Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

IE and Chrome very slow to start


  • This topic is locked This topic is locked
8 replies to this topic

#1 miltonq

miltonq

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:59 AM

Posted 12 October 2014 - 10:18 PM

IE and Chrome startup is VERY slow.  Happened suddenly.  Hoping someone can scan my logs to have a look?

However, in trying to post DDS log, something else strange is happening.  When I go to run the program, it says "DDS is not meant to run in 'Compatibility Mode'. The program shall now exit.".  This is a pretty new computer though, and I'm not used to Windows 8, so I don't know if this is something I need to do to run DDS in Windows 8 environment, or if you use something else for Windows 8?

Any help would be appreciated.

Thanks!

 



BC AdBot (Login to Remove)

 


#2 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:59 PM

Posted 13 October 2014 - 08:15 AM

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

  • Important: To help me reviewing your logs, please post them in code boxes. You can create them by clicking on the <>-symbol on top of the reply window.

 
 
 
 
HijackThis is not the preferred initial scanning tool in this forum. With today's malware, a more comprehensive set of logs is required to determine the presence of malware.
 
 
  
Scan with FRST in normal mode

Please download Farbar's Recovery Scan Tool to your desktop: FRST 32bit or FRST 64bit (If not sure: Start --> Computer (right click) --> properties)
 
  • Run FRST.
  • Don´t change one of the checkboxes and hit Scan.
  • Logfiles are created on your desktop.
  • Poste the FRST.txt and (after the first scan only!) the Addition.txt.

 
 
Scan with Gmer rootkit scanner

Please download Gmer from here by clicking on the "Download EXE" Button.
  • Double click on the randomly named GMER.exe. If asked to allow gmer.sys driver to load, please consent.
  • If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO.
  • In the right panel, you will see several boxes that have been checked. Uncheck the following ...
    • Sections
    • IAT/EAT
    • Show All ( should be unchecked by default )
  • Leave everything else as it is.
  • Close all other running programs as well as your Browser.
  • Click the Scan button & wait for it to finish.
  • Once done click on the Save.. button, and in the File name area, type in "ark.txt" or it will save as a .log file which cannot be uploaded to your post.
  • Save it where you can easily find it, such as your desktop.
  • Please post the content of the ark.txt here.

**Caution**
Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries

Scan with TDSS-Killer

Please read and follow these instructions carefully. We do not want it to fix anything yet (if found), we need to see a report first.

Download TDSSKiller.zip and extract to your desktop
  • Execute TDSSKiller.exe by doubleclicking on it.
  • Press Start Scan
  • If Malicious objects are found, do NOT select Copy to quarantine. Change the action to Skip, and save the log.
  • Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt


Please attach this file to your next reply.
 


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#3 miltonq

miltonq
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:59 AM

Posted 13 October 2014 - 12:20 PM

OK, I ran FRST and attached both logs below.

Then, I tried to run Gmer, but it won't let me.  I keep getting an error when trying to open the program that says "C:\WINDOWS\system32\config\system: The process cannot access the file because it is being used by another process".  Then, the program closes.

Finally, I ran the TDSS-Killer, it said it found no threats.  Log included below as well.

Thank you!

 

FRST Log:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-10-2014 02
Ran by Jason (administrator) on FAMILYPC on 13-10-2014 12:02:32
Running from C:\Users\Jason\Desktop
Loaded Profile: Jason (Available profiles: Jason)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Windows ® Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Microsoft Corporation) C:\Windows\System32\printfilterpipelinesvc.exe
() C:\Program Files (x86)\Dell_DTM_WPF\DTM_Service\WindowsService_DTM.exe
() C:\Program Files (x86)\Dell_SWEQ\SWEQ_Service\WindowsService_Inclinometer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Intel) C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Logitech, Inc.) C:\Program Files\Dell\UnifyingSoftwareLauncher\DellLaunchUnifyingApp.exe
() C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
() C:\Program Files (x86)\Dell\Dell Wireless Keyboard Software\CDCtr.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\livecomm.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
() C:\Program Files\WindowsApps\21465DeveciGames.BasketballPro_1.0.0.26_neutral__erb9h5297r278\Basketball Pro.exe
() C:\Program Files\WindowsApps\Microsoft.Studios.PinballFx2_1.6.0.594_x86__8wekyb3d8bbwe\PinballFX2.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\WINWORD.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17044_x64__8wekyb3d8bbwe\glcnd.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McUICnt.exe
(Nike) C:\Program Files (x86)\Nike\Nike+ Connect\Nike+ Connect daemon.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7017032 2013-02-20] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1277000 2013-02-18] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1277000 2013-02-18] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [Dell Unifying Software Launcher] => C:\Program Files\Dell\UnifyingSoftwareLauncher\DellLaunchUnifyingApp.exe [3209608 2012-12-21] (Logitech, Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [285240 2012-09-01] (Intel Corporation)
HKLM-x32\...\Run: [CDEjectCtr] => C:\Program Files (x86)\Dell\Dell Wireless Keyboard Software\CDCtr.exe [411648 2012-11-15] ()
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-15] (Apple Inc.)
HKLM-x32\...\Run: [Nike+ Connect] => C:\Program Files (x86)\Nike\Nike+ Connect\Nike+ Connect daemon.exe [71680 2014-09-09] (Nike)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [133248 2013-05-31] ( (Qualcomm Atheros Commnucations))
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-3142402048-706546196-1541975245-1001\...\Run: [AnyDVD] => C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVD.exe [109480 2014-06-23] (SlySoft, Inc.)
HKU\S-1-5-21-3142402048-706546196-1541975245-1001\...\Run: [GoogleChromeAutoLaunch_EBF55E2D20B0831DD9C62517F8BC1054] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [854344 2014-10-01] (Google Inc.)
HKU\S-1-5-21-3142402048-706546196-1541975245-1001\...\Run: [Google Update] => C:\Users\Jason\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-07-10] (Google Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk
ShortcutTarget: Killer Network Manager.lnk -> C:\Windows\Installer\{ED92B8FD-D7A4-46D9-A1B6-640B5FE3C329}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe (Flexera Software LLC)
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com/?pc=DCJB
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM - DefaultScope {04B0E309-30EE-434A-879C-BD2D382B85A6} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=DCJB
SearchScopes: HKLM - {04B0E309-30EE-434A-879C-BD2D382B85A6} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=DCJB
SearchScopes: HKLM-x32 - DefaultScope {04B0E309-30EE-434A-879C-BD2D382B85A6} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=DCJB
SearchScopes: HKLM-x32 - {04B0E309-30EE-434A-879C-BD2D382B85A6} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=DCJB
SearchScopes: HKCU - DefaultScope {04B0E309-30EE-434A-879C-BD2D382B85A6} URL =
SearchScopes: HKCU - {04B0E309-30EE-434A-879C-BD2D382B85A6} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.66 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Jason\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Jason\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2013-08-23]

Chrome:
=======
CHR Profile: C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-10]
CHR Extension: (LibreOffice Draw on rollApp) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\apaghoiaeioepkngbmdaifpagmcmiafo [2014-07-10]
CHR Extension: (Google Drive) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-10]
CHR Extension: (LibreOffice Impress on rollApp) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\aphkpmfcmpjnlnfilmgokeohlbealone [2014-07-10]
CHR Extension: (LibreOffice Calc on rollApp) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\bclbclclgmmigcadnicnjimilaoenlgn [2014-07-10]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-07-10]
CHR Extension: (Bible Verse of the Day) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhgloggoiejchnobifdenkbngmdncege [2014-07-10]
CHR Extension: (YouTube) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-10]
CHR Extension: (Google Cast) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2014-07-10]
CHR Extension: (Google Search) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-10]
CHR Extension: (GIMP on rollApp) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\eodhmnkhmnkmimhckfpkgmbmcgjkaddo [2014-07-10]
CHR Extension: (YoWindow Weather) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\fanogbnclpilemkifpjeglokomebpnef [2014-07-10]
CHR Extension: (LibreOffice Writer on rollApp) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\gnibcjefjdpoannnhgmhoheglmepgggc [2014-07-10]
CHR Extension: (Google Wallet) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-10]
CHR Extension: (Gmail) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-10]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [310912 2013-05-31] (Windows ® Win 7 DDK provider)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2428088 2014-08-12] (Microsoft Corporation)
R2 Dell_DTM; C:\Program Files (x86)\Dell_DTM_WPF\DTM_Service\WindowsService_DTM.exe [17408 2013-06-17] () [File not signed]
R2 Dell_Software_eq; C:\Program Files (x86)\Dell_SWEQ\SWEQ_Service\WindowsService_Inclinometer.exe [27648 2013-03-13] () [File not signed]
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 Intel® Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel® Corporation)
R2 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [193576 2012-07-19] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165336 2013-01-13] (Intel Corporation)
S3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-21] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-14] (Microsoft Corporation)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.)
S3 McAWFwk; C:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe [334760 2012-12-21] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [603424 2014-06-12] (McAfee, Inc.)
R2 McOobeSv2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-07-24] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-06-20] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-06-20] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-04-25] (Microsoft Corporation)
R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [341504 2013-06-26] (Qualcomm Atheros) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [239176 2013-02-20] (Realtek Semiconductor)
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe [1915920 2013-11-21] (SoftThinks SAS)
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-21] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-21] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-23] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-23] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 akw8x64; C:\Windows\system32\DRIVERS\akw8x64.sys [3812048 2013-05-30] (Qualcomm Atheros, Inc.)
S3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [138664 2014-04-24] (SlySoft, Inc.)
S3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [138664 2014-04-24] (SlySoft, Inc.)
S1 BfLwf; C:\Windows\system32\DRIVERS\bwcW8x64.sys [75056 2013-02-13] (Qualcomm Atheros, Inc.)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-05-31] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-06-20] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R3 irstrtdv; C:\Windows\System32\drivers\irstrtdv.sys [43800 2012-07-20] (Intel Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-06-20] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313544 2014-06-20] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70600 2014-06-20] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [523792 2014-06-20] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-06-20] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [444720 2014-07-24] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-07-24] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-06-20] (McAfee, Inc.)
R3 SensorsAlsDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation)
R3 SensorsHIDClassDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation)
R3 SensorsServiceDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation)
R3 ST_Accel; C:\Windows\system32\DRIVERS\ST_Accel.sys [71832 2012-07-13] (STMicroelectronics)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-23] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-13 12:02 - 2014-10-13 12:03 - 00023261 _____ () C:\Users\Jason\Desktop\FRST.txt
2014-10-13 12:02 - 2014-10-13 12:02 - 00000000 ____D () C:\FRST
2014-10-13 12:01 - 2014-10-13 12:01 - 02110464 _____ (Farbar) C:\Users\Jason\Desktop\FRST64.exe
2014-10-12 22:06 - 2014-10-12 22:06 - 00688992 _____ (Swearware) C:\Users\Jason\Desktop\dds.com
2014-10-12 20:02 - 2014-10-12 20:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-10-11 10:16 - 2014-10-11 10:08 - 04064422 _____ () C:\Users\Jason\Desktop\water_cycle_video-eml.mp4
2014-10-11 10:04 - 2014-10-11 10:08 - 00000000 ____D () C:\Users\Jason\Desktop\vids
2014-10-08 06:02 - 2014-10-08 06:02 - 01640456 _____ () C:\Users\Jason\Downloads\Dry Ice by Samanta and Bryanna.wmv
2014-10-08 06:02 - 2014-10-08 06:02 - 01081905 _____ () C:\Users\Jason\Downloads\air project michele and sanaa.wmv
2014-10-07 10:48 - 2014-10-07 10:48 - 00000000 ___RD () C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-10-07 08:51 - 2014-10-07 09:51 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\uTorrent
2014-10-07 06:13 - 2014-10-07 06:13 - 06258650 _____ () C:\Users\Jason\Downloads\SymbolsofAmericaPowerPoint.pptx
2014-10-07 06:13 - 2014-10-07 06:13 - 00911916 _____ () C:\Users\Jason\Downloads\Freedomweekpresentationpowerpoint (1).pptx
2014-10-07 06:12 - 2014-10-07 06:12 - 01574731 _____ () C:\Users\Jason\Downloads\PrimaryGradesInternetScavengerHuntAmericanHolidays (1).zip
2014-10-07 06:07 - 2014-10-13 12:02 - 00000000 ____D () C:\Users\Jason\Desktop\Government
2014-10-07 06:05 - 2014-10-07 06:05 - 00369322 _____ () C:\Users\Jason\Downloads\ElectionDayMiniLesson.zip
2014-10-07 06:02 - 2014-10-07 06:02 - 00911916 _____ () C:\Users\Jason\Downloads\Freedomweekpresentationpowerpoint.pptx
2014-10-07 06:00 - 2014-10-07 06:00 - 01574731 _____ () C:\Users\Jason\Downloads\PrimaryGradesInternetScavengerHuntAmericanHolidays.zip
2014-09-30 14:24 - 2014-09-30 15:30 - 00009880 _____ () C:\Users\Jason\Desktop\miami.xlsx
2014-09-25 18:28 - 2014-09-25 18:28 - 00045419 _____ () C:\Users\Jason\Downloads\PV_Center (1).pptx
2014-09-25 18:27 - 2014-09-25 18:27 - 00049072 _____ () C:\Users\Jason\Downloads\Place_Value_Dice.pptx
2014-09-25 18:25 - 2014-09-25 18:25 - 00045419 _____ () C:\Users\Jason\Downloads\PV_Center.pptx
2014-09-23 03:29 - 2014-09-23 03:29 - 00068577 _____ () C:\Users\Jason\Downloads\MothersDayFlowerCharacterTraits.pptx
2014-09-23 03:25 - 2014-09-23 03:25 - 00080269 _____ () C:\Users\Jason\Downloads\SlinkyCharacterTraitPerson.zip
2014-09-23 03:21 - 2014-09-23 03:21 - 00940849 _____ () C:\Users\Jason\Downloads\CharacterTraitComicStripsFreebie.zip
2014-09-21 15:19 - 2014-09-30 13:55 - 00000000 ____D () C:\Users\Jason\AppData\Local\Microsoft Help
2014-09-19 16:54 - 2014-09-19 16:54 - 00487629 _____ () C:\Users\Jason\Desktop\Place Value.flipchart
2014-09-16 16:13 - 2014-08-23 02:48 - 02374784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2014-09-16 16:13 - 2014-08-23 02:13 - 02084520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2014-09-16 16:13 - 2014-08-23 01:10 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2014-09-16 16:13 - 2014-08-23 00:32 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2014-09-16 16:13 - 2014-08-22 23:44 - 02860032 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-09-16 16:13 - 2014-08-22 23:34 - 13423104 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-09-16 16:13 - 2014-08-22 23:33 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-09-16 16:13 - 2014-08-22 23:31 - 01038336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-09-16 16:13 - 2014-08-22 23:20 - 11818496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-09-16 16:13 - 2014-07-29 20:56 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2014-09-16 16:13 - 2014-07-29 00:22 - 00205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpmon.dll
2014-09-16 16:13 - 2014-07-24 10:20 - 21266336 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-09-16 16:13 - 2014-07-24 08:46 - 18760328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-09-16 16:13 - 2014-07-24 04:44 - 16874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-09-16 16:13 - 2014-07-24 04:16 - 12730880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-09-16 16:13 - 2014-07-24 02:39 - 02642944 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-09-16 16:13 - 2014-07-24 02:30 - 02318336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-09-16 16:12 - 2014-07-24 10:28 - 00468288 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-09-16 16:12 - 2014-07-24 10:28 - 00419648 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2014-09-16 16:12 - 2014-07-24 10:28 - 00412992 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-09-16 16:12 - 2014-07-24 10:28 - 00280384 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2014-09-16 16:12 - 2014-07-24 10:28 - 00143680 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2014-09-16 16:12 - 2014-07-24 10:25 - 00054752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-09-16 16:12 - 2014-07-24 10:23 - 01519488 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2014-09-16 16:12 - 2014-07-24 10:23 - 00125472 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2014-09-16 16:12 - 2014-07-24 10:20 - 00645592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2014-09-16 16:12 - 2014-07-24 10:20 - 00263400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-09-16 16:12 - 2014-07-24 10:16 - 02574208 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2014-09-16 16:12 - 2014-07-24 10:16 - 00211216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVol.exe
2014-09-16 16:12 - 2014-07-24 10:07 - 07424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-09-16 16:12 - 2014-07-24 10:07 - 02009920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2014-09-16 16:12 - 2014-07-24 10:05 - 01660048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-09-16 16:12 - 2014-07-24 10:05 - 01519560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-09-16 16:12 - 2014-07-24 10:05 - 01488008 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2014-09-16 16:12 - 2014-07-24 10:05 - 01356840 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2014-09-16 16:12 - 2014-07-24 10:03 - 02141920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-09-16 16:12 - 2014-07-24 10:03 - 00882136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2014-09-16 16:12 - 2014-07-24 10:03 - 00818624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-09-16 16:12 - 2014-07-24 10:03 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2014-09-16 16:12 - 2014-07-24 10:03 - 00233888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-09-16 16:12 - 2014-07-24 10:03 - 00205512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll
2014-09-16 16:12 - 2014-07-24 09:57 - 02515264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-09-16 16:12 - 2014-07-24 09:57 - 00475968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2014-09-16 16:12 - 2014-07-24 08:50 - 00098048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2014-09-16 16:12 - 2014-07-24 08:48 - 02410976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2014-09-16 16:12 - 2014-07-24 08:48 - 00180208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVol.exe
2014-09-16 16:12 - 2014-07-24 08:46 - 00477200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2014-09-16 16:12 - 2014-07-24 08:36 - 02145472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-09-16 16:12 - 2014-07-24 08:36 - 00707536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2014-09-16 16:12 - 2014-07-24 08:36 - 00674512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-09-16 16:12 - 2014-07-24 08:36 - 00355800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2014-09-16 16:12 - 2014-07-24 08:36 - 00180720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll
2014-09-16 16:12 - 2014-07-24 06:51 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRUM.DLL
2014-09-16 16:12 - 2014-07-24 06:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDYAK.DLL
2014-09-16 16:12 - 2014-07-24 06:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDTT102.DLL
2014-09-16 16:12 - 2014-07-24 06:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDTAT.DLL
2014-09-16 16:12 - 2014-07-24 06:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRU1.DLL
2014-09-16 16:12 - 2014-07-24 06:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDBASH.DLL
2014-09-16 16:12 - 2014-07-24 06:51 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRU.DLL
2014-09-16 16:12 - 2014-07-24 06:47 - 00132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2014-09-16 16:12 - 2014-07-24 06:46 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2014-09-16 16:12 - 2014-07-24 06:45 - 00076800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2014-09-16 16:12 - 2014-07-24 06:44 - 00674816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2014-09-16 16:12 - 2014-07-24 06:43 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2014-09-16 16:12 - 2014-07-24 06:42 - 01200640 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2014-09-16 16:12 - 2014-07-24 06:42 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2014-09-16 16:12 - 2014-07-24 06:42 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\NdisImPlatform.sys
2014-09-16 16:12 - 2014-07-24 06:41 - 00118272 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys
2014-09-16 16:12 - 2014-07-24 06:41 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2014-09-16 16:12 - 2014-07-24 06:33 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-09-16 16:12 - 2014-07-24 06:33 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2014-09-16 16:12 - 2014-07-24 06:22 - 00308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2014-09-16 16:12 - 2014-07-24 06:06 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasnap.dll
2014-09-16 16:12 - 2014-07-24 06:05 - 00287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2014-09-16 16:12 - 2014-07-24 06:05 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2014-09-16 16:12 - 2014-07-24 05:52 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDYAK.DLL
2014-09-16 16:12 - 2014-07-24 05:52 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDTT102.DLL
2014-09-16 16:12 - 2014-07-24 05:52 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDTAT.DLL
2014-09-16 16:12 - 2014-07-24 05:51 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRUM.DLL
2014-09-16 16:12 - 2014-07-24 05:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRU1.DLL
2014-09-16 16:12 - 2014-07-24 05:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDBASH.DLL
2014-09-16 16:12 - 2014-07-24 05:51 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRU.DLL
2014-09-16 16:12 - 2014-07-24 05:49 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersGPExt.dll
2014-09-16 16:12 - 2014-07-24 05:33 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-09-16 16:12 - 2014-07-24 05:32 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\powercfg.cpl
2014-09-16 16:12 - 2014-07-24 05:20 - 02050560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2014-09-16 16:12 - 2014-07-24 05:18 - 01089024 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpedit.dll
2014-09-16 16:12 - 2014-07-24 05:12 - 00878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
2014-09-16 16:12 - 2014-07-24 05:10 - 01844224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2014-09-16 16:12 - 2014-07-24 05:10 - 00834560 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2014-09-16 16:12 - 2014-07-24 05:10 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2014-09-16 16:12 - 2014-07-24 05:10 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasnap.dll
2014-09-16 16:12 - 2014-07-24 05:09 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-09-16 16:12 - 2014-07-24 05:06 - 00438272 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2014-09-16 16:12 - 2014-07-24 05:05 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2014-09-16 16:12 - 2014-07-24 04:53 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll
2014-09-16 16:12 - 2014-07-24 04:52 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2014-09-16 16:12 - 2014-07-24 04:42 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\powercfg.cpl
2014-09-16 16:12 - 2014-07-24 04:40 - 00557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2014-09-16 16:12 - 2014-07-24 04:39 - 00770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2014-09-16 16:12 - 2014-07-24 04:33 - 01741824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2014-09-16 16:12 - 2014-07-24 04:32 - 01048064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpedit.dll
2014-09-16 16:12 - 2014-07-24 04:27 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-09-16 16:12 - 2014-07-24 04:27 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2014-09-16 16:12 - 2014-07-24 04:25 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenter.dll
2014-09-16 16:12 - 2014-07-24 04:24 - 01817088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2014-09-16 16:12 - 2014-07-24 04:23 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2014-09-16 16:12 - 2014-07-24 04:21 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2014-09-16 16:12 - 2014-07-24 04:18 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2014-09-16 16:12 - 2014-07-24 04:14 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2014-09-16 16:12 - 2014-07-24 04:13 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll
2014-09-16 16:12 - 2014-07-24 04:12 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2014-09-16 16:12 - 2014-07-24 04:11 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\conhost.exe
2014-09-16 16:12 - 2014-07-24 04:11 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2014-09-16 16:12 - 2014-07-24 04:10 - 00540672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2014-09-16 16:12 - 2014-07-24 04:09 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2014-09-16 16:12 - 2014-07-24 04:04 - 00492032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2014-09-16 16:12 - 2014-07-24 04:04 - 00183808 _____ (Microsoft Corp.) C:\WINDOWS\system32\Defrag.exe
2014-09-16 16:12 - 2014-07-24 04:03 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2014-09-16 16:12 - 2014-07-24 04:02 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2014-09-16 16:12 - 2014-07-24 03:58 - 00105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2014-09-16 16:12 - 2014-07-24 03:53 - 01261056 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2014-09-16 16:12 - 2014-07-24 03:53 - 00449536 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2014-09-16 16:12 - 2014-07-24 03:49 - 01361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2014-09-16 16:12 - 2014-07-24 03:49 - 01287680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-09-16 16:12 - 2014-07-24 03:49 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2014-09-16 16:12 - 2014-07-24 03:49 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2014-09-16 16:12 - 2014-07-24 03:48 - 00659968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2014-09-16 16:12 - 2014-07-24 03:47 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2014-09-16 16:12 - 2014-07-24 03:43 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll
2014-09-16 16:12 - 2014-07-24 03:39 - 02397184 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2014-09-16 16:12 - 2014-07-24 03:38 - 00371200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2014-09-16 16:12 - 2014-07-24 03:36 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2014-09-16 16:12 - 2014-07-24 03:32 - 01532416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-09-16 16:12 - 2014-07-24 03:30 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2014-09-16 16:12 - 2014-07-24 03:29 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2014-09-16 16:12 - 2014-07-24 03:28 - 00595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2014-09-16 16:12 - 2014-07-24 03:27 - 00907776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2014-09-16 16:12 - 2014-07-24 03:24 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-16 16:12 - 2014-07-24 03:23 - 01404416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2014-09-16 16:12 - 2014-07-24 03:22 - 00487936 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2014-09-16 16:12 - 2014-07-24 03:21 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2014-09-16 16:12 - 2014-07-24 03:21 - 00302080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2014-09-16 16:12 - 2014-07-24 03:20 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2014-09-16 16:12 - 2014-07-24 03:19 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-09-16 16:12 - 2014-07-24 03:18 - 01144320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2014-09-16 16:12 - 2014-07-24 03:18 - 00795136 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2014-09-16 16:12 - 2014-07-24 03:18 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-09-16 16:12 - 2014-07-24 03:16 - 00505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\VAN.dll
2014-09-16 16:12 - 2014-07-24 03:16 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2014-09-16 16:12 - 2014-07-24 03:15 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-09-16 16:12 - 2014-07-24 03:15 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2014-09-16 16:12 - 2014-07-24 03:15 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2014-09-16 16:12 - 2014-07-24 03:13 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2014-09-16 16:12 - 2014-07-24 03:12 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-16 16:12 - 2014-07-24 03:10 - 01029632 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-09-16 16:12 - 2014-07-24 03:10 - 00889344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2014-09-16 16:12 - 2014-07-24 03:10 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-09-16 16:12 - 2014-07-24 03:10 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2014-09-16 16:12 - 2014-07-24 03:08 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2014-09-16 16:12 - 2014-07-24 03:08 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2014-09-16 16:12 - 2014-07-24 03:07 - 01705472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-09-16 16:12 - 2014-07-24 03:06 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-09-16 16:12 - 2014-07-24 03:05 - 00448000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VAN.dll
2014-09-16 16:12 - 2014-07-24 03:04 - 00667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-09-16 16:12 - 2014-07-24 03:02 - 03465216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-09-16 16:12 - 2014-07-24 03:01 - 05833216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-09-16 16:12 - 2014-07-24 03:01 - 01992192 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2014-09-16 16:12 - 2014-07-24 03:01 - 01126912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-09-16 16:12 - 2014-07-24 03:00 - 02100736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-09-16 16:12 - 2014-07-24 02:58 - 00432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2014-09-16 16:12 - 2014-07-24 02:58 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2014-09-16 16:12 - 2014-07-24 02:54 - 01290752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2014-09-16 16:12 - 2014-07-24 02:50 - 01182208 _____ (Microsoft Corporation) C:\WINDOWS\system32\printui.dll
2014-09-16 16:12 - 2014-07-24 02:50 - 00923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-09-16 16:12 - 2014-07-24 02:49 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2014-09-16 16:12 - 2014-07-24 02:47 - 00576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2014-09-16 16:12 - 2014-07-24 02:46 - 08652800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-09-16 16:12 - 2014-07-24 02:44 - 01057792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\printui.dll
2014-09-16 16:12 - 2014-07-24 02:43 - 02696704 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-09-16 16:12 - 2014-07-24 02:43 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-09-16 16:12 - 2014-07-24 02:43 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2014-09-16 16:12 - 2014-07-24 02:41 - 00459264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2014-09-16 16:12 - 2014-07-24 02:38 - 06649344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-09-16 16:12 - 2014-07-24 02:38 - 05777408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-09-16 16:12 - 2014-07-24 02:33 - 03360768 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-09-16 16:12 - 2014-07-24 02:28 - 01600000 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2014-09-16 16:12 - 2014-07-23 23:11 - 00513544 _____ () C:\WINDOWS\SysWOW64\locale.nls
2014-09-16 16:12 - 2014-07-23 23:11 - 00513544 _____ () C:\WINDOWS\system32\locale.nls
2014-09-16 16:12 - 2014-07-12 00:55 - 00268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll
2014-09-16 16:12 - 2014-07-12 00:23 - 00436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2014-09-16 16:12 - 2014-07-11 23:58 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wisp.dll
2014-09-16 16:12 - 2014-07-11 23:33 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2014-09-16 16:12 - 2014-07-11 23:13 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-09-16 16:12 - 2014-07-09 18:19 - 00387391 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-09-16 16:12 - 2014-07-04 07:59 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2014-09-16 16:12 - 2014-07-04 05:29 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll
2014-09-16 16:12 - 2014-07-04 05:20 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2014-09-16 16:12 - 2014-07-04 05:06 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxSip.dll
2014-09-16 16:12 - 2014-07-04 05:00 - 01351168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2014-09-16 16:12 - 2014-07-04 04:30 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2014-09-16 16:12 - 2014-07-04 04:27 - 00474112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2014-09-16 16:12 - 2014-06-27 01:22 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2014-09-16 16:12 - 2014-06-25 19:32 - 01029632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-09-16 16:12 - 2014-06-25 19:29 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2014-09-16 16:12 - 2014-06-19 18:37 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-09-16 16:12 - 2014-06-18 21:13 - 00310080 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-09-16 16:12 - 2014-06-14 01:03 - 02389504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2014-09-16 16:12 - 2014-06-14 00:46 - 02071552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2014-09-16 16:12 - 2014-06-07 07:46 - 00216368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2014-09-16 16:12 - 2014-06-07 05:20 - 00189016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2014-09-16 16:12 - 2014-06-05 09:00 - 01118040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2014-09-16 16:12 - 2014-06-05 05:18 - 01018368 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2014-09-16 16:12 - 2014-06-05 04:42 - 00889856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2014-09-16 16:12 - 2014-05-31 00:00 - 01463808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2014-09-16 16:12 - 2014-05-30 23:18 - 01319936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2014-09-16 16:12 - 2014-05-29 01:23 - 00427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2014-09-16 16:12 - 2014-05-29 00:25 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2014-09-16 16:12 - 2014-05-29 00:20 - 00427520 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2014-09-16 16:12 - 2014-05-28 23:36 - 00344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2014-09-16 16:12 - 2014-05-26 02:26 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2014-09-16 16:12 - 2014-05-10 05:12 - 00387896 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2014-09-16 16:12 - 2014-05-10 03:46 - 00335680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2014-09-16 16:12 - 2014-05-05 23:41 - 00486744 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2014-09-16 16:12 - 2014-05-05 19:55 - 00391000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2014-09-16 16:12 - 2014-03-24 21:27 - 00160600 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmmbase.dll
2014-09-16 16:12 - 2014-03-24 21:27 - 00123920 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmm.dll
2014-09-16 16:12 - 2014-03-24 20:20 - 00128568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmm.dll
2014-09-16 16:12 - 2014-03-24 20:20 - 00127544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmmbase.dll
2014-09-16 16:05 - 2014-08-14 19:36 - 00146752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-13 12:02 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-10-13 11:46 - 2014-07-10 12:41 - 00000926 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3142402048-706546196-1541975245-1001UA.job
2014-10-13 11:38 - 2014-04-25 18:14 - 01129879 _____ () C:\WINDOWS\WindowsUpdate.log
2014-10-13 11:29 - 2014-07-10 12:24 - 00000914 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-13 11:28 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-10-13 00:16 - 2014-09-05 14:42 - 00004974 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for FAMILYPC-Jason FamilyPC
2014-10-12 22:33 - 2014-04-21 11:13 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3142402048-706546196-1541975245-1001
2014-10-12 12:46 - 2014-07-10 12:41 - 00000874 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3142402048-706546196-1541975245-1001Core.job
2014-10-12 12:29 - 2014-07-10 12:24 - 00000910 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-11 16:33 - 2014-06-24 13:14 - 00000000 ____D () C:\Users\Jason\Desktop\Second Grade 2014
2014-10-10 06:45 - 2014-04-21 11:05 - 00000000 ____D () C:\Users\Jason\AppData\Local\Packages
2014-10-08 13:44 - 2013-08-22 08:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-10-07 19:58 - 2014-03-18 05:03 - 00865408 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-10-07 19:54 - 2013-08-22 09:46 - 00299086 _____ () C:\WINDOWS\setupact.log
2014-10-07 14:34 - 2014-09-11 09:39 - 00000000 ____D () C:\Users\Jason\Desktop\Current Job Hunt
2014-10-07 10:49 - 2014-04-25 21:50 - 00000000 ___DO () C:\Users\Jason\OneDrive
2014-10-07 10:48 - 2014-07-06 13:28 - 00000173 ___SH () C:\ProgramData\.zreglib
2014-10-07 10:44 - 2013-08-23 18:49 - 00000000 ____D () C:\Program Files (x86)\Dell Backup and Recovery
2014-10-07 10:41 - 2013-08-22 09:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-10-07 10:04 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-10-07 09:50 - 2013-08-22 09:44 - 00481880 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-10-07 09:49 - 2014-03-18 04:54 - 00020210 _____ () C:\WINDOWS\PFRO.log
2014-10-07 09:49 - 2013-08-22 08:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2014-10-07 08:08 - 2014-03-18 04:45 - 00000000 ____D () C:\Program Files\Windows Journal
2014-10-07 08:08 - 2013-08-22 10:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-10-07 08:08 - 2013-08-22 10:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-10-07 08:08 - 2013-08-22 10:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-10-07 08:08 - 2013-08-22 10:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-10-07 08:08 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-10-07 08:08 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\setup
2014-10-07 08:08 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\InputMethod
2014-10-07 08:08 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\setup
2014-10-07 08:08 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-10-06 17:19 - 2014-09-09 08:43 - 00000000 ____D () C:\Users\Jason\Desktop\new patient forms
2014-10-04 15:02 - 2014-04-21 12:39 - 01003520 _____ () C:\Users\Jason\Desktop\CONTACTS.MDB
2014-09-28 18:32 - 2014-09-08 17:14 - 00000000 ____D () C:\Users\Jason\Desktop\Football 9_6_14
2014-09-23 19:39 - 2012-07-26 02:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-09-23 06:57 - 2014-04-21 11:19 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-09-15 06:19 - 2013-08-23 18:54 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-09-14 04:30 - 2014-04-22 03:17 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-09-14 04:24 - 2014-04-22 03:17 - 101694776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

