Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I believe my dad has stuff installed on his computer that is bad


  • Please log in to reply
9 replies to this topic

#1 crazyisgood

crazyisgood

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:07:39 PM

Posted 13 June 2017 - 06:14 PM

He gets calls demanding money saying his computer has called people and I know they are lying just wondering if the computer has any unwanted stuff and how to find and remove it.

I see something called DWagent and Supremo and those seem fake.



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,556 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:39 PM

Posted 19 June 2017 - 04:11 PM

Hello, please run these scans.

[{img=]http://i.imgur.com/3Al62Pm.png]MiniToolBox
  • Please download MiniToolBox, save it to your desktop and run it.
  • Checkmark the following checkboxes:
    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP conf[iguration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
SXvL3ZF.pngTDSSKiller
  • Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is required, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
zcMPezJ.pngAdwCleaner
  • Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool. Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
lv0mVRW.pngJunkware Removal Tool
  • Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
And finally I'd like us to scan your machine with ESET OnlineScan:
  • It is recommended to turn off your antivirus program. Click on the E5rfZI9.png button to see which antivirus is currently enabled:
c4VVzVO.png
  • Turn off your antivirus program. See here how to do this.
  • Check the option beside: Enable detection of potentially unwanted applications.
  • Now click on Advanced Settings and make sure that the option Clean threats automatically is NOT checked, and select the following:
Enable detection of potentially unsafe applications
Enable detection of suspicious applications
Scan archives
Enable Anti-Stealth Technology
  • Click on the Change button and select only Operating memory, Autostart locations and drive C:\ to be scanned.
yKulboi.jpg
  • Push the dtoGjAL.png button.
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
8L8IBHJ.png
  • When the scan completes a list of found threats will open automatically (if any malicious files are found).
imxEgHt.png
  • Push thecRhRYZ8.png button and save the file to your desktop using a unique name, such as ESETScan.txt. Include the contents of this report in your next reply.
  • Push the 9IjfdXq.png button.
  • Check the box beside RHzfZB1.png to uninstall the application when closed.
  • Push Vc3btaC.png and the close the application clicking the X in upper right corner.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 crazyisgood

crazyisgood
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:07:39 PM

Posted 21 June 2017 - 12:11 AM

MiniToolbox

MiniToolBox by Farbar  Version: 17-06-2016
Ran by Richard (administrator) on 20-06-2017 at 21:54:03
Running from "C:\Users\Richard\Desktop"
Microsoft Windows 10 Home  (X64)
Model: XPS 8900 Manufacturer: Dell Inc.
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
========================= IP Configuration: ================================
 
Intel® Ethernet Connection (2) I219-V = Ethernet (Connected)
Dell Wireless 1801 802.11bgn = Wi-Fi (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global
set interface interface="Wi-Fi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 4" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Bluetooth Network Connection" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 3" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : DESKTOP-OE5229F
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : Home
 
Ethernet adapter Ethernet:
 
   Connection-specific DNS Suffix  . : Home
   Description . . . . . . . . . . . : Intel® Ethernet Connection (2) I219-V
   Physical Address. . . . . . . . . : 18-66-DA-2C-83-7D
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::15e8:84f6:bbf8:8737%14(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.0.2(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Tuesday, June 20, 2017 9:33:31 AM
   Lease Expires . . . . . . . . . . : Wednesday, June 21, 2017 9:50:09 PM
   Default Gateway . . . . . . . . . : 192.168.0.1
   DHCP Server . . . . . . . . . . . : 192.168.0.1
   DHCPv6 IAID . . . . . . . . . . . : 51930842
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1F-45-02-AB-18-66-DA-2C-83-7D
   DNS Servers . . . . . . . . . . . : 192.168.0.1
                                       205.171.3.25
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Wireless LAN adapter Wi-Fi:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Dell Wireless 1801 802.11bgn
   Physical Address. . . . . . . . . : B0-C0-90-B8-D0-3B
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Local Area Connection* 4:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter #2
   Physical Address. . . . . . . . . : B2-C0-90-B8-D0-3B
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Ethernet adapter Bluetooth Network Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
   Physical Address. . . . . . . . . : B0-C0-90-B8-D0-3C
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:953c:14ee:3fc6:479b:7dd8(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::14ee:3fc6:479b:7dd8%10(Preferred) 
   Default Gateway . . . . . . . . . : ::
   DHCPv6 IAID . . . . . . . . . . . : 385875968
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1F-45-02-AB-18-66-DA-2C-83-7D
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  modem.Home
Address:  192.168.0.1
 
Name:    google.com
Addresses:  2607:f8b0:400a:809::200e
 172.217.3.206
 
 
Pinging google.com [172.217.3.206] with 32 bytes of data:
Reply from 172.217.3.206: bytes=32 time=74ms TTL=56
Reply from 172.217.3.206: bytes=32 time=28ms TTL=56
 
Ping statistics for 172.217.3.206:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 28ms, Maximum = 74ms, Average = 51ms
Server:  modem.Home
Address:  192.168.0.1
 
Name:    yahoo.com
Addresses:  2001:4998:44:204::a7
 2001:4998:c:a06::2:4008
 2001:4998:58:c02::a9
 98.138.253.109
 206.190.36.45
 98.139.180.149
 
 
Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=81ms TTL=53
Reply from 206.190.36.45: bytes=32 time=15ms TTL=53
 
Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 15ms, Maximum = 81ms, Average = 48ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=11ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 11ms, Average = 5ms
===========================================================================
Interface List
 14...18 66 da 2c 83 7d ......Intel® Ethernet Connection (2) I219-V
  4...b0 c0 90 b8 d0 3b ......Dell Wireless 1801 802.11bgn
 15...b2 c0 90 b8 d0 3b ......Microsoft Wi-Fi Direct Virtual Adapter #2
  7...b0 c0 90 b8 d0 3c ......Bluetooth Device (Personal Area Network)
  1...........................Software Loopback Interface 1
 10...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.0.1      192.168.0.2     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    331
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    331
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    331
      192.168.0.0    255.255.255.0         On-link       192.168.0.2    281
      192.168.0.2  255.255.255.255         On-link       192.168.0.2    281
    192.168.0.255  255.255.255.255         On-link       192.168.0.2    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    331
        224.0.0.0        240.0.0.0         On-link       192.168.0.2    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    331
  255.255.255.255  255.255.255.255         On-link       192.168.0.2    281
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 10    331 ::/0                     On-link
  1    331 ::1/128                  On-link
 10    331 2001::/32                On-link
 10    331 2001:0:9d38:953c:14ee:3fc6:479b:7dd8/128
                                    On-link
 14    281 fe80::/64                On-link
 10    331 fe80::/64                On-link
 10    331 fe80::14ee:3fc6:479b:7dd8/128
                                    On-link
 14    281 fe80::15e8:84f6:bbf8:8737/128
                                    On-link
  1    331 ff00::/8                 On-link
 14    281 ff00::/8                 On-link
 10    331 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\WINDOWS\SysWOW64\napinsp.dll [54784] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70144] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70144] (Microsoft Corporation)
Catalog5 04 C:\WINDOWS\SysWOW64\NLAapi.dll [63488] (Microsoft Corporation)
Catalog5 05 C:\WINDOWS\SysWOW64\mswsock.dll [305568] (Microsoft Corporation)
Catalog5 06 C:\WINDOWS\SysWOW64\winrnr.dll [23040] (Microsoft Corporation)
Catalog5 07 C:\WINDOWS\SysWOW64\wshbth.dll [50688] (Microsoft Corporation)
Catalog9 01 C:\WINDOWS\SysWOW64\mswsock.dll [305568] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\SysWOW64\mswsock.dll [305568] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\SysWOW64\mswsock.dll [305568] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\SysWOW64\mswsock.dll [305568] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\SysWOW64\mswsock.dll [305568] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\SysWOW64\mswsock.dll [305568] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\SysWOW64\mswsock.dll [305568] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\SysWOW64\mswsock.dll [305568] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\SysWOW64\mswsock.dll [305568] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\SysWOW64\mswsock.dll [305568] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\SysWOW64\mswsock.dll [305568] (Microsoft Corporation)
Catalog9 12 C:\WINDOWS\SysWOW64\mswsock.dll [305568] (Microsoft Corporation)
Catalog9 13 C:\WINDOWS\SysWOW64\mswsock.dll [305568] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [66560] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [85504] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [85504] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [79872] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [358600] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [31232] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [63488] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [358600] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [358600] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [358600] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [358600] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [358600] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [358600] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [358600] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [358600] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [358600] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [358600] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [358600] (Microsoft Corporation)
x64-Catalog9 12 C:\Windows\System32\mswsock.dll [358600] (Microsoft Corporation)
x64-Catalog9 13 C:\Windows\System32\mswsock.dll [358600] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (06/20/2017 09:50:09 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: DESKTOP-OE5229F)
Description: Activation of app Microsoft.BingWeather_8wekyb3d8bbwe!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (06/20/2017 08:11:01 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: DESKTOP-OE5229F)
Description: Activation of app Microsoft.BingWeather_8wekyb3d8bbwe!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (06/20/2017 07:50:20 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: DESKTOP-OE5229F)
Description: Activation of app Microsoft.BingWeather_8wekyb3d8bbwe!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (06/20/2017 07:10:54 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: DESKTOP-OE5229F)
Description: Activation of app Microsoft.BingWeather_8wekyb3d8bbwe!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (06/20/2017 06:42:02 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: DESKTOP-OE5229F)
Description: Activation of app Microsoft.BingWeather_8wekyb3d8bbwe!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (06/20/2017 06:09:39 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: DESKTOP-OE5229F)
Description: Activation of app Microsoft.BingWeather_8wekyb3d8bbwe!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (06/20/2017 06:08:34 PM) (Source: Dell System Detect) (User: )
Description: <Exception><Type>System.Xml.XmlException</Type><Message><![CDATA[The '/' character, hexadecimal value 0x2F, cannot be included in a name.]]></Message><Source><![CDATA[System.Xml]]></Source><StackTrace><![CDATA[   at System.Xml.XmlDocument.CheckName(String name)
   at System.Xml.XmlElement..ctor(XmlName name, Boolean empty, XmlDocument doc)
   at System.Xml.XmlDocument.CreateElement(String prefix, String localName, String namespaceURI)
   at System.Xml.XmlDocument.CreateElement(String name)
   at eSupport.Common.Client.Core.LastUpdatedHelper.SetLastUpdatedValue(String type, String value)]]></StackTrace><SysInfo STag="48VLQD2" SMBIOSMajVer="2" SMBIOSMinVer="8" SMBIOSBIOSVer="2.1.5" SMBIOSPresent="True" Rel_Date="20160506000000.000000+000" DSDVersion="" Vendor="Dell Inc." PName="XPS 8900" Ident_Num="DESKTOP-OE5229F" TimeZone="(UTC-08:00) Pacific Time (US & Canada)" OSName="Microsoft Windows 10 Home"/><Method>UpdateLastUpdatedConfig</Method><HostIP>192.168.0.2</HostIP></Exception>
 
Error: (06/20/2017 06:08:34 PM) (Source: Dell System Detect) (User: )
Description: <Exception><Type>System.Xml.XmlException</Type><Message><![CDATA[The '/' character, hexadecimal value 0x2F, cannot be included in a name.]]></Message><Source><![CDATA[System.Xml]]></Source><StackTrace><![CDATA[   at System.Xml.XmlDocument.CheckName(String name)
   at System.Xml.XmlElement..ctor(XmlName name, Boolean empty, XmlDocument doc)
   at System.Xml.XmlDocument.CreateElement(String prefix, String localName, String namespaceURI)
   at System.Xml.XmlDocument.CreateElement(String name)
   at eSupport.Common.Client.Core.LastUpdatedHelper.SetLastUpdatedValue(String type, String value)]]></StackTrace><SysInfo STag="48VLQD2" SMBIOSMajVer="2" SMBIOSMinVer="8" SMBIOSBIOSVer="2.1.5" SMBIOSPresent="True" Rel_Date="20160506000000.000000+000" DSDVersion="" Vendor="Dell Inc." PName="XPS 8900" Ident_Num="DESKTOP-OE5229F" TimeZone="(UTC-08:00) Pacific Time (US & Canada)" OSName="Microsoft Windows 10 Home"/><Method>UpdateLastUpdatedConfig</Method><HostIP>192.168.0.2</HostIP></Exception>
 
Error: (06/20/2017 05:42:41 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: DESKTOP-OE5229F)
Description: Activation of app Microsoft.BingWeather_8wekyb3d8bbwe!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (06/20/2017 05:11:01 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: DESKTOP-OE5229F)
Description: Activation of app Microsoft.BingWeather_8wekyb3d8bbwe!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
 
System errors:
=============
Error: (06/20/2017 09:50:00 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (06/20/2017 04:33:51 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (06/20/2017 01:32:39 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (06/20/2017 09:38:55 AM) (Source: Service Control Manager) (User: )
Description: The Interactive Services Detection service terminated with the following error: 
%%1 = Incorrect function.
 
