Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Microsoft Security Essentials Malware Removal [Solved]

Started by joseph456 , Feb 14 2015 12:04 AM

Is computer clean?

This topic is locked

#1
joseph456

Posted 14 February 2015 - 12:04 AM

Member

Member
455 posts

MSE quarantined and deleted a link when I was on a website related to eye floaters and flashes. I have run MSE and Malwarebytes. Is there a way to test the computer to make sure it is clean?

Thanks.

#2
pystryker

Posted 14 February 2015 - 06:45 AM

Trusted Helper

Malware Removal
3,912 posts

Hello and welcome to Geeks To Go! My nickname is Pystryker

, and I will be helping you with your issue today.

Before we get started, I have a few things I need to go over with you

If you are receiving help for this issue at another forum, please let me know so I can close this thread.
Please download to and run all requested tools from your Desktop.
Please do not install any new software during the cleaning process other than the tools I provide for you. This can hinder the cleaning process.
At the top of your post, please click on the "Follow this topic" button and make sure that the "Received notification" box is checked and set to "Instantly" This will send an email to you as soon as I reply to your topic, allowing us to solve your problem faster.
If any of your security programs give you a warning about any tool I ask you to use, please do not worry. All the links and tools I provide to you will be safe.
Please do not run any tools other than the ones I ask you to, when I ask you to. Some of these tools can be very dangerous if used improperly. Also, if you use a tool that I have not requested you use, it can cause false positives, thereby delaying the complete cleaning of your machine.
This is a complicated process. It requires several steps, patience, and careful following of my instructions in the order they are given to diagnose your problems to get your machine back in working order.
Please stay with me until the end of all steps and procedures and I declare your system clean. Just because there is a lack of symptoms does not indicate a clean machine. I promise to do the same for you.
It is impossible for me to know what interactions may happen between your computer's software and the tools we will use to clean your machine. Therefore, I highly recommend you backup any critical personal files on your machine before we start.
If you have any questions at all, please don't hesitate to ask. There's no such thing as a stupid question when dealing with malware.
If you are unsure of an instruction I give you, or if something unexepected occurs, Do NOT proceed! Stop and ask for clarification of the instruction or tell me what occurred.
Please remember, the fixes are for your machine and your machine ONLY! Do not use these fixes on any other machine, each fix is tailor made for your system only. Using a fix on another machine can and will cause serious damage.
Once we have cleaned your machine, we'll have some cleanup and prevention steps to go through. We will also provide you with some information about how to reduce your chances of infection and get some protections in place to help defend you against this in the future
Please be patient while I am analyzing your logs. I know you are probably scared and very frustrated with this problem, but I am a volunteer and sometimes life does get in the way.

Now, let's get started, shall we? :thumbsup:

Hello, let's get a look at your system and see what's going on.

Step 1: Scan with Farbar's Recovery Scan Tool (FRST)

Please disable your antivirus for the duration of my instructions. Don't forget to re-enable them after you have completed the steps.

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
Place a check in the box marked Addition.txt
Press the Scan button.
It will produce a log called FRST.txt in the same directory the tool is run from.
Please copy and paste log back here.
The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.

Step 2: Scan with TDSSKiller

Please download TDSSKiller to the desktop.

Alternate download is here.

Right-click on TDSSKiller.exe and select Run as Administrator to start the program and follow the prompts.
When the main GUI(graphical user interface) window opens, click on Change Parameters
Under Additional options, select both Verify driver digital signatures & Detect TDLFS File System >> OK
Click on Start Scan, the scan will run.
When the scan has finished, if it finds anything please click on the drop down arrow next to Cure and select Skip
A Report will have been created by TDSSKiller in your root directory C:\
To find the log go to Start(Windows 7 Orb) > Computer > C: >> TDSSKiller.V.V.V.VV_DD.DD.YYYY_TT.TT.TT_log <-- The letters denote the version and date & time etc.
Post the contents of that log in your next reply please.

Note: Do not have TDSSKiller remove anything if found at this point in time!

Things I need to see in your next post:

Please post each of these logs as a separate reply in this thread.

FRST Log

Addition.txt Log

TDSSKiller Log

#3
joseph456

Posted 14 February 2015 - 10:44 AM

Member

Topic Starter
Member
455 posts

Thanks for your help. Here is the first log: FRST.txt

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-02-2015
Ran by EJC (administrator) on EJC-PC on 14-02-2015 11:35:39
Running from C:\Users\EJC\Desktop
Loaded Profiles: EJC (Available profiles: EJC)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidMonitorSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Dell Computer Corporation) C:\dell\DBRM\Reminder\DbrmTrayicon.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Waves Audio Ltd.) C:\Program Files\Realtek\Audio\HDA\WavesSvc64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Piriform Ltd) C:\Program Files\Speccy\Speccy64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\lync.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
() C:\Windows\SysWOW64\srvany.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Dell Inc.) C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(TODO: <公司名>) C:\Windows\SysWOW64\SDIOAssist.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\ucmapi.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(BayHubTech/O2Micro International) C:\Windows\System32\drivers\o2flash.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVault.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PrivacyIconClient.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\outlook.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssist\uaclauncher.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [727896 2014-03-13] (Alps Electric Co., Ltd.)
HKLM\...\Run: [DBRMTray] => C:\Dell\DBRM\Reminder\DbrmTrayIcon.exe [227328 2011-03-08] (Dell Computer Corporation)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1332296 2015-01-30] (Microsoft Corporation)
HKLM\...\Run: [BLEServicesCtrl] => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [184112 2012-09-17] (Intel Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [IntelPROSet] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [4791024 2013-02-08] (Intel® Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7202520 2013-08-19] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-07-29] (Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Realtek\Audio\HDA\WavesSvc64.exe [115968 2013-07-23] (Waves Audio Ltd.)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-07-29] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2014-05-28] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-04-10] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642816 2013-07-17] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe [134616 2013-11-13] (Intel Corporation)
HKLM\...\RunOnce: [DBRMTray] => C:\Dell\DBRM\Reminder\TrayApp.exe [7168 2010-02-04] (Microsoft)
HKU\S-1-5-21-1107464198-3355101354-199131294-1000\...\Run: [Speccy] => C:\Program Files\Speccy\Speccy64.exe [7088408 2015-01-22] (Piriform Ltd)
HKU\S-1-5-21-1107464198-3355101354-199131294-1000\...\Run: [Lync] => C:\Program Files\Microsoft Office 15\root\office15\lync.exe [19053720 2015-01-13] (Microsoft Corporation)
HKU\S-1-5-21-1107464198-3355101354-199131294-1000\...\Run: [DellSystemDetect] => C:\Users\EJC\AppData\Local\Apps\2.0\QDHNRVRV.TXD\VB5KANHQ.VQ9\dell..tion_e30b47f5d4a30e9e_0005.000e_4ab3a7332dd76702\DellSystemDetect.exe [283432 2015-02-11] (Dell)
HKU\S-1-5-21-1107464198-3355101354-199131294-1000\...\RunOnce: [Adobe Speed Launcher] => 1423892342
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1107464198-3355101354-199131294-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://dell13.us.msn...JB&ocid=DELLDHP
HKU\S-1-5-21-1107464198-3355101354-199131294-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com/?pc=DCJB
HKU\S-1-5-21-1107464198-3355101354-199131294-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = https://www.netaddre...nvalidSessionID
https://www.google.com/
https://news.google.com/
SearchScopes: HKU\S-1-5-21-1107464198-3355101354-199131294-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1107464198-3355101354-199131294-1000 -> {BBA83629-619D-47F1-8C9F-0D4033D1ED59} URL =
SearchScopes: HKU\S-1-5-21-1107464198-3355101354-199131294-1000 -> {FA5EA24D-EB5C-417F-AECA-A037B041C463} URL = https://startpage.co...anguage=english
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {0E5F0222-96B9-11D3-8997-00104BD12D94} http://www.pcpitstop...t/PCPitStop.CAB
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab
DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.syste...el_4.5.22.0.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\EJC\AppData\Roaming\Mozilla\Firefox\Profiles\y2y6rsh1.default
FF DefaultSearchEngine: Google
FF SelectedSearchEngine: DuckDuckGo
FF Homepage: hxxp://www.msn.com/en-us?cobrand=dell13.msn.com&ocid=DELLDHP&pc=MDDCJS|https://www.netaddre...ewVer=5.12.12.1
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\EJC\AppData\Roaming\mozilla\plugins\np-mswmp.dll (Microsoft Corporation)
FF Extension: IE Tab 2 (FF 3.6+) - C:\Users\EJC\AppData\Roaming\Mozilla\Firefox\Profiles\y2y6rsh1.default\Extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB} [2015-02-01]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ApHidMonitorService; C:\Program Files\DellTPad\HidMonitorSvc.exe [87384 2014-03-27] (Alps Electric Co., Ltd.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2711736 2015-01-13] (Microsoft Corporation)
R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2552528 2015-01-30] (Dell Inc.)
R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [201424 2015-01-30] (Dell Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-05-28] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [315376 2014-05-06] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Corporation)
S3 InvProtectSvc; C:\Program Files (x86)\Invincea\Enterprise\X64\InvProtectSvc64.exe [2947856 2013-07-30] (Invincea, Inc.)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-11-13] (Intel Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2015-01-30] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-02-08] ()
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366512 2015-01-30] (Microsoft Corporation)
R2 O2FLASH; C:\Windows\system32\DRIVERS\o2flash.exe [65536 2014-03-07] (BayHubTech/O2Micro International)
R2 O2SDIOAssist; C:\Windows\SysWOW64\srvany.exe [8192 2012-03-09] () [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [246488 2013-06-18] (Realtek Semiconductor)
S3 SboxSvc; C:\Program Files (x86)\Invincea\Enterprise\Sandbox\SboxSvc.exe [124616 2013-07-30] ()
R2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [19288 2015-02-06] (Dell Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2014-02-24] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3386608 2013-02-08] (Intel® Corporation)
R2 Dell.PowerManager.Service; C:\Windows\system32\dllhost.exe /Processid:{263FA663-D541-481D-BCDD-A789E230F223}

