Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Suspected Infection, Multiple Svchost.exe and iexplorers


  • This topic is locked This topic is locked
64 replies to this topic

#1 BuckEyeJog

BuckEyeJog

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Local time:05:53 AM

Posted 08 July 2016 - 12:43 AM

Svchost.exe and iexplorer have multiple instances, and keep adding more processes everytime Internet Explorer is
used. Physical memory is eaten up, and programs like Super Anti Adware Removal, TDSS, Malawarebytes,Adware
Cleaner, HitmanPro, and Roguekiller fail to remove the problem. ADSSpy also didn't remove a suspicious ADS.
Fairly sure a Rootkit or the like is the culprit,any help is very appreciated.

Farbar:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-07-2016
Ran by Bendlebender (administrator) on BLUEBEAST (03-07-2016 04:43:05)
Running from C:\Users\Bendlebender\Downloads
Loaded Profiles: Bendlebender (Available Profiles: Bendlebender & Fat Wombat & Warchow)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\stacsv64.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\BCMWLTRY.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe
() C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(ActMask Co.,Ltd - hxxp://WWW.ALL2PDF.COM) C:\Windows\System32\PrintCtrl.exe
(ActMask Co.,Ltd - hxxp://www.all2pdf.com) C:\Windows\System32\PrintDisp.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
() C:\Program Files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE
(ActMask Co.,Ltd - hxxp://www.all2pdf.com) C:\Windows\System32\PrintDisp.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DellDock.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
() C:\Users\Bendlebender\Desktop\Not Surprised\atoto\NO$GBA.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1822504 2009-08-24] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-01-21] (IDT, Inc.)
HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [3217056 2010-04-01] (Dell Inc.)
HKLM\...\Run: [FreeFallProtection] => C:\Program Files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe [2384896 2009-07-22] ()
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe [5470208 2009-12-16] (Dell Inc.)
HKLM\...\Run: [PrintDisp] => C:\Windows\system32\PrintDisp.exe [826368 2011-02-19] (ActMask Co.,Ltd - hxxp://www.all2pdf.com)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-03] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-06-01] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [DellSupportCenter] => "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7408312 2016-06-27] (AVAST Software)
HKLM-x32\...\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] => C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe [560128 2011-09-18] (Dell)
Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll [X]
HKU\S-1-5-21-1748231068-357915915-2718231513-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-12-30] (Google Inc.)
HKU\S-1-5-21-1748231068-357915915-2718231513-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7943072 2016-05-31] (SUPERAntiSpyware)
HKU\S-1-5-21-1748231068-357915915-2718231513-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8810200 2016-06-10] (Piriform Ltd)
HKU\S-1-5-21-1748231068-357915915-2718231513-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-1748231068-357915915-2718231513-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-1748231068-357915915-2718231513-1000\...\MountPoints2: {e4a62ffc-e11a-11df-832b-806e6f6e6963} - D:\arun.exe
HKU\S-1-5-18\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-18\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-06-17] (AVAST Software)
Startup: C:\Users\Bendlebender\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk [2010-11-01]
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk [2010-10-26]
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk [2010-10-26]
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Warchow\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock (2).lnk [2010-11-01]
ShortcutTarget: Dell Dock (2).lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Warchow\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk [2013-04-03]
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Warchow\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop (2).ini [2013-04-03] ()
GroupPolicyUsers\S-1-5-21-1748231068-357915915-2718231513-1001\User: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.1
Tcpip\..\Interfaces\{AE34EA64-F69E-4D26-91EA-13E318ACFCBA}: [DhcpNameServer] 10.0.0.1

Internet Explorer:
==================
HKU\S-1-5-21-1748231068-357915915-2718231513-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.msn.com/USCON/1
HKU\S-1-5-21-1748231068-357915915-2718231513-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/USCON/1
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {C62CEFC8-FC11-4BF7-AA6E-2C598B712605} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {B4BDB666-B7F0-4021-8BB8-8134C4DC9E9A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1748231068-357915915-2718231513-1000 -> {4291C37D-D810-4D39-89BA-C4A9CF0EEBCD} URL = hxxp://search.yahoo.com/search?fr=mcafee&p={SearchTerms}
SearchScopes: HKU\S-1-5-21-1748231068-357915915-2718231513-1000 -> {B4BDB666-B7F0-4021-8BB8-8134C4DC9E9A} URL =
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2013-02-16] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-06-17] (AVAST Software)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-19] (Google Inc.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-02-16] (Oracle Corporation)
BHO-x32: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File
BHO-x32: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2009-01-14] (Microsoft Corp.)
BHO-x32: SSVHelper Class -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2011-01-22] (Sun Microsystems, Inc.)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-06-17] (AVAST Software)
BHO-x32: Windows Live Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-19] (Google Inc.)
BHO-x32: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08] (Skype Technologies S.A.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-01-22] (Sun Microsystems, Inc.)
BHO-x32: Windows Live Toolbar Helper -> {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} -> C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2009-02-06] (Microsoft Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-19] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-19] (Google Inc.)
Toolbar: HKU\S-1-5-21-1748231068-357915915-2718231513-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-19] (Google Inc.)
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler-x32: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll [2009-07-23] (Cozi Group, Inc.)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08] (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2010-05-13] (Skype Technologies)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_192.dll [2016-06-17] ()
FF Plugin: @java.com/DTPlugin,version=10.13.2 -> C:\Windows\system32\npDeployJava1.dll [2013-02-16] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.13.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2013-02-16] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-17] ()
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll [2011-01-22] (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\3.0.40624.0\npctrl.dll [2009-06-23] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-19] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-06-17]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-06-17]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF

Chrome:
=======
CHR Profile: C:\Users\Bendlebender\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\Bendlebender\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-03]
CHR Extension: (Google Search) - C:\Users\Bendlebender\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-03]
CHR Extension: (Avast Online Security) - C:\Users\Bendlebender\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-04-03]
CHR Extension: (Google Wallet) - C:\Users\Bendlebender\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-03]
CHR Extension: (Gmail) - C:\Users\Bendlebender\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-03]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-06-17]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [243296 2016-06-17] (AVAST Software)
R2 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2009-06-09] (Stardock Corporation) [File not signed]
R2 InstallFilterService; C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe [60928 2009-06-23] () [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 Printer Control; C:\Windows\system32\PrintCtrl.exe [78848 2010-05-07] (ActMask Co.,Ltd - hxxp://WWW.ALL2PDF.COM) [File not signed]
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\STacSV64.exe [244736 2010-01-21] (IDT, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe [4950016 2009-12-16] (Dell Inc.) [File not signed]
S3 AvastVBoxSvc; "C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe" [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-06-17] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-06-17] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-06-17] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-06-17] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-06-17] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-06-17] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [465792 2016-06-17] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [166432 2016-06-17] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [287528 2016-06-17] (AVAST Software)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-07-03] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [24688 2016-07-03] ()
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-11-02] ()
S3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0; \??\c:\program files\dell support center\pcdsrvc_x64.pkms [X]
S2 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-03 03:54 - 2016-07-03 03:54 - 01309184 _____ C:\Users\Bendlebender\Downloads\zoek.exe
2016-07-03 02:45 - 2016-07-03 02:45 - 00037888 _____ (Soeperman Enterprises Ltd.) C:\Users\Bendlebender\Downloads\ADSSpy.exe
2016-07-03 02:30 - 2016-07-03 02:32 - 00047288 _____ C:\Users\Bendlebender\Downloads\Addition.txt
2016-07-03 02:29 - 2016-07-03 04:43 - 00019944 _____ C:\Users\Bendlebender\Downloads\FRST.txt
2016-07-03 02:29 - 2016-07-03 04:43 - 00000000 ____D C:\FRST
2016-07-03 02:05 - 2016-07-03 02:05 - 02390016 _____ (Farbar) C:\Users\Bendlebender\Downloads\FRST64.exe
2016-07-03 00:22 - 2016-07-03 00:24 - 00208718 _____ C:\TDSSKiller.3.1.0.9_03.07.2016_00.22.47_log.txt
2016-07-02 03:13 - 2016-07-03 03:57 - 00024688 _____ C:\Windows\system32\Drivers\TrueSight.sys
2016-07-02 03:12 - 2016-07-02 03:12 - 00000000 ____D C:\ProgramData\RogueKiller
2016-07-02 02:43 - 2016-07-02 02:43 - 00002806 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2016-07-02 02:43 - 2016-07-02 02:43 - 00000824 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-07-02 02:43 - 2016-07-02 02:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-07-02 02:43 - 2016-07-02 02:43 - 00000000 ____D C:\Program Files\CCleaner
2016-07-02 02:35 - 2016-07-02 02:37 - 00208280 _____ C:\TDSSKiller.3.1.0.9_02.07.2016_02.35.54_log.txt
2016-07-02 02:17 - 2016-07-02 02:17 - 00117721 _____ C:\Users\Bendlebender\Documents\Booster.txt
2016-07-02 01:59 - 2016-07-02 01:59 - 00000000 ____D C:\ProgramData\SUPERSetup
2016-07-01 19:27 - 2016-07-01 19:27 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Bendlebender\Downloads\tdsskiller.exe
2016-07-01 19:23 - 2016-07-01 19:24 - 19927624 _____ C:\Users\Bendlebender\Downloads\RogueKiller.exe
2016-07-01 18:51 - 2016-07-01 18:51 - 06995720 _____ (Piriform Ltd) C:\Users\Bendlebender\Downloads\ccsetup519.exe
2016-07-01 18:48 - 2016-07-01 18:48 - 00688992 _____ (Swearware) C:\Users\Bendlebender\Downloads\dds.scr
2016-07-01 18:03 - 2016-07-02 04:59 - 00000000 ____D C:\AdwCleaner
2016-07-01 17:59 - 2016-07-01 17:59 - 03712064 _____ C:\Users\Bendlebender\Downloads\AdwCleaner.exe
2016-07-01 17:12 - 2016-07-01 17:12 - 00000000 ____D C:\SUPERDelete
2016-07-01 17:10 - 2016-07-03 02:00 - 00000524 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 9b6b2ca0-df3c-49f1-82e7-8eff79890d47.job
2016-07-01 17:10 - 2016-07-03 01:10 - 00000524 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 86f914ea-82ff-4628-b6e3-2fb811dd97d5.job
2016-07-01 17:10 - 2016-07-01 17:10 - 00003614 _____ C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 9b6b2ca0-df3c-49f1-82e7-8eff79890d47
2016-07-01 17:10 - 2016-07-01 17:10 - 00003540 _____ C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 86f914ea-82ff-4628-b6e3-2fb811dd97d5
2016-07-01 17:10 - 2016-07-01 17:10 - 00001810 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2016-07-01 17:10 - 2016-07-01 17:10 - 00000000 ____D C:\Users\Bendlebender\AppData\Roaming\SUPERAntiSpyware.com
2016-07-01 17:10 - 2016-07-01 17:10 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2016-07-01 17:10 - 2016-07-01 17:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2016-07-01 17:10 - 2016-07-01 17:10 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2016-07-01 16:44 - 2016-07-01 16:45 - 26461672 _____ (SUPERAntiSpyware) C:\Users\Bendlebender\Downloads\SUPERAntiSpyware.exe
2016-07-01 03:07 - 2015-10-20 13:42 - 03168768 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-07-01 03:07 - 2015-10-20 13:42 - 02608128 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-07-01 03:07 - 2015-10-20 13:42 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-07-01 03:07 - 2015-10-20 13:42 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-07-01 03:07 - 2015-10-20 13:42 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-07-01 03:07 - 2015-10-20 13:42 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-07-01 03:07 - 2015-10-20 13:42 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-07-01 03:07 - 2015-10-20 13:41 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-07-01 03:07 - 2015-10-20 13:41 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2016-07-01 03:07 - 2015-10-20 13:41 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-07-01 03:07 - 2015-10-20 13:41 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2016-07-01 03:07 - 2015-10-20 12:46 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-07-01 03:07 - 2015-10-20 12:46 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-07-01 03:07 - 2015-10-20 12:46 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-07-01 03:07 - 2015-10-20 12:46 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2016-07-01 03:07 - 2015-10-20 12:45 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-07-01 01:29 - 2016-07-01 02:52 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-07-01 01:29 - 2016-07-01 01:30 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-07-01 01:29 - 2016-07-01 01:29 - 00002049 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2016-07-01 01:29 - 2016-07-01 01:29 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-07-01 00:45 - 2016-07-03 04:36 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-07-01 00:45 - 2016-07-01 00:45 - 00001104 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-07-01 00:45 - 2016-07-01 00:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-07-01 00:45 - 2016-07-01 00:45 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-07-01 00:45 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-07-01 00:45 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-06-28 02:12 - 2016-06-28 02:12 - 00024930 _____ C:\Users\Bendlebender\Documents\apoc.txt
2016-06-28 02:09 - 2016-06-28 02:09 - 00344964 _____ C:\Users\Bendlebender\Documents\Arcadia Guide.txt
2016-06-28 02:08 - 2016-06-28 02:08 - 00186909 _____ C:\Users\Bendlebender\Documents\Legend Armanents.txt
2016-06-28 02:07 - 2016-06-28 02:07 - 00157809 _____ C:\Users\Bendlebender\Documents\Saga Legacy.txt
2016-06-17 01:52 - 2016-06-17 01:52 - 00003892 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1466146326
2016-06-17 01:52 - 2016-06-17 01:52 - 00001039 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-06-17 01:48 - 2016-06-17 01:48 - 00398152 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-06-17 01:48 - 2016-06-17 01:48 - 00052184 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-06-17 01:48 - 2016-06-17 01:48 - 00037144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-03 03:54 - 2010-12-30 18:51 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-03 03:50 - 2013-07-03 14:12 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-07-03 02:25 - 2009-07-13 23:45 - 00014240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-07-03 02:25 - 2009-07-13 23:45 - 00014240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-07-03 02:21 - 2015-01-21 14:35 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-07-03 02:17 - 2010-12-30 18:51 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-03 02:17 - 2010-10-26 09:55 - 00000000 ____D C:\Users\Default\AppData\Local\SoftThinks
2016-07-03 02:17 - 2010-10-26 09:55 - 00000000 ____D C:\Users\Default User\AppData\Local\SoftThinks
2016-07-03 02:17 - 2010-10-26 09:29 - 00000000 ____D C:\Program Files (x86)\Dell DataSafe Local Backup
2016-07-03 02:16 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-07-03 00:19 - 2012-04-10 16:29 - 00000506 _____ C:\Windows\Tasks\SystemToolsDailyTest.job
2016-07-02 17:31 - 2012-04-10 16:29 - 00003548 _____ C:\Windows\System32\Tasks\SystemToolsDailyTest
2016-07-02 17:31 - 2012-04-10 16:29 - 00003488 _____ C:\Windows\System32\Tasks\PCDEventLauncher
2016-07-01 19:49 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\Help
2016-07-01 19:48 - 2011-01-16 18:19 - 00000000 ____D C:\Users\Bendlebender\Desktop\Work
2016-07-01 18:28 - 2010-12-16 17:09 - 00985860 _____ C:\Windows\ntbtlog.txt
2016-07-01 17:44 - 2013-04-04 00:01 - 00000000 ____D C:\Users\Warchow\Desktop\Sorting
2016-07-01 17:44 - 2012-04-17 00:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ToEE
2016-07-01 17:44 - 2012-04-17 00:16 - 00000000 ____D C:\TOEE
2016-07-01 17:44 - 2010-11-12 22:46 - 00000000 ____D C:\Users\Bendlebender\Desktop\Sorting
2016-07-01 04:40 - 2012-04-09 01:03 - 00007601 _____ C:\Users\Bendlebender\AppData\Local\resmon.resmoncfg
2016-07-01 03:47 - 2010-10-26 09:31 - 00000000 ____D C:\ProgramData\PCDr
2016-07-01 02:37 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2016-07-01 01:29 - 2010-10-26 09:22 - 00000000 ____D C:\ProgramData\Adobe
2016-07-01 00:45 - 2012-02-06 04:54 - 00000000 ____D C:\Users\Bendlebender\AppData\Roaming\Malwarebytes
2016-07-01 00:45 - 2012-02-06 04:54 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-07-01 00:45 - 2012-02-06 04:54 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2016-06-29 23:37 - 2009-07-14 00:08 - 00032576 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-06-28 17:13 - 2015-11-14 01:45 - 00000000 ____D C:\Users\Bendlebender\Desktop\Not Surprised
2016-06-27 00:16 - 2009-07-14 00:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2016-06-26 01:50 - 2013-04-27 23:59 - 00015199 _____ C:\Users\Bendlebender\Desktop\Spots.txt
2016-06-21 14:30 - 2012-04-10 16:29 - 00000564 _____ C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
2016-06-21 04:18 - 2015-08-03 00:35 - 00019684 _____ C:\Users\Bendlebender\Desktop\n.txt
2016-06-21 03:21 - 2010-11-01 23:32 - 00000000 ____D C:\Windows\System32\Tasks\Games
2016-06-21 00:34 - 2012-04-10 16:29 - 00004284 _____ C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask
2016-06-18 00:56 - 2011-10-25 15:30 - 00002197 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-17 02:50 - 2013-07-03 14:12 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-06-17 02:50 - 2013-07-03 14:12 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-06-17 02:50 - 2011-06-21 12:11 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-06-17 01:48 - 2015-01-21 14:40 - 00166432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2016-06-17 01:48 - 2015-01-21 14:40 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-06-17 01:48 - 2015-01-21 14:35 - 00287528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2016-06-17 01:48 - 2015-01-21 14:35 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-06-17 01:48 - 2012-02-24 00:06 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2016-06-17 01:48 - 2012-01-31 03:17 - 01070904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2016-06-17 01:48 - 2012-01-31 03:17 - 00465792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2016-06-17 01:48 - 2012-01-31 03:17 - 00107792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-06-17 01:48 - 2012-01-31 03:16 - 00000000 ____D C:\ProgramData\AVAST Software
2016-06-17 01:48 - 2012-01-31 03:16 - 00000000 ____D C:\Program Files\AVAST Software
2016-06-13 19:31 - 2011-01-10 15:51 - 00484008 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

==================== Files in the root of some directories =======

2003-11-05 11:49 - 2003-11-03 14:09 - 1512863 _____ () C:\Program Files\RT_ToEE4.dat
2013-03-30 16:33 - 2014-01-03 04:03 - 0001145 _____ () C:\Users\Bendlebender\AppData\Roaming\hexplorer.dat
2013-03-30 16:33 - 2014-01-03 04:03 - 0000027 _____ () C:\Users\Bendlebender\AppData\Roaming\mclip.dat
2015-05-09 15:50 - 2015-05-09 15:50 - 0003584 _____ () C:\Users\Bendlebender\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-04-09 01:03 - 2016-07-01 04:40 - 0007601 _____ () C:\Users\Bendlebender\AppData\Local\resmon.resmoncfg
2011-08-18 02:31 - 2011-08-18 02:31 - 0000000 _____ () C:\Users\Bendlebender\AppData\Local\{4D81777D-81C9-446B-8EA1-74D0E6D3D512}
2011-07-02 19:58 - 2011-07-02 19:58 - 0000000 _____ () C:\Users\Bendlebender\AppData\Local\{6027DB95-7861-4EDB-BAC5-F545C7807988}
2011-10-20 04:42 - 2011-10-20 04:42 - 0000000 _____ () C:\Users\Bendlebender\AppData\Local\{8EE9644D-4203-4E97-9C43-290D5926C93A}
2011-07-28 03:37 - 2011-07-28 03:37 - 0000000 _____ () C:\Users\Bendlebender\AppData\Local\{B4258355-A31F-4FFC-876F-96636CB771DF}
2011-05-22 16:29 - 2011-05-22 16:29 - 0000000 _____ () C:\Users\Bendlebender\AppData\Local\{D6CAFD96-8F5B-4A34-8AF7-76B2CD748566}
2011-05-21 12:39 - 2011-05-21 12:39 - 0000000 _____ () C:\Users\Bendlebender\AppData\Local\{FC69A4F8-524D-48EE-9CFA-1118B4A8EB95}

Some files in TEMP:
====================
C:\Users\Bendlebender\AppData\Local\Temp\dllnt_dump.dll
C:\Users\Bendlebender\AppData\Local\Temp\do-2mzm8.dll
C:\Users\Bendlebender\AppData\Local\Temp\r3er9um1.dll
C:\Users\Bendlebender\AppData\Local\Temp\_is39A6.exe
C:\Users\Bendlebender\AppData\Local\Temp\_is3D8F.exe
C:\Users\Bendlebender\AppData\Local\Temp\_is6132.exe
C:\Users\Bendlebender\AppData\Local\Temp\_isCADD.exe

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-06-29 02:52

==================== End of FRST.txt ============================

 

Roguekiller:

RogueKiller V12.3.6.0 [Jun 27 2016] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/software/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Bendlebender [Administrator]
Started from : C:\Users\Bendlebender\Downloads\RogueKiller.exe
Mode : Scan -- Date : 07/07/2016 02:32:10

¤¤¤ Processes : 0 ¤¤¤

¤¤¤ Registry : 6 ¤¤¤
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.1 ([X])  -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.1 ([X])  -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.1 ([X])  -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{AE34EA64-F69E-4D26-91EA-13E318ACFCBA} | DhcpNameServer : 10.0.0.1 ([X])  -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{AE34EA64-F69E-4D26-91EA-13E318ACFCBA} | DhcpNameServer : 10.0.0.1 ([X])  -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{AE34EA64-F69E-4D26-91EA-13E318ACFCBA} | DhcpNameServer : 10.0.0.1 ([X])  -> Found

¤¤¤ Tasks : 0 ¤¤¤

¤¤¤ Files : 0 ¤¤¤

¤¤¤ Hosts File : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Not loaded [0xc000036b]) ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: ST9500420AS +++++
--- User ---
[MBR] c3077f3f19565c8c2fd233bb489c52f0
[BSP] 7604063f9306d4c3c722bddd444a7bf4 : HP MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 39 MB
1 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 80325 | Size: 15000 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 30800325 | Size: 461899 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

Zoek:

Zoek.exe v5.0.0.1 Updated 27-09-2015
Tool run by Bendlebender on Thu 07/07/2016 at  1:58:54.64.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode No Internet Access Detected
Launched: C:\Users\Bendlebender\Downloads\zoek.exe [Scan all users]   [Deep Scan]

==== System Restore Info ======================

7/7/2016 2:00:12 AM Zoek.exe System Restore Point Created Successfully.

==== Running Processes ======================

C:\Program Files\Dell\DellDock\DockLogin.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
C:\Windows\system32\PrintDisp.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe
C:\Windows\System32\PrintDisp.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Users\Bendlebender\Desktop\Not Surprised\atoto\NO$GBA.EXE
C:\Program Files (x86)\Windows NT\Accessories\WORDPAD.EXE
C:\Users\Bendlebender\Downloads\zoek.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe

==== System Specs ======================

Operating System: Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 64-bit
Manufacturer: Dell Inc. - Model: Studio 1558
Install Date: 11/1/2010 1:52:50 PM
Last Boot: 7/7/2016 12:13:55 AM
Processor: Intel® Core™ i5 CPU       M 460  @ 2.53GHz
Number of Processors: 4
Work Station
Bootmode: Normal boot
Total RAM: 3956 MB (free 1718 MB - 43)
Computername: BLUEBEAST
Domain: WORKGROUP
User: Bendlebender (Administrator account)
Local Disk:        C:\ - NTFS - 451 GB (free 225 GB)
CD \ DVD Drive:    D:\
Bootdevice: \Device\HarddiskVolume2
Windows update:
Country: United States
Language: ENU

==== System Specs (Software) ======================

Anti-Virus: avast! Antivirus On-access scanning disabled (Outdated)
Anti-Spyware: Windows Defender disabled (Outdated)
Anti-Spyware: avast! Antivirus disabled (Outdated)
Internet Explorer Version: 11.0.9600.17501
Google Chrome version: 51.0.2704.103
Adobe Reader version: 15.16.20045.188096
Sun Java version: 1.6.0_23 (32-bit)
Sun Java version: 1.7.0_13 (64-bit)
Flash Player version: 22.0.0.192

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2016-06-17 06:48:23 8D26DAE92B9995B082AE5B6BC2FB70DB 52184 ----a-w- C:\Windows\avastSS.scr
====== C:\Users\BENDLE~1\AppData\Local\Temp ====
2016-07-02 08:12:21 A2B0924D50F4435FD389499047CE553A 1292192 ----a-w- C:\Users\Bendlebender\AppData\Local\Temp\dllnt_dump.dll
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2016-07-01 08:07:31 5670A441F06AE04D2B587D1BD2DC1DC0 30208 ----a-w- C:\Windows\SysWOW64\wups.dll
2016-07-01 08:07:30 F1BAAC5C7B35968EFAB7C21C32ECBB28 93696 ----a-w- C:\Windows\SysWOW64\wudriver.dll
2016-07-01 08:07:30 B35154CD5A10368ED3DB277BB38012B3 35328 ----a-w- C:\Windows\SysWOW64\wuapp.exe
2016-07-01 08:07:29 D714B7F77DB7E1D81CBFCE8DDCDCC5FE 566784 ----a-w- C:\Windows\SysWOW64\wuapi.dll
2016-07-01 08:07:29 1E643C501E621F91776F9F9AC226FADF 174080 ----a-w- C:\Windows\SysWOW64\wuwebv.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2016-07-06 06:41:38 F3856BB200502ABF0FF1B106C2755FDF 3572 ----a-w- C:\Windows\Sysnative\.crusader
2016-07-01 08:07:31 3E89AD28893A8E9C1F01D2A162C7D457 91136 ----a-w- C:\Windows\Sysnative\WinSetupUI.dll
2016-07-01 08:07:30 F62A6979E13872D744BA69F4F78109B8 12288 ----a-w- C:\Windows\Sysnative\wu.upgrade.ps.dll
2016-07-01 08:07:30 B2AA75E472BAB24818915342E44FF2AD 98816 ----a-w- C:\Windows\Sysnative\wudriver.dll
2016-07-01 08:07:30 9D3A6E1660B3D6BF63E83A901D1109BB 37888 ----a-w- C:\Windows\Sysnative\wuapp.exe
2016-07-01 08:07:30 500B7A762291EC4EE4B445337956BDBC 36864 ----a-w- C:\Windows\Sysnative\wups.dll
2016-07-01 08:07:30 246FD89B6B5521AD2CE1C560D666BAD7 37888 ----a-w- C:\Windows\Sysnative\wups2.dll
2016-07-01 08:07:29 CDBE532602413E7FB0C395024749C7AA 140288 ----a-w- C:\Windows\Sysnative\wuauclt.exe
2016-07-01 08:07:29 C64959F2D2EE6EDB96916902962D48B9 696320 ----a-w- C:\Windows\Sysnative\wuapi.dll
2016-07-01 08:07:29 4AA4838D59A51B3B5A6C2BFC2092FDEC 3168768 ----a-w- C:\Windows\Sysnative\wucltux.dll
2016-07-01 08:07:29 361845875ED8ED13086E7F37265C45DA 2608128 ----a-w- C:\Windows\Sysnative\wuaueng.dll
2016-07-01 08:07:29 24E1CD4E823628943540A63187AC282E 192512 ----a-w- C:\Windows\Sysnative\wuwebv.dll
====== C:\Windows\Sysnative\drivers =====
2016-07-06 06:59:12 7FD586369B597798535C098E63818AAC 46960 ----a-w- C:\Windows\Sysnative\drivers\hitmanpro37.sys
2016-07-02 08:13:32 0C997B061E3C66BD9E927C1288EB1CC7 24688 ----a-w- C:\Windows\Sysnative\drivers\TrueSight.sys
2016-07-01 05:45:36 78488AF2AB2111D67B3C4044707A519B 192216 ----a-w- C:\Windows\Sysnative\drivers\MBAMSwissArmy.sys
2016-07-01 05:45:02 47701ECA633574E122687693B5C5D35C 109272 ----a-w- C:\Windows\Sysnative\drivers\mbamchameleon.sys
2016-07-01 05:45:02 452ACB7A9914398D9E18CCCFFCF92208 64896 ----a-w- C:\Windows\Sysnative\drivers\mwac.sys
2016-06-17 06:48:47 786E8BCDFF674068F3C950615FC2E71C 37144 ----a-w- C:\Windows\Sysnative\drivers\aswKbd.sys
====== C:\Windows\Tasks ======
2016-07-01 22:10:55 AEC3906C0FBE60FFEB9BCB65FDB8F5B8 3614 ----a-w- C:\Windows\Sysnative\Tasks\SUPERAntiSpyware Scheduled Task 9b6b2ca0-df3c-49f1-82e7-8eff79890d47
2016-07-01 22:10:55 A7F84F1D3E7634B326D8ECDB106C42AB 3540 ----a-w- C:\Windows\Sysnative\Tasks\SUPERAntiSpyware Scheduled Task 86f914ea-82ff-4628-b6e3-2fb811dd97d5
2016-07-01 22:10:55 7B570FE9684F36B472E65DB8D857BBCD 524 ----a-w- C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 9b6b2ca0-df3c-49f1-82e7-8eff79890d47.job
2016-07-01 22:10:55 3BFDE3734A091581D5064655A843EC72 524 ----a-w- C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 86f914ea-82ff-4628-b6e3-2fb811dd97d5.job
2016-07-01 06:29:55 B63AD96D5AB77552EFDB7D2277C3B0CB 3886 ----a-w- C:\Windows\Sysnative\Tasks\Adobe Acrobat Update Task
2016-06-17 06:52:10 9A49CD302147B1308691682771103FD6 3892 ----a-w- C:\Windows\Sysnative\Tasks\SafeZone scheduled Autoupdate 1466146326
====== C:\Windows\Temp ======
======= C:\Program Files =====
2016-07-06 06:25:08 -------- d-----w- C:\Program Files\HitmanPro
======= C:\PROGRA~2 =====
2016-07-01 06:29:24 -------- d-----w- C:\PROGRA~2\Adobe
======= C: =====
2016-07-07 06:22:44 361DAD7991E42E4AECC05B2D627B0A7A 1074 ----a-w- C:\Latest Malawarebytes.txt
====== C:\Users\Bendlebender\AppData\Roaming ======
2016-07-06 06:30:57 -------- d-----w- C:\Users\Bendlebender\AppData\Local\CrashDumps
2016-07-04 07:04:53 -------- d-----w- C:\Users\Bendlebender\AppData\Local\CEF
2016-07-01 22:10:45 -------- d-----w- C:\Users\Bendlebender\AppData\Roaming\SUPERAntiSpyware.com
2016-07-01 05:44:34 -------- d-----w- C:\Users\Bendlebender\AppData\Local\Programs
====== C:\Users\Bendlebender ======
2016-07-06 07:43:30 D4DB1467B56C75C83E555EAF86ADED99 1744696 ----a-w- C:\Users\Bendlebender\mbar\mbamcore.dll
2016-07-06 07:43:30 C39CF7F4783008D9AD03B1B4821351A9 1317176 ----a-w- C:\Users\Bendlebender\mbar\mbar.dll
2016-07-06 07:43:30 BC83108B18756547013ED443B8CDB31B 421200 ----a-w- C:\Users\Bendlebender\mbar\msvcp100.dll
2016-07-06 07:43:30 9EF0B4D78702BB3076BDCED1FC30A140 602936 ----a-w- C:\Users\Bendlebender\mbar\mbam.dll
2016-07-06 07:43:30 8D704E13B735D87D227D05B5495F1B1B 270136 ----a-w- C:\Users\Bendlebender\mbar\mbar.exe
2016-07-06 07:43:30 7A2EBC02187D471E16EF38D230C16D7E 54072 ----a-w- C:\Users\Bendlebender\mbar\mbamdor.exe
2016-07-06 07:43:30 5D9839930E972CD64A63BD6117AAD270 2578432 ----a-w- C:\Users\Bendlebender\mbar\QtCore4.dll
2016-07-06 07:43:30 395ECE9AAF5EEFA1B22D927B571A21E0 3370296 ----a-w- C:\Users\Bendlebender\mbar\mbamnet.dll
2016-07-06 07:43:30 2CBCB7DDDA729F8AB3905DA0396B8CCA 488248 ----a-w- C:\Users\Bendlebender\mbar\dda.dll
2016-07-06 07:43:30 1C3EBD90EDB3FFE930569CFD6EF410EC 8406528 ----a-w- C:\Users\Bendlebender\mbar\QtGui4.dll
2016-07-06 07:43:30 0E37FBFA79D349D672456923EC5FBBE3 773968 ----a-w- C:\Users\Bendlebender\mbar\msvcr100.dll
2016-07-06 07:43:29 -------- d-----w- C:\Users\Bendlebender\mbar
2016-07-06 07:41:18 67B0906B68164E807BD5691C67696DA4 16563352 ----a-w- C:\Users\Bendlebender\Downloads\mbar-1.09.3.1001.exe
2016-07-06 06:25:08 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2016-07-06 06:23:35 -------- d-----w- C:\ProgramData\HitmanPro
2016-07-06 06:23:03 A2207F22CA51DC837590EC6CE46ECB8C 11438608 ----a-w- C:\Users\Bendlebender\Downloads\HitmanPro_x64.exe
2016-07-06 06:15:18 DD56EC4F23743414581E3E3B8BFF5EFA 2030536 ----a-w- C:\Users\Bendlebender\Downloads\iExplore.exe
2016-07-03 07:45:40 D171B1B840DD85EDB70DCC84AEDCE05E 37888 ----a-w- C:\Users\Bendlebender\Downloads\ADSSpy.exe
2016-07-03 07:05:14 342B514D77239B0BF525D75B57EAC8C8 2390016 ----a-w- C:\Users\Bendlebender\Downloads\FRST64.exe
2016-07-02 08:12:18 -------- d-----w- C:\ProgramData\RogueKiller
2016-07-02 06:59:25 -------- d-----w- C:\ProgramData\SUPERSetup
2016-07-02 00:27:36 8AF92D125EFC48D4A4F0140777AA2FD4 4727984 ----a-w- C:\Users\Bendlebender\Downloads\tdsskiller.exe
2016-07-02 00:23:50 4BA071053228C1EA64B4833F4F4620FB 19927624 ----a-w- C:\Users\Bendlebender\Downloads\RogueKiller.exe
2016-07-01 23:51:41 1C1BDD99753C3951CE1BDB64ECF20314 6995720 ----a-w- C:\Users\Bendlebender\Downloads\ccsetup519.exe
2016-07-01 22:59:42 5096826AAA1181F8607244E37FA0BABF 3712064 ----a-w- C:\Users\Bendlebender\Downloads\AdwCleaner.exe
2016-07-01 22:10:24 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com
2016-07-01 21:44:32 15C831FE6928A8773252FF9FD864D1F9 26461672 ----a-w- C:\Users\Bendlebender\Downloads\SUPERAntiSpyware.exe

