Inactive Problem with 92062d.msi won't allow programs to install or uninstall

glhglh · Jan 24, 2018

Tried to install mbam, errors, ran a scan:

Malwarebytes

www.malwarebytes.com

-Log Details-

Scan Date: 1/24/18

Scan Time: 4:36 PM

Log File: d6129dd6-0167-11e8-ad78-bc5ff4d7cc8c.json

Administrator: Yes

-Software Information-

Version: 3.3.1.2183

Components Version: 1.0.236

Update Package Version: 1.0.3778

License: Free

-System Information-

OS: Windows 10 (Build 16299.192)

CPU: x64

File System: NTFS

User: GLH-DESKTOP-I7\garyh

-Scan Summary-

Scan Type: Threat Scan

Result: Completed

Objects Scanned: 420411

Threats Detected: 0

(No malicious items detected)

Threats Quarantined: 0

(No malicious items detected)

Time Elapsed: 1 min, 46 sec

-Scan Options-

Memory: Enabled

Startup: Enabled

Filesystem: Enabled

Archives: Enabled

Rootkits: Disabled

Heuristics: Enabled

PUP: Detect

PUM: Detect

-Scan Details-

Process: 0

(No malicious items detected)

Module: 0

(No malicious items detected)

Registry Key: 0

(No malicious items detected)

Registry Value: 0

(No malicious items detected)

Registry Data: 0

(No malicious items detected)

Data Stream: 0

(No malicious items detected)

Folder: 0

(No malicious items detected)

File: 0

(No malicious items detected)

Physical Sector: 0

(No malicious items detected)

(end)

Scan only tok 51 seconds, should take on this computer 20 minutes plus.

ran as an administrator. same result

Malwarebytes

www.malwarebytes.com

-Log Details-

Scan Date: 1/24/18

Scan Time: 4:59 PM

Log File: f622885e-016a-11e8-bacd-bc5ff4d7cc8c.json

Administrator: Yes

-Software Information-

Version: 3.3.1.2183

Components Version: 1.0.236

Update Package Version: 1.0.3778

License: Free

-System Information-

OS: Windows 10 (Build 16299.192)

CPU: x64

File System: NTFS

User: GLH-DESKTOP-I7\garyh

-Scan Summary-

Scan Type: Threat Scan

Result: Completed

Objects Scanned: 420506

Threats Detected: 0

(No malicious items detected)

Threats Quarantined: 0

(No malicious items detected)

Time Elapsed: 0 min, 51 sec

-Scan Options-

Memory: Enabled

Startup: Enabled

Filesystem: Enabled

Archives: Enabled

Rootkits: Disabled

Heuristics: Enabled

PUP: Detect

PUM: Detect

-Scan Details-

Process: 0

(No malicious items detected)

Module: 0

(No malicious items detected)

Registry Key: 0

(No malicious items detected)

Registry Value: 0

(No malicious items detected)

Registry Data: 0

(No malicious items detected)

Data Stream: 0

(No malicious items detected)

Folder: 0

(No malicious items detected)

File: 0

(No malicious items detected)

Physical Sector: 0

(No malicious items detected)

(end)

Prior to that ran a windows defender scan, it was clean also.

tried to run FRST64 as administrator. ended up in an endless loop, program box appeared, with another box: "update complete, the tool is ready to use". only way to stop was to use Task Manager.

Tried FSS, won't run.

Kaspersky TDSSKiller:

17:16:56.0556 0x2e34 TDSS rootkit removing tool 3.1.0.15 Apr 18 2017 11:34:02

17:17:00.0754 0x2e34 ============================================================

17:17:00.0755 0x2e34 Current date / time: 2018/01/24 17:17:00.0754

17:17:00.0755 0x2e34 SystemInfo:

17:17:00.0757 0x2e34

17:17:00.0757 0x2e34 OS Version: 10.0.16299 ServicePack: 0.0

17:17:00.0757 0x2e34 Product type: Workstation

17:17:00.0757 0x2e34 ComputerName: GLH-DESKTOP-I7

17:17:00.0757 0x2e34 UserName: garyh

17:17:00.0757 0x2e34 Windows directory: C:\WINDOWS

17:17:00.0757 0x2e34 System windows directory: C:\WINDOWS

17:17:00.0757 0x2e34 Running under WOW64

17:17:00.0757 0x2e34 Processor architecture: Intel x64

17:17:00.0757 0x2e34 Number of processors: 8

17:17:00.0757 0x2e34 Page size: 0x1000

17:17:00.0757 0x2e34 Boot type: Normal boot

17:17:00.0757 0x2e34 CodeIntegrityOptions = 0x00000001

17:17:00.0757 0x2e34 ============================================================

17:17:00.0795 0x2e34 KLMD registered as C:\WINDOWS\system32\drivers\32644288.sys

17:17:00.0795 0x2e34 KLMD ARK init status: drvProperties = 0xF0F02, osBuild = 16299.0, osProperties = 0x1D

17:17:01.0207 0x2e34 System UUID: {BBDB1914-2208-E8F6-E26E-88F033C222C2}

17:17:01.0608 0x2e34 !crdlk

17:17:01.0615 0x2e34 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 ( 111.79 Gb ), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'A'

17:17:01.0617 0x2e34 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'A'

17:17:05.0030 0x2e34 Drive \Device\Harddisk3\DR3 - Size: 0x7470C05E00 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'

17:17:05.0031 0x2e34 ============================================================

17:17:05.0031 0x2e34 \Device\Harddisk0\DR0:

17:17:05.0033 0x2e34 MBR partitions:

17:17:05.0033 0x2e34 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000

17:17:05.0034 0x2e34 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xDE80800

17:17:05.0034 0x2e34 \Device\Harddisk1\DR1:

17:17:05.0034 0x2e34 MBR partitions:

17:17:05.0034 0x2e34 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800

17:17:05.0034 0x2e34 \Device\Harddisk3\DR3:

17:17:05.0034 0x2e34 MBR partitions:

17:17:05.0034 0x2e34 \Device\Harddisk3\DR3\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C02

17:17:05.0034 0x2e34 ============================================================

17:17:05.0035 0x2e34 C: <-> \Device\Harddisk0\DR0\Partition2

17:17:05.0054 0x2e34 E: <-> \Device\Harddisk1\DR1\Partition1

17:17:05.0282 0x2e34 F: <-> \Device\Harddisk3\DR3\Partition1

17:17:05.0282 0x2e34 ============================================================

17:17:05.0282 0x2e34 Initialize success

17:17:05.0282 0x2e34 ============================================================

17:17:08.0825 0x3184 ============================================================

17:17:08.0825 0x3184 Scan started

17:17:08.0825 0x3184 Mode: Manual;

17:17:08.0825 0x3184 ============================================================

17:17:08.0825 0x3184 KSN ping started

17:17:09.0000 0x3184 KSN ping finished: true

17:17:09.0955 0x3184 ================ Scan system memory ========================

17:17:09.0955 0x3184 System memory - ok

17:17:09.0955 0x3184 ================ Scan services =============================

17:17:10.0043 0x3184 [ 08312DEEF0D3F8647AA53AD90A69094E, E32620323E7EDD3CAB5B04B9E37DDE7CA87B45C2CB17520D69D03C17E1D5F65A ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys

17:17:10.0058 0x3184 1394ohci - ok

17:17:10.0074 0x3184 [ 645009E711BBF117CCEE917A03FB0CDD, B531951443D961C08428CB0F77F57D9F33C37C0637F919A9DA9DB5DA18479F70 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys

17:17:10.0074 0x3184 3ware - ok

17:17:10.0091 0x3184 ACPI - ok

17:17:10.0094 0x3184 [ 44EA35A4B397898A83BF1B9B4B8DAE35, 023E3BC5CE47518269A812F156EFF1BD4CB14F1F5DD3FCC317DE046A519E20CE ] AcpiDev C:\WINDOWS\System32\drivers\AcpiDev.sys

17:17:10.0095 0x3184 AcpiDev - ok

17:17:10.0100 0x3184 [ 91D113A1532B8AB1E25B7DE5AB3C2F83, 43134DB92D522FCF537FFA8E829021F43BDD90006D7F096BA483DA1DAD3D1CC3 ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys

17:17:10.0102 0x3184 acpiex - ok

17:17:10.0105 0x3184 [ 620BB2682BA625DF037072D89F44F6EE, A1A72F663C75DC65B1BA278CD7F43FAE6D1BDAE2F3F1D8269F508DECB555FFF9 ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys

17:17:10.0106 0x3184 acpipagr - ok

17:17:10.0110 0x3184 [ B9805A3C479390CEAEA5AEF5E4A90A2E, D9256734BC46EA43133873BDDE56B9A3597F74CFE82500FFB374A8EE6293ADD3 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys

17:17:10.0110 0x3184 AcpiPmi - ok

17:17:10.0113 0x3184 [ ABD4EB55C661143B015BD0B9B47B235C, 5F109BA04010E634D547E86AF67659EA06BD05FCF78A493DB190790C4D7E13EA ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys

17:17:10.0114 0x3184 acpitime - ok

17:17:10.0120 0x3184 [ 38622FFE9369D3EC01C0097235BD9279, 021BC514F61B3874892809981572AF9A29DE7445E56CF8BC09EBC7C6C68E5AB2 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

17:17:10.0121 0x3184 AdobeARMservice - ok

17:17:10.0142 0x3184 [ 9B3355B29942AF67F014EA90CE1EA960, FBB155F72984045BCD99CC2059B9EDAABD3A52104C3864A290D8A355991F94D3 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

17:17:10.0142 0x3184 AdobeFlashPlayerUpdateSvc - ok

17:17:10.0158 0x3184 [ 8C58BD711FAD5F11E8CFDBC5CED973A5, 340FCD2C492009D5D7732FBF94198C4767125A77E0C71BB20E5CB2BDA5AB57CF ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS

17:17:10.0174 0x3184 ADP80XX - ok

17:17:10.0174 0x3184 AFD - ok

17:17:10.0189 0x3184 [ 56166D110D3ECFFC595E5FA02D9BA491, E8B08A07C06C7A3FA1996A0B027F316ACBDD2A21933DAD5CFFA9872C209DB79B ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys

17:17:10.0189 0x3184 ahcache - ok

17:17:10.0189 0x3184 [ 84FFB4AC2BA923364DF13F73751E05D1, EBD054282D93F290408A2343C0CBF98CEF7619A8252DC04E15322E51505D45AF ] AJRouter C:\WINDOWS\System32\AJRouter.dll

17:17:10.0189 0x3184 AJRouter - ok

17:17:10.0189 0x3184 [ 084101AB03969D8ED00D5FFBE5F4C3DF, 6425FA16F0CBF5F3008780095364830EBF1F073BD5109764FE9E88245AFB9367 ] ALG C:\WINDOWS\System32\alg.exe

17:17:10.0189 0x3184 ALG - ok

17:17:10.0205 0x3184 [ 62619E31AFF88F906A7E793AC4A9FF51, 2532FAD310036CC3A5A7C8276EDABA6F0705EEE46B61288856CEC0DF6CBA50C6 ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys

17:17:10.0205 0x3184 AmdK8 - ok

17:17:10.0205 0x3184 [ 735142DD039BEB35632765C41FC6E397, 915373D15B9CCCFBC3DC46582C8EA1251E268DA8E535F2CC407546FE10662341 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys

17:17:10.0205 0x3184 AmdPPM - ok

17:17:10.0205 0x3184 [ F1C16AABA27E9E153AEC7BD2AB853F30, 7CFDBD218E6C161747A21BBACC78BF1061F2427ED1247F1AE0879BE155C504E7 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys

17:17:10.0205 0x3184 amdsata - ok

17:17:10.0220 0x3184 [ C834D0F1ECB8473E9E6D18EE1BCEECB2, C9B7B9279F96DE4DA1EE096B6463591B3A718F87CD75E544C5A07C3639D1F188 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys

17:17:10.0220 0x3184 amdsbs - ok

17:17:10.0220 0x3184 [ 49203D2FFE30CBB36BE66A0E70F3D954, E5B5A3B3B4A8FF03B5C902642C776CECD554CA1DB25419111EDA83602986CCCE ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys

17:17:10.0220 0x3184 amdxata - ok

17:17:10.0236 0x3184 [ 4EB4D11F563FBEBDE8DE4E74B8851715, 0F6FF3C5C999990501277AAC5A33DF8194CEE6975347C2D1D2319BB86D54867C ] AppHostSvc C:\WINDOWS\system32\inetsrv\apphostsvc.dll

17:17:10.0237 0x3184 AppHostSvc - ok

17:17:10.0242 0x3184 [ 3692C75C47285D388C886D162F54C430, C38263F070F6F9CC5BBE458460BD3715CAC6E0C5E53AF2486289396CE5557673 ] AppID C:\WINDOWS\system32\drivers\appid.sys

17:17:10.0244 0x3184 AppID - ok

17:17:10.0244 0x3184 [ A78F24AF599EA536C6028D80E4037664, 0FE73CAFAE336D8831225BDCC0158BEEEED2E9E6086109974BE7F1982A79C9CA ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll

17:17:10.0244 0x3184 AppIDSvc - ok

17:17:10.0244 0x3184 Appinfo - ok

17:17:10.0244 0x3184 [ E0CBB79ADB89A233928AF60FB2B729DE, CA2C2660686A9D8BD9DB940469221FCD70379AC9837B8620B074C0ED683BEC41 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

17:17:10.0260 0x3184 Apple Mobile Device Service - ok

17:17:10.0260 0x3184 [ 1E085E2302D568F0CE041732B3E887B0, 0D2A3675FDD04C800B302C84A43F233F0217EB4B1AD44B11AADDB0D5D8FA0DB2 ] applockerfltr C:\WINDOWS\system32\drivers\applockerfltr.sys

17:17:10.0260 0x3184 applockerfltr - ok

17:17:10.0260 0x3184 [ 043786FF3A1B6A066613E0B166F28F07, CB248FA46D3798487A543344095F8EC5ACD8A4A5B9FCC7C374CAFE9DB04C6281 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll

17:17:10.0260 0x3184 AppMgmt - ok

17:17:10.0275 0x3184 [ 1D123729F547EEDFBE3F510346848C38, B170860348FBAC054203A7B858866A12944D7046C01BA3A14AC0860D8C288770 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll

17:17:10.0275 0x3184 AppReadiness - ok

17:17:10.0275 0x3184 AppVClient - ok

17:17:10.0296 0x3184 [ 05B19AD776D80FF0FADB44608896C16F, B7DDDF06C0E525774DA3AE3EA718E0CCC2D6C27F7430103B578859FAAAF2941F ] AppvStrm C:\WINDOWS\system32\drivers\AppvStrm.sys

17:17:10.0297 0x3184 AppvStrm - ok

17:17:10.0301 0x3184 [ 3EA678F2C70083FB1588772FE7FAFFE1, 8B236563E285352DE9DC056DC87872412D3A756E82DA9D0191931A19714B4078 ] AppvVemgr C:\WINDOWS\system32\drivers\AppvVemgr.sys

17:17:10.0303 0x3184 AppvVemgr - ok

17:17:10.0308 0x3184 [ ADD72B1FFE20B37A13A5A861724ECA05, D48515E1CF9B6317031B1151AEB8C7042D5FD63ABAD755749FE4660979F4E20B ] AppvVfs C:\WINDOWS\system32\drivers\AppvVfs.sys

17:17:10.0309 0x3184 AppvVfs - ok

17:17:10.0312 0x3184 AppXSvc - ok

17:17:10.0317 0x3184 [ B42C83DE28776B80DBA1310C56DD4F74, 8E017B73D5AD644EC1D46BC1DC2CAF465A6793E2AD6DC35A2E3AB907E7719C40 ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys

17:17:10.0319 0x3184 arcsas - ok

17:17:10.0330 0x3184 [ 9CDC69DDFDC91DC628F7515809329798, 2D202B3992A834A04C81834B0AC39E8B953410A24B929CB97D81F9CB546296D4 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe

17:17:10.0331 0x3184 aspnet_state - ok

17:17:10.0338 0x3184 [ 0D51FFDAE7C906C308369EAB87358304, 684E0405D82C67285FA1586426EA6792BBE796524C10DD24C2AF48FEF4E3D92E ] AssignedAccessManagerSvc C:\WINDOWS\System32\assignedaccessmanagersvc.dll

17:17:10.0344 0x3184 AssignedAccessManagerSvc - ok

17:17:10.0344 0x3184 [ C2151380227CD1F7DDA2401C1F151367, 0E76DCD69CAB960DC65942269081436A9DDA255E908E71A29E72DFCFC5CDCC7C ] AsyncMac C:\WINDOWS\System32\drivers\asyncmac.sys

17:17:10.0344 0x3184 AsyncMac - ok

17:17:10.0344 0x3184 [ 6191B9B2EE0E8CB957C683B9B341CC86, E60ACC6E9C6E90F2E1DA0DE220C890B50887FD97E7884F8F4301FF2C9A2F408A ] atapi C:\WINDOWS\system32\drivers\atapi.sys

17:17:10.0344 0x3184 atapi - ok

17:17:10.0360 0x3184 [ 225FB1C90CF88CD478D25940B3930873, E11AC067D58B82F9838EB1B641C6FEA9A209C2AF57220DCFFE1B25A6E61C4C55 ] ATSwpWDF C:\WINDOWS\system32\DRIVERS\ATSwpWDF.sys

17:17:10.0375 0x3184 ATSwpWDF - ok

17:17:10.0375 0x3184 AudioEndpointBuilder - ok

17:17:10.0375 0x3184 Audiosrv - ok

17:17:10.0375 0x3184 [ 947FF5992E26AFD4CAA34506678B70BC, 0B125EDBD6E740375E45AAA465DC83740F5CD43A55CDA404F7A81F37EE3BC57C ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll

17:17:10.0375 0x3184 AxInstSV - ok

17:17:10.0391 0x3184 [ A921805C1ED3253DF48FCA4D724173EB, 7DB6A13228812550F066C76273ECA6B3FC12E7CC98C245D16B5A13FBCF6A509D ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys

17:17:10.0391 0x3184 b06bdrv - ok

17:17:10.0391 0x3184 bam - ok

17:17:10.0407 0x3184 [ 2A7267AA15E508F6D05A5B562F1FD1CE, 7070123619A3F08864844FF89C9DEA1D4ED48D05D2B93E305774BE715583DD51 ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys

17:17:10.0407 0x3184 BasicDisplay - ok

17:17:10.0407 0x3184 [ 2E1EE0F10FAF1250D1AC05BFB0E6BD3D, 036821D6EE71AFF59B9DCA28F7F9678E68FD246CB1C4368B11B4447B389D394F ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys

17:17:10.0407 0x3184 BasicRender - ok

17:17:10.0407 0x3184 [ 739D089777D2B66DBE7201E5EA4BA2D7, 9AD12E18A042C5B8EFB19297BC2E7BD1FEF75A138FEFB64C6BF0261FD3E53AB1 ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys

17:17:10.0407 0x3184 bcmfn2 - ok

17:17:10.0422 0x3184 [ 72963E0676003016B431306A6F4951BF, 3442A7C1AC1EE8E68F15C78CEBAC237D7535F834AA13F8BB602645DD183A73D3 ] BDESVC C:\WINDOWS\System32\bdesvc.dll

17:17:10.0422 0x3184 BDESVC - ok

17:17:10.0422 0x3184 [ 5AB9A3B14D7ACAB4DE8D4FEDB4CDBFAE, 1484A6E4D08B626C961F9809799FC472107E8692D04915267D0435D0DBAF673C ] becldr3Service C:\Program Files\BCL Technologies\easyConverter SDK 3\Common\becldr.exe

17:17:10.0438 0x3184 becldr3Service - ok

17:17:10.0442 0x3184 [ EDDAA3A563E7EB71C991FE91249C7D81, C095F7DDFB06C73AE28359A9DF2AFF69E715A8890864610EAE07750BE5AF48CA ] Beep C:\WINDOWS\system32\drivers\Beep.sys

17:17:10.0443 0x3184 Beep - ok

17:17:10.0445 0x3184 [ 86CAB4060251D418B6449D6CBCC852A6, BF4FB8B1DC542CED79AE30A26071F1DA0D1029284150F99A7C4D2CB9DE732861 ] BFE C:\WINDOWS\System32\bfe.dll

17:17:10.0461 0x3184 BFE - ok

17:17:10.0477 0x3184 [ E223918B4E0B28CF7BE132C30D1E161A, 6F7A88CE04B56C6EE1C8BE1675645B1D730CA2B069A8D521768542AC4EBF2E77 ] BITS C:\WINDOWS\System32\qmgr.dll

17:17:10.0501 0x3184 BITS - ok

17:17:10.0511 0x3184 [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe

17:17:10.0516 0x3184 Bonjour Service - ok

17:17:10.0521 0x3184 [ 55A8E1BA0B0737F8957F8C22EE8B9E7D, 9480E09BC713A6089320B4DB8A8696C9C6E8AD18A6575AA0DE1E41E8BD06D226 ] BOT4Service C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe

17:17:10.0521 0x3184 BOT4Service - ok

17:17:10.0526 0x3184 [ D030A1203680D66716F4E74053468627, C227F266AB7630D03E8ED19695E074B5182E4112E4931FB9552257EE2BE82848 ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys

17:17:10.0527 0x3184 bowser - ok

17:17:10.0529 0x3184 BrokerInfrastructure - ok

17:17:10.0533 0x3184 [ 2BA1BED8E8168C301522AC7CFBFA2141, 07000BEF5ABCF7795B474B69B1113F7EE5C22CF0F8CAF4A3D5D872B0D452CDD0 ] Browser C:\WINDOWS\System32\browser.dll

17:17:10.0535 0x3184 Browser - ok

17:17:10.0538 0x3184 [ A4863B7B1F0DB513D6E34547BACC211A, 41E74A60721CCBE0A4D487B3EE01BAC3108D9BA819BF58A64E963478C43828E9 ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys

17:17:10.0538 0x3184 BthAvrcpTg - ok

17:17:10.0545 0x3184 [ 9C9EE272C11252C651C5DE6A1AC1EDAA, DED378E894FA07B75F2E93490075879A50879CACACCF09F3F9EF37EDFA159233 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys

17:17:10.0547 0x3184 BthHFEnum - ok

17:17:10.0550 0x3184 [ 69734E386826ED857C889330F35B4D9C, F0804D41D4BA6C9022B70D5092C4F14128D33F66C5D85DE10115A37C36927B70 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys

17:17:10.0551 0x3184 bthhfhid - ok

17:17:10.0559 0x3184 [ BC58294295CBAD6637A526470305B5EA, FAA1A1C85D418B063D8A6E93558BA74D766081268354D63E28D372BD55D523DD ] BthHFSrv C:\WINDOWS\System32\BthHFSrv.dll

17:17:10.0565 0x3184 BthHFSrv - ok

17:17:10.0568 0x3184 [ A94AFAEA86F5F792BB4ECA095B231464, 588256D53CD50B8299FCABF624E8EF29761B16DE1999896DC647FBF8E2BAEA68 ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys

17:17:10.0569 0x3184 BTHMODEM - ok

17:17:10.0574 0x3184 [ 572BCA61B7E026E057AF7DF456AC7E0B, CA35DCC02BFE2D34C40449E47F0C8BA4AD709F01A952B9354332560CE72A1E4F ] bthserv C:\WINDOWS\system32\bthserv.dll

17:17:10.0577 0x3184 bthserv - ok

17:17:10.0579 0x3184 [ 39E7437FC59CDD7A303ABD514E462E8B, 9DCACFC12090BA03E3DD8E0EFE02382E3D42B528BDF6DD77318CAFACBA9EBA09 ] bttflt C:\WINDOWS\system32\drivers\bttflt.sys

17:17:10.0580 0x3184 bttflt - ok

17:17:10.0582 0x3184 [ 522888590B0C19BC8128119060AE7901, 9C979FD442E7B189FD156BD5E5E4A3D10FDABB3C38094B9C67A702103D39B00F ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys

17:17:10.0582 0x3184 buttonconverter - ok

17:17:10.0582 0x3184 [ 2AB01CE5E233A6FBA3E91BD57772AA4B, DC241810B774BCE651B525885480F05D15AE0E623D53E4CB02562A8424C067E2 ] CAD C:\WINDOWS\System32\drivers\CAD.sys

17:17:10.0582 0x3184 CAD - ok

17:17:10.0582 0x3184 [ E2C8EE32C053892E685A989071AAE333, 842228C315BBD5FA802A81833BB0158774969FED4C5A706F9B904F7C70DB80A3 ] camsvc C:\WINDOWS\system32\CapabilityAccessManager.dll

17:17:10.0582 0x3184 camsvc - ok

17:17:10.0598 0x3184 [ F6F97879F53AD57194C6BC8272FD73EA, C11CB040CC64ABC0A6EAD6D6985659896FBB5911D2E10B6584E0F90FE6813C57 ] CapImg C:\WINDOWS\System32\drivers\capimg.sys

17:17:10.0598 0x3184 CapImg - ok

17:17:10.0598 0x3184 [ 9E82A95D77AC78C84BA75FF896B060BF, 87905E55724ADE5149D3BBC2DB76A7275580DE204BB561B8E1FCD631DEF3D9F9 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys

17:17:10.0598 0x3184 cdfs - ok

17:17:10.0614 0x3184 [ 147CEBE0C5F7A80135C54715521AD9E1, 99ACF25165C0C17822B0FC06F662848CA0DFAD51B3E3B440005C2E033BFE4840 ] CDPSvc C:\WINDOWS\System32\CDPSvc.dll

17:17:10.0614 0x3184 CDPSvc - ok

17:17:10.0634 0x3184 [ C2F158F11391F21C7D3FEB572D11C2D2, 5F5E7A1A4E9A8C6AB0C4735BCE9175AE92870410ACFB2376F950DACE22E075D7 ] CDPUserSvc C:\WINDOWS\System32\CDPUserSvc.dll

17:17:10.0640 0x3184 CDPUserSvc - ok

17:17:10.0647 0x3184 [ 6D83565C1652E80447EDEA6947FA89D7, A84A3EA45304A9E3F53DA9F4CB9F2D9FF8A2AD69A36AEA366D35A2F5C9FDF851 ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys

17:17:10.0647 0x3184 cdrom - ok

17:17:10.0647 0x3184 [ 200A5398C0E7E78DBDF6C0D9E811F366, 91BED3876FCA06AF551939720C0088BD195AF64C11C6EAD8970EDE8E037A71AA ] CertPropSvc C:\WINDOWS\System32\certprop.dll

17:17:10.0647 0x3184 CertPropSvc - ok

17:17:10.0663 0x3184 [ D81954CE5E016FD716EDDB2B2FD9BA58, C47FF6D6527605238EF46E9BDF4544E2B2F4F9C5BCE13881F569F996541D7FF7 ] cht4iscsi C:\WINDOWS\system32\drivers\cht4sx64.sys

17:17:10.0663 0x3184 cht4iscsi - ok

17:17:10.0679 0x3184 [ F9A8570805807FFD66488F0A858E1308, 5D8363C5EEB7B92CFA219C466D04D8C625CACAFBDEA5857C5C9FA0C391AC2FEB ] cht4vbd C:\WINDOWS\System32\drivers\cht4vx64.sys

17:17:10.0710 0x3184 cht4vbd - ok

17:17:10.0714 0x3184 [ 9798D58461706930190F1F2F6BF21D80, BD7552297A636E19F5D544BDBF3490DA544E76002F62B227FA5BDA7A11760040 ] circlass C:\WINDOWS\System32\drivers\circlass.sys

17:17:10.0715 0x3184 circlass - ok

17:17:10.0717 0x3184 CldFlt - ok

17:17:10.0719 0x3184 CLFS - ok

17:17:10.0825 0x3184 [ BD3B484568382B13D624B9A8B2D67FA0, ADCCD6F17583DF8ADEDFBBB2DF829F6B21599C4D3089729DCAC62F2005588F42 ] ClickToRunSvc C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe

17:17:10.0907 0x3184 ClickToRunSvc - ok

17:17:10.0929 0x3184 [ BE9FA79096DD2CB43E7066897AB52E50, FB7AEE5996BF5115EF1DCEF315A37226A31454073EF60564061A2DB0A4FAD9F1 ] ClipSVC C:\WINDOWS\System32\ClipSVC.dll

17:17:10.0938 0x3184 ClipSVC - ok

17:17:10.0945 0x3184 [ 2BA3BA38B5A6A667B0EAEC477276707B, 80AD05C5C7E0398EB7320A82878700C6588B7411F3DEA02E5784CA599CB548C2 ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys

17:17:10.0945 0x3184 CmBatt - ok

17:17:10.0948 0x3184 CNG - ok

17:17:10.0951 0x3184 [ C65AF00EF12A1755E7CA370B0C71935D, C03315A5B999EB9AA5B5F1F000BD8A1C68DFC151B23AA2F29F69F7129407AA11 ] cnghwassist C:\WINDOWS\system32\DRIVERS\cnghwassist.sys