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [36520 2012-09-14] (Advanced Micro Devices, Inc.)
R3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [131968 2012-10-30] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [1342848 2012-12-03] (Motorola Solutions, Inc.)
S3 cpudrv64; C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [17864 2011-06-02] ()
R3 DDDriver; C:\Windows\System32\drivers\DDDriver64Dcsa.sys [23760 2015-01-30] (Dell Computer Corporation)
R3 DellProf; C:\Windows\System32\drivers\DellProf.sys [23312 2015-01-30] (Dell Computer Corporation)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [488216 2014-03-05] (Intel Corporation)
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28008 2013-08-28] (Intel Corporation)
R3 IntcAzAudAddService; C:\Windows\System32\drivers\RTDVHD64.sys [2261464 2013-08-27] (Realtek Semiconductor Corp.)
S3 InvProtectDrv; C:\Program Files (x86)\Invincea\Enterprise\X64\InvProtectDrv64.sys [34824 2013-07-30] ()
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-11-13] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [274696 2014-11-15] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124560 2014-11-15] (Microsoft Corporation)
R3 O2FJ2RDR; C:\Windows\System32\DRIVERS\O2FJ2w7x64.sys [210592 2014-05-14] (BayHubTech/O2Micro )
S3 rspLLL; C:\Windows\System32\DRIVERS\rspLLL64.sys [25504 2013-10-21] (Resplendence Software Projects Sp.)
S3 SboxDrv; C:\Program Files (x86)\Invincea\Enterprise\Sandbox\SboxDrv.sys [202248 2013-07-30] ()
R3 ST_Accel; C:\Windows\System32\DRIVERS\ST_Accel.sys [75976 2013-08-05] (STMicroelectronics)
R3 usb3Hub; C:\Windows\System32\DRIVERS\usb3Hub.sys [48024 2013-01-28] (Windows ® Win 7 DDK provider)
S3 usbohci; C:\Windows\system32\drivers\usbohci.sys [25600 2014-02-24] (Microsoft Corporation) [File not signed]
S3 usbuhci; C:\Windows\system32\drivers\usbuhci.sys [30720 2014-02-24] (Microsoft Corporation) [File not signed]
R3 XHCIPort; C:\Windows\System32\DRIVERS\XHCIPort.sys [194456 2013-01-28] (Windows ® Win 7 DDK provider)
R3 cpuz138; \??\C:\Users\EJC\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-14 11:35 - 2015-02-14 11:36 - 00020235 _____ () C:\Users\EJC\Desktop\FRST.txt
2015-02-14 11:35 - 2015-02-14 11:35 - 00000000 ____D () C:\FRST
2015-02-14 11:33 - 2015-02-14 11:30 - 02134528 _____ (Farbar) C:\Users\EJC\Desktop\FRST64.exe
2015-02-14 11:33 - 2015-02-14 11:29 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\EJC\Desktop\tdsskiller.exe
2015-02-14 11:26 - 2015-02-14 11:30 - 00000000 ____D () C:\Users\EJC\Desktop\GTG
2015-02-11 21:26 - 2015-02-11 21:26 - 00000000 _____ () C:\Windows\invcol.tmp
2015-02-11 21:03 - 2015-02-12 22:25 - 00000426 _____ () C:\Windows\Tasks\Dell SupportAssistAgent AutoUpdate.job
2015-02-11 21:03 - 2015-02-11 21:03 - 00003222 _____ () C:\Windows\System32\Tasks\Dell SupportAssistAgent AutoUpdate
2015-02-11 21:03 - 2015-02-11 21:03 - 00000000 __HDC () C:\ProgramData\{7417E72F-E156-403E-9DFA-EB0ED1DB06F1}
2015-02-11 21:02 - 2015-02-11 23:12 - 00000000 ____D () C:\ProgramData\SupportAssistAgent
2015-02-11 20:16 - 2015-02-13 18:50 - 00003484 _____ () C:\Windows\System32\Tasks\PCDEventLauncherTask
2015-02-11 20:16 - 2015-02-11 20:16 - 00004020 _____ () C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask
2015-02-11 20:16 - 2015-02-11 20:16 - 00003210 _____ () C:\Windows\System32\Tasks\SystemToolsDailyTest
2015-02-11 20:16 - 2015-02-11 20:16 - 00000000 ____D () C:\ProgramData\PC-Doctor for Windows
2015-02-11 20:16 - 2015-02-11 20:16 - 00000000 ____D () C:\Program Files\Dell Support Center
2015-02-11 01:04 - 2015-01-22 23:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-11 01:04 - 2015-01-22 23:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-11 01:04 - 2015-01-22 22:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-02-11 01:04 - 2015-01-22 22:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-11 00:45 - 2015-01-08 22:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-02-11 00:45 - 2015-01-08 22:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-02-11 00:45 - 2015-01-08 22:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-02-11 00:45 - 2015-01-08 21:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2015-02-10 22:10 - 2015-01-14 00:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-10 22:10 - 2015-01-14 00:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-10 22:10 - 2015-01-11 22:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-10 22:10 - 2015-01-11 22:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-10 22:10 - 2015-01-11 22:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-02-10 22:10 - 2015-01-11 21:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-02-10 22:10 - 2015-01-11 21:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-10 22:10 - 2015-01-11 21:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-10 22:10 - 2015-01-11 21:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-02-10 22:10 - 2015-01-11 21:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-10 22:10 - 2015-01-11 21:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-10 22:10 - 2015-01-11 21:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-02-10 22:10 - 2015-01-11 21:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-10 22:10 - 2015-01-11 21:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-10 22:10 - 2015-01-11 21:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-02-10 22:10 - 2015-01-11 21:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-10 22:10 - 2015-01-11 21:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-10 22:10 - 2015-01-11 21:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-02-10 22:10 - 2015-01-11 21:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-10 22:10 - 2015-01-11 21:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-10 22:10 - 2015-01-11 21:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-10 22:10 - 2015-01-11 21:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-02-10 22:10 - 2015-01-11 21:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-10 22:10 - 2015-01-11 21:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-02-10 22:10 - 2015-01-11 21:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-02-10 22:10 - 2015-01-11 21:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-10 22:10 - 2015-01-11 21:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-10 22:10 - 2015-01-11 21:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-10 22:10 - 2015-01-11 21:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-02-10 22:10 - 2015-01-11 20:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-02-10 22:10 - 2015-01-11 20:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-02-10 22:10 - 2015-01-11 20:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-02-10 22:10 - 2015-01-11 20:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-10 22:10 - 2015-01-11 20:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-10 22:10 - 2015-01-11 20:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-10 22:10 - 2015-01-11 20:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-02-10 22:10 - 2015-01-11 20:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-10 22:10 - 2015-01-11 20:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-10 22:10 - 2015-01-11 20:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-02-10 22:10 - 2015-01-11 20:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-02-10 22:10 - 2015-01-11 20:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-02-10 22:10 - 2015-01-11 20:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-02-10 22:10 - 2015-01-11 20:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-10 22:10 - 2015-01-11 20:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-10 22:10 - 2015-01-11 20:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-10 22:10 - 2015-01-11 20:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-02-10 22:10 - 2015-01-11 20:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-10 22:10 - 2015-01-11 20:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-10 22:10 - 2015-01-11 20:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-10 22:10 - 2015-01-11 20:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-10 22:10 - 2015-01-11 19:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-10 22:10 - 2015-01-11 19:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-10 19:01 - 2015-01-15 03:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-10 19:01 - 2015-01-15 03:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-10 19:01 - 2015-01-15 03:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-10 19:01 - 2015-01-15 03:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-02-10 19:01 - 2015-01-15 03:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-02-10 19:01 - 2015-01-15 03:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-02-10 19:01 - 2015-01-15 03:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-02-10 19:01 - 2015-01-15 03:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-02-10 19:01 - 2015-01-15 03:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-10 19:01 - 2015-01-15 03:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-02-10 19:01 - 2015-01-15 03:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-10 19:01 - 2015-01-15 02:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-02-10 19:01 - 2015-01-15 02:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-02-10 19:01 - 2015-01-15 02:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-02-10 19:01 - 2015-01-15 02:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-10 19:01 - 2015-01-15 02:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-02-10 19:01 - 2015-01-15 02:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-10 19:01 - 2015-01-14 23:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-10 19:01 - 2014-12-12 00:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-02-10 19:01 - 2014-12-12 00:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-02-10 18:52 - 2015-02-03 22:16 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-10 18:52 - 2015-02-03 22:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-10 18:52 - 2015-02-03 22:16 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-10 18:52 - 2015-02-03 22:16 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-10 18:52 - 2015-02-03 22:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-10 18:52 - 2015-02-03 22:16 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-02-10 18:52 - 2015-02-03 22:13 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-10 18:52 - 2015-01-27 18:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-02-10 18:52 - 2015-01-10 01:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-02-10 18:52 - 2015-01-10 01:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-10 18:52 - 2015-01-10 01:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-02-10 18:52 - 2015-01-10 01:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-02-10 18:52 - 2015-01-10 01:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-02-10 18:52 - 2015-01-10 01:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-02-10 18:52 - 2015-01-10 01:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-02-10 18:52 - 2015-01-10 01:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-02-10 18:52 - 2015-01-10 01:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-02-10 18:52 - 2015-01-10 01:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-10 18:52 - 2015-01-10 01:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-02-10 18:52 - 2015-01-10 01:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-02-10 18:52 - 2015-01-10 01:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-02-10 18:52 - 2015-01-10 01:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-02-10 18:51 - 2015-01-12 22:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-10 18:51 - 2015-01-12 21:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-10 18:51 - 2014-11-25 22:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-10 18:51 - 2014-11-25 22:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-10 18:45 - 2014-12-07 22:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-10 18:45 - 2014-12-07 21:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-10 18:40 - 2015-01-14 01:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-10 18:40 - 2015-01-14 01:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-02-10 18:40 - 2015-01-14 01:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-02-10 18:40 - 2015-01-14 01:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-02-10 18:40 - 2015-01-14 00:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-02-10 18:40 - 2015-01-14 00:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-02-10 18:40 - 2015-01-14 00:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-02-10 18:39 - 2015-01-08 21:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-06 17:41 - 2015-02-06 17:41 - 01055936 _____ (Adobe) C:\Users\EJC\Downloads\install_flashplayer16x32_mssd_aaa_aih.exe
2015-01-30 19:08 - 2015-01-30 19:08 - 00001695 _____ () C:\quotes.csv
2015-01-30 17:36 - 2015-01-30 17:36 - 00023760 _____ (Dell Computer Corporation) C:\Windows\system32\Drivers\DDDriver64Dcsa.sys
2015-01-30 17:36 - 2015-01-30 17:36 - 00023312 _____ (Dell Computer Corporation) C:\Windows\system32\Drivers\DellProf.sys
2015-01-27 19:14 - 2015-01-27 19:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-23 23:14 - 2015-01-23 23:14 - 00001174 _____ () C:\Users\EJC\Downloads\Cash Flow Planning_ Leveraging the Capabilities of Profilesâ„¢.ics
2015-01-23 17:39 - 2015-01-23 17:40 - 05135288 _____ (Piriform Ltd) C:\Users\EJC\Downloads\spsetup128.exe
2015-01-20 19:41 - 2015-02-11 00:47 - 00009284 _____ () C:\Windows\PFRO.log
2015-01-16 19:24 - 2015-01-16 19:24 - 00093861 _____ () C:\Users\EJC\Documents\securedoc.html

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-14 11:12 - 2014-02-24 12:44 - 01194733 _____ () C:\Windows\WindowsUpdate.log
2015-02-14 00:47 - 2009-07-13 23:45 - 00031312 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-14 00:47 - 2009-07-13 23:45 - 00031312 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-14 00:39 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\registration
2015-02-14 00:38 - 2015-01-14 01:15 - 00000784 _____ () C:\Windows\setupact.log
2015-02-14 00:38 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-14 00:28 - 2014-03-26 11:50 - 00000000 ___RD () C:\Users\EJC\Virtual Machines
2015-02-14 00:15 - 2014-03-25 21:46 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-13 19:34 - 2014-03-25 18:23 - 00000000 ____D () C:\Users\EJC\AppData\Local\CutePDF Writer
2015-02-13 18:37 - 2014-03-27 18:20 - 00002294 ____H () C:\Users\EJC\Documents\Default.rdp
2015-02-12 20:16 - 2014-03-31 11:17 - 00000000 ____D () C:\ProgramData\PCDr
2015-02-11 21:53 - 2014-03-25 23:21 - 00000000 ____D () C:\Users\EJC\AppData\Local\Deployment
2015-02-11 21:09 - 2009-07-13 22:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-02-11 21:03 - 2014-02-24 12:59 - 00000000 ____D () C:\Program Files\Dell
2015-02-11 21:02 - 2014-02-24 12:47 - 00000000 ____D () C:\Program Files (x86)\Dell
2015-02-11 20:45 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-02-11 20:16 - 2014-02-24 12:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2015-02-11 00:46 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\tracing
2015-02-11 00:43 - 2014-03-26 10:27 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2015-02-11 00:22 - 2015-01-14 01:15 - 00442384 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-11 00:19 - 2014-12-09 20:43 - 00000000 ____D () C:\Windows\system32\appraiser
2015-02-11 00:19 - 2014-04-29 19:25 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-02-11 00:19 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-02-11 00:17 - 2014-03-25 15:22 - 00002155 _____ () C:\Windows\epplauncher.mif
2015-02-11 00:17 - 2014-03-25 15:22 - 00002119 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2015-02-11 00:16 - 2014-03-25 15:22 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2015-02-11 00:16 - 2014-03-25 15:22 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2015-02-11 00:16 - 2014-03-25 13:08 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-11 00:13 - 2014-03-25 13:08 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-10 03:15 - 2009-07-14 00:13 - 00804902 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-06 17:51 - 2014-08-23 15:58 - 00000000 ____D () C:\Users\EJC\AppData\Local\Adobe
2015-02-06 17:51 - 2014-02-24 12:43 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-06 17:51 - 2014-02-24 12:43 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-04 23:56 - 2014-03-26 12:21 - 00000000 ____D () C:\Users\EJC\AppData\Local\CrashDumps
2015-02-04 21:25 - 2014-04-11 20:23 - 00000000 ____D () C:\Users\EJC\Desktop\USB Drive
2015-02-02 02:08 - 2014-08-14 23:18 - 00000000 ____D () C:\Users\EJC\Desktop\Quicken Backups
2015-01-30 22:44 - 2014-12-25 23:28 - 00004956 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for EJC-PC-EJC EJC-PC
2015-01-30 19:08 - 2014-09-30 20:33 - 00000000 ____D () C:\Quotes
2015-01-27 19:50 - 2014-04-30 22:34 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-23 17:41 - 2014-03-25 18:25 - 00000000 ____D () C:\Program Files\Speccy
2015-01-20 20:04 - 2014-03-25 21:59 - 00000000 ____D () C:\ProgramData\Oracle
2015-01-20 20:03 - 2014-10-15 20:17 - 00272296 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2015-01-20 20:03 - 2014-10-15 20:17 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2015-01-20 20:03 - 2014-10-15 20:17 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2015-01-20 20:03 - 2014-10-15 20:17 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-01-20 20:03 - 2014-03-25 21:59 - 00000000 ____D () C:\Program Files (x86)\Java
2015-01-20 19:40 - 2014-08-09 19:44 - 00000000 ____D () C:\Users\EJC\Documents\Financial

==================== Files in the root of some directories =======

2014-03-30 23:13 - 2014-05-12 23:01 - 0007610 _____ () C:\Users\EJC\AppData\Local\resmon.resmoncfg
2014-07-28 18:13 - 2014-12-30 19:00 - 0000614 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc

Some content of TEMP:
====================
C:\Users\EJC\AppData\Local\Temp\speccycpuid.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-02-05 21:40

==================== End Of Log ============================

#4
joseph456

Posted 14 February 2015 - 10:51 AM

Member

Topic Starter
Member
455 posts

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-02-2015
Ran by EJC at 2015-02-14 11:36:16
Running from C:\Users\EJC\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Disabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Disabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{C49F01A6-1151-BE59-8BD2-107CD8AC3088}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
Belarc Advisor 8.4 (HKLM-x32\...\Belarc Advisor) (Version: 8.4.0.0 - Belarc Inc.)
Canon MP490 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP490_series) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)
CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version: 3.0 - Acro Software Inc.)
Dell Backup and Recovery Manager (HKLM\...\{50B4B603-A4C6-4739-AE96-6C76A0F8A388}) (Version: 1.3.1 - Dell Inc.)
Dell Client System Update (HKLM-x32\...\{04566294-A6B6-4462-9721-031073EB3694}) (Version: 1.3.0 - Dell Inc.)
Dell Custom Help (Version: 15.06.1000.0142 - Intel Corporation) Hidden
Dell Data Vault (Version: 4.1.9.0 - Dell Inc.) Hidden
Dell Digital Delivery (HKLM-x32\...\{B96348BD-6B0D-42E3-80B1-FA6718067BFE}) (Version: 2.8.1000.0 - Dell Products, LP)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Power Manager (HKLM\...\{E45D7941-F3F0-4E8E-AD55-DCE2FE0AE6D8}) (Version: 1.1.0 - Dell Inc.)
Dell Protected Workspace (HKLM-x32\...\{E2CAA395-66B3-4772-85E3-6134DBAB244E}) (Version: 2.3.15835 - Invincea, Inc.)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.0.6584.52 - Dell)
Dell SupportAssistAgent (HKLM-x32\...\{287348C8-8B47-4C36-AF28-441A3B7D8722}) (Version: 1.0.0.55844 - Dell)
Dell System Detect (HKU\S-1-5-21-1107464198-3355101354-199131294-1000\...\73f463568823ebbe) (Version: 5.14.0.9 - Dell)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.1206.101.109 - ALPS ELECTRIC CO., LTD.)
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 1.40.54 - Creative Technology Ltd)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel® Network Connections 18.5.52.1 (HKLM\...\PROSetDX) (Version: 18.5.52.1 - Intel)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3574 - Intel Corporation)
Intel® PROSet/Wireless Software for Bluetooth® Technology (HKLM\...\{DA2600C1-6BDF-4FD1-1212-148929CC1385}) (Version: 2.6.1212.0302 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.1.0.1058 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
Intel® Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.4.40 - Intel Corporation)
Intel® WiDi (HKLM\...\{62E7C369-64FF-452C-8F46-6BE9B77FF097}) (Version: 4.0.18.0 - Intel Corporation)
Intel® Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - )
Intel® PROSet/Wireless Software (HKLM-x32\...\{fae8de85-97ab-4053-a8bb-03bfc86ac533}) (Version: 15.6.1 - Intel Corporation)
iSEEK AnswerWorks English Runtime (HKLM-x32\...\{18A8E78B-9EF2-496E-B310-BCD8E4C1DAB3}) (Version: 010.000.0101 - Vantage Linguistics)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
LatencyMon 6.00 (HKLM\...\LatencyMon_is1) (Version: - Resplendence Software Projects Sp.)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 15.0.4693.1001 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.7.205.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.31211.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 35.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 en-US)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
O2Micro Flash Memory Card Windows Driver (HKLM-x32\...\InstallShield_{C834E5DF-AB21-4142-8234-0C4FA77F3A04}) (Version: 3.0.08.38 - O2Micro International LTD.)
O2Micro Flash Memory Card Windows Driver (x32 Version: 3.0.08.38 - O2Micro International LTD.) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4693.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4693.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4693.1001 - Microsoft Corporation) Hidden
PowerXpressHybrid (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Quicken 2014 (HKLM-x32\...\{0877F595-254F-45F4-991D-3F72E86B17CE}) (Version: 23.1.7.6 - Intuit)
Realtek Audio COM Components (HKLM-x32\...\{2355B503-9B11-4449-861D-1C1748B26320}) (Version: 1.0.2 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5988 - Realtek Semiconductor Corp.)
Speccy (HKLM\...\Speccy) (Version: 1.28 - Piriform)
ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.10.0051 - ST Microelectronics)
System Requirements Lab for Intel (HKLM-x32\...\{1EBDF6D2-CEA0-484C-A23E-2DDAD7FD0DD0}) (Version: 4.5.22.0 - Husdawg, LLC)
TurboTax 2013 (HKLM-x32\...\TurboTax 2013) (Version: 2013.0 - Intuit, Inc)
TurboTax 2014 (HKLM-x32\...\TurboTax 2014) (Version: 2014.0 - Intuit, Inc)
VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden
Windows XP Mode (HKLM\...\{1374CC63-B520-4f3f-98E8-E9020BF01CFF}) (Version: 1.3.7600.16423 - Microsoft Corporation)
WinPatrol (HKLM\...\{6A206A04-6BC1-411B-AA04-4E52EDEEADF2}) (Version: 32.0.2014.5 - Ruiware)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1107464198-3355101354-199131294-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)