 
Error: (06/20/2017 09:33:27 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalActivation{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (06/20/2017 09:33:27 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalActivation{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (06/19/2017 07:53:30 AM) (Source: DCOM) (User: DESKTOP-OE5229F)
Description: {0002DF02-0000-0000-C000-000000000046}
 
Error: (06/19/2017 07:53:30 AM) (Source: DCOM) (User: DESKTOP-OE5229F)
Description: {0002DF02-0000-0000-C000-000000000046}
 
Error: (06/19/2017 07:44:01 AM) (Source: Service Control Manager) (User: )
Description: The Interactive Services Detection service terminated with the following error: 
%%1 = Incorrect function.
 
 
Error: (06/19/2017 07:33:38 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
 
 
Microsoft Office Sessions:
=========================
Error: (06/20/2017 09:50:09 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: DESKTOP-OE5229F)
Description: Microsoft.BingWeather_8wekyb3d8bbwe!App-2144927148
 
Error: (06/20/2017 08:11:01 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: DESKTOP-OE5229F)
Description: Microsoft.BingWeather_8wekyb3d8bbwe!App-2144927148
 
Error: (06/20/2017 07:50:20 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: DESKTOP-OE5229F)
Description: Microsoft.BingWeather_8wekyb3d8bbwe!App-2144927148
 
Error: (06/20/2017 07:10:54 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: DESKTOP-OE5229F)
Description: Microsoft.BingWeather_8wekyb3d8bbwe!App-2144927148
 
Error: (06/20/2017 06:42:02 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: DESKTOP-OE5229F)
Description: Microsoft.BingWeather_8wekyb3d8bbwe!App-2144927148
 
Error: (06/20/2017 06:09:39 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: DESKTOP-OE5229F)
Description: Microsoft.BingWeather_8wekyb3d8bbwe!App-2144927148
 
Error: (06/20/2017 06:08:34 PM) (Source: Dell System Detect)(User: )
Description: <Exception><Type>System.Xml.XmlException</Type><Message><![CDATA[The '/' character, hexadecimal value 0x2F, cannot be included in a name.]]></Message><Source><![CDATA[System.Xml]]></Source><StackTrace><![CDATA[   at System.Xml.XmlDocument.CheckName(String name)
   at System.Xml.XmlElement..ctor(XmlName name, Boolean empty, XmlDocument doc)
   at System.Xml.XmlDocument.CreateElement(String prefix, String localName, String namespaceURI)
   at System.Xml.XmlDocument.CreateElement(String name)
   at eSupport.Common.Client.Core.LastUpdatedHelper.SetLastUpdatedValue(String type, String value)]]></StackTrace><SysInfo STag="48VLQD2" SMBIOSMajVer="2" SMBIOSMinVer="8" SMBIOSBIOSVer="2.1.5" SMBIOSPresent="True" Rel_Date="20160506000000.000000+000" DSDVersion="" Vendor="Dell Inc." PName="XPS 8900" Ident_Num="DESKTOP-OE5229F" TimeZone="(UTC-08:00) Pacific Time (US & Canada)" OSName="Microsoft Windows 10 Home"/><Method>UpdateLastUpdatedConfig</Method><HostIP>192.168.0.2</HostIP></Exception>
 
Error: (06/20/2017 06:08:34 PM) (Source: Dell System Detect)(User: )
Description: <Exception><Type>System.Xml.XmlException</Type><Message><![CDATA[The '/' character, hexadecimal value 0x2F, cannot be included in a name.]]></Message><Source><![CDATA[System.Xml]]></Source><StackTrace><![CDATA[   at System.Xml.XmlDocument.CheckName(String name)
   at System.Xml.XmlElement..ctor(XmlName name, Boolean empty, XmlDocument doc)
   at System.Xml.XmlDocument.CreateElement(String prefix, String localName, String namespaceURI)
   at System.Xml.XmlDocument.CreateElement(String name)
   at eSupport.Common.Client.Core.LastUpdatedHelper.SetLastUpdatedValue(String type, String value)]]></StackTrace><SysInfo STag="48VLQD2" SMBIOSMajVer="2" SMBIOSMinVer="8" SMBIOSBIOSVer="2.1.5" SMBIOSPresent="True" Rel_Date="20160506000000.000000+000" DSDVersion="" Vendor="Dell Inc." PName="XPS 8900" Ident_Num="DESKTOP-OE5229F" TimeZone="(UTC-08:00) Pacific Time (US & Canada)" OSName="Microsoft Windows 10 Home"/><Method>UpdateLastUpdatedConfig</Method><HostIP>192.168.0.2</HostIP></Exception>
 
Error: (06/20/2017 05:42:41 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: DESKTOP-OE5229F)
Description: Microsoft.BingWeather_8wekyb3d8bbwe!App-2144927148
 
Error: (06/20/2017 05:11:01 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: DESKTOP-OE5229F)
Description: Microsoft.BingWeather_8wekyb3d8bbwe!App-2144927148
 
 
CodeIntegrity Errors:
===================================
  Date: 2017-06-20 16:38:07.987
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
 
  Date: 2017-06-20 09:35:07.452
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
 
  Date: 2017-06-20 09:34:48.432
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
 
  Date: 2017-06-20 09:34:43.069
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
 
  Date: 2017-06-20 09:34:29.147
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
 
  Date: 2017-06-20 09:34:28.472
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
 
  Date: 2017-06-18 10:35:44.566
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
 
  Date: 2017-06-18 10:35:38.050
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
 
  Date: 2017-06-18 10:15:33.134
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
 
  Date: 2017-06-18 10:15:01.381
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
 
 
=========================== Installed Programs ============================
 
Alcor Micro USB Card Reader Driver  (HKLM-x32\...\{2282AFD7-5074-4BC6-B1F7-205AAC8F6AC9}) (Version: 18.6.1844.34416 - Alcor Micro Corp.) Hidden
Alcor Micro USB Card Reader Driver  (HKLM-x32\...\InstallShield_{2282AFD7-5074-4BC6-B1F7-205AAC8F6AC9}) (Version: 18.6.1844.34416 - Alcor Micro Corp.)
Canon Utilities CameraWindow DC 8 (HKLM-x32\...\CameraWindowDC) (Version: 8.10.7.32 - Canon Inc.)
Canon Utilities Map Utility (HKLM-x32\...\Map Utility Parent) (Version: 1.8.1.2 - Canon Inc.)
Canon Utilities Uploader for CANON iMAGE GATEWAY (HKLM-x32\...\Uploader for CANON iMAGE GATEWAY Plugin) (Version: 10.0.1.2 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.26 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 12 - CyberLink Corp.)
Dell Customer Connect (HKLM-x32\...\{4FA72FF9-DD64-43A8-8704-6380A11F11D5}) (Version: 1.4.15.0 - Dell Inc.)
Dell Data Vault (HKLM\...\{2E55EEFD-2162-4A7D-9158-EDB0305603A6}) (Version: 4.4.2.0 - Dell Inc.) Hidden
Dell Digital Delivery (HKLM-x32\...\{AB7F2792-2ED1-4C5C-9F28-680E5110BF72}) (Version: 3.1.1018.0 - Dell Products, LP)
Dell Foundation Services (HKLM\...\{BDB50421-E961-42F3-B803-6DAC6F173834}) (Version: 3.4.16100.0 - Dell Inc.)
Dell Help & Support (HKLM\...\{E8669F4E-F2BE-48A9-B5A5-0BC12CA4CB4F}) (Version: 2.4.18.0 - Dell Inc.) Hidden
Dell Help & Support (HKLM-x32\...\InstallShield_{E8669F4E-F2BE-48A9-B5A5-0BC12CA4CB4F}) (Version: 2.4.18.0 - Dell Inc.)
Dell Product Registration (HKLM-x32\...\InstallShield_{85B14AE3-1624-45BE-942B-A528DF6F1CCE}) (Version: 3.0.123.0 - Dell Inc.)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.3.6855.212 - Dell)
Dell SupportAssistAgent (HKLM-x32\...\{A10101BE-714B-42EE-B88B-5D3725B61425}) (Version: 1.4.2.2 - Dell)
Dell Update - SupportAssist Update Plugin (HKLM\...\{EEA45885-F3E3-4E7D-8435-E9C21D36C141}) (Version: 3.0.0.2840 - Dell Inc.)
Dell Update (HKLM-x32\...\{FB198E80-F1AB-4A6F-B3E3-F7442FC91FD2}) (Version: 1.9.4.0 - Dell Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 27.4.22 - Dropbox, Inc.)
Dropbox 20 GB (HKLM-x32\...\{84D8451D-2ED6-3A59-ABA5-2A447F7C6310}) (Version: 4.1.2.0 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.65.1 - Dropbox, Inc.) Hidden
DWAgent (HKLM\...\DWAgent) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.110 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{fb610cea-ba50-4d4b-a717-cf025419035c}) (Version: 10.1.1.13 - Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1167 - Intel Corporation)
Intel® Network Connections Drivers (HKLM\...\PROSet) (Version: 20.2 - Intel)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4534 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.1.1043 - Intel Corporation)
Intel® Ready Mode Technology (HKLM\...\{7331913F-E841-469A-B151-1046F1889E7B}) (Version: 1.1.70.518 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Malwarebytes version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.6.8006.3 - Waves Audio Ltd.) Hidden
McAfee LiveSafe (HKLM-x32\...\MSC) (Version: 14.0 R13 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.139 - McAfee, Inc.)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.8201.2102 - Microsoft Corporation)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.3.6917.0607 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
NewBlue Video Essentials for Windows (HKLM-x32\...\NewBlue Video Essentials for Windows) (Version: 3.0 - NewBlue)
NVIDIA 3D Vision Controller Driver 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 353.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.82 - NVIDIA Corporation)
NVIDIA Graphics Driver 353.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.82 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.8201.2102 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.8201.2102 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.8201.2102 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.8201.2075 - Microsoft Corporation) Hidden
proDAD Adorage 3.0 (HKLM-x32\...\proDAD-Adorage-3.0) (Version: 3.0.114.1 - proDAD GmbH)
Product Registration (HKLM\...\{85B14AE3-1624-45BE-942B-A528DF6F1CCE}) (Version: 3.0.123.0 - Dell Inc.) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7737 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN and Bluetooth Driver (HKLM-x32\...\{6BFBB929-C278-42B3-8065-FF1178E071B8}) (Version: 13.221.243 - REALTEK Semiconductor Corp.)
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
Windows 10 Upgrade Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17376 - Microsoft Corporation)
 
========================= Memory info: ===================================
 
Percentage of memory in use: 28%
Total physical RAM: 16282.83 MB
Available physical RAM: 11681.32 MB
Total Virtual: 18714.83 MB
Available Virtual: 12226.05 MB
 
========================= Partitions: =====================================
 
1 Drive c: (OS) (Fixed) (Total:917.36 GB) (Free:868.02 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\DESKTOP-OE5229F
 
Administrator            DefaultAccount           Guest                    
Richard                  
 