17:17:10.0951 0x3184 cnghwassist - ok

17:17:10.0967 0x3184 [ A50300498D56B2448F3593D25478D508, 841D66D4AB9749EE64802611157A9AAED1117B6B2C411B3DA272CE439E69AE45 ] CompositeBus C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_9c1fb8f4db31c348\CompositeBus.sys

17:17:10.0968 0x3184 CompositeBus - ok

17:17:10.0970 0x3184 COMSysApp - ok

17:17:10.0973 0x3184 [ 65602B0DB49199647FECB2D1212147BE, DC25D2DED7C31B4691B61FC69BB12E50CA5EDA9705339CCC82BE145EFD6D47C5 ] condrv C:\WINDOWS\system32\drivers\condrv.sys

17:17:10.0974 0x3184 condrv - ok

17:17:10.0976 0x3184 CoreMessagingRegistrar - ok

17:17:10.0982 0x3184 [ D64EF74FC6DA47EC2E460076F299E77D, 1F77E9F777FA6996222DE45B3AB2C01CD94C80A4A7F5CA092DDF1F18D74F93AA ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll

17:17:10.0982 0x3184 CryptSvc - ok

17:17:10.0982 0x3184 [ 0AAC6E3138AB83C466281642D1A48F15, 31AEBAE422BFDC9EBE0B8CBAEE5ABAA27E8EA47387D4A24C91A3CE92EF7E0C92 ] CSC C:\WINDOWS\system32\drivers\csc.sys

17:17:10.0998 0x3184 CSC - ok

17:17:10.0998 0x3184 [ 9D4FA712339A09110809A4CC270AF4F0, 6403633EB0061CE3E4665E7A757EB697FD47DEE540EEDEC035CC13184FC62947 ] CscService C:\WINDOWS\System32\cscsvc.dll

17:17:11.0014 0x3184 CscService - ok

17:17:11.0014 0x3184 [ 72BE43ABD786E86AAE7EA2193201E100, A013CF10AA4158082B5D0D7F885969C5C92710A6084E57E9DDBDA84420D97367 ] dam C:\WINDOWS\system32\drivers\dam.sys

17:17:11.0014 0x3184 dam - ok

17:17:11.0029 0x3184 [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdate C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

17:17:11.0031 0x3184 dbupdate - ok

17:17:11.0034 0x3184 [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdatem C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

17:17:11.0036 0x3184 dbupdatem - ok

17:17:11.0038 0x3184 [ B9A3585BD8C1F086BD3FE153B47B7BC8, 4D125DAA110C3BBDEDEB7E3DA282659041AA058D05E5D6F96AE2160ED194FA44 ] DbxSvc C:\WINDOWS\system32\DbxSvc.exe

17:17:11.0040 0x3184 DbxSvc - ok

17:17:11.0043 0x3184 [ A4700D1F78539C0ED32FA50E64F9C692, 5CB03B5F36307BA152245BAD29CB2AC703BBE8197ABC0338A7092ADEA1C3221A ] dc3d C:\WINDOWS\System32\drivers\dc3d.sys

17:17:11.0045 0x3184 dc3d - ok

17:17:11.0063 0x3184 [ 79BDBB684629A526CCD958F06B9D6FAD, 489A85A5F63E5F012740B538878D6DAEBBB474D64F27A6847D3E387A704E5297 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll

17:17:11.0077 0x3184 DcomLaunch - ok

17:17:11.0086 0x3184 [ F7FB921F438C3566CEC55657EA4E7D9C, 17FA956E3B89F9B6C154975E7E1AAFB204F5EDEACC14A8424827DE13440A9299 ] defragsvc C:\WINDOWS\System32\defragsvc.dll

17:17:11.0092 0x3184 defragsvc - ok

17:17:11.0101 0x3184 [ B5F9123D6537856EA698386ABA27A232, C60DD499254B4A3741ECE71AF1685763BD6A6F828F879D54E175A6198C89ABF0 ] DeviceAssociationService C:\WINDOWS\system32\das.dll

17:17:11.0106 0x3184 DeviceAssociationService - ok

17:17:11.0111 0x3184 [ 64A80A746FC460126FA4124AA2D93848, 851ECA69489FF9A834B6A5ACF9D51283FD3796E21316D8A22E57DED2F415782C ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll

17:17:11.0114 0x3184 DeviceInstall - ok

17:17:11.0125 0x3184 [ A19F51A044B62C994144ED87A7A5A887, 91ECE0E067E138817CD46A876B2D28CB47A2CCBE9C924EA91A1966FDF69AF7DF ] DevicesFlowUserSvc C:\WINDOWS\System32\DevicesFlowBroker.dll

17:17:11.0133 0x3184 DevicesFlowUserSvc - ok

17:17:11.0138 0x3184 [ 0D2A4CA81D1F7B5E5FBFE1E4F60246B8, EF425C2FB1191720F9B53EB26EC904F53851D296B222E20B0733615575D4B7E5 ] DevQueryBroker C:\WINDOWS\system32\DevQueryBroker.dll

17:17:11.0139 0x3184 DevQueryBroker - ok

17:17:11.0144 0x3184 [ 9910E9CFF5ECDCB225F82E72CE9DE459, BF38E53FC993C4F8170341C7798E2FC18BDB540E7543979581ABCA9E24B4494E ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys

17:17:11.0146 0x3184 Dfsc - ok

17:17:11.0154 0x3184 [ 309F4FBA6AC2CA70663C99690AE900C2, D38E3A5AD818DBB165C8C141236AE0C684E67FA1ACCD2914EEA1E6A771B06C33 ] Dhcp C:\WINDOWS\system32\dhcpcore.dll

17:17:11.0159 0x3184 Dhcp - ok

17:17:11.0163 0x3184 [ 8C46ADC4354DDE94CA459CB4BA822073, 8B0597866B6BAD22641B70836B29FC01433A00AFDABF31E5672DD5DF6ADCC3BB ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe

17:17:11.0164 0x3184 diagnosticshub.standardcollector.service - ok

17:17:11.0169 0x3184 [ E2BF09B816393AF73EDCB8ECF9BBDB2D, DBDFFC2450E4EC684DD59383799ACF1D207B0882C301B8D562FB76307AFCC553 ] diagsvc C:\WINDOWS\system32\DiagSvc.dll

17:17:11.0172 0x3184 diagsvc - ok

17:17:11.0176 0x3184 DiagTrack - ok

17:17:11.0179 0x3184 [ 811173C821171BB910219E53C7FD97AD, F915F90A39F99F6E38082B8077874791BBF21FF271351A4976494C6708C43E56 ] Disk C:\WINDOWS\system32\drivers\disk.sys

17:17:11.0180 0x3184 Disk - ok

17:17:11.0182 0x3184 [ 133E5277C2A50770EADFAC4AF2232D69, E24933DD2440BA8DBDFD3A583301A9BE56A4ED699134242DB52E1AB5721C53D4 ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll

17:17:11.0198 0x3184 DmEnrollmentSvc - ok

17:17:11.0198 0x3184 [ 569FE16775E15A49DC904DE20BF8CAA0, 18C1734AC5D6C4FE1944916B710450F18FAA7F3594E4EFB8CCEA140FC03A78BE ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys

17:17:11.0198 0x3184 dmvsc - ok

17:17:11.0198 0x3184 [ 10E72E3315305461D3F0C7560AE98CA5, 702B5C056DB6B4E337231BBEA48E106FA95F26B48CDE91857305E4C6E4EE6A12 ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll

17:17:11.0198 0x3184 dmwappushservice - ok

17:17:11.0213 0x3184 [ 4ACA3CE75B4C2243299C24A715E9B3CE, 043610E57C6D87F12D98C1A663B5CA415F64742D30434863073BD902BAE2EAC0 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll

17:17:11.0213 0x3184 Dnscache - ok

17:17:11.0213 0x3184 [ 24F0CF56DF2725291937B32597BA8D51, 810D4B43A4FB4B1738BFDAE51A49FD1725483BA686C6A3FA1DC1341D08AC743A ] dot3svc C:\WINDOWS\System32\dot3svc.dll

17:17:11.0230 0x3184 dot3svc - ok

17:17:11.0236 0x3184 [ 6D8971C942FEE43A0AB6B3192534AFB4, 44D437DD32E1FDD7922B352CA6C19C83C1ADD825FB704B8E07BEF01E866E2B99 ] DPS C:\WINDOWS\system32\dps.dll

17:17:11.0239 0x3184 DPS - ok

17:17:11.0241 0x3184 [ F4800922F4ABA619585CE320A72E6389, CA83BCAA8B37F303E89598F8C93B201A3F000A09F4A9963E370D7E59BD79D448 ] drmkaud C:\WINDOWS\System32\drivers\drmkaud.sys

17:17:11.0242 0x3184 drmkaud - ok

17:17:11.0244 0x3184 DsmSvc - ok

17:17:11.0249 0x3184 [ C7DC50CC0C6B0948A0C040622FCD70EA, F9C6B8F27E3DED8F7A681D0F652CCB6B1AE6D5E6CA8654E33EFDCF32A2D294EB ] DsSvc C:\WINDOWS\System32\DsSvc.dll

17:17:11.0251 0x3184 DsSvc - ok

17:17:11.0254 0x3184 DusmSvc - ok

17:17:11.0255 0x3184 DXGKrnl - ok

17:17:11.0259 0x3184 [ FA94398748930D840FE35A44F1D225A7, E2D48460413904AAFB50E18A24471157D2A235F5CCDF89EE49BB139D1CA3B9F6 ] Eaphost C:\WINDOWS\System32\eapsvc.dll

17:17:11.0262 0x3184 Eaphost - ok

17:17:11.0306 0x3184 [ C99D40C97841E0A7F0F90B8629593A97, 2DE7FB6E3CD7B06079C2B05D8C10AD0EDF187684ED1DE5BEE98FAB9A4B331824 ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys

17:17:11.0343 0x3184 ebdrv - ok

17:17:11.0351 0x3184 [ 94E06D509D50807774F35BEE3163E806, ADADFA0D533944579BA0E5FE31A68D4D1395E7B9DB75E58D47E0ADC0DA5AD16C ] EFS C:\WINDOWS\System32\lsass.exe

17:17:11.0353 0x3184 EFS - ok

17:17:11.0356 0x3184 [ 260BBD6B1ED06298E509B452354EDB91, CF794D5AC62C6DBF356BC717910FD2B106A8BD90C3C03BA43859FD876F8820BC ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys

17:17:11.0358 0x3184 EhStorClass - ok

17:17:11.0362 0x3184 [ F3BEBDC1B9DBA32F183079EAE6244837, 5DE0DA8D2A13BFA852355619C6DE5AC2FDFAB314A619A4F209842581E4D82DE1 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys

17:17:11.0363 0x3184 EhStorTcgDrv - ok

17:17:11.0367 0x3184 [ A75880A9192B9DA69F46867B06276746, 53856262A5BD4BE93CB45D1F43B87F45CB01C02B7D94231CF05346B9BDF1F18D ] embeddedmode C:\WINDOWS\System32\embeddedmodesvc.dll

17:17:11.0370 0x3184 embeddedmode - ok

17:17:11.0376 0x3184 [ 9E6CB1D3F6AD67AA7A2C831FB9B7E496, EB9AEC7E780B6FDA8B6082D8F4F88C9393B4E6BB49ACE324C882DFB9AF8D0C78 ] EntAppSvc C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll

17:17:11.0381 0x3184 EntAppSvc - ok

17:17:11.0382 0x3184 [ 1B63CA857FD03FD0A5A1379F2996784F, 9EE5205DCFADAFC62D36528087FA4E023F7E48FF0D2A8333D8A6111AE09D21B8 ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys

17:17:11.0382 0x3184 ErrDev - ok

17:17:11.0382 0x3184 [ 6A5FA501A2D96001391FF3CBA32935AB, 018DB01ADE957A1A1FF5B168A2EC0EFEF8BFBE036079791FDF0C6AA6C12295BA ] EventSystem C:\WINDOWS\system32\es.dll

17:17:11.0398 0x3184 EventSystem - ok

17:17:11.0398 0x3184 [ F1ACA42D448E3986565EA54275EEEA65, C85101D6E7A2204FD73AAACD972F610B6A4BCF7EB7512412FD34660DCB5E8C5C ] exfat C:\WINDOWS\system32\drivers\exfat.sys

17:17:11.0398 0x3184 exfat - ok

17:17:11.0414 0x3184 [ 0AF4B36754A6EAE794EE4398E219A9E1, A818763D7AE6E7F4BC57294BB4D80FE9E04387BB3EBE8A6088D2AF746FF548A6 ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys

17:17:11.0414 0x3184 fastfat - ok

17:17:11.0436 0x3184 [ B1A38C0D977D8738779CA3EFEBDFCA8C, EDD852EF89AFBDDBBBE002E6675EAFCC46742B6136EB22428C84D737C6229FEA ] Fax C:\WINDOWS\system32\fxssvc.exe

17:17:11.0445 0x3184 Fax - ok

17:17:11.0448 0x3184 [ 7CD8426A33F06EB72BFEC51F7C264AF8, 4FDD5F6A8BDF25D965CE52132DD0EA77D335C1C5F77A7758F3F6E22DFC12BDF5 ] fdc C:\WINDOWS\System32\drivers\fdc.sys

17:17:11.0449 0x3184 fdc - ok

17:17:11.0452 0x3184 [ 21EB16C5DDFBC19DEBE9EEC10EA423FB, 514327DA987793AFE1DFB4F2C0F033C349432E6F1F6AACBAE23E24E63EFA51B9 ] fdPHost C:\WINDOWS\system32\fdPHost.dll

17:17:11.0454 0x3184 fdPHost - ok

17:17:11.0456 0x3184 [ 57F98EFE6CB82AE5400BA99C705AF45C, 7AB83C7AF4CA49BFC2976FB707B251C181279B7E16EBDD43AD0E1A4AB8C4DFC9 ] FDResPub C:\WINDOWS\system32\fdrespub.dll

17:17:11.0458 0x3184 FDResPub - ok

17:17:11.0462 0x3184 [ 02F93E4B9EC2821B6670208044FF5332, 2D947C8AE51E749029B3180751E4486E27A19471A7A98087076103D307B5CE64 ] fhsvc C:\WINDOWS\system32\fhsvc.dll

17:17:11.0464 0x3184 fhsvc - ok

17:17:11.0468 0x3184 [ DE51BBBCF358188F9736F031546F9908, E2B80DF63C039663085FA9D63F3F30736EC20C49BC678CBD7D7C7231107C3635 ] FileCrypt C:\WINDOWS\system32\drivers\filecrypt.sys

17:17:11.0469 0x3184 FileCrypt - ok

17:17:11.0472 0x3184 [ 822F664952B0F8D11BB6BD2F11779602, B7E9908A305942194E64E834819186CBBF9DD4469B300DCC8D31E1E5674D6600 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys

17:17:11.0473 0x3184 FileInfo - ok

17:17:11.0476 0x3184 [ 5A4935682A0D47A4EAC4BE3C2ACF74D6, 0DCF2E7928D11F49EBF906233894E81CFFE938ADFCA802CE0207CA58B4A02AAD ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys

17:17:11.0477 0x3184 Filetrace - ok

17:17:11.0718 0x3184 [ 494F167530B08FBB0BF0924242FDD071, D1AC16908B189FCB0BCE0154BD56F958E87C6ACB757FC5918B1690214DEAB6F4 ] Fitbit Connect E:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe

17:17:11.0771 0x3184 Fitbit Connect - ok

17:17:11.0787 0x3184 [ 60641F22D1D38EAD197C25F0339C9712, 110ACEADAE92C384C80356C9DE88E3A94141881E8544DB65736875FFA2716F68 ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys

17:17:11.0787 0x3184 flpydisk - ok

17:17:11.0792 0x3184 FltMgr - ok

17:17:11.0820 0x3184 [ 9DCB91239DE1FE05F870AE3471E70559, 1EA360023B926F4024B602010AFD168A6C615632B05900427D765CD228280EEF ] FontCache C:\WINDOWS\system32\FntCache.dll

17:17:11.0841 0x3184 FontCache - ok

17:17:11.0841 0x3184 [ A7C6894FFF261C0FEFDCB41BE83CF430, C3DB55140E4848873BC0004030933402CD396112C14F432258D875DB1608700E ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

17:17:11.0841 0x3184 FontCache3.0.0.0 - ok

17:17:11.0856 0x3184 [ 6793F7AE8442C487C55352C78739E77A, EA9FE762B8A339183DB3523CD8E8736B6BEF8489EC11380EF7F1530D10631500 ] FrameServer C:\WINDOWS\system32\FrameServer.dll

17:17:11.0856 0x3184 FrameServer - ok

17:17:11.0856 0x3184 FsDepends - ok

17:17:11.0872 0x3184 [ BB82CC2F51F7C3D5DCD13FA3B040D8F8, 24B9735D8E4BC0416AFDEEE534118D98AF363CFE8AEFE8AB23827DC67FC4239B ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys

17:17:11.0872 0x3184 Fs_Rec - ok

17:17:11.0872 0x3184 fvevol - ok

17:17:11.0872 0x3184 [ 3B5DDF1061930A0A891FA63DB0CB878B, BB48865CFAD8299E96AFBC2993A34FB47B52466C897FF0875836BD48A14B78C7 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys

17:17:11.0872 0x3184 gencounter - ok

17:17:11.0872 0x3184 [ 8B34E3F794F652082D7E8AF112F71681, C6CFA239BDF46827BFC89DC9A9BF45B0EBCE3EF1BB7DCA33980A632E549B37F5 ] genericusbfn C:\WINDOWS\System32\drivers\genericusbfn.sys

17:17:11.0872 0x3184 genericusbfn - ok

17:17:11.0888 0x3184 [ 127C23F4720C8902A3AB0FEE12205317, E3BF55D81B04572D11B41CDA2DB4509FD252561EB29ED22CC6F616E856E3D86E ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys

17:17:11.0890 0x3184 GPIOClx0101 - ok

17:17:11.0908 0x3184 [ A7A85B505944F99CB55C8669E4F7FC0F, AE2B11A0309907949D4BACF32BA487C9A7732D647F00ED428102C380F53465A8 ] gpsvc C:\WINDOWS\System32\gpsvc.dll

17:17:11.0923 0x3184 gpsvc - ok

17:17:11.0924 0x3184 [ C7DEA3458E50B691E69EFF0B47CBCCDB, E33330473BDA2025503B2E65DA03C83C884F56B9E684F90695D4AF1AFB922832 ] GpuEnergyDrv C:\WINDOWS\system32\drivers\gpuenergydrv.sys

17:17:11.0924 0x3184 GpuEnergyDrv - ok

17:17:11.0924 0x3184 [ 141904F0581468B39B579EA33CA57549, 1D947A6079CED7840B0FF4720C36D873F5A69EA6C94E4C15ADF1A7C0CD0CD0EA ] GraphicsPerfSvc C:\WINDOWS\System32\GraphicsPerfSvc.dll

17:17:11.0924 0x3184 GraphicsPerfSvc - ok

17:17:11.0924 0x3184 [ 053EEEE1ABAE53F044F1E386E22AE525, 195C8B78C0CF68F3DC1C08E58CE2A7146764F9273C39EF369194A366FA8EE1AD ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

17:17:11.0924 0x3184 gupdate - ok

17:17:11.0940 0x3184 [ 053EEEE1ABAE53F044F1E386E22AE525, 195C8B78C0CF68F3DC1C08E58CE2A7146764F9273C39EF369194A366FA8EE1AD ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

17:17:11.0940 0x3184 gupdatem - ok

17:17:11.0971 0x3184 [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc E:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

17:17:11.0971 0x3184 gusvc - ok

17:17:11.0971 0x3184 [ 99A34FD1F6431A10D8C3BB50E170D0F2, 14BFF99BBF9ED53D3A157B096CDE0394824260021BA96E1F2C7B1CFB598DD850 ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys

17:17:11.0987 0x3184 HDAudBus - ok

17:17:12.0038 0x3184 [ E00BA58A741FEE0209367E79B0FF3F47, FF79C90E87EBEC04207A4B70EE42E86A8C6533725AF40B18668B514404394EB3 ] HDRExpress3Service e:\Program Files\UCT\HDR Express 3\HDRExpress3Service.exe

17:17:12.0038 0x3184 HDRExpress3Service - ok

17:17:12.0057 0x3184 [ 2443FC6EEB9CF092B62127D867901B02, ABD5E907FF066B95C5697C4E470B4EA19976DEC90C8159B963A82EDA218AB114 ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys

17:17:12.0060 0x3184 HidBatt - ok

17:17:12.0071 0x3184 [ 205043CDC16ADE85E252DD54AE925161, F377F046EFEE53C7786AF15C0BB5BADE36511427575A712B0098A883F3715DB3 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys

17:17:12.0074 0x3184 HidBth - ok

17:17:12.0082 0x3184 [ B521DDDC9038C066B1B957BF063A531A, C5FE68FB22C28C4D06A0792FD5AC9A1F0EC01EF26E1D37B9DF05F22D8B7DFF8C ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys

17:17:12.0082 0x3184 hidi2c - ok

17:17:12.0082 0x3184 [ 5AC0EBFA76E93273A806176D3178E986, 679BFEFF9F4172EBB14A6C2E8381F54FBDC9E8705E8B0F306723DDF48B6E5143 ] hidinterrupt C:\WINDOWS\System32\drivers\hidinterrupt.sys

17:17:12.0082 0x3184 hidinterrupt - ok

17:17:12.0082 0x3184 [ 366AC0E05EBF5D5C375F65CD8BC7F0DF, A6B751864E33EBB5DE2E09403A8C26E72DD5510F3A380FA502393FC11A14A433 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys

17:17:12.0082 0x3184 HidIr - ok

17:17:12.0104 0x3184 [ 75F4CCB7FF03603E91DD0C7FF83DAABF, 10508A6C36163C9D40C16A47AB4CA8C03C89BB7795690818E5C562E3FF828D5B ] hidserv C:\WINDOWS\system32\hidserv.dll

17:17:12.0107 0x3184 hidserv - ok

17:17:12.0112 0x3184 [ 7CB54D02746024648FCE184FC3F941FF, 6C7B8E6AD3C05D66868D0268C9C8183021AB241E576184FAD0BD50ED4E18E9ED ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys

17:17:12.0113 0x3184 HidUsb - ok

17:17:12.0125 0x3184 [ B5E3F4730F2471C76946E04645203690, D31C45C2BC7554A8B865620A5C7C4E0FF4D31E609D92D760B762955AC7FDB0BF ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll

17:17:12.0125 0x3184 HomeGroupListener - ok

17:17:12.0141 0x3184 [ 24C900B7296AA9867FB761A5801AFBD1, 4A765E905D0F7C4B450A28FB85F413F4EAD2B53240E804FA531626ABB0518381 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll

17:17:12.0141 0x3184 HomeGroupProvider - ok

17:17:12.0156 0x3184 [ 835FB95D85D362057A72D21A48C2C7F8, 06A57F9E459E52DAA7B27F232DBC1E0ED0E04759D34AF3E15A645D11DFDD6A58 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys

17:17:12.0156 0x3184 HpSAMD - ok

17:17:12.0156 0x3184 [ 1878A79551F2EDAE7EBD110AAE6D33AD, 1F409360B44AEB3A6023E953EAB350FFB3EB8322F589E2422AB312288B33A2DA ] HPSupportSolutionsFrameworkService C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe

17:17:12.0156 0x3184 HPSupportSolutionsFrameworkService - ok

17:17:12.0156 0x3184 HTTP - ok

17:17:12.0156 0x3184 [ AD930879F319969EB09449C015A32104, 3C33CFA1D3452EAB689178D09311DFF84C4A2D5854837DA75B1D7CC57CE6FB5F ] HvHost C:\WINDOWS\System32\hvhostsvc.dll

17:17:12.0172 0x3184 HvHost - ok

17:17:12.0172 0x3184 [ 9F2CFC90306532866C62BDCDFD2532AA, F27B1087B1E3E06FB49092BBF2DD8CF5B6ADD4CE061FE10C3ED44C58B92BE007 ] hvservice C:\WINDOWS\system32\drivers\hvservice.sys

17:17:12.0172 0x3184 hvservice - ok

17:17:12.0172 0x3184 [ 3737FE486929AFC48F1D10677B698E52, 9E8792F3A494AE3E7CDA65E93B561B6FFFB9C781606F5863D524DDD24CFEB9C3 ] HwNClx0101 C:\WINDOWS\system32\Drivers\mshwnclx.sys

17:17:12.0172 0x3184 HwNClx0101 - ok

17:17:12.0172 0x3184 [ 3C65EBF7F1BFD98426C355D66876ECEE, CA1DC462C4D96176C81EF3448238B76B4CDA3C521533973B281359D7F436B8A5 ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys

17:17:12.0172 0x3184 hwpolicy - ok

17:17:12.0172 0x3184 [ 7E00234C67A322988AFEA717D5609C9E, 9210E400200B1313426792A67C27ECA4DBA9872111DC3C217195FC5DEAC4614D ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys

17:17:12.0172 0x3184 hyperkbd - ok

17:17:12.0189 0x3184 [ FBF5BB641DE99AE1DF4835E88D4F8993, 55250C1FCCDA74249D5EE15B2502A68DB1EB60C7AC24500B9FB2DF2E3319CDAB ] HyperVideo C:\WINDOWS\System32\drivers\HyperVideo.sys

17:17:12.0189 0x3184 HyperVideo - ok

17:17:12.0194 0x3184 [ 56FF074E50F9042FD2856AB3418F4B18, 239C9BF23DE2E36FD7112C425CDF18F29B751D75EF3551AEFB048FAD2B0A55E2 ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys

17:17:12.0195 0x3184 i8042prt - ok

17:17:12.0197 0x3184 [ B5EC43755E62591197DE5CBBDAA9FEB7, 1B4E0EAB677B09A050925879ECDA311404270DCF020AAD390692427198C73C9F ] iagpio C:\WINDOWS\System32\drivers\iagpio.sys

17:17:12.0198 0x3184 iagpio - ok

17:17:12.0201 0x3184 [ D8CA23F9C5FEF44296FDE1E005C06EC0, 0D7B03EF9E19B9B2A28C3318560488B3F9573CF364A533A9B4A2CD0A7FFA4F84 ] iai2c C:\WINDOWS\System32\drivers\iai2c.sys

17:17:12.0203 0x3184 iai2c - ok

17:17:12.0206 0x3184 [ 7B769C9D19C013F94874C4B15D59A005, 53A15F0480AEC43B5A01CFB17360188885B6ECBFFF6E566D27E5B6D4C7737243 ] iaLPSS2i_GPIO2 C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys

17:17:12.0207 0x3184 iaLPSS2i_GPIO2 - ok

17:17:12.0210 0x3184 [ E0F1B3A2A70FABE3BE1C9140BB55E607, 34E5B055619F3A26B7BB6054EA49D40B7D6DAFE234F57F358FE7C8EE83E10618 ] iaLPSS2i_GPIO2_BXT_P C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys

17:17:12.0211 0x3184 iaLPSS2i_GPIO2_BXT_P - ok

17:17:12.0215 0x3184 [ 89A869BCC0588A3009ECB875B09ECD39, 5ECC2C6E661B326511682D8EA1C82F942C63835890687285FEF455C5C9DC2476 ] iaLPSS2i_I2C C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys

17:17:12.0218 0x3184 iaLPSS2i_I2C - ok

17:17:12.0223 0x3184 [ 2E693DF3C02A0859DB8DE25772751100, 3EFFDA44B247E04258429ADC85E88E23F926FD487A3A85BF879E6E5802197B3F ] iaLPSS2i_I2C_BXT_P C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys

17:17:12.0224 0x3184 iaLPSS2i_I2C_BXT_P - ok

17:17:12.0224 0x3184 [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys

17:17:12.0224 0x3184 iaLPSSi_GPIO - ok

17:17:12.0224 0x3184 [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys

17:17:12.0224 0x3184 iaLPSSi_I2C - ok

17:17:12.0240 0x3184 [ 435883A27A376B125BD4DF888417C85F, 091F9285FCF1D5605D03CB68C062A2DE6FF2D705FF43E983A8A7B5DFA0872A96 ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys

17:17:12.0240 0x3184 iaStorAV - ok

17:17:12.0256 0x3184 [ 7118E4390C4ACDE61E280CE52BCAF44E, 11123C1555344A191283187BF1F4A8D731E29EE27C7A7A7916873E8D2E95D978 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys

17:17:12.0256 0x3184 iaStorV - ok

17:17:12.0271 0x3184 [ 9DBE8C359ABACE1BE1BBAB687D114506, D2E5CB2BFC42627C1BB38A68F925DD534AEFFF9354AFD184005EC338E8E6B232 ] ibbus C:\WINDOWS\System32\drivers\ibbus.sys

17:17:12.0271 0x3184 ibbus - ok

17:17:12.0288 0x3184 [ 113F3C05CE9B41144E6BF5FEDA4F09B7, 8A0610558DAEEAD81D32456FF8E03463F430ADB84457ED12C34CB76AC3EA407A ] icssvc C:\WINDOWS\System32\tetheringservice.dll