==================== Restore Points =========================

09-01-2015 23:51:40 Windows Update
13-01-2015 23:03:30 Windows Update
17-01-2015 23:39:08 Windows Update
21-01-2015 20:18:01 Windows Update
25-01-2015 19:01:33 Windows Update
28-01-2015 20:10:11 Windows Update
01-02-2015 15:47:59 Windows Update
04-02-2015 20:15:30 Windows Update
07-02-2015 20:49:36 Windows Update
10-02-2015 23:11:37 Windows Update
11-02-2015 00:13:05 Windows Update
11-02-2015 00:45:53 Windows Update
11-02-2015 01:05:09 Windows Update
11-02-2015 21:08:29 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:34 - 2014-10-12 18:39 - 00000098 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {3302E598-3C44-4C50-AFD6-CE59DB67D138} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-12-30] (Microsoft Corporation)
Task: {3519786E-2CFE-403C-8053-B4CB6ED83B22} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {388FD264-05CF-486F-8261-63818AEBDC5E} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2015-02-03] (PC-Doctor, Inc.)
Task: {54BE04EB-C39F-4C26-989B-F5B589808E8C} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {754783B2-E06B-4167-8F23-4CEA9C5B8551} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-01-06] (Microsoft Corporation)
Task: {7C450304-8881-4463-823B-55270672DB0C} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {7DAA5CF1-1402-4BA8-A6B9-F22CC28A6F1A} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {8F06EF97-36BC-4EF3-BFEC-7F392B8E676F} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-01-13] (Microsoft Corporation)
Task: {A0DCACB2-1B0C-4FE1-8B64-16AE23AA1D2E} - System32\Tasks\Microsoft Office 15 Sync Maintenance for EJC-PC-EJC EJC-PC => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2015-01-06] (Microsoft Corporation)
Task: {AC670184-9942-47F9-A05A-7F79E0EB57E9} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-12-30] (Microsoft Corporation)
Task: {B103DF3D-4479-4757-8352-0A7AC5D7BC07} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-01-06] (Microsoft Corporation)
Task: {B496F1DD-CA98-4888-A662-D40867BE50B6} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [2015-02-03] (PC-Doctor, Inc.)
Task: {BF0DF29B-051B-40F6-B8B5-1F9BF62473CB} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe [2015-02-06] (Microsoft)
Task: {C2507473-CCE7-496D-9980-02763A3FABA0} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {C2CB26F8-E497-4ADF-A756-84F46D6188C1} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {C8C7A9C3-717C-4F10-BBF8-5F7C26E411B2} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-10-23] (Piriform Ltd)
Task: {D39638E1-C052-4CC7-8158-DC41312E417C} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {D8FED936-E4C5-42C5-8A76-A157C11AB6F3} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {FF312066-53B7-44EB-AE5E-A43309FA12E0} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: C:\Windows\Tasks\Dell SupportAssistAgent AutoUpdate.job => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe

==================== Loaded Modules (whitelisted) ==============

2015-02-11 00:36 - 2014-12-23 14:53 - 08898728 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-03-25 18:21 - 2013-10-23 13:24 - 00087600 _____ () C:\Windows\System32\cpwmon64.dll
2014-03-26 10:27 - 2014-05-20 08:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-07-09 23:32 - 2012-03-09 11:27 - 00008192 _____ () C:\Windows\SysWOW64\srvany.exe
2014-11-12 00:12 - 2014-11-12 00:12 - 00316576 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
2015-02-11 00:27 - 2015-02-11 00:32 - 01754296 _____ () C:\Program Files\Microsoft Office 15\root\office15\tmpod.dll
2014-03-26 10:27 - 2014-04-11 21:42 - 00022696 _____ () C:\Program Files\Microsoft Office 15\root\office15\lynchtmlconvpxy.dll
2014-11-12 00:12 - 2014-11-12 00:12 - 00316576 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\AppVIsvStream32.dll
2013-11-12 11:04 - 2013-11-12 11:04 - 00110088 _____ () c:\Program Files (x86)\Dell Digital Delivery\ServiceTagPlusPlus.dll
2014-07-09 23:25 - 2013-11-13 14:23 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2015-02-11 00:27 - 2015-02-11 00:32 - 01754296 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\tmpod.dll
2015-02-11 00:36 - 2015-01-06 04:36 - 01032352 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\ADDINS\UmOutlookAddin.dll
2015-02-11 00:36 - 2014-12-23 13:08 - 08898720 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\1033\GrooveIntlResource.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1107464198-3355101354-199131294-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\EJC\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: Dell Webcam Central => "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2

==================== Accounts: =============================

Administrator (S-1-5-21-1107464198-3355101354-199131294-500 - Administrator - Disabled)
EJC (S-1-5-21-1107464198-3355101354-199131294-1000 - Administrator - Enabled) => C:\Users\EJC
Guest (S-1-5-21-1107464198-3355101354-199131294-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1107464198-3355101354-199131294-1002 - Limited - Enabled)

==================== Faulty Device Manager Devices =============

Name: Integrated Webcam
Description: USB Video Device
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: usbvideo
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:
==================
Error: (02/14/2015 00:39:41 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1".Error in manifest or policy file "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" on line UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Please use sxstrace.exe for detailed diagnosis.

Error: (02/14/2015 00:39:30 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1".Error in manifest or policy file "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" on line UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Please use sxstrace.exe for detailed diagnosis.

Error: (02/14/2015 00:39:09 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/11/2015 10:13:10 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1".Error in manifest or policy file "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" on line UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Please use sxstrace.exe for detailed diagnosis.

Error: (02/11/2015 10:12:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/11/2015 10:09:43 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1".Error in manifest or policy file "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" on line UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Please use sxstrace.exe for detailed diagnosis.

Error: (02/11/2015 10:08:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/11/2015 09:53:35 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1".Error in manifest or policy file "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" on line UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Please use sxstrace.exe for detailed diagnosis.

Error: (02/11/2015 07:37:50 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1".Error in manifest or policy file "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" on line UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Please use sxstrace.exe for detailed diagnosis.

Error: (02/11/2015 07:36:36 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

System errors:
=============
Error: (02/14/2015 01:21:47 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 40.

Error: (02/14/2015 01:21:47 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 40.

Error: (02/14/2015 01:13:46 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 40.

Error: (02/14/2015 01:13:46 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 40.

Error: (02/14/2015 01:06:55 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 40.

Error: (02/14/2015 01:06:55 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 40.

Error: (02/14/2015 00:48:41 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for FailureCommand with the following error:
%%5

Error: (02/14/2015 00:48:39 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for Start with the following error:
%%5

Error: (02/14/2015 00:39:44 AM) (Source: Microsoft Antimalware) (EventID: 3002) (User: )
Description: %%860 Real-Time Protection feature has encountered an error and failed.

Feature: %%886

Error Code: 0x80070005

Error description: Access is denied.

Reason: %%892

Error: (02/14/2015 00:39:43 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for Start with the following error:
%%5

Microsoft Office Sessions:
=========================
Error: (02/14/2015 00:39:41 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0"C:\Program Files\Microsoft Office 15\root\office15\lync.exe.ManifestC:\Program Files\Microsoft Office 15\root\office15\UccApi.DLL1

Error: (02/14/2015 00:39:30 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0"C:\Program Files\Microsoft Office 15\root\office15\lync.exe.ManifestC:\Program Files\Microsoft Office 15\root\office15\UccApi.DLL1

Error: (02/14/2015 00:39:09 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/11/2015 10:13:10 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0"C:\Program Files\Microsoft Office 15\root\office15\lync.exe.ManifestC:\Program Files\Microsoft Office 15\root\office15\UccApi.DLL1

Error: (02/11/2015 10:12:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/11/2015 10:09:43 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0"C:\Program Files\Microsoft Office 15\root\office15\lync.exe.ManifestC:\Program Files\Microsoft Office 15\root\office15\UccApi.DLL1

Error: (02/11/2015 10:08:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/11/2015 09:53:35 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0"C:\Program Files\Microsoft Office 15\root\office15\lync.exe.ManifestC:\Program Files\Microsoft Office 15\root\office15\UccApi.DLL1

Error: (02/11/2015 07:37:50 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0"C:\Program Files\Microsoft Office 15\root\office15\lync.exe.ManifestC:\Program Files\Microsoft Office 15\root\office15\UccApi.DLL1

Error: (02/11/2015 07:36:36 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

==================== Memory info ===========================

Processor: Intel® Core™ i7-4800MQ CPU @ 2.70GHz
Percentage of memory in use: 36%
Total physical RAM: 8097.33 MB
Available physical RAM: 5116.25 MB
Total Pagefile: 16192.85 MB
Available Pagefile: 12767.3 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:453.96 GB) (Free:300.08 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: 20C2364A)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=11.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=454 GB) - (Type=07 NTFS)