 
**** End of log ****
 
TDSSKILLER
21:55:42.0809 0x33f4  TDSS rootkit removing tool 3.1.0.15 Apr 18 2017 11:34:02
21:55:42.0809 0x33f4  UEFI system
21:55:45.0960 0x33f4  ============================================================
21:55:45.0960 0x33f4  Current date / time: 2017/06/20 21:55:45.0960
21:55:45.0960 0x33f4  SystemInfo:
21:55:45.0961 0x33f4  
21:55:45.0961 0x33f4  OS Version: 10.0.15063 ServicePack: 0.0
21:55:45.0961 0x33f4  Product type: Workstation
21:55:45.0961 0x33f4  ComputerName: DESKTOP-OE5229F
21:55:45.0961 0x33f4  UserName: Richard
21:55:45.0961 0x33f4  Windows directory: C:\WINDOWS
21:55:45.0961 0x33f4  System windows directory: C:\WINDOWS
21:55:45.0961 0x33f4  Running under WOW64
21:55:45.0961 0x33f4  Processor architecture: Intel x64
21:55:45.0961 0x33f4  Number of processors: 8
21:55:45.0961 0x33f4  Page size: 0x1000
21:55:45.0961 0x33f4  Boot type: Normal boot
21:55:45.0961 0x33f4  CodeIntegrityOptions = 0x00000001
21:55:45.0961 0x33f4  ============================================================
21:55:46.0298 0x33f4  KLMD registered as C:\WINDOWS\system32\drivers\52318667.sys
21:55:46.0298 0x33f4  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 15063.0, osProperties = 0x19
21:55:46.0672 0x33f4  System UUID: {23A713FD-6B91-3DDA-7B82-D05E336CADD9}
21:55:47.0219 0x33f4  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:55:47.0240 0x33f4  ============================================================
21:55:47.0240 0x33f4  \Device\Harddisk0\DR0:
21:55:47.0240 0x33f4  GPT partitions:
21:55:47.0241 0x33f4  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {A47521DE-0A05-4EDB-A55D-01F621B935C7}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0xFA000
21:55:47.0241 0x33f4  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {E047DF3F-75E8-4736-AF9E-4E5C9DFEDCFF}, Name: Microsoft reserved partition, StartLBA 0xFA800, BlocksNum 0x40000
21:55:47.0241 0x33f4  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {A3FDE55C-3C8C-41AF-BDA1-727B6E94CCF0}, Name: Basic data partition, StartLBA 0x13A800, BlocksNum 0x72AB8800
21:55:47.0241 0x33f4  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {619028EF-9150-4433-9E6A-95E39803A20B}, Name: , StartLBA 0x72BF3000, BlocksNum 0xE1000
21:55:47.0241 0x33f4  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {3CBAAE17-867A-4A49-B7B2-AF42C08B9A40}, Name: , StartLBA 0x72CD4000, BlocksNum 0x1A32800
21:55:47.0241 0x33f4  MBR partitions:
21:55:47.0241 0x33f4  ============================================================
21:55:47.0254 0x33f4  C: <-> \Device\Harddisk0\DR0\Partition3
21:55:47.0254 0x33f4  ============================================================
21:55:47.0254 0x33f4  Initialize success
21:55:47.0254 0x33f4  ============================================================
21:55:51.0923 0x0318  ============================================================
21:55:51.0923 0x0318  Scan started
21:55:51.0923 0x0318  Mode: Manual; 
21:55:51.0923 0x0318  ============================================================
21:55:51.0923 0x0318  KSN ping started
21:55:52.0249 0x0318  KSN ping finished: true
21:55:54.0599 0x0318  ================ Scan system memory ========================
21:55:54.0599 0x0318  System memory - ok
21:55:54.0600 0x0318  ================ Scan services =============================
21:55:54.0700 0x0318  1394ohci - ok
21:55:54.0702 0x0318  3ware - ok
21:55:54.0705 0x0318  ACPI - ok
21:55:54.0707 0x0318  AcpiDev - ok
21:55:54.0710 0x0318  acpiex - ok
21:55:54.0712 0x0318  acpipagr - ok
21:55:54.0727 0x0318  AcpiPmi - ok
21:55:54.0730 0x0318  acpitime - ok
21:55:54.0734 0x0318  ADP80XX - ok
21:55:54.0737 0x0318  AFD - ok
21:55:54.0739 0x0318  ahcache - ok
21:55:54.0750 0x0318  AJRouter - ok
21:55:54.0766 0x0318  ALG - ok
21:55:54.0771 0x0318  AmdK8 - ok
21:55:54.0776 0x0318  AmdPPM - ok
21:55:54.0780 0x0318  amdsata - ok
21:55:54.0783 0x0318  amdsbs - ok
21:55:54.0785 0x0318  amdxata - ok
21:55:54.0811 0x0318  [ 7DAFE5E55DB412E3169B363766C0EC38, 36C6A1C10158E2B3720C74AD936E0FF28E843A08D6F511B9C0E64978408CDD58 ] AmUStor         C:\WINDOWS\system32\drivers\AmUStor.SYS
21:55:54.0812 0x0318  AmUStor - ok
21:55:54.0821 0x0318  AppID - ok
21:55:54.0824 0x0318  AppIDSvc - ok
21:55:54.0826 0x0318  Appinfo - ok
21:55:54.0829 0x0318  applockerfltr - ok
21:55:54.0850 0x0318  AppReadiness - ok
21:55:54.0852 0x0318  AppXSvc - ok
21:55:54.0855 0x0318  arcsas - ok
21:55:54.0857 0x0318  AsyncMac - ok
21:55:54.0868 0x0318  atapi - ok
21:55:54.0870 0x0318  AudioEndpointBuilder - ok
21:55:54.0872 0x0318  Audiosrv - ok
21:55:54.0874 0x0318  AxInstSV - ok
21:55:54.0877 0x0318  b06bdrv - ok
21:55:54.0879 0x0318  BasicDisplay - ok
21:55:54.0882 0x0318  BasicRender - ok
21:55:54.0885 0x0318  bcmfn2 - ok
21:55:54.0887 0x0318  BDESVC - ok
21:55:54.0890 0x0318  Beep - ok
21:55:54.0910 0x0318  BFE - ok
21:55:54.0921 0x0318  BITS - ok
21:55:54.0923 0x0318  bowser - ok
21:55:54.0926 0x0318  BrokerInfrastructure - ok
21:55:54.0928 0x0318  Browser - ok
21:55:54.0974 0x0318  [ BE50CB0BA56D1D1ADF6924DD940D277C, 9AB470ABAC65429E59AD76D455B2F710C8CE0D10744CC0E64925B807FB0D4E00 ] BTDevManager    C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
21:55:54.0978 0x0318  BTDevManager - ok
21:55:54.0981 0x0318  BthAvrcpTg - ok
21:55:55.0000 0x0318  BthEnum - ok
21:55:55.0003 0x0318  BthHFEnum - ok
21:55:55.0006 0x0318  bthhfhid - ok
21:55:55.0014 0x0318  BthHFSrv - ok
21:55:55.0020 0x0318  BthLEEnum - ok
21:55:55.0023 0x0318  BTHMODEM - ok
21:55:55.0033 0x0318  BthPan - ok
21:55:55.0035 0x0318  BTHPORT - ok
21:55:55.0038 0x0318  bthserv - ok
21:55:55.0041 0x0318  BTHUSB - ok
21:55:55.0043 0x0318  buttonconverter - ok
21:55:55.0046 0x0318  CAD - ok
21:55:55.0048 0x0318  CapImg - ok
21:55:55.0050 0x0318  cdfs - ok
21:55:55.0057 0x0318  CDPSvc - ok
21:55:55.0066 0x0318  CDPUserSvc - ok
21:55:55.0093 0x0318  cdrom - ok
21:55:55.0095 0x0318  CertPropSvc - ok
21:55:55.0113 0x0318  [ 515FAA4CABCBB83347205119E57868C8, 8E008E87E4DD223E1F4262C08E65439D6C02894F69A1A7DD07530044A0B6CE16 ] cfwids          C:\WINDOWS\system32\drivers\cfwids.sys
21:55:55.0114 0x0318  cfwids - ok
21:55:55.0117 0x0318  cht4iscsi - ok
21:55:55.0119 0x0318  cht4vbd - ok
21:55:55.0121 0x0318  circlass - ok
21:55:55.0123 0x0318  CldFlt - ok
21:55:55.0127 0x0318  CLFS - ok
21:55:55.0248 0x0318  [ E015222E03ABAE7B92ABF18FB007269E, 94049E330A21BA238E3DA7E8EBE5B4358B9F68011B6847859900FED706ED4669 ] ClickToRunSvc   C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
21:55:55.0292 0x0318  ClickToRunSvc - ok
21:55:55.0376 0x0318  [ 85F31D4986E81CF3E78A5E2442C8F7AF, B6E6233D63A2C3E7AF0A9BBB62799159BF96C0F0EEBBC9B523BD227CC7A746B3 ] ClientAnalyticsService C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe
21:55:55.0394 0x0318  ClientAnalyticsService - ok
21:55:55.0398 0x0318  ClipSVC - ok
21:55:55.0400 0x0318  clreg - ok
21:55:55.0428 0x0318  [ 5C646CAC91E086F7FF53C7F2E857F263, 67AF6FBF88B7EE530A9BA53833EAFCC78BF8362E82BF81180858F1D17DFC73E6 ] CLVirtualDrive  C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys
21:55:55.0430 0x0318  CLVirtualDrive - ok
21:55:55.0432 0x0318  CmBatt - ok
21:55:55.0434 0x0318  CNG - ok
21:55:55.0436 0x0318  cnghwassist - ok
21:55:55.0469 0x0318  CompositeBus - ok
21:55:55.0471 0x0318  COMSysApp - ok
21:55:55.0473 0x0318  condrv - ok
21:55:55.0484 0x0318  CoreMessagingRegistrar - ok
21:55:55.0540 0x0318  [ CBAEDE8863B08AD7CED462D99755CB3C, DA58A99359A015D257290E3F6ED019A3C5F3B4B7265FBB94BB87FAD40506AA32 ] cphs            C:\WINDOWS\System32\DriverStore\FileRepository\ki120120.inf_amd64_c5da1f413bf423ab\IntelCpHeciSvc.exe
21:55:55.0544 0x0318  cphs - ok
21:55:55.0553 0x0318  [ E318D4FC857CF0D134E5E72080454F6C, 3C62CA36061028C56315F5FBDEEE50B74901734CE83BF899D3D49DDF75F4F714 ] cplspcon        C:\WINDOWS\System32\DriverStore\FileRepository\ki120120.inf_amd64_c5da1f413bf423ab\IntelCpHDCPSvc.exe
21:55:55.0559 0x0318  cplspcon - ok
21:55:55.0570 0x0318  CryptSvc - ok
21:55:55.0574 0x0318  dam - ok
21:55:55.0610 0x0318  [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdate        C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
21:55:55.0612 0x0318  dbupdate - ok
21:55:55.0616 0x0318  [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdatem       C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
21:55:55.0618 0x0318  dbupdatem - ok
21:55:55.0632 0x0318  [ 26C0B1EE8C7B5AE2548DE0021EA94056, EDFB0A611FA3F85B5479533394AB12982095698A348E5DE8F8F764574CA355A2 ] DbxSvc          C:\WINDOWS\system32\DbxSvc.exe
21:55:55.0636 0x0318  DbxSvc - ok
21:55:55.0650 0x0318  DcomLaunch - ok
21:55:55.0666 0x0318  [ A9DD971DDC793C549AFB97A6DDBD76B6, 5E35F4FFF5DC09A122DB93B760E13538AC5B6034EF72DB544815B3C6CD42DDD4 ] DDDriver        C:\WINDOWS\system32\drivers\DDDriver64Dcsa.sys
21:55:55.0667 0x0318  DDDriver - ok
21:55:55.0679 0x0318  defragsvc - ok
21:55:55.0718 0x0318  [ 04D91223860DB9B4169909A01CD66819, 0B598306E99BF9AF036908C9333D34A81F7A9FF292213A9EB583F3F4C8FE2CB1 ] Dell Customer Connect C:\Program Files (x86)\Dell Customer Connect\DCCService.exe
21:55:55.0721 0x0318  Dell Customer Connect - ok
21:55:55.0765 0x0318  [ 802FC4E1B3E24185C731C81CD629F41D, FDA38B16E3D8CB1C6D7621AAD25663B954B7015F21F84524DAE2BB04923A996F ] Dell Foundation Services C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe
21:55:55.0770 0x0318  Dell Foundation Services - ok
21:55:55.0793 0x0318  [ 498A482C902D492F2C053CCC3DA91A53, 43A675FB345610F8FDB209310EB1D1509643BF45ACCFDD9E160D97FC31B77A1E ] Dell Help & Support C:\Program Files\Dell\Dell Help & Support\MDLCSvc.exe
