Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Win 7 REG CORRUPTED, PCI, ACPI harboring malware


  • This topic is locked This topic is locked
19 replies to this topic

#1 jcmmarketing

jcmmarketing

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:37 PM

Posted 24 March 2016 - 08:14 PM

Thank you in advance for your time. System was exposed to malware from another pc on our home network. Win update started failing at start,  progressing to Event log warned that dynamic link libraries were being created for every application.Non-Plug  and Play Legacy Devices/Unknown Device are being run by ACPI. Enumerator:  HTREE/ROOT ??. 

 

These are the two registry keys - access denied, unable to show owner credentials.

 
{83da6326-97a6-4088-9453-a1923f573b29}
 
{a8b865dd-2e3d-4094-ad97-e593a70c75d6}
(attached files are registry searches with these keys)

 

Avast, Kaspersky, Norton, Mcaffe all negatve for malware. -  Ran Malwarebytes. Tweeker, GMER seems corrupted despite dl with random name.

 

WIN XPS  Laptop - details to follow

 

FRST 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
Ran by Administrator (administrator) on JASONMCCOMB-PC (24-03-2016 06:03:03)
Running from C:\Users\Administrator\Downloads
Loaded Profiles: QBDataServiceUser25 & Administrator (Available Profiles: Jason Mccomb & QBDataServiceUser25 & Regina Pinpin & Administrator)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe
(PC Tools) C:\Program Files (x86)\Symantec\Norton Utilities 16\sMonitor\StartManSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Support.com, Inc.) C:\Program Files (x86)\Office Depot Tech Support\esService.exe
(Intuit) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
(Microsoft Corporation) C:\Windows\System32\TCPSVCS.EXE
(Microsoft Corporation) C:\Windows\System32\snmp.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpService.exe
() C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Dell Inc.) C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
() F:\gcp-quickbooks\QBDBMgrN.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Support.com, Inc.) C:\Program Files (x86)\Office Depot Tech Support\escont.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Program Files\GoPro\GoPro Desktop App\GoProDesktopSystemTray.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Utilities 16\sMonitor\SSDMonitor.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Joyent, Inc) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Windows\regedit.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
() C:\Users\Administrator\Downloads\rvz4n2zu.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2013-11-21] (Intel Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-01-07] (Adobe Systems Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2787264 2016-01-11] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [115048 2011-09-16] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [SSDMonitor] => C:\Program Files (x86)\Symantec\Norton Utilities 16\sMonitor\SSDMonitor.exe [106072 2015-03-17] (Symantec Corporation)
HKLM-x32\...\Run: [Intuit SyncManager] => C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe [3776824 2015-03-17] (Intuit Inc. All rights reserved.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2312896 2016-02-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1075296 2013-04-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [25577864 2016-03-11] (Dropbox, Inc.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1867448 2015-12-18] (Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595480 2016-03-20] (Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7139768 2016-03-24] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-18\...\Run: [KSS] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe [919296 2015-06-03] (Kaspersky Lab ZAO)
HKU\S-1-5-18\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHVA.EXE [241280 2016-01-21] (SEIKO EPSON CORPORATION)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [175368 2016-02-09] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [153208 2016-02-09] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-01-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-01-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-01-22] ()
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-03-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-03-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-03-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-03-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-03-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-03-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-03-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-03-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-03-24] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-03-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-03-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-03-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-03-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-03-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-03-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-03-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-03-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
Startup: C:\Users\Jason Mccomb\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2016-03-11]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL No File 
Winsock: Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL No File 
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL No File 
Winsock: Catalog5-x64 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL No File 
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{010A5424-032D-463D-9D07-CFD719DF09F9}: [DhcpNameServer] 198.6.1.1 204.117.214.10
Tcpip\..\Interfaces\{8E131C71-CBD0-4724-948B-CEF6286B68F4}: [DhcpNameServer] 198.6.1.1 204.117.214.10
Tcpip\..\Interfaces\{A5B4F6B0-E5E5-4791-9AAD-3BFCA8221E95}: [DhcpNameServer] 75.75.75.75 75.75.76.76
 
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2298228554-2302162825-2368335802-500\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKU\S-1-5-21-2298228554-2302162825-2368335802-500 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKU\S-1-5-21-2298228554-2302162825-2368335802-500 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-02-04] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-03-24] (AVAST Software)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-01-08] (Google Inc.)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2016-02-04] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-02-04] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll [2016-03-23] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-03-24] (AVAST Software)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-01-08] (Google Inc.)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2016-02-04] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-03-23] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-01-08] (Google Inc.)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-01-08] (Google Inc.)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated)
Handler: intu-help-qb8 - {CD17C364-2EC8-4929-91A9-C4839A20E909} - F:\gcp-quickbooks\HelpAsyncPluggableProtocol.dll No File
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-02-04] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-02-04] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-02-04] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-02-04] (Microsoft Corporation)
Handler-x32: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\Windows\SysWOW64\mscoree.dll [2010-11-20] (Microsoft Corporation)
 
FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-02-12] (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll [2013-12-02] (Adobe Systems)
FF Plugin-x32: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-03-23] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-03-23] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-02-04] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-02-08] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-02-08] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-02-12] (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [2013-12-02] (Adobe Systems)
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-03-24]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat DC - Create PDF - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2016-02-25]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-01-24]
CHR Extension: (Google Docs) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-24]
CHR Extension: (Google Drive) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-24]
CHR Extension: (YouTube) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-24]
CHR Extension: (Google Search) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-24]
CHR Extension: (Adobe Acrobat) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2016-01-24]
CHR Extension: (Google Sheets) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-01-24]
CHR Extension: (SiteAdvisor) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2016-01-24]
CHR Extension: (Google Docs Offline) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-23]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-01-24]
CHR Extension: (Gmail) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-24]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-03-24]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 0081691458817925mcinstcleanup; C:\Users\Administrator\AppData\Local\Temp\0081691458817925mcinst.exe [918056 2015-11-27] (McAfee, Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [693440 2016-01-28] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2020056 2016-02-09] (Adobe Systems, Incorporated)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [237096 2016-03-24] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2804976 2016-02-04] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-01-13] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-01-13] (Dropbox, Inc.)
S2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2573520 2015-05-22] (Dell Inc.)
R2 DellDigitalDelivery; C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [162816 2011-10-26] (Dell Products, LP.) [File not signed]
R2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [237272 2015-08-27] (Dell Inc.)
S3 DiskDoctorService; C:\Program Files (x86)\Symantec\Norton Utilities 16\Tools\Disk Doctor\DiskDoctorSrv.exe [1150552 2015-03-17] (Symantec Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163200 2016-01-11] (NVIDIA Corporation)
R2 GoProDeviceDetectionService; C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe [37808 2016-02-26] ()
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-21] (Intel Corporation)
R2 iprip; C:\Windows\System32\iprip.dll [35328 2009-07-13] (Microsoft Corporation)
R2 kss; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe [919296 2015-06-03] (Kaspersky Lab ZAO)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 NU16StartManagerSvc; C:\Program Files (x86)\Symantec\Norton Utilities 16\sMonitor\StartManSvc.exe [795736 2015-03-17] (PC Tools)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-01-11] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [6308288 2016-01-11] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [4812736 2016-01-11] (NVIDIA Corporation)
R2 Office Depot Tech Support; C:\Program Files (x86)\Office Depot Tech Support\esService.exe [1005016 2016-01-20] (Support.com, Inc.)
R2 QBCFMonitorService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe [45056 2015-03-17] (Intuit) [File not signed]
S3 QBFCService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe [65536 2014-08-18] (Intuit Inc.) [File not signed]
R2 QBVSS; C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe [1248256 2014-08-18] (Intuit Inc.) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [294616 2015-10-14] (Realtek Semiconductor)
R2 SNMP; C:\Windows\System32\snmp.exe [49664 2010-11-20] (Microsoft Corporation)
R2 SNMP; C:\Windows\SysWOW64\snmp.exe [47616 2010-11-20] (Microsoft Corporation)
S3 SpeedDiskService; C:\Program Files (x86)\Symantec\Norton Utilities 16\Tools\SpeedDisk\SpeedDiskSrv.exe [1163864 2015-03-17] (Symantec Corporation)
R2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [31928 2016-03-14] (Dell Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
S3 AppMgmt; %SystemRoot%\System32\appmgmts.dll [X]
S2 CscService; %SystemRoot%\System32\cscsvc.dll [X]
S4 mfefire; "C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe" [X]
S2 mfemms; "C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe" [X]
S2 mfevtp; "C:\Windows\system32\mfevtps.exe" [X]
S3 PeerDistSvc; %SystemRoot%\system32\peerdistsvc.dll [X]
R3 QuickBooksDB25; F:\gcp-quickbooks\QBDBMgrN.exe -hvQuickBooksDB25 [X]
S3 StorSvc; %SystemRoot%\system32\storsvc.dll [X]
S3 UmRdpService; %SystemRoot%\System32\umrdp.dll [X]
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-03-24] (AVAST Software)
S1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-03-24] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-03-24] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-03-24] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-03-24] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-03-24] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [463744 2016-03-24] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [165344 2016-03-24] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [287016 2016-03-24] (AVAST Software)
S3 DDDriver; C:\Windows\System32\drivers\DDDriver64Dcsa.sys [23760 2015-05-22] (Dell Computer Corporation)
S3 DellProf; C:\Windows\System32\drivers\DellProf.sys [24240 2015-05-22] (Dell Computer Corporation)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-10-14] (REALiX™)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-11-21] (Intel Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-03-24] (Malwarebytes)
U3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [307768 2016-02-09] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-01-11] (NVIDIA Corporation)
S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [47760 2015-12-17] (NVIDIA Corporation)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19032 2012-08-20] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12384 2012-08-20] ()
S3 RtlWlanu; C:\Windows\System32\DRIVERS\rtwlanu_vt64.sys [2923224 2014-01-09] (Realtek Semiconductor Corporation                           )
S3 ssmirrdr; C:\Windows\System32\DRIVERS\ssmirrdr.sys [10112 2015-06-29] (support.com, Inc)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16056 2016-01-23] (SlimWare Utilities, Inc.)
S0 cfwids; system32\drivers\cfwids.sys [X]
S3 cpuz134; \??\C:\Users\JASONM~1\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
R0 mfeaack; system32\drivers\mfeaack.sys [X]
R0 mfeavfk; system32\drivers\mfeavfk.sys [X]
S0 mfefirek; system32\drivers\mfefirek.sys [X]
R0 mfehidk; system32\drivers\mfehidk.sys [X]
U4 mfesapsn; \??\C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [X]
R0 mfewfpk; system32\drivers\mfewfpk.sys [X]
U3 awloipoc; \??\C:\Users\Administrator\AppData\Local\Temp\awloipoc.sys [X]
 