==================== End Of Log ============================

#5
joseph456

Posted 14 February 2015 - 10:52 AM

Member

Topic Starter
Member
455 posts

11:39:22.0113 0x127c TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
11:39:27.0698 0x127c ============================================================
11:39:27.0698 0x127c Current date / time: 2015/02/14 11:39:27.0698
11:39:27.0698 0x127c SystemInfo:
11:39:27.0699 0x127c
11:39:27.0699 0x127c OS Version: 6.1.7601 ServicePack: 1.0
11:39:27.0699 0x127c Product type: Workstation
11:39:27.0699 0x127c ComputerName: EJC-PC
11:39:27.0699 0x127c UserName: EJC
11:39:27.0699 0x127c Windows directory: C:\Windows
11:39:27.0699 0x127c System windows directory: C:\Windows
11:39:27.0699 0x127c Running under WOW64
11:39:27.0699 0x127c Processor architecture: Intel x64
11:39:27.0699 0x127c Number of processors: 8
11:39:27.0699 0x127c Page size: 0x1000
11:39:27.0699 0x127c Boot type: Normal boot
11:39:27.0699 0x127c ============================================================
11:39:27.0936 0x127c KLMD registered as C:\Windows\system32\drivers\73795834.sys
11:39:28.0138 0x127c System UUID: {1B0B7B18-A3A9-75B3-63AB-AA2A6E5D3F22}
11:39:28.0497 0x127c Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:39:28.0507 0x127c ============================================================
11:39:28.0507 0x127c \Device\Harddisk0\DR0:
11:39:28.0507 0x127c MBR partitions:
11:39:28.0507 0x127c \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1785000
11:39:28.0507 0x127c \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1799000, BlocksNum 0x38BEC800
11:39:28.0507 0x127c ============================================================
11:39:28.0509 0x127c C: <-> \Device\Harddisk0\DR0\Partition2
11:39:28.0509 0x127c ============================================================
11:39:28.0509 0x127c Initialize success
11:39:28.0509 0x127c ============================================================
11:40:18.0869 0x1afc ============================================================
11:40:18.0869 0x1afc Scan started
11:40:18.0869 0x1afc Mode: Manual; SigCheck; TDLFS;
11:40:18.0869 0x1afc ============================================================
11:40:18.0869 0x1afc KSN ping started
11:40:21.0757 0x1afc KSN ping finished: true
11:40:22.0543 0x1afc ================ Scan system memory ========================
11:40:22.0543 0x1afc System memory - ok
11:40:22.0544 0x1afc ================ Scan services =============================
11:40:22.0762 0x1afc [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
11:40:22.0818 0x1afc 1394ohci - ok
11:40:22.0883 0x1afc [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
11:40:22.0898 0x1afc ACPI - ok
11:40:22.0910 0x1afc [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
11:40:22.0917 0x1afc AcpiPmi - ok
11:40:22.0954 0x1afc [ 4C72FDD915D62EAEF149BD9C73AB9CF4, 8EA45A1B88DFD819F0ADA3AF36D464E1BF52574269592370E0CC8D0490680E1F ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:40:22.0979 0x1afc AdobeARMservice - ok
11:40:23.0064 0x1afc [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
11:40:23.0080 0x1afc adp94xx - ok
11:40:23.0125 0x1afc [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
11:40:23.0154 0x1afc adpahci - ok
11:40:23.0188 0x1afc [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
11:40:23.0217 0x1afc adpu320 - ok
11:40:23.0233 0x1afc [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
11:40:23.0253 0x1afc AeLookupSvc - ok
11:40:23.0339 0x1afc [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
11:40:23.0352 0x1afc AFD - ok
11:40:23.0356 0x1afc [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
11:40:23.0362 0x1afc agp440 - ok
11:40:23.0365 0x1afc [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
11:40:23.0373 0x1afc ALG - ok
11:40:23.0395 0x1afc [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
11:40:23.0407 0x1afc aliide - ok
11:40:23.0448 0x1afc [ 652F9EBA0766207CB0B9477E25B5B08F, ABCA8DCD3CF4D3068CAA680C0AAC107848AA81805E42C90A39279E319E562F5E ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
11:40:23.0467 0x1afc AMD External Events Utility - ok
11:40:23.0491 0x1afc [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
11:40:23.0511 0x1afc amdide - ok
11:40:23.0537 0x1afc [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
11:40:23.0545 0x1afc AmdK8 - ok
11:40:23.0873 0x1afc [ 285118981EA17669264A5E4B0190AA9A, A077B4FF5BED35BF5045239188BD26288116FD750C6781BE59A1736822FC8AC4 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
11:40:24.0039 0x1afc amdkmdag - ok
11:40:24.0148 0x1afc [ D6A60E1F6B4B02F2E6107B5A169D9F54, A20A2F539F11B794A2025244A9B9B9428C2489E3C0F910503478A530D4F4E309 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
11:40:24.0163 0x1afc amdkmdap - ok
11:40:24.0190 0x1afc [ 2D01D8CC6221A75EDB8CFABBBBA879DD, CEA1671B57CBE95470A26EE68382C9383041ECC93C720F120CAD1E7382B90F98 ] amdkmpfd        C:\Windows\system32\DRIVERS\amdkmpfd.sys
11:40:24.0239 0x1afc amdkmpfd - ok
11:40:24.0242 0x1afc [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
11:40:24.0250 0x1afc AmdPPM - ok
11:40:24.0265 0x1afc [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
11:40:24.0272 0x1afc amdsata - ok
11:40:24.0290 0x1afc [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
11:40:24.0298 0x1afc amdsbs - ok
11:40:24.0300 0x1afc [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
11:40:24.0306 0x1afc amdxata - ok
11:40:24.0389 0x1afc [ 02C7FFB7791AC5B0A2A5EBA5E01F18CA, FE07FC0417F7BC7A5F36A14FC717C17EA12236C400D51A0B3165CF604AEFFFBF ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
11:40:24.0401 0x1afc ApfiltrService - ok
11:40:24.0447 0x1afc [ 39E327BC1E1FB314E1C3960B68A25DF5, 1C508FB786C7CC16A8C90312EC184A137D3C54B1E9AD3D8D072E40D2AFCF1C24 ] ApHidMonitorService C:\Program Files\DellTPad\HidMonitorSvc.exe
11:40:24.0463 0x1afc ApHidMonitorService - ok
11:40:24.0493 0x1afc [ 80B9412C4DE09147581FC935FB4C97AB, 0C9661F7B5EF7F9D61981790B7AB64E3375BD117962166619D0CC546A2D014D3 ] AppID           C:\Windows\system32\drivers\appid.sys
11:40:24.0519 0x1afc AppID - ok
11:40:24.0527 0x1afc [ F71CA01C24FC3798A717B5A6F682F9AD, 8CF1C209E7BBBAD02D6D087293C0B681CDA3170AF119CA2916C2708D8801E749 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
11:40:24.0542 0x1afc AppIDSvc - ok
11:40:24.0560 0x1afc [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
11:40:24.0567 0x1afc Appinfo - ok
11:40:24.0592 0x1afc [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
11:40:24.0608 0x1afc AppMgmt - ok
11:40:24.0628 0x1afc [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
11:40:24.0653 0x1afc arc - ok
11:40:24.0668 0x1afc [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
11:40:24.0675 0x1afc arcsas - ok
11:40:25.0155 0x1afc [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
11:40:25.0163 0x1afc aspnet_state - ok
11:40:25.0165 0x1afc [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
11:40:25.0183 0x1afc AsyncMac - ok
11:40:25.0202 0x1afc [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
11:40:25.0208 0x1afc atapi - ok
11:40:25.0325 0x1afc [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:40:25.0358 0x1afc AudioEndpointBuilder - ok
11:40:25.0440 0x1afc [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv        C:\Windows\System32\Audiosrv.dll
11:40:25.0456 0x1afc AudioSrv - ok
11:40:25.0477 0x1afc [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
11:40:25.0488 0x1afc AxInstSV - ok
11:40:25.0510 0x1afc [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
11:40:25.0523 0x1afc b06bdrv - ok
11:40:25.0584 0x1afc [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
11:40:25.0614 0x1afc b57nd60a - ok
11:40:25.0629 0x1afc [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
11:40:25.0637 0x1afc BDESVC - ok
11:40:25.0665 0x1afc [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
11:40:25.0716 0x1afc Beep - ok
11:40:25.0769 0x1afc [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
11:40:25.0785 0x1afc BFE - ok
11:40:25.0820 0x1afc [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
11:40:25.0849 0x1afc BITS - ok
11:40:25.0874 0x1afc [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
11:40:25.0880 0x1afc blbdrive - ok
11:40:25.0984 0x1afc [ 5062D6889EFA23AC95B0D57E1F86B44B, 796E0D13C56F521F54BAF34CE3BF40BE19EC3575F586EC1D64704EE4D594A2EA ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
11:40:26.0004 0x1afc Bluetooth Device Monitor - ok
11:40:26.0131 0x1afc [ F4A77AEE1EE6D1C11DBCC1E989D5F21C, 6982B93336E6012112E2D427344784023109A9BD42BE659569BCC522ED8421E5 ] Bluetooth Media Service C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
11:40:26.0154 0x1afc Bluetooth Media Service - ok
11:40:26.0311 0x1afc [ 4067CC51F03D27E4C0D5F121D242372C, CAFD179371B16E2C89392E1C8A183EACC822833C19A20C629C83B1BF0B99286A ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
11:40:26.0331 0x1afc Bluetooth OBEX Service - ok
11:40:26.0375 0x1afc [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
11:40:26.0399 0x1afc bowser - ok
11:40:26.0413 0x1afc [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
11:40:26.0420 0x1afc BrFiltLo - ok
11:40:26.0435 0x1afc [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
11:40:26.0460 0x1afc BrFiltUp - ok
11:40:26.0484 0x1afc [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
11:40:26.0501 0x1afc Browser - ok
11:40:26.0561 0x1afc [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
11:40:26.0584 0x1afc Brserid - ok
11:40:26.0587 0x1afc [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
11:40:26.0595 0x1afc BrSerWdm - ok
11:40:26.0603 0x1afc [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
11:40:26.0610 0x1afc BrUsbMdm - ok
11:40:26.0617 0x1afc [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
11:40:26.0623 0x1afc BrUsbSer - ok
11:40:26.0653 0x1afc [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\DRIVERS\BthEnum.sys
11:40:26.0677 0x1afc BthEnum - ok
11:40:26.0694 0x1afc [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
11:40:26.0707 0x1afc BTHMODEM - ok
11:40:26.0743 0x1afc [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
11:40:26.0764 0x1afc BthPan - ok
11:40:26.0854 0x1afc [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
11:40:26.0880 0x1afc BTHPORT - ok
11:40:26.0892 0x1afc [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
11:40:26.0911 0x1afc bthserv - ok
11:40:26.0924 0x1afc [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
11:40:26.0930 0x1afc BTHUSB - ok
11:40:26.0959 0x1afc [ 49E91B6E57D0BD0CC590471C276757BC, B4CAEFAD684BABC269C7AE93FCD0CC3B837747FDC9C987A051DF64ACCADA2DB3 ] btmaux          C:\Windows\system32\DRIVERS\btmaux.sys
11:40:26.0965 0x1afc btmaux - ok
11:40:27.0053 0x1afc [ 4737C8492F4F14D6F109DD231D566536, EB313933A58E6BE04F847D11F7457F82CC0A0FB4EF17F16AE5A19B9014D33A25 ] btmhsf          C:\Windows\system32\DRIVERS\btmhsf.sys
11:40:27.0079 0x1afc btmhsf - ok
11:40:27.0104 0x1afc [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
11:40:27.0123 0x1afc cdfs - ok
11:40:27.0134 0x1afc [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
11:40:27.0142 0x1afc cdrom - ok
11:40:27.0188 0x1afc [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
11:40:27.0223 0x1afc CertPropSvc - ok
11:40:27.0241 0x1afc [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
11:40:27.0248 0x1afc circlass - ok
11:40:27.0271 0x1afc [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
11:40:27.0281 0x1afc CLFS - ok
11:40:27.0561 0x1afc [ 399F2E92269D4559F1A813624DD78496, 731606646390D2B279B2A51C8AE0E38E5CDE271CDA7D00061186EBBC3E37A72E ] ClickToRunSvc   C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
11:40:27.0604 0x1afc ClickToRunSvc - ok
11:40:27.0701 0x1afc [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:40:27.0725 0x1afc clr_optimization_v2.0.50727_32 - ok
11:40:27.0767 0x1afc [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:40:27.0783 0x1afc clr_optimization_v2.0.50727_64 - ok
11:40:27.0887 0x1afc [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:40:27.0930 0x1afc clr_optimization_v4.0.30319_32 - ok
11:40:27.0948 0x1afc [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:40:28.0112 0x1afc clr_optimization_v4.0.30319_64 - ok
11:40:28.0141 0x1afc [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
11:40:28.0164 0x1afc CmBatt - ok
11:40:28.0184 0x1afc [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
11:40:28.0190 0x1afc cmdide - ok
11:40:28.0242 0x1afc [ E45CDE1C8340DFEDF1D6724263F39E5B, 8B8091D0A8FF08170F34DA01A4201DAE7C3D026226BC77B5C2EC67657C670168 ] CNG             C:\Windows\system32\Drivers\cng.sys
11:40:28.0269 0x1afc CNG - ok
11:40:28.0300 0x1afc [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
11:40:28.0305 0x1afc Compbatt - ok
11:40:28.0350 0x1afc [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
11:40:28.0379 0x1afc CompositeBus - ok
11:40:28.0381 0x1afc COMSysApp - ok
11:40:28.0511 0x1afc [ 9B91E372C494ED0E2CEC9A6478605A5D, 0B806C84B231A5586DA36180AD1D81E1CDC3CA7585954E139E9535F3DCF2F3E0 ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
11:40:28.0533 0x1afc cphs - ok
11:40:28.0589 0x1afc [ 3CA734CE373E5675FBC15CA2C45228E5, A6C6E9FABDE5EA18D266DB71C0CC6B51D682116D1898CCB4E9BA730F15C44B32 ] cpudrv64        C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys
11:40:28.0609 0x1afc cpudrv64 - ok
11:40:28.0696 0x1afc cpuz138 - ok
11:40:28.0718 0x1afc [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
11:40:28.0739 0x1afc crcdisk - ok
11:40:28.0787 0x1afc [ 19D511CC455C19DE1ADF60E6C39C85B6, 2A05DD5EF3D0BEC2C9F4EA186E0E2D0F7BE0BF6A473D51194B09D33773AC7FAA ] CryptSvc        C:\Windows\system32\cryptsvc.dll
11:40:28.0805 0x1afc CryptSvc - ok
11:40:28.0856 0x1afc [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
11:40:28.0871 0x1afc CSC - ok
11:40:28.0930 0x1afc [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
11:40:28.0960 0x1afc CscService - ok
11:40:29.0066 0x1afc [ 58CB536DA016641C9D24D183197F6DBF, 59B2EB716CCD45928517FF6254D95609BE5C3E40E08FC9EFEF88104DF91363C9 ] CtClsFlt        C:\Windows\system32\DRIVERS\CtClsFlt.sys
11:40:29.0095 0x1afc CtClsFlt - ok
11:40:29.0135 0x1afc [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
11:40:29.0178 0x1afc DcomLaunch - ok
11:40:29.0255 0x1afc [ B56714DED87E29377F1EE930691DADA2, B3C3BC4F546A786A93823C1471D560BF678A9C95237065E3B99B2B80E6C28131 ] DDDriver        C:\Windows\system32\drivers\DDDriver64Dcsa.sys
11:40:29.0274 0x1afc DDDriver - ok
11:40:29.0333 0x1afc [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
11:40:29.0360 0x1afc defragsvc - ok
11:40:29.0375 0x1afc Dell.PowerManager.Service - ok
11:40:29.0657 0x1afc [ DDA98A21AD91FA7D62CBCBE1DE0DD196, C76EC184DCE75F1AEC4893D0A36D1694AC1CFDECDC89192F9C84D02F029E3682 ] DellDataVault   C:\Program Files\Dell\DellDataVault\DellDataVault.exe
11:40:29.0696 0x1afc DellDataVault - ok
11:40:29.0779 0x1afc [ 86ADAD5F1BBA70952114AA2DC0117307, FB3417DF36DED5AD994B1EC2B6E68B1861DE2B1D179484563FAA7EB4E0133063 ] DellDataVaultWiz C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
11:40:29.0794 0x1afc DellDataVaultWiz - ok
11:40:29.0815 0x1afc [ 1B25FE6480DD129E2B94A069BC803912, 3A5767D5ADA3CCFD7BDB02515B8CFCEBB1D66D73BF1A6220F35A23C10C80F40E ] DellDigitalDelivery c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
11:40:29.0833 0x1afc DellDigitalDelivery - ok
11:40:29.0881 0x1afc [ 66C87079CFCB61B650086802693114E0, B1EE411DF69BB98D5D9FA2D88C4C9FE1E4877FD8BBF572C3F444C90576ED0724 ] DellProf        C:\Windows\system32\drivers\DellProf.sys
11:40:29.0899 0x1afc DellProf - ok
11:40:29.0910 0x1afc [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
11:40:29.0930 0x1afc DfsC - ok
11:40:29.0937 0x1afc [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
11:40:29.0947 0x1afc Dhcp - ok
11:40:29.0965 0x1afc [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
11:40:29.0983 0x1afc discache - ok
11:40:30.0001 0x1afc [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
11:40:30.0007 0x1afc Disk - ok
11:40:30.0018 0x1afc [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
11:40:30.0025 0x1afc dmvsc - ok
11:40:30.0047 0x1afc [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
11:40:30.0057 0x1afc Dnscache - ok
11:40:30.0077 0x1afc [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
11:40:30.0099 0x1afc dot3svc - ok
11:40:30.0142 0x1afc [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
11:40:30.0186 0x1afc DPS - ok
11:40:30.0200 0x1afc [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
11:40:30.0205 0x1afc drmkaud - ok
11:40:30.0335 0x1afc [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
11:40:30.0354 0x1afc DXGKrnl - ok
11:40:30.0443 0x1afc [ F5720B45C421F96D0D8B59799F7E3A75, BCFCC7FE451E1F3983BC3A614CF0422449EC36BC9E977827D618D09AE55D4FC3 ] e1dexpress      C:\Windows\system32\DRIVERS\e1d62x64.sys
11:40:30.0458 0x1afc e1dexpress - ok
11:40:30.0482 0x1afc [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
11:40:30.0501 0x1afc EapHost - ok
11:40:30.0778 0x1afc [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
11:40:30.0829 0x1afc ebdrv - ok
11:40:30.0918 0x1afc [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] EFS             C:\Windows\System32\lsass.exe
11:40:30.0943 0x1afc EFS - ok
11:40:31.0049 0x1afc [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
11:40:31.0065 0x1afc ehRecvr - ok
11:40:31.0069 0x1afc [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
11:40:31.0077 0x1afc ehSched - ok
11:40:31.0099 0x1afc [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
11:40:31.0111 0x1afc elxstor - ok
11:40:31.0124 0x1afc [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
11:40:31.0129 0x1afc ErrDev - ok
11:40:31.0140 0x1afc [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
11:40:31.0163 0x1afc EventSystem - ok
11:40:31.0320 0x1afc [ 00B132F23AA25DEF2060D490B0AB70EF, AAE3BA09C2201EA27D3DB761B3D3E8A3EE80A14B451B743F4DF1281D87166857 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
