Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows 10 Pro svchost.exe virus?? multiple DAILY BSOD and wifi disabling


  • This topic is locked This topic is locked
7 replies to this topic

#1 crunkkcar

crunkkcar

  • Members
  • 56 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:01:29 PM

Posted 05 December 2016 - 04:15 PM

Hello.. I seem to always have svchost.exe sucking up my CPU's and memory all the time and now I have been having recurring BSODs (like 5x a day)  and there are a lot of critical errors happening all the time on my system as well. Also my wifi adapter is constantly going in and out of being "enabled" or "disabled" constantly having to switch a setting/mode of the adapter to get it to work and my computer keeps getting those BSODs only when I am actively browsing the internet (i think) AND when I click "start scan" on TDSSKiller. It's lunch time where I am now and I've already had 2 BSODs today maybe 3. Help. 

 

I already posted in the " Windows Crashes, BSOD, and Hangs Help and Support" forum and was told to check my UEFI/BIOS windows updates manually, which I have and I am all up to date, and to post in this forum for more assistance. Here is a link to the response I rec'd from that forum post https://www.bleepingcomputer.com/forums/t/633805/lots-of-bsods/?p=4132743



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:29 PM

Posted 06 December 2016 - 12:01 PM

After closing all those AV's run these. You only need one active AV program.

 

3Al62Pm.pngMiniToolBox

  • Please download MiniToolBox, save it to your desktop and run it.
  • Checkmark the following checkboxes:
    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP configuration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

SXvL3ZF.pngTDSSKiller


  • Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is required, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.

zcMPezJ.pngAdwCleaner


  • Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool. Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

lv0mVRW.pngJunkware Removal Tool


  • Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

cvMlKv6.pngESET Online Scanner


  • Click here to download the installer for ESET Online Scanner and save it to your Desktop.
  • Disable all your antivirus and antimalware software - see how to do that here.
  • Right click on esetsmartinstaller_enu.exe and select Run as Administrator.
  • Place a checkmark in YES, I accept the Terms of Use, then click Start. Wait for ESET Online Scanner to load its components.
  • Select Enable detection of potentially unwanted applications.
  • Click Advanced Settings, then place a checkmark in the following:
    • Remove found threats
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Click Start to begin scanning.
  • ESET Online Scanner will start downloading signatures and scan. Please be patient, as this scan can take quite some time.
  • When the scan is done, click List threats (only available if ESET Online Scanner found something).
  • Click Export, then save the file to your desktop.
  • Click Back, then Finish to exit ESET Online Scanner.

Edited by boopme, 06 December 2016 - 12:02 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 crunkkcar

crunkkcar
  • Topic Starter

  • Members
  • 56 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:01:29 PM

Posted 07 December 2016 - 12:20 AM

MiniToolBox by Farbar  Version: 17-06-2016
Ran by Ashley (administrator) on 06-12-2016 at 21:16:06
Running from "C:\Users\Ashley\Desktop"
Microsoft Windows 10 Pro  (X64)
Model: XPS 12-9Q33 Manufacturer: Dell Inc.
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
========================= IP Configuration: ================================
 
Intel® Dual Band Wireless-AC 7260 = Wi-Fi (Connected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Hardware not present)
Kaspersky Security Data Escort Adapter = Ethernet (Hardware not present)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : AshleyXPS
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
 
Wireless LAN adapter Local Area Connection* 2:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
   Physical Address. . . . . . . . . : 5C-51-4F-E9-C3-0D
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Local Area Connection* 12:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Hosted Network Virtual Adapter
   Physical Address. . . . . . . . . : 5E-51-4F-E9-C3-0C
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Wi-Fi:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Intel® Dual Band Wireless-AC 7260
   Physical Address. . . . . . . . . : 5C-51-4F-E9-C3-0C
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2601:644:8101:aae0:6d63:a2e3:a22b:f76f(Preferred) 
   Temporary IPv6 Address. . . . . . : 2601:644:8101:aae0:6085:b495:5efe:4b(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::6d63:a2e3:a22b:f76f%17(Preferred) 
   IPv4 Address. . . . . . . . . . . : 10.0.0.11(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Tuesday, December 6, 2016 9:09:00 PM
   Lease Expires . . . . . . . . . . : Tuesday, December 13, 2016 9:16:07 PM
   Default Gateway . . . . . . . . . : fe80::4632:c8ff:fe22:29b9%17
                                       10.0.0.1
   DHCP Server . . . . . . . . . . . : 10.0.0.1
   DHCPv6 IAID . . . . . . . . . . . : 73158991
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1E-5A-15-35-5C-51-4F-E9-C3-0C
   DNS Servers . . . . . . . . . . . : 2001:558:feed::1
                                       2001:558:feed::2
                                       75.75.75.75
                                       75.75.76.76
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6abd:a:f39:f5ff:fff4(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::a:f39:f5ff:fff4%6(Preferred) 
   Default Gateway . . . . . . . . . : 
   DHCPv6 IAID . . . . . . . . . . . : 805306368
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1E-5A-15-35-5C-51-4F-E9-C3-0C
   NetBIOS over Tcpip. . . . . . . . : Disabled
 
Tunnel adapter isatap.{CFDCD440-5B08-418C-A674-BA04DA9A3999}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  cdns01.comcast.net
Address:  2001:558:feed::1
 
DNS request timed out.
    timeout was 2 seconds.
Name:    google.com
Address:  2607:f8b0:4005:805::200e
 
 
Pinging google.com [2607:f8b0:4005:807::200e] with 32 bytes of data:
Request timed out.
Request timed out.
 
Ping statistics for 2607:f8b0:4005:807::200e:
    Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),
Server:  cdns01.comcast.net
Address:  2001:558:feed::1
 
Name:    yahoo.com
Addresses:  2001:4998:c:a06::2:4008
 2001:4998:58:c02::a9
 2001:4998:44:204::a7
 206.190.36.45
 98.139.183.24
 98.138.253.109
 
 
Pinging yahoo.com [2001:4998:44:204::a7] with 32 bytes of data:
Request timed out.
Request timed out.
 
Ping statistics for 2001:4998:44:204::a7:
    Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 10...5c 51 4f e9 c3 0d ......Microsoft Wi-Fi Direct Virtual Adapter
 15...5e 51 4f e9 c3 0c ......Microsoft Hosted Network Virtual Adapter
 17...5c 51 4f e9 c3 0c ......Intel® Dual Band Wireless-AC 7260
  1...........................Software Loopback Interface 1
  6...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 13...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0         10.0.0.1        10.0.0.11     55
         10.0.0.0    255.255.255.0         On-link         10.0.0.11    311
        10.0.0.11  255.255.255.255         On-link         10.0.0.11    311
       10.0.0.255  255.255.255.255         On-link         10.0.0.11    311
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    331
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    331
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    331
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    331
        224.0.0.0        240.0.0.0         On-link         10.0.0.11    311
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    331
  255.255.255.255  255.255.255.255         On-link         10.0.0.11    311
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 17    311 ::/0                     fe80::4632:c8ff:fe22:29b9
  1    331 ::1/128                  On-link
  6    331 2001::/32                On-link
  6    331 2001:0:9d38:6abd:a:f39:f5ff:fff4/128
                                    On-link
 17    311 2601:644:8101:aae0::/60  fe80::4632:c8ff:fe22:29b9
 17    311 2601:644:8101:aae0::/64  On-link
 17    311 2601:644:8101:aae0:6085:b495:5efe:4b/128
                                    On-link
 17    311 2601:644:8101:aae0:6d63:a2e3:a22b:f76f/128
                                    On-link
 17    311 fe80::/64                On-link
  6    331 fe80::/64                On-link
  6    331 fe80::a:f39:f5ff:fff4/128
                                    On-link
 17    311 fe80::6d63:a2e3:a22b:f76f/128
                                    On-link
  1    331 ff00::/8                 On-link
 17    311 ff00::/8                 On-link
  6    331 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\WINDOWS\SysWoW64\napinsp.dll [55808] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\SysWoW64\pnrpnsp.dll [70656] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\SysWoW64\pnrpnsp.dll [70656] (Microsoft Corporation)
Catalog5 04 C:\WINDOWS\SysWoW64\NLAapi.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog5 06 C:\WINDOWS\SysWoW64\winrnr.dll [24064] (Microsoft Corporation)
Catalog5 07 C:\WINDOWS\SysWoW64\wshbth.dll [51712] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128] (Apple Inc.)
Catalog9 01 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 12 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 13 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [67584] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [80896] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [31744] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [62976] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 12 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 13 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (12/06/2016 09:11:54 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
 
Details:
AddWin32ServiceFiles: Unable to back up image of service rpcnetp since QueryServiceConfig API failed
 
System Error:
The system cannot find the file specified.
.
 
Error: (12/06/2016 09:11:54 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
.
 
Error: (12/06/2016 09:09:04 PM) (Source: Application Error) (User: )
Description: Faulting application name: chrome.exe, version: 55.0.2883.75, time stamp: 0x583f4d64
Faulting module name: apphelp.dll, version: 10.0.14393.0, time stamp: 0x578999e1
Exception code: 0xc0000005
Fault offset: 0x000000000003685b
Faulting process id: 0x1630
Faulting application start time: 0xchrome.exe0
Faulting application path: chrome.exe1
Faulting module path: chrome.exe2
Report Id: chrome.exe3
Faulting package full name: chrome.exe4
Faulting package-relative application ID: chrome.exe5
 
Error: (12/06/2016 04:53:21 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: ASHLEYXPS)
Description: Activation of app Microsoft.Getstarted_4.1.15.0_x64__8wekyb3d8bbwe:App.AppX7mv0s3r0wanj0n66dy6vax24ps6avzvz.mca failed with error: -2144927149 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (12/06/2016 04:49:50 PM) (Source: System Restore) (User: )
Description: Failed to create restore point (Process = C:\Users\Ashley\AppData\Local\Temp\jrt\CreateRestorePoint.exe  "JRT Pre-Junkware Removal"; Description = JRT Pre-Junkware Removal; Error = 0x8007043c).
 
Error: (12/06/2016 04:48:43 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: ASHLEYXPS)
Description: Activation of app Microsoft.Getstarted_4.1.15.0_x64__8wekyb3d8bbwe:App.AppX7mv0s3r0wanj0n66dy6vax24ps6avzvz.mca failed with error: -2144927149 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (12/06/2016 04:37:21 PM) (Source: System Restore) (User: )
Description: Failed to create restore point (Process = C:\Users\Ashley\Desktop\mbar\mbar.exe  "C:\Users\Ashley\Desktop\mbar"     ; Description = Malwarebytes Anti-Rootkit Restore Point; Error = 0x8007043c).
 
Error: (12/06/2016 04:37:21 PM) (Source: System Restore) (User: )
Description: Failed to create restore point (Process = C:\Users\Ashley\Desktop\mbar\mbar.exe  "C:\Users\Ashley\Desktop\mbar"     ; Description = Malwarebytes Anti-Rootkit Restore Point; Error = 0x8007043c).
 
Error: (12/06/2016 04:19:04 PM) (Source: .NET Runtime) (User: )
Description: Application: wmiprvse.exe
Framework Version: v4.0.30319
Description: The application requested process termination through System.Environment.FailFast(string message).
Message: Unexpected exception thrown from the provider:
 System.Exception: This service cannot be started in Safe Mode
 
This service cannot be started in Safe Mode
 
   at Windows.Management.Deployment.PackageManager.FindPackagesForUser(String userSecurityId, String packageFamilyName)
   at Microsoft.Uev.ManagedAgentWmi.WinRT.BaseHelpers.IsInstalled(String packageFamilyName)
   at Microsoft.Uev.ManagedAgentWmi.WinRT.Windows8AppListWinRt.GetConfiguredList(Boolean isUserList)
   at Microsoft.Uev.ManagedAgentWmi.MachineConfiguredWindows8App.EnumerateAppPackages()
Stack:
   at System.Environment.FailFast(System.String)
   at WmiNative.WbemProvider.WmiNative.IWbemServices.CreateInstanceEnumAsync(System.String, Int32, WmiNative.IWbemContext, WmiNative.IWbemObjectSink)
 
Error: (12/06/2016 04:19:03 PM) (Source: Microsoft Security Client) (User: )
Description: 0x1ProtectionManagement
 
 
System errors:
=============
Error: (12/06/2016 09:13:14 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: {659CDEA7-489E-11D9-A9CD-000D56965251}
 
Error: (12/06/2016 09:11:14 PM) (Source: DCOM) (User: ASHLEYXPS)
Description: {659CDEA7-489E-11D9-A9CD-000D56965251}
 
Error: (12/06/2016 09:09:08 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalActivation{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}{F72671A9-012C-4725-9D2F-2A4D32D65169}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (12/06/2016 09:08:55 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalActivation{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (12/06/2016 09:08:55 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalActivation{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (12/06/2016 09:08:55 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalActivation{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (12/06/2016 09:08:55 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalActivation{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (12/06/2016 09:08:51 PM) (Source: Service Control Manager) (User: )
Description: The Routing and Remote Access service terminated with the following service-specific error: 
%%11004 = The requested name is valid, but no data of the requested type was found.
 
 
Error: (12/06/2016 09:08:49 PM) (Source: RemoteAccess) (User: )
Description: The currently configured authentication provider failed to load and initialize successfully. The requested name is valid, but no data of the requested type was found.
 
Error: (12/06/2016 09:08:48 PM) (Source: Service Control Manager) (User: )
Description: The WMPNetworkSvc service terminated with the following error: 
%%1008 = An attempt was made to reference a token that does not exist.
 