Some content of TEMP:
====================
C:\Users\Jason\AppData\Local\Temp\temp0NikeConnectconnect6pcupdate.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-10-13 04:51

==================== End Of Log ============================

 

Addition Log:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-10-2014 02
Ran by Jason at 2014-10-13 12:03:39
Running from C:\Users\Jason\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 14.0.0.110 - Adobe Systems Incorporated) Hidden
AnyDVD (HKLM-x32\...\AnyDVD) (Version: 7.4.8.0 - SlySoft)
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
ChromecastApp (HKCU\...\{079ede36-133d-44b0-8053-c7c1fa8d2e0d}_is1) (Version: 1.5.316.0 - Google Inc.)
CloneDVD2 (HKLM-x32\...\CloneDVD2) (Version: 2.9.3.0 - Elaborate Bytes)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell App Launcher for Unifying Software (HKLM\...\Unifying Software Launcher) (Version: 1.00.44 - Logitech)
Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.6.2.4 - Dell Inc.)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.6.2.4 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{C0C47F85-F48F-4709-9150-3FA62FA2DEAF}) (Version: 2.6.1000.0 - Dell Products, LP)
Dell Product Registration (HKLM-x32\...\{2A0F2CC5-3065-492C-8380-B03AA7106B1A}) (Version: 1.16.1 - Dell Inc.)
Dell Wireless Keyboard Software (HKLM-x32\...\{00A73CE4-4595-420A-8E6E-8495EE481584}) (Version: 1.1.0.0 - Dell)
Dell_DTM_X64 (HKLM\...\{7790387F-1753-4EF9-AFB4-207FA1A741BC}) (Version: 1.0.0.83 - Dell)
Dell_SWEQ (HKLM-x32\...\{DC14FF2A-EB53-4093-847D-9314E9555BB6}) (Version: 1.0.0.5 - Dell)
DSC/AA Factory Installer (Version: 3.3.6261.27 - PC-Doctor, Inc.) Hidden
DVD Shrink 3.2 (HKLM-x32\...\DVD Shrink_is1) (Version:  - DVD Shrink)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.101 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
HandBrake 0.9.9.1 (HKLM-x32\...\HandBrake) (Version: 0.9.9.1 - )
IdentityMine Air Hockey (HKLM-x32\...\{4E1AF3C1-9DFD-47CB-805F-EDC700608AD1}) (Version: 1.0.0.0 - IdentityMine)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.30.1349 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3412 - Intel Corporation)
Intel® Rapid Start Technology (HKLM-x32\...\3D073343-CEEB-4ce7-85AC-A69A7631B5D6) (Version: 2.1.0.1002 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.27.757.1 - Intel Corporation) Hidden
iTunes (HKLM\...\{1CF5754A-545B-4360-BFDE-2847BC728DFC}) (Version: 11.2.0.115 - Apple Inc.)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
Logitech Unifying Software 2.10 (HKLM\...\Logitech Unifying) (Version: 2.10.37 - Logitech)
McAfee LiveSafe – Internet Security (HKLM-x32\...\MSC) (Version: 12.8.988 - McAfee, Inc.)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 15.0.4649.1003 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)
Nike+ Connect (HKLM-x32\...\Nike+ Connect) (Version: 6.5.17 - Nike)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4649.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4649.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4649.1003 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Qualcomm Atheros Bandwidth Control Filter Driver (Version: 1.0.25.1039 - Qualcomm Atheros) Hidden
Qualcomm Atheros Bluetooth Suite (64) (Version: 8.0.0.228 - Qualcomm Atheros Communications) Hidden
Qualcomm Atheros Killer Wireless-N Drivers (Version: 1.0.25.1039 - Qualcomm Atheros) Hidden
Qualcomm Atheros Network Manager (Version: 1.0.25.1039 - Qualcomm Atheros) Hidden
Qualcomm Atheros Performance Suite (HKLM-x32\...\{F19C0710-172E-445A-96C6-4BCB6EFE4901}) (Version: 1.0.25.1039 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6845 - Realtek Semiconductor Corp.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Shutterfly Express Uploader (HKLM-x32\...\com.Shutterfly.ExpressUploader) (Version: 1.2.0.0 - Shutterfly, Inc.)
Shutterfly Express Uploader (x32 Version: 1.2.0 - Shutterfly, Inc.) Hidden
ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.11.0038 - ST Microelectronics)
Ubiquiti UniFi (remove only) (HKLM-x32\...\Ubiquiti UniFi) (Version:  - )
Update for Microsoft en-us Dictionary (Version: 16.1.1073.1 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3142402048-706546196-1541975245-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Jason\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3142402048-706546196-1541975245-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Jason\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)

==================== Restore Points  =========================

24-09-2014 00:38:02 Windows Update
01-10-2014 11:11:25 Scheduled Checkpoint
11-10-2014 10:46:44 Scheduled Checkpoint

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 08:25 - 2013-08-22 08:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C81D4EC-B638-4C20-AF68-70677903D507} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-10] (Google Inc.)
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {4082D5D0-355C-4B81-A899-087DAB45D07F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-10] (Google Inc.)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {5AAD91D9-F841-4C64-8AA5-99DBD54B33E0} - System32\Tasks\Intel® Rapid Start Technology Manager => C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe [2012-07-19] (Intel)
Task: {5B0E79F5-EF53-4E83-B0EE-38ED72410451} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-08-29] (Microsoft Corporation)
Task: {5BF77B10-2D3F-45E9-87D1-4913448D0F01} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3142402048-706546196-1541975245-1001Core => C:\Users\Jason\AppData\Local\Google\Update\GoogleUpdate.exe [2014-07-10] (Google Inc.)
Task: {5CD2B59F-3B36-45A0-ACF9-32FE16EE7130} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2014-01-31] (PC-Doctor, Inc.)
Task: {67B8B495-6E27-4DD2-964B-5A356BDA7287} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-08-12] (Microsoft Corporation)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A5B096A3-0FB5-440F-BCB0-E060C440BD68} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-08-29] (Microsoft Corporation)
Task: {AA7C717D-E053-413F-91F9-BCF4C9095DA7} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {AC97006A-02A9-43F8-9D17-B9407F9E1202} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3142402048-706546196-1541975245-1001UA => C:\Users\Jason\AppData\Local\Google\Update\GoogleUpdate.exe [2014-07-10] (Google Inc.)
Task: {BF58E14B-1069-43E0-80DD-BB525A2FD9CD} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {C5312AEE-8D36-4833-B519-883C33E69BA9} - System32\Tasks\Microsoft Office 15 Sync Maintenance for FAMILYPC-Jason FamilyPC => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2014-09-23] (Microsoft Corporation)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D08F1AB1-8F5E-4779-937E-7A750E734C77} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-03-18] (Microsoft Corporation)
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E00CC0A5-A808-41FC-B7F9-669AC2CCB681} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2014-01-31] (PC-Doctor, Inc.)
Task: {E063FE0C-FD8D-4884-9224-A281DA23E787} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-09-14] (Microsoft Corporation)
Task: {E2ACF668-4308-4463-9ECA-B3DD4467FB01} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {E3BDCA69-0278-4D27-AE94-D673C4802877} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {EFFC39BF-D98C-432D-8F68-EF42C28ED23C} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {F4BA3E7C-4A23-4646-8B9D-8467D8C3D3EB} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {FBE3582F-4701-418F-95A0-49442EBFF2CA} - System32\Tasks\Dell\Dell System Registration => C:\Program Files (x86)\System Registration\prodreg.exe [2012-07-09] (Dell, Inc.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3142402048-706546196-1541975245-1001Core.job => C:\Users\Jason\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3142402048-706546196-1541975245-1001UA.job => C:\Users\Jason\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-04-22 06:01 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-06-17 13:26 - 2013-06-17 13:26 - 00017408 _____ () C:\Program Files (x86)\Dell_DTM_WPF\DTM_Service\WindowsService_DTM.exe
2013-03-13 13:09 - 2013-03-13 13:09 - 00027648 _____ () C:\Program Files (x86)\Dell_SWEQ\SWEQ_Service\WindowsService_Inclinometer.exe
2013-05-31 03:23 - 2013-05-31 03:23 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-05-31 03:19 - 2013-05-31 03:19 - 00086016 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2013-05-31 03:53 - 2013-05-31 03:53 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
2014-01-25 02:22 - 2014-01-25 02:22 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-06-26 15:37 - 2013-06-26 15:37 - 00282624 _____ () C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
2013-08-23 18:39 - 2012-11-15 17:35 - 00411648 _____ () C:\Program Files (x86)\Dell\Dell Wireless Keyboard Software\CDCtr.exe
2014-04-26 19:52 - 2014-04-26 19:53 - 00081920 _____ () C:\Program Files\WindowsApps\McAfeeInc.01.McAfeeSecurityAdvisorforDell_3.5.122.1_x64__n49tcsmxt2t2c\McCloudShim.dll
2014-04-26 19:52 - 2014-04-26 19:53 - 00220160 _____ () C:\Program Files\WindowsApps\McAfeeInc.01.McAfeeSecurityAdvisorforDell_3.5.122.1_x64__n49tcsmxt2t2c\McIHART.dll
2014-10-11 05:46 - 2014-10-11 05:46 - 00045568 _____ () C:\Users\Jason\AppData\Local\Packages\disney.agentpstrikesback_6rarf9sa4v8jt\AC\Microsoft\CLR_v4.0\NativeImages\Win8Ext\c44029212a544bdf6402b6d4395c03e8\Win8Ext.ni.dll
2014-04-25 22:16 - 2014-04-25 22:17 - 00032256 _____ () C:\Program Files\WindowsApps\Disney.AgentPStrikesBack_1.0.0.19_x64__6rarf9sa4v8jt\GameController.dll
2014-05-10 14:59 - 2014-05-10 14:59 - 00178688 _____ () C:\Program Files\WindowsApps\21465DeveciGames.BasketballPro_1.0.0.26_neutral__erb9h5297r278\Basketball Pro.exe
2014-05-10 14:56 - 2014-05-10 14:59 - 06633472 _____ () C:\Program Files\WindowsApps\Microsoft.Studios.PinballFx2_1.6.0.594_x86__8wekyb3d8bbwe\PinballFX2.exe
2014-09-23 06:54 - 2014-09-23 06:54 - 08894120 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-04-27 04:11 - 2014-04-27 04:11 - 00228864 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Foundation\cf021988965369c551bb0987fe019862\Windows.Foundation.ni.dll
2013-08-23 18:39 - 2013-01-13 23:25 - 01200088 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2013-08-23 18:39 - 2012-11-15 18:07 - 00061440 _____ () C:\Program Files (x86)\Dell\Dell Wireless Keyboard Software\CDCTR.DLL
2014-10-09 20:30 - 2014-10-01 00:54 - 01042760 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.101\libglesv2.dll
2014-10-09 20:30 - 2014-10-01 00:54 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.101\libegl.dll
2014-10-09 20:30 - 2014-10-01 00:54 - 08911176 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.101\pdf.dll
2014-10-09 20:30 - 2014-10-01 00:54 - 01681224 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.101\ffmpegsumo.dll
2014-09-15 12:19 - 2014-09-15 12:19 - 00875008 _____ () C:\Users\Jason\AppData\Local\Packages\21465devecigames.basketballpro_erb9h5297r278\AC\Microsoft\CLR_v4.0_32\NativeImages\Basketball Pro\61595f8141ef493ffa53e93964fdd471\Basketball Pro.ni.exe
2014-04-27 04:11 - 2014-04-27 04:11 - 03530752 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.UI.Xaml\f2bf020fc6307e10194fd94e85d52a72\Windows.UI.Xaml.ni.dll
2014-09-15 12:19 - 2014-09-15 12:19 - 02019840 _____ () C:\Users\Jason\AppData\Local\Packages\21465devecigames.basketballpro_erb9h5297r278\AC\Microsoft\CLR_v4.0_32\NativeImages\MonoGame.Frb8b89373#\97618afa4475fde56e7f86e1b6ccfc24\MonoGame.Framework.Windows8.ni.dll
2014-04-27 04:11 - 2014-04-27 04:11 - 01130496 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.App640a3541#\224ab0385dc2991b9139bdbf7bcf8e0e\Windows.ApplicationModel.ni.dll
2014-04-27 04:11 - 2014-04-27 04:11 - 00960000 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.UI\c95c4deae76420a882bef7161a449d72\Windows.UI.ni.dll
2014-04-27 04:11 - 2014-04-27 04:12 - 00402432 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Security\27136c94fce321fc4e76bccb5fc38fe0\Windows.Security.ni.dll
2014-04-27 04:11 - 2014-04-27 04:11 - 00808448 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Storage\f3deb382d1f91df4e2bf1801afb4ea21\Windows.Storage.ni.dll
2014-04-27 04:11 - 2014-04-27 04:11 - 00304128 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Graphics\4e33edd5ee2ee09f751c0071ba0a26c3\Windows.Graphics.ni.dll
2014-04-27 04:11 - 2014-04-27 04:11 - 00337920 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Data\95e459fe3e0f12f2dc9f48fb91886621\Windows.Data.ni.dll
2014-04-27 04:12 - 2014-04-27 04:12 - 00133120 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.System\726121cd59d8545addcd2c64688b5309\Windows.System.ni.dll
2014-04-27 04:12 - 2014-04-27 04:12 - 00238080 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Gloaae92e31#\a1306b1fdd9c22508f9e5d901fceb4cd\Windows.Globalization.ni.dll
2014-04-27 04:12 - 2014-04-27 04:12 - 00797696 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Networking\66db718389f1cd2503053c09b3de857f\Windows.Networking.ni.dll
2014-10-09 20:30 - 2014-10-01 00:54 - 00310088 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.101\libexif.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Jason\OneDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

========================= Accounts: ==========================

Administrator (S-1-5-21-3142402048-706546196-1541975245-500 - Administrator - Disabled)
Guest (S-1-5-21-3142402048-706546196-1541975245-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3142402048-706546196-1541975245-1003 - Limited - Enabled)
Jason (S-1-5-21-3142402048-706546196-1541975245-1001 - Administrator - Enabled) => C:\Users\Jason

==================== Faulty Device Manager Devices =============

Name: Bluetooth Audio Device
Description: Bluetooth Audio Device
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Qualcomm Atheros Communications
Service: BTATH_A2DP
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Virtual Bluetooth Support (Include Audio)
Description: Virtual Bluetooth Support (Include Audio)
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Qualcomm Atheros Communications
Service: AthBTPort
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Bluetooth LWFLT Device
Description: Bluetooth LWFLT Device
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Qualcomm Atheros Communications
Service: BTATH_LWFLT
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

==================== Event log errors: =========================

Application errors:
==================
Error: (10/13/2014 04:51:52 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1".Error in manifest or policy file "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" on line UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Please use sxstrace.exe for detailed diagnosis.

Error: (10/12/2014 05:38:29 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1".Error in manifest or policy file "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" on line UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Please use sxstrace.exe for detailed diagnosis.

Error: (10/12/2014 05:37:52 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1".Error in manifest or policy file "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" on line UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Please use sxstrace.exe for detailed diagnosis.

Error: (10/11/2014 10:03:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.3.9600.17284, time stamp: 0x53f816dc
Faulting module name: twinui.dll, version: 6.3.9600.17284, time stamp: 0x53f81955
Exception code: 0xc0000005
Fault offset: 0x00000000001e6b73
Faulting process id: 0xe6c
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3
Faulting package full name: Explorer.EXE4
Faulting package-relative application ID: Explorer.EXE5

Error: (10/11/2014 10:03:02 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Explorer.EXE
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: exception code c0000005, exception address 00007FFC45A96B73

Error: (10/11/2014 05:46:08 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1".Error in manifest or policy file "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" on line UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Please use sxstrace.exe for detailed diagnosis.

Error: (10/10/2014 06:44:00 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1".Error in manifest or policy file "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" on line UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Please use sxstrace.exe for detailed diagnosis.

Error: (10/10/2014 06:42:57 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1".Error in manifest or policy file "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" on line UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Please use sxstrace.exe for detailed diagnosis.

Error: (10/09/2014 06:31:34 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: The volume \\?\Volume{ae972c2e-efca-432f-a143-8ad838c2bd5f}\ was not optimized because an error was encountered: The parameter is incorrect. (0x80070057)

Error: (10/09/2014 06:31:34 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: The volume WINRETOOLS was not optimized because an error was encountered: The parameter is incorrect. (0x80070057)

System errors:
=============
Error: (10/12/2014 03:23:37 PM) (Source: DCOM) (EventID: 10010) (User: FAMILYPC)
Description: {209500FC-6B45-4693-8871-6296C4843751}

Error: (10/11/2014 01:46:49 PM) (Source: DCOM) (EventID: 10010) (User: FAMILYPC)
Description: {209500FC-6B45-4693-8871-6296C4843751}

Error: (10/10/2014 02:11:32 PM) (Source: DCOM) (EventID: 10010) (User: FAMILYPC)
Description: {209500FC-6B45-4693-8871-6296C4843751}

Error: (10/07/2014 10:50:02 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {6DFC2D17-579D-4C1C-93B7-B05B7DCCD766}

Error: (10/07/2014 10:44:04 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel® Rapid Storage Technology service terminated unexpectedly.  It has done this 1 time(s).

Error: (10/07/2014 09:52:23 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel® Rapid Storage Technology service terminated unexpectedly.  It has done this 1 time(s).

Error: (10/07/2014 08:15:14 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel® Rapid Storage Technology service terminated unexpectedly.  It has done this 1 time(s).

Error: (10/07/2014 08:08:00 AM) (Source: DCOM) (EventID: 10010) (User: FAMILYPC)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (10/07/2014 08:08:00 AM) (Source: DCOM) (EventID: 10010) (User: FAMILYPC)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (10/07/2014 08:08:00 AM) (Source: DCOM) (EventID: 10010) (User: FAMILYPC)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Microsoft Office Sessions:
=========================
Error: (10/13/2014 04:51:52 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0"C:\Program Files\Microsoft Office 15\root\office15\lync.exe.ManifestC:\Program Files\Microsoft Office 15\root\office15\UccApi.DLL1

Error: (10/12/2014 05:38:29 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0"C:\Program Files\Microsoft Office 15\root\office15\lync.exe.ManifestC:\Program Files\Microsoft Office 15\root\office15\UccApi.DLL1

Error: (10/12/2014 05:37:52 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0"C:\Program Files\Microsoft Office 15\root\office15\lync.exe.ManifestC:\Program Files\Microsoft Office 15\root\office15\UccApi.DLL1

Error: (10/11/2014 10:03:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.3.9600.1728453f816dctwinui.dll6.3.9600.1728453f81955c000000500000000001e6b73e6c01cfe24613acd7d3C:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\twinui.dllb21503c5-5157-11e4-be87-70188b822470

Error: (10/11/2014 10:03:02 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Explorer.EXE
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: exception code c0000005, exception address 00007FFC45A96B73

Error: (10/11/2014 05:46:08 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0"C:\Program Files\Microsoft Office 15\root\office15\lync.exe.ManifestC:\Program Files\Microsoft Office 15\root\office15\UccApi.DLL1

Error: (10/10/2014 06:44:00 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0"C:\Program Files\Microsoft Office 15\root\office15\lync.exe.ManifestC:\Program Files\Microsoft Office 15\root\office15\UccApi.DLL1

Error: (10/10/2014 06:42:57 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0"C:\Program Files\Microsoft Office 15\root\office15\lync.exe.ManifestC:\Program Files\Microsoft Office 15\root\office15\UccApi.DLL1

Error: (10/09/2014 06:31:34 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: \\?\Volume{ae972c2e-efca-432f-a143-8ad838c2bd5f}\The parameter is incorrect. (0x80070057)

Error: (10/09/2014 06:31:34 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: WINRETOOLSThe parameter is incorrect. (0x80070057)

==================== Memory info ===========================

Processor: Intel® Core™ i5-3337U CPU @ 1.80GHz
Percentage of memory in use: 48%
Total physical RAM: 8057.99 MB
Available physical RAM: 4161.18 MB
Total Pagefile: 9337.99 MB
Available Pagefile: 4846.8 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:447.61 GB) (Free:111.14 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 8FC9D2E1)

Partition: GPT Partition Type.

========================================================
Disk: 1 (Size: 8 GB) (Disk ID: D2AC5E71)

Partition: GPT Partition Type.