11:40:31.0333 0x1afc EvtEng - ok
11:40:31.0374 0x1afc [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
11:40:31.0419 0x1afc exfat - ok
11:40:31.0425 0x1afc [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
11:40:31.0445 0x1afc fastfat - ok
11:40:31.0471 0x1afc [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
11:40:31.0486 0x1afc Fax - ok
11:40:31.0510 0x1afc [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
11:40:31.0516 0x1afc fdc - ok
11:40:31.0524 0x1afc [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
11:40:31.0544 0x1afc fdPHost - ok
11:40:31.0558 0x1afc [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
11:40:31.0577 0x1afc FDResPub - ok
11:40:31.0588 0x1afc [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
11:40:31.0594 0x1afc FileInfo - ok
11:40:31.0610 0x1afc [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
11:40:31.0630 0x1afc Filetrace - ok
11:40:31.0639 0x1afc [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
11:40:31.0647 0x1afc flpydisk - ok
11:40:31.0676 0x1afc [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
11:40:31.0701 0x1afc FltMgr - ok
11:40:31.0805 0x1afc [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
11:40:31.0827 0x1afc FontCache - ok
11:40:31.0839 0x1afc [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:40:31.0844 0x1afc FontCache3.0.0.0 - ok
11:40:31.0862 0x1afc [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
11:40:31.0885 0x1afc FsDepends - ok
11:40:31.0891 0x1afc [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
11:40:31.0896 0x1afc Fs_Rec - ok
11:40:31.0938 0x1afc [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
11:40:31.0956 0x1afc fvevol - ok
11:40:31.0960 0x1afc [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
11:40:31.0966 0x1afc gagp30kx - ok
11:40:31.0994 0x1afc [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
11:40:32.0022 0x1afc gpsvc - ok
11:40:32.0025 0x1afc [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
11:40:32.0031 0x1afc hcw85cir - ok
11:40:32.0057 0x1afc [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:40:32.0068 0x1afc HdAudAddService - ok
11:40:32.0099 0x1afc [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
11:40:32.0130 0x1afc HDAudBus - ok
11:40:32.0148 0x1afc [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
11:40:32.0155 0x1afc HidBatt - ok
11:40:32.0172 0x1afc [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
11:40:32.0194 0x1afc HidBth - ok
11:40:32.0203 0x1afc [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
11:40:32.0213 0x1afc HidIr - ok
11:40:32.0228 0x1afc [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
11:40:32.0248 0x1afc hidserv - ok
11:40:32.0277 0x1afc [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
11:40:32.0294 0x1afc HidUsb - ok
11:40:32.0309 0x1afc [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
11:40:32.0328 0x1afc hkmsvc - ok
11:40:32.0348 0x1afc [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:40:32.0357 0x1afc HomeGroupListener - ok
11:40:32.0376 0x1afc [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:40:32.0385 0x1afc HomeGroupProvider - ok
11:40:32.0400 0x1afc [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
11:40:32.0407 0x1afc HpSAMD - ok
11:40:32.0463 0x1afc [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
11:40:32.0492 0x1afc HTTP - ok
11:40:32.0505 0x1afc [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
11:40:32.0510 0x1afc hwpolicy - ok
11:40:32.0563 0x1afc [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
11:40:32.0583 0x1afc i8042prt - ok
11:40:32.0672 0x1afc [ 71341219FBB4BAB7F2462C4267DAB594, 0C6B684781D27F423D20186A40D7513DD6ABC38AD286D013791B37CBF5477A55 ] iaStorA         C:\Windows\system32\drivers\iaStorA.sys
11:40:32.0687 0x1afc iaStorA - ok
11:40:32.0723 0x1afc [ D524B034148F14C60F1CA66D267EE56A, 18045270C5CA718501285EE05EDED8B0EF998A881ACF19D9602F91A2A30E40AB ] IAStorDataMgrSvc C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
11:40:32.0728 0x1afc IAStorDataMgrSvc - ok
11:40:32.0748 0x1afc [ B9D5AE799CB622C144AE5399C55EF29B, 5C2858590436EEDDE029C5448AEC3ACBB1C0FCED23F305302BAF831C6EC1654A ] iaStorF         C:\Windows\system32\drivers\iaStorF.sys
11:40:32.0762 0x1afc iaStorF - ok
11:40:32.0786 0x1afc [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
11:40:32.0797 0x1afc iaStorV - ok
11:40:32.0816 0x1afc [ C430482AC892D52CED021EDDD4D368A2, C54C12EAC14F40BE3E7D7159F8876A664D00CA928000E25306071D28B52EA33A ] ibtfltcoex      C:\Windows\system32\DRIVERS\iBtFltCoex.sys
11:40:32.0822 0x1afc ibtfltcoex - ok
11:40:32.0942 0x1afc [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:40:32.0958 0x1afc idsvc - ok
11:40:32.0977 0x1afc IEEtwCollectorService - ok
11:40:33.0121 0x1afc [ 623DB9620F552B480690AD882AFACED1, F44039122CF6001CB40A4032D3C108D9A83F06FC700A5B47D83EF605F83C9D2F ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
11:40:33.0181 0x1afc igfx - ok
11:40:33.0324 0x1afc [ 8283E1A55FF84ECAA4371890C6B83778, 2F932E554691877AEEA269A527ED451A205DBEDC1BB344A1AA3AE03F2D22FC70 ] igfxCUIService1.0.0.0 C:\Windows\system32\igfxCUIService.exe
11:40:33.0338 0x1afc igfxCUIService1.0.0.0 - ok
11:40:33.0357 0x1afc [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
11:40:33.0363 0x1afc iirsp - ok
11:40:33.0419 0x1afc [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
11:40:33.0437 0x1afc IKEEXT - ok
11:40:33.0455 0x1afc [ 314285071F7117263BD246E35C17FD82, 12E135DAB9D717D697026800C97FB58A64C0C37ACE715C2805A411A5384CB55A ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
11:40:33.0460 0x1afc intaud_WaveExtensible - ok
11:40:33.0587 0x1afc [ CCB47A176CC6D8B6A092695A0D929A95, F32BF742F9B385EE3175EEEAD057FFC49A41E9D994BB9EED192C36511D52F36D ] IntcAzAudAddService C:\Windows\system32\drivers\RTDVHD64.sys
11:40:33.0622 0x1afc IntcAzAudAddService - ok
11:40:33.0695 0x1afc [ 890144FA6AB42F2B54EE633BF96A019A, 8741904C66170BA11C78D31681E3759537C0BF2338538678BC64234DB8FDE93F ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
11:40:33.0724 0x1afc IntcDAud - ok
11:40:33.0748 0x1afc [ DAE6C3099D291EED8922A65C29ABCF52, AD0A932345382824122F84AF97A8609BAE1B916A3B9FD608779A1411E37D3643 ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
11:40:33.0761 0x1afc Intel® Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 )
11:40:37.0062 0x1afc Detect skipped due to KSN trusted
11:40:37.0062 0x1afc Intel® Capability Licensing Service Interface - ok
11:40:37.0172 0x1afc [ D45226E3E7A25F1E7CE8DF8FD0A2A098, 7BD74E9E3CB0A83D26BA3FD8177C6B9BA46A8695B6569CF7887FDC87947DA2D6 ] Intel® Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
11:40:37.0188 0x1afc Intel® Capability Licensing Service TCP IP Interface - ok
11:40:37.0221 0x1afc [ CBF7341E55A8348C7AB01A9870C7D948, A5084DF3C6321788C88A9E6B5F43FE5BCFDBB579BDE3A4D5F55558C6D13035A5 ] Intel® PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe
11:40:37.0228 0x1afc Intel® PROSet Monitoring Service - ok
11:40:37.0244 0x1afc [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
11:40:37.0250 0x1afc intelide - ok
11:40:37.0275 0x1afc [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
11:40:37.0296 0x1afc intelppm - ok
11:40:37.0342 0x1afc [ D46E04D83A3E174A98DC90FE23AB08DE, 0285B4A311645D292A26B276511877B46A42526BDBFBC12E3BD876A74F074720 ] IntuitUpdateServiceV4 C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
11:40:37.0360 0x1afc IntuitUpdateServiceV4 - ok
11:40:37.0401 0x1afc [ C4E9E2CB3B18739BBCF4C45FA106456B, 44986A5C135A89781275D945948B731D0C3F984F54E4E3BB14D6D0F96C49A38B ] InvProtectDrv   C:\Program Files (x86)\Invincea\Enterprise\X64\InvProtectDrv64.sys
11:40:37.0422 0x1afc InvProtectDrv - ok
11:40:37.0550 0x1afc [ 98632FFC351BA6759CC1C03EF240A758, D7140B4FA0E1D9478C60A3EC123BC1622A0BBB2077FB3DD708881ADF763B0E98 ] InvProtectSvc   C:\Program Files (x86)\Invincea\Enterprise\X64\InvProtectSvc64.exe
11:40:37.0595 0x1afc InvProtectSvc - ok
11:40:37.0602 0x1afc [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
11:40:37.0621 0x1afc IPBusEnum - ok
11:40:37.0639 0x1afc [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:40:37.0657 0x1afc IpFilterDriver - ok
11:40:37.0684 0x1afc [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
11:40:37.0698 0x1afc iphlpsvc - ok
11:40:37.0715 0x1afc [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
11:40:37.0722 0x1afc IPMIDRV - ok
11:40:37.0726 0x1afc [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
11:40:37.0745 0x1afc IPNAT - ok
11:40:37.0756 0x1afc [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
11:40:37.0764 0x1afc IRENUM - ok
11:40:37.0780 0x1afc [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
11:40:37.0785 0x1afc isapnp - ok
11:40:37.0819 0x1afc [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
11:40:37.0836 0x1afc iScsiPrt - ok
11:40:37.0991 0x1afc [ 5C9B001D8970C2DA36254A916F3DA8F7, 625AC5C3DFAE52BD34EC3F93742D1D2C229785E4F0F3484CFB7B8728A1C830DF ] iumsvc          C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe
11:40:38.0012 0x1afc iumsvc - ok
11:40:38.0029 0x1afc [ 83E5C169258459BC8D069C08106E6779, 1D5441EA2779CFC5A93A1372A7C34CD968A75D58A71107858468A1640721F47E ] iusb3hcs        C:\Windows\system32\DRIVERS\iusb3hcs.sys
11:40:38.0035 0x1afc iusb3hcs - ok
11:40:38.0102 0x1afc [ A858FEA618433EA053858F4C63A411EA, A194E8C07332847ABC09CC55ABB3D4AA9FEC29F053A3025FCAC7841AFE5F21F2 ] iusb3hub        C:\Windows\system32\DRIVERS\iusb3hub.sys
11:40:38.0132 0x1afc iusb3hub - ok
11:40:38.0400 0x1afc [ C77F6D488C5F4A7AB4357895BD6EC1FF, EED9B5A71E2C58E15482F36218815E9D9C091F9CEC43D1FD9E90BCAD6A8DB216 ] iusb3xhc        C:\Windows\system32\DRIVERS\iusb3xhc.sys
11:40:38.0416 0x1afc iusb3xhc - ok
11:40:38.0436 0x1afc [ 4487AD9C070D3973FE28AB4406555FC6, 77D8DE3036613618D44D7E5E47C9C754B8F0FF294D9DD778C92A7AFDA8F778FC ] iwdbus          C:\Windows\system32\DRIVERS\iwdbus.sys
11:40:38.0440 0x1afc iwdbus - ok
11:40:38.0488 0x1afc [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service     C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
11:40:38.0516 0x1afc jhi_service - ok
11:40:38.0539 0x1afc [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
11:40:38.0546 0x1afc kbdclass - ok
11:40:38.0561 0x1afc [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
11:40:38.0581 0x1afc kbdhid - ok
11:40:38.0595 0x1afc [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] KeyIso          C:\Windows\system32\lsass.exe
11:40:38.0603 0x1afc KeyIso - ok
11:40:38.0616 0x1afc [ C60C6B9A2E50B0404F6789C62B428C03, 0DFFAACBA038FB3D994049E7BBC8E0C63CB8B4A68C4AB770AD995B66B017C25B ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
11:40:38.0640 0x1afc KSecDD - ok
11:40:38.0660 0x1afc [ 78D152A9FD5747FF6AA89C79F0346F62, 69138077E84E5324751E3C8B80D05BE58EDF03CEC84F69B734537F10F6998F3B ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
11:40:38.0667 0x1afc KSecPkg - ok
11:40:38.0693 0x1afc [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
11:40:38.0736 0x1afc ksthunk - ok
11:40:38.0755 0x1afc [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
11:40:38.0779 0x1afc KtmRm - ok
11:40:38.0808 0x1afc [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
11:40:38.0830 0x1afc LanmanServer - ok
11:40:38.0841 0x1afc [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:40:38.0861 0x1afc LanmanWorkstation - ok
11:40:38.0882 0x1afc [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
11:40:38.0901 0x1afc lltdio - ok
11:40:38.0925 0x1afc [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
11:40:38.0953 0x1afc lltdsvc - ok
11:40:38.0969 0x1afc [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
11:40:38.0987 0x1afc lmhosts - ok
11:40:39.0028 0x1afc [ 08E2B577DB95156F9A658C988EE71F5D, D229FFD97EE9478169D2418A722FD2AD6AD10108FF1B0156BE9A1ADF38B5633A ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
11:40:39.0061 0x1afc LMS - ok
11:40:39.0080 0x1afc [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
11:40:39.0087 0x1afc LSI_FC - ok
11:40:39.0097 0x1afc [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
11:40:39.0104 0x1afc LSI_SAS - ok
11:40:39.0118 0x1afc [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
11:40:39.0125 0x1afc LSI_SAS2 - ok
11:40:39.0134 0x1afc [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
11:40:39.0141 0x1afc LSI_SCSI - ok
11:40:39.0159 0x1afc [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
11:40:39.0179 0x1afc luafv - ok
11:40:39.0189 0x1afc [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
11:40:39.0198 0x1afc Mcx2Svc - ok
11:40:39.0216 0x1afc [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
11:40:39.0241 0x1afc megasas - ok
11:40:39.0281 0x1afc [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
11:40:39.0290 0x1afc MegaSR - ok
11:40:39.0294 0x1afc [ E0EF6C1399A9B1AAA0B28590411BED04, 10C193D1ED434A6DC2AD8C450012B9AF1C848A0A0B3B775F13495648FB77E009 ] MEIx64          C:\Windows\system32\DRIVERS\TeeDriverx64.sys
11:40:39.0300 0x1afc MEIx64 - ok
11:40:39.0324 0x1afc [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
11:40:39.0367 0x1afc MMCSS - ok
11:40:39.0382 0x1afc [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
11:40:39.0400 0x1afc Modem - ok
11:40:39.0403 0x1afc [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
11:40:39.0410 0x1afc monitor - ok
11:40:39.0436 0x1afc [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
11:40:39.0442 0x1afc mouclass - ok
11:40:39.0458 0x1afc [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
11:40:39.0480 0x1afc mouhid - ok
11:40:39.0522 0x1afc [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
11:40:39.0542 0x1afc mountmgr - ok
11:40:39.0563 0x1afc [ 345477F02C308B7480702767218C86A2, 98AFB5CF35BD82BA44B8F52CBC5FA3760506ADD7892C2AA1A77E8DF71FC8523F ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
11:40:39.0570 0x1afc MozillaMaintenance - ok
11:40:39.0634 0x1afc [ FBA4CDA6B3B00D7A116DCC2B5C7E9790, FE909159323290555971F031E7911DCCD035B873E630A230A660C13D57719206 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
11:40:39.0663 0x1afc MpFilter - ok
11:40:39.0684 0x1afc [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
11:40:39.0691 0x1afc mpio - ok
11:40:39.0727 0x1afc [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
11:40:39.0763 0x1afc mpsdrv - ok
11:40:39.0778 0x1afc [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
11:40:39.0808 0x1afc MpsSvc - ok
11:40:39.0822 0x1afc [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
11:40:39.0829 0x1afc MRxDAV - ok
11:40:39.0858 0x1afc [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
11:40:39.0866 0x1afc mrxsmb - ok
11:40:39.0915 0x1afc [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:40:39.0935 0x1afc mrxsmb10 - ok
11:40:39.0947 0x1afc [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:40:39.0954 0x1afc mrxsmb20 - ok
11:40:39.0965 0x1afc [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
11:40:39.0971 0x1afc msahci - ok
11:40:39.0988 0x1afc [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
11:40:39.0995 0x1afc msdsm - ok
11:40:40.0000 0x1afc [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
11:40:40.0010 0x1afc MSDTC - ok
11:40:40.0014 0x1afc [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
11:40:40.0033 0x1afc Msfs - ok
11:40:40.0048 0x1afc [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
11:40:40.0066 0x1afc mshidkmdf - ok
11:40:40.0079 0x1afc [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
11:40:40.0084 0x1afc msisadrv - ok
11:40:40.0108 0x1afc [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
11:40:40.0174 0x1afc MSiSCSI - ok
11:40:40.0176 0x1afc msiserver - ok
11:40:40.0179 0x1afc [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
11:40:40.0202 0x1afc MSKSSRV - ok
11:40:40.0337 0x1afc [ F46BA4E7F4A34295B20917CD77F6CEC9, 1A91AC1AC1FBFC6922D0430D752240A91C9001373B1F84F960FDE0AC062A411A ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
11:40:40.0358 0x1afc MsMpSvc - ok
11:40:40.0372 0x1afc [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
11:40:40.0413 0x1afc MSPCLOCK - ok
11:40:40.0418 0x1afc [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
11:40:40.0436 0x1afc MSPQM - ok
11:40:40.0445 0x1afc [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
11:40:40.0456 0x1afc MsRPC - ok
11:40:40.0466 0x1afc [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
11:40:40.0471 0x1afc mssmbios - ok
11:40:40.0488 0x1afc [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
11:40:40.0508 0x1afc MSTEE - ok
11:40:40.0522 0x1afc [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
11:40:40.0529 0x1afc MTConfig - ok
11:40:40.0545 0x1afc [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
11:40:40.0551 0x1afc Mup - ok
11:40:40.0625 0x1afc [ 74E1E62819D33F176821ADC9AFF8A3E7, 99E5C85E8A49ECBBBB5D9ABCA43BC7C756126F29A3B73E74D61F9644EF19FC8B ] MyWiFiDHCPDNS   C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
11:40:40.0651 0x1afc MyWiFiDHCPDNS - ok
11:40:40.0671 0x1afc [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
11:40:40.0695 0x1afc napagent - ok
11:40:40.0734 0x1afc [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
11:40:40.0770 0x1afc NativeWifiP - ok
11:40:40.0829 0x1afc [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
11:40:40.0870 0x1afc NDIS - ok
11:40:40.0887 0x1afc [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
11:40:40.0907 0x1afc NdisCap - ok
11:40:40.0935 0x1afc [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
11:40:40.0954 0x1afc NdisTapi - ok
11:40:40.0971 0x1afc [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
11:40:40.0991 0x1afc Ndisuio - ok
11:40:41.0000 0x1afc [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
11:40:41.0021 0x1afc NdisWan - ok
11:40:41.0025 0x1afc [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
11:40:41.0044 0x1afc NDProxy - ok
11:40:41.0054 0x1afc [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
11:40:41.0073 0x1afc NetBIOS - ok
11:40:41.0084 0x1afc [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