====== C: exe-files ==
2016-07-06 07:43:30 8D704E13B735D87D227D05B5495F1B1B 270136 ----a-w- C:\Users\Bendlebender\mbar\mbar.exe
2016-07-06 07:43:30 7A2EBC02187D471E16EF38D230C16D7E 54072 ----a-w- C:\Users\Bendlebender\mbar\mbamdor.exe
2016-07-06 07:43:30 4A5EA67F0B25AEF8AAD9EF1404230AFA 822584 ----a-w- C:\Users\Bendlebender\mbar\Plugins\fixdamage.exe
2016-07-06 07:41:18 67B0906B68164E807BD5691C67696DA4 16563352 ----a-w- C:\Users\Bendlebender\Downloads\mbar-1.09.3.1001.exe
2016-07-06 06:25:08 A2207F22CA51DC837590EC6CE46ECB8C 11438608 ----a-w- C:\Program Files\HitmanPro\HitmanPro.exe
2016-07-06 06:23:03 A2207F22CA51DC837590EC6CE46ECB8C 11438608 ----a-w- C:\Users\Bendlebender\Downloads\HitmanPro_x64.exe
2016-07-06 06:23:01 FDA44910DEB1A460BE4AC5D56D61D837 5 ----a-w- C:\Users\Bendlebender\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EG6LQZAL\HitmanPro_x64[1].exe
2016-07-06 06:15:18 DD56EC4F23743414581E3E3B8BFF5EFA 2030536 ----a-w- C:\Users\Bendlebender\Downloads\iExplore.exe
2016-07-06 06:15:04 FDA44910DEB1A460BE4AC5D56D61D837 5 ----a-w- C:\Users\Bendlebender\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5H1BZETJ\iExplore[1].exe
2016-07-03 07:45:40 D171B1B840DD85EDB70DCC84AEDCE05E 37888 ----a-w- C:\Users\Bendlebender\Downloads\ADSSpy.exe
2016-07-03 07:05:14 342B514D77239B0BF525D75B57EAC8C8 2390016 ----a-w- C:\Users\Bendlebender\Downloads\FRST64.exe
2016-07-02 00:27:36 8AF92D125EFC48D4A4F0140777AA2FD4 4727984 ----a-w- C:\Users\Bendlebender\Downloads\tdsskiller.exe
2016-07-02 00:23:50 4BA071053228C1EA64B4833F4F4620FB 19927624 ----a-w- C:\Users\Bendlebender\Downloads\RogueKiller.exe
2016-07-01 23:51:41 1C1BDD99753C3951CE1BDB64ECF20314 6995720 ----a-w- C:\Users\Bendlebender\Downloads\ccsetup519.exe
2016-07-01 22:59:42 5096826AAA1181F8607244E37FA0BABF 3712064 ----a-w- C:\Users\Bendlebender\Downloads\AdwCleaner.exe
2016-07-01 21:44:32 15C831FE6928A8773252FF9FD864D1F9 26461672 ----a-w- C:\Users\Bendlebender\Downloads\SUPERAntiSpyware.exe
2016-07-01 08:07:30 B35154CD5A10368ED3DB277BB38012B3 35328 ----a-w- C:\Windows\SysWOW64\wuapp.exe
2016-07-01 08:07:30 9D3A6E1660B3D6BF63E83A901D1109BB 37888 ----a-w- C:\Windows\System32\wuapp.exe
2016-07-01 08:07:29 CDBE532602413E7FB0C395024749C7AA 140288 ----a-w- C:\Windows\System32\wuauclt.exe
=== C: other files ==
2016-07-06 06:59:12 7FD586369B597798535C098E63818AAC 46960 ----a-w- C:\Windows\System32\drivers\hitmanpro37.sys
2016-07-02 08:13:32 0C997B061E3C66BD9E927C1288EB1CC7 24688 ----a-w- C:\Windows\System32\drivers\TrueSight.sys
2016-07-01 05:45:36 78488AF2AB2111D67B3C4044707A519B 192216 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2016-07-01 05:45:02 47701ECA633574E122687693B5C5D35C 109272 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2016-07-01 05:45:02 452ACB7A9914398D9E18CCCFFCF92208 64896 ----a-w- C:\Windows\System32\drivers\mwac.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-1748231068-357915915-2718231513-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe"
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe"
"StartCCC"="c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun"
"DellSupportCenter"="C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe /P DellSupportCenter"
"AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"="C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe"
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickSet"="C:\Program Files\Dell\QuickSet\QuickSet.exe"
"FreeFallProtection"="C:\Program Files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe"
"Broadcom Wireless Manager UI"="C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe"
"PrintDisp"="C:\Windows\system32\PrintDisp.exe"
"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "
"SysTrayApp"="C:\Program Files\IDT\WDM\sttray64.exe"

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM]
"command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""
"hkey"="HKLM"
"item"="Adobe ARM"
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher]
"command"="\"C:\\Program Files (x86)\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe\""
"hkey"="HKLM"
"item"="Adobe Reader Speed Launcher"
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Dell DataSafe Online]
"command"="\"C:\\Program Files (x86)\\Dell DataSafe Online\\DataSafeOnline.exe\" /m"
"hkey"="HKLM"
"item"="Dell DataSafe Online"
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Dell Webcam Central]
"command"="\"C:\\Program Files (x86)\\Dell Webcam\\Dell Webcam Central\\WebcamDell2.exe\" /mode2"
"hkey"="HKLM"
"item"="Dell Webcam Central"
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Desktop Disc Tool]
"command"="\"C:\\Program Files (x86)\\Roxio\\Roxio Burn\\RoxioBurnLauncher.exe\""
"hkey"="HKLM"
"item"="Desktop Disc Tool"
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched]
"command"="\"C:\\Program Files (x86)\\Java\\jre6\\bin\\jusched.exe\""
"hkey"="HKLM"
"item"="SunJavaUpdateSched"
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
"backup"="C:\\Windows\\pss\\McAfee Security Scan Plus.lnk.CommonStartup"
"backupExtension"=".CommonStartup"
"command"="C:\\Program Files (x86)\\McAfee Security Scan\\2.0.181\\SSScheduler.exe"
"item"="McAfee Security Scan Plus"
"path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\McAfee Security Scan Plus.lnk"

==== Startup Folders ======================

2010-11-01 18:57:35 1980 ----a-w- C:\Users\Bendlebender\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
2010-10-26 14:47:11 2000 ----a-w- C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
2010-10-26 14:47:11 2000 ----a-w- C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
2013-04-05 05:22:53 1980 ----a-w- C:\Users\Warchow\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock (2).lnk
2013-04-04 04:45:32 1980 ----a-w- C:\Users\Warchow\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
2013-04-05 05:22:53 174 --sha-w- C:\Users\Warchow\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop (2).ini

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [06/17/2016 02:50 AM]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [08/29/2015 09:43 PM]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [08/29/2015 09:43 PM]
C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job --a------ C:\Program Files\Dell Support Center\uaclauncher.exe [03/28/2012 06:04 PM]
C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 86f914ea-82ff-4628-b6e3-2fb811dd97d5.job --a------ C:\Program Files\SUPERAntiSpyware\SASTask.exe []
C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 9b6b2ca0-df3c-49f1-82e7-8eff79890d47.job --a------ C:\Program Files\SUPERAntiSpyware\SASTask.exe []
C:\Windows\tasks\SystemToolsDailyTest.job --a------ [Undetermined Task]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\LoJack for Laptops Install" ["%PROGRAMFILES(x86)%\Absolute Software\LoJack Install\FactoryInstaller.exe"]
"C:\Windows\SysNative\tasks\PCDEventLauncher" ["C:\Program Files\Dell Support Center\sessionchecker.exe"]
"C:\Windows\SysNative\tasks\PCDoctorBackgroundMonitorTask" [C:\Program Files\Dell Support Center\uaclauncher.exe]
"C:\Windows\SysNative\tasks\SafeZone scheduled Autoupdate 1466146326" [C:\Program Files\AVAST Software\SZBrowser\launcher.exe]
"C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe]
"C:\Windows\SysNative\tasks\SUPERAntiSpyware Scheduled Task 86f914ea-82ff-4628-b6e3-2fb811dd97d5" [C:\Program Files\SUPERAntiSpyware\SASTask.exe]
"C:\Windows\SysNative\tasks\SUPERAntiSpyware Scheduled Task 9b6b2ca0-df3c-49f1-82e7-8eff79890d47" [C:\Program Files\SUPERAntiSpyware\SASTask.exe]
"C:\Windows\SysNative\tasks\SystemToolsDailyTest" [C:\Program Files\Dell Support Center\uaclauncher.exe]
"C:\Windows\SysNative\tasks\User_Feed_Synchronization-{7385F325-F8C1-4F60-AD6D-8B49D4D2BA1D}" [C:\Windows\system32\msfeedssync.exe]
"C:\Windows\SysNative\tasks\{518DE036-8CE4-4771-9096-601792D4483A}" [C:\Users\Bendlebender\Desktop\FRUA\INSTALL.EXE]
"C:\Windows\SysNative\tasks\{763FCEB8-2E39-4802-B113-FD8DA82A80E9}" [C:\Users\Bendlebender\Desktop\FRUA\INSTALL.EXE]
"C:\Windows\SysNative\tasks\{8AA59E8F-DCBE-42B0-9823-2F84F9D2D708}" [C:\Users\Bendlebender\Desktop\Recreation\S\snes9x.exe]
"C:\Windows\SysNative\tasks\{B6E20656-AA29-4115-91D3-D1EC8375242C}" [C:\Program Files\TOEE\TOEE3.EXE]
"C:\Windows\SysNative\tasks\{CBD7F791-5D4D-4AA3-8DAA-D368A5492DDA}" [C:\Users\Bendlebender\Desktop\FRUA\INSTALL.EXE]
"C:\Windows\SysNative\tasks\{D885621F-67B8-446A-B8FB-F61ED41BF337}" [C:\Users\Bendlebender\Desktop\FRUA\INSTALL.EXE]
"C:\Windows\SysNative\tasks\{D96E61CD-345B-4429-9651-903DEBF4576C}" [C:\Users\Bendlebender\Desktop\FRUA\INSTALL.EXE]
"C:\Windows\SysNative\tasks\{EE294D32-CB24-4716-A137-F9FA34C847D3}" [C:\DOSGames\Unlimited Adventures\FRUA\INSTALL.EXE]
"C:\Windows\SysNative\tasks\{F5849F38-F53B-4785-81ED-A52505261760}" [C:\Users\Bendlebender\Desktop\FRUA\INSTALL.EXE]
"C:\Windows\SysNative\tasks\AVAST Software\Avast settings backup" [C:\Program Files\Common Files\AV\avast Antivirus\backup.exe]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"sp@avast.com"="C:\Program Files\AVAST Software\Avast\SafePrice\FF" [06/17/2016 01:48 AM]
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"sp@avast.com"="C:\Program Files\AVAST Software\Avast\SafePrice\FF" [06/17/2016 01:48 AM]

==== Chromium Look ======================

Google Chrome Version: 44.0.2403.157

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[06/17/2016 01:48 AM]

YouTube - Bendlebender\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Bendlebender\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Avast Online Security - Bendlebender\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
Google Wallet - Bendlebender\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Bendlebender\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
YouTube - Warchow\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Warchow\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
SiteAdvisor - Warchow\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho
avast WebRep - Warchow\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda
Gmail - Warchow\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chromium Startpages ======================

C:\Users\Warchow\AppData\Local\Google\Chrome\User Data\Default\Preferences
"homepage": "http://www.google.com",

==== IE Start and Search Settings ======================

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://g.msn.com/USCON/1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{C62CEFC8-FC11-4BF7-AA6E-2C598B712605}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{4291C37D-D810-4D39-89BA-C4A9CF0EEBCD} Secure Search Url="http://search.yahoo.com/search?fr=mcafee&p={SearchTerms}"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADFA_en"
{B4BDB666-B7F0-4021-8BB8-8134C4DC9E9A} Unknown  Url="Not_Found"
{C62CEFC8-FC11-4BF7-AA6E-2C598B712605} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02"

==== HijackThis Entries ======================

F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - .DEFAULT User Startup: Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Default user')
O4 - Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://*.mcafee.com
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Unknown owner - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe (file missing)
O23 - Service: Dragon Age: Origins - Content Updater (DAUpdaterSvc) - BioWare - C:\Program Files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: FF Install Filter Service (InstallFilterService) - Unknown owner - C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Printer Control - Unknown owner - C:\Windows\system32\PrintCtrl.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\STacSV64.exe
O23 - Service: TurboBoost - Intel® Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: DW WLAN Tray Service (wltrysvc) - Dell Inc. - C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

==== C:\zoek_backup content ======================

C:\zoek_backup (files=0 folders=0 0 bytes)

==== EOF on Thu 07/07/2016 at  2:07:38.18 ======================

 



BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 39,256 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:06:53 AM

Posted 08 July 2016 - 08:13 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Press the windows key Windows_Logo_key.gif+ r on your keyboard at the same time. This will open the RUN BOX.
Type Notepad and and click the OK key.

Please copy the entire contents of the code box below to a new file.


Start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:

() C:\Users\Bendlebender\Desktop\Not Surprised\atoto\NO$GBA.EXE
Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll [X]
GroupPolicyUsers\S-1-5-21-1748231068-357915915-2718231513-1001\User: Restriction <======= ATTENTION
BHO-x32: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
CHR Extension: (Avast Online Security) - C:\Users\Bendlebender\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-04-03]
CHR Extension: (Google Wallet) - C:\Users\Bendlebender\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-03]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-06-17]
S3 AvastVBoxSvc; "C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe" [X]
S3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0; \??\c:\program files\dell support center\pcdsrvc_x64.pkms [X]
S2 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
C:\Users\Bendlebender\Desktop\Not Surprised
C:\Users\Bendlebender\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

End
Save the file as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log (Fixlog.txt) please post it to your reply.

Please let me know what problem persists with this computer.

Please include the Addition.txt file that was created by the Farbar tool in your next reply.

#3 BuckEyeJog

BuckEyeJog
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Local time:05:53 AM

Posted 13 July 2016 - 01:30 AM

Before I post the files, let me note beforehand that responses will be slow. The computer's running slow enough that I couldn't post anything on these forums and was planning to try again on another computer. I didn't even know my topic had gotten through due to this, and barely found out it was there

when browsing the sit. However, I am still keeping in touch, even if the replies lag.



#4 BuckEyeJog

BuckEyeJog
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Local time:05:53 AM

Posted 13 July 2016 - 02:01 AM

Fixlog.txt:

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 10-07-2016 01
Ran by Bendlebender (2016-07-13 01:40:43) Run:1
Running from C:\Users\Bendlebender\Downloads
Loaded Profiles: Bendlebender (Available Profiles: Bendlebender & Fat Wombat & Warchow)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:

() C:\Users\Bendlebender\Desktop\Not Surprised\atoto\NO$GBA.EXE
Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll [X]
GroupPolicyUsers\S-1-5-21-1748231068-357915915-2718231513-1001\User: Restriction <======= ATTENTION
BHO-x32: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
CHR Extension: (Avast Online Security) - C:\Users\Bendlebender\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-04-03]
CHR Extension: (Google Wallet) - C:\Users\Bendlebender\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-03]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-06-17]
S3 AvastVBoxSvc; "C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe" [X]
S3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0; \??\c:\program files\dell support center\pcdsrvc_x64.pkms [X]
S2 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
C:\Users\Bendlebender\Desktop\Not Surprised
C:\Users\Bendlebender\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

End
*****************

Restore point was successfully created.
Processes closed successfully.
C:\Users\Bendlebender\Desktop\Not Surprised\atoto\NO$GBA.EXE => No running process found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\GoToAssist" => key removed successfully
C:\Windows\system32\GroupPolicyUsers\S-1-5-21-1748231068-357915915-2718231513-1001\User => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}" => key removed successfully
HKCR\Wow6432Node\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB} => key not found.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
C:\Users\Bendlebender\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki => moved successfully
C:\Users\Bendlebender\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda => moved successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki" => key removed successfully
Could not move "C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx" => Scheduled to move on reboot.
AvastVBoxSvc => service could not remove
PCDSRVC{1E208CE0-FB7451FF-06020101}_0 => Service stopped successfully.
PCDSRVC{1E208CE0-FB7451FF-06020101}_0 => service removed successfully
VBoxAswDrv => service could not remove
C:\Users\Bendlebender\Desktop\Not Surprised => moved successfully
"C:\Users\Bendlebender\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda" => not found.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 112862221 B
Java, Flash, Steam htmlcache => 97789 B
Windows/system/drivers => 1291626769 B
Edge => 0 B
Chrome => 130048 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 135697 B
systemprofile32 => 1755478 B
LocalService => 132244 B
NetworkService => 385100 B
Bendlebender => 1303311102 B
Fat Wombat => 194286 B
Warchow => 1865295415 B

RecycleBin => 1161220970 B
EmptyTemp: => 5.4 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2016-07-13 01:49:50)

"C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx" => Could not move

==== End of Fixlog 01:49:50 ====

 

 

The Addition.txt:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-07-2016

Ran by Bendlebender (2016-07-03 02:30:23)

Running from C:\Users\Bendlebender\Downloads

Windows 7 Home Premium Service Pack 1 (X64) (2010-11-01 18:52:50)

Boot Mode: Normal

==========================================================

 

==================== Accounts: =============================

Administrator (S-1-5-21-1748231068-357915915-2718231513-500 - Administrator - Disabled)

Bendlebender (S-1-5-21-1748231068-357915915-2718231513-1000 - Administrator - Enabled) => C:\Users\Bendlebender

Fat Wombat (S-1-5-21-1748231068-357915915-2718231513-1001 - Limited - Enabled) => C:\Users\Fat Wombat

Guest (S-1-5-21-1748231068-357915915-2718231513-501 - Limited - Disabled)

Warchow (S-1-5-21-1748231068-357915915-2718231513-1002 - Administrator - Enabled) => C:\Users\Warchow

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Accelerometer (HKLM-x32\...\{87434D51-51DB-4109-B68F-A829ECDCF380}) (Version: 1.06.08.17 - STMicroelectronics)

Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.010.20056 - Adobe Systems Incorporated)

Adobe Flash Player 22 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 22.0.0.192 - Adobe Systems Incorporated)

Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.192 - Adobe Systems Incorporated)

Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)

ATI Catalyst Control Center (HKLM-x32\...\{055EE59D-217B-43A7-ABFF-507B966405D8}) (Version: 2.010.0601.2151 - )

Avast Free Antivirus (HKLM-x32\...\avast) (Version: 11.2.2262 - AVAST Software)

Baldur's Gate™ II - Shadows of Amn™ Bonus CD (HKLM-x32\...\{014585C8-7557-11D4-9ABA-006067325E47}) (Version: - )

Baldur's Gate™ II - Throne of Bhaal ™ (HKLM-x32\...\{B8C3B479-1716-11D5-968A-0050BA84F5F7}) (Version: - )

BioWare Premium Module: Neverwinter Nights™ Kingmaker (HKLM-x32\...\Neverwinter Nights™ Kingmaker) (Version: - BioWare Corp.)

Black & White® 2 (HKLM-x32\...\{D9E52CD1-9DF1-4A8A-9BDC-1E5E53982F2B}) (Version: 1.00.0000 - Lionhead Studios)

ccc-core-static (x32 Version: 2010.0601.2152.37421 - ATI) Hidden

CCleaner (HKLM\...\CCleaner) (Version: 5.19 - Piriform)

Circle of Eight Modpack version 6.1.0 NC (HKLM-x32\...\{F25E8F2C-8443-42B6-A232-9236A74507C5}_is1) (Version: 6.1.0 NC - Circle of Eight)

Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)

Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)

Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)

Consumer In-Home Service Agreement (HKLM-x32\...\{F47C37A4-7189-430A-B81D-739FF8A7A554}) (Version: 2.0.0 - Dell Inc.)

Coupon Printer for Windows (HKLM-x32\...\Coupon Printer for Windows5.0.0.3) (Version: 5.0.0.3 - Coupons.com Incorporated)

Cozi (HKLM-x32\...\{2DA5F129-11AC-4F11-8188-B2F07EAAC20A}) (Version: 1.0.4323.24051 - Cozi Group, Inc.)

Creature Chaos 4.22 (HKLM-x32\...\{BA6A41DC-603B-49D5-AC40-2A125DFF6DB8}_is1) (Version: - Creature Chaos Mod Team)

Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.60 - Dell)

Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.60 - Dell)

Dell DataSafe Online (HKLM-x32\...\{13766F76-6C8C-4E57-A9F3-3212D1C6E0D1}) (Version: 1.2.0011 - Dell, Inc.)

Dell Dock (HKLM-x32\...\Dell Dock) (Version: - Stardock Corporation)

Dell Dock (Version: 2.0 - Stardock Corporation) Hidden

Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)

Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)

Dell Support Center (HKLM\...\Dell Support Center) (Version: 3.1.5907.29 - Dell Inc.)

Dell Support Center (Version: 3.1.5907.29 - PC-Doctor, Inc.) Hidden

Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 14.0.2.0 - Synaptics Incorporated)

Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 1.40.05 - Creative Technology Ltd)

DJ OldGames Package: Stronghold (HKLM-x32\...\Stronghold63) (Version: 1.0.3.0 - DJ)

Dragon Age: Origins (HKLM-x32\...\{AEC81925-9C76-4707-84A9-40696C613ED3}) (Version: 1.00 - Electronic Arts, Inc.)

DW WLAN Card Utility (HKLM\...\DW WLAN Card Utility) (Version: 5.60.48.18 - Dell Inc.)

Furcadia (HKLM-x32\...\Furcadia) (Version: 30.0 - Dragon's Eye Productions, Inc.)

GIMP 2.6.11 (HKLM-x32\...\WinGimp-2.0_is1) (Version: 2.6.11 - The GIMP Team)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)

Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7619.1252 - Google Inc.)

Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden

Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden

Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden

GoToAssist 8.0.0.514 (HKLM-x32\...\GoToAssist) (Version: - )

GrafX2 (GNU GPL) (HKLM-x32\...\Grafx2-SDL) (Version: 2.4.wip2035 - )

HHD Software Free Hex Editor Neo 5.14 (HKU\S-1-5-21-1748231068-357915915-2718231513-1000\...\{8EB85C0E-DE7D-4A53-BD66-708B8F2C80B0}) (Version: 5.14.0.4787 - HHD Software, Ltd.)

HxD Hex Editor version 1.7.7.0 (HKLM-x32\...\HxD Hex Editor_is1) (Version: 1.7.7.0 - Maël Hörz)

ICY Hexplorer (remove only) (HKLM-x32\...\Hexplorer) (Version: - )

Impossible Creatures (HKLM-x32\...\Impossible Creatures 1.0) (Version: - )

Impossible Creatures 1.0.1 (HKLM-x32\...\{6B2B0D05-2B4A-4855-A47B-D69CD9E3CDD6}) (Version: 1.0.1 - Microsoft)

Inkscape 0.48.0 (HKLM-x32\...\Inkscape) (Version: 0.48.0 - )

Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)

Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)

Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)

Intel® Turbo Boost Technology Monitor (HKLM\...\{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}) (Version: 1.0.186.6 - Intel)

IZArc 4.1.2 (HKLM-x32\...\{97C82B44-D408-4F14-9252-47FC1636D23E}_is1) (Version: 4.1.2 - Ivan Zahariev)

J2SE Development Kit 5.0 Update 22 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0150220}) (Version: 1.5.0.220 - Sun Microsystems, Inc.)

J2SE Runtime Environment 5.0 Update 22 (HKLM-x32\...\{3248F0A8-6813-11D6-A77B-00B0D0150220}) (Version: 1.5.0.220 - Sun Microsystems, Inc.)

Java 7 Update 13 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417013FF}) (Version: 7.0.130 - Oracle)

Java SE Development Kit 7 Update 13 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170130}) (Version: 1.7.0.130 - Oracle)

Java™ 6 Update 20 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416020FF}) (Version: 6.0.200 - Sun Microsystems, Inc.)

Java™ 6 Update 23 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216023FF}) (Version: 6.0.230 - Oracle)

Java™ SE Development Kit 6 Update 23 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0160230}) (Version: 1.6.0.230 - Oracle)

Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden

Live! Cam Avatar Creator (HKLM-x32\...\{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}) (Version: 4.6.3009.1 - Creative Technology Ltd)

LoJack Factory Installer (HKLM-x32\...\{40F4FF7A-B214-4453-B973-080B09CED019}) (Version: 1.0.0 - Absolute Software)

Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)

Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)

Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)

Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 3.0.40624.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)

Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable - KB2467175 (HKLM-x32\...\{a0fe116e-9a8a-466f-aee0-625cb7c207e3}) (Version: 8.0.51011 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{052bac4a-6f79-46d4-a024-1ce1b4f73cd4}) (Version: 8.0.58299 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)

Neverwinter Nights (HKLM-x32\...\{C1583439-B034-4881-819C-D52A0587662B}) (Version: - )

NVIDIA PhysX (HKLM-x32\...\{1C4551A6-4743-4093-91E4-1477CD655043}) (Version: 9.09.0203 - NVIDIA Corporation)

OHRRPGCE alectormancy+2 20120731 (HKLM-x32\...\Official Hamster Republic RPG Construction Engine_is1) (Version: - Hamster Republic Productions)

PRC Pack (HKLM-x32\...\PRC Pack) (Version: - )

Python 2.7.1 (HKLM-x32\...\{32939827-d8e5-470a-b126-870db3c69fdf}) (Version: 2.7.1150 - Python Software Foundation)

Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 9.6.18 - Dell Inc.)

