FADA49E, EABC3CFAE208246FFA734E579839B85733F22CB7A5CA9EC89B80C4E970CFE6A5 ] ekrn C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
10:23:36.0159 0x17d0 ekrn - ok
10:23:36.0191 0x17d0 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
10:23:36.0228 0x17d0 elxstor - ok
10:23:36.0236 0x17d0 [ 0C4E6831E24989C70FDC487AB8857568, 8611F0C0CC73DBF5FB1C233C2E2B1DA1E385D75C365DAD1872814627C9F3F0CF ] epfwwfpr C:\Windows\system32\DRIVERS\epfwwfpr.sys
10:23:36.0258 0x17d0 epfwwfpr - ok
10:23:36.0263 0x17d0 [ 9002EED07FD7FCFF6B8C5C06B454AC19, 0FCEF7D930316FF267841009DF83F29A7D9CD6ED710128F493EC15EC99D9ACD6 ] ErrDev C:\Windows\system32\drivers\errdev.sys
10:23:36.0281 0x17d0 ErrDev - ok
10:23:36.0297 0x17d0 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
10:23:36.0357 0x17d0 EventSystem - ok
10:23:36.0376 0x17d0 [ 7E45F8B117419ABA3BB26579F6E70324, 03FE86519860153E1BE571F10ACC9BA58FFB5A661C5C3EBDF3B77973BCD96C84 ] exfat C:\Windows\system32\drivers\exfat.sys
10:23:36.0451 0x17d0 exfat - ok
10:23:36.0465 0x17d0 [ 6EDFA237D25433C03F42FBFDB16BDD24, A30F89A40F7AFC475D3C2D3591FB9AFC06AE3FEBC915FDCB24ED77946FBA4E2C ] fastfat C:\Windows\system32\drivers\fastfat.sys
10:23:36.0487 0x17d0 fastfat - ok
10:23:36.0517 0x17d0 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
10:23:36.0575 0x17d0 Fax - ok
10:23:36.0583 0x17d0 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
10:23:36.0638 0x17d0 fdc - ok
10:23:36.0649 0x17d0 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
10:23:36.0712 0x17d0 fdPHost - ok
10:23:36.0715 0x17d0 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
10:23:36.0753 0x17d0 FDResPub - ok
10:23:36.0756 0x17d0 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
10:23:36.0783 0x17d0 FileInfo - ok
10:23:36.0786 0x17d0 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
10:23:36.0852 0x17d0 Filetrace - ok
10:23:36.0858 0x17d0 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
10:23:36.0914 0x17d0 flpydisk - ok
10:23:36.0930 0x17d0 [ DC591A7A196E99EFB5A48D708CB989FD, 1C34C0A4AEEE977D290EF5E79C3B13B1F1F18E051F49815013D360F62458D82A ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
10:23:36.0962 0x17d0 FltMgr - ok
10:23:37.0004 0x17d0 [ 785F474FB5E67E448E1931C98E8D0ABC, 911697D580CBF508A6F4A52D4F95A6976CF9A0EC3549076A8D0B5C8BD947C989 ] FontCache C:\Windows\system32\FntCache.dll
10:23:37.0092 0x17d0 FontCache - ok
10:23:37.0170 0x17d0 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:23:37.0205 0x17d0 FontCache3.0.0.0 - ok
10:23:37.0212 0x17d0 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
10:23:37.0234 0x17d0 FsDepends - ok
10:23:37.0239 0x17d0 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
10:23:37.0304 0x17d0 Fs_Rec - ok
10:23:37.0322 0x17d0 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
10:23:37.0338 0x17d0 fvevol - ok
10:23:37.0344 0x17d0 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
10:23:37.0352 0x17d0 gagp30kx - ok
10:23:37.0383 0x17d0 [ E4AE497857409127ED57562AF913A903, 262ADD713B1FBF6200550967D1F8635B55D01BBD8FA2E753536E71A4EC87867B ] gpsvc C:\Windows\System32\gpsvc.dll
10:23:37.0479 0x17d0 gpsvc - ok
10:23:37.0506 0x17d0 [ B9893A68032A6D9ADDB5B98287C630F7, F0280764D7B31F1EA634E91397229B1C064A7C1B3A77A6BBD123CEA74180789F ] grmnusb C:\Windows\system32\drivers\grmnusb.sys
10:23:37.0532 0x17d0 grmnusb - ok
10:23:37.0562 0x17d0 [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:23:37.0575 0x17d0 gupdate - ok
10:23:37.0581 0x17d0 [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:23:37.0594 0x17d0 gupdatem - ok
10:23:37.0602 0x17d0 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
10:23:37.0674 0x17d0 hcw85cir - ok
10:23:37.0726 0x17d0 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:23:37.0836 0x17d0 HdAudAddService - ok
10:23:37.0886 0x17d0 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
10:23:38.0014 0x17d0 HDAudBus - ok
10:23:38.0017 0x17d0 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
10:23:38.0098 0x17d0 HidBatt - ok
10:23:38.0107 0x17d0 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
10:23:38.0202 0x17d0 HidBth - ok
10:23:38.0216 0x17d0 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
10:23:38.0302 0x17d0 HidIr - ok
10:23:38.0319 0x17d0 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
10:23:38.0418 0x17d0 hidserv - ok
10:23:38.0433 0x17d0 [ 6F5E5CC271EB0C17688D892A3D4B83F6, 4CFF9821099DCD377AC4E2EC45BAB7007C144DCF72F260AC841D0211E212792F ] HidUsb C:\Windows\system32\drivers\hidusb.sys
10:23:38.0510 0x17d0 HidUsb - ok
10:23:38.0523 0x17d0 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
10:23:38.0579 0x17d0 hkmsvc - ok
10:23:38.0586 0x17d0 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:23:38.0683 0x17d0 HomeGroupListener - ok
10:23:38.0717 0x17d0 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:23:38.0789 0x17d0 HomeGroupProvider - ok
10:23:38.0798 0x17d0 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
10:23:38.0809 0x17d0 HpSAMD - ok
10:23:38.0824 0x17d0 [ 93C367EA831FB39DEE3BA96539A187FB, 8B912152CA8B89B4429278F93163481BAA07E2D940EE61CE1B7AD178AB13E105 ] HTTP C:\Windows\system32\drivers\HTTP.sys
10:23:38.0993 0x17d0 HTTP - ok
10:23:38.0998 0x17d0 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
10:23:39.0049 0x17d0 hwpolicy - ok
10:23:39.0069 0x17d0 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
10:23:39.0107 0x17d0 i8042prt - ok
10:23:39.0118 0x17d0 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
10:23:39.0154 0x17d0 iaStorV - ok
10:23:39.0179 0x17d0 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:23:39.0205 0x17d0 idsvc - ok
10:23:39.0208 0x17d0 IEEtwCollectorService - ok
10:23:39.0217 0x17d0 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
10:23:39.0239 0x17d0 iirsp - ok
10:23:39.0270 0x17d0 [ 25AF7D5C819F19D7C97F4A9607F2609A, 70142B97F1087E20758AFECF5A7AB2EC1FDBBF68019A3BEC6C49F168650FEFC8 ] IKEEXT C:\Windows\System32\ikeext.dll
10:23:39.0397 0x17d0 IKEEXT - ok
10:23:39.0616 0x17d0 [ 602788BF364D43E5878AA1B4F85C232B, 589B983C708B6B8A32760D00F21CB2C3331C3E439ECF8D2464FF77C1D9760D72 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
10:23:39.0969 0x17d0 IntcAzAudAddService - ok
10:23:40.0072 0x17d0 [ 7C76466F4E0F76CE259C6005D161E9E8, 19F3CCC3A86B68DB70B7608F9ED33746518F5B2450E5BAF9581127CE7A9AA5D2 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
10:23:40.0149 0x17d0 Intel(R) Capability Licensing Service Interface - ok
10:23:40.0152 0x17d0 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\DRIVERS\intelide.sys
10:23:40.0160 0x17d0 intelide - ok
10:23:40.0169 0x17d0 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
10:23:40.0211 0x17d0 intelppm - ok
10:23:40.0272 0x17d0 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
10:23:40.0342 0x17d0 IPBusEnum - ok
10:23:40.0425 0x17d0 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:23:40.0524 0x17d0 IpFilterDriver - ok
10:23:40.0583 0x17d0 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
10:23:40.0713 0x17d0 iphlpsvc - ok
10:23:40.0722 0x17d0 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
10:23:40.0735 0x17d0 IPMIDRV - ok
10:23:40.0740 0x17d0 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
10:23:40.0784 0x17d0 IPNAT - ok
10:23:40.0807 0x17d0 [ 0C249FD26DABF07C3D55AEC2AADE1E84, 22835E267B7780FDAE1072440C94F04B1AE9584B6CED0AB83FD9BE702F95AC78 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
10:23:40.0840 0x17d0 iPod Service - ok
10:23:40.0848 0x17d0 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
10:23:40.0880 0x17d0 IRENUM - ok
10:23:40.0883 0x17d0 [ 905E9D664F38B93B53FA05422165F5B5, 5B0D8869C73836378C234FAA407DE047F5F638D3E872B246A1AC74BE44BBD7DD ] isapnp C:\Windows\system32\drivers\isapnp.sys
10:23:40.0894 0x17d0 isapnp - ok
10:23:40.0912 0x17d0 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
10:23:40.0937 0x17d0 iScsiPrt - ok
10:23:40.0944 0x17d0 [ 6BCEF45131C8B8E1C558BE540B190B3C, DFFED7FD9DCC15808184E65065DE6138FE010AC01217E5016B2D20A5B89AC570 ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys
10:23:40.0963 0x17d0 iusb3hcs - ok
10:23:40.0976 0x17d0 [ F080EADA8715F811B58BD35BB774F2F9, 06D5A70CBA89561A71B9CB64D7A298767F098395411A7022F414C7D0AC89A44D ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
10:23:41.0025 0x17d0 iusb3hub - ok
10:23:41.0042 0x17d0 [ 0F1756D9396740F053221FA6260FCE66, 0B722BF6BCF66BBD49DE0E92555742976AB33319CF504461A50181BF7A77E886 ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
10:23:41.0078 0x17d0 iusb3xhc - ok
10:23:41.0095 0x17d0 [ D22982C269775BCBDDA8A0F82A9ADE9E, 26C19369F5F2B42C37F23842C5795FECEF21BC290968AABC9984502F0FD921DF ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
10:23:41.0122 0x17d0 jhi_service - ok
10:23:41.0125 0x17d0 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
10:23:41.0144 0x17d0 kbdclass - ok
10:23:41.0178 0x17d0 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
10:23:41.0197 0x17d0 kbdhid - ok
10:23:41.0204 0x17d0 [ 9C6259B513678AA94709EBD898F601E5, C06452B2E096756A79DD6C6308CAB2223A6AD7F1181E1B2B43A22BFEE6E1AC6B ] KeyIso C:\Windows\system32\lsass.exe
10:23:41.0286 0x17d0 KeyIso - ok
10:23:41.0292 0x17d0 [ 35A07DE6C80DF576287755CFEB549C0D, 86155FE25C4CEB6B6D00F5F6BF34E700C6649135CF7BCF5A0FD42242E98161D3 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
10:23:41.0323 0x17d0 KSecDD - ok
10:23:41.0344 0x17d0 [ 4A970CBF1586A54191E4E5F99332437E, 67EEDDDD62AFF66C9449BA3F4CD0C4FE89C8C20E639D5293896DA02AA3C1B7BD ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
10:23:41.0373 0x17d0 KSecPkg - ok
10:23:41.0379 0x17d0 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
10:23:41.0431 0x17d0 ksthunk - ok
10:23:41.0440 0x17d0 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
10:23:41.0531 0x17d0 KtmRm - ok
10:23:41.0592 0x17d0 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
10:23:41.0711 0x17d0 LanmanServer - ok
10:23:41.0732 0x17d0 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:23:41.0836 0x17d0 LanmanWorkstation - ok
10:23:41.0872 0x17d0 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
10:23:42.0016 0x17d0 lltdio - ok
10:23:42.0037 0x17d0 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
10:23:42.0145 0x17d0 lltdsvc - ok
10:23:42.0148 0x17d0 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
10:23:42.0218 0x17d0 lmhosts - ok
10:23:42.0231 0x17d0 [ 5C08357C65F658E29B5DDC2EF18D575C, 80802787D7CD07BFB4F2EEE463837FB0CBB3626A2D5451B32794DB66A3CC3D98 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
10:23:42.0256 0x17d0 LMS - ok
10:23:42.0289 0x17d0 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
10:23:42.0310 0x17d0 LSI_FC - ok
10:23:42.0326 0x17d0 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
10:23:42.0342 0x17d0 LSI_SAS - ok
10:23:42.0357 0x17d0 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
10:23:42.0409 0x17d0 LSI_SAS2 - ok
10:23:42.0425 0x17d0 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
10:23:42.0479 0x17d0 LSI_SCSI - ok
10:23:42.0484 0x17d0 [ 5416CEB2916BBE635288C4D1075B045E, BEFF99052206C0D774CFFF14AC3305C397726B289B17666C2AD2706C261F2FF0 ] luafv C:\Windows\system32\drivers\luafv.sys
10:23:42.0524 0x17d0 luafv - ok
10:23:42.0686 0x17d0 [ 734B435E1693386213EEFD4D17A70DEB, EC6288CB37BD420DA071E800FBEF25BCCF22F2A40F98DB22F1C86D87157EF1AA ] MBAMService C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
10:23:42.0980 0x17d0 MBAMService - ok
10:23:43.0002 0x17d0 [ B047B9CE5A0D800E6D713B43D0405221, 9A560D6D313476F478629CFCED3DB92F3818EF9CE5E226124D02CB496549D9E1 ] MBAMSwissArmy C:\Windows\system32\Drivers\mbamswissarmy.sys
10:23:43.0064 0x17d0 MBAMSwissArmy - ok
10:23:43.0096 0x17d0 [ 8FF2D95CBA49B405C5DE27039FF0BF35, 03BF7FC7F1C2C76EDB583BA342EA1C325DB8058517744EF2A78529D3938F4DC1 ] MBfilt C:\Windows\system32\drivers\MBfilt64.sys
10:23:43.0126 0x17d0 MBfilt - ok
10:23:43.0168 0x17d0 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
10:23:43.0205 0x17d0 Mcx2Svc - ok
10:23:43.0221 0x17d0 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
10:23:43.0243 0x17d0 megasas - ok
10:23:43.0259 0x17d0 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
10:23:43.0303 0x17d0 MegaSR - ok
10:23:43.0309 0x17d0 [ 6B01B7414A105B9E51652089A03027CF, 9B113DC22F7D0D0B376E577C6D7083F9EDC09BBFE47726393E16D4FDAAAE21FE ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
10:23:43.0331 0x17d0 MEIx64 - ok
10:23:43.0359 0x17d0 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
10:23:43.0398 0x17d0 MMCSS - ok
10:23:43.0400 0x17d0 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
10:23:43.0432 0x17d0 Modem - ok
10:23:43.0448 0x17d0 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
10:23:43.0494 0x17d0 monitor - ok
10:23:43.0498 0x17d0 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\drivers\mouclass.sys
10:23:43.0511 0x17d0 mouclass - ok
10:23:43.0515 0x17d0 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
10:23:43.0551 0x17d0 mouhid - ok
10:23:43.0555 0x17d0 [ 072D8646E23ECF8A3F5F0157017B4DB6, EBFB1459ECC5AF94C94FB49CEBC724542612680F0777E24B5AA6E062C0EE5D94 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
10:23:43.0575 0x17d0 mountmgr - ok
10:23:43.0590 0x17d0 [ D8EC957D7CC9C917B8E850D725C2F7E1, 65FA09EF5355CD93B8B31B1EFE202DC26E3FAAE5DAB12AF87B89F374EEB27E87 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
10:23:43.0603 0x17d0 MozillaMaintenance - ok
10:23:43.0610 0x17d0 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\DRIVERS\mpio.sys
10:23:43.0631 0x17d0 mpio - ok
10:23:43.0637 0x17d0 [ 6D9BB8B53394B62540A3971FCE2BE8DB, C1942B2F3C6A4282FE39FCE5DCF46FA446D4F086F2F9ABDED9A4163A83A253B8 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
10:23:43.0680 0x17d0 mpsdrv - ok
10:23:43.0696 0x17d0 [ 92B4079384B8BE97AEE3CA8B43E0AAEB, 0AB87851F91274DDB19E21052E1D66FF76BA031D39A716EB4242BC5C0AC4ADB7 ] MpsSvc C:\Windows\system32\mpssvc.dll
10:23:43.0745 0x17d0 MpsSvc - ok
10:23:43.0754 0x17d0 [ 98DB1790F0A584E0A2528B92B052417F, 9AA04CA73AFE599810CD233B9CEC212E16D44DCEDF5C7D0181C7257F498068B5 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
10:23:43.0798 0x17d0 MRxDAV - ok
10:23:43.0803 0x17d0 [ F3732465ECFF4565A4225F4928CC2BBD, 4F3902A48ED46D668D4A894D3A8E80663773891A6214662CEA6691A49039E287 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
10:23:43.0834 0x17d0 mrxsmb - ok
10:23:43.0852 0x17d0 [ BADEA940A0A900D1FB9C387283BF49EA, 3CD7759DC6FCA03385F7ACBD398AEB1A9C98B3DA9E08B9CBBC68531C9FB95160 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:23:43.0896 0x17d0 mrxsmb10 - ok
10:23:43.0908 0x17d0 [ 7157B09CD9E34BB39DCA2E410410CF14, 69FA4777A4F917AFC8297AB8EBAE0061395705E64DD4F7FD85EB88D3E5B444CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:23:43.0942 0x17d0 mrxsmb20 - ok
10:23:43.0945 0x17d0 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
10:23:43.0953 0x17d0 msahci - ok
10:23:43.0961 0x17d0 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
10:23:43.0978 0x17d0 msdsm - ok
10:23:44.0021 0x17d0 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
10:23:44.0072 0x17d0 MSDTC - ok
10:23:44.0076 0x17d0 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
10:23:44.0137 0x17d0 Msfs - ok
10:23:44.0150 0x17d0 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
10:23:44.0221 0x17d0 mshidkmdf - ok
10:23:44.0235 0x17d0 MSICDSetup - ok
10:23:44.0243 0x17d0 [ 6FE3DBEEA730A857CA3DF603B7DEADA2, CFB2F88799BD8D4D6B435C88B0B12D6E3EE83428B8EBE4C9DAACE25F03E7EABB ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
10:23:44.0264 0x17d0 msisadrv - ok
10:23:44.0294 0x17d0 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
10:23:44.0438 0x17d0 MSiSCSI - ok
10:23:44.0441 0x17d0 msiserver - ok
10:23:44.0460 0x17d0 [ C72ADF8436182E12B1B7E04390CE4C5B, 6C5E926983A0781E642E1A5F4B8DA5F41DAFB7423FC6005AC638F10E54CFCC10 ] MSI_SuperCharger C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
10:23:44.0469 0x17d0 MSI_SuperCharger - ok
10:23:44.0475 0x17d0 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
10:23:44.0563 0x17d0 MSKSSRV - ok
10:23:44.0580 0x17d0 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
10:23:44.0612 0x17d0 MSPCLOCK - ok
10:23:44.0617 0x17d0 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