========================== Drivers MD5 =======================
 
C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\drivers\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys 9A4A1EEE802BF2F878EE8EAB407B21B7
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdk8.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
C:\Windows\system32\drivers\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
C:\Windows\system32\drivers\appid.sys 27DABFB4A6B0140C34DBEC713469592B
C:\Windows\system32\drivers\arc.sys ==> MD5 is legit
C:\Windows\system32\drivers\arcsas.sys ==> MD5 is legit
C:\Windows\system32\drivers\aswHwid.sys 7E66DFE6B62C6C34FD6B09DB6169E9F6
C:\Windows\system32\drivers\aswKbd.sys AECE9E699CAC76DC993BB988652B5AD8
C:\Windows\system32\drivers\aswMonFlt.sys 1459AAD5C6A66A458C2D57EE6E080FA5
C:\Windows\system32\drivers\aswRdr2.sys 0866D5FE02D614501B7B4AD5E1BC7B53
C:\Windows\System32\Drivers\aswRvrt.sys 0AA12ADF5F87B4A70BDBAED77F54B978
C:\Windows\system32\drivers\aswSnx.sys 719B704109B933D819093CDDB156A7F1
C:\Windows\system32\drivers\aswSP.sys 43F46E7D103F46EC345B1056BDD2A60B
C:\Windows\system32\drivers\aswStm.sys 219D0E2348629FAE4E6E3478C21B23D6
C:\Windows\System32\Drivers\aswVmm.sys 9949BBD5BB70C4D317B7549896132579
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\system32\drivers\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\drivers\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\drivers\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys 404B7DF9CA4D1CB675045AF220FF3285
C:\Windows\System32\DRIVERS\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys EC0511BB85BAA42A9734011685A6732C
C:\Windows\System32\DRIVERS\compbatt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\DDDriver64Dcsa.sys B56714DED87E29377F1EE930691DADA2
C:\Windows\System32\drivers\DellProf.sys DC3BD578642252FD9569B9CD75CEF81E
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\drivers\disk.sys ==> MD5 is legit
C:\Windows\system32\drivers\drmkaud.sys 26FE888505E5A945B0536AF9A2A27A6F
C:\Windows\System32\drivers\dxgkrnl.sys 87CE5C8965E101CCCED1F4675557E868
C:\Windows\system32\drivers\evbda.sys ==> MD5 is legit
C:\Windows\system32\drivers\elxstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\drivers\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\drivers\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0
C:\Windows\system32\drivers\gagp30kx.sys ==> MD5 is legit
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\System32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
C:\Windows\System32\DRIVERS\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidbth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys F61634BEC53F73702A10DE69F6DCAF57
C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS E5805896A55D4166C20F216249F40FA3
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\i8042prt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\iaStorA.sys 25555186E4FBDF0E30A5DBFC9B9A73F9
C:\Windows\System32\DRIVERS\iaStorF.sys 10E79E366FA255318F5D1D0ED07F947D
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\Windows\System32\DRIVERS\igdkmd64.sys 79AE3CC82CA1563A4B392207997ACE7C
C:\Windows\system32\drivers\iirsp.sys ==> MD5 is legit
C:\Windows\System32\drivers\RTKVHD64.sys 09BA0096C574C5600B6A7A8D7049A7E4
C:\Windows\System32\DRIVERS\IntcDAud.sys F5495B38BFB9149925F54F65AB40EFBF
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys 96BB922A0981BC7432C8CF52B5410FE6
C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys 211A379BAAB812A7B437319BD85B2435
C:\Windows\System32\Drivers\ksecpkg.sys CC1B3B52F33CBC1CE60867DA4E23537C
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mbam.sys 78BFF5425E044086E74E78650A359FBB
C:\Windows\system32\drivers\MBAMSwissArmy.sys 78488AF2AB2111D67B3C4044707A519B
C:\Windows\system32\drivers\mwac.sys 452ACB7A9914398D9E18CCCFFCF92208
C:\Windows\system32\drivers\megasas.sys ==> MD5 is legit
C:\Windows\system32\drivers\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\HECIx64.sys A6518DCC42F7A6E999BB3BEA8FD87567
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys 67050452C0118BAF2883928E6FCCFE47
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys D7ADC2B83CA0B0381F75A98351F72CEE
C:\Windows\System32\DRIVERS\mrxsmb.sys 07F8F6B0CAEC7ADD30EBD94940A315D7
C:\Windows\System32\DRIVERS\mrxsmb10.sys 8856E45D23BFF4D977BF06D0543BCD96
C:\Windows\System32\DRIVERS\mrxsmb20.sys 8D383CED28332B5F3894658857472F47
C:\Windows\System32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\drivers\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys F7309F42555F8AAB7144A51A1F2585B0
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\NETwsw00.sys D37577809DF3AF6A6269E6381E755722
C:\Windows\system32\drivers\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys 47B2D0B31BDC3EBE6090228E2BA3764D
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nusb3hub.sys D584ABB6A308933A5F72B46C9E5A783F
C:\Windows\System32\DRIVERS\nusb3xhc.sys 345B9C04E2036DA4346E3249A5BDFD06
C:\Windows\System32\drivers\nvhda64v.sys D812362E8AF615B521AD4DF19A93BD5A
C:\Windows\System32\DRIVERS\nvkflt.sys 5F2D335BAEF08C49084893316E02AAF5
C:\Windows\System32\DRIVERS\nvlddmkm.sys 40E48E5A23200529913399C88674FE4D
C:\Windows\System32\DRIVERS\nvpciflt.sys 3497F1FA734B3DBFFE84D7467402EBC6
C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys 59A8DE923619F3DC0C6C63DC33FB231E
C:\Windows\System32\drivers\nvvad64v.sys 64E8275CEAD43D3CA8E3A311B2F4B64A
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\drivers\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\system32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\drivers\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ED6E75158D28D33A2E2A020AC5B2B59D
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\drivers\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\pwdrvio.sys DEFD557D9B8C0FA3CEA6CC576400114E
C:\Windows\system32\pwdspio.sys A2EE3B70A9E05F651B888078726C2787
C:\Windows\System32\DRIVERS\qicflt.sys 0928BD20273625622722FE1DE5BBDE57
C:\Windows\system32\drivers\ql2300.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\system32\drivers\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpvideominiport.sys 313F68E1A3E6345A4F47A36B07062F34
C:\Windows\System32\Drivers\RDPWD.sys FE571E088C2D83619D2D48D4E961BF41
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Rt64win7.sys 66E06E5B77F2323B1F11EB4C70B78328
C:\Windows\System32\DRIVERS\rtwlanu_vt64.sys A2E6DA842441FD225CD847364843A46E
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\serenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\serial.sys ==> MD5 is legit
C:\Windows\system32\drivers\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\drivers\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\drivers\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\drivers\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
C:\Windows\System32\DRIVERS\ssmirrdr.sys 1100066057FBF612B573EFD3B21383F1
C:\Windows\system32\drivers\stexstor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\SWDUMon.sys 98E8C921F7F17F113AAA128EC7310213
C:\Windows\System32\DRIVERS\swenum.sys ==> MD5 is legit
C:\Windows\System32\drivers\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
C:\Windows\System32\DRIVERS\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys AA77EB517D2F07A947294F260E3ACA83
C:\Windows\System32\DRIVERS\termdd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tssecsrv.sys 19BEDA57F3E0A06B8D5EB6D619BD5624
C:\Windows\System32\drivers\tsusbflt.sys E9981ECE8D894CEF7038FD1D040EB426
C:\Windows\system32\drivers\TsUsbGD.sys AD64450A4ABE076F5CB34CC08EEACB07
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\drivers\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umpass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbccgp.sys DCA68B0943D6FA415F0C56C92158A83A
C:\Windows\system32\drivers\usbcir.sys 80B0F7D5CCF86CEB5D402EAAF61FEC31
C:\Windows\System32\DRIVERS\usbehci.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbhub.sys 8D1196CFBB223621F2C67D45710F25BA
C:\Windows\system32\drivers\usbohci.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbscan.sys 9661DA76B4531B2DA272ECCE25A8AF24
C:\Windows\system32\drivers\USBSTOR.SYS D029DD09E22EB24318A8FC3D8138BA43
C:\Windows\system32\drivers\usbuhci.sys ==> MD5 is legit
C:\Windows\System32\Drivers\usbvideo.sys 1F775DA4CF1A3A1834207E975A72E9D7
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\system32\drivers\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys ==> MD5 is legit
C:\Windows\system32\drivers\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\drivers\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWOW64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WinUsb.sys FE88B288356E7B47B74B13372ADD906D
C:\Windows\System32\DRIVERS\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-03-24 06:00 - 2016-03-24 06:01 - 00050048 _____ C:\Users\Administrator\Downloads\Addition.txt
2016-03-24 05:58 - 2016-03-24 06:03 - 00050554 _____ C:\Users\Administrator\Downloads\FRST.txt
2016-03-24 05:58 - 2016-03-24 06:03 - 00000000 ____D C:\FRST
2016-03-24 05:58 - 2016-03-24 05:58 - 02374144 _____ (Farbar) C:\Users\Administrator\Downloads\FRST64.exe
2016-03-24 05:14 - 2016-03-24 05:14 - 00064714 _____ C:\Users\Administrator\Downloads\Extras.Txt
2016-03-24 05:13 - 2016-03-24 05:13 - 00188552 _____ C:\Users\Administrator\Downloads\OTL.Txt
2016-03-24 05:05 - 2016-03-24 05:05 - 00000000 ____D C:\Windows\pss
2016-03-24 05:03 - 2016-03-24 05:03 - 00602112 _____ (OldTimer Tools) C:\Users\Administrator\Downloads\OTL.exe
2016-03-24 04:42 - 2016-03-24 04:42 - 00000017 _____ C:\Users\Administrator\AppData\Local\resmon.resmoncfg
2016-03-24 04:14 - 2016-03-24 04:14 - 00380928 _____ C:\Users\Administrator\Downloads\rvz4n2zu.exe
2016-03-24 04:00 - 2016-03-24 04:00 - 00003060 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1458817223
2016-03-24 04:00 - 2016-03-24 04:00 - 00001043 _____ C:\Users\Public\Desktop\Avast SafeZone Browser.lnk
2016-03-24 04:00 - 2016-03-24 04:00 - 00001043 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-03-24 03:59 - 2016-03-24 03:58 - 00037144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2016-03-24 03:59 - 2016-03-24 03:54 - 01070904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFE58.tmp
2016-03-24 03:59 - 2016-03-24 03:54 - 00463744 _____ (AVAST Software) C:\Windows\system32\Drivers\aswE35.tmp
2016-03-24 03:59 - 2016-03-24 03:54 - 00287016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFDB.tmp
2016-03-24 03:59 - 2016-03-24 03:54 - 00107792 _____ (AVAST Software) C:\Windows\system32\Drivers\asw76F.tmp
2016-03-24 03:59 - 2016-03-24 03:53 - 00398152 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-03-24 03:59 - 2016-03-24 03:53 - 00165344 _____ (AVAST Software) C:\Windows\system32\Drivers\asw120D.tmp
2016-03-24 03:59 - 2016-03-24 03:53 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\asw2DB.tmp
2016-03-24 03:59 - 2016-03-24 03:53 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswC50.tmp
2016-03-24 03:59 - 2016-03-24 03:53 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\asw491.tmp
2016-03-24 03:55 - 2016-03-24 03:55 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\AVAST Software
2016-03-24 03:54 - 2016-03-24 03:59 - 00003924 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-03-24 03:54 - 2016-03-24 03:54 - 00463744 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2016-03-24 03:54 - 2016-03-24 03:54 - 00287016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys.1458816866983
2016-03-24 03:54 - 2016-03-24 03:54 - 00287016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2016-03-24 03:54 - 2016-03-24 03:54 - 00001928 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2016-03-24 03:54 - 2016-03-24 03:54 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2016-03-24 03:54 - 2016-03-24 03:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2016-03-24 03:54 - 2016-03-24 03:53 - 00463744 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1458816870275
2016-03-24 03:54 - 2016-03-24 03:53 - 00286440 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys.1458816863206
2016-03-24 03:54 - 2016-03-24 03:53 - 00165344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2016-03-24 03:53 - 2016-03-24 03:54 - 01070904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2016-03-24 03:53 - 2016-03-24 03:54 - 00107792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-03-24 03:53 - 2016-03-24 03:53 - 01065720 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.1458816873003
2016-03-24 03:53 - 2016-03-24 03:53 - 00107792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys.1458816873003
2016-03-24 03:53 - 2016-03-24 03:53 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2016-03-24 03:53 - 2016-03-24 03:53 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-03-24 03:53 - 2016-03-24 03:53 - 00052184 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-03-24 03:53 - 2016-03-24 03:53 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-03-24 03:52 - 2016-03-24 03:58 - 00000000 ____D C:\Program Files\AVAST Software
2016-03-24 03:51 - 2016-03-24 03:59 - 00000000 ____D C:\ProgramData\AVAST Software
2016-03-24 03:51 - 2016-03-24 03:51 - 05066104 _____ (AVAST Software) C:\Users\Administrator\Downloads\avast_free_antivirus_setup_online_cnet2.exe
2016-03-23 22:05 - 2016-03-23 22:05 - 01106716 _____ C:\Users\Administrator\Documents\Windows Security 2011 virus. registy files deleted _ Free Malware Removal Forum.html
2016-03-23 22:05 - 2016-03-23 22:05 - 00000000 ____D C:\Users\Administrator\Documents\Windows Security 2011 virus. registy files deleted _ Free Malware Removal Forum_files
2016-03-23 21:48 - 2016-03-23 21:48 - 00380928 _____ C:\Users\Administrator\Downloads\mnndvxr7.exe
2016-03-23 21:27 - 2016-03-24 01:32 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-03-23 21:26 - 2016-03-23 21:26 - 22851472 _____ (Malwarebytes ) C:\Users\Administrator\Downloads\mbam-setup-2.2.1.1043.exe
2016-03-23 21:26 - 2016-03-23 21:26 - 00001118 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-03-23 21:26 - 2016-03-23 21:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-03-23 21:26 - 2016-03-23 21:26 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-03-23 21:26 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-03-23 21:26 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-03-23 21:26 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-03-23 20:33 - 2016-03-23 20:33 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Apple Computer
2016-03-23 16:41 - 2016-03-23 16:41 - 00000207 _____ C:\Windows\tweaking.com-regbackup-JASONMCCOMB-PC-Windows-7-Home-Premium-(64-bit).dat
2016-03-23 16:41 - 2016-03-23 16:41 - 00000000 ____D C:\RegBackup
2016-03-23 16:28 - 2016-03-23 16:28 - 00046160 _____ C:\Users\Jason Mccomb\Documents\Tweaking.com - Windows Repair - Found Reparse Points.txt
2016-03-23 16:08 - 2016-03-23 17:50 - 00000855 _____ C:\Windows\system32\Drivers\etc\hosts_bak_987
2016-03-23 16:08 - 2016-03-23 16:08 - 00000000 _____ C:\Windows\system32\Drivers\etc\hosts_bak_926
2016-03-23 16:07 - 2016-03-23 16:07 - 00183504 _____ C:\Windows\Tweaking.com - Windows Repair Setup Log.txt
2016-03-23 16:07 - 2016-03-23 16:07 - 00003680 _____ C:\Windows\System32\Tasks\Tweaking.com - Windows Repair Tray Icon
2016-03-23 16:07 - 2016-03-23 16:07 - 00002187 _____ C:\Users\Jason Mccomb\Desktop\Tweaking.com - Windows Repair.lnk
2016-03-23 16:07 - 2016-03-23 16:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2016-03-23 16:07 - 2016-03-23 16:07 - 00000000 ____D C:\Program Files (x86)\Tweaking.com
2016-03-23 16:06 - 2016-03-23 16:07 - 20151816 _____ (Tweaking.com) C:\Users\Jason Mccomb\Downloads\tweaking.com_windows_repair_aio_setup.exe
2016-03-23 16:06 - 2016-03-23 16:07 - 00000000 ____D C:\$WINDOWS.~BT
2016-03-23 15:59 - 2016-03-23 15:59 - 00810233 _____ C:\Users\Jason Mccomb\Downloads\kmdf-1.11-Win-6.1-x64.msu
2016-03-23 15:56 - 2016-03-23 15:56 - 00000000 ____D C:\Program Files (x86)\Windows Resource Kits
2016-03-23 13:53 - 2016-03-23 13:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\smartmontools
2016-03-23 13:53 - 2016-03-23 13:53 - 00000000 ____D C:\Program Files (x86)\smartmontools
2016-03-23 12:36 - 2016-03-23 12:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-03-19 00:11 - 2016-03-19 00:11 - 00000017 _____ C:\Users\Jason Mccomb\AppData\Local\resmon.resmoncfg
2016-03-18 23:12 - 2016-03-18 23:12 - 00000000 ____D C:\temp
2016-03-18 18:59 - 2016-03-19 02:44 - 00000000 ____D C:\Users\Jason Mccomb\Desktop\rkill
2016-03-18 15:29 - 2016-03-18 15:30 - 283928140 _____ C:\Users\Jason Mccomb\Downloads\resource_resources (1).zip
2016-03-18 07:34 - 2016-03-18 07:35 - 00449551 _____ C:\Users\Jason Mccomb\Documents\bkg-hodentalBL.mp4
2016-03-18 07:30 - 2016-03-18 07:30 - 00674583 _____ C:\Users\Jason Mccomb\Downloads\jcm.presents (3).svg
2016-03-18 07:24 - 2016-03-18 07:24 - 00956086 _____ C:\Users\Jason Mccomb\Downloads\jcm.presents (2).svg
2016-03-18 07:20 - 2016-03-18 07:20 - 00674591 _____ C:\Users\Jason Mccomb\Downloads\jcm.presents (1).svg
2016-03-18 07:05 - 2016-03-18 07:05 - 00021465 _____ C:\Users\Jason Mccomb\Downloads\jcm.presents.pptx
2016-03-18 07:05 - 2016-03-18 07:05 - 00001573 _____ C:\Users\Jason Mccomb\Downloads\jcm.presents.svg
2016-03-18 07:02 - 2016-03-18 07:02 - 00000000 ____D C:\Users\Public\Documents\Adobe
2016-03-18 07:02 - 2016-03-18 07:02 - 00000000 ____D C:\Users\Jason Mccomb\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2016-03-18 06:08 - 2016-03-18 06:08 - 00005583 _____ C:\Users\Jason Mccomb\Downloads\jcm-test-app.json
2016-03-18 06:06 - 2016-03-18 06:06 - 00020376 _____ C:\Users\Jason Mccomb\Downloads\features.txt
2016-03-18 06:03 - 2016-03-18 06:03 - 00153510 _____ C:\Users\Jason Mccomb\Downloads\national_M2013_dl.xlsx
2016-03-18 06:02 - 2016-03-18 06:02 - 00047783 _____ C:\Users\Jason Mccomb\Downloads\documents-export-2016-03-18.zip
2016-03-18 05:29 - 2016-03-18 05:29 - 00019511 _____ C:\Users\Jason Mccomb\Downloads\SecureStartup.xml
2016-03-18 03:24 - 2016-03-18 08:10 - 01581056 _____ C:\Users\Jason Mccomb\Documents\computer-issues.accdb
2016-03-17 21:41 - 2016-03-17 21:41 - 00464491 _____ C:\Users\Jason Mccomb\Downloads\RootRepeal.zip
2016-03-17 21:30 - 2016-03-18 23:37 - 00003132 _____ C:\Users\Jason Mccomb\Desktop\Rkill.txt
2016-03-17 21:11 - 2016-03-17 21:13 - 00000000 ____D C:\Users\Jason Mccomb\Documents\win-rezearch
2016-03-17 20:41 - 2016-03-17 20:41 - 00000000 ____D C:\Windows\SysWOW64\BestPractices
2016-03-17 20:41 - 2016-03-17 20:41 - 00000000 ____D C:\Windows\system32\BestPractices
2016-03-17 11:57 - 2016-03-17 11:57 - 01559195 _____ C:\Users\Jason Mccomb\Downloads\henryschein.com-domain_organic_organic-us.xls
2016-03-17 11:53 - 2016-03-17 11:53 - 00141762 _____ C:\Users\Jason Mccomb\Downloads\1458187200-SEMrush-PDF-report-a225c3ac69a5cf3f3ca726564494147f4f264ec91e2ab15fe2ab03dd23a06e63.pdf
2016-03-17 11:51 - 2016-03-17 11:51 - 00179935 _____ C:\Users\Jason Mccomb\Downloads\1458187200-SEMrush-PDF-report-daba5ae53a88be85434dcbc1441693a180431a819aceb3e8d2fde04a371a9d0c.pdf
2016-03-17 11:08 - 2016-03-17 11:08 - 00000311 _____ C:\Users\Jason Mccomb\Documents\pge.txt
2016-03-17 09:43 - 2016-03-17 09:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vulkan 1.0.3.0
2016-03-17 09:43 - 2016-03-17 09:43 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-03-17 07:07 - 2016-03-17 07:07 - 01137151 _____ C:\Users\Jason Mccomb\Downloads\smartpractice.com-domain_organic_organic-us.xls
2016-03-17 07:01 - 2016-03-17 07:01 - 00183049 _____ C:\Users\Jason Mccomb\Downloads\1458187200-SEMrush-PDF-report-887c5680b2ed14e9a9bae374fe43fce5e7f88be156e7ebd97b429880e6f8d8d9.pdf
2016-03-17 07:00 - 2016-03-17 07:01 - 00265895 _____ C:\Users\Jason Mccomb\Downloads\smartpractice.com-domain_adwords_adwords-us.xls
2016-03-17 06:59 - 2016-03-17 06:59 - 00012156 _____ C:\Users\Jason Mccomb\Downloads\safcodental.com-phrase_organic-us.xls
2016-03-17 06:58 - 2016-03-17 06:58 - 00009613 _____ C:\Users\Jason Mccomb\Downloads\safcodental.com-backlinks_refdomains.xlsx
2016-03-17 06:57 - 2016-03-17 06:57 - 00974180 _____ C:\Users\Jason Mccomb\Downloads\net32.com-domain_organic_organic-us.xls
2016-03-17 06:56 - 2016-03-17 06:56 - 04108360 _____ C:\Users\Jason Mccomb\Downloads\net32.com-domain_organic-us.xls
2016-03-17 06:49 - 2016-03-17 06:49 - 00003962 _____ C:\Users\Jason Mccomb\Downloads\practicon.com-domain_shopping-us.xls
2016-03-17 06:40 - 2016-03-17 06:40 - 00211049 _____ C:\Users\Jason Mccomb\Downloads\dental_instruments_keyword_2016-03-17_09_34_45_1106358_by_semrush_com.pdf
2016-03-17 06:40 - 2016-03-17 06:40 - 00208433 _____ C:\Users\Jason Mccomb\Downloads\dental_tools_keyword_2016-03-17_09_33_35_1106357_by_semrush_com.pdf
2016-03-17 00:52 - 2016-03-17 00:52 - 00000000 ____D C:\Users\Jason Mccomb\Desktop\1053
2016-03-14 21:54 - 2016-03-14 21:57 - 00009137 _____ C:\Users\Jason Mccomb\Desktop\jcmd.ircp
2016-03-14 17:19 - 2016-03-14 17:19 - 00001070 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe SpeedGrade CC 2015.lnk
2016-03-14 16:59 - 2016-03-14 17:00 - 00000000 ____D C:\Users\Jason Mccomb\Documents\anna-hoffman
2016-03-14 08:45 - 2016-03-14 08:45 - 00010455 _____ C:\Users\Jason Mccomb\Downloads\Analytics j+ All Web Site Data Interests- Overview 20160307-20160313.xlsx
2016-03-14 08:44 - 2016-03-14 08:45 - 00000832 _____ C:\Users\Jason Mccomb\Downloads\Analytics j+ All Web Site Data Interests- Overview 20160307-20160313.csv
2016-03-14 08:29 - 2016-03-14 08:29 - 00000781 _____ C:\Users\Jason Mccomb\Downloads\Analytics All Web Site Data Interests- Overview 20160307-20160313.csv
2016-03-13 22:52 - 2016-03-13 22:52 - 00000000 ____D C:\Users\Jason Mccomb\Downloads\MUSIC_BKG
2016-03-13 22:50 - 2016-03-13 22:52 - 145888502 _____ C:\Users\Jason Mccomb\Downloads\MUSIC_BKG.zip
2016-03-13 16:21 - 2016-03-13 16:21 - 00000000 ____D C:\Users\Jason Mccomb\Desktop\Adobe CS6
2016-03-13 16:15 - 2016-03-13 16:16 - 00000000 ____D C:\Users\Jason Mccomb\Downloads\PremiereProCS6ContentWin
2016-03-13 16:07 - 2016-03-13 16:11 - 769662026 _____ C:\Users\Jason Mccomb\Downloads\PremiereProCS6ContentWin (1).zip
2016-03-13 14:38 - 2016-03-13 14:41 - 769662026 _____ C:\Users\Jason Mccomb\Downloads\PremiereProCS6ContentWin.zip
2016-03-12 17:47 - 2012-05-31 22:39 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\wamregps.dll
2016-03-12 17:47 - 2012-05-31 22:36 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\iisRtl.dll
2016-03-12 17:47 - 2012-05-31 22:36 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\iisrstap.dll
2016-03-12 17:47 - 2012-05-31 22:35 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\ahadmin.dll
2016-03-12 17:47 - 2012-05-31 22:34 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\admwprox.dll
2016-03-12 17:47 - 2012-05-31 22:33 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\iisreset.exe
2016-03-12 17:47 - 2012-05-31 21:40 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wamregps.dll
2016-03-12 17:47 - 2012-05-31 21:37 - 00154624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisRtl.dll
2016-03-12 17:47 - 2012-05-31 21:37 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisrstap.dll
2016-03-12 17:47 - 2012-05-31 21:35 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\admwprox.dll
2016-03-12 17:47 - 2012-05-31 21:35 - 00026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ahadmin.dll
2016-03-12 17:47 - 2012-05-31 21:34 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisreset.exe
2016-03-12 03:25 - 2016-03-19 02:39 - 00000000 ____D C:\inetpub
2016-03-12 02:08 - 2016-03-12 02:08 - 00000763 _____ C:\Users\Jason Mccomb\Desktop\fix1.txt
2016-03-12 01:17 - 2016-03-12 01:22 - 00000302 _____ C:\Users\Jason Mccomb\Desktop\fix.cmd
2016-03-12 01:15 - 2016-03-12 01:16 - 00000617 _____ C:\Users\Jason Mccomb\Desktop\New Text Document.txt
2016-03-12 01:08 - 2016-03-12 20:44 - 00000000 ____D C:\Users\Jason Mccomb\AppData\Local\LogMeIn Rescue Applet
2016-03-12 01:08 - 2016-03-12 01:08 - 01593384 _____ (LogMeIn, Inc.) C:\Users\Jason Mccomb\Downloads\Support-LogMeInRescue.exe
2016-03-11 14:11 - 2016-03-11 14:11 - 01104674 _____ C:\Users\Jason Mccomb\Desktop\transactional-email-report.pdf
2016-03-11 12:01 - 2016-03-11 12:03 - 283928140 _____ C:\Users\Jason Mccomb\Downloads\resource_resources.zip
2016-03-11 09:01 - 2016-03-12 23:04 - 00000000 ____D C:\Users\Jason Mccomb\Desktop\hdc-NEW-IDEAS
2016-03-11 04:01 - 2016-03-11 04:02 - 09644956 _____ C:\Users\Jason Mccomb\Downloads\facebook-jcmmarketingbayarea-2016-03-11.zip
2016-03-11 03:25 - 2016-03-11 03:59 - 00000000 ____D C:\Users\Jason Mccomb\cinema--p
2016-03-10 23:48 - 2016-03-10 23:48 - 21290264 _____ C:\Users\Jason Mccomb\Downloads\ñam (1).avi
2016-03-10 22:51 - 2016-03-10 22:51 - 00438368 _____ C:\Users\Jason Mccomb\Downloads\vacu-mixer manual.pdf
2016-03-10 15:04 - 2016-03-10 15:04 - 00194697 _____ C:\Users\Jason Mccomb\Downloads\1457067600-SEMrush-PDF-report-1eb9afdc56a9354f6670a17d23d2393b2940fedb6a9e5c23d50f45a509685b90.pdf
2016-03-10 14:10 - 2016-03-10 14:10 - 21290264 _____ C:\Users\Jason Mccomb\Downloads\ñam.avi
2016-03-10 14:04 - 2016-03-10 14:04 - 00181890 _____ C:\Users\Jason Mccomb\Downloads\PayEzy Information Slick.pdf
2016-03-10 08:27 - 2016-03-12 20:29 - 00000000 ____D C:\Users\Jason Mccomb\Desktop\104D3100
2016-03-09 21:22 - 2016-02-12 11:52 - 03169792 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-03-09 21:22 - 2016-02-12 11:52 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-03-09 21:22 - 2016-02-12 11:52 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-03-09 21:22 - 2016-02-12 11:44 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2016-03-09 21:22 - 2016-02-12 11:39 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-03-09 21:22 - 2016-02-12 11:22 - 02610688 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-03-09 21:22 - 2016-02-12 11:19 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-03-09 21:22 - 2016-02-12 11:18 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-03-09 21:22 - 2016-02-12 11:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-03-09 21:22 - 2016-02-12 11:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-03-09 21:22 - 2016-02-12 11:18 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-03-09 21:22 - 2016-02-12 11:18 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2016-03-09 21:22 - 2016-02-12 11:06 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-03-09 21:22 - 2016-02-12 11:05 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-03-09 21:22 - 2016-02-12 11:05 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-03-09 21:22 - 2016-02-12 11:05 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2016-03-09 21:22 - 2016-02-11 11:56 - 05572032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-03-09 21:22 - 2016-02-11 11:56 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-03-09 21:22 - 2016-02-11 11:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-03-09 21:22 - 2016-02-11 11:52 - 01733592 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-03-09 21:22 - 2016-02-11 11:49 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-03-09 21:22 - 2016-02-11 11:49 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-03-09 21:22 - 2016-02-11 11:49 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-03-09 21:22 - 2016-02-11 11:49 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-03-09 21:22 - 2016-02-11 11:49 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-03-09 21:22 - 2016-02-11 11:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-03-09 21:22 - 2016-02-11 11:49 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-03-09 21:22 - 2016-02-11 11:49 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-03-09 21:22 - 2016-02-11 11:48 - 01214464 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-03-09 21:22 - 2016-02-11 11:48 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-03-09 21:22 - 2016-02-11 11:48 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-03-09 21:22 - 2016-02-11 11:48 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-03-09 21:22 - 2016-02-11 11:48 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-03-09 21:22 - 2016-02-11 11:47 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-03-09 21:22 - 2016-02-11 11:45 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-03-09 21:22 - 2016-02-11 11:45 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-03-09 21:22 - 2016-02-11 11:45 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-03-09 21:22 - 2016-02-11 11:45 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-03-09 21:22 - 2016-02-11 11:44 - 03994560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-03-09 21:22 - 2016-02-11 11:44 - 03938240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-03-09 21:22 - 2016-02-11 11:44 - 01461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-03-09 21:22 - 2016-02-11 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-03-09 21:22 - 2016-02-11 11:44 - 00730112 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-03-09 21:22 - 2016-02-11 11:44 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-03-09 21:22 - 2016-02-11 11:42 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-03-09 21:22 - 2016-02-11 11:42 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-03-09 21:22 - 2016-02-11 11:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-03-09 21:22 - 2016-02-11 11:41 - 01314328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-03-09 21:22 - 2016-02-11 11:41 - 00880128 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-03-09 21:22 - 2016-02-11 11:41 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-03-09 21:22 - 2016-02-11 11:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-03-09 21:22 - 2016-02-11 11:41 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-03-09 21:22 - 2016-02-11 11:41 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-03-09 21:22 - 2016-02-11 11:41 - 00004608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-09 21:22 - 2016-02-11 11:41 - 00004608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-09 21:22 - 2016-02-11 11:41 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-09 21:22 - 2016-02-11 11:41 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-03-09 21:22 - 2016-02-11 11:41 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-03-09 21:22 - 2016-02-11 11:41 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-03-09 21:22 - 2016-02-11 11:41 - 00003584 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-09 21:22 - 2016-02-11 11:41 - 00003584 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-09 21:22 - 2016-02-11 11:41 - 00003584 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-09 21:22 - 2016-02-11 11:41 - 00003584 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-03-09 21:22 - 2016-02-11 11:41 - 00003584 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-03-09 21:22 - 2016-02-11 11:41 - 00003584 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-09 21:22 - 2016-02-11 11:41 - 00003584 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-03-09 21:22 - 2016-02-11 11:41 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-03-09 21:22 - 2016-02-11 11:41 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-03-09 21:22 - 2016-02-11 11:41 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-03-09 21:22 - 2016-02-11 11:41 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-03-09 21:22 - 2016-02-11 11:41 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-03-09 21:22 - 2016-02-11 11:41 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-09 21:22 - 2016-02-11 11:41 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-03-09 21:22 - 2016-02-11 11:41 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-03-09 21:22 - 2016-02-11 11:41 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-09 21:22 - 2016-02-11 11:41 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-03-09 21:22 - 2016-02-11 11:41 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-03-09 21:22 - 2016-02-11 11:41 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-03-09 21:22 - 2016-02-11 11:41 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-03-09 21:22 - 2016-02-11 11:38 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-03-09 21:22 - 2016-02-11 11:38 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-03-09 21:22 - 2016-02-11 11:38 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-03-09 21:22 - 2016-02-11 11:38 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-03-09 21:22 - 2016-02-11 11:38 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-03-09 21:22 - 2016-02-11 11:38 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-03-09 21:22 - 2016-02-11 11:38 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-03-09 21:22 - 2016-02-11 11:37 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-03-09 21:22 - 2016-02-11 11:37 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-03-09 21:22 - 2016-02-11 11:37 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-03-09 21:22 - 2016-02-11 11:35 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-03-09 21:22 - 2016-02-11 11:35 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-03-09 21:22 - 2016-02-11 11:35 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-03-09 21:22 - 2016-02-11 11:34 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-03-09 21:22 - 2016-02-11 11:33 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-03-09 21:22 - 2016-02-11 11:31 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-03-09 21:22 - 2016-02-11 11:30 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-03-09 21:22 - 2016-02-11 11:30 - 00642560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-03-09 21:22 - 2016-02-11 11:30 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-03-09 21:22 - 2016-02-11 11:30 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-03-09 21:22 - 2016-02-11 11:30 - 00004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-09 21:22 - 2016-02-11 11:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-09 21:22 - 2016-02-11 11:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-03-09 21:22 - 2016-02-11 11:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-03-09 21:22 - 2016-02-11 11:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-03-09 21:22 - 2016-02-11 11:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-03-09 21:22 - 2016-02-11 11:30 - 00003584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-09 21:22 - 2016-02-11 11:30 - 00003584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-09 21:22 - 2016-02-11 11:30 - 00003584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-03-09 21:22 - 2016-02-11 11:30 - 00003584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-09 21:22 - 2016-02-11 11:30 - 00003584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-09 21:22 - 2016-02-11 11:30 - 00003584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-03-09 21:22 - 2016-02-11 11:30 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-03-09 21:22 - 2016-02-11 11:30 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-09 21:22 - 2016-02-11 11:30 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-03-09 21:22 - 2016-02-11 11:30 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-03-09 21:22 - 2016-02-11 11:30 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-03-09 21:22 - 2016-02-11 11:30 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-03-09 21:22 - 2016-02-11 11:30 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-09 21:22 - 2016-02-11 11:30 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-03-09 21:22 - 2016-02-11 11:30 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-03-09 21:22 - 2016-02-11 11:30 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-03-09 21:22 - 2016-02-11 11:30 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-03-09 21:22 - 2016-02-11 10:48 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-03-09 21:22 - 2016-02-11 10:43 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-03-09 21:22 - 2016-02-11 10:41 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-03-09 21:22 - 2016-02-11 10:40 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-03-09 21:22 - 2016-02-11 10:34 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-03-09 21:22 - 2016-02-11 10:34 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-03-09 21:22 - 2016-02-11 10:33 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-03-09 21:22 - 2016-02-11 10:32 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-03-09 21:22 - 2016-02-11 10:32 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-03-09 21:22 - 2016-02-11 10:32 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-03-09 21:22 - 2016-02-11 10:32 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-03-09 21:22 - 2016-02-11 10:32 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-03-09 21:22 - 2016-02-11 10:32 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-03-09 21:22 - 2016-02-11 10:31 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-03-09 21:22 - 2016-02-11 10:30 - 00006144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-03-09 21:22 - 2016-02-11 10:30 - 00004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-09 21:22 - 2016-02-11 10:30 - 00003584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-03-09 21:22 - 2016-02-11 10:30 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-03-09 21:22 - 2016-02-08 23:53 - 00387792 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-03-09 21:22 - 2016-02-08 23:10 - 00341200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-03-09 21:22 - 2016-02-08 14:05 - 20352512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-03-09 21:22 - 2016-02-08 13:51 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-03-09 21:22 - 2016-02-08 13:39 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-03-09 21:22 - 2016-02-08 13:39 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-03-09 21:22 - 2016-02-08 13:38 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-03-09 21:22 - 2016-02-08 13:38 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-03-09 21:22 - 2016-02-08 13:37 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-03-09 21:22 - 2016-02-08 13:34 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-03-09 21:22 - 2016-02-08 13:32 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-03-09 21:22 - 2016-02-08 13:31 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-03-09 21:22 - 2016-02-08 13:30 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-03-09 21:22 - 2016-02-08 13:28 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-03-09 21:22 - 2016-02-08 13:28 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-03-09 21:22 - 2016-02-08 13:28 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-03-09 21:22 - 2016-02-08 13:20 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-03-09 21:22 - 2016-02-08 13:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-03-09 21:22 - 2016-02-08 13:15 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-03-09 21:22 - 2016-02-08 13:13 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-03-09 21:22 - 2016-02-08 13:12 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-03-09 21:22 - 2016-02-08 13:11 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-03-09 21:22 - 2016-02-08 13:10 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-03-09 21:22 - 2016-02-08 13:10 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-03-09 21:22 - 2016-02-08 13:05 - 25816576 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-03-09 21:22 - 2016-02-08 13:03 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-03-09 21:22 - 2016-02-08 13:02 - 13012480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-03-09 21:22 - 2016-02-08 13:02 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-03-09 21:22 - 2016-02-08 13:01 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-03-09 21:22 - 2016-02-08 13:01 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-03-09 21:22 - 2016-02-08 12:43 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-03-09 21:22 - 2016-02-08 12:39 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-03-09 21:22 - 2016-02-08 12:38 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-03-09 21:22 - 2016-02-08 11:41 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-03-09 21:22 - 2016-02-08 11:41 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-03-09 21:22 - 2016-02-08 11:27 - 02887680 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-03-09 21:22 - 2016-02-08 11:27 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-03-09 21:22 - 2016-02-08 11:26 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-03-09 21:22 - 2016-02-08 11:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-03-09 21:22 - 2016-02-08 11:26 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-03-09 21:22 - 2016-02-08 11:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-03-09 21:22 - 2016-02-08 11:19 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-03-09 21:22 - 2016-02-08 11:18 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-03-09 21:22 - 2016-02-08 11:16 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-03-09 21:22 - 2016-02-08 11:15 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-03-09 21:22 - 2016-02-08 11:14 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-03-09 21:22 - 2016-02-08 11:14 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-03-09 21:22 - 2016-02-08 11:13 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-03-09 21:22 - 2016-02-08 11:13 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-03-09 21:22 - 2016-02-08 11:06 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-03-09 21:22 - 2016-02-08 11:03 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-03-09 21:22 - 2016-02-08 10:55 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-03-09 21:22 - 2016-02-08 10:54 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-03-09 21:22 - 2016-02-08 10:52 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-03-09 21:22 - 2016-02-08 10:51 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-03-09 21:22 - 2016-02-08 10:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-03-09 21:22 - 2016-02-08 10:47 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-03-09 21:22 - 2016-02-08 10:37 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-03-09 21:22 - 2016-02-08 10:35 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-03-09 21:22 - 2016-02-08 10:34 - 00798720 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-03-09 21:22 - 2016-02-08 10:33 - 14613504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-03-09 21:22 - 2016-02-08 10:33 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-03-09 21:22 - 2016-02-08 10:33 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-03-09 21:22 - 2016-02-08 10:19 - 02597376 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-03-09 21:22 - 2016-02-08 10:07 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-03-09 21:22 - 2016-02-08 09:55 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-03-09 21:22 - 2016-02-04 10:52 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-03-09 21:22 - 2016-02-03 11:58 - 00862208 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-03-09 21:22 - 2016-02-03 11:52 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-03-09 21:22 - 2016-02-03 11:49 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-03-09 21:22 - 2016-02-03 11:43 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-03-09 21:22 - 2016-02-03 11:07 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2016-03-09 21:22 - 2016-01-11 12:11 - 01684416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2016-03-09 21:22 - 2015-11-19 07:07 - 00994760 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-03-09 21:22 - 2015-11-19 07:07 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-03-09 21:22 - 2015-11-19 07:07 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-03-09 21:22 - 2015-11-19 07:07 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-03-09 21:22 - 2015-11-19 07:07 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-03-09 21:22 - 2015-11-19 07:07 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-03-09 21:22 - 2015-11-19 07:07 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-03-09 21:22 - 2015-11-19 07:07 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-03-09 21:22 - 2015-11-19 07:07 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-03-09 21:22 - 2015-11-19 07:07 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2016-03-09 21:22 - 2015-11-19 07:07 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-03-09 21:22 - 2015-11-19 07:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-03-09 21:22 - 2015-11-19 07:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-03-09 21:22 - 2015-11-19 07:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-03-09 21:22 - 2015-11-19 07:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-03-09 21:22 - 2015-11-19 07:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-03-09 21:22 - 2015-11-19 07:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-03-09 21:22 - 2015-11-19 07:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2016-03-09 21:22 - 2015-11-19 07:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-03-09 21:22 - 2015-11-19 07:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2016-03-09 21:22 - 2015-11-19 07:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-03-09 21:22 - 2015-11-19 07:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2016-03-09 21:22 - 2015-11-19 07:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2016-03-09 21:22 - 2015-11-19 07:06 - 00922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2016-03-09 21:22 - 2015-11-19 07:06 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-03-09 21:22 - 2015-11-19 07:06 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-03-09 21:22 - 2015-11-19 07:06 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-03-09 21:22 - 2015-11-19 07:06 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-03-09 21:22 - 2015-11-19 07:06 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-03-09 21:22 - 2015-11-19 07:06 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-03-09 21:22 - 2015-11-19 07:06 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-03-09 21:22 - 2015-11-19 07:06 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-03-09 21:22 - 2015-11-19 07:06 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2016-03-09 21:22 - 2015-11-19 07:06 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-03-09 21:22 - 2015-11-19 07:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-03-09 21:22 - 2015-11-19 07:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-03-09 21:22 - 2015-11-19 07:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-03-09 21:22 - 2015-11-19 07:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-03-09 21:22 - 2015-11-19 07:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-03-09 21:22 - 2015-11-19 07:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-03-09 21:22 - 2015-11-19 07:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2016-03-09 21:22 - 2015-11-19 07:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2016-03-09 21:22 - 2015-11-19 07:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2016-03-09 21:22 - 2015-11-19 07:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2016-03-09 21:22 - 2015-11-19 07:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2016-03-09 21:22 - 2015-11-19 07:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2016-03-09 21:21 - 2016-02-19 12:02 - 00038336 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-03-09 21:21 - 2016-02-19 11:54 - 01168896 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-03-09 21:21 - 2016-02-19 07:07 - 01373184 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-03-09 21:21 - 2016-02-11 07:07 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-03-09 21:21 - 2016-02-09 02:57 - 14634496 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-03-09 21:21 - 2016-02-09 02:57 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2016-03-09 21:21 - 2016-02-09 02:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2016-03-09 21:21 - 2016-02-09 02:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2016-03-09 21:21 - 2016-02-09 02:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2016-03-09 21:21 - 2016-02-09 02:54 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2016-03-09 21:21 - 2016-02-09 02:51 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2016-03-09 21:21 - 2016-02-09 02:51 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-03-09 21:21 - 2016-02-09 02:13 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2016-03-09 21:21 - 2016-02-09 02:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2016-03-09 21:21 - 2016-02-09 02:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2016-03-09 21:21 - 2016-02-05 11:54 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-03-09 21:21 - 2016-02-05 11:54 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-03-09 21:21 - 2016-02-05 11:53 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-03-09 21:21 - 2016-02-05 11:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-03-09 21:21 - 2016-02-05 11:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2016-03-09 21:21 - 2016-02-05 11:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-03-09 21:21 - 2016-02-05 11:42 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2016-03-09 21:21 - 2016-02-05 10:48 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-03-09 21:21 - 2016-02-05 10:43 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-03-09 21:21 - 2016-02-05 10:43 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-03-09 21:21 - 2016-02-05 07:07 - 00696832 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-03-09 21:21 - 2016-02-05 07:07 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-03-09 21:21 - 2016-02-05 07:07 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-03-09 21:21 - 2016-02-04 18:19 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2016-03-09 21:21 - 2016-02-04 11:41 - 00296448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2016-03-08 21:46 - 2016-03-08 21:47 - 00000000 ____D C:\Windows\system32\CatRoot2.old
2016-03-08 21:44 - 2016-03-08 21:45 - 00000000 ____D C:\Windows\SoftwareDistribution.old
2016-03-08 21:29 - 2016-03-08 21:29 - 10104832 _____ (© Phoenix Technologies Ltd. ) C:\Users\Jason Mccomb\Downloads\L502XA11.exe
2016-03-08 21:20 - 2016-03-08 21:20 - 06176624 _____ C:\Users\Jason Mccomb\Downloads\R292317 (1).exe
2016-03-08 21:13 - 2016-03-08 21:13 - 00420192 _____ () C:\Users\Jason Mccomb\Downloads\DellSystemDetectLauncher.exe
2016-03-07 14:59 - 2016-03-19 03:17 - 00000000 ____D C:\Users\Jason Mccomb\Desktop\Dr Ho Photos
2016-03-07 14:52 - 2016-03-07 14:52 - 00000000 ____D C:\Users\Jason Mccomb\AppData\Roaming\Apple Computer
2016-03-05 22:52 - 2016-03-05 22:52 - 00002563 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-03-05 22:52 - 2016-03-05 22:52 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2016-03-05 22:52 - 2016-03-05 22:52 - 00000000 ____D C:\Users\Jason Mccomb\AppData\Local\Apple
2016-03-05 22:52 - 2016-03-05 22:52 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2016-03-05 22:51 - 2016-03-05 22:51 - 00000000 ____D C:\Users\Jason Mccomb\AppData\LocalLow\Apple Computer
2016-03-05 22:51 - 2016-03-05 22:51 - 00000000 ____D C:\ProgramData\Apple
2016-03-05 22:50 - 2016-03-05 22:50 - 00000000 ____D C:\Users\Jason Mccomb\Desktop\web-apps-sdk-master
2016-03-05 21:28 - 2016-03-19 03:19 - 00000000 ____D C:\Users\Jason Mccomb\Desktop\PHOTO-BOMB
2016-03-05 10:19 - 2016-03-05 10:20 - 41896256 _____ (Apple Inc.) C:\Users\Jason Mccomb\Downloads\QuickTimeInstaller.exe
2016-03-05 10:13 - 2016-03-05 10:14 - 00000000 ____D C:\Users\Jason Mccomb\AppData\Local\GoPro
2016-03-05 10:13 - 2016-03-05 10:13 - 00000000 ____D C:\Users\Jason Mccomb\AppData\Roaming\GoPro
2016-03-05 10:09 - 2016-03-05 21:29 - 00000000 ____D C:\Users\Public\CineForm
2016-03-05 10:08 - 2016-03-05 10:08 - 00000000 ____D C:\Program Files (x86)\GoPro
2016-03-05 10:08 - 2016-03-05 10:08 - 00000000 ____D C:\Program Files (x86)\CineForm
2016-03-05 10:07 - 2016-03-19 02:45 - 00000000 ____D C:\Program Files (x86)\OpenAL
2016-03-05 10:07 - 2016-03-05 10:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GoPro
2016-03-05 10:07 - 2016-03-05 10:07 - 00466456 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2016-03-05 10:07 - 2016-03-05 10:07 - 00444952 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2016-03-05 10:07 - 2016-03-05 10:07 - 00122904 _____ (Portions © Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2016-03-05 10:07 - 2016-03-05 10:07 - 00109080 _____ (Portions © Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2016-03-05 10:07 - 2016-03-05 10:07 - 00000000 ____D C:\Program Files\GoPro
2016-03-05 09:59 - 2016-03-05 10:03 - 190644936 _____ (GoPro, Inc.) C:\Users\Jason Mccomb\Downloads\GoPro-WinInstaller-1.0.0.1799.exe
2016-03-05 09:46 - 2016-03-19 03:47 - 00000000 ____D C:\Users\Jason Mccomb\Desktop\dr ho video
2016-03-04 11:35 - 2016-03-04 11:35 - 00000000 _____ C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2016-02-28 17:57 - 2016-02-28 17:57 - 00000053 _____ C:\Users\Jason Mccomb\Downloads\googlef97c8714d71f72ba.html
2016-02-27 23:02 - 2016-02-27 23:02 - 00000000 ____D C:\Users\Jason Mccomb\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\World of Warships
2016-02-26 22:14 - 2016-02-26 22:14 - 01334784 _____ (CineForm Inc.) C:\Windows\system32\CFHD.dll
2016-02-26 22:14 - 2016-02-26 22:14 - 01119744 _____ (CineForm Inc.) C:\Windows\SysWOW64\CFHD.dll
2016-02-26 18:19 - 2016-02-26 18:19 - 00000000 ____D C:\Users\Jason Mccomb\Desktop\bootstrap-4-dev
2016-02-26 18:17 - 2016-02-26 18:17 - 03015057 _____ C:\Users\Jason Mccomb\Desktop\bootstrap-4-dev.zip
2016-02-26 18:11 - 2016-02-26 18:11 - 00004129 _____ C:\Users\Jason Mccomb\Desktop\rev.csv
2016-02-26 18:11 - 2016-02-26 18:11 - 00003179 _____ C:\Users\Jason Mccomb\Desktop\programs.csv
2016-02-26 18:10 - 2016-02-26 18:10 - 00001489 _____ C:\Users\Jason Mccomb\Desktop\profile.csv
2016-02-26 18:09 - 2016-02-26 18:09 - 00002331 _____ C:\Users\Jason Mccomb\Desktop\WebAppItemExport.csv
2016-02-26 17:12 - 2016-03-17 09:24 - 00000000 ____D C:\Users\Jason Mccomb\AppData\Local\Nvidia Corporation
2016-02-26 17:11 - 2016-03-19 02:45 - 00000000 ____D C:\Windows\SysWOW64\NV
2016-02-26 17:11 - 2016-03-19 02:45 - 00000000 ____D C:\Windows\system32\NV
2016-02-26 17:11 - 2016-02-08 22:26 - 00111672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2016-02-26 17:08 - 2016-02-09 01:39 - 42982336 _____ C:\Windows\system32\nvcompiler.dll
2016-02-26 17:08 - 2016-02-09 01:39 - 37616696 _____ C:\Windows\SysWOW64\nvcompiler.dll
2016-02-26 17:08 - 2016-02-09 01:39 - 31081920 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2016-02-26 17:08 - 2016-02-09 01:39 - 24916536 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2016-02-26 17:08 - 2016-02-09 01:39 - 21193032 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2016-02-26 17:08 - 2016-02-09 01:39 - 20733832 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2016-02-26 17:08 - 2016-02-09 01:39 - 18758400 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2016-02-26 17:08 - 2016-02-09 01:39 - 17625136 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2016-02-26 17:08 - 2016-02-09 01:39 - 17218792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2016-02-26 17:08 - 2016-02-09 01:39 - 16995576 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2016-02-26 17:08 - 2016-02-09 01:39 - 12383288 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2016-02-26 17:08 - 2016-02-09 01:39 - 03145272 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2016-02-26 17:08 - 2016-02-09 01:39 - 02722872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2016-02-26 17:08 - 2016-02-09 01:39 - 01924152 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6436191.dll
2016-02-26 17:08 - 2016-02-09 01:39 - 01571776 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6436191.dll
2016-02-26 17:08 - 2016-02-09 01:39 - 00950328 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2016-02-26 17:08 - 2016-02-09 01:39 - 00880576 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2016-02-26 17:08 - 2016-02-09 01:39 - 00747064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2016-02-26 17:08 - 2016-02-09 01:39 - 00691256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2016-02-26 17:08 - 2016-02-09 01:39 - 00307768 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvkflt.sys
2016-02-26 17:08 - 2016-02-09 01:39 - 00151368 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2016-02-26 17:08 - 2016-02-09 01:39 - 00128696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2016-02-26 17:08 - 2016-02-09 01:39 - 00038336 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpciflt.sys
2016-02-26 17:02 - 2015-12-17 23:11 - 00047760 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2016-02-26 17:02 - 2015-12-17 23:10 - 00099472 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2016-02-26 17:02 - 2015-12-17 23:10 - 00090768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2016-02-26 03:13 - 2016-01-06 12:02 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2016-02-26 03:13 - 2016-01-06 12:02 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2016-02-26 03:13 - 2016-01-06 11:41 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2016-02-26 03:12 - 2016-01-07 10:42 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-02-26 03:12 - 2015-12-20 11:50 - 03180544 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2016-02-26 03:12 - 2015-12-20 11:50 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2016-02-26 03:12 - 2015-12-20 07:08 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2016-02-26 03:11 - 2016-01-21 23:18 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2016-02-26 03:11 - 2016-01-21 23:18 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2016-02-26 03:11 - 2016-01-21 23:17 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-02-26 03:11 - 2016-01-21 23:04 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2016-02-26 03:11 - 2016-01-21 23:04 - 00535040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2016-02-26 03:11 - 2016-01-21 23:02 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-02-26 03:11 - 2016-01-21 23:02 - 00114176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2016-02-26 03:11 - 2016-01-16 12:01 - 02085888 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-02-26 03:11 - 2016-01-16 11:36 - 01413632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-02-25 19:12 - 2016-03-11 08:06 - 00000000 ____D C:\Users\Public\Documents\AdobeInstalledCodecs
2016-02-25 19:04 - 2016-02-25 19:04 - 00002211 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator CC 2015.lnk
2016-02-25 18:32 - 2016-02-25 18:32 - 00001243 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2016-02-25 18:32 - 2016-02-25 18:32 - 00001231 _____ C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2016-02-25 18:15 - 2016-02-25 18:16 - 00000000 ____D C:\Windows\SoftwareDistribution.bak
2016-02-25 17:32 - 2016-02-25 17:32 - 00146221 _____ C:\Users\Jason Mccomb\Desktop\eventvwr.msc
2016-02-25 13:20 - 2016-03-24 04:13 - 00000000 ____D C:\ProgramData\Intel Security
2016-02-25 13:17 - 2016-02-25 13:17 - 00000000 ____D C:\Program Files\Common Files\Intel Security
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-03-24 06:00 - 2015-10-20 09:09 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-03-24 05:48 - 2015-10-20 08:14 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-03-24 05:34 - 2016-01-13 10:29 - 00000920 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2016-03-24 05:19 - 2016-02-04 11:19 - 00000911 _____ C:\Windows\Tasks\EPSON XP-810 Series Update {EF5EC85C-45EA-4E4C-AE2B-951F5A363045}.job
2016-03-24 05:19 - 2016-02-04 11:19 - 00000725 _____ C:\Windows\Tasks\EPSON XP-810 Series Invitation {EF5EC85C-45EA-4E4C-AE2B-951F5A363045}.job
2016-03-24 05:19 - 2009-07-13 22:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2016-03-24 04:14 - 2015-10-14 22:33 - 00000000 ____D C:\Program Files\McAfee
2016-03-24 04:14 - 2015-10-14 22:16 - 00000000 ____D C:\ProgramData\McAfee
2016-03-24 04:13 - 2015-12-29 15:47 - 00000000 ____D C:\Windows\System32\Tasks\McAfee
2016-03-24 04:13 - 2015-10-14 22:16 - 00000000 ____D C:\Program Files\Common Files\McAfee
2016-03-24 04:03 - 2016-01-24 08:21 - 00000000 ____D C:\Users\Administrator\AppData\Local\CrashDumps
2016-03-24 03:54 - 2015-10-15 02:55 - 00000000 ____D C:\Program Files\Common Files\AV
2016-03-24 03:51 - 2016-01-24 07:29 - 00117984 _____ C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT
2016-03-23 21:26 - 2015-10-24 04:46 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-03-23 20:38 - 2009-07-13 21:45 - 00021872 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-03-23 20:38 - 2009-07-13 21:45 - 00021872 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-03-23 20:33 - 2016-01-13 10:29 - 00000916 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2016-03-23 20:33 - 2015-10-20 09:09 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-03-23 20:33 - 2015-10-17 12:12 - 00000302 _____ C:\Windows\Tasks\NUAutoUpdate.job
2016-03-23 20:33 - 2015-10-17 12:11 - 00000000 ____D C:\ProgramData\TEMP
2016-03-23 20:33 - 2009-07-13 21:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-03-23 20:32 - 2015-10-19 21:48 - 00001908 _____ C:\Windows\diagwrn.xml
2016-03-23 20:32 - 2015-10-19 21:48 - 00001908 _____ C:\Windows\diagerr.xml
2016-03-23 20:31 - 2015-10-20 18:15 - 00000000 ___RD C:\Users\Jason Mccomb\Creative Cloud Files
2016-03-23 20:29 - 2016-01-13 10:31 - 00000000 ___RD C:\Users\Jason Mccomb\Dropbox
2016-03-23 20:29 - 2016-01-13 10:29 - 00000000 ____D C:\Users\Jason Mccomb\AppData\Local\Dropbox
2016-03-23 20:28 - 2015-10-20 10:01 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-03-23 20:28 - 2015-10-20 09:08 - 00000000 ____D C:\Users\Jason Mccomb\AppData\Local\Adobe
2016-03-23 20:27 - 2015-10-14 18:59 - 00117984 _____ C:\Users\Jason Mccomb\AppData\Local\GDIPFONTCACHEV1.DAT
2016-03-23 20:22 - 2009-07-13 22:13 - 00749656 _____ C:\Windows\system32\PerfStringBackup.INI
2016-03-23 20:22 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\inf
2016-03-23 20:17 - 2009-07-13 21:45 - 05139904 _____ C:\Windows\system32\FNTCACHE.DAT
2016-03-23 20:16 - 2009-07-13 22:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-03-23 20:15 - 2015-10-15 16:50 - 00000000 ____D C:\ProgramData\NVIDIA
2016-03-23 20:09 - 2009-07-13 19:34 - 00000471 _____ C:\Windows\win.ini
2016-03-23 20:05 - 2015-10-14 20:04 - 00749656 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-03-23 18:09 - 2015-10-17 14:04 - 00785192 _____ C:\Windows\ntbtlog.txt
2016-03-23 18:01 - 2011-04-12 01:28 - 00000000 ___RD C:\Users\Public\Recorded TV
2016-03-23 16:26 - 2016-01-24 07:28 - 00000000 ____D C:\Users\Administrator
2016-03-23 16:26 - 2015-10-21 06:03 - 00000000 ____D C:\Users\Regina Pinpin
2016-03-23 16:26 - 2015-10-20 08:20 - 00000000 ____D C:\Users\QBDataServiceUser25
2016-03-23 16:26 - 2015-10-14 18:37 - 00000000 ____D C:\Users\Jason Mccomb
2016-03-23 16:06 - 2015-10-14 19:24 - 00000000 ____D C:\Windows\Panther
2016-03-23 14:41 - 2015-10-14 22:11 - 00000000 ____D C:\ProgramData\support.com
2016-03-23 14:15 - 2015-10-17 14:15 - 00000380 _____ C:\Windows\Tasks\SlimCleaner Plus (Scheduled Scan - Jason Mccomb).job
2016-03-23 13:25 - 2015-10-15 19:05 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-03-23 13:25 - 2015-10-15 19:05 - 00000000 ___SD C:\Windows\system32\GWX
2016-03-23 13:24 - 2015-10-17 12:12 - 00000000 ____D C:\Users\Jason Mccomb\AppData\Roaming\Norton Utilities 16
2016-03-23 13:20 - 2015-10-14 22:14 - 00000000 ____D C:\Users\Jason Mccomb\AppData\Roaming\OpswatLogs
2016-03-23 13:17 - 2016-01-15 17:05 - 00000000 ____D C:\ProgramData\Oracle
2016-03-23 13:15 - 2016-01-23 18:19 - 00000344 _____ C:\Windows\Tasks\SpeedDiskSchedule.job
2016-03-23 13:14 - 2016-01-15 17:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-03-23 13:14 - 2016-01-15 17:05 - 00000000 ____D C:\Program Files (x86)\Java
2016-03-23 13:12 - 2016-01-15 17:06 - 00000000 ____D C:\Users\Jason Mccomb\.oracle_jre_usage
2016-03-23 13:12 - 2016-01-15 17:05 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-03-23 12:48 - 2015-10-20 08:14 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-03-23 12:48 - 2015-10-20 08:14 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-03-23 12:48 - 2015-10-20 08:14 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-03-23 12:36 - 2016-01-13 10:29 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-03-23 12:34 - 2016-02-01 15:57 - 00003484 _____ C:\Windows\System32\Tasks\PCDEventLauncherTask
2016-03-23 12:29 - 2015-10-16 22:55 - 00000000 ____D C:\ProgramData\SupportAssistAgent
2016-03-21 00:22 - 2015-10-17 12:12 - 00000294 _____ C:\Windows\Tasks\NUSchedule.job
2016-03-21 00:21 - 2016-01-24 11:53 - 00000884 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2298228554-2302162825-2368335802-1000Core.job
2016-03-19 02:49 - 2016-01-23 21:58 - 00000000 ____D C:\Users\Jason Mccomb\AppData\Local\NVIDIA
2016-03-19 02:46 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\inetsrv
2016-03-19 02:45 - 2016-01-24 07:28 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Macromedia
2016-03-19 02:45 - 2016-01-23 21:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-03-19 02:45 - 2015-10-21 12:16 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2016-03-19 02:45 - 2015-10-21 06:03 - 00000000 ____D C:\Users\Regina Pinpin\AppData\Roaming\Macromedia
2016-03-19 02:45 - 2015-10-20 08:20 - 00000000 ____D C:\Users\Jason Mccomb\AppData\Local\Intuit
2016-03-19 02:45 - 2015-10-16 22:17 - 00000000 ____D C:\Users\Jason Mccomb\AppData\Roaming\Macromedia
2016-03-19 02:45 - 2015-10-15 19:15 - 00000000 ____D C:\Users\Jason Mccomb\AppData\Roaming\Adobe
2016-03-19 02:45 - 2009-07-13 22:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2016-03-19 02:45 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\Msdtc
2016-03-19 02:45 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\security
2016-03-19 02:45 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\Help
2016-03-19 02:44 - 2015-10-17 15:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NeoSmart Technologies
2016-03-19 02:44 - 2015-10-17 15:35 - 00000000 ____D C:\Program Files (x86)\NeoSmart Technologies
2016-03-19 02:44 - 2015-10-15 16:49 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-03-19 02:44 - 2015-10-15 16:49 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-03-19 02:44 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\registration
2016-03-19 02:43 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\SysWOW64\inetsrv
2016-03-19 02:43 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\spool
2016-03-19 02:43 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2016-03-19 02:42 - 2015-10-20 18:22 - 00000000 ____D C:\Program Files\Common Files\Adobe
2016-03-19 02:42 - 2015-10-15 16:49 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-03-19 02:42 - 2009-07-13 20:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2016-03-19 02:39 - 2015-10-21 12:15 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-03-19 02:39 - 2015-10-16 21:45 - 00000000 ____D C:\Program Files (x86)\InstallShield Installation Information
2016-03-19 02:39 - 2015-10-14 20:49 - 00000000 ____D C:\Program Files (x86)\Intel
2016-03-18 22:22 - 2015-10-14 18:37 - 04194304 _____ C:\Users\Jason Mccomb\NTUSER.bak
2016-03-18 22:22 - 2009-07-13 19:34 - 92012544 _____ C:\Windows\system32\config\SOFTWARE.bak
2016-03-18 22:22 - 2009-07-13 19:34 - 44302336 _____ C:\Windows\system32\config\COMPONENTS.bak
2016-03-18 22:22 - 2009-07-13 19:34 - 34078720 _____ C:\Windows\system32\config\SYSTEM.bak
2016-03-18 22:22 - 2009-07-13 19:34 - 00524288 _____ C:\Windows\system32\config\DEFAULT.bak
2016-03-18 22:22 - 2009-07-13 19:34 - 00262144 _____ C:\Windows\system32\config\SECURITY.bak
2016-03-18 22:22 - 2009-07-13 19:34 - 00262144 _____ C:\Windows\system32\config\SAM.bak
2016-03-18 20:34 - 2016-02-04 23:24 - 00000000 ____D C:\Users\Jason Mccomb\AppData\Local\CrashDumps
2016-03-17 09:37 - 2015-10-21 12:16 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-03-14 18:48 - 2015-10-20 18:33 - 00000000 ____D C:\Users\Jason Mccomb\Documents\Adobe
2016-03-14 17:18 - 2015-10-20 18:22 - 00000000 ____D C:\Program Files\Adobe
2016-03-14 17:04 - 2016-01-13 11:51 - 00000000 ____D C:\Users\Jason Mccomb\Desktop\WEB-SITES
2016-03-14 16:02 - 2015-10-20 09:10 - 00002197 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-03-13 04:42 - 2015-10-14 22:45 - 00000000 ____D C:\Program Files (x86)\Office Depot Tech Support
2016-03-12 19:49 - 2015-10-20 02:37 - 00000000 ____D C:\Users\Jason Mccomb\AppData\Local\ElevatedDiagnostics
2016-03-12 17:32 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\rescache
2016-03-11 08:53 - 2015-10-15 18:39 - 00000000 ____D C:\Windows\system32\MRT
2016-03-11 08:42 - 2015-10-15 18:39 - 143659408 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-03-10 15:35 - 2016-01-15 13:01 - 00002485 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2016-03-09 23:13 - 2015-10-15 19:05 - 00000000 ____D C:\Windows\system32\appraiser
2016-03-08 21:14 - 2015-10-16 21:36 - 00000000 ____D C:\Users\Jason Mccomb\AppData\Local\Deployment
2016-03-05 10:09 - 2015-10-20 09:55 - 00000000 ____D C:\ProgramData\Package Cache
2016-02-27 23:02 - 2016-01-30 23:37 - 00000000 ____D C:\Games
2016-02-26 18:19 - 2016-01-13 11:51 - 00000000 ____D C:\Users\Jason Mccomb\Desktop\seo
2016-02-26 04:23 - 2011-04-12 01:28 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-26 02:43 - 2009-07-13 19:34 - 91488256 _____ C:\Windows\system32\config\software.rmbak
2016-02-26 02:43 - 2009-07-13 19:34 - 00524288 _____ C:\Windows\system32\config\default.rmbak
2016-02-25 18:32 - 2015-10-20 09:54 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-02-25 13:04 - 2015-10-14 22:45 - 00002148 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Office Depot Tech Support.lnk
2016-02-25 13:04 - 2015-10-14 22:45 - 00002136 _____ C:\Users\Public\Desktop\Office Depot Tech Support.lnk
 