Roxio Burn (HKLM-x32\...\{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}) (Version: 1.01 - Roxio)

SafeZone Stable 1.48.2066.101 (x32 Version: 1.48.2066.101 - Avast Software) Hidden

Skins (x32 Version: 2010.0601.2152.37421 - ATI) Hidden

Skype Toolbars (HKLM-x32\...\{981029E0-7FC9-4CF3-AB39-6F133621921A}) (Version: 1.0.4051 - Skype Technologies S.A.)

Skype™ 4.2 (HKLM-x32\...\{D103C4BA-F905-437A-8049-DB24763BBE36}) (Version: 4.2.169 - Skype Technologies S.A.)

Star Wars Empire at War (HKLM-x32\...\{99AE7207-8612-4DBA-A8F8-BAE5C633390D}) (Version: 1.0 - LucasArts)

Star Wars Empire at War Forces of Corruption (HKLM-x32\...\{6592FDEC-2C1A-413A-9985-25FEC2F0848D}) (Version: 1.0 - LucasArts)

Star Wars Galactic Battlegrounds: Saga (HKLM-x32\...\{10133CDD-50B9-4783-B336-8B48F3653715}) (Version: - )

SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1220 - SUPERAntiSpyware.com)

Temple of Elemental Evil (HKLM-x32\...\{AD80F06B-0F21-4EEE-934D-BEF0D21E6383}) (Version: 1.00.000 - )

Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)

WildTangent Games (HKLM-x32\...\WildTangent dell Master Uninstall) (Version: 1.0.0.71 - WildTangent)

Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)

Windows Live Sign-in Assistant (HKLM-x32\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)

Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)

Windows Live Upload Tool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1748231068-357915915-2718231513-1000_Classes\CLSID\{182FB546-8596-4CEF-9CB5-E9505BF7F628}\InprocServer32 -> C:\Users\Bendlebender\AppData\Local\HHD Software\Hex Editor Neo\hhdhexneo.dll (HHD Software Ltd.)

CustomCLSID: HKU\S-1-5-21-1748231068-357915915-2718231513-1000_Classes\CLSID\{6DB27B2E-87AC-4354-927A-AD711A0ED77E}\InprocServer32 -> C:\Users\Bendlebender\AppData\Local\HHD Software\Hex Editor Neo\FileDocument.dll (HHD Software Ltd.)

CustomCLSID: HKU\S-1-5-21-1748231068-357915915-2718231513-1000_Classes\CLSID\{A244CEC5-DB63-4ED9-B0D7-A0527C064113}\InprocServer32 -> C:\Users\Bendlebender\AppData\Local\HHD Software\Hex Editor Neo\FileDocument.dll (HHD Software Ltd.)

CustomCLSID: HKU\S-1-5-21-1748231068-357915915-2718231513-1000_Classes\CLSID\{AE1514A4-5D7D-4D1B-BC7F-320E6962B0DD}\InprocServer32 -> C:\Users\Bendlebender\AppData\Local\HHD Software\Hex Editor Neo\FileDocument.dll (HHD Software Ltd.)

CustomCLSID: HKU\S-1-5-21-1748231068-357915915-2718231513-1000_Classes\CLSID\{B845012A-F05A-4EC8-816D-B033183B9CA5}\InprocServer32 -> C:\Users\Bendlebender\AppData\Local\HHD Software\Hex Editor Neo\hhdhexneo.dll (HHD Software Ltd.)

CustomCLSID: HKU\S-1-5-21-1748231068-357915915-2718231513-1000_Classes\CLSID\{F350F7C1-9F0E-4A97-8EEC-E690C7095BEF}\InprocServer32 -> C:\Users\Bendlebender\AppData\Local\HHD Software\Hex Editor Neo\PatchAPI\dll\x64\hexpatch64.dll (HHD Software Ltd.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {10351236-259F-4513-8C82-9D93F94B88FF} - System32\Tasks\{F5849F38-F53B-4785-81ED-A52505261760} => C:\Users\Bendlebender\Desktop\FRUA\INSTALL.EXE

Task: {29C10A22-CFCB-418A-A90D-79F89BDCB3A3} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell Support Center\uaclauncher.exe [2012-03-28] (PC-Doctor, Inc.)

Task: {30229D28-3DC4-48C1-A0A6-EF184657852C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)

Task: {33731B9E-9AE7-433E-917F-D27E1C5DD55D} - System32\Tasks\{D96E61CD-345B-4429-9651-903DEBF4576C} => C:\Users\Bendlebender\Desktop\FRUA\INSTALL.EXE

Task: {3E1A0EBE-446F-4902-8DF2-616EE969C254} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)

Task: {3E238F99-D2C8-4BDA-8545-46B87EA6D4A2} - System32\Tasks\{518DE036-8CE4-4771-9096-601792D4483A} => C:\Users\Bendlebender\Desktop\FRUA\INSTALL.EXE

Task: {3F066AE7-046C-4B3C-90A2-2111583C8559} - System32\Tasks\{EE294D32-CB24-4716-A137-F9FA34C847D3} => C:\DOSGames\Unlimited Adventures\FRUA\INSTALL.EXE

Task: {40AB365C-7EB9-4BC2-8665-3B509F9C2101} - System32\Tasks\LoJack for Laptops Install => C:\Program Files (x86)\Absolute Software\LoJack Install\FactoryInstaller.exe [2009-11-26] (Absolute Software)

Task: {41E7D123-4F7E-41D8-BE7E-D39F24412A14} - System32\Tasks\{00B5695A-C0B5-47B4-9CDF-21532ACA86A2} => pcalua.exe -a C:\Users\Bendlebender\Desktop\ArtOfIllusion281-Windows.exe -d C:\Users\Bendlebender\Desktop

Task: {4F92FF15-22C3-4DB9-A794-EC7C92E93749} - System32\Tasks\{8AA59E8F-DCBE-42B0-9823-2F84F9D2D708} => C:\Users\Bendlebender\Desktop\Recreation\S\snes9x.exe [2003-08-12] (Gary Henderson)

Task: {524602FD-3059-4D93-990F-D72687CB2532} - System32\Tasks\{65CAF38B-06B6-4C75-86D1-E871D339D1CA} => pcalua.exe -a "C:\Users\Bendlebender\Desktop\Recreation\Mods\Neverwinter\Latest PRC\CC_1.8_Win\CharacterCreator.exe" -d "C:\Users\Bendlebender\Desktop\Recreation\Mods\Neverwinter\Latest PRC\CC_1.8_Win"

Task: {5F37B00A-EECF-4E82-8ABD-FC87F2897AB6} - System32\Tasks\{F00BEE45-595F-4958-81CD-FB0E51C7BC10} => pcalua.exe -a "C:\Users\Bendlebender\Desktop\Recreation\Mods\Baldur's Gate\shardsofice-v5.exe" -d "C:\Users\Bendlebender\Desktop\Recreation\Mods\Baldur's Gate"

Task: {68BFCCFC-045A-4E5C-981F-FFAA5A8304CB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)

Task: {6920F034-B1B4-47BD-99FD-5E4970B4B74F} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-06-03] (AVAST Software)

Task: {6A8F34FC-187E-4D85-A7C1-552891DDE221} - System32\Tasks\PCDEventLauncher => C:\Program Files\Dell Support Center\sessionchecker.exe [2012-03-28] (PC-Doctor, Inc.)

Task: {71B050F2-F513-490A-9E51-35170BA1C742} - System32\Tasks\SafeZone scheduled Autoupdate 1466146326 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-04-15] (Avast Software)

Task: {87A3057A-8A75-4739-B2C1-9777276EF530} - System32\Tasks\{763FCEB8-2E39-4802-B113-FD8DA82A80E9} => C:\Users\Bendlebender\Desktop\FRUA\INSTALL.EXE

Task: {9F391A5D-21CF-4502-B154-9941420EA5BE} - System32\Tasks\SystemToolsDailyTest => C:\Program Files\Dell Support Center\uaclauncher.exe [2012-03-28] (PC-Doctor, Inc.)

Task: {A3BC7FEB-C667-46CC-A565-E2E12AD7476B} - System32\Tasks\{B6E20656-AA29-4115-91D3-D1EC8375242C} => C:\Program Files\TOEE\TOEE3.EXE

Task: {A731F9FA-FB17-4A71-9A6E-14E1A011BBB9} - System32\Tasks\SUPERAntiSpyware Scheduled Task 9b6b2ca0-df3c-49f1-82e7-8eff79890d47 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)

Task: {BB55B899-1D8D-4990-9EA0-A21A009C6AA8} - System32\Tasks\{CBD7F791-5D4D-4AA3-8DAA-D368A5492DDA} => C:\Users\Bendlebender\Desktop\FRUA\INSTALL.EXE

Task: {CD4D8FAC-0AC9-4693-8CDB-9CE99AADA93A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-06-17] (Adobe Systems Incorporated)

Task: {D1BA5D15-B0EC-4334-AA22-672A8A5DC220} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-06-17] (AVAST Software)

Task: {EF3A1A82-1F08-4EC0-AFBE-D694D4713442} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-06-10] (Piriform Ltd)

Task: {FBE41EE1-67CC-4C62-BE2D-C6432898FE66} - System32\Tasks\{D885621F-67B8-446A-B8FB-F61ED41BF337} => C:\Users\Bendlebender\Desktop\FRUA\INSTALL.EXE

Task: {FF0335E5-C874-41B6-B336-6F4E05A5F2C6} - System32\Tasks\SUPERAntiSpyware Scheduled Task 86f914ea-82ff-4628-b6e3-2fb811dd97d5 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job => C:\Program Files\Dell Support Center\uaclauncher.exeo-backgroundmon scripts\defaultscan.xml

Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 86f914ea-82ff-4628-b6e3-2fb811dd97d5.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 9b6b2ca0-df3c-49f1-82e7-8eff79890d47.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

Task: C:\Windows\Tasks\SystemToolsDailyTest.job => C:\Program Files\Dell Support Center\uaclauncher.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Bendlebender\Desktop\Recreation\Side Things\Oldgames\OldGames.sk\www.oldgames.sk.lnk -> hxxp:( (No File)

Shortcut: C:\Users\Bendlebender\AppData\Local\Microsoft\Windows\GameExplorer\{C77AE730-B98A-47FE-91CA-D1BD826BEF12}\SupportTasks\1\Support.lnk -> hxxp://www.atarisupport.com/ (No File)

Shortcut: C:\Users\Bendlebender\AppData\Local\Microsoft\Windows\GameExplorer\{C77AE730-B98A-47FE-91CA-D1BD826BEF12}\SupportTasks\0\More Games from Microsoft.lnk -> hxxp://nwn.bioware.com/shadows// (No File)

Shortcut: C:\Users\Bendlebender\AppData\Local\Microsoft\Windows\GameExplorer\{961026D5-0AD4-4F45-A45B-605C7BA7DB3D}\SupportTasks\1\Support.lnk -> hxxp://www.blackisle.com/ (No File)

Shortcut: C:\Users\Bendlebender\AppData\Local\Microsoft\Windows\GameExplorer\{961026D5-0AD4-4F45-A45B-605C7BA7DB3D}\SupportTasks\0\More Games from Microsoft.lnk -> hxxp://www.interplay.com/ (No File)

Shortcut: C:\Users\Bendlebender\AppData\Local\Microsoft\Windows\GameExplorer\{747003CF-EE3C-4838-9E66-B8470A48769D}\SupportTasks\1\Support.lnk -> hxxp://support.lucasarts.com/ (No File)

Shortcut: C:\Users\Bendlebender\AppData\Local\Microsoft\Windows\GameExplorer\{747003CF-EE3C-4838-9E66-B8470A48769D}\SupportTasks\0\More Games from Microsoft.lnk -> hxxp://www.swgalacticbattlegrounds.com/ (No File)

Shortcut: C:\Users\Bendlebender\AppData\Local\Microsoft\Windows\GameExplorer\{3ADA0EA8-91A3-45E1-A7DA-A3FA38EDFA53}\SupportTasks\1\Support.lnk -> hxxp://www.ina-support.com/ (No File)

Shortcut: C:\Users\Bendlebender\AppData\Local\Microsoft\Windows\GameExplorer\{3ADA0EA8-91A3-45E1-A7DA-A3FA38EDFA53}\SupportTasks\0\More Games from Microsoft.lnk -> hxxp://nwn.bioware.com// (No File)

Shortcut: C:\Users\Bendlebender\AppData\Local\Microsoft\Windows\GameExplorer\{0FCFD096-CEC5-49D5-AD57-7E43D49D08AF}\SupportTasks\1\Support.lnk -> hxxp://support.lucasarts.com/ (No File)

Shortcut: C:\Users\Bendlebender\AppData\Local\Microsoft\Windows\GameExplorer\{0FCFD096-CEC5-49D5-AD57-7E43D49D08AF}\SupportTasks\0\More Games from Microsoft.lnk -> hxxp://www.swempireatwar.com/ (No File)

Shortcut: C:\Users\Bendlebender\AppData\Local\Microsoft\Windows\GameExplorer\{00CFB970-0DD3-4720-975C-BEA0309026E1}\SupportTasks\1\Support.lnk -> hxxp://support.lucasarts.com/ (No File)

Shortcut: C:\Users\Bendlebender\AppData\Local\Microsoft\Windows\GameExplorer\{00CFB970-0DD3-4720-975C-BEA0309026E1}\SupportTasks\0\More Games from Microsoft.lnk -> hxxp://www.empireatwar.com/ (No File)

==================== Loaded Modules (Whitelisted) ==============

2011-01-18 19:15 - 2009-04-24 16:50 - 00210944 _____ () C:\Program Files (x86)\IZArc\IZArcCM64.dll

2010-10-26 09:18 - 2009-06-23 16:02 - 00060928 _____ () C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe

2010-10-26 09:29 - 2011-08-18 10:05 - 02751808 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE

2010-10-26 09:18 - 2009-07-22 08:52 - 02384896 _____ () C:\Program Files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe

2015-02-10 16:42 - 2015-02-10 16:42 - 00472576 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_64\VistaBridgeLibrary\c29d8779b3a3599f44e21e017541cd0c\VistaBridgeLibrary.ni.dll

2010-03-08 11:02 - 2010-03-08 11:02 - 00016384 ____R () c:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll

2010-06-01 21:50 - 2010-06-01 21:50 - 00270336 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll

2016-06-28 17:14 - 2015-05-03 16:43 - 00202767 _____ () C:\Users\Bendlebender\Desktop\Not Surprised\atoto\NO$GBA.EXE

2016-06-17 01:48 - 2016-06-17 01:48 - 00123344 _____ () C:\Program Files\AVAST Software\Avast\log.dll

2016-06-17 01:48 - 2016-06-17 01:48 - 00135816 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll

2016-07-03 00:31 - 2016-07-03 00:31 - 02996736 _____ () C:\Program Files\AVAST Software\Avast\defs\16070201\algo.dll

2016-06-17 01:48 - 2016-06-17 01:48 - 00479680 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll

2016-06-17 01:48 - 2016-06-17 01:48 - 00309912 _____ () C:\Program Files\AVAST Software\Avast\browser_pass.dll

2016-06-17 01:48 - 2016-06-17 01:48 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

2015-02-11 03:15 - 2015-02-11 03:15 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\3d576cbc4ffc5ad06fd61510c5d8f326\IsdiInterop.ni.dll

2010-10-26 09:14 - 2010-03-03 20:08 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Public\DRM:احتضان [48]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\GoToAssist => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-1748231068-357915915-2718231513-1000\Software\Classes\exefile: <===== ATTENTION

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1748231068-357915915-2718231513-1000\...\internet -> internet

IE trusted site: HKU\S-1-5-21-1748231068-357915915-2718231513-1000\...\mcafee.com -> hxxp://mcafee.com

IE trusted site: HKU\S-1-5-21-1748231068-357915915-2718231513-1000\...\mcafee.com -> hxxps://mcafee.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

 

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1748231068-357915915-2718231513-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Bendlebender\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg

DNS Servers: Media is not connected to internet.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

MSCONFIG\startupreg: Dell DataSafe Online => "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m

MSCONFIG\startupreg: Dell Webcam Central => "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2

MSCONFIG\startupreg: Desktop Disc Tool => "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"

MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{79E7E1F0-2F99-436A-AF7C-F51FADEC8035}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\wlcsdk.exe

FirewallRules: [{FAC2E99E-B803-4B2D-B64B-901A3451FFD8}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

FirewallRules: [{49399E2C-C122-42E1-90B7-BE6B50D58031}] => (Allow) svchost.exe

FirewallRules: [{AB196ED8-FF53-4448-ABCB-8FB6F387A498}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe

FirewallRules: [{A2C11EDE-47EB-4086-B767-23DF43244711}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe

FirewallRules: [{B7B8531B-FDCE-4917-97A7-4B57C419D983}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgmfapx.exe

FirewallRules: [{DA986246-9658-4ACD-9637-C2B37431866B}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgmfapx.exe

FirewallRules: [TCP Query User{9554C4C0-B9B6-4A2D-A014-E35A1EAAD8EF}C:\sam\printcontrol.exe] => (Allow) C:\sam\printcontrol.exe

FirewallRules: [UDP Query User{BA9C980D-0836-4009-9162-717987472E82}C:\sam\printcontrol.exe] => (Allow) C:\sam\printcontrol.exe

FirewallRules: [{94F1E1BF-BFEA-4A03-8087-43394404AA36}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe

FirewallRules: [{31F96EDC-0D96-42E8-AF17-0596D6931815}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe

FirewallRules: [{16D7ED50-2F2D-4904-AEB4-13D89CF7B080}] => (Allow) C:\Program Files (x86)\Dragon Age\bin_ship\daorigins.exe

FirewallRules: [{8EB75C73-C3AB-44F8-A1F7-5B58961985CD}] => (Allow) C:\Program Files (x86)\Dragon Age\bin_ship\daorigins.exe

FirewallRules: [{0A0C1EF9-B26F-425B-9A4C-3774BA9003C3}] => (Allow) C:\Program Files (x86)\Dragon Age\DAOriginsLauncher.exe

FirewallRules: [{89501BDF-EBB1-4CFE-97F8-8BFA97870329}] => (Allow) C:\Program Files (x86)\Dragon Age\DAOriginsLauncher.exe

FirewallRules: [{3B6266F4-AA3E-4F82-B6F9-7EF987970FA0}] => (Allow) C:\Program Files (x86)\Dragon Age\bin_ship\daupdatersvc.service.exe

FirewallRules: [{1539314C-A04E-443A-9FAE-17BCEA673B7F}] => (Allow) C:\Program Files (x86)\Dragon Age\bin_ship\daupdatersvc.service.exe

FirewallRules: [{1AE0C654-367B-42AD-A00D-B3E3FF9D0F23}] => (Allow) C:\Program Files (x86)\LucasArts\Star Wars Empire at War\GameData\sweaw.exe

FirewallRules: [{623458FF-8DED-4A66-8CAF-F5C8DC6094CC}] => (Allow) C:\Program Files (x86)\LucasArts\Star Wars Empire at War\GameData\sweaw.exe

FirewallRules: [{4D527ADB-6051-4CE8-85D2-9A9F6FFFCA13}] => (Allow) C:\Program Files (x86)\LucasArts\Star Wars Empire at War Forces of Corruption\swfoc.exe

FirewallRules: [{11D120EA-E91C-4676-9EED-7D130B1010B0}] => (Allow) C:\Program Files (x86)\LucasArts\Star Wars Empire at War Forces of Corruption\swfoc.exe

FirewallRules: [{71058B85-8496-46E2-964E-A573F72F87E8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

26-02-2015 16:42:21 Windows Update

26-02-2015 17:00:37 Windows Update

03-04-2015 14:59:35 Windows Update

03-04-2015 15:03:48 avast! antivirus system restore point

01-06-2015 02:57:17 Scheduled Checkpoint

02-06-2015 15:39:03 avast! antivirus system restore point

12-06-2015 16:50:00 Scheduled Checkpoint

13-06-2015 21:14:09 Installed DirectX

23-06-2015 17:55:37 Installed Star Wars Empire at War

23-06-2015 18:42:04 Installed DirectX 9.0

23-06-2015 18:53:44 Installed DirectX

28-06-2015 16:15:46 Installed DirectX

28-06-2015 16:32:44 Installed DirectX

16-07-2015 15:43:34 avast! antivirus system restore point

14-11-2015 01:29:48 Installed Yugioh Virtual Dueling

14-11-2015 01:31:04 Installed Yugioh Virtual Dueling

14-11-2015 01:49:05 Installed Yugioh Virtual Dueling

29-11-2015 01:23:07 Removed Yugioh Virtual Dueling

23-01-2016 03:55:32 Scheduled Checkpoint

30-01-2016 04:30:27 Scheduled Checkpoint

13-02-2016 04:10:10 Scheduled Checkpoint

21-02-2016 03:24:43 Scheduled Checkpoint

29-02-2016 02:41:52 Scheduled Checkpoint

02-04-2016 03:49:47 Scheduled Checkpoint

11-04-2016 01:25:29 Scheduled Checkpoint

02-05-2016 03:11:37 Scheduled Checkpoint

06-05-2016 00:14:34 Installed Black & White 2

15-05-2016 03:29:05 Scheduled Checkpoint

29-05-2016 03:25:36 Scheduled Checkpoint

06-06-2016 02:26:33 Scheduled Checkpoint

14-06-2016 02:38:59 Scheduled Checkpoint

18-06-2016 03:51:04 Windows Update

29-06-2016 02:59:45 Scheduled Checkpoint

01-07-2016 02:28:40 Windows Update

01-07-2016 02:46:35 Windows Update

01-07-2016 02:50:54 Windows Update

01-07-2016 02:57:37 Windows Update

01-07-2016 03:00:57 Windows Update

01-07-2016 03:07:19 Windows Update

==================== Faulty Device Manager Devices =============

Name: ATI High Definition Audio Device

Description: ATI High Definition Audio Device

Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}

Manufacturer: ATI Technologies Inc.

Service: AtiHdmiService

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

 

==================== Event log errors: =========================

Application errors:

==================

Error: (07/03/2016 02:25:16 AM) (Source: SideBySide) (EventID: 80) (User: )

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/03/2016 02:25:16 AM) (Source: SideBySide) (EventID: 80) (User: )

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/03/2016 12:52:35 AM) (Source: SideBySide) (EventID: 80) (User: )

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/03/2016 12:52:35 AM) (Source: SideBySide) (EventID: 80) (User: )

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/02/2016 02:43:54 AM) (Source: SideBySide) (EventID: 80) (User: )

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/02/2016 02:43:54 AM) (Source: SideBySide) (EventID: 80) (User: )

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/02/2016 02:14:00 AM) (Source: SideBySide) (EventID: 80) (User: )

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/02/2016 02:14:00 AM) (Source: SideBySide) (EventID: 80) (User: )

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/01/2016 06:36:06 PM) (Source: SideBySide) (EventID: 80) (User: )

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/01/2016 06:36:06 PM) (Source: SideBySide) (EventID: 80) (User: )

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

 

System errors:

=============

Error: (07/03/2016 02:27:22 AM) (Source: DCOM) (EventID: 10016) (User: BLUEBEAST)

Description: machine-defaultLocalActivation{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}BLUEBEASTBendlebenderS-1-5-21-1748231068-357915915-2718231513-1000LocalHost (Using LRPC)

Error: (07/03/2016 02:26:53 AM) (Source: DCOM) (EventID: 10016) (User: BLUEBEAST)

Description: machine-defaultLocalActivation{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}BLUEBEASTBendlebenderS-1-5-21-1748231068-357915915-2718231513-1000LocalHost (Using LRPC)

Error: (07/03/2016 02:17:05 AM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The VBoxAsw Support Driver service failed to start due to the following error:

%%3 = The system cannot find the path specified.

 

Error: (07/03/2016 02:06:41 AM) (Source: DCOM) (EventID: 10016) (User: BLUEBEAST)

Description: machine-defaultLocalActivation{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}BLUEBEASTBendlebenderS-1-5-21-1748231068-357915915-2718231513-1000LocalHost (Using LRPC)

Error: (07/03/2016 02:06:05 AM) (Source: DCOM) (EventID: 10016) (User: BLUEBEAST)

Description: machine-defaultLocalActivation{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}BLUEBEASTBendlebenderS-1-5-21-1748231068-357915915-2718231513-1000LocalHost (Using LRPC)

Error: (07/03/2016 02:05:08 AM) (Source: DCOM) (EventID: 10016) (User: BLUEBEAST)

Description: machine-defaultLocalActivation{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}BLUEBEASTBendlebenderS-1-5-21-1748231068-357915915-2718231513-1000LocalHost (Using LRPC)

Error: (07/03/2016 02:03:43 AM) (Source: DCOM) (EventID: 10016) (User: BLUEBEAST)

Description: machine-defaultLocalActivation{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}BLUEBEASTBendlebenderS-1-5-21-1748231068-357915915-2718231513-1000LocalHost (Using LRPC)

Error: (07/03/2016 02:03:28 AM) (Source: DCOM) (EventID: 10016) (User: BLUEBEAST)

Description: machine-defaultLocalActivation{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}BLUEBEASTBendlebenderS-1-5-21-1748231068-357915915-2718231513-1000LocalHost (Using LRPC)

Error: (07/03/2016 02:03:21 AM) (Source: DCOM) (EventID: 10016) (User: BLUEBEAST)

Description: machine-defaultLocalActivation{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}BLUEBEASTBendlebenderS-1-5-21-1748231068-357915915-2718231513-1000LocalHost (Using LRPC)

Error: (07/03/2016 01:25:39 AM) (Source: DCOM) (EventID: 10016) (User: BLUEBEAST)

Description: machine-defaultLocalActivation{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}BLUEBEASTBendlebenderS-1-5-21-1748231068-357915915-2718231513-1000LocalHost (Using LRPC)

 

==================== Memory info ===========================

Processor: Intel® Core™ i5 CPU M 460 @ 2.53GHz

Percentage of memory in use: 44%

Total physical RAM: 3956.52 MB

Available physical RAM: 2181.7 MB

Total Virtual: 9954.71 MB

Available Virtual: 7759.27 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:451.07 GB) (Free:231.53 GB) NTFS

Drive d: (BW2_DISC1) (CDROM) (Total:0.64 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================

Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: 46C06955)

Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)

Partition 2: (Active) - (Size=14.6 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=451.1 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

 

It seems the same problems exist, unfortunately.

So Doc, what is the diagnosis?



#5 nasdaq

nasdaq

  • Malware Response Team
  • 39,256 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:06:53 AM

Posted 13 July 2016 - 10:37 AM

Remove these old versions of Java, via the Control Panel > Programs > Programs and Features appet.
J2SE Development Kit 5.0 Update 22 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0150220}) (Version: 1.5.0.220 - Sun Microsystems, Inc.)
J2SE Runtime Environment 5.0 Update 22 (HKLM-x32\...\{3248F0A8-6813-11D6-A77B-00B0D0150220}) (Version: 1.5.0.220 - Sun Microsystems, Inc.)
Java 7 Update 13 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417013FF}) (Version: 7.0.130 - Oracle)
Java SE Development Kit 7 Update 13 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170130}) (Version: 1.7.0.130 - Oracle)
Java 6 Update 20 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416020FF}) (Version: 6.0.200 - Sun Microsystems, Inc.)
Java 6 Update 23 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216023FF}) (Version: 6.0.230 - Oracle)
Java SE Development Kit 6 Update 23 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0160230}) (Version: 1.6.0.230 - Oracle)
===

Press the windows key Windows_Logo_key.gif+ r on your keyboard at the same time. This will open the RUN BOX.
Type Notepad and and click the OK key.
Please copy the entire contents of the code box below to the a new file.
 
start


CreateRestorePoint:
EmptyTemp:
CloseProcesses:

Shortcut: C:\Users\Bendlebender\Desktop\Recreation\Side Things\Oldgames\OldGames.sk\www.oldgames.sk.lnk -> hxxp:( (No File)
Shortcut: C:\Users\Bendlebender\AppData\Local\Microsoft\Windows\GameExplorer\{C77AE730-B98A-47FE-91CA-D1BD826BEF12}\SupportTasks\1\Support.lnk -> hxxp://www.atarisupport.com/ (No File)
Shortcut: C:\Users\Bendlebender\AppData\Local\Microsoft\Windows\GameExplorer\{C77AE730-B98A-47FE-91CA-D1BD826BEF12}\SupportTasks\0\More Games from Microsoft.lnk -> hxxp://nwn.bioware.com/shadows// (No File)
Shortcut: C:\Users\Bendlebender\AppData\Local\Microsoft\Windows\GameExplorer\{961026D5-0AD4-4F45-A45B-605C7BA7DB3D}\SupportTasks\1\Support.lnk -> hxxp://www.blackisle.com/ (No File)
Shortcut: C:\Users\Bendlebender\AppData\Local\Microsoft\Windows\GameExplorer\{961026D5-0AD4-4F45-A45B-605C7BA7DB3D}\SupportTasks\0\More Games from Microsoft.lnk -> hxxp://www.interplay.com/ (No File)
Shortcut: C:\Users\Bendlebender\AppData\Local\Microsoft\Windows\GameExplorer\{747003CF-EE3C-4838-9E66-B8470A48769D}\SupportTasks\1\Support.lnk -> hxxp://support.lucasarts.com/ (No File)
Shortcut: C:\Users\Bendlebender\AppData\Local\Microsoft\Windows\GameExplorer\{747003CF-EE3C-4838-9E66-B8470A48769D}\SupportTasks\0\More Games from Microsoft.lnk -> hxxp://www.swgalacticbattlegrounds.com/ (No File)
Shortcut: C:\Users\Bendlebender\AppData\Local\Microsoft\Windows\GameExplorer\{3ADA0EA8-91A3-45E1-A7DA-A3FA38EDFA53}\SupportTasks\1\Support.lnk -> hxxp://www.ina-support.com/ (No File)
Shortcut: C:\Users\Bendlebender\AppData\Local\Microsoft\Windows\GameExplorer\{3ADA0EA8-91A3-45E1-A7DA-A3FA38EDFA53}\SupportTasks\0\More Games from Microsoft.lnk -> hxxp://nwn.bioware.com// (No File)
Shortcut: C:\Users\Bendlebender\AppData\Local\Microsoft\Windows\GameExplorer\{0FCFD096-CEC5-49D5-AD57-7E43D49D08AF}\SupportTasks\1\Support.lnk -> hxxp://support.lucasarts.com/ (No File)
Shortcut: C:\Users\Bendlebender\AppData\Local\Microsoft\Windows\GameExplorer\{0FCFD096-CEC5-49D5-AD57-7E43D49D08AF}\SupportTasks\0\More Games from Microsoft.lnk -> hxxp://www.swempireatwar.com/ (No File)
Shortcut: C:\Users\Bendlebender\AppData\Local\Microsoft\Windows\GameExplorer\{00CFB970-0DD3-4720-975C-BEA0309026E1}\SupportTasks\1\Support.lnk -> hxxp://support.lucasarts.com/ (No File)
Shortcut: C:\Users\Bendlebender\AppData\Local\Microsoft\Windows\GameExplorer\{00CFB970-0DD3-4720-975C-BEA0309026E1}\SupportTasks\0\More Games from Microsoft.lnk -> hxxp://www.empireatwar.com/ (No File)
2016-06-28 17:14 - 2015-05-03 16:43 - 00202767 _____ () C:\Users\Bendlebender\Desktop\Not Surprised\atoto\NO$GBA.EXE
AlternateDataStreams: C:\Users\Public\DRM:?????? [48]
HKU\S-1-5-21-1748231068-357915915-2718231513-1000\Software\Classes\exefile: <===== ATTENTION
C:\Users\Bendlebender\Desktop\Not Surprised\atoto\NO$GBA.EXE

End
Save the file as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

How is the computer running now?