11:40:41.0105 0x1afc NetBT - ok
11:40:41.0125 0x1afc [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] Netlogon        C:\Windows\system32\lsass.exe
11:40:41.0131 0x1afc Netlogon - ok
11:40:41.0148 0x1afc [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
11:40:41.0173 0x1afc Netman - ok
11:40:41.0663 0x1afc [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:40:41.0695 0x1afc NetMsmqActivator - ok
11:40:41.0725 0x1afc [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:40:41.0747 0x1afc NetPipeActivator - ok
11:40:41.0778 0x1afc [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
11:40:41.0815 0x1afc netprofm - ok
11:40:41.0835 0x1afc [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:40:41.0843 0x1afc NetTcpActivator - ok
11:40:41.0846 0x1afc [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:40:41.0854 0x1afc NetTcpPortSharing - ok
11:40:41.0892 0x1afc [ 73CE12B8BDD747B0063CB0A7EF44CEA7, F570BB52BE460DBA6203698CC96FFD9674E1903D0E0F5C49375BE3F8D8E89582 ] netvsc          C:\Windows\system32\DRIVERS\netvsc60.sys
11:40:41.0913 0x1afc netvsc - ok
11:40:42.0200 0x1afc [ D39BFDCB570E9019831901AB1B8B4443, 6A8E3761F211AE3C36F8BFE8247AE068B039B2CF5AE36607E6629873B0E4FFE3 ] NETwNs64        C:\Windows\system32\DRIVERS\Netwsw00.sys
11:40:42.0363 0x1afc NETwNs64 - ok
11:40:42.0390 0x1afc [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
11:40:42.0396 0x1afc nfrd960 - ok
11:40:42.0424 0x1afc [ E10B84385C3FEEF4BDE8E6A980535522, 56D9E47B76CDABE45E64C9E74DCBCC2F7C07A44519ED938BD730018C48445614 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
11:40:42.0451 0x1afc NisDrv - ok
11:40:42.0507 0x1afc [ 9BF50324444C46997C2492D505B47F2D, 42C74456C64F7D688E0911255746BD2A52A3590AED22B24F7E385760D720B8E9 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
11:40:42.0520 0x1afc NisSrv - ok
11:40:42.0563 0x1afc [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
11:40:42.0574 0x1afc NlaSvc - ok
11:40:42.0577 0x1afc [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
11:40:42.0596 0x1afc Npfs - ok
11:40:42.0606 0x1afc [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
11:40:42.0625 0x1afc nsi - ok
11:40:42.0632 0x1afc [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
11:40:42.0651 0x1afc nsiproxy - ok
11:40:42.0684 0x1afc [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
11:40:42.0718 0x1afc Ntfs - ok
11:40:42.0722 0x1afc [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
11:40:42.0739 0x1afc Null - ok
11:40:42.0756 0x1afc [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
11:40:42.0762 0x1afc nvraid - ok
11:40:42.0774 0x1afc [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
11:40:42.0782 0x1afc nvstor - ok
11:40:42.0791 0x1afc [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
11:40:42.0797 0x1afc nv_agp - ok
11:40:42.0859 0x1afc [ 59E028ED21D8C9F26DC9A5A110A90A9B, 8C2E825C372E962564A15922C259B9B83F3D3D720AD7489A2B0DEFF577AF3C2E ] O2FJ2RDR        C:\Windows\system32\DRIVERS\O2FJ2w7x64.sys
11:40:42.0874 0x1afc O2FJ2RDR - ok
11:40:42.0878 0x1afc [ BBD0246FB5DCFF52C0AACC27212DDC55, AE148A89F1EF88735635C395BB8FCDEF1E3F4039F4C4CEFB8ED6AC056EB06C8B ] O2FLASH         C:\Windows\system32\DRIVERS\o2flash.exe
11:40:42.0884 0x1afc O2FLASH - ok
11:40:42.0978 0x1afc [ 4635935FC972C582632BF45C26BFCB0E, ABD4AFD71B3C2BD3F741BBE3CEC52C4FA63AC78D353101D2E7DC4DE2725D1CA1 ] O2SDIOAssist    C:\Windows\SysWOW64\srvany.exe
11:40:42.0987 0x1afc O2SDIOAssist - detected UnsignedFile.Multi.Generic ( 1 )
11:40:46.0221 0x1afc Detect skipped due to KSN trusted
11:40:46.0221 0x1afc O2SDIOAssist - ok
11:40:46.0243 0x1afc [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
11:40:46.0267 0x1afc ohci1394 - ok
11:40:46.0310 0x1afc [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:40:46.0334 0x1afc ose - ok
11:40:46.0724 0x1afc [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
11:40:46.0800 0x1afc osppsvc - ok
11:40:46.0838 0x1afc [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
11:40:46.0865 0x1afc p2pimsvc - ok
11:40:46.0921 0x1afc [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
11:40:46.0945 0x1afc p2psvc - ok
11:40:46.0972 0x1afc [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
11:40:46.0982 0x1afc Parport - ok
11:40:47.0001 0x1afc [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
11:40:47.0013 0x1afc partmgr - ok
11:40:47.0037 0x1afc [ 256390425414F90FCBC12F525A84EB11, A4992020BF6A239AD8A77125426E2C39980C9ABC971C4DBCB24B358F946AD7F9 ] PcaSvc          C:\Windows\System32\pcasvc.dll
11:40:47.0066 0x1afc PcaSvc - ok
11:40:47.0090 0x1afc [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
11:40:47.0098 0x1afc pci - ok
11:40:47.0116 0x1afc [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
11:40:47.0121 0x1afc pciide - ok
11:40:47.0150 0x1afc [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
11:40:47.0165 0x1afc pcmcia - ok
11:40:47.0176 0x1afc [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
11:40:47.0182 0x1afc pcw - ok
11:40:47.0210 0x1afc [ 946010CDFA91469351B22E2620CEBCD8, F099C92706D42ADC289B72724F7932E5D4F62A427AEC967DDB0A1D728AE59A63 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
11:40:47.0225 0x1afc PEAUTH - ok
11:40:47.0347 0x1afc [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
11:40:47.0371 0x1afc PeerDistSvc - ok
11:40:47.0376 0x1afc [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
11:40:47.0382 0x1afc PerfHost - ok
11:40:47.0559 0x1afc [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
11:40:47.0596 0x1afc pla - ok
11:40:47.0628 0x1afc [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
11:40:47.0641 0x1afc PlugPlay - ok
11:40:47.0644 0x1afc [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
11:40:47.0651 0x1afc PNRPAutoReg - ok
11:40:47.0659 0x1afc [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
11:40:47.0670 0x1afc PNRPsvc - ok
11:40:47.0683 0x1afc [ E4799B87675C59AA1F620DE5C6F113BB, 094EE16D4CEC68DB316002994482344A6BFCFDE399131F7FA11BB46C2DCBF218 ] Point64         C:\Windows\system32\DRIVERS\point64.sys
11:40:47.0688 0x1afc Point64 - ok
11:40:47.0713 0x1afc [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
11:40:47.0738 0x1afc PolicyAgent - ok
11:40:47.0749 0x1afc [ A2CCA4FB273E6050F17A0A416CFF2FCD, C42BA18DF0C8E3F7358669A784E51E4DC7A4112096345EA699EDC95F561E0255 ] Power           C:\Windows\system32\umpo.dll
11:40:47.0758 0x1afc Power - ok
11:40:47.0779 0x1afc [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
11:40:47.0798 0x1afc PptpMiniport - ok
11:40:47.0806 0x1afc [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
11:40:47.0814 0x1afc Processor - ok
11:40:47.0829 0x1afc [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
11:40:47.0839 0x1afc ProfSvc - ok
11:40:47.0859 0x1afc [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] ProtectedStorage C:\Windows\system32\lsass.exe
11:40:47.0866 0x1afc ProtectedStorage - ok
11:40:47.0917 0x1afc [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
11:40:47.0953 0x1afc Psched - ok
11:40:48.0154 0x1afc [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
11:40:48.0180 0x1afc ql2300 - ok
11:40:48.0206 0x1afc [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
11:40:48.0225 0x1afc ql40xx - ok
11:40:48.0268 0x1afc [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
11:40:48.0303 0x1afc QWAVE - ok
11:40:48.0367 0x1afc [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
11:40:48.0393 0x1afc QWAVEdrv - ok
11:40:48.0466 0x1afc [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
11:40:48.0511 0x1afc RasAcd - ok
11:40:48.0543 0x1afc [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
11:40:48.0581 0x1afc RasAgileVpn - ok
11:40:48.0585 0x1afc [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
11:40:48.0605 0x1afc RasAuto - ok
11:40:48.0640 0x1afc [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
11:40:48.0673 0x1afc Rasl2tp - ok
11:40:48.0681 0x1afc [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
11:40:48.0703 0x1afc RasMan - ok
11:40:48.0731 0x1afc [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
11:40:48.0750 0x1afc RasPppoe - ok
11:40:48.0759 0x1afc [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
11:40:48.0778 0x1afc RasSstp - ok
11:40:48.0828 0x1afc [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
11:40:48.0858 0x1afc rdbss - ok
11:40:48.0872 0x1afc [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
11:40:48.0880 0x1afc rdpbus - ok
11:40:48.0919 0x1afc [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
11:40:48.0968 0x1afc RDPCDD - ok
11:40:48.0988 0x1afc [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
11:40:48.0996 0x1afc RDPDR - ok
11:40:49.0009 0x1afc [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
11:40:49.0028 0x1afc RDPENCDD - ok
11:40:49.0039 0x1afc [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
11:40:49.0058 0x1afc RDPREFMP - ok
11:40:49.0092 0x1afc [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
11:40:49.0099 0x1afc RdpVideoMiniport - ok
11:40:49.0107 0x1afc [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
11:40:49.0117 0x1afc RDPWD - ok
11:40:49.0153 0x1afc [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
11:40:49.0174 0x1afc rdyboost - ok
11:40:49.0185 0x1afc [ 5A118234A2251D6CFB8A11DFE7AC4B4A, C79AEAA4D35C10F3C0F5F75E525FE8FB839F43C5EA0D83AE2D5FAB8FEB8F6ECF ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
11:40:49.0191 0x1afc RegSrvc - ok
11:40:49.0195 0x1afc [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
11:40:49.0214 0x1afc RemoteAccess - ok
11:40:49.0220 0x1afc [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
11:40:49.0240 0x1afc RemoteRegistry - ok
11:40:49.0305 0x1afc [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
11:40:49.0326 0x1afc RFCOMM - ok
11:40:49.0344 0x1afc [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
11:40:49.0377 0x1afc RpcEptMapper - ok
11:40:49.0381 0x1afc [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
11:40:49.0389 0x1afc RpcLocator - ok
11:40:49.0418 0x1afc [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
11:40:49.0461 0x1afc RpcSs - ok
11:40:49.0558 0x1afc [ 742186A23B9B3E7F90FAA4595291ED0C, 9AD43DB642E27074D4792B6E6A12EFDC3C1C22B0828EF6B84265D295CA4F7424 ] rspLLL          C:\Windows\system32\DRIVERS\rspLLL64.sys
11:40:49.0579 0x1afc rspLLL - ok
11:40:49.0592 0x1afc [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
11:40:49.0612 0x1afc rspndr - ok
11:40:49.0636 0x1afc [ DDF3EFB4AD226C61D0ADA6E779E3D968, 5B14B35321F10D974B9F47D60C9DAA527A2C907029C242A6F4214E6012A046DA ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
11:40:49.0645 0x1afc RtkAudioService - ok
11:40:49.0663 0x1afc [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
11:40:49.0670 0x1afc s3cap - ok
11:40:49.0672 0x1afc [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] SamSs           C:\Windows\system32\lsass.exe
11:40:49.0679 0x1afc SamSs - ok
11:40:49.0738 0x1afc [ 9EBC8558F87AB6645DD12A0EE99E1353, 5A4B49051FB7BFACAB81F0CF1B27057BC46D4A064005BF738549208667D00AAA ] SboxDrv         C:\Program Files (x86)\Invincea\Enterprise\Sandbox\SboxDrv.sys
11:40:49.0760 0x1afc SboxDrv - ok
11:40:49.0769 0x1afc [ 6E5A7FD77EE6D70C738B6439B5E8FF0C, 0E9570B5FD7BEDF62EB9D35B6834E2F0B740548D128D153DAF452B2CED0905A9 ] SboxSvc         C:\Program Files (x86)\Invincea\Enterprise\Sandbox\SboxSvc.exe
11:40:49.0776 0x1afc SboxSvc - ok
11:40:49.0792 0x1afc [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
11:40:49.0841 0x1afc sbp2port - ok
11:40:49.0870 0x1afc [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
11:40:49.0906 0x1afc SCardSvr - ok
11:40:49.0913 0x1afc [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
11:40:49.0930 0x1afc scfilter - ok
11:40:49.0966 0x1afc [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
11:40:50.0000 0x1afc Schedule - ok
11:40:50.0018 0x1afc [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
11:40:50.0036 0x1afc SCPolicySvc - ok
11:40:50.0051 0x1afc [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
11:40:50.0060 0x1afc sdbus - ok
11:40:50.0073 0x1afc [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
11:40:50.0081 0x1afc SDRSVC - ok
11:40:50.0109 0x1afc [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
11:40:50.0128 0x1afc secdrv - ok
11:40:50.0131 0x1afc [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
11:40:50.0151 0x1afc seclogon - ok
11:40:50.0167 0x1afc [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
11:40:50.0187 0x1afc SENS - ok
11:40:50.0190 0x1afc [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
11:40:50.0196 0x1afc SensrSvc - ok
11:40:50.0237 0x1afc [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
11:40:50.0255 0x1afc Serenum - ok
11:40:50.0284 0x1afc [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
11:40:50.0311 0x1afc Serial - ok
11:40:50.0314 0x1afc [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
11:40:50.0322 0x1afc sermouse - ok
11:40:50.0346 0x1afc [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
11:40:50.0383 0x1afc SessionEnv - ok
11:40:50.0396 0x1afc [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
11:40:50.0403 0x1afc sffdisk - ok
11:40:50.0406 0x1afc [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
11:40:50.0413 0x1afc sffp_mmc - ok
11:40:50.0428 0x1afc [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
11:40:50.0435 0x1afc sffp_sd - ok
11:40:50.0445 0x1afc [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
11:40:50.0451 0x1afc sfloppy - ok
11:40:50.0465 0x1afc [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
11:40:50.0490 0x1afc SharedAccess - ok
11:40:50.0513 0x1afc [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:40:50.0538 0x1afc ShellHWDetection - ok
11:40:50.0541 0x1afc [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
11:40:50.0547 0x1afc SiSRaid2 - ok
11:40:50.0567 0x1afc [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
11:40:50.0573 0x1afc SiSRaid4 - ok
11:40:50.0596 0x1afc [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
11:40:50.0637 0x1afc Smb - ok
11:40:50.0650 0x1afc [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
11:40:50.0658 0x1afc SNMPTRAP - ok
11:40:50.0677 0x1afc [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
11:40:50.0698 0x1afc spldr - ok
11:40:50.0743 0x1afc [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
11:40:50.0770 0x1afc Spooler - ok
11:40:50.0881 0x1afc [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
11:40:50.0948 0x1afc sppsvc - ok
11:40:50.0955 0x1afc [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
11:40:50.0974 0x1afc sppuinotify - ok
11:40:51.0122 0x1afc [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
11:40:51.0149 0x1afc srv - ok
11:40:51.0171 0x1afc [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
11:40:51.0183 0x1afc srv2 - ok
11:40:51.0202 0x1afc [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
11:40:51.0211 0x1afc srvnet - ok
11:40:51.0232 0x1afc [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
11:40:51.0254 0x1afc SSDPSRV - ok
11:40:51.0263 0x1afc [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
11:40:51.0284 0x1afc SstpSvc - ok
11:40:51.0303 0x1afc [ E4EA2412FB1B8AEE33667A9CC6D456A4, E553D07BBD98CB026033D7D10D859795682D1BFCB9D33D494177B2E747EA5064 ] stdcfltn        C:\Windows\system32\DRIVERS\stdcfltn.sys
11:40:51.0308 0x1afc stdcfltn - ok
11:40:51.0310 0x1afc [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
11:40:51.0316 0x1afc stexstor - ok
11:40:51.0339 0x1afc [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
11:40:51.0356 0x1afc stisvc - ok
11:40:51.0360 0x1afc [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc         C:\Windows\system32\storsvc.dll
11:40:51.0368 0x1afc StorSvc - ok
11:40:51.0394 0x1afc [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
11:40:51.0434 0x1afc storvsc - ok
11:40:51.0450 0x1afc [ AB1C3402A04C4594D9A778574E87C4B2, 46D20F5432B9A8ED5FAEDC75838AD86548585C1BA86E160AB9C5F893FB11815C ] ST_Accel        C:\Windows\system32\DRIVERS\ST_Accel.sys
11:40:51.0456 0x1afc ST_Accel - ok
11:40:51.0546 0x1afc [ 10962A049785997D3C36F4C5C1CB7B18, 77DB8234B4494CDD881B5ADA97859BA70384BD3CE061E7E2422290D18B4F3E72 ] SupportAssistAgent C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
11:40:51.0563 0x1afc SupportAssistAgent - ok
11:40:51.0598 0x1afc [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
11:40:51.0622 0x1afc swenum - ok
11:40:51.0648 0x1afc [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
11:40:51.0673 0x1afc swprv - ok
11:40:51.0689 0x1afc [ 4CDD7DF58730D23BA9CB5829A6E2ECEA, 89A2A1604C2BF985894000F51D9D376B32F1327197866850B5BF8640272DE828 ] SynthVid        C:\Windows\system32\DRIVERS\VMBusVideoM.sys
11:40:51.0694 0x1afc SynthVid - ok
11:40:51.0763 0x1afc [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
11:40:51.0796 0x1afc SysMain - ok
11:40:51.0802 0x1afc [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:40:51.0812 0x1afc TabletInputService - ok
11:40:51.0821 0x1afc [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
11:40:51.0843 0x1afc TapiSrv - ok
11:40:51.0846 0x1afc [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
11:40:51.0865 0x1afc TBS - ok
11:40:51.0940 0x1afc [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
11:40:51.0972 0x1afc Tcpip - ok
11:40:52.0003 0x1afc [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
11:40:52.0034 0x1afc TCPIP6 - ok
11:40:52.0048 0x1afc [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
11:40:52.0054 0x1afc tcpipreg - ok
11:40:52.0058 0x1afc [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
11:40:52.0063 0x1afc TDPIPE - ok
11:40:52.0080 0x1afc [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
11:40:52.0086 0x1afc TDTCP - ok
11:40:52.0099 0x1afc [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
11:40:52.0107 0x1afc tdx - ok
11:40:52.0136 0x1afc [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
11:40:52.0151 0x1afc TermDD - ok
11:40:52.0176 0x1afc [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