21:55:55.0794 0x0318  Dell Help & Support - ok
21:55:55.0864 0x0318  [ 1D2713C2FA0ECD678D4EDD82EBD1304E, A0A3EFA6B790DE8FA5512AAA230790426456B9E872F0D53D93DC46833E719861 ] DellDataVault   C:\Program Files\Dell\DellDataVault\DellDataVault.exe
21:55:55.0892 0x0318  DellDataVault - ok
21:55:55.0917 0x0318  [ 699D809B344E96FE64772C16B7708004, F10221F60348805829AE76D0892055FECBB1D17249E3F10A0E1CB862E618E5A1 ] DellDataVaultWiz C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
21:55:55.0920 0x0318  DellDataVaultWiz - ok
21:55:55.0966 0x0318  [ 58F416B0E25755C3EE1FC754A5EDE1FC, DD5658C3AA4F019A30A76C2EEFA4DF9DDCE2A9425CC93D8EC870521D17D172EA ] DellDigitalDelivery c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
21:55:55.0971 0x0318  DellDigitalDelivery - ok
21:55:56.0003 0x0318  [ 8205B97AAF15AFDD2ED7D8E6C5088396, E0B3E8E2856FD06F8AC892266E00D157F55A0EC895B8FF16AC6EDE9467694985 ] DellProf        C:\WINDOWS\system32\drivers\DellProf.sys
21:55:56.0006 0x0318  DellProf - ok
21:55:56.0050 0x0318  [ C0B101B96780FFF06ADD32538A036BA8, 8B456C56D7FADA55FF9F45EB2AF4BBEC611D9D50035019D84EF0F2147E9F1170 ] DellUpdate      C:\Program Files (x86)\Dell Update\DellUpService.exe
21:55:56.0054 0x0318  DellUpdate - ok
21:55:56.0062 0x0318  DeviceAssociationService - ok
21:55:56.0075 0x0318  DeviceInstall - ok
21:55:56.0083 0x0318  DevicesFlowUserSvc - ok
21:55:56.0137 0x0318  DevQueryBroker - ok
21:55:56.0153 0x0318  Dfsc - ok
21:55:56.0170 0x0318  Dhcp - ok
21:55:56.0211 0x0318  diagnosticshub.standardcollector.service - ok
21:55:56.0255 0x0318  DiagTrack - ok
21:55:56.0276 0x0318  Disk - ok
21:55:56.0300 0x0318  DmEnrollmentSvc - ok
21:55:56.0305 0x0318  dmvsc - ok
21:55:56.0316 0x0318  dmwappushservice - ok
21:55:56.0319 0x0318  Dnscache - ok
21:55:56.0324 0x0318  dot3svc - ok
21:55:56.0338 0x0318  DPS - ok
21:55:56.0348 0x0318  drmkaud - ok
21:55:56.0350 0x0318  DsmSvc - ok
21:55:56.0353 0x0318  DsSvc - ok
21:55:56.0366 0x0318  DusmSvc - ok
21:55:56.0408 0x0318  [ 704E16F58C5F6778B9D6F424523B7827, A072E78F89EE1552FF3861CEAEAC1A509D41D88D68C609748C9F36872E3B5F45 ] DWAgent         C:\Program Files\DWAgent\native\dwagsvc.exe
21:55:56.0411 0x0318  DWAgent - ok
21:55:56.0426 0x0318  DXGKrnl - ok
21:55:56.0452 0x0318  [ 2AAC97A2DDFE3149851A9F8E002F2721, 7CDCB2BA56A6417C49A94D45BC674678073EB6B999FB0665EC329A26C5E9BCA7 ] e1dexpress      C:\WINDOWS\system32\DRIVERS\e1d65x64.sys
21:55:56.0459 0x0318  e1dexpress - ok
21:55:56.0470 0x0318  EapHost - ok
21:55:56.0478 0x0318  ebdrv - ok
21:55:56.0484 0x0318  EFS - ok
21:55:56.0489 0x0318  EhStorClass - ok
21:55:56.0493 0x0318  EhStorTcgDrv - ok
21:55:56.0517 0x0318  embeddedmode - ok
21:55:56.0526 0x0318  EntAppSvc - ok
21:55:56.0529 0x0318  ErrDev - ok
21:55:56.0555 0x0318  [ 5C9CA030C451CB3553DB9094C68EE6E9, 0C2E6C874F4B19CA4A603B7767077378ABBDA325D9D73DB971D5DDF52C827745 ] ESProtectionDriver C:\WINDOWS\system32\drivers\mbae64.sys
21:55:56.0556 0x0318  ESProtectionDriver - ok
21:55:56.0567 0x0318  EventSystem - ok
21:55:56.0569 0x0318  exfat - ok
21:55:56.0571 0x0318  fastfat - ok
21:55:56.0573 0x0318  Fax - ok
21:55:56.0576 0x0318  fdc - ok
21:55:56.0594 0x0318  fdPHost - ok
21:55:56.0596 0x0318  FDResPub - ok
21:55:56.0598 0x0318  fhsvc - ok
21:55:56.0612 0x0318  FileCrypt - ok
21:55:56.0614 0x0318  FileInfo - ok
21:55:56.0616 0x0318  Filetrace - ok
21:55:56.0619 0x0318  flpydisk - ok
21:55:56.0621 0x0318  FltMgr - ok
21:55:56.0630 0x0318  FontCache - ok
21:55:56.0678 0x0318  FontCache3.0.0.0 - ok
21:55:56.0689 0x0318  FrameServer - ok
21:55:56.0697 0x0318  FsDepends - ok
21:55:56.0703 0x0318  Fs_Rec - ok
21:55:56.0708 0x0318  fvevol - ok
21:55:56.0712 0x0318  gencounter - ok
21:55:56.0717 0x0318  genericusbfn - ok
21:55:56.0720 0x0318  GPIOClx0101 - ok
21:55:56.0724 0x0318  gpsvc - ok
21:55:56.0728 0x0318  GpuEnergyDrv - ok
21:55:56.0783 0x0318  [ 2D8BBF6C7241AAD9EDE7708EBB7B43A4, 51AF8150C6CF738AF14F502E6BDAD1035773DD45980770E06393814B75259EF8 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:55:56.0785 0x0318  gupdate - ok
21:55:56.0790 0x0318  [ 2D8BBF6C7241AAD9EDE7708EBB7B43A4, 51AF8150C6CF738AF14F502E6BDAD1035773DD45980770E06393814B75259EF8 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:55:56.0792 0x0318  gupdatem - ok
21:55:56.0795 0x0318  HDAudBus - ok
21:55:56.0798 0x0318  HidBatt - ok
21:55:56.0801 0x0318  HidBth - ok
21:55:56.0804 0x0318  hidi2c - ok
21:55:56.0807 0x0318  hidinterrupt - ok
21:55:56.0809 0x0318  HidIr - ok
21:55:56.0812 0x0318  hidserv - ok
21:55:56.0815 0x0318  HidUsb - ok
21:55:56.0837 0x0318  [ 2FE7E5C7DEE4872FF5FE18743D870B5C, 8E547C45D80519108B4D469430E35E43F97C539720E58DF9B647079EA608D4AF ] HipShieldK      C:\WINDOWS\system32\drivers\HipShieldK.sys
21:55:56.0840 0x0318  HipShieldK - ok
21:55:56.0853 0x0318  HomeGroupListener - ok
21:55:56.0863 0x0318  HomeGroupProvider - ok
21:55:56.0917 0x0318  [ A52ACBECFE7BE36E377A203B969705AE, F42FB19123C5EF404267A911305E3A86411BD22E78944FAF2F189382E364CDF2 ] HomeNetSvc      C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
21:55:56.0923 0x0318  HomeNetSvc - ok
21:55:56.0926 0x0318  HpSAMD - ok
21:55:56.0929 0x0318  HTTP - ok
21:55:56.0938 0x0318  HvHost - ok
21:55:56.0952 0x0318  hvservice - ok
21:55:56.0954 0x0318  hwpolicy - ok
21:55:56.0956 0x0318  hyperkbd - ok
21:55:56.0959 0x0318  i8042prt - ok
21:55:56.0961 0x0318  iagpio - ok
21:55:56.0963 0x0318  iai2c - ok
21:55:56.0967 0x0318  iaLPSS2i_GPIO2 - ok
21:55:56.0969 0x0318  iaLPSS2i_GPIO2_BXT_P - ok
21:55:56.0971 0x0318  iaLPSS2i_I2C - ok
21:55:56.0973 0x0318  iaLPSS2i_I2C_BXT_P - ok
21:55:56.0976 0x0318  iaLPSSi_GPIO - ok
21:55:56.0979 0x0318  iaLPSSi_I2C - ok
21:55:57.0028 0x0318  [ 62EECD3225EF2B5649780746928F5CF7, 974A5CCAFD0A514D45838F330121095195D57CF9295B5FD790F6E73A95A9C4C0 ] iaStorA         C:\WINDOWS\system32\drivers\iaStorA.sys
21:55:57.0044 0x0318  iaStorA - ok
21:55:57.0048 0x0318  iaStorAV - ok
21:55:57.0092 0x0318  [ F0EA089D3915C176CD9BC2837AC7E98C, 3D1B886284CF4C175BE5FA70841C9D1AE2CD8944487B6EDE329C3743B814CAA3 ] IAStorDataMgrSvc C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
21:55:57.0093 0x0318  IAStorDataMgrSvc - ok
21:55:57.0095 0x0318  iaStorV - ok
21:55:57.0097 0x0318  ibbus - ok
21:55:57.0117 0x0318  icssvc - ok
21:55:57.0362 0x0318  [ 127FE29E233E2C50F5B8AB3EF4AF7266, F8499FA1A5957CE7FBE0A6855E939D88BE76E6BED7A961CD7C349DF46AE40D51 ] igfx            C:\WINDOWS\System32\DriverStore\FileRepository\ki120120.inf_amd64_c5da1f413bf423ab\igdkmd64.sys
21:55:57.0478 0x0318  igfx - ok
21:55:57.0502 0x0318  [ 936AEE32AD794228B1ED23FE3CADEA4A, BC536C666E74F6466B3185911D2F7ACEC7AC39FAFAE804EC4682D4A094D3D6D8 ] igfxCUIService2.0.0.0 C:\WINDOWS\System32\DriverStore\FileRepository\ki120120.inf_amd64_c5da1f413bf423ab\igfxCUIService.exe
21:55:57.0505 0x0318  igfxCUIService2.0.0.0 - ok
21:55:57.0513 0x0318  IKEEXT - ok
21:55:57.0529 0x0318  IndirectKmd - ok
21:55:57.0611 0x0318  [ 1FC1B11B7DBF2DCA17BDA5AD7A01CBE7, 8752E936E5F0193B60D0CA9CFC0E94DDC2D55461EC6C094A6378250330BA69C1 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
21:55:57.0661 0x0318  IntcAzAudAddService - ok
21:55:57.0703 0x0318  [ E4E42ADB9B710CAA2801F5AA3705A8CC, A67EFE80F383A5117E37DE1B48045BA31E09950F9D4EAEE1E023BF1B7F5FC3C3 ] IntcDAud        C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
21:55:57.0717 0x0318  IntcDAud - ok
21:55:57.0750 0x0318  [ B63CF22D1AD2ABDC39D85851B2BEAA6D, 37E9043BABB5895BFD2B59AFB60C438B992C6EAA1B5FDE5B3445314343F4C406 ] Intel® Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
21:55:57.0761 0x0318  Intel® Capability Licensing Service TCP IP Interface - ok
21:55:57.0802 0x0318  [ 8213094EA736A9C575AB0E22AD09B0BA, 12670A466B5AA37283BD4CB481D000DE3AE2A8D1BD159F67A41703A6FE5675EC ] Intel® Security Assist C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe
21:55:57.0806 0x0318  Intel® Security Assist - ok
21:55:57.0818 0x0318  intelide - ok
21:55:57.0821 0x0318  intelpep - ok
21:55:57.0823 0x0318  intelppm - ok
21:55:57.0849 0x0318  [ 64309D45FD682E9BAE9CF2C0C23CAB44, 46E9AB44A135B074A13070C27ACFF8803EFC06FAC98172794472BF77822D083E ] IntelReadyModeDriver C:\WINDOWS\System32\drivers\IntelReadyModeDriver.sys
21:55:57.0850 0x0318  IntelReadyModeDriver - ok
21:55:57.0852 0x0318  iorate - ok
21:55:57.0855 0x0318  IpFilterDriver - ok
21:55:57.0866 0x0318  iphlpsvc - ok
21:55:57.0877 0x0318  IPMIDRV - ok
21:55:57.0879 0x0318  IPNAT - ok
21:55:57.0900 0x0318  IpxlatCfgSvc - ok
21:55:57.0903 0x0318  irda - ok
21:55:57.0905 0x0318  IRENUM - ok
21:55:57.0908 0x0318  irmon - ok
21:55:57.0924 0x0318  [ E84858DEAD6EEE98A9211DC6100727D3, 9B26D596DC8B0A3F9C2A1008B8DA5D8535002912363E15236DCBBFA72C625B21 ] IRMTService     c:\Program Files\Intel\Intel® Ready Mode Technology\IRMTService.exe
21:55:57.0926 0x0318  IRMTService - ok
21:55:57.0929 0x0318  [ 1DFC3CCA51785254C5604238BB1A5467, 31451A90A91AEE14C6B24F84CB9816E5C77179D411B8B3E8547F538235BEEFB0 ] isaHelperSvc    C:\Program Files (x86)\Intel\Intel® Security Assist\isaHelperService.exe
21:55:57.0929 0x0318  isaHelperSvc - ok
21:55:57.0937 0x0318  isapnp - ok
21:55:57.0940 0x0318  iScsiPrt - ok
21:55:57.0962 0x0318  [ 5F3583770145A00FA1EDCF8089AD5CCA, AB7AF84EE1B452312F3F7BEB3978355E7F23F4BB2A2F045E718F7346ACDB5CB3 ] jhi_service     C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
21:55:57.0965 0x0318  jhi_service - ok
21:55:57.0968 0x0318  kbdclass - ok
21:55:57.0970 0x0318  kbdhid - ok