17:17:12.0292 0x3184 icssvc - ok

17:17:12.0308 0x3184 [ 72AB18B50053FA57B08FD4065C11B16B, 4D0CDAEF3C168539BEE22F28CBFEA380535FD78863965EAC6421B9E26048D1F5 ] IKEEXT C:\WINDOWS\System32\ikeext.dll

17:17:12.0319 0x3184 IKEEXT - ok

17:17:12.0323 0x3184 [ 42CAF6216A6E516DC56BA319ACC7EEC5, DF60FF41F06D1101E4A81F7416DB5A34D7BA885CBA874BC15AD43FB4080F2958 ] IndirectKmd C:\WINDOWS\System32\drivers\IndirectKmd.sys

17:17:12.0324 0x3184 IndirectKmd - ok

17:17:12.0326 0x3184 InstallService - ok

17:17:12.0358 0x3184 [ CCEDD47ABD068C58C8513DEB785093BB, 2B5571688655265037ACB44D2F2E0CD646EC0567D823C32CA09F13A1814C241B ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys

17:17:12.0407 0x3184 IntcAzAudAddService - ok

17:17:12.0415 0x3184 [ 40943C1CD031ACE06A8374AD56B9E5EA, 05E5AD4330F272C421A8726E9E6555115D8717DC5AFDE3CC1DB53A3D7518BF62 ] intelide C:\WINDOWS\system32\drivers\intelide.sys

17:17:12.0415 0x3184 intelide - ok

17:17:12.0419 0x3184 [ 327D9CCF5492543AEF3979F9EEAD02BE, 1C6CD9ECB785D022A38DF683FACCA737469BF72E42365CD6DB8C2675F2ED1F1C ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys

17:17:12.0421 0x3184 intelpep - ok

17:17:12.0426 0x3184 [ 10F2757836F41BFAEA2AE19F6FE869B2, 487863EEAEDDC80E39A04030D69950BB58A8BF81EEFBC667398F9F4C238DE007 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys

17:17:12.0426 0x3184 intelppm - ok

17:17:12.0426 0x3184 [ E7E63F634298F3033B90B988A038698E, 0C1BAAB2B2D15D89B4479EAC6465349AF021DFDF479DA72844C54726EA369C78 ] IntuitUpdateServiceV4 C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe

17:17:12.0426 0x3184 IntuitUpdateServiceV4 - ok

17:17:12.0426 0x3184 [ 8387E90B551B9B7F32EDC69909591E9E, 7086B6F2B728D7C46F0A1E7E4F81B3D33C25BD5F8A2A4ECEBA55F8C68F164500 ] invdimm C:\WINDOWS\System32\drivers\invdimm.sys

17:17:12.0426 0x3184 invdimm - ok

17:17:12.0426 0x3184 [ E207078E0E1BB3524277DB9077E4148E, 309320950095AF83DCBE08BFDD4BFE4EBADBF48CA255871A6B37BAAA7B4A5B38 ] iorate C:\WINDOWS\system32\drivers\iorate.sys

17:17:12.0426 0x3184 iorate - ok

17:17:12.0441 0x3184 [ FD8F64B7B345E539F2EA7F72846F83B4, 95F232BC2454D68F1A154C9BD8FCCF60D36F5424B798661D6F1DD8E052ED0D04 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

17:17:12.0441 0x3184 IpFilterDriver - ok

17:17:12.0441 0x3184 [ 0076CE11539416052A7A79B2DCC53E6D, 0FBBC0948B096922333B54E4DB98BD716CF95340CF699BD3D4EC31B0BA7897CB ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll

17:17:12.0457 0x3184 iphlpsvc - ok

17:17:12.0457 0x3184 [ 8AAB863E72A4F9C578FED2EE3541545B, B3278B790DF9F77F8FDDBECAD22E0D2E080D74B8E61EFF112055478B3B0B2329 ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys

17:17:12.0457 0x3184 IPMIDRV - ok

17:17:12.0473 0x3184 [ 7BEC2AF23F586EFF0DB4DBF4331B0C70, D02506CAB19AD1D3ABBB35FCC569ED613EB9D6828E9BC0389EC8A8DFC548334B ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys

17:17:12.0473 0x3184 IPNAT - ok

glhglh · Jan 24, 2018

Part 2:

17:17:12.0489 0x3184 [ 0C249FD26DABF07C3D55AEC2AADE1E84, 22835E267B7780FDAE1072440C94F04B1AE9584B6CED0AB83FD9BE702F95AC78 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe

17:17:12.0496 0x3184 iPod Service - ok

17:17:12.0499 0x3184 [ 35A54F19E703D4FE5919F812F6CC5D0A, B0AC1C97D115F57390BD2B4F9114429CF1729EB8D658B3EAEC8ECF28A24369F7 ] IPT C:\WINDOWS\System32\drivers\ipt.sys

17:17:12.0500 0x3184 IPT - ok

17:17:12.0503 0x3184 [ F6C47021C41F721B628161B64D7DECB9, 625227F18518098C00AF2C6F4EE5D96711D26080459AD2C9F7CF2A5778DEF191 ] IpxlatCfgSvc C:\WINDOWS\System32\IpxlatCfg.dll

17:17:12.0505 0x3184 IpxlatCfgSvc - ok

17:17:12.0510 0x3184 [ 359CDDBC825959DA28FA886B3C271B53, 27758898F6297E768706CA408E5D0310291D74FE312580E68F8E8A0C2F52B0F3 ] irda C:\WINDOWS\system32\drivers\irda.sys

17:17:12.0511 0x3184 irda - ok

17:17:12.0514 0x3184 [ F88664A2A82DDA456180FFF95A771765, 004BBC715FE6EC0D4D2CAE978EA64C6CEA130EE10C356B7FACF0C98B51E8AECB ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys

17:17:12.0514 0x3184 IRENUM - ok

17:17:12.0517 0x3184 [ 4F500A0171606B0E37964694140FCA16, 6E29A7348395EE3EB85E2BA97E581FBF605CE1BA4651F5848976AD293CC797E3 ] irmon C:\WINDOWS\System32\irmon.dll

17:17:12.0518 0x3184 irmon - ok

17:17:12.0520 0x3184 [ 2296B158C43C306B0AC5B4D57EA9F0E1, 7B256FFF111F42EB0BE39B9C6CC5B215F80F8105E64A2DBC2F228F38AC79DBB5 ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys

17:17:12.0521 0x3184 isapnp - ok

17:17:12.0525 0x3184 [ 2DC0765992CFECE3B13F3BFD20E69DCC, B872E6D77768D89D921D856D28EFDF8205F8407087AB01826DAD99303460A84F ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys

17:17:12.0525 0x3184 iScsiPrt - ok

17:17:12.0525 0x3184 [ F415A88162D23977B5EDAE4F0410E903, B86FD88B4285ED96BFDB9430E4DB134AC1B09DBB541929C4D6C1EEAF792D444D ] IviRegMgr C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe

17:17:12.0525 0x3184 IviRegMgr - ok

17:17:12.0525 0x3184 [ E320F986BBE0CD9324EA0A193EBF29B1, 9B4C7F1493377CE532361F88A0C88798F24E7EFB093DA2F0A6CB1575B9E3535C ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys

17:17:12.0525 0x3184 kbdclass - ok

17:17:12.0541 0x3184 [ AFF5DDCC1A79217C9526FF5E01A69E89, 2BCD49DD8DD977B97521465B981332CA8FA8D16AB45B45993C87647FA3E9DAF0 ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys

17:17:12.0541 0x3184 kbdhid - ok

17:17:12.0541 0x3184 [ 916E62AF3386F7A74603E5C545F6FF2D, C5CA784F60B8CA3DE0672A816DCE14F1AD6B6783A5E6B556ED7C91337F65144F ] kdnic C:\WINDOWS\System32\drivers\kdnic.sys

17:17:12.0541 0x3184 kdnic - ok

17:17:12.0541 0x3184 [ 94E06D509D50807774F35BEE3163E806, ADADFA0D533944579BA0E5FE31A68D4D1395E7B9DB75E58D47E0ADC0DA5AD16C ] KeyIso C:\WINDOWS\system32\lsass.exe

17:17:12.0541 0x3184 KeyIso - ok

17:17:12.0541 0x3184 KSecDD - ok

17:17:12.0556 0x3184 [ C1081E2B36F77781167FD9401119B98E, 8D653A39BB03A4CEAAB564A27BFEC853E9B85020D511C7A814BCE52AB3D127F3 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys

17:17:12.0556 0x3184 KSecPkg - ok

17:17:12.0556 0x3184 [ DD8C4726127CFE313233372D70787C37, 2420616FEEFC08A3F47420193A3A592D4AC5D2C817D27E5B7E4FD64153751AFB ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys

17:17:12.0556 0x3184 ksthunk - ok

17:17:12.0556 0x3184 [ 6EAF246BC12DB548AC65A4CEFB14B547, F1487051FE459DB5A751DA2A6FF1E552F92226933AF8C037FA7D660B049896A3 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll

17:17:12.0576 0x3184 KtmRm - ok

17:17:12.0582 0x3184 [ E154D11E1EDAD53DF6A2204F3A604F28, 303106836E2A442264D9F415528F75D1FDEE5C1757513FC050A68DF5A26AD3D6 ] LanmanServer C:\WINDOWS\system32\srvsvc.dll

17:17:12.0587 0x3184 LanmanServer - ok

17:17:12.0602 0x3184 [ DBB81AAC130C4CAAB87E519467846A06, A74A3383757A1C117AE56650119C9A5F87B2B399FF936E3AD11FDFBBE18D1457 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll

17:17:12.0608 0x3184 LanmanWorkstation - ok

17:17:12.0612 0x3184 [ D81931EF9914A135F9ECF409DC826266, 8BA15C12B374DE555CB7D3CDFDDC42FE583625A9C29BCCDDEB432223E4DEEB2D ] lfsvc C:\WINDOWS\System32\lfsvc.dll

17:17:12.0614 0x3184 lfsvc - ok

17:17:12.0617 0x3184 [ F180F46B88044C6F6D3C313A799E5857, 4EBF8B5F5B5C90E6E5811A044ABDA83F1AE2FFAEA112EBD5F0F83C8FE91D8004 ] LicenseManager C:\WINDOWS\system32\LicenseManagerSvc.dll

17:17:12.0619 0x3184 LicenseManager - ok

17:17:12.0622 0x3184 [ CB5A6E117502156794F0DA9E61506006, 4FE96BC006BCB289C5D2F3549638C115441B484F264600CFB13EC94B4EE800D4 ] lltdio C:\WINDOWS\system32\drivers\lltdio.sys

17:17:12.0624 0x3184 lltdio - ok

17:17:12.0625 0x3184 [ 48199253D7F6119F88294F8845F0808D, 85C014250C14425BEFF2D8B2CCF6A29D9A5DA329ECD00F1E6D4F8DB809194FAC ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll

17:17:12.0625 0x3184 lltdsvc - ok

17:17:12.0625 0x3184 [ DCF6F1AA7A51CC08FED089363F83316E, C80FB26A6172510F3AD5E4D636AA49AD5D931FB47BECD9E8507F781D88917710 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll

17:17:12.0625 0x3184 lmhosts - ok

17:17:12.0641 0x3184 [ 20048BEE892138A745B1C23EBB0E069F, B526035CE839BADA6ABC0A0CBFFDFA5267F4EB668AE201871E61E0011518843E ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys

17:17:12.0641 0x3184 LSI_SAS - ok

17:17:12.0641 0x3184 [ 9EAB16572B576979D585DDEDB12417CD, 97C37DFEA309E27E4AC50D1F4C7C3D1FB9661E0DEBB442D620D8E460F9FC9966 ] LSI_SAS2i C:\WINDOWS\system32\drivers\lsi_sas2i.sys

17:17:12.0641 0x3184 LSI_SAS2i - ok

17:17:12.0641 0x3184 [ 3B7B359C0870317106DF3438D4FF491D, 5EDF767D79EF49210DD3BCC00D7629600DD522B29A2B9A9D7805076ECDCBFD1D ] LSI_SAS3i C:\WINDOWS\system32\drivers\lsi_sas3i.sys

17:17:12.0641 0x3184 LSI_SAS3i - ok

17:17:12.0657 0x3184 [ 2DE03BA338A4B0ACDB416A30F1C7D56F, CF2218EA8C67CC13893B286B0904F28FBFE5AA818CC3AD1C77120B7B6E80031F ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys

17:17:12.0657 0x3184 LSI_SSS - ok

17:17:12.0657 0x3184 [ CB538B44AC849D6D3A7D73B32A821DD9, AADC3E2C3BEBB7FCEE604AF7628FFD47ECADF6F2DEC2155F3E3E6066201A0BA2 ] LSM C:\WINDOWS\System32\lsm.dll

17:17:12.0672 0x3184 LSM - ok

17:17:12.0672 0x3184 [ 9A497169E145FCE2D8AA7DBC67377F64, 3FA4CE7455ACBB32DECA8BC7EAD0EC1A0E123CBCBF8781FBB16453455AB9F0FE ] luafv C:\WINDOWS\system32\drivers\luafv.sys

17:17:12.0672 0x3184 luafv - ok

17:17:12.0672 0x3184 [ 3520DE00ABC5EFF0DBAFD41129AD970F, 821F9D9AAA6D8B08BEBFB76DAE5A8CCFB598789510A93D3DD4F149A39EE5D6B5 ] MapsBroker C:\WINDOWS\System32\moshost.dll

17:17:12.0690 0x3184 MapsBroker - ok

17:17:12.0699 0x3184 [ BF56CB9D02DEE8CA9CBA50220BE16F15, C6380ED59AD7B9CC9451A24808E193454CF15D90A2C1DAF22FBD3380B150F96F ] mausbhost C:\WINDOWS\System32\drivers\mausbhost.sys

17:17:12.0705 0x3184 mausbhost - ok

17:17:12.0708 0x3184 [ 01BDEE1FFF6D2216797DFEE4ABD937D9, ED247E6F87ECA39A7D479CA7E386D85CE8B2978164E4E9876196176F393E1235 ] mausbip C:\WINDOWS\System32\drivers\mausbip.sys

17:17:12.0709 0x3184 mausbip - ok

17:17:12.0772 0x3184 [ 734B435E1693386213EEFD4D17A70DEB, EC6288CB37BD420DA071E800FBEF25BCCF22F2A40F98DB22F1C86D87157EF1AA ] MBAMService C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe

17:17:12.0840 0x3184 MBAMService - ok

17:17:12.0856 0x3184 [ B047B9CE5A0D800E6D713B43D0405221, 9A560D6D313476F478629CFCED3DB92F3818EF9CE5E226124D02CB496549D9E1 ] MBAMSwissArmy C:\WINDOWS\System32\Drivers\mbamswissarmy.sys

17:17:12.0856 0x3184 MBAMSwissArmy - ok

17:17:12.0872 0x3184 [ 8FF2D95CBA49B405C5DE27039FF0BF35, 03BF7FC7F1C2C76EDB583BA342EA1C325DB8058517744EF2A78529D3938F4DC1 ] MBfilt C:\WINDOWS\system32\drivers\MBfilt64.sys

17:17:12.0872 0x3184 MBfilt - ok

17:17:12.0872 0x3184 [ C7B8B5053D646CBD30BE1BA6B487D396, E3864D4CE619D67E284C64A4EAA8843FB49BC2B8CC8659F4C4B89DB6701468CB ] megasas C:\WINDOWS\system32\drivers\megasas.sys

17:17:12.0872 0x3184 megasas - ok

17:17:12.0872 0x3184 [ EB8ED3204499DDB2D3BA094A4563EE3E, A5D0095D575B241CA66CAD86280170803E7042F51D3654FCB03D7EA2347E261B ] megasas2i C:\WINDOWS\system32\drivers\MegaSas2i.sys

17:17:12.0872 0x3184 megasas2i - ok

17:17:12.0890 0x3184 [ F1C1D4E752DE1D58295040E5BE8813AF, 4DE17C5FCE63AFD545B16FA16A38F7395F29155FE165E7B21BC028CCD2A4B18E ] megasr C:\WINDOWS\system32\drivers\megasr.sys

17:17:12.0897 0x3184 megasr - ok

17:17:12.0900 0x3184 [ 2BB3EAE2EA641515D4B205CAB29E1624, D3F18EE393EB1B0F919484281269A3C55A092D023E62C59D74CB63A55612024B ] MEIx64 C:\WINDOWS\System32\drivers\HECIx64.sys

17:17:12.0901 0x3184 MEIx64 - ok

17:17:12.0905 0x3184 [ 4965456A1B4B3039E4B9AB233F5E9B1E, 3C303FE2BF9B38D73D005EA673C9500731125D793F4C77130F9BA8D745579591 ] MessagingService C:\WINDOWS\System32\MessagingService.dll

17:17:12.0907 0x3184 MessagingService - ok

17:17:12.0921 0x3184 [ 16B078D1089FEA98710C9D07C152DCEE, A42C28E12F1BB21E907C1308447AD63DDF8FA5B2734A199A6EBE3824F3D1235C ] mlx4_bus C:\WINDOWS\System32\drivers\mlx4_bus.sys

17:17:12.0925 0x3184 mlx4_bus - ok

17:17:12.0925 0x3184 [ 20C57CE47B1A877C48A4B68E9A4E21FA, 35F98286F0665C5E06914F04F174476FBB41823564EDC55E351FCE211E2C765F ] MMCSS C:\WINDOWS\system32\drivers\mmcss.sys

17:17:12.0925 0x3184 MMCSS - ok

17:17:12.0925 0x3184 [ A4467A5C080318F0CCCF5ED463821F8B, C8ECD63245B19807BAA92C3F3F87643A2F6B178395ABB15BD54D9DE68CC1A09B ] Modem C:\WINDOWS\system32\drivers\modem.sys

17:17:12.0925 0x3184 Modem - ok

17:17:12.0940 0x3184 [ 78BE85C1F1C7F3AF6C87BCE127007D5A, 5D5229FBCDC855BFF9BA3247BF4EF8E22764CFC1EC974FD5AB2D9E6293EF15A1 ] monitor C:\WINDOWS\System32\drivers\monitor.sys

17:17:12.0940 0x3184 monitor - ok

17:17:12.0940 0x3184 [ 8E262B34A8BD184B4B3025AA8C396B00, B48AB637A92894318DC0A33CE55519D8FBD7B31177FA3C4CA33D8609D4FC0058 ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys

17:17:12.0940 0x3184 mouclass - ok

17:17:12.0940 0x3184 [ C094A555F148495EA130D3BBC5232D5E, 32E823C20FED94DB23F72F67DF1A2C043CA6179A543F3BD24FCB5500BA00A37C ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys

17:17:12.0940 0x3184 mouhid - ok

17:17:12.0940 0x3184 [ 6434BC884502E95EEA2379C92DD22B60, FCE43DC4C891A1C0346EA9A1EFC09E2B4744191BD164BC850200BA05160FB991 ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys

17:17:12.0940 0x3184 mountmgr - ok

17:17:12.0956 0x3184 [ BF2513029E231BE96D82F7C3ABFF87F4, F6DB64112CC50EEE495E2D7C61B8BDBE757A31B03144B0396615FD38C312824E ] MpKsl761a35d5 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A4B95911-7EE7-4C5C-A66B-D43FC09215B4}\MpKsl761a35d5.sys

17:17:12.0956 0x3184 MpKsl761a35d5 - ok

17:17:12.0956 0x3184 [ F36E4074C66DD31855A8D79EF0AE8066, 01C01B3EAEFADBCDACA5BE7CB2AA199667786C1AD637CF6792BF715242BEFEAD ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys

17:17:12.0956 0x3184 mpsdrv - ok

17:17:12.0956 0x3184 MpsSvc - ok

17:17:12.0956 0x3184 MQAC - ok

17:17:12.0971 0x3184 [ 215D672CB71987CD98EB2298EFB84DDC, 7E23C36DBB7C80556560E1DECE5E8F5D3D422F3D1FFE9CEA511A0BCD9D69D304 ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys

17:17:12.0971 0x3184 MRxDAV - ok

17:17:12.0971 0x3184 mrxsmb - ok

17:17:12.0971 0x3184 [ 6537678DEEA2A5B079052D75E21E46DA, A509481D509597A8A58C536C689A23086ECB2C15B4BE1AA80DBBF82B73673A2A ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys

17:17:12.0988 0x3184 mrxsmb10 - ok

17:17:12.0991 0x3184 mrxsmb20 - ok

17:17:12.0995 0x3184 [ 167408B38458ECAE545C57527BC99024, CB699B6C6F5B6DCDE85F8F0E40DD31B8066600A0833E5CD99ADE31DEC516B34F ] MsBridge C:\WINDOWS\system32\drivers\bridge.sys

17:17:12.0996 0x3184 MsBridge - ok

17:17:13.0000 0x3184 [ D5778559A0F34EE0BF0457293C6B5F4F, 73C0829F641F62CBFC0523ED54D94121E3A694ECCF148DBF4A5743631BADB714 ] MSDTC C:\WINDOWS\System32\msdtc.exe

17:17:13.0003 0x3184 MSDTC - ok

17:17:13.0008 0x3184 [ AE111778CA6AC08862B3C713F0413333, 99B0F4C92E4897D44FB307730486CAC95B8EE6734C025033C4436B92C5A2DF20 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys

17:17:13.0009 0x3184 Msfs - ok

17:17:13.0012 0x3184 [ 6DDDFCAB646BBBCFC583135C4430E10F, 5EFD3F4F84EBEEC58914D5CC89622D69F2DBDFB7EB9AD8D9A0868127187FD673 ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys

17:17:13.0013 0x3184 msgpiowin32 - ok

17:17:13.0015 0x3184 [ 01C6A86BEA8279E557A5056148F068BF, 42983A61654F51515AC6DD64A68D319883FD02B3EC575F7EA7A907576866F0AF ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys

17:17:13.0015 0x3184 mshidkmdf - ok

17:17:13.0018 0x3184 [ F65ABC7DE945047147F17330F79732CB, 050C64D7284D767C951E94EFBA579D0E066C36CA1899A2C64CEA41A34B8E9EF2 ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys

17:17:13.0018 0x3184 mshidumdf - ok

17:17:13.0022 0x3184 [ 05B23012427801E710BDD12720B9020B, 48FB22CFDF61AAE4221B3B23E539C08083289FB0CB5ABF249700DDF968C7250A ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys

17:17:13.0022 0x3184 msisadrv - ok

17:17:13.0025 0x3184 [ 21B88DF67507BD4DFF8A5487074BB31F, 5F2E1FB6227873DCA97D1BE6271E900AFA6BCE54D765C9BDBA07B74FC87B147B ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll

17:17:13.0025 0x3184 MSiSCSI - ok

17:17:13.0025 0x3184 msiserver - ok

17:17:13.0025 0x3184 [ B25B2CD3E052D68075A3814AAA0C6421, 7297C03D31D54725B4F2A6888F8DCBEBDA3DF37630E15EBFA38AE5F973F66DAB ] MSKSSRV C:\WINDOWS\System32\drivers\MSKSSRV.sys

17:17:13.0025 0x3184 MSKSSRV - ok

17:17:13.0025 0x3184 [ C3F5EA6B9041A30B4F11BE2E7863E487, 07324A9D81D30A173D3F369AA1A304AD7713C7CCF9909C6427718F0F90CE49C9 ] MsLldp C:\WINDOWS\system32\drivers\mslldp.sys

17:17:13.0025 0x3184 MsLldp - ok

17:17:13.0041 0x3184 [ 6F1422468DF5B12D87EF1B7956429721, 8533FFF07ED28A31376A4AEB83597F22D11D99D19A75053D1F64548D6379087E ] MSMQ C:\WINDOWS\system32\mqsvc.exe

17:17:13.0041 0x3184 MSMQ - ok

17:17:13.0041 0x3184 [ 601D666820F0408B896791D19BE6D258, DD6BA3962A6D387D9F06B6D7006DBB2BF46D84A8FA91C628DA9D96117F14F4F0 ] MSPCLOCK C:\WINDOWS\System32\drivers\MSPCLOCK.sys

17:17:13.0041 0x3184 MSPCLOCK - ok

17:17:13.0041 0x3184 [ 46E61FBA0097E48E5628C74A3F72233A, 21BD64041781085A7873ADA34C3648FBBBED386A071C69F21D98F2A0C3120DC6 ] MSPQM C:\WINDOWS\System32\drivers\MSPQM.sys

17:17:13.0041 0x3184 MSPQM - ok

17:17:13.0041 0x3184 [ 4EB9B77179BDEE89C496E60D4BF85CC1, 4CF2915381DFDF8DAB37B63DCE98CD5BEB22D6D174329F650ACBE1A4915AC7FE ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys

17:17:13.0056 0x3184 MsRPC - ok

17:17:13.0056 0x3184 [ 29DC5DFDF305E73A40AB13D102736EEA, 3F17F1841E5BD266962D106342CE811497E46C3EBCD9A6CDF5B4FB4B8D64DE21 ] MsSecFlt C:\WINDOWS\system32\drivers\mssecflt.sys

17:17:13.0072 0x3184 MsSecFlt - ok

17:17:13.0072 0x3184 [ CBD56E0B55FB3672BA80382EC2F8835C, 1956E9B20A363B715C2111138D2085AA28FEDA7A82228CB4D8CE7ACC578E4DDB ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys

17:17:13.0072 0x3184 mssmbios - ok

17:17:13.0072 0x3184 [ 5734B2A36D3BB13A638E5305EEEC582D, 613D559ED892EC4ABDF80F2435892895677F97902E699BE30283C150ABA49877 ] MSTEE C:\WINDOWS\System32\drivers\MSTEE.sys

17:17:13.0072 0x3184 MSTEE - ok

17:17:13.0072 0x3184 [ 85270E0DC6907C6B99F72A36F17AED34, 58C0BBF9CC9E42266C8AF9AB9FEC77442F96C7C6D0DFCFAAB763DAD30B1B7939 ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys

17:17:13.0072 0x3184 MTConfig - ok

17:17:13.0072 0x3184 [ DB5B1539F5EBB3DD3A7ED25ADBC4D6D9, 4E40FE2A1A498913E7D37F1B5D6D7B0E67370B833FC69636BA7E807C21225999 ] Mup C:\WINDOWS\system32\Drivers\mup.sys

17:17:13.0089 0x3184 Mup - ok

17:17:13.0091 0x3184 [ 3C57FF3BCF496D24C39C2198158864BB, 8671DF39AE5DD83033EC70BF8A502ED027B33B90FFC28AC2C79EC8F2F9128C14 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys

17:17:13.0092 0x3184 mvumis - ok

17:17:13.0095 0x3184 NativeWifiP - ok

17:17:13.0097 0x3184 NaturalAuthentication - ok

17:17:13.0101 0x3184 [ FBA9F5B9F59A665F248F70B905EDCE14, D2C1795192809F6413E080A9ADC949A4D99D0FC6BE668870127161474FF40596 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll

17:17:13.0105 0x3184 NcaSvc - ok

17:17:13.0112 0x3184 [ 1A75CBB2C8161676CEA17E6FFE441FE7, 7F4F0CBA5BAF34AD8AD50AB0E9C36B17D2C875EF38774F9F1139F7EA3DD44C8E ] NcbService C:\WINDOWS\System32\ncbservice.dll

17:17:13.0117 0x3184 NcbService - ok

17:17:13.0121 0x3184 [ 3C7E074AE41D8DFB41A9E65904D8BF43, 34890591FDCEC035D3BB021DB035A4728C415A70F55D88F21E39073040C912AB ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll

17:17:13.0124 0x3184 NcdAutoSetup - ok

17:17:13.0125 0x3184 [ 77B047B109CE758A017F58FAE5038D0D, 8E9E4ED5128C506B696FD5F0E8AD0D11FF53B5DD2F88860FF8F60307A7E08DEA ] ndfltr C:\WINDOWS\System32\drivers\ndfltr.sys

17:17:13.0125 0x3184 ndfltr - ok

17:17:13.0125 0x3184 NDIS - ok

17:17:13.0125 0x3184 [ 067AE5BA349CC35AF8975D22DC483DDF, FEC185ECDA27041506DF74528AA65B32FEBB06E32A55C8F7BA161A755C6659CF ] NdisCap C:\WINDOWS\system32\drivers\ndiscap.sys

17:17:13.0125 0x3184 NdisCap - ok

17:17:13.0125 0x3184 [ 6FC4D7EB5D38CFB7966405036116F065, B3E9083ABE7AD797FA54FB1308AA57D49C9B7BA662B09607666B23777F6167C8 ] NdisImPlatform C:\WINDOWS\system32\drivers\NdisImPlatform.sys

17:17:13.0125 0x3184 NdisImPlatform - ok

17:17:13.0140 0x3184 [ ED7CC4E16B76B2603C9F827188EA63B4, A6E739D219F50866051A08867844BDA878D6FEA33E91DEAC1948A55CDC5BEB9F ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys

17:17:13.0140 0x3184 NdisTapi - ok

17:17:13.0140 0x3184 [ 8D977AFC195A3F4B15B05D02B2BD0292, 676C0CF326E0D76EC3BBE55FBE5F845A2DFF28E2EEBCCDE15913116BB81977CC ] Ndisuio C:\WINDOWS\system32\drivers\ndisuio.sys