11:40:52.0192 0x1afc TermService - ok
11:40:52.0207 0x1afc [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
11:40:52.0217 0x1afc Themes - ok
11:40:52.0228 0x1afc [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
11:40:52.0248 0x1afc THREADORDER - ok
11:40:52.0258 0x1afc [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
11:40:52.0280 0x1afc TrkWks - ok
11:40:52.0326 0x1afc [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:40:52.0363 0x1afc TrustedInstaller - ok
11:40:52.0378 0x1afc [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
11:40:52.0385 0x1afc tssecsrv - ok
11:40:52.0397 0x1afc [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
11:40:52.0404 0x1afc TsUsbFlt - ok
11:40:52.0435 0x1afc [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
11:40:52.0450 0x1afc TsUsbGD - ok
11:40:52.0469 0x1afc [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
11:40:52.0489 0x1afc tunnel - ok
11:40:52.0503 0x1afc [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
11:40:52.0508 0x1afc uagp35 - ok
11:40:52.0525 0x1afc [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
11:40:52.0548 0x1afc udfs - ok
11:40:52.0553 0x1afc [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
11:40:52.0560 0x1afc UI0Detect - ok
11:40:52.0563 0x1afc [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
11:40:52.0569 0x1afc uliagpkx - ok
11:40:52.0592 0x1afc [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
11:40:52.0599 0x1afc umbus - ok
11:40:52.0602 0x1afc [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
11:40:52.0608 0x1afc UmPass - ok
11:40:52.0665 0x1afc [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
11:40:52.0686 0x1afc UmRdpService - ok
11:40:52.0740 0x1afc [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
11:40:52.0778 0x1afc upnphost - ok
11:40:52.0823 0x1afc [ C5C45CE1C5B3CC9D5A9826F76709D7A4, 60DD04D7898E4D3AF1565C56664952FF2AE1799AAA3991D9544DB4AFD9F2D506 ] usb3Hub         C:\Windows\system32\DRIVERS\usb3Hub.sys
11:40:52.0829 0x1afc usb3Hub - ok
11:40:52.0846 0x1afc [ 91D3C92A44FC682DD791147604E79152, AA0B6799BF9C26C2C1793C91295288A4989AA43EC5E070B650DA7F0A142817CE ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
11:40:52.0863 0x1afc usbccgp - ok
11:40:52.0880 0x1afc [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
11:40:52.0888 0x1afc usbcir - ok
11:40:52.0923 0x1afc [ F7FFDF2A1D19A76A87759126B244C816, C91F09D77E22D976952A46F7B93F611B719EDAF694D538242FA8FAF1BA9BB2F0 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
11:40:52.0947 0x1afc usbehci - ok
11:40:52.0965 0x1afc [ 245FE7FC634D6A993E682E0A9EBA4ABB, F7A536D215EE3A63358EC8B5946D7BB3B56357BF91347B07013E00DAC98775B6 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
11:40:52.0975 0x1afc usbhub - ok
11:40:52.0986 0x1afc [ F4A4255E930B6D007A3501C35A3DACC4, E0D0EF801100BE57A199A483330A80FB6C6FF29AEBF3380BEE16BB364A8D7FC7 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
11:40:52.0989 0x1afc usbohci - detected UnsignedFile.Multi.Generic ( 1 )
11:40:56.0257 0x1afc Detect skipped due to KSN trusted
11:40:56.0257 0x1afc usbohci - ok
11:40:56.0277 0x1afc [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
11:40:56.0284 0x1afc usbprint - ok
11:40:56.0300 0x1afc [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
11:40:56.0306 0x1afc usbscan - ok
11:40:56.0322 0x1afc [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:40:56.0329 0x1afc USBSTOR - ok
11:40:56.0353 0x1afc [ 9462E6B70615C1703D4A95FA61FC54A1, A66E75A42E58E126F575F1AFC3BE47E119CF53431CED511776D878A78F597015 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
11:40:56.0355 0x1afc usbuhci - detected UnsignedFile.Multi.Generic ( 1 )
11:40:59.0253 0x1afc Detect skipped due to KSN trusted
11:40:59.0253 0x1afc usbuhci - ok
11:40:59.0310 0x1afc [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
11:40:59.0340 0x1afc usbvideo - ok
11:40:59.0350 0x1afc [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
11:40:59.0371 0x1afc UxSms - ok
11:40:59.0386 0x1afc [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] VaultSvc        C:\Windows\system32\lsass.exe
11:40:59.0394 0x1afc VaultSvc - ok
11:40:59.0414 0x1afc [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
11:40:59.0421 0x1afc vdrvroot - ok
11:40:59.0458 0x1afc [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
11:40:59.0484 0x1afc vds - ok
11:40:59.0488 0x1afc [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
11:40:59.0495 0x1afc vga - ok
11:40:59.0497 0x1afc [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
11:40:59.0515 0x1afc VgaSave - ok
11:40:59.0537 0x1afc [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
11:40:59.0545 0x1afc vhdmp - ok
11:40:59.0568 0x1afc [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
11:40:59.0574 0x1afc viaide - ok
11:40:59.0582 0x1afc [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
11:40:59.0604 0x1afc VMBusHID - ok
11:40:59.0641 0x1afc [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
11:40:59.0684 0x1afc volmgr - ok
11:40:59.0715 0x1afc [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
11:40:59.0725 0x1afc volmgrx - ok
11:40:59.0744 0x1afc [ DF8126BD41180351A093A3AD2FC8903B, AEFF4AA89CDDAAAD43CDE17C6B6EB2A397A0AC1651CBD51B889161EC2BC6527A ] volsnap         C:\Windows\system32\drivers\volsnap.sys
11:40:59.0760 0x1afc volsnap - ok
11:40:59.0798 0x1afc [ B4A73CA4EF9A02B9738CEA9AD5FE5917, B6A8086189FE2F1C3FE5B3F484FBA3DB2E5E1836F3154D30090F136C27D16166 ] vpcbus          C:\Windows\system32\DRIVERS\vpchbus.sys
11:40:59.0822 0x1afc vpcbus - ok
11:40:59.0853 0x1afc [ E675FB2B48C54F09895482E2253B289C, 68BBFBF2356C849722E429CA753CC309A3CCE8CF00EBDBBD2695ECD292324DF2 ] vpcnfltr        C:\Windows\system32\DRIVERS\vpcnfltr.sys
11:40:59.0878 0x1afc vpcnfltr - ok
11:40:59.0900 0x1afc [ 5FB42082B0D19A0268705F1DD343DF20, 62F8EEE6A507CE6A8BD638020118D71B78332F79BA82654AB702AE46B04767D9 ] vpcusb          C:\Windows\system32\DRIVERS\vpcusb.sys
11:40:59.0907 0x1afc vpcusb - ok
11:41:00.0042 0x1afc [ 207B6539799CC1C112661A9B620DD233, 6B915CC7F77C867516D94865D7BF2E5C815402EF0A4488C3EB2FEF7CFA6C98F6 ] vpcvmm          C:\Windows\system32\drivers\vpcvmm.sys
11:41:00.0065 0x1afc vpcvmm - ok
11:41:00.0088 0x1afc [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
11:41:00.0095 0x1afc vsmraid - ok
11:41:00.0145 0x1afc [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
11:41:00.0186 0x1afc VSS - ok
11:41:00.0190 0x1afc [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
11:41:00.0197 0x1afc vwifibus - ok
11:41:00.0226 0x1afc [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
11:41:00.0236 0x1afc vwififlt - ok
11:41:00.0255 0x1afc [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
11:41:00.0265 0x1afc vwifimp - ok
11:41:00.0274 0x1afc [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
11:41:00.0299 0x1afc W32Time - ok
11:41:00.0315 0x1afc [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
11:41:00.0321 0x1afc WacomPen - ok
11:41:00.0339 0x1afc [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
11:41:00.0372 0x1afc WANARP - ok
11:41:00.0382 0x1afc [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
11:41:00.0400 0x1afc Wanarpv6 - ok
11:41:00.0509 0x1afc [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
11:41:00.0532 0x1afc WatAdminSvc - ok
11:41:00.0576 0x1afc [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
11:41:00.0603 0x1afc wbengine - ok
11:41:00.0617 0x1afc [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
11:41:00.0628 0x1afc WbioSrvc - ok
11:41:00.0648 0x1afc [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
11:41:00.0662 0x1afc wcncsvc - ok
11:41:00.0665 0x1afc [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:41:00.0671 0x1afc WcsPlugInService - ok
11:41:00.0685 0x1afc [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
11:41:00.0690 0x1afc Wd - ok
11:41:00.0721 0x1afc [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
11:41:00.0738 0x1afc Wdf01000 - ok
11:41:00.0756 0x1afc [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
11:41:00.0764 0x1afc WdiServiceHost - ok
11:41:00.0766 0x1afc [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
11:41:00.0773 0x1afc WdiSystemHost - ok
11:41:00.0794 0x1afc [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
11:41:00.0805 0x1afc WebClient - ok
11:41:00.0832 0x1afc [ CBA25A299ECDBAE3A2300B68598AABA3, 5AC6F75FBDA58CD9D17922AF2780A37B89067EB4A97EE792A644B238BE94490D ] Wecsvc          C:\Windows\system32\wecsvc.dll
11:41:00.0851 0x1afc Wecsvc - ok
11:41:00.0864 0x1afc [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
11:41:00.0887 0x1afc wercplsupport - ok
11:41:00.0903 0x1afc [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
11:41:00.0923 0x1afc WerSvc - ok
11:41:00.0962 0x1afc [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
11:41:01.0000 0x1afc WfpLwf - ok
11:41:01.0008 0x1afc [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
11:41:01.0014 0x1afc WIMMount - ok
11:41:01.0016 0x1afc WinDefend - ok
11:41:01.0018 0x1afc WinHttpAutoProxySvc - ok
11:41:01.0089 0x1afc [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
11:41:01.0125 0x1afc Winmgmt - ok
11:41:01.0179 0x1afc [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
11:41:01.0214 0x1afc WinRM - ok
11:41:01.0279 0x1afc [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
11:41:01.0304 0x1afc WinUsb - ok
11:41:01.0342 0x1afc [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
11:41:01.0372 0x1afc Wlansvc - ok
11:41:01.0402 0x1afc [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
11:41:01.0409 0x1afc WmiAcpi - ok
11:41:01.0444 0x1afc [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
11:41:01.0472 0x1afc wmiApSrv - ok
11:41:01.0474 0x1afc WMPNetworkSvc - ok
11:41:01.0482 0x1afc [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
11:41:01.0488 0x1afc WPCSvc - ok
11:41:01.0500 0x1afc [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
11:41:01.0508 0x1afc WPDBusEnum - ok
11:41:01.0511 0x1afc [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
11:41:01.0531 0x1afc ws2ifsl - ok
11:41:01.0536 0x1afc [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
11:41:01.0547 0x1afc wscsvc - ok
11:41:01.0549 0x1afc WSearch - ok
11:41:01.0639 0x1afc [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\Windows\system32\wuaueng.dll
11:41:01.0681 0x1afc wuauserv - ok
11:41:01.0693 0x1afc [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
11:41:01.0701 0x1afc WudfPf - ok
11:41:01.0749 0x1afc [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
11:41:01.0772 0x1afc WUDFRd - ok
11:41:01.0777 0x1afc [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
11:41:01.0785 0x1afc wudfsvc - ok
11:41:01.0807 0x1afc [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
11:41:01.0817 0x1afc WwanSvc - ok
11:41:01.0849 0x1afc [ 93BFBB02C88EF306C8FB82213E07B845, F9E91A80B11997188446A83E6A1A66A503D3B58D8808AB7E869EE1550F1EA44F ] XHCIPort        C:\Windows\system32\DRIVERS\XHCIPort.sys
11:41:01.0857 0x1afc XHCIPort - ok
11:41:02.0068 0x1afc [ A923222A8437E6C419AFC1A3BE32FF47, ED1132AE3548AC54D838F93B36A591F3EDB34A980409ED220077871DA5630E9A ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
11:41:02.0120 0x1afc ZeroConfigService - ok
11:41:02.0178 0x1afc ================ Scan global ===============================
11:41:02.0192 0x1afc [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
11:41:02.0236 0x1afc [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
11:41:02.0253 0x1afc [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
11:41:02.0259 0x1afc [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
11:41:02.0267 0x1afc [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
11:41:02.0272 0x1afc [ Global ] - ok
11:41:02.0272 0x1afc ================ Scan MBR ==================================
11:41:02.0289 0x1afc [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
11:41:02.0816 0x1afc \Device\Harddisk0\DR0 - ok
11:41:02.0817 0x1afc ================ Scan VBR ==================================
11:41:02.0821 0x1afc [ AF28BD632329A157572E54B4353CAD6D ] \Device\Harddisk0\DR0\Partition1
11:41:02.0824 0x1afc \Device\Harddisk0\DR0\Partition1 - ok
11:41:02.0829 0x1afc [ 2FDED16EE50EDE9DF7C3BC5FF0D30D6F ] \Device\Harddisk0\DR0\Partition2
11:41:02.0839 0x1afc \Device\Harddisk0\DR0\Partition2 - ok
11:41:02.0839 0x1afc ================ Scan generic autorun ======================
11:41:02.0907 0x1afc [ FAF64638A42A32B449E7EB474064731A, 40462B51B3CAE21E5650525F90BAB5FCB6C1B44EA4C2DBB8AA0991A0F2EE7837 ] C:\Program Files\DellTPad\Apoint.exe
11:41:02.0924 0x1afc Apoint - ok
11:41:02.0971 0x1afc [ D53C287DEF473F0FDF1EE859DA9523C9, E9432788A3AF3A798461D631E459036A6D7704C83267481C4A31AB69A6083370 ] C:\Dell\DBRM\Reminder\DbrmTrayIcon.exe
11:41:02.0992 0x1afc DBRMTray - detected UnsignedFile.Multi.Generic ( 1 )
11:41:05.0882 0x1afc Detect skipped due to KSN trusted
11:41:05.0882 0x1afc DBRMTray - ok
11:41:05.0948 0x1afc [ 87A4BA086E5B5DF0F36E3F6D7234D701, EE26338497E016A95CB5970777B7B7AC8FAEF4E491713D729EDEFBCDC9FBF4A4 ] c:\Program Files\Microsoft Security Client\msseces.exe
11:41:05.0979 0x1afc MSC - ok
11:41:05.0999 0x1afc [ 4420BBAC770EB87AB74E4B9146E18924, 6DB78DB9FD72F1E8C7651D2B3FF090CB4A8C90BA0D11F69D533960CE67170CFC ] C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
11:41:06.0006 0x1afc BLEServicesCtrl - ok
11:41:06.0008 0x1afc BTMTrayAgent - ok
11:41:06.0160 0x1afc [ BD00A2831FC33B7EFFEDEA078CD0E5D3, EF7D80F61AEFFEFA1DB3B3C839D33D9D3672F0AC86B8E244AD3450AB452DA386 ] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
11:41:06.0301 0x1afc IntelPROSet - ok
11:41:06.0490 0x1afc [ 5BAD798CBAB39F3A56A9CD495320F67E, 668FB3F30DD99CBF9EBDDF4C079636DFD2C7693B3506AC8A6DD1B3CA4B5BAF11 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
11:41:06.0673 0x1afc RtHDVCpl - ok
11:41:06.0773 0x1afc [ C9C552CE10985B889DC476F6C015F85D, 901A7BFC84A7C42DF0B9CBFB49F39A95DDC62BAC9E08777DA53AB2B1550AAA55 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
11:41:06.0802 0x1afc RtHDVBg - ok
11:41:06.0808 0x1afc [ D55A44CB33482D604858F84EBD96027B, C57AA93B3F0D8767FBAC9A032758C8064739F6399B81F3559A7BC145DB2E0C14 ] C:\Program Files\Realtek\Audio\HDA\WavesSvc64.exe
11:41:06.0813 0x1afc WavesSvc - ok
11:41:06.0841 0x1afc [ C9C552CE10985B889DC476F6C015F85D, 901A7BFC84A7C42DF0B9CBFB49F39A95DDC62BAC9E08777DA53AB2B1550AAA55 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
11:41:06.0863 0x1afc RtHDVBg_PushButton - ok
11:41:06.0883 0x1afc [ F14327BA386AAA2246585BFADD8FE8E8, 2804D7985B116C808942B4501362D4F4BAE4B540E9A6AC9B176B30DD448BA5AC ] C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe
11:41:06.0886 0x1afc IAStorIcon - detected UnsignedFile.Multi.Generic ( 1 )
11:41:09.0796 0x1afc Detect skipped due to KSN trusted
11:41:09.0796 0x1afc IAStorIcon - ok
11:41:09.0840 0x1afc [ 100CA49842F00CA616F97E691F540A16, 32E8C30C6A25B4E5279E363AF9D49EF4533F918343FE63D4DBA0E463A66B19EC ] C:\Dell\DBRM\Reminder\TrayApp.exe
11:41:09.0848 0x1afc DBRMTray - detected UnsignedFile.Multi.Generic ( 1 )
11:41:12.0546 0x1afc Detect skipped due to KSN trusted
11:41:12.0546 0x1afc DBRMTray - ok
11:41:12.0650 0x1afc [ 5956CEBC6E2DF8BB255DE08901533985, 3F9362485F64FC50429297CA339ED5964FF0889B855307E2A944A08818434CE3 ] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
11:41:12.0666 0x1afc USB3MON - ok
11:41:12.0748 0x1afc [ 3D01581C2074852E864473DED3F129E3, AF091EA9C45FE779056CD3DA01F17A2D721DF23DE9C47DCF54622C3192D8400A ] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
11:41:12.0764 0x1afc StartCCC - ok
11:41:12.0808 0x1afc [ 07A37CB5C5A01E73FB69F138FAE2DB0E, 9E8B5D78D7EAB8FA35133763EDA91AFE5CDEE275D604F02CDB56FB00A0D5AA0F ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
11:41:12.0828 0x1afc Adobe ARM - ok
11:41:12.0881 0x1afc [ 3AC269FDBF84B8BE16D5EBAD1F373550, 9EEEFB96D7940816C681968ABA15F7E05DFF4D5D29B93BF5E9D5D3F8475C0DF2 ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe
11:41:12.0902 0x1afc IMSS - ok
11:41:13.0052 0x1afc [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
11:41:13.0184 0x1afc Sidebar - ok
11:41:13.0204 0x1afc [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
11:41:13.0242 0x1afc mctadmin - ok
11:41:13.0271 0x1afc [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
11:41:13.0292 0x1afc Sidebar - ok
11:41:13.0296 0x1afc [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
11:41:13.0305 0x1afc mctadmin - ok
11:41:13.0532 0x1afc [ 813A2CA558A10F98D72E0D72E1808343, 814F508C99ABA73A5A98FC83B827B3974F0CBF002DFB1D6F006AF0A8F8283351 ] C:\Program Files\Speccy\Speccy64.exe
11:41:13.0770 0x1afc Speccy - ok
11:41:14.0681 0x1afc [ B3B608484DD7A1B5972CB5C1C461E2EC, DDFA52AED0E3D4783FB8D17307473F771347ABE9F6F98E446EBC8D0C2297486C ] C:\Program Files\Microsoft Office 15\root\office15\lync.exe
11:41:15.0520 0x1afc Lync - ok
11:41:15.0680 0x1afc [ C9C8E99FAEB68B608909B2A67851A58A, 7332E4407D1FD1237FC91F2777ACF696D4550CE98173830DB0145B678D7218DE ] C:\Users\EJC\AppData\Local\Apps\2.0\QDHNRVRV.TXD\VB5KANHQ.VQ9\dell..tion_e30b47f5d4a30e9e_0005.000e_4ab3a7332dd76702\DellSystemDetect.exe
11:41:15.0695 0x1afc DellSystemDetect - ok
11:41:15.0697 0x1afc Adobe Speed Launcher - ok
11:41:15.0697 0x1afc Waiting for KSN requests completion. In queue: 11
11:41:16.0697 0x1afc Waiting for KSN requests completion. In queue: 11
11:41:17.0697 0x1afc Waiting for KSN requests completion. In queue: 11
11:41:18.0697 0x1afc Waiting for KSN requests completion. In queue: 11
11:41:19.0723 0x1afc AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.7.205.0 ), 0x60000 ( disabled : updated )
11:41:19.0760 0x1afc Win FW state via NFP2: enabled
11:41:22.0534 0x1afc ============================================================
11:41:22.0534 0x1afc Scan finished
11:41:22.0534 0x1afc ============================================================
11:41:22.0550 0x1b94 Detected object count: 0
11:41:22.0550 0x1b94 Actual detected object count: 0
11:43:01.0123 0x2838 Deinitialize success