==================== Files in the root of some directories =======
 
2016-03-24 04:42 - 2016-03-24 04:42 - 0000017 _____ () C:\Users\Administrator\AppData\Local\resmon.resmoncfg
2015-10-14 19:44 - 2015-10-14 19:44 - 0000000 _____ () C:\ProgramData\DP45977C.lfl
 
Some files in TEMP:
====================
C:\Users\Administrator\AppData\Local\Temp\0081691458817925mcinst.exe
C:\Users\Administrator\AppData\Local\Temp\McCSPInstall.dll
C:\Users\Administrator\AppData\Local\Temp\mccspuninstall.exe
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
==================== BCD ================================
 
Windows Boot Manager
--------------------
identifier              {bootmgr}
device                  boot
description             Windows Boot Manager
locale                  en-US
inherit                 {globalsettings}
default                 {current}
resumeobject            {c63f23df-7523-11e5-8d83-806e6f6e6963}
displayorder            {current}
bootsequence            {current}
toolsdisplayorder       {memdiag}
timeout                 10
 
Windows Boot Loader
-------------------
identifier              {current}
device                  partition=C:
path                    \Windows\system32\winload.exe
description             Microsoft Windows 7
locale                  en-US
osdevice                partition=C:
systemroot              \Windows
resumeobject            {c63f23df-7523-11e5-8d83-806e6f6e6963}
usefirmwarepcisettings  No
 
Resume from Hibernate
---------------------
identifier              {c63f23df-7523-11e5-8d83-806e6f6e6963}
device                  partition=C:
path                    \Windows\system32\winresume.exe
description             Microsoft Windows 7
locale                  en-US
inherit                 {resumeloadersettings}
filedevice              partition=C:
filepath                \hiberfil.sys
debugoptionenabled      No
 
Windows Memory Tester
---------------------
identifier              {memdiag}
device                  boot
path                    \Boot\memtest.exe
description             Windows Memory Diagnostic
locale                  en-US
inherit                 {globalsettings}
badmemoryaccess         Yes
 
EMS Settings
------------
identifier              {emssettings}
bootems                 Yes
 
Debugger Settings
-----------------
identifier              {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200
 
RAM Defects
-----------
identifier              {badmemory}
 
Global Settings
---------------
identifier              {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}
 
Boot Loader Settings
--------------------
identifier              {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}
 
Hypervisor Settings
-------------------
identifier              {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200
 
Resume Loader Settings
----------------------
identifier              {resumeloadersettings}
inherit                 {globalsettings}
 
Device options
--------------
identifier              {1f8184a5-14de-11df-9734-f08c6d8c50b0}
description             Ramdisk Options
ramdisksdidevice        unknown
ramdisksdipath          \Recovery\1f8184a4-14de-11df-9734-f08c6d8c50b0\boot.sdi
 
 
 