17:17:13.0140 0x3184 Ndisuio - ok

17:17:13.0140 0x3184 [ DC1D26D62F40B7552BCF49D92774F0C5, 3DD7CE2AD578101EFF8C1448800A1317F01893AF6E559C4DCCD9F6ACE4B027E4 ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys

17:17:13.0140 0x3184 NdisVirtualBus - ok

17:17:13.0140 0x3184 [ 66F56AC744101DB870934D0EB31C2426, 932013EE8542E6770657A904B09E2BD2052E8C04216289EB5F011770A46CA6F9 ] NdisWan C:\WINDOWS\System32\drivers\ndiswan.sys

17:17:13.0156 0x3184 NdisWan - ok

17:17:13.0156 0x3184 [ 66F56AC744101DB870934D0EB31C2426, 932013EE8542E6770657A904B09E2BD2052E8C04216289EB5F011770A46CA6F9 ] ndiswanlegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys

17:17:13.0156 0x3184 ndiswanlegacy - ok

17:17:13.0156 0x3184 ndproxy - ok

17:17:13.0156 0x3184 [ A791792DC412CCD83DA0AF6871682552, FE1A30A6D1501463CF8AAC3AD8CE114ACFEDD38CF9BD6B2247B84E41D74A9E6B ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys

17:17:13.0172 0x3184 Ndu - ok

17:17:13.0172 0x3184 [ BE79982A50AC88BC0765F3AFECFCB596, 1E7CACB1095C3F1D10766E15B31DEE195C1E6954D4E7ADA141CA4C15EE3DA445 ] NetAdapterCx C:\WINDOWS\system32\drivers\NetAdapterCx.sys

17:17:13.0172 0x3184 NetAdapterCx - ok

17:17:13.0172 0x3184 NetBIOS - ok

17:17:13.0172 0x3184 NetBT - ok

17:17:13.0257 0x3184 [ 5C97F5603556C70BF7EDD061C434E76E, E069A69BE09E59F850A7FCA271B264D3E24AA3899D9EC8F7C46D0B8409632C5D ] NETGEARGenieDaemon e:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe

17:17:13.0273 0x3184 NETGEARGenieDaemon - ok

17:17:13.0295 0x3184 [ 94E06D509D50807774F35BEE3163E806, ADADFA0D533944579BA0E5FE31A68D4D1395E7B9DB75E58D47E0ADC0DA5AD16C ] Netlogon C:\WINDOWS\system32\lsass.exe

17:17:13.0302 0x3184 Netlogon - ok

17:17:13.0317 0x3184 [ 94BC40F88309B0B7DFE68B2C2BB15EB6, 7E485F6A3F0B1C34C59D1F36EDE05ED9724E23FF63EA273910A02D8177905D9B ] Netman C:\WINDOWS\System32\netman.dll

17:17:13.0327 0x3184 Netman - ok

17:17:13.0342 0x3184 [ 97FF2186BBAA215727300404862D297B, 1D4F3475252C2315EF51B7B76206776BFF4462C0B31328E266BF5F4ACC2475D1 ] NetMsmqActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

17:17:13.0342 0x3184 NetMsmqActivator - ok

17:17:13.0342 0x3184 [ 97FF2186BBAA215727300404862D297B, 1D4F3475252C2315EF51B7B76206776BFF4462C0B31328E266BF5F4ACC2475D1 ] NetPipeActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

17:17:13.0342 0x3184 NetPipeActivator - ok

17:17:13.0373 0x3184 [ 79ED54CA41486399361778D533E55A99, 17467C0C0D4D099DC7BF2BDE46086AF4AFC28895C62A35AA6A3906C19418AA32 ] netprofm C:\WINDOWS\System32\netprofmsvc.dll

17:17:13.0373 0x3184 netprofm - ok

17:17:13.0373 0x3184 [ 2D63501E7273F5B730958B5061E609D4, 1A92B65E9B833ED77626BA61A3ED0CA298DD944BA0C83137C643B86A08586979 ] NetSetupSvc C:\WINDOWS\System32\NetSetupSvc.dll

17:17:13.0393 0x3184 NetSetupSvc - ok

17:17:13.0396 0x3184 [ 97FF2186BBAA215727300404862D297B, 1D4F3475252C2315EF51B7B76206776BFF4462C0B31328E266BF5F4ACC2475D1 ] NetTcpActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

17:17:13.0398 0x3184 NetTcpActivator - ok

17:17:13.0401 0x3184 [ 97FF2186BBAA215727300404862D297B, 1D4F3475252C2315EF51B7B76206776BFF4462C0B31328E266BF5F4ACC2475D1 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

17:17:13.0402 0x3184 NetTcpPortSharing - ok

17:17:13.0405 0x3184 netvsc - ok

17:17:13.0415 0x3184 [ E27ACE78CA1BDF4FBBF3323D6E9AFCDB, 7930C172AD493E39712A0F4B1AF4ADFB4ABD499B00FEEA2E1D5C9E5A26105EFC ] NgcCtnrSvc C:\WINDOWS\System32\NgcCtnrSvc.dll

17:17:13.0423 0x3184 NgcCtnrSvc - ok

17:17:13.0425 0x3184 [ A557C92583E81CA97D2C0F2467E7C2F9, F78B07DB33253142C6CB2DE1BFA1C54EB7CB5D64C94C9B73182C7D49314061EF ] NgcSvc C:\WINDOWS\system32\ngcsvc.dll

17:17:13.0441 0x3184 NgcSvc - ok

17:17:13.0441 0x3184 NlaSvc - ok

17:17:13.0457 0x3184 [ 351533ACC2A069B94E80BBFC177E8FDF, 54B2749E0496ECC94CE65657627762B485CBC825767BAEDDAD0D2598820FFB9E ] NPF C:\WINDOWS\system32\drivers\npf.sys

17:17:13.0457 0x3184 NPF - ok

17:17:13.0457 0x3184 [ 84EB8F01B140618518AFF30B9951F132, 3710F2DF7433174D0393702DDFFD06F9544456F8E92A6FF6A2075215CA2D1001 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys

17:17:13.0457 0x3184 Npfs - ok

17:17:13.0457 0x3184 [ 5CB8082E51DE7D19042F0FF8C517CB0D, C0C5389E097D520018C346ECBF8AF9928FB44D9AD7B0EFD2D44E910214580A1A ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys

17:17:13.0457 0x3184 npsvctrig - ok

17:17:13.0457 0x3184 [ 3BA4E9585E9D7D7E6E68A18184DDDBF2, 51E70A9DE501DA3783298B17C4B3B074FA7A3CBAB32D1E8E6BDC2A594FBBC3A4 ] nsi C:\WINDOWS\system32\nsisvc.dll

17:17:13.0472 0x3184 nsi - ok

17:17:13.0472 0x3184 [ 958921BB7AE2671983743FDA0DD587C4, 20CBEFB4A49F65AB7F0EFC79E8A4F6C9F2D2CE4930092FB037BF24CD00187ABD ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys

17:17:13.0472 0x3184 nsiproxy - ok

17:17:13.0472 0x3184 NTFS - ok

17:17:13.0472 0x3184 [ 0D1E03A5F87F4DE04D97622C686910A2, 21E09FFE6797251E7E372F708D52C0D4762A3E0E2D61B55C00BB326785083D40 ] Null C:\WINDOWS\system32\drivers\Null.sys

17:17:13.0472 0x3184 Null - ok

17:17:13.0472 0x3184 [ 532F27A2B62D70C327E763F035AED6C1, 9FB6C8040D48384BC72A2021EAD7D48B5E876731849FBA68338EC3562E7CB659 ] nvdimmn C:\WINDOWS\System32\drivers\nvdimmn.sys

17:17:13.0472 0x3184 nvdimmn - ok

17:17:13.0496 0x3184 [ 8DE05D2A2C15D1A42F7BA85A819DEE0C, 2364C83770D4341C0CB70DF70520212568C3461E3BA90C77AE3CF1090B37D139 ] NVHDA C:\WINDOWS\system32\drivers\nvhda64v.sys

17:17:13.0499 0x3184 NVHDA - ok

17:17:13.0723 0x3184 [ 66ED27A828302B0E1FFF74DBB912A9DF, 0D92BCEC1A989245A2A1D4738DC141ACABF8A8E0461565246A3AF8C12FA606DE ] nvlddmkm C:\WINDOWS\System32\DriverStore\FileRepository\nv_ref_pubwu.inf_amd64_2e7fa54192fe16d0\nvlddmkm.sys

17:17:13.0898 0x3184 nvlddmkm - ok

17:17:13.0914 0x3184 [ 7E04652EB1A476BC0A72ECDC613AF0C5, F356C5F7B1C30253F4F8A3E45AAA8C82940DBE1F208D81043D7D89EE54355890 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys

17:17:13.0914 0x3184 nvraid - ok

17:17:13.0914 0x3184 [ 880B3E874914DAEF97119876543AE117, E41A633F5C2519438FCA0A85F134061224C39AB82EE61F3B80043E21985A80D7 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys

17:17:13.0930 0x3184 nvstor - ok

17:17:13.0933 0x3184 OneSyncSvc - ok

17:17:13.0935 0x3184 [ D26DEA3EECBE67632E6F781B0CC05AB4, 3F4977F2129CF50C68067F6374CDA9B43423371CF5E258BEF999F469309CA32A ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

17:17:13.0935 0x3184 ose - ok

17:17:13.0935 0x3184 p2pimsvc - ok

17:17:13.0935 0x3184 p2psvc - ok

17:17:13.0951 0x3184 [ 2E07EC2C1622F5E7B535D62DCD61F3AB, 5FECA3CD9AF531E59B1A0FE04AE8BA22F3C929EB6AA5B2171C88A788AFAA8115 ] Parport C:\WINDOWS\System32\drivers\parport.sys

17:17:13.0951 0x3184 Parport - ok

17:17:13.0951 0x3184 partmgr - ok

17:17:13.0951 0x3184 PcaSvc - ok

17:17:13.0951 0x3184 pci - ok

17:17:13.0951 0x3184 [ E5AF806815ED797086629741F29E4156, 1AD39A8DD564807EE11775C1C69129184A28B7AC4ED66E47CBE657C9215986C4 ] pciide C:\WINDOWS\system32\drivers\pciide.sys

17:17:13.0951 0x3184 pciide - ok

17:17:13.0966 0x3184 [ 2A631D447B988AFBE847CBAA8E5CC298, 65D52E0E7F16EFFF8926E4FF97B42ABB2C5F1125FB13F521143712E3F9028FE7 ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys

17:17:13.0966 0x3184 pcmcia - ok

17:17:13.0966 0x3184 [ ACD510CF2B631A2D36B2CFB7D31E22FD, C46363B543CADC560004EB01D62B277BFE63974C34382576A0C62A8A0BED31A4 ] pcw C:\WINDOWS\system32\drivers\pcw.sys

17:17:13.0966 0x3184 pcw - ok

17:17:13.0966 0x3184 [ 1796112EB89559910BC18865A29C8894, 3EDACF3FDFB4164C1F07BAE7ABCA4E8DC5DBADE11C73F18546E5FE2A10CCDEA8 ] pdc C:\WINDOWS\system32\drivers\pdc.sys

17:17:13.0966 0x3184 pdc - ok

17:17:13.0982 0x3184 [ F21127EDE5D72090A1B029AFF4AFFD17, 2EDB862E23DCBD11DD695C6B161B578F5FB8863848CF912D44AE42E4D8C0BD44 ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys

17:17:13.0982 0x3184 PEAUTH - ok

17:17:13.0998 0x3184 PeerDistSvc - ok

17:17:13.0998 0x3184 [ 35FD028E4323018202C0B7D115FD3AEF, CA0CA9EF7A6496EBD35C775D0BD9CC814B07391B69C83938C90926D316A336FD ] percsas2i C:\WINDOWS\system32\drivers\percsas2i.sys

17:17:13.0998 0x3184 percsas2i - ok

17:17:13.0998 0x3184 [ F9F3D8BE9BC9241CC726197261362AC4, 0AF0EBD551B3C079C7A5EA568A171B43F822C4AD0177A8135FBF315813108535 ] percsas3i C:\WINDOWS\system32\drivers\percsas3i.sys

17:17:13.0998 0x3184 percsas3i - ok

17:17:14.0030 0x3184 [ EA780FAE0D6796D56D0CAF39360BF7C0, C4C0184CED9F9CBEFFC896D35E927BA0C6AB3C5937EE3DEF9816DFB8A5F2C473 ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe

17:17:14.0031 0x3184 PerfHost - ok

17:17:14.0036 0x3184 PhoneSvc - ok

17:17:14.0036 0x3184 PimIndexMaintenanceSvc - ok

17:17:14.0051 0x3184 [ 73B5A132EBF3A8075A7C68DFBB4DE719, 847FC2A2B4C1C65BFEFBBF90C2EB99378E2FDE469425F141BC75D1874F94658C ] pla C:\WINDOWS\system32\pla.dll

17:17:14.0067 0x3184 pla - ok

17:17:14.0067 0x3184 [ 64A80A746FC460126FA4124AA2D93848, 851ECA69489FF9A834B6A5ACF9D51283FD3796E21316D8A22E57DED2F415782C ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll

17:17:14.0083 0x3184 PlugPlay - ok

17:17:14.0083 0x3184 [ 36D43EA5517F3F4AAAC8EE061C957EF1, 970CBE8F689C26C384B8F4E6D0C68BB07434C4776B497E310A603A896AED05E0 ] pmem C:\WINDOWS\System32\drivers\pmem.sys

17:17:14.0083 0x3184 pmem - ok

17:17:14.0083 0x3184 [ 59048555B59FD69287CFAB6022B5CC86, 733D3F1DBF75D6A5A015E6F849216E1954813F86E5D3B05B4AF0E9FD523FC646 ] PNPMEM C:\WINDOWS\System32\drivers\pnpmem.sys

17:17:14.0083 0x3184 PNPMEM - ok

17:17:14.0083 0x3184 [ 7815D5EEE3624640150B1365EB2E98C5, 2E45B211F40510554E5BDA876E53497FA4A8465A152F77CF38CAD38CC6F47C8A ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll

17:17:14.0083 0x3184 PNRPAutoReg - ok

17:17:14.0098 0x3184 PNRPsvc - ok

17:17:14.0098 0x3184 [ E4799B87675C59AA1F620DE5C6F113BB, 094EE16D4CEC68DB316002994482344A6BFCFDE399131F7FA11BB46C2DCBF218 ] Point64 C:\WINDOWS\System32\drivers\point64.sys

17:17:14.0098 0x3184 Point64 - ok

17:17:14.0098 0x3184 [ E1BCA08929D806A087D90BC11C6020E8, F9FE2E761F0F00C4A0C221D25069348185C75CA350DDD1407A6401220227A9F6 ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll

17:17:14.0114 0x3184 PolicyAgent - ok

17:17:14.0114 0x3184 Power - ok

17:17:14.0114 0x3184 PptpMiniport - ok

17:17:14.0171 0x3184 [ 7CD1D9EE59F49FBD3E72876F19038BE0, F156AC0D2089C1CD7025054E1E546379128CC42D8190420C536E01ECA27402D3 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll

17:17:14.0198 0x3184 PrintNotify - ok

17:17:14.0198 0x3184 [ 8803D4F36F1CB2E2203F5EB59571E89C, 0C83A8706CDB7400CCAB145211793B8C6153D30CA50843A5E3980536F2A38C11 ] PrintWorkflowUserSvc C:\WINDOWS\System32\PrintWorkflowService.dll

17:17:14.0214 0x3184 PrintWorkflowUserSvc - ok

17:17:14.0214 0x3184 [ B1111C47F128C946BDC87A18E44007EB, 5AB7CE4F7B05BC189B477BC892D7DC9B3129A6EB4E9618060CB68C3A1A48826B ] Processor C:\WINDOWS\System32\drivers\processr.sys

17:17:14.0214 0x3184 Processor - ok

17:17:14.0214 0x3184 [ A2CA8830BF77FAB39D6E5C45A404FB78, F78511C80FFE1B2BB8A3B51811AFB22CEE4038D4D23AEBFD7768C32E61CEB77D ] ProfSvc C:\WINDOWS\system32\profsvc.dll

17:17:14.0236 0x3184 ProfSvc - ok

17:17:14.0239 0x3184 [ 5818FE76C3C6AE0CA723EBE483BF447F, 613E1FE02FA52A6EF4B1E5C56F0108D493B1E97F799CF409A6697A5D5112C8B3 ] Psched C:\WINDOWS\system32\drivers\pacer.sys

17:17:14.0239 0x3184 Psched - ok

17:17:14.0239 0x3184 [ 066C6CCCF670D9BBCAECC781FB8D7EB9, D2AB9EBE9F7A724FB685EA7F7624763F26D243F4174570D18355705D25DE1589 ] PSI_SVC_2 c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

17:17:14.0239 0x3184 PSI_SVC_2 - ok

17:17:14.0254 0x3184 [ 788CB65D49D1162C5EE6814AFE5B0A70, 74072698692C8237F5041BB111C4E24B6583456FDA084895EA00B677B6FF64FC ] PSI_SVC_2_x64 c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe

17:17:14.0254 0x3184 PSI_SVC_2_x64 - ok

17:17:14.0254 0x3184 PushToInstall - ok

17:17:14.0254 0x3184 [ 07D57B890DD5693A6AB660CBAE8F91B4, 934895A41C116056E22FE3298418332A9F4280F96E96EEE06C977A4925395674 ] PxHlpa64 C:\WINDOWS\system32\drivers\PxHlpa64.sys

17:17:14.0254 0x3184 PxHlpa64 - ok

17:17:14.0270 0x3184 [ A5E22EC8507591F05A232D525E74045B, B87530098AAE20B6B1C58244B9380AF8BC73246B768ACD0DAB5177D47C6D88F7 ] QBCFMonitorService C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe

17:17:14.0270 0x3184 QBCFMonitorService - ok

17:17:14.0270 0x3184 [ 9EE9AA5D1FB3F3B99467A20B03B47C5D, 5C43150DF7FC7786DD7568219860BEC89460EE13889B37F01A6D15D4059EC146 ] QBFCService C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe

17:17:14.0270 0x3184 QBFCService - ok

17:17:14.0297 0x3184 [ 40DEC851CC4861079FBCD2525BFCF024, 1CD516B6982CD61A88EBA7E30E5A6C7206DCD43904F1B4BE33CE3F3864FA9910 ] QBVSS C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe

17:17:14.0310 0x3184 QBVSS - ok

17:17:14.0336 0x3184 QuickBooksDB23 - ok

17:17:14.0359 0x3184 QuickBooksDB26 - ok

17:17:14.0377 0x3184 [ 034BA34ADFA10F9D7E4989273DDABA33, 8763D28817A64F0D82B61EBA1FA54D7E0C97E66FA3F359C1A681740E1AF680C2 ] QWAVE C:\WINDOWS\system32\qwave.dll

17:17:14.0386 0x3184 QWAVE - ok

17:17:14.0390 0x3184 [ 16F9A6B593B52EB18F7ECB9D251BDF7A, 5DD26B91DF51A07097A893F3537F94FE2CD1F9D132B0994451E922CE1359516B ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys

17:17:14.0392 0x3184 QWAVEdrv - ok

17:17:14.0396 0x3184 [ 13600C467512147E99052806F2C1307A, 705257F42FA3502113958A295E0E0FED9C6A35DB6214099360606E792F69B1C6 ] Ramdisk C:\WINDOWS\system32\DRIVERS\ramdisk.sys

17:17:14.0397 0x3184 Ramdisk - ok

17:17:14.0401 0x3184 [ F57D1DE0C9522BCD590A69D044641B5A, 6476AA1B7BBE390D4ABDD0DFC1BFD243663D48D0B425CE53193A3448B965222A ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys

17:17:14.0402 0x3184 RasAcd - ok

17:17:14.0407 0x3184 [ ED0EE10911C16AD8B21B9003C90E968F, CFB280D14F629E87BBBDA83841E4B3DD8866FB8382FF17D3E807BBFBBC3BAC1A ] RasAgileVpn C:\WINDOWS\System32\drivers\AgileVpn.sys

17:17:14.0409 0x3184 RasAgileVpn - ok

17:17:14.0411 0x3184 RasAuto - ok

17:17:14.0415 0x3184 [ E0220BB6580D34001D4D1D133052DAA4, F350A34E7592673B7B77F907E7D7ACFC50C6099A4874C1D870BD0E089D8EF668 ] Rasl2tp C:\WINDOWS\System32\drivers\rasl2tp.sys

17:17:14.0416 0x3184 Rasl2tp - ok

17:17:14.0431 0x3184 [ 0F8FB189206C1A53FB73FCF8F335A412, 4BF5C1EB3F083F42EF450024DD5C6FB781BF4685DE4FD7EB528C4B31C422C8D7 ] RasMan C:\WINDOWS\System32\rasmans.dll

17:17:14.0444 0x3184 RasMan - ok

17:17:14.0448 0x3184 [ 12EE1D92F4E5FAE4B6F65195A2016CE5, C62E9EBD4FE642248C36BB2C9BD7B1C1C09E8A33D4B4AA39DD32F9FD1FE86081 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys

17:17:14.0449 0x3184 RasPppoe - ok

17:17:14.0453 0x3184 [ 91CE469015979E5B3C3DBC2C41A476E8, 45D7EA66311126E370B4E082F7E8507399AC594AB6F7CD5A45C9F09658FD7E19 ] RasSstp C:\WINDOWS\System32\drivers\rassstp.sys

17:17:14.0454 0x3184 RasSstp - ok

17:17:14.0456 0x3184 rdbss - ok

17:17:14.0461 0x3184 [ 8A5285B38A203D15110E142DE68406DD, 9C6E48AB7F10555347FB2372D2B44AA70FAD0D2CB9B95E55A4844584EF696141 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys

17:17:14.0462 0x3184 rdpbus - ok

17:17:14.0467 0x3184 [ DF83769C92527DB50653F8FB57D001FF, 06FF7DE7ECEE92F874230A1F396B7BA050953F741C3BB090A0DE19E53A6031A4 ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys

17:17:14.0469 0x3184 RDPDR - ok

17:17:14.0474 0x3184 [ 4D1A63ACEC42A88E52AFC4E84A8CE9EE, 37789428D78273EB09F3613BC72DF5D5E9210D4650CC4D9F9DD413DB4A20B6F2 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys

17:17:14.0475 0x3184 RdpVideoMiniport - ok

17:17:14.0481 0x3184 [ 12AF835862F2B6B2FB9DEA8BA2288587, 1315D03892B88A67C5D93D1AAB1170008035DA0F0AC018E72DEC3A0FA4AD2839 ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys

17:17:14.0485 0x3184 rdyboost - ok

17:17:14.0508 0x3184 [ 6957ADD27EAF4E1DA177971B2B9B450A, 530649716D4C8CED65A8BD45205B5F0B654E8A06CB0C8D17914F4E8260439786 ] RealTimes Desktop Service C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe

17:17:14.0520 0x3184 RealTimes Desktop Service - ok

17:17:14.0548 0x3184 [ FB0577F6BC9E07549CEACF5224327499, 7AD01A641C3A8735C05C7EFDF3730D7A385A241306E3AD01B088D7329FF319E0 ] ReFS C:\WINDOWS\system32\drivers\ReFS.sys

17:17:14.0572 0x3184 ReFS - ok

17:17:14.0583 0x3184 [ 4136BCA61BCDCC79DCE145F9CB639CD6, 58D49C41532A31F6F2112317BB60D80D34A4D29CAABBF11BAD9C45FD8B812F93 ] ReFSv1 C:\WINDOWS\system32\drivers\ReFSv1.sys

17:17:14.0598 0x3184 ReFSv1 - ok

17:17:14.0598 0x3184 [ 16884710EB4898CB49B18609EEE34C6C, CEC4850825D81969BE269A4DC23DF54F6E2346AADE40D95E91B512412D4BD358 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll

17:17:14.0614 0x3184 RemoteAccess - ok

17:17:14.0614 0x3184 [ 9D82CD53B622A85A10B4DA8F4724A8E4, 0D4DDDF7C8D90CB19A86EA531205BAF19BA2335DBD10CD9F006C969CE9735223 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll

17:17:14.0614 0x3184 RemoteRegistry - ok

17:17:14.0634 0x3184 [ 24C716C6A5AA3BEC3180BB15050C75C5, 15BC70E932C4AB0609231098F8C3EC56840BB20099C74C008EF23DBFC556A43E ] RetailDemo C:\WINDOWS\system32\RDXService.dll

17:17:14.0644 0x3184 RetailDemo - ok

17:17:14.0644 0x3184 [ BBC228CA2F96B784B01FE7F1C5E3CFBB, AF24D0B4093F9CCE88C5BCB94944BCD6D36B890AD8544AF0CD7814B8D4F73A7A ] rhproxy C:\WINDOWS\System32\drivers\rhproxy.sys

17:17:14.0644 0x3184 rhproxy - ok

17:17:14.0644 0x3184 [ 665A51DE515A2E8B0BDB3D6917D47DD9, F5BF28900F55CB17016E64775B9A5B64D16E2A5898F4D5A7ABE26639932B2C63 ] RmSvc C:\WINDOWS\System32\RMapi.dll

17:17:14.0644 0x3184 RmSvc - ok

17:17:14.0727 0x3184 [ F8C6D7110C3CFC1931C8EE68CE5FC776, 0BC79DC11695B821342009BAE9B538935947CF6A63D7A34D9EF1ECF12F166348 ] RoxioBurnLauncher E:\Program Files (x86)\Roxio Creator NXT Pro 3\Roxio Burn\RoxioBurnLauncher.exe

17:17:14.0733 0x3184 RoxioBurnLauncher - ok

17:17:14.0817 0x3184 [ 2C490057C5718BD239F3C37D2462E947, 44342E28689B2C5B83E52CDA7DBEFDAED6EE3AF518D2AC51A53D9C4B09052765 ] RoxMediaDB15 E:\Program Files (x86)\Roxio Creator NXT Pro 3\Common\RoxMediaDB15.exe

17:17:14.0836 0x3184 RoxMediaDB15 - ok

17:17:14.0879 0x3184 [ 8CB89955F430952C1BB2E189663D3184, B5624D8964232695513A070CB328B69D7A12E583AE668A9502658EDB75D050BF ] RoxWatch15 E:\Program Files (x86)\Roxio Creator NXT Pro 3\Common\RoxWatch15.exe

17:17:14.0883 0x3184 RoxWatch15 - ok

17:17:14.0883 0x3184 [ D0F6698E56F0157EA72F2D754C6FD555, A93DEECB1D84E5AC2C1E2D3D54BA118774E6F77996BEC7BCB6C758B6D04D1920 ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll

17:17:14.0883 0x3184 RpcEptMapper - ok

17:17:14.0883 0x3184 [ EB65907BD63871669C54D5E5BAE4DD34, 9A429C4B416913D65728A40890FC3C69465C4C77C2D313007BDF24EA5F4E1400 ] RpcLocator C:\WINDOWS\system32\locator.exe

17:17:14.0883 0x3184 RpcLocator - ok

17:17:14.0898 0x3184 [ 79BDBB684629A526CCD958F06B9D6FAD, 489A85A5F63E5F012740B538878D6DAEBBB474D64F27A6847D3E387A704E5297 ] RpcSs C:\WINDOWS\system32\rpcss.dll

17:17:14.0914 0x3184 RpcSs - ok

17:17:14.0914 0x3184 [ DC73D9D076BDA93E3B48153A1B356B58, BD6D4FCA9AF25333C069DEE7D643453496ACF51840F9936850368772281239D0 ] RrNetCapFilterDriver C:\WINDOWS\system32\DRIVERS\RrNetCapFilterDriver.sys

17:17:14.0914 0x3184 RrNetCapFilterDriver - ok

17:17:14.0932 0x3184 [ 27B80E5766B114621980F82FB78E912A, D7986FB32AFA2F376FBAA5EFAC18F5E699BAF97AD0C92A0B787E1CAF77465CFD ] rspndr C:\WINDOWS\system32\drivers\rspndr.sys

17:17:14.0933 0x3184 rspndr - ok

17:17:14.0943 0x3184 [ AB7C0639DF052528C2CB06D0EAE115EC, 5D709DE453FBC3DD880859D2B11BCB780FEA8C0618AA47622C85BD414EC540BE ] rt640x64 C:\WINDOWS\System32\drivers\rt640x64.sys

17:17:14.0950 0x3184 rt640x64 - ok

17:17:14.0953 0x3184 [ F0FA6B67B16EEFDEF8E8AFAD47A4F9B8, 27D9ADFA2D86DD598E9F20D95261744F47A1E0D57700071ED16C87A5897C4293 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys

17:17:14.0953 0x3184 s3cap - ok

17:17:14.0956 0x3184 [ CC8BE8C0D2B549193E1B0E430F4C1717, D1E67C1D3C8EDFB7C1C601F9056C9249FFA07A7F2F48CE2F7E33CAF61656D974 ] Sahdad64 C:\WINDOWS\system32\Drivers\Sahdad64.sys