10:23:44.0715 0x17d0 MSPQM - ok
10:23:44.0727 0x17d0 [ 94275393BB85D1E2B74BFEFEC386B4A0, D1E8B2AFB5B0E0B4670887F15A4EDFF88B1C91AF052B2C687590AF05AC560C18 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
10:23:44.0812 0x17d0 MsRPC - ok
10:23:44.0828 0x17d0 [ 1FC0BF25FFCB9F751BCBC6C6AC577078, D48313C4A3E711F3E2AFEC87E3C78B9230A96438CEC92857F8B454E2D1602E84 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
10:23:44.0837 0x17d0 mssmbios - ok
10:23:44.0840 0x17d0 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
10:23:44.0879 0x17d0 MSTEE - ok
10:23:44.0887 0x17d0 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
10:23:44.0920 0x17d0 MTConfig - ok
10:23:44.0938 0x17d0 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
10:23:44.0978 0x17d0 Mup - ok
10:23:45.0008 0x17d0 [ 1C3A1CC35EB79FCD591B17E94358310B, 56C87EFEBC370565CC0144B0DEC56355E751F935A6EBFB080323269ABEC526A8 ] MxService C:\Program Files (x86)\Maxthon5\Bin\MxService.exe
10:23:45.0035 0x17d0 MxService - ok
10:23:45.0059 0x17d0 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
10:23:45.0135 0x17d0 napagent - ok
10:23:45.0148 0x17d0 [ 9FB2A095B1166CB3C9A06651863B3452, 808105C59C2D28C390FDE0CA48690A5CD052DE3D7F7327864EB45F80187D5BE9 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
10:23:45.0171 0x17d0 NativeWifiP - ok
10:23:45.0190 0x17d0 [ 261F27367EB6EA6478B940811F0A6F03, C5924B8B00E93DA9B8B1DBAA05A4D53BB1720C2FFA9B3EDA63CB20A64F59808B ] NDIS C:\Windows\system32\drivers\ndis.sys
10:23:45.0236 0x17d0 NDIS - ok
10:23:45.0242 0x17d0 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
10:23:45.0264 0x17d0 NdisCap - ok
10:23:45.0267 0x17d0 [ 3F217F77899654833B650ED6A1372BE4, BB351A685D8F05E8066716F7346D28F950FB263D6C4F6957D908EA602FFF0681 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
10:23:45.0276 0x17d0 NdisTapi - ok
10:23:45.0281 0x17d0 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
10:23:45.0320 0x17d0 Ndisuio - ok
10:23:45.0328 0x17d0 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
10:23:45.0364 0x17d0 NdisWan - ok
10:23:45.0367 0x17d0 [ E46AF308E96F7730F59B0F250A884CD6, F5D00B950AAE1F38E295385C934FDC6C24608E65A8357317AE889947A2FE2BDC ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
10:23:45.0376 0x17d0 NDProxy - ok
10:23:45.0379 0x17d0 [ 2E19EB10185992AB08BC3688AACA4CE2, D9E3A5CFE8887B7F66239000116723FAA119107870A6FB65FD6F108CE5C9D9EB ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
10:23:45.0390 0x17d0 NetBIOS - ok
10:23:45.0397 0x17d0 [ 734837208CAFD6E0959A7A0333C95C9D, 0B7CD6E3CE43ABE021DBE6516492E326265EC0273F2F4297187CE70602CB8CE1 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
10:23:45.0440 0x17d0 NetBT - ok
10:23:45.0446 0x17d0 [ 9C6259B513678AA94709EBD898F601E5, C06452B2E096756A79DD6C6308CAB2223A6AD7F1181E1B2B43A22BFEE6E1AC6B ] Netlogon C:\Windows\system32\lsass.exe
10:23:45.0464 0x17d0 Netlogon - ok
10:23:45.0474 0x17d0 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
10:23:45.0522 0x17d0 Netman - ok
10:23:45.0529 0x17d0 [ 51CD641EFF20C9FFBA2C0F72C269795E, ADA16CBCF4C915EDE7BB57C5B6562077918380C55D9E967B87421A24BD43DDE7 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:23:45.0565 0x17d0 NetMsmqActivator - ok
10:23:45.0572 0x17d0 [ 51CD641EFF20C9FFBA2C0F72C269795E, ADA16CBCF4C915EDE7BB57C5B6562077918380C55D9E967B87421A24BD43DDE7 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:23:45.0605 0x17d0 NetPipeActivator - ok
10:23:45.0619 0x17d0 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
10:23:45.0662 0x17d0 netprofm - ok
10:23:45.0670 0x17d0 [ 51CD641EFF20C9FFBA2C0F72C269795E, ADA16CBCF4C915EDE7BB57C5B6562077918380C55D9E967B87421A24BD43DDE7 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:23:45.0717 0x17d0 NetTcpActivator - ok
10:23:45.0724 0x17d0 [ 51CD641EFF20C9FFBA2C0F72C269795E, ADA16CBCF4C915EDE7BB57C5B6562077918380C55D9E967B87421A24BD43DDE7 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:23:45.0736 0x17d0 NetTcpPortSharing - ok
10:23:45.0756 0x17d0 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
10:23:45.0777 0x17d0 nfrd960 - ok
10:23:45.0791 0x17d0 [ 93DEDBE8E24F31962755E6AA4AC2D7B0, 368B3F48F230514F496CE24339EC8943A87A6BB9815912AE192B73837AB3E3B7 ] NlaSvc C:\Windows\System32\nlasvc.dll
10:23:45.0850 0x17d0 NlaSvc - ok
10:23:45.0868 0x17d0 [ 0095F470CB01930D0790561E3259589A, 43CED20D20DDC4DB041F46A0C812E302B2D5D20B754F57D33D3384F778FABF35 ] NovaPdf9Server C:\Program Files\Softland\novaPDF 9\Server\novapdfs.exe
10:23:45.0880 0x17d0 NovaPdf9Server - ok
10:23:45.0888 0x17d0 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
10:23:45.0928 0x17d0 Npfs - ok
10:23:45.0935 0x17d0 [ 668B9EFF5CCA4542F435D2CD9CE3C778, 7409EF35D1DC0DE2BAB752694981FFA1F1855C7F11310366B80BD1EC3513262E ] nsi C:\Windows\system32\nsisvc.dll
10:23:45.0962 0x17d0 nsi - ok
10:23:45.0988 0x17d0 [ BE313E566EEA2A4B7F9AAC9782A567D4, 377C624737B1A4FBC1DFF988F029B8ED9A368827C33A4FEEBA1B7937A87C2B47 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
10:23:46.0026 0x17d0 nsiproxy - ok
10:23:46.0057 0x17d0 [ A97B92D11270695B15C3663BCCB737D3, 3C5AF4C85A3121359C9E8BB66CC10ECDA48766C765E1D83D107D5DF21BE24756 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
10:23:46.0149 0x17d0 Ntfs - ok
10:23:46.0160 0x17d0 [ 3F39F013168428C8E505A7B9E6CBA8A2, 6F1FF29E2E710F6D064DC74E8E011331D807C32CC2A622CBE507FD4B4D43F8F4 ] NTIOLib_1_0_3 C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys
10:23:46.0181 0x17d0 NTIOLib_1_0_3 - ok
10:23:46.0184 0x17d0 NTIOLib_1_0_C - ok
10:23:46.0189 0x17d0 [ 317020D31F1696334679B9D0416EB62E, 7A12A86FAD9F3767B8578D5A79B7AE109E3FADC8FD876A8A326FCC70D83D4E7E ] NuidFltr C:\Windows\system32\DRIVERS\NuidFltr.sys
10:23:46.0217 0x17d0 NuidFltr - ok
10:23:46.0223 0x17d0 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
10:23:46.0265 0x17d0 Null - ok
10:23:46.0274 0x17d0 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
10:23:46.0303 0x17d0 nvraid - ok
10:23:46.0319 0x17d0 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
10:23:46.0376 0x17d0 nvstor - ok
10:23:46.0383 0x17d0 [ 7425A6B64F5D37D0565F2581B886E5E3, 877095624C4EAE13A5814117EEEF515842FFF77C9823DA83BC01FA6B8D9E8A6B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
10:23:46.0405 0x17d0 nv_agp - ok
10:23:46.0412 0x17d0 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
10:23:46.0477 0x17d0 ohci1394 - ok
10:23:46.0493 0x17d0 [ 7A56CF3E3F12E8AF599963B16F50FB6A, 882C82BAE96D263138D4C0D6C425458B770B7B9C8E9C1D28AC918BF6BE94A5C2 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:23:46.0509 0x17d0 ose - ok
10:23:46.0516 0x17d0 [ 58327B7E7C4E325C66B7C4A5220CE5F4, FF66411B23A195CA3C64F5409F2E2C6F88CB01034A4C9DDCA565DE0E144ABC13 ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:23:46.0537 0x17d0 ose64 - ok
10:23:46.0650 0x17d0 [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
10:23:46.0789 0x17d0 osppsvc - ok
10:23:46.0805 0x17d0 [ 64FB16C5849444F0CFD403C83D9579A1, CDF3730453C9D469140F88BAC41181DD8AA2C7B2432961826E2379F2535F5293 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
10:23:46.0868 0x17d0 p2pimsvc - ok
10:23:46.0910 0x17d0 [ 79DB2B358BF0B152F15D1C5A525233BD, 374D9E8D7FBBC3EB14BDC651378120FCB075A36404F1E76A3F291F89CD5C3362 ] p2psvc C:\Windows\system32\p2psvc.dll
10:23:46.0997 0x17d0 p2psvc - ok
10:23:47.0018 0x17d0 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
10:23:47.0122 0x17d0 Parport - ok
10:23:47.0128 0x17d0 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
10:23:47.0173 0x17d0 partmgr - ok
10:23:47.0180 0x17d0 [ 3CD83692C43D87088E85E3C916146FFB, 9E812535E8FBA045FDA30F68E9EB2031132C37721D542A2DC9D4C33E2B137FCF ] PcaSvc C:\Windows\System32\pcasvc.dll
10:23:47.0227 0x17d0 PcaSvc - ok
10:23:47.0235 0x17d0 [ 481DADB90C1D4E9F19328079C7A9E63D, DA8946D89F0D59F2A17512B9029EB17B2909CF99B70CF4BA7258012E95008ABD ] pci C:\Windows\system32\drivers\pci.sys
10:23:47.0259 0x17d0 pci - ok
10:23:47.0269 0x17d0 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\DRIVERS\pciide.sys
10:23:47.0365 0x17d0 pciide - ok
10:23:47.0371 0x17d0 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
10:23:47.0405 0x17d0 pcmcia - ok
10:23:47.0473 0x17d0 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
10:23:47.0495 0x17d0 pcw - ok
10:23:47.0510 0x17d0 [ EA4D67448BE493D543F1730D6CD04694, 24717C5E41B7CA522F3330EF2228B6685E710A5259396E9887A1C1E7A413F8CA ] PEAUTH C:\Windows\system32\drivers\peauth.sys
10:23:47.0559 0x17d0 PEAUTH - ok
10:23:47.0612 0x17d0 [ C59E17D5E30972ECA28A72004795AEA7, 24CE4698F578BB6BE51101BA083C5E4A6A1AA449439C125BA3E5793E54260525 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
10:23:47.0697 0x17d0 PeerDistSvc - ok
10:23:47.0834 0x17d0 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
10:23:47.0928 0x17d0 PerfHost - ok
10:23:48.0008 0x17d0 [ BC5F8C5C7ACCD0B884FCB8B67616F537, 5C99E9D7E7095CED52B1F5F4A569E54F124602C573DD2B25731E0D57FDA22A27 ] pla C:\Windows\system32\pla.dll
10:23:48.0174 0x17d0 pla - ok
10:23:48.0202 0x17d0 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
10:23:48.0287 0x17d0 PlugPlay - ok
10:23:48.0306 0x17d0 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
10:23:48.0375 0x17d0 PNRPAutoReg - ok
10:23:48.0387 0x17d0 [ 64FB16C5849444F0CFD403C83D9579A1, CDF3730453C9D469140F88BAC41181DD8AA2C7B2432961826E2379F2535F5293 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
10:23:48.0475 0x17d0 PNRPsvc - ok
10:23:48.0542 0x17d0 [ 4F0878FD62D5F7444C5F1C4C66D9D293, B381217D6202C06EE992EBDE061FA20376FF71F698022D0A80168CCD1059453C ] Point64 C:\Windows\system32\DRIVERS\point64.sys
10:23:48.0572 0x17d0 Point64 - ok
10:23:48.0638 0x17d0 [ 80D6B0563ED2BF10656B1D4748331082, B7E6B5E1148B7EE537E8D5C3A65450876B61CD45A395267D08699746E98AD574 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
10:23:48.0781 0x17d0 PolicyAgent - ok
10:23:48.0808 0x17d0 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
10:23:48.0906 0x17d0 Power - ok
10:23:48.0934 0x17d0 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
10:23:48.0996 0x17d0 PptpMiniport - ok
10:23:49.0017 0x17d0 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
10:23:49.0077 0x17d0 Processor - ok
10:23:49.0085 0x17d0 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
10:23:49.0141 0x17d0 ProfSvc - ok
10:23:49.0157 0x17d0 [ 9C6259B513678AA94709EBD898F601E5, C06452B2E096756A79DD6C6308CAB2223A6AD7F1181E1B2B43A22BFEE6E1AC6B ] ProtectedStorage C:\Windows\system32\lsass.exe
10:23:49.0253 0x17d0 ProtectedStorage - ok
10:23:49.0261 0x17d0 [ 4CE827A5433451551E99C2C1D20E4A43, B2E0806BB5C32A9126584941EE92526BFD45BB9EE18D7E598A2FFE7AAB495930 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
10:23:49.0376 0x17d0 Psched - ok
10:23:49.0475 0x17d0 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
10:23:49.0558 0x17d0 ql2300 - ok
10:23:49.0668 0x17d0 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
10:23:49.0693 0x17d0 ql40xx - ok
10:23:49.0737 0x17d0 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
10:23:49.0855 0x17d0 QWAVE - ok
10:23:49.0875 0x17d0 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
10:23:49.0990 0x17d0 QWAVEdrv - ok
10:23:49.0996 0x17d0 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
10:23:50.0066 0x17d0 RasAcd - ok
10:23:50.0087 0x17d0 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
10:23:50.0147 0x17d0 RasAgileVpn - ok
10:23:50.0172 0x17d0 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
10:23:50.0261 0x17d0 RasAuto - ok
10:23:50.0277 0x17d0 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
10:23:50.0442 0x17d0 Rasl2tp - ok
10:23:50.0495 0x17d0 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
10:23:50.0617 0x17d0 RasMan - ok
10:23:50.0624 0x17d0 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
10:23:50.0718 0x17d0 RasPppoe - ok
10:23:50.0743 0x17d0 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
10:23:50.0783 0x17d0 RasSstp - ok
10:23:50.0791 0x17d0 [ FB45727105E27756B3252572A138FA19, B11A375C7377C2DD02175921F5A3BBD23191207DE76DB220ACF72BD5CF74E09A ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
10:23:50.0875 0x17d0 rdbss - ok
10:23:50.0978 0x17d0 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
10:23:51.0013 0x17d0 rdpbus - ok
10:23:51.0019 0x17d0 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
10:23:51.0063 0x17d0 RDPCDD - ok
10:23:51.0083 0x17d0 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
10:23:51.0206 0x17d0 RDPDR - ok
10:23:51.0226 0x17d0 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
10:23:51.0435 0x17d0 RDPENCDD - ok
10:23:51.0439 0x17d0 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
10:23:51.0503 0x17d0 RDPREFMP - ok
10:23:51.0525 0x17d0 [ 4D3B50366F453BF1D17CB3DD72A024FF, 1D2F351CACBDF3C26586AE23BAAA6DADC99B664A81C213B8B54D17EBA5C308A3 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
10:23:51.0603 0x17d0 RdpVideoMiniport - ok
10:23:51.0609 0x17d0 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
10:23:51.0715 0x17d0 RDPWD - ok
10:23:51.0721 0x17d0 [ F4287A980C0AA41DE3073F053E5EA73C, 04A386884DE32C6813486FD2D8FD9B9B275758CE5354459D8862A60E7F134833 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
10:23:51.0732 0x17d0 rdyboost - ok
10:23:51.0736 0x17d0 [ 0301EEE83B03229F555C6F8025FB5540, 3ABBA482E59FF9FC831A0FEA75A8C937BAE5077108A0EB3F89205C72FEDC2CD9 ] RemoteAccess C:\Windows\System32\mprdim.dll
10:23:51.0888 0x17d0 RemoteAccess - ok
10:23:51.0894 0x17d0 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
10:23:51.0951 0x17d0 RemoteRegistry - ok
10:23:51.0956 0x17d0 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
10:23:52.0007 0x17d0 RFCOMM - ok
10:23:52.0024 0x17d0 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
10:23:52.0084 0x17d0 RpcEptMapper - ok
10:23:52.0120 0x17d0 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
10:23:52.0478 0x17d0 RpcLocator - ok
10:23:52.0499 0x17d0 [ BA6C9EE518A11DA4AD061B223EBED3D3, 0FDDEF3FFB375712567212BD7D31DA91AB97F8CE0D468C5FC6D4918CDF204B5A ] RpcSs C:\Windows\system32\rpcss.dll
10:23:52.0623 0x17d0 RpcSs - ok
10:23:52.0630 0x17d0 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
10:23:53.0051 0x17d0 rspndr - ok
10:23:53.0075 0x17d0 [ 6CF9DB101A75360E98659F823852E540, A7D48DF41A831EEF9978B51786EF80DB9CC40602BE66D46CA11BE1548BC2D10C ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
10:23:53.0145 0x17d0 RTL8167 - ok
10:23:53.0150 0x17d0 [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\DRIVERS\vms3cap.sys
10:23:53.0316 0x17d0 s3cap - ok
10:23:53.0373 0x17d0 [ 9C6259B513678AA94709EBD898F601E5, C06452B2E096756A79DD6C6308CAB2223A6AD7F1181E1B2B43A22BFEE6E1AC6B ] SamSs C:\Windows\system32\lsass.exe
10:23:53.0405 0x17d0 SamSs - ok
10:23:53.0413 0x17d0 [ EA9C5A00B1FCD8CC60245BD66B5120CE, 20699B583D3C60138D3FFFE5DD45F394A67820464928AC001BF8C1ED2DE66331 ] SamsungRapidDiskFltr C:\Windows\system32\DRIVERS\SamsungRapidDiskFltr.sys
10:23:53.0522 0x17d0 SamsungRapidDiskFltr - ok
10:23:53.0527 0x17d0 [ 966D55C3EBE86897C2ADFC680A2F954A, FEFAADC4FEA30E228013CA67BD4B19C72985ABDE0A258330942B2BCE47E8D510 ] SamsungRapidFSFltr C:\Windows\system32\DRIVERS\SamsungRapidFSFltr.sys
10:23:53.0564 0x17d0 SamsungRapidFSFltr - ok
10:23:53.0582 0x17d0 [ 534E728704E465B09F94548A54E9E38C, C613B69CBB41D932FF96C01E3B0E73F7FB021D31C62D63F939D4DA92945EC8CA ] SamsungRapidSvc C:\Windows\system32\RAPID\SamsungRapidSvc.exe
10:23:53.0630 0x17d0 SamsungRapidSvc - ok
10:23:53.0634 0x17d0 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
10:23:53.0643 0x17d0 sbp2port - ok
10:23:53.0650 0x17d0 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
10:23:53.0992 0x17d0 SCardSvr - ok
10:23:54.0005 0x17d0 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
10:23:54.0224 0x17d0 scfilter - ok
10:23:54.0244 0x17d0 [ E5A1E7B40B5086E643705B2D85A139C4, 0B298C16689C8AA475396C9BEAF1032A156A0D7986931337D47FE3AF72228026 ] Schedule C:\Windows\system32\schedsvc.dll
10:23:54.0333 0x17d0 Schedule - ok
10:23:54.0365 0x17d0 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
10:23:54.0569 0x17d0 SCPolicySvc - ok
10:23:54.0575 0x17d0 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
10:23:54.0619 0x17d0 SDRSVC - ok