#6 BuckEyeJog

BuckEyeJog
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Local time:05:53 AM

Posted 14 July 2016 - 01:54 AM

Done and done. However, the problem persists. Here is the Fixlist:

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 13-07-2016 02

Ran by Bendlebender (2016-07-14 01:36:54) Run:2

Running from C:\Users\Bendlebender\Downloads

Loaded Profiles: Bendlebender (Available Profiles: Bendlebender & Fat Wombat & Warchow)

Boot Mode: Normal

==============================================

fixlist content:

*****************

start

 

CreateRestorePoint:

EmptyTemp:

CloseProcesses:

Shortcut: C:\Users\Bendlebender\Desktop\Recreation\Side Things\Oldgames\OldGames.sk\www.oldgames.sk.lnk -> hxxp:( (No File)

Shortcut: C:\Users\Bendlebender\AppData\Local\Microsoft\Windows\GameExplorer\{C77AE730-B98A-47FE-91CA-D1BD826BEF12}\SupportTasks\1\Support.lnk -> hxxp://www.atarisupport.com/ (No File)

Shortcut: C:\Users\Bendlebender\AppData\Local\Microsoft\Windows\GameExplorer\{C77AE730-B98A-47FE-91CA-D1BD826BEF12}\SupportTasks\0\More Games from Microsoft.lnk -> hxxp://nwn.bioware.com/shadows// (No File)

Shortcut: C:\Users\Bendlebender\AppData\Local\Microsoft\Windows\GameExplorer\{961026D5-0AD4-4F45-A45B-605C7BA7DB3D}\SupportTasks\1\Support.lnk -> hxxp://www.blackisle.com/ (No File)

Shortcut: C:\Users\Bendlebender\AppData\Local\Microsoft\Windows\GameExplorer\{961026D5-0AD4-4F45-A45B-605C7BA7DB3D}\SupportTasks\0\More Games from Microsoft.lnk -> hxxp://www.interplay.com/ (No File)

Shortcut: C:\Users\Bendlebender\AppData\Local\Microsoft\Windows\GameExplorer\{747003CF-EE3C-4838-9E66-B8470A48769D}\SupportTasks\1\Support.lnk -> hxxp://support.lucasarts.com/ (No File)

Shortcut: C:\Users\Bendlebender\AppData\Local\Microsoft\Windows\GameExplorer\{747003CF-EE3C-4838-9E66-B8470A48769D}\SupportTasks\0\More Games from Microsoft.lnk -> hxxp://www.swgalacticbattlegrounds.com/ (No File)

Shortcut: C:\Users\Bendlebender\AppData\Local\Microsoft\Windows\GameExplorer\{3ADA0EA8-91A3-45E1-A7DA-A3FA38EDFA53}\SupportTasks\1\Support.lnk -> hxxp://www.ina-support.com/ (No File)

Shortcut: C:\Users\Bendlebender\AppData\Local\Microsoft\Windows\GameExplorer\{3ADA0EA8-91A3-45E1-A7DA-A3FA38EDFA53}\SupportTasks\0\More Games from Microsoft.lnk -> hxxp://nwn.bioware.com// (No File)

Shortcut: C:\Users\Bendlebender\AppData\Local\Microsoft\Windows\GameExplorer\{0FCFD096-CEC5-49D5-AD57-7E43D49D08AF}\SupportTasks\1\Support.lnk -> hxxp://support.lucasarts.com/ (No File)

Shortcut: C:\Users\Bendlebender\AppData\Local\Microsoft\Windows\GameExplorer\{0FCFD096-CEC5-49D5-AD57-7E43D49D08AF}\SupportTasks\0\More Games from Microsoft.lnk -> hxxp://www.swempireatwar.com/ (No File)

Shortcut: C:\Users\Bendlebender\AppData\Local\Microsoft\Windows\GameExplorer\{00CFB970-0DD3-4720-975C-BEA0309026E1}\SupportTasks\1\Support.lnk -> hxxp://support.lucasarts.com/ (No File)

Shortcut: C:\Users\Bendlebender\AppData\Local\Microsoft\Windows\GameExplorer\{00CFB970-0DD3-4720-975C-BEA0309026E1}\SupportTasks\0\More Games from Microsoft.lnk -> hxxp://www.empireatwar.com/ (No File)

2016-06-28 17:14 - 2015-05-03 16:43 - 00202767 _____ () C:\Users\Bendlebender\Desktop\Not Surprised\atoto\NO$GBA.EXE

AlternateDataStreams: C:\Users\Public\DRM:?????? [48]

HKU\S-1-5-21-1748231068-357915915-2718231513-1000\Software\Classes\exefile: <===== ATTENTION

C:\Users\Bendlebender\Desktop\Not Surprised\atoto\NO$GBA.EXE

End

*****************

Restore point was successfully created.

Processes closed successfully.

Shortcut: C:\Users\Bendlebender\Desktop\Recreation\Side Things\Oldgames\OldGames.sk\www.oldgames.sk.lnk -> hxxp:( (No File) => Error: No automatic fix found for this entry.

Shortcut: C:\Users\Bendlebender\AppData\Local\Microsoft\Windows\GameExplorer\{C77AE730-B98A-47FE-91CA-D1BD826BEF12}\SupportTasks\1\Support.lnk -> hxxp://www.atarisupport.com/ (No File) => Error: No automatic fix found for this entry.

Shortcut: C:\Users\Bendlebender\AppData\Local\Microsoft\Windows\GameExplorer\{C77AE730-B98A-47FE-91CA-D1BD826BEF12}\SupportTasks\0\More Games from Microsoft.lnk -> hxxp://nwn.bioware.com/shadows// (No File) => Error: No automatic fix found for this entry.

Shortcut: C:\Users\Bendlebender\AppData\Local\Microsoft\Windows\GameExplorer\{961026D5-0AD4-4F45-A45B-605C7BA7DB3D}\SupportTasks\1\Support.lnk -> hxxp://www.blackisle.com/ (No File) => Error: No automatic fix found for this entry.

Shortcut: C:\Users\Bendlebender\AppData\Local\Microsoft\Windows\GameExplorer\{961026D5-0AD4-4F45-A45B-605C7BA7DB3D}\SupportTasks\0\More Games from Microsoft.lnk -> hxxp://www.interplay.com/ (No File) => Error: No automatic fix found for this entry.

Shortcut: C:\Users\Bendlebender\AppData\Local\Microsoft\Windows\GameExplorer\{747003CF-EE3C-4838-9E66-B8470A48769D}\SupportTasks\1\Support.lnk -> hxxp://support.lucasarts.com/ (No File) => Error: No automatic fix found for this entry.

Shortcut: C:\Users\Bendlebender\AppData\Local\Microsoft\Windows\GameExplorer\{747003CF-EE3C-4838-9E66-B8470A48769D}\SupportTasks\0\More Games from Microsoft.lnk -> hxxp://www.swgalacticbattlegrounds.com/ (No File) => Error: No automatic fix found for this entry.

Shortcut: C:\Users\Bendlebender\AppData\Local\Microsoft\Windows\GameExplorer\{3ADA0EA8-91A3-45E1-A7DA-A3FA38EDFA53}\SupportTasks\1\Support.lnk -> hxxp://www.ina-support.com/ (No File) => Error: No automatic fix found for this entry.

Shortcut: C:\Users\Bendlebender\AppData\Local\Microsoft\Windows\GameExplorer\{3ADA0EA8-91A3-45E1-A7DA-A3FA38EDFA53}\SupportTasks\0\More Games from Microsoft.lnk -> hxxp://nwn.bioware.com// (No File) => Error: No automatic fix found for this entry.

Shortcut: C:\Users\Bendlebender\AppData\Local\Microsoft\Windows\GameExplorer\{0FCFD096-CEC5-49D5-AD57-7E43D49D08AF}\SupportTasks\1\Support.lnk -> hxxp://support.lucasarts.com/ (No File) => Error: No automatic fix found for this entry.

Shortcut: C:\Users\Bendlebender\AppData\Local\Microsoft\Windows\GameExplorer\{0FCFD096-CEC5-49D5-AD57-7E43D49D08AF}\SupportTasks\0\More Games from Microsoft.lnk -> hxxp://www.swempireatwar.com/ (No File) => Error: No automatic fix found for this entry.

Shortcut: C:\Users\Bendlebender\AppData\Local\Microsoft\Windows\GameExplorer\{00CFB970-0DD3-4720-975C-BEA0309026E1}\SupportTasks\1\Support.lnk -> hxxp://support.lucasarts.com/ (No File) => Error: No automatic fix found for this entry.

Shortcut: C:\Users\Bendlebender\AppData\Local\Microsoft\Windows\GameExplorer\{00CFB970-0DD3-4720-975C-BEA0309026E1}\SupportTasks\0\More Games from Microsoft.lnk -> hxxp://www.empireatwar.com/ (No File) => Error: No automatic fix found for this entry.

"C:\Users\Bendlebender\Desktop\Not Surprised\atoto\NO$GBA.EXE" => not found.

"C:\Users\Public\DRM" => ":??????" ADS not found.

"HKU\S-1-5-21-1748231068-357915915-2718231513-1000\Software\Classes\exefile" => key removed successfully

"C:\Users\Bendlebender\Desktop\Not Surprised\atoto\NO$GBA.EXE" => not found.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B

DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 10453382 B

Java, Flash, Steam htmlcache => 0 B

Windows/system/drivers => 235258 B

Edge => 0 B

Chrome => 0 B

Firefox => 0 B

Opera => 0 B

Temp, IE cache, history, cookies, recent:

Default => 0 B

Public => 0 B

ProgramData => 0 B

systemprofile => 128 B

systemprofile32 => 0 B

LocalService => 0 B

NetworkService => 1150 B

Bendlebender => 145417192 B

Fat Wombat => 0 B

Warchow => 0 B

RecycleBin => 0 B

EmptyTemp: => 156.9 MB temporary data Removed.

================================

 

The system needed a reboot.

==== End of Fixlog 01:37:18 ====

 

Thanks for the responses, all the same.



#7 nasdaq

nasdaq

  • Malware Response Team
  • 39,256 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:06:53 AM

Posted 14 July 2016 - 09:46 AM

Please Download and run the ComboFix tool.

How to use ComboFix
http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Follow the instructions on the page.

Post the content of the C:\ComboFix.txt file for my review.

p.s.
When all is well you can remove the tool by following the Uninstall instructions on the same page.

#8 BuckEyeJog

BuckEyeJog
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Local time:05:53 AM

Posted 15 July 2016 - 03:15 AM

Also done and done.

 

ComboFix.txt:

 

ComboFix 16-07-10.01 - Bendlebender 07/15/2016   2:56.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.3957.2252 [GMT -5:00]
Running from: c:\users\Bendlebender\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((   Files Created from 2016-06-15 to 2016-07-15  )))))))))))))))))))))))))))))))
.
.
2067-05-27 20:16 . 2012-02-23 00:20 1249280 ----a-w- c:\program files (x86)\Microsoft Games\Impossible Creatures\InsectMod.dll
2067-05-22 03:35 . 2003-06-05 22:40 106496 ----a-w- c:\program files (x86)\Microsoft Games\Impossible Creatures\Filesystem.dll
2016-07-15 08:04 . 2016-07-15 08:04 -------- d-----w- c:\users\Warchow\AppData\Local\temp
2016-07-15 08:04 . 2016-07-15 08:04 -------- d-----w- c:\users\Fat Wombat\AppData\Local\temp
2016-07-15 08:04 . 2016-07-15 08:04 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-07-15 06:29 . 2016-07-15 06:29 -------- d-----w- c:\program files\CobianBackup11Gravity
2016-07-15 06:27 . 2016-07-15 06:27 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{70F09665-6CE3-47C8-A04E-1EB54F3886E1}\offreg.5472.dll
2016-07-07 07:10 . 2016-07-07 07:10 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{70F09665-6CE3-47C8-A04E-1EB54F3886E1}\offreg.5212.dll
2016-07-07 06:58 . 2016-07-07 06:58 -------- d-----w- C:\zoek_backup
2016-07-06 07:45 . 2016-07-06 07:48 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2016-07-06 07:43 . 2016-07-06 07:48 -------- d-----w- c:\users\Bendlebender\mbar
2016-07-06 06:59 . 2016-07-06 06:59 46960 ----a-w- c:\windows\system32\drivers\hitmanpro37.sys
2016-07-06 06:30 . 2016-07-06 06:30 -------- d-----w- c:\users\Bendlebender\AppData\Local\CrashDumps
2016-07-06 06:25 . 2016-07-06 06:25 -------- d-----w- c:\program files\HitmanPro
2016-07-06 06:23 . 2016-07-06 06:57 -------- d-----w- c:\programdata\HitmanPro
2016-07-06 06:15 . 2016-07-06 06:15 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{70F09665-6CE3-47C8-A04E-1EB54F3886E1}\offreg.6524.dll
2016-07-04 07:04 . 2016-07-04 07:04 -------- d-----w- c:\users\Bendlebender\AppData\Local\CEF
2016-07-03 07:29 . 2016-07-14 06:39 -------- d-----w- C:\FRST
2016-07-02 09:07 . 2016-06-21 22:04 12007136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{70F09665-6CE3-47C8-A04E-1EB54F3886E1}\mpengine.dll
2016-07-02 08:13 . 2016-07-07 07:09 24688 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2016-07-02 08:12 . 2016-07-02 08:12 -------- d-----w- c:\programdata\RogueKiller
2016-07-02 07:43 . 2016-07-02 07:43 -------- d-----w- c:\program files\CCleaner
2016-07-02 06:59 . 2016-07-07 06:58 -------- d-----w- c:\programdata\SUPERSetup
2016-07-01 23:03 . 2016-07-07 06:56 -------- d-----w- C:\AdwCleaner
2016-07-01 22:12 . 2016-07-01 22:12 -------- d-----w- C:\SUPERDelete
2016-07-01 22:10 . 2016-07-01 22:10 -------- d-----w- c:\users\Bendlebender\AppData\Roaming\SUPERAntiSpyware.com
2016-07-01 22:10 . 2016-07-01 22:10 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2016-07-01 05:45 . 2016-07-15 05:11 192216 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2016-07-01 05:45 . 2016-07-06 07:43 109272 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2016-07-01 05:45 . 2016-03-10 19:09 64896 ----a-w- c:\windows\system32\drivers\mwac.sys
2016-07-01 05:45 . 2016-07-01 05:45 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2016-07-01 05:44 . 2016-07-01 05:44 -------- d-----w- c:\users\Bendlebender\AppData\Local\Programs
2016-06-17 06:48 . 2016-06-17 06:48 37144 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2016-06-17 06:48 . 2016-06-17 06:48 398152 ----a-w- c:\windows\system32\aswBoot.exe
2016-06-17 06:48 . 2016-06-17 06:48 52184 ----a-w- c:\windows\avastSS.scr
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-07-14 07:50 . 2013-07-03 19:12 796352 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2016-07-14 07:50 . 2011-06-21 17:11 142528 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2016-06-17 06:48 . 2015-01-21 19:40 37656 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2016-06-17 06:48 . 2015-01-21 19:40 166432 ----a-w- c:\windows\system32\drivers\aswStm.sys
2016-06-17 06:48 . 2015-01-21 19:35 74544 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2016-06-17 06:48 . 2015-01-21 19:35 287528 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2016-06-17 06:48 . 2012-01-31 08:17 465792 ----a-w- c:\windows\system32\drivers\aswSP.sys
2016-06-17 06:48 . 2012-01-31 08:17 107792 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2016-06-17 06:48 . 2012-02-24 05:06 103064 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2016-06-17 06:48 . 2012-01-31 08:17 1070904 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2016-06-14 00:31 . 2011-01-10 20:51 484008 ------w- c:\windows\system32\MpSigStub.exe
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-12-30 39408]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2016-06-10 8810200]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-06-02 98304]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2016-06-27 7408312]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"="c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" [2011-09-18 560128]
.
c:\users\Bendlebender\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-12-15 1324384]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe /firstrun [2009-12-15 1324384]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 VBoxAswDrv;VBoxAsw Support Driver;c:\program files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys;c:\program files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [x]
R3 AvastVBoxSvc;AvastVBox COM Service;c:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe;c:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [x]
R3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;c:\program files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe;c:\program files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [x]
R3 hitmanpro37;HitmanPro 3.7 Support Driver;c:\windows\system32\drivers\hitmanpro37.sys;c:\windows\SYSNATIVE\drivers\hitmanpro37.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\dell support center\pcdsrvc_x64.pkms;c:\program files\dell support center\pcdsrvc_x64.pkms [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TurboBoost;TurboBoost;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S0 stdflt;Disk Filter Driver for Accelerometer;c:\windows\system32\DRIVERS\stdflt.sys;c:\windows\SYSNATIVE\DRIVERS\stdflt.sys [x]
S1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys;c:\windows\SYSNATIVE\drivers\aswKbd.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe;c:\windows\SYSNATIVE\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 cbVSCService11;Cobian Backup 11 Volume Shadow Copy Requester;c:\program files\CobianBackup11Gravity\cbVSCService11.exe;c:\program files\CobianBackup11Gravity\cbVSCService11.exe [x]
S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe;c:\program files\Dell\DellDock\DockLogin.exe [x]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 InstallFilterService;FF Install Filter Service;c:\program files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe;c:\program files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
S2 Printer Control;Printer Control;c:\windows\system32\PrintCtrl.exe;c:\windows\SYSNATIVE\PrintCtrl.exe [x]
S2 rimspci;rimspci;c:\windows\system32\DRIVERS\rimspe64.sys;c:\windows\SYSNATIVE\DRIVERS\rimspe64.sys [x]
S2 risdpcie;risdpcie;c:\windows\system32\DRIVERS\risdpe64.sys;c:\windows\SYSNATIVE\DRIVERS\risdpe64.sys [x]
S2 rixdpcie;rixdpcie;c:\windows\system32\DRIVERS\rixdpe64.sys;c:\windows\SYSNATIVE\DRIVERS\rixdpe64.sys [x]
S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [x]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x]
S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]
S3 Acceler;Accelerometer Service;c:\windows\system32\DRIVERS\Acceler.sys;c:\windows\SYSNATIVE\DRIVERS\Acceler.sys [x]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys;c:\windows\SYSNATIVE\DRIVERS\CtClsFlt.sys [x]
S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - MBAMSWISSARMY
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2016-06-18 05:55 1245848 ----a-w- c:\program files (x86)\Google\Chrome\Application\51.0.2704.103\Installer\chrmstp.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{A6EADE66-0000-0000-484E-7E8A45000000}]
2016-06-30 11:55 322232 ----a-w- c:\program files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll
.
Contents of the 'Scheduled Tasks' folder
.
2016-07-15 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-03 07:50]
.
2016-07-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-12-30 02:43]
.
2016-07-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-12-30 02:43]
.
2016-06-21 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\program files\Dell Support Center\uaclauncher.exe [2012-03-28 23:04]
.
2016-07-15 c:\windows\Tasks\SystemToolsDailyTest.job
- c:\program files\Dell Support Center\uaclauncher.exe [2012-03-28 23:04]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2016-06-17 06:48 920784 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-01-21 487424]
"FreeFallProtection"="c:\program files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe" [2009-07-22 2384896]
"Broadcom Wireless Manager UI"="c:\program files\Dell\DW WLAN Card\WLTRAY.exe" [2009-12-17 5470208]
"PrintDisp"="c:\windows\system32\PrintDisp.exe" [2011-02-19 826368]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
Trusted Zone: internet
Trusted Zone: mcafee.com
TCP: DhcpNameServer = 10.0.0.1
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-SUPERAntiSpyware - c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Wow6432Node-HKLM-Run-DellSupportCenter - c:\program files (x86)\Dell Support Center\bin\sprtcmd.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-Coupon Printer for Windows5.0.0.3 - c:\program files (x86)\Coupons\uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\PCDSRVC{1E208CE0-FB7451FF-06020101}_0]
"ImagePath"="\??\c:\program files\dell support center\pcdsrvc_x64.pkms"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_22_0_0_192_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_22_0_0_192_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_22_0_0_192_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_22_0_0_192_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_22_0_0_192.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.22"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_22_0_0_192.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_22_0_0_192.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_22_0_0_192.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2016-07-15  03:07:22
ComboFix-quarantined-files.txt  2016-07-15 08:07
.
Pre-Run: 248,466,939,904 bytes free
Post-Run: 248,289,640,448 bytes free
.
- - End Of File - - E0DCDA72943FF9FCF39005C2709ED2AE

 

 

How's it look?
 



#9 nasdaq

nasdaq

  • Malware Response Team
  • 39,256 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:06:53 AM

Posted 15 July 2016 - 08:48 AM

Nothing suspicious.

How is the computer running now?

#10 BuckEyeJog

BuckEyeJog
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Local time:05:53 AM

Posted 16 July 2016 - 01:43 AM

Much the same problems. Casual use of Internet Explorer on a single browser clocked CPU Usage over 90%.



#11 nasdaq

nasdaq

  • Malware Response Team
  • 39,256 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:06:53 AM

Posted 16 July 2016 - 09:25 AM

We will check your BIOS and Master boot record.

Read carefully and follow these steps.
TDSS
  • Download TDSSKiller and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application.
  • Then click on Start Scan.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.

    TDSSKillerSuspicious-1.png
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • Important: Do NOT change the default action on your own unless instructed by a malware Helper! Doing so may render your computer unbootable.
    TDSSKillerMal-1.png
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.

    TDSSKillerCompleted.png
  • If no reboot is required, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.
===

Download http://public.avast.com/~gmerek/aswMBR.exe (aswMBR.exe) to your desktop. Double click the aswMBR.exe to run it.
aswMBRScan.gif
  • Click the "Scan" button to start scan.
  • Upon completion of the scan, click Save log, and save it to your desktop. (Note - do not select any Fix at this time) <- IMPORTANT
  • Please paste the contents of that log in your next reply.
  • There shall also be a file on your desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) folder. Please attach that zipped file in your next reply.
    ===

    Wait for further instructions.


#12 BuckEyeJog

BuckEyeJog
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Local time:05:53 AM

Posted 17 July 2016 - 01:34 AM

Before this next step, need to confirm something. ComboFix hasn't been uninstalled yet, because its not certain if it was mentioned that the coast was clear. Should ComboFix be uninstalled before going on, or hung on to? Also, it's notable Internet Explorer runs

something smoother when with no-add ons, not sure if that is something. Though anyway, thanks for the help too.



#13 nasdaq

nasdaq

  • Malware Response Team
  • 39,256 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:06:53 AM

Posted 17 July 2016 - 10:25 AM

ComboFix will not interfere with these Scan.

Go head.

#14 BuckEyeJog

BuckEyeJog
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Local time:05:53 AM

Posted 18 July 2016 - 02:49 AM

Alright, then.
 
TDSS Killer:
 