17:17:14.0957 0x3184 Sahdad64 - ok

17:17:14.0959 0x3184 [ 8DF9EE8B6DEE33A77CCF03047B1B002C, DB54B4D2C9D842D1D52CECFED91DBFAFB6E12A4121AA97116F4977A5FA68DB65 ] Saibad64 C:\WINDOWS\system32\Drivers\Saibad64.sys

17:17:14.0960 0x3184 Saibad64 - ok

17:17:14.0963 0x3184 [ E193BA11DF7D9383A1B2848088DDEE35, 4DCADD56958BF3BC31571EB08277AD0474898528E7D5232901898FD354DC0BE8 ] SaibVdAd64 C:\WINDOWS\system32\Drivers\SaibVdAd64.sys

17:17:14.0963 0x3184 SaibVdAd64 - ok

17:17:14.0968 0x3184 [ 94E06D509D50807774F35BEE3163E806, ADADFA0D533944579BA0E5FE31A68D4D1395E7B9DB75E58D47E0ADC0DA5AD16C ] SamSs C:\WINDOWS\system32\lsass.exe

17:17:14.0969 0x3184 SamSs - ok

17:17:14.0973 0x3184 [ 324FA3C337EB54B43448F7B08444DC8D, 6AC6E84EBE169400D5CE140C7DC7F527D1A8F5B642593870AD7D1B193C21C7A3 ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys

17:17:14.0974 0x3184 sbp2port - ok

17:17:14.0977 0x3184 SCardSvr - ok

17:17:14.0982 0x3184 [ 5CB8816960FE5C608F75607F34530BBB, 583DDD2BF4AB701A51C70C91FF1FAB1A0E428D9B38E5F062076B13F1F9D68404 ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll

17:17:14.0984 0x3184 ScDeviceEnum - ok

17:17:14.0984 0x3184 [ 62A33CE69DB508BCEC63F4D3BFF400CE, 914FF18959025C71923558898F95B8113EE49930144A0B19FC06C5C043A171B4 ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys

17:17:14.0984 0x3184 scfilter - ok

17:17:14.0984 0x3184 Schedule - ok

17:17:14.0984 0x3184 [ 7B057373146CC4E5A1F1DA665EA55DC7, 48F1C276F99D4E135A261DDEFE2D813430DEFF6BA30FCBFFB102EA40EAD9434A ] scmbus C:\WINDOWS\system32\drivers\scmbus.sys

17:17:14.0984 0x3184 scmbus - ok

17:17:14.0999 0x3184 [ 200A5398C0E7E78DBDF6C0D9E811F366, 91BED3876FCA06AF551939720C0088BD195AF64C11C6EAD8970EDE8E037A71AA ] SCPolicySvc C:\WINDOWS\System32\certprop.dll

17:17:14.0999 0x3184 SCPolicySvc - ok

17:17:14.0999 0x3184 sdbus - ok

17:17:14.0999 0x3184 [ 6D3853838864886B4F10B074282772E0, 50855299C5D7FBE0E45EE6288EA1B824215D3E3693F24F1AD2BB2F2E27F6150D ] SDFRd C:\WINDOWS\System32\drivers\SDFRd.sys

17:17:14.0999 0x3184 SDFRd - ok

17:17:14.0999 0x3184 [ 368180051766E4289E3D47AF21F2668C, AD1E675A990684F131F09E61988525102CDEDA0817A20F188FE9D2A428216BC2 ] SDRSVC C:\WINDOWS\System32\SDRSVC.dll

17:17:15.0015 0x3184 SDRSVC - ok

17:17:15.0015 0x3184 [ C289832A3174DC9D393C7603C511DF79, 1F63FD2C903E446E468814E4F7525433C3C9E46E5972CEF535D4508B4B21F46A ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys

17:17:15.0015 0x3184 sdstor - ok

17:17:15.0031 0x3184 [ 0356C85312D78F4C7F33C74B6000BB93, 378018A0ABDF65506B471F091DEF6A8E1D2E719BEBA843595C550E3151C9E6D6 ] seclogon C:\WINDOWS\system32\seclogon.dll

17:17:15.0034 0x3184 seclogon - ok

17:17:15.0039 0x3184 SecurityHealthService - ok

17:17:15.0063 0x3184 [ FE3E7B59BBEDDDC449C86B693BE63542, B89DBE228F3478F5908464B821711844CFB4DFAB8EB6268B6857C4B85C8D9D64 ] SEMgrSvc C:\WINDOWS\system32\SEMgrSvc.dll

17:17:15.0078 0x3184 SEMgrSvc - ok

17:17:15.0078 0x3184 [ 62EDAD383010E037C4D3846C7C021A00, CF2C5D97B4B8C472242A1DCC1CB97A081BFDA41F5708CA78DC9B5041C9B747D9 ] SENS C:\WINDOWS\System32\sens.dll

17:17:15.0078 0x3184 SENS - ok

17:17:15.0078 0x3184 Sense - ok

17:17:15.0106 0x3184 [ DDBBE9A08C79D3BB50D6053507F7777D, CA67D6FFCF63F38AAA320276F0AB96F87F6431907D2BC138E7EEE4530BE88AF1 ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe

17:17:15.0122 0x3184 SensorDataService - ok

17:17:15.0126 0x3184 SensorService - ok

17:17:15.0131 0x3184 [ 25B028799D43FE6324CC9E79B31E6ACD, DF7718E2C0D908A5623DABBC043A880F5B634DA0DF33F3697F1BB4A5C3CBCD5C ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll

17:17:15.0135 0x3184 SensrSvc - ok

17:17:15.0138 0x3184 [ 75A27472AFD009255DBDE52038E3BDB5, 95C31B86D77D73B340901D3BD9798A9E3171D4D3F3D4632FBE3F6AE2B49A17C7 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys

17:17:15.0140 0x3184 SerCx - ok

17:17:15.0144 0x3184 [ 84005F54308109A022413D628E966412, 6828A10DF28053C159E93BDD7A62A5517E7037DC302D0EEED55BF07B48E0A202 ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys

17:17:15.0146 0x3184 SerCx2 - ok

17:17:15.0149 0x3184 [ 40384793F74CFFA45BCC38DF65E978EC, FA68F18573CA92703A3442BB4BC5135C42520BA7D2C3E4B872115C02EE0A719E ] Serenum C:\WINDOWS\System32\drivers\serenum.sys

17:17:15.0150 0x3184 Serenum - ok

17:17:15.0152 0x3184 [ 699470AD24D67908991A777716A352FD, 6155D9785DF9A9346B715798A2C4A0F9B90D2AF725E710F127E06155272B406E ] Serial C:\WINDOWS\System32\drivers\serial.sys

17:17:15.0154 0x3184 Serial - ok

17:17:15.0156 0x3184 [ 92453F065F52A8EF0328A926B2C9502F, 11CF98993B00B4850C30528F0922BF392B8DE085AD84D17721964D543A41D64D ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys

17:17:15.0157 0x3184 sermouse - ok

17:17:15.0168 0x3184 [ 8958262EA3A871D45B14B7BA00F795C1, 5A84AE513609DE793FF739A7875898D2A2AA1C618B8C5F66096CBC048840663E ] SessionEnv C:\WINDOWS\system32\sessenv.dll

17:17:15.0174 0x3184 SessionEnv - ok

17:17:15.0179 0x3184 [ 1D8920C40F19B5FBA5F4897779840AD1, 9B1DAFD92963118ACEA411224AA65C841D57D29F6F1EB69A58AB32BC5FEB1592 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys

17:17:15.0180 0x3184 sfloppy - ok

17:17:15.0182 0x3184 SharedAccess - ok

17:17:15.0191 0x3184 [ 63377493508564288721EF5421A216F5, 8D8F2CAD3608AE47AFEAA60C51E288EA622EC85B1CAA330CD226CA7A49F0F8E3 ] SharedRealitySvc C:\WINDOWS\System32\SharedRealitySvc.dll

17:17:15.0193 0x3184 SharedRealitySvc - ok

17:17:15.0193 0x3184 [ 887458A234108B5B69038299BE7FAD88, B25780E36FCA373141EC129EC878AC0C2D560DFF62FEE3DFE332256C1FCDF579 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll

17:17:15.0209 0x3184 ShellHWDetection - ok

17:17:15.0209 0x3184 [ 5ED18BE9FE76540A0596BB41C91719C6, 54B52E6EC059F48D2A4FEDC9D2B7B391A605F63CFC29C46A9FC5BA936EF3A72D ] shpamsvc C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll

17:17:15.0227 0x3184 shpamsvc - ok

17:17:15.0230 0x3184 [ 7799106FEE728B907A86D9C9751E02D5, EE85E8D3CF3819DB28221BFC103DE8DF0E14E1878CECF54E8CD8C161B0E0AF3C ] silabenm C:\WINDOWS\system32\DRIVERS\silabenm.sys

17:17:15.0231 0x3184 silabenm - ok

17:17:15.0234 0x3184 [ A871F9CC9CF388DC7193D22EF8D8C8DF, D9E915F85E4FD993B04162B7D30BE6F230DD5464BBD75AE173255E59BA777067 ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys

17:17:15.0235 0x3184 SiSRaid2 - ok

17:17:15.0238 0x3184 [ D30FC341550CC364880950152AE8B1C5, BCCEB920C8DBCE061A62B0B7C91DA2981312DE9A8EC2D7398AE6009148603C77 ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys

17:17:15.0239 0x3184 SiSRaid4 - ok

17:17:15.0243 0x3184 [ 9CA6E573757C76A515EFD6DD795A3A1E, E7F87EF70545ABA33171A5783439E6E7874A2CAEE0C7ECF384023FBDCD967743 ] smphost C:\WINDOWS\System32\smphost.dll

17:17:15.0245 0x3184 smphost - ok

17:17:15.0248 0x3184 SmsRouter - ok

17:17:15.0253 0x3184 [ FDADDEC855034107E5FAD708B4E2424D, 1E3A07E0F67E23F32E046F516608D78299BA66BC647F6A6A240C77245FE3A7FF ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe

17:17:15.0255 0x3184 SNMPTRAP - ok

17:17:15.0258 0x3184 spaceport - ok

17:17:15.0261 0x3184 [ CCECE7E96B4F7B0E9F0FC82F6DADA917, 4C20D74971C7A822C51429BE960F85016B03166E05D43B29F5D290F413006C18 ] SpatialGraphFilter C:\WINDOWS\system32\drivers\SpatialGraphFilter.sys

17:17:15.0262 0x3184 SpatialGraphFilter - ok

17:17:15.0265 0x3184 [ 545507AF670BC88B89200A118513ED9A, 1450D29E678F26B317D55BBF41E603296C5FBA54F956801D3E796808FFDCC0AD ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys

17:17:15.0266 0x3184 SpbCx - ok

17:17:15.0270 0x3184 spectrum - ok

17:17:15.0271 0x3184 Spooler - ok

17:17:15.0274 0x3184 sppsvc - ok

17:17:15.0276 0x3184 srv - ok

17:17:15.0278 0x3184 srv2 - ok

17:17:15.0280 0x3184 srvnet - ok

17:17:15.0285 0x3184 [ 5319E85C030CDB3E779D774FEEFF4842, E234016CF0C6D7F6EDBDCF2BF58B9456C84C509B10BC86677000DF3021997B0B ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll

17:17:15.0290 0x3184 SSDPSRV - ok

17:17:15.0295 0x3184 [ 3BEF5FAC7F3DA3E25B80CC41B5060616, CAAB3CAF150F564964471F494F583014E5EF842BC4761A64B708842C4425753B ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll

17:17:15.0299 0x3184 SstpSvc - ok

17:17:15.0359 0x3184 [ 22FC1054C424DA55323F3704F8C78CD2, 08F48548008F1E0D2C957101237F029F82301F9498AC628A7E1CDF2C8E82DCD0 ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll

17:17:15.0398 0x3184 StateRepository - ok

glhglh · Jan 24, 2018

Part 3:

17:17:15.0414 0x3184 [ 162A805E13B3C0DD06AE8B6FC1900156, 43782D9136596365B87E7DF2046CC28C2AF9EC014308E1458E0315F7F6463B44 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys

17:17:15.0414 0x3184 stexstor - ok

17:17:15.0414 0x3184 [ 0690CE515A295BD101415C7E411C43F3, 42E382EAFD2E5733805E26147BE74DF437E6E654ACDDE1DB42DB0D114B02ADE3 ] StillCam C:\WINDOWS\system32\DRIVERS\serscan.sys

17:17:15.0414 0x3184 StillCam - ok

17:17:15.0431 0x3184 [ 3B3F5D6BB8A6A6F3630194A471989069, 0A5D586A1866113B94F5F11571506E133F64640DB38BEEDBE5489ED10314FA31 ] stisvc C:\WINDOWS\System32\wiaservc.dll

17:17:15.0441 0x3184 stisvc - ok

17:17:15.0444 0x3184 storahci - ok

17:17:15.0447 0x3184 [ A12CFAAA0F113A25D8CEFE58B1CBB207, 317FA1BA85429EDB5CEC477898EF02FC1A143FBF713B98742E6426F3A1B2837B ] storflt C:\WINDOWS\system32\drivers\vmstorfl.sys

17:17:15.0448 0x3184 storflt - ok

17:17:15.0450 0x3184 stornvme - ok

17:17:15.0453 0x3184 [ 57377953F5688158054BC8CB5A243115, A7757BC5A58D68853C23A8EF3708FB9AFF5861191C70A7E6010CF28176C34809 ] storqosflt C:\WINDOWS\system32\drivers\storqosflt.sys

17:17:15.0454 0x3184 storqosflt - ok

17:17:15.0457 0x3184 StorSvc - ok

17:17:15.0460 0x3184 [ B59D29E535AF7E82717C2AD2C57EEC67, FF3944C7A90457209D83E3EBF5327DBF4E1D7F868E4E9055B3F98075A6DEBDE2 ] storufs C:\WINDOWS\system32\drivers\storufs.sys

17:17:15.0461 0x3184 storufs - ok

17:17:15.0464 0x3184 [ 9B431079624306B5659B3B7208A71C75, 7F7684745215479C545AA91F6D99716CE2AA8AC8C2C99537FCB6E9D5AE8D093D ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys

17:17:15.0465 0x3184 storvsc - ok

17:17:15.0467 0x3184 [ 587854AF01CABE83A62D81FFEEBCD6AA, 99103FCCFE18DA0EA0121A10BCB7DEB833DE2A5C4CB8BD70E4983C2274D469E6 ] svsvc C:\WINDOWS\system32\svsvc.dll

17:17:15.0470 0x3184 svsvc - ok

17:17:15.0472 0x3184 [ 027B27E4B9DB3931D64159B81BD915A0, B30BD828748205642529B6E528D12B16F86CA4F06F60C2C2E89AD7A97EB06B49 ] swenum C:\WINDOWS\System32\drivers\swenum.sys

17:17:15.0473 0x3184 swenum - ok

17:17:15.0480 0x3184 [ E0915F9B3C154FEF700C34A8E613B945, 172205D9DF0ABCC1F2B9484BA75A637BC0899CB42BFA5F0352B9C8E0CD6DDDA3 ] swprv C:\WINDOWS\System32\swprv.dll

17:17:15.0483 0x3184 swprv - ok

17:17:15.0483 0x3184 [ AB15F9FDCD11D5283891BC956E8C5C95, 3B3085B6B2890063EFED64A143F847B30B00170107A9AFC61ECA9C570ABC989B ] Synth3dVsc C:\WINDOWS\System32\drivers\Synth3dVsc.sys

17:17:15.0483 0x3184 Synth3dVsc - ok

17:17:15.0483 0x3184 SysMain - ok

17:17:15.0498 0x3184 [ 0839E5F9192B050F3B220562FF2C10AF, 215E409F2F9219265BBC795F96B6080FA77BB6701EC35FD9E7317265808A9796 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll

17:17:15.0498 0x3184 SystemEventsBroker - ok

17:17:15.0498 0x3184 [ 73F6476EE9F5448838B2883E0B710CD7, 0C2362C92A5CF8EBE428FC7C0399A8B6812CA42DD11D8669CB23FB10AC7B52AA ] TabletInputService C:\WINDOWS\System32\TabSvc.dll

17:17:15.0514 0x3184 TabletInputService - ok

17:17:15.0514 0x3184 [ AC1AA61B04116E540C5AFD18F11F2697, D5ACC296853911E2C9A5E7B0B6F36AC4FA6B49417CB456D153427BCFD944C195 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll

17:17:15.0514 0x3184 TapiSrv - ok

17:17:15.0531 0x3184 [ E432A6F8725F29514144C0CB62CA5A96, 4476E0E26F9ED8E713F85B05B17A21291B8A7F2A91D7DAD17FAA3986CE3F4C22 ] tbhsd C:\WINDOWS\system32\drivers\tbhsd.sys

17:17:15.0532 0x3184 tbhsd - ok

17:17:15.0535 0x3184 Tcpip - ok

17:17:15.0536 0x3184 Tcpip6 - ok

17:17:15.0540 0x3184 [ 74A1BF4093FA7B7D6C9366A39911A78E, E60694303A608EBFEAA5C581B312A212BC7081A4D67234F003917FA6E6A05F84 ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys

17:17:15.0541 0x3184 tcpipreg - ok

17:17:15.0546 0x3184 [ 571D82ABAC428D902ACA0CF60373C039, 87DF0AB722B426ACC9A8608DAA6443F59D7167815EBF921B3FDC4BEC2D323B7B ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys

17:17:15.0548 0x3184 tdx - ok

17:17:15.0551 0x3184 [ B4B68E1DB59456419D9E49645729502A, A741EDEBCF5E8141BCC8867D5A62024425656432B6E6B0A0131B1B4AB878744E ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys

17:17:15.0552 0x3184 terminpt - ok

17:17:15.0568 0x3184 [ 96037700AEE1B4D5A6FFC62861E4FF8C, E2E4D23525389C13126401215541F5625258DA18372CB5C98D0B95123A86ACFB ] TermService C:\WINDOWS\System32\termsrv.dll

17:17:15.0582 0x3184 TermService - ok

17:17:15.0584 0x3184 [ E0F78207F33D6C10CBFB23E873837C87, 55D4411A4070AFE81E576989D67DC411BAE39D9B90697E7646F07716EABE8EC1 ] Themes C:\WINDOWS\system32\themeservice.dll

17:17:15.0584 0x3184 Themes - ok

17:17:15.0584 0x3184 [ B52BA61AB8E4BAA83EA86BAB312EE6ED, D9A9D17FD222A67CA1906A422055718269929F0B33C7417F7D1F9447FD424683 ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe

17:17:15.0599 0x3184 TieringEngineService - ok

17:17:15.0599 0x3184 [ BC834B233125DBB321B809972F2E270E, 7085FAF5BC5E37E81E30345E984887E2D3F7657F87A23C0C1C0A4DFCD558BA55 ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll

17:17:15.0615 0x3184 tiledatamodelsvc - ok

17:17:15.0615 0x3184 [ 9B3AA589825CF90E187DF432D806A316, 47DF7637A4D41FF6C0C2AE8A502C339A05CE54493FE94FD76727EC3A25553B0E ] TimeBrokerSvc C:\WINDOWS\System32\TimeBrokerServer.dll

17:17:15.0615 0x3184 TimeBrokerSvc - ok

17:17:15.0615 0x3184 TokenBroker - ok

17:17:15.0635 0x3184 [ 1658D060057C85DEC82BFCB018C4C22F, 4428F0C462FC9FA19B2649ED700B95E038B99795BA5D4327C395EAFD647545C8 ] TPM C:\WINDOWS\System32\drivers\tpm.sys

17:17:15.0638 0x3184 TPM - ok

17:17:15.0642 0x3184 [ 39187852984778424A0EFD6B01FAB272, 2E7F7AEE8BAB1C6D8B880C28222EFFB721CFDA3B39215BB065088E396581ADA9 ] TrkWks C:\WINDOWS\System32\trkwks.dll

17:17:15.0646 0x3184 TrkWks - ok

17:17:15.0648 0x3184 TrustedInstaller - ok

17:17:15.0652 0x3184 [ 8D811209E34358EAD3FD8E40F657E59C, 1A40ED03C03C4FD87EBD166C0D87356F5036F04FBC1F9A600E92E2125B117DFE ] tsusbflt C:\WINDOWS\system32\drivers\TsUsbFlt.sys

17:17:15.0653 0x3184 tsusbflt - ok

17:17:15.0655 0x3184 [ 68DE1735FB020AE8948BD7B60F2EBD3B, 198EFA09C3FB57CD7C11F1AB91491E8FB8093F12DACE1B1AF1BDE50EBCD8EB43 ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys

17:17:15.0656 0x3184 TsUsbGD - ok

17:17:15.0661 0x3184 [ 32230D3F06B0874DFB727028CA4F6348, 8F50B556C38F736AAB8160912F0A3917BCA6396555D0DCB7A65B7FF0A8225416 ] tsusbhub C:\WINDOWS\system32\drivers\tsusbhub.sys

17:17:15.0663 0x3184 tsusbhub - ok

17:17:15.0666 0x3184 [ ACD39B0E5CFDA7B1AB7DF33FC5CC0E46, 89FE50DE5037770D568BA025A7EB06B5FAEA39A1EB97910319B942B02EFD14E5 ] tunnel C:\WINDOWS\System32\drivers\tunnel.sys

17:17:15.0668 0x3184 tunnel - ok

17:17:15.0672 0x3184 [ D5E68FCEDE15214BDB5D986D5B50E0BF, D2FA040B4BF4424928ABFB0B8CCA768C8DC9BE3DA86A3C61B1CEE1A2C543FADC ] tzautoupdate C:\WINDOWS\system32\tzautoupdate.dll

17:17:15.0675 0x3184 tzautoupdate - ok

17:17:15.0678 0x3184 [ 04FC2C7F73AE58BF0DD674164E28A6DF, 513E98D6838008B6F97E895BCD639679276AD6A7F7E789A6F3D4E9F9781CA78A ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys

17:17:15.0680 0x3184 UASPStor - ok

17:17:15.0684 0x3184 [ E437FC4B1833F6B745184F78C4921FB8, 171605C7BF95FE1F342B314A969ECBE0B0D04E67D1306F470B3424AB6DE1478D ] UcmCx0101 C:\WINDOWS\system32\Drivers\UcmCx.sys

17:17:15.0684 0x3184 UcmCx0101 - ok

17:17:15.0684 0x3184 [ 950A3E42167904CAB9AA64863C31CEB5, FC31C3177EDA9FFD2CE51EB2B1E696E50FFB378973C3C001EE29265FED249353 ] UcmTcpciCx0101 C:\WINDOWS\system32\Drivers\UcmTcpciCx.sys

17:17:15.0684 0x3184 UcmTcpciCx0101 - ok

17:17:15.0684 0x3184 [ 149CBBB74DFC3E52F242029A27B0F8EB, 8FF33A7011EC33FDF825749A985049B58FAC9CA640A813D462715E22F8EEB70D ] UcmUcsi C:\WINDOWS\System32\drivers\UcmUcsi.sys

17:17:15.0684 0x3184 UcmUcsi - ok

17:17:15.0700 0x3184 [ E6E91B3980A495D2A9D28A09580EA993, B4987D875A8AA176818C115844388EE64054411689B014ADEAC18164D02F6AE8 ] Ucx01000 C:\WINDOWS\system32\drivers\ucx01000.sys

17:17:15.0700 0x3184 Ucx01000 - ok

17:17:15.0700 0x3184 [ DACA289DFFA7658C04FEF6DCFA2AA9CE, 7BD32B5F395A8675D4B2BDCA75530F2FFA64ED87B2B67FDA08EF709A4EA15553 ] UdeCx C:\WINDOWS\system32\drivers\udecx.sys

17:17:15.0700 0x3184 UdeCx - ok

17:17:15.0700 0x3184 [ 12383D410AEF99AD6979A8EFD3D61888, 376929794A2A8B05DDB2EE93E58A3C3DA19855F5CBC8B29E208E28BF95970355 ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys

17:17:15.0715 0x3184 udfs - ok

17:17:15.0715 0x3184 [ AB7FE51D818B6059C2F56FA62268CCAC, D8412F13BFE0B96E0A9CCB5E25A567A66AE24983564D76954AA76DAF0A52726E ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys

17:17:15.0715 0x3184 UEFI - ok

17:17:15.0715 0x3184 [ A6134CA92B545353EEB0420F36D39F1C, 2F100FC25ACF16948C9B95A7FAA5336B7C8E3CB571196B04D5DB8308D8C6C491 ] UevAgentDriver C:\WINDOWS\system32\drivers\UevAgentDriver.sys

17:17:15.0715 0x3184 UevAgentDriver - ok

17:17:15.0742 0x3184 [ 8899E490269C7634368B4FE6E77CFE8D, ADDA7FD2DE1C94F9F91DA9C248DEF1D253B807FB07549EF14774C5D0001C5B3D ] UevAgentService C:\WINDOWS\system32\AgentService.exe

17:17:15.0755 0x3184 UevAgentService - ok

17:17:15.0763 0x3184 [ 58447F28E697A93521DD20530A8D50ED, BC166B829BA28DAEB8B113D5575D6A11BF81716B38797396496F4D2C2E537F23 ] Ufx01000 C:\WINDOWS\system32\drivers\ufx01000.sys

17:17:15.0766 0x3184 Ufx01000 - ok

17:17:15.0769 0x3184 [ 69ED2D00A7787D9D84E6C90CE0B02B2D, 55B137766D72BF5FFF645E8E76248FD15367DFDF7FFDABB9A9ECC27FD7555DD3 ] UfxChipidea C:\WINDOWS\System32\drivers\UfxChipidea.sys

17:17:15.0771 0x3184 UfxChipidea - ok

17:17:15.0775 0x3184 [ F061EC57330FBC597A4E7298BE667780, 0C32162782BAE9912373CA40A67567BAEF185173E033579C4833A91C11D83E2E ] ufxsynopsys C:\WINDOWS\System32\drivers\ufxsynopsys.sys

17:17:15.0777 0x3184 ufxsynopsys - ok

17:17:15.0782 0x3184 [ B26729B378282F72241859C13326E3E8, 859398D02E301B8C79078DB43E3BF9691EBA52DD0717868E27D2D6EF918098DD ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe

17:17:15.0785 0x3184 UI0Detect - ok

17:17:15.0788 0x3184 [ D40BCED160D332005AF612E1228825E6, 72B7B89A3ED1D6846D004D9BDCAAF8F1D488C21A93A926FE158217B529B55157 ] umbus C:\WINDOWS\System32\drivers\umbus.sys

17:17:15.0789 0x3184 umbus - ok

17:17:15.0791 0x3184 [ 64CF24D7B1FA4975C52A31BF4C82EB73, 2F803884A417F2DD39A155D20EAA4D61D494E41B0F98760810EC5193B84DD425 ] UmPass C:\WINDOWS\System32\drivers\umpass.sys

17:17:15.0792 0x3184 UmPass - ok

17:17:15.0798 0x3184 [ E6B6BDA0412D3C56275E662A5A1937FD, CB971073A34CF3FA184B8E41308A14CFD5E22F48B01109E7531DF013EB5E05E7 ] UmRdpService C:\WINDOWS\System32\umrdp.dll

17:17:15.0804 0x3184 UmRdpService - ok

17:17:15.0806 0x3184 UnistoreSvc - ok

17:17:15.0815 0x3184 [ D2931E3F67A990328DE5CE7E43F4467C, 06BA872FB07CFDD14813963A06E01F225EFDF58A63D6B0A5AEF7872C7126DF54 ] upnphost C:\WINDOWS\System32\upnphost.dll

17:17:15.0822 0x3184 upnphost - ok

17:17:15.0826 0x3184 [ ACE4C3B4C7D17B154FFC5BBE5F7A9835, C330123EE9BF90518CCB7DA923ED32C0CFA9319C886D9ECA65E3B84E743CB145 ] UrsChipidea C:\WINDOWS\System32\drivers\urschipidea.sys

17:17:15.0827 0x3184 UrsChipidea - ok

17:17:15.0829 0x3184 [ ECE40EB976A5ACB366808AECF6B235BA, FA00D0A8EF1BCA0349DCA961F4093DF790E5031F91586050372029AA9A7726C5 ] UrsCx01000 C:\WINDOWS\system32\drivers\urscx01000.sys

17:17:15.0830 0x3184 UrsCx01000 - ok

17:17:15.0833 0x3184 [ EB738F830D3E7EA62A218F101EF91FD4, 35B05845497448C0721377F0EDD7624A4043D0C6E91C5C1CB96853F2D3B16457 ] UrsSynopsys C:\WINDOWS\System32\drivers\urssynopsys.sys

17:17:15.0834 0x3184 UrsSynopsys - ok

17:17:15.0838 0x3184 [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64 C:\WINDOWS\System32\Drivers\usbaapl64.sys

17:17:15.0839 0x3184 USBAAPL64 - ok

17:17:15.0844 0x3184 [ B43E28E5CF868517EEC0923AB2BC366B, 01817474AFBC2199387F30F708DDD9458FB156EA4AECC8C3E2EBBCBF7A2BA857 ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys

17:17:15.0846 0x3184 usbccgp - ok

17:17:15.0849 0x3184 [ 1080D80B5F6D249F23BAE1C0C36233A4, 8EB810282DACCE101D4B5F70FEB450204359537098215DED1DBFF9E14B6F86D0 ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys

17:17:15.0851 0x3184 usbcir - ok

17:17:15.0854 0x3184 [ EE162DA2C92026A5B96ED89737975AA8, A26E58C7BEE9B6F0F692A2649F258384E55523A64889E3B7D8EFD6D77753E243 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys

17:17:15.0856 0x3184 usbehci - ok

17:17:15.0866 0x3184 [ C27FEE9758E3BEDE4D48B5EDBE1122CF, 64F7215ADCA3DC1E2D8EF3E6C3579529605DF8F7A2161FB04B19182C828E54D6 ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys

17:17:15.0872 0x3184 usbhub - ok

17:17:15.0882 0x3184 [ 4FA9C956E569D0D380C2859542361780, 974D094F89BF26881649747C1CB576C1E6448EF6C34110A08672EC8CEA2EE751 ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys

17:17:15.0883 0x3184 USBHUB3 - ok

17:17:15.0883 0x3184 [ 44B954306BB2B311E070EDA276FECAB1, 8F3C1FC07E2B8059E41AF3BD1CC03C67770B4FB403D79171CA075874721BBCAB ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys

17:17:15.0883 0x3184 usbohci - ok

17:17:15.0883 0x3184 [ EEF26F9034F0608B93D4D239534BB0BA, 6B047603D4F86C12CF0B22F4260E8BC6A6FF0BEEC50C74E31CA3A4E86567F90D ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys

17:17:15.0883 0x3184 usbprint - ok

17:17:15.0883 0x3184 [ E55C9AF5EE8905879048118824B06816, F431ABF555E09BE64AF7EA0B2573C7F5E5634408E03DC3FAC4A5CC7D48CAF0EC ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys

17:17:15.0899 0x3184 usbscan - ok

17:17:15.0899 0x3184 [ 913CFF365DB1803525DBD2AA8B8188B4, 271EB892F3C38E4B7B872C1EF6E76C8354CF84E7BC9FC185AC09EADF7EFDF73A ] usbser C:\WINDOWS\System32\drivers\usbser.sys

17:17:15.0899 0x3184 usbser - ok

17:17:15.0899 0x3184 [ 441CAE778B6A1FF6E618E37814A7A52A, 61DF48D662421F2149FA63187B2C8556A991BDA47EA75798BA86C572C432C1EB ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS

17:17:15.0899 0x3184 USBSTOR - ok

17:17:15.0899 0x3184 [ 2D6BB2157B37B2D9DABF8C218F2A805B, 5FCA03DCAE81F6B7A6EB63F13A361ED915D82635697DAA085A31D447C21C1B65 ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys

17:17:15.0899 0x3184 usbuhci - ok

17:17:15.0899 0x3184 USBXHCI - ok

17:17:15.0914 0x3184 UserDataSvc - ok

17:17:15.0914 0x3184 UserManager - ok

17:17:15.0914 0x3184 UsoSvc - ok

17:17:15.0914 0x3184 [ 94E06D509D50807774F35BEE3163E806, ADADFA0D533944579BA0E5FE31A68D4D1395E7B9DB75E58D47E0ADC0DA5AD16C ] VaultSvc C:\WINDOWS\system32\lsass.exe

17:17:15.0914 0x3184 VaultSvc - ok

17:17:15.0914 0x3184 [ C77C537077822D8EA529AD4EBFD971D6, B6753C6BE9814B98B1B1A309F5258132A0471160C1F6489CCE33E243C0D159FC ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys

17:17:15.0931 0x3184 vdrvroot - ok

17:17:15.0942 0x3184 [ 07C192BEEA76B1BD9D0310ED20551D54, 0E8A90B2A228CEE94DBD193E7C6775A64C8BBEF70E318F2ECE935B6ED5B26638 ] vds C:\WINDOWS\System32\vds.exe

17:17:15.0951 0x3184 vds - ok

17:17:15.0957 0x3184 [ 9D4EEE333603F3675685F644053499D5, 545A21F86C8CD64B556DE688B31DDB157863766D53E52DE443B881D267223578 ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys

17:17:15.0960 0x3184 VerifierExt - ok

17:17:15.0962 0x3184 vhdmp - ok

17:17:15.0964 0x3184 [ E10FEBB566E1F0A3936AB304F338637E, 01B344061F2A8802EE88F584CF583DCECA478823A0D37C41D90340E4E2FBC43F ] vhf C:\WINDOWS\System32\drivers\vhf.sys

17:17:15.0965 0x3184 vhf - ok

17:17:15.0967 0x3184 vmbus - ok

17:17:15.0970 0x3184 [ DC9E0600B356258E31403789119C78A9, 2746FD5B32EE19F0E310372DBE26DFB35BC521479B3B1D3FF94CFA5CD2147D56 ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys

17:17:15.0970 0x3184 VMBusHID - ok

17:17:15.0973 0x3184 [ B24F74B2710B66F647419697BDB9E163, C04F7F26DA0F0916CF4E60302A36C843F462038E0E8B0A6B8543B1259934B3D2 ] vmgid C:\WINDOWS\System32\drivers\vmgid.sys

17:17:15.0974 0x3184 vmgid - ok

17:17:15.0980 0x3184 [ CE70937143DBDB2B4BF3A0310EB9E189, 57465BEB5DFCD9BD8497B3D771D9F8F14F8BD44C939E4EEBAF23E83443B50733 ] vmicguestinterface C:\WINDOWS\System32\icsvc.dll

17:17:15.0982 0x3184 vmicguestinterface - ok

17:17:15.0982 0x3184 [ CE70937143DBDB2B4BF3A0310EB9E189, 57465BEB5DFCD9BD8497B3D771D9F8F14F8BD44C939E4EEBAF23E83443B50733 ] vmicheartbeat C:\WINDOWS\System32\icsvc.dll

17:17:15.0982 0x3184 vmicheartbeat - ok

17:17:15.0998 0x3184 [ CE70937143DBDB2B4BF3A0310EB9E189, 57465BEB5DFCD9BD8497B3D771D9F8F14F8BD44C939E4EEBAF23E83443B50733 ] vmickvpexchange C:\WINDOWS\System32\icsvc.dll

17:17:15.0998 0x3184 vmickvpexchange - ok

17:17:15.0998 0x3184 [ FD73A74D26F5BEC303763FD9CDD2DFB2, 7DA4CC00FBADAB50BD635EB825900CD917CBD130C617AE58B6404F8897776D64 ] vmicrdv C:\WINDOWS\System32\icsvcext.dll

17:17:16.0014 0x3184 vmicrdv - ok

17:17:16.0014 0x3184 [ CE70937143DBDB2B4BF3A0310EB9E189, 57465BEB5DFCD9BD8497B3D771D9F8F14F8BD44C939E4EEBAF23E83443B50733 ] vmicshutdown C:\WINDOWS\System32\icsvc.dll

17:17:16.0014 0x3184 vmicshutdown - ok

17:17:16.0029 0x3184 [ CE70937143DBDB2B4BF3A0310EB9E189, 57465BEB5DFCD9BD8497B3D771D9F8F14F8BD44C939E4EEBAF23E83443B50733 ] vmictimesync C:\WINDOWS\System32\icsvc.dll

17:17:16.0033 0x3184 vmictimesync - ok

17:17:16.0038 0x3184 [ CE70937143DBDB2B4BF3A0310EB9E189, 57465BEB5DFCD9BD8497B3D771D9F8F14F8BD44C939E4EEBAF23E83443B50733 ] vmicvmsession C:\WINDOWS\System32\icsvc.dll

17:17:16.0042 0x3184 vmicvmsession - ok

17:17:16.0049 0x3184 [ FD73A74D26F5BEC303763FD9CDD2DFB2, 7DA4CC00FBADAB50BD635EB825900CD917CBD130C617AE58B6404F8897776D64 ] vmicvss C:\WINDOWS\System32\icsvcext.dll

17:17:16.0053 0x3184 vmicvss - ok

17:17:16.0057 0x3184 [ D81F6B790519A60F3D1788B45D04B749, 7607DBA77412127C4968D3B6C4FD25F8C286A22DDDD9C78BDC54DF3A4C98AA8E ] vnvdimm C:\WINDOWS\System32\drivers\vnvdimm.sys

17:17:16.0058 0x3184 vnvdimm - ok

17:17:16.0060 0x3184 volmgr - ok

17:17:16.0068 0x3184 [ 6D6CACED512C1EF1FEAC215E37E3A9BC, 11B26DA5AB0C3736E2B8ADF3E06BFF3FD7853F9D6A948EA15ADC8B7D230062D4 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys

17:17:16.0072 0x3184 volmgrx - ok

17:17:16.0076 0x3184 volsnap - ok

17:17:16.0079 0x3184 [ 72A95A844D6BAF2924A4C15BEDFD6BCA, AB9F8C77A077C9E95061D562F516793E547BC276926E1895A186A39317F21BA1 ] volume C:\WINDOWS\system32\drivers\volume.sys

17:17:16.0080 0x3184 volume - ok

17:17:16.0083 0x3184 [ 702273C7C1BE9D366BAF1305D382F03C, 21239CE5857E00E28785D9C32E8F3E47850BBA66C05BA7D33FECDB8A17754449 ] vpci C:\WINDOWS\System32\drivers\vpci.sys

17:17:16.0083 0x3184 vpci - ok

17:17:16.0083 0x3184 [ 075CE3C9E77D2666AFA888951E5F07A9, 264EDD6301851A41FB2233DC9BFC357EE5B60BEC1A04578FD7A576BA145E2A31 ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys

17:17:16.0083 0x3184 vsmraid - ok

17:17:16.0114 0x3184 [ 16144D396BFFEFDB0B8A2C964CBAD35D, 76EC29F534AC4EF211B7914AEB7D0B6FC0088378F1C0D67BFCAAC19B104E580F ] VSS C:\WINDOWS\system32\vssvc.exe

17:17:16.0138 0x3184 VSS - ok

17:17:16.0146 0x3184 [ 26D00E85BE4726B114335250FCDEDA89, BA1E3EC92786A17B99BF6544FD76F0458DAC2810D2A3B0785AC2B066079D5B09 ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys

17:17:16.0150 0x3184 VSTXRAID - ok

17:17:16.0153 0x3184 [ 3DFDB573E4D49EA8F416B573525B7A86, 9951D34FF0B98CA562EC0D81E23DA81BF5E5E6B4F5C274BC8E258BAE5E69DF8D ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys

17:17:16.0154 0x3184 vwifibus - ok

17:17:16.0157 0x3184 [ A40FA64655AB5B8773A96A821616C5FC, 221063771A70CD6238D5DD816EC99BFFE31418EDA08E2270D864554234271087 ] vwififlt C:\WINDOWS\system32\drivers\vwififlt.sys

17:17:16.0159 0x3184 vwififlt - ok

17:17:16.0168 0x3184 [ A17A4F2823C5424C9B8B990644817DC0, D8CE6FC8B6B5BB89968D83AC3DC054C35BD16880D0B321B64799DA1830C2B626 ] W32Time C:\WINDOWS\system32\w32time.dll

17:17:16.0177 0x3184 W32Time - ok

17:17:16.0183 0x3184 [ AD72CFDA8E47BC32ED46DE4FD2434062, 0CFD5BFC6D19980E78382493167858CEE2A82977B5CD6646796270288315B3DA ] w3logsvc C:\WINDOWS\system32\inetsrv\w3logsvc.dll

17:17:16.0183 0x3184 w3logsvc - ok

17:17:16.0183 0x3184 [ A76A55BF0B22D1075434F1D723B9D1AC, 5522AD5CFCAC65D07CB80C810236590482FC4581451333AF37D99B54EBC176BE ] W3SVC C:\WINDOWS\system32\inetsrv\iisw3adm.dll

17:17:16.0199 0x3184 W3SVC - ok

17:17:16.0199 0x3184 [ 5B5430522E0BDF2A753D758710BE7C5E, 1476C664EFCE7A2FEE738BB767D3E2EABBEF19F1037D383140BC01F92E154039 ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys

17:17:16.0199 0x3184 WacomPen - ok

17:17:16.0199 0x3184 [ 451D40C28E7D1CF51A980B83FDEFF498, E6CEEB222A1C0D97E53DCFC2E22084FD4547A8CE3C16A54DD49622F524BF48CE ] WalletService C:\WINDOWS\system32\WalletService.dll

17:17:16.0214 0x3184 WalletService - ok

17:17:16.0214 0x3184 wanarp - ok

17:17:16.0214 0x3184 wanarpv6 - ok

17:17:16.0214 0x3184 [ E3B4C37F1F3D8078AA2AFBEE7F5468CF, E620DC9F5AAAE9652E3B742BBF4D671F04D623F657959C98F2230CEF26086CDE ] WarpJITSvc C:\WINDOWS\System32\Windows.WARP.JITService.dll

17:17:16.0214 0x3184 WarpJITSvc - ok

17:17:16.0230 0x3184 [ A76A55BF0B22D1075434F1D723B9D1AC, 5522AD5CFCAC65D07CB80C810236590482FC4581451333AF37D99B54EBC176BE ] WAS C:\WINDOWS\system32\inetsrv\iisw3adm.dll

17:17:16.0230 0x3184 WAS - ok

17:17:16.0261 0x3184 [ 1C1EB9C4DAF428B3BFDD58572768182C, 99F429EB8C2DEC185124B8811AF96D30E963E2F71CC7184AF8650805818B52E4 ] wbengine C:\WINDOWS\system32\wbengine.exe

17:17:16.0284 0x3184 wbengine - ok

17:17:16.0300 0x3184 [ D38ACBA3FE7B12C30D13A68B35FAB71A, 302AFB338F44E9A33617F073E8894127C151332FCFE98AEAD23986CB613EBE71 ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll

17:17:16.0314 0x3184 WbioSrvc - ok

17:17:16.0318 0x3184 wcifs - ok

17:17:16.0331 0x3184 [ EB1B7609CC9BFA19D81BC0A43CEE067B, 1D59CD94F8AFD9D2E098231A02DA21D5BFA97FD4E22ECF407F007D2B4C890D89 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll

17:17:16.0337 0x3184 Wcmsvc - ok

17:17:16.0337 0x3184 wcncsvc - ok

17:17:16.0337 0x3184 [ 9DE3FDFF295F2534DF0A8B6FC4F06355, 385D10468B3B703D3F544FF68DCDBE217BB2207374B1F4BF6EA18437192682D1 ] wcnfs C:\WINDOWS\system32\drivers\wcnfs.sys

17:17:16.0337 0x3184 wcnfs - ok

17:17:16.0353 0x3184 [ 16D3F1C6CB3D6BBFDF4893C7A14D6F12, EF46CFA4446E590641716422E8A04914D2C3AC7CAE898185CCF2D2D43FC7D33B ] WdBoot C:\WINDOWS\system32\drivers\wd\WdBoot.sys

17:17:16.0353 0x3184 WdBoot - ok

17:17:16.0368 0x3184 [ FCC960498E3CD899F0A429F7CF9E77AD, 91FB3B6AF1522754E6ECF5D0CD146B1D06F657D06E6D9D917F55A3789A92D8EB ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys

17:17:16.0368 0x3184 Wdf01000 - ok

17:17:16.0384 0x3184 [ 64EB43131121ADD90A061A75C8ADE9E6, 9AAADCDD608B408A2EF5353A084744697D33783EB0A980DE454868BFAEFB0447 ] WdFilter C:\WINDOWS\system32\drivers\wd\WdFilter.sys

17:17:16.0384 0x3184 WdFilter - ok

17:17:16.0384 0x3184 [ AB406F30BE98CDB7AA7171336EF031BA, 912137DE2DF4BE3B9D777E6F19B99FC233D0CE2CCE97B98AF885CC728AC78721 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll

17:17:16.0384 0x3184 WdiServiceHost - ok

17:17:16.0384 0x3184 [ AB406F30BE98CDB7AA7171336EF031BA, 912137DE2DF4BE3B9D777E6F19B99FC233D0CE2CCE97B98AF885CC728AC78721 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll

17:17:16.0400 0x3184 WdiSystemHost - ok

17:17:16.0400 0x3184 wdiwifi - ok

17:17:16.0400 0x3184 [ BE3C9DF77543C78004C400B1CAFCAB49, CEA858A00149199ED3444217BF764AB6ACBD830EEC44670BFCD816D736A54621 ] WdNisDrv C:\WINDOWS\system32\drivers\wd\WdNisDrv.sys

17:17:16.0400 0x3184 WdNisDrv - ok

17:17:16.0415 0x3184 [ 3F52178796F4E467D6A32C157F898EAD, 1A6C31F6CFAE5564B30FEE34901DA377F22DDE3174BB4BE0CE0C678FAF77D610 ] WdNisSvc C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\NisSrv.exe

17:17:16.0415 0x3184 WdNisSvc - ok

17:17:16.0415 0x3184 [ DF58AA71FBA55E15F572C93447696DEC, F20C93140A44C1E61B5544FC8B3A1145E9ED57B2F09881719F4B2853B4900891 ] wdnsfltr C:\WINDOWS\system32\drivers\wdnsfltr.sys

17:17:16.0415 0x3184 wdnsfltr - ok

17:17:16.0431 0x3184 [ A339FDE695599D96C4F78CC22A993AFB, 7697F527EB0588C4CA75A822526B88FA512003752410BDD9FA2993FB73B8FE8C ] WebClient C:\WINDOWS\System32\webclnt.dll

17:17:16.0431 0x3184 WebClient - ok

17:17:16.0431 0x3184 [ 7997BC2386A9976C0645A28FA8A6E7EA, ABE47A6132B7651EA2055F97E7BD9D596906086BCD726147449D4378C7E4F9B9 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll

17:17:16.0447 0x3184 Wecsvc - ok

17:17:16.0447 0x3184 [ CEA146E0D096A491B265CD2340C2E31D, 285BA0D58E6E93FEB0D8F33738C6A223D7269378B3E77A7760D7131E43DEBE7C ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll

17:17:16.0447 0x3184 WEPHOSTSVC - ok

17:17:16.0447 0x3184 [ 40610BA98D5830FB14C3695B3BCA647A, 6E047D04DDD9DCB142572CEAB5E73585062205BABE510C5B0D63800B2A9D251A ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll

17:17:16.0447 0x3184 wercplsupport - ok

17:17:16.0462 0x3184 [ AA2B3154D12ABE34640C866AC3472E33, 32EBA0B999FDA77E6828274FE49A7619B97471BF828B18BF55BDAE19FB10DC6A ] WerSvc C:\WINDOWS\System32\WerSvc.dll

17:17:16.0462 0x3184 WerSvc - ok

17:17:16.0478 0x3184 [ 86B816E9D24625287BDE9784953A5E86, BCA73B320100D7C1052751D7FA42990579B6BA5908E31B2212BFE75681B32D3F ] WFDSConMgrSvc C:\WINDOWS\System32\wfdsconmgrsvc.dll

17:17:16.0478 0x3184 WFDSConMgrSvc - ok

17:17:16.0493 0x3184 WFPLWFS - ok

17:17:16.0497 0x3184 [ F78A2731EC972312C4C998174A9BB325, 72CCA57EB6383F65683C276337F53AB38BC398CEA69E53D6E2867D5EE8B4B007 ] WiaRpc C:\WINDOWS\System32\wiarpc.dll

17:17:16.0501 0x3184 WiaRpc - ok

17:17:16.0504 0x3184 [ C8D3FC38426E990E2787771678B19C6D, FB6CA9A5BF3935793CD8B2F288FAC0C675B333D4F7393FA02244E3BCC2E25625 ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys

17:17:16.0505 0x3184 WIMMount - ok

17:17:16.0509 0x3184 [ 4D8668B32E5319A5E8852B1564184801, 641BCD04D2EC651A4612FC37E2487CB93ED1998BAAAC2A14031515EE292C893E ] WinDefend C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MsMpEng.exe

17:17:16.0511 0x3184 WinDefend - ok

17:17:16.0516 0x3184 [ 0484B0D01EA6F7017519EBDDBADE759D, CA8D44F226DA67A45A8B71D1C04C06FD5267996B445E32C6EEC695626030CA69 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys

17:17:16.0517 0x3184 WindowsTrustedRT - ok

17:17:16.0521 0x3184 [ 813EE0F4D4B8D599DB1968682D080732, A3EF1BBB866F5A7C1B5303BBF6E805B35739602CA7F244C076A8BF90F1CB2952 ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys

17:17:16.0522 0x3184 WindowsTrustedRTProxy - ok

17:17:16.0525 0x3184 WinHttpAutoProxySvc - ok

17:17:16.0528 0x3184 [ E23475E9150E6A50B12DB176EA5CDD56, 25699796948D4679D0C1633C726C3CDF052F877AAA18CD7D069F95A88701CB73 ] WinMad C:\WINDOWS\System32\drivers\winmad.sys

17:17:16.0529 0x3184 WinMad - ok

17:17:16.0538 0x3184 [ 0FBD5D358094E254A1508832D4042FF7, 4EC4DB3B03BE1518BB38D4F3BF79A77D1BCA5A2DE9BA5F9C9312606E4E2A14E9 ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll

17:17:16.0541 0x3184 Winmgmt - ok

17:17:16.0544 0x3184 WinNat - ok

17:17:16.0585 0x3184 [ C2A88E382CD48E4772A5570D66BF1A90, F1BFB1873FB1E37DAADE923FC30265C72018CF2003B0A5E0E5896167D1680D01 ] WinRM C:\WINDOWS\system32\WsmSvc.dll

17:17:16.0619 0x3184 WinRM - ok

17:17:16.0625 0x3184 [ E92F3539C4758F6A9F4B80CBAC75B3E6, 9CF9069B9A738E86181FB02904720B2A88353574F35BDC298A2EB697D22B7723 ] WINUSB C:\WINDOWS\System32\drivers\WinUSB.SYS

17:17:16.0625 0x3184 WINUSB - ok

17:17:16.0625 0x3184 [ 59126AFCC64270747B5CC9B44A4A48F4, C0C1E6B248E725FE02B58151838AAC8841FB70B673A2B6EFB49EEA96E7F1C1DA ] WinVerbs C:\WINDOWS\System32\drivers\winverbs.sys

17:17:16.0625 0x3184 WinVerbs - ok

17:17:16.0625 0x3184 [ 3A627A24EAC6CEC3BA59548AA70BAD6E, C4B908CEB2D6F7F14C635AE02E20B16DAF795073975AE3967627D27E8ABAB015 ] WirelessKeyboardFilter C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys

17:17:16.0625 0x3184 WirelessKeyboardFilter - ok

17:17:16.0640 0x3184 [ 0A3ADAA0EFAFA26CA8570E24A13CE484, 2B7FA1ADD904962F296111F555F4BB45A3BA77B6961DABC502B6DDC4E9324CEB ] wisvc C:\WINDOWS\system32\flightsettings.dll

17:17:16.0656 0x3184 wisvc - ok

17:17:16.0656 0x3184 WlanSvc - ok

17:17:16.0692 0x3184 [ 345056CEAC49D289098F7A33A2C7CA2B, 77839C3130D9742E8C3F79AA66AE0ADC59E0FC925B1E3C0331F8E27A2C834243 ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll

17:17:16.0720 0x3184 wlidsvc - ok

17:17:16.0737 0x3184 [ 56E1A46DD1C5D28B10F02E21D077EBF6, CC9AADBBBA03E162948EE39CCAAFD0A43253C86F5B875765748B73A084DC4B25 ] wlpasvc C:\WINDOWS\System32\lpasvc.dll

17:17:16.0753 0x3184 wlpasvc - ok

17:17:16.0753 0x3184 [ E8C793ED028E132771988760819E3754, 7BC02774EEDF4B884181854BEADF2DCAC615BA3ED7F1551C0863B79E009E3043 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys

17:17:16.0753 0x3184 WmiAcpi - ok

17:17:16.0753 0x3184 [ 7112092A3C6F41EDBE83636791C774D9, D7697F75EB9CAA5924CF7227A46BC5A0F1BDD3FA14D384ED5B669C1FB512B31D ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe

17:17:16.0753 0x3184 wmiApSrv - ok

17:17:16.0769 0x3184 WMPNetworkSvc - ok

17:17:16.0769 0x3184 [ 8D6E6F6C233AF450C50FA615530B44D2, 1BF6CD93B97920500F5FD0E9D8395ACCAAA2D126FD9C256148797B292D5F9A6C ] Wof C:\WINDOWS\system32\drivers\Wof.sys

17:17:16.0769 0x3184 Wof - ok

17:17:16.0807 0x3184 [ 1431D184691F7FA9AAC2064EB0EC6C96, 6185E5AB281327563DC4E87526B37792A9B4B86C65D5BADDBB1DBA6A50FC9134 ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll

17:17:16.0825 0x3184 workfolderssvc - ok

17:17:16.0825 0x3184 [ AE9793230B219113DE1163138645E5AE, 9CBC10269D847E4EFCF8B412D34B9551594396390BF5BFDEED03DBFB84D7174F ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll

17:17:16.0825 0x3184 WPDBusEnum - ok

17:17:16.0840 0x3184 [ 9EAE1EF282864674355B4B81DF6AE935, 781CED5AE95D365BB59769517FA9462EFC6472ED4EB08C98EC66CE3E17C66D69 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys

17:17:16.0840 0x3184 WpdUpFltr - ok

17:17:16.0840 0x3184 [ C75B59E441206A572CC64BBB60EE54B3, C43A3109EAB89B6A23E033C127F1B5586651A1A3A1C4D45ECFBF0ABE472FEBA1 ] WpnService C:\WINDOWS\system32\WpnService.dll

17:17:16.0840 0x3184 WpnService - ok

17:17:16.0856 0x3184 [ 07F4AF1730D55567EACE7ADDEA28FE48, 256671C52C350E42662DC590AE36BAFD06E9507551C39575BCD894D8FD040129 ] WpnUserService C:\WINDOWS\System32\WpnUserService.dll

17:17:16.0856 0x3184 WpnUserService - ok

17:17:16.0856 0x3184 [ 367B3ED0C688AFE28C376B0230814567, 1E7419254852A70AEAA30DF0F85C4E489591E5A0E90256C40676F712D45960CA ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys

17:17:16.0856 0x3184 ws2ifsl - ok

17:17:16.0872 0x3184 [ 39DA352FAD220E83CE64DE8DCCB9736B, 813D35DB7E4A7085DF0B1B8D8F16874E3BCE75DF72B5DB8E41E062B1F5B45D39 ] wscsvc C:\WINDOWS\System32\wscsvc.dll

17:17:16.0872 0x3184 wscsvc - ok

17:17:16.0872 0x3184 [ 7B44553610A89F2011CF69BEA9AFD4CB, A7DE907114570F8CC248F4996045D33C0FB0159B8E6F0A4127F1C205183DDF35 ] WSDPrintDevice C:\WINDOWS\System32\drivers\WSDPrint.sys

17:17:16.0872 0x3184 WSDPrintDevice - ok

17:17:16.0872 0x3184 WSearch - ok

17:17:16.0888 0x3184 wuauserv - ok

17:17:16.0892 0x3184 [ BD5E68B369DF3453A0A87663C6C5476D, 17B766ADB299D247EF9D4554F86015B38A89AE5C0310A36E1FCB0AC28462CE96 ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys

17:17:16.0893 0x3184 WudfPf - ok

17:17:16.0899 0x3184 [ A86A249314FD0A780214028B0C31A386, 71D0A346DA228EFD44F2D63765A01B59B305EC753C172730096F143F3A4D62F0 ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys

17:17:16.0902 0x3184 WUDFRd - ok

17:17:16.0908 0x3184 [ A86A249314FD0A780214028B0C31A386, 71D0A346DA228EFD44F2D63765A01B59B305EC753C172730096F143F3A4D62F0 ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys

17:17:16.0911 0x3184 WUDFWpdFs - ok

17:17:16.0914 0x3184 WwanSvc - ok

17:17:16.0917 0x3184 [ 42C738ED1552FE168F6EE1BAE8ACFCAC, 01E9CD1FA7935DD442A2EBFC93E4BDDF204F995379FCAFFEADAF0BF6638AB925 ] xbgm C:\WINDOWS\system32\xbgmsvc.exe

17:17:16.0921 0x3184 xbgm - ok

17:17:16.0936 0x3184 [ A03C4D4D71304087820A0EF18FCF7582, F92737321A5082A72F20491810A09D249F0676F0F12478A2C81ADF9B2F79BAB0 ] XblAuthManager C:\WINDOWS\System32\XblAuthManager.dll

17:17:16.0938 0x3184 XblAuthManager - ok

17:17:16.0969 0x3184 [ 77ADC2F5DBE303EF8B8D2D08AEE3F3DB, 65128FB8561EF1BE4E3CAA3B0D873FEA3A218E3CF90527068C43F6E549ECB188 ] XblGameSave C:\WINDOWS\System32\XblGameSave.dll