#6
pystryker

Posted 14 February 2015 - 10:58 AM

Trusted Helper

Malware Removal
3,912 posts

Thanks for your help.

You're quite welcome.

I'm not seeing anything at all in the FRST logs, and TDSSKiller came back clean as well. I'd like to run a couple of adware cleaning tools to scrub any hidden adware out, but otherwise, the machine looks good. :thumbsup:

Please disable your antivirus for the duration of my instructions. Don't forget to re-enable them after you have completed the steps.

Step 1: Junkware Removal Tool

Please download Junkware Removal Tool to your desktop.

Shut down your protection software now to avoid potential conflicts.
Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.

Step 2: AdwCleaner Download ADWcleaner by clicking here. Please save it to your Desktop
Double click (Vista and 7 Users)right click the adwcleaner.exe file and click Run as Adminstrator and accept the UAC prompt to run AdwCleaner
Close any open windows or browsers.
Pause your Anti-Virus program if it is running.
Once it starts, click on the Scan button.
Let the scan complete itself. This may take a few minutes.
Once the scan has finished, it will say "Pending, uncheck elements you don't want to remove.", don't worry about unchecking anything and then click the Clean button. When finished, it will ask to reboot. Please reboot.
When the machine has rebooted, a log will be produced. Please copy/paste that in your next reply. Here's how:
Click the Report button and the log will open. Copy and Paste the contents of the log file into your next reply. This report is also saved at C:\AdwCleaner[R0].txt[/list] Things I need to see in your next post:

Please post each of these logs as a separate reply in this thread.

Junkware Removal Tool Log

AdwCleaner Log
[/list]

#7
joseph456

Posted 14 February 2015 - 02:34 PM

Member

Topic Starter
Member
455 posts

Thanks again. This is a great service that provides peace of mind!

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.2 (02.02.2015:1)
OS: Windows 7 Professional x64
Ran by EJC on Sat 02/14/2015 at 15:20:32.11
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

~~~ Files

~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\pcdr"
Successfully deleted: [Folder] "C:\Users\EJC\AppData\Roaming\pcdr"
Successfully deleted: [Folder] "C:\Users\EJC\appdata\locallow\pcdr"

~~~ FireFox

Emptied folder: C:\Users\EJC\AppData\Roaming\mozilla\firefox\profiles\y2y6rsh1.default\minidumps [1 files]

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 02/14/2015 at 15:22:19.28
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

#8
joseph456

Posted 14 February 2015 - 02:35 PM

Member

Topic Starter
Member
455 posts

# AdwCleaner v4.110 - Logfile created 14/02/2015 at 15:28:02
# Updated 05/02/2015 by Xplode
# Database : 2015-02-14.2 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (x64)
# Username : EJC - EJC-PC
# Running from : C:\Users\EJC\Desktop\GTG\AdwCleaner.exe
# Option : Cleaning

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Scheduled tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17631

-\\ Mozilla Firefox v35.0.1 (x86 en-US)

*************************

AdwCleaner[R0].txt - [749 bytes] - [14/02/2015 15:25:50]
AdwCleaner[S0].txt - [677 bytes] - [14/02/2015 15:28:02]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [735 bytes] ##########

#9
pystryker

Posted 14 February 2015 - 02:51 PM

Trusted Helper

Malware Removal
3,912 posts

Thanks again. This is a great service that provides peace of mind!

You're quite welcome, we try our best. :thumbsup:

Those logs look good, so let's clean up my tools, and you'll be set.

Please disable your antivirus for the duration of my instructions. Don't forget to re-enable them after you have completed the steps.

Tool Removal with Delfix and Creation of a clean restore point

Download Delfix from here
Ensure Remove disinfection tools is ticked
Also tick:
- Create registry backup
- Purge system restore
Click Run

The program will run for a few moments and then notepad will open with a log. Please paste the log in your next reply.

Things I need to see in your next post:

Delfix Log

#10
joseph456

Posted 14 February 2015 - 05:19 PM

Member

Topic Starter
Member
455 posts

Here it is - Thanks!

# DelFix v10.8 - Logfile created 14/02/2015 at 18:17:12
# Updated 29/07/2014 by Xplode
# Username : EJC - EJC-PC
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)

~ Removing disinfection tools ...

Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\TDSSKiller.3.0.0.44_14.02.2015_11.39.22_log.txt
Deleted : C:\Users\EJC\Desktop\Addition.txt
Deleted : C:\Users\EJC\Desktop\AdwCleaner.exe
Deleted : C:\Users\EJC\Desktop\FRST.txt
Deleted : C:\Users\EJC\Desktop\FRST64.exe
Deleted : C:\Users\EJC\Desktop\JRT.exe
Deleted : C:\Users\EJC\Desktop\JRT.txt
Deleted : C:\Users\EJC\Desktop\tdsskiller.exe
Deleted : HKLM\SOFTWARE\AdwCleaner

~ Creating registry backup ... OK

~ Cleaning system restore ...

Deleted : RP #174 [Windows Update | 01/10/2015 04:51:40]
Deleted : RP #177 [Windows Update | 01/14/2015 04:03:30]
Deleted : RP #178 [Windows Update | 01/18/2015 04:39:08]
Deleted : RP #179 [Windows Update | 01/22/2015 01:18:01]
Deleted : RP #180 [Windows Update | 01/26/2015 00:01:33]
Deleted : RP #181 [Windows Update | 01/29/2015 01:10:11]
Deleted : RP #182 [Windows Update | 02/01/2015 20:47:59]
Deleted : RP #183 [Windows Update | 02/05/2015 01:15:30]
Deleted : RP #184 [Windows Update | 02/08/2015 01:49:36]
Deleted : RP #185 [Windows Update | 02/11/2015 04:11:37]
Deleted : RP #186 [Windows Update | 02/11/2015 05:13:05]
Deleted : RP #187 [Windows Update | 02/11/2015 05:45:53]
Deleted : RP #188 [Windows Update | 02/11/2015 06:05:09]
Deleted : RP #189 [Windows Update | 02/12/2015 02:08:29]

New restore point created !

########## - EOF - ##########

#11
pystryker

Posted 14 February 2015 - 11:00 PM

Trusted Helper

Malware Removal
3,912 posts

You're quite welcome!

Safe surfing,

Pystryker :wave:

#12
pystryker

Posted 14 February 2015 - 11:00 PM

Trusted Helper

Malware Removal
3,912 posts

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.