21:55:57.0972 0x0318  kdnic - ok
21:55:57.0978 0x0318  KeyIso - ok
21:55:57.0981 0x0318  KSecDD - ok
21:55:57.0983 0x0318  KSecPkg - ok
21:55:57.0991 0x0318  ksthunk - ok
21:55:57.0994 0x0318  KtmRm - ok
21:55:58.0000 0x0318  LanmanServer - ok
21:55:58.0003 0x0318  LanmanWorkstation - ok
21:55:58.0006 0x0318  lfsvc - ok
21:55:58.0009 0x0318  LicenseManager - ok
21:55:58.0011 0x0318  lltdio - ok
21:55:58.0015 0x0318  lltdsvc - ok
21:55:58.0022 0x0318  lmhosts - ok
21:55:58.0042 0x0318  [ 00B4184D8B269387EE48E42373E35181, F64B0C17A6BBC3B532724686123CE175A4CA6932DE5A1A357C823108CE9B81C4 ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
21:55:58.0046 0x0318  LMS - ok
21:55:58.0051 0x0318  LSI_SAS - ok
21:55:58.0053 0x0318  LSI_SAS2i - ok
21:55:58.0055 0x0318  LSI_SAS3i - ok
21:55:58.0057 0x0318  LSI_SSS - ok
21:55:58.0059 0x0318  LSM - ok
21:55:58.0062 0x0318  luafv - ok
21:55:58.0096 0x0318  MapsBroker - ok
21:55:58.0099 0x0318  mausbhost - ok
21:55:58.0101 0x0318  mausbip - ok
21:55:58.0119 0x0318  [ E095FFE590241C1765D093E91E325147, 1D1B05A441249F41BFF410DA8A9A32A60D604B002B98E945B9909E5C7E8F0C79 ] MBAMChameleon   C:\WINDOWS\system32\drivers\MBAMChameleon.sys
21:55:58.0122 0x0318  MBAMChameleon - ok
21:55:58.0141 0x0318  [ C51267EE2726707D38C489C06DDF01ED, BFA9BFB8D2E1581CBF4833DC3D86A88C94B64B3B17D440894AEB111E749E4497 ] MBAMFarflt      C:\WINDOWS\system32\drivers\farflt.sys
21:55:58.0143 0x0318  MBAMFarflt - ok
21:55:58.0154 0x0318  [ 68B3141EEFEA3AF9C244945B52247241, D1FADE0D02E3F3518057BC730018B749813B4A4930796D26908080B43675E3DA ] MBAMProtection  C:\WINDOWS\system32\drivers\mbam.sys
21:55:58.0155 0x0318  MBAMProtection - ok
21:55:58.0247 0x0318  [ D76E56108E6482905D3FAEA0649919E4, E10285889570A01E544B027F4A17BA7242E5E3EF93D20A19B05091DB237C6DD1 ] MBAMService     C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
21:55:58.0293 0x0318  MBAMService - ok
21:55:58.0343 0x0318  [ 913F4230E29E312D1B4B02E2BAC67C87, 5C772DA7F2454CAFEA981E18ABCE717FE0D065EE996FB758817F3EF775B0AC14 ] MBAMSwissArmy   C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
21:55:58.0347 0x0318  MBAMSwissArmy - ok
21:55:58.0373 0x0318  [ 80F6C490D2966D0135DF5999E6DE1A0B, B866CC2806A25108281B6530FC9D8D72CB30E3B2B505D18E0401BA63275D3B50 ] MBAMWebProtection C:\WINDOWS\system32\drivers\mwac.sys
21:55:58.0375 0x0318  MBAMWebProtection - ok
21:55:58.0408 0x0318  [ 1CB5F4F5000DB779E8595F771D0095B3, BCA6F37438F17797B472199D1B6E9741CC600C8AE89B748C682D83019A49CF3D ] McAfee SiteAdvisor Service C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
21:55:58.0411 0x0318  McAfee SiteAdvisor Service - ok
21:55:58.0486 0x0318  [ 5652BB18EA197B0726CFC04A80E17805, 090F668282A3705108F9548709F121357FFE9CA85F4AE96F76E2F9AB5239EFF8 ] McAPExe         C:\Program Files\Common Files\McAfee\VSCore_15_6\McApExe.exe
21:55:58.0500 0x0318  McAPExe - ok
21:55:58.0524 0x0318  [ E22D160759F1EE07CF19625E1348BAFE, EB30D452A1FA2B6A1DB5FDCF258883DAE112AC8E2B42C693D84B0DF71234F39C ] McAWFwk         C:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe
21:55:58.0530 0x0318  McAWFwk - ok
21:55:58.0563 0x0318  [ A52ACBECFE7BE36E377A203B969705AE, F42FB19123C5EF404267A911305E3A86411BD22E78944FAF2F189382E364CDF2 ] McBootDelayStartSvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
21:55:58.0571 0x0318  McBootDelayStartSvc - ok
21:55:58.0640 0x0318  [ 01B9FF6FA5F8605AE92695C1393CD833, A89709A51FE311CBACE1BFC28492C101E7F2D613481248F815D3FA0DB6900C29 ] mccspsvc        C:\Program Files\Common Files\McAfee\CSP\2.3.322.0\\McCSPServiceHost.exe
21:55:58.0660 0x0318  mccspsvc - ok
21:55:58.0673 0x0318  [ A52ACBECFE7BE36E377A203B969705AE, F42FB19123C5EF404267A911305E3A86411BD22E78944FAF2F189382E364CDF2 ] McMPFSvc        C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
21:55:58.0681 0x0318  McMPFSvc - ok
21:55:58.0693 0x0318  [ A52ACBECFE7BE36E377A203B969705AE, F42FB19123C5EF404267A911305E3A86411BD22E78944FAF2F189382E364CDF2 ] McNaiAnn        C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe
21:55:58.0700 0x0318  McNaiAnn - ok
21:55:58.0748 0x0318  [ D4AD64832DF34E2C7916088D75B20152, F74E1049EB9ACD8BFDCB88669781E4655B4555E4F699BA57CD641F9058E6A139 ] McODS           C:\Program Files\mcafee\VirusScan\mcods.exe
21:55:58.0762 0x0318  McODS - ok
21:55:58.0774 0x0318  [ A52ACBECFE7BE36E377A203B969705AE, F42FB19123C5EF404267A911305E3A86411BD22E78944FAF2F189382E364CDF2 ] mcpltsvc        C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe
21:55:58.0782 0x0318  mcpltsvc - ok
21:55:58.0804 0x0318  [ A52ACBECFE7BE36E377A203B969705AE, F42FB19123C5EF404267A911305E3A86411BD22E78944FAF2F189382E364CDF2 ] McProxy         C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe
21:55:58.0812 0x0318  McProxy - ok
21:55:58.0827 0x0318  megasas - ok
21:55:58.0830 0x0318  megasas2i - ok
21:55:58.0835 0x0318  megasr - ok
21:55:58.0854 0x0318  [ 6ECDA51525C123C55ABC470F2144F925, 7B2E8976F126219AF0953FD641E613A9336CCC80843AF4A37AA71067D55CCBBB ] MEIx64          C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys
21:55:58.0857 0x0318  MEIx64 - ok
21:55:58.0887 0x0318  MessagingService - ok
21:55:59.0033 0x0318  [ 5FBBB352A34904A4A374C3EB62A09F15, 6EBA43181E8EBAE8A82145CDA17434903B720BA73F9D4297FB28F96C122E40B8 ] mfeaack         C:\WINDOWS\system32\drivers\mfeaack.sys
21:55:59.0039 0x0318  mfeaack - ok
21:55:59.0052 0x0318  [ D65406A780E64B5E6C48A06C8F2439A6, 3AA3BB5A3EA5798BE2DBDC3B3355F4F9F04CEC565F834DD8FB6A419A2DDAC53A ] mfeavfk         C:\WINDOWS\system32\drivers\mfeavfk.sys
21:55:59.0057 0x0318  mfeavfk - ok
21:55:59.0086 0x0318  [ ED3B9CCFC1273DC9B693838F8339CFA0, D3C272D8F7A6A83A4384D68CFD91075DFE7793B0899540B7DC32BB52B8E6FBD2 ] mfeelamk        C:\WINDOWS\system32\drivers\mfeelamk.sys
21:55:59.0088 0x0318  mfeelamk - ok
21:55:59.0100 0x0318  [ 4EAFB984E9533263B7D2F0C20DA822C1, EE60B94B632690FF9CFC423C7F0D28EE2EAB375430F7E59EBDB12D415763F6FB ] mfefire         C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
21:55:59.0103 0x0318  mfefire - ok
21:55:59.0128 0x0318  [ 6ABC14D586E9DCCFF37988D0EC6B1345, DC40223FEF0CD2D1F5EB1CA6D67E8C889FCDC8AB2EE44508BD2C51070A50CA71 ] mfefirek        C:\WINDOWS\system32\drivers\mfefirek.sys
21:55:59.0135 0x0318  mfefirek - ok
21:55:59.0166 0x0318  [ 37914975BD1A752161A6A68D6755BD98, A05BC57CD14520862AFE77C79AB6642EA6E442B8DFB8D1626FF238FEF6FFFFA5 ] mfehidk         C:\WINDOWS\system32\drivers\mfehidk.sys
21:55:59.0176 0x0318  mfehidk - ok
21:55:59.0196 0x0318  [ 39B7315698B6F19BC14F2D538EF72981, E94663052849F0A6593C17F5412F1FC21174C225173866B335E534DB4539A8A2 ] mfemms          C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe
21:55:59.0201 0x0318  mfemms - ok
21:55:59.0234 0x0318  [ 4306C4FA3551B1E6725B07BD4EF6EC02, 9B3DE12CDFA2FB33D39B08346279052D150B489B2696A9C4A637983A7F45EA11 ] mfencbdc        C:\WINDOWS\system32\DRIVERS\mfencbdc.sys
21:55:59.0239 0x0318  mfencbdc - ok
21:55:59.0257 0x0318  [ 79404EA7FFB82C9426A06CC97DE8E83B, E1BAA3B92A5C91DA7B6E6BCB02EC8DA23F5AEB52C8BCA9052323B7462B7BD6DB ] mfencrk         C:\WINDOWS\system32\DRIVERS\mfencrk.sys
21:55:59.0259 0x0318  mfencrk - ok
21:55:59.0267 0x0318  [ 3A2C7251E0F4992AFA2E7636F045B723, 722FE227A18106673FA7E78B1F7B42285F7E016EEBDF75983C842A53DDEF62CC ] mfeplk          C:\WINDOWS\system32\drivers\mfeplk.sys
21:55:59.0268 0x0318  mfeplk - ok
21:55:59.0310 0x0318  [ DA49A90A69B3284FD11B6F02D0209A99, 759380964E6450FF21FB9A2BD23BA0394B005EC332E714D40D47262FCDC6CFE9 ] mfesapsn        C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys
21:55:59.0311 0x0318  mfesapsn - ok
21:55:59.0330 0x0318  [ 43DB4E36146D076EBD7B864162C8C242, 3A84F17D3FCC9D3E481032A452D0984668AE286FCD9379A4204C1AD048A4BA6A ] mfevtp          C:\Windows\system32\mfevtps.exe
21:55:59.0338 0x0318  mfevtp - ok
21:55:59.0353 0x0318  [ 0143C30546864E43EB507AFBF2DC9E58, E09C4CFE0364805C522D355900FF7BDA1A6FFF5EDCAB094DA52AC9D90FB5D826 ] mfewfpk         C:\WINDOWS\system32\drivers\mfewfpk.sys
21:55:59.0356 0x0318  mfewfpk - ok
21:55:59.0363 0x0318  mlx4_bus - ok
21:55:59.0366 0x0318  MMCSS - ok
21:55:59.0373 0x0318  Modem - ok
21:55:59.0407 0x0318  [ DB131FDDEE1C581E9926C6E24485F9EC, F1AAA3DF7DB458F05B96358C0E30DAA456F3E92D085E68D81A4E0302E4D900FA ] ModuleCoreService C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
21:55:59.0424 0x0318  ModuleCoreService - ok
21:55:59.0446 0x0318  monitor - ok
21:55:59.0449 0x0318  mouclass - ok
21:55:59.0451 0x0318  mouhid - ok
21:55:59.0454 0x0318  mountmgr - ok
21:55:59.0457 0x0318  mpsdrv - ok
21:55:59.0464 0x0318  MpsSvc - ok
21:55:59.0467 0x0318  MRxDAV - ok
21:55:59.0469 0x0318  mrxsmb - ok
21:55:59.0472 0x0318  mrxsmb10 - ok
21:55:59.0474 0x0318  mrxsmb20 - ok
21:55:59.0481 0x0318  MsBridge - ok
21:55:59.0489 0x0318  MSDTC - ok
21:55:59.0493 0x0318  Msfs - ok
21:55:59.0495 0x0318  msgpiowin32 - ok
21:55:59.0519 0x0318  mshidkmdf - ok
21:55:59.0522 0x0318  mshidumdf - ok
21:55:59.0524 0x0318  msisadrv - ok
21:55:59.0534 0x0318  MSiSCSI - ok
21:55:59.0538 0x0318  msiserver - ok
21:55:59.0555 0x0318  [ A52ACBECFE7BE36E377A203B969705AE, F42FB19123C5EF404267A911305E3A86411BD22E78944FAF2F189382E364CDF2 ] MSK80Service    C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
21:55:59.0562 0x0318  MSK80Service - ok
21:55:59.0565 0x0318  MSKSSRV - ok
21:55:59.0568 0x0318  MsLldp - ok
21:55:59.0570 0x0318  MSPCLOCK - ok
21:55:59.0572 0x0318  MSPQM - ok
21:55:59.0575 0x0318  MsRPC - ok
21:55:59.0578 0x0318  mssmbios - ok
21:55:59.0581 0x0318  MSTEE - ok
21:55:59.0584 0x0318  MTConfig - ok