==================== End Of Log ============================


Had to split post due to length of log.  Here is the TDSSKiller Log:

12:16:12.0480 0x03c8 TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58

12:16:12.0480 0x03c8 UEFI system

12:16:15.0903 0x03c8 ============================================================

12:16:15.0903 0x03c8 Current date / time: 2014/10/13 12:16:15.0903

12:16:15.0903 0x03c8 SystemInfo:

12:16:15.0903 0x03c8

12:16:15.0903 0x03c8 OS Version: 6.3.9600 ServicePack: 0.0

12:16:15.0903 0x03c8 Product type: Workstation

12:16:15.0903 0x03c8 ComputerName: FAMILYPC

12:16:15.0903 0x03c8 UserName: Jason

12:16:15.0903 0x03c8 Windows directory: C:\WINDOWS

12:16:15.0903 0x03c8 System windows directory: C:\WINDOWS

12:16:15.0903 0x03c8 Running under WOW64

12:16:15.0903 0x03c8 Processor architecture: Intel x64

12:16:15.0903 0x03c8 Number of processors: 4

12:16:15.0903 0x03c8 Page size: 0x1000

12:16:15.0903 0x03c8 Boot type: Normal boot

12:16:15.0903 0x03c8 ============================================================

12:16:16.0716 0x03c8 KLMD registered as C:\WINDOWS\system32\drivers\22547367.sys

12:16:16.0841 0x03c8 System UUID: {FF8235F4-606A-FBD4-EEFC-F9BDAFAD7B67}

12:16:17.0170 0x03c8 Drive \Device\Harddisk0\DR0 - Size: 0x74707B0E00 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED80, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

12:16:17.0170 0x03c8 Drive \Device\Harddisk1\DR1 - Size: 0x201200000 ( 8.02 Gb ), SectorSize: 0x200, Cylinders: 0x416, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

12:16:17.0170 0x03c8 ============================================================

12:16:17.0170 0x03c8 \Device\Harddisk0\DR0:

12:16:17.0170 0x03c8 GPT partitions:

12:16:17.0170 0x03c8 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {A8C10B83-D903-4AD7-9B14-9E9618DB2C8E}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0xFA000

12:16:17.0170 0x03c8 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {796BADD3-6BBF-4D9F-B631-466EB71A4965}, UniqueGUID: {348187AB-F297-4002-A52D-EB8B30771299}, Name: Basic data partition, StartLBA 0xFA800, BlocksNum 0x14000

12:16:17.0170 0x03c8 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {6FAEDFC3-C77D-4CC0-AE87-D4E03B2B7079}, Name: Microsoft reserved partition, StartLBA 0x10E800, BlocksNum 0x40000

12:16:17.0170 0x03c8 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {5E89EDCD-D7F2-459A-A59F-080B8DBFB8F7}, Name: Basic data partition, StartLBA 0x14E800, BlocksNum 0xF5000

12:16:17.0170 0x03c8 \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {FEE160E7-DF5D-4D48-9B72-BFF839F7E1F1}, Name: Basic data partition, StartLBA 0x243800, BlocksNum 0x37F36000

12:16:17.0170 0x03c8 \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {AE972C2E-EFCA-432F-A143-8AD838C2BD5F}, Name: , StartLBA 0x38179800, BlocksNum 0xE1000

12:16:17.0170 0x03c8 \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {F0C75E2B-B303-4E3A-9AB3-4FB1B69A93F7}, Name: Microsoft recovery partition, StartLBA 0x3825A800, BlocksNum 0x2128D87

12:16:17.0170 0x03c8 MBR partitions:

12:16:17.0170 0x03c8 \Device\Harddisk1\DR1:

12:16:17.0170 0x03c8 GPT partitions:

12:16:17.0170 0x03c8 \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {D3BFE2DE-3DAF-11DF-BA40-E3A556D89593}, UniqueGUID: {3885EB83-8315-465F-B0B7-1A1C2A5B6C1A}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x1008000

12:16:17.0170 0x03c8 MBR partitions:

12:16:17.0170 0x03c8 ============================================================

12:16:17.0170 0x03c8 C: <-> \Device\Harddisk0\DR0\Partition5

12:16:17.0170 0x03c8 ============================================================

12:16:17.0170 0x03c8 Initialize success

12:16:17.0170 0x03c8 ============================================================

12:16:18.0499 0x0aa8 ============================================================

12:16:18.0499 0x0aa8 Scan started

12:16:18.0499 0x0aa8 Mode: Manual;

12:16:18.0499 0x0aa8 ============================================================

12:16:18.0499 0x0aa8 KSN ping started

12:16:21.0047 0x0aa8 KSN ping finished: true

12:16:22.0407 0x0aa8 ================ Scan system memory ========================

12:16:22.0407 0x0aa8 System memory - ok

12:16:22.0407 0x0aa8 ================ Scan services =============================

12:16:22.0532 0x0aa8 [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys

12:16:22.0532 0x0aa8 1394ohci - ok

12:16:22.0563 0x0aa8 [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys

12:16:22.0563 0x0aa8 3ware - ok

12:16:22.0579 0x0aa8 [ 9539F7917B4B6D92C90F0FAA6B86C605, B4C284E8EECC2E7025053A3320EFDC9F47BCA9828853AD2A805DB826CA4AC27E ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys

12:16:22.0594 0x0aa8 ACPI - ok

12:16:22.0594 0x0aa8 [ A273E88FAC37A4F819ED99FE4B642F4D, 994DC229B7B4379852928DF0B22E8E575AB239FD8904AF580AA36A44ED717CD9 ] acpials C:\WINDOWS\system32\DRIVERS\acpials.sys

12:16:22.0594 0x0aa8 acpials - ok

12:16:22.0594 0x0aa8 [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys

12:16:22.0610 0x0aa8 acpiex - ok

12:16:22.0610 0x0aa8 [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys

12:16:22.0610 0x0aa8 acpipagr - ok

12:16:22.0610 0x0aa8 [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys

12:16:22.0610 0x0aa8 AcpiPmi - ok

12:16:22.0610 0x0aa8 [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys

12:16:22.0610 0x0aa8 acpitime - ok

12:16:22.0641 0x0aa8 [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS

12:16:22.0657 0x0aa8 ADP80XX - ok

12:16:22.0657 0x0aa8 [ 0F17D49BE041B7EFF1D33BF1414E7AC6, F8B536B60903814DF88DAF535753288537EF0993E42AA4E734EDA8D68B24C7AB ] AeLookupSvc C:\WINDOWS\System32\aelupsvc.dll

12:16:22.0672 0x0aa8 AeLookupSvc - ok

12:16:22.0672 0x0aa8 [ D1E343BC00136CE03C4D403194D06A80, 94F2543164A2CEA179EDE53E1294EE24391A59CAEFF83BA5CE9385E8E686E89C ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe

12:16:22.0672 0x0aa8 AERTFilters - ok

12:16:22.0688 0x0aa8 [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD C:\WINDOWS\system32\drivers\afd.sys

12:16:22.0704 0x0aa8 AFD - ok

12:16:22.0704 0x0aa8 [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys

12:16:22.0704 0x0aa8 agp440 - ok

12:16:22.0719 0x0aa8 [ 8E8E34B7BA059050EED827410D0697A2, 85B6684709F24729A6497563812A90A54068AC2DD9EEA03037CB1EEF5C85AAA9 ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys

12:16:22.0719 0x0aa8 ahcache - ok

12:16:22.0797 0x0aa8 [ A229390B2A3AC38DC7DF260E6C2700C2, 04F61A9C30F51518DB8D21601D783A57088C867A188E838BFEFF847F61F94F65 ] akw8x64 C:\WINDOWS\system32\DRIVERS\akw8x64.sys

12:16:22.0860 0x0aa8 akw8x64 - ok

12:16:22.0876 0x0aa8 [ A91D8E1E433EFB32551BCE69037E1CE7, 41DFDD5B56918D19D09DFB3E4B07460AA85647A8647ABBBB906158D8D6653290 ] ALG C:\WINDOWS\System32\alg.exe

12:16:22.0876 0x0aa8 ALG - ok

12:16:22.0876 0x0aa8 [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys

12:16:22.0891 0x0aa8 AmdK8 - ok

12:16:22.0891 0x0aa8 [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys

12:16:22.0891 0x0aa8 AmdPPM - ok

12:16:22.0891 0x0aa8 [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys

12:16:22.0907 0x0aa8 amdsata - ok

12:16:22.0907 0x0aa8 [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys

12:16:22.0907 0x0aa8 amdsbs - ok

12:16:22.0922 0x0aa8 [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys

12:16:22.0922 0x0aa8 amdxata - ok

12:16:22.0922 0x0aa8 [ 9F83C7EA6A97124DA6C207C1BE1FB3AC, 0C3315125F74C6252204016FE22591299208CE8EA076419D5B4FD92C09F569EB ] AnyDVD C:\WINDOWS\system32\Drivers\AnyDVD.sys

12:16:22.0922 0x0aa8 AnyDVD - ok

12:16:22.0938 0x0aa8 [ 04951A9A937CBE28A2D3FEEA360B6D1F, D8AAF000BE4FE4B203DC2EB2A64F780A542E5238CE3F9952FD03277379B11529 ] AppID C:\WINDOWS\system32\drivers\appid.sys

12:16:22.0938 0x0aa8 AppID - ok

12:16:22.0938 0x0aa8 [ C0DC3F58214A227980AEB091CFD2F973, 0C3E8453C9F65ADA3E74C38C0E3AC3E0CBFD807B827097046265B38839E151E3 ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll

12:16:22.0938 0x0aa8 AppIDSvc - ok

12:16:22.0954 0x0aa8 [ 8D6F535461F6CFF75A8ADDF83024C904, F2A97EC4A6284F28B685A3CE2D450F61E75EE8692D718A6AA352D5734BBBAD7B ] Appinfo C:\WINDOWS\System32\appinfo.dll

12:16:22.0954 0x0aa8 Appinfo - ok

12:16:22.0954 0x0aa8 [ 221564CC7BE37611FE15EACF443E1BF6, 381BDF17418C779D72332431BA174C2AD76CD9C7C1711FF5142EA9B05D5555E4 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

12:16:22.0954 0x0aa8 Apple Mobile Device - ok

12:16:22.0969 0x0aa8 [ CB12C47647D8BDAFAA94C0856B14128B, 5590C98095357C92563EF94800107D3611AA6ECA1A70BE463C03B279E618A6C4 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll

12:16:22.0985 0x0aa8 AppReadiness - ok

12:16:23.0016 0x0aa8 [ F7529BD3FFAC9C33D15F6DE3B7353B03, 8EF0A84C9687A246B60939A326E498121039E9CC617A7ABBA933EDD327F3467E ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll

12:16:23.0032 0x0aa8 AppXSvc - ok

12:16:23.0047 0x0aa8 [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys

12:16:23.0047 0x0aa8 arcsas - ok

12:16:23.0047 0x0aa8 [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi C:\WINDOWS\system32\drivers\atapi.sys

12:16:23.0063 0x0aa8 atapi - ok

12:16:23.0063 0x0aa8 [ 65DD42A358451920A703EEEC1AB4995B, 7690EFB12E928ECF3D3D3155F7D1F7A8FEEE742212ABE5319166EA8DB5601884 ] AthBTPort C:\WINDOWS\system32\DRIVERS\btath_flt.sys

12:16:23.0063 0x0aa8 AthBTPort - ok

12:16:23.0079 0x0aa8 [ 2DC097FE207EC7576B8C8BC357558BA0, FDD51224716DC7E5859A82B751DB75E88026F371B19785A57E4426556C9E11F8 ] AtherosSvc C:\Program Files (x86)\Bluetooth Suite\adminservice.exe

12:16:23.0079 0x0aa8 AtherosSvc - ok

12:16:23.0094 0x0aa8 [ 886767FD022213F7885416134E9082E5, E248D82210FBEBF62C23EBEC74A976B2D1A4E62D3B7638D95B2574B77BA05DD0 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll

12:16:23.0094 0x0aa8 AudioEndpointBuilder - ok

12:16:23.0126 0x0aa8 [ 79B134ECE836B406B212E28C24011538, 1B875DD23CCAD8A2759DCDBCDCF3DE14231B9DB5EEC8E84FE081E41A52A047A1 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll

12:16:23.0141 0x0aa8 Audiosrv - ok

12:16:23.0141 0x0aa8 [ 96E8CAF20FC4B6C31CAD7816A801EB78, E4870DB8FFBDCFEE98449338D0BDBF2DD0B5FEC75514E41C11A882BE6EB16833 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll

12:16:23.0141 0x0aa8 AxInstSV - ok

12:16:23.0157 0x0aa8 [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys

12:16:23.0172 0x0aa8 b06bdrv - ok

12:16:23.0172 0x0aa8 [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys

12:16:23.0172 0x0aa8 BasicDisplay - ok

12:16:23.0172 0x0aa8 [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys

12:16:23.0172 0x0aa8 BasicRender - ok

12:16:23.0188 0x0aa8 [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys

12:16:23.0188 0x0aa8 bcmfn2 - ok

12:16:23.0204 0x0aa8 [ E07C80468D0C599BFF01D9D4EC7AEDC3, F675F455924DEC3FF69AD816DFEB6E74C804AEC3D3BFF7515953DB9D79C9B2D0 ] BDESVC C:\WINDOWS\System32\bdesvc.dll

12:16:23.0204 0x0aa8 BDESVC - ok

12:16:23.0204 0x0aa8 [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep C:\WINDOWS\system32\drivers\Beep.sys

12:16:23.0204 0x0aa8 Beep - ok

12:16:23.0235 0x0aa8 [ 20FB137ADDE1255F15F265A7BD9579BE, 87B4D5C91EFEAD987AAC3491A4360F82824C46AFF958B6F4CAED7C12224EF159 ] BFE C:\WINDOWS\System32\bfe.dll

12:16:23.0251 0x0aa8 BFE - ok

12:16:23.0251 0x0aa8 [ 17BCA402EF3E67277963374F01EE7B34, 03D93DBE984FA59E7FC22ED9FD93C4CD2365F36BFB32880041812EC6FDB8FB29 ] BfLwf C:\WINDOWS\system32\DRIVERS\bwcW8x64.sys

12:16:23.0251 0x0aa8 BfLwf - ok

12:16:23.0282 0x0aa8 [ 15225081966C785A9192782401643FD4, E2BA0C8D044556FDD9DD7A25F7F71553DE7A2924E78F9284413C2AC46F0BF4EB ] BITS C:\WINDOWS\System32\qmgr.dll

12:16:23.0297 0x0aa8 BITS - ok

12:16:23.0313 0x0aa8 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe

12:16:23.0313 0x0aa8 Bonjour Service - ok

12:16:23.0329 0x0aa8 [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys

12:16:23.0329 0x0aa8 bowser - ok

12:16:23.0344 0x0aa8 [ F2559A492AF8D653D1F47ADABA4C3E97, 77347915FB433023769699DFC9511F54E69C7FC7AB75F57FDC1A58E64A7126DE ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll

12:16:23.0344 0x0aa8 BrokerInfrastructure - ok

12:16:23.0344 0x0aa8 [ 041A999E4FF9A7CDBE67357751881FB8, 356C52637EA715D6FA2B65BD311C9BF1635A582023434902EC2DE4A2448961F8 ] Browser C:\WINDOWS\System32\browser.dll

12:16:23.0360 0x0aa8 Browser - ok

12:16:23.0360 0x0aa8 [ BCDB654338FA6C4BEE20A8EA47092171, CE0408F126F23E8C51CE59F3A56B41C78AB8918512FB9866F055077E5428EA37 ] BTATH_A2DP C:\WINDOWS\system32\drivers\btath_a2dp.sys

12:16:23.0376 0x0aa8 BTATH_A2DP - ok

12:16:23.0376 0x0aa8 [ A71E33AEF3289BE2BA6CAD032BF9BFBA, A390F0BAC83143489F7191E4595973D8E1EA6CDF0937B4A441848CF7345C8808 ] btath_avdt C:\WINDOWS\system32\drivers\btath_avdt.sys

12:16:23.0376 0x0aa8 btath_avdt - ok

12:16:23.0391 0x0aa8 [ 4AF7C20F94DAC343C01ED671C82DCB99, 2AABD85D9D76461DE883E0F13F61C391BA81E6198FF88268B319474E25A196C8 ] BTATH_HCRP C:\WINDOWS\System32\drivers\btath_hcrp.sys

12:16:23.0391 0x0aa8 BTATH_HCRP - ok

12:16:23.0391 0x0aa8 [ 785C38070043BEEE9E9D591DE4067244, 1C8D15B8A9E80A2799E7094C4AE111FEA9FBC6EAA4A61B13EFE59314C9794949 ] BTATH_LWFLT C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys

12:16:23.0391 0x0aa8 BTATH_LWFLT - ok

12:16:23.0407 0x0aa8 [ 31EC5FC3FC5CB273F2709AAF4AD88ED4, 804401CEBBB24443AE0A304FCF5CB6B0D7679BA7FC5DC3BFF968B0B44FE34EC1 ] BTATH_RCP C:\WINDOWS\System32\drivers\btath_rcp.sys

12:16:23.0407 0x0aa8 BTATH_RCP - ok

12:16:23.0423 0x0aa8 [ 239A81CC18170F3369D389DA65E74342, 5E26976176A6651B149784B1ED86ECCA133B7755EBB8B04361A8DDB705767AA3 ] BtFilter C:\WINDOWS\system32\DRIVERS\btfilter.sys

12:16:23.0438 0x0aa8 BtFilter - ok

12:16:23.0438 0x0aa8 [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys

12:16:23.0438 0x0aa8 BthAvrcpTg - ok

12:16:23.0438 0x0aa8 [ 131F1C8573E7BFB41C54FBF5309CCD94, DAFE51E3BADBD82A33B580F212B2D6520A120877C23F6D675521FEA2F4BA5A1F ] BthEnum C:\WINDOWS\System32\drivers\BthEnum.sys

12:16:23.0454 0x0aa8 BthEnum - ok

12:16:23.0454 0x0aa8 [ 746B9F94214915AECDE4B7FEA5FF9664, EA2877D49DB4B7B9CE61653D63E8776DFF1CBCCAB12C14DB1D20DA44B8F06357 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys

12:16:23.0454 0x0aa8 BthHFEnum - ok

12:16:23.0454 0x0aa8 [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys

12:16:23.0454 0x0aa8 bthhfhid - ok

12:16:23.0469 0x0aa8 [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys

12:16:23.0469 0x0aa8 BthLEEnum - ok

12:16:23.0532 0x0aa8 [ 66B791F6B11DC4303DD18A224A501542, 502AE4D6FFC6B0FCED081B0E0F61F699F96F20DFEE737B53828F5DEE3BD0FCB1 ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys

12:16:23.0532 0x0aa8 BTHMODEM - ok

12:16:23.0548 0x0aa8 [ 25BB93167DEF270188072603F92A1EF5, CE4637CE4B63420E218F53CAF89A8C85D036B879B80456FEF3C7C395590E26BB ] BthPan C:\WINDOWS\System32\drivers\bthpan.sys

12:16:23.0548 0x0aa8 BthPan - ok

12:16:23.0579 0x0aa8 [ 97B9076611291AE4C4C107BC915BD026, 0A77873AAF1ADB76CAB98A84D2242781E34E2699632E45EB92ED7DB20B2BE0C1 ] BTHPORT C:\WINDOWS\System32\Drivers\BTHport.sys

12:16:23.0610 0x0aa8 BTHPORT - ok

12:16:23.0610 0x0aa8 [ E5E48FEED73D463175EAB1542495191C, 0A8182F5BA7B694AB1DD3680F1194E4A568FE40DBA4BFDFF2EA09BAD045FFB29 ] bthserv C:\WINDOWS\system32\bthserv.dll

12:16:23.0610 0x0aa8 bthserv - ok

12:16:23.0626 0x0aa8 [ 23E75BED9076F856B36F5F934BBD5795, CCEB72B788522B7D52A6C07646005EBC68F9599D3714ECACF3A194CA47A1BE85 ] BTHUSB C:\WINDOWS\System32\Drivers\BTHUSB.sys

12:16:23.0626 0x0aa8 BTHUSB - ok

12:16:23.0626 0x0aa8 [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys

12:16:23.0626 0x0aa8 cdfs - ok

12:16:23.0641 0x0aa8 [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys

12:16:23.0641 0x0aa8 cdrom - ok

12:16:23.0641 0x0aa8 [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] CertPropSvc C:\WINDOWS\System32\certprop.dll

12:16:23.0657 0x0aa8 CertPropSvc - ok

12:16:23.0657 0x0aa8 [ 27468DB367ABCFE855796775DB949AC1, F2DFC8CFBFCDC94798A5ADAAC96001927F9CE316751D42651C3AF1E52F1DC7EF ] cfwids C:\WINDOWS\system32\drivers\cfwids.sys

12:16:23.0657 0x0aa8 cfwids - ok

12:16:23.0657 0x0aa8 [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass C:\WINDOWS\System32\drivers\circlass.sys

12:16:23.0673 0x0aa8 circlass - ok

12:16:23.0673 0x0aa8 [ 179A41249055D5F039F1B6703F3B6D2B, 886CF715D9E85DB5C9B991EBCB9B12E27AA0EEE52528E222C80CA5B5B0A7AF52 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys

12:16:23.0688 0x0aa8 CLFS - ok

12:16:23.0751 0x0aa8 [ EDAD3D6932E4CB7D92F19FEE0238C29D, 8AE3F923CDBBF08ABB401B53D7E743DBD91C64E28AB7A17D7BAB1EF585A8FE4F ] ClickToRunSvc C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe

12:16:23.0798 0x0aa8 ClickToRunSvc - ok

12:16:23.0813 0x0aa8 [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys

12:16:23.0813 0x0aa8 CmBatt - ok

12:16:23.0829 0x0aa8 [ 1CD3A907D64D08F49208DA00B69BF35E, ABBD70FFCA0DE2274D855AFC08BF7BC0AA6D44EFC9FDBF7DF44B73CD5C210E28 ] CNG C:\WINDOWS\system32\Drivers\cng.sys

12:16:23.0829 0x0aa8 CNG - ok

12:16:23.0844 0x0aa8 [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus C:\WINDOWS\System32\drivers\CompositeBus.sys

12:16:23.0844 0x0aa8 CompositeBus - ok

12:16:23.0844 0x0aa8 COMSysApp - ok

12:16:23.0860 0x0aa8 [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv C:\WINDOWS\system32\drivers\condrv.sys

12:16:23.0860 0x0aa8 condrv - ok

12:16:23.0891 0x0aa8 [ 6DB7264A95FE984FFA072BA79FA087C8, CF180663B24B1660CD04CB26D8663FB7F357C9CF5731B315635D63B7DB76BCEC ] cphs C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe

12:16:23.0907 0x0aa8 cphs - ok

12:16:23.0907 0x0aa8 [ 0EFE4B5884A8032617826A4D76F80969, 083D296CC623C83D36A97AEE343ADF819B17E490F931DBE4D161BD1E8C289E02 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll

12:16:23.0907 0x0aa8 CryptSvc - ok

12:16:23.0923 0x0aa8 [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam C:\WINDOWS\system32\drivers\dam.sys

12:16:23.0923 0x0aa8 dam - ok

12:16:23.0938 0x0aa8 [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll

12:16:23.0954 0x0aa8 DcomLaunch - ok

12:16:24.0094 0x0aa8 [ D249C3A58A4FCF755EF4C94F7047E015, 68C044CE2DB93FB502F85F6E081EA164F6E6DCBA6B3EE2A5CBDA122065E522F8 ] defragsvc C:\WINDOWS\System32\defragsvc.dll

12:16:24.0094 0x0aa8 defragsvc - ok

12:16:24.0110 0x0aa8 [ 4C0419368943D1CF20A9FCEEC50D9846, B088FC4B53D9FCAE2110114EB58AD15FF8E83E6117C54B79DC1605B606A2D2A6 ] DellDigitalDelivery c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe

12:16:24.0110 0x0aa8 DellDigitalDelivery - ok

12:16:24.0110 0x0aa8 [ 173775DF0DADCEABCED5A0B8869A5106, 7F4AA4980E1CADAC08B6A6318B2670126080BF919681CA5DF0D55D20E87295FA ] Dell_DTM C:\Program Files (x86)\Dell_DTM_WPF\DTM_Service\WindowsService_DTM.exe

12:16:24.0110 0x0aa8 Dell_DTM - ok

12:16:24.0110 0x0aa8 [ CC6E9AB84E6B14DFAE5AA3D728F6A19A, BD971A4655ECF7F44783CBDDDA2B1570BD62D3D327B7D5326E997134065CC56C ] Dell_Software_eq C:\Program Files (x86)\Dell_SWEQ\SWEQ_Service\WindowsService_Inclinometer.exe

12:16:24.0110 0x0aa8 Dell_Software_eq - ok

12:16:24.0141 0x0aa8 [ 8F387C2C99EE09C6E2AC316205F86A17, EC9E8AE72A21992AA118964E17090BA4503EB051273AD18185C95172F57328CE ] DeviceAssociationService C:\WINDOWS\system32\das.dll

12:16:24.0141 0x0aa8 DeviceAssociationService - ok

12:16:24.0157 0x0aa8 [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll

12:16:24.0157 0x0aa8 DeviceInstall - ok

12:16:24.0157 0x0aa8 [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys

12:16:24.0157 0x0aa8 Dfsc - ok

12:16:24.0173 0x0aa8 [ 05DE04005CE0D84D0E6AD21CAEB369C6, E6704A2A685BCFD560796D7C328F8E53DF0793DBDA590598A492D9070D109298 ] Dhcp C:\WINDOWS\system32\dhcpcore.dll

12:16:24.0188 0x0aa8 Dhcp - ok

12:16:24.0188 0x0aa8 [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk C:\WINDOWS\system32\drivers\disk.sys

12:16:24.0188 0x0aa8 disk - ok

12:16:24.0188 0x0aa8 [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys

12:16:24.0204 0x0aa8 dmvsc - ok

12:16:24.0204 0x0aa8 [ FE7656474448BE6A6C68E5C9BEB7CA94, 8B9F04CAA29A6EEFCA3D1E7BAFE340D5CCA8AF665474E69B1DF7E2A518B83A89 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll

12:16:24.0204 0x0aa8 Dnscache - ok

12:16:24.0227 0x0aa8 [ 50288EA079BB520C2B8C8A154202D518, 8916A9180CA009D124FFDFB4CCF5FDFEF7FA2FD37CBCD49FAD4C68E051B4734D ] dot3svc C:\WINDOWS\System32\dot3svc.dll

12:16:24.0232 0x0aa8 dot3svc - ok

12:16:24.0232 0x0aa8 [ 281BEE07BA97E3E98D12A822D923D0D8, 6EB482B2D4D6048D145C3738B2B6FA27A90B5EA53E9167447820F9981B004E63 ] DPS C:\WINDOWS\system32\dps.dll

12:16:24.0247 0x0aa8 DPS - ok

12:16:24.0247 0x0aa8 [ DDC11A202207C0400CBE07315B8FDE5E, 3ED0CA3A714582D92001BA3BFF78BE082F4DC8021298D5A2632F3B2B0A1C09DC ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys

12:16:24.0247 0x0aa8 drmkaud - ok

12:16:24.0263 0x0aa8 [ 5B074F14F5DD6418F46EE4CA2DEB7EA8, B8223D73C3DE123759101F7D5D45C60BD12B221F09D349575A1044CE3F43CBC5 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll

12:16:24.0263 0x0aa8 DsmSvc - ok

12:16:24.0294 0x0aa8 [ 313DCE665B57000B18CB26C6B6A10DFE, 6C332D4AD13A316C192321AB7E7597E66AF8E1688101FFD851E06C52128DBA52 ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys

12:16:24.0325 0x0aa8 DXGKrnl - ok

12:16:24.0325 0x0aa8 [ 6073537F250B45E1CB2A02E97F0FE1B2, 653F3F2F2019168EDF225944A88AFDBF8393B62AA076BD19980691778F3DB67D ] Eaphost C:\WINDOWS\System32\eapsvc.dll

12:16:24.0341 0x0aa8 Eaphost - ok

12:16:24.0435 0x0aa8 [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys

12:16:24.0497 0x0aa8 ebdrv - ok

12:16:24.0497 0x0aa8 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] EFS C:\WINDOWS\System32\lsass.exe

12:16:24.0497 0x0aa8 EFS - ok

12:16:24.0513 0x0aa8 [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys

12:16:24.0513 0x0aa8 EhStorClass - ok

12:16:24.0513 0x0aa8 [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys

12:16:24.0513 0x0aa8 EhStorTcgDrv - ok

12:16:24.0529 0x0aa8 [ BE2902E13CA69383F449B6BF927844FB, F092785E305D8E1FE795AF98A7A7B7B4548A0D6687060568C9E078FFA8D65C1C ] ElbyCDIO C:\WINDOWS\system32\Drivers\ElbyCDIO.sys

12:16:24.0529 0x0aa8 ElbyCDIO - ok

12:16:24.0529 0x0aa8 [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys

12:16:24.0529 0x0aa8 ErrDev - ok

12:16:24.0544 0x0aa8 [ 030CE75B7D8F75FAA7BA1EC6FD0EB5A3, 5264734F0572FAEDCCB008221C9982CCB7922C4FFC358605424EA413CDCDAE99 ] EventSystem C:\WINDOWS\system32\es.dll

12:16:24.0560 0x0aa8 EventSystem - ok

12:16:24.0560 0x0aa8 [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat C:\WINDOWS\system32\drivers\exfat.sys

12:16:24.0560 0x0aa8 exfat - ok

12:16:24.0575 0x0aa8 [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys

12:16:24.0575 0x0aa8 fastfat - ok

12:16:24.0591 0x0aa8 [ 2BC8532ABF2B3756B78FA1DA54147DDE, DF65EE2AB0255A2CF3221085A6BE7C37E3DB6BFEED3BCADCDD69BB1049F6DCB1 ] Fax C:\WINDOWS\system32\fxssvc.exe

12:16:24.0607 0x0aa8 Fax - ok

12:16:24.0607 0x0aa8 [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc C:\WINDOWS\System32\drivers\fdc.sys

12:16:24.0607 0x0aa8 fdc - ok

12:16:24.0622 0x0aa8 [ DC1A78BCCCB7EE53D6FD3BD615A8E222, EE16B6853185AAE779D7135035983938009901658F76A8856AAC12EBA15BB34E ] fdPHost C:\WINDOWS\system32\fdPHost.dll

12:16:24.0622 0x0aa8 fdPHost - ok

12:16:24.0622 0x0aa8 [ E5AD448F2DC84B1CF387FA7F2A3D1936, BBB29C79A085C503F5EFFB5144596D5DEC48A4EB34A049A4E7B38B27F6D92E0A ] FDResPub C:\WINDOWS\system32\fdrespub.dll

12:16:24.0622 0x0aa8 FDResPub - ok

12:16:24.0638 0x0aa8 [ 0046E0BD031213D37123876B0D0FA61C, A4FE17D56F0BAFB70D0D421ED9D1B6E50AF8ADAA4B59328A41AEC5B4C068A3CB ] fhsvc C:\WINDOWS\system32\fhsvc.dll

12:16:24.0638 0x0aa8 fhsvc - ok

12:16:24.0638 0x0aa8 [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys

12:16:24.0638 0x0aa8 FileInfo - ok

12:16:24.0654 0x0aa8 [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys

12:16:24.0654 0x0aa8 Filetrace - ok

12:16:24.0654 0x0aa8 [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys

12:16:24.0654 0x0aa8 flpydisk - ok

12:16:24.0669 0x0aa8 [ 6592D192E2823C043EDBC010E7774053, C025A0EC5517DC3BD5D6656DC0F0F19021FB3D2EE90EC6194E1BD74E638EBBDC ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys

12:16:24.0669 0x0aa8 FltMgr - ok

12:16:24.0700 0x0aa8 [ 3FA6DC6B29717E32E211C1FD821F2C75, E467F3775427C93CC2B87327B0A45669631A5FC460C558F6796BA26002A8BBFC ] FontCache C:\WINDOWS\system32\FntCache.dll

12:16:24.0732 0x0aa8 FontCache - ok

12:16:24.0732 0x0aa8 [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

12:16:24.0732 0x0aa8 FontCache3.0.0.0 - ok

12:16:24.0747 0x0aa8 [ 35005534E600E993A90B036E4E599F2B, DA56FA3776FBD3D50276CB7410E0CB6F137DD8FCA84C0F3FEF8B1FEA5F6CA592 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys

12:16:24.0747 0x0aa8 FsDepends - ok

12:16:24.0747 0x0aa8 [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys

12:16:24.0747 0x0aa8 Fs_Rec - ok

12:16:24.0763 0x0aa8 [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys

12:16:24.0779 0x0aa8 fvevol - ok

12:16:24.0779 0x0aa8 [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM C:\WINDOWS\System32\drivers\fxppm.sys

12:16:24.0779 0x0aa8 FxPPM - ok

12:16:24.0779 0x0aa8 [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys

12:16:24.0779 0x0aa8 gagp30kx - ok

12:16:24.0794 0x0aa8 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys

12:16:24.0794 0x0aa8 GEARAspiWDM - ok

12:16:24.0794 0x0aa8 [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys

12:16:24.0794 0x0aa8 gencounter - ok

12:16:24.0794 0x0aa8 [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys

12:16:24.0810 0x0aa8 GPIOClx0101 - ok

12:16:24.0841 0x0aa8 [ 69DB09F0263C637DA8568D404842466A, D042194266978AAD31E04DAF7018CD50754077212DC74A4D8AFF6BFEE80CDD20 ] gpsvc C:\WINDOWS\System32\gpsvc.dll

12:16:24.0857 0x0aa8 gpsvc - ok

12:16:24.0872 0x0aa8 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

12:16:24.0872 0x0aa8 gupdate - ok

12:16:24.0872 0x0aa8 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

12:16:24.0888 0x0aa8 gupdatem - ok

12:16:24.0888 0x0aa8 [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys

12:16:24.0888 0x0aa8 HDAudBus - ok

12:16:24.0904 0x0aa8 [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys

12:16:24.0904 0x0aa8 HidBatt - ok

12:16:24.0904 0x0aa8 [ 1EA1B4FABB8CC348E73CA90DBA22E104, 5C18C6BD499272F216DD4626B5E8D38181AEAC9AD917FBEB614A75B70467B258 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys

12:16:24.0904 0x0aa8 HidBth - ok

12:16:24.0919 0x0aa8 [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys

12:16:24.0919 0x0aa8 hidi2c - ok

12:16:24.0919 0x0aa8 [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys

12:16:24.0919 0x0aa8 HidIr - ok

12:16:24.0935 0x0aa8 [ 449A20A674AA3FAA7F0DD4E33EE2DC20, 28B9BDA306456E8640C355718DE3477537B0FAF8C37F633C709129AAB64D9873 ] hidserv C:\WINDOWS\system32\hidserv.dll

12:16:24.0935 0x0aa8 hidserv - ok

12:16:24.0935 0x0aa8 [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys

12:16:24.0935 0x0aa8 HidUsb - ok

12:16:24.0950 0x0aa8 [ 29F981739E50305128022CBE10B3659C, 25060937145B0DCA8CD088E78993BFEF1430CDDFF433E606AFC93993CBBF4B3E ] HipShieldK C:\WINDOWS\system32\drivers\HipShieldK.sys

12:16:24.0950 0x0aa8 HipShieldK - ok

12:16:24.0950 0x0aa8 [ 7BF3ADCBD021D4F4A84CF40EB49C71B5, 5758A51FD2EBE67E6DBE3A298D714D351910F9E01C428D0C1359457C9242B298 ] hkmsvc C:\WINDOWS\system32\kmsvc.dll

12:16:24.0950 0x0aa8 hkmsvc - ok

12:16:24.0966 0x0aa8 [ 6CD9C3819BE8C0A3DACC82AE5D3C4F18, 46BF4A968E506DE17CA401401D716B444CDC10A5C60EB081890DD4B886AEDF5F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll

12:16:24.0966 0x0aa8 HomeGroupListener - ok

12:16:24.0982 0x0aa8 [ 1A4DA1D6287B99033D144B436C23B656, D4D1EEB372E61512EA36A33F095E68C225B8E6C72CC57ED8BD00533F88012F40 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll

12:16:24.0997 0x0aa8 HomeGroupProvider - ok

12:16:25.0013 0x0aa8 [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] HomeNetSvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe

12:16:25.0013 0x0aa8 HomeNetSvc - ok

12:16:25.0013 0x0aa8 [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys

12:16:25.0013 0x0aa8 HpSAMD - ok

12:16:25.0044 0x0aa8 [ 9DDCA7F18983C5410DEFF79F819DF93C, CE97B4440377BFC5CA81BB600C3BD1DD9FB3951CA1EB70735F5E2050EBB74223 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys

12:16:25.0060 0x0aa8 HTTP - ok

12:16:25.0075 0x0aa8 [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys

12:16:25.0075 0x0aa8 hwpolicy - ok

12:16:25.0075 0x0aa8 [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys

12:16:25.0075 0x0aa8 hyperkbd - ok

12:16:25.0075 0x0aa8 [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys

12:16:25.0075 0x0aa8 HyperVideo - ok

12:16:25.0091 0x0aa8 [ 84CFC5EFA97D0C965EDE1D56F116A541, 0155EA62BF07D99D98D1C9B6559C8E3301B016A20D03DF1EF64B2FAB8C37403B ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys

12:16:25.0091 0x0aa8 i8042prt - ok

12:16:25.0091 0x0aa8 [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys

12:16:25.0091 0x0aa8 iaLPSSi_GPIO - ok

12:16:25.0107 0x0aa8 [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys

12:16:25.0107 0x0aa8 iaLPSSi_I2C - ok

12:16:25.0122 0x0aa8 [ 6C91E425ACE29594BD574DE38AC9B76D, 697784E4C7AF08B1F35662D8AD871E6890CECE22B6E64985B7C1A66C10DA390D ] iaStorA C:\WINDOWS\system32\drivers\iaStorA.sys

12:16:25.0122 0x0aa8 iaStorA - ok

12:16:25.0154 0x0aa8 [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys

12:16:25.0154 0x0aa8 iaStorAV - ok

12:16:25.0169 0x0aa8 [ 0AB254994A460550258446950BB58311, BD10811912680DD3B814B7D1303785C996D892C79108110A2257E9BD0C28245C ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

12:16:25.0169 0x0aa8 IAStorDataMgrSvc - ok

12:16:25.0185 0x0aa8 [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys

12:16:25.0185 0x0aa8 iaStorV - ok

12:16:25.0200 0x0aa8 [ 83FF82FE209E7997067B375DAD6CF23D, E312DD068E51DBF96A8232D7D1C9F158652FDA23649655F1102928B320795091 ] ICCS C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe

12:16:25.0200 0x0aa8 ICCS - ok

12:16:25.0200 0x0aa8 IEEtwCollectorService - ok

12:16:25.0294 0x0aa8 [ 0AECABC08F9AB4E504935B7662123B6E, 79D1C801A8FB0920469D6088158C518481485A065E8AF2E580FE4FCC1DE8F39B ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys

12:16:25.0357 0x0aa8 igfx - ok

12:16:25.0388 0x0aa8 [ DEA76F90F9777E3427D70E380222B23B, B917BA423896A12E45623E3D494CA03317A6FC612CA433C62C897524DC3E756B ] IKEEXT C:\WINDOWS\System32\ikeext.dll

12:16:25.0419 0x0aa8 IKEEXT - ok

12:16:25.0419 0x0aa8 [ F0F581A2299CB2BAB1DF2597BCDDB80F, EE485AF3049C87666BC6D6BFFC8A0EB4B95831D9061EB81848ECEE29C4232BF4 ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys

12:16:25.0419 0x0aa8 intaud_WaveExtensible - ok

12:16:25.0498 0x0aa8 [ 1B5F29EAE1511CD077ACD765B3B9CB83, 02A8FFF0C52A348ED26C7485059B4C425F1CCDD45023045AEC87CD64DA1622D2 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys

12:16:25.0560 0x0aa8 IntcAzAudAddService - ok

12:16:25.0576 0x0aa8 [ C6128F2E3DC6156C6F8828F9F1B96010, 612C1191AFB8F69BA5634E8C52BDDE608F57D98FA4C76C5A337676A5F1E8191D ] Intel® Capability Licensing Service Interface c:\Program Files\Intel\iCLS Client\HeciServer.exe

12:16:25.0592 0x0aa8 Intel® Capability Licensing Service Interface - ok

12:16:25.0607 0x0aa8 [ 729AB4F0608E95EFF8FDEF23596283E2, 62A2091FF440C65505AB3E38436A86D9B0978BCB9485960EFCE0C5CBC8E06201 ] Intel® Capability Licensing Service TCP IP Interface c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe

12:16:25.0623 0x0aa8 Intel® Capability Licensing Service TCP IP Interface - ok

12:16:25.0623 0x0aa8 [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide C:\WINDOWS\system32\drivers\intelide.sys

12:16:25.0623 0x0aa8 intelide - ok

12:16:25.0638 0x0aa8 [ 139CFCDCD36B1B1782FD8C0014AC9B0E, E0D7E0E9B46A8CECE138D689820023BFA650FB689E4FD62855BED37E04F2D9FF ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys

12:16:25.0638 0x0aa8 intelpep - ok

12:16:25.0638 0x0aa8 [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys

12:16:25.0638 0x0aa8 intelppm - ok

12:16:25.0654 0x0aa8 [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

12:16:25.0654 0x0aa8 IpFilterDriver - ok

12:16:25.0670 0x0aa8 [ 1670A274ED1A815311BA33CD27B0D0E8, 28378D3908DCFA2C0E8FCF83E5AFEF643C89BBB285FA0F1692FE576AEA2F4E45 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll

12:16:25.0685 0x0aa8 iphlpsvc - ok

12:16:25.0701 0x0aa8 [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys

12:16:25.0701 0x0aa8 IPMIDRV - ok

12:16:25.0701 0x0aa8 [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys

12:16:25.0701 0x0aa8 IPNAT - ok

12:16:25.0732 0x0aa8 [ 6BF622C46721CF6E2B35E868F319E6EB, 926D3C6334D8AF8A248A361D1F7C0A655835572ED8AC6F1D7932E1FA7A26B50A ] iPod Service C:\Program Files\iPod\bin\iPodService.exe

12:16:25.0732 0x0aa8 iPod Service - ok

12:16:25.0748 0x0aa8 [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys

12:16:25.0748 0x0aa8 IRENUM - ok

12:16:25.0748 0x0aa8 [ 4D9B9A794F22415B8C3E0CCFBE61BC7A, 4CF01BC95F0AD7DC42AF8A0FCE032DF00610524A98CF52F531E9DE93137E7B87 ] irstrtdv C:\WINDOWS\System32\drivers\irstrtdv.sys

12:16:25.0748 0x0aa8 irstrtdv - ok

12:16:25.0795 0x0aa8 [ E145E934392E7A49FDC6775AC3A347F8, 8E5DBC8C34FB3B68851489E0860BA3ACE6CDF46BB5E2AEFD1DEF6E895566068B ] irstrtsv C:\Windows\SysWOW64\irstrtsv.exe

12:16:25.0795 0x0aa8 irstrtsv - ok

12:16:25.0795 0x0aa8 [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys

12:16:25.0795 0x0aa8 isapnp - ok

12:16:25.0857 0x0aa8 [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys

12:16:25.0873 0x0aa8 iScsiPrt - ok

12:16:25.0873 0x0aa8 [ C2BC9AC9C6514230A481BDCA6A24BEFD, 84E41675D11EF2EEECED23C8469503C8D12810A2C6B6743D7AA322EB6DF7E68D ] iwdbus C:\WINDOWS\System32\drivers\iwdbus.sys

12:16:25.0873 0x0aa8 iwdbus - ok

12:16:25.0888 0x0aa8 [ 08B14887C0B98101F8EC207817A0D734, DF2B2C16F9C8EA05533AE26C3302C41D5B67966D8E55ED8625353AE1D70FBD29 ] jhi_service C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

12:16:25.0888 0x0aa8 jhi_service - ok

12:16:25.0888 0x0aa8 [ 8BE92376799B6B44D543E8D07CDCF885, 425B8BB1BAF62F735B3CB5A002E6055879F02E7207E55942BFD37F1784F5F368 ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys

12:16:25.0888 0x0aa8 kbdclass - ok

12:16:25.0904 0x0aa8 [ FB6E47E569D4872ABEB506BE03A45FBA, 5C4056CADA8F67587A119D9AE2A0EFAB30387CF6298F4019FF68AC92E2F6F54B ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys

12:16:25.0904 0x0aa8 kbdhid - ok

12:16:25.0904 0x0aa8 [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic C:\WINDOWS\system32\DRIVERS\kdnic.sys

12:16:25.0904 0x0aa8 kdnic - ok

12:16:25.0904 0x0aa8 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] KeyIso C:\WINDOWS\system32\lsass.exe

12:16:25.0920 0x0aa8 KeyIso - ok

12:16:25.0920 0x0aa8 [ ADDECBCC777665BD113BED437E602AB0, B6283475A1219CE44E9F683DD3BEB8C42DA0943297E5C4699B22176AD8A6A7ED ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys

12:16:25.0920 0x0aa8 KSecDD - ok

12:16:25.0935 0x0aa8 [ F88CC88F4A6D8476F1664E805CA18CC2, 2C61EE5EEA4FD45AA3FA927CC16E34EF90BD44324EAB14198AF65C3A27617991 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys

12:16:25.0935 0x0aa8 KSecPkg - ok

12:16:25.0935 0x0aa8 [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys

12:16:25.0935 0x0aa8 ksthunk - ok

12:16:25.0951 0x0aa8 [ 32B1A8351160F307A8C66BCB0F94A9C2, 52F1DEC2BBD4D5DDBB85ED20B99D96BBA7EB83304D76F183A11FDAFDA364E873 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll

12:16:25.0951 0x0aa8 KtmRm - ok

12:16:25.0967 0x0aa8 [ 793EACA6BAE9F481C2059BCB3743EB4A, 2624905C6B6A1227BD1CAC7D4FE55A5F6543E1278DAB31EC553748472D180D1D ] LanmanServer C:\WINDOWS\system32\srvsvc.dll

12:16:25.0982 0x0aa8 LanmanServer - ok

12:16:25.0982 0x0aa8 [ D0D9C2ECA4D03A8F06DCD91236B90C98, E2D1144DC8040EA5FEB0602A20BA4CB920B4BC86AD5AD05FC0DF7D74DC95DC66 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll

12:16:25.0998 0x0aa8 LanmanWorkstation - ok

12:16:26.0013 0x0aa8 [ 626D19F1771E1AE72208AE9A8F3082F7, 78FDB64545ED2EAE9F51C08120E21D2C3285208F6846BD8BBA08CAA839E7A0C4 ] lfsvc C:\WINDOWS\System32\GeofenceMonitorService.dll

12:16:26.0013 0x0aa8 lfsvc - ok

12:16:26.0029 0x0aa8 [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio C:\WINDOWS\system32\DRIVERS\lltdio.sys

12:16:26.0029 0x0aa8 lltdio - ok

12:16:26.0029 0x0aa8 [ 00E070FC0C673311AFD4B068D1242780, 50B0E0E625361145332C849709498FF444E46578DCAD2536E6D0289E0125580F ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll

12:16:26.0045 0x0aa8 lltdsvc - ok

12:16:26.0045 0x0aa8 [ D113FAD71A5E67AA94B32A0F8828D265, 08DDB4BBDB570C59926DBF5E27FCF46DCDF8B8212BB9251E97837E0504516FB3 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll

12:16:26.0045 0x0aa8 lmhosts - ok

12:16:26.0060 0x0aa8 [ 920F6774762DE8D8477088B6F38FBD6C, DA056D27FE775835CD6F8F5F3143179D818C20658304E21100B534C24079916C ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

12:16:26.0060 0x0aa8 LMS - ok

12:16:26.0076 0x0aa8 [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys

12:16:26.0076 0x0aa8 LSI_SAS - ok

12:16:26.0076 0x0aa8 [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2 C:\WINDOWS\system32\drivers\lsi_sas2.sys

12:16:26.0076 0x0aa8 LSI_SAS2 - ok

12:16:26.0092 0x0aa8 [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3 C:\WINDOWS\system32\drivers\lsi_sas3.sys

12:16:26.0092 0x0aa8 LSI_SAS3 - ok

12:16:26.0092 0x0aa8 [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys

12:16:26.0092 0x0aa8 LSI_SSS - ok

12:16:26.0107 0x0aa8 [ 8EBB271E4588D835784A3FF7E80076A8, A508BE95F6F5063A76F4C8726D9425BB1F00DE803EFE73A0BE145DD9AB82FF0A ] LSM C:\WINDOWS\System32\lsm.dll

12:16:26.0123 0x0aa8 LSM - ok

12:16:26.0138 0x0aa8 [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv C:\WINDOWS\system32\drivers\luafv.sys

12:16:26.0138 0x0aa8 luafv - ok

12:16:26.0154 0x0aa8 [ 96E7AA538AB0EDECCAB3862BA4B66232, 8AF460093B4DC1FD81C4508A57B6A80A7FB2E1818A3405506B8DB5B521615FB6 ] McAPExe C:\Program Files\McAfee\MSC\McAPExe.exe

12:16:26.0154 0x0aa8 McAPExe - ok

12:16:26.0154 0x0aa8 [ 7E6A605BF5211D1A065698FEF9894B7F, 7AF0427E47678A428BDB2FB05787D43EB11F731481173260F2B8D265783C1587 ] McAWFwk C:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe

12:16:26.0170 0x0aa8 McAWFwk - ok

12:16:26.0185 0x0aa8 [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] McMPFSvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe

12:16:26.0185 0x0aa8 McMPFSvc - ok

12:16:26.0201 0x0aa8 [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] McNaiAnn C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe

12:16:26.0201 0x0aa8 McNaiAnn - ok

12:16:26.0224 0x0aa8 [ 7F8446D8AD9161B34DC7C209FB148A5A, 26B07EB138992586FC410849172A63ACC26D99ED59B568EFF9C93ED2EB129453 ] McODS C:\Program Files\mcafee\VirusScan\mcods.exe

12:16:26.0228 0x0aa8 McODS - ok

12:16:26.0244 0x0aa8 [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] McOobeSv2 C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe

12:16:26.0244 0x0aa8 McOobeSv2 - ok

12:16:26.0259 0x0aa8 [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] mcpltsvc C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe

12:16:26.0259 0x0aa8 mcpltsvc - ok

12:16:26.0275 0x0aa8 [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] McProxy C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe

12:16:26.0275 0x0aa8 McProxy - ok

12:16:26.0291 0x0aa8 [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas C:\WINDOWS\system32\drivers\megasas.sys

12:16:26.0291 0x0aa8 megasas - ok

12:16:26.0306 0x0aa8 [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr C:\WINDOWS\system32\drivers\megasr.sys

12:16:26.0322 0x0aa8 megasr - ok

12:16:26.0322 0x0aa8 [ D71FD7A4FDB01C554AE144037B688DF1, 74D33303DA559A3A2EB809FC0EC3722D24F7F1A37BC7370680CFEB951BE735AF ] MEIx64 C:\WINDOWS\System32\drivers\HECIx64.sys

12:16:26.0322 0x0aa8 MEIx64 - ok

12:16:26.0338 0x0aa8 [ D0574EF9490EBD32DFA14D3C16195DE2, 7F5623562E74BD09717103247CE9155F07092BC633B5647ED3C99A95283413B4 ] mfeapfk C:\WINDOWS\system32\drivers\mfeapfk.sys

12:16:26.0338 0x0aa8 mfeapfk - ok

12:16:26.0353 0x0aa8 [ 7B6A4509A2444F5F0689B2579E245177, 95A3A3560E253B7459F1B7C9E4E21008C725BA1A2C5F4E5FBAD1AB383058E2F6 ] mfeavfk C:\WINDOWS\system32\drivers\mfeavfk.sys

12:16:26.0353 0x0aa8 mfeavfk - ok

12:16:26.0400 0x0aa8 [ 28E4FB2E9918C2E680BE9FD8E130471C, DFD1738F2CC0743F2CD9754CAFFFFC4D38590AF8AD2E1159F8FEAC9E9922E4B8 ] mfecore C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe

12:16:26.0416 0x0aa8 mfecore - ok

12:16:26.0416 0x0aa8 [ DD19F44DE0F742B2E89FB6489A2F7197, B6BF5236181492B9996471469E18C3A11ECD6224BE740BA312771E1A7D4AD6BD ] mfeelamk C:\WINDOWS\system32\drivers\mfeelamk.sys

12:16:26.0431 0x0aa8 mfeelamk - ok

12:16:26.0431 0x0aa8 [ E7C6587AC8FB0BABEF6AB1733AFA8FEC, 1624B8D9C9431A2030B8C8CFAA90F56A9EE4039D2426A521C4102A68D2F8E3CD ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe

12:16:26.0431 0x0aa8 mfefire - ok

12:16:26.0447 0x0aa8 [ 92AD9892D534CA58E020375C94E0307E, 3062625853C759852C5172040C69840315676A01A62EECFC53F55E6379DB190C ] mfefirek C:\WINDOWS\system32\drivers\mfefirek.sys

12:16:26.0463 0x0aa8 mfefirek - ok

12:16:26.0478 0x0aa8 [ B6622A5B197D021647AE20E0D4C229B9, 15D64928FDB207C183A69E7CFB90BFFBF25F1AB14059EDEFDF021F323025F4E8 ] mfehidk C:\WINDOWS\system32\drivers\mfehidk.sys

12:16:26.0494 0x0aa8 mfehidk - ok

12:16:26.0509 0x0aa8 [ 6CD9133BC4B5DF25FB8BCBC382C8466F, F3C938D1EDD61EE1B227112CB027804E0AAD16CBCDD67EEE1D8EAABDFC996BA1 ] mfencbdc C:\WINDOWS\system32\DRIVERS\mfencbdc.sys

12:16:26.0525 0x0aa8 mfencbdc - ok

12:16:26.0525 0x0aa8 [ 408DC249009CDB3C9B299716C861C64B, 3EFBFA8EE857CBF4C6A29E0D1DA38EB21B57D5BA1F6CC544503CA8253E9BFF12 ] mfencrk C:\WINDOWS\system32\DRIVERS\mfencrk.sys

12:16:26.0525 0x0aa8 mfencrk - ok

12:16:26.0541 0x0aa8 [ 64BAFB4E5377056CDD71531097D69F6E, 28B434C1DB9AD930C5A32584C51FE1B3A4526952EBC953DAE775701E270C76C5 ] mfevtp C:\Windows\system32\mfevtps.exe