 
 
Microsoft Office Sessions:
=========================
Error: (12/06/2016 09:11:54 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: 
Details:
AddWin32ServiceFiles: Unable to back up image of service rpcnetp since QueryServiceConfig API failed
 
System Error:
The system cannot find the file specified.
 
Error: (12/06/2016 09:11:54 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
 
Error: (12/06/2016 09:09:04 PM) (Source: Application Error)(User: )
Description: chrome.exe55.0.2883.75583f4d64apphelp.dll10.0.14393.0578999e1c0000005000000000003685b163001d25048079e9719C:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\WINDOWS\system32\apphelp.dll35c120ab-eac2-4e2a-8d26-16ac97662b06
 
Error: (12/06/2016 04:53:21 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: ASHLEYXPS)
Description: Microsoft.Getstarted_4.1.15.0_x64__8wekyb3d8bbwe:App.AppX7mv0s3r0wanj0n66dy6vax24ps6avzvz.mca-2144927149
 
Error: (12/06/2016 04:49:50 PM) (Source: System Restore)(User: )
Description: C:\Users\Ashley\AppData\Local\Temp\jrt\CreateRestorePoint.exe  "JRT Pre-Junkware Removal"JRT Pre-Junkware Removal0x8007043c
 
Error: (12/06/2016 04:48:43 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: ASHLEYXPS)
Description: Microsoft.Getstarted_4.1.15.0_x64__8wekyb3d8bbwe:App.AppX7mv0s3r0wanj0n66dy6vax24ps6avzvz.mca-2144927149
 
Error: (12/06/2016 04:37:21 PM) (Source: System Restore)(User: )
Description: C:\Users\Ashley\Desktop\mbar\mbar.exe  "C:\Users\Ashley\Desktop\mbar"     Malwarebytes Anti-Rootkit Restore Point0x8007043c
 
Error: (12/06/2016 04:37:21 PM) (Source: System Restore)(User: )
Description: C:\Users\Ashley\Desktop\mbar\mbar.exe  "C:\Users\Ashley\Desktop\mbar"     Malwarebytes Anti-Rootkit Restore Point0x8007043c
 
Error: (12/06/2016 04:19:04 PM) (Source: .NET Runtime)(User: )
Description: Application: wmiprvse.exe
Framework Version: v4.0.30319
Description: The application requested process termination through System.Environment.FailFast(string message).
Message: Unexpected exception thrown from the provider:
 System.Exception: This service cannot be started in Safe Mode
 
This service cannot be started in Safe Mode
 
   at Windows.Management.Deployment.PackageManager.FindPackagesForUser(String userSecurityId, String packageFamilyName)
   at Microsoft.Uev.ManagedAgentWmi.WinRT.BaseHelpers.IsInstalled(String packageFamilyName)
   at Microsoft.Uev.ManagedAgentWmi.WinRT.Windows8AppListWinRt.GetConfiguredList(Boolean isUserList)
   at Microsoft.Uev.ManagedAgentWmi.MachineConfiguredWindows8App.EnumerateAppPackages()
Stack:
   at System.Environment.FailFast(System.String)
   at WmiNative.WbemProvider.WmiNative.IWbemServices.CreateInstanceEnumAsync(System.String, Int32, WmiNative.IWbemContext, WmiNative.IWbemObjectSink)
 
Error: (12/06/2016 04:19:03 PM) (Source: Microsoft Security Client)(User: )
Description: 0x1ProtectionManagement
 
 
=========================== Installed Programs ============================
 
. . . (HKLM\...\{DB52A2D0-CAA1-4ED1-B122-29E7EDDE187F}) (Version: 2.1.28.3 - Intel) Hidden
. . . (HKLM-x32\...\{06DA421D-EE23-487D-878F-F0AF97EF69AD}) (Version: 2.6.1.4 - Intel) Hidden
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.8.0.310 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.207 - Adobe Systems Incorporated)
Adobe Illustrator CC 2015.3 (HKLM-x32\...\ILST_20_1_0) (Version: 20.1.0 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.7 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015.5 (HKLM-x32\...\PHSP_17_0_1) (Version: 17.0.1 - Adobe Systems Incorporated)
AOMEI Partition Assistant Standard Edition 6.0 (HKLM-x32\...\{02F850ED-FD0E-4ED1-BE0B-54981f5BD3D4}_is1) (Version:  - AOMEI Technology Co., Ltd.)
Apple Application Support (32-bit) (HKLM-x32\...\{29DB9165-5FC1-48F0-9188-26123F526848}) (Version: 5.0.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{5905C8CF-1C88-4478-A48E-4E458AD1BC7E}) (Version: 5.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{D4D86CB2-2370-4691-8272-3869EDED6C64}) (Version: 10.0.0.18 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Dell Data Vault (HKLM\...\{2E55EEFD-2162-4A7D-9158-EDB0305603A6}) (Version: 4.3.9.0 - Dell Inc.) Hidden
Dell Digital Delivery (HKLM-x32\...\{693A23FB-F28B-4F7A-A720-4C1263F97F43}) (Version: 3.1.1002.0 - Dell Products, LP)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.3.6855.61 - Dell)
Dell SupportAssistAgent (HKLM-x32\...\{27130E51-9555-408B-8134-7BFF54EDE27B}) (Version: 1.3.0.72 - Dell)
Dell System Detect (HKCU\...\58d94f3ce2c27db0) (Version: 7.11.0.6 - Dell)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 19.0.15.2 - Synaptics Incorporated)
Dell Update (HKLM-x32\...\{FE901F1A-B3D5-4BCE-AAFB-694DC51DC522}) (Version: 1.9.5.0 - Dell Inc.)
DriveImage XML (Private Edition) (HKLM-x32\...\{F7E1CA14-B39D-452A-960B-39423DDDD933}) (Version: 2.50.000 - Runtime Software)
Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.3.0 - SEIKO EPSON CORPORATION)
EPSON Printer Finder (HKLM-x32\...\{B8ECD0D3-AE08-4891-B6C7-32F96B75EB6C}) (Version: 1.0.0 - SEIKO EPSON CORPORATION)
EPSON XP-400 Series Printer Uninstall (HKLM\...\EPSON XP-400 Series) (Version:  - SEIKO EPSON Corporation)
Far Manager 3 x64 (HKLM\...\{EA526B11-07F0-4958-9F69-AE8A159383EE}) (Version: 3.0.4774 - Eugene Roshal & Far Group)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.75 - Google Inc.)
Google Drive (HKLM-x32\...\{8696116E-F4C2-4C64-AD7E-FF365E244FA4}) (Version: 1.32.3889.0961 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.31.5 - Google Inc.) Hidden
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.15.281 - SurfRight B.V.)
HP ENVY 5530 series Basic Device Software (HKLM\...\{FE11AA0F-756F-4879-97A0-B1705E2DCABE}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
HP Support Assistant (HKLM-x32\...\{56D27851-B9A6-430F-875A-E2D7A3802C7B}) (Version: 8.3.34.7 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{2B5A1E68-6617-406D-B797-5DAB5B4630B8}) (Version: 12.5.32.37 - HP Inc.)
iCloud (HKLM\...\{4B48E22A-2FB0-4EFA-B99E-954B1E50CD69}) (Version: 5.1.0.34 - Apple Inc.)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4463 - Intel Corporation)
Intel® Visual Fortran Redistributables on IA-32 (HKLM-x32\...\{F4DA0EDD-E9AC-4808-8B64-8FD33C51BD0F}) (Version: 14.0.237 - Intel Corporation)
Intel® Wireless Bluetooth® (HKLM-x32\...\{3920BCB0-23AA-4D0D-93E5-404692DAF9D2}) (Version: 19.00.1621.3340 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{fe2eebd3-ee15-4538-bb19-b627e3f2a911}) (Version: 2.6.1.4 - Intel)
Intel® PROSet/Wireless Software (HKLM-x32\...\{bc883058-299e-461f-8e52-4f1dbb355f86}) (Version: 19.0.1 - Intel Corporation)
Intellisense Lang Pack Mobile Extension SDK 10.0.14393.0 (HKLM-x32\...\{26D23C60-AC47-46E5-8EDF-D19F41CAB666}) (Version: 10.1.14393.33 - Microsoft Corporation) Hidden
iTunes (HKLM\...\{9946A4F7-E0FD-4A33-82D1-06CBFFBBB9F9}) (Version: 12.5.1.21 - Apple Inc.)
Java 8 Update 111 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Kaspersky Secure Connection (HKLM-x32\...\{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Software Updater Beta (HKLM-x32\...\{94C8D443-1D07-4E6D-A9EB-FDBA45A839D8}) (Version: 1.5.2.228 - Kaspersky Lab) Hidden
Kaspersky Software Updater Beta (HKLM-x32\...\InstallWIX_{94C8D443-1D07-4E6D-A9EB-FDBA45A839D8}) (Version: 1.5.2.228 - Kaspersky Lab)
Kaspersky Total Security (HKLM-x32\...\{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab) Hidden
Kaspersky Total Security (HKLM-x32\...\InstallWIX_{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab)
Kits Configuration Installer (HKLM-x32\...\{76825BA0-C536-C284-BAA1-9DB7A2D30D54}) (Version: 10.1.14393.33 - Microsoft) Hidden
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.6965.2105 - Microsoft Corporation)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.6965.2105 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version:  - )
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
NXPProximityInstaller (HKLM-x32\...\NXPProximityInstaller) (Version: 6.5.2.0 - NXP Semiconductors)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.6965.2105 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.6965.2105 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.6965.2105 - Microsoft Corporation) Hidden
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.16.001 - Dell Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7544 - Realtek Semiconductor Corp.)
RogueKiller version 12.8.4.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12.8.4.0 - Adlice Software)
SDK Debuggers (HKLM-x32\...\{F894B529-9F16-1890-3474-0AA0AEAC6D67}) (Version: 10.1.14393.33 - Microsoft Corporation) Hidden
Silhouette Studio (HKLM-x32\...\{3DEA4727-1481-4BEE-AC88-128FB57CAA76}) (Version: 3.8.118 - Silhouette America)
TI Connect™ CE (HKLM-x32\...\{E22A8EDD-B273-443C-B2C1-782AEA6D746E}) (Version: 5.1.1.92 - Texas Instruments Inc.)
Universal CRT Redistributable (HKLM-x32\...\{302A9B8D-5111-6C51-BB99-FF394C4A4255}) (Version: 10.1.14393.33 - Microsoft Corporation) Hidden
WinAppDeploy (HKLM-x32\...\{1182888E-EDC9-05C5-33BD-B61DA5B1F916}) (Version: 10.1.14393.33 - Microsoft Corporation) Hidden
Windows SDK AddOn (HKLM-x32\...\{45D392D2-5956-4646-9CA6-83CBF67507B6}) (Version: 10.1.0.0 - Microsoft Corporation)
Windows Software Development Kit - Windows 10.0.10586.15 (HKLM-x32\...\{28a123e5-1799-4f20-9bd8-7c46f30eb7bf}) (Version: 10.1.10586.15 - Microsoft Corporation)
Windows Software Development Kit - Windows 10.0.10586.212 (HKLM-x32\...\{43d9f43d-c90b-4fdf-9dfe-ecf9990bfa2a}) (Version: 10.1.10586.212 - Microsoft Corporation)
Windows Software Development Kit - Windows 10.0.14393.33 (HKLM-x32\...\{f23f94c5-8bba-4202-85ad-c83d4402cdc1}) (Version: 10.1.14393.33 - Microsoft Corporation)
WinRT Intellisense Desktop - en-us (HKLM-x32\...\{01F53182-F1C8-8A72-5C86-B6612BDD4815}) (Version: 10.1.14393.33 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - Other Languages (HKLM-x32\...\{2AC000E5-E5E6-75B7-7FC2-9ECA8C57CA98}) (Version: 10.1.14393.33 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - en-us (HKLM-x32\...\{6DF5B5E1-A8A0-B617-AADB-31C3709A3C41}) (Version: 10.1.14393.33 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - Other Languages (HKLM-x32\...\{1AAB8359-4433-FF39-D420-0AD429993AD7}) (Version: 10.1.14393.33 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - en-us (HKLM-x32\...\{CB7AC790-0E8B-D6C9-CE1E-655793E7D541}) (Version: 10.1.14393.33 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - Other Languages (HKLM-x32\...\{87775501-5259-6A7C-51A6-71C832DB7ABA}) (Version: 10.1.14393.33 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - en-us (HKLM-x32\...\{CFD0294B-945D-62E4-7959-9B22A160496F}) (Version: 10.1.14393.33 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - Other Languages (HKLM-x32\...\{F75FD5E5-1F33-AE2B-715A-F829F8A8F51D}) (Version: 10.1.14393.33 - Microsoft Corporation) Hidden
WPT Redistributables (HKLM-x32\...\{DD255C7D-9DB3-1857-A39A-0B0EA49420B8}) (Version: 10.1.10586.15 - Microsoft) Hidden
WPTx64 (HKLM-x32\...\{F08D7DBF-B07E-96CC-6EDE-400D2452EF84}) (Version: 10.1.10586.15 - Microsoft) Hidden
 
========================= Memory info: ===================================
 
Percentage of memory in use: 84%
Total physical RAM: 4001.41 MB
Available physical RAM: 639.42 MB
Total Virtual: 9534.34 MB
Available Virtual: 5051.7 MB
 
========================= Partitions: =====================================
 
1 Drive c: (OS) (Fixed) (Total:109.63 GB) (Free:16.58 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\ASHLEYXPS
 
Administrator            Ashley                   DefaultAccount           
Guest                    
 