21:55:59.0586 0x0318  Mup - ok
21:55:59.0589 0x0318  mvumis - ok
21:55:59.0592 0x0318  NativeWifiP - ok
21:55:59.0617 0x0318  NaturalAuthentication - ok
21:55:59.0620 0x0318  NcaSvc - ok
21:55:59.0624 0x0318  NcbService - ok
21:55:59.0627 0x0318  NcdAutoSetup - ok
21:55:59.0630 0x0318  ndfltr - ok
21:55:59.0632 0x0318  NDIS - ok
21:55:59.0635 0x0318  NdisCap - ok
21:55:59.0637 0x0318  NdisImPlatform - ok
21:55:59.0640 0x0318  NdisTapi - ok
21:55:59.0642 0x0318  Ndisuio - ok
21:55:59.0645 0x0318  NdisVirtualBus - ok
21:55:59.0647 0x0318  NdisWan - ok
21:55:59.0650 0x0318  ndiswanlegacy - ok
21:55:59.0652 0x0318  ndproxy - ok
21:55:59.0655 0x0318  Ndu - ok
21:55:59.0658 0x0318  NetAdapterCx - ok
21:55:59.0661 0x0318  NetBIOS - ok
21:55:59.0665 0x0318  NetBT - ok
21:55:59.0667 0x0318  Netlogon - ok
21:55:59.0670 0x0318  Netman - ok
21:55:59.0673 0x0318  netprofm - ok
21:55:59.0692 0x0318  NetSetupSvc - ok
21:55:59.0746 0x0318  NetTcpPortSharing - ok
21:55:59.0758 0x0318  netvsc - ok
21:55:59.0772 0x0318  NgcCtnrSvc - ok
21:55:59.0779 0x0318  NgcSvc - ok
21:55:59.0782 0x0318  NlaSvc - ok
21:55:59.0785 0x0318  Npfs - ok
21:55:59.0787 0x0318  npsvctrig - ok
21:55:59.0790 0x0318  nsi - ok
21:55:59.0792 0x0318  nsiproxy - ok
21:55:59.0795 0x0318  NTFS - ok
21:55:59.0798 0x0318  Null - ok
21:55:59.0801 0x0318  nvdimmn - ok
21:55:59.0821 0x0318  [ 04AFA4A13AB62E3FC46C327E294B2A34, 8537F79C976C6AEA23BDB71444ADFC1DFAB0CB7470C114AFD7E4D8E6397F8F8C ] NVHDA           C:\WINDOWS\system32\drivers\nvhda64v.sys
21:55:59.0824 0x0318  NVHDA - ok
21:56:00.0127 0x0318  [ 95F5990A2395CB4095E7628A49C741FC, D263767B80BF30686E6B6ED1F68AE32619BE2CA5E058BAD8B8B7A1824EBC48B0 ] nvlddmkm        C:\WINDOWS\System32\DriverStore\FileRepository\nvddwu.inf_amd64_22a22f778ced373c\nvlddmkm.sys
21:56:00.0271 0x0318  nvlddmkm - ok
21:56:00.0285 0x0318  nvraid - ok
21:56:00.0287 0x0318  nvstor - ok
21:56:00.0331 0x0318  [ 85397430F424516BF8300FAAEF929366, 2EDF41407C7483AC8E4703BC0A13F764563E4B00D6923FD4678E6E361AC14D6B ] nvsvc           C:\WINDOWS\system32\nvvsvc.exe
21:56:00.0350 0x0318  nvsvc - ok
21:56:00.0370 0x0318  OneSyncSvc - ok
21:56:00.0430 0x0318  [ 586B1A5E9A881BB649BDC34D9D60178F, 1D064A1F8E4B2DEB1202972EB4166BB3118712C550F6E960A7F0D0EAC7C7A1E0 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:56:00.0434 0x0318  ose - ok
21:56:00.0450 0x0318  p2pimsvc - ok
21:56:00.0455 0x0318  p2psvc - ok
21:56:00.0459 0x0318  Parport - ok
21:56:00.0462 0x0318  partmgr - ok
21:56:00.0466 0x0318  PcaSvc - ok
21:56:00.0469 0x0318  pci - ok
21:56:00.0481 0x0318  pciide - ok
21:56:00.0483 0x0318  pcmcia - ok
21:56:00.0486 0x0318  pcw - ok
21:56:00.0489 0x0318  pdc - ok
21:56:00.0499 0x0318  PEAUTH - ok
21:56:00.0557 0x0318  [ 028362370BEEBADACC881E3D4956E236, D641E431F8B41218E92C0F02A3FE9897B09E116AC8222DC0E7C4994BC0CEEA2F ] PEFService      C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
21:56:00.0572 0x0318  PEFService - ok
21:56:00.0576 0x0318  percsas2i - ok
21:56:00.0578 0x0318  percsas3i - ok
21:56:00.0621 0x0318  PerfHost - ok
21:56:00.0632 0x0318  PhoneSvc - ok
21:56:00.0636 0x0318  PimIndexMaintenanceSvc - ok
21:56:00.0640 0x0318  pla - ok
21:56:00.0651 0x0318  PlugPlay - ok
21:56:00.0654 0x0318  pmem - ok
21:56:00.0657 0x0318  PNRPAutoReg - ok
21:56:00.0659 0x0318  PNRPsvc - ok
21:56:00.0672 0x0318  PolicyAgent - ok
21:56:00.0678 0x0318  Power - ok
21:56:00.0681 0x0318  PptpMiniport - ok
21:56:00.0787 0x0318  [ 5404E7A968A26DF03793B6F68536594D, BE5A85581E87EFE4DB43AD17B8D42D3F7F32364AEEC1416DBB94279C4A203FF2 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
21:56:00.0839 0x0318  PrintNotify - ok
21:56:00.0845 0x0318  Processor - ok
21:56:00.0895 0x0318  [ AAA31951B1D669EF912E42744095D6AD, 71F39A1582A23761DE64E1E9B400AC2B17582CD0681446EE442C755F6C7B4784 ] Product Registration C:\Program Files\Dell\Dell Product Registration\PRSvc.exe
21:56:00.0896 0x0318  Product Registration - ok
21:56:00.0899 0x0318  ProfSvc - ok
21:56:00.0907 0x0318  Psched - ok
21:56:00.0915 0x0318  QWAVE - ok
21:56:00.0917 0x0318  QWAVEdrv - ok
21:56:00.0920 0x0318  RasAcd - ok
21:56:00.0929 0x0318  RasAgileVpn - ok
21:56:00.0932 0x0318  RasAuto - ok
21:56:00.0934 0x0318  Rasl2tp - ok
21:56:00.0937 0x0318  RasMan - ok
21:56:00.0940 0x0318  RasPppoe - ok
21:56:00.0943 0x0318  RasSstp - ok
21:56:00.0946 0x0318  rdbss - ok
21:56:00.0955 0x0318  rdpbus - ok
21:56:00.0958 0x0318  RDPDR - ok
21:56:00.0963 0x0318  RdpVideoMiniport - ok
21:56:00.0966 0x0318  rdyboost - ok
21:56:00.0969 0x0318  ReFS - ok
21:56:00.0972 0x0318  ReFSv1 - ok
21:56:00.0984 0x0318  RemoteAccess - ok
21:56:00.0987 0x0318  RemoteRegistry - ok
21:56:01.0003 0x0318  RetailDemo - ok
21:56:01.0007 0x0318  RFCOMM - ok
21:56:01.0059 0x0318  [ 0758FD515EDC3EC67FD38A0049A3768E, 9A9D8EE7E5CEF88F59A5BDF4DFD0CBCBECBAD2681C977D5C65D1275A28F3C3D7 ] RichVideo       C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
21:56:01.0062 0x0318  RichVideo - ok
21:56:01.0065 0x0318  RmSvc - ok
21:56:01.0068 0x0318  RpcEptMapper - ok
21:56:01.0079 0x0318  RpcLocator - ok
21:56:01.0082 0x0318  RpcSs - ok
21:56:01.0085 0x0318  rspndr - ok
21:56:01.0129 0x0318  [ BC440E7CBE991E8D0782FD358CC4D301, 0AD7B3C7A544F8EDD8838DB79299C1B6FE5CF1F21A6F52BE105647BDD2EBC1D0 ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
21:56:01.0132 0x0318  RtkAudioService - ok
21:56:01.0159 0x0318  [ C3B11189D5EFFBC85915CC2DAAE84081, 834BE4D43017C701C4AAAC6E4D9487BDC8280BE3D55CA90974495AA0D4BE941A ] RtkBtFilter     C:\WINDOWS\system32\DRIVERS\RtkBtfilter.sys
21:56:01.0166 0x0318  RtkBtFilter - ok
21:56:01.0169 0x0318  RTWlanE - ok
21:56:01.0172 0x0318  s3cap - ok
21:56:01.0179 0x0318  SamSs - ok
21:56:01.0185 0x0318  sbp2port - ok
21:56:01.0199 0x0318  SCardSvr - ok
21:56:01.0208 0x0318  ScDeviceEnum - ok
21:56:01.0210 0x0318  scfilter - ok
21:56:01.0214 0x0318  Schedule - ok
21:56:01.0217 0x0318  scmbus - ok
21:56:01.0231 0x0318  SCPolicySvc - ok
21:56:01.0239 0x0318  sdbus - ok
21:56:01.0241 0x0318  SDFRd - ok
21:56:01.0244 0x0318  SDRSVC - ok
21:56:01.0246 0x0318  sdstor - ok
21:56:01.0249 0x0318  seclogon - ok
21:56:01.0261 0x0318  SecurityHealthService - ok
21:56:01.0280 0x0318  SEMgrSvc - ok
21:56:01.0284 0x0318  SENS - ok
21:56:01.0295 0x0318  SensorDataService - ok
21:56:01.0302 0x0318  SensorService - ok
21:56:01.0304 0x0318  SensrSvc - ok
21:56:01.0307 0x0318  SerCx - ok
21:56:01.0309 0x0318  SerCx2 - ok
21:56:01.0312 0x0318  Serenum - ok
21:56:01.0316 0x0318  Serial - ok
21:56:01.0319 0x0318  sermouse - ok
21:56:01.0325 0x0318  SessionEnv - ok
21:56:01.0328 0x0318  sfloppy - ok
21:56:01.0350 0x0318  SharedAccess - ok
21:56:01.0362 0x0318  ShellHWDetection - ok
21:56:01.0372 0x0318  shpamsvc - ok
21:56:01.0374 0x0318  SiSRaid2 - ok
21:56:01.0377 0x0318  SiSRaid4 - ok
21:56:01.0384 0x0318  smphost - ok
21:56:01.0394 0x0318  SmsRouter - ok
21:56:01.0401 0x0318  SNMPTRAP - ok
21:56:01.0403 0x0318  spaceport - ok
21:56:01.0406 0x0318  SpatialGraphFilter - ok
21:56:01.0408 0x0318  SpbCx - ok
21:56:01.0412 0x0318  spectrum - ok
21:56:01.0419 0x0318  Spooler - ok
21:56:01.0422 0x0318  sppsvc - ok
21:56:01.0429 0x0318  srv - ok
21:56:01.0436 0x0318  srv2 - ok
21:56:01.0439 0x0318  srvnet - ok
21:56:01.0442 0x0318  SSDPSRV - ok
21:56:01.0444 0x0318  SstpSvc - ok
21:56:01.0447 0x0318  StateRepository - ok
21:56:01.0498 0x0318  [ 663A1F163EE499E650EED73504F986C5, 46FE94ADD1CACE41E7DFEACE6987801A4B3AB4DE59521BDC32384E33EA42BC1D ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
21:56:01.0503 0x0318  Stereo Service - ok
21:56:01.0506 0x0318  stexstor - ok
21:56:01.0509 0x0318  stisvc - ok
21:56:01.0512 0x0318  storahci - ok
21:56:01.0514 0x0318  storflt - ok
21:56:01.0518 0x0318  stornvme - ok
21:56:01.0522 0x0318  storqosflt - ok
21:56:01.0525 0x0318  StorSvc - ok
21:56:01.0527 0x0318  storufs - ok
21:56:01.0531 0x0318  storvsc - ok
21:56:01.0569 0x0318  [ EAB0B52710BFE3CE2544536AA28208CC, 4907C9CB5B848A30DBB5D3210AF28BF7D721B90E598637F8F3810C8F1139503C ] SupportAssistAgent C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
21:56:01.0570 0x0318  SupportAssistAgent - ok
21:56:01.0616 0x0318  [ CC6DB34CF0604ACE3F61E2E233FD34D0, B46D02C840A1CB947597CF16722F35977C6B2F0AD75639B9FBFDE99F303B3113 ] SupremoService  C:\Program Files (x86)\Supremo\SupremoService.exe
21:56:01.0684 0x0318  SupremoService - ok
21:56:01.0693 0x0318  svsvc - ok
21:56:01.0715 0x0318  swenum - ok
21:56:01.0735 0x0318  swprv - ok
21:56:01.0755 0x0318  Synth3dVsc - ok
21:56:01.0768 0x0318  SysMain - ok
21:56:01.0777 0x0318  SystemEventsBroker - ok
21:56:01.0785 0x0318  TabletInputService - ok
21:56:01.0789 0x0318  TapiSrv - ok
21:56:01.0791 0x0318  Tcpip - ok
21:56:01.0794 0x0318  Tcpip6 - ok
21:56:01.0798 0x0318  tcpipreg - ok
21:56:01.0803 0x0318  tdx - ok
21:56:01.0806 0x0318  terminpt - ok
21:56:01.0820 0x0318  TermService - ok
21:56:01.0836 0x0318  Themes - ok
21:56:01.0847 0x0318  TieringEngineService - ok
21:56:01.0860 0x0318  tiledatamodelsvc - ok
21:56:01.0876 0x0318  TimeBrokerSvc - ok
21:56:01.0878 0x0318  TokenBroker - ok
21:56:01.0881 0x0318  TPM - ok
21:56:01.0884 0x0318  TrkWks - ok
21:56:01.0903 0x0318  TrustedInstaller - ok
21:56:01.0907 0x0318  TsUsbFlt - ok
21:56:01.0910 0x0318  TsUsbGD - ok
21:56:01.0912 0x0318  tunnel - ok
21:56:01.0922 0x0318  tzautoupdate - ok
21:56:01.0925 0x0318  UASPStor - ok
21:56:01.0927 0x0318  UcmCx0101 - ok
21:56:01.0930 0x0318  UcmTcpciCx0101 - ok
21:56:01.0933 0x0318  UcmUcsi - ok
21:56:01.0936 0x0318  Ucx01000 - ok