16:52:09.0042 0x045c TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
16:52:12.0872 0x045c ============================================================
16:52:12.0872 0x045c Current date / time: 2016/07/16 16:52:12.0872
16:52:12.0872 0x045c SystemInfo:
16:52:12.0872 0x045c
16:52:12.0872 0x045c OS Version: 6.1.7601 ServicePack: 1.0
16:52:12.0872 0x045c Product type: Workstation
16:52:12.0872 0x045c ComputerName: BLUEBEAST
16:52:12.0872 0x045c UserName: Bendlebender
16:52:12.0872 0x045c Windows directory: C:\Windows
16:52:12.0872 0x045c System windows directory: C:\Windows
16:52:12.0872 0x045c Running under WOW64
16:52:12.0872 0x045c Processor architecture: Intel x64
16:52:12.0872 0x045c Number of processors: 4
16:52:12.0872 0x045c Page size: 0x1000
16:52:12.0872 0x045c Boot type: Normal boot
16:52:12.0872 0x045c ============================================================
16:52:13.0892 0x045c KLMD registered as C:\Windows\system32\drivers\67119468.sys
16:52:14.0374 0x045c System UUID: {F92E5231-4EB3-140C-19D1-69F1A9926758}
16:52:15.0011 0x045c Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:52:15.0022 0x045c ============================================================
16:52:15.0022 0x045c \Device\Harddisk0\DR0:
16:52:15.0027 0x045c MBR partitions:
16:52:15.0027 0x045c \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x139C5, BlocksNum 0x1D4C000
16:52:15.0027 0x045c \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D5F9C5, BlocksNum 0x38625E6B
16:52:15.0027 0x045c ============================================================
16:52:15.0056 0x045c C: <-> \Device\Harddisk0\DR0\Partition2
16:52:15.0056 0x045c ============================================================
16:52:15.0056 0x045c Initialize success
16:52:15.0056 0x045c ============================================================
16:52:30.0669 0x1308 ============================================================
16:52:30.0669 0x1308 Scan started
16:52:30.0669 0x1308 Mode: Manual;
16:52:30.0669 0x1308 ============================================================
16:52:30.0669 0x1308 KSN ping started
16:52:34.0838 0x1308 KSN ping finished: true
16:52:35.0340 0x1308 ================ Scan system memory ========================
16:52:35.0340 0x1308 System memory - ok
16:52:35.0341 0x1308 ================ Scan services =============================
16:52:38.0278 0x1308 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
16:52:38.0283 0x1308 1394ohci - ok
16:52:38.0519 0x1308 [ C49C56B35BFC6CDA8D1FDCAD2885568F, 60F80C51928C9332AA1DD50197FAD2A818FDCAE9DCCA07EE85FA1C15ACF8CF2A ] Acceler C:\Windows\system32\DRIVERS\Acceler.sys
16:52:38.0521 0x1308 Acceler - ok
16:52:38.0740 0x1308 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
16:52:38.0806 0x1308 ACPI - ok
16:52:38.0895 0x1308 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
16:52:38.0900 0x1308 AcpiPmi - ok
16:52:39.0447 0x1308 [ 68E7DEA59FDEF410BAF29FDB5B7A6EEF, B808FCF0C30B465A1330E47947B84FC722A3B4C46260E261C54B1EED725A288F ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:52:39.0452 0x1308 AdobeARMservice - ok
16:52:41.0863 0x1308 [ 32B31B696CB8E8F380831DFEB80A67E4, 8C8F6E16F2FB3E8F10569261B7712BBC931A2924B6C27D561E7F828041C4F3E6 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:52:41.0874 0x1308 AdobeFlashPlayerUpdateSvc - ok
16:52:42.0070 0x1308 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
16:52:42.0093 0x1308 adp94xx - ok
16:52:42.0159 0x1308 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
16:52:42.0275 0x1308 adpahci - ok
16:52:42.0288 0x1308 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
16:52:42.0298 0x1308 adpu320 - ok
16:52:42.0330 0x1308 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
16:52:42.0334 0x1308 AeLookupSvc - ok
16:52:42.0483 0x1308 [ A6FB9DB8F1A86861D955FD6975977AE0, 788C6EE50719227D7A9B7F08C8D5E1289FCD0E8AC23A1021A5093D2E8368F696 ] AESTFilters C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe
16:52:42.0487 0x1308 AESTFilters - ok
16:52:42.0569 0x1308 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
16:52:42.0592 0x1308 AFD - ok
16:52:42.0632 0x1308 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
16:52:42.0637 0x1308 agp440 - ok
16:52:42.0673 0x1308 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
16:52:42.0682 0x1308 ALG - ok
16:52:42.0733 0x1308 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
16:52:42.0736 0x1308 aliide - ok
16:52:42.0772 0x1308 [ 388E79AF1C9E4D84A8559FA77F804CF6, 673133C4B4C6703C117897D0038E3F9274BF0328B2FB94458FF8C8B28036A9B9 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
16:52:42.0788 0x1308 AMD External Events Utility - ok
16:52:42.0828 0x1308 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
16:52:42.0833 0x1308 amdide - ok
16:52:42.0862 0x1308 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
16:52:42.0868 0x1308 AmdK8 - ok
16:52:43.0090 0x1308 [ 79A11CB10FF02A8425DABBB040249F7D, A6FA0C94373D0327B13F716B1474D71538EFD1AD730EFEFC4D4FF684DC821454 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
16:52:43.0305 0x1308 amdkmdag - ok
16:52:43.0347 0x1308 [ 6F6D47246FBB0CF65619684A0F89179E, 7DE1618BF8993F7A482A1D43651DDBB78EA8635AE1BD36966EEEC7983F531CA9 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
16:52:43.0352 0x1308 amdkmdap - ok
16:52:43.0369 0x1308 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
16:52:43.0375 0x1308 AmdPPM - ok
16:52:43.0419 0x1308 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
16:52:43.0428 0x1308 amdsata - ok
16:52:43.0447 0x1308 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
16:52:43.0454 0x1308 amdsbs - ok
16:52:43.0466 0x1308 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
16:52:43.0467 0x1308 amdxata - ok
16:52:43.0510 0x1308 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
16:52:43.0515 0x1308 AppID - ok
16:52:43.0549 0x1308 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
16:52:43.0554 0x1308 AppIDSvc - ok
16:52:43.0617 0x1308 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
16:52:43.0623 0x1308 Appinfo - ok
16:52:43.0676 0x1308 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
16:52:43.0681 0x1308 arc - ok
16:52:43.0699 0x1308 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
16:52:43.0705 0x1308 arcsas - ok
16:52:43.0979 0x1308 [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:52:44.0021 0x1308 aspnet_state - ok
16:52:44.0087 0x1308 [ 1694434F5B9AB16772C7A8E2EF9134CA, B84FA624EB6D438BB01AB886AE85FA42BEA46F2E33454C6C4D9078015813CDB5 ] aswHwid C:\Windows\system32\drivers\aswHwid.sys
16:52:44.0090 0x1308 aswHwid - ok
16:52:44.0159 0x1308 [ 786E8BCDFF674068F3C950615FC2E71C, B5803960297F9622F594EC113FF6C89221606FC6B26B02EA6F021BE38AA66794 ] aswKbd C:\Windows\system32\drivers\aswKbd.sys
16:52:44.0161 0x1308 aswKbd - ok
16:52:44.0188 0x1308 [ 33D0DD0471FDF449C81338863FC63978, D5898B51B3BCE43E62D459CE808888085D82A4B9B284F90E3301CEF7C33C03E4 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
16:52:44.0192 0x1308 aswMonFlt - ok
16:52:44.0205 0x1308 [ DF190688D993A3DB227BFB0BB40BD7D4, C7EDA64AE84001089AE2085B8336B7572DEDDCC80EAAA05D73C9C675CAD8C511 ] aswRdr C:\Windows\system32\drivers\aswRdr2.sys
16:52:44.0208 0x1308 aswRdr - ok
16:52:44.0234 0x1308 [ D873455DFA27680585AE238503917DF5, CAD9CBCD24F33FF8E49C77C795F8FE0540243E455A6FC9E3035B8C15C9EEBD6C ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
16:52:44.0240 0x1308 aswRvrt - ok
16:52:44.0445 0x1308 [ A371A06EC8F4830C263D3F5CA5A11B65, 62E55DD439C106184F3AF73198D5CEAB5828A0EE1E30A13C35103B1B57966AB6 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
16:52:44.0464 0x1308 aswSnx - ok
16:52:44.0607 0x1308 [ 6B7F6CE19A16240EE9DE2C528897ED9C, 3B7C24F5B152B408D87DA70B01AD2E744DCB877D46602C0620931FCADB275E17 ] aswSP C:\Windows\system32\drivers\aswSP.sys
16:52:44.0619 0x1308 aswSP - ok
16:52:44.0645 0x1308 [ 3575F9226251DE48E065ED5C384A21EF, 032F53FEEB0BB43F1AD673EE13F507D3A8AC10F78543EA1294C40BAA918ED323 ] aswStm C:\Windows\system32\drivers\aswStm.sys
16:52:44.0648 0x1308 aswStm - ok
16:52:44.0723 0x1308 [ BA4CDCD8C0395E91C38CD2C5CE3E7FA2, EF037C9C62F67C3D4432C86E3F568F62AABF468C792EA75477FCBC8EC8151C29 ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
16:52:44.0745 0x1308 aswVmm - ok
16:52:44.0794 0x1308 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
16:52:44.0797 0x1308 AsyncMac - ok
16:52:44.0843 0x1308 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
16:52:44.0846 0x1308 atapi - ok
16:52:44.0880 0x1308 [ 2D648572BA9A610952FCAFBA1E119C2D, 4CD7E7D3C878DEF8CC18A925EAB1E0E8E8893BE99DA1E1F78FE9AD12EF1C48BC ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
16:52:44.0887 0x1308 AtiHdmiService - ok
16:52:44.0963 0x1308 [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:52:45.0013 0x1308 AudioEndpointBuilder - ok
16:52:45.0061 0x1308 [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv C:\Windows\System32\Audiosrv.dll
16:52:45.0075 0x1308 AudioSrv - ok
16:52:45.0366 0x1308 [ A24AF1F8186B4B69D54DCC4B059CA695, 882338FEF206231B9FD83787A8685A7B69D76A414923B511A8D6A7619CB86F87 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
16:52:45.0373 0x1308 avast! Antivirus - ok
16:52:45.0413 0x1308 AvastVBoxSvc - ok
16:52:45.0459 0x1308 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
16:52:45.0469 0x1308 AxInstSV - ok
16:52:45.0516 0x1308 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
16:52:45.0547 0x1308 b06bdrv - ok
16:52:45.0598 0x1308 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
16:52:45.0622 0x1308 b57nd60a - ok
16:52:45.0661 0x1308 [ 5C0F919666954885D7760DFFE4B29A25, 04E884E3820ED7D179C282BFB9346F1FBE1AE36F13087A422A7530C5902080AC ] BCM42RLY C:\Windows\system32\drivers\BCM42RLY.sys
16:52:45.0663 0x1308 BCM42RLY - ok
16:52:45.0782 0x1308 [ BAB887A2B2786310A966881F074F4A99, ABBB72510BA7B7AA1A0934F3696A5058901932AE55A882B613F56E3C7E7FB0B9 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
16:52:45.0835 0x1308 BCM43XX - ok
16:52:45.0907 0x1308 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
16:52:45.0915 0x1308 BDESVC - ok
16:52:45.0962 0x1308 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
16:52:45.0964 0x1308 Beep - ok
16:52:46.0032 0x1308 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
16:52:46.0102 0x1308 BFE - ok
16:52:46.0171 0x1308 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\system32\qmgr.dll
16:52:46.0198 0x1308 BITS - ok
16:52:46.0308 0x1308 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
16:52:46.0310 0x1308 blbdrive - ok
16:52:46.0345 0x1308 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
16:52:46.0349 0x1308 bowser - ok
16:52:46.0385 0x1308 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:52:46.0388 0x1308 BrFiltLo - ok
16:52:46.0403 0x1308 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:52:46.0405 0x1308 BrFiltUp - ok
16:52:46.0441 0x1308 [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
16:52:46.0447 0x1308 BridgeMP - ok
16:52:46.0506 0x1308 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
16:52:46.0522 0x1308 Browser - ok
16:52:46.0551 0x1308 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
16:52:46.0560 0x1308 Brserid - ok
16:52:46.0576 0x1308 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
16:52:46.0580 0x1308 BrSerWdm - ok
16:52:46.0591 0x1308 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
16:52:46.0594 0x1308 BrUsbMdm - ok
16:52:46.0608 0x1308 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
16:52:46.0611 0x1308 BrUsbSer - ok
16:52:46.0631 0x1308 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
16:52:46.0636 0x1308 BTHMODEM - ok
16:52:46.0684 0x1308 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
16:52:46.0691 0x1308 bthserv - ok
16:52:46.0785 0x1308 [ 58BF7714A312698108A96D0DE2BB6825, 87E0EC24520C9C421AF6A680FEF42E18911AABA373A9F927C5CE77AD50F8196F ] cbVSCService11 C:\Program Files\CobianBackup11Gravity\cbVSCService11.exe
16:52:46.0789 0x1308 cbVSCService11 - ok
16:52:46.0819 0x1308 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
16:52:46.0825 0x1308 cdfs - ok
16:52:46.0886 0x1308 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\drivers\cdrom.sys
16:52:46.0895 0x1308 cdrom - ok
16:52:46.0941 0x1308 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
16:52:46.0948 0x1308 CertPropSvc - ok
16:52:46.0987 0x1308 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
16:52:46.0991 0x1308 circlass - ok
16:52:47.0023 0x1308 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
16:52:47.0047 0x1308 CLFS - ok
16:52:47.0124 0x1308 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:52:47.0133 0x1308 clr_optimization_v2.0.50727_32 - ok
16:52:47.0189 0x1308 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:52:47.0196 0x1308 clr_optimization_v2.0.50727_64 - ok
16:52:47.0276 0x1308 [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:52:47.0337 0x1308 clr_optimization_v4.0.30319_32 - ok
16:52:47.0373 0x1308 [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:52:47.0405 0x1308 clr_optimization_v4.0.30319_64 - ok
16:52:47.0454 0x1308 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
16:52:47.0460 0x1308 CmBatt - ok
16:52:47.0487 0x1308 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
16:52:47.0490 0x1308 cmdide - ok
16:52:47.0573 0x1308 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
16:52:47.0603 0x1308 CNG - ok
16:52:47.0618 0x1308 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
16:52:47.0619 0x1308 Compbatt - ok
16:52:47.0658 0x1308 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
16:52:47.0661 0x1308 CompositeBus - ok
16:52:47.0680 0x1308 COMSysApp - ok
16:52:47.0702 0x1308 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
16:52:47.0705 0x1308 crcdisk - ok
16:52:47.0756 0x1308 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
16:52:47.0773 0x1308 CryptSvc - ok
16:52:47.0804 0x1308 [ ED5CF92396A62F4C15110DCDB5E854D9, CD26216B8B3F558A0466843C8161E86EEDB78E6031E1AC0A00DCDE700A2B6EE2 ] CtClsFlt C:\Windows\system32\DRIVERS\CtClsFlt.sys
16:52:47.0814 0x1308 CtClsFlt - ok
16:52:47.0956 0x1308 [ 80861969541971176E005D2C09DAE851, F82A054DE0425ACB758A3792D902A38D01BE0ADEE933B5878C8F8017C148063A ] DAUpdaterSvc C:\Program Files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
16:52:47.0965 0x1308 DAUpdaterSvc - ok
16:52:48.0020 0x1308 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
16:52:48.0073 0x1308 DcomLaunch - ok
16:52:48.0123 0x1308 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
16:52:48.0147 0x1308 defragsvc - ok
16:52:48.0185 0x1308 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
16:52:48.0193 0x1308 DfsC - ok
16:52:48.0240 0x1308 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
16:52:48.0260 0x1308 Dhcp - ok
16:52:48.0301 0x1308 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
16:52:48.0304 0x1308 discache - ok
16:52:48.0331 0x1308 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
16:52:48.0334 0x1308 Disk - ok
16:52:48.0372 0x1308 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
16:52:48.0404 0x1308 Dnscache - ok
16:52:48.0489 0x1308 [ 0840ABBBDF438691EE65A20040635CBE, F83597ECECFADBA45242B683A19A01ADF84203B016301B64530C7BE8234175E8 ] DockLoginService C:\Program Files\Dell\DellDock\DockLogin.exe
16:52:48.0496 0x1308 DockLoginService - ok
16:52:48.0544 0x1308 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
16:52:48.0558 0x1308 dot3svc - ok
16:52:48.0596 0x1308 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
16:52:48.0612 0x1308 DPS - ok
16:52:48.0646 0x1308 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
16:52:48.0649 0x1308 drmkaud - ok
16:52:48.0719 0x1308 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
16:52:48.0738 0x1308 DXGKrnl - ok
16:52:48.0789 0x1308 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
16:52:48.0799 0x1308 EapHost - ok
16:52:48.0947 0x1308 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
16:52:49.0068 0x1308 ebdrv - ok
16:52:49.0108 0x1308 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\Windows\System32\lsass.exe
16:52:49.0110 0x1308 EFS - ok
16:52:49.0219 0x1308 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
16:52:49.0266 0x1308 ehRecvr - ok
16:52:49.0301 0x1308 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
16:52:49.0309 0x1308 ehSched - ok
16:52:49.0359 0x1308 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
16:52:49.0391 0x1308 elxstor - ok
16:52:49.0431 0x1308 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
16:52:49.0434 0x1308 ErrDev - ok
16:52:49.0487 0x1308 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
16:52:49.0516 0x1308 EventSystem - ok
16:52:49.0535 0x1308 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
16:52:49.0542 0x1308 exfat - ok
16:52:49.0560 0x1308 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
16:52:49.0567 0x1308 fastfat - ok
16:52:49.0632 0x1308 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
16:52:49.0678 0x1308 Fax - ok
16:52:49.0706 0x1308 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
16:52:49.0711 0x1308 fdc - ok
16:52:49.0746 0x1308 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
16:52:49.0751 0x1308 fdPHost - ok
16:52:49.0768 0x1308 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
16:52:49.0773 0x1308 FDResPub - ok
16:52:49.0799 0x1308 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
16:52:49.0803 0x1308 FileInfo - ok
16:52:49.0816 0x1308 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
16:52:49.0819 0x1308 Filetrace - ok
16:52:49.0838 0x1308 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
16:52:49.0842 0x1308 flpydisk - ok
16:52:49.0887 0x1308 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
16:52:49.0908 0x1308 FltMgr - ok
16:52:50.0072 0x1308 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
16:52:50.0143 0x1308 FontCache - ok
16:52:50.0216 0x1308 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:52:50.0218 0x1308 FontCache3.0.0.0 - ok
16:52:50.0237 0x1308 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
16:52:50.0241 0x1308 FsDepends - ok
16:52:50.0274 0x1308 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
16:52:50.0275 0x1308 Fs_Rec - ok
16:52:50.0337 0x1308 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
16:52:50.0353 0x1308 fvevol - ok
16:52:50.0373 0x1308 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
16:52:50.0378 0x1308 gagp30kx - ok
16:52:50.0446 0x1308 [ 551D463E4CCEB5240234DA6718C93A44, 37CE7DFD392A1899FDB1B36163D34E9C005344EABDF7397BEA81447B9F7262D1 ] GameConsoleService C:\Program Files (x86)\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe
16:52:50.0459 0x1308 GameConsoleService - ok
16:52:50.0489 0x1308 [ D3316F6E3C011435F36E3D6E49B3196C, 941DF52BA26603A146ED6B65A696DB87153868ED0469EF9C2EB09AC7E63525B7 ] GoToAssist C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
16:52:50.0492 0x1308 GoToAssist - ok
16:52:50.0584 0x1308 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
16:52:50.0619 0x1308 gpsvc - ok
16:52:50.0721 0x1308 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:52:50.0728 0x1308 gupdate - ok
16:52:50.0795 0x1308 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:52:50.0802 0x1308 gupdatem - ok
16:52:50.0871 0x1308 [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
16:52:50.0887 0x1308 gusvc - ok
16:52:50.0901 0x1308 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
16:52:50.0905 0x1308 hcw85cir - ok
16:52:50.0952 0x1308 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
16:52:50.0958 0x1308 HDAudBus - ok
16:52:51.0006 0x1308 [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
16:52:51.0009 0x1308 HECIx64 - ok
16:52:51.0025 0x1308 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
16:52:51.0029 0x1308 HidBatt - ok
16:52:51.0046 0x1308 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
16:52:51.0052 0x1308 HidBth - ok
16:52:51.0082 0x1308 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
16:52:51.0087 0x1308 HidIr - ok
16:52:51.0117 0x1308 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\System32\hidserv.dll
16:52:51.0123 0x1308 hidserv - ok
16:52:51.0173 0x1308 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\drivers\hidusb.sys
16:52:51.0177 0x1308 HidUsb - ok
16:52:51.0257 0x1308 [ 7FD586369B597798535C098E63818AAC, A87D20E169629C827D19D44DE9F057E608FD1B2615F8613C56CD4234826BC9CF ] hitmanpro37 C:\Windows\system32\drivers\hitmanpro37.sys
16:52:51.0261 0x1308 hitmanpro37 - ok
16:52:51.0297 0x1308 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
16:52:51.0306 0x1308 hkmsvc - ok
16:52:51.0366 0x1308 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:52:51.0381 0x1308 HomeGroupListener - ok
16:52:51.0415 0x1308 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:52:51.0424 0x1308 HomeGroupProvider - ok
16:52:51.0456 0x1308 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
16:52:51.0459 0x1308 HpSAMD - ok
16:52:51.0500 0x1308 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
16:52:51.0541 0x1308 HTTP - ok
16:52:51.0555 0x1308 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
16:52:51.0556 0x1308 hwpolicy - ok
16:52:51.0593 0x1308 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
16:52:51.0600 0x1308 i8042prt - ok
16:52:51.0660 0x1308 [ ABBF174CB394F5C437410A788B7E404A, 95554F675329E7062F0936E4E902FEFF2456CAD95D6C9B60DCC213EF6E4C62D8 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
16:52:51.0672 0x1308 iaStor - ok
16:52:51.0744 0x1308 [ 31A0E93CDF29007D6C6FFFB632F375ED, CA464928E9868B9A09C324DBBC8DA41A01C5C486B43578FC695250D523DE555B ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
16:52:51.0746 0x1308 IAStorDataMgrSvc - ok
16:52:51.0794 0x1308 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
16:52:51.0812 0x1308 iaStorV - ok
16:52:52.0011 0x1308 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:52:52.0058 0x1308 idsvc - ok
16:52:52.0091 0x1308 IEEtwCollectorService - ok
16:52:52.0128 0x1308 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
16:52:52.0133 0x1308 iirsp - ok
16:52:52.0204 0x1308 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
16:52:52.0268 0x1308 IKEEXT - ok
16:52:52.0343 0x1308 [ 4FF8A2082D78255D2EB169F986BCC981, FC3AB8C5845ABBB0CC0C5860281997537B42FF39D873B90F82EF1E8393AF40CF ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
16:52:52.0368 0x1308 Impcd - ok
16:52:52.0418 0x1308 [ FD5EF1D0210CB9C0773BBA7CA360D762, F07BEF8FFF4455FC44964EEB002F87636958810248EB4FD40009C0C97206A5C8 ] InstallFilterService C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe
16:52:52.0421 0x1308 InstallFilterService - ok
16:52:52.0457 0x1308 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
16:52:52.0460 0x1308 intelide - ok
16:52:52.0485 0x1308 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
16:52:52.0488 0x1308 intelppm - ok
16:52:52.0525 0x1308 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
16:52:52.0533 0x1308 IPBusEnum - ok
16:52:52.0570 0x1308 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:52:52.0579 0x1308 IpFilterDriver - ok
16:52:52.0651 0x1308 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
16:52:52.0690 0x1308 iphlpsvc - ok
16:52:52.0715 0x1308 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
16:52:52.0718 0x1308 IPMIDRV - ok
16:52:52.0753 0x1308 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
16:52:52.0761 0x1308 IPNAT - ok
16:52:52.0786 0x1308 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
16:52:52.0789 0x1308 IRENUM - ok
16:52:52.0804 0x1308 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
16:52:52.0807 0x1308 isapnp - ok
16:52:52.0857 0x1308 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
16:52:52.0879 0x1308 iScsiPrt - ok
16:52:53.0030 0x1308 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
16:52:53.0034 0x1308 kbdclass - ok
16:52:53.0076 0x1308 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
16:52:53.0080 0x1308 kbdhid - ok
16:52:53.0094 0x1308 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\Windows\system32\lsass.exe
16:52:53.0100 0x1308 KeyIso - ok
16:52:53.0140 0x1308 [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
16:52:53.0146 0x1308 KSecDD - ok
16:52:53.0180 0x1308 [ 41774FF331F609EF442B7398EE6202B1, AD67DA06A74895C384F4A1F1CF47050DAEE9C6CE8AD12F1A116FC977B6C3A864 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
16:52:53.0188 0x1308 KSecPkg - ok
16:52:53.0201 0x1308 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
16:52:53.0204 0x1308 ksthunk - ok
16:52:53.0242 0x1308 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
16:52:53.0260 0x1308 KtmRm - ok
16:52:53.0348 0x1308 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\System32\srvsvc.dll
16:52:53.0373 0x1308 LanmanServer - ok
16:52:53.0409 0x1308 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:52:53.0433 0x1308 LanmanWorkstation - ok
16:52:53.0452 0x1308 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
16:52:53.0454 0x1308 lltdio - ok
16:52:53.0510 0x1308 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
16:52:53.0535 0x1308 lltdsvc - ok
16:52:53.0556 0x1308 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
16:52:53.0562 0x1308 lmhosts - ok
16:52:53.0609 0x1308 [ 7485FBCEF9136F530953575E2977859D, 5A6A67EE407C6ECE637C2B2AC21259BB86D032E47CE59F77AAF48D687B74CFCB ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
16:52:53.0626 0x1308 LMS - ok
16:52:53.0651 0x1308 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
16:52:53.0658 0x1308 LSI_FC - ok
16:52:53.0674 0x1308 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
16:52:53.0681 0x1308 LSI_SAS - ok
16:52:53.0687 0x1308 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:52:53.0691 0x1308 LSI_SAS2 - ok
16:52:53.0701 0x1308 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:52:53.0705 0x1308 LSI_SCSI - ok
16:52:53.0721 0x1308 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
16:52:53.0725 0x1308 luafv - ok
16:52:53.0776 0x1308 [ 78BFF5425E044086E74E78650A359FBB, 294738C10F3ED933D4EC40EA0659372FCF19A3C6D45D356917438CA495F2CB45 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
16:52:53.0779 0x1308 MBAMProtector - ok
16:52:53.0894 0x1308 [ F1A89A34388B5626F1548D393B23ECB1, EA00AC76C4C8C9340753B58A3313C9177A9B98F9F1BDE08F184CD0F53D0C186F ] MBAMService C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
16:52:53.0951 0x1308 MBAMService - ok
16:52:54.0018 0x1308 [ 78488AF2AB2111D67B3C4044707A519B, 7AA71B9C4C7949A1A21F60EF7CCEDE0079794990696B60557B5DC86F4D47223A ] MBAMSwissArmy C:\Windows\system32\drivers\MBAMSwissArmy.sys
16:52:54.0027 0x1308 MBAMSwissArmy - ok
16:52:54.0084 0x1308 [ 452ACB7A9914398D9E18CCCFFCF92208, 754AF45C19731C356E7E84497B04E0333759AC86DC553BA275EFC09845E43E4D ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
16:52:54.0089 0x1308 MBAMWebAccessControl - ok
16:52:54.0132 0x1308 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
16:52:54.0143 0x1308 Mcx2Svc - ok
16:52:54.0162 0x1308 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
16:52:54.0165 0x1308 megasas - ok
16:52:54.0203 0x1308 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
16:52:54.0222 0x1308 MegaSR - ok
16:52:54.0271 0x1308 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
16:52:54.0280 0x1308 MMCSS - ok
16:52:54.0299 0x1308 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
16:52:54.0303 0x1308 Modem - ok
16:52:54.0320 0x1308 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
16:52:54.0322 0x1308 monitor - ok
16:52:54.0357 0x1308 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
16:52:54.0359 0x1308 mouclass - ok
16:52:54.0383 0x1308 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
16:52:54.0387 0x1308 mouhid - ok
16:52:54.0416 0x1308 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
16:52:54.0421 0x1308 mountmgr - ok
16:52:54.0449 0x1308 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
16:52:54.0459 0x1308 mpio - ok
16:52:54.0480 0x1308 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
16:52:54.0485 0x1308 mpsdrv - ok
16:52:54.0552 0x1308 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
16:52:54.0637 0x1308 MpsSvc - ok
16:52:54.0674 0x1308 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
16:52:54.0683 0x1308 MRxDAV - ok
16:52:54.0730 0x1308 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
16:52:54.0740 0x1308 mrxsmb - ok
16:52:54.0778 0x1308 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:52:54.0791 0x1308 mrxsmb10 - ok
16:52:54.0812 0x1308 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:52:54.0819 0x1308 mrxsmb20 - ok
16:52:54.0903 0x1308 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
16:52:54.0908 0x1308 msahci - ok
16:52:54.0928 0x1308 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
16:52:54.0937 0x1308 msdsm - ok
16:52:54.0957 0x1308 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
16:52:54.0966 0x1308 MSDTC - ok
16:52:54.0994 0x1308 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
16:52:54.0997 0x1308 Msfs - ok
16:52:55.0027 0x1308 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
16:52:55.0030 0x1308 mshidkmdf - ok
16:52:55.0047 0x1308 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
16:52:55.0049 0x1308 msisadrv - ok
16:52:55.0093 0x1308 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
16:52:55.0109 0x1308 MSiSCSI - ok
16:52:55.0114 0x1308 msiserver - ok
16:52:55.0156 0x1308 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
16:52:55.0161 0x1308 MSKSSRV - ok
16:52:55.0172 0x1308 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
16:52:55.0174 0x1308 MSPCLOCK - ok
16:52:55.0190 0x1308 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
16:52:55.0192 0x1308 MSPQM - ok
16:52:55.0236 0x1308 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
16:52:55.0252 0x1308 MsRPC - ok
16:52:55.0285 0x1308 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
16:52:55.0286 0x1308 mssmbios - ok
16:52:55.0315 0x1308 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
16:52:55.0318 0x1308 MSTEE - ok
16:52:55.0337 0x1308 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
16:52:55.0340 0x1308 MTConfig - ok
16:52:55.0361 0x1308 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
16:52:55.0365 0x1308 Mup - ok
16:52:55.0397 0x1308 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
16:52:55.0424 0x1308 napagent - ok
16:52:55.0453 0x1308 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
16:52:55.0470 0x1308 NativeWifiP - ok
16:52:55.0562 0x1308 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
16:52:55.0598 0x1308 NDIS - ok
16:52:55.0618 0x1308 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
16:52:55.0621 0x1308 NdisCap - ok
16:52:55.0635 0x1308 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
16:52:55.0637 0x1308 NdisTapi - ok
16:52:55.0667 0x1308 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