12:16:26.0541 0x0aa8 mfevtp - ok

12:16:26.0556 0x0aa8 [ A58F979117A424CDB33C21396887800F, E857E74BB08E49AEDC7EE21C9FDA36053113E04F8D29B9DBC3A2A3F0667915C6 ] mfewfpk C:\WINDOWS\system32\drivers\mfewfpk.sys

12:16:26.0556 0x0aa8 mfewfpk - ok

12:16:26.0572 0x0aa8 [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] MMCSS C:\WINDOWS\system32\mmcss.dll

12:16:26.0572 0x0aa8 MMCSS - ok

12:16:26.0572 0x0aa8 [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem C:\WINDOWS\system32\drivers\modem.sys

12:16:26.0572 0x0aa8 Modem - ok

12:16:26.0588 0x0aa8 [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor C:\WINDOWS\System32\drivers\monitor.sys

12:16:26.0588 0x0aa8 monitor - ok

12:16:26.0588 0x0aa8 [ CEAC6D40FE887CE8406C2393CF97DE06, 34E76908B802764FF0D7AB3AF89BE77BD35B44787983343FAD89891891C0A045 ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys

12:16:26.0588 0x0aa8 mouclass - ok

12:16:26.0603 0x0aa8 [ 02D98BF804084E9A0D69D1C69B02CCA9, EC5BC5D87043DFFD035FD4DD27B3D94E03119063519E4151BCC3522B613E2D7F ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys

12:16:26.0603 0x0aa8 mouhid - ok

12:16:26.0603 0x0aa8 [ 515549560D481138E6E21AF7C6998E56, C7E4B38D8CCAF15B9BDA63C8C8209F6193AD220DA02E1264F1B687AACD8F409F ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys

12:16:26.0603 0x0aa8 mountmgr - ok

12:16:26.0603 0x0aa8 [ F170510BE94CF45E3C6274578F6204B2, 344C3DDE1D622607CA2ABECB2C47CB0166D2D258BD94A7960C45A5ADBB640566 ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys

12:16:26.0619 0x0aa8 mpsdrv - ok

12:16:26.0634 0x0aa8 [ D186C5844393252147BE934F3871DB7A, 30160F8268B9F46E82C5CB536867E0CF280DC98074A481595072E3320200E343 ] MpsSvc C:\WINDOWS\system32\mpssvc.dll

12:16:26.0650 0x0aa8 MpsSvc - ok

12:16:26.0666 0x0aa8 [ 1D55DADC22D21883A2F80297F5A5AE48, B79DF4AFC2A9CBC54E74233596544D6E41C8CAA0516BD57CA695D051EC780265 ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys

12:16:26.0666 0x0aa8 MRxDAV - ok

12:16:26.0681 0x0aa8 [ 7A1A3F213CDB3363D179D5014272025D, 6756F5B7D9FBF6839DB1FF4E94EA45B5499D7DF925E75581C96FBBA4BE131542 ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

12:16:26.0744 0x0aa8 mrxsmb - ok

12:16:26.0759 0x0aa8 [ 3E28B99198B514DFEB152EACF913025E, 6C1D8353DCD5F811F39C0C3CB5DF3D2457F0D17EE80FB06196AA169E3D19E9B2 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys

12:16:26.0759 0x0aa8 mrxsmb10 - ok

12:16:26.0775 0x0aa8 [ C910E5D18958914A66F0E45689D0B40A, AD7C91DD8A60A511E580DD56BACC97F85075A539E7C5D95040A8F870A621DAF4 ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys

12:16:26.0791 0x0aa8 mrxsmb20 - ok

12:16:26.0791 0x0aa8 [ E0927EFA25D473367C3341B9F5969779, B77A162BD3334557623674373D8EC2BE7CC0B359DF06304E467ABFFEE0530271 ] MsBridge C:\WINDOWS\system32\DRIVERS\bridge.sys

12:16:26.0791 0x0aa8 MsBridge - ok

12:16:26.0806 0x0aa8 [ A082C17D14D0790E27D064EA4B138AE1, 9A565ED885782D9D5135C8399C11C356DBF9EBF3B8EB4B4504BD2604AD0B45E6 ] MSDTC C:\WINDOWS\System32\msdtc.exe

12:16:26.0806 0x0aa8 MSDTC - ok

12:16:26.0806 0x0aa8 [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys

12:16:26.0806 0x0aa8 Msfs - ok

12:16:26.0822 0x0aa8 [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys

12:16:26.0822 0x0aa8 msgpiowin32 - ok

12:16:26.0822 0x0aa8 [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys

12:16:26.0822 0x0aa8 mshidkmdf - ok

12:16:26.0822 0x0aa8 [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys

12:16:26.0822 0x0aa8 mshidumdf - ok

12:16:26.0838 0x0aa8 [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys

12:16:26.0838 0x0aa8 msisadrv - ok

12:16:26.0838 0x0aa8 [ 810F8A0A0680662BB0CE44D0E2CEF90C, 5631B07911B7EF378CB1583A480A3C5715E59A5488B33A528F4D7A2F849B9113 ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll

12:16:26.0838 0x0aa8 MSiSCSI - ok

12:16:26.0853 0x0aa8 msiserver - ok

12:16:26.0853 0x0aa8 [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] MSK80Service C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe

12:16:26.0869 0x0aa8 MSK80Service - ok

12:16:26.0869 0x0aa8 [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys

12:16:26.0869 0x0aa8 MSKSSRV - ok

12:16:26.0869 0x0aa8 [ 375E44168F2DFB91A68B8A3F619C5A7C, AC243E02E9A39D0B4DE9571F196941700EE6EB5E94F5B0BA8994FB551E73A7A8 ] MsLldp C:\WINDOWS\system32\DRIVERS\mslldp.sys

12:16:26.0869 0x0aa8 MsLldp - ok

12:16:26.0884 0x0aa8 [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys

12:16:26.0884 0x0aa8 MSPCLOCK - ok

12:16:26.0884 0x0aa8 [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys

12:16:26.0884 0x0aa8 MSPQM - ok

12:16:26.0900 0x0aa8 [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys

12:16:26.0900 0x0aa8 MsRPC - ok

12:16:26.0916 0x0aa8 [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys

12:16:26.0916 0x0aa8 mssmbios - ok

12:16:26.0916 0x0aa8 [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys

12:16:26.0916 0x0aa8 MSTEE - ok

12:16:26.0916 0x0aa8 [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys

12:16:26.0916 0x0aa8 MTConfig - ok

12:16:26.0931 0x0aa8 [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup C:\WINDOWS\system32\Drivers\mup.sys

12:16:26.0931 0x0aa8 Mup - ok

12:16:26.0931 0x0aa8 [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys

12:16:26.0931 0x0aa8 mvumis - ok

12:16:26.0947 0x0aa8 [ 41A45D2A75494EABF2806EA051E00376, EB2497561C8E33A4297C044604C717FF854C7F046882A9E4A400AE7679BF5467 ] napagent C:\WINDOWS\system32\qagentRT.dll

12:16:26.0963 0x0aa8 napagent - ok

12:16:26.0978 0x0aa8 [ 26ACA481FAFEC59FE311D719E3027BBA, 16A24CCA95A38BDFE970580159F6ACAA13FF1B74CF2290B1B020D909F90D3347 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys

12:16:26.0978 0x0aa8 NativeWifiP - ok

12:16:26.0994 0x0aa8 [ 71E3C0100AA19D11373CCEB2F51A6008, 58FBF35F5FE19BEABE483C11E9996BE93D76721C8C34465350FA98B465CA3672 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll

12:16:26.0994 0x0aa8 NcaSvc - ok

12:16:26.0994 0x0aa8 [ 51DF09CAB2CAC64FEE3E371D9028ED01, 9B81604D0D0359AF8F54FED6DA7116FFD2F40407895028EAD99FF1D7CFDC2D14 ] NcbService C:\WINDOWS\System32\ncbservice.dll

12:16:26.0994 0x0aa8 NcbService - ok

12:16:27.0009 0x0aa8 [ 2586C4C167499210DCBF3ECFD8CCE210, D8129FEDE9918BF4FB0057CC58700D4E08457060E810B9CC25CA0F598506ADB8 ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll

12:16:27.0009 0x0aa8 NcdAutoSetup - ok

12:16:27.0041 0x0aa8 [ E4B4BE2D7750849C07589DA0B0AABA01, BB5AA727BA018A94B5DE2C4E0B594DD2E7A2B3457885446EE568F3A1E18AB3B0 ] NDIS C:\WINDOWS\system32\drivers\ndis.sys

12:16:27.0056 0x0aa8 NDIS - ok

12:16:27.0056 0x0aa8 [ C6BB12BC35D1637CA17AE16D3A4725EB, 01C1D9FA738886A195166F88207EEB6715A1DE0608978ED6C5DC738AF5C02513 ] NdisCap C:\WINDOWS\system32\DRIVERS\ndiscap.sys

12:16:27.0056 0x0aa8 NdisCap - ok

12:16:27.0072 0x0aa8 [ B1AA3B19A2E596A59224F893E01A5A75, E08696CA5E087E51AC3E64D4FB8490EEADD612DDF30C9A94DD1BD1BA124B71B7 ] NdisImPlatform C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys

12:16:27.0072 0x0aa8 NdisImPlatform - ok

12:16:27.0072 0x0aa8 [ 9423421E735BD5394351E0C47C76BB92, 763E5D06F896C0EF8AD52515464F28BA85DB7A1560E451857AC9AA68FAFCBC66 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys

12:16:27.0088 0x0aa8 NdisTapi - ok

12:16:27.0088 0x0aa8 [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys

12:16:27.0088 0x0aa8 Ndisuio - ok

12:16:27.0088 0x0aa8 [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys

12:16:27.0088 0x0aa8 NdisVirtualBus - ok

12:16:27.0103 0x0aa8 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys

12:16:27.0103 0x0aa8 NdisWan - ok

12:16:27.0119 0x0aa8 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys

12:16:27.0119 0x0aa8 NdisWanLegacy - ok

12:16:27.0119 0x0aa8 [ A5BD69A8812FA79D1A487691DD3FB244, 67B5EDE101943E0E8B8041DB2353D20C8B9F2D253E77964761CFE8F136C0BBC7 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys

12:16:27.0119 0x0aa8 NDProxy - ok

12:16:27.0134 0x0aa8 [ 5A072F0B90C29C5233D78BE33EF5ED78, B32ED76A674B1FC743361FB7BBD4C915A78B14132AB056AADD445D5995AD4F32 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys

12:16:27.0134 0x0aa8 Ndu - ok

12:16:27.0134 0x0aa8 [ A83D67D347A684F10B7D3019C8A6380C, 2B86832967981C8C786BF24C1CF8E13E01745ACE3333CF5C821DD93D623B96E4 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys

12:16:27.0134 0x0aa8 NetBIOS - ok

12:16:27.0150 0x0aa8 [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys

12:16:27.0150 0x0aa8 NetBT - ok

12:16:27.0166 0x0aa8 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] Netlogon C:\WINDOWS\system32\lsass.exe

12:16:27.0166 0x0aa8 Netlogon - ok

12:16:27.0166 0x0aa8 [ B7AD851A21FEBA3BA214972627614207, 29605320CCC3DAAD062CAECF0009DACBC2F6D28ED4E8AF7CE76132129F5572A0 ] Netman C:\WINDOWS\System32\netman.dll

12:16:27.0181 0x0aa8 Netman - ok

12:16:27.0197 0x0aa8 [ F0F0A372C2EF6358399C4936F91B6131, CE596C71EB4D1A5E104D3148F2D0D8789882C59FD198DCF33CCAC7A08B50E4EE ] netprofm C:\WINDOWS\System32\netprofmsvc.dll

12:16:27.0197 0x0aa8 netprofm - ok

12:16:27.0213 0x0aa8 [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

12:16:27.0213 0x0aa8 NetTcpPortSharing - ok

12:16:27.0228 0x0aa8 [ 70414DB660BFBB7BD58FCE8EA4364E1B, 6DFB3897CD55E22BA1EDF0AE672F4D7A6A1F512F8A0A26AF106765E6B1CF65AC ] netvsc C:\WINDOWS\system32\DRIVERS\netvsc63.sys

12:16:27.0228 0x0aa8 netvsc - ok

12:16:27.0244 0x0aa8 [ 3A280F3B3C7A46E29C404ACD46ECBF5E, 81C3367A2A212DBCC65B8A0166FD092E3205AB31A146B4B737061335CEC51F9D ] NlaSvc C:\WINDOWS\System32\nlasvc.dll

12:16:27.0244 0x0aa8 NlaSvc - ok

12:16:27.0244 0x0aa8 [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys

12:16:27.0244 0x0aa8 Npfs - ok

12:16:27.0259 0x0aa8 [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys

12:16:27.0259 0x0aa8 npsvctrig - ok

12:16:27.0259 0x0aa8 [ 6E2271ED0C3E95B8E29F3752B91B9E84, 44026AD9757EA82967D7F7578455802FAD7FE0057EAC088E0AE207C15F594B86 ] nsi C:\WINDOWS\system32\nsisvc.dll

12:16:27.0259 0x0aa8 nsi - ok

12:16:27.0275 0x0aa8 [ E490B459978CB87779E84C761D22B827, 1E5CA38626E41618E4CA16DD0C70EB2FA86E986F0CF21A749BDE2A17015DEEC6 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys

12:16:27.0275 0x0aa8 nsiproxy - ok

12:16:27.0322 0x0aa8 [ 038C77D577900EE39410662478BB0D50, A33AAFD5750245C17A47EC71F3C6EAD2E0925CAD34C65AB3E6CEE44756C668E6 ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys

12:16:27.0353 0x0aa8 Ntfs - ok

12:16:27.0353 0x0aa8 [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null C:\WINDOWS\system32\drivers\Null.sys

12:16:27.0353 0x0aa8 Null - ok

12:16:27.0369 0x0aa8 [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys

12:16:27.0369 0x0aa8 nvraid - ok

12:16:27.0385 0x0aa8 [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys

12:16:27.0385 0x0aa8 nvstor - ok

12:16:27.0385 0x0aa8 [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys

12:16:27.0385 0x0aa8 nv_agp - ok

12:16:27.0400 0x0aa8 [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

12:16:27.0400 0x0aa8 ose - ok

12:16:27.0416 0x0aa8 [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll

12:16:27.0416 0x0aa8 p2pimsvc - ok

12:16:27.0431 0x0aa8 [ 2A57A937BC5B1B2D6AFE6A8C5925F50B, 00D84EFED5A7129AAD86945940030474795905C32D65CBD5B1A3EBADCED8F873 ] p2psvc C:\WINDOWS\system32\p2psvc.dll

12:16:27.0447 0x0aa8 p2psvc - ok

12:16:27.0447 0x0aa8 [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport C:\WINDOWS\System32\drivers\parport.sys

12:16:27.0447 0x0aa8 Parport - ok

12:16:27.0463 0x0aa8 [ EF0C1749C9A8CEE9A457473D433CC00F, A5FDAB5AD47471640D697C6CFBA6C67730878ABBA47D394EAA47C9733EDCE1F3 ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys

12:16:27.0463 0x0aa8 partmgr - ok

12:16:27.0478 0x0aa8 [ 9A5309EF92F39346CFD5A4C2C3D1BFAD, 5908E0C9562F9CB24784491BD9AE7983A33A6BDF81AFA0A08045518A0C9BB2B1 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll

12:16:27.0478 0x0aa8 PcaSvc - ok

12:16:27.0494 0x0aa8 [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci C:\WINDOWS\system32\drivers\pci.sys

12:16:27.0510 0x0aa8 pci - ok

12:16:27.0510 0x0aa8 [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide C:\WINDOWS\system32\drivers\pciide.sys

12:16:27.0510 0x0aa8 pciide - ok

12:16:27.0510 0x0aa8 [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys

12:16:27.0510 0x0aa8 pcmcia - ok

12:16:27.0525 0x0aa8 [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw C:\WINDOWS\system32\drivers\pcw.sys

12:16:27.0525 0x0aa8 pcw - ok

12:16:27.0525 0x0aa8 [ B9D968D8E2B0F9C6301CEB39CFC9B9E4, 83F32831B0727F18B56DC3CAF37E45A3523D2BBCD54D1421F0DE5A0179D8A404 ] pdc C:\WINDOWS\system32\drivers\pdc.sys

12:16:27.0525 0x0aa8 pdc - ok

12:16:27.0541 0x0aa8 [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys

12:16:27.0556 0x0aa8 PEAUTH - ok

12:16:27.0603 0x0aa8 [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe

12:16:27.0603 0x0aa8 PerfHost - ok

12:16:27.0650 0x0aa8 [ 928061178CD9856CA6B67FFFCE6BA766, 71DE3C7CA7F83EAAA550CD8A68FB67DE042B0AE51BFACB1ECB8852D502E11F50 ] pla C:\WINDOWS\system32\pla.dll

12:16:27.0681 0x0aa8 pla - ok

12:16:27.0681 0x0aa8 [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll

12:16:27.0697 0x0aa8 PlugPlay - ok

12:16:27.0697 0x0aa8 [ 045EB4F260606A03BE340D09DEAF3BA4, 6F34B8D414F7F69F4388F2F8A86E0F3AD179E423126990AF3E1EC4DCCB8E7693 ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll

12:16:27.0697 0x0aa8 PNRPAutoReg - ok

12:16:27.0713 0x0aa8 [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll

12:16:27.0713 0x0aa8 PNRPsvc - ok

12:16:27.0728 0x0aa8 [ C16097D77A232A288D65F299E2E01105, 5CE4B44B06FD26569C0F92FF1D3991D0128D8444AE7BC9EBEF5A33811D721BE8 ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll

12:16:27.0744 0x0aa8 PolicyAgent - ok

12:16:27.0744 0x0aa8 [ 00E08B30E7F7C13ECE2CDF4F46A77311, 1807C0A64C1794E572C86730816C01DCF4D8F773ADE9CAEA3AC0658F7BD71A4E ] Power C:\WINDOWS\system32\umpo.dll

12:16:27.0744 0x0aa8 Power - ok

12:16:27.0838 0x0aa8 [ C0B3AD50136FE57C2548BD75CAC49DA2, B5661CE7631C5D1B1C50F36EE66AF6DF2E9E69DA1D9BA7C852E74D206F72D8DB ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll

12:16:27.0885 0x0aa8 PrintNotify - ok

12:16:27.0900 0x0aa8 [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor C:\WINDOWS\System32\drivers\processr.sys

12:16:27.0900 0x0aa8 Processor - ok

12:16:27.0916 0x0aa8 [ EF1F8B57323E5D3FC6A0A25F98F90DBC, F50E81151604DCD59BB647FD6767C1631AE48B5FCA6D3423C4E32535C94D6369 ] ProfSvc C:\WINDOWS\system32\profsvc.dll

12:16:27.0916 0x0aa8 ProfSvc - ok

12:16:27.0916 0x0aa8 [ 8528BB05E4D4E25945F78B00B2555FB7, FF8E0D4580F93CD348080967F52FE6C2C68B56DAEACAE2EAEF04E19412A953AE ] Psched C:\WINDOWS\system32\DRIVERS\pacer.sys

12:16:27.0916 0x0aa8 Psched - ok

12:16:27.0931 0x0aa8 [ 8C428DB83ED67BE63241E0BCAE2AD6A7, C21EAE9EA6BD149FBE62E4277A02954E667C97237AA2F7E3E680B85F0E6BE10C ] Qualcomm Atheros Killer Service V2 C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe

12:16:27.0947 0x0aa8 Qualcomm Atheros Killer Service V2 - ok

12:16:27.0947 0x0aa8 [ AF90BB44C99D6820BE52C9BBAA523283, 9772D9CC1666959EC8EE4ED740A5179473CE4F38762109F1123DD68010D20EA1 ] QWAVE C:\WINDOWS\system32\qwave.dll

12:16:27.0963 0x0aa8 QWAVE - ok

12:16:27.0963 0x0aa8 [ 3FB466684609A4329858CF2EBD62E0FD, CFC8FBAB1436948F9D34CE6A2D6DE2F86F3E93E50B86851CED979C8CCE609798 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys

12:16:27.0963 0x0aa8 QWAVEdrv - ok

12:16:27.0978 0x0aa8 [ 2C56F0EE27E4EF70CA4B4983D3638905, AFFDD686886CE982424B644D9168D61C6F86A5244FF97BC644DF75B321E415E5 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys

12:16:27.0978 0x0aa8 RasAcd - ok

12:16:27.0978 0x0aa8 [ 5F061AC45266841A2860C1858ED863B8, 9E0D52BAC8A50225C32D0397C35350601B996443E2481C808CC59D3B0763FEF0 ] RasAuto C:\WINDOWS\System32\rasauto.dll

12:16:27.0978 0x0aa8 RasAuto - ok

12:16:27.0994 0x0aa8 [ 5C7B86EE33505E36026AFAAB62DA6364, 903BB1A355AC746BF09C2A7C87B068168648DB79DEF39AB1DC710B6A7A5F6556 ] RasMan C:\WINDOWS\System32\rasmans.dll

12:16:28.0010 0x0aa8 RasMan - ok

12:16:28.0010 0x0aa8 [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys

12:16:28.0010 0x0aa8 RasPppoe - ok

12:16:28.0025 0x0aa8 [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys

12:16:28.0041 0x0aa8 rdbss - ok

12:16:28.0041 0x0aa8 [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys

12:16:28.0041 0x0aa8 rdpbus - ok

12:16:28.0057 0x0aa8 [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys

12:16:28.0057 0x0aa8 RDPDR - ok

12:16:28.0072 0x0aa8 [ 858776908AF838E3790F3261B799CDA6, 5BE4658540382D1B2F46E503CE175D74E3870FE492B8B8F37C3CFB34FF8E2DA8 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys

12:16:28.0072 0x0aa8 RdpVideoMiniport - ok

12:16:28.0072 0x0aa8 [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys

12:16:28.0088 0x0aa8 rdyboost - ok

12:16:28.0103 0x0aa8 [ E515A287C8FAE901EB8FB42F168E14F2, 9AE8D608587713FD18BB728BADD402C86FFF06A67359B22ED9431705522BC310 ] ReFS C:\WINDOWS\system32\drivers\ReFS.sys

12:16:28.0119 0x0aa8 ReFS - ok

12:16:28.0135 0x0aa8 [ BFFB40FBE6D2C3469F8D06EE5E4934AB, 5B6763F973A740DCD53CEA75156926457BED8B075965033C484877DDA8B97F39 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll

12:16:28.0135 0x0aa8 RemoteAccess - ok

12:16:28.0135 0x0aa8 [ 4DCCABE03D06955ED61BABBD8EF9F30F, 531CD60315AAF283B73E0F6CF77D4DE093B809E73C44D2AC43B7247500B3485E ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll

12:16:28.0150 0x0aa8 RemoteRegistry - ok

12:16:28.0150 0x0aa8 [ 0527EF6E23B9FAB37DDCBC479C6CFA28, C004CE600074AC434F8B24A3383F8C0ACFA5476D9E3B1493B40911C78B028D64 ] RFCOMM C:\WINDOWS\System32\drivers\rfcomm.sys

12:16:28.0166 0x0aa8 RFCOMM - ok

12:16:28.0166 0x0aa8 [ D894CBD7DA753C881EE8D5E33B583225, DA4472A85F10A3DF8CE969F731E67FE7C75EE6095908AB8AC2C44851DC5A3F8B ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll

12:16:28.0166 0x0aa8 RpcEptMapper - ok

12:16:28.0166 0x0aa8 [ 5CAE8F47B31D5CFC322B5B898C19E0FE, FDB5F0B6EA36403E031D9147AB0519011FAAD3AC8190DE5B1F17FB5472D79D47 ] RpcLocator C:\WINDOWS\system32\locator.exe

12:16:28.0182 0x0aa8 RpcLocator - ok

12:16:28.0197 0x0aa8 [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] RpcSs C:\WINDOWS\system32\rpcss.dll

12:16:28.0214 0x0aa8 RpcSs - ok

12:16:28.0224 0x0aa8 [ 73993E0AE5908C4AFE33D3E355E600BC, 304CB5D4054DD1C123B20973767D12E78C04EFDA4210AD583EF1FAC207B817C7 ] RSPCIESTOR C:\WINDOWS\system32\DRIVERS\RtsPStor.sys

12:16:28.0224 0x0aa8 RSPCIESTOR - ok

12:16:28.0239 0x0aa8 [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys

12:16:28.0239 0x0aa8 rspndr - ok

12:16:28.0239 0x0aa8 [ 3A50489C017292386C1C6CF6EB283F23, 42E2C75A83A45070BB548591B83C3744F5DF6BB3743221D0442C1BA23789AD5D ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe

12:16:28.0255 0x0aa8 RtkAudioService - ok

12:16:28.0255 0x0aa8 [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys

12:16:28.0255 0x0aa8 s3cap - ok

12:16:28.0255 0x0aa8 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] SamSs C:\WINDOWS\system32\lsass.exe

12:16:28.0255 0x0aa8 SamSs - ok

12:16:28.0270 0x0aa8 [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys

12:16:28.0270 0x0aa8 sbp2port - ok

12:16:28.0270 0x0aa8 [ 47C497FA4DDEA908633CAA60CEBE6805, 4DF5742D4C99D3F7B6A5671AEDB1E5E47D3399D36B28BA19C105FA604D8D5A1C ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll

12:16:28.0286 0x0aa8 SCardSvr - ok

12:16:28.0286 0x0aa8 [ E76C4E98302AE39CC6FA5D20FC8B5438, B6B6B59CF427515087689285797F4A5763103440EBE5D87A61FA74F80F895BD0 ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll

12:16:28.0286 0x0aa8 ScDeviceEnum - ok

12:16:28.0302 0x0aa8 [ ABD0237B15DBD2B4695F4B7D734A58F7, D6831921F0CD3E03CBF1CA3ED5824EE0C75127842D12D4E897E74EC72B0792EB ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys

12:16:28.0302 0x0aa8 scfilter - ok

12:16:28.0333 0x0aa8 [ D3AE5DB16EAF913860EC28654CE00E6B, AD76B6044F7247C6E86F6DCB7CFD6B25BCA2B9F09A97A419F043A999E66726A2 ] Schedule C:\WINDOWS\system32\schedsvc.dll

12:16:28.0349 0x0aa8 Schedule - ok

12:16:28.0349 0x0aa8 [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll

12:16:28.0364 0x0aa8 SCPolicySvc - ok

12:16:28.0364 0x0aa8 [ FDEC5799BA499D18AFA3A540538866E7, 551EE0945FE4EC213FFF623E524500B57531EFEA2D76FA7ED1D2D605E7E2168F ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys

12:16:28.0380 0x0aa8 sdbus - ok

12:16:28.0380 0x0aa8 [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys

12:16:28.0380 0x0aa8 sdstor - ok

12:16:28.0395 0x0aa8 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\WINDOWS\system32\drivers\secdrv.sys

12:16:28.0395 0x0aa8 secdrv - ok

12:16:28.0395 0x0aa8 [ C49009F897BA4F2F4F31043663AA1485, 48C8BE1E3A4F150662AD012AF4E0357ABA792AD1147AB90EFF6CB2630E2501B6 ] seclogon C:\WINDOWS\system32\seclogon.dll