10:23:54.0646 0x17d0 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
10:23:54.0703 0x17d0 secdrv - ok
10:23:54.0709 0x17d0 [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon C:\Windows\system32\seclogon.dll
10:23:55.0167 0x17d0 seclogon - ok
10:23:55.0170 0x17d0 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
10:23:55.0249 0x17d0 SENS - ok
10:23:55.0253 0x17d0 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
10:23:55.0265 0x17d0 SensrSvc - ok
10:23:55.0267 0x17d0 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
10:23:55.0278 0x17d0 Serenum - ok
10:23:55.0282 0x17d0 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
10:23:55.0291 0x17d0 Serial - ok
10:23:55.0294 0x17d0 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
10:23:55.0302 0x17d0 sermouse - ok
10:23:55.0318 0x17d0 [ FE578072CB584B65E8160AB4CE9141DC, 89DC63178C467868DC2373D4C8DB10A7E94CC1002B5C99ACA2844AA5BD0F1366 ] Service KMSELDI C:\Program Files\KMSpico\Service_KMS.exe
10:23:55.0375 0x17d0 Service KMSELDI - detected UnsignedFile.Multi.Generic ( 1 )
10:23:55.0768 0x17d0 Service KMSELDI ( UnsignedFile.Multi.Generic ) - warning
10:23:56.0266 0x17d0 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
10:23:56.0464 0x17d0 SessionEnv - ok
10:23:56.0503 0x17d0 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
10:23:56.0553 0x17d0 sffdisk - ok
10:23:56.0555 0x17d0 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
10:23:56.0697 0x17d0 sffp_mmc - ok
10:23:56.0699 0x17d0 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
10:23:56.0803 0x17d0 sffp_sd - ok
10:23:56.0806 0x17d0 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
10:23:56.0940 0x17d0 sfloppy - ok
10:23:56.0948 0x17d0 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
10:23:57.0046 0x17d0 SharedAccess - ok
10:23:57.0087 0x17d0 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:23:57.0259 0x17d0 ShellHWDetection - ok
10:23:57.0262 0x17d0 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
10:23:57.0269 0x17d0 SiSRaid2 - ok
10:23:57.0272 0x17d0 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
10:23:57.0280 0x17d0 SiSRaid4 - ok
10:23:57.0284 0x17d0 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
10:23:57.0307 0x17d0 Smb - ok
10:23:57.0311 0x17d0 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
10:23:57.0320 0x17d0 SNMPTRAP - ok
10:23:57.0323 0x17d0 [ 12583AF6CBE0050651EAF2723B3AD7B3, 965D4F981B54669A96C5AB02D09BF0A9850D13862425B8981F1A9271350F28BB ] speedfan C:\Windows\syswow64\speedfan.sys
10:23:57.0330 0x17d0 speedfan - ok
10:23:57.0333 0x17d0 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
10:23:57.0339 0x17d0 spldr - ok
10:23:57.0351 0x17d0 [ 8003D39B386EDCCFB08DC21AACC0683A, 99D6A4DBE810335A69AE3053DC4B6AAC267639AD7F9C568431FA0714F6E71F30 ] Spooler C:\Windows\System32\spoolsv.exe
10:23:57.0371 0x17d0 Spooler - ok
10:23:57.0432 0x17d0 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
10:23:57.0577 0x17d0 sppsvc - ok
10:23:57.0594 0x17d0 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
10:23:57.0660 0x17d0 sppuinotify - ok
10:23:57.0682 0x17d0 [ 8980499A526581794A20B12E2E264661, 76C9AF4D95137F1258ACE45C1E254386F21A7900006FB151C8718875C8CA688B ] srv C:\Windows\system32\DRIVERS\srv.sys
10:23:57.0738 0x17d0 srv - ok
10:23:57.0766 0x17d0 [ 9B90A439B97EBBD2A9ABEFFBBC1EEC71, F40C5285205A2D50F1D5F4FCD5D3990597BD39B38AD82D439BC2D51D5BB6F666 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
10:23:57.0910 0x17d0 srv2 - ok
10:23:57.0997 0x17d0 [ 9E30361776E07AD940791927A0FC9B3A, 1B8FBC780BEEA1DB23861584C44F0EB55CC6B3817AF714020EBA675E38DF98B5 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
10:23:58.0336 0x17d0 srvnet - ok
10:23:58.0447 0x17d0 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
10:23:58.0765 0x17d0 SSDPSRV - ok
10:23:58.0768 0x17d0 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
10:23:58.0912 0x17d0 SstpSvc - ok
10:23:58.0918 0x17d0 [ 592FF34A2FD6C6351B8A3AA76B2C0A9E, 152B7472DE531AC45492F562DD470B2CE33F1EEF13BC78F26046AE5ABF54E32F ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
10:23:58.0945 0x17d0 ssudmdm - ok
10:23:58.0948 0x17d0 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
10:23:58.0955 0x17d0 stexstor - ok
10:23:58.0970 0x17d0 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
10:23:59.0053 0x17d0 stisvc - ok
10:23:59.0062 0x17d0 [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\DRIVERS\vmstorfl.sys
10:23:59.0084 0x17d0 storflt - ok
10:23:59.0088 0x17d0 [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\DRIVERS\storvsc.sys
10:23:59.0103 0x17d0 storvsc - ok
10:23:59.0116 0x17d0 [ 10DCD3BDFA785E1482EC02304A7E9B96, DBD348388F5B17F2620A9D40D1191A51BA6CDAF15E37503630D859FB144486A1 ] swenum C:\Windows\system32\drivers\swenum.sys
10:23:59.0143 0x17d0 swenum - ok
10:23:59.0156 0x17d0 [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
10:23:59.0318 0x17d0 SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 )
10:23:59.0824 0x17d0 Detect skipped due to KSN trusted
10:23:59.0824 0x17d0 SwitchBoard - ok
10:23:59.0841 0x17d0 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
10:23:59.0966 0x17d0 swprv - ok
10:24:00.0027 0x17d0 [ C3A39C4079305480972D29C44B868C78, 8F1BB75C743256F905EAEDE744B6082C53774C49126875FB4E4FBA30F5478B17 ] Synth3dVsc C:\Windows\system32\drivers\synth3dvsc.sys
10:24:00.0038 0x17d0 Synth3dVsc - ok
10:24:00.0070 0x17d0 [ 15CF7B24AA64FE958CAEA00274838B1C, 820F7CF1CCD036A1871D728C1CC80D9E9BB5E3BD5D9C7BC822B1711D8DB79707 ] SysMain C:\Windows\system32\sysmain.dll
10:24:00.0230 0x17d0 SysMain - ok
10:24:00.0248 0x17d0 [ AD359C53941A6AC57FB935E7E9F1D16E, 6D53065ECE8E928CC045E16B7618D866C121EBA6C6CBDADC97C2B0DC8D8CF9FC ] TabletInputService C:\Windows\System32\TabSvc.dll
10:24:00.0463 0x17d0 TabletInputService - ok
10:24:00.0466 0x17d0 [ 5B4A09AB34D0205C616C4D247AD29F57, B1DBDD5E2149114E1DCC56DAB00876AAE1FBFC5D4063D3F5A59D8C66918EF693 ] tap-tb-0901 C:\Windows\system32\DRIVERS\tap-tb-0901.sys
10:24:00.0536 0x17d0 tap-tb-0901 - ok
10:24:00.0588 0x17d0 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
10:24:00.0663 0x17d0 TapiSrv - ok
10:24:00.0701 0x17d0 [ 8A54B9C4206FBAB2CEE3525CFD365241, 009D2C45797D512F6B973BAE6FECA67C9BAE6B2C726A916D7168230ADDC769DC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
10:24:00.0807 0x17d0 Tcpip - ok
10:24:00.0845 0x17d0 [ 8A54B9C4206FBAB2CEE3525CFD365241, 009D2C45797D512F6B973BAE6FECA67C9BAE6B2C726A916D7168230ADDC769DC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
10:24:00.0891 0x17d0 TCPIP6 - ok
10:24:00.0897 0x17d0 [ 7FE5586314EE7D6AA8483264A089E5AF, 4E3EA68713A45C22F1B9A1AA125E15D06D0C5E637B815537431ADFB6D7563879 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
10:24:00.0993 0x17d0 tcpipreg - ok
10:24:00.0996 0x17d0 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
10:24:01.0006 0x17d0 TDPIPE - ok
10:24:01.0009 0x17d0 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
10:24:01.0017 0x17d0 TDTCP - ok
10:24:01.0021 0x17d0 [ 4DD986720F7CB7A8A5D1226793097B9A, 9020375B45E9C966BF44CF425C127D7E0EC82EB99C7047F225C25402FF97743D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
10:24:01.0035 0x17d0 tdx - ok
10:24:01.0039 0x17d0 [ AC24D7A7D9EEDE11E2926F9001BEAFB5, 04F8FEC125B70A292DF4748925064CBDDF6D8FFF596ACD1EB063425E22505472 ] TermDD C:\Windows\system32\drivers\termdd.sys
10:24:01.0061 0x17d0 TermDD - ok
10:24:01.0067 0x17d0 [ 2B5BDFF688EC9871D7EC5837833374E9, BD6C629FA2938987ABF95B790B20F0B7D4D023D5013E575F343A802D6213074E ] terminpt C:\Windows\system32\DRIVERS\terminpt.sys
10:24:01.0396 0x17d0 terminpt - ok
10:24:01.0421 0x17d0 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
10:24:01.0657 0x17d0 TermService - ok
10:24:01.0671 0x17d0 [ 45B3E14C535C9CC862A969511464B352, 721827BE7F3CC0ABEA243D6409E11621A6E88FCACC9D47AA9F69F87812CB418B ] Themes C:\Windows\system32\themeservice.dll
10:24:01.0845 0x17d0 Themes - detected UnsignedFile.Multi.Generic ( 1 )
10:24:03.0062 0x17d0 Themes ( UnsignedFile.Multi.Generic ) - warning
10:24:03.0939 0x17d0 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
10:24:04.0037 0x17d0 THREADORDER - ok
10:24:04.0043 0x17d0 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
10:24:04.0083 0x17d0 TrkWks - ok
10:24:04.0097 0x17d0 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:24:04.0127 0x17d0 TrustedInstaller - ok
10:24:04.0132 0x17d0 [ 2CF58216424757ED29605B4F18EC443C, 9D523FC075F7F41A17F60617670A976A8F2F2943444515DC3834720BDC37DFA0 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
10:24:04.0207 0x17d0 tssecsrv - ok
10:24:04.0227 0x17d0 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
10:24:04.0248 0x17d0 TsUsbFlt - ok
10:24:04.0253 0x17d0 [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD C:\Windows\system32\DRIVERS\TsUsbGD.sys
10:24:04.0287 0x17d0 TsUsbGD - ok
10:24:04.0294 0x17d0 [ E1748D04AE40118B62BC18AC86032192, A954B141D1B27272C771D14F3B40C7CC1F572DD72559F2C96182EFBE2B095FDE ] tsusbhub C:\Windows\system32\drivers\tsusbhub.sys
10:24:04.0393 0x17d0 tsusbhub - ok
10:24:04.0415 0x17d0 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
10:24:04.0449 0x17d0 tunnel - ok
10:24:04.0456 0x17d0 [ 18950545A427CB1A1D677A6A6F8CA0AA, 45E7B4DC2D7932CB07A4E6A324358125392762CD1B5C3D75207F96DC18FF38DF ] TunnelBearMaintenance C:\Program Files (x86)\TunnelBear\TunnelBear.Maintenance.exe
10:24:04.0478 0x17d0 TunnelBearMaintenance - ok
10:24:04.0483 0x17d0 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
10:24:04.0515 0x17d0 uagp35 - ok
10:24:04.0553 0x17d0 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
10:24:04.0758 0x17d0 udfs - ok
10:24:04.0764 0x17d0 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
10:24:04.0796 0x17d0 UI0Detect - ok
10:24:04.0800 0x17d0 [ B70E26A57F35ECA5199E6D6B9592A67C, 8ECCEEA69A69FBDC4AFEB2EC306FCEE6B569370F599D76F4CFDEAF77A0CD018C ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
10:24:04.0811 0x17d0 uliagpkx - ok
10:24:04.0815 0x17d0 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
10:24:04.0846 0x17d0 umbus - ok
10:24:04.0849 0x17d0 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
10:24:05.0018 0x17d0 UmPass - ok
10:24:05.0024 0x17d0 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
10:24:05.0121 0x17d0 UmRdpService - ok
10:24:05.0149 0x17d0 [ 0DFC9713D117B349E41A2A477448107A, 0C7B2162C2FA0BA46C2D3D9986CB542926C1802532E0785A49AC9B18284267AC ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
10:24:05.0238 0x17d0 UNS - ok
10:24:05.0248 0x17d0 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
10:24:05.0312 0x17d0 upnphost - ok
10:24:05.0325 0x17d0 [ 9E68E917FB4B5C983438969643F53BEF, 7148BF1E7AFAFA025A51AA9A26B90ED85328B41C7F7791CB3460D9CF53245985 ] usbccgp C:\Windows\system32\drivers\usbccgp.sys
10:24:05.0821 0x17d0 usbccgp - ok
10:24:05.0826 0x17d0 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
10:24:05.0976 0x17d0 usbcir - ok
10:24:05.0979 0x17d0 [ 3F9D3902CE931E2A28DD8452AE915B67, C8BF042DD84FB2E3AE7FCDBA65923611FCBDAFD6410E42A5E58F8995D99AE16C ] usbehci C:\Windows\system32\drivers\usbehci.sys
10:24:06.0020 0x17d0 usbehci - ok
10:24:06.0027 0x17d0 [ 86B65EEBC03B936DE8B26E5A18D98FA2, 2981CF5A0FB6B6FE0A38363EA4804DB743C45E3E6E72DC3A2260F583377717C8 ] usbhub C:\Windows\system32\drivers\usbhub.sys
10:24:06.0062 0x17d0 usbhub - ok
10:24:06.0079 0x17d0 [ 099C2931C6F73EB1B9E13C560F61B50D, 83B64A52173243526E380C8FA0D913C7B07C2AF1806ECC4EC0D0B5523A7CBFAA ] usbohci C:\Windows\system32\drivers\usbohci.sys
10:24:06.0115 0x17d0 usbohci - ok
10:24:06.0138 0x17d0 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
10:24:06.0207 0x17d0 usbprint - ok
10:24:06.0211 0x17d0 [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:24:06.0283 0x17d0 USBSTOR - ok
10:24:06.0287 0x17d0 [ 5D7651347C7D702F4A5DE53603DC024F, F55532D13AB2FF6D4B6058113AF2710AC5C87059C9000942CF517198BABCD6F5 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
10:24:06.0355 0x17d0 usbuhci - ok
10:24:06.0358 0x17d0 [ 7B28E2FBE75115660FAB31079C0A9F29, 81BB5A3E64B652A672A0782A88ABF6DDD729D38712D0706CE0FB9DE6D1EE1515 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
10:24:06.0415 0x17d0 usb_rndisx - ok
10:24:06.0419 0x17d0 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
10:24:06.0453 0x17d0 UxSms - ok
10:24:06.0456 0x17d0 [ 9C6259B513678AA94709EBD898F601E5, C06452B2E096756A79DD6C6308CAB2223A6AD7F1181E1B2B43A22BFEE6E1AC6B ] VaultSvc C:\Windows\system32\lsass.exe
10:24:06.0472 0x17d0 VaultSvc - ok
10:24:06.0475 0x17d0 [ 2CB7AEA800B614184238232FBA4430E1, 18F89E68241BE72A94AB3379141404BBE837FF5B303990DD44CF6238EE153566 ] VClone C:\Windows\system32\DRIVERS\VClone.sys
10:24:06.0539 0x17d0 VClone - ok
10:24:06.0548 0x17d0 [ 7BDCE021786C3DCCFD2C22EBF643EE36, 92842E529EBDE9A9A9408287182BF1ECD8737C1DA39AF20570528CBD37D43228 ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
10:24:06.0558 0x17d0 vdrvroot - ok
10:24:06.0569 0x17d0 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
10:24:06.0618 0x17d0 vds - ok
10:24:06.0622 0x17d0 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
10:24:06.0639 0x17d0 vga - ok
10:24:06.0642 0x17d0 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
10:24:06.0675 0x17d0 VgaSave - ok
10:24:06.0677 0x17d0 VGPU - ok
10:24:06.0683 0x17d0 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
10:24:06.0737 0x17d0 vhdmp - ok
10:24:06.0741 0x17d0 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\DRIVERS\viaide.sys
10:24:06.0765 0x17d0 viaide - ok
10:24:06.0780 0x17d0 [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\DRIVERS\vmbus.sys
10:24:06.0826 0x17d0 vmbus - ok
10:24:06.0829 0x17d0 [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\DRIVERS\VMBusHID.sys
10:24:06.0852 0x17d0 VMBusHID - ok
10:24:06.0858 0x17d0 [ 8EDE91FBAC7BF7605323C517C717A253, 8441DBE652E8922B888649FF8F37D5593FD8938E3AFFB69323184DE8E4A5EBDB ] volmgr C:\Windows\system32\drivers\volmgr.sys
10:24:06.0890 0x17d0 volmgr - ok
10:24:06.0904 0x17d0 [ 85C5468BC395819AE2A0C747334BA14C, 75EB4751F90F3347229442A5622539383CE0B1834EE7B995260D0D433BA2E25F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
10:24:06.0951 0x17d0 volmgrx - ok
10:24:06.0990 0x17d0 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
10:24:07.0035 0x17d0 volsnap - ok
10:24:07.0040 0x17d0 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
10:24:07.0050 0x17d0 vsmraid - ok
10:24:07.0084 0x17d0 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
10:24:07.0393 0x17d0 VSS - ok
10:24:07.0397 0x17d0 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
10:24:07.0463 0x17d0 vwifibus - ok
10:24:07.0472 0x17d0 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
10:24:07.0605 0x17d0 W32Time - ok
10:24:07.0609 0x17d0 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
10:24:07.0703 0x17d0 WacomPen - ok
10:24:07.0707 0x17d0 [ DC4CB3626E7423B9D83CF1B4857FDF15, 36BC894AC01A2A493D408F9F6B65064E901882F038A8A74CA4F21735D283E46F ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
10:24:07.0752 0x17d0 WANARP - ok
10:24:07.0755 0x17d0 [ DC4CB3626E7423B9D83CF1B4857FDF15, 36BC894AC01A2A493D408F9F6B65064E901882F038A8A74CA4F21735D283E46F ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
10:24:07.0866 0x17d0 Wanarpv6 - ok
10:24:07.0890 0x17d0 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
10:24:07.0963 0x17d0 WatAdminSvc - ok
10:24:07.0997 0x17d0 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
10:24:08.0126 0x17d0 wbengine - ok
10:24:08.0133 0x17d0 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
10:24:08.0232 0x17d0 WbioSrvc - ok
10:24:08.0241 0x17d0 [ 79E3903FD75A22386326B542F17A2563, 3CCCE0BCDE12240BE7E108A8C0A959A33C8462A0DE8510F28FA0107C4A9A1F05 ] wcncsvc C:\Windows\System32\wcncsvc.dll
10:24:08.0266 0x17d0 wcncsvc - ok
10:24:08.0269 0x17d0 [ 35050F01D00E7E72A2449EB6F9ABF8B4, CF45943E14D2418E83CF4DC836D3AFE4ED61186B6B9DA25EF745DC6FBB07FAC5 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:24:08.0316 0x17d0 WcsPlugInService - ok
10:24:08.0324 0x17d0 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
10:24:08.0332 0x17d0 Wd - ok
10:24:08.0348 0x17d0 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
10:24:08.0419 0x17d0 Wdf01000 - ok