16:52:55.0671 0x1308 Ndisuio - ok
16:52:55.0709 0x1308 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
16:52:55.0717 0x1308 NdisWan - ok
16:52:55.0748 0x1308 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
16:52:55.0752 0x1308 NDProxy - ok
16:52:55.0764 0x1308 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
16:52:55.0768 0x1308 NetBIOS - ok
16:52:55.0807 0x1308 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
16:52:55.0827 0x1308 NetBT - ok
16:52:55.0841 0x1308 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\Windows\system32\lsass.exe
16:52:55.0844 0x1308 Netlogon - ok
16:52:55.0903 0x1308 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
16:52:55.0931 0x1308 Netman - ok
16:52:55.0979 0x1308 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:52:56.0012 0x1308 NetMsmqActivator - ok
16:52:56.0046 0x1308 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:52:56.0052 0x1308 NetPipeActivator - ok
16:52:56.0086 0x1308 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
16:52:56.0119 0x1308 netprofm - ok
16:52:56.0135 0x1308 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:52:56.0138 0x1308 NetTcpActivator - ok
16:52:56.0151 0x1308 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:52:56.0154 0x1308 NetTcpPortSharing - ok
16:52:56.0194 0x1308 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
16:52:56.0199 0x1308 nfrd960 - ok
16:52:56.0238 0x1308 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
16:52:56.0279 0x1308 NlaSvc - ok
16:52:56.0294 0x1308 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
16:52:56.0297 0x1308 Npfs - ok
16:52:56.0309 0x1308 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
16:52:56.0314 0x1308 nsi - ok
16:52:56.0322 0x1308 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
16:52:56.0324 0x1308 nsiproxy - ok
16:52:56.0445 0x1308 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
16:52:56.0502 0x1308 Ntfs - ok
16:52:56.0546 0x1308 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
16:52:56.0548 0x1308 Null - ok
16:52:56.0595 0x1308 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
16:52:56.0614 0x1308 nvraid - ok
16:52:56.0635 0x1308 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
16:52:56.0644 0x1308 nvstor - ok
16:52:56.0696 0x1308 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
16:52:56.0703 0x1308 nv_agp - ok
16:52:56.0742 0x1308 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
16:52:56.0749 0x1308 ohci1394 - ok
16:52:56.0791 0x1308 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
16:52:56.0814 0x1308 p2pimsvc - ok
16:52:56.0848 0x1308 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
16:52:56.0874 0x1308 p2psvc - ok
16:52:56.0889 0x1308 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
16:52:56.0894 0x1308 Parport - ok
16:52:56.0920 0x1308 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
16:52:56.0925 0x1308 partmgr - ok
16:52:56.0946 0x1308 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
16:52:56.0959 0x1308 PcaSvc - ok
16:52:57.0037 0x1308 [ 7317A0B550F7AC0223B7070897670476, ABB0A1296BA267467C16CF99383EFCAB1732B07EE5B2494197A26B8432DD0A94 ] PCDSRVC{1E208CE0-FB7451FF-06020101}_0 c:\program files\dell support center\pcdsrvc_x64.pkms
16:52:57.0041 0x1308 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - ok
16:52:57.0078 0x1308 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
16:52:57.0087 0x1308 pci - ok
16:52:57.0132 0x1308 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
16:52:57.0135 0x1308 pciide - ok
16:52:57.0162 0x1308 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
16:52:57.0184 0x1308 pcmcia - ok
16:52:57.0205 0x1308 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
16:52:57.0208 0x1308 pcw - ok
16:52:57.0250 0x1308 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
16:52:57.0295 0x1308 PEAUTH - ok
16:52:57.0644 0x1308 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
16:52:57.0651 0x1308 PerfHost - ok
16:52:57.0729 0x1308 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
16:52:57.0794 0x1308 pla - ok
16:52:57.0859 0x1308 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
16:52:57.0891 0x1308 PlugPlay - ok
16:52:57.0922 0x1308 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
16:52:57.0926 0x1308 PNRPAutoReg - ok
16:52:57.0961 0x1308 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
16:52:57.0977 0x1308 PNRPsvc - ok
16:52:58.0118 0x1308 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
16:52:58.0151 0x1308 PolicyAgent - ok
16:52:58.0213 0x1308 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
16:52:58.0238 0x1308 Power - ok
16:52:58.0267 0x1308 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
16:52:58.0274 0x1308 PptpMiniport - ok
16:52:58.0315 0x1308 [ 4792EF6A10258014AB52EABA8CC43B3F, 7E5C525B4B9DDCB1879F9D37D77DDC20B822294FA2FE1718C091442367F095D2 ] Printer Control C:\Windows\system32\PrintCtrl.exe
16:52:58.0323 0x1308 Printer Control - ok
16:52:58.0350 0x1308 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
16:52:58.0368 0x1308 Processor - ok
16:52:58.0427 0x1308 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
16:52:58.0443 0x1308 ProfSvc - ok
16:52:58.0465 0x1308 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
16:52:58.0468 0x1308 ProtectedStorage - ok
16:52:58.0538 0x1308 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
16:52:58.0546 0x1308 Psched - ok
16:52:58.0581 0x1308 [ 4712CC14E720ECCCC0AA16949D18AAF1, AF0223D118A25CA14EC1AF8A40A793D3CBCBE3576CCACBCD4F9A3D3F10407262 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
16:52:58.0584 0x1308 PxHlpa64 - ok
16:52:58.0664 0x1308 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
16:52:58.0750 0x1308 ql2300 - ok
16:52:58.0770 0x1308 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
16:52:58.0774 0x1308 ql40xx - ok
16:52:58.0815 0x1308 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
16:52:58.0837 0x1308 QWAVE - ok
16:52:58.0852 0x1308 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
16:52:58.0855 0x1308 QWAVEdrv - ok
16:52:58.0870 0x1308 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
16:52:58.0872 0x1308 RasAcd - ok
16:52:58.0893 0x1308 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
16:52:58.0896 0x1308 RasAgileVpn - ok
16:52:58.0916 0x1308 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
16:52:58.0922 0x1308 RasAuto - ok
16:52:58.0965 0x1308 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
16:52:58.0971 0x1308 Rasl2tp - ok
16:52:59.0006 0x1308 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
16:52:59.0031 0x1308 RasMan - ok
16:52:59.0053 0x1308 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
16:52:59.0060 0x1308 RasPppoe - ok
16:52:59.0084 0x1308 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
16:52:59.0090 0x1308 RasSstp - ok
16:52:59.0133 0x1308 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
16:52:59.0158 0x1308 rdbss - ok
16:52:59.0174 0x1308 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
16:52:59.0177 0x1308 rdpbus - ok
16:52:59.0202 0x1308 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
16:52:59.0205 0x1308 RDPCDD - ok
16:52:59.0222 0x1308 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
16:52:59.0225 0x1308 RDPENCDD - ok
16:52:59.0237 0x1308 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
16:52:59.0240 0x1308 RDPREFMP - ok
16:52:59.0299 0x1308 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
16:52:59.0302 0x1308 RdpVideoMiniport - ok
16:52:59.0336 0x1308 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
16:52:59.0353 0x1308 RDPWD - ok
16:52:59.0419 0x1308 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
16:52:59.0436 0x1308 rdyboost - ok
16:52:59.0478 0x1308 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
16:52:59.0487 0x1308 RemoteAccess - ok
16:52:59.0514 0x1308 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
16:52:59.0531 0x1308 RemoteRegistry - ok
16:52:59.0565 0x1308 [ 6FAF5B04BEDC66D300D9D233B2D222F0, 26068A89DC00B8CC5A9CD840C16CA073D4290F25F8CE2CD418EFF0EDF2C6495E ] rimmptsk C:\Windows\system32\DRIVERS\rimmpx64.sys
16:52:59.0587 0x1308 rimmptsk - ok
16:52:59.0617 0x1308 [ E20B1907FC72A3664ECE21E3C20FC63D, 7BB9CD6A90BDBF8AD3B22CBB1E29A240C9302EDEE104283DA2D153E9539104E5 ] rimspci C:\Windows\system32\DRIVERS\rimspe64.sys
16:52:59.0621 0x1308 rimspci - ok
16:52:59.0647 0x1308 [ 67F50C31713106FD1B0F286F86AA2B2E, 8E1CAAA442C749396DBCE63F2A9D1C44AE84C48B8DD7EE400E24AA4AE041495E ] rimsptsk C:\Windows\system32\DRIVERS\rimspx64.sys
16:52:59.0651 0x1308 rimsptsk - ok
16:52:59.0669 0x1308 [ A6DA2B0C8F5BB3F9F5423CFF8D6A02D9, 1841364D1ADC7DFD107AE3533BD8E37AD1E176EE5822D1B354A9E8E865029996 ] risdpcie C:\Windows\system32\DRIVERS\risdpe64.sys
16:52:59.0675 0x1308 risdpcie - ok
16:52:59.0693 0x1308 [ 4D7EF3D46346EC4C58784DB964B365DE, 17AEE03C051998C5B50476AF43A95DC0A90AC08D07CED1172BEB2DD910762E19 ] rismxdp C:\Windows\system32\DRIVERS\rixdpx64.sys
16:52:59.0698 0x1308 rismxdp - ok
16:52:59.0715 0x1308 [ 6A1CD4674505E6791390A1AB71DA1FBE, EC095BFBAA44258975E1538767BB6BFFAA85C63C7F63CB314501F113C8D16208 ] rixdpcie C:\Windows\system32\DRIVERS\rixdpe64.sys
16:52:59.0719 0x1308 rixdpcie - ok
16:52:59.0737 0x1308 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
16:52:59.0746 0x1308 RpcEptMapper - ok
16:52:59.0775 0x1308 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
16:52:59.0780 0x1308 RpcLocator - ok
16:52:59.0833 0x1308 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
16:52:59.0854 0x1308 RpcSs - ok
16:52:59.0917 0x1308 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
16:52:59.0923 0x1308 rspndr - ok
16:52:59.0997 0x1308 [ EE082E06A82FF630351D1E0EBBD3D8D0, 537F1A4108BDA72E8DD271466E7B7FCF39D4D55E4129AB35A409AB7AF2E7D219 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
16:53:00.0010 0x1308 RTL8167 - ok
16:53:00.0024 0x1308 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\Windows\system32\lsass.exe
16:53:00.0029 0x1308 SamSs - ok
16:53:00.0083 0x1308 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
16:53:00.0089 0x1308 sbp2port - ok
16:53:00.0122 0x1308 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
16:53:00.0147 0x1308 SCardSvr - ok
16:53:00.0175 0x1308 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
16:53:00.0179 0x1308 scfilter - ok
16:53:00.0251 0x1308 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
16:53:00.0306 0x1308 Schedule - ok
16:53:00.0341 0x1308 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
16:53:00.0346 0x1308 SCPolicySvc - ok
16:53:00.0389 0x1308 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
16:53:00.0403 0x1308 SDRSVC - ok
16:53:00.0573 0x1308 [ D358E077A0A05D9B12DA22D137EE8464, 7B6493B199DEF411596B1A6F479F57838202B102C3324333B620E212E0AE9053 ] SeaPort C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
16:53:00.0588 0x1308 SeaPort - ok
16:53:00.0615 0x1308 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
16:53:00.0618 0x1308 secdrv - ok
16:53:00.0655 0x1308 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
16:53:00.0660 0x1308 seclogon - ok
16:53:00.0695 0x1308 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\system32\sens.dll
16:53:00.0705 0x1308 SENS - ok
16:53:00.0730 0x1308 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
16:53:00.0739 0x1308 SensrSvc - ok
16:53:00.0757 0x1308 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
16:53:00.0760 0x1308 Serenum - ok
16:53:00.0795 0x1308 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
16:53:00.0801 0x1308 Serial - ok
16:53:00.0832 0x1308 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
16:53:00.0835 0x1308 sermouse - ok
16:53:00.0869 0x1308 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
16:53:00.0881 0x1308 SessionEnv - ok
16:53:00.0914 0x1308 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
16:53:00.0918 0x1308 sffdisk - ok
16:53:00.0928 0x1308 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
16:53:00.0931 0x1308 sffp_mmc - ok
16:53:00.0940 0x1308 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
16:53:00.0943 0x1308 sffp_sd - ok
16:53:00.0947 0x1308 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
16:53:00.0949 0x1308 sfloppy - ok
16:53:01.0060 0x1308 [ 74EC60E20516AAA573BE74F31175270F, 35A68231368DEE46FEF2A4E30BFAAC38F093FC5A362A7491ED38BDE11F0FC356 ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
16:53:01.0132 0x1308 SftService - ok
16:53:01.0169 0x1308 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
16:53:01.0194 0x1308 SharedAccess - ok
16:53:01.0253 0x1308 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:53:01.0284 0x1308 ShellHWDetection - ok
16:53:01.0309 0x1308 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:53:01.0313 0x1308 SiSRaid2 - ok
16:53:01.0328 0x1308 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
16:53:01.0334 0x1308 SiSRaid4 - ok
16:53:01.0368 0x1308 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
16:53:01.0374 0x1308 Smb - ok
16:53:01.0428 0x1308 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
16:53:01.0435 0x1308 SNMPTRAP - ok
16:53:01.0462 0x1308 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
16:53:01.0463 0x1308 spldr - ok
16:53:01.0648 0x1308 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
16:53:01.0698 0x1308 Spooler - ok
16:53:01.0845 0x1308 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
16:53:02.0007 0x1308 sppsvc - ok
16:53:02.0073 0x1308 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
16:53:02.0080 0x1308 sppuinotify - ok
16:53:02.0136 0x1308 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
16:53:02.0172 0x1308 srv - ok
16:53:02.0200 0x1308 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
16:53:02.0225 0x1308 srv2 - ok
16:53:02.0240 0x1308 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
16:53:02.0249 0x1308 srvnet - ok
16:53:02.0283 0x1308 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
16:53:02.0306 0x1308 SSDPSRV - ok
16:53:02.0321 0x1308 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
16:53:02.0330 0x1308 SstpSvc - ok
16:53:02.0456 0x1308 [ DA7702025DFD169B909C4DA3126762CC, 40777941F71D0762C450824A635888D1390307E937EDF13385524569F4602D0A ] STacSV C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\STacSV64.exe
16:53:02.0472 0x1308 STacSV - ok
16:53:02.0507 0x1308 [ C48E0745D33897C7A73394214F2B9B4F, 8E685F0493D3D7377D52D0E5296BA6E9D345E169EB40DAFADFE14432A97CC2AF ] stdflt C:\Windows\system32\DRIVERS\stdflt.sys
16:53:02.0508 0x1308 stdflt - ok
16:53:02.0537 0x1308 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
16:53:02.0541 0x1308 stexstor - ok
16:53:02.0598 0x1308 [ CAF5A9708671B14B9670260735B22C4E, B31F2B500605379BC9531E21E4ACD17EA281FFF25AA4B4D342E14F8F5952D1EC ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
16:53:02.0623 0x1308 STHDA - ok
16:53:02.0672 0x1308 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
16:53:02.0697 0x1308 stisvc - ok
16:53:02.0729 0x1308 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
16:53:02.0730 0x1308 swenum - ok
16:53:02.0830 0x1308 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
16:53:02.0869 0x1308 swprv - ok
16:53:02.0919 0x1308 [ 639B57DC871BE4B86283027FAF1F4E30, BE0DA8E2697D0875E1CFE1FCA933031585343409FB7F550DDDC4DF981B534891 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
16:53:02.0929 0x1308 SynTP - ok
16:53:03.0261 0x1308 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
16:53:03.0342 0x1308 SysMain - ok
16:53:03.0381 0x1308 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:53:03.0387 0x1308 TabletInputService - ok
16:53:03.0426 0x1308 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
16:53:03.0459 0x1308 TapiSrv - ok
16:53:03.0495 0x1308 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
16:53:03.0506 0x1308 TBS - ok
16:53:03.0624 0x1308 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
16:53:03.0703 0x1308 Tcpip - ok
16:53:03.0803 0x1308 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
16:53:03.0836 0x1308 TCPIP6 - ok
16:53:03.0880 0x1308 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
16:53:03.0887 0x1308 tcpipreg - ok
16:53:03.0928 0x1308 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
16:53:03.0931 0x1308 TDPIPE - ok
16:53:03.0965 0x1308 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
16:53:03.0969 0x1308 TDTCP - ok
16:53:04.0011 0x1308 [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
16:53:04.0015 0x1308 tdx - ok
16:53:04.0052 0x1308 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
16:53:04.0056 0x1308 TermDD - ok
16:53:04.0120 0x1308 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
16:53:04.0185 0x1308 TermService - ok
16:53:04.0238 0x1308 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
16:53:04.0247 0x1308 Themes - ok
16:53:04.0280 0x1308 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
16:53:04.0286 0x1308 THREADORDER - ok
16:53:04.0301 0x1308 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
16:53:04.0318 0x1308 TrkWks - ok
16:53:04.0375 0x1308 [ 0C997B061E3C66BD9E927C1288EB1CC7, 3807E9A1BC159B9E8FC0C7CAAD10D7213FF8ED8AD1CEA9EA552B093C81BF624B ] TrueSight C:\Windows\System32\drivers\TrueSight.sys
16:53:04.0379 0x1308 TrueSight - ok
16:53:04.0447 0x1308 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:53:04.0463 0x1308 TrustedInstaller - ok
16:53:04.0494 0x1308 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
16:53:04.0497 0x1308 tssecsrv - ok
16:53:04.0541 0x1308 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
16:53:04.0546 0x1308 TsUsbFlt - ok
16:53:04.0603 0x1308 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
16:53:04.0611 0x1308 tunnel - ok
16:53:04.0646 0x1308 [ 825E7A1F48FB8BCFBA27C178AAB4E275, 94F039917B52BEFFFE383E14A6169AE81B6E79C30BA7DD017A9CFE15708A1605 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys
16:53:04.0648 0x1308 TurboB - ok
16:53:04.0720 0x1308 [ B206BE1174D5964D49A56BB6C4E0524A, 9D7DA11220B69E2EDEA9E55EC0E4CB554DD7F638ABF49B76353CE5A5C75965B8 ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
16:53:04.0726 0x1308 TurboBoost - ok
16:53:04.0752 0x1308 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
16:53:04.0758 0x1308 uagp35 - ok
16:53:04.0805 0x1308 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
16:53:04.0847 0x1308 udfs - ok
16:53:04.0888 0x1308 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
16:53:04.0893 0x1308 UI0Detect - ok
16:53:04.0940 0x1308 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
16:53:04.0947 0x1308 uliagpkx - ok
16:53:05.0005 0x1308 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\drivers\umbus.sys
16:53:05.0009 0x1308 umbus - ok
16:53:05.0024 0x1308 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
16:53:05.0027 0x1308 UmPass - ok
16:53:05.0152 0x1308 [ 765F2DD351BA064F657751D8D75E58C0, 954834FF6F05E065C2BE6CEC22136A0399026BFF9D91BE859E8E047C3ED8267F ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
16:53:05.0233 0x1308 UNS - ok
16:53:05.0261 0x1308 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
16:53:05.0284 0x1308 upnphost - ok
16:53:05.0317 0x1308 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
16:53:05.0325 0x1308 usbccgp - ok
16:53:05.0355 0x1308 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
16:53:05.0361 0x1308 usbcir - ok
16:53:05.0388 0x1308 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
16:53:05.0393 0x1308 usbehci - ok
16:53:05.0431 0x1308 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
16:53:05.0455 0x1308 usbhub - ok
16:53:05.0469 0x1308 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
16:53:05.0472 0x1308 usbohci - ok
16:53:05.0500 0x1308 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
16:53:05.0504 0x1308 usbprint - ok
16:53:05.0540 0x1308 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:53:05.0547 0x1308 USBSTOR - ok
16:53:05.0574 0x1308 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
16:53:05.0578 0x1308 usbuhci - ok
16:53:05.0623 0x1308 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
16:53:05.0640 0x1308 usbvideo - ok
16:53:05.0668 0x1308 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
16:53:05.0674 0x1308 UxSms - ok
16:53:05.0701 0x1308 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\Windows\system32\lsass.exe
16:53:05.0706 0x1308 VaultSvc - ok
16:53:05.0786 0x1308 VBoxAswDrv - ok
16:53:05.0833 0x1308 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
16:53:05.0836 0x1308 vdrvroot - ok
16:53:05.0904 0x1308 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
16:53:05.0963 0x1308 vds - ok
16:53:06.0015 0x1308 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
16:53:06.0018 0x1308 vga - ok
16:53:06.0034 0x1308 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
16:53:06.0038 0x1308 VgaSave - ok
16:53:06.0067 0x1308 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
16:53:06.0082 0x1308 vhdmp - ok
16:53:06.0115 0x1308 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
16:53:06.0119 0x1308 viaide - ok
16:53:06.0156 0x1308 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
16:53:06.0164 0x1308 volmgr - ok
16:53:06.0278 0x1308 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
16:53:06.0306 0x1308 volmgrx - ok
16:53:06.0326 0x1308 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
16:53:06.0334 0x1308 volsnap - ok
16:53:06.0357 0x1308 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
16:53:06.0363 0x1308 vsmraid - ok
16:53:06.0477 0x1308 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
16:53:06.0547 0x1308 VSS - ok
16:53:06.0561 0x1308 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
16:53:06.0563 0x1308 vwifibus - ok
16:53:06.0577 0x1308 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
16:53:06.0582 0x1308 vwififlt - ok
16:53:06.0669 0x1308 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
16:53:06.0699 0x1308 W32Time - ok
16:53:06.0716 0x1308 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
16:53:06.0720 0x1308 WacomPen - ok
16:53:06.0767 0x1308 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
16:53:06.0774 0x1308 WANARP - ok
16:53:06.0792 0x1308 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
16:53:06.0797 0x1308 Wanarpv6 - ok
16:53:06.0885 0x1308 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
16:53:06.0931 0x1308 WatAdminSvc - ok
16:53:07.0067 0x1308 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
16:53:07.0120 0x1308 wbengine - ok
16:53:07.0176 0x1308 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
16:53:07.0206 0x1308 WbioSrvc - ok
16:53:07.0257 0x1308 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
16:53:07.0273 0x1308 wcncsvc - ok
16:53:07.0299 0x1308 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:53:07.0304 0x1308 WcsPlugInService - ok
16:53:07.0334 0x1308 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
16:53:07.0338 0x1308 Wd - ok
16:53:07.0402 0x1308 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
16:53:07.0441 0x1308 Wdf01000 - ok
16:53:07.0453 0x1308 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
16:53:07.0459 0x1308 WdiServiceHost - ok
16:53:07.0464 0x1308 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
16:53:07.0468 0x1308 WdiSystemHost - ok
16:53:07.0500 0x1308 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
16:53:07.0516 0x1308 WebClient - ok
16:53:07.0544 0x1308 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
16:53:07.0560 0x1308 Wecsvc - ok
16:53:07.0578 0x1308 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
16:53:07.0584 0x1308 wercplsupport - ok
16:53:07.0605 0x1308 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
16:53:07.0622 0x1308 WerSvc - ok
16:53:07.0637 0x1308 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
16:53:07.0640 0x1308 WfpLwf - ok
16:53:07.0684 0x1308 [ B14EF15BD757FA488F9C970EEE9C0D35, F27DF2D47E7076786AE7C396583D7A1C56B93E766711066C900964FC7313E794 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
16:53:07.0692 0x1308 WimFltr - ok
16:53:07.0706 0x1308 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
16:53:07.0709 0x1308 WIMMount - ok
16:53:07.0740 0x1308 WinDefend - ok
16:53:07.0756 0x1308 WinHttpAutoProxySvc - ok
16:53:07.0890 0x1308 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
16:53:07.0904 0x1308 Winmgmt - ok
16:53:08.0113 0x1308 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
16:53:08.0184 0x1308 WinRM - ok
16:53:08.0239 0x1308 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
16:53:08.0242 0x1308 WinUsb - ok
16:53:08.0329 0x1308 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
16:53:08.0370 0x1308 Wlansvc - ok
16:53:08.0413 0x1308 [ A96D6C0613DCF84F2D07FAEB75663072, 7CE46EEA173A45517A18B6E325EC7FC6B80823AC50645BFA8BD9BA73FA26E30D ] wltrysvc C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
16:53:08.0416 0x1308 wltrysvc - ok
16:53:08.0468 0x1308 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
16:53:08.0470 0x1308 WmiAcpi - ok
16:53:08.0512 0x1308 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
16:53:08.0520 0x1308 wmiApSrv - ok
16:53:08.0567 0x1308 WMPNetworkSvc - ok
16:53:08.0604 0x1308 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
16:53:08.0612 0x1308 WPCSvc - ok
16:53:08.0643 0x1308 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
16:53:08.0661 0x1308 WPDBusEnum - ok
16:53:08.0695 0x1308 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
16:53:08.0698 0x1308 ws2ifsl - ok
16:53:08.0723 0x1308 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\system32\wscsvc.dll
16:53:08.0734 0x1308 wscsvc - ok
16:53:08.0738 0x1308 WSearch - ok
16:53:08.0936 0x1308 [ 361845875ED8ED13086E7F37265C45DA, A0931DC1E35712036E93BBC3600530C0DA12E94E0D898787C818C526DFF240C2 ] wuauserv C:\Windows\system32\wuaueng.dll
16:53:09.0035 0x1308 wuauserv - ok
16:53:09.0075 0x1308 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
16:53:09.0081 0x1308 WudfPf - ok
16:53:09.0114 0x1308 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
16:53:09.0131 0x1308 WUDFRd - ok
16:53:09.0178 0x1308 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
16:53:09.0201 0x1308 wudfsvc - ok
16:53:09.0249 0x1308 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
16:53:09.0267 0x1308 WwanSvc - ok
16:53:09.0302 0x1308 ================ Scan global ===============================
16:53:09.0340 0x1308 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
16:53:09.0386 0x1308 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
16:53:09.0431 0x1308 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
16:53:09.0476 0x1308 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
16:53:09.0529 0x1308 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
16:53:09.0547 0x1308 [ Global ] - ok
16:53:09.0547 0x1308 ================ Scan MBR ==================================
16:53:09.0568 0x1308 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
16:53:10.0548 0x1308 \Device\Harddisk0\DR0 - ok
16:53:10.0548 0x1308 ================ Scan VBR ==================================
16:53:10.0573 0x1308 [ E487F56E28A9A5F6F191F9E418EE4909 ] \Device\Harddisk0\DR0\Partition1
16:53:10.0581 0x1308 \Device\Harddisk0\DR0\Partition1 - ok
16:53:10.0596 0x1308 [ 83A60E5DE02E69EC7E1B55DBB65A50E5 ] \Device\Harddisk0\DR0\Partition2
16:53:10.0620 0x1308 \Device\Harddisk0\DR0\Partition2 - ok
16:53:10.0621 0x1308 ================ Scan generic autorun ======================
16:53:10.0621 0x1308 SynTPEnh - ok
16:53:10.0717 0x1308 [ 023C55185495F1066F4C7F893658C4ED, 12DB663D56DEE1F54029F02BA68DE52BB6A18E5022DC4AA4435D773125D09A22 ] C:\Program Files\IDT\WDM\sttray64.exe
16:53:10.0763 0x1308 SysTrayApp - ok
16:53:10.0888 0x1308 [ 62481AEC780B08A891A7158997887E84, F713C4BD11DC276CD6C27530DC80C4E3E64A4011EC1AA42C0E4FE003E1B54BC6 ] C:\Program Files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe
16:53:10.0985 0x1308 FreeFallProtection - ok
16:53:11.0304 0x1308 [ D1E2F5381E616AB9A8CF997AC14DDC19, A2A71F78F2F2180DB5F39D54AEA026D766C70AF729C80F3237EA421AA8778713 ] C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe
16:53:11.0473 0x1308 Broadcom Wireless Manager UI - ok
16:53:11.0620 0x1308 [ E5AE6E63005A79FA54859EFB75003A51, A26E6340531858D516A44A5E5443BD6024182DFD27937ED26D8A75002C3FC4AA ] C:\Windows\system32\PrintDisp.exe
16:53:11.0652 0x1308 PrintDisp - ok
16:53:11.0696 0x1308 [ 25107F58D1B8F60D67D1EE95798C0DE8, C3B5205E8818576EBF33E3B9FD8664A498714B823D9128FC1CA0A64F81499263 ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
16:53:11.0703 0x1308 IAStorIcon - ok
16:53:11.0756 0x1308 [ E0D992FF33FF646148028DB6AF744F69, F0450C090CB5F7A75FE602F5FC40479481D425E2B6FEF05C1A88F63AD7083D2C ] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
16:53:11.0770 0x1308 StartCCC - ok
16:53:12.0535 0x1308 [ 1E06B301F4FA22A01B8CC314FC7A7E1C, D8E7DC35BF60FD5A1169BA6C127747D7928758071E37043891C24821F8BFFD19 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
16:53:12.0767 0x1308 AvastUI.exe - ok
16:53:12.0905 0x1308 [ 8E859147CB475BC4301C4643F9B72935, 03EAE639009B9C7FFE4D8C506E9931B52FEBE5ECAF872F782760D478A8FD63F7 ] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe
16:53:12.0928 0x1308 "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" - ok
16:53:12.0985 0x1308 [ 5D61BE7DB55B026A5D61A3EED09D0EAD, D32CC7B31A6F98C60ABC313ABC7D1143681F72DE2BB2604711A0BA20710CAAAE ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
16:53:12.0987 0x1308 swg - ok
16:53:13.0096 0x1308 [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
16:53:13.0154 0x1308 Sidebar - ok
16:53:14.0327 0x1308 [ C4668A2D015BFC941394010662CC21CC, 971712B7C2B12C2931A26B39D7FEB8D1AE0FDF2CEE33A6DE28232DA669CADB16 ] C:\Program Files\CCleaner\CCleaner64.exe
16:53:14.0482 0x1308 CCleaner Monitoring - ok
16:53:14.0502 0x1308 [ 5D61BE7DB55B026A5D61A3EED09D0EAD, D32CC7B31A6F98C60ABC313ABC7D1143681F72DE2BB2604711A0BA20710CAAAE ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
16:53:14.0503 0x1308 swg - ok
16:53:14.0506 0x1308 [ 5D61BE7DB55B026A5D61A3EED09D0EAD, D32CC7B31A6F98C60ABC313ABC7D1143681F72DE2BB2604711A0BA20710CAAAE ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
16:53:14.0507 0x1308 swg - ok
16:53:14.0508 0x1308 Waiting for KSN requests completion. In queue: 79
16:53:15.0508 0x1308 Waiting for KSN requests completion. In queue: 79
16:53:16.0508 0x1308 Waiting for KSN requests completion. In queue: 79
16:53:17.0557 0x1308 AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 11.2.2738.0 ), 0x41000 ( enabled : updated )
16:53:17.0603 0x1308 Win FW state via NFP2: enabled ( trusted )
16:53:20.0446 0x1308 ============================================================
16:53:20.0446 0x1308 Scan finished
16:53:20.0446 0x1308 ============================================================
16:53:20.0448 0x0f40 Detected object count: 0
16:53:20.0448 0x0f40 Actual detected object count: 0
16:55:30.0890 0x0e60 Deinitialize success
 