LastRegBack: 2016-03-23 15:00
 
==================== End of FRST.txt ============================
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
Ran by Administrator (2016-03-24 06:03:59)
Running from C:\Users\Administrator\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2015-10-15 01:37:38)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2298228554-2302162825-2368335802-500 - Administrator - Enabled) => C:\Users\Administrator
Guest (S-1-5-21-2298228554-2302162825-2368335802-501 - Limited - Disabled)
Jason Mccomb (S-1-5-21-2298228554-2302162825-2368335802-1000 - Administrator - Enabled) => C:\Users\Jason Mccomb
QBDataServiceUser25 (S-1-5-21-2298228554-2302162825-2368335802-1003 - Limited - Enabled) => C:\Users\QBDataServiceUser25
Regina Pinpin (S-1-5-21-2298228554-2302162825-2368335802-1004 - Administrator - Enabled) => C:\Users\Regina Pinpin
zero (S-1-5-21-2298228554-2302162825-2368335802-1005 - Limited - Enabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.5.1.209 - Adobe Systems Incorporated)
Adobe Dreamweaver CC 2015 (HKLM-x32\...\{EE2A0AA8-0386-11E5-8603-BC82F5DB1A71}) (Version: 16.1.0 - Adobe Systems Incorporated)
Adobe Edge Reflow CC Preview (HKLM\...\{DA100A61-CDB8-4BA8-A71E-B2F7BDF34AD2}) (Version: 0.51.17186 - Adobe Systems Incorporated)
Adobe Fireworks CS6 (HKLM-x32\...\{CA7C485C-7A89-11E1-B2C8-CD54B377BC52}) (Version: 12.0.1 - Adobe Systems Incorporated)
Adobe Flash Player 21 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 21.0.0.197 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Illustrator CC 2015 (HKLM-x32\...\ILST_19_2_1) (Version: 19.2.1 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2015 (HKLM-x32\...\{0FAC7130-BEC5-47A5-8813-1D339B8326ED}) (Version: 9.2.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.1.2 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2015 (HKLM-x32\...\{38C72D42-0672-43B1-9E05-E7631684F9A1}) (Version: 9.2.0 - Adobe Systems Incorporated)
Adobe SpeedGrade CC 2015 (HKLM-x32\...\{8FD7F1DB-7355-469E-A3F2-2118148D8477}) (Version: 9.1.0 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Application Verifier (x64) (HKLM\...\{89026002-A893-42D9-9E20-6829B844735E}) (Version: 4.1.1078 - Microsoft Corporation)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 11.1.2253 - AVAST Software)
Debugging Tools for Windows (x64) (HKLM\...\{DBFC6AAE-DCCB-4C23-B01C-3EDDDC03298B}) (Version: 6.12.2.633 - Microsoft Corporation)
Dell Data Vault (Version: 4.3.4.0 - Dell Inc.) Hidden
Dell Digital Delivery (HKLM-x32\...\{31045ECE-019D-4DDF-A5C8-5C51A3FE50EE}) (Version: 1.7.4501.0 - Dell Products, LP)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.2.6745.47 - Dell)
Dell SupportAssistAgent (HKLM-x32\...\{B57A8AFE-6735-4497-BD52-BD2F838F5CF0}) (Version: 1.2.1.31 - Dell)
Dell System Detect (HKU\S-1-5-21-2298228554-2302162825-2368335802-500\...\58d94f3ce2c27db0) (Version: 6.12.0.5 - Dell)
Dell Update (HKLM-x32\...\{DB82968B-57A4-4397-81A5-ECAB21B5DFCD}) (Version: 1.7.1015.0 - Dell Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.16.1 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.77 - Dropbox, Inc.) Hidden
EasyBCD 2.2 (HKLM-x32\...\EasyBCD) (Version: 2.2 - NeoSmart Technologies)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON WorkForce 645 Series Printer Uninstall (HKLM\...\EPSON WorkForce 645 Series) (Version:  - SEIKO EPSON Corporation)
EPSON XP-810 Series Printer Uninstall (HKLM\...\EPSON XP-810 Series) (Version:  - SEIKO EPSON Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.87 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7210.1528 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
GoPro (Version: 0.1.1799 - GoPro, Inc.) Hidden
GoPro for Desktop (HKLM-x32\...\{065d0333-0b05-41f3-a564-0eabddb78841}) (Version: 0.1.0.1799 - GoPro, Inc.)
GoPro Studio (x32 Version: 5.8.1799 - GoPro, Inc.) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.0.1001 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Java 8 Update 77 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218077F0}) (Version: 8.0.770.3 - Oracle Corporation)
Kaspersky Security Scan (HKLM-x32\...\InstallWIX_{D1282694-0693-41A8-ABC1-6D1FFC1F65C5}) (Version: 15.0.0.740 - Kaspersky Lab)
Kaspersky Security Scan (x32 Version: 15.0.0.740 - Kaspersky Lab) Hidden
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.6568.2025 - Microsoft Corporation)
Microsoft Visual C++  Compilers 2010 Standard - enu - x64 (HKLM\...\{88387B3B-B110-392F-B919-1A15B48F21D4}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++  Compilers 2010 Standard - enu - x86 (HKLM-x32\...\{370187B9-6964-38D0-851F-6C4898B0C2B1}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Windows Performance Toolkit (HKLM\...\{E7F9E526-2324-437B-A609-E8C5309465CB}) (Version: 4.8.0 - Microsoft Corporation)
Microsoft Windows SDK for Windows 7 (7.1) (HKLM\...\SDKSetup_7.1.7600.0.30514) (Version: 7.1.7600.0.30514 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Norton Utilities 16 (HKLM-x32\...\Norton Utilities 16_is1) (Version: 16.0 - Symantec Corporation)
NVIDIA 3D Vision Driver 361.91 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 361.91 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.9.1.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.9.1.22 - NVIDIA Corporation)
NVIDIA Graphics Driver 361.91 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 361.91 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.6528.1011 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6528.1011 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.6528.1011 - Microsoft Corporation) Hidden
Office Depot Tech Support (HKLM-x32\...\Office Depot Tech Support) (Version: 77.0.33.2 - Support.com, Inc.)
Office Mix (HKLM-x32\...\{85965d85-f7b1-4864-a5e1-d4224ef52794}) (Version: 0.1.5691.0 - Microsoft Corporation)
Office Mix 32-bit (x32 Version: 0.1.5691.0 - Microsoft) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Pinegrow Web Designer version 2.5 (HKLM-x32\...\Pinegrow Web Designer_is1) (Version: 2.5 - )
QuickBooks (x32 Version: 25.0.4006.2506 - Intuit Inc.) Hidden
QuickBooks Pro 2015 (HKLM-x32\...\{8F02EFA1-8F5E-4E47-A6B5-D99E4FE90271}) (Version: 25.0.4001.2506 - Intuit Inc.)
QuickBooks Runtime Redistributable (HKLM\...\{F2A4F809-2DE6-4D27-888B-4D2BB8DAF20E}) (Version: 1.00.0000 - Intuit Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7548 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.27.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.1.27.0 - Renesas Electronics Corporation) Hidden
SafeZone Stable 1.48.2066.44 (x32 Version: 1.48.2066.44 - Avast Software) Hidden
SHIELD Streaming (Version: 4.1.0260 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.9.1.22 - NVIDIA Corporation) Hidden
smartmontools (HKLM-x32\...\smartmontools) (Version: 5.42 2011-10-20 r3458 (sf-win32-5.42-1) - )
Tweaking.com - Windows Repair (HKLM-x32\...\Tweaking.com - Windows Repair) (Version: 3.8.4 - Tweaking.com)
VC12X64Redist (HKLM\...\{B573CC21-AE24-4BC5-9B0B-15CF29A3F982}) (Version: 1.00.0000 - Intuit Inc.)
VC12X86Redist (HKLM-x32\...\{EA9886ED-21F8-4867-A049-CE6817291EE6}) (Version: 1.00.0000 - Intuit Inc.)
VFW_Codec32 (x32 Version: 0.1.160.0 - GoPro, Inc.) Hidden
VFW_Codec64 (Version: 0.1.160.0 - GoPro, Inc.) Hidden
Windows Resource Kit Tools - SubInAcl.exe (HKLM-x32\...\{D3EE034D-5B92-4A55-AA02-2E6D0A6A96EE}) (Version: 5.2.3790.1164 - Microsoft Corporation)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0BEF795D-8834-4A50-9F89-A3115EE27CC5} - System32\Tasks\{8FB7BFF1-B355-4C97-8B1A-B26634B454C7} => C:\Program Files (x86)\GMER\GMER.exe [2015-10-16] ()
Task: {1A1F892F-73A6-427E-8CAE-16EEDF4DF078} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe [2016-03-14] (Dell Inc.)
Task: {1A9622C5-8116-49A6-BD18-53AB09240BD5} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-02-04] (Microsoft Corporation)
Task: {22FBD500-4B15-4AA3-9744-6BE0337466FB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-03-23] (Adobe Systems Incorporated)
Task: {2386A34D-C286-4D6F-9FD8-A02DEB7C662A} - System32\Tasks\SlimCleaner Plus (Scheduled Scan - Jason Mccomb) => C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe
Task: {25FA1031-18CC-4E56-9B79-7E3DEE81CF20} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2298228554-2302162825-2368335802-1000Core => C:\Users\Jason Mccomb\AppData\Local\Google\Update\GoogleUpdate.exe [2015-12-29] (Google Inc.)
Task: {2C2F338C-2FF8-410E-B80D-E2A47457DB86} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2298228554-2302162825-2368335802-1000
Task: {364B2423-428B-40CB-9F7C-28A9E43F5451} - System32\Tasks\NUSchedule => C:\Program Files (x86)\Symantec\Norton Utilities 16\nu.exe [2015-03-17] (Symantec)
Task: {39A0E398-3E3E-4F2C-9FF8-74543128ADAB} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-02-04] (Microsoft Corporation)
Task: {3E15D507-2FB7-4E55-BD16-4C95DC089959} - System32\Tasks\Driver Booster SkipUAC (Jason Mccomb) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
Task: {511CFDE2-4048-464A-9306-E4FD883FC089} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-20] (Google Inc.)
Task: {5A9F2F91-6F56-4695-ACA6-DE6FE598DC4C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-20] (Google Inc.)
Task: {6144A9F7-8C43-4749-BE4A-98828D045C07} - System32\Tasks\Tweaking.com - Windows Repair Tray Icon => C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe [2015-03-11] (Tweaking.com)
Task: {6243E1ED-D195-4D94-A1E7-145C1CAA8AFE} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-01-13] (Dropbox, Inc.)
Task: {633702B4-570B-4422-861B-5AC1930F5C07} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2015-12-29] (PC-Doctor, Inc.)
Task: {68E56D27-396A-452A-899C-CA90DD52C80F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {6AFB8B1D-2789-45F7-83BE-EE6545D2067F} - System32\Tasks\PCDDataUploadTask => uaclauncher.exe
Task: {7DADF4C6-3B21-4465-AA60-9941ABF4FD95} - System32\Tasks\EPSON XP-810 Series Invitation {EF5EC85C-45EA-4E4C-AE2B-951F5A363045} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLOE.EXE [2013-05-18] (SEIKO EPSON CORPORATION)
Task: {8BA26852-43A5-4FFF-BE09-7D62551BBD7E} - System32\Tasks\AdobeAAMUpdater-1.0-JasonMccomb-PC-Jason Mccomb => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-01-07] (Adobe Systems Incorporated)
Task: {8CE33E58-4A6E-4925-8624-3755D2184025} - System32\Tasks\SpeedDiskSchedule => C:\Program Files (x86)\Symantec\Norton Utilities 16\Tools\SpeedDisk\ScheduledDefrag.exe [2015-03-17] ()
Task: {92DF79E6-A836-419E-A774-BDA28229077F} - System32\Tasks\SafeZone scheduled Autoupdate 1458817223 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-02-01] (Avast Software)
Task: {995E54E6-8EA3-4425-B0D6-9D828DE8535D} - System32\Tasks\EPSON XP-810 Series Update {EF5EC85C-45EA-4E4C-AE2B-951F5A363045} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLOE.EXE [2013-05-18] (SEIKO EPSON CORPORATION)
Task: {A1AB471E-39C7-422F-91AE-1424B558B023} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-02-25] (Microsoft Corporation)
Task: {B51EE7B5-FC99-4532-A4DD-46905BAF413E} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {CDAE1B94-8196-4593-BEE7-F73782968B14} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-01-13] (Dropbox, Inc.)
Task: {D86EBC55-8A0C-4558-884F-83A0F5C34CB0} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-03-24] (AVAST Software)
Task: {DAF4BE82-38BF-49EF-BB9A-08623A8165D1} - System32\Tasks\NUAutoUpdate => C:\Program Files (x86)\Symantec\Norton Utilities 16\SULauncher.exe [2015-03-17] (Symantec)
Task: {E51454E3-67EA-4DD4-827A-6B1A24CAEBC4} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2298228554-2302162825-2368335802-1000UA => C:\Users\Jason Mccomb\AppData\Local\Google\Update\GoogleUpdate.exe [2015-12-29] (Google Inc.)
Task: {EADEE1A5-02BF-449E-A8EA-FCDE06CD227D} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-03-24] (AVAST Software)
Task: {EB2B2502-30E8-4013-AE63-BD3E406D5670} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [2015-12-29] (PC-Doctor, Inc.)
Task: {F5591F3F-743F-4CEA-A273-18EF2F60B692} - System32\Tasks\{81B80EA9-64D6-466D-B32F-256D56DC1DB1} => C:\Program Files (x86)\GMER\GMER.exe [2015-10-16] ()
Task: {F795D627-2351-4C51-B7FC-5C11C5B6C337} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\EPSON XP-810 Series Invitation {EF5EC85C-45EA-4E4C-AE2B-951F5A363045}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLOE.EXE
Task: C:\Windows\Tasks\EPSON XP-810 Series Update {EF5EC85C-45EA-4E4C-AE2B-951F5A363045}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLOE.EXE:/EXE:{EF5EC85C-45EA-4E4C-AE2B-951F5A363045} /F:UpdateSYSTEMĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2298228554-2302162825-2368335802-1000Core.job => C:\Users\Jason Mccomb\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2298228554-2302162825-2368335802-1000UA.job => C:\Users\Jason Mccomb\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\NUAutoUpdate.job => C:\Program Files (x86)\Symantec\Norton Utilities 16\SULauncher.exe
Task: C:\Windows\Tasks\NUSchedule.job => C:\Program Files (x86)\Symantec\Norton Utilities 16\nu.exe
Task: C:\Windows\Tasks\SlimCleaner Plus (Scheduled Scan - Jason Mccomb).job => C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe
Task: C:\Windows\Tasks\SpeedDiskSchedule.job => C:\Program Files (x86)\Symantec\Norton Utilities 16\Tools\SpeedDisk\ScheduledDefrag.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-10-21 12:15 - 2016-02-04 06:51 - 00173256 _____ () C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ApiClient.dll
2016-01-23 21:57 - 2016-01-11 21:43 - 00291264 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-02-26 22:26 - 2016-02-26 22:26 - 00037808 _____ () C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe
2013-12-18 14:42 - 2016-02-09 01:39 - 00020536 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2015-10-15 16:49 - 2016-02-08 22:41 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-01-22 14:55 - 2016-01-22 14:55 - 00553136 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2015-10-14 20:18 - 2015-06-01 21:00 - 00102912 _____ () C:\Windows\System32\IccLibDll_x64.dll
2016-02-26 22:26 - 2016-02-26 22:26 - 01088944 _____ () C:\Program Files\GoPro\GoPro Desktop App\GoProDesktopSystemTray.exe
2016-01-22 14:54 - 2016-01-22 14:54 - 31420080 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2016-03-24 04:14 - 2016-03-24 04:14 - 00380928 _____ () C:\Users\Administrator\Downloads\rvz4n2zu.exe
2015-06-03 13:44 - 2015-06-03 13:44 - 00315648 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\dblite.dll
2016-01-20 23:33 - 2016-01-20 23:33 - 00044032 _____ () C:\Program Files (x86)\Office Depot Tech Support\ESResources.dll
2011-10-26 08:57 - 2011-10-26 08:57 - 00102912 _____ () C:\Program Files (x86)\Dell Digital Delivery\ServiceTagPlusPlus.dll
2013-12-18 14:42 - 2016-02-09 01:39 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2016-01-23 21:57 - 2016-01-11 21:43 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-01-28 13:32 - 2016-01-28 13:32 - 40523456 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
2016-01-13 10:30 - 2016-02-23 11:19 - 00034768 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2016-03-23 12:36 - 2016-02-23 11:20 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2016-03-23 12:36 - 2016-02-23 11:19 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2016-01-13 10:30 - 2016-02-23 11:19 - 00093640 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2016-01-13 10:30 - 2016-02-23 11:19 - 00018376 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2016-01-13 10:30 - 2016-03-11 17:18 - 00019760 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2016-01-13 10:30 - 2016-02-23 11:21 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2016-03-23 12:36 - 2016-02-23 11:19 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2016-01-13 10:30 - 2016-03-11 17:18 - 00381752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2016-01-13 10:30 - 2016-02-23 11:19 - 00692688 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2016-03-23 12:36 - 2016-03-11 17:18 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2016-01-13 10:30 - 2016-02-23 11:20 - 00112592 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2016-03-23 12:36 - 2016-03-11 17:18 - 01682760 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2016-03-23 12:36 - 2016-03-11 17:18 - 00020808 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2016-01-13 10:30 - 2016-03-11 17:18 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_python_x66cf7a7cx17a72769.pyd
2016-01-13 10:30 - 2016-03-11 17:18 - 00021840 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2016-03-23 12:36 - 2016-03-11 17:18 - 00038696 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2016-03-23 12:36 - 2016-02-23 11:21 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2016-01-13 10:30 - 2016-02-23 11:21 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2016-01-13 10:30 - 2016-02-23 11:21 - 00114640 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2016-01-13 10:30 - 2016-02-23 11:21 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2016-02-25 13:08 - 2016-03-11 17:18 - 00021832 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd
2016-01-13 10:30 - 2016-02-23 11:21 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2016-01-13 10:30 - 2016-02-23 11:21 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2016-01-13 10:30 - 2016-02-23 11:21 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2016-01-13 10:30 - 2016-02-23 11:21 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2016-01-13 10:30 - 2016-02-23 11:21 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2016-01-13 10:30 - 2016-02-23 11:21 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2016-03-23 12:36 - 2016-03-11 17:18 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-01-13 10:30 - 2016-02-23 11:21 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2016-01-13 10:30 - 2016-02-23 11:21 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2016-03-23 12:36 - 2016-03-11 17:18 - 00117056 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2016-03-23 12:36 - 2016-03-11 17:18 - 00024392 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2016-03-23 12:36 - 2016-02-23 11:21 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2016-01-13 10:30 - 2016-03-11 17:18 - 00023376 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2016-01-13 10:30 - 2016-02-23 11:19 - 00134608 _____ () C:\Program Files (x86)\Dropbox\Client\_elementtree.pyd
2016-03-23 12:36 - 2016-02-23 11:19 - 00134088 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2016-03-23 12:36 - 2016-02-23 11:20 - 00240584 _____ () C:\Program Files (x86)\Dropbox\Client\jpegtran.pyd
2016-03-23 12:36 - 2016-03-11 17:18 - 00052024 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2016-02-25 13:08 - 2016-03-11 17:18 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-02-25 13:08 - 2016-03-11 17:18 - 00021824 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32._winffi_kernel32.pyd
2016-02-25 13:08 - 2016-03-11 17:18 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror._winffi_winerror.pyd
2016-02-25 13:08 - 2016-03-11 17:18 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet._winffi_wininet.pyd
2016-03-23 12:36 - 2016-03-11 17:18 - 00020280 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2016-01-13 10:30 - 2016-02-23 11:21 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2016-02-25 13:08 - 2016-03-11 17:18 - 00022352 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2016-03-23 12:36 - 2016-03-11 17:18 - 00084792 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2016-03-23 12:36 - 2016-03-11 17:18 - 01826096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2016-01-13 10:30 - 2016-02-23 11:20 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2016-03-23 12:36 - 2016-03-11 17:18 - 03928880 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2016-03-23 12:36 - 2016-03-11 17:18 - 01971504 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2016-03-23 12:36 - 2016-03-11 17:18 - 00531248 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2016-03-23 12:36 - 2016-03-11 17:18 - 00132912 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2016-03-23 12:36 - 2016-03-11 17:18 - 00223544 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2016-03-23 12:36 - 2016-03-11 17:18 - 00207672 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2016-03-23 12:36 - 2016-03-11 17:18 - 00158008 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2016-03-23 12:36 - 2016-03-11 17:18 - 00042808 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2016-03-23 12:36 - 2016-02-23 11:23 - 00017864 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll
2016-03-23 12:36 - 2016-02-23 11:23 - 01631184 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2016-01-13 10:30 - 2016-03-11 17:18 - 00024904 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2016-01-28 13:32 - 2016-01-28 13:32 - 01365696 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libglesv2.dll
2016-01-28 13:32 - 2016-01-28 13:32 - 00219328 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libegl.dll
2016-01-21 01:22 - 2016-01-21 01:22 - 00124416 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
2016-01-21 01:22 - 2016-01-21 01:22 - 00188416 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2016-01-21 01:23 - 2016-01-21 01:23 - 00121344 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
2016-01-21 01:23 - 2016-01-21 01:23 - 00129536 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
2016-02-12 11:24 - 2016-02-12 11:24 - 00089280 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\native\ProxyResolverWin7.dll
2016-01-21 01:22 - 2016-01-21 01:22 - 00081408 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node
2016-03-14 16:02 - 2016-03-07 19:48 - 01676440 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.87\libglesv2.dll
2016-03-14 16:02 - 2016-03-07 19:48 - 00086168 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.87\libegl.dll
2016-03-24 03:53 - 2016-03-24 03:53 - 00113496 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2016-03-24 03:53 - 2016-03-24 03:53 - 00133768 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-03-24 03:54 - 2016-03-24 03:54 - 02838016 _____ () C:\Program Files\AVAST Software\Avast\defs\16030800\algo.dll
2016-03-24 03:53 - 2016-03-24 03:53 - 00480760 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-03-24 03:53 - 2016-03-24 03:53 - 00307808 _____ () C:\Program Files\AVAST Software\Avast\browser_pass.dll
2016-03-24 03:59 - 2016-03-24 03:59 - 02857472 _____ () C:\Program Files\AVAST Software\Avast\defs\16032401\algo.dll
2016-03-24 03:53 - 2016-03-24 03:53 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-03-23 21:25 - 2016-03-21 16:17 - 17541312 _____ () C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\PepperFlash\21.0.0.197\pepflashplayer.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\ProgramData\TEMP:792D4CF1 [169]
AlternateDataStreams: C:\Users\Jason Mccomb\Desktop\2016-03-16 03.10.54.jpg:com.dropbox.attributes [1024]
AlternateDataStreams: C:\Users\Jason Mccomb\Desktop\MOJO-MASK-WORK-final.fw.png:com.dropbox.attributes [646]
AlternateDataStreams: C:\Users\Jason Mccomb\Desktop\MOJO-MASK-WORK.fw.png:com.dropbox.attributes [251]
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\45037140.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Office Depot Tech Support => ""="Office Depot Tech Support"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\45037140.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Office Depot Tech Support => ""="Office Depot Tech Support"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SDCSSCPS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service"
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\S-1-5-21-2298228554-2302162825-2368335802-500\...\dell.com -> dell.com
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2016-03-23 16:08 - 2016-03-23 20:09 - 00000855 ____A C:\Windows\system32\Drivers\etc\hosts
 
127.0.0.1       localhost
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2298228554-2302162825-2368335802-500\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 75.75.75.75 - 75.75.76.76
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^$McRebootA5E6DEAA56$.lnk => C:\Windows\pss\$McRebootA5E6DEAA56$.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Intuit Data Protect.lnk => C:\Windows\pss\Intuit Data Protect.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^QuickBooks Update Agent.lnk => C:\Windows\pss\QuickBooks Update Agent.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^QuickBooks_Standard_21.lnk => C:\Windows\pss\QuickBooks_Standard_21.lnk.CommonStartup
MSCONFIG\startupreg: (default) => 
MSCONFIG\startupreg: GoPro Tray App => C:\Program Files\GoPro\GoPro Desktop App\GoProDesktopSystemTray.exe
MSCONFIG\startupreg: RtHDVBg => "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /MAXX3 /ANDREA_BF_BYPASS
MSCONFIG\startupreg: RTHDVCPL => "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{60699E99-B181-4262-8858-BF3E2165F116}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{F0AEA018-35AD-4FAC-8E08-F2A3380C28A8}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{C061BCCC-3089-493C-8947-9365EE81F0C6}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{4BE434F7-275A-468F-8AE5-C13A6610793C}] => (Allow) F:\gcp-quickbooks\qbdbmgrn.exe
FirewallRules: [{480654C7-1E45-4BAC-A6D4-101257E7C23B}] => (Allow) F:\gcp-quickbooks\qbdbmgrn.exe
FirewallRules: [{314C954B-5D30-4AD1-A897-3CC7929D51D6}] => (Allow) F:\gcp-quickbooks\qbw32.exe
FirewallRules: [{E230FD3F-181F-4845-9F72-15877F2C85F9}] => (Allow) F:\gcp-quickbooks\qbw32.exe
FirewallRules: [{315E3BE2-C2E2-4BCB-B8AE-BEE3125ADAB9}] => (Allow) F:\gcp-quickbooks\dbmanagerexe.exe
FirewallRules: [{6307A9DC-F061-4061-AD82-5D4A929C3670}] => (Allow) F:\gcp-quickbooks\dbmanagerexe.exe
FirewallRules: [{E1BC66A0-CBE9-4E69-BBA4-EBB31F82355B}] => (Allow) F:\gcp-quickbooks\filemanagement.exe
FirewallRules: [{E8E1891A-D919-4BF3-95A9-DCFB8A6F660C}] => (Allow) F:\gcp-quickbooks\filemanagement.exe
FirewallRules: [{F0A758F6-15EA-496A-B6DD-00BD2567F752}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\qblaunch.exe
FirewallRules: [{13ABDB69-C3A3-4343-A1AA-58A9C3DF9931}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\qblaunch.exe
FirewallRules: [{D56C5827-9B08-48D4-8A03-3A919F818E3D}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
FirewallRules: [{2ABFC4B0-1561-4F22-924A-A055F61B2794}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
FirewallRules: [{A790CE01-BF70-4169-B83B-F452DD913F76}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{FFF4D3B4-034B-4ADF-B8D2-934E3FEC7518}] => (Allow) C:\Users\Jason Mccomb\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [{3DE6832C-42FA-4EA8-971D-CC42C2D5CA72}] => (Allow) C:\Users\Jason Mccomb\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U39ECLHJ\ProductDetection.exe
FirewallRules: [{C48A3F02-6528-4CC4-B105-40225E07C872}] => (Allow) C:\Users\Jason Mccomb\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U39ECLHJ\ProductDetection.exe
FirewallRules: [{56238813-66B2-4A4C-BA3A-69D3A67C67A0}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{E14391A7-B716-45C8-8025-DB7F90B22696}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{E48E9D81-C69D-41BC-B2BB-C25776DE4990}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{F1AA441C-4473-4C8C-9D8A-A4A9DBDA6931}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{39E4FAFB-130A-4F0D-9D71-27B7EB36092B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{00C87C76-33D4-4A77-BBDB-73D8DE4590C9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{7B88BEBE-06C8-479D-A992-8BF69960243B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{E51300F3-F885-42EF-9472-41757CE53384}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{574B79DF-B5C8-4B86-8C61-1E1A9FEAD9F9}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{D3499986-514C-49FC-BED5-D8E039057B62}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{A96881B3-71F5-4D00-9D59-07D1DC38339E}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{9AC99C22-AA82-4EAA-92E4-E4979AF9FFF1}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoPro.exe
FirewallRules: [{56F86DD4-5129-4E06-9F12-E42FD36F5E59}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProMsgBus.exe
FirewallRules: [{4CBD4F05-CA8B-426B-B0B7-F466A7F70070}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProIDService.exe
FirewallRules: [{87116D2C-48C2-4A7F-A16C-AF7027EA7BCF}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProLauncher.exe
FirewallRules: [{F69ED16A-86E1-4393-A2CD-D73FEFDCFA1B}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [SNMP-In-UDP] => (Allow) %SystemRoot%\system32\snmp.exe
FirewallRules: [SNMP-Out-UDP] => (Allow) %SystemRoot%\system32\snmp.exe
FirewallRules: [SNMP-In-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe
FirewallRules: [SNMP-Out-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe
FirewallRules: [{12A858D4-B1E2-4980-A107-E9529D14040D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{6350FCEC-AFF8-4359-94F6-1E16D5226309}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
 
==================== Restore Points =========================
 
17-03-2016 20:39:55 Windows Modules Installer
18-03-2016 07:06:26 McAfee Vulnerability Scanner
18-03-2016 07:11:12 Windows Update
18-03-2016 16:37:12 Windows Update
19-03-2016 02:11:13 Restore Operation
19-03-2016 02:55:11 Windows Update
23-03-2016 12:20:00 Windows Update
23-03-2016 13:11:13 McAfee Vulnerability Scanner
23-03-2016 13:24:59 Windows Update
23-03-2016 15:55:55 Installed Windows Resource Kit Tools - SubInAcl.exe
 
==================== Faulty Device Manager Devices =============
 
Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (03/24/2016 04:41:59 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program msinfo32.exe version 6.1.7601.17514 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 1230
 
Start Time: 01d185c1c4924a75
 
Termination Time: 0
 
Application Path: C:\Windows\System32\msinfo32.exe
 
Report Id: 6373ed38-f1b5-11e5-b298-848f69aba0c5
 
Error: (03/24/2016 04:03:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mnndvxr7.exe, version: 2.2.19882.0, time stamp: 0x56e2cdca
Faulting module name: mnndvxr7.exe, version: 2.2.19882.0, time stamp: 0x56e2cdca
Exception code: 0xc0000005
Fault offset: 0x0001cc37
Faulting process id: 0x2c7c
Faulting application start time: 0xmnndvxr7.exe0
Faulting application path: mnndvxr7.exe1
Faulting module path: mnndvxr7.exe2
Report Id: mnndvxr7.exe3
 
Error: (03/23/2016 10:56:28 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418220
 
Error: (03/23/2016 08:19:08 PM) (Source: .NET Runtime Optimization Service) (EventID: 1103) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_64) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown
 
Error: (03/23/2016 08:19:08 PM) (Source: .NET Runtime Optimization Service) (EventID: 1103) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown
 
Error: (03/23/2016 08:16:47 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: The Cryptographic Services service failed to initialize the Catalog Database. The ESENT error was: -528.
 