21:56:01.0942 0x0318  UdeCx - ok
21:56:01.0944 0x0318  udfs - ok
21:56:01.0947 0x0318  UEFI - ok
21:56:01.0950 0x0318  Ufx01000 - ok
21:56:01.0953 0x0318  UfxChipidea - ok
21:56:01.0956 0x0318  ufxsynopsys - ok
21:56:01.0962 0x0318  UI0Detect - ok
21:56:01.0965 0x0318  umbus - ok
21:56:01.0968 0x0318  UmPass - ok
21:56:01.0971 0x0318  UmRdpService - ok
21:56:01.0974 0x0318  UnistoreSvc - ok
21:56:01.0990 0x0318  upnphost - ok
21:56:01.0993 0x0318  UrsChipidea - ok
21:56:01.0996 0x0318  UrsCx01000 - ok
21:56:01.0999 0x0318  UrsSynopsys - ok
21:56:02.0002 0x0318  usbccgp - ok
21:56:02.0005 0x0318  usbcir - ok
21:56:02.0007 0x0318  usbehci - ok
21:56:02.0010 0x0318  usbhub - ok
21:56:02.0014 0x0318  USBHUB3 - ok
21:56:02.0017 0x0318  usbohci - ok
21:56:02.0020 0x0318  usbprint - ok
21:56:02.0022 0x0318  usbser - ok
21:56:02.0025 0x0318  USBSTOR - ok
21:56:02.0028 0x0318  usbuhci - ok
21:56:02.0042 0x0318  USBXHCI - ok
21:56:02.0046 0x0318  UserDataSvc - ok
21:56:02.0052 0x0318  UserManager - ok
21:56:02.0055 0x0318  UsoSvc - ok
21:56:02.0058 0x0318  VaultSvc - ok
21:56:02.0062 0x0318  vdrvroot - ok
21:56:02.0066 0x0318  vds - ok
21:56:02.0069 0x0318  VerifierExt - ok
21:56:02.0071 0x0318  vhdmp - ok
21:56:02.0074 0x0318  vhf - ok
21:56:02.0078 0x0318  vmbus - ok
21:56:02.0081 0x0318  VMBusHID - ok
21:56:02.0084 0x0318  vmgid - ok
21:56:02.0089 0x0318  vmicguestinterface - ok
21:56:02.0092 0x0318  vmicheartbeat - ok
21:56:02.0095 0x0318  vmickvpexchange - ok
21:56:02.0097 0x0318  vmicrdv - ok
21:56:02.0101 0x0318  vmicshutdown - ok
21:56:02.0104 0x0318  vmictimesync - ok
21:56:02.0106 0x0318  vmicvmsession - ok
21:56:02.0109 0x0318  vmicvss - ok
21:56:02.0112 0x0318  volmgr - ok
21:56:02.0114 0x0318  volmgrx - ok
21:56:02.0117 0x0318  volsnap - ok
21:56:02.0120 0x0318  volume - ok
21:56:02.0123 0x0318  vpci - ok
21:56:02.0126 0x0318  vsmraid - ok
21:56:02.0129 0x0318  VSS - ok
21:56:02.0131 0x0318  VSTXRAID - ok
21:56:02.0134 0x0318  vwifibus - ok
21:56:02.0136 0x0318  vwififlt - ok
21:56:02.0140 0x0318  vwifimp - ok
21:56:02.0142 0x0318  W32Time - ok
21:56:02.0145 0x0318  WacomPen - ok
21:56:02.0162 0x0318  WalletService - ok
21:56:02.0166 0x0318  wanarp - ok
21:56:02.0170 0x0318  wanarpv6 - ok
21:56:02.0218 0x0318  [ E360BDCB5CE6E68C4210E0C47272A9BD, 5D9EBC5938485B9334075E9D2041B6BB5AE39987322FF8A08DD9C7CFB232F7A4 ] WavesSysSvc     C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
21:56:02.0225 0x0318  WavesSysSvc - ok
21:56:02.0229 0x0318  wbengine - ok
21:56:02.0243 0x0318  WbioSrvc - ok
21:56:02.0246 0x0318  wcifs - ok
21:56:02.0267 0x0318  Wcmsvc - ok
21:56:02.0271 0x0318  wcncsvc - ok
21:56:02.0274 0x0318  wcnfs - ok
21:56:02.0276 0x0318  WdBoot - ok
21:56:02.0279 0x0318  Wdf01000 - ok
21:56:02.0282 0x0318  WdFilter - ok
21:56:02.0297 0x0318  WdiServiceHost - ok
21:56:02.0300 0x0318  WdiSystemHost - ok
21:56:02.0303 0x0318  wdiwifi - ok
21:56:02.0306 0x0318  WdNisDrv - ok
21:56:02.0314 0x0318  WdNisSvc - ok
21:56:02.0318 0x0318  WebClient - ok
21:56:02.0326 0x0318  Wecsvc - ok
21:56:02.0330 0x0318  WEPHOSTSVC - ok
21:56:02.0333 0x0318  wercplsupport - ok
21:56:02.0337 0x0318  WerSvc - ok
21:56:02.0341 0x0318  WFDSConMgrSvc - ok
21:56:02.0344 0x0318  WFPLWFS - ok
21:56:02.0349 0x0318  WiaRpc - ok
21:56:02.0353 0x0318  WIMMount - ok
21:56:02.0355 0x0318  WinDefend - ok
21:56:02.0362 0x0318  WindowsTrustedRT - ok
21:56:02.0366 0x0318  WindowsTrustedRTProxy - ok
21:56:02.0369 0x0318  WinHttpAutoProxySvc - ok
21:56:02.0372 0x0318  WinMad - ok
21:56:02.0407 0x0318  Winmgmt - ok
21:56:02.0409 0x0318  WinNat - ok
21:56:02.0412 0x0318  WinRM - ok
21:56:02.0419 0x0318  WINUSB - ok
21:56:02.0422 0x0318  WinVerbs - ok
21:56:02.0440 0x0318  wisvc - ok
21:56:02.0455 0x0318  WlanSvc - ok
21:56:02.0459 0x0318  wlidsvc - ok
21:56:02.0462 0x0318  wlpasvc - ok
21:56:02.0467 0x0318  WmiAcpi - ok
21:56:02.0472 0x0318  wmiApSrv - ok
21:56:02.0474 0x0318  WMPNetworkSvc - ok
21:56:02.0494 0x0318  [ 1AE1076034392218EE89D2744EC2A071, 695C28E2697B12BBD919687176CE082E94887A5D8B6229F163A26F6EDF401C4C ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
21:56:02.0499 0x0318  Wof - ok
21:56:02.0513 0x0318  workfolderssvc - ok
21:56:02.0516 0x0318  WPDBusEnum - ok
21:56:02.0521 0x0318  WpdUpFltr - ok
21:56:02.0524 0x0318  WpnService - ok
21:56:02.0528 0x0318  WpnUserService - ok
21:56:02.0540 0x0318  ws2ifsl - ok
21:56:02.0544 0x0318  wscsvc - ok
21:56:02.0547 0x0318  WSearch - ok
21:56:02.0553 0x0318  wuauserv - ok
21:56:02.0556 0x0318  WudfPf - ok
21:56:02.0559 0x0318  WUDFRd - ok
21:56:02.0563 0x0318  wudfsvc - ok
21:56:02.0567 0x0318  WUDFWpdFs - ok
21:56:02.0571 0x0318  WwanSvc - ok
21:56:02.0574 0x0318  xbgm - ok
21:56:02.0577 0x0318  XblAuthManager - ok
21:56:02.0607 0x0318  XblGameSave - ok
21:56:02.0622 0x0318  xboxgip - ok
21:56:02.0626 0x0318  XboxGipSvc - ok
21:56:02.0639 0x0318  XboxNetApiSvc - ok
21:56:02.0642 0x0318  xinputhid - ok
21:56:02.0644 0x0318  ================ Scan global ===============================
21:56:02.0672 0x0318  [ Global ] - ok
21:56:02.0672 0x0318  ================ Scan MBR ==================================
21:56:02.0682 0x0318  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
21:56:02.0689 0x0318  \Device\Harddisk0\DR0 - ok
21:56:02.0689 0x0318  ================ Scan VBR ==================================
21:56:02.0694 0x0318  [ DBBD348A92C4A9A8417708735A3A4CC4 ] \Device\Harddisk0\DR0\Partition1
21:56:02.0695 0x0318  \Device\Harddisk0\DR0\Partition1 - ok
21:56:02.0707 0x0318  [ 2D524F05766D084E9BC1747B63390F77 ] \Device\Harddisk0\DR0\Partition2
21:56:02.0708 0x0318  \Device\Harddisk0\DR0\Partition2 - ok
21:56:02.0716 0x0318  [ F92A7A33212407B97101C8EA16E2E75A ] \Device\Harddisk0\DR0\Partition3
21:56:02.0718 0x0318  \Device\Harddisk0\DR0\Partition3 - ok
21:56:02.0746 0x0318  [ FB25FDACC002D4DCCF328D6332DF6174 ] \Device\Harddisk0\DR0\Partition4
21:56:02.0748 0x0318  \Device\Harddisk0\DR0\Partition4 - ok
21:56:02.0753 0x0318  [ 1FA627873F7A743AFB62DE2A993077E8 ] \Device\Harddisk0\DR0\Partition5
21:56:02.0755 0x0318  \Device\Harddisk0\DR0\Partition5 - ok
21:56:02.0756 0x0318  ================ Scan generic autorun ======================
21:56:02.0756 0x0318  SecurityHealth - ok
21:56:02.0947 0x0318  [ 1EB2E09C381B26B3B1712F48627A2CC4, 014468FC67742F2381B7380C397BDD9E2691FE3A7C018E532833443B7201D927 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
21:56:03.0043 0x0318  RTHDVCPL - ok
21:56:03.0083 0x0318  [ D048BFBD36427BC60C1380B43443FB15, 32FA16CD333B2054BE0AB2DAA4A8961470089FB95C90CA57E50EBF35FAB3AC53 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
21:56:03.0098 0x0318  RtHDVBg_MAXX6 - ok
21:56:03.0143 0x0318  [ EDDF9B855BA83E16BB1E0AE9C63ED86B, E282EC87FC9D7B484EFEC03E91BED602E65F7FBCC0845FD3941D5659EC41A4DD ] C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
21:56:03.0152 0x0318  WavesSvc - ok
21:56:03.0250 0x0318  [ 36E62063607B123E9D5B222958B9AC1C, 53690BB53B0248383300DE6D303165F0F471A2F8868A09BAF38609DBEFCB8ADD ] C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe
21:56:03.0251 0x0318  IAStorIcon - ok
21:56:03.0321 0x0318  [ 3F38CDFA7B8F779B7FC1A9C601C50FCE, FF9161BFA494D57C2C98EEBA9E1D3BE2D35F5ECF8F09B414641B3EBD39CA4FEA ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
21:56:03.0347 0x0318  NvBackend - ok
21:56:03.0366 0x0318  [ 5F6A6961E2DF5C60F3D17C043D492E88, BAC1FC11FC0A960018F1661290D899B6FEB8D8F0683288BA310FCF30C77F7CB8 ] C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe
21:56:03.0369 0x0318  BtServer - ok
21:56:03.0402 0x0318  [ 957AAB2FCDBBFEBD85AA7B51101D5DAB, 8A1A3BC25A843B60B33992989CC841C7828A9047E1D2AFBF206C3CC89147F4D0 ] C:\Program Files\DWAgent\native\dwaglnc.exe
21:56:03.0403 0x0318  DWAgentMon - ok
21:56:03.0470 0x0318  [ 5602FF42444B4991E69C62E493BDAEC4, 7AE46CA0CD1E1C091B31EE4A691C26823E0F1AB1CA6B1C29E6C662BF7E28A996 ] C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe
21:56:03.0502 0x0318  Malwarebytes TrayApp - ok
21:56:03.0526 0x0318  Dropbox - ok
21:56:03.0565 0x0318  OneDriveSetup - ok
21:56:03.0566 0x0318  OneDriveSetup - ok
21:56:03.0654 0x0318  [ C5D30E88C97825CF0652B60C42F103AD, D605DC9021021714BDA36EF48C335F85C77F85474A21B6E5258270E1703B8DC8 ] C:\Users\Richard\AppData\Local\Microsoft\OneDrive\OneDrive.exe
21:56:03.0671 0x0318  OneDrive - ok
21:56:03.0848 0x0318  [ A95474B14C558CF85A79C18C9356CBCA, 16CCDEE1A2A0930A1EACF1D5E81955CB66DDB872DD2F5602058D6392B80EB56C ] C:\Program Files\CCleaner\CCleaner64.exe
21:56:03.0953 0x0318  CCleaner Monitoring - ok
21:56:03.0959 0x0318  Waiting for KSN requests completion. In queue: 62
21:56:04.0995 0x0318  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.11.15063.332 ), 0x60100 ( disabled : updated )
21:56:04.0996 0x0318  AV detected via SS2: Malwarebytes, C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe ( 3.0.0.143 ), 0x61000 ( enabled : updated )
21:56:04.0996 0x0318  AV detected via SS2: McAfee VirusScan, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 15.4.0.0 ), 0x51000 ( enabled : updated )
21:56:04.0997 0x0318  FW detected via SS2: McAfee Firewall, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 15.4.0.0 ), 0x51010 ( enabled )
21:56:05.0416 0x0318  ============================================================
21:56:05.0416 0x0318  Scan finished
21:56:05.0416 0x0318  ============================================================
21:56:05.0422 0x2080  Detected object count: 0
21:56:05.0422 0x2080  Actual detected object count: 0
21:56:14.0402 0x05ec  Deinitialize success
 