17:17:16.0985 0x3184 XblGameSave - ok

17:17:16.0993 0x3184 [ 2244A4CEFE8F9C74091369ACE2E9EBC6, 48F59F36EBA0434BED00B53321107C0BDFF20131683D5E6BC7A9F5DA0B8B6929 ] xboxgip C:\WINDOWS\System32\drivers\xboxgip.sys

17:17:16.0996 0x3184 xboxgip - ok

17:17:17.0000 0x3184 [ 1A9550D746B8604D37A90436EF686777, 3DBF305C228D28A3C4FC48F65CC38BDBFEE6B7995CEE8319E680E073978CA58B ] XboxGipSvc C:\WINDOWS\System32\XboxGipSvc.dll

17:17:17.0004 0x3184 XboxGipSvc - ok

17:17:17.0021 0x3184 [ 4951DD543AA2710760D90A58261ED665, 37D08FA58147A6606E69DB39405898D82BC40420F8FFB0BD097694A53E60AD1D ] XboxNetApiSvc C:\WINDOWS\system32\XboxNetApiSvc.dll

17:17:17.0025 0x3184 XboxNetApiSvc - ok

17:17:17.0041 0x3184 [ 83711BDFF0D61A57233E5D286BF04E7F, AC57449F4F73C6EDB1257B536316D356CC5E466558BFBD899174C0A6DCC79CCF ] XeroxPrintJobEventManagerService C:\Program Files\Xerox\XeroxPrintExperience\CommonFiles\XeroxPrintJobEventManagerService.exe

17:17:17.0041 0x3184 XeroxPrintJobEventManagerService - ok

17:17:17.0041 0x3184 [ 4A91B49C6B1E41151D47CB919ADF013A, 4DA1E3F50B2D63AFD2F7A014E3C0420C1E7DEDE96A48EEC33C53023D88F9AAFF ] xinputhid C:\WINDOWS\System32\drivers\xinputhid.sys

17:17:17.0041 0x3184 xinputhid - ok

17:17:17.0041 0x3184 ================ Scan global ===============================

17:17:17.0056 0x3184 [ EB45383BE9D7ECB36D55B262E0D8EB46, DC975066C426B5FBBFA3A4254D1D97DBF889B6BFD062D9FF1892F66C0CFF2DE3 ] C:\WINDOWS\system32\basesrv.dll

17:17:17.0056 0x3184 [ 79DA21044C98FD6CD01EA9E488DF82C5, 0E5A7D4F4D22661F34F21FCA548C381A0D6EF65C49110D9C55A5B1FF50BE6700 ] C:\WINDOWS\system32\winsrv.dll

17:17:17.0056 0x3184 [ 9451BA31B1DC19CED2608D82863C6486, 888F8676086DD8338445C35A64106E01122881FD08858D3996470EBF0DF30648 ] C:\WINDOWS\system32\sxssrv.dll

17:17:17.0072 0x3184 [ Global ] - ok

17:17:17.0072 0x3184 ================ Scan MBR ==================================

17:17:17.0072 0x3184 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0

17:17:17.0134 0x3184 \Device\Harddisk0\DR0 - ok

17:17:17.0155 0x3184 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1

17:17:17.0170 0x3184 \Device\Harddisk1\DR1 - ok

17:17:17.0170 0x3184 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk3\DR3

17:17:17.0189 0x3184 \Device\Harddisk3\DR3 - ok

17:17:17.0190 0x3184 ================ Scan VBR ==================================

17:17:17.0194 0x3184 [ C621EA17DF46CC7E8C29F3CD83AB89A7 ] \Device\Harddisk0\DR0\Partition1

17:17:17.0197 0x3184 \Device\Harddisk0\DR0\Partition1 - ok

17:17:17.0200 0x3184 [ B684C799767D374ABA936D874FBAA151 ] \Device\Harddisk0\DR0\Partition2

17:17:17.0202 0x3184 \Device\Harddisk0\DR0\Partition2 - ok

17:17:17.0206 0x3184 [ 0DBA27018B6B9682C64CD02DEDFDCC7B ] \Device\Harddisk1\DR1\Partition1

17:17:17.0208 0x3184 \Device\Harddisk1\DR1\Partition1 - ok

17:17:17.0212 0x3184 [ 5470202BF2C41F1DFB9B7DAF27D97E87 ] \Device\Harddisk3\DR3\Partition1

17:17:17.0215 0x3184 \Device\Harddisk3\DR3\Partition1 - ok

17:17:17.0216 0x3184 ================ Scan generic autorun ======================

17:17:17.0217 0x3184 SecurityHealth - ok

17:17:17.0419 0x3184 [ C3DEFB0B48ED819E6C794E13D1544F19, BBB7B73FED61A5CCC391700D24B9EAF333528820B7697EEB010EBD9EC17FDF9E ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

17:17:17.0555 0x3184 RTHDVCPL - ok

17:17:17.0591 0x3184 [ AA36B62EC778855807AAA5801C3BB204, B63CA0F34014E6278912608E06B78556341F3919F2BC62644A5B3B76642D668D ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe

17:17:17.0610 0x3184 NvBackend - ok

17:17:17.0656 0x3184 [ AC33A1227A44C19909B27FBAACCE83B1, 1A51EFE0A713D804226811EBCDE1869628C350627F2A827DB670BB66219F86C9 ] E:\Program Files\iTunes\iTunesHelper.exe

17:17:17.0656 0x3184 iTunesHelper - ok

17:17:17.0740 0x3184 [ 25DD79D209BDDD1136A95BBBE4943DD8, E8FE4B17ECCD11242158C4848B49592392A8AEA5644AB2A516A6DB9E77AFE0D1 ] C:\Program Files (x86)\Dropbox\Client\Dropbox.exe

17:17:17.0771 0x3184 Dropbox - ok

17:17:17.0793 0x3184 [ 658450EBD38C5538CD66219B5CBE1EDC, 28EA21AF305AB6A9F4CFC6A92498BD37AB0D2480681AED2275397280A222639A ] C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe

17:17:17.0796 0x3184 TkBellExe - ok

17:17:17.0840 0x3184 [ 7105825F70F90D361547C38F22C55E41, E854C79C95D2E056E76D2F7AC6E02E6CD66679E36625DA7B207304CAD5D40B9E ] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe

17:17:17.0887 0x3184 Intuit SyncManager - ok

17:17:17.0894 0x3184 [ 34D296AFC913E302953C70463EF09A48, BC413307CBC56C039EE8A05B51A56E14EF59678FBB33815AEB320078056C8CE7 ] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe

17:17:17.0895 0x3184 HP Software Update - ok

17:17:17.0941 0x3184 [ F655E4A1AED366E96E5D5AA397E0F255, F8573CCA72FA25079B8CE2FC5D30379487E2905B109C73C741FAB31589FA49E1 ] E:\Program Files (x86)\QuickTime\QTTask.exe

17:17:17.0941 0x3184 QuickTime Task - ok

17:17:17.0956 0x3184 [ D3F0452392C45081D8866A92C86D1C7C, A746ED0D69FC51D974B445AB387C7315B70D7555B7499945A1D64F3E8A865340 ] C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe

17:17:17.0956 0x3184 ISUSPM - ok

17:17:17.0972 0x3184 [ B0AE1971372BEAFCBCAAD33C918B6CE9, 061C76AC765DDBF55AF4BF374678583267B9DC5334323C5D0C1CB55A4EADE970 ] E:\Program Files (x86)\Roxio Creator NXT Pro 3\Common\RoxWatchTray15.exe

17:17:17.0972 0x3184 RoxWatchTray - ok

17:17:18.0103 0x3184 [ 8A744F7B384C17CB548564EB31739E10, 92A08E881BD1A181BAAAFF6B147BC3C920CFEA96F2F79B6DDADC4DDFFD4CE111 ] E:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe

17:17:18.0141 0x3184 Fitbit Connect - ok

17:17:18.0455 0x3184 [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe

17:17:18.0661 0x3184 OneDriveSetup - ok

17:17:18.0938 0x3184 [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe

17:17:19.0143 0x3184 OneDriveSetup - ok

17:17:19.0159 0x3184 [ 17AFF7E3C05658EE195DC5F0FA16B15E, 62925CFA2F9B7AC0992A1DD4A9A00E84C2A2B244B38EF32925728E58DD4E4CAD ] C:\Users\garyh\AppData\Local\Google\Update\1.3.33.7\GoogleUpdateCore.exe

17:17:19.0174 0x3184 Google Update - ok

17:17:19.0399 0x3184 [ 0B5C25E963B1475EDDBEE458F4C01ECE, 04482FD61944196BF5723C3509D2D68A8CA19EC4B0D6C110F7251B2499EF4E35 ] E:\Program Files\CCleaner\CCleaner64.exe

17:17:19.0480 0x3184 CCleaner Monitoring - ok

17:17:19.0536 0x3184 [ 558AB8FE5AE2BF672B974FAA8EA4D421, 7B51CE2B3E4700A0F51632FE734CD3E9F0B5FF1C82FF06D25A20D3BC64C43025 ] e:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe

17:17:19.0552 0x3184 NETGEARGenie - ok

17:17:19.0664 0x3184 [ 8A744F7B384C17CB548564EB31739E10, 92A08E881BD1A181BAAAFF6B147BC3C920CFEA96F2F79B6DDADC4DDFFD4CE111 ] E:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe

17:17:19.0698 0x3184 Fitbit Connect - ok

17:17:19.0768 0x3184 [ 11768733C86B4DFE27D124918CC9018D, F885DC0FFABA4A9C1B3D56745EB163AF81C9C5B714AF99D5F8F1A26E551D8A76 ] C:\Program Files\HP\HP OfficeJet Pro 8720\Bin\ScanToPCActivationApp.exe

17:17:19.0806 0x3184 HP OfficeJet Pro 8720 (NET) - ok

17:17:19.0848 0x3184 [ 22F7B9670AD770C7ED7F4738204C8E5C, 7B793AC094CB1B073419B5DAE09DFBB8EBED03D29301F490AA76EA0667613438 ] C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe

17:17:19.0874 0x3184 HP Officejet Pro 8600 (NET) - ok

17:17:19.0914 0x3184 [ 4FB71EB1518C01E694B9380A400FDCE3, 950EE7066DA7252EE7BBFB018C8603D75E6353FEF3D2A092BE0637384FBC6161 ] E:\Program Files (x86)\Office Timeline\Current\OfficeTimelineStartup.exe

17:17:19.0914 0x3184 Office Timeline Performance Helper - ok

17:17:19.0914 0x3184 [ 2FDE0E8E46380B04003D8F5772662E58, FE4E03AFD765B6ADFEDCD49EBAE421C8FC17BF8380BD46BA9BA84D87AFAD4D34 ] C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe

17:17:19.0914 0x3184 RoboForm - ok

17:17:20.0181 0x3184 [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe

17:17:20.0382 0x3184 OneDriveSetup - ok

17:17:20.0398 0x3184 [ 93690F7205E1A337E94682E612F8AD22, F1B3798A2A1E5B9D616F743E5FBA9FA23A9FFCED40F35A7FCF0BD2D99E022CB8 ] C:\Program Files (x86)\Windows Mail\wab.exe

17:17:20.0414 0x3184 WAB Migrate - ok

17:17:20.0698 0x3184 [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe

17:17:20.0899 0x3184 OneDriveSetup - ok

17:17:20.0934 0x3184 [ 93690F7205E1A337E94682E612F8AD22, F1B3798A2A1E5B9D616F743E5FBA9FA23A9FFCED40F35A7FCF0BD2D99E022CB8 ] C:\Program Files (x86)\Windows Mail\wab.exe

17:17:20.0940 0x3184 WAB Migrate - ok

17:17:21.0183 0x3184 [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe

17:17:21.0398 0x3184 OneDriveSetup - ok

17:17:21.0414 0x3184 [ 93690F7205E1A337E94682E612F8AD22, F1B3798A2A1E5B9D616F743E5FBA9FA23A9FFCED40F35A7FCF0BD2D99E022CB8 ] C:\Program Files (x86)\Windows Mail\wab.exe

17:17:21.0429 0x3184 WAB Migrate - ok

17:17:21.0429 0x3184 Waiting for KSN requests completion. In queue: 218

17:17:22.0465 0x3184 AV detected via SS2: Windows Defender, windowsdefender:// ( ), 0x61100 ( enabled : updated )

17:17:22.0480 0x3184 Win FW state via NFP2: enabled ( trusted )

17:17:22.0772 0x3184 ============================================================

17:17:22.0772 0x3184 Scan finished

17:17:22.0772 0x3184 ============================================================

17:17:22.0792 0x22a8 Detected object count: 0

17:17:22.0792 0x22a8 Actual detected object count: 0

I'm trying an ESET online scanner, just started.

What next?

Eset also seems to be corrupted also.

Broni · Jan 24, 2018

Please, observe following rules:

Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
If you're stuck, or you're not sure about certain step, always ask before doing anything else.
Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
Never run more than one scan at a time.
Keep updating me regarding your computer behavior, good, or bad.
The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

====================================

Please explain "Problem with 92062d.msi"

glhglh · Jan 24, 2018

There were no instructions.

Broni · Jan 24, 2018

In your title it says ""Problem with 92062d.msi".
What does it mean?. Was it some kind of error message you received?

glhglh · Jan 24, 2018

Yes, when I try to unload a program on the computer (or load some of the virus programs, I get that message.

when I searched for that msi, it said it was in windows/installs (or something like that). when I look in windows explorer, there is no such directory.

Broni · Jan 24, 2018

NOTE 1. Use another working computer to download Farbar Recovery Scan Tool and save it to USB flash drive.
NOTE 2. Install Panda USB Vaccine, or BitDefender’s USB Immunizer on GOOD computer to protect it from any infected USB device.

For x32 (x86) bit systems download Farbar Recovery Scan Tool 32-Bit and save it to a flash drive.
For x64 bit systems download Farbar Recovery Scan Tool 64-Bit and save it to a flash drive.

Plug the flashdrive into the infected PC.

If you are using Windows 10 If you're having problems accessing System Recovery Options create Windows 10 USB or DVD as described here: http://betanews.com/2015/07/29/how-...your-own-installation-usb-flash-drive-or-dvd/ and boot from it.

If you are using Windows 8 consult How to use the Windows 8 System Recovery Environment Command Prompt to enter System Recovery Command prompt. To access Advanced Boot Options start and shut down computer TWICE. On third start you should see Advanced Boot Options.

If you are using Vista or Windows 7 enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:

Restart the computer.
As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
Use the arrow keys to select the Repair your computer menu item.
Select US as the keyboard language settings, and then click Next.
Select the operating system you want to repair, and then click Next.
Select your user account an click Next.

To enter System Recovery Options by using Windows installation disc:

Insert the installation disc.
Restart your computer.
If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
Click Repair your computer.
Select US as the keyboard language settings, and then click Next.
Select the operating system you want to repair, and then click Next.
Select your user account and click Next.

On the System Recovery Options menu you will get the following options:

Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt

Select Command Prompt
In the command window type in notepad and press Enter.
The notepad opens. Under File menu select Open.
Select "Computer" and find your flash drive letter and close the notepad.
In the command window type e:\frst (for x64 bit version type e:\frst64) and press Enter
Note: Replace letter e with the drive letter of your flash drive.
The tool will start to run.
When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.

glhglh · Jan 25, 2018

Frst 1

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21.01.2018

Ran by garyh (administrator) on GLH-DESKTOP-I7 (25-01-2018 15:18:47)

Running from H:\Virus

Loaded Profiles: garyh & QBDataServiceUser23 & QBDataServiceUser26 (Available Profiles: garyh & QBDataServiceUser23 & QBDataServiceUser26 & DefaultAppPool)

Platform: Windows 10 Pro Version 1709 16299.192 (X64) Language: English (United States)

Internet Explorer Version 11 (Default browser: IE)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool:

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe

(Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe

(Intuit) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe

(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe

(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe

(Xerox Corporation) C:\Program Files\Xerox\XeroxPrintExperience\CommonFiles\XeroxPrintJobEventManagerService.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

() C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe

(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\MsMpEng.exe

(arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe

(Microsoft Corporation) C:\Windows\System32\mqsvc.exe

() E:\Program Files\UCT\HDR Express 3\HDRExpress3Service.exe

(Fitbit, Inc.) E:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe

(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe

(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe

(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe

(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\NisSrv.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe

(Apple Inc.) E:\Program Files\iTunes\iTunesHelper.exe

(HP Inc.) C:\Program Files\HP\HP OfficeJet Pro 8720\Bin\ScanToPCActivationApp.exe

(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe

(Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe

(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe

(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe

(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe

(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe

(Logitech Inc.) E:\Program Files (x86)\Squeezebox\SqueezeTray.exe

(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe

(Logitech Inc.) E:\Program Files (x86)\Squeezebox\server\SqueezeSvr.exe

(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe

(Fitbit, Inc.) E:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe

(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe

(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe

(Intuit, Inc.) E:\Program Files (x86)\Intuit\QuickBooks 2013\QBDBMgrN.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(Intuit, Inc.) E:\Program Files (x86)\Intuit\QuickBooks 2016\QBDBMgrN.exe

(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe

(InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe

() E:\Program Files (x86)\Roxio Creator NXT Pro 3\Roxio Burn\RoxioBurnLauncher.exe

() E:\Program Files (x86)\Roxio Creator NXT Pro 3\Roxio Burn\Roxio Burn.exe

(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11712.1001.13.0_x64__8wekyb3d8bbwe\WinStore.App.exe

() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe

(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe

(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe

(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe

(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Windows\System32\cmd.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(Siber Systems Inc.) C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome-nm-host.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13513288 2015-06-07] (Realtek Semiconductor)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1794704 2015-02-20] (NVIDIA Corporation)

HKLM\...\Run: [iTunesHelper] => E:\Program Files\iTunes\iTunesHelper.exe [297272 2017-12-11] (Apple Inc.)

HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3567928 2018-01-17] (Dropbox, Inc.)

HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [286272 2015-06-07] (RealNetworks, Inc.)

HKLM-x32\...\Run: [Intuit SyncManager] => C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe [3792648 2015-08-19] (Intuit Inc. All rights reserved.)

HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)

HKLM-x32\...\Run: [QuickTime Task] => E:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-08-06] (Apple Inc.)

HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [324976 2010-05-21] (Flexera Software, Inc.)

HKLM-x32\...\Run: [RoxWatchTray] => E:\Program Files (x86)\Roxio Creator NXT Pro 3\Common\RoxWatchTray15.exe [295112 2014-09-26] (Corel Corporation)

HKLM-x32\...\Run: [Fitbit Connect] => E:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [4567720 2015-10-28] (Fitbit, Inc.)

HKU\S-1-5-21-1582027158-3427342393-2586192252-1001\...\Run: [Google Update] => C:\Users\garyh\AppData\Local\Google\Update\1.3.33.7\GoogleUpdateCore.exe [601680 2017-11-15] (Google Inc.)

HKU\S-1-5-21-1582027158-3427342393-2586192252-1001\...\Run: [CCleaner Monitoring] => E:\Program Files\CCleaner\CCleaner64.exe [9105112 2016-11-15] (Piriform Ltd)

HKU\S-1-5-21-1582027158-3427342393-2586192252-1001\...\Run: [NETGEARGenie] => e:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe [602880 2015-06-01] (NETGEAR Inc.)

HKU\S-1-5-21-1582027158-3427342393-2586192252-1001\...\Run: [Fitbit Connect] => E:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [4567720 2015-10-28] (Fitbit, Inc.)

HKU\S-1-5-21-1582027158-3427342393-2586192252-1001\...\Run: [HP OfficeJet Pro 8720 (NET)] => C:\Program Files\HP\HP OfficeJet Pro 8720\Bin\ScanToPCActivationApp.exe [3736584 2015-08-31] (HP Inc.)

HKU\S-1-5-21-1582027158-3427342393-2586192252-1001\...\Run: [HP Officejet Pro 8600 (NET)] => C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)

HKU\S-1-5-21-1582027158-3427342393-2586192252-1001\...\Run: [Office Timeline Performance Helper] => E:\Program Files (x86)\Office Timeline\Current\OfficeTimelineStartup.exe [13056 2015-04-03] (OfficeTimeline LLC)

HKU\S-1-5-21-1582027158-3427342393-2586192252-1001\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [110376 2018-01-05] (Siber Systems)

HKU\S-1-5-21-1582027158-3427342393-2586192252-1001\...\MountPoints2: {a0d7e724-3afa-11e5-9bc2-806e6f6e6963} - "D:\setup.exe"

HKU\S-1-5-21-1582027158-3427342393-2586192252-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Mystify.scr [150016 2017-09-29] (Microsoft Corporation)

HKU\S-1-5-21-1582027158-3427342393-2586192252-1002\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [519680 2017-09-29] (Microsoft Corporation)

HKU\S-1-5-21-1582027158-3427342393-2586192252-1003\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [519680 2017-09-29] (Microsoft Corporation)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Intuit Data Protect.lnk [2015-07-20]

ShortcutTarget: Intuit Data Protect.lnk -> C:\Program Files (x86)\Common Files\Intuit\DataProtect\IntuitDataProtect.exe (Intuit Inc.)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Logitech Media Server Tray Tool.lnk [2015-06-12]

ShortcutTarget: Logitech Media Server Tray Tool.lnk -> E:\Program Files (x86)\Squeezebox\SqueezeTray.exe (Logitech Inc.)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk [2016-06-02]

ShortcutTarget: QuickBooks Update Agent.lnk -> C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit Inc.)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks_Standard_21.lnk [2016-06-02]

ShortcutTarget: QuickBooks_Standard_21.lnk -> E:\Program Files (x86)\Intuit\QuickBooks 2016\QBW32.EXE (Intuit Inc.)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealTimes.lnk [2015-06-07]

ShortcutTarget: RealTimes.lnk -> C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpsystray.exe (RealNetworks, Inc.)

GroupPolicy: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

Tcpip\..\Interfaces\{d7f2a025-9c18-40d3-b84c-ca74bd845c1c}: [DhcpNameServer] 192.168.1.1

Internet Explorer:

==================

HKU\S-1-5-21-1582027158-3427342393-2586192252-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.nytimes.com/?WT.z_jog=1&hF=f&vS=undefined

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-01-19] (Microsoft Corporation)

BHO: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2018-01-05] (Siber Systems Inc.)

BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-27] (Google Inc.)

BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2018-01-19] (Microsoft Corporation)

BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2018-01-19] (Microsoft Corporation)

BHO-x32: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2018-01-05] (Siber Systems Inc.)

BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-27] (Google Inc.)

Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2018-01-05] (Siber Systems Inc.)

Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-27] (Google Inc.)

Toolbar: HKLM-x32 - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2018-01-05] (Siber Systems Inc.)

Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-27] (Google Inc.)

Toolbar: HKU\S-1-5-21-1582027158-3427342393-2586192252-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-27] (Google Inc.)

Toolbar: HKU\S-1-5-21-1582027158-3427342393-2586192252-1001 -> &RoboForm Toolbar - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2018-01-05] (Siber Systems Inc.)

DPF: HKLM-x32 {D821DC4A-0814-435E-9820-661C543A4679} hxxp://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx

DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} hxxps://benefitsinformation.webex.com/client/WBXclient-T29L10NSP13EP50-10011/nbr/ieatgpc1.cab

Handler-x32: intu-help-qb6 - {6898B29B-BF49-43cb-A0B1-D0B9496AF491} - E:\Program Files (x86)\Intuit\QuickBooks 2013\HelpAsyncPluggableProtocol.dll [2016-05-09] (Intuit, Inc.)

Handler-x32: intu-help-qb9 - {C1252096-0E63-4C06-A38B-03DF9A16AA12} - E:\Program Files (x86)\Intuit\QuickBooks 2016\HelpAsyncPluggableProtocol.dll [2017-12-12] (Intuit, Inc.)

Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-01-19] (Microsoft Corporation)

Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-01-19] (Microsoft Corporation)

Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-01-19] (Microsoft Corporation)

Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-01-19] (Microsoft Corporation)

Handler-x32: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\WINDOWS\system32\mscoree.dll [2017-09-29] (Microsoft Corporation)

Edge:

======

Edge HomeButtonPage: HKU\S-1-5-21-1582027158-3427342393-2586192252-1001 -> about:start

Edge Extension: (No Name) -> EdgeExtension_SiberSystemsIncRoboFormEdge_7kk3kr9e0p1np => C:\Program Files\WindowsApps\SiberSystemsInc.RoboFormEdge_8.4.2.0_neutral__7kk3kr9e0p1np [not found]

Edge Extension: (No Name) -> MouseGestures_MicrosoftMouseGestures_8wekyb3d8bbwe => C:\Program Files\WindowsApps\Microsoft.MouseGestures_0.6.17136.0_neutral__8wekyb3d8bbwe [2017-11-28]

FireFox:

========

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-01-19] (Microsoft Corporation)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-01-19] (Microsoft Corporation)

FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-10-27] (NVIDIA Corporation)

FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-10-27] (NVIDIA Corporation)

FF Plugin-x32: @real.com/nppl3260;version=18.0.0.112 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2015-06-07] (RealNetworks, Inc.)

FF Plugin-x32: @real.com/nprpplugin;version=18.0.0.112 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [2015-06-07] (RealTimes)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-13] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-13] (Google Inc.)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)

FF Plugin HKU\S-1-5-21-1582027158-3427342393-2586192252-1001: @citrixonline.com/appdetectorplugin -> C:\Users\garyh\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-12-15] (Citrix Online)

FF Plugin HKU\S-1-5-21-1582027158-3427342393-2586192252-1001: @tools.google.com/Google Update;version=3 -> C:\Users\garyh\AppData\Local\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)

FF Plugin HKU\S-1-5-21-1582027158-3427342393-2586192252-1001: @tools.google.com/Google Update;version=9 -> C:\Users\garyh\AppData\Local\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)

Chrome:

=======

CHR DefaultProfile: Default

CHR HomePage: Default -> hxxp://www.google.com/

CHR StartupUrls: Default -> "hxxps://www.nytimes.com/","hxxps://www.facebook.com/groups/Korea.xpcvs/","hxxps://translate.google.com/?hl=en&tab=wT"

CHR Profile: C:\Users\garyh\AppData\Local\Google\Chrome\User Data\Default [2018-01-25]

CHR Extension: (Slides) - C:\Users\garyh\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-17]

CHR Extension: (Docs) - C:\Users\garyh\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-17]

CHR Extension: (Google Drive) - C:\Users\garyh\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]

CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\garyh\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2018-01-05]

CHR Extension: (YouTube) - C:\Users\garyh\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-28]

CHR Extension: (Google Cast) - C:\Users\garyh\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2018-01-25]

CHR Extension: (Google Search) - C:\Users\garyh\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-31]

CHR Extension: (Sheets) - C:\Users\garyh\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-17]

CHR Extension: (Google Docs Offline) - C:\Users\garyh\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]

CHR Extension: (Chrome Web Store Payments) - C:\Users\garyh\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]

CHR Extension: (Gmail) - C:\Users\garyh\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-06]

CHR Extension: (Chrome Media Router) - C:\Users\garyh\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-15]

CHR Extension: (RoboForm Password Manager) - C:\Users\garyh\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnlccmojcmeohlpggmfnbbiapkmbliob [2018-01-05]

CHR HKLM\...\Chrome\Extension: [pnlccmojcmeohlpggmfnbbiapkmbliob] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx [2016-04-11]

CHR HKLM-x32\...\Chrome\Extension: [pnlccmojcmeohlpggmfnbbiapkmbliob] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx [2016-04-11]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-11-27] (Apple Inc.)

S3 becldr3Service; C:\Program Files\BCL Technologies\easyConverter SDK 3\Common\becldr.exe [263168 2013-07-03] () [File not signed]

R2 BOT4Service; C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe [22760 2014-01-22] ()

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [7761584 2017-12-23] (Microsoft Corporation)

S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-10-06] (Dropbox, Inc.)

S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-10-06] (Dropbox, Inc.)

R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51016 2018-01-17] (Dropbox, Inc.)

R2 Fitbit Connect; E:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe [5906088 2015-10-28] (Fitbit, Inc.) [File not signed]

S3 gusvc; E:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [194032 2015-06-06] (Google)

R2 HDRExpress3Service; e:\Program Files\UCT\HDR Express 3\HDRExpress3Service.exe [32784 2014-10-23] ()

R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89840 2015-03-28] (Hewlett-Packard Company)

R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)

S3 NETGEARGenieDaemon; e:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe [232192 2015-06-01] (NETGEAR)

R2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2013-09-13] (arvato digital services llc)

R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [336824 2010-11-30] (arvato digital services llc)

R2 QBCFMonitorService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe [45056 2017-12-12] (Intuit) [File not signed]

S3 QBFCService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe [65536 2015-08-19] (Intuit Inc.) [File not signed]

R2 QBVSS; C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe [1248256 2013-10-01] (Intuit Inc.) [File not signed]

R3 QuickBooksDB23; E:\Program Files (x86)\Intuit\QuickBooks 2013\QBDBMgrN.exe [679936 2016-05-09] (Intuit, Inc.) [File not signed]

R3 QuickBooksDB26; E:\Program Files (x86)\Intuit\QuickBooks 2016\QBDBMgrN.exe [127792 2015-08-19] (Intuit, Inc.) [File not signed]

R2 RealTimes Desktop Service; C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [1115224 2015-06-07] (RealNetworks, Inc.)