 
 
 
aswMBAR:
 
16:52:09.0042 0x045c TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
16:52:12.0872 0x045c ============================================================
16:52:12.0872 0x045c Current date / time: 2016/07/16 16:52:12.0872
16:52:12.0872 0x045c SystemInfo:
16:52:12.0872 0x045c
16:52:12.0872 0x045c OS Version: 6.1.7601 ServicePack: 1.0
16:52:12.0872 0x045c Product type: Workstation
16:52:12.0872 0x045c ComputerName: BLUEBEAST
16:52:12.0872 0x045c UserName: Bendlebender
16:52:12.0872 0x045c Windows directory: C:\Windows
16:52:12.0872 0x045c System windows directory: C:\Windows
16:52:12.0872 0x045c Running under WOW64
16:52:12.0872 0x045c Processor architecture: Intel x64
16:52:12.0872 0x045c Number of processors: 4
16:52:12.0872 0x045c Page size: 0x1000
16:52:12.0872 0x045c Boot type: Normal boot
16:52:12.0872 0x045c ============================================================
16:52:13.0892 0x045c KLMD registered as C:\Windows\system32\drivers\67119468.sys
16:52:14.0374 0x045c System UUID: {F92E5231-4EB3-140C-19D1-69F1A9926758}
16:52:15.0011 0x045c Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:52:15.0022 0x045c ============================================================
16:52:15.0022 0x045c \Device\Harddisk0\DR0:
16:52:15.0027 0x045c MBR partitions:
16:52:15.0027 0x045c \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x139C5, BlocksNum 0x1D4C000
16:52:15.0027 0x045c \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D5F9C5, BlocksNum 0x38625E6B
16:52:15.0027 0x045c ============================================================
16:52:15.0056 0x045c C: <-> \Device\Harddisk0\DR0\Partition2
16:52:15.0056 0x045c ============================================================
16:52:15.0056 0x045c Initialize success
16:52:15.0056 0x045c ============================================================
16:52:30.0669 0x1308 ============================================================
16:52:30.0669 0x1308 Scan started
16:52:30.0669 0x1308 Mode: Manual;
16:52:30.0669 0x1308 ============================================================
16:52:30.0669 0x1308 KSN ping started
16:52:34.0838 0x1308 KSN ping finished: true
16:52:35.0340 0x1308 ================ Scan system memory ========================
16:52:35.0340 0x1308 System memory - ok
16:52:35.0341 0x1308 ================ Scan services =============================
16:52:38.0278 0x1308 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
16:52:38.0283 0x1308 1394ohci - ok
16:52:38.0519 0x1308 [ C49C56B35BFC6CDA8D1FDCAD2885568F, 60F80C51928C9332AA1DD50197FAD2A818FDCAE9DCCA07EE85FA1C15ACF8CF2A ] Acceler C:\Windows\system32\DRIVERS\Acceler.sys
16:52:38.0521 0x1308 Acceler - ok
16:52:38.0740 0x1308 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
16:52:38.0806 0x1308 ACPI - ok
16:52:38.0895 0x1308 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
16:52:38.0900 0x1308 AcpiPmi - ok
16:52:39.0447 0x1308 [ 68E7DEA59FDEF410BAF29FDB5B7A6EEF, B808FCF0C30B465A1330E47947B84FC722A3B4C46260E261C54B1EED725A288F ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:52:39.0452 0x1308 AdobeARMservice - ok
16:52:41.0863 0x1308 [ 32B31B696CB8E8F380831DFEB80A67E4, 8C8F6E16F2FB3E8F10569261B7712BBC931A2924B6C27D561E7F828041C4F3E6 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:52:41.0874 0x1308 AdobeFlashPlayerUpdateSvc - ok
16:52:42.0070 0x1308 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
16:52:42.0093 0x1308 adp94xx - ok
16:52:42.0159 0x1308 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
16:52:42.0275 0x1308 adpahci - ok
16:52:42.0288 0x1308 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
16:52:42.0298 0x1308 adpu320 - ok
16:52:42.0330 0x1308 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
16:52:42.0334 0x1308 AeLookupSvc - ok
16:52:42.0483 0x1308 [ A6FB9DB8F1A86861D955FD6975977AE0, 788C6EE50719227D7A9B7F08C8D5E1289FCD0E8AC23A1021A5093D2E8368F696 ] AESTFilters C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe
16:52:42.0487 0x1308 AESTFilters - ok
16:52:42.0569 0x1308 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
16:52:42.0592 0x1308 AFD - ok
16:52:42.0632 0x1308 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
16:52:42.0637 0x1308 agp440 - ok
16:52:42.0673 0x1308 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
16:52:42.0682 0x1308 ALG - ok
16:52:42.0733 0x1308 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
16:52:42.0736 0x1308 aliide - ok
16:52:42.0772 0x1308 [ 388E79AF1C9E4D84A8559FA77F804CF6, 673133C4B4C6703C117897D0038E3F9274BF0328B2FB94458FF8C8B28036A9B9 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
16:52:42.0788 0x1308 AMD External Events Utility - ok
16:52:42.0828 0x1308 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
16:52:42.0833 0x1308 amdide - ok
16:52:42.0862 0x1308 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
16:52:42.0868 0x1308 AmdK8 - ok
16:52:43.0090 0x1308 [ 79A11CB10FF02A8425DABBB040249F7D, A6FA0C94373D0327B13F716B1474D71538EFD1AD730EFEFC4D4FF684DC821454 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
16:52:43.0305 0x1308 amdkmdag - ok
16:52:43.0347 0x1308 [ 6F6D47246FBB0CF65619684A0F89179E, 7DE1618BF8993F7A482A1D43651DDBB78EA8635AE1BD36966EEEC7983F531CA9 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
16:52:43.0352 0x1308 amdkmdap - ok
16:52:43.0369 0x1308 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
16:52:43.0375 0x1308 AmdPPM - ok
16:52:43.0419 0x1308 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
16:52:43.0428 0x1308 amdsata - ok
16:52:43.0447 0x1308 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
16:52:43.0454 0x1308 amdsbs - ok
16:52:43.0466 0x1308 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
16:52:43.0467 0x1308 amdxata - ok
16:52:43.0510 0x1308 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
16:52:43.0515 0x1308 AppID - ok
16:52:43.0549 0x1308 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
16:52:43.0554 0x1308 AppIDSvc - ok
16:52:43.0617 0x1308 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
16:52:43.0623 0x1308 Appinfo - ok
16:52:43.0676 0x1308 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
16:52:43.0681 0x1308 arc - ok
16:52:43.0699 0x1308 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
16:52:43.0705 0x1308 arcsas - ok
16:52:43.0979 0x1308 [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:52:44.0021 0x1308 aspnet_state - ok
16:52:44.0087 0x1308 [ 1694434F5B9AB16772C7A8E2EF9134CA, B84FA624EB6D438BB01AB886AE85FA42BEA46F2E33454C6C4D9078015813CDB5 ] aswHwid C:\Windows\system32\drivers\aswHwid.sys
16:52:44.0090 0x1308 aswHwid - ok
16:52:44.0159 0x1308 [ 786E8BCDFF674068F3C950615FC2E71C, B5803960297F9622F594EC113FF6C89221606FC6B26B02EA6F021BE38AA66794 ] aswKbd C:\Windows\system32\drivers\aswKbd.sys
16:52:44.0161 0x1308 aswKbd - ok
16:52:44.0188 0x1308 [ 33D0DD0471FDF449C81338863FC63978, D5898B51B3BCE43E62D459CE808888085D82A4B9B284F90E3301CEF7C33C03E4 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
16:52:44.0192 0x1308 aswMonFlt - ok
16:52:44.0205 0x1308 [ DF190688D993A3DB227BFB0BB40BD7D4, C7EDA64AE84001089AE2085B8336B7572DEDDCC80EAAA05D73C9C675CAD8C511 ] aswRdr C:\Windows\system32\drivers\aswRdr2.sys
16:52:44.0208 0x1308 aswRdr - ok
16:52:44.0234 0x1308 [ D873455DFA27680585AE238503917DF5, CAD9CBCD24F33FF8E49C77C795F8FE0540243E455A6FC9E3035B8C15C9EEBD6C ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
16:52:44.0240 0x1308 aswRvrt - ok
16:52:44.0445 0x1308 [ A371A06EC8F4830C263D3F5CA5A11B65, 62E55DD439C106184F3AF73198D5CEAB5828A0EE1E30A13C35103B1B57966AB6 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
16:52:44.0464 0x1308 aswSnx - ok
16:52:44.0607 0x1308 [ 6B7F6CE19A16240EE9DE2C528897ED9C, 3B7C24F5B152B408D87DA70B01AD2E744DCB877D46602C0620931FCADB275E17 ] aswSP C:\Windows\system32\drivers\aswSP.sys
16:52:44.0619 0x1308 aswSP - ok
16:52:44.0645 0x1308 [ 3575F9226251DE48E065ED5C384A21EF, 032F53FEEB0BB43F1AD673EE13F507D3A8AC10F78543EA1294C40BAA918ED323 ] aswStm C:\Windows\system32\drivers\aswStm.sys
16:52:44.0648 0x1308 aswStm - ok
16:52:44.0723 0x1308 [ BA4CDCD8C0395E91C38CD2C5CE3E7FA2, EF037C9C62F67C3D4432C86E3F568F62AABF468C792EA75477FCBC8EC8151C29 ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
16:52:44.0745 0x1308 aswVmm - ok
16:52:44.0794 0x1308 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
16:52:44.0797 0x1308 AsyncMac - ok
16:52:44.0843 0x1308 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
16:52:44.0846 0x1308 atapi - ok
16:52:44.0880 0x1308 [ 2D648572BA9A610952FCAFBA1E119C2D, 4CD7E7D3C878DEF8CC18A925EAB1E0E8E8893BE99DA1E1F78FE9AD12EF1C48BC ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
16:52:44.0887 0x1308 AtiHdmiService - ok
16:52:44.0963 0x1308 [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:52:45.0013 0x1308 AudioEndpointBuilder - ok
16:52:45.0061 0x1308 [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv C:\Windows\System32\Audiosrv.dll
16:52:45.0075 0x1308 AudioSrv - ok
16:52:45.0366 0x1308 [ A24AF1F8186B4B69D54DCC4B059CA695, 882338FEF206231B9FD83787A8685A7B69D76A414923B511A8D6A7619CB86F87 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
16:52:45.0373 0x1308 avast! Antivirus - ok
16:52:45.0413 0x1308 AvastVBoxSvc - ok
16:52:45.0459 0x1308 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
16:52:45.0469 0x1308 AxInstSV - ok
16:52:45.0516 0x1308 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
16:52:45.0547 0x1308 b06bdrv - ok
16:52:45.0598 0x1308 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
16:52:45.0622 0x1308 b57nd60a - ok
16:52:45.0661 0x1308 [ 5C0F919666954885D7760DFFE4B29A25, 04E884E3820ED7D179C282BFB9346F1FBE1AE36F13087A422A7530C5902080AC ] BCM42RLY C:\Windows\system32\drivers\BCM42RLY.sys
16:52:45.0663 0x1308 BCM42RLY - ok
16:52:45.0782 0x1308 [ BAB887A2B2786310A966881F074F4A99, ABBB72510BA7B7AA1A0934F3696A5058901932AE55A882B613F56E3C7E7FB0B9 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
16:52:45.0835 0x1308 BCM43XX - ok
16:52:45.0907 0x1308 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
16:52:45.0915 0x1308 BDESVC - ok
16:52:45.0962 0x1308 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
16:52:45.0964 0x1308 Beep - ok
16:52:46.0032 0x1308 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
16:52:46.0102 0x1308 BFE - ok
16:52:46.0171 0x1308 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\system32\qmgr.dll
16:52:46.0198 0x1308 BITS - ok
16:52:46.0308 0x1308 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
16:52:46.0310 0x1308 blbdrive - ok
16:52:46.0345 0x1308 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
16:52:46.0349 0x1308 bowser - ok
16:52:46.0385 0x1308 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:52:46.0388 0x1308 BrFiltLo - ok
16:52:46.0403 0x1308 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:52:46.0405 0x1308 BrFiltUp - ok
16:52:46.0441 0x1308 [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
16:52:46.0447 0x1308 BridgeMP - ok
16:52:46.0506 0x1308 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
16:52:46.0522 0x1308 Browser - ok
16:52:46.0551 0x1308 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
16:52:46.0560 0x1308 Brserid - ok
16:52:46.0576 0x1308 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
16:52:46.0580 0x1308 BrSerWdm - ok
16:52:46.0591 0x1308 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
16:52:46.0594 0x1308 BrUsbMdm - ok
16:52:46.0608 0x1308 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
16:52:46.0611 0x1308 BrUsbSer - ok
16:52:46.0631 0x1308 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
16:52:46.0636 0x1308 BTHMODEM - ok
16:52:46.0684 0x1308 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
16:52:46.0691 0x1308 bthserv - ok
16:52:46.0785 0x1308 [ 58BF7714A312698108A96D0DE2BB6825, 87E0EC24520C9C421AF6A680FEF42E18911AABA373A9F927C5CE77AD50F8196F ] cbVSCService11 C:\Program Files\CobianBackup11Gravity\cbVSCService11.exe
16:52:46.0789 0x1308 cbVSCService11 - ok
16:52:46.0819 0x1308 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
16:52:46.0825 0x1308 cdfs - ok
16:52:46.0886 0x1308 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\drivers\cdrom.sys
16:52:46.0895 0x1308 cdrom - ok
16:52:46.0941 0x1308 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
16:52:46.0948 0x1308 CertPropSvc - ok
16:52:46.0987 0x1308 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
16:52:46.0991 0x1308 circlass - ok
16:52:47.0023 0x1308 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
16:52:47.0047 0x1308 CLFS - ok
16:52:47.0124 0x1308 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:52:47.0133 0x1308 clr_optimization_v2.0.50727_32 - ok
16:52:47.0189 0x1308 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:52:47.0196 0x1308 clr_optimization_v2.0.50727_64 - ok
16:52:47.0276 0x1308 [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:52:47.0337 0x1308 clr_optimization_v4.0.30319_32 - ok
16:52:47.0373 0x1308 [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:52:47.0405 0x1308 clr_optimization_v4.0.30319_64 - ok
16:52:47.0454 0x1308 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
16:52:47.0460 0x1308 CmBatt - ok
16:52:47.0487 0x1308 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
16:52:47.0490 0x1308 cmdide - ok
16:52:47.0573 0x1308 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
16:52:47.0603 0x1308 CNG - ok
16:52:47.0618 0x1308 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
16:52:47.0619 0x1308 Compbatt - ok
16:52:47.0658 0x1308 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
16:52:47.0661 0x1308 CompositeBus - ok
16:52:47.0680 0x1308 COMSysApp - ok
16:52:47.0702 0x1308 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
16:52:47.0705 0x1308 crcdisk - ok
16:52:47.0756 0x1308 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
16:52:47.0773 0x1308 CryptSvc - ok
16:52:47.0804 0x1308 [ ED5CF92396A62F4C15110DCDB5E854D9, CD26216B8B3F558A0466843C8161E86EEDB78E6031E1AC0A00DCDE700A2B6EE2 ] CtClsFlt C:\Windows\system32\DRIVERS\CtClsFlt.sys
16:52:47.0814 0x1308 CtClsFlt - ok
16:52:47.0956 0x1308 [ 80861969541971176E005D2C09DAE851, F82A054DE0425ACB758A3792D902A38D01BE0ADEE933B5878C8F8017C148063A ] DAUpdaterSvc C:\Program Files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
16:52:47.0965 0x1308 DAUpdaterSvc - ok
16:52:48.0020 0x1308 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
16:52:48.0073 0x1308 DcomLaunch - ok
16:52:48.0123 0x1308 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
16:52:48.0147 0x1308 defragsvc - ok
16:52:48.0185 0x1308 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
16:52:48.0193 0x1308 DfsC - ok
16:52:48.0240 0x1308 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
16:52:48.0260 0x1308 Dhcp - ok
16:52:48.0301 0x1308 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
16:52:48.0304 0x1308 discache - ok
16:52:48.0331 0x1308 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
16:52:48.0334 0x1308 Disk - ok
16:52:48.0372 0x1308 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
16:52:48.0404 0x1308 Dnscache - ok
16:52:48.0489 0x1308 [ 0840ABBBDF438691EE65A20040635CBE, F83597ECECFADBA45242B683A19A01ADF84203B016301B64530C7BE8234175E8 ] DockLoginService C:\Program Files\Dell\DellDock\DockLogin.exe
16:52:48.0496 0x1308 DockLoginService - ok
16:52:48.0544 0x1308 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
16:52:48.0558 0x1308 dot3svc - ok
16:52:48.0596 0x1308 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
16:52:48.0612 0x1308 DPS - ok
16:52:48.0646 0x1308 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
16:52:48.0649 0x1308 drmkaud - ok
16:52:48.0719 0x1308 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
16:52:48.0738 0x1308 DXGKrnl - ok
16:52:48.0789 0x1308 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
16:52:48.0799 0x1308 EapHost - ok
16:52:48.0947 0x1308 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
16:52:49.0068 0x1308 ebdrv - ok
16:52:49.0108 0x1308 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\Windows\System32\lsass.exe
16:52:49.0110 0x1308 EFS - ok
16:52:49.0219 0x1308 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
16:52:49.0266 0x1308 ehRecvr - ok
16:52:49.0301 0x1308 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
16:52:49.0309 0x1308 ehSched - ok
16:52:49.0359 0x1308 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
16:52:49.0391 0x1308 elxstor - ok
16:52:49.0431 0x1308 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
16:52:49.0434 0x1308 ErrDev - ok
16:52:49.0487 0x1308 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
16:52:49.0516 0x1308 EventSystem - ok
16:52:49.0535 0x1308 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
16:52:49.0542 0x1308 exfat - ok
16:52:49.0560 0x1308 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
16:52:49.0567 0x1308 fastfat - ok
16:52:49.0632 0x1308 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
16:52:49.0678 0x1308 Fax - ok
16:52:49.0706 0x1308 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
16:52:49.0711 0x1308 fdc - ok
16:52:49.0746 0x1308 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
16:52:49.0751 0x1308 fdPHost - ok
16:52:49.0768 0x1308 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
16:52:49.0773 0x1308 FDResPub - ok
16:52:49.0799 0x1308 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
16:52:49.0803 0x1308 FileInfo - ok
16:52:49.0816 0x1308 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
16:52:49.0819 0x1308 Filetrace - ok
16:52:49.0838 0x1308 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
16:52:49.0842 0x1308 flpydisk - ok
16:52:49.0887 0x1308 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
16:52:49.0908 0x1308 FltMgr - ok
16:52:50.0072 0x1308 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
16:52:50.0143 0x1308 FontCache - ok
16:52:50.0216 0x1308 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:52:50.0218 0x1308 FontCache3.0.0.0 - ok
16:52:50.0237 0x1308 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
16:52:50.0241 0x1308 FsDepends - ok
16:52:50.0274 0x1308 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
16:52:50.0275 0x1308 Fs_Rec - ok
16:52:50.0337 0x1308 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
16:52:50.0353 0x1308 fvevol - ok
16:52:50.0373 0x1308 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
16:52:50.0378 0x1308 gagp30kx - ok
16:52:50.0446 0x1308 [ 551D463E4CCEB5240234DA6718C93A44, 37CE7DFD392A1899FDB1B36163D34E9C005344EABDF7397BEA81447B9F7262D1 ] GameConsoleService C:\Program Files (x86)\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe
16:52:50.0459 0x1308 GameConsoleService - ok
16:52:50.0489 0x1308 [ D3316F6E3C011435F36E3D6E49B3196C, 941DF52BA26603A146ED6B65A696DB87153868ED0469EF9C2EB09AC7E63525B7 ] GoToAssist C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
16:52:50.0492 0x1308 GoToAssist - ok
16:52:50.0584 0x1308 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
16:52:50.0619 0x1308 gpsvc - ok
16:52:50.0721 0x1308 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:52:50.0728 0x1308 gupdate - ok
16:52:50.0795 0x1308 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:52:50.0802 0x1308 gupdatem - ok
16:52:50.0871 0x1308 [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
16:52:50.0887 0x1308 gusvc - ok
16:52:50.0901 0x1308 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
16:52:50.0905 0x1308 hcw85cir - ok
16:52:50.0952 0x1308 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
16:52:50.0958 0x1308 HDAudBus - ok
16:52:51.0006 0x1308 [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
16:52:51.0009 0x1308 HECIx64 - ok
16:52:51.0025 0x1308 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
16:52:51.0029 0x1308 HidBatt - ok
16:52:51.0046 0x1308 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
16:52:51.0052 0x1308 HidBth - ok
16:52:51.0082 0x1308 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
16:52:51.0087 0x1308 HidIr - ok
16:52:51.0117 0x1308 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\System32\hidserv.dll
16:52:51.0123 0x1308 hidserv - ok
16:52:51.0173 0x1308 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\drivers\hidusb.sys
16:52:51.0177 0x1308 HidUsb - ok
16:52:51.0257 0x1308 [ 7FD586369B597798535C098E63818AAC, A87D20E169629C827D19D44DE9F057E608FD1B2615F8613C56CD4234826BC9CF ] hitmanpro37 C:\Windows\system32\drivers\hitmanpro37.sys
16:52:51.0261 0x1308 hitmanpro37 - ok
16:52:51.0297 0x1308 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
16:52:51.0306 0x1308 hkmsvc - ok
16:52:51.0366 0x1308 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:52:51.0381 0x1308 HomeGroupListener - ok
16:52:51.0415 0x1308 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:52:51.0424 0x1308 HomeGroupProvider - ok
16:52:51.0456 0x1308 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
16:52:51.0459 0x1308 HpSAMD - ok
16:52:51.0500 0x1308 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
16:52:51.0541 0x1308 HTTP - ok
16:52:51.0555 0x1308 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
16:52:51.0556 0x1308 hwpolicy - ok
16:52:51.0593 0x1308 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
16:52:51.0600 0x1308 i8042prt - ok
16:52:51.0660 0x1308 [ ABBF174CB394F5C437410A788B7E404A, 95554F675329E7062F0936E4E902FEFF2456CAD95D6C9B60DCC213EF6E4C62D8 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
16:52:51.0672 0x1308 iaStor - ok
16:52:51.0744 0x1308 [ 31A0E93CDF29007D6C6FFFB632F375ED, CA464928E9868B9A09C324DBBC8DA41A01C5C486B43578FC695250D523DE555B ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
16:52:51.0746 0x1308 IAStorDataMgrSvc - ok
16:52:51.0794 0x1308 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
16:52:51.0812 0x1308 iaStorV - ok
16:52:52.0011 0x1308 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:52:52.0058 0x1308 idsvc - ok
16:52:52.0091 0x1308 IEEtwCollectorService - ok
16:52:52.0128 0x1308 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
16:52:52.0133 0x1308 iirsp - ok
16:52:52.0204 0x1308 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
16:52:52.0268 0x1308 IKEEXT - ok
16:52:52.0343 0x1308 [ 4FF8A2082D78255D2EB169F986BCC981, FC3AB8C5845ABBB0CC0C5860281997537B42FF39D873B90F82EF1E8393AF40CF ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
16:52:52.0368 0x1308 Impcd - ok
16:52:52.0418 0x1308 [ FD5EF1D0210CB9C0773BBA7CA360D762, F07BEF8FFF4455FC44964EEB002F87636958810248EB4FD40009C0C97206A5C8 ] InstallFilterService C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe
16:52:52.0421 0x1308 InstallFilterService - ok
16:52:52.0457 0x1308 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
16:52:52.0460 0x1308 intelide - ok
16:52:52.0485 0x1308 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
16:52:52.0488 0x1308 intelppm - ok
16:52:52.0525 0x1308 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
16:52:52.0533 0x1308 IPBusEnum - ok
16:52:52.0570 0x1308 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:52:52.0579 0x1308 IpFilterDriver - ok
16:52:52.0651 0x1308 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
16:52:52.0690 0x1308 iphlpsvc - ok
16:52:52.0715 0x1308 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
16:52:52.0718 0x1308 IPMIDRV - ok
16:52:52.0753 0x1308 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
16:52:52.0761 0x1308 IPNAT - ok
16:52:52.0786 0x1308 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
16:52:52.0789 0x1308 IRENUM - ok
16:52:52.0804 0x1308 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
16:52:52.0807 0x1308 isapnp - ok
16:52:52.0857 0x1308 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
16:52:52.0879 0x1308 iScsiPrt - ok
16:52:53.0030 0x1308 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
16:52:53.0034 0x1308 kbdclass - ok
16:52:53.0076 0x1308 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
16:52:53.0080 0x1308 kbdhid - ok
16:52:53.0094 0x1308 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\Windows\system32\lsass.exe
16:52:53.0100 0x1308 KeyIso - ok
16:52:53.0140 0x1308 [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
16:52:53.0146 0x1308 KSecDD - ok
16:52:53.0180 0x1308 [ 41774FF331F609EF442B7398EE6202B1, AD67DA06A74895C384F4A1F1CF47050DAEE9C6CE8AD12F1A116FC977B6C3A864 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
16:52:53.0188 0x1308 KSecPkg - ok
16:52:53.0201 0x1308 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
16:52:53.0204 0x1308 ksthunk - ok
16:52:53.0242 0x1308 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
16:52:53.0260 0x1308 KtmRm - ok
16:52:53.0348 0x1308 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\System32\srvsvc.dll
16:52:53.0373 0x1308 LanmanServer - ok
16:52:53.0409 0x1308 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:52:53.0433 0x1308 LanmanWorkstation - ok
16:52:53.0452 0x1308 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
16:52:53.0454 0x1308 lltdio - ok
16:52:53.0510 0x1308 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
16:52:53.0535 0x1308 lltdsvc - ok
16:52:53.0556 0x1308 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
16:52:53.0562 0x1308 lmhosts - ok
16:52:53.0609 0x1308 [ 7485FBCEF9136F530953575E2977859D, 5A6A67EE407C6ECE637C2B2AC21259BB86D032E47CE59F77AAF48D687B74CFCB ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
16:52:53.0626 0x1308 LMS - ok
16:52:53.0651 0x1308 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
16:52:53.0658 0x1308 LSI_FC - ok
16:52:53.0674 0x1308 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
16:52:53.0681 0x1308 LSI_SAS - ok
16:52:53.0687 0x1308 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:52:53.0691 0x1308 LSI_SAS2 - ok
16:52:53.0701 0x1308 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:52:53.0705 0x1308 LSI_SCSI - ok
16:52:53.0721 0x1308 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
16:52:53.0725 0x1308 luafv - ok
16:52:53.0776 0x1308 [ 78BFF5425E044086E74E78650A359FBB, 294738C10F3ED933D4EC40EA0659372FCF19A3C6D45D356917438CA495F2CB45 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
16:52:53.0779 0x1308 MBAMProtector - ok
16:52:53.0894 0x1308 [ F1A89A34388B5626F1548D393B23ECB1, EA00AC76C4C8C9340753B58A3313C9177A9B98F9F1BDE08F184CD0F53D0C186F ] MBAMService C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
16:52:53.0951 0x1308 MBAMService - ok
16:52:54.0018 0x1308 [ 78488AF2AB2111D67B3C4044707A519B, 7AA71B9C4C7949A1A21F60EF7CCEDE0079794990696B60557B5DC86F4D47223A ] MBAMSwissArmy C:\Windows\system32\drivers\MBAMSwissArmy.sys
16:52:54.0027 0x1308 MBAMSwissArmy - ok
16:52:54.0084 0x1308 [ 452ACB7A9914398D9E18CCCFFCF92208, 754AF45C19731C356E7E84497B04E0333759AC86DC553BA275EFC09845E43E4D ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
16:52:54.0089 0x1308 MBAMWebAccessControl - ok
16:52:54.0132 0x1308 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
16:52:54.0143 0x1308 Mcx2Svc - ok
16:52:54.0162 0x1308 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
16:52:54.0165 0x1308 megasas - ok
16:52:54.0203 0x1308 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
16:52:54.0222 0x1308 MegaSR - ok
16:52:54.0271 0x1308 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
16:52:54.0280 0x1308 MMCSS - ok
16:52:54.0299 0x1308 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
16:52:54.0303 0x1308 Modem - ok
16:52:54.0320 0x1308 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
16:52:54.0322 0x1308 monitor - ok
16:52:54.0357 0x1308 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
16:52:54.0359 0x1308 mouclass - ok
16:52:54.0383 0x1308 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
16:52:54.0387 0x1308 mouhid - ok
16:52:54.0416 0x1308 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
16:52:54.0421 0x1308 mountmgr - ok
16:52:54.0449 0x1308 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
16:52:54.0459 0x1308 mpio - ok
16:52:54.0480 0x1308 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
16:52:54.0485 0x1308 mpsdrv - ok
16:52:54.0552 0x1308 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
16:52:54.0637 0x1308 MpsSvc - ok
16:52:54.0674 0x1308 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
16:52:54.0683 0x1308 MRxDAV - ok
16:52:54.0730 0x1308 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
16:52:54.0740 0x1308 mrxsmb - ok
16:52:54.0778 0x1308 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:52:54.0791 0x1308 mrxsmb10 - ok
16:52:54.0812 0x1308 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:52:54.0819 0x1308 mrxsmb20 - ok
16:52:54.0903 0x1308 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
16:52:54.0908 0x1308 msahci - ok
16:52:54.0928 0x1308 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
16:52:54.0937 0x1308 msdsm - ok
16:52:54.0957 0x1308 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
16:52:54.0966 0x1308 MSDTC - ok
16:52:54.0994 0x1308 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
16:52:54.0997 0x1308 Msfs - ok
16:52:55.0027 0x1308 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
16:52:55.0030 0x1308 mshidkmdf - ok
16:52:55.0047 0x1308 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
16:52:55.0049 0x1308 msisadrv - ok
16:52:55.0093 0x1308 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
16:52:55.0109 0x1308 MSiSCSI - ok
16:52:55.0114 0x1308 msiserver - ok
16:52:55.0156 0x1308 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
16:52:55.0161 0x1308 MSKSSRV - ok
16:52:55.0172 0x1308 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
16:52:55.0174 0x1308 MSPCLOCK - ok
16:52:55.0190 0x1308 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
16:52:55.0192 0x1308 MSPQM - ok
16:52:55.0236 0x1308 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
16:52:55.0252 0x1308 MsRPC - ok
16:52:55.0285 0x1308 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
16:52:55.0286 0x1308 mssmbios - ok
16:52:55.0315 0x1308 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
16:52:55.0318 0x1308 MSTEE - ok
16:52:55.0337 0x1308 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
16:52:55.0340 0x1308 MTConfig - ok
16:52:55.0361 0x1308 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
16:52:55.0365 0x1308 Mup - ok
16:52:55.0397 0x1308 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
16:52:55.0424 0x1308 napagent - ok
16:52:55.0453 0x1308 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
16:52:55.0470 0x1308 NativeWifiP - ok
16:52:55.0562 0x1308 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
16:52:55.0598 0x1308 NDIS - ok
16:52:55.0618 0x1308 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
16:52:55.0621 0x1308 NdisCap - ok
16:52:55.0635 0x1308 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
16:52:55.0637 0x1308 NdisTapi - ok
16:52:55.0667 0x1308 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
16:52:55.0671 0x1308 Ndisuio - ok
16:52:55.0709 0x1308 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
16:52:55.0717 0x1308 NdisWan - ok
16:52:55.0748 0x1308 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
16:52:55.0752 0x1308 NDProxy - ok