10:24:08.0427 0x17d0 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
10:24:08.0490 0x17d0 WdiServiceHost - ok
10:24:08.0495 0x17d0 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
10:24:08.0532 0x17d0 WdiSystemHost - ok
10:24:08.0538 0x17d0 [ 9955F303C20C4F58DB6645C6248DE1C8, 1A04B5C0EF2FE0CDBA054104727C54A02072B829BEAF4F3E4D16E581B50593F1 ] wdm_usb C:\Windows\system32\DRIVERS\usb2ser.sys
10:24:08.0560 0x17d0 wdm_usb - ok
10:24:08.0568 0x17d0 [ EE841B6D1F2B9508D3ABAE52AC05A94F, F1AE981FCDBFC4672A4EABABD41382E93762EFC2EDAD96E75530E7ACA5AF1FD8 ] WebClient C:\Windows\System32\webclnt.dll
10:24:08.0649 0x17d0 WebClient - ok
10:24:08.0669 0x17d0 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
10:24:08.0888 0x17d0 Wecsvc - ok
10:24:08.0893 0x17d0 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
10:24:08.0978 0x17d0 wercplsupport - ok
10:24:08.0982 0x17d0 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
10:24:09.0100 0x17d0 WerSvc - ok
10:24:09.0103 0x17d0 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
10:24:09.0155 0x17d0 WfpLwf - ok
10:24:09.0158 0x17d0 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
10:24:09.0165 0x17d0 WIMMount - ok
10:24:09.0169 0x17d0 WinDefend - ok
10:24:09.0173 0x17d0 WinHttpAutoProxySvc - ok
10:24:09.0182 0x17d0 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
10:24:09.0230 0x17d0 Winmgmt - ok
10:24:09.0284 0x17d0 [ EBDA1B0F15CB9B2CBCC6C94824E4E054, C51314F7D611E4903DA00EFA8EB99365414436324D256083CE0B5A8E055E8E06 ] WinRM C:\Windows\system32\WsmSvc.dll
10:24:09.0438 0x17d0 WinRM - ok
10:24:09.0445 0x17d0 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
10:24:09.0543 0x17d0 WinUsb - ok
10:24:09.0560 0x17d0 [ 4B7912EB80820EAC543EE54806EFCAF0, 4D9186F9FE80F03C85C4DC73342EE5870DF1021BD29974BE33557CEA0D524667 ] Wlansvc C:\Windows\System32\wlansvc.dll
10:24:09.0624 0x17d0 Wlansvc - ok
10:24:09.0627 0x17d0 [ 43471A750D4F3918AC92F5131AE252D3, E843AA1555262F521B924BBB1505474757E1BB9540FCCF93BC0BE2059F497C87 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
10:24:09.0636 0x17d0 WmiAcpi - ok
10:24:09.0643 0x17d0 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
10:24:09.0657 0x17d0 wmiApSrv - ok
10:24:09.0659 0x17d0 WMPNetworkSvc - ok
10:24:09.0662 0x17d0 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
10:24:09.0672 0x17d0 WPCSvc - ok
10:24:09.0676 0x17d0 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
10:24:09.0694 0x17d0 WPDBusEnum - ok
10:24:09.0698 0x17d0 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
10:24:09.0721 0x17d0 ws2ifsl - ok
10:24:09.0732 0x17d0 [ 483AB8EFFAA0A38A93C2E2A754BB511C, 54B0B837A38C4AC7543910D25C65A97DD08EF7637AD627F50795D81267A84E0E ] WsAppService C:\Program Files (x86)\Wondershare\WAF\2.4.3.225\WsAppService.exe
10:24:09.0794 0x17d0 WsAppService - ok
10:24:09.0799 0x17d0 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
10:24:09.0921 0x17d0 wscsvc - ok
10:24:09.0932 0x17d0 [ 073AB8D67473D80BBF4D8416F309BFA2, 06B133E8CF28A2F7AE8021B4594F125AAC35324891AE5DAD34C5567B88F31734 ] WsDrvInst C:\Program Files (x86)\Wondershare\Dr.Fone per iOS\Library\DriverInstaller\DriverInstall.exe
10:24:09.0946 0x17d0 WsDrvInst - ok
10:24:09.0949 0x17d0 WSearch - ok
10:24:10.0000 0x17d0 [ 88009DB9E1166B6B6713A858C176FECD, CBF4C63D3C5D14AF3C3F0D9C48E5AC9E7A4323BFB0363E9948FD801963BE1467 ] wuauserv C:\Windows\system32\wuaueng.dll
10:24:10.0162 0x17d0 wuauserv - ok
10:24:10.0169 0x17d0 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
10:24:10.0181 0x17d0 WudfPf - ok
10:24:10.0186 0x17d0 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
10:24:10.0197 0x17d0 WUDFRd - ok
10:24:10.0201 0x17d0 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
10:24:10.0211 0x17d0 wudfsvc - ok
10:24:10.0218 0x17d0 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
10:24:10.0233 0x17d0 WwanSvc - ok
10:24:10.0240 0x17d0 ================ Scan global ===============================
10:24:10.0243 0x17d0 [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
10:24:10.0251 0x17d0 [ F530661B64BAEFEE65F6F4B1FA34C3E9, 7195718C3674AC937D8E414142DA5FFC8AAEADDFD7C79B6AAD4DBFA740C0EB07 ] C:\Windows\system32\winsrv.dll
10:24:10.0260 0x17d0 [ F530661B64BAEFEE65F6F4B1FA34C3E9, 7195718C3674AC937D8E414142DA5FFC8AAEADDFD7C79B6AAD4DBFA740C0EB07 ] C:\Windows\system32\winsrv.dll
10:24:10.0276 0x17d0 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
10:24:10.0299 0x17d0 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
10:24:10.0314 0x17d0 [ Global ] - ok
10:24:10.0314 0x17d0 ================ Scan MBR ==================================
10:24:10.0315 0x17d0 [ B1F7D7F6E4FBE98E578562A22A94D02C ] \Device\Harddisk0\DR0
10:24:11.0364 0x17d0 \Device\Harddisk0\DR0 - ok
10:24:11.0366 0x17d0 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
10:24:11.0806 0x17d0 \Device\Harddisk1\DR1 - ok
10:24:12.0912 0x17d0 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
10:24:19.0219 0x17d0 \Device\Harddisk2\DR2 - ok
10:24:19.0233 0x17d0 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk3\DR3
10:24:19.0324 0x17d0 \Device\Harddisk3\DR3 - ok
10:24:19.0324 0x17d0 ================ Scan VBR ==================================
10:24:19.0328 0x17d0 [ 40176D67C6C4EF7C7092B09D0DC7910A ] \Device\Harddisk0\DR0\Partition1
10:24:19.0329 0x17d0 \Device\Harddisk0\DR0\Partition1 - ok
10:24:19.0331 0x17d0 [ 57CE08F8B69477A5C23B8203B70F2E59 ] \Device\Harddisk1\DR1\Partition1
10:24:19.0332 0x17d0 \Device\Harddisk1\DR1\Partition1 - ok
10:24:19.0333 0x17d0 [ 9D329B48565BC94DD60510D854C00F4E ] \Device\Harddisk2\DR2\Partition1
10:24:19.0334 0x17d0 \Device\Harddisk2\DR2\Partition1 - ok
10:24:19.0336 0x17d0 [ 52F140F549658F6ACFAFD7ECDF95DFB2 ] \Device\Harddisk2\DR2\Partition2
10:24:19.0337 0x17d0 \Device\Harddisk2\DR2\Partition2 - ok
10:24:19.0339 0x17d0 [ 8BB94A1E7958D4B441A544EB373BD8F3 ] \Device\Harddisk3\DR3\Partition1
10:24:19.0340 0x17d0 \Device\Harddisk3\DR3\Partition1 - ok
10:24:19.0340 0x17d0 ================ Scan generic autorun ======================
10:24:19.0526 0x17d0 [ 415FE9092A96B63C5248AF1EDAD0C03D, 0EFA80D0AF49D451A6718542BB7B72D5A4AE9DBCB0709E8EBBCED70DCB3C24C0 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
10:24:19.0906 0x17d0 RTHDVCPL - ok
10:24:19.0965 0x17d0 [ 5B72629C8144D1A96490D4C090D28DA1, 114891B9E7E05D2B86C8E3CD7B4096088491E338C3B1902F9352D40B47DD418C ] C:\Program Files\Microsoft IntelliPoint\ipoint.exe
10:24:20.0145 0x17d0 IntelliPoint - ok
10:24:20.0158 0x17d0 [ 5D66F8271803CD6FB22C0B8D3EE50F14, 2F883D3BC8B889A5E0C36FD0430F2A3AA7FF616AE5520227B142EE0F7CD5D829 ] C:\Program Files (x86)\FonePaw\FonePaw iPhone Data Recovery\AppService.exe
10:24:20.0184 0x17d0 FonePaw iPhone Data RecoveryAppService - ok
10:24:20.0227 0x17d0 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
10:24:20.0367 0x17d0 Sidebar - ok
10:24:20.0376 0x17d0 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
10:24:20.0457 0x17d0 mctadmin - ok
10:24:20.0497 0x17d0 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
10:24:20.0600 0x17d0 Sidebar - ok
10:24:20.0631 0x17d0 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
10:24:20.0672 0x17d0 mctadmin - ok
10:24:20.0706 0x17d0 [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
10:24:20.0829 0x17d0 Sidebar - ok
10:24:20.0866 0x17d0 [ 416D160CBBE0E819A2D2DFF149BC06E8, 68A6887F1F9880083F3321D460A58776B0F9D8CCA25C9275992A188F588BB311 ] C:\Users\Admin\AppData\Roaming\uTorrent\uTorrent.exe
10:24:20.0952 0x17d0 uTorrent - ok
10:24:20.0956 0x17d0 Skype for Desktop - ok
10:24:20.0972 0x17d0 [ DB26D7ACE93BCD74EA69C4A9611026CC, 66C0CB23C981CD2C9DC0BE84B6FA9B2FED5FDECAF177DB3274476F483C04A2C2 ] C:\Users\Admin\AppData\Roaming\Spotify\SpotifyWebHelper.exe
10:24:21.0035 0x17d0 Spotify Web Helper - ok
10:24:21.0036 0x17d0 Waiting for KSN requests completion. In queue: 10
10:24:22.0118 0x17d0 AV detected via SS2: ESET NOD32 Antivirus, C:\Program Files\ESET\ESET NOD32 Antivirus\ecmd.exe ( 10.0.399.0 ), 0x41000 ( enabled : updated )
10:24:22.0199 0x17d0 Win FW state via NFP2: enabled ( trusted )
10:24:22.0621 0x17d0 ============================================================
10:24:22.0621 0x17d0 Scan finished
10:24:22.0621 0x17d0 ============================================================
10:24:22.0626 0x04ec Detected object count: 2
10:24:22.0626 0x04ec Actual detected object count: 2
10:24:39.0135 0x04ec C:\Program Files\KMSpico\Service_KMS.exe - copied to quarantine
10:24:39.0170 0x04ec Service KMSELDI ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
10:24:39.0203 0x04ec C:\Windows\system32\themeservice.dll - copied to quarantine
10:24:39.0207 0x04ec Themes ( UnsignedFile.Multi.Generic ) - User select action: QuarantineROGUEKILLER:
Codice:
RogueKiller V12.12.9.0 (x64) [Mar 19 2018] (Gratuito) di Adlice Software
posta : http://www.adlice.com/contact/
Commenti : https://forum.adlice.com
Sito Web : http://www.adlice.com/download/roguekiller/
Discussione : http://www.adlice.com
Sistema Operativo : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Iniziato in : Modalità Normale
Utente : Admin [Amministratore]
Iniziato da : C:\Program Files\RogueKiller\RogueKiller64.exe
Modalità : Scansione -- Data : 03/19/2018 10:29:18 (Durata : 00:38:30)
¤¤¤ Processi : 2 ¤¤¤
[PUP.HackTool|VT.Detected] Service_KMS.exe(1720) -- C:\Program Files\KMSpico\Service_KMS.exe[-] -> Trovato
[PUP.HackTool|VT.Detected] (SVC) Service KMSELDI -- C:\Program Files\KMSpico\Service_KMS.exe[-] -> Trovato
¤¤¤ Registro : 14 ¤¤¤
[PUP.Conduit|PUP.Gen1] (X86) HKEY_LOCAL_MACHINE\Software\Conduit -> Trovato
[PUP.Conduit|PUP.Gen1] (X64) HKEY_USERS\S-1-5-21-3597441168-987042481-1615746943-1000\Software\Conduit -> Trovato
[PUP.Conduit|PUP.Gen1] (X86) HKEY_USERS\S-1-5-21-3597441168-987042481-1615746943-1000\Software\Conduit -> Trovato
[PUP.HackTool|VT.Detected] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Service KMSELDI (C:\Program Files\KMSpico\Service_KMS.exe) -> Trovato
[PUP.HackTool|VT.Detected] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Service KMSELDI (C:\Program Files\KMSpico\Service_KMS.exe) -> Trovato
[PUM.Proxy] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\NlaSvc\Parameters\Internet\ManualProxies | (default) : -> Trovato
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{B09000C0-9000-41AA-9996-DF4C4659CFEC} | DhcpNameServer : 172.18.12.1 ([]) -> Trovato
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{B09000C0-9000-41AA-9996-DF4C4659CFEC} | DhcpNameServer : 172.18.12.1 ([]) -> Trovato
[PUP.HackTool|VT.Detected] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {3C6C15B1-5428-44EA-91C2-66861F40932D} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files\KMSpico\AutoPico.exe|Name=KMS Emulator: AutoPico.exe| [-] -> Trovato
[PUP.HackTool|VT.Detected] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {2E19DAB7-B2BD-48E0-B4CD-2B8E09404BF0} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files\KMSpico\AutoPico.exe|Name=KMS Emulator: AutoPico.exe| [-] -> Trovato
[PUP.HackTool|VT.Detected] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {3C6C15B1-5428-44EA-91C2-66861F40932D} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files\KMSpico\AutoPico.exe|Name=KMS Emulator: AutoPico.exe| [-] -> Trovato
[PUP.HackTool|VT.Detected] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {2E19DAB7-B2BD-48E0-B4CD-2B8E09404BF0} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files\KMSpico\AutoPico.exe|Name=KMS Emulator: AutoPico.exe| [-] -> Trovato
[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Trovato
[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Trovato
¤¤¤ Attività : 1 ¤¤¤
[PUP.HackTool|VT.Detected] \AutoPico Daily Restart -- "C:\Program Files\KMSpico\AutoPico.exe" (/silent) -> Trovato
¤¤¤ Archivi : 16 ¤¤¤
[PUP.HackTool][Archivio] C:\Users\Admin\AppData\Roaming\asoftech\DataRecovery\data\temp.219\f66546744.lnk [LNK@] C:\PROGRA~1\KMSpico\UninsHs.exe /u0=KMSpico -> Trovato
[PUP.HackTool][Archivio] C:\Users\Admin\AppData\Roaming\asoftech\DataRecovery\data\temp.222\f66881648.lnk [LNK@] C:\PROGRA~1\KMSpico\KMSELDI.exe -> Trovato
[PUP.AutoIt.Gen][Archivio] C:\Users\Admin\AppData\Roaming\asoftech\DataRecovery\data\temp.54\f12503064_DX_Integrator_x64.exe -> Trovato
[PUP.uTorrentAds][Archivio] C:\Users\Admin\AppData\Roaming\uTorrent\updates\3.4.8_42501\utorrentie.exe -> Trovato
[PUP.uTorrentAds][Archivio] C:\Users\Admin\AppData\Roaming\uTorrent\updates\3.4.9_43085\utorrentie.exe -> Trovato
[PUP.uTorrentAds][Archivio] C:\Users\Admin\AppData\Roaming\uTorrent\updates\3.4.9_43295\utorrentie.exe -> Trovato
[PUP.uTorrentAds][Archivio] C:\Users\Admin\AppData\Roaming\uTorrent\updates\3.4.9_43388\utorrentie.exe -> Trovato
[PUP.uTorrentAds][Archivio] C:\Users\Admin\AppData\Roaming\uTorrent\updates\3.5.0_43580\utorrentie.exe -> Trovato
[PUP.uTorrentAds][Archivio] C:\Users\Admin\AppData\Roaming\uTorrent\updates\3.5.0_43804\utorrentie.exe -> Trovato
[PUP.uTorrentAds][Archivio] C:\Users\Admin\AppData\Roaming\uTorrent\updates\3.5.0_43916\utorrentie.exe -> Trovato
[PUP.uTorrentAds][Archivio] C:\Users\Admin\AppData\Roaming\uTorrent\updates\3.5.0_44090\utorrentie.exe -> Trovato
[PUP.uTorrentAds][Archivio] C:\Users\Admin\AppData\Roaming\uTorrent\updates\3.5.0_44294\utorrentie.exe -> Trovato
[PUP.uTorrentAds][Archivio] C:\Users\Admin\AppData\Roaming\uTorrent\updates\3.5.1_44332\utorrentie.exe -> Trovato
[PUP.uTorrentAds][Archivio] C:\Users\Admin\AppData\Roaming\uTorrent\updates\3.5.3_44358\utorrentie.exe -> Trovato
[PUP.HackTool][Cartella] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico -> Trovato
[PUP.HackTool][Cartella] C:\Program Files\KMSpico -> Trovato
¤¤¤ WMI : 0 ¤¤¤
¤¤¤ Archivio Hosts : 0 ¤¤¤
¤¤¤ Antirootkit : 0 (Driver: Caricato) ¤¤¤
¤¤¤ Web Browser : 0 ¤¤¤
¤¤¤ Controllo MBR : ¤¤¤
+++++ PhysicalDrive0: Samsung SSD 850 EVO 250GB ATA Device +++++
--- User ---
[MBR] 4cf603d72d4fa7086f53cc029e0de543
[BSP] ccf4a95b23996225c48399b1abf10593 : HP|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 238471 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK
+++++ PhysicalDrive1: ST2000DM001-1CH164 ATA Device +++++
--- User ---
[MBR] 4878f10ca46988f4884c6b9a67426dd2
[BSP] 8827486768fbdd3b3aa6214bb662139b : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 1907727 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK
+++++ PhysicalDrive2: STM3500418AS ATA Device +++++
--- User ---
[MBR] 38882d486ae247c85e962b63ba882f72
[BSP] 7a305f2b5eba6dbca4234d3345ce6400 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 63 | Size: 343946 MB [Windows XP Bootstrap | Windows XP Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 704402055 | Size: 132991 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK
+++++ PhysicalDrive3: Hitachi HDT721010SLA360 ATA Device +++++
--- User ---
[MBR] eb9ab6f6f8df588d68b649afccd41fd5
[BSP] c2a602ef5112c1eb66c3f8d75b67364c : Windows XP|VT.Unknown MBR Code
Partition table:
0 - [XXXXXX] EXTEN-LBA (0xf) [VISIBLE] Offset (sectors): 16070 | Size: 953851 MB
User = LL1 ... OK
User = LL2 ... OK
+++++ PhysicalDrive4: Generic STORAGE DEVICE USB Device +++++
Error reading User MBR! ([15] Dispositivo non pronto. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Richiesta non supportata. )ADDITION:
Codice:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14.03.2018
Ran by Admin (19-03-2018 11:12:36)
Running from C:\Users\Admin\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2016-08-19 22:12:40)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Admin (S-1-5-21-3597441168-987042481-1615746943-1000 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-3597441168-987042481-1615746943-500 - Administrator - Disabled)
Alessio (S-1-5-21-3597441168-987042481-1615746943-1001 - Administrator - Enabled) => C:\Users\Alessio
DNM (S-1-5-21-3597441168-987042481-1615746943-1002 - Administrator - Enabled) => C:\Users\DNM
Guest (S-1-5-21-3597441168-987042481-1615746943-501 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: ESET NOD32 Antivirus (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET NOD32 Antivirus (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-3597441168-987042481-1615746943-1000\...\uTorrent) (Version: 3.5.3.44358 - BitTorrent Inc.)