 
**** End of log ****


#4 crunkkcar

crunkkcar
  • Topic Starter

  • Members
  • 56 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:01:29 PM

Posted 07 December 2016 - 12:25 AM

21:23:36.0243 0x1890  TDSS rootkit removing tool 3.1.0.12 Nov  7 2016 07:10:01
21:23:36.0243 0x1890  UEFI system
21:23:42.0347 0x1890  ============================================================
21:23:42.0347 0x1890  Current date / time: 2016/12/06 21:23:42.0347
21:23:42.0347 0x1890  SystemInfo:
21:23:42.0347 0x1890  
21:23:42.0347 0x1890  OS Version: 10.0.14393 ServicePack: 0.0
21:23:42.0347 0x1890  Product type: Workstation
21:23:42.0347 0x1890  ComputerName: ASHLEYXPS
21:23:42.0347 0x1890  UserName: Ashley
21:23:42.0347 0x1890  Windows directory: C:\WINDOWS
21:23:42.0347 0x1890  System windows directory: C:\WINDOWS
21:23:42.0347 0x1890  Running under WOW64
21:23:42.0347 0x1890  Processor architecture: Intel x64
21:23:42.0347 0x1890  Number of processors: 4
21:23:42.0347 0x1890  Page size: 0x1000
21:23:42.0347 0x1890  Boot type: Normal boot
21:23:42.0347 0x1890  CodeIntegrityOptions = 0x00000001
21:23:42.0347 0x1890  ============================================================
21:23:42.0515 0x1890  KLMD registered as C:\WINDOWS\system32\drivers\12916961.sys
21:23:42.0515 0x1890  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 14393.447, osProperties = 0x19
21:23:42.0742 0x1890  System UUID: {9F1F6E41-6D22-BAE1-F2E9-4B1CFD0EE40F}
21:23:43.0424 0x1890  Drive \Device\Harddisk0\DR0 - Size: 0x1DCF856000 ( 119.24 Gb ), SectorSize: 0x200, Cylinders: 0x3CCE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:23:43.0440 0x1890  ============================================================
21:23:43.0440 0x1890  \Device\Harddisk0\DR0:
21:23:43.0440 0x1890  GPT partitions:
21:23:43.0440 0x1890  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {A9803DCD-62BE-47E2-9ECC-7C1502271C79}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0xFA000
21:23:43.0440 0x1890  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {796BADD3-6BBF-4D9F-B631-466EB71A4965}, UniqueGUID: {3F7FA646-5B54-4F89-9ABC-84FADFAC00FF}, Name: Basic data partition, StartLBA 0xFA800, BlocksNum 0x14000
21:23:43.0440 0x1890  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {16FC321F-2802-4032-B6F2-10F7B6B72641}, Name: Microsoft reserved partition, StartLBA 0x10E800, BlocksNum 0x40000
21:23:43.0440 0x1890  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {38BEB19F-7D2E-43DB-AA65-1850DCB8C99C}, Name: Basic data partition, StartLBA 0x14E800, BlocksNum 0xF5000
21:23:43.0440 0x1890  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {F4E34054-2BC8-4491-9574-C0066DFCFCEC}, Name: Basic data partition, StartLBA 0x243800, BlocksNum 0xDB41B64
21:23:43.0440 0x1890  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {9B4A221E-0D73-49A1-A8C0-F092BFB52D46}, Name: , StartLBA 0xDD85800, BlocksNum 0xF6800
21:23:43.0440 0x1890  \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {D3BFE2DE-3DAF-11DF-BA40-E3A556D89593}, UniqueGUID: {16E959CA-FB03-4CA0-9DD5-11310EE7D6EA}, Name: Basic data partition, StartLBA 0xDE7C000, BlocksNum 0x1000000
21:23:43.0440 0x1890  MBR partitions:
21:23:43.0440 0x1890  ============================================================
21:23:43.0440 0x1890  C: <-> \Device\Harddisk0\DR0\Partition5
21:23:43.0440 0x1890  ============================================================
21:23:43.0440 0x1890  Initialize success
21:23:43.0440 0x1890  ============================================================
21:23:50.0142 0x3b60  ============================================================
21:23:50.0142 0x3b60  Scan started
21:23:50.0142 0x3b60  Mode: Manual; 
21:23:50.0142 0x3b60  ============================================================
21:23:50.0142 0x3b60  KSN ping started
21:23:50.0505 0x3b60  KSN ping finished: true
21:23:51.0621 0x3b60  ================ Scan system memory ========================
21:23:51.0621 0x3b60  System memory - ok
21:23:51.0621 0x3b60  ================ Scan services =============================
21:23:51.0674 0x3b60  1394ohci - ok
21:23:51.0674 0x3b60  26B169BC - ok
21:23:51.0690 0x3b60  [ BEE1682DA217A4AD46C36896769AA580, 4D853D78E459F7BFE4F4217FCAD47CDACFAC19C2F6CF8261FBAA46BDB387FFDC ] 26B169BC6       C:\WINDOWS\system32\drivers\26B169BC6.sys
21:23:51.0706 0x3b60  26B169BC6 - ok
21:23:51.0721 0x3b60  3ware - ok
21:23:51.0721 0x3b60  ACPI - ok
21:23:51.0740 0x3b60  acpials - ok
21:23:51.0743 0x3b60  AcpiDev - ok
21:23:51.0743 0x3b60  acpiex - ok
21:23:51.0743 0x3b60  acpipagr - ok
21:23:51.0759 0x3b60  AcpiPmi - ok
21:23:51.0759 0x3b60  acpitime - ok
21:23:51.0775 0x3b60  [ C92B0A0957ACAD3CEEF502A2CA10ACB8, 78BF46318B69D9479ECDC83446DD8D454AA2A9A9D94B33C5FC68933DB18AFA3B ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:23:51.0775 0x3b60  AdobeARMservice - ok
21:23:51.0806 0x3b60  [ 9BAF21BA600EC4E5FD9A66AD3E4FF5A6, 5E02E5E80557F6EC870EB7CC2DE95169D4225B87A2FE7E796736205F51C15816 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:23:51.0806 0x3b60  AdobeFlashPlayerUpdateSvc - ok
21:23:51.0842 0x3b60  [ 73933F0BBD77436D14959A0BA5DAE3C4, 2EB79868AD9C052EC801E3F44715492E9CE7E5C63B6640BEC31F83FB2DBC0D7D ] AdobeUpdateService C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
21:23:51.0843 0x3b60  AdobeUpdateService - ok
21:23:51.0859 0x3b60  ADP80XX - ok
21:23:51.0859 0x3b60  AFD - ok
21:23:51.0921 0x3b60  [ 021D06851E7AFF5C314039DF813608F3, 081B14840F4AD428B4407AA2E639369A45D174D9507BD107F33FE3A94FB8F8EC ] AGSService      C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
21:23:51.0979 0x3b60  AGSService - ok
21:23:51.0983 0x3b60  ahcache - ok
21:23:51.0983 0x3b60  [ 9A0D0B6B59C51B82C7E3E263CD71B07D, 2E75D09985C30F0D107173DA397EEB51809F2AA3C08C01DD38AF6F70DE881DD3 ] AirModeBtn      C:\WINDOWS\System32\drivers\AirModeBtn.sys
21:23:51.0983 0x3b60  AirModeBtn - ok
21:23:51.0983 0x3b60  AJRouter - ok
21:23:52.0003 0x3b60  ALG - ok
21:23:52.0003 0x3b60  AmdK8 - ok
21:23:52.0003 0x3b60  [ 1820DCCC73278F43169A529C0943CE2A, 057DCB6CEE76E975FFC827FF6418092ADA3030D4D5FB808ABA94B0B965406025 ] amdkmpfd        C:\WINDOWS\system32\drivers\amdkmpfd.sys
21:23:52.0003 0x3b60  amdkmpfd - ok
21:23:52.0024 0x3b60  AmdPPM - ok
21:23:52.0024 0x3b60  amdsata - ok
21:23:52.0024 0x3b60  amdsbs - ok
21:23:52.0024 0x3b60  amdxata - ok
21:23:52.0043 0x3b60  AppID - ok
21:23:52.0044 0x3b60  AppIDSvc - ok
21:23:52.0044 0x3b60  Appinfo - ok
21:23:52.0060 0x3b60  [ 885888F8AAD89108A5EE2D0174690220, 9B148C117EBE400F40BF7F32B66B20AA4628BA9E233D707DFA2EB4A8A65E7C52 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:23:52.0060 0x3b60  Apple Mobile Device Service - ok
21:23:52.0060 0x3b60  applockerfltr - ok
21:23:52.0060 0x3b60  AppMgmt - ok
21:23:52.0076 0x3b60  AppReadiness - ok
21:23:52.0076 0x3b60  AppVClient - ok
21:23:52.0076 0x3b60  AppvStrm - ok
21:23:52.0091 0x3b60  AppvVemgr - ok
21:23:52.0091 0x3b60  AppvVfs - ok
21:23:52.0091 0x3b60  AppXSvc - ok
21:23:52.0107 0x3b60  arcsas - ok
21:23:52.0116 0x3b60  AsyncMac - ok
21:23:52.0121 0x3b60  atapi - ok
21:23:52.0127 0x3b60  AudioEndpointBuilder - ok
21:23:52.0132 0x3b60  Audiosrv - ok
21:23:52.0143 0x3b60  [ 03B45C52179E8DAE51A0F685C30D06D6, E06F066B4BFE5344BBF5749B9B8B8CFBA0C02920FD2B9C73BDDA7E34F1785DA7 ] AVP17.0.0       C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\avp.exe
21:23:52.0143 0x3b60  AVP17.0.0 - ok
21:23:52.0159 0x3b60  AxInstSV - ok
21:23:52.0159 0x3b60  b06bdrv - ok
21:23:52.0159 0x3b60  BasicDisplay - ok
21:23:52.0175 0x3b60  BasicRender - ok
21:23:52.0175 0x3b60  bcmfn - ok
21:23:52.0175 0x3b60  bcmfn2 - ok
21:23:52.0190 0x3b60  BDESVC - ok
21:23:52.0190 0x3b60  Beep - ok
21:23:52.0190 0x3b60  BFE - ok
21:23:52.0206 0x3b60  BITS - ok
21:23:52.0221 0x3b60  [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
21:23:52.0242 0x3b60  Bonjour Service - ok
21:23:52.0248 0x3b60  bowser - ok
21:23:52.0257 0x3b60  BrokerInfrastructure - ok
21:23:52.0257 0x3b60  Browser - ok
21:23:52.0257 0x3b60  [ CC8915599391541075FA669ECEA595EC, C00A2772A864D75FE83BF4ECD4F641B6DB36115FB10408B7A972FBA3C0C399AB ] Btcsrusb        C:\WINDOWS\System32\Drivers\btcusb.sys
21:23:52.0272 0x3b60  Btcsrusb - ok
21:23:52.0272 0x3b60  BthAvrcpTg - ok
21:23:52.0272 0x3b60  BthEnum - ok
21:23:52.0291 0x3b60  BthHFEnum - ok
21:23:52.0297 0x3b60  bthhfhid - ok
21:23:52.0301 0x3b60  BthHFSrv - ok
21:23:52.0301 0x3b60  BthLEEnum - ok
21:23:52.0301 0x3b60  BTHMODEM - ok
21:23:52.0319 0x3b60  BthPan - ok
21:23:52.0324 0x3b60  BTHPORT - ok
21:23:52.0330 0x3b60  bthserv - ok
21:23:52.0335 0x3b60  BTHUSB - ok
21:23:52.0340 0x3b60  buttonconverter - ok
21:23:52.0343 0x3b60  CapImg - ok
21:23:52.0343 0x3b60  cdfs - ok
21:23:52.0343 0x3b60  CDPSvc - ok
21:23:52.0359 0x3b60  CDPUserSvc - ok
21:23:52.0359 0x3b60  cdrom - ok
21:23:52.0359 0x3b60  CertPropSvc - ok
21:23:52.0375 0x3b60  cht4iscsi - ok
21:23:52.0375 0x3b60  cht4vbd - ok
21:23:52.0390 0x3b60  circlass - ok
21:23:52.0390 0x3b60  CLFS - ok
21:23:52.0459 0x3b60  [ 5AB5AEB8B92D06B07ED0C44365A16CEB, 40FAEB0AD4055519A6B9DE9805E0E64ABA9364FA2260F0D2EF59524C161C67C4 ] ClickToRunSvc   C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
21:23:52.0521 0x3b60  ClickToRunSvc - ok
21:23:52.0544 0x3b60  ClipSVC - ok
21:23:52.0544 0x3b60  clreg - ok
21:23:52.0559 0x3b60  CmBatt - ok
21:23:52.0559 0x3b60  [ B29A764A1E76473CD9D64C9438705C19, CD0497EB84DE60E1E491CA495AF981A8DFC4949BB373C1978CAF1BCF4321D30E ] cm_km           C:\WINDOWS\system32\DRIVERS\cm_km.sys
21:23:52.0575 0x3b60  cm_km - ok
21:23:52.0575 0x3b60  CNG - ok
21:23:52.0590 0x3b60  cnghwassist - ok
21:23:52.0606 0x3b60  CompositeBus - ok
21:23:52.0622 0x3b60  COMSysApp - ok
21:23:52.0622 0x3b60  condrv - ok
21:23:52.0622 0x3b60  CoreMessagingRegistrar - ok
21:23:52.0660 0x3b60  [ 91919668DF2DE59FEDC5A8F6D33E9B49, C9D2E45DE303DC1BE7C452E7F98718F32477A518DC22B40DA111095550560FF7 ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
21:23:52.0744 0x3b60  cphs - ok
21:23:52.0760 0x3b60  CryptSvc - ok
21:23:52.0760 0x3b60  CSC - ok