 

ADWcleaner

# AdwCleaner v6.047 - Logfile created 20/06/2017 at 22:01:19
# Updated on 19/05/2017 by Malwarebytes
# Database : 2017-06-20.1 [Server]
# Operating System : Windows 10 Home  (X64)
# Username : Richard - DESKTOP-OE5229F
# Running from : C:\Users\Richard\Desktop\AdwCleaner.exe
# Mode: Scan
 
 
 
***** [ Services ] *****
 
No malicious services found.
 
 
***** [ Folders ] *****
 
Folder Found:  C:\ProgramData\042202af-3ba6-4d8b-9ca4-f8b85902e39d
Folder Found:  C:\ProgramData\5a44f675-d019-401a-a5fe-c4ddbceb03e0
Folder Found:  C:\ProgramData\ebe81330-abb9-4993-9397-64e4c1500e3d
 
 
***** [ Files ] *****
 
No malicious files found.
 
 
***** [ DLL ] *****
 
No malicious DLLs found.
 
 
***** [ WMI ] *****
 
No malicious keys found.
 
 
***** [ Shortcuts ] *****
 
No infected shortcut found.
 
 
***** [ Scheduled Tasks ] *****
 
No malicious task found.
 
 
***** [ Registry ] *****
 
Key Found:  HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\ask.com
Key Found:  HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.ask.com
Key Found:  HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\ask.com
Key Found:  HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.ask.com
Key Found:  [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\ask.com
Key Found:  [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.ask.com
Key Found:  [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\ask.com
Key Found:  [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.ask.com
 
 
***** [ Web browsers ] *****
 
No malicious Firefox based browser items found.
No malicious Chromium based browser items found.
 
*************************
 
C:\AdwCleaner\AdwCleaner[S0].txt - [2776 Bytes] - [20/06/2017 22:01:19]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2849 Bytes] ##########
 
Junkwareremovaltool
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.3 (04.10.2017)
Operating System: Windows 10 Home x64 
Ran by Richard (Administrator) on Tue 06/20/2017 at 22:05:17.88
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
File System: 2 
 
Successfully deleted: C:\WINDOWS\system32\Tasks\PCDEventLauncherTask (Task)
Successfully deleted: C:\WINDOWS\system32\Tasks\PCDoctorBackgroundMonitorTask (Task)
 
 
 
Registry: 0 
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 06/20/2017 at 22:08:22.81
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 


#4 crazyisgood

crazyisgood
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:07:39 PM

Posted 21 June 2017 - 01:35 AM

ESEt found nothing



#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,556 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:39 PM

Posted 21 June 2017 - 01:45 PM

Now remove what ADWcleaner found......

Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator
  • The tool will start to update the database if one is required.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Logfile button.
  • A window will open which lists the logs of your scans.
  • Click on the Scan tab.
  • Double-click the most recent scan which will be at the top of the list....the log will appear.
  • Review the results...see note below
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[CX].txt) will open automatically (where the largest value of X represents the most recent report).
  • To open a Cleaning log, launch AdwareClearer, click on the Logfile button, click on the Cleaning tab and double-click the log at the top of the list.
  • Copy and paste the contents of AdwCleaner[CX].txt in your next reply.
  • A copy of all logfiles are saved to C:\AdwCleaner.
  • -- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name or entry that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on and uncheck any items you want to keep.



    do you make Videos? If not Unistall the 2 from 1st post and this proDAD Adorage, from Control Panel and restart machine.


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 crazyisgood

crazyisgood
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:07:39 PM

Posted 22 June 2017 - 02:16 PM

# AdwCleaner v6.047 - Logfile created 22/06/2017 at 12:12:19
# Updated on 19/05/2017 by Malwarebytes
# Database : 2017-06-22.1 [Server]
# Operating System : Windows 10 Home  (X64)
# Username : Richard - DESKTOP-OE5229F
# Running from : C:\Users\Richard\Desktop\AdwCleaner.exe
# Mode: Clean
 
 
 
***** [ Services ] *****
 
 
 
***** [ Folders ] *****
 
[-] Folder deleted: C:\ProgramData\042202af-3ba6-4d8b-9ca4-f8b85902e39d
[-] Folder deleted: C:\ProgramData\5a44f675-d019-401a-a5fe-c4ddbceb03e0
[-] Folder deleted: C:\ProgramData\ebe81330-abb9-4993-9397-64e4c1500e3d
 
 
***** [ Files ] *****
 
 
 
***** [ DLL ] *****
 
 
 
***** [ WMI ] *****
 
 
 
***** [ Shortcuts ] *****
 
 
 
***** [ Scheduled Tasks ] *****
 
 
 
***** [ Registry ] *****
 
[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\ask.com
[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.ask.com
[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\ask.com
[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.ask.com
[#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\ask.com
[#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.ask.com
[#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\ask.com
[#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.ask.com
 
 
***** [ Web browsers ] *****
 
 
 
*************************
 
:: "Tracing" keys deleted
:: Winsock settings cleared
 
*************************
 
C:\AdwCleaner\AdwCleaner[C0].txt - [2698 Bytes] - [22/06/2017 12:12:19]
C:\AdwCleaner\AdwCleaner[S0].txt - [2944 Bytes] - [20/06/2017 22:01:19]
C:\AdwCleaner\AdwCleaner[S1].txt - [3016 Bytes] - [20/06/2017 22:03:20]
C:\AdwCleaner\AdwCleaner[S2].txt - [3090 Bytes] - [22/06/2017 12:11:17]
 
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [2990 Bytes] ##########
 
 
 
How do I uninstall If not Unistall the 2 from 1st post and this proDAD Adorage, from Control Panel and restart machine.


#7 crazyisgood

crazyisgood
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:07:39 PM

Posted 24 June 2017 - 05:03 AM

Earlier today the mouse was moving on it's own and cycling through photos

#8 crazyisgood

crazyisgood
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:07:39 PM

Posted 25 June 2017 - 03:38 AM

How can I make sure Supremo is uninstalled as I can't find it under anything except for deleting the folder.  Using Windows 10 and I am getting lost too easily.



#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,556 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:39 PM

Posted 25 June 2017 - 01:30 PM

Try using FileASSASSIN

 

How to Fix Windows 10 “Mouse Moving on Its Own” Issue


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#10 crazyisgood

crazyisgood
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:07:39 PM

Posted 27 June 2017 - 01:31 AM

Ok I think it is gone




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users