Adobe Acrobat Reader DC - Italiano (HKLM-x32\...\{AC76BA86-7AD7-1040-7B44-AC0F074E4100}) (Version: 18.011.20038 - Adobe Systems Incorporated)
Adobe Flash Player 29 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 29.0.0.113 - Adobe Systems Incorporated)
Adobe Flash Player 29 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 29.0.0.113 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{EEF3FF3A-ED17-260C-E6C8-5089D43BD3CE}) (Version: 3.0.868.0 - Advanced Micro Devices, Inc.)
Apple Mobile Device Support (HKLM\...\{BD6778C5-6FA5-492A-ADD6-E706339C2A7B}) (Version: 11.0.2.4 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{19589375-5C58-4AFA-842F-8B34744CCEAD}) (Version: 2.5.0.1 - Apple Inc.)
Avidemux 2.6 - 32 bits (32-bit) (HKLM-x32\...\Avidemux 2.6 - 32 bits) (Version: 2.6.18.170105 - )
AVS Screen Capture version 2.0.1 (HKLM-x32\...\AVS Screen Capture_is1) (Version: - Online Media Technologies Ltd.)
AVS Update Manager 1.0 (HKLM-x32\...\AVS Update Manager_is1) (Version: - Online Media Technologies Ltd.)
AVS Video Editor 6 (HKLM-x32\...\AVS Video Editor_is1) (Version: - Online Media Technologies Ltd.)
AVS Video Recorder 2.4 (HKLM-x32\...\AVS Video Recorder_is1) (Version: - Online Media Technologies Ltd.)
AVS4YOU Software Navigator 1.4 (HKLM-x32\...\AVS4YOU Software Navigator_is1) (Version: - Online Media Technologies Ltd.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.72.1082 - AB Team, d.o.o.)
cacheCopy version 2.0.1 (HKLM-x32\...\{BF8DC620-2B4F-487F-9982-497B1E08BE36}_is1) (Version: 2.0.1 - AMV Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.21 - Piriform)
Chromium (HKU\S-1-5-21-3597441168-987042481-1615746943-1000\...\Chromium) (Version: 52.0.2743.116 - Chromium)
Comodo Dragon (HKLM-x32\...\Comodo Dragon) (Version: 50.14.22.465 - Comodo)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.4.0.0195 - Disc Soft Ltd)
Degoo (HKLM-x32\...\{16461F2A-C0D6-43E0-9163-C0180F3D049A}) (Version: 1.0.2486 - Degoo Backup AB)
doPDF (HKLM\...\{84D0B3C2-9B4A-45A8-BC74-40402110BCC2}) (Version: 9.1.232 - Softland) Hidden
doPDF 9 (HKLM-x32\...\{6c42fbe7-5b71-4a8e-9da1-a59317dffa9a}) (Version: 9.1.232 - Softland)
doPDF 9 add-in for Microsoft Office (x64) (HKLM\...\{CA14C18F-8F65-4258-A1CF-ECFB17891B59}) (Version: 9.1.232 - Softland)
doPDF 9 add-in for Microsoft Office (x86) (HKLM-x32\...\{93476622-206D-4957-B751-1B9E7E5A9324}) (Version: 9.1.232 - Softland)
doPDF 9 Printer Driver (HKLM\...\{D3EF3B42-1314-43EE-86A8-0E33964335EC}) (Version: 9.1.232 - Softland)
dr.fone toolkit per iOS (Version 8.5.0) (HKLM-x32\...\{A26F8BBD-EC10-4bdc-8AD8-F146825A8A63}_is1) (Version: 8.5.0.54 - Wondershare Technology Co.,Ltd.)
eMule (HKLM-x32\...\eMule) (Version: - )
ESET NOD32 Antivirus (HKLM\...\{161FCA34-C07D-4B26-AD92-2A2862CA4F94}) (Version: 10.0.390.0 - ESET, spol. s r.o.)
FILEminimizer Pictures (HKLM-x32\...\FILEminimizer Pictures_is1) (Version: - balesio AG)
FonePaw 4.8.0 (HKLM-x32\...\{77B09C3A-839E-4ea7-81BA-E5864F6BF388}_is1) (Version: 4.8.0 - FonePaw)
FormatFactory 3.9.5.0 (HKLM-x32\...\FormatFactory) (Version: 3.9.5.0 - Free Time)
GIMP 2.8.18 (HKLM\...\GIMP-2_is1) (Version: 2.8.18 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 65.0.3325.162 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
iCloud (HKLM\...\{99868C9C-C141-4DDE-A2C7-9DDF00F68F17}) (Version: 7.2.0.67 - Apple Inc.)
iMyFone D-Back 6.2.0.4 (HKLM-x32\...\{071B9303-5881-4BC6-B9E9-2E2D22C015C1}_is1) (Version: 6.2.0.4 - Shenzhen iMyFone Technology Co., Ltd.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.1.1399 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.3.214 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{538B98C3-773F-4F20-9C66-802D104DCBE2}) (Version: 1.23.219.2 - Intel Corporation)
iTunes (HKLM\...\{FB376D34-1411-4D45-B1E9-B65C3BB2BCDE}) (Version: 12.7.2.60 - Apple Inc.)
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - )
LG AirDrive (HKLM-x32\...\{101E5DB3-07FA-4E52-8923-05068C94CF43}) (Version: 1.2.60617.11 - LG Electronics)
LG Bridge (HKLM-x32\...\LG Bridge) (Version: 1.2.28 - LG Electronics)
LG Mobile Drivers (HKLM-x32\...\{01DC2C23-5D76-4744-A771-2F454C5DD872}) (Version: 4.1.1 - LG Electronics)
Malwarebytes versione 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
Microsoft .NET Framework 4.7.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02558 - Microsoft Corporation)
Microsoft .NET Framework 4.7.1 (Italiano) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1040) (Version: 4.7.02558 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft Office FrontPage 2003 (HKLM-x32\...\{90170410-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.5614.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 59.0.1 (x64 en-US) (HKLM\...\Mozilla Firefox 59.0.1 (x64 en-US)) (Version: 59.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 59.0.1.6648 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MX5 (HKLM-x32\...\Maxthon5) (Version: 5.1.5.3000 - Maxthon International Limited)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.5.4 - Notepad++ Team)
Opera Stable 51.0.2830.55 (HKLM-x32\...\Opera 51.0.2830.55) (Version: 51.0.2830.55 - Opera Software)
Outils de vérification linguistique 2016 de Microsoft Office - Français (HKLM\...\{90160000-001F-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Passware Kit Professional 12.3 (HKLM-x32\...\{FFFF4FFA-3CC9-4EC1-845A-8B24027820E3}) (Version: 12.3.6332 - Passware)
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Pro Evolution Soccer 2018 (HKLM-x32\...\{9C9C432B-A926-42D1-B16D-6C566431AC59}_is1) (Version: - Konami)
RAPID Mode (HKLM\...\{34EF1328-6F71-4077-99AA-E44690F42043}) (Version: 1.0.1.81 - Samsung Electronics Co., Ltd.) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.50.1123.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6564 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.0.1 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.1 - VS Revo Group, Ltd.)
RogueKiller version 12.12.9.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12.12.9.0 - Adlice Software)
Samsung Data Migration (HKLM-x32\...\{D4DE3DB4-7734-47E5-8D92-B80146311406}) (Version: 2.7 - Samsung)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.5.1 - Samsung Electronics)
Skype versione 8.17 (HKLM-x32\...\Skype_is1) (Version: 8.17 - Skype Technologies S.A.)
Songr (HKU\S-1-5-21-3597441168-987042481-1615746943-1000\...\Songr) (Version: 2.1 - Xamasoft)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Spotify (HKU\S-1-5-21-3597441168-987042481-1615746943-1000\...\Spotify) (Version: 1.0.73.345.g6c9971ef - Spotify AB)
Strumenti di correzione di Microsoft Office 2016 - Italiano (HKLM\...\{90160000-001F-0410-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Super-Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.2.006 - MSI)
Supporto applicazioni Apple (32 bit) (HKLM-x32\...\{BC7C46A4-D7A7-48EC-A98C-32A7762B5EFA}) (Version: 6.2.1 - Apple Inc.)
Supporto applicazioni Apple (64 bit) (HKLM\...\{F0C4B709-8BF4-4A72-B527-12E7BF5482F8}) (Version: 6.2.1 - Apple Inc.)
Syncios 5.1.2 (HKLM-x32\...\Syncios) (Version: 5.1.2 - Anvsoft)
Syncios Data Recovery 1.2.2 (HKLM-x32\...\Syncios Data Recovery) (Version: 1.2.2 - Anvsoft)
Syncios Data Transfer 1.5.9 (HKLM-x32\...\{6C4BB520-3416-4D67-B7EA-A9FF6662345F}_is1) (Version: 1.5.9 - Anvsoft, Inc.)
Telegram Desktop version 1.2.6 (HKU\S-1-5-21-3597441168-987042481-1615746943-1000\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 1.2.6 - Telegram Messenger LLP)
TunnelBear (HKLM-x32\...\{5dbd322e-98b2-41c8-a2d9-d9f21423afa9}) (Version: 3.2.0.6 - TunnelBear)
TunnelBear (HKLM-x32\...\{EAF52E02-CC78-47F4-A304-F91FDB6A55D1}) (Version: 3.2.0.6 - TunnelBear) Hidden
Ulisess Seguridad 11.0.0 (HKLM-x32\...\Ulisess Seguridad_is1) (Version: - M.A.G.)
VdhCoApp 1.1.1 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Winki (HKLM-x32\...\{81CF5153-38CF-41e2-AC3C-3D477C987D96}_is1) (Version: 3.2.118 - MSI)
WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
Wondershare MobileTrans ( Version 7.4.6 ) (HKLM-x32\...\{18CDCEAA-A9E4-4A4C-AC0E-C15E87C30EA5}_is1) (Version: 7.4.6 - Wondershare)
Xara 3D Maker 7 (HKLM-x32\...\{19B9DAD6-5E6E-4B80-8EFE-314B5638D6D4}) (Version: 7.0.0.415 - Xara Group Ltd) Hidden
Xara 3D Maker 7 (HKLM-x32\...\MAGIX_MSI_Xara3D7) (Version: 7.0.0.415 - Xara Group Ltd)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3597441168-987042481-1615746943-1000_Classes\CLSID\{25815CC0-43F4-3C75-8C3A-A139D9ADE740}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2018-01-01] ()
ContextMenuHandlers1: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2018-03-17] (ESET)
ContextMenuHandlers1: [FormatFactoryShell] -> {A3777921-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx64_103.dll [2013-06-17] (Free Time)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2017-12-08] (Apple Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-12-02] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-12-02] (Alexander Roshal)
ContextMenuHandlers2: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2018-03-17] (ESET)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers4: [FormatFactoryShell] -> {A3777921-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx64_103.dll [2013-06-17] (Free Time)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2012-02-14] (Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2018-03-17] (ESET)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-12-02] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-12-02] (Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {00A4CACB-71F9-4318-9283-455C78F82E69} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_113_Plugin.exe [2018-03-13] (Adobe Systems Incorporated)
Task: {0A7629C2-1570-4E6E-881C-35D654520C14} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe [2014-09-28] (Samsung Electronics.)
Task: {239A55B1-6580-4144-AFB6-55BA3D116332} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_113_pepper.exe [2018-03-13] (Adobe Systems Incorporated)
Task: {2F59F619-D9BB-42AC-B7AA-D4F56A7B5A13} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-10-12] (Apple Inc.)
Task: {2FBDD666-368C-42E8-A0D5-A64CCD089D65} - System32\Tasks\doPDF 9 Update => C:\Program Files\Softland\novaPDF 9\Driver\UpdateApplication.exe [2018-02-19] ()
Task: {383DD276-0212-4B9E-8D9A-3F1103D86AA4} - System32\Tasks\Opera scheduled Autoupdate 1471688194 => C:\Program Files (x86)\Opera\launcher.exe [2018-03-08] (Opera Software)
Task: {4380C9C8-2227-45BE-A587-A5FF43626C16} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2015-11-30] (@ByELDI)
Task: {682C619F-624B-4195-91BC-06566278AA0A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {77646E3A-9BF4-48CE-AF8A-097198D6B79D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-08-05] (Piriform Ltd)
Task: {9EC08E15-011E-4A05-BB96-C3EEE2AE7796} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-20] (Google Inc.)
Task: {A10F3F74-FD5C-4ABD-9009-1A6F2504AE74} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-03-13] (Adobe Systems Incorporated)
Task: {B1DFD461-32B0-4FCF-9154-ADB3AC283925} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-20] (Google Inc.)
Task: {B2B3F9CF-28D6-4FDA-8E67-1605F30CD529} - System32\Tasks\ESET Windows 10 upgrade – Refresh settings => C:\Program Files\Common Files\AV\ESET NOD32 Antivirus 8.0\upgrade.exe [2018-02-28] (ESET)
Task: {B42F504B-06BF-4813-A47E-33846DCBE49E} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-07-31] (Microsoft Corporation)
Task: {C1050E9D-0669-4B33-A008-F71600ABE55C} - System32\Tasks\doPDF 9 Telemetry => C:\Program Files\Softland\novaPDF 9\Driver\GoogleAnalytics.exe [2018-02-19] ()
Task: {C73D5175-375F-487F-A01A-D80C814C48CF} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)
Task: {DC155500-554A-43F0-83BB-3FDA0B721134} - System32\Tasks\Maxthon5 Update => C:\Program Files (x86)\Maxthon5\Bin\Maxthon.exe [2018-01-20] (Maxthon International ltd.)