21:23:52.0760 0x3b60  CscService - ok
21:23:52.0775 0x3b60  dam - ok
21:23:52.0775 0x3b60  DcomLaunch - ok
21:23:52.0775 0x3b60  DcpSvc - ok
21:23:52.0791 0x3b60  [ B56714DED87E29377F1EE930691DADA2, B3C3BC4F546A786A93823C1471D560BF678A9C95237065E3B99B2B80E6C28131 ] DDDriver        C:\WINDOWS\system32\drivers\DDDriver64Dcsa.sys
21:23:52.0791 0x3b60  DDDriver - ok
21:23:52.0791 0x3b60  defragsvc - ok
21:23:52.0860 0x3b60  [ 19C5F4EBA0B9670A923EEDCD97526B3A, 6D02BC69FD8D2099098255C7776E90FD98CAB343473D92238CB5F7DE9B080A89 ] DellDataVault   C:\Program Files\Dell\DellDataVault\DellDataVault.exe
21:23:52.0907 0x3b60  DellDataVault - ok
21:23:52.0922 0x3b60  [ 5F57C0E23FB5FC5F3DDE5ACAF5D299D7, 381EB4B54B77CA061AFA484F5BF98B2518D3C7FD54406631C6C7F43E3132C4A3 ] DellDataVaultWiz C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
21:23:52.0922 0x3b60  DellDataVaultWiz - ok
21:23:52.0943 0x3b60  [ 188BCE1A33FAEE1F19A8D8875B0781DC, 0167783D063826325C856FC0FC0595A9E53F22D655D450EE01F04AB30EC6CECA ] DellDigitalDelivery C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
21:23:52.0944 0x3b60  DellDigitalDelivery - ok
21:23:52.0944 0x3b60  [ DC3BD578642252FD9569B9CD75CEF81E, 63F44BC19389C19BA9F9E974BF2E5236AF7F66D9076943B9CF46775264BBE413 ] DellProf        C:\WINDOWS\system32\drivers\DellProf.sys
21:23:52.0944 0x3b60  DellProf - ok
21:23:52.0960 0x3b60  [ 2F5EB7375FC3D9DBB81BDFFE2BCCB9D0, 6D2C01CB29EA220C265D6B24C791D97482D05F1C9FF4C9816FAA3F3E05B42882 ] DellRbtn        C:\WINDOWS\System32\drivers\DellRbtn.sys
21:23:52.0960 0x3b60  DellRbtn - ok
21:23:52.0960 0x3b60  [ 303CC91C34B77E49ECDC1F88F2CC48DC, A3B6539F473CB89774354153EE4D07E6C2C3B75FA171979407A03A95159C9096 ] DellUpdate      C:\Program Files (x86)\Dell Update\DellUpService.exe
21:23:52.0975 0x3b60  DellUpdate - ok
21:23:52.0975 0x3b60  DeviceAssociationService - ok
21:23:52.0975 0x3b60  DeviceInstall - ok
21:23:52.0991 0x3b60  DevQueryBroker - ok
21:23:52.0991 0x3b60  Dfsc - ok
21:23:52.0991 0x3b60  Dhcp - ok
21:23:53.0007 0x3b60  diagnosticshub.standardcollector.service - ok
21:23:53.0007 0x3b60  DiagTrack - ok
21:23:53.0007 0x3b60  disk - ok
21:23:53.0022 0x3b60  DmEnrollmentSvc - ok
21:23:53.0022 0x3b60  dmvsc - ok
21:23:53.0022 0x3b60  dmwappushservice - ok
21:23:53.0038 0x3b60  Dnscache - ok
21:23:53.0044 0x3b60  dot3svc - ok
21:23:53.0044 0x3b60  DPS - ok
21:23:53.0044 0x3b60  drmkaud - ok
21:23:53.0060 0x3b60  DsmSvc - ok
21:23:53.0060 0x3b60  DsSvc - ok
21:23:53.0060 0x3b60  DXGKrnl - ok
21:23:53.0076 0x3b60  EapHost - ok
21:23:53.0076 0x3b60  ebdrv - ok
21:23:53.0076 0x3b60  EFS - ok
21:23:53.0091 0x3b60  EhStorClass - ok
21:23:53.0091 0x3b60  EhStorTcgDrv - ok
21:23:53.0091 0x3b60  embeddedmode - ok
21:23:53.0107 0x3b60  EntAppSvc - ok
21:23:53.0107 0x3b60  ErrDev - ok
21:23:53.0123 0x3b60  EventSystem - ok
21:23:53.0145 0x3b60  [ 27E9D2103887F6D52367F5D07352B07A, 75D5EF634FF5BE68408C01B7DB28904B1AE7D6DBEBB5C5396F79CB46348CC3C4 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
21:23:53.0160 0x3b60  EvtEng - ok
21:23:53.0160 0x3b60  exfat - ok
21:23:53.0176 0x3b60  fastfat - ok
21:23:53.0176 0x3b60  Fax - ok
21:23:53.0176 0x3b60  fdc - ok
21:23:53.0192 0x3b60  fdPHost - ok
21:23:53.0192 0x3b60  FDResPub - ok
21:23:53.0192 0x3b60  fhsvc - ok
21:23:53.0207 0x3b60  FileCrypt - ok
21:23:53.0207 0x3b60  FileInfo - ok
21:23:53.0207 0x3b60  Filetrace - ok
21:23:53.0223 0x3b60  flpydisk - ok
21:23:53.0223 0x3b60  FltMgr - ok
21:23:53.0223 0x3b60  FontCache - ok
21:23:53.0242 0x3b60  FontCache3.0.0.0 - ok
21:23:53.0245 0x3b60  FrameServer - ok
21:23:53.0245 0x3b60  FsDepends - ok
21:23:53.0245 0x3b60  Fs_Rec - ok
21:23:53.0261 0x3b60  fvevol - ok
21:23:53.0261 0x3b60  gencounter - ok
21:23:53.0261 0x3b60  genericusbfn - ok
21:23:53.0276 0x3b60  GPIOClx0101 - ok
21:23:53.0276 0x3b60  gpsvc - ok
21:23:53.0276 0x3b60  GpuEnergyDrv - ok
21:23:53.0292 0x3b60  [ A8FD9222E4D72596BB37DA8BE95C0BA4, 52FC3AA9F704300041E486E57FE863218E4CDF4C8EEE05CA6B99A296EFEE5737 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:23:53.0292 0x3b60  gupdate - ok
21:23:53.0307 0x3b60  [ A8FD9222E4D72596BB37DA8BE95C0BA4, 52FC3AA9F704300041E486E57FE863218E4CDF4C8EEE05CA6B99A296EFEE5737 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:23:53.0307 0x3b60  gupdatem - ok
21:23:53.0307 0x3b60  HDAudBus - ok
21:23:53.0323 0x3b60  HidBatt - ok
21:23:53.0323 0x3b60  HidBth - ok
21:23:53.0323 0x3b60  hidi2c - ok
21:23:53.0341 0x3b60  hidinterrupt - ok
21:23:53.0346 0x3b60  HidIr - ok
21:23:53.0352 0x3b60  hidserv - ok
21:23:53.0358 0x3b60  HidUsb - ok
21:23:53.0367 0x3b60  [ 61B1AAF851790A53158D74AB0CAD6550, 2B6BFF96D011823E0FCD81F991EC614FA282714067E6A1C7A6AD98388514D1A5 ] HitmanProScheduler C:\Program Files\HitmanPro\hmpsched.exe
21:23:53.0370 0x3b60  HitmanProScheduler - ok
21:23:53.0375 0x3b60  HomeGroupListener - ok
21:23:53.0380 0x3b60  HomeGroupProvider - ok
21:23:53.0385 0x3b60  HpSAMD - ok
21:23:53.0385 0x3b60  [ 02F1253476B7F5F818364443DFED3264, 645F51A6781E9DEB381694718EDEF38B02F5345ADCE8860EC2D9483F7C1C7CC2 ] HPSupportSolutionsFrameworkService C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
21:23:53.0385 0x3b60  HPSupportSolutionsFrameworkService - ok
21:23:53.0385 0x3b60  HTTP - ok
21:23:53.0401 0x3b60  HvHost - ok
21:23:53.0401 0x3b60  hvservice - ok
21:23:53.0401 0x3b60  hwpolicy - ok
21:23:53.0416 0x3b60  hyperkbd - ok
21:23:53.0416 0x3b60  i8042prt - ok
21:23:53.0416 0x3b60  iagpio - ok
21:23:53.0432 0x3b60  iai2c - ok
21:23:53.0432 0x3b60  iaLPSS2i_GPIO2 - ok
21:23:53.0432 0x3b60  iaLPSS2i_I2C - ok
21:23:53.0448 0x3b60  iaLPSSi_GPIO - ok
21:23:53.0448 0x3b60  iaLPSSi_I2C - ok
21:23:53.0448 0x3b60  [ 8FD3487A6AE70321404C34AC278840D8, 2BD7720A7D907F5D036982D4DA32128D427CE5110544F51F003C7693A51A29EE ] iaLPSS_GPIO     C:\WINDOWS\System32\drivers\iaLPSS_GPIO.sys
21:23:53.0466 0x3b60  iaLPSS_GPIO - ok
21:23:53.0473 0x3b60  [ 4D962133CAB3A8555E7B1FD8D6BF38EA, 27D60F828E8FED89BACC910F419D103D02676307E24D2087B982C78F5B7B5D80 ] iaLPSS_I2C      C:\WINDOWS\System32\drivers\iaLPSS_I2C.sys
21:23:53.0478 0x3b60  iaLPSS_I2C - ok
21:23:53.0485 0x3b60  [ C7DEAA8A9A1A3F5E20F14E092CD57A75, 4C7FCFD9E8C1DC582CCB41851A7632025934B8F6473333692D2E84A3E0BDD50C ] iaLPSS_SPI      C:\WINDOWS\System32\drivers\iaLPSS_SPI.sys
21:23:53.0488 0x3b60  iaLPSS_SPI - ok
21:23:53.0488 0x3b60  [ 3123CABE4D4D666FFA730D10169B374B, 1E30341AF80180B4F53B900549D15DAB7525D77E0DF47F38F83292775C44AB2A ] iaLPSS_UART2    C:\WINDOWS\System32\drivers\iaLPSS_UART2.sys
21:23:53.0504 0x3b60  iaLPSS_UART2 - ok
21:23:53.0535 0x3b60  [ 12859E1215AA083A42E7ADCDE5C061D1, 262F9C65C3FA7EB69C4FA7C6547E1C79DB49697A083309909BC78726A116557F ] iaStorA         C:\WINDOWS\system32\drivers\iaStorA.sys
21:23:53.0566 0x3b60  iaStorA - ok
21:23:53.0582 0x3b60  iaStorAV - ok
21:23:53.0585 0x3b60  iaStorV - ok
21:23:53.0585 0x3b60  ibbus - ok
21:23:53.0585 0x3b60  ibtsiva - ok
21:23:53.0601 0x3b60  [ DCDB337927197EFF5F160B7F20F4FF0A, 1723F1BDEF139C863EC638F42DAB79FBA2952F50145FD8F9CC786D0FEAFBBFBC ] ibtusb          C:\WINDOWS\system32\DRIVERS\ibtusb.sys
21:23:53.0616 0x3b60  ibtusb - ok
21:23:53.0616 0x3b60  [ 231ADCE77616144B8E3D29707B282C82, D2429E0CAABE3E3A50D62DEC6C9F8D13AC8786EB57D9075489425E623EC84165 ] ICCWDT          C:\WINDOWS\System32\drivers\ICCWDT.sys
21:23:53.0616 0x3b60  ICCWDT - ok
21:23:53.0632 0x3b60  icssvc - ok
21:23:53.0801 0x3b60  [ 5B52C08820EC76D008DA3F5E7B100E8D, E6B1B518629EF8B0F04A8851D9E61B899DC4C2E557E2FF7F3F70118F9C235B79 ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
21:23:53.0983 0x3b60  igfx - ok
21:23:54.0005 0x3b60  [ 58FCD3A891F4719786F15B70BA8A3AEC, 874B8357A576A8CDA1489B1CB58BA91A0BC07078E079F4072FDF29EAABEB4909 ] igfxCUIService2.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
21:23:54.0068 0x3b60  igfxCUIService2.0.0.0 - ok
21:23:54.0068 0x3b60  IKEEXT - ok
21:23:54.0083 0x3b60  IndirectKmd - ok
21:23:54.0178 0x3b60  [ 48AC5F706780BCC34811EA89A0727189, F76EC13A5A0FD24D9B63B7546FF749739022D1785357AD06E3FAA7F608E8C714 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
21:23:54.0279 0x3b60  IntcAzAudAddService - ok
21:23:54.0308 0x3b60  [ E300D1E37B737ED14F7A08CD5604E5D9, 5C1135081E29D7F4A97D5CAA2C8FBE1DD04EC7A3D8E648E69F2AA9EBDD88EBBB ] IntcDAud        C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
21:23:54.0323 0x3b60  IntcDAud - ok
21:23:54.0323 0x3b60  intelide - ok
21:23:54.0339 0x3b60  intelpep - ok
21:23:54.0339 0x3b60  intelppm - ok
21:23:54.0339 0x3b60  iorate - ok
21:23:54.0354 0x3b60  IpFilterDriver - ok
21:23:54.0354 0x3b60  iphlpsvc - ok
21:23:54.0354 0x3b60  IPMIDRV - ok
21:23:54.0354 0x3b60  IPNAT - ok
21:23:54.0386 0x3b60  [ 16A6D49E7698FC6F1730D3FF9F5561A8, 860D2601BA3A71C81A6B21F4D92A5E9C47772C9DE0F047D49000FA4A484D7932 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
21:23:54.0403 0x3b60  iPod Service - ok
21:23:54.0406 0x3b60  [ 04C180E82B79580D4B1FDC1D3ED031AE, F2C343B4284F088D18CFEE6F6EFAC3F290683D7721B417FC991725C622D128AE ] IpOverUsbSvc    C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
21:23:54.0406 0x3b60  IpOverUsbSvc - ok
21:23:54.0406 0x3b60  irda - ok
21:23:54.0406 0x3b60  IRENUM - ok
21:23:54.0421 0x3b60  irmon - ok
21:23:54.0421 0x3b60  [ 5FD1AD322C594FFE45D5BC47D27C52A7, 3F1F0AB9A3C7E847EF9810191530DF37956BD8829154A2034721648CFBFCC201 ] irstrtdv        C:\WINDOWS\System32\drivers\irstrtdv.sys
21:23:54.0421 0x3b60  irstrtdv - ok
21:23:54.0421 0x3b60  isapnp - ok
21:23:54.0437 0x3b60  iScsiPrt - ok
21:23:54.0437 0x3b60  [ 1ECC1A421B0AEBF9A6934451FBFD7848, 1A8DDEC42831C12760CF27FA02EDD06D5CCE25A606E2DECB7D8487B5961B11AC ] ISCT            C:\WINDOWS\System32\drivers\ISCTD64.sys
21:23:54.0437 0x3b60  ISCT - ok
21:23:54.0453 0x3b60  [ 56D480702478880805F4E74F2BA02382, D1292175BBC38D105E298F7E62C7E113DB540C1878892F1D4E1E2602DECDCAA0 ] iwdbus          C:\WINDOWS\System32\drivers\iwdbus.sys
21:23:54.0453 0x3b60  iwdbus - ok
21:23:54.0453 0x3b60  kbdclass - ok
21:23:54.0468 0x3b60  kbdhid - ok
21:23:54.0468 0x3b60  kdnic - ok
21:23:54.0468 0x3b60  KeyIso - ok