16:52:55.0764 0x1308 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
16:52:55.0768 0x1308 NetBIOS - ok
16:52:55.0807 0x1308 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
16:52:55.0827 0x1308 NetBT - ok
16:52:55.0841 0x1308 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\Windows\system32\lsass.exe
16:52:55.0844 0x1308 Netlogon - ok
16:52:55.0903 0x1308 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
16:52:55.0931 0x1308 Netman - ok
16:52:55.0979 0x1308 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:52:56.0012 0x1308 NetMsmqActivator - ok
16:52:56.0046 0x1308 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:52:56.0052 0x1308 NetPipeActivator - ok
16:52:56.0086 0x1308 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
16:52:56.0119 0x1308 netprofm - ok
16:52:56.0135 0x1308 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:52:56.0138 0x1308 NetTcpActivator - ok
16:52:56.0151 0x1308 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:52:56.0154 0x1308 NetTcpPortSharing - ok
16:52:56.0194 0x1308 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
16:52:56.0199 0x1308 nfrd960 - ok
16:52:56.0238 0x1308 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
16:52:56.0279 0x1308 NlaSvc - ok
16:52:56.0294 0x1308 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
16:52:56.0297 0x1308 Npfs - ok
16:52:56.0309 0x1308 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
16:52:56.0314 0x1308 nsi - ok
16:52:56.0322 0x1308 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
16:52:56.0324 0x1308 nsiproxy - ok
16:52:56.0445 0x1308 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
16:52:56.0502 0x1308 Ntfs - ok
16:52:56.0546 0x1308 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
16:52:56.0548 0x1308 Null - ok
16:52:56.0595 0x1308 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
16:52:56.0614 0x1308 nvraid - ok
16:52:56.0635 0x1308 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
16:52:56.0644 0x1308 nvstor - ok
16:52:56.0696 0x1308 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
16:52:56.0703 0x1308 nv_agp - ok
16:52:56.0742 0x1308 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
16:52:56.0749 0x1308 ohci1394 - ok
16:52:56.0791 0x1308 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
16:52:56.0814 0x1308 p2pimsvc - ok
16:52:56.0848 0x1308 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
16:52:56.0874 0x1308 p2psvc - ok
16:52:56.0889 0x1308 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
16:52:56.0894 0x1308 Parport - ok
16:52:56.0920 0x1308 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
16:52:56.0925 0x1308 partmgr - ok
16:52:56.0946 0x1308 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
16:52:56.0959 0x1308 PcaSvc - ok
16:52:57.0037 0x1308 [ 7317A0B550F7AC0223B7070897670476, ABB0A1296BA267467C16CF99383EFCAB1732B07EE5B2494197A26B8432DD0A94 ] PCDSRVC{1E208CE0-FB7451FF-06020101}_0 c:\program files\dell support center\pcdsrvc_x64.pkms
16:52:57.0041 0x1308 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - ok
16:52:57.0078 0x1308 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
16:52:57.0087 0x1308 pci - ok
16:52:57.0132 0x1308 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
16:52:57.0135 0x1308 pciide - ok
16:52:57.0162 0x1308 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
16:52:57.0184 0x1308 pcmcia - ok
16:52:57.0205 0x1308 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
16:52:57.0208 0x1308 pcw - ok
16:52:57.0250 0x1308 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
16:52:57.0295 0x1308 PEAUTH - ok
16:52:57.0644 0x1308 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
16:52:57.0651 0x1308 PerfHost - ok
16:52:57.0729 0x1308 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
16:52:57.0794 0x1308 pla - ok
16:52:57.0859 0x1308 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
16:52:57.0891 0x1308 PlugPlay - ok
16:52:57.0922 0x1308 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
16:52:57.0926 0x1308 PNRPAutoReg - ok
16:52:57.0961 0x1308 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
16:52:57.0977 0x1308 PNRPsvc - ok
16:52:58.0118 0x1308 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
16:52:58.0151 0x1308 PolicyAgent - ok
16:52:58.0213 0x1308 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
16:52:58.0238 0x1308 Power - ok
16:52:58.0267 0x1308 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
16:52:58.0274 0x1308 PptpMiniport - ok
16:52:58.0315 0x1308 [ 4792EF6A10258014AB52EABA8CC43B3F, 7E5C525B4B9DDCB1879F9D37D77DDC20B822294FA2FE1718C091442367F095D2 ] Printer Control C:\Windows\system32\PrintCtrl.exe
16:52:58.0323 0x1308 Printer Control - ok
16:52:58.0350 0x1308 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
16:52:58.0368 0x1308 Processor - ok
16:52:58.0427 0x1308 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
16:52:58.0443 0x1308 ProfSvc - ok
16:52:58.0465 0x1308 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
16:52:58.0468 0x1308 ProtectedStorage - ok
16:52:58.0538 0x1308 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
16:52:58.0546 0x1308 Psched - ok
16:52:58.0581 0x1308 [ 4712CC14E720ECCCC0AA16949D18AAF1, AF0223D118A25CA14EC1AF8A40A793D3CBCBE3576CCACBCD4F9A3D3F10407262 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
16:52:58.0584 0x1308 PxHlpa64 - ok
16:52:58.0664 0x1308 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
16:52:58.0750 0x1308 ql2300 - ok
16:52:58.0770 0x1308 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
16:52:58.0774 0x1308 ql40xx - ok
16:52:58.0815 0x1308 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
16:52:58.0837 0x1308 QWAVE - ok
16:52:58.0852 0x1308 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
16:52:58.0855 0x1308 QWAVEdrv - ok
16:52:58.0870 0x1308 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
16:52:58.0872 0x1308 RasAcd - ok
16:52:58.0893 0x1308 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
16:52:58.0896 0x1308 RasAgileVpn - ok
16:52:58.0916 0x1308 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
16:52:58.0922 0x1308 RasAuto - ok
16:52:58.0965 0x1308 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
16:52:58.0971 0x1308 Rasl2tp - ok
16:52:59.0006 0x1308 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
16:52:59.0031 0x1308 RasMan - ok
16:52:59.0053 0x1308 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
16:52:59.0060 0x1308 RasPppoe - ok
16:52:59.0084 0x1308 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
16:52:59.0090 0x1308 RasSstp - ok
16:52:59.0133 0x1308 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
16:52:59.0158 0x1308 rdbss - ok
16:52:59.0174 0x1308 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
16:52:59.0177 0x1308 rdpbus - ok
16:52:59.0202 0x1308 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
16:52:59.0205 0x1308 RDPCDD - ok
16:52:59.0222 0x1308 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
16:52:59.0225 0x1308 RDPENCDD - ok
16:52:59.0237 0x1308 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
16:52:59.0240 0x1308 RDPREFMP - ok
16:52:59.0299 0x1308 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
16:52:59.0302 0x1308 RdpVideoMiniport - ok
16:52:59.0336 0x1308 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
16:52:59.0353 0x1308 RDPWD - ok
16:52:59.0419 0x1308 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
16:52:59.0436 0x1308 rdyboost - ok
16:52:59.0478 0x1308 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
16:52:59.0487 0x1308 RemoteAccess - ok
16:52:59.0514 0x1308 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
16:52:59.0531 0x1308 RemoteRegistry - ok
16:52:59.0565 0x1308 [ 6FAF5B04BEDC66D300D9D233B2D222F0, 26068A89DC00B8CC5A9CD840C16CA073D4290F25F8CE2CD418EFF0EDF2C6495E ] rimmptsk C:\Windows\system32\DRIVERS\rimmpx64.sys
16:52:59.0587 0x1308 rimmptsk - ok
16:52:59.0617 0x1308 [ E20B1907FC72A3664ECE21E3C20FC63D, 7BB9CD6A90BDBF8AD3B22CBB1E29A240C9302EDEE104283DA2D153E9539104E5 ] rimspci C:\Windows\system32\DRIVERS\rimspe64.sys
16:52:59.0621 0x1308 rimspci - ok
16:52:59.0647 0x1308 [ 67F50C31713106FD1B0F286F86AA2B2E, 8E1CAAA442C749396DBCE63F2A9D1C44AE84C48B8DD7EE400E24AA4AE041495E ] rimsptsk C:\Windows\system32\DRIVERS\rimspx64.sys
16:52:59.0651 0x1308 rimsptsk - ok
16:52:59.0669 0x1308 [ A6DA2B0C8F5BB3F9F5423CFF8D6A02D9, 1841364D1ADC7DFD107AE3533BD8E37AD1E176EE5822D1B354A9E8E865029996 ] risdpcie C:\Windows\system32\DRIVERS\risdpe64.sys
16:52:59.0675 0x1308 risdpcie - ok
16:52:59.0693 0x1308 [ 4D7EF3D46346EC4C58784DB964B365DE, 17AEE03C051998C5B50476AF43A95DC0A90AC08D07CED1172BEB2DD910762E19 ] rismxdp C:\Windows\system32\DRIVERS\rixdpx64.sys
16:52:59.0698 0x1308 rismxdp - ok
16:52:59.0715 0x1308 [ 6A1CD4674505E6791390A1AB71DA1FBE, EC095BFBAA44258975E1538767BB6BFFAA85C63C7F63CB314501F113C8D16208 ] rixdpcie C:\Windows\system32\DRIVERS\rixdpe64.sys
16:52:59.0719 0x1308 rixdpcie - ok
16:52:59.0737 0x1308 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
16:52:59.0746 0x1308 RpcEptMapper - ok
16:52:59.0775 0x1308 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
16:52:59.0780 0x1308 RpcLocator - ok
16:52:59.0833 0x1308 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
16:52:59.0854 0x1308 RpcSs - ok
16:52:59.0917 0x1308 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
16:52:59.0923 0x1308 rspndr - ok
16:52:59.0997 0x1308 [ EE082E06A82FF630351D1E0EBBD3D8D0, 537F1A4108BDA72E8DD271466E7B7FCF39D4D55E4129AB35A409AB7AF2E7D219 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
16:53:00.0010 0x1308 RTL8167 - ok
16:53:00.0024 0x1308 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\Windows\system32\lsass.exe
16:53:00.0029 0x1308 SamSs - ok
16:53:00.0083 0x1308 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
16:53:00.0089 0x1308 sbp2port - ok
16:53:00.0122 0x1308 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
16:53:00.0147 0x1308 SCardSvr - ok
16:53:00.0175 0x1308 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
16:53:00.0179 0x1308 scfilter - ok
16:53:00.0251 0x1308 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
16:53:00.0306 0x1308 Schedule - ok
16:53:00.0341 0x1308 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
16:53:00.0346 0x1308 SCPolicySvc - ok
16:53:00.0389 0x1308 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
16:53:00.0403 0x1308 SDRSVC - ok
16:53:00.0573 0x1308 [ D358E077A0A05D9B12DA22D137EE8464, 7B6493B199DEF411596B1A6F479F57838202B102C3324333B620E212E0AE9053 ] SeaPort C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
16:53:00.0588 0x1308 SeaPort - ok
16:53:00.0615 0x1308 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
16:53:00.0618 0x1308 secdrv - ok
16:53:00.0655 0x1308 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
16:53:00.0660 0x1308 seclogon - ok
16:53:00.0695 0x1308 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\system32\sens.dll
16:53:00.0705 0x1308 SENS - ok
16:53:00.0730 0x1308 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
16:53:00.0739 0x1308 SensrSvc - ok
16:53:00.0757 0x1308 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
16:53:00.0760 0x1308 Serenum - ok
16:53:00.0795 0x1308 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
16:53:00.0801 0x1308 Serial - ok
16:53:00.0832 0x1308 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
16:53:00.0835 0x1308 sermouse - ok
16:53:00.0869 0x1308 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
16:53:00.0881 0x1308 SessionEnv - ok
16:53:00.0914 0x1308 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
16:53:00.0918 0x1308 sffdisk - ok
16:53:00.0928 0x1308 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
16:53:00.0931 0x1308 sffp_mmc - ok
16:53:00.0940 0x1308 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
16:53:00.0943 0x1308 sffp_sd - ok
16:53:00.0947 0x1308 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
16:53:00.0949 0x1308 sfloppy - ok
16:53:01.0060 0x1308 [ 74EC60E20516AAA573BE74F31175270F, 35A68231368DEE46FEF2A4E30BFAAC38F093FC5A362A7491ED38BDE11F0FC356 ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
16:53:01.0132 0x1308 SftService - ok
16:53:01.0169 0x1308 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
16:53:01.0194 0x1308 SharedAccess - ok
16:53:01.0253 0x1308 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:53:01.0284 0x1308 ShellHWDetection - ok
16:53:01.0309 0x1308 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:53:01.0313 0x1308 SiSRaid2 - ok
16:53:01.0328 0x1308 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
16:53:01.0334 0x1308 SiSRaid4 - ok
16:53:01.0368 0x1308 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
16:53:01.0374 0x1308 Smb - ok
16:53:01.0428 0x1308 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
16:53:01.0435 0x1308 SNMPTRAP - ok
16:53:01.0462 0x1308 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
16:53:01.0463 0x1308 spldr - ok
16:53:01.0648 0x1308 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
16:53:01.0698 0x1308 Spooler - ok
16:53:01.0845 0x1308 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
16:53:02.0007 0x1308 sppsvc - ok
16:53:02.0073 0x1308 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
16:53:02.0080 0x1308 sppuinotify - ok
16:53:02.0136 0x1308 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
16:53:02.0172 0x1308 srv - ok
16:53:02.0200 0x1308 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
16:53:02.0225 0x1308 srv2 - ok
16:53:02.0240 0x1308 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
16:53:02.0249 0x1308 srvnet - ok
16:53:02.0283 0x1308 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
16:53:02.0306 0x1308 SSDPSRV - ok
16:53:02.0321 0x1308 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
16:53:02.0330 0x1308 SstpSvc - ok
16:53:02.0456 0x1308 [ DA7702025DFD169B909C4DA3126762CC, 40777941F71D0762C450824A635888D1390307E937EDF13385524569F4602D0A ] STacSV C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\STacSV64.exe
16:53:02.0472 0x1308 STacSV - ok
16:53:02.0507 0x1308 [ C48E0745D33897C7A73394214F2B9B4F, 8E685F0493D3D7377D52D0E5296BA6E9D345E169EB40DAFADFE14432A97CC2AF ] stdflt C:\Windows\system32\DRIVERS\stdflt.sys
16:53:02.0508 0x1308 stdflt - ok
16:53:02.0537 0x1308 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
16:53:02.0541 0x1308 stexstor - ok
16:53:02.0598 0x1308 [ CAF5A9708671B14B9670260735B22C4E, B31F2B500605379BC9531E21E4ACD17EA281FFF25AA4B4D342E14F8F5952D1EC ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
16:53:02.0623 0x1308 STHDA - ok
16:53:02.0672 0x1308 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
16:53:02.0697 0x1308 stisvc - ok
16:53:02.0729 0x1308 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
16:53:02.0730 0x1308 swenum - ok
16:53:02.0830 0x1308 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
16:53:02.0869 0x1308 swprv - ok
16:53:02.0919 0x1308 [ 639B57DC871BE4B86283027FAF1F4E30, BE0DA8E2697D0875E1CFE1FCA933031585343409FB7F550DDDC4DF981B534891 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
16:53:02.0929 0x1308 SynTP - ok
16:53:03.0261 0x1308 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
16:53:03.0342 0x1308 SysMain - ok
16:53:03.0381 0x1308 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:53:03.0387 0x1308 TabletInputService - ok
16:53:03.0426 0x1308 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
16:53:03.0459 0x1308 TapiSrv - ok
16:53:03.0495 0x1308 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
16:53:03.0506 0x1308 TBS - ok
16:53:03.0624 0x1308 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
16:53:03.0703 0x1308 Tcpip - ok
16:53:03.0803 0x1308 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
16:53:03.0836 0x1308 TCPIP6 - ok
16:53:03.0880 0x1308 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
16:53:03.0887 0x1308 tcpipreg - ok
16:53:03.0928 0x1308 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
16:53:03.0931 0x1308 TDPIPE - ok
16:53:03.0965 0x1308 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
16:53:03.0969 0x1308 TDTCP - ok
16:53:04.0011 0x1308 [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
16:53:04.0015 0x1308 tdx - ok
16:53:04.0052 0x1308 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
16:53:04.0056 0x1308 TermDD - ok
16:53:04.0120 0x1308 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
16:53:04.0185 0x1308 TermService - ok
16:53:04.0238 0x1308 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
16:53:04.0247 0x1308 Themes - ok
16:53:04.0280 0x1308 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
16:53:04.0286 0x1308 THREADORDER - ok
16:53:04.0301 0x1308 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
16:53:04.0318 0x1308 TrkWks - ok
16:53:04.0375 0x1308 [ 0C997B061E3C66BD9E927C1288EB1CC7, 3807E9A1BC159B9E8FC0C7CAAD10D7213FF8ED8AD1CEA9EA552B093C81BF624B ] TrueSight C:\Windows\System32\drivers\TrueSight.sys
16:53:04.0379 0x1308 TrueSight - ok
16:53:04.0447 0x1308 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:53:04.0463 0x1308 TrustedInstaller - ok
16:53:04.0494 0x1308 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
16:53:04.0497 0x1308 tssecsrv - ok
16:53:04.0541 0x1308 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
16:53:04.0546 0x1308 TsUsbFlt - ok
16:53:04.0603 0x1308 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
16:53:04.0611 0x1308 tunnel - ok
16:53:04.0646 0x1308 [ 825E7A1F48FB8BCFBA27C178AAB4E275, 94F039917B52BEFFFE383E14A6169AE81B6E79C30BA7DD017A9CFE15708A1605 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys
16:53:04.0648 0x1308 TurboB - ok
16:53:04.0720 0x1308 [ B206BE1174D5964D49A56BB6C4E0524A, 9D7DA11220B69E2EDEA9E55EC0E4CB554DD7F638ABF49B76353CE5A5C75965B8 ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
16:53:04.0726 0x1308 TurboBoost - ok
16:53:04.0752 0x1308 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
16:53:04.0758 0x1308 uagp35 - ok
16:53:04.0805 0x1308 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
16:53:04.0847 0x1308 udfs - ok
16:53:04.0888 0x1308 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
16:53:04.0893 0x1308 UI0Detect - ok
16:53:04.0940 0x1308 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
16:53:04.0947 0x1308 uliagpkx - ok
16:53:05.0005 0x1308 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\drivers\umbus.sys
16:53:05.0009 0x1308 umbus - ok
16:53:05.0024 0x1308 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
16:53:05.0027 0x1308 UmPass - ok
16:53:05.0152 0x1308 [ 765F2DD351BA064F657751D8D75E58C0, 954834FF6F05E065C2BE6CEC22136A0399026BFF9D91BE859E8E047C3ED8267F ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
16:53:05.0233 0x1308 UNS - ok
16:53:05.0261 0x1308 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
16:53:05.0284 0x1308 upnphost - ok
16:53:05.0317 0x1308 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
16:53:05.0325 0x1308 usbccgp - ok
16:53:05.0355 0x1308 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
16:53:05.0361 0x1308 usbcir - ok
16:53:05.0388 0x1308 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
16:53:05.0393 0x1308 usbehci - ok
16:53:05.0431 0x1308 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
16:53:05.0455 0x1308 usbhub - ok
16:53:05.0469 0x1308 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
16:53:05.0472 0x1308 usbohci - ok
16:53:05.0500 0x1308 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
16:53:05.0504 0x1308 usbprint - ok
16:53:05.0540 0x1308 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:53:05.0547 0x1308 USBSTOR - ok
16:53:05.0574 0x1308 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
16:53:05.0578 0x1308 usbuhci - ok
16:53:05.0623 0x1308 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
16:53:05.0640 0x1308 usbvideo - ok
16:53:05.0668 0x1308 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
16:53:05.0674 0x1308 UxSms - ok
16:53:05.0701 0x1308 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\Windows\system32\lsass.exe
16:53:05.0706 0x1308 VaultSvc - ok
16:53:05.0786 0x1308 VBoxAswDrv - ok
16:53:05.0833 0x1308 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
16:53:05.0836 0x1308 vdrvroot - ok
16:53:05.0904 0x1308 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
16:53:05.0963 0x1308 vds - ok
16:53:06.0015 0x1308 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
16:53:06.0018 0x1308 vga - ok
16:53:06.0034 0x1308 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
16:53:06.0038 0x1308 VgaSave - ok
16:53:06.0067 0x1308 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
16:53:06.0082 0x1308 vhdmp - ok
16:53:06.0115 0x1308 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
16:53:06.0119 0x1308 viaide - ok
16:53:06.0156 0x1308 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
16:53:06.0164 0x1308 volmgr - ok
16:53:06.0278 0x1308 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
16:53:06.0306 0x1308 volmgrx - ok
16:53:06.0326 0x1308 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
16:53:06.0334 0x1308 volsnap - ok
16:53:06.0357 0x1308 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
16:53:06.0363 0x1308 vsmraid - ok
16:53:06.0477 0x1308 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
16:53:06.0547 0x1308 VSS - ok
16:53:06.0561 0x1308 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
16:53:06.0563 0x1308 vwifibus - ok
16:53:06.0577 0x1308 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
16:53:06.0582 0x1308 vwififlt - ok
16:53:06.0669 0x1308 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
16:53:06.0699 0x1308 W32Time - ok
16:53:06.0716 0x1308 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
16:53:06.0720 0x1308 WacomPen - ok
16:53:06.0767 0x1308 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
16:53:06.0774 0x1308 WANARP - ok
16:53:06.0792 0x1308 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
16:53:06.0797 0x1308 Wanarpv6 - ok
16:53:06.0885 0x1308 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
16:53:06.0931 0x1308 WatAdminSvc - ok
16:53:07.0067 0x1308 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
16:53:07.0120 0x1308 wbengine - ok
16:53:07.0176 0x1308 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
16:53:07.0206 0x1308 WbioSrvc - ok
16:53:07.0257 0x1308 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
16:53:07.0273 0x1308 wcncsvc - ok
16:53:07.0299 0x1308 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:53:07.0304 0x1308 WcsPlugInService - ok
16:53:07.0334 0x1308 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
16:53:07.0338 0x1308 Wd - ok
16:53:07.0402 0x1308 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
16:53:07.0441 0x1308 Wdf01000 - ok
16:53:07.0453 0x1308 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
16:53:07.0459 0x1308 WdiServiceHost - ok
16:53:07.0464 0x1308 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
16:53:07.0468 0x1308 WdiSystemHost - ok
16:53:07.0500 0x1308 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
16:53:07.0516 0x1308 WebClient - ok
16:53:07.0544 0x1308 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
16:53:07.0560 0x1308 Wecsvc - ok
16:53:07.0578 0x1308 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
16:53:07.0584 0x1308 wercplsupport - ok
16:53:07.0605 0x1308 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
16:53:07.0622 0x1308 WerSvc - ok
16:53:07.0637 0x1308 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
16:53:07.0640 0x1308 WfpLwf - ok
16:53:07.0684 0x1308 [ B14EF15BD757FA488F9C970EEE9C0D35, F27DF2D47E7076786AE7C396583D7A1C56B93E766711066C900964FC7313E794 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
16:53:07.0692 0x1308 WimFltr - ok
16:53:07.0706 0x1308 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
16:53:07.0709 0x1308 WIMMount - ok
16:53:07.0740 0x1308 WinDefend - ok
16:53:07.0756 0x1308 WinHttpAutoProxySvc - ok
16:53:07.0890 0x1308 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
16:53:07.0904 0x1308 Winmgmt - ok
16:53:08.0113 0x1308 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
16:53:08.0184 0x1308 WinRM - ok
16:53:08.0239 0x1308 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
16:53:08.0242 0x1308 WinUsb - ok
16:53:08.0329 0x1308 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
16:53:08.0370 0x1308 Wlansvc - ok
16:53:08.0413 0x1308 [ A96D6C0613DCF84F2D07FAEB75663072, 7CE46EEA173A45517A18B6E325EC7FC6B80823AC50645BFA8BD9BA73FA26E30D ] wltrysvc C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
16:53:08.0416 0x1308 wltrysvc - ok
16:53:08.0468 0x1308 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
16:53:08.0470 0x1308 WmiAcpi - ok
16:53:08.0512 0x1308 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
16:53:08.0520 0x1308 wmiApSrv - ok
16:53:08.0567 0x1308 WMPNetworkSvc - ok
16:53:08.0604 0x1308 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
16:53:08.0612 0x1308 WPCSvc - ok
16:53:08.0643 0x1308 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
16:53:08.0661 0x1308 WPDBusEnum - ok
16:53:08.0695 0x1308 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
16:53:08.0698 0x1308 ws2ifsl - ok
16:53:08.0723 0x1308 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\system32\wscsvc.dll
16:53:08.0734 0x1308 wscsvc - ok
16:53:08.0738 0x1308 WSearch - ok
16:53:08.0936 0x1308 [ 361845875ED8ED13086E7F37265C45DA, A0931DC1E35712036E93BBC3600530C0DA12E94E0D898787C818C526DFF240C2 ] wuauserv C:\Windows\system32\wuaueng.dll
16:53:09.0035 0x1308 wuauserv - ok
16:53:09.0075 0x1308 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
16:53:09.0081 0x1308 WudfPf - ok
16:53:09.0114 0x1308 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
16:53:09.0131 0x1308 WUDFRd - ok
16:53:09.0178 0x1308 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
16:53:09.0201 0x1308 wudfsvc - ok
16:53:09.0249 0x1308 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
16:53:09.0267 0x1308 WwanSvc - ok
16:53:09.0302 0x1308 ================ Scan global ===============================
16:53:09.0340 0x1308 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
16:53:09.0386 0x1308 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
16:53:09.0431 0x1308 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
16:53:09.0476 0x1308 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
16:53:09.0529 0x1308 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
16:53:09.0547 0x1308 [ Global ] - ok
16:53:09.0547 0x1308 ================ Scan MBR ==================================
16:53:09.0568 0x1308 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
16:53:10.0548 0x1308 \Device\Harddisk0\DR0 - ok
16:53:10.0548 0x1308 ================ Scan VBR ==================================
16:53:10.0573 0x1308 [ E487F56E28A9A5F6F191F9E418EE4909 ] \Device\Harddisk0\DR0\Partition1
16:53:10.0581 0x1308 \Device\Harddisk0\DR0\Partition1 - ok
16:53:10.0596 0x1308 [ 83A60E5DE02E69EC7E1B55DBB65A50E5 ] \Device\Harddisk0\DR0\Partition2
16:53:10.0620 0x1308 \Device\Harddisk0\DR0\Partition2 - ok
16:53:10.0621 0x1308 ================ Scan generic autorun ======================
16:53:10.0621 0x1308 SynTPEnh - ok
16:53:10.0717 0x1308 [ 023C55185495F1066F4C7F893658C4ED, 12DB663D56DEE1F54029F02BA68DE52BB6A18E5022DC4AA4435D773125D09A22 ] C:\Program Files\IDT\WDM\sttray64.exe
16:53:10.0763 0x1308 SysTrayApp - ok
16:53:10.0888 0x1308 [ 62481AEC780B08A891A7158997887E84, F713C4BD11DC276CD6C27530DC80C4E3E64A4011EC1AA42C0E4FE003E1B54BC6 ] C:\Program Files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe
16:53:10.0985 0x1308 FreeFallProtection - ok
16:53:11.0304 0x1308 [ D1E2F5381E616AB9A8CF997AC14DDC19, A2A71F78F2F2180DB5F39D54AEA026D766C70AF729C80F3237EA421AA8778713 ] C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe
16:53:11.0473 0x1308 Broadcom Wireless Manager UI - ok
16:53:11.0620 0x1308 [ E5AE6E63005A79FA54859EFB75003A51, A26E6340531858D516A44A5E5443BD6024182DFD27937ED26D8A75002C3FC4AA ] C:\Windows\system32\PrintDisp.exe
16:53:11.0652 0x1308 PrintDisp - ok
16:53:11.0696 0x1308 [ 25107F58D1B8F60D67D1EE95798C0DE8, C3B5205E8818576EBF33E3B9FD8664A498714B823D9128FC1CA0A64F81499263 ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
16:53:11.0703 0x1308 IAStorIcon - ok
16:53:11.0756 0x1308 [ E0D992FF33FF646148028DB6AF744F69, F0450C090CB5F7A75FE602F5FC40479481D425E2B6FEF05C1A88F63AD7083D2C ] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
16:53:11.0770 0x1308 StartCCC - ok
16:53:12.0535 0x1308 [ 1E06B301F4FA22A01B8CC314FC7A7E1C, D8E7DC35BF60FD5A1169BA6C127747D7928758071E37043891C24821F8BFFD19 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
16:53:12.0767 0x1308 AvastUI.exe - ok
16:53:12.0905 0x1308 [ 8E859147CB475BC4301C4643F9B72935, 03EAE639009B9C7FFE4D8C506E9931B52FEBE5ECAF872F782760D478A8FD63F7 ] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe
16:53:12.0928 0x1308 "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" - ok
16:53:12.0985 0x1308 [ 5D61BE7DB55B026A5D61A3EED09D0EAD, D32CC7B31A6F98C60ABC313ABC7D1143681F72DE2BB2604711A0BA20710CAAAE ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
16:53:12.0987 0x1308 swg - ok
16:53:13.0096 0x1308 [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
16:53:13.0154 0x1308 Sidebar - ok
16:53:14.0327 0x1308 [ C4668A2D015BFC941394010662CC21CC, 971712B7C2B12C2931A26B39D7FEB8D1AE0FDF2CEE33A6DE28232DA669CADB16 ] C:\Program Files\CCleaner\CCleaner64.exe
16:53:14.0482 0x1308 CCleaner Monitoring - ok
16:53:14.0502 0x1308 [ 5D61BE7DB55B026A5D61A3EED09D0EAD, D32CC7B31A6F98C60ABC313ABC7D1143681F72DE2BB2604711A0BA20710CAAAE ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
16:53:14.0503 0x1308 swg - ok
16:53:14.0506 0x1308 [ 5D61BE7DB55B026A5D61A3EED09D0EAD, D32CC7B31A6F98C60ABC313ABC7D1143681F72DE2BB2604711A0BA20710CAAAE ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
16:53:14.0507 0x1308 swg - ok
16:53:14.0508 0x1308 Waiting for KSN requests completion. In queue: 79
16:53:15.0508 0x1308 Waiting for KSN requests completion. In queue: 79
16:53:16.0508 0x1308 Waiting for KSN requests completion. In queue: 79
16:53:17.0557 0x1308 AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 11.2.2738.0 ), 0x41000 ( enabled : updated )
16:53:17.0603 0x1308 Win FW state via NFP2: enabled ( trusted )
16:53:20.0446 0x1308 ============================================================
16:53:20.0446 0x1308 Scan finished
16:53:20.0446 0x1308 ============================================================
16:53:20.0448 0x0f40 Detected object count: 0
16:53:20.0448 0x0f40 Actual detected object count: 0
16:55:30.0890 0x0e60 Deinitialize success

 

Can't figure out how to attach the ZIP in this forum, however.



#15 nasdaq

nasdaq

  • Malware Response Team
  • 39,256 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:06:53 AM

Posted 18 July 2016 - 07:03 AM

You have posted the TDSS log twice.

Please post the aswMBAR log.

To attach a file click the "More Reply Option" in the bottom right corner of the reply topic.

Browse and choose the file.
Click the Attach button.

Post the log.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users