12:16:28.0395 0x0aa8 seclogon - ok

12:16:28.0395 0x0aa8 [ A88882E64BDC1D8E8D6E727B71CCCC53, 12D2235F54D0CEEED8AA268C17CDE44020269F4FEFC70CE957DBBF99AF7F553D ] SENS C:\WINDOWS\System32\sens.dll

12:16:28.0411 0x0aa8 SENS - ok

12:16:28.0411 0x0aa8 [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] SensorsAlsDriver C:\WINDOWS\system32\DRIVERS\WUDFRd.sys

12:16:28.0411 0x0aa8 SensorsAlsDriver - ok

12:16:28.0427 0x0aa8 [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] SensorsHIDClassDriver C:\WINDOWS\system32\DRIVERS\WUDFRd.sys

12:16:28.0427 0x0aa8 SensorsHIDClassDriver - ok

12:16:28.0442 0x0aa8 [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] SensorsServiceDriver C:\WINDOWS\system32\DRIVERS\WUDFRd.sys

12:16:28.0442 0x0aa8 SensorsServiceDriver - ok

12:16:28.0458 0x0aa8 [ E66A7C8CE7ED22DED6DF1CA479FB4790, ADEB076F131E7A8C3AD96022B09BB33EB9AB26C9C831503B8C6960AA763B8975 ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll

12:16:28.0458 0x0aa8 SensrSvc - ok

12:16:28.0536 0x0aa8 [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys

12:16:28.0536 0x0aa8 SerCx - ok

12:16:28.0552 0x0aa8 [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys

12:16:28.0552 0x0aa8 SerCx2 - ok

12:16:28.0567 0x0aa8 [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum C:\WINDOWS\System32\drivers\serenum.sys

12:16:28.0567 0x0aa8 Serenum - ok

12:16:28.0583 0x0aa8 [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial C:\WINDOWS\System32\drivers\serial.sys

12:16:28.0583 0x0aa8 Serial - ok

12:16:28.0599 0x0aa8 [ 0BD2B65DCE756FDE95A2E5CCCBF7705D, F13FAFEC8FCF3E796196562717C433CE359A74A3E5876AB070647C717AF74028 ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys

12:16:28.0599 0x0aa8 sermouse - ok

12:16:28.0614 0x0aa8 [ D5C3776CBD8BC307DCCA3FD4CE667A37, 98E4253B770C25914C91A6148E2EA15ED0EF37ADCB042A47252DBA135972BF74 ] SessionEnv C:\WINDOWS\system32\sessenv.dll

12:16:28.0630 0x0aa8 SessionEnv - ok

12:16:28.0630 0x0aa8 [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys

12:16:28.0630 0x0aa8 sfloppy - ok

12:16:28.0692 0x0aa8 [ B2B36D1B62BA24ACA1C114B3936F308D, 251C87C6EFCA5D18EFB0008B827D22E32B45A1D5C2E125B381EF5444775B798E ] SftService C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe

12:16:28.0724 0x0aa8 SftService - ok

12:16:28.0755 0x0aa8 [ F4414F57DF2CECB8FC969AA43A6B0D50, AD09A6E1294721507DD6BE82B91F2EEB0FF0151B9BC14A75840CD657DBFDECEC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll

12:16:28.0755 0x0aa8 SharedAccess - ok

12:16:28.0786 0x0aa8 [ 0D190D8B4B20446BE6299AC734DFADF1, 6551095971F99820BBFC5FED8FAB9591A3F8ABFA0F027887F3B71B79325FF6D9 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll

12:16:28.0802 0x0aa8 ShellHWDetection - ok

12:16:28.0802 0x0aa8 [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys

12:16:28.0802 0x0aa8 SiSRaid2 - ok

12:16:28.0802 0x0aa8 [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys

12:16:28.0802 0x0aa8 SiSRaid4 - ok

12:16:28.0817 0x0aa8 [ 587ACA15210D1B01FBF272E07A08F91A, 1F3C13C218C5EA329C6E33E4AE7CFE88DAD59DA40F59FDE09D733AFD2E489000 ] smphost C:\WINDOWS\System32\smphost.dll

12:16:28.0817 0x0aa8 smphost - ok

12:16:28.0817 0x0aa8 [ 49EEB92DE930B8566EF615D600781DB4, 0B7C929D24FAFC34F95BB4AA77DCBA29DDD8F1977EB42713B64228677D1FBFD3 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe

12:16:28.0817 0x0aa8 SNMPTRAP - ok

12:16:28.0833 0x0aa8 [ 240C5C3793206725AA05665851E8C214, 96ADFB85EB1623EB00C251C1C6A1F441A1795F0EBFD10B17DD1CA58E3AE8A90D ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys

12:16:28.0849 0x0aa8 spaceport - ok

12:16:28.0849 0x0aa8 [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys

12:16:28.0849 0x0aa8 SpbCx - ok

12:16:28.0880 0x0aa8 [ 42FEA9E0BA9761D9E65A4F167D91515B, 9A34CE83F3ACD50608671BDABE5E475F8E0C8335D3B8B7B3D7E84B2A319FA29F ] Spooler C:\WINDOWS\System32\spoolsv.exe

12:16:28.0896 0x0aa8 Spooler - ok

12:16:29.0052 0x0aa8 [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc C:\WINDOWS\system32\sppsvc.exe

12:16:29.0146 0x0aa8 sppsvc - ok

12:16:29.0161 0x0aa8 [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv C:\WINDOWS\system32\DRIVERS\srv.sys

12:16:29.0177 0x0aa8 srv - ok

12:16:29.0192 0x0aa8 [ 5BED3AB69797C8786EF70AEA8C33748B, 0474EE6C43D437CBA9848BCF25D1341B122D7E9F371A0FF3C62C83D14B2CB095 ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys

12:16:29.0208 0x0aa8 srv2 - ok

12:16:29.0208 0x0aa8 [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys

12:16:29.0224 0x0aa8 srvnet - ok

12:16:29.0224 0x0aa8 [ BB9ED3EDD8E85008215A7250D325A72E, D3404E31B7706B25CDEA7CB4260C343B5F090E8CCB9A5FA203B0F94A9112F1B3 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll

12:16:29.0239 0x0aa8 SSDPSRV - ok

12:16:29.0239 0x0aa8 [ 3911418AFDE10EA6823B7799E4815524, A73517C4C1271E666B2B3A747756070098E923742B41572AA16573170440AA07 ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll

12:16:29.0255 0x0aa8 SstpSvc - ok

12:16:29.0255 0x0aa8 [ F03B03AA7A18DEB0538D242F1DA01481, F1BF74979660F4AB004EBA6BB91EB0E66890BD2C76371ED017574F1F32228D7C ] stdcfltn C:\WINDOWS\system32\DRIVERS\stdcfltn.sys

12:16:29.0255 0x0aa8 stdcfltn - ok

12:16:29.0255 0x0aa8 [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys

12:16:29.0255 0x0aa8 stexstor - ok

12:16:29.0271 0x0aa8 [ D638904FE86A5FE542A1BA13A9D68E5C, 89A956F932316BC50DD99B54BAF4E2809DCAA084DBB04CB84D11E5470BEAF251 ] stisvc C:\WINDOWS\System32\wiaservc.dll

12:16:29.0286 0x0aa8 stisvc - ok

12:16:29.0302 0x0aa8 [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci C:\WINDOWS\system32\drivers\storahci.sys

12:16:29.0302 0x0aa8 storahci - ok

12:16:29.0302 0x0aa8 [ 7A08CEE1535F5A448215634C5EA74E50, 41529CDC08A3956F8FE9D5759B147E2E56E3305149EA415EB200249F7CD32094 ] storflt C:\WINDOWS\system32\DRIVERS\vmstorfl.sys

12:16:29.0302 0x0aa8 storflt - ok

12:16:29.0302 0x0aa8 [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys

12:16:29.0317 0x0aa8 stornvme - ok

12:16:29.0317 0x0aa8 [ 3118058E3D07021A55324A943C6D722B, 0B255DF1977DADD2B9766EEEA814B464F0ABFA34D6439F3C453083850C121F16 ] StorSvc C:\WINDOWS\system32\storsvc.dll

12:16:29.0317 0x0aa8 StorSvc - ok

12:16:29.0317 0x0aa8 [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys

12:16:29.0317 0x0aa8 storvsc - ok

12:16:29.0333 0x0aa8 [ 0248DE650E192EA7E383EC3BE828AF51, 939204402EA587F64B9D1F232126527D72B3CA035CF6D4E4EC6CBDC99048722A ] ST_Accel C:\WINDOWS\system32\DRIVERS\ST_Accel.sys

12:16:29.0333 0x0aa8 ST_Accel - ok

12:16:29.0333 0x0aa8 [ D8E1AE075AB3E8AD56F69C44AA978596, CAFF5116DE7F0EEFFEBE38724BCEE7D11B44153AD35EE43E314C56D5E210758A ] svsvc C:\WINDOWS\system32\svsvc.dll

12:16:29.0333 0x0aa8 svsvc - ok

12:16:29.0349 0x0aa8 [ 84E0F5D41C138C5CC975137A2A98F6D3, 1E36CED05E4F4365C2AB020CAF920E3959995D7F89F3FABD7B2FB05985F85F38 ] swenum C:\WINDOWS\System32\drivers\swenum.sys

12:16:29.0349 0x0aa8 swenum - ok

12:16:29.0364 0x0aa8 [ 850EBB87584484DC16F917E7B6F4A304, C253D1DFFCDFB018432063602FB01DBCBDDD6E03458E5C366AABD4670F114B0C ] swprv C:\WINDOWS\System32\swprv.dll

12:16:29.0380 0x0aa8 swprv - ok

12:16:29.0411 0x0aa8 [ 3DA26652B12E9AB43FD04976AC6DFD33, DEFE220D86197949E97342FE3487CD6A07DD2FFAF6D17A7C65419C2C1B9D1AB5 ] SysMain C:\WINDOWS\system32\sysmain.dll

12:16:29.0427 0x0aa8 SysMain - ok

12:16:29.0442 0x0aa8 [ D65B1C952AEB864C2BAC7A770B17ECCE, 3EFAAFFF73390D9CB660E0F42B305512396CF66ED06E4A20ED67E8722FB4355B ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll

12:16:29.0442 0x0aa8 SystemEventsBroker - ok

12:16:29.0458 0x0aa8 [ BA6DD39266A5E15515C8C14DA2DA3E5C, 5BC917BA4E7281A67CC6CEF2F4D1972DF04DECBEFB6DED0B08FFBD06E15D4B4F ] TabletInputService C:\WINDOWS\System32\TabSvc.dll

12:16:29.0458 0x0aa8 TabletInputService - ok

12:16:29.0474 0x0aa8 [ B517410F157693043DACA21B19B258A6, 2224EECEB575CEA811036C43BB5B0A408DE5F59BC97235AB948968E4C3E438F2 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll

12:16:29.0474 0x0aa8 TapiSrv - ok

12:16:29.0536 0x0aa8 [ FEBAA7D782E30882FFF1CBCBBE8AD467, B54333F52CF901CADB3B71334BFAFA63C508A0F7EA7E700C5578FC20D780403E ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys

12:16:29.0567 0x0aa8 Tcpip - ok

12:16:29.0646 0x0aa8 [ FEBAA7D782E30882FFF1CBCBBE8AD467, B54333F52CF901CADB3B71334BFAFA63C508A0F7EA7E700C5578FC20D780403E ] TCPIP6 C:\WINDOWS\system32\DRIVERS\tcpip.sys

12:16:29.0677 0x0aa8 TCPIP6 - ok

12:16:29.0692 0x0aa8 [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys

12:16:29.0692 0x0aa8 tcpipreg - ok

12:16:29.0692 0x0aa8 [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys

12:16:29.0692 0x0aa8 tdx - ok

12:16:29.0708 0x0aa8 [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys

12:16:29.0708 0x0aa8 terminpt - ok

12:16:29.0724 0x0aa8 [ 3D748E5558FD9A9F03182CB2330698DC, 70B2069AB7912EB49AB3ABD18D4B42CB94AC99CA6DE3F63F4888B8EAAC78AAA2 ] TermService C:\WINDOWS\System32\termsrv.dll

12:16:29.0755 0x0aa8 TermService - ok

12:16:29.0755 0x0aa8 [ 05FBE1F7C13E87AF7A414CDF288B1F62, 24079E1A6B2E33A1A8E76A77F73473B93DD6B379E44C982CE50D6CEED9747838 ] Themes C:\WINDOWS\system32\themeservice.dll

12:16:29.0755 0x0aa8 Themes - ok

12:16:29.0755 0x0aa8 [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] THREADORDER C:\WINDOWS\system32\mmcss.dll

12:16:29.0771 0x0aa8 THREADORDER - ok

12:16:29.0771 0x0aa8 [ 347A3E49CE18402305B8119A6EC7CFEB, 6768B20EE577880B0353FE84B980D4A18D323929A63FAE41F7A55123BBFC8DBA ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll

12:16:29.0786 0x0aa8 TimeBroker - ok

12:16:29.0786 0x0aa8 [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM C:\WINDOWS\system32\drivers\tpm.sys

12:16:29.0786 0x0aa8 TPM - ok

12:16:29.0802 0x0aa8 [ C97E14BB6A196B0554D6EB67D8818175, C00588C94988F10507F84584DFA4C0A43B8648AD1AD35E9BAE14CDD21FCF7B90 ] TrkWks C:\WINDOWS\System32\trkwks.dll

12:16:29.0802 0x0aa8 TrkWks - ok

12:16:29.0802 0x0aa8 [ 887CC44830D3F367CAD17A0CA7CCA5C8, D4022A76433A11FD66D0F41A1EB4D6893BC5B22317E7E9E021739109EB493B44 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe

12:16:29.0817 0x0aa8 TrustedInstaller - ok

12:16:29.0817 0x0aa8 [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys

12:16:29.0817 0x0aa8 TsUsbFlt - ok

12:16:29.0817 0x0aa8 [ E0088068DCE2EE82897027DDB8E05254, FA9C201D3C885DAD2ABE6A23343EDCC83CFB342EFF9E3005FA50B1D88B21D203 ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys

12:16:29.0817 0x0aa8 TsUsbGD - ok

12:16:29.0833 0x0aa8 [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel C:\WINDOWS\system32\DRIVERS\tunnel.sys

12:16:29.0833 0x0aa8 tunnel - ok

12:16:29.0833 0x0aa8 [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys

12:16:29.0849 0x0aa8 uagp35 - ok

12:16:29.0849 0x0aa8 [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys

12:16:29.0849 0x0aa8 UASPStor - ok

12:16:29.0864 0x0aa8 [ B034A41891A36457B994307DFA772293, CA5E6500764A9777AE0E15B2AFB6F05982C90F01374E3F6DDC6DF3852282C66B ] UCX01000 C:\WINDOWS\System32\drivers\ucx01000.sys

12:16:29.0864 0x0aa8 UCX01000 - ok

12:16:29.0880 0x0aa8 [ 1EC649F112896FAE33250F0B97AC5D0B, 0C0A1C2C7615DEB298AD3073340FD1BF91FEBE611F133E3B48D994A6EAA8369F ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys

12:16:29.0880 0x0aa8 udfs - ok

12:16:29.0880 0x0aa8 [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys

12:16:29.0880 0x0aa8 UEFI - ok

12:16:29.0896 0x0aa8 [ 320878AFECDBBD61BBE98624A6CAAC08, 15C090EA32A24D976B5FCB1373B1281DCC2295C075299C814345D694AEB47CB9 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe

12:16:29.0896 0x0aa8 UI0Detect - ok

12:16:29.0896 0x0aa8 [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys

12:16:29.0911 0x0aa8 uliagpkx - ok

12:16:29.0911 0x0aa8 [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus C:\WINDOWS\System32\drivers\umbus.sys

12:16:29.0911 0x0aa8 umbus - ok

12:16:29.0911 0x0aa8 [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass C:\WINDOWS\System32\drivers\umpass.sys

12:16:29.0911 0x0aa8 UmPass - ok

12:16:29.0927 0x0aa8 [ E3DDF7D43E05784FAA5E042605EEE528, 8E20E880FAB09AF4FF5C438BF9EAE9970D46C05167870110869B744E498FD761 ] UmRdpService C:\WINDOWS\System32\umrdp.dll

12:16:29.0927 0x0aa8 UmRdpService - ok

12:16:29.0942 0x0aa8 [ 9B8C9350985983E9760E1786731A8728, 78178FDE1329E5B55F77FF73C66B01279A03E2E3C3CB7E3D9DF14291D206D780 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

12:16:29.0958 0x0aa8 UNS - ok

12:16:29.0974 0x0aa8 [ 4A2FFDAC45F317E17DF642C7160EB633, F1AB762912FAA5F469F322407DA37C91556086C42D1643AD27516C12A84F74D0 ] upnphost C:\WINDOWS\System32\upnphost.dll

12:16:29.0974 0x0aa8 upnphost - ok

12:16:30.0036 0x0aa8 [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64 C:\WINDOWS\System32\Drivers\usbaapl64.sys

12:16:30.0052 0x0aa8 USBAAPL64 - ok

12:16:30.0052 0x0aa8 [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys

12:16:30.0052 0x0aa8 usbccgp - ok

12:16:30.0067 0x0aa8 [ B3D6457D841A0CAEF4C52D88621715F2, CBDD76A8A28379B107B1FB530757B477B8AB74CD01F9F3CEDC7B1BA0C6E5A990 ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys

12:16:30.0067 0x0aa8 usbcir - ok

12:16:30.0067 0x0aa8 [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys

12:16:30.0083 0x0aa8 usbehci - ok

12:16:30.0099 0x0aa8 [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys

12:16:30.0099 0x0aa8 usbhub - ok

12:16:30.0114 0x0aa8 [ 65392F3F3F65E4C6CC82A0F4F8A0B051, C11B662A28D95820717DFFC6B76DBB755E4876009A2342E5E3992DE32D6BFF61 ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys

12:16:30.0130 0x0aa8 USBHUB3 - ok

12:16:30.0130 0x0aa8 [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys

12:16:30.0130 0x0aa8 usbohci - ok

12:16:30.0130 0x0aa8 [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys

12:16:30.0146 0x0aa8 usbprint - ok

12:16:30.0146 0x0aa8 [ EA23453240137F6773174E0D93F61A69, 579AD09FB428C2BB8B4055128620A7AADD1B606C1EA44B87A01D69A84232A5D9 ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS

12:16:30.0146 0x0aa8 USBSTOR - ok

12:16:30.0161 0x0aa8 [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys

12:16:30.0161 0x0aa8 usbuhci - ok

12:16:30.0161 0x0aa8 [ 18F744E8CCEB2670040EBAF7AD77B8C6, C5E2DF4EA0D946B4DA67DE29FA9D0F079DED35EC59B98E532C4C2D5F8E86DA0A ] usbvideo C:\WINDOWS\System32\Drivers\usbvideo.sys

12:16:30.0177 0x0aa8 usbvideo - ok

12:16:30.0192 0x0aa8 [ 48430B0313FC1CFE3D2400553F1A93CD, 92994DE6B131E904AFF2C9C4FBB4E6B0D58525A1539763327373DA18C9F08193 ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS

12:16:30.0192 0x0aa8 USBXHCI - ok

12:16:30.0192 0x0aa8 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] VaultSvc C:\WINDOWS\system32\lsass.exe

12:16:30.0192 0x0aa8 VaultSvc - ok

12:16:30.0211 0x0aa8 [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys

12:16:30.0211 0x0aa8 vdrvroot - ok

12:16:30.0236 0x0aa8 [ E3EF58D4123B5AA29C8E19825AF84A5E, FB1046722BC643E955DBC3B1459DBF2A6D575EBA2BCF7B20A0FA51E3993835E2 ] vds C:\WINDOWS\System32\vds.exe

12:16:30.0251 0x0aa8 vds - ok

12:16:30.0267 0x0aa8 [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys

12:16:30.0267 0x0aa8 VerifierExt - ok

12:16:30.0298 0x0aa8 [ 52E483A3701A5A61A75A06993720347D, 689E812755E485DF6960D1E049740FBAFB812467D23B673DCAA40C03FEBB544F ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys

12:16:30.0298 0x0aa8 vhdmp - ok

12:16:30.0298 0x0aa8 [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide C:\WINDOWS\system32\drivers\viaide.sys

12:16:30.0314 0x0aa8 viaide - ok

12:16:30.0314 0x0aa8 [ C6305BDFC4F7CE51F72BB072C03D4ACE, 73E62869CA3104F48CC3B0C45E69CE9BF4F8D7D06E29C2F049B9347ABB50554D ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys

12:16:30.0314 0x0aa8 vmbus - ok

12:16:30.0314 0x0aa8 [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys

12:16:30.0314 0x0aa8 VMBusHID - ok

12:16:30.0329 0x0aa8 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll

12:16:30.0345 0x0aa8 vmicguestinterface - ok

12:16:30.0361 0x0aa8 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll

12:16:30.0376 0x0aa8 vmicheartbeat - ok

12:16:30.0376 0x0aa8 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll

12:16:30.0392 0x0aa8 vmickvpexchange - ok

12:16:30.0407 0x0aa8 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicrdv C:\WINDOWS\System32\ICSvc.dll

12:16:30.0423 0x0aa8 vmicrdv - ok

12:16:30.0439 0x0aa8 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll

12:16:30.0439 0x0aa8 vmicshutdown - ok

12:16:30.0454 0x0aa8 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmictimesync C:\WINDOWS\System32\ICSvc.dll

12:16:30.0470 0x0aa8 vmictimesync - ok

12:16:30.0486 0x0aa8 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicvss C:\WINDOWS\System32\ICSvc.dll

12:16:30.0486 0x0aa8 vmicvss - ok

12:16:30.0501 0x0aa8 [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys

12:16:30.0501 0x0aa8 volmgr - ok

12:16:30.0501 0x0aa8 [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys

12:16:30.0517 0x0aa8 volmgrx - ok

12:16:30.0532 0x0aa8 [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys

12:16:30.0532 0x0aa8 volsnap - ok

12:16:30.0532 0x0aa8 [ 01355C98B5C3ED1EC446743CDA848FCE, B9FCF558C20E05DD0F53FFB70BBEF873EA57801E13A16701E636128D625C4B67 ] vpci C:\WINDOWS\System32\drivers\vpci.sys

12:16:30.0548 0x0aa8 vpci - ok

12:16:30.0548 0x0aa8 [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys

12:16:30.0548 0x0aa8 vsmraid - ok

12:16:30.0595 0x0aa8 [ E369C59F2C0852DDD090C07E0DDE0051, 4FAC94458EAAEED4F84A86FBAB8FBB332D0AF85BD528E63C0C058A2DA8E3011D ] VSS C:\WINDOWS\system32\vssvc.exe

12:16:30.0611 0x0aa8 VSS - ok

12:16:30.0626 0x0aa8 [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys

12:16:30.0626 0x0aa8 VSTXRAID - ok

12:16:30.0626 0x0aa8 [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys

12:16:30.0626 0x0aa8 vwifibus - ok

12:16:30.0642 0x0aa8 [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt C:\WINDOWS\system32\DRIVERS\vwififlt.sys

12:16:30.0642 0x0aa8 vwififlt - ok

12:16:30.0642 0x0aa8 [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp C:\WINDOWS\system32\DRIVERS\vwifimp.sys

12:16:30.0642 0x0aa8 vwifimp - ok

12:16:30.0657 0x0aa8 [ 7599E582CA3A6AAA95A18FFE1172D339, A0410778FBBC4302EA91CF24B944427410B4706535F1192504D4F34C3ED4503E ] W32Time C:\WINDOWS\system32\w32time.dll

12:16:30.0673 0x0aa8 W32Time - ok

12:16:30.0673 0x0aa8 [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys

12:16:30.0673 0x0aa8 WacomPen - ok

12:16:30.0720 0x0aa8 [ 61692DB39AD3DF2F29392D68EAA7BB93, 854D4B9C7DD1676968598ED973500650ECEC02C420E44C0B3957C24F073AA5FB ] wbengine C:\WINDOWS\system32\wbengine.exe

12:16:30.0736 0x0aa8 wbengine - ok

12:16:30.0751 0x0aa8 [ 3BC1D1D56637A32CD91C8AE08E2484AA, 9EE1BD3FB0D289E25F3DDD0D8F67DC1C701A6B1D5418FADF348D0E642B1DEBEB ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll

12:16:30.0767 0x0aa8 WbioSrvc - ok

12:16:30.0782 0x0aa8 [ A07CFC4B593D15B6BF06813C3B5B33BF, B57BD918E2AFF9943B51A24B95E0C4D3482B4DF73C0E2421E8CC67C2BC7A4C70 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll

12:16:30.0782 0x0aa8 Wcmsvc - ok

12:16:30.0798 0x0aa8 [ D2726823DF7E19F213F4805A9D6D145F, A7F582C99918D204264D3B374F70D75984BDA5805203041E3DECB8153D16E102 ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll

12:16:30.0814 0x0aa8 wcncsvc - ok

12:16:30.0814 0x0aa8 [ 846C02A8B48CBD921A3D6AB521AA0DC4, B07573A774A6C65D24E5718DC25DF378270EB5B40221CA5A53B21D47838381D3 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll

12:16:30.0814 0x0aa8 WcsPlugInService - ok

12:16:30.0814 0x0aa8 [ F5D4FA3E1F4879C361FFF3855259D2C2, 48C60FE4AAB011E2250157506FF0624031BFA346F8F2F8C6DFDF6F3CAA4F3F42 ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys

12:16:30.0829 0x0aa8 WdBoot - ok

12:16:30.0845 0x0aa8 [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys

12:16:30.0861 0x0aa8 Wdf01000 - ok

12:16:30.0876 0x0aa8 [ 019CC610AD95FF47EAD7C08B7A683B96, BB9D42F8ED90ECA2E7B8C906E06A1EA859FAD9BD1B3492BB1E28C0D00004812A ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys

12:16:30.0876 0x0aa8 WdFilter - ok

12:16:30.0876 0x0aa8 [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll

12:16:30.0876 0x0aa8 WdiServiceHost - ok

12:16:30.0892 0x0aa8 [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll

12:16:30.0892 0x0aa8 WdiSystemHost - ok

12:16:30.0892 0x0aa8 [ 6CC1BB8F6851A262E2E824F0E92D5EEF, 45A88A984179BBA38C1F4434C4D6C2823C1FE6AFBE8CB0F656DAE0092D1D5611 ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys

12:16:30.0907 0x0aa8 WdNisDrv - ok

12:16:30.0907 0x0aa8 WdNisSvc - ok

12:16:30.0907 0x0aa8 [ 91B18D7A1702ED589E67C6C81052B955, 5D1DA8B86106A28E50BBCCB36527CC130D41201F5BE1D3DC5F1D6F7ECCF807BA ] WebClient C:\WINDOWS\System32\webclnt.dll