21:23:54.0484 0x3b60  [ 97E3E8F35632EECD0ABD2DE6519A9666, ABE96FDEB1076E380D7FB4975C020B43ED4E821097EFC6AFE8C75D764167D6E8 ] kl1             C:\WINDOWS\system32\DRIVERS\kl1.sys
21:23:54.0506 0x3b60  kl1 - ok
21:23:54.0506 0x3b60  [ B01AD8DA034EE42D4C2282F77FDB03AE, 3FF55F3CEE4A0E5D559F04F5A639297EA0F36580720E94CF9DD56DEBF2E98F39 ] klbackupdisk    C:\WINDOWS\system32\DRIVERS\klbackupdisk.sys
21:23:54.0506 0x3b60  klbackupdisk - ok
21:23:54.0522 0x3b60  [ 10549B5BFD9A3DCF4FFA6287236FA959, 6BDFA335A8E3A69425CB23230660D3168CB82911ACB3AAAF85C19263511EAF51 ] klbackupflt     C:\WINDOWS\system32\DRIVERS\klbackupflt.sys
21:23:54.0522 0x3b60  klbackupflt - ok
21:23:54.0537 0x3b60  [ 7DAA9047F50BF5A3F8C147719FC520AF, 0740387075AF46DB1E9AEE3B12C65A06EDFE58EADB8B562C36CB1FEFF9905C26 ] kldisk          C:\WINDOWS\system32\DRIVERS\kldisk.sys
21:23:54.0537 0x3b60  kldisk - ok
21:23:54.0537 0x3b60  [ 5766A27C85EE813029831D125D2EFB45, BB5BAFD5A58E80C7F0B8D24121352E0386B3422FFC16B56F1D1B1C6A482AC9F0 ] klelam          C:\WINDOWS\system32\DRIVERS\klelam.sys
21:23:54.0537 0x3b60  klelam - ok
21:23:54.0553 0x3b60  [ 63FD545876EF4248BE3C8788D8270758, 5FF6529F8D7F94848E68142D8B2CAA446342AF95644C9223E689E303E8AB7336 ] klflt           C:\WINDOWS\system32\DRIVERS\klflt.sys
21:23:54.0553 0x3b60  klflt - ok
21:23:54.0569 0x3b60  [ 3524D3B8F5BEF8C01EAF7EEFFA5EAB3F, 0908A6E3E62017F7099900850D58A1B775D808F7DC0951B09781689DF3994DA2 ] klhk            C:\WINDOWS\System32\drivers\klhk.sys
21:23:54.0584 0x3b60  klhk - ok
21:23:54.0606 0x3b60  [ 7796EAD58D8C1A42AAB6B6CA9A3F106C, 7DA8A05A0210F63C7D120DCF0101AD895D53368C0DED23E275F2BA79239FCE28 ] klids           C:\ProgramData\Kaspersky Lab\AVP17.0.0\Bases\klids.sys
21:23:54.0606 0x3b60  klids - ok
21:23:54.0637 0x3b60  [ BBF9B967A410120E67FB6E7F53E7A7CA, E6C8703A14271C08BDCEDB9F09B5E0392C9D337C9816E12D860A4DF3D5D3F7EE ] KLIF            C:\WINDOWS\system32\DRIVERS\klif.sys
21:23:54.0653 0x3b60  KLIF - ok
21:23:54.0668 0x3b60  [ DDCD4AF37C41EAAA47E99D9D2605AC8D, FA9A0E068DD45645E62C19995279078726D6DF79AD54EDBD53F7D1E1D059372B ] KLIM6           C:\WINDOWS\system32\DRIVERS\klim6.sys
21:23:54.0668 0x3b60  KLIM6 - ok
21:23:54.0668 0x3b60  [ 5480CC93737F48282552C84FA7EBA59B, B7D92424399B647132F6B9409FE75EAA310C984F796FC0B65BBE2EA180110968 ] klkbdflt        C:\WINDOWS\system32\DRIVERS\klkbdflt.sys
21:23:54.0668 0x3b60  klkbdflt - ok
21:23:54.0684 0x3b60  [ FD47C92A63B6EADEA830BFA96C06EAEE, C15C39B6FA53CBD01A2F95243845C4B706B4229F8FFB75C7128819B9CEE5B2CB ] klmouflt        C:\WINDOWS\system32\DRIVERS\klmouflt.sys
21:23:54.0684 0x3b60  klmouflt - ok
21:23:54.0684 0x3b60  [ 6B0C605591C892CBB683F63EA47822DC, E74C0A0501A1B4B56B417402108521F34DA6A23FCD1C05E4E524E41EBA0906FF ] klpd            C:\WINDOWS\system32\DRIVERS\klpd.sys
21:23:54.0684 0x3b60  klpd - ok
21:23:54.0705 0x3b60  [ 828B042A95F055648DA190DF6C7AB1B6, 0457B0EF03BCB4CC1297EB25A25C162937F456BF406EC7B1A5E9A0AA13A9BCD7 ] kltap           C:\WINDOWS\System32\drivers\kltap.sys
21:23:54.0706 0x3b60  kltap - ok
21:23:54.0706 0x3b60  [ A10F8B0584926404E5CCF915704D27AA, 1020162B59EB928E1ADEC174505AA6187B38DA1828DFC8A41D9C8B532EDD58F3 ] klupd_klif_arkmon C:\WINDOWS\system32\Drivers\klupd_klif_arkmon.sys
21:23:54.0722 0x3b60  klupd_klif_arkmon - ok
21:23:54.0735 0x3b60  [ 3140F62A49A37687EFB50475F960B44A, 506601819244E10AB891E4AFC91E7AC7276715B00A5D6932A57B01267FB97117 ] klupd_klif_klark C:\WINDOWS\system32\Drivers\klupd_klif_klark.sys
21:23:54.0742 0x3b60  klupd_klif_klark - ok
21:23:54.0747 0x3b60  [ 0E1A21C54398C8D8E791718AACF0E1EF, B08E47099BE3D6C654DB4C7E5D86B09D8650B24BEB53955591939AED30C6202A ] klupd_klif_klbg C:\WINDOWS\system32\Drivers\klupd_klif_klbg.sys
21:23:54.0747 0x3b60  klupd_klif_klbg - ok
21:23:54.0762 0x3b60  [ EBC4BEEC7E807C49F9BC7546E5A67FEF, 2433EABE495A0B4CC7AC2D9BC728D1148ABADF074551CD1CCDA4A3DFD794F52A ] klupd_klif_mark C:\WINDOWS\system32\Drivers\klupd_klif_mark.sys
21:23:54.0762 0x3b60  klupd_klif_mark - ok
21:23:54.0778 0x3b60  [ D7F0B46844565E2ED68AC99AF0F4263F, AB419CBC29F96703237127AC4178A5365D4CCA010BAB1BD66D100D635E6E89B8 ] klvssbrigde64   C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\vssbridge64.exe
21:23:54.0778 0x3b60  klvssbrigde64 - ok
21:23:54.0794 0x3b60  [ 4C5305295B51BA72FC9C8CDAB32F95C3, 0E5850AC4CA14D971E7B04FED23CB2F6CEEE2796E905AADA0104677982ECD58A ] klwfp           C:\WINDOWS\system32\DRIVERS\klwfp.sys
21:23:54.0797 0x3b60  klwfp - ok
21:23:54.0806 0x3b60  [ 9A234E6404390862643FDD2EBFDE41FA, 011C9F7D6F04AFCE887BCC7A83CEC14806B6937D290F9F14830187FCEAF25D4A ] Klwtp           C:\WINDOWS\system32\DRIVERS\klwtp.sys
21:23:54.0807 0x3b60  Klwtp - ok
21:23:54.0807 0x3b60  [ 67EFD862ACEFCB9687523832C62FA584, B3C9A36C535B706EB19E5C5437705E8C5EC71F45115A2C97E1348462EC2A3922 ] kneps           C:\WINDOWS\system32\DRIVERS\kneps.sys
21:23:54.0823 0x3b60  kneps - ok
21:23:54.0823 0x3b60  [ EFF5EA6088DB81C6EF6EDCDA5EE79909, 4D364B0BF012C335FA3B25BDF042D4AF672D961B9B48CB7C5BE34FCFD1D64979 ] KSDE1.0.0       C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe
21:23:54.0838 0x3b60  KSDE1.0.0 - ok
21:23:54.0838 0x3b60  KSecDD - ok
21:23:54.0838 0x3b60  KSecPkg - ok
21:23:54.0854 0x3b60  ksthunk - ok
21:23:54.0854 0x3b60  KtmRm - ok
21:23:54.0854 0x3b60  LanmanServer - ok
21:23:54.0869 0x3b60  LanmanWorkstation - ok
21:23:54.0869 0x3b60  [ EAB70270BDDCFEF56FCC7425C2D9883D, 7B351EE3DA3DA4677DD8E4F91A5FFA6EBB3A15BF76F34EAC8879ECB16D01190F ] LEqdUsb         C:\WINDOWS\system32\DRIVERS\LEqdUsb.Sys
21:23:54.0869 0x3b60  LEqdUsb - ok
21:23:54.0885 0x3b60  lfsvc - ok
21:23:54.0885 0x3b60  [ 5EBB7C1FC685D45A1D3D8B2B9A656E48, 8C4D984D3566DE29D13A294ED927525A7D7A106887E809986EBDDA8CC0B98FFB ] LHidEqd         C:\WINDOWS\system32\DRIVERS\LHidEqd.Sys
21:23:54.0885 0x3b60  LHidEqd - ok
21:23:54.0885 0x3b60  LicenseManager - ok
21:23:54.0905 0x3b60  lltdio - ok
21:23:54.0907 0x3b60  lltdsvc - ok
21:23:54.0907 0x3b60  lmhosts - ok
21:23:54.0907 0x3b60  LSI_SAS - ok
21:23:54.0923 0x3b60  LSI_SAS2i - ok
21:23:54.0923 0x3b60  LSI_SAS3i - ok
21:23:54.0923 0x3b60  LSI_SSS - ok
21:23:54.0938 0x3b60  LSM - ok
21:23:54.0938 0x3b60  luafv - ok
21:23:54.0938 0x3b60  MapsBroker - ok
21:23:54.0954 0x3b60  [ 78BFF5425E044086E74E78650A359FBB, 294738C10F3ED933D4EC40EA0659372FCF19A3C6D45D356917438CA495F2CB45 ] MBAMProtector   C:\WINDOWS\system32\drivers\mbam.sys
21:23:54.0954 0x3b60  MBAMProtector - ok
21:23:55.0002 0x3b60  [ 9611577752E293259C7DCE19E9026362, 8CB5DFD63FA15603BB6FA6B501E09ED7F4DE0E8F68CB28B78CECAC3711BEFD24 ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
21:23:55.0023 0x3b60  MBAMScheduler - ok
21:23:55.0070 0x3b60  [ F1A89A34388B5626F1548D393B23ECB1, EA00AC76C4C8C9340753B58A3313C9177A9B98F9F1BDE08F184CD0F53D0C186F ] MBAMService     C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
21:23:55.0086 0x3b60  MBAMService - ok
21:23:55.0104 0x3b60  [ 898415AC0B5F1D2A9A48ABCB68A6DC4B, E1FD9AE5E22E3E5A18288E66A6184E92A4B63A1274DCE147A7728BB09C6A225E ] MBAMWebAccessControl C:\WINDOWS\system32\drivers\mwac.sys
21:23:55.0108 0x3b60  MBAMWebAccessControl - ok
21:23:55.0123 0x3b60  megasas - ok
21:23:55.0123 0x3b60  megasas2i - ok
21:23:55.0123 0x3b60  megasr - ok
21:23:55.0139 0x3b60  [ 86F565B0D41EBCCE7256B812F3A0442B, BACB5753D4501679B0C3D5D6B2D2D5233EC6B5BF76D0C2BD616EC460D5B9918F ] MEIx64          C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys
21:23:55.0139 0x3b60  MEIx64 - ok
21:23:55.0155 0x3b60  MessagingService - ok
21:23:55.0155 0x3b60  mlx4_bus - ok
21:23:55.0170 0x3b60  MMCSS - ok
21:23:55.0170 0x3b60  Modem - ok
21:23:55.0170 0x3b60  monitor - ok
21:23:55.0186 0x3b60  mouclass - ok
21:23:55.0186 0x3b60  mouhid - ok
21:23:55.0186 0x3b60  mountmgr - ok
21:23:55.0186 0x3b60  mpsdrv - ok
21:23:55.0206 0x3b60  MpsSvc - ok
21:23:55.0207 0x3b60  MRxDAV - ok
21:23:55.0207 0x3b60  mrxsmb - ok
21:23:55.0207 0x3b60  mrxsmb10 - ok
21:23:55.0224 0x3b60  mrxsmb20 - ok
21:23:55.0224 0x3b60  MsBridge - ok
21:23:55.0224 0x3b60  MSDTC - ok
21:23:55.0239 0x3b60  Msfs - ok
21:23:55.0239 0x3b60  msgpiowin32 - ok
21:23:55.0239 0x3b60  mshidkmdf - ok
21:23:55.0255 0x3b60  mshidumdf - ok
21:23:55.0255 0x3b60  msisadrv - ok
21:23:55.0255 0x3b60  MSiSCSI - ok
21:23:55.0270 0x3b60  msiserver - ok
21:23:55.0270 0x3b60  MSKSSRV - ok
21:23:55.0270 0x3b60  MsLldp - ok
21:23:55.0286 0x3b60  MSPCLOCK - ok
21:23:55.0286 0x3b60  MSPQM - ok
21:23:55.0286 0x3b60  MsRPC - ok
21:23:55.0305 0x3b60  MsSecFlt - ok
21:23:55.0308 0x3b60  mssmbios - ok
21:23:55.0308 0x3b60  MSTEE - ok
21:23:55.0308 0x3b60  MTConfig - ok
21:23:55.0324 0x3b60  Mup - ok
21:23:55.0324 0x3b60  mvumis - ok
21:23:55.0339 0x3b60  [ AB6031419C320BBDF456102ADD011D7E, 3308C30CA5C50F08D6FCF662980C9B8ED04B744F65B0D77E60EFC655BC1F310B ] MyWiFiDHCPDNS   C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
21:23:55.0339 0x3b60  MyWiFiDHCPDNS - ok
21:23:55.0355 0x3b60  NativeWifiP - ok
21:23:55.0355 0x3b60  NcaSvc - ok
21:23:55.0355 0x3b60  NcbService - ok
21:23:55.0355 0x3b60  NcdAutoSetup - ok
21:23:55.0370 0x3b60  ndfltr - ok
21:23:55.0370 0x3b60  NDIS - ok
21:23:55.0370 0x3b60  NdisCap - ok
21:23:55.0386 0x3b60  NdisImPlatform - ok
21:23:55.0386 0x3b60  NdisTapi - ok
21:23:55.0386 0x3b60  Ndisuio - ok
21:23:55.0404 0x3b60  NdisVirtualBus - ok
21:23:55.0408 0x3b60  NdisWan - ok
21:23:55.0408 0x3b60  ndiswanlegacy - ok
21:23:55.0408 0x3b60  ndproxy - ok
21:23:55.0424 0x3b60  Ndu - ok
21:23:55.0424 0x3b60  NetAdapterCx - ok
21:23:55.0424 0x3b60  NetBIOS - ok
21:23:55.0439 0x3b60  NetBT - ok
21:23:55.0439 0x3b60  Netlogon - ok
21:23:55.0439 0x3b60  Netman - ok
21:23:55.0455 0x3b60  netprofm - ok
21:23:55.0455 0x3b60  NetSetupSvc - ok
21:23:55.0471 0x3b60  NetTcpPortSharing - ok
21:23:55.0555 0x3b60  [ AC754EB741173D97931947D834F1FE94, 1DC03E5561B4CAFF126038D56AEC43C39642920B1EA1EEC23E2BFCEB644BC94A ] NETwNb64        C:\WINDOWS\System32\drivers\Netwbw02.sys
21:23:55.0624 0x3b60  NETwNb64 - ok
21:23:55.0640 0x3b60  NgcCtnrSvc - ok
21:23:55.0640 0x3b60  NgcSvc - ok
21:23:55.0656 0x3b60  NlaSvc - ok
21:23:55.0656 0x3b60  Npfs - ok
21:23:55.0656 0x3b60  npsvctrig - ok
21:23:55.0671 0x3b60  nsi - ok