Task: {FA4BC910-C622-40F7-9BF1-CE77E1DBA46A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {FEED61C4-7E30-404A-9EE3-8CFC15DA5911} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Admin\Desktop\EM - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Default"
ShortcutWithArgument: C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\ff13ca23fee04978\Persona 1 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 5"
ShortcutWithArgument: C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9ecdc52eabeeeaf8\Chromium.lnk -> C:\Users\Admin\AppData\Local\Chromium\Application\chrome.exe (The Chromium Authors) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\371b6590bc8d800\Persona 1 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 6"
ShortcutWithArgument: C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\225bb61db2f318c1\Maya - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 3"
==================== Loaded Modules (Whitelisted) ==============
2017-12-08 01:48 - 2017-12-08 01:48 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-12-08 01:48 - 2017-12-08 01:48 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2018-02-19 14:56 - 2018-02-19 14:56 - 000143104 _____ () C:\Program Files\Softland\novaPDF 9\Server\AgileDotNetRT64.dll
2018-02-12 20:34 - 2018-02-12 20:34 - 000113024 _____ () C:\Program Files (x86)\TunnelBear\TunnelBear.Maintenance.exe
2018-01-28 12:22 - 2017-11-29 09:11 - 002301384 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-01-01 02:07 - 2018-01-01 02:07 - 000230064 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2016-11-18 11:28 - 2018-02-08 09:33 - 000085648 _____ () C:\Program Files (x86)\FonePaw\FonePaw iPhone Data Recovery\AppService.exe
2016-08-20 09:37 - 2016-08-04 10:14 - 002384384 _____ () C:\Users\Admin\AppData\Local\Chromium\Application\52.0.2743.116\libglesv2.dll
2016-08-20 09:37 - 2016-08-04 10:14 - 000092672 _____ () C:\Users\Admin\AppData\Local\Chromium\Application\52.0.2743.116\libegl.dll
2018-03-14 14:05 - 2018-03-13 01:39 - 004435288 _____ () C:\Program Files (x86)\Google\Chrome\Application\65.0.3325.162\libglesv2.dll
2018-03-14 14:05 - 2018-03-13 01:39 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\65.0.3325.162\libegl.dll
2018-02-12 20:33 - 2018-02-12 20:33 - 000161792 _____ () C:\Program Files (x86)\TunnelBear\TunnelBear.VigilantBear.Wrapper.dll
2018-01-09 13:29 - 2018-03-02 21:44 - 001782904 _____ () C:\Program Files (x86)\Microsoft\Skype for Desktop\ffmpeg.dll
2018-03-08 08:40 - 2018-03-02 21:44 - 000097224 _____ () \\?\C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar.unpacked\node_modules\keytar\build\Release\keytar.node
2016-11-18 11:28 - 2018-02-08 09:36 - 001024656 _____ () C:\Program Files (x86)\FonePaw\FonePaw iPhone Data Recovery\Framework.dll
2016-11-18 11:28 - 2018-02-08 09:46 - 000025232 _____ () C:\Program Files (x86)\FonePaw\FonePaw iPhone Data Recovery\Utility.dll
2016-11-18 11:28 - 2018-02-08 09:36 - 002764432 _____ () C:\Program Files (x86)\FonePaw\FonePaw iPhone Data Recovery\iosdevice.dll
2016-11-18 11:28 - 2018-02-08 09:47 - 000089232 _____ () C:\Program Files (x86)\FonePaw\FonePaw iPhone Data Recovery\zlib1.dll
2016-11-18 11:28 - 2018-02-08 09:42 - 000998544 _____ () C:\Program Files (x86)\FonePaw\FonePaw iPhone Data Recovery\libxml2.dll
2016-11-18 11:28 - 2018-02-08 09:45 - 000573480 _____ () C:\Program Files (x86)\FonePaw\FonePaw iPhone Data Recovery\SQLite3.dll
2018-01-09 13:29 - 2018-03-02 21:44 - 002559608 _____ () C:\Program Files (x86)\Microsoft\Skype for Desktop\libglesv2.dll
2018-01-09 13:29 - 2018-03-02 21:44 - 000031864 _____ () C:\Program Files (x86)\Microsoft\Skype for Desktop\libegl.dll
2018-03-08 08:40 - 2018-03-02 21:44 - 000216520 _____ () \\?\C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar.unpacked\node_modules\electron-ssid\build\Release\electron-ssid.node
2018-03-08 08:40 - 2018-03-02 21:44 - 000409544 _____ () \\?\C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar.unpacked\node_modules\@paulcbetts\spellchecker\build\Release\spellchecker.node
2018-03-08 08:40 - 2018-03-02 21:44 - 000138688 _____ () \\?\C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar.unpacked\node_modules\keyboard-layout\build\Release\keyboard-layout-manager.node
2018-03-08 08:40 - 2018-03-02 21:44 - 002188800 _____ () \\?\C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar.unpacked\node_modules\slimcore\bin\skypert.dll
2016-08-24 14:18 - 2014-09-28 16:59 - 000019872 _____ () C:\Program Files (x86)\Samsung\Samsung Magician\SAMSUNG_SSD.dll
2016-08-19 21:36 - 2012-01-20 04:23 - 001198872 ____R () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2018-03-12 21:15 - 2018-03-12 21:15 - 082989656 _____ () C:\Program Files (x86)\Opera\51.0.2830.55\opera_browser.dll
2018-03-12 21:15 - 2018-03-12 21:15 - 003733592 _____ () C:\Program Files (x86)\Opera\51.0.2830.55\libglesv2.dll
2018-03-12 21:15 - 2018-03-12 21:15 - 000086616 _____ () C:\Program Files (x86)\Opera\51.0.2830.55\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:890CC2F3 [123]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2018-03-19 10:18 - 000000827 _____ C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3597441168-987042481-1615746943-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 208.67.222.222 - 208.67.220.220
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 0) (EnableLUA: 0)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
MSCONFIG\Services: DragonUpdater => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\startupfolder: C:^Users^Admin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Degoo .lnk => C:\Windows\pss\Degoo .lnk.Startup
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeBridge =>
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: ApplePhotoStreams => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
MSCONFIG\startupreg: DAEMON Tools Lite Automount => "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
MSCONFIG\startupreg: FonePaw iPhone Data RecoveryAppService => C:\Program Files (x86)\FonePaw\FonePaw iPhone Data Recovery\AppService.exe
MSCONFIG\startupreg: iCloudServices => "C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: SamsungRapidApp => C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe
MSCONFIG\startupreg: Spotify => "C:\Users\Admin\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => C:\Users\Admin\AppData\Roaming\Spotify\SpotifyWebHelper.exe --autostart
MSCONFIG\startupreg: Syncios device service => C:\Program Files (x86)\Anvsoft\Syncios\SynciosDeviceService.exe
MSCONFIG\startupreg: TunnelBear => "C:\Program Files (x86)\TunnelBear\TunnelBear.UI.exe" -autoconnect
MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{EF4098FB-C4FB-44CF-8B31-308E5D63C21F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1317C16A-AECD-4A16-8416-AC083FA453B6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{293E8314-448D-45A0-9D62-F7F8489358D4}] => (Allow) C:\Users\Admin\AppData\Local\Chromium\Application\chrome.exe
FirewallRules: [{1F0AD4AB-D3E7-4453-99A9-F2FDB3F21016}] => (Allow) C:\Users\Admin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{045FB148-9E77-4D94-9355-07297672AD6C}] => (Allow) C:\Users\Admin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{68F4D4F8-238A-4BFF-8056-574EB2687F3C}] => (Allow) C:\Users\Admin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{63BD2271-4CDA-46E6-9318-86F48362DD4C}] => (Allow) C:\Users\Admin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{8CEBEDD2-9688-482E-A13D-548975DEA99C}] => (Allow) C:\Users\Admin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{CC989843-B9CD-4315-8E62-2178D723475B}] => (Allow) C:\Users\Admin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{CC205D80-0FCD-404A-8DB6-2D17A78A6721}] => (Allow) C:\Users\Admin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{FC541E06-FA05-49F4-BFAA-C9E2C0C58BA5}] => (Allow) C:\Users\Admin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{97D1D550-2204-4D94-A91A-A7EF48F4F0B0}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [{CF039D3F-33BB-47B7-8F1F-75C40D747B47}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{8062B671-8479-4B97-BE5A-0AAB8137F24B}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe
FirewallRules: [{7E7A5B57-8988-45D1-805E-1746EDEDB7A2}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe
FirewallRules: [{E7613BA4-8CDB-4F10-A976-F497EB436167}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe
FirewallRules: [{34B359BD-1EAC-40EE-9D00-1BB064A9BFA5}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe
FirewallRules: [{CF9E40A2-DC50-4367-A339-F463BEE3B567}] => (Block) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
FirewallRules: [{4671C6B3-DC89-471F-B549-73CC66D0A8EF}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [{BDF08E2C-F3C2-446B-B14A-18C84A7C2EE3}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{E815BFFE-F583-41F2-85B0-B2159778FFF3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{9EC468E7-6D88-402E-A14C-163800158FAD}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{F21DFE23-993B-4D07-A9A0-5FCC7F5380AA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{22E7DC80-FC90-4F7B-BCBB-292720CE8091}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{ED9C0485-5B46-48BC-9BED-10BBFBC54258}C:\users\admin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\admin\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{D0A902ED-FA51-4296-A12E-3CB5A497A165}C:\users\admin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\admin\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{8BD96996-2682-4929-8A58-F4AD7E74BB50}C:\program files (x86)\emule\emule.exe] => (Allow) C:\program files (x86)\emule\emule.exe
FirewallRules: [UDP Query User{96AF28DA-278D-4366-907D-9B46EAB6C3DC}C:\program files (x86)\emule\emule.exe] => (Allow) C:\program files (x86)\emule\emule.exe
FirewallRules: [TCP Query User{B9FB1021-767F-442F-80D9-3CD44CFC5F96}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{39812E25-73CF-4617-82F7-A2469A60325F}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [TCP Query User{ABB777AE-9579-4A1A-8174-72C260B15482}C:\program files (x86)\pro evolution soccer 2018\pes2018.exe] => (Block) C:\program files (x86)\pro evolution soccer 2018\pes2018.exe
FirewallRules: [UDP Query User{DF0391BD-1E62-4226-925D-B9EFAEC13AF9}C:\program files (x86)\pro evolution soccer 2018\pes2018.exe] => (Block) C:\program files (x86)\pro evolution soccer 2018\pes2018.exe
FirewallRules: [TCP Query User{EE986851-95FF-4401-A7FF-987DEF33D06D}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{C2210231-B30B-4CF9-A26B-709C14D4C3FD}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{B597EFB1-EF6E-484D-8F39-754AC1CBE9A7}] => (Block) %ProgramFiles% (x86)\iMyfone\iMyFone D-Back\D-Back.exe
FirewallRules: [{427D1266-BDEA-4EA3-928B-7547FE2A8308}] => (Allow) C:\Program Files (x86)\AnvSoft\Syncios Data Transfer\SynciosTransfer.exe
FirewallRules: [TCP Query User{0A88B66D-39E0-4490-A8E8-80927B40CD36}C:\users\admin\appdata\local\degoo\degoo.exe] => (Allow) C:\users\admin\appdata\local\degoo\degoo.exe
FirewallRules: [UDP Query User{1684EC9A-F9B9-4058-9801-CBD943AF7AB9}C:\users\admin\appdata\local\degoo\degoo.exe] => (Allow) C:\users\admin\appdata\local\degoo\degoo.exe
FirewallRules: [{48BC0062-3446-49D1-84D0-20285C5787D0}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
FirewallRules: [{898F3D5E-4C83-4FF3-A80D-F57B2F117EDC}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{1F4A3E80-DF2A-4F11-9329-9CC3051268D9}] => (Allow) C:\Program Files (x86)\Maxthon5\Bin\Maxthon.exe
FirewallRules: [{91EBBC4C-B36F-4ADF-A545-7FF76BC9AB4F}] => (Allow) C:\Program Files (x86)\Maxthon5\Bin\Maxthon.exe
FirewallRules: [{73C3ACAE-2EFE-464E-ACAA-FEE4C4714772}] => (Allow) LPort=8501
FirewallRules: [{AE054401-C057-4275-A213-3AE80E9CA776}] => (Allow) LPort=8501
FirewallRules: [{3C6C15B1-5428-44EA-91C2-66861F40932D}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{2E19DAB7-B2BD-48E0-B4CD-2B8E09404BF0}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{F50EBFAD-A0AD-4D2F-A349-820CD41438B3}] => (Allow) C:\Program Files (x86)\Opera\51.0.2830.40\opera.exe
FirewallRules: [{2442C4FB-FB60-4653-9043-A96714BF9CE3}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{4EAC993E-EA11-4191-B597-ABA0DDD8B05D}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{8B95690A-2874-43E7-8BA4-2D2D10169FBE}] => (Allow) C:\Program Files (x86)\Opera\51.0.2830.55\opera.exe
FirewallRules: [{0083A508-E769-49A0-A511-F6D757CEBD36}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Restore Points =========================
==================== Faulty Device Manager Devices =============
Name: TunnelBear Adapter V9
Description: TunnelBear Adapter V9
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TunnelBear Provider V9
Service: tap-tb-0901
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (03/18/2018 10:16:07 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Impossibile creare un punto di ripristino. Processo: C:\Windows\servicing\TrustedInstaller.exe, descrizione: Programma di installazione dei moduli di Windows, errore: 0x80070422.
Error: (03/18/2018 10:16:06 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Impossibile creare un punto di ripristino. Processo: C:\Windows\system32\svchost.exe -k netsvcs, descrizione: Windows Update, errore: 0x80070422.
Error: (03/18/2018 10:16:26 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Impossibile creare un punto di ripristino. Processo: C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation, descrizione: Punto di controllo pianificato, errore: 0x80070422.
Error: (03/18/2018 10:13:56 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Impossibile creare un punto di ripristino. Processo: C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation, descrizione: Punto di controllo pianificato, errore: 0x80070422.
Error: (03/17/2018 03:32:12 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Impossibile creare un punto di ripristino. Processo: C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation, descrizione: Punto di controllo pianificato, errore: 0x80070422.
Error: (03/17/2018 01:50:24 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Impossibile creare un punto di ripristino. Processo: C:\Windows\system32\msiexec.exe /V, descrizione: Installato ESET NOD32 Antivirus, errore: 0x80070422.
Error: (03/17/2018 01:50:23 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Impossibile creare un punto di ripristino. Processo: C:\Windows\system32\msiexec.exe /V, descrizione: Installato ESET NOD32 Antivirus, errore: 0x80070422.
Error: (03/17/2018 01:47:37 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Impossibile creare un punto di ripristino. Processo: C:\Program Files\VS Revo Group\Revo Uninstaller\RevoUnin.exe Files\VS Revo Group\Revo Uninstaller\RevoUnin.exe" , descrizione: Revo Uninstaller's restore point - ESET NOD32 Antivirus, errore: 0x80070422.
System errors:
=============
Error: (03/19/2018 10:19:39 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Servizio Wondershare Application Framework Service bloccato in partenza.
Error: (03/19/2018 10:17:26 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Servizio Wondershare Application Framework Service bloccato in partenza.
Error: (03/19/2018 10:16:02 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Precedente arresto del sistema inatteso a 10:15:20 su 19/03/2018.
Error: (03/18/2018 09:47:48 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Servizio Wondershare Application Framework Service bloccato in partenza.
Error: (03/17/2018 01:50:26 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Il servizio ESET Service è contrassegnato come interattivo. Il sistema non è configurato per consentire servizi interattivi. Questo servizio potrà non funzionare correttamente.
Error: (03/16/2018 01:36:12 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Servizio Wondershare Application Framework Service bloccato in partenza.
Error: (03/15/2018 01:48:03 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Servizio Wondershare Application Framework Service bloccato in partenza.
Error: (03/15/2018 01:42:54 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Servizio Wondershare Application Framework Service bloccato in partenza.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-3450 CPU @ 3.10GHz
Percentage of memory in use: 93%
Total physical RAM: 8146.22 MB
Available physical RAM: 558.57 MB
Total Virtual: 8833.02 MB
Available Virtual: 1320.22 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:232.88 GB) (Free:105.54 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive g: (Volume) (Fixed) (Total:335.89 GB) (Free:265.5 GB) NTFS
Drive h: (Volume) (Fixed) (Total:129.87 GB) (Free:20.75 GB) NTFS
Drive i: (Volume) (Fixed) (Total:931.5 GB) (Free:45.27 GB) NTFS
Drive l: (Volume) (Fixed) (Total:1863.01 GB) (Free:149.43 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: C58599FF)
Partition 1: (Active) - (Size=232.9 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 8449CE10)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 0A37F9FC)
Partition 1: (Not Active) - (Size=335.9 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=129.9 GB) - (Type=07 NTFS)
========================================================
Disk: 3 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: F9E8F9E8)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=0F Extended)
==================== End of Addition.txt ============================FRST:
Codice:
fScan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14.03.2018
Ran by Admin (administrator) on WINDOWS-PC (19-03-2018 11:12:11)
Running from C:\Users\Admin\Desktop
Loaded Profiles: Admin (Available Profiles: Admin & Alessio & DNM)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Italiano (Italia)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
(Microsoft) C:\Program Files\Softland\novaPDF 9\Server\novapdfs.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\RAPID\SamsungRapidSvc.exe
(@ByELDI) C:\Program Files\KMSpico\Service_KMS.exe
() C:\Program Files (x86)\TunnelBear\TunnelBear.Maintenance.exe
(Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.225\WsAppService.exe
(Wondershare) C:\Program Files (x86)\Wondershare\Dr.Fone per iOS\Library\DriverInstaller\DriverInstall.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Spotify Ltd) C:\Users\Admin\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
() C:\Program Files (x86)\FonePaw\FonePaw iPhone Data Recovery\AppService.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Samsung Electronics.) C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(The Chromium Authors) C:\Users\Admin\AppData\Local\Chromium\Application\chrome.exe
(The Chromium Authors) C:\Users\Admin\AppData\Local\Chromium\Application\chrome.exe
(The Chromium Authors) C:\Users\Admin\AppData\Local\Chromium\Application\chrome.exe
(The Chromium Authors) C:\Users\Admin\AppData\Local\Chromium\Application\chrome.exe
(The Chromium Authors) C:\Users\Admin\AppData\Local\Chromium\Application\chrome.exe
(Opera Software) C:\Program Files (x86)\Opera\51.0.2830.55\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\51.0.2830.55\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\51.0.2830.55\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\51.0.2830.55\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\51.0.2830.55\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\51.0.2830.55\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\51.0.2830.55\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\51.0.2830.55\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\51.0.2830.55\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\51.0.2830.55\opera.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(The Chromium Authors) C:\Users\Admin\AppData\Local\Chromium\Application\chrome.exe
(The Chromium Authors) C:\Users\Admin\AppData\Local\Chromium\Application\chrome.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6463592 2012-02-03] (Realtek Semiconductor)
HKLM\...\Run: [IntelliPoint] => C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)
HKLM-x32\...\Run: [FonePaw iPhone Data RecoveryAppService] => C:\Program Files (x86)\FonePaw\FonePaw iPhone Data Recovery\AppService.exe [85648 2018-02-08] ()
HKU\S-1-5-21-3597441168-987042481-1615746943-1000\...\Run: [uTorrent] => C:\Users\Admin\AppData\Roaming\uTorrent\uTorrent.exe [2148024 2018-02-27] (BitTorrent Inc.)