Error: (03/23/2016 08:16:46 PM) (Source: ESENT) (EventID: 455) (User: )
Description: Catalog Database (1244) Catalog Database: Error -1811 (0xfffff8ed) occurred while opening logfile C:\Windows\system32\CatRoot2\edb.log.
 
Error: (03/23/2016 08:06:58 PM) (Source: WinMgmt) (EventID: 4) (User: )
Description: 0x8004401eC:\WINDOWS\SYSTEM32\WBEM\EN-US\AACLIENT.MFL
 
Error: (03/23/2016 08:06:39 PM) (Source: WinMgmt) (EventID: 4) (User: )
Description: 0x8004401eC:\WINDOWS\SYSTEM32\WBEM\AACLIENT.MOF
 
Error: (03/23/2016 06:03:13 PM) (Source: .NET Runtime Optimization Service) (EventID: 1103) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_64) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown
 
 
System errors:
=============
Error: (03/23/2016 08:17:10 PM) (Source: Microsoft-Windows-Time-Service) (EventID: 4) (User: NT AUTHORITY)
Description: The time provider 'VMICTimeProvider' failed to start due to the following error: The specified module could not be found. (0x8007007E)
 
Error: (03/23/2016 08:17:10 PM) (Source: SNMP) (EventID: 1500) (User: )
Description: The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.
 
Error: (03/23/2016 08:15:59 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The CscService service failed to start due to the following error: 
%%1083
 
Error: (03/23/2016 08:09:57 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: 
%%1068
 
Error: (03/23/2016 07:23:30 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084mccspsvc{8F2BC96B-68C5-40E8-9CE1-368E3ACAC09B}
 
Error: (03/23/2016 07:18:40 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: 
%%1068
 
Error: (03/23/2016 07:18:40 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
 
Error: (03/23/2016 07:18:40 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}
 
Error: (03/23/2016 07:18:37 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084EventSystem{1BE1F766-5536-11D1-B726-00C04FB926AF}
 
Error: (03/23/2016 07:18:32 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084ShellHWDetection{DD522ACC-F821-461A-A407-50B198B896DC}
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-2410M CPU @ 2.30GHz
Percentage of memory in use: 75%
Total physical RAM: 6038.16 MB
Available physical RAM: 1503.52 MB
Total Virtual: 12074.54 MB
Available Virtual: 6947.96 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:267.44 GB) (Free:70.6 GB) NTFS
Drive d: (GSP1RMCHPXFRER_EN_DVD) (CDROM) (Total:3.09 GB) (Free:0 GB) UDF
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 07F2837E)
Partition 1: (Active) - (Size=196.4 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=267.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=2 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================
 

Attached Files



BC AdBot (Login to Remove)

 


#2 jcmmarketing

jcmmarketing
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:37 PM

Posted 24 March 2016 - 09:25 PM

The GMER registry report at http://www.malwareremoval.com/forum/viewtopic.php?f=11&t=56876&start=45 is almost exactly identical to the issue on my system. 

 

/properties/{ab886....}



#3 nasdaq

nasdaq

  • Malware Response Team
  • 38,957 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:37 PM

Posted 25 March 2016 - 07:41 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Press the windows key Windows_Logo_key.gif+ r on your keyboard at the same time. This will open the RUN BOX.
Type Notepad and and click the OK key.

Please copy the entire contents of the code box below to the a new file.
 
Start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:

() C:\Users\Administrator\Downloads\rvz4n2zu.exe
HKLM-x32\...\Run: [] => [X]
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL No File
Winsock: Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL No File
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL No File
Winsock: Catalog5-x64 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL No File
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2298228554-2302162825-2368335802-500\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKU\S-1-5-21-2298228554-2302162825-2368335802-500 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-2298228554-2302162825-2368335802-500 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
Handler: intu-help-qb8 - {CD17C364-2EC8-4929-91A9-C4839A20E909} - F:\gcp-quickbooks\HelpAsyncPluggableProtocol.dll No File
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-01-24]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-03-24]
S3 AppMgmt; %SystemRoot%\System32\appmgmts.dll [X]
S2 CscService; %SystemRoot%\System32\cscsvc.dll [X]
S4 mfefire; "C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe" [X]
S2 mfemms; "C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe" [X]
S2 mfevtp; "C:\Windows\system32\mfevtps.exe" [X]
S3 PeerDistSvc; %SystemRoot%\system32\peerdistsvc.dll [X]
R3 QuickBooksDB25; F:\gcp-quickbooks\QBDBMgrN.exe -hvQuickBooksDB25 [X]
S3 StorSvc; %SystemRoot%\system32\storsvc.dll [X]
S3 UmRdpService; %SystemRoot%\System32\umrdp.dll [X]
S0 cfwids; system32\drivers\cfwids.sys [X]
S3 cpuz134; \??\C:\Users\JASONM~1\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
R0 mfeaack; system32\drivers\mfeaack.sys [X]
R0 mfeavfk; system32\drivers\mfeavfk.sys [X]
S0 mfefirek; system32\drivers\mfefirek.sys [X]
R0 mfehidk; system32\drivers\mfehidk.sys [X]
U4 mfesapsn; \??\C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [X]
R0 mfewfpk; system32\drivers\mfewfpk.sys [X]
U3 awloipoc; \??\C:\Users\Administrator\AppData\Local\Temp\awloipoc.sys [X]
Task: {F5591F3F-743F-4CEA-A273-18EF2F60B692} - System32\Tasks\{81B80EA9-64D6-466D-B32F-256D56DC1DB1} => C:\Program Files (x86)\GMER\GMER.exe [2015-10-16] ()
AlternateDataStreams: C:\ProgramData\TEMP:792D4CF1 [169]
AlternateDataStreams: C:\Users\Jason Mccomb\Desktop\2016-03-16 03.10.54.jpg:com.dropbox.attributes [1024]
AlternateDataStreams: C:\Users\Jason Mccomb\Desktop\MOJO-MASK-WORK-final.fw.png:com.dropbox.attributes [646]
AlternateDataStreams: C:\Users\Jason Mccomb\Desktop\MOJO-MASK-WORK.fw.png:com.dropbox.attributes [251]
C:\Users\Administrator\Downloads\rvz4n2zu.exe
End
Save the file as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

P.S.
If you have a CD emulator disable it BEFORE proceeding with the following scans.

Disable the CD emulators....

Please download DeFogger to your desktop.

Double click DeFogger to run the tool.
  • The application window will appear
  • Click the Disable button to disable your CD Emulation drivers
  • Click Yes to continue
  • A 'Finished!' message will appear
  • Click OK
  • DeFogger will now ask to reboot the machine - click OK
IMPORTANT! If you receive an error message while running DeFogger, please post the log defogger_disable which will appear on your desktop.

Do not re-enable these drivers until otherwise instructed. Or when this computer is clean.

HOW TO: Enable the CD Emulators... < restore only when we are finished.

To re-enable your Emulation drivers, double click DeFogger to run the tool.
  • The application window will appear
  • Click the Re-enable button to re-enable your CD Emulation drivers
  • Click Yes to continue
  • A 'Finished!' message will appear
  • Click OK
  • DeFogger will now ask to reboot the machine - click OK
IMPORTANT! If you receive an error message while running DeFogger, please post the log defogger_enable which will appear on your desktop.

Your Emulation drivers are now re-enabled.
===

We will check your BIOS and Master boot record.

Read carefully and follow these steps.
TDSS
  • Download TDSSKiller and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application.
  • Then click on Start Scan.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.

    TDSSKillerSuspicious-1.png
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • Important: Do NOT change the default action on your own unless instructed by a malware Helper! Doing so may render your computer unbootable.
    TDSSKillerMal-1.png
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.

    TDSSKillerCompleted.png
  • If no reboot is required, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.
===

Download http://public.avast.com/~gmerek/aswMBR.exe (aswMBR.exe) to your desktop. Double click the aswMBR.exe to run it.
  • Click the "Scan" button to start scan.
  • Upon completion of the scan, click Save log, and save it to your desktop. (Note - do not select any Fix at this time) <- IMPORTANT
  • Please paste the contents of that log in your next reply.
There shall also be a file on your desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) folder. Please attach that zipped file in your next reply.
===


Wait for further instructions.

Please let me know what problem persists with this computer.

Edited by nasdaq, 25 March 2016 - 07:42 AM.


#4 nasdaq

nasdaq

  • Malware Response Team
  • 38,957 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:37 PM

Posted 30 March 2016 - 08:18 AM

Are you still with me?

#5 jcmmarketing

jcmmarketing
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:37 PM

Posted 30 March 2016 - 12:13 PM

I AM!!! THANK YOU. I am, after many wasted hours, thanks again. 



#6 nasdaq

nasdaq

  • Malware Response Team
  • 38,957 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:37 PM

Posted 30 March 2016 - 12:53 PM

Waiting for the logs.

#7 jcmmarketing

jcmmarketing
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:37 PM

Posted 30 March 2016 - 01:36 PM

I am very slow. I aplogize

 

Fix result of Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
Ran by Jason Mccomb (2016-03-30 10:54:50) Run:1
Running from C:\Users\Administrator\Downloads
Loaded Profiles: Jason Mccomb (Available Profiles: Jason Mccomb & QBDataServiceUser25 & Regina Pinpin & Administrator)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
Start
 
CreateRestorePoint:
EmptyTemp:
CloseProcesses:
 
() C:\Users\Administrator\Downloads\rvz4n2zu.exe
HKLM-x32\...\Run: [] => [X]
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL No File
Winsock: Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL No File
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL No File
Winsock: Catalog5-x64 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL No File
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2298228554-2302162825-2368335802-500\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKU\S-1-5-21-2298228554-2302162825-2368335802-500 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-2298228554-2302162825-2368335802-500 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
Handler: intu-help-qb8 - {CD17C364-2EC8-4929-91A9-C4839A20E909} - F:\gcp-quickbooks\HelpAsyncPluggableProtocol.dll No File
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-01-24]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-03-24]
S3 AppMgmt; %SystemRoot%\System32\appmgmts.dll [X]
S2 CscService; %SystemRoot%\System32\cscsvc.dll [X]
S4 mfefire; "C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe" [X]
S2 mfemms; "C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe" [X]
S2 mfevtp; "C:\Windows\system32\mfevtps.exe" [X]
S3 PeerDistSvc; %SystemRoot%\system32\peerdistsvc.dll [X]
R3 QuickBooksDB25; F:\gcp-quickbooks\QBDBMgrN.exe -hvQuickBooksDB25 [X]
S3 StorSvc; %SystemRoot%\system32\storsvc.dll [X]
S3 UmRdpService; %SystemRoot%\System32\umrdp.dll [X]
S0 cfwids; system32\drivers\cfwids.sys [X]
S3 cpuz134; \??\C:\Users\JASONM~1\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
R0 mfeaack; system32\drivers\mfeaack.sys [X]
R0 mfeavfk; system32\drivers\mfeavfk.sys [X]
S0 mfefirek; system32\drivers\mfefirek.sys [X]
R0 mfehidk; system32\drivers\mfehidk.sys [X]
U4 mfesapsn; \??\C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [X]
R0 mfewfpk; system32\drivers\mfewfpk.sys [X]
U3 awloipoc; \??\C:\Users\Administrator\AppData\Local\Temp\awloipoc.sys [X]
Task: {F5591F3F-743F-4CEA-A273-18EF2F60B692} - System32\Tasks\{81B80EA9-64D6-466D-B32F-256D56DC1DB1} => C:\Program Files (x86)\GMER\GMER.exe [2015-10-16] ()
AlternateDataStreams: C:\ProgramData\TEMP:792D4CF1 [169]
AlternateDataStreams: C:\Users\Jason Mccomb\Desktop\2016-03-16 03.10.54.jpg:com.dropbox.attributes [1024]
AlternateDataStreams: C:\Users\Jason Mccomb\Desktop\MOJO-MASK-WORK-final.fw.png:com.dropbox.attributes [646]
AlternateDataStreams: C:\Users\Jason Mccomb\Desktop\MOJO-MASK-WORK.fw.png:com.dropbox.attributes [251]
C:\Users\Administrator\Downloads\rvz4n2zu.exe
End
*****************
 
Restore point was successfully created.
Processes closed successfully.
C:\Users\Administrator\Downloads\rvz4n2zu.exe => No running process found
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1" => key removed successfully
"HKCR\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}" => key removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2" => key removed successfully
"HKCR\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}" => key removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3" => key removed successfully
"HKCR\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}" => key removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4" => key removed successfully
"HKCR\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}" => key removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5" => key removed successfully
"HKCR\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}" => key removed successfully
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1" => key removed successfully
"HKCR\Wow6432Node\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}" => key removed successfully
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2" => key removed successfully
"HKCR\Wow6432Node\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}" => key removed successfully
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3" => key removed successfully
"HKCR\Wow6432Node\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}" => key removed successfully
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4" => key removed successfully
"HKCR\Wow6432Node\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}" => key removed successfully
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5" => key removed successfully
"HKCR\Wow6432Node\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}" => key removed successfully
"HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000008" => key removed successfully
"HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000009" => key removed successfully
"HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64\000000000008" => key removed successfully
"HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64\000000000009" => key removed successfully
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
"HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
HKU\S-1-5-21-2298228554-2302162825-2368335802-500\SOFTWARE\Policies\Microsoft\Internet Explorer => key not found. 
HKU\S-1-5-21-2298228554-2302162825-2368335802-500\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value not found.
HKU\S-1-5-21-2298228554-2302162825-2368335802-500\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => key not found. 
HKCR\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => key not found. 
"HKCR\PROTOCOLS\Handler\intu-help-qb8" => key removed successfully
HKCR\CLSID\{CD17C364-2EC8-4929-91A9-C4839A20E909} => key not found. 
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda => moved successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki" => key removed successfully
Could not move "C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx" => Scheduled to move on reboot.
AppMgmt => service removed successfully
CscService => service removed successfully
mfefire => service not found.
mfemms => service not found.
mfevtp => service not found.
PeerDistSvc => service removed successfully
QuickBooksDB25 => service removed successfully
StorSvc => service removed successfully
UmRdpService => service removed successfully
cfwids => service not found.
cpuz134 => service removed successfully
mfeaack => service not found.
mfeavfk => service not found.
mfefirek => service not found.
mfehidk => service not found.
mfesapsn => service not found.
mfewfpk => service not found.
awloipoc => service not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F5591F3F-743F-4CEA-A273-18EF2F60B692}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F5591F3F-743F-4CEA-A273-18EF2F60B692}" => key removed successfully
C:\Windows\System32\Tasks\{81B80EA9-64D6-466D-B32F-256D56DC1DB1} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{81B80EA9-64D6-466D-B32F-256D56DC1DB1}" => key removed successfully
C:\ProgramData\TEMP => ":792D4CF1" ADS removed successfully.
C:\Users\Jason Mccomb\Desktop\2016-03-16 03.10.54.jpg => ":com.dropbox.attributes" ADS removed successfully.
C:\Users\Jason Mccomb\Desktop\MOJO-MASK-WORK-final.fw.png => ":com.dropbox.attributes" ADS removed successfully.
C:\Users\Jason Mccomb\Desktop\MOJO-MASK-WORK.fw.png => ":com.dropbox.attributes" ADS removed successfully.
"C:\Users\Administrator\Downloads\rvz4n2zu.exe" => not found.
EmptyTemp: => 1 GB temporary data Removed.
 
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2016-03-30 11:00:39)
 
"C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx" => Could not move
 
==== End of Fixlog 11:00:40 ====
 
mtc
 
 
brb
TDSS Kil runnig now

Edited by jcmmarketing, 30 March 2016 - 01:40 PM.