21:23:55.0671 0x3b60  nsiproxy - ok
21:23:55.0671 0x3b60  NTFS - ok
21:23:55.0687 0x3b60  Null - ok
21:23:55.0687 0x3b60  nvraid - ok
21:23:55.0687 0x3b60  nvstor - ok
21:23:55.0706 0x3b60  OneSyncSvc - ok
21:23:55.0709 0x3b60  [ B301012418301697F71E5E85C782CC0F, FA639B87AE5008C7EA54AE042786CA7CEFFDFEA17659FC4B3C0410E14905D9C5 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:23:55.0709 0x3b60  ose - ok
21:23:55.0725 0x3b60  p2pimsvc - ok
21:23:55.0725 0x3b60  p2psvc - ok
21:23:55.0725 0x3b60  Parport - ok
21:23:55.0740 0x3b60  partmgr - ok
21:23:55.0740 0x3b60  PcaSvc - ok
21:23:55.0756 0x3b60  [ 4B5F5774FF1C577B9515FDD2B5C535C5, 1D053020079124AC526D84AFFB17BF4A1563ECD872C83B4B6299C9AA6A732557 ] PCDSRVC{3B54B31B-D06B6431-06020200}_0 c:\program files\dell\supportassist\pcdsrvc_x64.pkms
21:23:55.0771 0x3b60  PCDSRVC{3B54B31B-D06B6431-06020200}_0 - ok
21:23:55.0771 0x3b60  pci - ok
21:23:55.0771 0x3b60  pciide - ok
21:23:55.0771 0x3b60  pcmcia - ok
21:23:55.0787 0x3b60  pcw - ok
21:23:55.0787 0x3b60  pdc - ok
21:23:55.0787 0x3b60  PEAUTH - ok
21:23:55.0806 0x3b60  PeerDistSvc - ok
21:23:55.0809 0x3b60  percsas2i - ok
21:23:55.0809 0x3b60  percsas3i - ok
21:23:55.0840 0x3b60  PerfHost - ok
21:23:55.0856 0x3b60  PhoneSvc - ok
21:23:55.0856 0x3b60  PimIndexMaintenanceSvc - ok
21:23:55.0856 0x3b60  pla - ok
21:23:55.0872 0x3b60  PlugPlay - ok
21:23:55.0872 0x3b60  PNRPAutoReg - ok
21:23:55.0872 0x3b60  PNRPsvc - ok
21:23:55.0887 0x3b60  PolicyAgent - ok
21:23:55.0887 0x3b60  Power - ok
21:23:55.0903 0x3b60  PptpMiniport - ok
21:23:55.0972 0x3b60  [ 7196D3C2E2E3129814C8DAB91F9A7D1E, 6763E4BF8E846B597E78778E520F5BADC95608BAA4EA0AC84971384B5D976DD7 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
21:23:56.0057 0x3b60  PrintNotify - ok
21:23:56.0057 0x3b60  Processor - ok
21:23:56.0057 0x3b60  ProfSvc - ok
21:23:56.0072 0x3b60  Psched - ok
21:23:56.0072 0x3b60  QWAVE - ok
21:23:56.0072 0x3b60  QWAVEdrv - ok
21:23:56.0088 0x3b60  RasAcd - ok
21:23:56.0088 0x3b60  RasAgileVpn - ok
21:23:56.0088 0x3b60  RasAuto - ok
21:23:56.0106 0x3b60  Rasl2tp - ok
21:23:56.0110 0x3b60  RasMan - ok
21:23:56.0110 0x3b60  RasPppoe - ok
21:23:56.0110 0x3b60  RasSstp - ok
21:23:56.0126 0x3b60  [ 0C7AF32DD37EDE54916F3C2B8E6F9B6A, 33DE531356F37186A178C65595C04A1D481D149939DFE48C8BDD9DF5ACBEAF5E ] RawDisk3        C:\WINDOWS\system32\drivers\rawdsk3.sys
21:23:56.0126 0x3b60  RawDisk3 - ok
21:23:56.0126 0x3b60  rdbss - ok
21:23:56.0141 0x3b60  rdpbus - ok
21:23:56.0141 0x3b60  RDPDR - ok
21:23:56.0141 0x3b60  RdpVideoMiniport - ok
21:23:56.0157 0x3b60  rdyboost - ok
21:23:56.0157 0x3b60  ReFSv1 - ok
21:23:56.0173 0x3b60  [ 6242A806ED208E80BB788CCA967F672E, B960DAB695BE43665B1F9E433BE5E774E2831012AE2E9C8404CECBCE496A3022 ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
21:23:56.0173 0x3b60  RegSrvc - ok
21:23:56.0173 0x3b60  RemoteAccess - ok
21:23:56.0188 0x3b60  RemoteRegistry - ok
21:23:56.0188 0x3b60  RetailDemo - ok
21:23:56.0188 0x3b60  RFCOMM - ok
21:23:56.0208 0x3b60  RmSvc - ok
21:23:56.0210 0x3b60  RpcEptMapper - ok
21:23:56.0224 0x3b60  [ E2579A66402FF788F49950CAE3C1FE45, 4F38AFCEBDC5975758BEB3213AE40BB36FA8E22BD60933D00BC9F8DE8B872264 ] rpcld           C:\ProgramData\Rpcnet\Bin\rpcld.exe
21:23:56.0228 0x3b60  rpcld - ok
21:23:56.0234 0x3b60  RpcLocator - ok
21:23:56.0258 0x3b60  [ DC908AB53016010462F371BBFD3173F5, EBA817F382F49FC698AB98415E7552C2ED031FAEEAB55D34EC77E5EF59860649 ] rpcnet          C:\WINDOWS\SysWOW64\rpcnet.exe
21:23:56.0349 0x3b60  rpcnet - ok
21:23:56.0365 0x3b60  RpcSs - ok
21:23:56.0365 0x3b60  rspndr - ok
21:23:56.0381 0x3b60  [ DBE1ADA144291F8E0F29ECC40AE14562, D85E5F698EFC6B2374FB330BE4C6828AA3E1A87D3F08BB855A790A5113D5ED5B ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
21:23:56.0403 0x3b60  RtkAudioService - ok
21:23:56.0408 0x3b60  s3cap - ok
21:23:56.0410 0x3b60  SamSs - ok
21:23:56.0410 0x3b60  sbp2port - ok
21:23:56.0410 0x3b60  SCardSvr - ok
21:23:56.0426 0x3b60  ScDeviceEnum - ok
21:23:56.0426 0x3b60  scfilter - ok
21:23:56.0426 0x3b60  Schedule - ok
21:23:56.0441 0x3b60  scmbus - ok
21:23:56.0441 0x3b60  scmdisk0101 - ok
21:23:56.0441 0x3b60  SCPolicySvc - ok
21:23:56.0457 0x3b60  sdbus - ok
21:23:56.0457 0x3b60  SDRSVC - ok
21:23:56.0457 0x3b60  sdstor - ok
21:23:56.0472 0x3b60  seclogon - ok
21:23:56.0472 0x3b60  [ 07F83829E7429E60298440CD1E601A6A, 9F1229CD8DD9092C27A01F5D56E3C0D59C2BB9F0139ABF042E56F343637FDA33 ] semav6msr64     C:\WINDOWS\system32\drivers\semav6msr64.sys
21:23:56.0472 0x3b60  semav6msr64 - ok
21:23:56.0488 0x3b60  SENS - ok
21:23:56.0488 0x3b60  Sense - ok
21:23:56.0488 0x3b60  SensorDataService - ok
21:23:56.0507 0x3b60  SensorsAlsDriver - ok
21:23:56.0510 0x3b60  SensorService - ok
21:23:56.0510 0x3b60  SensrSvc - ok
21:23:56.0510 0x3b60  SerCx - ok
21:23:56.0526 0x3b60  SerCx2 - ok
21:23:56.0526 0x3b60  Serenum - ok
21:23:56.0526 0x3b60  Serial - ok
21:23:56.0541 0x3b60  sermouse - ok
21:23:56.0541 0x3b60  SessionEnv - ok
21:23:56.0557 0x3b60  sfloppy - ok
21:23:56.0557 0x3b60  SharedAccess - ok
21:23:56.0557 0x3b60  ShellHWDetection - ok
21:23:56.0572 0x3b60  shpamsvc - ok
21:23:56.0572 0x3b60  SiSRaid2 - ok
21:23:56.0572 0x3b60  SiSRaid4 - ok
21:23:56.0588 0x3b60  [ 3BEB38CD14E6A4FBEC4E8FC2158FA3AF, E107CC96A7213F71887D72BEDC58AAAEC8020A766190AEC1464AB19F3F157280 ] SmbDrv          C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys
21:23:56.0588 0x3b60  SmbDrv - ok
21:23:56.0588 0x3b60  [ 5D57D9022B38F83825163BDB8301FCE2, 738721DF8053DFA109BF95CF3B8127580FBC8B25D422E6B3E42F651F1BCA02B5 ] SmbDrvI         C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys
21:23:56.0606 0x3b60  SmbDrvI - ok
21:23:56.0610 0x3b60  smphost - ok
21:23:56.0610 0x3b60  SmsRouter - ok
21:23:56.0625 0x3b60  SNMPTRAP - ok
21:23:56.0625 0x3b60  [ B3D47BE53A032EB8CD0A9B77D946DC19, CF0953A2A507C82312EA32539B5FFEA15080C9D412D8E4436F7BDD126013CF9F ] SNTUSB64        C:\WINDOWS\System32\drivers\SNTUSB64.SYS
21:23:56.0625 0x3b60  SNTUSB64 - ok
21:23:56.0641 0x3b60  spaceport - ok
21:23:56.0641 0x3b60  SpbCx - ok
21:23:56.0655 0x3b60  Spooler - ok
21:23:56.0661 0x3b60  sppsvc - ok
21:23:56.0666 0x3b60  srv - ok
21:23:56.0671 0x3b60  srv2 - ok
21:23:56.0677 0x3b60  srvnet - ok
21:23:56.0679 0x3b60  SSDPSRV - ok
21:23:56.0679 0x3b60  SstpSvc - ok
21:23:56.0695 0x3b60  StateRepository - ok
21:23:56.0700 0x3b60  stexstor - ok
21:23:56.0706 0x3b60  [ B11724BFE7DA1BA55903B4D849415F1A, ED09B6AD68C87FED34FC66CB6C7A74DFC3AF524E3BE89EDD18A5B6685F656ACA ] StillCam        C:\WINDOWS\system32\DRIVERS\serscan.sys
21:23:56.0708 0x3b60  StillCam - ok
21:23:56.0710 0x3b60  stisvc - ok
21:23:56.0710 0x3b60  storahci - ok
21:23:56.0710 0x3b60  storflt - ok
21:23:56.0726 0x3b60  stornvme - ok
21:23:56.0726 0x3b60  storqosflt - ok
21:23:56.0726 0x3b60  StorSvc - ok
21:23:56.0742 0x3b60  storufs - ok
21:23:56.0742 0x3b60  storvsc - ok
21:23:56.0757 0x3b60  [ 4BBD324372664F7EC73E93553A92CD2C, 43DE2A7C3A8B64535E104E4FB8AB32AD93EFC10F2EAE3BF287A06A89C5998124 ] SupportAssistAgent C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
21:23:56.0757 0x3b60  SupportAssistAgent - ok
21:23:56.0757 0x3b60  svsvc - ok
21:23:56.0757 0x3b60  swenum - ok
21:23:56.0773 0x3b60  swprv - ok
21:23:56.0773 0x3b60  [ D79DAF239126C945C17B19322A084025, 9EC5B0BF970A58F8C969AAE8987D8DEA99EBABDC6064572D204FAB1BDDD16CF7 ] SynRMIHID       C:\WINDOWS\system32\DRIVERS\SynRMIHID.sys
21:23:56.0789 0x3b60  SynRMIHID - ok
21:23:56.0789 0x3b60  Synth3dVsc - ok
21:23:56.0811 0x3b60  [ 7E278DCD635DABB2F39F7266AC9AAD32, D217E7FB62E2311C015F813111AB810DA2D5E8C54A10861968F96A464A0D45E0 ] SynTP           C:\WINDOWS\system32\DRIVERS\SynTP.sys
21:23:56.0826 0x3b60  SynTP - ok
21:23:56.0842 0x3b60  [ A22517F0FA7291B5179190A41E9D3365, 7C36DF43FFCC7E6033C8C6C3B701C63DD93F899654DFA390AEEEF7B357D394BE ] SynTPEnhService C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
21:23:56.0842 0x3b60  SynTPEnhService - ok
21:23:56.0842 0x3b60  SysMain - ok
21:23:56.0858 0x3b60  SystemEventsBroker - ok
21:23:56.0858 0x3b60  [ 2BE3A44B764D6C43CBF4650E862CB807, 78920DA47F3A0C26503FB62EF159455A860E57A9A39C72AEE23A9324168EC1D2 ] SystemUsageReportSvc_WILLAMETTE C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
21:23:56.0873 0x3b60  SystemUsageReportSvc_WILLAMETTE - ok
21:23:56.0873 0x3b60  TabletInputService - ok
21:23:56.0873 0x3b60  TapiSrv - ok
21:23:56.0889 0x3b60  Tcpip - ok
21:23:56.0889 0x3b60  Tcpip6 - ok
21:23:56.0889 0x3b60  tcpipreg - ok
21:23:56.0910 0x3b60  tdx - ok
21:23:56.0910 0x3b60  terminpt - ok
21:23:56.0910 0x3b60  TermService - ok
21:23:56.0926 0x3b60  Themes - ok
21:23:56.0926 0x3b60  TieringEngineService - ok
21:23:56.0942 0x3b60  tiledatamodelsvc - ok
21:23:56.0942 0x3b60  TimeBrokerSvc - ok
21:23:56.0942 0x3b60  TPM - ok
21:23:56.0957 0x3b60  TrkWks - ok
21:23:56.0957 0x3b60  [ 0D5A09B08568760AE85A801FCBC0F83D, 347ACBA74FDCBEAC671521739F8A34EC0E378CAF716C31F55616F9F843E4D0D3 ] TrueSight       C:\Windows\System32\drivers\TrueSight.sys
21:23:56.0973 0x3b60  TrueSight - ok
21:23:56.0973 0x3b60  TrustedInstaller - ok
21:23:56.0992 0x3b60  tsusbflt - ok
21:23:56.0997 0x3b60  TsUsbGD - ok
21:23:57.0002 0x3b60  tsusbhub - ok
21:23:57.0008 0x3b60  tunnel - ok
21:23:57.0014 0x3b60  tzautoupdate - ok
21:23:57.0016 0x3b60  UASPStor - ok
21:23:57.0016 0x3b60  UcmCx0101 - ok
21:23:57.0016 0x3b60  UcmTcpciCx0101 - ok
21:23:57.0035 0x3b60  UcmUcsi - ok
21:23:57.0036 0x3b60  Ucx01000 - ok
21:23:57.0036 0x3b60  UdeCx - ok
21:23:57.0036 0x3b60  udfs - ok
21:23:57.0058 0x3b60  UEFI - ok
21:23:57.0059 0x3b60  UevAgentDriver - ok
21:23:57.0059 0x3b60  UevAgentService - ok
21:23:57.0059 0x3b60  Ufx01000 - ok
21:23:57.0075 0x3b60  UfxChipidea - ok
21:23:57.0075 0x3b60  ufxsynopsys - ok
21:23:57.0091 0x3b60  UI0Detect - ok
21:23:57.0091 0x3b60  umbus - ok
21:23:57.0107 0x3b60  UmPass - ok
21:23:57.0111 0x3b60  UmRdpService - ok
21:23:57.0111 0x3b60  UnistoreSvc - ok
21:23:57.0111 0x3b60  upnphost - ok
21:23:57.0127 0x3b60  UrsChipidea - ok
21:23:57.0127 0x3b60  UrsCx01000 - ok
21:23:57.0142 0x3b60  UrsSynopsys - ok