HKU\S-1-5-21-3597441168-987042481-1615746943-1000\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [50100160 2018-03-02] (Skype Technologies S.A.)
HKU\S-1-5-21-3597441168-987042481-1615746943-1000\...\Run: [Spotify Web Helper] => C:\Users\Admin\AppData\Roaming\Spotify\SpotifyWebHelper.exe [780688 2018-02-16] (Spotify Ltd)
HKU\S-1-5-21-3597441168-987042481-1615746943-1000\...\MountPoints2: {1deb8b77-66eb-11e6-b939-8c89a5dc4082} - J:\autorun.exe
HKU\S-1-5-21-3597441168-987042481-1615746943-1000\...\MountPoints2: {1deb8b7e-66eb-11e6-b939-8c89a5dc4082} - K:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3597441168-987042481-1615746943-1000\...\MountPoints2: {c8a6bdc1-7f7b-11e6-951e-8c89a5dc4082} - D:\setup.exe
HKU\S-1-5-21-3597441168-987042481-1615746943-1000\...\MountPoints2: {d89cf47f-685b-11e6-8ae7-8c89a5dc4082} - J:\autorun.exe
HKU\S-1-5-21-3597441168-987042481-1615746943-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-14] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AML Device Install.lnk [2016-08-19]
ShortcutTarget: AML Device Install.lnk -> C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{9EF7F5EA-8649-4D7F-BF45-D91B54CF1A7B}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{A0B1A09C-4209-4496-84DD-145EC9305F97}: [NameServer] 208.67.222.222,208.67.220.220
Tcpip\..\Interfaces\{A0B1A09C-4209-4496-84DD-145EC9305F97}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{B09000C0-9000-41AA-9996-DF4C4659CFEC}: [DhcpNameServer] 172.18.12.1
Internet Explorer:
==================
SearchScopes: HKLM -> {758B870D-DF78-4A6A-9955-DEDDCACF94DC} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKU\.DEFAULT -> {758B870D-DF78-4A6A-9955-DEDDCACF94DC} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKU\S-1-5-21-3597441168-987042481-1615746943-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKU\S-1-5-21-3597441168-987042481-1615746943-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKU\S-1-5-21-3597441168-987042481-1615746943-1000 -> {758B870D-DF78-4A6A-9955-DEDDCACF94DC} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation)
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-13] (Advanced Micro Devices)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office16\URLREDIR.DLL [2015-07-31] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2012-02-13] (Advanced Micro Devices)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office16\URLREDIR.DLL [2015-07-31] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
FireFox:
========
FF DefaultProfile: tobyzwru.default
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\tobyzwru.default [2018-03-19]
FF Homepage: Mozilla\Firefox\Profiles\tobyzwru.default -> hxxp://www.google.it/
FF Extension: (YouTube™ Flash® Player) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\tobyzwru.default\Extensions\jid1-HAV2inXAnQPIeA@jetpack.xpi [2017-08-11]
FF Extension: (Video DownloadHelper) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\tobyzwru.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2018-03-16]
FF Extension: (Flash and Video Download) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\tobyzwru.default\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}.xpi [2018-03-17]
FF Extension: (Adblock Plus) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\tobyzwru.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-12-12]
FF Extension: (DownThemAll!) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\tobyzwru.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2016-10-08] [Legacy]
FF Extension: (YouTube Video Download & Convert) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\tobyzwru.default\Extensions\{e8deb9e5-5688-4655-838a-b7a121a9f16e}.xpi [2018-02-15]
FF Extension: (YouTube Flash Video Player) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\tobyzwru.default\Extensions\{f3bd3dd2-2888-44c5-91a2-2caeb33fb898}.xpi [2018-01-20]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_29_0_0_113.dll [2018-03-13] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~3\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_29_0_0_113.dll [2018-03-13] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-02-11] (Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default [2018-03-19]
CHR Extension: (Presentazioni) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
CHR Extension: (Documenti) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Google Drive) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-20]
CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-20]
CHR Extension: (Fogli) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
CHR Extension: (Google Documenti offline) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-20]
CHR Extension: (Pagamenti Chrome Web Store) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (Gmail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-20]
CHR Extension: (Chrome Media Router) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-03-07]
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1 [2016-09-21]
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 2 [2016-09-21]
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 3 [2018-02-08]
CHR Extension: (Presentazioni Google) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-08-20]
CHR Extension: (Documenti Google) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aohghmighlieiainnegkcijnfilokake [2016-08-20]
CHR Extension: (Google Drive) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-20]
CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-20]
CHR Extension: (Fogli Google) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-08-20]
CHR Extension: (Google Documenti offline) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-20]
CHR Extension: (Pagamenti Chrome Web Store) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-08-20]
CHR Extension: (Gmail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-20]
CHR Extension: (Chrome Media Router) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-20]
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 4 [2016-09-21]
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 5 [2018-02-08]
CHR Extension: (Presentazioni Google) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-08-20]
CHR Extension: (Documenti Google) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\aohghmighlieiainnegkcijnfilokake [2016-08-20]
CHR Extension: (Google Drive) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-20]
CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-20]
CHR Extension: (Fogli Google) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-08-20]
CHR Extension: (Google Documenti offline) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-20]
CHR Extension: (Pagamenti Chrome Web Store) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-08-20]
CHR Extension: (Gmail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-20]
CHR Extension: (Chrome Media Router) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-20]
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 6 [2018-02-08]
CHR Extension: (Presentazioni Google) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-08-22]
CHR Extension: (Documenti Google) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\aohghmighlieiainnegkcijnfilokake [2016-08-22]
CHR Extension: (Google Drive) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-22]
CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-22]
CHR Extension: (Fogli Google) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-08-22]
CHR Extension: (Google Documenti offline) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-22]
CHR Extension: (Pagamenti Chrome Web Store) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-08-22]
CHR Extension: (Gmail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-22]
CHR Extension: (Chrome Media Router) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-22]
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 9 [2018-02-08]
CHR Extension: (Presentazioni Google) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-08-24]
CHR Extension: (Documenti Google) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\aohghmighlieiainnegkcijnfilokake [2016-08-24]
CHR Extension: (Google Drive) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-24]
CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-24]
CHR Extension: (Fogli Google) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-08-24]
CHR Extension: (Google Documenti offline) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-24]
CHR Extension: (Pagamenti Chrome Web Store) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-08-24]
CHR Extension: (Gmail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-24]
CHR Extension: (Chrome Media Router) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-24]
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\System Profile [2018-02-08]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-11-27] (Apple Inc.)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1467072 2016-08-29] (Disc Soft Ltd)
S4 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2001592 2016-06-03] (Comodo)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2847736 2018-03-17] (ESET)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-01-20] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [138768 2012-01-03] (MSI)
S2 MxService; C:\Program Files (x86)\Maxthon5\Bin\MxService.exe [143648 2018-01-20] (Maxthon International ltd.)
R2 NovaPdf9Server; C:\Program Files\Softland\novaPDF 9\Server\novapdfs.exe [52616 2018-02-19] (Microsoft)
R2 SamsungRapidSvc; C:\Windows\System32\RAPID\SamsungRapidSvc.exe [28848 2014-09-16] (Samsung Electronics Co., Ltd.)
R2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [741056 2015-11-30] (@ByELDI) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 Themes; C:\Windows\system32\themeservice.dll [44544 2009-08-03] (Microsoft Corporation) [File not signed]
R2 TunnelBearMaintenance; C:\Program Files (x86)\TunnelBear\TunnelBear.Maintenance.exe [113024 2018-02-12] ()
S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.225\WsAppService.exe [473824 2017-05-05] (Wondershare)
R2 WsDrvInst; C:\Program Files (x86)\Wondershare\Dr.Fone per iOS\Library\DriverInstaller\DriverInstall.exe [119008 2017-06-28] (Wondershare)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AndnetBus; C:\Windows\System32\DRIVERS\lgandnetbus64.sys [29696 2016-03-02] (LG Electronics Inc.)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [30720 2016-03-02] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [37376 2016-03-02] (LG Electronics Inc.)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2016-09-21] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2016-09-21] (Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [132280 2018-03-17] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [180024 2018-03-17] (ESET)
R1 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [70960 2018-03-17] (ESET)
R0 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253880 2018-01-28] (Malwarebytes)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [14136 2010-01-18] (MSI)
R0 SamsungRapidDiskFltr; C:\Windows\System32\DRIVERS\SamsungRapidDiskFltr.sys [268976 2014-09-16] (Samsung Electronics Co., Ltd.)
R0 SamsungRapidFSFltr; C:\Windows\System32\DRIVERS\SamsungRapidFSFltr.sys [111280 2014-09-16] (Samsung Electronics Co., Ltd.)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 tap-tb-0901; C:\Windows\System32\DRIVERS\tap-tb-0901.sys [38656 2016-10-17] (The OpenVPN Project)
S3 wdm_usb; C:\Windows\System32\DRIVERS\usb2ser.sys [159936 2016-08-16] (MBB)
S3 MSICDSetup; \??\E:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-03-19 11:12 - 2018-03-19 11:12 - 000027510 _____ C:\Users\Admin\Desktop\FRST.txt
2018-03-19 11:12 - 2018-03-19 11:12 - 000000000 ____D C:\FRST
2018-03-19 11:11 - 2018-03-19 11:11 - 000015080 _____ C:\Users\Admin\Desktop\aaaa.txt
2018-03-19 10:38 - 2018-03-19 10:38 - 002403328 _____ (Farbar) C:\Users\Admin\Desktop\FRST64.exe
2018-03-19 10:29 - 2018-03-19 10:29 - 000028272 _____ C:\Windows\system32\Drivers\TrueSight.sys
2018-03-19 10:28 - 2018-03-19 11:11 - 000000000 ____D C:\ProgramData\RogueKiller
2018-03-19 10:28 - 2018-03-19 10:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2018-03-19 10:28 - 2018-03-19 10:28 - 000000000 ____D C:\Program Files\RogueKiller
2018-03-19 10:24 - 2018-03-19 10:24 - 000000000 ____D C:\TDSSKiller_Quarantine
2018-03-19 10:23 - 2018-03-19 10:26 - 000000000 ____D C:\Users\Admin\Desktop\log da caricare
2018-03-19 10:23 - 2018-03-19 10:25 - 000219314 _____ C:\TDSSKiller.3.1.0.16_19.03.2018_10.23.02_log.txt
2018-03-17 22:41 - 2018-03-17 22:44 - 155905326 _____ C:\Users\Admin\Downloads\STELLA STUDIO MAR 18 X DB.zip
2018-03-17 22:09 - 2018-03-17 22:09 - 000000000 _____ C:\Users\Admin\Desktop\djpikkola@tiscali.it.txt
2018-03-17 14:06 - 2018-03-17 14:06 - 000000000 ____D C:\Users\Admin\AppData\Local\ESET
2018-03-17 13:52 - 2018-03-17 13:52 - 000000000 ____D C:\Users\Admin\AppData\Roaming\ESET
2018-03-17 13:51 - 2018-03-17 13:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ulisess Seguridad
2018-03-17 13:50 - 2018-03-17 13:51 - 000000000 ____D C:\Program Files\ESET
2018-03-17 13:50 - 2018-03-17 13:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2018-03-17 13:50 - 2018-03-17 13:50 - 000000000 ____D C:\ProgramData\ESET
2018-03-16 21:18 - 2018-03-16 21:20 - 000000000 ____D C:\Users\Admin\Desktop\Carlotta Tempestini
2018-03-14 14:00 - 2018-02-17 04:36 - 000340088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-03-14 14:00 - 2018-02-16 16:51 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2018-03-14 14:00 - 2018-02-16 16:45 - 025742848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-03-14 14:00 - 2018-02-16 16:24 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2018-03-14 14:00 - 2018-02-16 16:19 - 020286976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-03-14 14:00 - 2018-02-16 15:37 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2018-03-14 14:00 - 2018-02-16 15:37 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2018-03-14 14:00 - 2018-02-15 16:15 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-03-14 14:00 - 2018-02-15 15:57 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-03-14 14:00 - 2018-02-10 18:55 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2018-03-14 14:00 - 2018-02-10 18:40 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2018-03-14 14:00 - 2018-02-10 18:40 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2018-03-14 14:00 - 2018-02-10 18:37 - 005779968 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-03-14 14:00 - 2018-02-10 18:32 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2018-03-14 14:00 - 2018-02-10 18:29 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-03-14 14:00 - 2018-02-10 18:28 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2018-03-14 14:00 - 2018-02-10 18:27 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-03-14 14:00 - 2018-02-10 18:20 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2018-03-14 14:00 - 2018-02-10 18:10 - 000499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-03-14 14:00 - 2018-02-10 18:10 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-03-14 14:00 - 2018-02-10 18:09 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2018-03-14 14:00 - 2018-02-10 18:03 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2018-03-14 14:00 - 2018-02-10 18:03 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2018-03-14 14:00 - 2018-02-10 18:01 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2018-03-14 14:00 - 2018-02-10 18:00 - 000661504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-03-14 14:00 - 2018-02-10 18:00 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-03-14 14:00 - 2018-02-10 17:50 - 000807936 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-03-14 14:00 - 2018-02-10 17:47 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2018-03-14 14:00 - 2018-02-10 17:46 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2018-03-14 14:00 - 2018-02-10 17:40 - 004496384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-03-14 14:00 - 2018-02-10 17:34 - 000694784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-03-14 14:00 - 2018-02-10 17:33 - 002058240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-03-14 14:00 - 2018-02-10 17:33 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2018-03-14 14:00 - 2018-02-10 17:09 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-03-14 13:59 - 2018-03-09 04:39 - 005580992 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-03-14 13:59 - 2018-03-09 04:39 - 000708288 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-03-14 13:59 - 2018-03-09 04:39 - 000262336 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2018-03-14 13:59 - 2018-03-09 04:39 - 000154816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-03-14 13:59 - 2018-03-09 04:39 - 000095424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-03-14 13:59 - 2018-03-09 04:18 - 000631640 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-03-14 13:59 - 2018-03-09 04:14 - 004044992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2018-03-14 13:59 - 2018-03-09 04:14 - 004025536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2018-03-14 13:59 - 2018-03-09 04:09 - 001665336 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-03-14 13:59 - 2018-03-09 04:06 - 001461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-03-14 13:59 - 2018-03-09 04:06 - 001212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-03-14 13:59 - 2018-03-09 04:06 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2018-03-14 13:59 - 2018-03-09 04:06 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2018-03-14 13:59 - 2018-03-09 04:06 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-03-14 13:59 - 2018-03-09 04:06 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2018-03-14 13:59 - 2018-03-09 04:06 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2018-03-14 13:59 - 2018-03-09 04:06 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-03-14 13:59 - 2018-03-09 04:06 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-03-14 13:59 - 2018-03-09 04:06 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2018-03-14 13:59 - 2018-03-09 04:06 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-03-14 13:59 - 2018-03-09 04:06 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2018-03-14 13:59 - 2018-03-09 04:06 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-03-14 13:59 - 2018-03-09 04:06 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2018-03-14 13:59 - 2018-03-09 04:06 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2018-03-14 13:59 - 2018-03-09 04:06 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2018-03-14 13:59 - 2018-03-09 04:06 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2018-03-14 13:59 - 2018-03-09 04:06 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2018-03-14 13:59 - 2018-03-09 04:06 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-03-14 13:59 - 2018-03-09 04:06 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2018-03-14 13:59 - 2018-03-09 04:06 - 000094720 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-03-14 13:59 - 2018-03-09 04:06 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2018-03-14 13:59 - 2018-03-09 04:06 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2018-03-14 13:59 - 2018-03-09 04:06 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2018-03-14 13:59 - 2018-03-09 04:06 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2018-03-14 13:59 - 2018-03-09 04:06 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2018-03-14 13:59 - 2018-03-09 04:06 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2018-03-14 13:59 - 2018-03-09 04:06 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2018-03-14 13:59 - 2018-03-09 04:06 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-03-14 13:59 - 2018-03-09 04:06 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2018-03-14 13:59 - 2018-03-09 04:06 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-03-14 13:59 - 2018-03-09 04:06 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2018-03-14 13:59 - 2018-03-09 04:06 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2018-03-14 13:59 - 2018-03-09 04:06 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2018-03-14 13:59 - 2018-03-09 04:06 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-03-14 13:59 - 2018-03-09 04:06 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-03-14 13:59 - 2018-03-09 04:06 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-03-14 13:59 - 2018-03-09 04:06 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-03-14 13:59 - 2018-03-09 04:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-03-14 13:59 - 2018-03-09 04:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-03-14 13:59 - 2018-03-09 04:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-03-14 13:59 - 2018-03-09 04:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-03-14 13:59 - 2018-03-09 04:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-03-14 13:59 - 2018-03-09 04:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-03-14 13:59 - 2018-03-09 04:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-03-14 13:59 - 2018-03-09 04:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-03-14 13:59 - 2018-03-09 04:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-03-14 13:59 - 2018-03-09 04:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-03-14 13:59 - 2018-03-09 04:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-03-14 13:59 - 2018-03-09 04:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-03-14 13:59 - 2018-03-09 04:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-03-14 13:59 - 2018-03-09 04:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-03-14 13:59 - 2018-03-09 04:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-03-14 13:59 - 2018-03-09 04:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-03-14 13:59 - 2018-03-09 04:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-03-14 13:59 - 2018-03-09 04:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-03-14 13:59 - 2018-03-09 04:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-03-14 13:59 - 2018-03-09 04:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-03-14 13:59 - 2018-03-09 04:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-03-14 13:59 - 2018-03-09 04:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-03-14 13:59 - 2018-03-09 04:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-03-14 13:59 - 2018-03-09 04:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-03-14 13:59 - 2018-03-09 03:47 - 001314064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2018-03-14 13:59 - 2018-03-09 03:43 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2018-03-14 13:59 - 2018-03-09 03:43 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2018-03-14 13:59 - 2018-03-09 03:43 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-03-14 13:59 - 2018-03-09 03:43 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2018-03-14 13:59 - 2018-03-09 03:43 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2018-03-14 13:59 - 2018-03-09 03:43 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-03-14 13:59 - 2018-03-09 03:43 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-03-14 13:59 - 2018-03-09 03:43 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2018-03-14 13:59 - 2018-03-09 03:43 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-03-14 13:59 - 2018-03-09 03:43 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2018-03-14 13:59 - 2018-03-09 03:43 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2018-03-14 13:59 - 2018-03-09 03:43 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2018-03-14 13:59 - 2018-03-09 03:43 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2018-03-14 13:59 - 2018-03-09 03:43 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2018-03-14 13:59 - 2018-03-09 03:43 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2018-03-14 13:59 - 2018-03-09 03:43 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-03-14 13:59 - 2018-03-09 03:43 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2018-03-14 13:59 - 2018-03-09 03:43 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2018-03-14 13:59 - 2018-03-09 03:43 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2018-03-14 13:59 - 2018-03-09 03:43 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2018-03-14 13:59 - 2018-03-09 03:43 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2018-03-14 13:59 - 2018-03-09 03:43 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2018-03-14 13:59 - 2018-03-09 03:43 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2018-03-14 13:59 - 2018-03-09 03:43 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2018-03-14 13:59 - 2018-03-09 03:43 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-03-14 13:59 - 2018-03-09 03:43 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-03-14 13:59 - 2018-03-09 03:43 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-03-14 13:59 - 2018-03-09 03:43 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-03-14 13:59 - 2018-03-09 03:43 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-03-14 13:59 - 2018-03-09 03:43 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-03-14 13:59 - 2018-03-09 03:43 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-03-14 13:59 - 2018-03-09 03:43 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-03-14 13:59 - 2018-03-09 03:43 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-03-14 13:59 - 2018-03-09 03:43 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-03-14 13:59 - 2018-03-09 03:43 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-03-14 13:59 - 2018-03-09 03:43 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-03-14 13:59 - 2018-03-09 03:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2018-03-14 13:59 - 2018-03-09 03:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-03-14 13:59 - 2018-03-09 03:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-03-14 13:59 - 2018-03-09 03:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2018-03-14 13:59 - 2018-03-09 03:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-03-14 13:59 - 2018-03-09 03:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-03-14 13:59 - 2018-03-09 03:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-03-14 13:59 - 2018-03-09 03:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-03-14 13:59 - 2018-03-09 03:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-03-14 13:59 - 2018-03-09 03:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-03-14 13:59 - 2018-03-09 03:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2018-03-14 13:59 - 2018-03-09 03:38 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2018-03-14 13:59 - 2018-03-09 03:38 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-03-14 13:59 - 2018-03-09 03:38 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2018-03-14 13:59 - 2018-03-09 03:37 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2018-03-14 13:59 - 2018-03-09 03:34 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2018-03-14 13:59 - 2018-03-09 03:34 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2018-03-14 13:59 - 2018-03-09 03:33 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2018-03-14 13:59 - 2018-03-09 03:31 - 000160256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2018-03-14 13:59 - 2018-03-09 03:30 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2018-03-14 13:59 - 2018-03-09 03:30 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2018-03-14 13:59 - 2018-03-09 03:29 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2018-03-14 13:59 - 2018-03-09 03:29 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-03-14 13:59 - 2018-03-09 03:26 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2018-03-14 13:59 - 2018-03-09 03:22 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2018-03-14 13:59 - 2018-03-09 03:22 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2018-03-14 13:59 - 2018-03-09 03:22 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2018-03-14 13:59 - 2018-03-09 03:22 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2018-03-14 13:59 - 2018-03-09 03:22 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2018-03-14 13:59 - 2018-03-09 03:21 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2018-03-14 13:59 - 2018-03-09 03:21 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-03-14 13:59 - 2018-03-09 03:21 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-03-14 13:59 - 2018-03-09 03:21 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2018-03-14 13:59 - 2018-03-01 09:36 - 003226112 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-03-14 13:59 - 2018-02-22 04:28 - 000217600 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2018-03-14 13:59 - 2018-02-22 04:06 - 000134656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2018-03-14 13:59 - 2018-02-18 22:34 - 000634272 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2018-03-14 13:59 - 2018-02-17 05:27 - 000395928 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-03-14 13:59 - 2018-02-16 16:51 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2018-03-14 13:59 - 2018-02-16 16:51 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2018-03-14 13:59 - 2018-02-16 16:44 - 013678080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-03-14 13:59 - 2018-02-16 16:24 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2018-03-14 13:59 - 2018-02-16 16:24 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2018-03-14 13:59 - 2018-02-10 19:35 - 000367296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
2018-03-14 13:59 - 2018-02-10 19:35 - 000334528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys
2018-03-14 13:59 - 2018-02-10 19:35 - 000185024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2018-03-14 13:59 - 2018-02-10 19:35 - 000122560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NV_AGP.SYS
2018-03-14 13:59 - 2018-02-10 19:35 - 000068288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys
2018-03-14 13:59 - 2018-02-10 19:35 - 000064192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ULIAGPKX.SYS
2018-03-14 13:59 - 2018-02-10 19:35 - 000063168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\termdd.sys
2018-03-14 13:59 - 2018-02-10 19:35 - 000060608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AGP440.sys
2018-03-14 13:59 - 2018-02-10 19:35 - 000036032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vdrvroot.sys
2018-03-14 13:59 - 2018-02-10 19:35 - 000031936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mssmbios.sys
2018-03-14 13:59 - 2018-02-10 19:35 - 000023744 _____ (Microsoft Corporation) C:\Windows\system32\streamci.dll
2018-03-14 13:59 - 2018-02-10 19:35 - 000020160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\isapnp.sys
2018-03-14 13:59 - 2018-02-10 19:35 - 000015040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msisadrv.sys
2018-03-14 13:59 - 2018-02-10 19:35 - 000012096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\swenum.sys
2018-03-14 13:59 - 2018-02-10 19:23 - 002292224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2018-03-14 13:59 - 2018-02-10 19:23 - 000330240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\zipfldr.dll
2018-03-14 13:59 - 2018-02-10 19:23 - 000111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\racpldlg.dll
2018-03-14 13:59 - 2018-02-10 19:11 - 003665920 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2018-03-14 13:59 - 2018-02-10 19:11 - 000369664 _____ (Microsoft Corporation) C:\Windows\system32\zipfldr.dll
2018-03-14 13:59 - 2018-02-10 19:11 - 000133120 _____ (Microsoft Corporation) C:\Windows\system32\msrahc.dll
2018-03-14 13:59 - 2018-02-10 19:11 - 000119296 _____ (Microsoft Corporation) C:\Windows\system32\racpldlg.dll
2018-03-14 13:59 - 2018-02-10 18:55 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2018-03-14 13:59 - 2018-02-10 18:40 - 002901504 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-03-14 13:59 - 2018-02-10 18:40 - 000577536 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-03-14 13:59 - 2018-02-10 18:40 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2018-03-14 13:59 - 2018-02-10 18:36 - 000108032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msra.exe
2018-03-14 13:59 - 2018-02-10 18:36 - 000040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdchange.exe
2018-03-14 13:59 - 2018-02-10 18:36 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsraLegacy.tlb
2018-03-14 13:59 - 2018-02-10 18:31 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2018-03-14 13:59 - 2018-02-10 18:28 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2018-03-14 13:59 - 2018-02-10 18:27 - 000817152 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-03-14 13:59 - 2018-02-10 18:26 - 000653312 _____ (Microsoft Corporation) C:\Windows\system32\msra.exe
2018-03-14 13:59 - 2018-02-10 18:26 - 000051712 _____ (Microsoft Corporation) C:\Windows\system32\sdchange.exe
2018-03-14 13:59 - 2018-02-10 18:25 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wmiacpi.sys
2018-03-14 13:59 - 2018-02-10 18:25 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\errdev.sys
2018-03-14 13:59 - 2018-02-10 18:25 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\MsraLegacy.tlb
2018-03-14 13:59 - 2018-02-10 18:22 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2018-03-14 13:59 - 2018-02-10 18:10 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2018-03-14 13:59 - 2018-02-10 18:09 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2018-03-14 13:59 - 2018-02-10 18:09 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2018-03-14 13:59 - 2018-02-10 18:09 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2018-03-14 13:59 - 2018-02-10 18:06 - 002295296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-03-14 13:59 - 2018-02-10 18:06 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2018-03-14 13:59 - 2018-02-10 18:01 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2018-03-14 13:59 - 2018-02-10 18:00 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2018-03-14 13:59 - 2018-02-10 17:57 - 015281664 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-03-14 13:59 - 2018-02-10 17:52 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-03-14 13:59 - 2018-02-10 17:50 - 000726528 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-03-14 13:59 - 2018-02-10 17:47 - 002134016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-03-14 13:59 - 2018-02-10 17:47 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2018-03-14 13:59 - 2018-02-10 17:47 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2018-03-14 13:59 - 2018-02-10 17:44 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2018-03-14 13:59 - 2018-02-10 17:41 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2018-03-14 13:59 - 2018-02-10 17:35 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-03-14 13:59 - 2018-02-10 17:23 - 001545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-03-14 13:59 - 2018-02-10 17:12 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-03-14 13:59 - 2018-02-10 17:11 - 001313792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-03-14 13:59 - 2018-02-02 19:40 - 000114368 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2018-03-14 13:59 - 2018-02-02 19:29 - 002365952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2018-03-14 13:59 - 2018-02-02 19:29 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2018-03-14 13:59 - 2018-02-02 19:29 - 000025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2018-03-14 13:59 - 2018-02-02 19:28 - 001806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2018-03-14 13:59 - 2018-02-02 19:16 - 003246080 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2018-03-14 13:59 - 2018-02-02 19:16 - 000504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2018-03-14 13:59 - 2018-02-02 19:16 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2018-03-14 13:59 - 2018-02-02 19:14 - 001942016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2018-03-14 13:59 - 2018-02-02 19:14 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2018-03-14 13:59 - 2018-02-02 18:46 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2018-03-14 13:59 - 2018-02-02 18:36 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2018-03-14 13:59 - 2018-01-15 20:59 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2018-03-14 13:59 - 2018-01-15 20:40 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2018-03-14 13:59 - 2018-01-12 17:40 - 000407040 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2018-03-14 13:59 - 2018-01-12 17:26 - 000308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2018-03-14 13:58 - 2018-02-13 19:17 - 000136384 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2018-03-14 13:58 - 2018-02-13 19:10 - 000655872 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2018-03-14 13:58 - 2018-02-13 15:05 - 001994752 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2018-03-14 13:58 - 2018-02-13 15:05 - 001560064 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2018-03-14 13:58 - 2018-02-13 15:05 - 000740864 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2018-03-14 13:58 - 2018-02-13 15:05 - 000600576 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2018-03-14 13:58 - 2018-02-13 15:05 - 000451072 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2018-03-14 13:58 - 2018-02-13 15:05 - 000380928 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2018-03-14 13:58 - 2018-02-13 15:05 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2018-03-14 13:58 - 2018-02-13 15:05 - 000237568 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2018-03-13 14:53 - 2018-03-13 14:53 - 000004614 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-03-04 19:14 - 2018-03-04 19:14 - 000002187 _____ C:\Users\Admin\AppData\Local\recently-used.xbel
2018-02-25 15:29 - 2018-02-25 15:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TunnelBear
2018-02-21 12:53 - 2018-03-01 21:49 - 000000496 _____ C:\Users\Admin\Desktop\onedrive raja.txt
2018-02-21 11:49 - 2018-02-21 11:49 - 000003548 _____ C:\Windows\System32\Tasks\doPDF 9 Telemetry
2018-02-21 11:49 - 2018-02-21 11:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\doPDF 9
2018-02-21 11:48 - 2018-02-21 11:48 - 000000000 ____D C:\Program Files (x86)\Softland
2018-02-19 14:49 - 2018-02-19 14:49 - 000018944 _____ (Softland) C:\Windows\system32\novamn9.dll
2018-02-19 14:49 - 2018-02-19 14:49 - 000015872 _____ (Softland) C:\Windows\system32\novami9.dll
2018-02-18 14:17 - 2018-02-18 14:17 - 000000000 _____ C:\Users\Admin\Desktop\miavenusmodel081@gmail.com.txt
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-03-19 10:37 - 2016-11-19 18:06 - 000000000 ____D C:\Users\Admin\AppData\LocalLow\Mozilla
2018-03-19 10:33 - 2009-07-14 05:45 - 000014224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-03-19 10:33 - 2009-07-14 05:45 - 000014224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-03-19 10:28 - 2016-08-20 13:38 - 000000000 ____D C:\Users\Admin\AppData\Roaming\uTorrent
2018-03-19 10:25 - 2009-07-14 11:53 - 000744154 _____ C:\Windows\system32\perfh010.dat
2018-03-19 10:25 - 2009-07-14 11:53 - 000148516 _____ C:\Windows\system32\perfc010.dat
2018-03-19 10:25 - 2009-07-14 06:13 - 001669188 _____ C:\Windows\system32\PerfStringBackup.INI
2018-03-19 10:25 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2018-03-19 10:18 - 2017-01-26 17:58 - 000000000 ____D C:\Program Files (x86)\TunnelBear
2018-03-19 10:18 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-03-19 10:18 - 2009-07-14 05:45 - 005102816 _____ C:\Windows\system32\FNTCACHE.DAT
2018-03-19 10:17 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\PolicyDefinitions
2018-03-18 22:11 - 2016-08-20 11:08 - 000000000 ____D C:\Users\Admin\AppData\Roaming\vlc
2018-03-18 09:56 - 2016-08-20 11:26 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-03-17 13:58 - 2017-01-17 09:15 - 000180024 _____ (ESET) C:\Windows\system32\Drivers\ehdrv.sys
2018-03-17 13:58 - 2017-01-17 09:15 - 000132280 _____ (ESET) C:\Windows\system32\Drivers\eamonm.sys
2018-03-17 13:58 - 2017-01-17 09:15 - 000070960 _____ (ESET) C:\Windows\system32\Drivers\epfwwfpr.sys
2018-03-16 23:31 - 2016-08-20 01:33 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-03-16 23:24 - 2016-11-18 12:44 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-03-16 13:44 - 2016-08-20 14:10 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Telegram Desktop
2018-03-15 21:37 - 2016-08-24 13:49 - 000000000 ____D C:\Windows\system32\MRT
2018-03-15 21:35 - 2017-10-13 02:02 - 130364688 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2018-03-15 21:35 - 2016-08-24 13:49 - 130364688 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-03-15 13:46 - 2016-08-22 16:41 - 000000000 ____D C:\Windows\system32\appraiser
2018-03-14 16:24 - 2016-08-20 16:27 - 000003350 _____ C:\Windows\System32\Tasks\ESET Windows 10 upgrade – Refresh settings
2018-03-14 14:05 - 2016-08-20 01:13 - 000002222 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-03-14 14:05 - 2016-08-20 01:13 - 000002181 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-03-13 15:53 - 2016-08-20 11:27 - 000004602 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-03-13 15:53 - 2016-08-20 11:26 - 000804352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-03-13 15:53 - 2016-08-20 11:26 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-03-13 15:53 - 2016-08-20 11:26 - 000004460 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-03-13 15:53 - 2016-08-20 11:26 - 000000000 ____D C:\Windows\system32\Macromed
2018-03-12 21:15 - 2016-11-25 12:11 - 000003856 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1471688194
2018-03-12 21:15 - 2016-08-20 11:15 - 000000000 ____D C:\Program Files (x86)\Opera
2018-03-09 13:39 - 2017-12-24 16:21 - 000000000 ____D C:\Users\Admin\AppData\Local\Degoo
2018-03-08 08:40 - 2018-01-09 13:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2018-03-08 08:40 - 2016-09-06 11:52 - 000001306 _____ C:\Users\Public\Desktop\Skype.lnk
2018-03-04 19:22 - 2016-08-24 17:48 - 000000000 ____D C:\Users\Admin\.gimp-2.8
2018-03-03 22:26 - 2018-02-11 14:00 - 000010670 _____ C:\Users\Admin\Desktop\porsche.xlsx
2018-02-27 21:17 - 2016-12-15 10:44 - 000000000 ____D C:\Users\DNM\AppData\LocalLow\Mozilla
2018-02-27 21:05 - 2016-08-29 19:35 - 000000000 ____D C:\Users\DNM\AppData\Roaming\Mozilla
2018-02-27 21:04 - 2009-07-14 05:57 - 000001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2018-02-27 19:24 - 2016-08-24 21:51 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-02-25 23:21 - 2016-08-20 12:01 - 000000000 ____D C:\Program Files (x86)\SpeedFan
2018-02-25 15:29 - 2017-01-26 17:58 - 000001959 _____ C:\Users\Public\Desktop\TunnelBear.lnk
2018-02-25 15:29 - 2017-01-26 17:58 - 000000000 ____D C:\Users\Admin\AppData\Roaming\TunnelBear
2018-02-25 15:29 - 2016-09-03 15:55 - 000000000 ____D C:\ProgramData\Package Cache
2018-02-25 15:28 - 2016-08-19 23:24 - 000001393 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2018-02-25 15:24 - 2016-09-06 15:39 - 000000000 ____D C:\Users\Admin\AppData\Roaming\FILEminimizerPictures
2018-02-24 19:23 - 2016-08-24 21:51 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-02-21 20:30 - 2018-01-12 19:59 - 000000000 ____D C:\Users\Admin\Desktop\pw
2018-02-21 11:49 - 2018-01-18 14:11 - 000003568 _____ C:\Windows\System32\Tasks\doPDF 9 Update
2018-02-21 11:49 - 2018-01-18 14:11 - 000000000 ____D C:\Program Files\Softland
==================== Files in the root of some directories =======
2018-03-04 19:14 - 2018-03-04 19:14 - 000002187 _____ () C:\Users\Admin\AppData\Local\recently-used.xbel
Some files in TEMP:
====================
2018-03-19 10:29 - 2018-03-09 04:09 - 001665336 _____ (Microsoft Corporation) C:\Users\Admin\AppData\Local\Temp\dllnt_dump.dll
2018-02-21 11:43 - 2018-02-21 11:45 - 062248768 _____ (Softland) C:\Users\Admin\AppData\Local\Temp\dopdf-full.exe
2018-02-25 23:21 - 2018-02-25 23:21 - 000192512 _____ () C:\Users\Admin\AppData\Local\Temp\sfamcc00001.dll
2018-02-25 23:21 - 2018-02-25 23:21 - 000158720 _____ () C:\Users\Admin\AppData\Local\Temp\sfareca00001.dll
2018-03-09 13:36 - 2018-03-09 13:36 - 000541696 _____ () C:\Users\Admin\AppData\Local\Temp\sqlite-unknown-sqlitejdbc.dll
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-03-09 11:53
==================== End of FRST.txt ============================Attendo info... :)
- Messaggi
- 26,297
- Reazioni
- 12,422
- Punteggio
- 254
Hai usato un attivatore...
danilo79
Utente Èlite
- Messaggi
- 1,814
- Reazioni
- 550
- Punteggio
- 108
Devo dare assistenza????
ti prego...
- Messaggi
- 26,297
- Reazioni
- 12,422
- Punteggio
- 254
hai un pvt.
- Messaggi
- 26,297
- Reazioni
- 12,422
- Punteggio
- 254
L'uso di softwar che aggirano le protezioni e violano il copyright, non possono avere supporto, è scritto anche nel regolamento.
Chiudo.
- Stato
Pubblicità