12:16:30.0923 0x0aa8 WebClient - ok

12:16:30.0923 0x0aa8 [ 3274312F263882B51B964329FAF49734, 99A020377ACF0762BE5ECD2D68EB5E1497B9D59963247E725F7F96FB5DF41FAD ] Wecsvc C:\WINDOWS\system32\wecsvc.dll

12:16:30.0939 0x0aa8 Wecsvc - ok

12:16:30.0939 0x0aa8 [ 7CDD84E0023A0C5C230B06A7965EC65E, 6EC7DC18C76D66CF9A893C3DD20F9BE3ADD76546F9A9BA42CE4F24854709F9D9 ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll

12:16:30.0939 0x0aa8 WEPHOSTSVC - ok

12:16:30.0939 0x0aa8 [ 959534ACF085C137D2D094384EF89C45, D029F440789FE170A1C46217C6DE6D78DC0188A5CF33FCCC17FA65D3BC80C2B7 ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll

12:16:30.0954 0x0aa8 wercplsupport - ok

12:16:30.0954 0x0aa8 [ 82BCCF5FBE47AC9E8CBA2020994DFB3F, EA96C6BD98A701B465D0780EC10BDA92E45FE636D60C1385813AA3B456D8B931 ] WerSvc C:\WINDOWS\System32\WerSvc.dll

12:16:30.0954 0x0aa8 WerSvc - ok

12:16:30.0970 0x0aa8 [ BFBE1C5F57FE7A885673A1962D5532B7, F0BD05B257108699FE6AB32EF11F927C31932F27062A705B3FEFA4F5B4C0D8C3 ] WFPLWFS C:\WINDOWS\system32\DRIVERS\wfplwfs.sys

12:16:30.0970 0x0aa8 WFPLWFS - ok

12:16:30.0986 0x0aa8 [ E06AFE2F94BA7CFA2FE4FD2A449E60E2, 99A81E16366E9E77905D873B0246E4C11B383FE1E99E0E1D9A07FAD4E52EA9E4 ] WiaRpc C:\WINDOWS\System32\wiarpc.dll

12:16:30.0986 0x0aa8 WiaRpc - ok

12:16:30.0986 0x0aa8 [ 867BCC69ED9C31C501465EB0E8BA9DFA, 678B7FF4D4E8624514301956CDA7FB451159BBFC83FF2E4E5E7DADAE3C7AB2EC ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys

12:16:30.0986 0x0aa8 WIMMount - ok

12:16:30.0986 0x0aa8 WinDefend - ok

12:16:31.0017 0x0aa8 [ DD079EC8F44DCA3A176B345C6ADEFB66, 6CD9371B83EA23D2181891FAE1DB285BC111A78C35F374E57666ED09860C91A9 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll

12:16:31.0033 0x0aa8 WinHttpAutoProxySvc - ok

12:16:31.0048 0x0aa8 [ 9DB490F3E823C5C3C070644B96CB9D59, 81937D0B331E43C7C61514E60B3AD51370C5201F7B4D12F8534840D91EDC32DD ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll

12:16:31.0048 0x0aa8 Winmgmt - ok

12:16:31.0236 0x0aa8 [ C8D6344BDE2691A196E61C0D3372EAB7, FF8EB79D8A7E298343C22B83276FF68293D08A9DA438BB22600BEFC4CA93A91D ] WinRM C:\WINDOWS\system32\WsmSvc.dll

12:16:31.0283 0x0aa8 WinRM - ok

12:16:31.0298 0x0aa8 [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb C:\WINDOWS\system32\DRIVERS\WinUsb.sys

12:16:31.0298 0x0aa8 WinUsb - ok

12:16:31.0329 0x0aa8 [ 3F5EF31C6AA204B099EE76497DF80A26, CBE648A4E7E1D98A3D8C72582C1CB3C2FD2329EAA24EE4DCAD271AAA6F4D82CE ] WlanSvc C:\WINDOWS\System32\wlansvc.dll

12:16:31.0361 0x0aa8 WlanSvc - ok

12:16:31.0408 0x0aa8 [ 5F56C0DE776C7AE43AF749845BFAA1EF, 837993C5853B7E682C7FB8401B7F5D951FFD15E5659EBB1B01DC3F5719ACEE19 ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll

12:16:31.0439 0x0aa8 wlidsvc - ok

12:16:31.0439 0x0aa8 [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys

12:16:31.0439 0x0aa8 WmiAcpi - ok

12:16:31.0454 0x0aa8 [ 7AFAC828F52D62F304A911EC32F42EEE, 4EDCF4149069413A166169F2E23F7505F47B39B7EC319E1EF6D2C46CD140AA24 ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe

12:16:31.0470 0x0aa8 wmiApSrv - ok

12:16:31.0470 0x0aa8 WMPNetworkSvc - ok

12:16:31.0470 0x0aa8 [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof C:\WINDOWS\system32\drivers\Wof.sys

12:16:31.0486 0x0aa8 Wof - ok

12:16:31.0533 0x0aa8 [ 61BF52E9FFAB27A0B6D621BE26088373, 81291D52C381360E69D51E7DEB05CFAC651A7E9EF781CA23062C0583D0C94708 ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll

12:16:31.0564 0x0aa8 workfolderssvc - ok

12:16:31.0564 0x0aa8 [ 182561A14F2E93E81E66FE3700D17A5A, FB9A06058A8BCCEDCDC5BF8899D9B2FBA5752C262C5FC6D2B8338884F3303D12 ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys

12:16:31.0564 0x0aa8 wpcfltr - ok

12:16:31.0564 0x0aa8 [ 4E6A0F60DA7EF050D3D26417CD4D24E9, E6B3BFB007B641D41F8532ED086F92CB3D86E210023DBFAA9AD8152A9FD33CCA ] WPCSvc C:\WINDOWS\System32\wpcsvc.dll

12:16:31.0579 0x0aa8 WPCSvc - ok

12:16:31.0579 0x0aa8 [ 618A19EB31ECA7B7F2AA0207BAF598A5, CB18CF9B781EAB3D775F8201F294A7135E058D6C963D2CC759DCA14D95EED538 ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll

12:16:31.0579 0x0aa8 WPDBusEnum - ok

12:16:31.0579 0x0aa8 [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys

12:16:31.0595 0x0aa8 WpdUpFltr - ok

12:16:31.0595 0x0aa8 [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys

12:16:31.0595 0x0aa8 ws2ifsl - ok

12:16:31.0595 0x0aa8 [ 9654DE19551093CD73874281E1573C94, 5E3513EC0CB180D90904BE8970AB64A4434279E8C467AE2CF693254E47B1D11E ] wscsvc C:\WINDOWS\System32\wscsvc.dll

12:16:31.0611 0x0aa8 wscsvc - ok

12:16:31.0611 0x0aa8 [ F586F3F1BF962FE9AE4316E0D896B22F, 8D0AD48D79294567123D943D0F5B6D5A32D7A82B129A24DC821D3095AFAA100B ] WSDPrintDevice C:\WINDOWS\System32\drivers\WSDPrint.sys

12:16:31.0611 0x0aa8 WSDPrintDevice - ok

12:16:31.0611 0x0aa8 WSearch - ok

12:16:31.0720 0x0aa8 [ 95B6670E6933E1DEE19686C55BE709A0, 4B9EB8F1712B7959A71F6DA445D29BD09B25EEFC6B30D736EFE30163D79B233E ] WSService C:\WINDOWS\System32\WSService.dll

12:16:31.0767 0x0aa8 WSService - ok

12:16:31.0908 0x0aa8 [ D24002EB2F4A8A04897703067E81CC5D, 03806198D26DD7BA3E27EFE0911B49E5B48CAD8A05EC4F56AF45CF1E3FAD6916 ] wuauserv C:\WINDOWS\system32\wuaueng.dll

12:16:31.0970 0x0aa8 wuauserv - ok

12:16:31.0970 0x0aa8 [ D537815E450A149752C15868392AD1F3, 8788CE493349299DB36E409C8CC3C6EA08301FA492C95D9D556E00BC13A05F13 ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys

12:16:31.0986 0x0aa8 WudfPf - ok

12:16:31.0986 0x0aa8 [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys

12:16:31.0986 0x0aa8 WUDFRd - ok

12:16:32.0001 0x0aa8 [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFSensorLP C:\WINDOWS\system32\DRIVERS\WUDFRd.sys

12:16:32.0001 0x0aa8 WUDFSensorLP - ok

12:16:32.0017 0x0aa8 [ 9CDC2059A23E3C9B57696178508777E7, B680A2E2EDA5C8C6A547E7D9B2F2F8E6407C3EA0A01B82A4B88D48A27913A597 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll

12:16:32.0017 0x0aa8 wudfsvc - ok

12:16:32.0033 0x0aa8 [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys

12:16:32.0033 0x0aa8 WUDFWpdFs - ok

12:16:32.0033 0x0aa8 [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFWpdMtp C:\WINDOWS\system32\DRIVERS\WUDFRd.sys

12:16:32.0048 0x0aa8 WUDFWpdMtp - ok

12:16:32.0064 0x0aa8 [ 2FA9794CA36147756F3FDFD6CA29B46F, 4B86DC38C2411C281686E9A4E64DA6FB2992E39391371F78E012D6D8BB85123F ] WwanSvc C:\WINDOWS\System32\wwansvc.dll

12:16:32.0064 0x0aa8 WwanSvc - ok

12:16:32.0079 0x0aa8 ================ Scan global ===============================

12:16:32.0095 0x0aa8 [ C89780A6F58D113C28A96D85D1261DC5, 185114F33A60916C7904E4A0F278CA43258454343E614F01F0DAFA98BAC981B1 ] C:\WINDOWS\system32\basesrv.dll

12:16:32.0095 0x0aa8 [ 00DD4D2ACC2E72155A8AAA82018BEC0D, 9D7CA68B4A81240477FCC85A3CC11EF986093F9D6228A6C5AC608EDAD664068C ] C:\WINDOWS\system32\winsrv.dll

12:16:32.0111 0x0aa8 [ 9C1833ABD62876856836C5AE55C7CE86, 0A21E2C8B2FF3B0438C86DA7151A548F9C6F5C62CD402CBBEDB435994C8508F1 ] C:\WINDOWS\system32\sxssrv.dll

12:16:32.0111 0x0aa8 [ 067CB90C277DB4A737D5DEABA3055972, C681BF013170F2D92A3FC4D783FC3F200CDC0C8173373B7ECC27FCF32A03CCBD ] C:\WINDOWS\system32\services.exe

12:16:32.0126 0x0aa8 [ Global ] - ok

12:16:32.0126 0x0aa8 ================ Scan MBR ==================================

12:16:32.0126 0x0aa8 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0

12:16:32.0142 0x0aa8 \Device\Harddisk0\DR0 - ok

12:16:32.0142 0x0aa8 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1

12:16:32.0158 0x0aa8 \Device\Harddisk1\DR1 - ok

12:16:32.0158 0x0aa8 ================ Scan VBR ==================================

12:16:32.0158 0x0aa8 [ 647B2B603F7CF6CA8937A0AF4C5611E4 ] \Device\Harddisk0\DR0\Partition1

12:16:32.0189 0x0aa8 \Device\Harddisk0\DR0\Partition1 - ok

12:16:32.0189 0x0aa8 [ F2137BE36DD54B6ED9015854EAD5B59D ] \Device\Harddisk0\DR0\Partition2

12:16:32.0189 0x0aa8 \Device\Harddisk0\DR0\Partition2 - ok

12:16:32.0189 0x0aa8 [ A0B8EC94B0D33BD41CD4D546376AAFBC ] \Device\Harddisk0\DR0\Partition3

12:16:32.0189 0x0aa8 \Device\Harddisk0\DR0\Partition3 - ok

12:16:32.0204 0x0aa8 [ 39A5B5E56F9127A8EAF8698A29ED5A66 ] \Device\Harddisk0\DR0\Partition4

12:16:32.0207 0x0aa8 \Device\Harddisk0\DR0\Partition4 - ok

12:16:32.0207 0x0aa8 [ 3809B7273EBA008CFF3757D3A4824CBE ] \Device\Harddisk0\DR0\Partition5

12:16:32.0217 0x0aa8 \Device\Harddisk0\DR0\Partition5 - ok

12:16:32.0217 0x0aa8 [ 0933F70564B8F1C5B767B8AF07D79BAE ] \Device\Harddisk0\DR0\Partition6

12:16:32.0248 0x0aa8 \Device\Harddisk0\DR0\Partition6 - ok

12:16:32.0248 0x0aa8 [ 811E57130B3D1E3D865A56DBF078FA0F ] \Device\Harddisk0\DR0\Partition7

12:16:32.0248 0x0aa8 \Device\Harddisk0\DR0\Partition7 - ok

12:16:32.0248 0x0aa8 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk1\DR1\Partition1

12:16:32.0264 0x0aa8 \Device\Harddisk1\DR1\Partition1 - ok

12:16:32.0264 0x0aa8 ================ Scan generic autorun ======================

12:16:32.0264 0x0aa8 [ ED77575498921FE61B53A5EBB1F4136B, C52D3451F34E5115A1AAA424DC8F0A7A2AA3468726BA1873F0BCCFE1480FCB57 ] C:\WINDOWS\system32\igfxtray.exe

12:16:32.0279 0x0aa8 IgfxTray - ok

12:16:32.0295 0x0aa8 [ F31985811DD87B61708B0E8484E88216, A61C4B48AFF70455FBD989FBAC3C9CF8C4C1425CF1F94296660036CF6E0E2B04 ] C:\WINDOWS\system32\hkcmd.exe

12:16:32.0310 0x0aa8 HotKeysCmds - ok

12:16:32.0326 0x0aa8 [ C89C68961854E7A67946BE47D44EFAF4, 954EE4BF56F9602B6275B6F852BBB5F739147B3D1395AC07A02BDE0027828CFF ] C:\WINDOWS\system32\igfxpers.exe

12:16:32.0342 0x0aa8 Persistence - ok

12:16:32.0592 0x0aa8 [ 7D31CD1A83B9D28357DCC125036C3C8A, 18F9A369E6EE6F8EAFA06E83E6414A0EAFA25AEC80F69AFDC9CC19FF3BC836E7 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

12:16:32.0685 0x0aa8 RTHDVCPL - ok

12:16:32.0717 0x0aa8 [ EEB61D294DCD96446FBFB18BFC913527, F473C5CF64C8325CFE145C06A07B69419E77156BC73C73763C1FCF9A51283B1B ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

12:16:32.0748 0x0aa8 RtHDVBg - ok

12:16:32.0779 0x0aa8 [ EEB61D294DCD96446FBFB18BFC913527, F473C5CF64C8325CFE145C06A07B69419E77156BC73C73763C1FCF9A51283B1B ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

12:16:32.0795 0x0aa8 RtHDVBg_PushButton - ok

12:16:32.0795 0x0aa8 [ 6E0BDFBEEED65B017F2E4C2C910B0520, 54D798C2E2804DCDB84E9650EA4A032C669B10C586B396D5505F16235D83882C ] C:\Windows\system32\rundll32.exe

12:16:32.0795 0x0aa8 Logitech Download Assistant - ok

12:16:33.0014 0x0aa8 [ 835A9D81B037F49CCCD09EADDCC2E20A, 471C1993ECBE80DD08BE9DD434FC37CC840067B868A9C69E796966307022DC60 ] C:\Program Files\Dell\UnifyingSoftwareLauncher\DellLaunchUnifyingApp.exe

12:16:33.0076 0x0aa8 Dell Unifying Software Launcher - ok

12:16:33.0076 0x0aa8 [ E7861EAA7881E086B2DB88ADF4279D4B, D040BCEC5B7519357D4E28653FC0F9F4FEAA88D291726A0763EA5E84C8C5D840 ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe

12:16:33.0076 0x0aa8 IAStorIcon - ok

12:16:33.0092 0x0aa8 [ 013A6A5EB70881D4A8056C8BF7AA5B5C, 9A22E8E21A8DAF09D0F6D04C59E2EBBEB781E969B8D79DEFB33AAA7496123C89 ] C:\Program Files (x86)\Dell\Dell Wireless Keyboard Software\CDCtr.exe

12:16:33.0107 0x0aa8 CDEjectCtr - ok

12:16:33.0123 0x0aa8 [ 04679E0DC30077EC1164BE82F2A2ADC9, E0193F0AE484DED0DD7F81407F0D98AC071F34358B9EA554DE3ADFC3BA1CBD60 ] C:\Program Files\McAfee.com\Agent\mcagent.exe

12:16:33.0123 0x0aa8 mcpltui_exe - ok

12:16:33.0123 0x0aa8 [ D9FAA5EFEB27DDBE99C720B9069A451E, FD33757E2674915409E54FBDF828DB900E31B99265035B16C216B38C6DBFC15F ] C:\Program Files (x86)\iTunes\iTunesHelper.exe

12:16:33.0139 0x0aa8 iTunesHelper - ok

12:16:33.0139 0x0aa8 [ A2271A1995614FBF83CC186F6BA04DAE, E8E7BE740AAA2FACE23C2AD6C820E2790836C484D5FA152C28C64A9D66AA0CF4 ] C:\Program Files (x86)\Nike\Nike+ Connect\Nike+ Connect daemon.exe

12:16:33.0139 0x0aa8 Nike+ Connect - ok

12:16:33.0154 0x0aa8 [ 308F2EE28005510DE616409148CF077B, A2126CB185B0053086BDD6F0A16A503F6CA629AC677E4B7AE6D43C770061D087 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

12:16:33.0154 0x0aa8 SunJavaUpdateSched - ok

12:16:33.0154 0x0aa8 [ 1E3E6E6AC4053E4CAB37C90304C0A1C9, AF3650DDB9ABBBE01AD71BC56E0C773CD480C8BB10428ED6CD95B4B95F170F4D ] C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVD.exe

12:16:33.0154 0x0aa8 AnyDVD - ok

12:16:33.0185 0x0aa8 [ 4AA39B9A4A8534450AA4F55F5C907090, 1620803211935FCC8C57F15CF34255BBDD92CE5FFBB28CCD37C29EB50B4C6D48 ] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

12:16:33.0201 0x0aa8 GoogleChromeAutoLaunch_EBF55E2D20B0831DD9C62517F8BC1054 - ok

12:16:33.0201 0x0aa8 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] C:\Users\Jason\AppData\Local\Google\Update\GoogleUpdate.exe

12:16:33.0201 0x0aa8 Google Update - ok

12:16:33.0201 0x0aa8 Waiting for KSN requests completion. In queue: 364

12:16:34.0216 0x0aa8 Waiting for KSN requests completion. In queue: 43

12:16:35.0217 0x0aa8 Waiting for KSN requests completion. In queue: 43

12:16:36.0228 0x0aa8 AV detected via SS2: McAfee Anti-Virus and Anti-Spyware, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 12.8.0.0 ), 0x51000 ( enabled : updated )

12:16:36.0228 0x0aa8 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.5.218.0 ), 0x60100 ( disabled : updated )

12:16:36.0228 0x0aa8 FW detected via SS2: McAfee Firewall, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 12.8.0.0 ), 0x51010 ( enabled )

12:16:38.0739 0x0aa8 ============================================================

12:16:38.0739 0x0aa8 Scan finished

12:16:38.0739 0x0aa8 ============================================================

12:16:38.0739 0x0618 Detected object count: 0

12:16:38.0739 0x0618 Actual detected object count: 0



#4 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:59 PM

Posted 14 October 2014 - 03:49 AM

Nothing to see...

 

Full System Scan with Malwarebytes Antimalware

  • If not existing, please download Malwarebytes Anti-Malware to your desktop.
  • Double-click the downloaded setup file and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:

    • Launch Malwarebytes Anti-Malware
    • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.

  • Click Finish.


If the program is already installed:
  • Run Malwarebytes Antimalware
  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.


  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click 'Copy to Clipboard'
  • Paste the contents of the clipboard into your reply.

 

 

 

Scan with ESET Online Scan

Go here to run an online scannner from ESET. Windows Vista/Windows 7/Windows 8 users will need to right click on their Internet Explorer shortcut, and select Run as Administrator

  • Note: For browsers other than Internet Explorer, you will be prompted to download and install esetsmartinstaller_enu.exe. Click on the link and save the file to a convenient location. Double click on it to install and a new window will open. Follow the prompts.
  • Turn off the real time scanner of any existing antivirus program while performing the online scan. Here's how.
  • Click the blue Run ESET Online Scanner button
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the program to install the "OnlineScanner.cab" activex control by clicking the Install button
  • Once the activex control is installed, on the next screen click on Enable detection of potentially unwanted applications
  • Click on Advanced Settings
  • Make sure that the option Remove found threats is unticked.
  • Ensure these options are ticked
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Click Start
  • Wait for the scan to finish
  • When the scan is done, if it shows a screen that says "Threats found!", then click "List of found threats", and then click "Export to text file..."
  • Save that text file on your desktop. Copy and paste the contents of that log as a reply to this topic.
  • Close the ESET online scan, and let me know how things are now.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#5 miltonq

miltonq
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:59 AM

Posted 23 October 2014 - 01:24 PM

Very sorry for the delay!  Been a crazy week.

update:  for some reason, IE and chrome are no longer really slow to open.  I don't know what has changed.  APpreciate you looking through the rest of everything to see if there is something to fix though.

Here is the Malwarevytes log:

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 10/14/2014
Scan Time: 12:07:26 PM
Logfile:
Administrator: Yes

Version: 2.00.3.1025
Malware Database: v2014.10.14.10
Rootkit Database: v2014.10.11.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: Jason

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 315397
Time Elapsed: 11 min, 45 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 2
PUP.Optional.ClientConnect, C:\Users\Jason\AppData\Local\Temp\d6b36e87-fb07-4f7c-ade4-a33c2d553e9e\DVD_Shrink_v3.2.0.15.exe, Quarantined, [dfc3bb59a8d46fc7ccc9189b3dc40ef2],
PUP.Optional.ClientConnect, C:\Users\Jason\AppData\Local\Temp\87ff57dd-a858-40f7-9069-c5a95aff5f8c\DVD_Shrink_v3.2.0.15.exe, Quarantined, [bfe3868e770593a3395c347f39c8ed13],

Physical Sectors: 0
(No malicious items detected)

(end)

 

HERE IS THE ESET LOG:

C:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\hstart.exe a variant of Win32/HiddenStart.A potentially unsafe application
C:\Users\Jason\Desktop\Desktop Backup\FreemakeVideoConverterSetup.exe Win32/OpenCandy potentially unsafe application
C:\Users\Jason\Desktop\Desktop Backup\Jason\Inventory\Programs\recuva.exe Win32/Bundled.Toolbar.Google.E potentially unsafe application
 



#6 schrauber

schrauber

    Mr.Mechanic


  • Malware Response Team
  • 24,794 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Munich,Germany
  • Local time:01:59 PM

Posted 29 October 2014 - 03:00 AM

Hi miltonq,

Marius is not available at the moment, so I will work with you from now on. Please post back with a fresh FRST logfile and tell me how the system is running.
regards,
schrauber

Posted Image
Posted Image

If I've not posted back within 48 hrs., feel free to send a PM with your topic link. Thank you!

If I have helped you then please consider donating to continue the fight against malware Posted Image

#7 miltonq

miltonq
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:59 AM

Posted 05 November 2014 - 08:51 AM

System seems to be running much better know (although I don't know why!) :-)  Here is the new FRST logfile:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-11-2014
Ran by Jason (administrator) on FAMILYPC on 05-11-2014 07:45:58
Running from C:\Users\Jason\Desktop\cleanup
Loaded Profile: Jason (Available profiles: Jason)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Windows ® Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17044_x64__8wekyb3d8bbwe\glcnd.exe
(Microsoft Corporation) C:\Windows\System32\printfilterpipelinesvc.exe
() C:\Program Files (x86)\Dell_DTM_WPF\DTM_Service\WindowsService_DTM.exe
() C:\Program Files (x86)\Dell_SWEQ\SWEQ_Service\WindowsService_Inclinometer.exe
(Microsoft Corporation) C:\Windows\FileManager\PhotosApp.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
() C:\Program Files\WindowsApps\21465DeveciGames.BasketballPro_1.0.0.26_neutral__erb9h5297r278\Basketball Pro.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\powerpnt.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Elements 13 Organizer\PhotoshopElementsFileAgent.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\powerpnt.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McUICnt.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\winword.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7017032 2013-02-20] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1277000 2013-02-18] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1277000 2013-02-18] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [Dell Unifying Software Launcher] => C:\Program Files\Dell\UnifyingSoftwareLauncher\DellLaunchUnifyingApp.exe [3209608 2012-12-21] (Logitech, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557984 2014-08-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [285240 2012-09-01] (Intel Corporation)
HKLM-x32\...\Run: [CDEjectCtr] => C:\Program Files (x86)\Dell\Dell Wireless Keyboard Software\CDCtr.exe [411648 2012-11-15] ()
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-15] (Apple Inc.)
HKLM-x32\...\Run: [Nike+ Connect] => C:\Program Files (x86)\Nike\Nike+ Connect\Nike+ Connect daemon.exe [71680 2014-09-09] (Nike)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [133248 2013-05-31] ( (Qualcomm Atheros Commnucations))
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-3142402048-706546196-1541975245-1001\...\Run: [AnyDVD] => C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVD.exe [109480 2014-06-23] (SlySoft, Inc.)
HKU\S-1-5-21-3142402048-706546196-1541975245-1001\...\Run: [GoogleChromeAutoLaunch_EBF55E2D20B0831DD9C62517F8BC1054] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [854344 2014-10-21] (Google Inc.)
HKU\S-1-5-21-3142402048-706546196-1541975245-1001\...\Run: [Google Update] => C:\Users\Jason\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-07-10] (Google Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk
ShortcutTarget: Killer Network Manager.lnk -> C:\Windows\Installer\{ED92B8FD-D7A4-46D9-A1B6-640B5FE3C329}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe (Flexera Software LLC)
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com/?pc=DCJB
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM - DefaultScope {04B0E309-30EE-434A-879C-BD2D382B85A6} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=DCJB
SearchScopes: HKLM - {04B0E309-30EE-434A-879C-BD2D382B85A6} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=DCJB
SearchScopes: HKLM-x32 - DefaultScope {04B0E309-30EE-434A-879C-BD2D382B85A6} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=DCJB
SearchScopes: HKLM-x32 - {04B0E309-30EE-434A-879C-BD2D382B85A6} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=DCJB
SearchScopes: HKCU - DefaultScope {04B0E309-30EE-434A-879C-BD2D382B85A6} URL =
SearchScopes: HKCU - {04B0E309-30EE-434A-879C-BD2D382B85A6} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.66 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Jason\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Jason\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2013-08-23]