21:23:57.0142 0x3b60  [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64       C:\WINDOWS\System32\Drivers\usbaapl64.sys
21:23:57.0142 0x3b60  USBAAPL64 - ok
21:23:57.0158 0x3b60  usbccgp - ok
21:23:57.0158 0x3b60  usbcir - ok
21:23:57.0158 0x3b60  usbehci - ok
21:23:57.0174 0x3b60  usbhub - ok
21:23:57.0174 0x3b60  USBHUB3 - ok
21:23:57.0174 0x3b60  usbohci - ok
21:23:57.0189 0x3b60  usbprint - ok
21:23:57.0189 0x3b60  usbser - ok
21:23:57.0189 0x3b60  USBSTOR - ok
21:23:57.0209 0x3b60  usbuhci - ok
21:23:57.0215 0x3b60  usbvideo - ok
21:23:57.0220 0x3b60  USBXHCI - ok
21:23:57.0227 0x3b60  UserDataSvc - ok
21:23:57.0234 0x3b60  UserManager - ok
21:23:57.0249 0x3b60  [ F4D8F67474DDA4FEF3935393AAA0173F, 5EB1700895E33972816DE4C2B920769CCE5580B83CAB8B2D7A8A6264F3A42B80 ] USER_ESRV_SVC_WILLAMETTE C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
21:23:57.0249 0x3b60  USER_ESRV_SVC_WILLAMETTE - ok
21:23:57.0265 0x3b60  UsoSvc - ok
21:23:57.0265 0x3b60  VaultSvc - ok
21:23:57.0265 0x3b60  vdrvroot - ok
21:23:57.0281 0x3b60  vds - ok
21:23:57.0281 0x3b60  VerifierExt - ok
21:23:57.0281 0x3b60  vhdmp - ok
21:23:57.0299 0x3b60  vhf - ok
21:23:57.0306 0x3b60  [ ECF7DCB02A8E28C093F70E0AC8AB7EDC, DA1056480092E7CA13827333F23D7DB503299027E9BA860D79BB911771462522 ] VirtualButtons  C:\WINDOWS\System32\drivers\VirtualButtons.sys
21:23:57.0310 0x3b60  VirtualButtons - ok
21:23:57.0316 0x3b60  vmbus - ok
21:23:57.0321 0x3b60  VMBusHID - ok
21:23:57.0327 0x3b60  vmgid - ok
21:23:57.0333 0x3b60  vmicguestinterface - ok
21:23:57.0339 0x3b60  vmicheartbeat - ok
21:23:57.0344 0x3b60  vmickvpexchange - ok
21:23:57.0350 0x3b60  vmicrdv - ok
21:23:57.0355 0x3b60  vmicshutdown - ok
21:23:57.0359 0x3b60  vmictimesync - ok
21:23:57.0359 0x3b60  vmicvmsession - ok
21:23:57.0359 0x3b60  vmicvss - ok
21:23:57.0375 0x3b60  volmgr - ok
21:23:57.0375 0x3b60  volmgrx - ok
21:23:57.0375 0x3b60  volsnap - ok
21:23:57.0390 0x3b60  volume - ok
21:23:57.0390 0x3b60  vpci - ok
21:23:57.0390 0x3b60  vsmraid - ok
21:23:57.0410 0x3b60  VSS - ok
21:23:57.0411 0x3b60  VSTXRAID - ok
21:23:57.0411 0x3b60  vwifibus - ok
21:23:57.0411 0x3b60  vwififlt - ok
21:23:57.0427 0x3b60  vwifimp - ok
21:23:57.0427 0x3b60  W32Time - ok
21:23:57.0443 0x3b60  WacomPen - ok
21:23:57.0443 0x3b60  WalletService - ok
21:23:57.0443 0x3b60  wanarp - ok
21:23:57.0458 0x3b60  wanarpv6 - ok
21:23:57.0458 0x3b60  wbengine - ok
21:23:57.0474 0x3b60  WbioSrvc - ok
21:23:57.0474 0x3b60  wcifs - ok
21:23:57.0474 0x3b60  Wcmsvc - ok
21:23:57.0489 0x3b60  wcncsvc - ok
21:23:57.0489 0x3b60  wcnfs - ok
21:23:57.0507 0x3b60  WdBoot - ok
21:23:57.0512 0x3b60  Wdf01000 - ok
21:23:57.0512 0x3b60  WdFilter - ok
21:23:57.0512 0x3b60  WdiServiceHost - ok
21:23:57.0528 0x3b60  WdiSystemHost - ok
21:23:57.0528 0x3b60  wdiwifi - ok
21:23:57.0528 0x3b60  WdNisDrv - ok
21:23:57.0543 0x3b60  WdNisSvc - ok
21:23:57.0543 0x3b60  WebClient - ok
21:23:57.0543 0x3b60  Wecsvc - ok
21:23:57.0559 0x3b60  WEPHOSTSVC - ok
21:23:57.0559 0x3b60  wercplsupport - ok
21:23:57.0559 0x3b60  WerSvc - ok
21:23:57.0575 0x3b60  WFPLWFS - ok
21:23:57.0575 0x3b60  WiaRpc - ok
21:23:57.0590 0x3b60  WIMMount - ok
21:23:57.0590 0x3b60  WinDefend - ok
21:23:57.0608 0x3b60  WindowsTrustedRT - ok
21:23:57.0612 0x3b60  WindowsTrustedRTProxy - ok
21:23:57.0612 0x3b60  WinHttpAutoProxySvc - ok
21:23:57.0612 0x3b60  WinMad - ok
21:23:57.0628 0x3b60  Winmgmt - ok
21:23:57.0628 0x3b60  WinRM - ok
21:23:57.0643 0x3b60  WINUSB - ok
21:23:57.0643 0x3b60  WinVerbs - ok
21:23:57.0659 0x3b60  wisvc - ok
21:23:57.0659 0x3b60  WlanSvc - ok
21:23:57.0659 0x3b60  wlidsvc - ok
21:23:57.0675 0x3b60  WmiAcpi - ok
21:23:57.0675 0x3b60  wmiApSrv - ok
21:23:57.0690 0x3b60  WMPNetworkSvc - ok
21:23:57.0690 0x3b60  Wof - ok
21:23:57.0708 0x3b60  workfolderssvc - ok
21:23:57.0712 0x3b60  WPDBusEnum - ok
21:23:57.0712 0x3b60  WpdUpFltr - ok
21:23:57.0712 0x3b60  WpnService - ok
21:23:57.0728 0x3b60  WpnUserService - ok
21:23:57.0728 0x3b60  ws2ifsl - ok
21:23:57.0743 0x3b60  wscsvc - ok
21:23:57.0743 0x3b60  WSDPrintDevice - ok
21:23:57.0743 0x3b60  WSDScan - ok
21:23:57.0759 0x3b60  WSearch - ok
21:23:57.0759 0x3b60  wuauserv - ok
21:23:57.0774 0x3b60  WudfPf - ok
21:23:57.0774 0x3b60  WUDFRd - ok
21:23:57.0774 0x3b60  wudfsvc - ok
21:23:57.0790 0x3b60  WUDFWpdFs - ok
21:23:57.0790 0x3b60  WwanSvc - ok
21:23:57.0790 0x3b60  XblAuthManager - ok
21:23:57.0809 0x3b60  XblGameSave - ok
21:23:57.0812 0x3b60  xboxgip - ok
21:23:57.0812 0x3b60  XboxNetApiSvc - ok
21:23:57.0812 0x3b60  xinputhid - ok
21:23:57.0912 0x3b60  [ B429532039BAFD4A68AF0E7BC4CED6F8, 7CE6191793D3F58655F58CC2B0D201429AD883272E6565314B3F7B015B042076 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
21:23:57.0975 0x3b60  ZeroConfigService - ok
21:23:57.0991 0x3b60  ================ Scan global ===============================
21:23:58.0012 0x3b60  [ Global ] - ok
21:23:58.0012 0x3b60  ================ Scan MBR ==================================
21:23:58.0012 0x3b60  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:23:58.0012 0x3b60  \Device\Harddisk0\DR0 - ok
21:23:58.0012 0x3b60  ================ Scan VBR ==================================
21:23:58.0012 0x3b60  [ E2E9011F6E0461ECE7AA89D22FF94389 ] \Device\Harddisk0\DR0\Partition1
21:23:58.0028 0x3b60  \Device\Harddisk0\DR0\Partition1 - ok
21:23:58.0028 0x3b60  [ DEF6C6728B5003D22B175B9070DDEFEB ] \Device\Harddisk0\DR0\Partition2
21:23:58.0028 0x3b60  \Device\Harddisk0\DR0\Partition2 - ok
21:23:58.0028 0x3b60  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
21:23:58.0028 0x3b60  \Device\Harddisk0\DR0\Partition3 - ok
21:23:58.0028 0x3b60  [ B09D596D68D5E9C6D1E58BDD48743EA4 ] \Device\Harddisk0\DR0\Partition4
21:23:58.0028 0x3b60  \Device\Harddisk0\DR0\Partition4 - ok
21:23:58.0044 0x3b60  [ C704B38EE273FB3FE2221C3A885D325E ] \Device\Harddisk0\DR0\Partition5
21:23:58.0047 0x3b60  \Device\Harddisk0\DR0\Partition5 - ok
21:23:58.0050 0x3b60  [ 63B8FFBE2640E6B559B6A1AC573D479D ] \Device\Harddisk0\DR0\Partition6
21:23:58.0051 0x3b60  \Device\Harddisk0\DR0\Partition6 - ok
21:23:58.0054 0x3b60  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition7
21:23:58.0054 0x3b60  \Device\Harddisk0\DR0\Partition7 - ok
21:23:58.0056 0x3b60  ================ Scan generic autorun ======================
21:23:58.0266 0x3b60  [ 641B19018CB32619ADBD0AED4964E1D9, 4F85CD33E69A1EE9C145407E2FE28C0D6EAE0782576D656E583052A69677A910 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
21:23:58.0430 0x3b60  RTHDVCPL - ok
21:23:58.0483 0x3b60  [ BC5A40AEAC1CF7708D07CBC2F577F90B, A70B2C08CE007532739C60B474289459225D0554C8C5DA113DC649955BDC9DF6 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
21:23:58.0514 0x3b60  RtHDVBg_MA3Firmware - ok
21:23:58.0514 0x3b60  SynTPEnh - ok
21:23:58.0545 0x3b60  [ 48515EEA1608ECD83FE26C7490460F59, C7C552D13ED12B4165FDE45F69E170D4F18B746D84B3B08E7254AAF8D9671D0C ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
21:23:58.0545 0x3b60  AdobeAAMUpdater-1.0 - ok
21:23:58.0630 0x3b60  [ 97B56646285CB2655EE6C4D785D37ABB, 3EC7BA1EB35D7CCA999485AD0D80FF725405F26818BB554A48E2CD710EAB215E ] C:\Program Files\Dell\QuickSet\ResetTouch.exe
21:23:58.0683 0x3b60  ResetTouch - ok
21:23:58.0884 0x3b60  [ 984413781BE33244423C8033A2881B04, A2607D73BEEF28F14002141C2F71D7F515720BF1A31FA2EA8A44B6E255AE6907 ] C:\Program Files\Dell\QuickSet\QuickSet.exe
21:23:59.0046 0x3b60  QuickSet - ok
21:23:59.0078 0x3b60  [ 9C3F26DCA9142F16ED3D7EE8AB4E417D, 867AD96CB5738266E5BC93E424EA1673881C5F5FBF19C7B699F800C7206CA929 ] C:\Program Files\iTunes\iTunesHelper.exe
21:23:59.0083 0x3b60  iTunesHelper - ok
21:23:59.0084 0x3b60  Logitech Download Assistant - ok
21:23:59.0147 0x3b60  [ 18A7D576C182E67F73DB5E0E7AD284EC, 311C46B24603D425F7E2791D286E07E1DE9562374B337D47778403A9B31B642C ] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe
21:23:59.0200 0x3b60  Acrobat Assistant 8.0 - ok
21:23:59.0280 0x3b60  [ 3F5D2E9FCEB21C431C5BE074F0AD6FC1, E86E637B9F54C3448AFEDBF26A7E665FA4DEE91711712ED67E34469394A55393 ] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
21:23:59.0331 0x3b60  Adobe Creative Cloud - ok
21:23:59.0362 0x3b60  OneDriveSetup - ok
21:23:59.0362 0x3b60  OneDriveSetup - ok
21:23:59.0385 0x3b60  [ 1D7DD340E13DF9585EABB849CFC3E11B, 31CCD9753402DC030C641214B4ECB48A757BCD9F427A143A88745C62EFF87766 ] C:\Users\Ashley\AppData\Local\Microsoft\OneDrive\OneDrive.exe
21:23:59.0400 0x3b60  OneDrive - ok
21:23:59.0400 0x3b60  Lync - ok
21:23:59.0485 0x3b60  [ 501E808B5832505C51F539874E586353, 2F0C36BBB52052DD86E31BD7E0D3B7DD3BB7CF84E212900518E9CBE0C935DC43 ] C:\Program Files\HP\HP ENVY 5530 series\Bin\ScanToPCActivationApp.exe
21:23:59.0572 0x3b60  HP ENVY 5530 series (NET) - ok
21:23:59.0585 0x3b60  [ 2287DAEA100837E40232FD9053F635D8, 8E905B8BC72F8DD6C7C71A7E04CD8D8EC1E9AD2B77EF5A48E089E439A75043D6 ] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIIBE.EXE
21:23:59.0601 0x3b60  EPLTarget\P0000000000000000 - ok
21:23:59.0616 0x3b60  [ 8F82A4B65628FAAAD4064ABDDDB55DE9, 1FD71A9BB64CA72096D57402CDF19D1CCA652628476188FB862B44EE3ACE711C ] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
21:23:59.0648 0x3b60  GoogleChromeAutoLaunch_E21A55733DE47A9C91846541BA1A406D - ok
21:23:59.0648 0x3b60  Waiting for KSN requests completion. In queue: 81
21:24:00.0663 0x3b60  AV detected via SS2: Kaspersky Total Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\wmiav.exe ( 17.0.0.611 ), 0x41000 ( enabled : updated )
21:24:00.0680 0x3b60  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.14393.187 ), 0x62100 ( disabled : updated )
21:24:00.0682 0x3b60  FW detected via SS2: Kaspersky Total Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\wmiav.exe ( 17.0.0.611 ), 0x41010 ( enabled )
21:24:11.0079 0x3b60  ============================================================
21:24:11.0079 0x3b60  Scan finished
21:24:11.0080 0x3b60  ============================================================
21:24:11.0090 0x2688  Detected object count: 0
21:24:11.0090 0x2688  Actual detected object count: 0