#8 jcmmarketing

jcmmarketing
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:37 PM

Posted 30 March 2016 - 01:43 PM

11:39:13.0109 0x0d98  TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
11:40:00.0181 0x0d98  ============================================================
11:40:00.0181 0x0d98  Current date / time: 2016/03/30 11:40:00.0181
11:40:00.0181 0x0d98  SystemInfo:
11:40:00.0181 0x0d98  
11:40:00.0181 0x0d98  OS Version: 6.1.7601 ServicePack: 1.0
11:40:00.0181 0x0d98  Product type: Workstation
11:40:00.0181 0x0d98  ComputerName: JASONMCCOMB-PC
11:40:00.0181 0x0d98  UserName: Jason Mccomb
11:40:00.0181 0x0d98  Windows directory: C:\Windows
11:40:00.0181 0x0d98  System windows directory: C:\Windows
11:40:00.0181 0x0d98  Running under WOW64
11:40:00.0181 0x0d98  Processor architecture: Intel x64
11:40:00.0181 0x0d98  Number of processors: 4
11:40:00.0181 0x0d98  Page size: 0x1000
11:40:00.0181 0x0d98  Boot type: Normal boot
11:40:00.0181 0x0d98  ============================================================
11:40:02.0178 0x0d98  KLMD registered as C:\Windows\system32\drivers\07849052.sys
11:40:02.0798 0x0d98  System UUID: {D6B97C07-CB37-AEC3-A25E-72780C61003D}
11:40:03.0813 0x0d98  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:40:03.0829 0x0d98  ============================================================
11:40:03.0829 0x0d98  \Device\Harddisk0\DR0:
11:40:03.0829 0x0d98  MBR partitions:
11:40:03.0829 0x0d98  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x188BD000
11:40:03.0829 0x0d98  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x188BD800, BlocksNum 0x216E0000
11:40:03.0829 0x0d98  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x39F9D800, BlocksNum 0x3E7800
11:40:03.0829 0x0d98  ============================================================
11:40:03.0860 0x0d98  C: <-> \Device\Harddisk0\DR0\Partition2
11:40:03.0891 0x0d98  E: <-> \Device\Harddisk0\DR0\Partition1
11:40:03.0954 0x0d98  F: <-> \Device\Harddisk0\DR0\Partition3
11:40:03.0954 0x0d98  ============================================================
11:40:03.0954 0x0d98  Initialize success
11:40:03.0954 0x0d98  ============================================================
11:40:07.0433 0x1cd0  ============================================================
11:40:07.0433 0x1cd0  Scan started
11:40:07.0433 0x1cd0  Mode: Manual; 
11:40:07.0433 0x1cd0  ============================================================
11:40:07.0433 0x1cd0  KSN ping started
11:40:09.0945 0x1cd0  KSN ping finished: true
11:40:12.0255 0x1cd0  ================ Scan system memory ========================
11:40:12.0255 0x1cd0  System memory - ok
11:40:12.0255 0x1cd0  ================ Scan services =============================
11:40:12.0395 0x1cd0  0081691458817925mcinstcleanup - ok
11:40:12.0551 0x1cd0  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
11:40:12.0567 0x1cd0  1394ohci - ok
11:40:12.0661 0x1cd0  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
11:40:12.0661 0x1cd0  ACPI - ok
11:40:12.0692 0x1cd0  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
11:40:12.0692 0x1cd0  AcpiPmi - ok
11:40:12.0817 0x1cd0  [ F2CEEE9ABBCEF207ACB103215AC28BC2, F8F8B8AF6317926D7AC0CA2CA23628B2C69327A2792D58D3328443C5ED9514E9 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:40:12.0817 0x1cd0  AdobeARMservice - ok
11:40:12.0973 0x1cd0  [ A9D55370A0CBADD1E1E2B4796ACD26DF, 9FD0C2B1206321B34D97FF3D01C5C811022DA76DA667DB6ECCF2746437A706A2 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:40:12.0988 0x1cd0  AdobeFlashPlayerUpdateSvc - ok
11:40:13.0113 0x1cd0  [ 6A90FF6FFDB8DB97F7E0F730A3582794, 5F45A5301FDA501CF6D60684499A8AF6A2A44864A3E796A054FA63D3B9863072 ] AdobeUpdateService C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
11:40:13.0144 0x1cd0  AdobeUpdateService - ok
11:40:13.0207 0x1cd0  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
11:40:13.0222 0x1cd0  adp94xx - ok
11:40:13.0253 0x1cd0  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
11:40:13.0253 0x1cd0  adpahci - ok
11:40:13.0269 0x1cd0  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
11:40:13.0269 0x1cd0  adpu320 - ok
11:40:13.0425 0x1cd0  [ 91C596BE98F65830352B466C19705533, 4FB4614839E405F127B7E9B801CF9E6166EBCBAB62506F2153CEAFB07CA6BB8D ] AdvancedSystemCareService9 C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
11:40:13.0456 0x1cd0  AdvancedSystemCareService9 - ok
11:40:13.0487 0x1cd0  [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
11:40:13.0487 0x1cd0  AeLookupSvc - ok
11:40:13.0568 0x1cd0  [ D1E343BC00136CE03C4D403194D06A80, 94F2543164A2CEA179EDE53E1294EE24391A59CAEFF83BA5CE9385E8E686E89C ] AERTFilters     C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
11:40:13.0571 0x1cd0  AERTFilters - ok
11:40:13.0631 0x1cd0  [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD             C:\Windows\system32\drivers\afd.sys
11:40:13.0657 0x1cd0  AFD - ok
11:40:13.0696 0x1cd0  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
11:40:13.0699 0x1cd0  agp440 - ok
11:40:13.0856 0x1cd0  [ 8BA0756C7B80D039212F9BB957D84727, 2EFED9D87E37A95F7216D879FA2E054AE105DC5280F7393540C812C296E4FDAC ] AGSService      C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
11:40:13.0927 0x1cd0  AGSService - ok
11:40:13.0955 0x1cd0  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
11:40:13.0958 0x1cd0  ALG - ok
11:40:14.0007 0x1cd0  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
11:40:14.0010 0x1cd0  aliide - ok
11:40:14.0020 0x1cd0  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
11:40:14.0022 0x1cd0  amdide - ok
11:40:14.0060 0x1cd0  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
11:40:14.0063 0x1cd0  AmdK8 - ok
11:40:14.0071 0x1cd0  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
11:40:14.0074 0x1cd0  AmdPPM - ok
11:40:14.0128 0x1cd0  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
11:40:14.0132 0x1cd0  amdsata - ok
11:40:14.0158 0x1cd0  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
11:40:14.0164 0x1cd0  amdsbs - ok
11:40:14.0177 0x1cd0  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
11:40:14.0177 0x1cd0  amdxata - ok
11:40:14.0255 0x1cd0  [ 59D01FA91962C9C1E9B4022B2D3B46DB, 3A111588538B77F010B5C900FB8425DDE55A08DBAC308CA7FB7BD9FCCCDEC69F ] AppHostSvc      C:\Windows\system32\inetsrv\apphostsvc.dll
11:40:14.0255 0x1cd0  AppHostSvc - ok
11:40:14.0318 0x1cd0  [ 27DABFB4A6B0140C34DBEC713469592B, A355170D353AFBF0DE4EF53282F8404788FBBD0E2A1B7282B1B2925923E83141 ] AppID           C:\Windows\system32\drivers\appid.sys
11:40:14.0349 0x1cd0  AppID - ok
11:40:14.0396 0x1cd0  [ ABC373B9C6275D45F17DB559408FFD1B, 12B355393BEBE2D1D24D7A9DA5E69E03E334899407503BC1CADCF7BE39828223 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
11:40:14.0396 0x1cd0  AppIDSvc - ok
11:40:14.0411 0x1cd0  [ 3EA5DA3F459F6ED19E10166965F6892F, F5618A5FA72C5E57BCFA6F2ECB840B1AEC60C72840AF3C1D94D5FCDB5ED2BF5E ] Appinfo         C:\Windows\System32\appinfo.dll
11:40:14.0427 0x1cd0  Appinfo - ok
11:40:14.0427 0x1cd0  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
11:40:14.0443 0x1cd0  arc - ok
11:40:14.0458 0x1cd0  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
11:40:14.0458 0x1cd0  arcsas - ok
11:40:14.0567 0x1cd0  [ 660D597B7A78256734D7F3230B21B355, CAA19E8EFAD63B8975A4CD8EFD5CE5F21E056856D36BC5A9E48517F1E574ABBA ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
11:40:14.0599 0x1cd0  aspnet_state - ok
11:40:14.0645 0x1cd0  [ 7E66DFE6B62C6C34FD6B09DB6169E9F6, BCE908BBF35FD9471018BFC9DCE357529F558693692FF51DA868024F7FD0E868 ] aswHwid         C:\Windows\system32\drivers\aswHwid.sys
11:40:14.0645 0x1cd0  aswHwid - ok
11:40:14.0677 0x1cd0  [ AECE9E699CAC76DC993BB988652B5AD8, 76DB04A9CA1D2EED9EB50F9D23197B02E9D42D96BF1C239C9EE5FA9CCA36F85A ] aswKbd          C:\Windows\system32\drivers\aswKbd.sys
11:40:14.0677 0x1cd0  aswKbd - ok
11:40:14.0708 0x1cd0  [ 1459AAD5C6A66A458C2D57EE6E080FA5, 6A3D6EBCE1EDCFE307DF915CB0C3183668848BCEAA71EA58AB0F4F650F8EABDA ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
11:40:14.0708 0x1cd0  aswMonFlt - ok
11:40:14.0739 0x1cd0  [ 0866D5FE02D614501B7B4AD5E1BC7B53, C34B4AF64DA9592EADC070C7A384070D564DCE3412337F671932A4818D8E12E8 ] aswRdr          C:\Windows\system32\drivers\aswRdr2.sys
11:40:14.0739 0x1cd0  aswRdr - ok
11:40:14.0770 0x1cd0  [ 0AA12ADF5F87B4A70BDBAED77F54B978, 2C33F656EC2E51493A40FF32A5C934E209CF1475A8B0F3573396E97F8A10A76A ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
11:40:14.0770 0x1cd0  aswRvrt - ok
11:40:14.0879 0x1cd0  [ 719B704109B933D819093CDDB156A7F1, 3FF75BFA8BBE5C4A817C8166BAD73B1E3C5609D6A1F0AE85B166E30DE61EB901 ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
11:40:14.0911 0x1cd0  aswSnx - ok
11:40:14.0942 0x1cd0  [ 43F46E7D103F46EC345B1056BDD2A60B, 6F8D844F3EBFDC56A319758C88B2C87FBDE185E5B1E08F8627F29158F190DBFF ] aswSP           C:\Windows\system32\drivers\aswSP.sys
11:40:14.0957 0x1cd0  aswSP - ok
11:40:14.0973 0x1cd0  [ 219D0E2348629FAE4E6E3478C21B23D6, 3545F59A966F31CE949596629217FD4D7119162411073D4D811575620728AC68 ] aswStm          C:\Windows\system32\drivers\aswStm.sys
11:40:14.0973 0x1cd0  aswStm - ok
11:40:14.0989 0x1cd0  [ 9949BBD5BB70C4D317B7549896132579, DD92AAD8530C04365C24BD540C909FBDCFC92B18CB6ABB0E655F360EBC4DCD1E ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
11:40:15.0004 0x1cd0  aswVmm - ok
11:40:15.0051 0x1cd0  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
11:40:15.0051 0x1cd0  AsyncMac - ok
11:40:15.0098 0x1cd0  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
11:40:15.0098 0x1cd0  atapi - ok
11:40:15.0207 0x1cd0  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:40:15.0223 0x1cd0  AudioEndpointBuilder - ok
11:40:15.0238 0x1cd0  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
11:40:15.0254 0x1cd0  AudioSrv - ok
11:40:15.0347 0x1cd0  [ 501E11AE85EE28D305D228F5931AC76C, FB7052CFA143E5D431131EBB59D4EDAEEFCB56A017552E2395F1954F861613A0 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
11:40:15.0347 0x1cd0  avast! Antivirus - ok
11:40:15.0410 0x1cd0  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
11:40:15.0410 0x1cd0  AxInstSV - ok
11:40:15.0488 0x1cd0  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
11:40:15.0503 0x1cd0  b06bdrv - ok
11:40:15.0519 0x1cd0  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
11:40:15.0535 0x1cd0  b57nd60a - ok
11:40:15.0581 0x1cd0  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
11:40:15.0597 0x1cd0  BDESVC - ok
11:40:15.0613 0x1cd0  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
11:40:15.0613 0x1cd0  Beep - ok
11:40:15.0706 0x1cd0  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
11:40:15.0722 0x1cd0  BFE - ok
11:40:15.0769 0x1cd0  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
11:40:15.0800 0x1cd0  BITS - ok
11:40:15.0847 0x1cd0  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
11:40:15.0847 0x1cd0  blbdrive - ok
11:40:15.0872 0x1cd0  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
11:40:15.0876 0x1cd0  bowser - ok
11:40:15.0894 0x1cd0  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
11:40:15.0896 0x1cd0  BrFiltLo - ok
11:40:15.0905 0x1cd0  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
11:40:15.0907 0x1cd0  BrFiltUp - ok
11:40:15.0934 0x1cd0  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
11:40:15.0938 0x1cd0  Browser - ok
11:40:15.0947 0x1cd0  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
11:40:15.0955 0x1cd0  Brserid - ok
11:40:15.0967 0x1cd0  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
11:40:15.0970 0x1cd0  BrSerWdm - ok
11:40:15.0983 0x1cd0  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
11:40:15.0985 0x1cd0  BrUsbMdm - ok
11:40:15.0996 0x1cd0  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
11:40:15.0998 0x1cd0  BrUsbSer - ok
11:40:16.0011 0x1cd0  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
11:40:16.0014 0x1cd0  BTHMODEM - ok
11:40:16.0049 0x1cd0  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
11:40:16.0065 0x1cd0  bthserv - ok
11:40:16.0065 0x1cd0  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
11:40:16.0080 0x1cd0  cdfs - ok
11:40:16.0112 0x1cd0  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
11:40:16.0127 0x1cd0  cdrom - ok
11:40:16.0143 0x1cd0  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
11:40:16.0143 0x1cd0  CertPropSvc - ok
11:40:16.0158 0x1cd0  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
11:40:16.0158 0x1cd0  circlass - ok
11:40:16.0174 0x1cd0  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
11:40:16.0192 0x1cd0  CLFS - ok
11:40:16.0451 0x1cd0  [ 15574335364D67EAE9E992E90B08C5C1, 828E57B77B717A3E1989671EB4E7D6BBCB4AEA00396322E18F51C6492E5196EC ] ClickToRunSvc   C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
11:40:16.0518 0x1cd0  ClickToRunSvc - ok
11:40:16.0569 0x1cd0  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:40:16.0573 0x1cd0  clr_optimization_v2.0.50727_32 - ok
11:40:16.0616 0x1cd0  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:40:16.0620 0x1cd0  clr_optimization_v2.0.50727_64 - ok
11:40:16.0707 0x1cd0  [ AB4CD527BEFCC43EE441E6C50CCE54C8, 13B776AE63049FFBA7E35EA0A4C26EBB57B10D973E05C4CF1214249754DC46E4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:40:16.0751 0x1cd0  clr_optimization_v4.0.30319_32 - ok
11:40:16.0797 0x1cd0  [ 1400C75FF021D6CFACE46AC41B60770E, 3FCB8D7714A79522F2738037D559F1FFFB2F05C5406D2A038EF5DDB4629CA1CE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:40:16.0838 0x1cd0  clr_optimization_v4.0.30319_64 - ok
11:40:16.0870 0x1cd0  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
11:40:16.0870 0x1cd0  CmBatt - ok
11:40:16.0901 0x1cd0  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
11:40:16.0901 0x1cd0  cmdide - ok
11:40:16.0936 0x1cd0  [ EC0511BB85BAA42A9734011685A6732C, 10B52F0860CCB3AA0FC34DDA5C5538BFCF7B6D40738B7756297237FD2D9E01C1 ] CNG             C:\Windows\system32\Drivers\cng.sys
11:40:16.0967 0x1cd0  CNG - ok
11:40:17.0014 0x1cd0  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
11:40:17.0014 0x1cd0  Compbatt - ok
11:40:17.0076 0x1cd0  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
11:40:17.0076 0x1cd0  CompositeBus - ok
11:40:17.0107 0x1cd0  COMSysApp - ok
11:40:17.0224 0x1cd0  [ B18D590BC5220FDB4A747BC16D78ABC7, D46F8B43BAC22E55DE9AFC19CF371B1C4E8D3707163598B2F9884BB31D730C09 ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
11:40:17.0240 0x1cd0  cphs - ok
11:40:17.0263 0x1cd0  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
11:40:17.0263 0x1cd0  crcdisk - ok
11:40:17.0309 0x1cd0  [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
11:40:17.0325 0x1cd0  CryptSvc - ok
11:40:17.0403 0x1cd0  [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdate        C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
11:40:17.0419 0x1cd0  dbupdate - ok
11:40:17.0419 0x1cd0  [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdatem       C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
11:40:17.0439 0x1cd0  dbupdatem - ok
11:40:17.0501 0x1cd0  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
11:40:17.0533 0x1cd0  DcomLaunch - ok
11:40:17.0595 0x1cd0  [ B56714DED87E29377F1EE930691DADA2, B3C3BC4F546A786A93823C1471D560BF678A9C95237065E3B99B2B80E6C28131 ] DDDriver        C:\Windows\system32\drivers\DDDriver64Dcsa.sys
11:40:17.0611 0x1cd0  DDDriver - ok
11:40:17.0657 0x1cd0  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
11:40:17.0673 0x1cd0  defragsvc - ok
11:40:17.0861 0x1cd0  [ FD2B661335F35AC52B23488CCF2162B7, 2A7878E36F0D73F174ACE7CF7191DFA20AB326A5113F961D987CA4F54B4B2C4D ] DellDataVault   C:\Program Files\Dell\DellDataVault\DellDataVault.exe
11:40:17.0985 0x1cd0  DellDataVault - ok
11:40:18.0020 0x1cd0  [ 5C2BF6F94AFE6E585B632EE12F861949, A44A1A7C45F730ADB2C1E96A3891A4ACDCC68289E02FE831337F51A56BDE651D ] DellDigitalDelivery C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
11:40:18.0025 0x1cd0  DellDigitalDelivery - ok
11:40:18.0084 0x1cd0  [ DC3BD578642252FD9569B9CD75CEF81E, 63F44BC19389C19BA9F9E974BF2E5236AF7F66D9076943B9CF46775264BBE413 ] DellProf        C:\Windows\system32\drivers\DellProf.sys
11:40:18.0086 0x1cd0  DellProf - ok
11:40:18.0116 0x1cd0  [ 44C694C2B542DB3CDAEBDB1FF3233F4D, 888CA6F60ECF508DE4D414FCAB680BC7A103237701D47840552F6CCA64FF7176 ] DellUpdate      C:\Program Files (x86)\Dell Update\DellUpService.exe
11:40:18.0121 0x1cd0  DellUpdate - ok
11:40:18.0130 0x1cd0  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
11:40:18.0134 0x1cd0  DfsC - ok
11:40:18.0199 0x1cd0  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
11:40:18.0214 0x1cd0  Dhcp - ok
11:40:18.0319 0x1cd0  [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack       C:\Windows\system32\diagtrack.dll
11:40:18.0382 0x1cd0  DiagTrack - ok
11:40:18.0397 0x1cd0  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
11:40:18.0397 0x1cd0  discache - ok
11:40:18.0460 0x1cd0  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
11:40:18.0475 0x1cd0  Disk - ok
11:40:18.0475 0x1554  Object required for P2P: [ 501E11AE85EE28D305D228F5931AC76C ] avast! Antivirus
11:40:18.0587 0x1cd0  [ DA67669F8B83B5517A80CD691998D39A, 1FE69937ED6EB6D06B8FE69E20C2D32698519142E1D52292C130760DDAE9D1BC ] DiskDoctorService C:\Program Files (x86)\Symantec\Norton Utilities 16\Tools\Disk Doctor\DiskDoctorSrv.exe
11:40:18.0618 0x1cd0  DiskDoctorService - ok
11:40:18.0649 0x1cd0  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
11:40:18.0649 0x1cd0  Dnscache - ok
11:40:18.0665 0x1cd0  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
11:40:18.0680 0x1cd0  dot3svc - ok
11:40:18.0696 0x1cd0  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
11:40:18.0696 0x1cd0  DPS - ok
11:40:18.0774 0x1cd0  [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
11:40:18.0774 0x1cd0  drmkaud - ok
11:40:18.0852 0x1cd0  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
11:40:18.0899 0x1cd0  DXGKrnl - ok
11:40:18.0977 0x1cd0  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
11:40:18.0977 0x1cd0  EapHost - ok
11:40:19.0152 0x1cd0  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
11:40:19.0277 0x1cd0  ebdrv - ok
11:40:19.0308 0x1cd0  [ 7FB33A9A2E6B6D5CA9318668B95CA69C, 5B5CDF8BF4F2C2ADBAD2A92C554C369C6A428B7DE4FEF74FE9198058C3B864A3 ] EFS             C:\Windows\System32\lsass.exe
11:40:19.0308 0x1cd0  EFS - ok
11:40:19.0386 0x1cd0  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
11:40:19.0417 0x1cd0  ehRecvr - ok
11:40:19.0464 0x1cd0  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
11:40:19.0464 0x1cd0  ehSched - ok
11:40:19.0560 0x1cd0  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
11:40:19.0594 0x1cd0  elxstor - ok
11:40:19.0610 0x1cd0  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
11:40:19.0610 0x1cd0  ErrDev - ok
11:40:19.0672 0x1cd0  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
11:40:19.0672 0x1cd0  EventSystem - ok
11:40:19.0688 0x1cd0  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
11:40:19.0688 0x1cd0  exfat - ok
11:40:19.0703 0x1cd0  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
11:40:19.0703 0x1cd0  fastfat - ok
11:40:19.0781 0x1cd0  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
11:40:19.0797 0x1cd0  Fax - ok
11:40:19.0844 0x1cd0  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
11:40:19.0844 0x1cd0  fdc - ok
11:40:19.0859 0x1cd0  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
11:40:19.0859 0x1cd0  fdPHost - ok
11:40:19.0875 0x1cd0  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
11:40:19.0875 0x1cd0  FDResPub - ok
11:40:19.0906 0x1cd0  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
11:40:19.0906 0x1cd0  FileInfo - ok
11:40:19.0922 0x1cd0  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
11:40:19.0922 0x1cd0  Filetrace - ok
11:40:19.0968 0x1cd0  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
11:40:19.0968 0x1cd0  flpydisk - ok
11:40:19.0984 0x1cd0  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
11:40:20.0000 0x1cd0  FltMgr - ok
11:40:20.0063 0x1cd0  [ BCB16AE33AA58E0042F3EF34CFB6396A, E8ADA10DE60A94E4BABE9FCA6D0AA83B11520C092D49057E17F6C6059D35A323 ] FontCache       C:\Windows\system32\FntCache.dll
11:40:20.0094 0x1cd0  FontCache - ok
11:40:20.0127 0x1cd0  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:40:20.0127 0x1cd0  FontCache3.0.0.0 - ok
11:40:20.0159 0x1cd0  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
11:40:20.0159 0x1cd0  FsDepends - ok
11:40:20.0190 0x1cd0  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
11:40:20.0190 0x1cd0  Fs_Rec - ok
11:40:20.0268 0x1cd0  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
11:40:20.0283 0x1cd0  fvevol - ok
11:40:20.0330 0x1cd0  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
11:40:20.0346 0x1cd0  gagp30kx - ok
11:40:20.0486 0x1cd0  [ EDB329E77FBEE8DFA35F332EF957A0EB, 31EEBAF29E2F15D4CB073B6D7FED0C39CF78FD88CB4AE579376F483B6F96B068 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
11:40:20.0533 0x1cd0  GfExperienceService - ok
11:40:20.0643 0x1cd0  [ 0094408F0B474D071CDF88E52D9B81C7, 9DD0046BF69FF7162A7DA3AB637F587465B7F32E76F9326375D935533925D76E ] GoProDeviceDetectionService C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe
11:40:20.0648 0x1cd0  GoProDeviceDetectionService - ok
11:40:20.0695 0x1cd0  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
11:40:20.0727 0x1cd0  gpsvc - ok
11:40:20.0836 0x1cd0  [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:40:20.0836 0x1cd0  gupdate - ok
11:40:21.0132 0x1cd0  [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:40:21.0132 0x1cd0  gupdatem - ok
11:40:21.0292 0x1cd0  [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
11:40:21.0308 0x1cd0  gusvc - ok
11:40:21.0323 0x1cd0  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
11:40:21.0323 0x1cd0  hcw85cir - ok
11:40:21.0339 0x1554  Object send P2P result: true
11:40:21.0386 0x1cd0  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:40:21.0417 0x1cd0  HdAudAddService - ok
11:40:21.0433 0x1cd0  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
11:40:21.0433 0x1cd0  HDAudBus - ok
11:40:21.0433 0x1cd0  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
11:40:21.0448 0x1cd0  HidBth - ok
11:40:21.0448 0x1cd0  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
11:40:21.0448 0x1cd0  hidserv - ok
11:40:21.0495 0x1cd0  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
11:40:21.0511 0x1cd0  HidUsb - ok
11:40:21.0526 0x1cd0  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
11:40:21.0542 0x1cd0  hkmsvc - ok
11:40:21.0557 0x1cd0  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:40:21.0573 0x1cd0  HomeGroupListener - ok
11:40:21.0589 0x1cd0  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:40:21.0589 0x1cd0  HomeGroupProvider - ok
11:40:21.0635 0x1cd0  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
11:40:21.0651 0x1cd0  HpSAMD - ok
11:40:21.0716 0x1cd0  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
11:40:21.0763 0x1cd0  HTTP - ok
11:40:21.0826 0x1cd0  [ E5805896A55D4166C20F216249F40FA3, F426BF60D5B916E7A778EF24C49FE1FFE1B2977C2ABD2977FD5C38C6E6CB139F ] HWiNFO32        C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS
11:40:21.0826 0x1cd0  HWiNFO32 - ok
11:40:21.0841 0x1cd0  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
11:40:21.0841 0x1cd0  hwpolicy - ok
11:40:21.0904 0x1cd0  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
11:40:21.0904 0x1cd0  i8042prt - ok
11:40:22.0013 0x1cd0  [ 25555186E4FBDF0E30A5DBFC9B9A73F9, 4A9DAC2B56389C5955C343E202C6E81CD3A608E78A4BB7E6ED560719DF02C955 ] iaStorA         C:\Windows\system32\DRIVERS\iaStorA.sys
11:40:22.0044 0x1cd0  iaStorA - ok
11:40:22.0092 0x1cd0  [ 6241810294275CEA59EBA9733080E5EE, F9A1A505B9279CD660CAAF4F8D21BDC34AC75FD86E881632A378B9BF39A3738E ] IAStorDataMgrSvc C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
11:40:22.0092 0x1cd0  IAStorDataMgrSvc - ok
11:40:22.0139 0x1cd0  [ 10E79E366FA255318F5D1D0ED07F947D, ED1511334356A582D0CAAB94A22BBA5C90FFB4AF3673D02FE0909D4105FD1191 ] iaStorF         C:\Windows\system32\DRIVERS\iaStorF.sys
11:40:22.0139 0x1cd0  iaStorF - ok
11:40:22.0217 0x1cd0  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
11:40:22.0248 0x1cd0  iaStorV - ok
11:40:22.0346 0x1cd0  [ 83FF82FE209E7997067B375DAD6CF23D, E312DD068E51DBF96A8232D7D1C9F158652FDA23649655F1102928B320795091 ] ICCS            C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
11:40:22.0377 0x1cd0  ICCS - ok
11:40:22.0471 0x1cd0  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:40:22.0502 0x1cd0  idsvc - ok
11:40:22.0502 0x1cd0  IEEtwCollectorService - ok
11:40:22.0699 0x1cd0  [ 79AE3CC82CA1563A4B392207997ACE7C, A1E4A1DA95CA2FA197EF5975657822F0F813F6C33DA38E1FA5A840194034D071 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
11:40:22.0879 0x1cd0  igfx - ok
11:40:22.0942 0x1cd0  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
11:40:22.0942 0x1cd0  iirsp - ok
11:40:23.0035 0x1cd0  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
11:40:23.0051 0x1cd0  IKEEXT - ok
11:40:23.0301 0x1cd0  [ 09BA0096C574C5600B6A7A8D7049A7E4, 67133E54039EC45FCE154E4B940E30FE7523A39487C76AC5D090239CBA79ADCC ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
11:40:23.0461 0x1cd0  IntcAzAudAddService - ok
11:40:23.0539 0x1cd0  [ F5495B38BFB9149925F54F65AB40EFBF, 7CBB72C41E2343DACBFB967A39CA04788561EDECB289C41BC2D6A06B80882AC4 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
11:40:23.0570 0x1cd0  IntcDAud - ok
11:40:23.0586 0x1cd0  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
11:40:23.0586 0x1cd0  intelide - ok
11:40:23.0633 0x1cd0  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
11:40:23.0633 0x1cd0  intelppm - ok
11:40:23.0679 0x1cd0  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
11:40:23.0695 0x1cd0  IPBusEnum - ok
11:40:23.0711 0x1cd0  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:40:23.0711 0x1cd0  IpFilterDriver - ok
11:40:23.0757 0x1cd0  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
11:40:23.0773 0x1cd0  iphlpsvc - ok
11:40:23.0789 0x1cd0  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
11:40:23.0789 0x1cd0  IPMIDRV - ok
11:40:23.0804 0x1cd0  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
11:40:23.0821 0x1cd0  IPNAT - ok
11:40:23.0871 0x1cd0  [ 11FE7637A49B67D9B1F895B2AD4D982F, D448DA9083044E0B2627042D9FA5DC65C74A34AB09FF627777634B254260F4FB ] iprip           C:\Windows\System32\iprip.dll
11:40:23.0871 0x1cd0  iprip - ok
11:40:23.0918 0x1cd0  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
11:40:23.0918 0x1cd0  IRENUM - ok
11:40:23.0918 0x1cd0  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
11:40:23.0933 0x1cd0  isapnp - ok
11:40:23.0965 0x1cd0  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
11:40:23.0980 0x1cd0  iScsiPrt - ok
11:40:24.0011 0x1cd0  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
11:40:24.0027 0x1cd0  kbdclass - ok
11:40:24.0059 0x1cd0  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
11:40:24.0059 0x1cd0  kbdhid - ok
11:40:24.0075 0x1cd0  [ 7FB33A9A2E6B6D5CA9318668B95CA69C, 5B5CDF8BF4F2C2ADBAD2A92C554C369C6A428B7DE4FEF74FE9198058C3B864A3 ] KeyIso          C:\Windows\system32\lsass.exe
11:40:24.0075 0x1cd0  KeyIso - ok
11:40:24.0137 0x1cd0  [ 211A379BAAB812A7B437319BD85B2435, 4C8B82817B735BEFC0C8E2A42C7EF547D1C179561D3C97B3067B5EA3408F9E4D ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
11:40:24.0137 0x1cd0  KSecDD - ok
11:40:24.0200 0x1cd0  [ CC1B3B52F33CBC1CE60867DA4E23537C, A373DBCE6A53B77F59D9C83E243E5C1A2B4C38571CA28198229730D612561978 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
11:40:24.0200 0x1cd0  KSecPkg - ok
11:40:24.0309 0x1cd0  [ 1E5DF166E54173F1A1C71B45F66F0DD0, 3B87CBDE7CD3CFF6E90CE142C4F0CE38C8C650EB329C1635BFFDD865D153D980 ] kss             C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe
11:40:24.0340 0x1cd0  kss - ok
11:40:24.0359 0x1cd0  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
11:40:24.0359 0x1cd0  ksthunk - ok
11:40:24.0390 0x1cd0  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
11:40:24.0390 0x1cd0  KtmRm - ok
11:40:24.0452 0x1cd0  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
11:40:24.0499 0x1cd0  LanmanServer - ok
11:40:24.0515 0x1cd0  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:40:24.0530 0x1cd0  LanmanWorkstation - ok
11:40:24.0717 0x1cd0  [ 2D2DE301547146A79F6412075A66D731, 3F9F6F3D150C607DBDC16E6053E1DCF6D26E0141987DD6E4D826FA2A259113C2 ] LiveUpdateSvc   C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
11:40:24.0811 0x1cd0  LiveUpdateSvc - ok
11:40:24.0873 0x1cd0  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
11:40:24.0873 0x1cd0  lltdio - ok
11:40:24.0926 0x1cd0  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
11:40:24.0987 0x1cd0  lltdsvc - ok
11:40:25.0036 0x1cd0  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
11:40:25.0039 0x1cd0  lmhosts - ok
11:40:25.0121 0x1cd0  [ 7F32D4C47A50E7223491E8FB9359907D, 6D3F59A8D006BED3234697933D09C8EE8F7A9F4A4196CFA878F8E8A929B24CE5 ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
11:40:25.0128 0x1cd0  LMS - ok
11:40:25.0178 0x1cd0  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
11:40:25.0182 0x1cd0  LSI_FC - ok
11:40:25.0195 0x1cd0  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
11:40:25.0199 0x1cd0  LSI_SAS - ok
11:40:25.0208 0x1cd0  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
11:40:25.0211 0x1cd0  LSI_SAS2 - ok
11:40:25.0217 0x1cd0  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
11:40:25.0220 0x1cd0  LSI_SCSI - ok
11:40:25.0259 0x1cd0  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
11:40:25.0270 0x1cd0  luafv - ok
11:40:25.0326 0x1cd0  [ 78BFF5425E044086E74E78650A359FBB, 294738C10F3ED933D4EC40EA0659372FCF19A3C6D45D356917438CA495F2CB45 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
11:40:25.0330 0x1cd0  MBAMProtector - ok
11:40:25.0446 0x1cd0  [ 9611577752E293259C7DCE19E9026362, 8CB5DFD63FA15603BB6FA6B501E09ED7F4DE0E8F68CB28B78CECAC3711BEFD24 ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
11:40:25.0492 0x1cd0  MBAMScheduler - ok
11:40:25.0586 0x1cd0  [ F1A89A34388B5626F1548D393B23ECB1, EA00AC76C4C8C9340753B58A3313C9177A9B98F9F1BDE08F184CD0F53D0C186F ] MBAMService     C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
11:40:25.0617 0x1cd0  MBAMService - ok
11:40:25.0695 0x1cd0  [ 78488AF2AB2111D67B3C4044707A519B, 7AA71B9C4C7949A1A21F60EF7CCEDE0079794990696B60557B5DC86F4D47223A ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
11:40:25.0711 0x1cd0  MBAMSwissArmy - ok
11:40:25.0726 0x1cd0  [ 452ACB7A9914398D9E18CCCFFCF92208, 754AF45C19731C356E7E84497B04E0333759AC86DC553BA275EFC09845E43E4D ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
11:40:25.0742 0x1cd0  MBAMWebAccessControl - ok
11:40:25.0773 0x1cd0  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
11:40:25.0773 0x1cd0  Mcx2Svc - ok
11:40:25.0809 0x1cd0  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
11:40:25.0824 0x1cd0  megasas - ok
11:40:25.0838 0x1cd0  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
11:40:25.0847 0x1cd0  MegaSR - ok
11:40:25.0891 0x1cd0  [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
11:40:25.0894 0x1cd0  MEIx64 - ok
11:40:25.0938 0x1cd0  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
11:40:25.0943 0x1cd0  MMCSS - ok
11:40:25.0962 0x1cd0  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
11:40:25.0965 0x1cd0  Modem - ok
11:40:26.0014 0x1cd0  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
11:40:26.0016 0x1cd0  monitor - ok
11:40:26.0032 0x1cd0  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
11:40:26.0035 0x1cd0  mouclass - ok
11:40:26.0040 0x1cd0  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
11:40:26.0042 0x1cd0  mouhid - ok
11:40:26.0085 0x1cd0  [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
11:40:26.0088 0x1cd0  mountmgr - ok
11:40:26.0095 0x1cd0  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
11:40:26.0099 0x1cd0  mpio - ok
11:40:26.0110 0x1cd0  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
11:40:26.0114 0x1cd0  mpsdrv - ok
11:40:26.0147 0x1cd0  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
11:40:26.0163 0x1cd0  MpsSvc - ok
11:40:26.0185 0x1cd0  [ D7ADC2B83CA0B0381F75A98351F72CEE, 05476B7CA0486DF770AE492B5A90C85E3D3E7485152EB2FA30A19EC9BE44ED81 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
11:40:26.0190 0x1cd0  MRxDAV - ok
11:40:26.0227 0x1cd0  [ 07F8F6B0CAEC7ADD30EBD94940A315D7, 288429A146B74E88D93C5BC19D878A42AC6F411EE31D9A6D36A2A2FFCF7B9436 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
11:40:26.0232 0x1cd0  mrxsmb - ok
11:40:26.0264 0x1cd0  [ 8856E45D23BFF4D977BF06D0543BCD96, 0066C061A3516A16C2477590859865E46E522A290CCE17C3EC1B69F81E466E9E ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:40:26.0280 0x1cd0  mrxsmb10 - ok
11:40:26.0327 0x1cd0  [ 8D383CED28332B5F3894658857472F47, CB3872543D08C6432CF884C11A5897637A6FC7E9AC40F424444BAAA49C9FC32A ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:40:26.0342 0x1cd0  mrxsmb20 - ok
11:40:26.0358 0x1cd0  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
11:40:26.0358 0x1cd0  msahci - ok
11:40:26.0374 0x1cd0  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
11:40:26.0389 0x1cd0  msdsm - ok
11:40:26.0405 0x1cd0  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
11:40:26.0420 0x1cd0  MSDTC - ok
11:40:26.0436 0x1cd0  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
11:40:26.0436 0x1cd0  Msfs - ok
11:40:26.0452 0x1cd0  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
11:40:26.0452 0x1cd0  mshidkmdf - ok
11:40:26.0469 0x1cd0  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
11:40:26.0469 0x1cd0  msisadrv - ok
11:40:26.0532 0x1cd0  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
11:40:26.0547 0x1cd0  MSiSCSI - ok
11:40:26.0563 0x1cd0  msiserver - ok
11:40:26.0610 0x1cd0  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
11:40:26.0610 0x1cd0  MSKSSRV - ok
11:40:26.0656 0x1cd0  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
11:40:26.0672 0x1cd0  MSPCLOCK - ok
11:40:26.0672 0x1cd0  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
11:40:26.0672 0x1cd0  MSPQM - ok
11:40:26.0703 0x1cd0  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
11:40:26.0719 0x1cd0  MsRPC - ok
11:40:26.0734 0x1cd0  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
11:40:26.0734 0x1cd0  mssmbios - ok
11:40:26.0734 0x1cd0  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
11:40:26.0750 0x1cd0  MSTEE - ok
11:40:26.0766 0x1cd0  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
11:40:26.0766 0x1cd0  MTConfig - ok
11:40:26.0781 0x1cd0  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
11:40:26.0781 0x1cd0  Mup - ok
11:40:26.0812 0x1cd0  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
11:40:26.0828 0x1cd0  napagent - ok
11:40:26.0906 0x1cd0  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
11:40:26.0922 0x1cd0  NativeWifiP - ok
11:40:27.0001 0x1cd0  [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS            C:\Windows\system32\drivers\ndis.sys
11:40:27.0017 0x1cd0  NDIS - ok
11:40:27.0064 0x1cd0  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
11:40:27.0064 0x1cd0  NdisCap - ok
11:40:27.0111 0x1cd0  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
11:40:27.0127 0x1cd0  NdisTapi - ok
11:40:27.0159 0x1cd0  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
11:40:27.0175 0x1cd0  Ndisuio - ok
11:40:27.0206 0x1cd0  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
11:40:27.0221 0x1cd0  NdisWan - ok
11:40:27.0237 0x1cd0  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
11:40:27.0237 0x1cd0  NDProxy - ok
11:40:27.0253 0x1cd0  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
11:40:27.0253 0x1cd0  NetBIOS - ok
11:40:27.0268 0x1cd0  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
11:40:27.0284 0x1cd0  NetBT - ok
11:40:27.0299 0x1cd0  [ 7FB33A9A2E6B6D5CA9318668B95CA69C, 5B5CDF8BF4F2C2ADBAD2A92C554C369C6A428B7DE4FEF74FE9198058C3B864A3 ] Netlogon        C:\Windows\system32\lsass.exe
11:40:27.0299 0x1cd0  Netlogon - ok
11:40:27.0331 0x1cd0  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
11:40:27.0346 0x1cd0  Netman - ok
11:40:27.0440 0x1cd0  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:40:27.0455 0x1cd0  NetMsmqActivator - ok
11:40:27.0487 0x1cd0  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:40:27.0502 0x1cd0  NetPipeActivator - ok
11:40:27.0518 0x1cd0  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
11:40:27.0542 0x1cd0  netprofm - ok
11:40:27.0553 0x1cd0  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:40:27.0553 0x1cd0  NetTcpActivator - ok
11:40:27.0553 0x1cd0  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:40:27.0553 0x1cd0  NetTcpPortSharing - ok
11:40:28.0021 0x1cd0  [ D37577809DF3AF6A6269E6381E755722, 4C016817390DA5F934A9DE10D30E31A9D848E907B1BBD837E48FE5ED12D9155F ] NETwNs64        C:\Windows\system32\DRIVERS\NETwsw00.sys
11:40:28.0386 0x1cd0  NETwNs64 - ok
11:40:28.0432 0x1cd0  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
11:40:28.0432 0x1cd0  nfrd960 - ok
11:40:28.0464 0x1cd0  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
11:40:28.0464 0x1cd0  NlaSvc - ok