Chrome:
=======
CHR Profile: C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-10]
CHR Extension: (LibreOffice Draw on rollApp) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\apaghoiaeioepkngbmdaifpagmcmiafo [2014-07-10]
CHR Extension: (Google Drive) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-10]
CHR Extension: (LibreOffice Impress on rollApp) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\aphkpmfcmpjnlnfilmgokeohlbealone [2014-07-10]
CHR Extension: (LibreOffice Calc on rollApp) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\bclbclclgmmigcadnicnjimilaoenlgn [2014-07-10]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-07-10]
CHR Extension: (Bible Verse of the Day) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhgloggoiejchnobifdenkbngmdncege [2014-07-10]
CHR Extension: (YouTube) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-10]
CHR Extension: (Google Cast) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2014-07-10]
CHR Extension: (Google Search) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-10]
CHR Extension: (GIMP on rollApp) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\eodhmnkhmnkmimhckfpkgmbmcgjkaddo [2014-07-10]
CHR Extension: (YoWindow Weather) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\fanogbnclpilemkifpjeglokomebpnef [2014-07-10]
CHR Extension: (LibreOffice Writer on rollApp) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\gnibcjefjdpoannnhgmhoheglmepgggc [2014-07-10]
CHR Extension: (Google Wallet) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-10]
CHR Extension: (Gmail) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-10]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 0120411414627786mcinstcleanup; C:\WINDOWS\TEMP\012041~1.EXE [836168 2014-03-13] (McAfee, Inc.)
R2 AdobeActiveFileMonitor13.0; C:\Program Files\Adobe\Elements 13 Organizer\PhotoshopElementsFileAgent.exe [231120 2014-08-31] (Adobe Systems Incorporated)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [310912 2013-05-31] (Windows ® Win 7 DDK provider)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2436280 2014-09-25] (Microsoft Corporation)
R2 Dell_DTM; C:\Program Files (x86)\Dell_DTM_WPF\DTM_Service\WindowsService_DTM.exe [17408 2013-06-17] () [File not signed]
R2 Dell_Software_eq; C:\Program Files (x86)\Dell_SWEQ\SWEQ_Service\WindowsService_Inclinometer.exe [27648 2013-03-13] () [File not signed]
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 Intel® Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel® Corporation)
R2 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [193576 2012-07-19] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165336 2013-01-13] (Intel Corporation)
S3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-21] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-14] (Microsoft Corporation)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.)
S3 McAWFwk; C:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe [334760 2012-12-21] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [603424 2014-09-04] (McAfee, Inc.)
R2 McOobeSv2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-08-20] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-06-20] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-06-20] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-04-25] (Microsoft Corporation)
R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [341504 2013-06-26] (Qualcomm Atheros) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [239176 2013-02-19] (Realtek Semiconductor)
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe [1915920 2013-11-21] (SoftThinks SAS)
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-21] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-21] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-23] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-23] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 akw8x64; C:\Windows\system32\DRIVERS\akw8x64.sys [3812048 2013-05-30] (Qualcomm Atheros, Inc.)
S3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [138664 2014-04-24] (SlySoft, Inc.)
S3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [138664 2014-04-24] (SlySoft, Inc.)
S1 BfLwf; C:\Windows\system32\DRIVERS\bwcW8x64.sys [75056 2013-02-13] (Qualcomm Atheros, Inc.)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-05-31] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-06-20] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R3 irstrtdv; C:\Windows\System32\drivers\irstrtdv.sys [43800 2012-07-20] (Intel Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-06-20] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313544 2014-06-20] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70600 2014-06-20] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [523792 2014-06-20] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-06-20] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [445512 2014-08-20] (McAfee, Inc.)
U3 mfencbdc01; No ImagePath
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-08-20] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-06-20] (McAfee, Inc.)
R0 PxHlpa64; C:\Windows\System32\drivers\PxHlpa64.sys [56336 2013-09-03] (Corel Corporation)
R3 SensorsAlsDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation)
R3 SensorsHIDClassDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation)
R3 SensorsServiceDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation)
R3 ST_Accel; C:\Windows\system32\DRIVERS\ST_Accel.sys [71832 2012-07-13] (STMicroelectronics)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-23] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-04 20:02 - 2014-11-04 20:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-11-04 16:01 - 2014-11-04 16:01 - 00620078 _____ () C:\Users\Jason\Downloads\GW_FACE.pptx
2014-11-03 16:59 - 2014-11-03 16:59 - 00000028 _____ () C:\Users\Jason\Documents\tempFolderPath.dat
2014-11-03 16:56 - 2014-11-03 16:56 - 00000000 ____D () C:\Users\Jason\Documents\NewBlueFX
2014-11-03 16:08 - 2014-11-04 10:13 - 00000132 _____ () C:\Users\Jason\AppData\Roaming\Adobe PNG Format CC Prefs
2014-11-03 15:20 - 2014-11-03 16:56 - 00000000 ____D () C:\Users\Jason\Documents\Adobe
2014-11-03 15:08 - 2014-11-03 15:08 - 00003502 _____ () C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-jdmilton@gmail.com
2014-11-03 14:37 - 2014-11-03 14:37 - 00001064 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Elements 13.lnk
2014-11-03 14:37 - 2014-11-03 14:37 - 00001052 _____ () C:\Users\Public\Desktop\Adobe Premiere Elements 13.lnk
2014-11-03 14:19 - 2014-11-03 14:22 - 00000000 ____D () C:\Users\Jason\Desktop\Adobe Premiere Elements 13
2014-11-03 14:18 - 2014-11-03 16:56 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-11-03 14:17 - 2014-11-03 14:17 - 00001024 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Elements 13.lnk
2014-11-03 14:17 - 2014-11-03 14:17 - 00001012 _____ () C:\Users\Public\Desktop\Adobe Photoshop Elements 13.lnk
2014-11-03 14:11 - 2014-11-03 14:36 - 00000000 ____D () C:\Program Files\Adobe
2014-11-03 14:09 - 2014-11-03 14:12 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-11-03 14:08 - 2014-11-03 14:08 - 00000000 ____D () C:\ProgramData\Package Cache
2014-11-03 14:08 - 2013-09-03 04:01 - 00056336 ____N (Corel Corporation) C:\WINDOWS\system32\Drivers\PxHlpa64.sys
2014-11-03 14:08 - 2012-04-24 04:01 - 00011376 ____N (Corel Corporation) C:\WINDOWS\system32\Drivers\cdralw2k.sys
2014-11-03 14:08 - 2012-04-24 04:01 - 00010864 ____N (Corel Corporation) C:\WINDOWS\system32\Drivers\cdr4_xp.sys
2014-11-03 13:52 - 2014-11-03 13:54 - 00000000 ____D () C:\Users\Jason\Desktop\Adobe Photoshop Elements 13
2014-11-03 13:42 - 2014-11-04 10:16 - 00000000 ____D () C:\Users\Jason\Desktop\GW Face
2014-11-03 13:41 - 2014-11-03 13:41 - 00866055 _____ () C:\Users\Jason\Downloads\george washington.pptx
2014-11-03 12:20 - 2014-11-03 13:50 - 00000000 ____D () C:\Users\Jason\Desktop\Adobe Photoshop Elements & Premiere Elements 13 - Student and Teacher Edition (Download)
2014-11-03 12:09 - 2014-11-03 12:09 - 01054064 _____ (Amazon Services LLC) C:\Users\Jason\Desktop\Adobe_Photoshop_Elements_Premiere_Elements_13_Student_and_Teacher_Edition_Downloader.exe
2014-11-02 11:23 - 2014-11-02 11:23 - 00142982 _____ () C:\Users\Jason\Downloads\Homework Menu 11-11-13.pptx
2014-11-02 11:23 - 2014-11-02 11:23 - 00142982 _____ () C:\Users\Jason\Downloads\Homework Menu 11-11-13 (1).pptx
2014-10-27 16:04 - 2014-10-27 16:04 - 01026527 _____ () C:\Users\Jason\Downloads\IMG_2983.MOV
2014-10-23 19:21 - 2014-11-03 17:03 - 00000000 ____D () C:\Users\Jason\Desktop\video
2014-10-23 07:39 - 2014-10-23 07:39 - 04053998 _____ () C:\Users\Jason\Downloads\series.tgz
2014-10-22 04:35 - 2014-10-22 04:35 - 01419687 _____ () C:\Users\Jason\Downloads\pics.zip
2014-10-20 19:16 - 2014-10-20 19:29 - 00000000 ____D () C:\Users\Jason\Desktop\adoptionpicsemail
2014-10-20 19:16 - 2014-10-20 19:16 - 00000000 ___RD () C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-10-20 14:31 - 2014-10-20 14:51 - 00000000 ____D () C:\Users\Jason\Desktop\adoptionpics
2014-10-14 19:27 - 2014-09-25 16:50 - 13619200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-10-14 19:27 - 2014-09-25 16:46 - 00243200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-10-14 19:27 - 2014-09-25 16:46 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-10-14 19:27 - 2014-09-25 16:43 - 11807232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-10-14 19:27 - 2014-09-25 16:32 - 02017280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-10-14 19:27 - 2014-09-25 16:31 - 02108416 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-10-14 19:27 - 2014-09-18 20:25 - 23631360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-10-14 19:27 - 2014-09-18 19:44 - 17484800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-10-14 19:27 - 2014-09-18 19:41 - 02796032 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-10-14 19:27 - 2014-09-18 19:40 - 00547328 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-10-14 19:27 - 2014-09-18 19:38 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-10-14 19:27 - 2014-09-18 19:36 - 05829632 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-10-14 19:27 - 2014-09-18 19:25 - 04201472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-10-14 19:27 - 2014-09-18 19:25 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-10-14 19:27 - 2014-09-18 19:02 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-10-14 19:27 - 2014-09-18 19:00 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-10-14 19:27 - 2014-09-18 18:59 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-10-14 19:27 - 2014-09-18 18:58 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-10-14 19:27 - 2014-09-18 18:55 - 02187264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-10-14 19:27 - 2014-09-18 18:42 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-10-14 19:27 - 2014-09-18 18:42 - 00710656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-10-14 19:27 - 2014-09-18 18:42 - 00363008 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-10-14 19:27 - 2014-09-18 18:33 - 02309632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-10-14 19:27 - 2014-09-18 18:20 - 00607744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-10-14 19:27 - 2014-09-18 18:20 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-10-14 19:27 - 2014-09-18 18:14 - 01447936 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-10-14 19:27 - 2014-09-18 17:59 - 01810944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-10-14 19:27 - 2014-09-18 17:59 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-10-14 19:27 - 2014-09-18 17:53 - 01190400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-10-14 19:27 - 2014-09-18 17:52 - 00678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-10-14 19:26 - 2014-09-27 16:25 - 04183040 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-10-14 19:26 - 2014-09-03 18:10 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-10-14 19:26 - 2014-09-03 17:57 - 00921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-10-14 19:26 - 2014-09-03 17:49 - 00626688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-10-14 19:22 - 2014-09-07 21:15 - 00054752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-10-14 19:22 - 2014-09-07 19:46 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-10-14 19:22 - 2014-09-07 19:46 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2014-10-14 19:22 - 2014-09-07 18:08 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-10-14 19:22 - 2014-09-07 18:07 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-10-14 19:22 - 2014-09-07 18:05 - 03448320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-10-14 19:22 - 2014-09-07 18:04 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-10-14 19:22 - 2014-09-07 18:04 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-10-14 19:22 - 2014-09-07 18:03 - 01702400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-10-14 19:22 - 2014-09-07 18:03 - 00839680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-10-14 19:22 - 2014-09-07 17:59 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-10-14 19:22 - 2014-09-07 17:59 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-10-14 19:22 - 2014-09-07 17:56 - 00672256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-10-14 19:22 - 2014-09-07 17:56 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-10-14 19:13 - 2014-09-13 00:29 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll
2014-10-14 19:13 - 2014-09-12 23:49 - 00068608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\packager.dll
2014-10-14 19:13 - 2014-09-03 18:12 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2014-10-14 19:13 - 2014-09-03 18:01 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2014-10-14 19:08 - 2014-08-15 22:08 - 21195616 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-10-14 19:08 - 2014-08-15 22:08 - 01507648 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-10-14 19:08 - 2014-08-15 22:01 - 01710184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-10-14 19:08 - 2014-08-15 21:58 - 01112512 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-10-14 19:08 - 2014-08-15 21:57 - 02498880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-10-14 19:08 - 2014-08-15 21:57 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-10-14 19:08 - 2014-08-15 21:16 - 18722600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-10-14 19:08 - 2014-08-15 21:16 - 01205976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-10-14 19:08 - 2014-08-15 21:03 - 01467384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-10-14 19:08 - 2014-08-15 19:31 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-10-14 19:08 - 2014-08-15 19:04 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2014-10-14 19:08 - 2014-08-15 18:58 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-10-14 19:08 - 2014-08-15 18:53 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2014-10-14 19:08 - 2014-08-15 18:46 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityService.dll
2014-10-14 19:08 - 2014-08-15 18:45 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-10-14 19:08 - 2014-08-15 18:43 - 00321024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2014-10-14 19:08 - 2014-08-15 18:43 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2014-10-14 19:08 - 2014-08-15 18:31 - 00914432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2014-10-14 19:08 - 2014-08-15 18:31 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcsvDevice.dll
2014-10-14 19:08 - 2014-08-15 18:29 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-14 19:08 - 2014-08-15 18:23 - 01106432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-10-14 19:08 - 2014-08-15 18:22 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-10-14 19:08 - 2014-08-15 18:22 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-10-14 19:08 - 2014-08-15 18:19 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-14 19:08 - 2014-08-15 18:18 - 04758528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-10-14 19:08 - 2014-08-15 18:17 - 08757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-10-14 19:08 - 2014-08-15 18:14 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-10-14 19:08 - 2014-08-15 18:13 - 06649344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-10-14 19:08 - 2014-08-15 18:13 - 05902848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-10-14 19:08 - 2014-08-15 18:13 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-10-14 19:08 - 2014-08-15 18:11 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-10-14 19:08 - 2014-08-15 18:10 - 01120768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-10-14 19:08 - 2014-08-15 18:08 - 05777408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-10-14 19:08 - 2014-08-15 18:07 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-10-14 19:08 - 2014-07-31 17:22 - 00388729 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-10-14 19:07 - 2014-09-13 00:02 - 02779648 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-10-14 19:07 - 2014-09-12 23:30 - 03117568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-10-14 19:07 - 2014-08-28 19:58 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2014-10-14 19:07 - 2014-08-28 17:56 - 02646016 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-10-14 19:07 - 2014-08-28 17:47 - 02321920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-10-14 11:22 - 2014-10-14 11:22 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-10-14 11:07 - 2014-10-23 12:22 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-10-14 11:06 - 2014-10-14 11:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-10-14 11:06 - 2014-10-14 11:06 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-10-14 11:06 - 2014-10-14 11:06 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-10-14 11:06 - 2014-10-01 10:11 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-10-14 11:06 - 2014-10-01 10:11 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-10-14 11:06 - 2014-10-01 10:11 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-10-13 11:21 - 2014-11-05 07:45 - 00000000 ____D () C:\Users\Jason\Desktop\cleanup
2014-10-13 11:02 - 2014-11-05 07:46 - 00000000 ____D () C:\FRST
2014-10-12 21:19 - 2014-10-19 18:01 - 00000241 _____ () C:\Users\Jason\Desktop\IE and Chrome very slow to start - Virus, Trojan, Spyware, and Malware Removal Logs.url
2014-10-11 09:16 - 2014-10-11 09:08 - 04064422 _____ () C:\Users\Jason\Desktop\water_cycle_video-eml.mp4
2014-10-11 09:04 - 2014-10-11 09:08 - 00000000 ____D () C:\Users\Jason\Desktop\vids
2014-10-08 05:02 - 2014-10-08 05:02 - 01640456 _____ () C:\Users\Jason\Downloads\Dry Ice by Samanta and Bryanna.wmv
2014-10-08 05:02 - 2014-10-08 05:02 - 01081905 _____ () C:\Users\Jason\Downloads\air project michele and sanaa.wmv
2014-10-07 07:51 - 2014-10-07 08:51 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\uTorrent
2014-10-07 05:13 - 2014-10-07 05:13 - 06258650 _____ () C:\Users\Jason\Downloads\SymbolsofAmericaPowerPoint.pptx
2014-10-07 05:13 - 2014-10-07 05:13 - 00911916 _____ () C:\Users\Jason\Downloads\Freedomweekpresentationpowerpoint (1).pptx
2014-10-07 05:12 - 2014-10-07 05:12 - 01574731 _____ () C:\Users\Jason\Downloads\PrimaryGradesInternetScavengerHuntAmericanHolidays (1).zip
2014-10-07 05:07 - 2014-11-05 00:44 - 00000000 ____D () C:\Users\Jason\Desktop\Government
2014-10-07 05:05 - 2014-10-07 05:05 - 00369322 _____ () C:\Users\Jason\Downloads\ElectionDayMiniLesson.zip
2014-10-07 05:02 - 2014-10-07 05:02 - 00911916 _____ () C:\Users\Jason\Downloads\Freedomweekpresentationpowerpoint.pptx
2014-10-07 05:00 - 2014-10-07 05:00 - 01574731 _____ () C:\Users\Jason\Downloads\PrimaryGradesInternetScavengerHuntAmericanHolidays.zip

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-05 07:41 - 2014-04-25 17:14 - 01271400 _____ () C:\WINDOWS\WindowsUpdate.log
2014-11-05 07:34 - 2014-07-10 11:24 - 00000924 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-05 07:00 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-11-05 06:51 - 2014-07-10 11:41 - 00000926 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3142402048-706546196-1541975245-1001UA.job
2014-11-05 04:01 - 2014-09-05 13:42 - 00004974 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for FAMILYPC-Jason FamilyPC
2014-11-05 00:51 - 2014-07-10 11:41 - 00000874 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3142402048-706546196-1541975245-1001Core.job
2014-11-04 20:24 - 2014-04-21 10:13 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3142402048-706546196-1541975245-1001
2014-11-04 16:01 - 2014-04-21 10:05 - 00000000 ____D () C:\Users\Jason\AppData\Local\Packages
2014-11-04 10:10 - 2014-06-16 20:21 - 00000000 ____D () C:\Users\Jason\AppData\Local\Adobe
2014-11-04 09:34 - 2014-07-10 11:24 - 00000920 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-04 05:44 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-11-03 16:56 - 2014-06-16 20:21 - 00000000 ____D () C:\ProgramData\Adobe
2014-11-03 16:56 - 2014-04-21 10:06 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Adobe
2014-11-03 15:18 - 2013-08-22 05:22 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2014-11-03 15:18 - 2013-08-22 05:22 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2014-11-03 15:18 - 2013-08-22 05:17 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2014-11-03 15:18 - 2013-08-22 05:17 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2014-11-03 15:18 - 2013-08-22 05:17 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2014-11-03 15:18 - 2013-08-21 22:05 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2014-11-03 15:18 - 2013-08-21 22:03 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2014-11-03 15:18 - 2013-08-21 21:59 - 00214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2014-11-03 15:18 - 2013-08-21 21:56 - 00377856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2014-11-03 15:18 - 2013-08-21 21:56 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2014-11-03 15:18 - 2013-08-21 21:51 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2014-11-03 15:18 - 2013-08-21 21:51 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2014-11-03 15:18 - 2013-08-21 21:51 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2014-11-03 15:18 - 2013-08-21 21:51 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2014-11-03 15:18 - 2012-07-26 01:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-11-03 14:02 - 2014-06-24 12:14 - 00000000 ____D () C:\Users\Jason\Desktop\Second Grade 2014
2014-10-31 11:40 - 2013-08-22 07:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-10-31 03:10 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-10-30 04:59 - 2014-04-25 20:50 - 00000000 ___DO () C:\Users\Jason\OneDrive
2014-10-29 18:09 - 2013-08-23 17:54 - 00000000 ____D () C:\Program Files\Common Files\mcafee
2014-10-29 18:09 - 2013-08-23 17:54 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-10-27 23:26 - 2013-08-23 17:49 - 00000000 ____D () C:\Program Files (x86)\Dell Backup and Recovery
2014-10-20 19:29 - 2014-04-21 12:59 - 00000000 ____D () C:\Users\Jason\Documents\Outlook Files
2014-10-20 19:22 - 2014-03-18 04:03 - 00865408 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-10-20 19:18 - 2014-08-20 19:35 - 00000000 ____D () C:\Users\Jason\AppData\Local\Windows Live
2014-10-20 19:18 - 2013-08-22 08:46 - 00299927 _____ () C:\WINDOWS\setupact.log
2014-10-20 19:16 - 2014-07-06 12:28 - 00000173 ___SH () C:\ProgramData\.zreglib
2014-10-20 19:15 - 2013-08-22 08:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-10-20 19:15 - 2013-08-22 07:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2014-10-19 06:45 - 2014-03-18 03:54 - 00024256 _____ () C:\WINDOWS\PFRO.log
2014-10-19 06:40 - 2013-08-22 08:44 - 00481880 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-10-19 06:37 - 2013-08-22 09:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-10-19 06:37 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-10-19 06:37 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-10-19 06:37 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-10-19 06:37 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-10-19 02:29 - 2014-04-21 10:19 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-10-18 23:46 - 2014-07-10 11:41 - 00003872 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3142402048-706546196-1541975245-1001UA
2014-10-18 23:46 - 2014-07-10 11:41 - 00003492 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3142402048-706546196-1541975245-1001Core
2014-10-18 08:29 - 2014-07-10 11:24 - 00003896 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-18 08:29 - 2014-07-10 11:24 - 00003660 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-18 07:57 - 2014-04-21 11:39 - 01003520 _____ () C:\Users\Jason\Desktop\CONTACTS.MDB
2014-10-14 19:20 - 2014-04-22 02:17 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-10-14 19:16 - 2014-04-22 02:17 - 103265616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-10-14 11:21 - 2013-08-22 09:43 - 00000000 ____D () C:\WINDOWS\DigitalLocker
2014-10-07 13:34 - 2014-09-11 08:39 - 00000000 ____D () C:\Users\Jason\Desktop\Current Job Hunt
2014-10-07 07:08 - 2014-03-18 03:45 - 00000000 ____D () C:\Program Files\Windows Journal
2014-10-07 07:08 - 2013-08-22 09:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-10-07 07:08 - 2013-08-22 09:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-10-07 07:08 - 2013-08-22 09:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-10-07 07:08 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\setup
2014-10-07 07:08 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\InputMethod
2014-10-07 07:08 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\system32\setup
2014-10-07 07:08 - 2013-08-22 07:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-10-06 16:19 - 2014-09-09 07:43 - 00000000 ____D () C:\Users\Jason\Desktop\new patient forms

Some content of TEMP:
====================
C:\Users\Jason\AppData\Local\Temp\temp0NikeConnectconnect6pcupdate.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-11-03 04:22

==================== End Of Log ============================



#8 schrauber

schrauber

    Mr.Mechanic


  • Malware Response Team
  • 24,794 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Munich,Germany
  • Local time:01:59 PM

Posted 06 November 2014 - 12:12 AM

Looks good :)


Please download DelFix by Xplode to your Desktop.

Double-click delfix.exe on your Desktop to launch the program.

Make sure the following options have a check mark next to them:
  • Remove disinfection tools
  • Create registry backup
  • Purge system restore
Click Run.

A text file named delfix.txt should appear. Copy and paste this log into your final reply.




Your machine appears to be clean, please take the time to read below on how to secure the machine and take the necessary steps to keep it Clean :)

Hiding Hidden Files
Please set your system to hide all hidden files.
Click Start, open My Computer, select the Tools menu and click Folder Options.
Select the View Tab. Under the Hidden files and folders heading, uncheck Show hidden files and folders.
Check: Hide file extensions for known file types
Check the Hide protected operating system files (recommended) option.
Click Yes to confirm.

Purging System Restore Points
Now you should Set a New Restore Point to prevent possible reinfection from an old one. Some of the malware you picked up could have been saved in System Restore. Since System Restore is a protected directory, your tools can not access it to delete these bad files which sometimes can reinfect your system. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state.

The easiest and safest way to do this is:
  • Go to Start > Programs > Accessories > System Tools and click "System Restore".
  • Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
  • Then go to Start > Run and type: Cleanmgr
  • Click "OK".
  • Click the "More Options" Tab.
  • Click "Clean Up" in the System Restore section to remove all previous restore points except the newly created one.
  • One of the most common questions found when cleaning Spyware or other Malware is "how did my machine get infected?". There are a variety of reasons, but the most common ones are that you are going to sites that you are not practicing Safe Internet, you are not running the proper security software, and that your computer's security settings are set too low.

    Below I have outlined a series of categories that outline how you can increase the security of your computer so that you will not be infected again in the future.


    Practice Safe Internet

    One of the main reasons people get infected in the first place is that they are not practicing Safe Internet. You practice Safe Internet when you educate yourself on how to properly use the Internet through the use of security tools and good practice. Knowing how you can get infected and what types of files and sites to avoid will be the most crucial step in keeping your computer malware free. The reality is that the majority of people who are infected with malware are ones who click on things they shouldn't be clicking on. Whether these things are files or sites it doesn't really matter. If something is out to get you, and you click on it, it most likely will. Below are a list of simple precautions to take to keep your computer clean and running securely:
    • If you receive an attachment from someone you do not know, DO NOT OPEN IT! Simple as that. Opening attachments from people you do not know is a very common method for viruses or worms to infect your computer.
    • If you receive an attachment and it ends with a .exe, .com, .bat, or .pif do not open the attachment unless you know for a fact that it is clean. For the casual computer user, you will almost never receive a valid attachment of this type.
    • If you receive an attachment from someone you know, and it looks suspicious, then it probably is. The email could be from someone you know infected with a malware that is trying to infect everyone in their address book.
    • If you are browsing the Internet and a popup appears saying that you are infected, ignore it!. These are, as far as I am concerned, scams that are being used to scare you into purchasing a piece of software.

      There are also programs that disguise themselves as Anti-Spyware or security products but are instead scams. For a list of these types of programs we recommend you visit this link: Rogue/Suspect Anti-Spyware Products & Web Sites
    • Another tactic to fool you on the web is when a site displays a popup that looks like a normal Windows message or alert. When you click on them, though, they instead bring you to another site that is trying to push a product on you. We suggest that you close these windows by clicking on the X instead of the OK button. Alternatively, you can check to see if it's a real alert by right-clicking on the window. If there is a menu that comes up saying Add to Favorites... you know it's a fake.
    • Do not go to adult sites. I know this may bother some of you, but the fact is that a large amount of malware is pushed through these types of sites. I am not saying all adult sites do this, but a lot do.
    • When using an Instant Messaging program be cautious about clicking on links people send to you. It is not uncommon for infections to send a message to everyone in the infected person's contact list that contains a link to an infection. Instead when you receive a message that contains a link, message back to the person asking if it is legit before you click on it.
    • Stay away from Warez and Crack sites! In addition to the obvious copyright issues, the downloads from these sites are typically overrun with infections.
    • Be careful of what you download off of web sites and Peer-2-Peer networks. Some sites disguise malware as legitimate software to trick you into installing them and Peer-2-Peer networks are crawling with it. If you want to download a piece of software a from a site, and are not sure if they are legitimate, you can use McAfee Siteadvisor to look up info on the site.
    • DO NOT INSTALL any software without first reading the End User License Agreement, otherwise known as the EULA. A tactic that some developers use is to offer their software for free, but have spyware and other programs you do not want bundled with it. This is where they make their money. By reading the agreement there is a good chance you can spot this and not install the software.
    Visit Microsoft's Windows Update Site Frequently

    It is important that you visit http://www.windowsupdate.com regularly. This will ensure your computer has always the latest security updates available installed on your computer. If there are new updates to install, install them immediately, reboot your computer, and revisit the site until there are no more critical updates.




regards,
schrauber

Posted Image
Posted Image

If I've not posted back within 48 hrs., feel free to send a PM with your topic link. Thank you!

If I have helped you then please consider donating to continue the fight against malware Posted Image

#9 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:59 PM

Posted 10 November 2014 - 07:26 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.
Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users