#5 crunkkcar

crunkkcar
  • Topic Starter

  • Members
  • 56 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:01:29 PM

Posted 07 December 2016 - 12:29 AM

# AdwCleaner v6.040 - Logfile created 06/12/2016 at 21:28:14
# Updated on 02/12/2016 by Malwarebytes
# Database : 2016-12-04.1 [Local]
# Operating System : Windows 10 Pro  (X64)
# Username : Ashley - ASHLEYXPS
# Running from : C:\Users\Ashley\Desktop\AdwCleaner.exe
# Mode: Scan
 
 
 
***** [ Services ] *****
 
No malicious services found.
 
 
***** [ Folders ] *****
 
No malicious folders found.
 
 
***** [ Files ] *****
 
No malicious files found.
 
 
***** [ DLL ] *****
 
No malicious DLLs found.
 
 
***** [ WMI ] *****
 
No malicious keys found.
 
 
***** [ Shortcuts ] *****
 
No infected shortcut found.
 
 
***** [ Scheduled Tasks ] *****
 
No malicious task found.
 
 
***** [ Registry ] *****
 
Key Found:  HKU\S-1-5-21-1606907372-1565312641-48768637-1001\Software\Classes\AppXrh6feys59dqfzsv9p3s9p6aep0hwtb23
Key Found:  HKCU\Software\Classes\AppXrh6feys59dqfzsv9p3s9p6aep0hwtb23
Key Found:  [x64] HKCU\Software\Classes\AppXrh6feys59dqfzsv9p3s9p6aep0hwtb23
 
 
***** [ Web browsers ] *****
 
No malicious Firefox based browser items found.
No malicious Chromium based browser items found.
 
*************************
 
C:\AdwCleaner\AdwCleaner[C0].txt - [1385 Bytes] - [28/10/2016 11:24:29]
C:\AdwCleaner\AdwCleaner[C2].txt - [1537 Bytes] - [02/11/2016 16:04:15]
C:\AdwCleaner\AdwCleaner[C3].txt - [1758 Bytes] - [09/11/2016 04:48:48]
C:\AdwCleaner\AdwCleaner[C4].txt - [2130 Bytes] - [26/11/2016 16:05:11]
C:\AdwCleaner\AdwCleaner[S0].txt - [1413 Bytes] - [28/10/2016 11:23:31]
C:\AdwCleaner\AdwCleaner[S1].txt - [1309 Bytes] - [28/10/2016 11:28:00]
C:\AdwCleaner\AdwCleaner[S2].txt - [1382 Bytes] - [29/10/2016 23:49:56]
C:\AdwCleaner\AdwCleaner[S3].txt - [1613 Bytes] - [02/11/2016 16:03:16]
C:\AdwCleaner\AdwCleaner[S4].txt - [1829 Bytes] - [09/11/2016 04:48:18]
C:\AdwCleaner\AdwCleaner[S5].txt - [2133 Bytes] - [26/11/2016 16:04:12]
C:\AdwCleaner\AdwCleaner[S6].txt - [1893 Bytes] - [29/11/2016 16:58:16]
C:\AdwCleaner\AdwCleaner[S7].txt - [1966 Bytes] - [04/12/2016 08:25:17]
C:\AdwCleaner\AdwCleaner[S8].txt - [2085 Bytes] - [06/12/2016 21:28:14]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S8].txt - [2158 Bytes] ##########


#6 crunkkcar

crunkkcar
  • Topic Starter

  • Members
  • 56 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:01:29 PM

Posted 07 December 2016 - 12:36 AM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.9 (09.30.2016)
Operating System: Windows 10 Pro x64 
Ran by Ashley (Administrator) on Tue 12/06/2016 at 21:31:10.56
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
File System: 1 
 
Successfully deleted: C:\WINDOWS\system32\Tasks\PCDEventLauncherTask (Task)
 
 
 
Registry: 1 
 
Successfully deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_E21A55733DE47A9C91846541BA1A406D (Registry Value) 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 12/06/2016 at 21:33:47.83
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 


#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:29 PM

Posted 07 December 2016 - 10:55 AM

Hi, you have file damage and possible malware.. Roguekiller may have deleted something..

Please post that log with the FRST log in this guide in anew topic,start at step 6.

Please follow this Preparation Guide and post in a new topic.
Let me know if all went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 37,046 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:03:29 PM

Posted 07 December 2016 - 03:19 PM

Already existing log topic for this system located here: https://www.bleepingcomputer.com/forums/t/633723/svchostexe-virus-multiple-daily-bsod-and-wifi-disabling-and-enabling/ New FRST logs and Roguekiller logs posted in a reply to it.

~ OB :cherry:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Internet Security, NoScript Firefox ext.


animinionsmalltext.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users