11:40:28.0479 0x1cd0  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
11:40:28.0479 0x1cd0  Npfs - ok
11:40:28.0495 0x1cd0  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
11:40:28.0495 0x1cd0  nsi - ok
11:40:28.0510 0x1cd0  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
11:40:28.0510 0x1cd0  nsiproxy - ok
11:40:28.0591 0x1cd0  [ 47B2D0B31BDC3EBE6090228E2BA3764D, 984A4B38300954164BCBF57EC1A09C18B53779E60A26E9618B50E26016735787 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
11:40:28.0638 0x1cd0  Ntfs - ok
11:40:28.0747 0x1cd0  [ 7814796348C485920FA44C5CE9C77843, A8C9EC7D4AF30A479B3404077286CCFA96C994419A66319EC6E72C493E1C2523 ] NU16StartManagerSvc C:\Program Files (x86)\Symantec\Norton Utilities 16\sMonitor\StartManSvc.exe
11:40:28.0810 0x1cd0  NU16StartManagerSvc - ok
11:40:28.0810 0x1cd0  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
11:40:28.0810 0x1cd0  Null - ok
11:40:28.0841 0x1cd0  [ D584ABB6A308933A5F72B46C9E5A783F, 31922A27B3A9A64A9F71B7591FCAC6E0ACD15E36B9BFC4B4D75DE473E0F5CF6B ] nusb3hub        C:\Windows\system32\DRIVERS\nusb3hub.sys
11:40:28.0841 0x1cd0  nusb3hub - ok
11:40:28.0857 0x1cd0  [ 345B9C04E2036DA4346E3249A5BDFD06, 2FCA4661757EC8E33F6D1E8066165C0E0A0D32649318412A79A915B83496236A ] nusb3xhc        C:\Windows\system32\DRIVERS\nusb3xhc.sys
11:40:28.0857 0x1cd0  nusb3xhc - ok
11:40:28.0919 0x1cd0  [ D812362E8AF615B521AD4DF19A93BD5A, B1F04122DFE9FCC3FC56BE327D86912D624C89F2EFB9684BE66FC22115D0E19F ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
11:40:28.0935 0x1cd0  NVHDA - ok
11:40:28.0997 0x1cd0  [ BA1AFC6473451FB452602DC4F15FF66D, 7775BF0309C3F42503EEA36961C8101FE3757310A377926D42C0AF0DB5E27B53 ] nvkflt          C:\Windows\system32\DRIVERS\nvkflt.sys
11:40:29.0013 0x1cd0  nvkflt - ok
11:40:29.0470 0x1cd0  [ 616D9A6F59FA604612E4B25AAF36BFCA, 6634F3091A07E2BE0E38622C604BE7589020D9FA47A0A15A3161CA0BBAECB33D ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
11:40:29.0927 0x1cd0  nvlddmkm - ok
11:40:30.0260 0x1cd0  [ AD8488A3C2FA476ABA506D38E2204D9A, CF3ABA2752009420B5E6DD1BCB8C259455CF6E436E9E6955E515BFB3FC39BAE3 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
11:40:30.0307 0x1cd0  NvNetworkService - ok
11:40:30.0322 0x1cd0  [ 6459D3B45C0B6A6AF82C8B4B0C18B2FE, 7C39E70E57DC5568CFFA0822DC5169EC13C8B76040A9B803741B0BD9639413DD ] nvpciflt        C:\Windows\system32\DRIVERS\nvpciflt.sys
11:40:30.0322 0x1cd0  nvpciflt - ok
11:40:30.0369 0x1cd0  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
11:40:30.0385 0x1cd0  nvraid - ok
11:40:30.0431 0x1cd0  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
11:40:30.0431 0x1cd0  nvstor - ok
11:40:30.0541 0x1cd0  [ E100913C01A8485C4DA549611B70E183, 86E0BD2C2E43D1D0A49576C0A514D0A43938EC967C5E1310B64BFF099957E23E ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
11:40:30.0541 0x1cd0  NvStreamKms - ok
11:40:30.0718 0x1cd0  [ 7A2FE2AE95B92DB389F48FEC19DD85A2, 16AD82A0E4833507AE2C6DE2722DBEA12C2024F8DCA2F7784878AA3DDF3E8B0D ] NvStreamNetworkSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
11:40:30.0858 0x1cd0  NvStreamNetworkSvc - ok
11:40:31.0014 0x1cd0  [ C56E59015EFAC1D53C72F6E3178D06CD, 16FF2ED40B4585672570C385FA59CCA18E7921EAC0E32377009F729A1F0CB49F ] NvStreamSvc     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
11:40:31.0092 0x1cd0  NvStreamSvc - ok
11:40:31.0217 0x1cd0  [ 4DFABFC1A31FDE2BDB0AB577CD313D70, 1A517D4FED4B0B8BA1365EF6839BB006EF5E7C4CCC630470B8E239753FC5394F ] nvsvc           C:\Windows\system32\nvvsvc.exe
11:40:31.0268 0x1cd0  nvsvc - ok
11:40:31.0284 0x1cd0  [ 0BAF8B3DF77EFF04CC0BEA5F2C3657F9, 8E7A542E20416835F31B8648B5724446A78609C0ACC26FCC20E885CF83BE9CB2 ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
11:40:31.0284 0x1cd0  nvvad_WaveExtensible - ok
11:40:31.0378 0x1cd0  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
11:40:31.0409 0x1cd0  nv_agp - ok
11:40:31.0658 0x1cd0  [ CD57102A1C47129F9DA51536030B89A9, 34FFB3DCA5A267241D7D0B26D50639B3E41895967464BB210C3932246063C9A6 ] Office Depot Tech Support C:\Program Files (x86)\Office Depot Tech Support\esService.exe
11:40:31.0690 0x1cd0  Office Depot Tech Support - ok
11:40:31.0721 0x1cd0  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
11:40:31.0721 0x1cd0  ohci1394 - ok
11:40:31.0833 0x1cd0  [ 4708DC527C988315627302B212F22E1C, 57CEC330221A144B27853143F30A9BC5606A85961DEB3E9AFB0DD418B6E23C3E ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:40:31.0849 0x1cd0  ose - ok
11:40:32.0114 0x1cd0  [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
11:40:32.0301 0x1cd0  osppsvc - ok
11:40:32.0354 0x1cd0  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
11:40:32.0385 0x1cd0  p2pimsvc - ok
11:40:32.0432 0x1cd0  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
11:40:32.0447 0x1cd0  p2psvc - ok
11:40:32.0479 0x1cd0  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
11:40:32.0479 0x1cd0  Parport - ok
11:40:32.0510 0x1cd0  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
11:40:32.0510 0x1cd0  partmgr - ok
11:40:32.0525 0x1cd0  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
11:40:32.0525 0x1cd0  PcaSvc - ok
11:40:32.0541 0x1cd0  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
11:40:32.0557 0x1cd0  pci - ok
11:40:32.0572 0x1cd0  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
11:40:32.0572 0x1cd0  pciide - ok
11:40:32.0588 0x1cd0  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
11:40:32.0603 0x1cd0  pcmcia - ok
11:40:32.0619 0x1cd0  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
11:40:32.0619 0x1cd0  pcw - ok
11:40:32.0666 0x1cd0  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
11:40:32.0697 0x1cd0  PEAUTH - ok
11:40:32.0822 0x1cd0  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
11:40:32.0844 0x1cd0  PerfHost - ok
11:40:32.0937 0x1cd0  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
11:40:33.0031 0x1cd0  pla - ok
11:40:33.0093 0x1cd0  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
11:40:33.0125 0x1cd0  PlugPlay - ok
11:40:33.0140 0x1cd0  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
11:40:33.0140 0x1cd0  PNRPAutoReg - ok
11:40:33.0156 0x1cd0  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
11:40:33.0156 0x1cd0  PNRPsvc - ok
11:40:33.0187 0x1cd0  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
11:40:33.0203 0x1cd0  PolicyAgent - ok
11:40:33.0218 0x1cd0  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
11:40:33.0234 0x1cd0  Power - ok
11:40:33.0234 0x1cd0  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
11:40:33.0249 0x1cd0  PptpMiniport - ok
11:40:33.0249 0x1cd0  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
11:40:33.0249 0x1cd0  Processor - ok
11:40:33.0312 0x1cd0  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
11:40:33.0312 0x1cd0  ProfSvc - ok
11:40:33.0327 0x1cd0  [ 7FB33A9A2E6B6D5CA9318668B95CA69C, 5B5CDF8BF4F2C2ADBAD2A92C554C369C6A428B7DE4FEF74FE9198058C3B864A3 ] ProtectedStorage C:\Windows\system32\lsass.exe
11:40:33.0327 0x1cd0  ProtectedStorage - ok
11:40:33.0376 0x1cd0  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
11:40:33.0376 0x1cd0  Psched - ok
11:40:33.0423 0x1cd0  [ DEFD557D9B8C0FA3CEA6CC576400114E, 5A969B652EE5F2DE10E936482B9A7D23B7C5F9B3DBC71AC660F004EFFF0CD229 ] pwdrvio         C:\Windows\system32\pwdrvio.sys
11:40:33.0439 0x1cd0  pwdrvio - ok
11:40:33.0501 0x1cd0  [ A2EE3B70A9E05F651B888078726C2787, 66F90B23A041F8050510A4DE6612F6CB7F3F259DDDDC2FA1BE7D578300B92188 ] pwdspio         C:\Windows\system32\pwdspio.sys
11:40:33.0501 0x1cd0  pwdspio - ok
11:40:33.0595 0x1cd0  [ 45C4928B0DAFF1C0D18D0032A7FF5658, DF11FB67C743392581B241DE6413B38733007FAB6948B0672850D686A1CF06A1 ] QBCFMonitorService C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
11:40:33.0595 0x1cd0  QBCFMonitorService - ok
11:40:33.0657 0x1cd0  [ 9EE9AA5D1FB3F3B99467A20B03B47C5D, 5C43150DF7FC7786DD7568219860BEC89460EE13889B37F01A6D15D4059EC146 ] QBFCService     C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
11:40:33.0673 0x1cd0  QBFCService - ok
11:40:33.0797 0x1cd0  [ A0A4C760E18DF1F62D535B817B0ADD0D, 68D521941141CF81FA35302ABC7EA06BB30D9F553867AFA2DD3B4061620287BE ] QBVSS           C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
11:40:33.0844 0x1cd0  QBVSS - ok
11:40:33.0875 0x1cd0  [ 0928BD20273625622722FE1DE5BBDE57, 5313C222F8810D3A62CCE64482B5E50E58BBE2A2C298A23C84A454C34324AC52 ] qicflt          C:\Windows\system32\DRIVERS\qicflt.sys
11:40:33.0892 0x1cd0  qicflt - ok
11:40:33.0944 0x1cd0  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
11:40:33.0991 0x1cd0  ql2300 - ok
11:40:34.0007 0x1cd0  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
11:40:34.0022 0x1cd0  ql40xx - ok
11:40:34.0053 0x1cd0  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
11:40:34.0053 0x1cd0  QWAVE - ok
11:40:34.0069 0x1cd0  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
11:40:34.0069 0x1cd0  QWAVEdrv - ok
11:40:34.0085 0x1cd0  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
11:40:34.0085 0x1cd0  RasAcd - ok
11:40:34.0100 0x1cd0  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
11:40:34.0116 0x1cd0  RasAgileVpn - ok
11:40:34.0132 0x1cd0  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
11:40:34.0132 0x1cd0  RasAuto - ok
11:40:34.0148 0x1cd0  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
11:40:34.0148 0x1cd0  Rasl2tp - ok
11:40:34.0179 0x1cd0  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
11:40:34.0195 0x1cd0  RasMan - ok
11:40:34.0210 0x1cd0  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
11:40:34.0210 0x1cd0  RasPppoe - ok
11:40:34.0226 0x1cd0  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
11:40:34.0226 0x1cd0  RasSstp - ok
11:40:34.0242 0x1cd0  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
11:40:34.0242 0x1cd0  rdbss - ok
11:40:34.0257 0x1cd0  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
11:40:34.0257 0x1cd0  rdpbus - ok
11:40:34.0273 0x1cd0  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
11:40:34.0273 0x1cd0  RDPCDD - ok
11:40:34.0304 0x1cd0  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
11:40:34.0304 0x1cd0  RDPENCDD - ok
11:40:34.0320 0x1cd0  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
11:40:34.0320 0x1cd0  RDPREFMP - ok
11:40:34.0398 0x1cd0  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
11:40:34.0413 0x1cd0  RdpVideoMiniport - ok
11:40:34.0463 0x1cd0  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
11:40:34.0494 0x1cd0  RDPWD - ok
11:40:34.0525 0x1cd0  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
11:40:34.0525 0x1cd0  rdyboost - ok
11:40:34.0557 0x1cd0  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
11:40:34.0572 0x1cd0  RemoteAccess - ok
11:40:34.0572 0x1cd0  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
11:40:34.0588 0x1cd0  RemoteRegistry - ok
11:40:34.0635 0x1cd0  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
11:40:34.0635 0x1cd0  RpcEptMapper - ok
11:40:34.0650 0x1cd0  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
11:40:34.0666 0x1cd0  RpcLocator - ok
11:40:34.0728 0x1cd0  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
11:40:34.0775 0x1cd0  RpcSs - ok
11:40:34.0791 0x1cd0  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
11:40:34.0791 0x1cd0  rspndr - ok
11:40:34.0853 0x1cd0  [ C397166D21F4CD59D5AF339F8938CD0D, AC65C3238B0793BDDB43992AF1FF09CC70DA1DB89B8722A312FC1EF8BC97E272 ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
11:40:34.0869 0x1cd0  RtkAudioService - ok
11:40:34.0947 0x1cd0  [ 66E06E5B77F2323B1F11EB4C70B78328, D14A6DFF95EC897EA737623A8E60D6DEF12077A54648AC78FBD19BA11985CD77 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
11:40:35.0020 0x1cd0  RTL8167 - ok
11:40:35.0161 0x1cd0  [ A2E6DA842441FD225CD847364843A46E, 0B6F309F47A827E46C1D848977E458FBC6D8328F28F141EC41FAFCAC932C48A5 ] RtlWlanu        C:\Windows\system32\DRIVERS\rtwlanu_vt64.sys
11:40:35.0301 0x1cd0  RtlWlanu - ok
11:40:35.0317 0x1cd0  [ 7FB33A9A2E6B6D5CA9318668B95CA69C, 5B5CDF8BF4F2C2ADBAD2A92C554C369C6A428B7DE4FEF74FE9198058C3B864A3 ] SamSs           C:\Windows\system32\lsass.exe
11:40:35.0317 0x1cd0  SamSs - ok
11:40:35.0332 0x1cd0  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
11:40:35.0348 0x1cd0  sbp2port - ok
11:40:35.0364 0x1cd0  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
11:40:35.0364 0x1cd0  SCardSvr - ok
11:40:35.0379 0x1cd0  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
11:40:35.0379 0x1cd0  scfilter - ok
11:40:35.0473 0x1cd0  [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule        C:\Windows\system32\schedsvc.dll
11:40:35.0506 0x1cd0  Schedule - ok
11:40:35.0522 0x1cd0  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
11:40:35.0522 0x1cd0  SCPolicySvc - ok
11:40:35.0537 0x1cd0  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
11:40:35.0553 0x1cd0  SDRSVC - ok
11:40:35.0600 0x1cd0  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
11:40:35.0600 0x1cd0  secdrv - ok
11:40:35.0615 0x1cd0  [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon        C:\Windows\system32\seclogon.dll
11:40:35.0631 0x1cd0  seclogon - ok
11:40:35.0646 0x1cd0  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
11:40:35.0646 0x1cd0  SENS - ok
11:40:35.0693 0x1cd0  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
11:40:35.0709 0x1cd0  SensrSvc - ok
11:40:35.0740 0x1cd0  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys
11:40:35.0756 0x1cd0  Serenum - ok
11:40:35.0802 0x1cd0  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
11:40:35.0802 0x1cd0  Serial - ok
11:40:35.0818 0x1cd0  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
11:40:35.0818 0x1cd0  sermouse - ok
11:40:35.0849 0x1cd0  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
11:40:35.0849 0x1cd0  SessionEnv - ok
11:40:35.0865 0x1cd0  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
11:40:35.0865 0x1cd0  sffdisk - ok
11:40:35.0880 0x1cd0  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
11:40:35.0880 0x1cd0  sffp_mmc - ok
11:40:35.0896 0x1cd0  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
11:40:35.0896 0x1cd0  sffp_sd - ok
11:40:35.0912 0x1cd0  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
11:40:35.0912 0x1cd0  sfloppy - ok
11:40:35.0927 0x1cd0  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
11:40:35.0943 0x1cd0  SharedAccess - ok
11:40:35.0974 0x1cd0  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:40:35.0990 0x1cd0  ShellHWDetection - ok
11:40:35.0990 0x1cd0  [ E9E830D540EDEDED650F906628468548, 9800160C6807B28A2A1E57810151473C96F1484F2EF75D3E378E8C96440CD4CE ] simptcp         C:\Windows\System32\tcpsvcs.exe
11:40:36.0005 0x1cd0  simptcp - ok
11:40:36.0038 0x1cd0  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
11:40:36.0038 0x1cd0  SiSRaid2 - ok
11:40:36.0054 0x1cd0  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
11:40:36.0054 0x1cd0  SiSRaid4 - ok
11:40:36.0070 0x1cd0  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
11:40:36.0070 0x1cd0  Smb - ok
11:40:36.0101 0x1cd0  [ CA62AE004E98374BF7F082CD765EEA02, A53243F4B9D798802CD6673EA9D7DC245F26A2216172DAD53547B9BC4D5DBA77 ] SNMP            C:\Windows\System32\snmp.exe
11:40:36.0101 0x1cd0  SNMP - ok
11:40:36.0116 0x1cd0  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
11:40:36.0116 0x1cd0  SNMPTRAP - ok
11:40:36.0195 0x1cd0  [ 2D5AE5F3B1F9EEE8D914056FC3C2521B, E99C21DA8C0159A50B61457712D29C8E04CDDB544C4300119AB0C46D0DC84CFC ] SpeedDiskService C:\Program Files (x86)\Symantec\Norton Utilities 16\Tools\SpeedDisk\SpeedDiskSrv.exe
11:40:36.0227 0x1cd0  SpeedDiskService - ok
11:40:36.0273 0x1cd0  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
11:40:36.0273 0x1cd0  spldr - ok
11:40:36.0305 0x1cd0  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
11:40:36.0336 0x1cd0  Spooler - ok
11:40:36.0445 0x1cd0  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
11:40:36.0556 0x1cd0  sppsvc - ok
11:40:36.0572 0x1cd0  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
11:40:36.0587 0x1cd0  sppuinotify - ok
11:40:36.0603 0x1cd0  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
11:40:36.0681 0x1cd0  srv - ok
11:40:36.0712 0x1cd0  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
11:40:36.0743 0x1cd0  srv2 - ok
11:40:36.0759 0x1cd0  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
11:40:36.0759 0x1cd0  srvnet - ok
11:40:36.0790 0x1cd0  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
11:40:36.0790 0x1cd0  SSDPSRV - ok
11:40:36.0821 0x1cd0  [ 1100066057FBF612B573EFD3B21383F1, 894F5A999E03807DFFEA67938D2E456D50D9E5511FE91D2E2293C51D98B3D87D ] ssmirrdr        C:\Windows\system32\DRIVERS\ssmirrdr.sys
11:40:36.0821 0x1cd0  ssmirrdr - ok
11:40:36.0821 0x1cd0  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
11:40:36.0837 0x1cd0  SstpSvc - ok
11:40:36.0946 0x1cd0  [ F5EA06095E2AF5E45AD454677FBF6BEC, 1C30F64A57115396C89E46AE9282540A4E773F6A09E342A82702F96959BD8DC0 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
11:40:36.0962 0x1cd0  Stereo Service - ok
11:40:37.0009 0x1cd0  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
11:40:37.0009 0x1cd0  stexstor - ok
11:40:37.0024 0x1cd0  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
11:40:37.0055 0x1cd0  stisvc - ok
11:40:37.0171 0x1cd0  [ 9CC3E88C12CC5A421FC049EB6C292D36, D1741C300B760624AEEAA226F6AF8EBDFB721CF4C4A41DF502B836DB6D5EE338 ] SupportAssistAgent C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
11:40:37.0171 0x1cd0  SupportAssistAgent - ok
11:40:37.0203 0x1cd0  [ 98E8C921F7F17F113AAA128EC7310213, 4CC15218A0B029396C2793A2C4DE5B67C16CD860D47F572602D60518FC643FAC ] SWDUMon         C:\Windows\system32\DRIVERS\SWDUMon.sys
11:40:37.0203 0x1cd0  SWDUMon - ok
11:40:37.0218 0x1cd0  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
11:40:37.0218 0x1cd0  swenum - ok
11:40:37.0296 0x1cd0  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
11:40:37.0343 0x1cd0  swprv - ok
11:40:37.0437 0x1cd0  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain         C:\Windows\system32\sysmain.dll
11:40:37.0561 0x1cd0  SysMain - ok
11:40:37.0593 0x1cd0  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:40:37.0593 0x1cd0  TabletInputService - ok
11:40:37.0627 0x1cd0  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
11:40:37.0642 0x1cd0  TapiSrv - ok
11:40:37.0658 0x1cd0  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
11:40:37.0658 0x1cd0  TBS - ok
11:40:37.0736 0x1cd0  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
11:40:37.0783 0x1cd0  Tcpip - ok
11:40:37.0830 0x1cd0  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
11:40:37.0861 0x1cd0  TCPIP6 - ok
11:40:37.0892 0x1cd0  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
11:40:37.0892 0x1cd0  tcpipreg - ok
11:40:37.0908 0x1cd0  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
11:40:37.0908 0x1cd0  TDPIPE - ok
11:40:37.0923 0x1cd0  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
11:40:37.0923 0x1cd0  TDTCP - ok
11:40:37.0970 0x1cd0  [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
11:40:37.0986 0x1cd0  tdx - ok
11:40:38.0001 0x1cd0  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
11:40:38.0001 0x1cd0  TermDD - ok
11:40:38.0048 0x1cd0  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
11:40:38.0079 0x1cd0  TermService - ok
11:40:38.0079 0x1cd0  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
11:40:38.0095 0x1cd0  Themes - ok
11:40:38.0110 0x1cd0  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
11:40:38.0110 0x1cd0  THREADORDER - ok
11:40:38.0126 0x1cd0  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
11:40:38.0126 0x1cd0  TrkWks - ok
11:40:38.0178 0x1cd0  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:40:38.0178 0x1cd0  TrustedInstaller - ok
11:40:38.0209 0x1cd0  [ 19BEDA57F3E0A06B8D5EB6D619BD5624, 952D5FAFD662C93628C12A6F7EB8E240A44216C0A15CBD2F5016BC357CBFE821 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
11:40:38.0209 0x1cd0  tssecsrv - ok
11:40:38.0225 0x1cd0  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
11:40:38.0240 0x1cd0  TsUsbFlt - ok
11:40:38.0256 0x1cd0  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
11:40:38.0256 0x1cd0  TsUsbGD - ok
11:40:38.0318 0x1cd0  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
11:40:38.0318 0x1cd0  tunnel - ok
11:40:38.0334 0x1cd0  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
11:40:38.0349 0x1cd0  uagp35 - ok
11:40:38.0381 0x1cd0  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
11:40:38.0396 0x1cd0  udfs - ok
11:40:38.0412 0x1cd0  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
11:40:38.0412 0x1cd0  UI0Detect - ok
11:40:38.0459 0x1cd0  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
11:40:38.0474 0x1cd0  uliagpkx - ok
11:40:38.0490 0x1cd0  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
11:40:38.0490 0x1cd0  umbus - ok
11:40:38.0505 0x1cd0  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
11:40:38.0521 0x1cd0  UmPass - ok
11:40:38.0681 0x1cd0  [ 2C16648A12999AE69A9EBF41974B0BA2, 06008F61B6EC36CD34CB8C4BA983371DB7A9F4BEE15E5329F5E90FEEE300D258 ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
11:40:38.0759 0x1cd0  UNS - ok
11:40:38.0806 0x1cd0  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
11:40:38.0821 0x1cd0  upnphost - ok
11:40:38.0853 0x1cd0  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
11:40:38.0853 0x1cd0  usbccgp - ok
11:40:38.0899 0x1cd0  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
11:40:38.0899 0x1cd0  usbcir - ok
11:40:38.0915 0x1cd0  [ 74EE782B1D9C241EFE425565854C661C, E8258EA65B0FCAD4E077B176E9D9324646B652D6E651241E397346A39770D065 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
11:40:38.0915 0x1cd0  usbehci - ok
11:40:38.0946 0x1cd0  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
11:40:38.0946 0x1cd0  usbhub - ok
11:40:38.0962 0x1cd0  [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
11:40:38.0962 0x1cd0  usbohci - ok
11:40:39.0009 0x1cd0  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
11:40:39.0024 0x1cd0  usbprint - ok
11:40:39.0040 0x1cd0  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
11:40:39.0055 0x1cd0  usbscan - ok
11:40:39.0087 0x1cd0  [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:40:39.0087 0x1cd0  USBSTOR - ok
11:40:39.0118 0x1cd0  [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
11:40:39.0118 0x1cd0  usbuhci - ok
11:40:39.0180 0x1cd0  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
11:40:39.0205 0x1cd0  usbvideo - ok
11:40:39.0218 0x1cd0  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
11:40:39.0218 0x1cd0  UxSms - ok
11:40:39.0249 0x1cd0  [ 7FB33A9A2E6B6D5CA9318668B95CA69C, 5B5CDF8BF4F2C2ADBAD2A92C554C369C6A428B7DE4FEF74FE9198058C3B864A3 ] VaultSvc        C:\Windows\system32\lsass.exe
11:40:39.0249 0x1cd0  VaultSvc - ok
11:40:39.0265 0x1cd0  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
11:40:39.0265 0x1cd0  vdrvroot - ok
11:40:39.0343 0x1cd0  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
11:40:39.0421 0x1cd0  vds - ok
11:40:39.0452 0x1cd0  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
11:40:39.0452 0x1cd0  vga - ok
11:40:39.0467 0x1cd0  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
11:40:39.0467 0x1cd0  VgaSave - ok
11:40:39.0483 0x1cd0  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
11:40:39.0483 0x1cd0  vhdmp - ok
11:40:39.0499 0x1cd0  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
11:40:39.0499 0x1cd0  viaide - ok
11:40:39.0514 0x1cd0  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
11:40:39.0514 0x1cd0  volmgr - ok
11:40:39.0530 0x1cd0  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
11:40:39.0545 0x1cd0  volmgrx - ok
11:40:39.0561 0x1cd0  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
11:40:39.0561 0x1cd0  volsnap - ok
11:40:39.0623 0x1cd0  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
11:40:39.0639 0x1cd0  vsmraid - ok
11:40:39.0717 0x1cd0  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
11:40:39.0780 0x1cd0  VSS - ok
11:40:39.0780 0x1cd0  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
11:40:39.0780 0x1cd0  vwifibus - ok
11:40:39.0796 0x1cd0  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
11:40:39.0796 0x1cd0  vwififlt - ok
11:40:39.0843 0x1578  Object required for P2P: [ A1F58FFF448E4099297D6EE0641D4D0E ] dbupdate
11:40:39.0858 0x1cd0  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] w32time         C:\Windows\system32\w32time.DLL
11:40:39.0890 0x1cd0  w32time - ok
11:40:39.0921 0x1cd0  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
11:40:39.0921 0x1cd0  WacomPen - ok
11:40:39.0936 0x1cd0  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
11:40:39.0936 0x1cd0  WANARP - ok
11:40:39.0968 0x1cd0  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
11:40:39.0968 0x1cd0  Wanarpv6 - ok
11:40:40.0030 0x1cd0  [ B32009DB1972E7F2C227499289C4384A, D491CD90ACE895EC60A5A2F995EAE39F8ED662B71BC548C3FF5BBDBC60054788 ] WAS             C:\Windows\system32\inetsrv\iisw3adm.dll
11:40:40.0061 0x1cd0  WAS - ok
11:40:40.0187 0x1cd0  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
11:40:40.0218 0x1cd0  WatAdminSvc - ok
11:40:40.0271 0x1cd0  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
11:40:40.0333 0x1cd0  wbengine - ok
11:40:40.0349 0x1cd0  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
11:40:40.0365 0x1cd0  WbioSrvc - ok
11:40:40.0380 0x1cd0  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
11:40:40.0396 0x1cd0  wcncsvc - ok
11:40:40.0411 0x1cd0  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:40:40.0411 0x1cd0  WcsPlugInService - ok
11:40:40.0427 0x1cd0  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
11:40:40.0427 0x1cd0  Wd - ok
11:40:40.0458 0x1cd0  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
11:40:40.0489 0x1cd0  Wdf01000 - ok
11:40:40.0505 0x1cd0  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
11:40:40.0521 0x1cd0  WdiServiceHost - ok
11:40:40.0521 0x1cd0  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
11:40:40.0521 0x1cd0  WdiSystemHost - ok
11:40:40.0552 0x1cd0  [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient       C:\Windows\System32\webclnt.dll
11:40:40.0552 0x1cd0  WebClient - ok
11:40:40.0583 0x1cd0  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
11:40:40.0583 0x1cd0  Wecsvc - ok
11:40:40.0599 0x1cd0  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
11:40:40.0614 0x1cd0  wercplsupport - ok
11:40:40.0645 0x1cd0  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
11:40:40.0661 0x1cd0  WerSvc - ok
11:40:40.0661 0x1cd0  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
11:40:40.0677 0x1cd0  WfpLwf - ok
11:40:40.0677 0x1cd0  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
11:40:40.0692 0x1cd0  WIMMount - ok
11:40:40.0708 0x1cd0  WinDefend - ok
11:40:40.0723 0x1cd0  WinHttpAutoProxySvc - ok
11:40:40.0791 0x1cd0  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
11:40:40.0791 0x1cd0  Winmgmt - ok
11:40:40.0884 0x1cd0  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
11:40:41.0025 0x1cd0  WinRM - ok
11:40:41.0087 0x1cd0  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
11:40:41.0087 0x1cd0  WinUsb - ok
11:40:41.0165 0x1cd0  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
11:40:41.0196 0x1cd0  Wlansvc - ok
11:40:41.0196 0x1cd0  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
11:40:41.0196 0x1cd0  WmiAcpi - ok
11:40:41.0228 0x1cd0  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
11:40:41.0228 0x1cd0  wmiApSrv - ok
11:40:41.0243 0x1cd0  WMPNetworkSvc - ok
11:40:41.0259 0x1cd0  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
11:40:41.0259 0x1cd0  WPCSvc - ok
11:40:41.0274 0x1cd0  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
11:40:41.0274 0x1cd0  WPDBusEnum - ok
11:40:41.0290 0x1cd0  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
11:40:41.0290 0x1cd0  ws2ifsl - ok
11:40:41.0322 0x1cd0  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\system32\wscsvc.dll
11:40:41.0328 0x1cd0  wscsvc - ok
11:40:41.0331 0x1cd0  WSearch - ok
11:40:41.0421 0x1cd0  [ 86F11B85102AFA6A1A6101DCE2F09386, 68A0F0E628C8F33FDAC114876DA8ED14776DD74E80AC5A6A52257E19DE011091 ] wuauserv        C:\Windows\system32\wuaueng.dll
11:40:41.0530 0x1cd0  wuauserv - ok
11:40:41.0562 0x1cd0  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
11:40:41.0562 0x1cd0  WudfPf - ok
11:40:41.0624 0x1cd0  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
11:40:41.0640 0x1cd0  WUDFRd - ok
11:40:41.0671 0x1cd0  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
11:40:41.0686 0x1cd0  wudfsvc - ok
11:40:41.0702 0x1cd0  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
11:40:41.0718 0x1cd0  WwanSvc - ok
11:40:41.0764 0x1cd0  ================ Scan global ===============================
11:40:41.0780 0x1cd0  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
11:40:41.0827 0x1cd0  [ DE4812AB2E6926D0FF2423F3B774585A, 77604B47F2A91F77DDF778D8D362A0145636ED060596760ED55D76DD12E04B79 ] C:\Windows\system32\winsrv.dll
11:40:41.0861 0x1cd0  [ DE4812AB2E6926D0FF2423F3B774585A, 77604B47F2A91F77DDF778D8D362A0145636ED060596760ED55D76DD12E04B79 ] C:\Windows\system32\winsrv.dll
11:40:41.0877 0x1cd0  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
11:40:41.0923 0x1cd0  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
11:40:41.0923 0x1cd0  [ Global ] - ok
11:40:41.0923 0x1cd0  ================ Scan MBR ==================================
11:40:41.0955 0x1cd0  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
11:40:42.0299 0x1cd0  \Device\Harddisk0\DR0 - ok
11:40:42.0299 0x1cd0  ================ Scan VBR ==================================
11:40:42.0314 0x1cd0  [ CBB04681925F65A147CFAEC55F725C93 ] \Device\Harddisk0\DR0\Partition1
11:40:42.0330 0x1cd0  \Device\Harddisk0\DR0\Partition1 - ok
11:40:42.0330 0x1cd0  [ 7B650DABE78B40CA723C4CAAF7B79FD1 ] \Device\Harddisk0\DR0\Partition2
11:40:42.0330 0x1cd0  \Device\Harddisk0\DR0\Partition2 - ok
11:40:42.0330 0x1cd0  [ 5522FDA77CE61A9420C0F86E03A3B1D3 ] \Device\Harddisk0\DR0\Partition3
11:40:42.0346 0x1cd0  \Device\Harddisk0\DR0\Partition3 - ok
11:40:42.0346 0x1cd0  ================ Scan generic autorun ======================
11:40:42.0381 0x1cd0  [ E6A3062BDB2E18EBDEB69CF7F7A3A070, 48AB0CCA0230DCBB47CCC765659E390A4A42AC7303A27B835B9FBB1168AC7BF1 ] C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe
11:40:42.0396 0x1cd0  IAStorIcon - ok
11:40:42.0412 0x1cd0  [ 0C3154D0620F974AD5C4E8D87626C8CF, 4E6B751F9C0D5D4833A12166BC5142E0A7402E98D00F570926ED9CA0936A8007 ] C:\Windows\system32\igfxtray.exe
11:40:42.0428 0x1cd0  IgfxTray - ok
11:40:42.0443 0x1cd0  [ E4AA3D28753EF9DB333FE40079993B09, ECC60BAA7D21EF97CDA17F45277FBFE52B2169155DDB157E34A7AE2EC1BEC185 ] C:\Windows\system32\hkcmd.exe
11:40:42.0474 0x1cd0  HotKeysCmds - ok
11:40:42.0490 0x1cd0  [ CF40080765D6F66FA93318C0DB6C7D1F, 015EE5BE439DAC6D3F7C7471EEF554C11F28947492E3F7AA14BB72622C327DCD ] C:\Windows\system32\igfxpers.exe
11:40:42.0506 0x1cd0  Persistence - ok
11:40:42.0677 0x1cd0  [ 20C08CA080F650B730B1E3FDEA9AD532, 1D2B0914412378E0B5834A95BDD86F8927B6A8D37F4E044C904CE381F1C19A75 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
11:40:42.0708 0x1cd0  AdobeAAMUpdater-1.0 - ok
11:40:42.0802 0x1578  Object send P2P result: true
11:40:42.0802 0x1578  Object required for P2P: [ A1F58FFF448E4099297D6EE0641D4D0E ] dbupdatem
11:40:42.0880 0x1cd0  [ 8FB8FB1EBEAAB655875964FB420761CE, 611E9A31F000457424CAFDD31787E2ECF63AC3564B87B25C63956E62F9F090C1 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
11:40:42.0996 0x1cd0  NvBackend - ok
11:40:43.0012 0x1cd0  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
11:40:43.0027 0x1cd0  ShadowPlay - ok
11:40:43.0058 0x1cd0  [ 8943465BEFA91044227D42E84ECB8280, 76D19CE3EB7E6C6573F250543CDC10B3601604535BFB756805AE246FA55AC265 ] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
11:40:43.0058 0x1cd0  NUSB3MON - ok
11:40:43.0105 0x1cd0  [ 9CA32383D02B21FB88CE04BF26591F93, FDCD8BE59FE48C91793A8DC3DD1444AF180A77116E1EF3455465749CF7FB0068 ] C:\Program Files (x86)\Symantec\Norton Utilities 16\sMonitor\SSDMonitor.exe
11:40:43.0105 0x1cd0  SSDMonitor - ok
11:40:43.0261 0x1cd0  [ F81CFA228F9991F41FD798EDE5847526, 659D3B820198332B9112EF8831D261F9AD21006EE4AFD4EBF730486295645C1D ] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe
11:40:43.0417 0x1cd0  Intuit SyncManager - ok
11:40:43.0561 0x1cd0  [ 50E68F8313263B1A12A767341A25663B, FE7785CB59EC46CD625312D3ACC825FF3533C120FB1801AD0F281FD443B0F3BE ] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
11:40:43.0623 0x1cd0  Adobe Creative Cloud - ok
11:40:43.0748 0x1cd0  [ 3EE19173AC7BB16AD239B195D97C13B0, A9E5FC90F20DC7500A186C9D184ED55BC04038FFC6D97714E64C660EAE808A98 ] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe
11:40:43.0779 0x1cd0  AdobeCS6ServiceManager - ok
11:40:43.0826 0x1cd0  Dropbox - ok
11:40:43.0904 0x1cd0  [ 49B3E72774491B0BE21EA68FA9AD5E6A, 6ABB231F6B53296EF2C1BF70FAD3D043155F83B281A57D09E526E5E5485CAB89 ] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe
11:40:43.0951 0x1cd0  Acrobat Assistant 8.0 - ok
11:40:44.0033 0x1cd0  [ 61E4289E91E88C90478D7F4BEB10DCF7, 1D0F4034E0111CF5758F470C15A22A0A28EB8269CB5BF07222C9C0FB07A15C55 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
11:40:44.0048 0x1cd0  APSDaemon - ok
11:40:44.0111 0x1cd0  [ C9B67BCB8E384064A8C2263740B0C437, F2609406A84F3A8E256DD250F84A774EF43F92C9F8B373E297A99ACF95B3CCE4 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
11:40:44.0126 0x1cd0  SunJavaUpdateSched - ok
11:40:44.0392 0x1cd0  [ 82B7AE85A3C197514055DA16D658D8C1, 6FB05B89FBD5FA39F86B7A260CF2C6A692F01FAF79828B18B00735D5A59BC81B ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
11:40:44.0633 0x1cd0  AvastUI.exe - ok
11:40:44.0711 0x1cd0  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
11:40:44.0742 0x1cd0  Sidebar - ok
11:40:44.0773 0x1cd0  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
11:40:44.0789 0x1cd0  mctadmin - ok
11:40:44.0820 0x1cd0  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
11:40:44.0836 0x1cd0  Sidebar - ok
11:40:44.0851 0x1cd0  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
11:40:44.0851 0x1cd0  mctadmin - ok
11:40:44.0898 0x1cd0  [ D7818CA27538A25A042FDBEB2AB8B924, A16EC41A365F744AD3538E2218122F2A41A894E2AA9EC303F38AA2625607A309 ] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe
11:40:44.0914 0x1cd0  Adobe Acrobat Synchronizer - ok
11:40:44.0976 0x1cd0  [ 585462051E79B30D0282D246F583977D, 7A2958530C4DC02DA1ACD0A8C5E0D04C63AE26AFA49A5444D4872852778D5F50 ] C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHVA.EXE
11:40:44.0976 0x1cd0  EPLTarget\P0000000000000000 - ok
11:40:45.0042 0x1cd0  [ 88FBBB1C601A6BC42054E57C2897FA45, 928C5BAB515035DE659C4255C209D33C407716DA325798951B2E8DA9BB230A9F ] C:\Users\Jason Mccomb\AppData\Local\Google\Update\GoogleUpdate.exe
11:40:45.0042 0x1cd0  Google Update - ok
11:40:45.0073 0x1cd0  [ EFC73875D6A2DECAD030633A9A75F00A, AA7B65649B37FFC68A6FFB23CBBE73E1BB873C840B9EA0049421D2B4C0EC364F ] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATILOE.EXE
11:40:45.0073 0x1cd0  EPLTarget\P0000000000000001 - ok
11:40:45.0307 0x1cd0  [ 88B052F686DA7B7E1423F0879E68CF41, 97FDFEF5A2E393642BC0136C64C0570668E58A49CA2EAD8ACFF61EF25383B3CB ] C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe
11:40:45.0416 0x1cd0  Advanced SystemCare 9 - ok
11:40:45.0447 0x1cd0  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
11:40:45.0463 0x1cd0  Sidebar - ok
11:40:45.0479 0x1cd0  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
11:40:45.0479 0x1cd0  mctadmin - ok
11:40:45.0479 0x1cd0  Waiting for KSN requests completion. In queue: 402
11:40:45.0654 0x1578  Object send P2P result: true
11:40:45.0685 0x1578  Object required for P2P: [ 4DFABFC1A31FDE2BDB0AB577CD313D70 ] nvsvc
11:40:46.0488 0x1cd0  Waiting for KSN requests completion. In queue: 217
11:40:47.0500 0x1cd0  Waiting for KSN requests completion. In queue: 217
11:40:48.0142 0x1aa0  Object required for P2P: [ 50E68F8313263B1A12A767341A25663B ] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
11:40:48.0503 0x1cd0  Waiting for KSN requests completion. In queue: 117
11:40:48.0534 0x1578  Object send P2P result: true
11:40:49.0510 0x1cd0  Waiting for KSN requests completion. In queue: 17
11:40:50.0517 0x1cd0  Waiting for KSN requests completion. In queue: 17
11:40:51.0053 0x1aa0  Object send P2P result: true
11:40:51.0053 0x1aa0  Object required for P2P: [ 82B7AE85A3C197514055DA16D658D8C1 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
11:40:51.0525 0x1cd0  Waiting for KSN requests completion. In queue: 12
11:40:52.0533 0x1cd0  Waiting for KSN requests completion. In queue: 12
11:40:53.0541 0x1cd0  Waiting for KSN requests completion. In queue: 12
11:40:53.0959 0x1aa0  Object send P2P result: true
11:40:54.0619 0x1cd0  AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 11.1.2253.1653 ), 0x41000 ( enabled : updated )
11:40:54.0619 0x1cd0  Win FW state via NFP2: enabled ( trusted )
11:40:57.0223 0x1cd0  ============================================================
11:40:57.0223 0x1cd0  Scan finished
11:40:57.0223 0x1cd0  ============================================================
11:40:57.0246 0x1e28  Detected object count: 0
11:40:57.0246 0x1e28  Actual detected object count: 0
 
OK good
i


#9 jcmmarketing

jcmmarketing
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:37 PM

Posted 30 March 2016 - 01:57 PM

aswMBR running now



#10 jcmmarketing

jcmmarketing
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:37 PM

Posted 30 March 2016 - 02:29 PM

aswMBR version 1.0.1.2252 Copyright© 2014 AVAST Software
Run date: 2016-03-30 11:54:28
-----------------------------
11:54:28.421    OS Version: Windows x64 6.1.7601 Service Pack 1
11:54:28.421    Number of processors: 4 586 0x2A07
11:54:28.421    ComputerName: JASONMCCOMB-PC  UserName: Jason Mccomb
11:54:29.263    Initialize success
11:54:29.263    VM: initialized successfully
11:54:29.263    VM: Intel CPU supported virtualized 
11:54:32.987    VM: disk I/O iaStorA.sys
11:54:34.969    AVAST engine defs: 16033003
11:57:52.744    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000006c
11:57:52.744    Disk 0 Vendor: WDC_____ 01.0 Size: 476940MB BusType: 11
11:57:52.885    Disk 0 MBR read successfully
11:57:52.885    Disk 0 MBR scan
11:57:52.900    Disk 0 Windows 7 default MBR code
11:57:52.900    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS       201082 MB offset 2048
11:57:52.900    Disk 0 Boot: NTFS     code=1
11:57:52.916    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       273856 MB offset 411817984
11:57:52.947    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS         1999 MB offset 972675072
11:57:52.994    Disk 0 scanning C:\Windows\system32\drivers
11:58:01.143    Service scanning
11:58:19.498    Modules scanning
11:58:19.514    Disk 0 trace - called modules:
11:58:19.529    ntoskrnl.exe CLASSPNP.SYS disk.sys iaStorF.sys storport.sys hal.dll iaStorA.sys 
11:58:19.529    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800880b060]
11:58:19.545    3 CLASSPNP.SYS[fffff880017c543f] -> nt!IofCallDriver -> [0xfffffa8008662c50]
11:58:19.545    5 iaStorF.sys[fffff88001687f84] -> nt!IofCallDriver -> \Device\0000006c[0xfffffa80060b3060]
11:58:20.794    AVAST engine scan C:\Windows
11:58:23.166    AVAST engine scan C:\Windows\system32
12:00:44.330    AVAST engine scan C:\Windows\system32\drivers
12:00:54.532    AVAST engine scan C:\Users\Jason Mccomb
12:12:54.917    AVAST engine scan C:\ProgramData
12:18:41.527    Disk 0 statistics 4512393/0/0 @ 2.26 MB/s
12:18:41.542    Scan finished successfully
12:21:18.949    Disk 0 MBR has been saved successfully to "C:\Users\Jason Mccomb\Documents\MBR.dat"
12:21:18.965    The log file has been saved successfully to "C:\Users\Jason Mccomb\Documents\aswMBR.txt"
12:25:03.068    Disk 0 MBR has been saved successfully to "C:\Users\Jason Mccomb\Desktop\MBR.dat"
12:25:03.083    The log file has been saved successfully to "C:\Users\Jason Mccomb\Desktop\aswMBR.txt"

Attached Files

  • Attached File  MBR.zip   561bytes   0 downloads


#11 jcmmarketing

jcmmarketing
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:37 PM

Posted 30 March 2016 - 02:35 PM

Thanks I'll go look over the machine now 



#12 jcmmarketing

jcmmarketing
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:37 PM

Posted 30 March 2016 - 03:09 PM

you've accomplished more in the last hour that Microsoft, Norton, and Best Buy could since November of last year. oh, left out Office Depot Tech solutions.



#13 nasdaq

nasdaq

  • Malware Response Team
  • 38,957 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:37 PM

Posted 31 March 2016 - 08:25 AM

How is the computer running now.

Forgot to reset the Winsock catalog.
Please run this fix.


Press the windows key Windows_Logo_key.gif+ r on your keyboard at the same time. This will open the RUN BOX.
Type Notepad and and click the OK key.
Please copy the entire contents of the code box below to the a new file.
 
start


CreateRestorePoint:
CloseProcesses:
cmd: netsh winsock reset catalog

--- FIX HERE ---

End
Save the file as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log (Fixlog.txt) please post it to your reply.

#14 jcmmarketing

jcmmarketing
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:37 PM

Posted 31 March 2016 - 01:23 PM

ok, will do



#15 nasdaq

nasdaq

  • Malware Response Team
  • 38,957 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:37 PM

Posted 31 March 2016 - 01:27 PM

Let me know what problem persists after the fix is completed.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users