R2 RoxioBurnLauncher; E:\Program Files (x86)\Roxio Creator NXT Pro 3\Roxio Burn\RoxioBurnLauncher.exe [535784 2013-10-16] ()

S3 RoxMediaDB15; E:\Program Files (x86)\Roxio Creator NXT Pro 3\Common\RoxMediaDB15.exe [1097928 2014-09-26] (Corel Corporation)

S2 RoxWatch15; E:\Program Files (x86)\Roxio Creator NXT Pro 3\Common\RoxWatch15.exe [342216 2014-09-26] (Corel Corporation)

S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4329952 2017-11-26] (Microsoft Corporation)

R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\NisSrv.exe [356168 2018-01-19] (Microsoft Corporation)

R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MsMpEng.exe [105792 2018-01-19] (Microsoft Corporation)

R2 XeroxPrintJobEventManagerService; C:\Program Files\Xerox\XeroxPrintExperience\CommonFiles\XeroxPrintJobEventManagerService.exe [296800 2017-03-22] (Xerox Corporation)

R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253880 2018-01-24] (Malwarebytes)

R1 MpKsl761a35d5; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A4B95911-7EE7-4C5C-A66B-D43FC09215B4}\MpKsl761a35d5.sys [58120 2018-01-24] (Microsoft Corporation)

R2 NPF; C:\WINDOWS\system32\drivers\npf.sys [35344 2015-12-07] (CACE Technologies, Inc.)

R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_ref_pubwu.inf_amd64_2e7fa54192fe16d0\nvlddmkm.sys [16936048 2017-11-09] (NVIDIA Corporation)

R0 PxHlpa64; C:\WINDOWS\System32\drivers\PxHlpa64.sys [56336 2013-07-19] (Corel Corporation)

R1 RrNetCapFilterDriver; C:\WINDOWS\system32\DRIVERS\RrNetCapFilterDriver.sys [25256 2015-07-29] (Audials AG)

R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2017-09-29] (Realtek )

R0 Sahdad64; C:\WINDOWS\System32\Drivers\Sahdad64.sys [28304 2013-10-16] (Corel Corporation)

R0 Saibad64; C:\WINDOWS\System32\Drivers\Saibad64.sys [20112 2013-10-16] (Corel Corporation)

R1 SaibVdAd64; C:\WINDOWS\System32\Drivers\SaibVdAd64.sys [27792 2013-10-16] (Corel Corporation)

S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46072 2018-01-19] (Microsoft Corporation)

R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [288848 2018-01-19] (Microsoft Corporation)

R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [129616 2018-01-19] (Microsoft Corporation)

R3 WirelessKeyboardFilter; C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys [49896 2016-07-22] (Microsoft Corporation)

U5 REALPLAYERUPDATESVC; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== Three Months Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-01-24 17:16 - 2018-01-24 17:18 - 000265502 _____ C:\TDSSKiller.3.1.0.15_24.01.2018_17.16.56_log.txt

2018-01-24 17:16 - 2018-01-24 17:16 - 000000364 _____ C:\TDSSKiller.3.1.0.9_24.01.2018_17.16.11_log.txt

2018-01-24 16:36 - 2018-01-24 17:39 - 000253880 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys

2018-01-24 16:36 - 2018-01-24 17:39 - 000077432 _____ C:\WINDOWS\system32\Drivers\mbae64.sys

2018-01-24 16:36 - 2018-01-24 16:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes

2018-01-24 16:36 - 2018-01-24 16:36 - 000000000 ____D C:\Program Files\Malwarebytes

2018-01-24 15:35 - 2018-01-25 01:35 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd

2018-01-18 15:39 - 2018-01-18 15:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox

2018-01-18 10:08 - 2018-01-18 10:08 - 000002581 _____ C:\Users\garyh\Desktop\Grammarly.lnk

2018-01-18 10:08 - 2018-01-18 10:08 - 000000000 ____D C:\Users\garyh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Grammarly

2018-01-18 10:08 - 2018-01-18 10:08 - 000000000 ____D C:\Users\garyh\AppData\Roaming\Grammarly

2018-01-18 10:08 - 2018-01-18 10:08 - 000000000 ____D C:\Users\garyh\AppData\Local\SquirrelTemp

2018-01-18 10:08 - 2018-01-18 10:08 - 000000000 ____D C:\Users\garyh\AppData\Local\GrammarlyForWindows

2018-01-17 01:26 - 2018-01-17 01:26 - 000051016 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe

2018-01-17 01:26 - 2018-01-17 01:26 - 000045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys

2018-01-17 01:26 - 2018-01-17 01:26 - 000045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys

2018-01-17 01:26 - 2018-01-17 01:26 - 000045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys

2018-01-07 12:54 - 2018-01-07 12:54 - 000002527 _____ C:\Users\Public\Desktop\TurboTax Business 2017.lnk

2018-01-07 12:54 - 2018-01-07 12:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TurboTax Business 2017

2018-01-05 14:33 - 2018-01-05 14:33 - 000001635 _____ C:\Users\Public\Desktop\iTunes.lnk

2018-01-05 14:33 - 2018-01-05 14:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

2018-01-05 14:33 - 2018-01-05 14:33 - 000000000 ____D C:\Program Files\iPod

2018-01-05 10:20 - 2018-01-01 09:15 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe

2018-01-05 10:20 - 2018-01-01 04:54 - 000924648 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe

2018-01-05 10:20 - 2018-01-01 04:53 - 001090984 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi

2018-01-05 10:20 - 2018-01-01 04:52 - 000066712 _____ (Microsoft Corporation) C:\WINDOWS\system32\iumcrypt.dll

2018-01-05 10:20 - 2018-01-01 04:51 - 001414784 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi

2018-01-05 10:20 - 2018-01-01 04:51 - 001209240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe

2018-01-05 10:20 - 2018-01-01 04:51 - 001055128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe

2018-01-05 10:20 - 2018-01-01 04:51 - 000191816 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll

2018-01-05 10:20 - 2018-01-01 04:51 - 000059800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bam.sys

2018-01-05 10:20 - 2018-01-01 04:50 - 005905752 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll

2018-01-05 10:20 - 2018-01-01 04:50 - 000780464 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe

2018-01-05 10:20 - 2018-01-01 04:50 - 000479912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll

2018-01-05 10:20 - 2018-01-01 04:50 - 000077208 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll

2018-01-05 10:20 - 2018-01-01 04:49 - 008605080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe

2018-01-05 10:20 - 2018-01-01 04:49 - 000599448 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe

2018-01-05 10:20 - 2018-01-01 04:49 - 000319352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll

2018-01-05 10:20 - 2018-01-01 04:49 - 000292376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll

2018-01-05 10:20 - 2018-01-01 04:48 - 007831760 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll

2018-01-05 10:20 - 2018-01-01 04:48 - 001954048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll

2018-01-05 10:20 - 2018-01-01 04:48 - 000382360 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll

2018-01-05 10:20 - 2018-01-01 04:47 - 000649304 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll

2018-01-05 10:20 - 2018-01-01 04:47 - 000082840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys

2018-01-05 10:20 - 2018-01-01 04:46 - 002709704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll

2018-01-05 10:20 - 2018-01-01 04:46 - 000898216 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll

2018-01-05 10:20 - 2018-01-01 04:46 - 000733592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys

2018-01-05 10:20 - 2018-01-01 04:46 - 000471960 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll

2018-01-05 10:20 - 2018-01-01 04:45 - 002395032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys

2018-01-05 10:20 - 2018-01-01 04:45 - 001277848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys

2018-01-05 10:20 - 2018-01-01 04:45 - 000398744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys

2018-01-05 10:20 - 2018-01-01 04:43 - 001173576 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll

2018-01-05 10:20 - 2018-01-01 04:43 - 000367336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll

2018-01-05 10:20 - 2018-01-01 04:43 - 000062872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fsdepends.sys

2018-01-05 10:20 - 2018-01-01 04:42 - 001029016 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll

2018-01-05 10:20 - 2018-01-01 04:42 - 000571288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys

2018-01-05 10:20 - 2018-01-01 04:42 - 000494488 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll

2018-01-05 10:20 - 2018-01-01 04:42 - 000184984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll

2018-01-05 10:20 - 2018-01-01 04:42 - 000109976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys

2018-01-05 10:20 - 2018-01-01 04:41 - 007676296 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll

2018-01-05 10:20 - 2018-01-01 04:41 - 000559512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys

2018-01-05 10:20 - 2018-01-01 04:41 - 000549552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll

2018-01-05 10:20 - 2018-01-01 04:40 - 001206680 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe

2018-01-05 10:20 - 2018-01-01 04:39 - 000902416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll

2018-01-05 10:20 - 2018-01-01 04:39 - 000677784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys

2018-01-05 10:20 - 2018-01-01 04:39 - 000508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe

2018-01-05 10:20 - 2018-01-01 04:39 - 000362904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys

2018-01-05 10:20 - 2018-01-01 04:39 - 000129432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvsocket.sys

2018-01-05 10:20 - 2018-01-01 04:38 - 003904808 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe

2018-01-05 10:20 - 2018-01-01 04:38 - 000727448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys

2018-01-05 10:20 - 2018-01-01 04:38 - 000519152 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe

2018-01-05 10:20 - 2018-01-01 04:38 - 000103320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys

2018-01-05 10:20 - 2018-01-01 04:38 - 000038808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Diskdump.sys

2018-01-05 10:20 - 2018-01-01 04:37 - 001426664 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll

2018-01-05 10:20 - 2018-01-01 04:37 - 000461720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe

2018-01-05 10:20 - 2018-01-01 04:36 - 000413888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll

2018-01-05 10:20 - 2018-01-01 04:36 - 000374032 _____ (Microsoft Corporation) C:\WINDOWS\system32\vac.exe

2018-01-05 10:20 - 2018-01-01 04:36 - 000166296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys

2018-01-05 10:20 - 2018-01-01 04:36 - 000113560 _____ (Microsoft Corporation) C:\WINDOWS\system32\icfupgd.dll

2018-01-05 10:20 - 2018-01-01 04:36 - 000057752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbios.sys

2018-01-05 10:20 - 2018-01-01 04:35 - 001170008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll

2018-01-05 10:20 - 2018-01-01 04:35 - 000075160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll

2018-01-05 10:20 - 2018-01-01 04:34 - 007385088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll

2018-01-05 10:20 - 2018-01-01 04:34 - 001336344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll

2018-01-05 10:20 - 2018-01-01 04:34 - 000260896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll

2018-01-05 10:20 - 2018-01-01 04:34 - 000087384 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll

2018-01-05 10:20 - 2018-01-01 04:33 - 002773400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys

2018-01-05 10:20 - 2018-01-01 04:33 - 000603920 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe

2018-01-05 10:20 - 2018-01-01 04:32 - 004481240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll

2018-01-05 10:20 - 2018-01-01 04:32 - 000617304 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll

2018-01-05 10:20 - 2018-01-01 04:27 - 000713624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys

2018-01-05 10:20 - 2018-01-01 04:27 - 000163736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys

2018-01-05 10:20 - 2018-01-01 04:26 - 000428952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys

2018-01-05 10:20 - 2018-01-01 04:26 - 000081304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys

2018-01-05 10:20 - 2018-01-01 04:25 - 000615768 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe

2018-01-05 10:20 - 2018-01-01 04:25 - 000147864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys

2018-01-05 10:20 - 2018-01-01 04:23 - 021352144 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll

2018-01-05 10:20 - 2018-01-01 04:21 - 001103768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys

2018-01-05 10:20 - 2018-01-01 04:21 - 000614296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys

2018-01-05 10:20 - 2018-01-01 04:06 - 000311192 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll

2018-01-05 10:20 - 2018-01-01 04:03 - 000777904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll

2018-01-05 10:20 - 2018-01-01 04:03 - 000650328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe

2018-01-05 10:20 - 2018-01-01 04:03 - 000566664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll

2018-01-05 10:20 - 2018-01-01 04:03 - 000123512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll

2018-01-05 10:20 - 2018-01-01 03:53 - 001615712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll

2018-01-05 10:20 - 2018-01-01 03:49 - 000481464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll

2018-01-05 10:20 - 2018-01-01 03:49 - 000258808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll

2018-01-05 10:20 - 2018-01-01 03:46 - 003485392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe

2018-01-05 10:20 - 2018-01-01 03:46 - 000289816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll

2018-01-05 10:20 - 2018-01-01 03:45 - 006092152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll

2018-01-05 10:20 - 2018-01-01 03:45 - 005615968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll

2018-01-05 10:20 - 2018-01-01 03:45 - 002192624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll

2018-01-05 10:20 - 2018-01-01 03:45 - 000450928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll

2018-01-05 10:20 - 2018-01-01 03:43 - 020286120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll

2018-01-05 10:20 - 2018-01-01 03:42 - 006479552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll

2018-01-05 10:20 - 2018-01-01 03:42 - 004644912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll

2018-01-05 10:20 - 2018-01-01 03:42 - 001246432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll

2018-01-05 10:20 - 2018-01-01 03:42 - 001003152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll

2018-01-05 10:20 - 2018-01-01 03:42 - 000982528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll

2018-01-05 10:20 - 2018-01-01 03:42 - 000386424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll

2018-01-05 10:20 - 2018-01-01 03:42 - 000129184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll

2018-01-05 10:20 - 2018-01-01 03:42 - 000074992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll

2018-01-05 10:20 - 2018-01-01 03:37 - 025247232 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll

2018-01-05 10:20 - 2018-01-01 03:34 - 000703568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll

2018-01-05 10:20 - 2018-01-01 03:25 - 002905600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys

2018-01-05 10:20 - 2018-01-01 03:25 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll

2018-01-05 10:20 - 2018-01-01 03:25 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll

2018-01-05 10:20 - 2018-01-01 03:25 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll

2018-01-05 10:20 - 2018-01-01 03:25 - 000097792 _____ C:\WINDOWS\system32\runexehelper.exe

2018-01-05 10:20 - 2018-01-01 03:24 - 003668480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys

2018-01-05 10:20 - 2018-01-01 03:24 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboutSettingsHandlers.dll

2018-01-05 10:20 - 2018-01-01 03:24 - 000202240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll

2018-01-05 10:20 - 2018-01-01 03:24 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll

2018-01-05 10:20 - 2018-01-01 03:24 - 000038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll

2018-01-05 10:20 - 2018-01-01 03:23 - 001313792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll

2018-01-05 10:20 - 2018-01-01 03:23 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll

2018-01-05 10:20 - 2018-01-01 03:23 - 000536576 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll

2018-01-05 10:20 - 2018-01-01 03:23 - 000385024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys

2018-01-05 10:20 - 2018-01-01 03:23 - 000250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll

2018-01-05 10:20 - 2018-01-01 03:23 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\convertvhd.exe

2018-01-05 10:20 - 2018-01-01 03:23 - 000121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll

2018-01-05 10:20 - 2018-01-01 03:23 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys

2018-01-05 10:20 - 2018-01-01 03:23 - 000047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll

2018-01-05 10:20 - 2018-01-01 03:22 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rfxvmt.dll

2018-01-05 10:20 - 2018-01-01 03:22 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll

2018-01-05 10:20 - 2018-01-01 03:22 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Dumpstorport.sys

2018-01-05 10:20 - 2018-01-01 03:22 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\VmApplicationHealthMonitorProxy.dll

2018-01-05 10:20 - 2018-01-01 03:21 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll

2018-01-05 10:20 - 2018-01-01 03:21 - 000233984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppLockerCSP.dll

2018-01-05 10:20 - 2018-01-01 03:21 - 000192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys

2018-01-05 10:20 - 2018-01-01 03:21 - 000176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys

glhglh · Jan 25, 2018

Frst 2:

2018-01-05 10:20 - 2018-01-01 03:21 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll

2018-01-05 10:20 - 2018-01-01 03:21 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WcnApi.dll

2018-01-05 10:20 - 2018-01-01 03:21 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\raspptp.sys

2018-01-05 10:20 - 2018-01-01 03:21 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys

2018-01-05 10:20 - 2018-01-01 03:21 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys

2018-01-05 10:20 - 2018-01-01 03:21 - 000040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rfxvmt.dll

2018-01-05 10:20 - 2018-01-01 03:20 - 019337216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll

2018-01-05 10:20 - 2018-01-01 03:20 - 018917888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll

2018-01-05 10:20 - 2018-01-01 03:20 - 000524288 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll

2018-01-05 10:20 - 2018-01-01 03:20 - 000459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll

2018-01-05 10:20 - 2018-01-01 03:20 - 000397824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll

2018-01-05 10:20 - 2018-01-01 03:20 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys

2018-01-05 10:20 - 2018-01-01 03:20 - 000215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll

2018-01-05 10:20 - 2018-01-01 03:20 - 000212992 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll

2018-01-05 10:20 - 2018-01-01 03:20 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll

2018-01-05 10:20 - 2018-01-01 03:20 - 000186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll

2018-01-05 10:20 - 2018-01-01 03:20 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll

2018-01-05 10:20 - 2018-01-01 03:20 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnApi.dll

2018-01-05 10:20 - 2018-01-01 03:20 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll

2018-01-05 10:20 - 2018-01-01 03:20 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasauto.dll

2018-01-05 10:20 - 2018-01-01 03:20 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardDlg.dll

2018-01-05 10:20 - 2018-01-01 03:20 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\RfxVmt.sys

2018-01-05 10:20 - 2018-01-01 03:20 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshhttp.dll

2018-01-05 10:20 - 2018-01-01 03:19 - 008014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll

2018-01-05 10:20 - 2018-01-01 03:19 - 000795136 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalAuth.dll

2018-01-05 10:20 - 2018-01-01 03:19 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll

2018-01-05 10:20 - 2018-01-01 03:19 - 000461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll

2018-01-05 10:20 - 2018-01-01 03:19 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll

2018-01-05 10:20 - 2018-01-01 03:19 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll

2018-01-05 10:20 - 2018-01-01 03:19 - 000416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec

2018-01-05 10:20 - 2018-01-01 03:19 - 000369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll

2018-01-05 10:20 - 2018-01-01 03:19 - 000366080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll

2018-01-05 10:20 - 2018-01-01 03:19 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll

2018-01-05 10:20 - 2018-01-01 03:19 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec

2018-01-05 10:20 - 2018-01-01 03:19 - 000334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll

2018-01-05 10:20 - 2018-01-01 03:19 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys

2018-01-05 10:20 - 2018-01-01 03:19 - 000188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll

2018-01-05 10:20 - 2018-01-01 03:19 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\P2P.dll

2018-01-05 10:20 - 2018-01-01 03:19 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll

2018-01-05 10:20 - 2018-01-01 03:19 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll

2018-01-05 10:20 - 2018-01-01 03:19 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msoert2.dll

2018-01-05 10:20 - 2018-01-01 03:19 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll

2018-01-05 10:20 - 2018-01-01 03:19 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll

2018-01-05 10:20 - 2018-01-01 03:19 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe

2018-01-05 10:20 - 2018-01-01 03:19 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlaapi.dll

2018-01-05 10:20 - 2018-01-01 03:19 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshhttp.dll

2018-01-05 10:20 - 2018-01-01 03:18 - 000748032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll

2018-01-05 10:20 - 2018-01-01 03:18 - 000699904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll

2018-01-05 10:20 - 2018-01-01 03:18 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll

2018-01-05 10:20 - 2018-01-01 03:18 - 000465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcncsvc.dll

2018-01-05 10:20 - 2018-01-01 03:18 - 000436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll

2018-01-05 10:20 - 2018-01-01 03:18 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll

2018-01-05 10:20 - 2018-01-01 03:18 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll

2018-01-05 10:20 - 2018-01-01 03:18 - 000427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll

2018-01-05 10:20 - 2018-01-01 03:18 - 000425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmrdvcore.dll

2018-01-05 10:20 - 2018-01-01 03:18 - 000391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll

2018-01-05 10:20 - 2018-01-01 03:18 - 000380928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EncDec.dll

2018-01-05 10:20 - 2018-01-01 03:18 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll

2018-01-05 10:20 - 2018-01-01 03:18 - 000369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\APHostService.dll

2018-01-05 10:20 - 2018-01-01 03:18 - 000343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll

2018-01-05 10:20 - 2018-01-01 03:18 - 000336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppLockerCSP.dll

2018-01-05 10:20 - 2018-01-01 03:18 - 000276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll

2018-01-05 10:20 - 2018-01-01 03:18 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll

2018-01-05 10:20 - 2018-01-01 03:18 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardSvr.dll

2018-01-05 10:20 - 2018-01-01 03:18 - 000210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\P2P.dll

2018-01-05 10:20 - 2018-01-01 03:18 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll

2018-01-05 10:20 - 2018-01-01 03:18 - 000082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll

2018-01-05 10:20 - 2018-01-01 03:17 - 011923968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll

2018-01-05 10:20 - 2018-01-01 03:17 - 006564864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll

2018-01-05 10:20 - 2018-01-01 03:17 - 001485312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll

2018-01-05 10:20 - 2018-01-01 03:17 - 000791552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll

2018-01-05 10:20 - 2018-01-01 03:17 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll

2018-01-05 10:20 - 2018-01-01 03:17 - 000616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll

2018-01-05 10:20 - 2018-01-01 03:17 - 000594432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll

2018-01-05 10:20 - 2018-01-01 03:17 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll

2018-01-05 10:20 - 2018-01-01 03:17 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll

2018-01-05 10:20 - 2018-01-01 03:17 - 000555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll

2018-01-05 10:20 - 2018-01-01 03:17 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll

2018-01-05 10:20 - 2018-01-01 03:17 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll

2018-01-05 10:20 - 2018-01-01 03:17 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\system32\p2psvc.dll

2018-01-05 10:20 - 2018-01-01 03:17 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll

2018-01-05 10:20 - 2018-01-01 03:17 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe

2018-01-05 10:20 - 2018-01-01 03:17 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msoert2.dll

2018-01-05 10:20 - 2018-01-01 03:16 - 005833216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll

2018-01-05 10:20 - 2018-01-01 03:16 - 004839424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll

2018-01-05 10:20 - 2018-01-01 03:16 - 003676672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll

2018-01-05 10:20 - 2018-01-01 03:16 - 000966656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll

2018-01-05 10:20 - 2018-01-01 03:16 - 000956928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll

2018-01-05 10:20 - 2018-01-01 03:16 - 000831488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll

2018-01-05 10:20 - 2018-01-01 03:16 - 000815616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll

2018-01-05 10:20 - 2018-01-01 03:16 - 000812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll

2018-01-05 10:20 - 2018-01-01 03:16 - 000720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll

2018-01-05 10:20 - 2018-01-01 03:16 - 000668160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll

2018-01-05 10:20 - 2018-01-01 03:16 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll

2018-01-05 10:20 - 2018-01-01 03:16 - 000624128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll

2018-01-05 10:20 - 2018-01-01 03:16 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll

2018-01-05 10:20 - 2018-01-01 03:16 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll

2018-01-05 10:20 - 2018-01-01 03:16 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll

2018-01-05 10:20 - 2018-01-01 03:16 - 000235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll

2018-01-05 10:20 - 2018-01-01 03:16 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll

2018-01-05 10:20 - 2018-01-01 03:16 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll

2018-01-05 10:20 - 2018-01-01 03:15 - 012687872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll

2018-01-05 10:20 - 2018-01-01 03:15 - 006029312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll

2018-01-05 10:20 - 2018-01-01 03:15 - 002349568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll

2018-01-05 10:20 - 2018-01-01 03:15 - 001657856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll

2018-01-05 10:20 - 2018-01-01 03:15 - 001381888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll

2018-01-05 10:20 - 2018-01-01 03:15 - 001245184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll

2018-01-05 10:20 - 2018-01-01 03:15 - 000970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll

2018-01-05 10:20 - 2018-01-01 03:15 - 000951808 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll

2018-01-05 10:20 - 2018-01-01 03:15 - 000756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll

2018-01-05 10:20 - 2018-01-01 03:15 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll

2018-01-05 10:20 - 2018-01-01 03:15 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDec.dll

2018-01-05 10:20 - 2018-01-01 03:15 - 000366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll

2018-01-05 10:20 - 2018-01-01 03:15 - 000258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll

2018-01-05 10:20 - 2018-01-01 03:14 - 023655936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

2018-01-05 10:20 - 2018-01-01 03:14 - 002465280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll

2018-01-05 10:20 - 2018-01-01 03:14 - 001495040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll

2018-01-05 10:20 - 2018-01-01 03:14 - 001097728 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll

2018-01-05 10:20 - 2018-01-01 03:14 - 001003008 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll

2018-01-05 10:20 - 2018-01-01 03:14 - 000985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll

2018-01-05 10:20 - 2018-01-01 03:14 - 000917504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll

2018-01-05 10:20 - 2018-01-01 03:14 - 000870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll

2018-01-05 10:20 - 2018-01-01 03:13 - 013657600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll

2018-01-05 10:20 - 2018-01-01 03:13 - 012830208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll

2018-01-05 10:20 - 2018-01-01 03:13 - 003121664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll

2018-01-05 10:20 - 2018-01-01 03:13 - 002869760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll

2018-01-05 10:20 - 2018-01-01 03:13 - 002013184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl

2018-01-05 10:20 - 2018-01-01 03:13 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll

2018-01-05 10:20 - 2018-01-01 03:13 - 001474560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll

2018-01-05 10:20 - 2018-01-01 03:13 - 000897024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll

2018-01-05 10:20 - 2018-01-01 03:12 - 002633216 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll

2018-01-05 10:20 - 2018-01-01 03:12 - 002208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll

2018-01-05 10:20 - 2018-01-01 03:12 - 001573376 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll

2018-01-05 10:20 - 2018-01-01 03:12 - 001547776 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll

2018-01-05 10:20 - 2018-01-01 03:12 - 001424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll

2018-01-05 10:20 - 2018-01-01 03:12 - 000760320 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe

2018-01-05 10:20 - 2018-01-01 03:12 - 000464384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll

2018-01-05 10:20 - 2018-01-01 03:11 - 008108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll

2018-01-05 10:20 - 2018-01-01 03:11 - 004748288 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll

2018-01-05 10:20 - 2018-01-01 03:11 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll

2018-01-05 10:20 - 2018-01-01 03:11 - 003165696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll

2018-01-05 10:20 - 2018-01-01 03:11 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll

2018-01-05 10:20 - 2018-01-01 03:11 - 002082304 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl

2018-01-05 10:20 - 2018-01-01 03:11 - 001955328 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistSvc.dll

2018-01-05 10:20 - 2018-01-01 03:11 - 001822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll

2018-01-05 10:20 - 2018-01-01 03:11 - 001816576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll

2018-01-05 10:20 - 2018-01-01 03:11 - 001597952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll

2018-01-05 10:20 - 2018-01-01 03:11 - 001343488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll

2018-01-05 10:20 - 2018-01-01 03:11 - 001231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll

2018-01-05 10:20 - 2018-01-01 03:11 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll

2018-01-05 10:20 - 2018-01-01 03:11 - 000812032 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll

2018-01-05 10:20 - 2018-01-01 03:11 - 000715776 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe

2018-01-05 10:20 - 2018-01-01 03:10 - 003126272 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll

2018-01-05 10:20 - 2018-01-01 03:10 - 002528256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll

2018-01-05 10:20 - 2018-01-01 03:10 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscproxystub.dll

2018-01-05 10:20 - 2018-01-01 03:09 - 001487872 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll

2018-01-05 10:20 - 2018-01-01 03:09 - 000925184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll

2018-01-05 10:20 - 2018-01-01 03:09 - 000666624 _____ (Microsoft Corporation) C:\WINDOWS\system32\DbgModel.dll

2018-01-05 10:20 - 2018-01-01 03:09 - 000599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll

2018-01-05 10:20 - 2018-01-01 03:08 - 000963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll

2018-01-05 10:20 - 2018-01-01 03:08 - 000726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys

2018-01-05 10:20 - 2018-01-01 03:08 - 000685056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll

2018-01-05 10:20 - 2018-01-01 03:08 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll

2018-01-05 10:20 - 2018-01-01 03:08 - 000424448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys

2018-01-05 10:20 - 2018-01-01 03:06 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscproxystub.dll

2018-01-05 10:20 - 2018-01-01 03:05 - 002510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll

2018-01-05 10:20 - 2018-01-01 03:05 - 001160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll

2018-01-05 10:20 - 2018-01-01 03:05 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe

2017-12-15 13:05 - 2017-12-15 13:05 - 000000649 _____ C:\Users\Public\Desktop\Audials 2017.lnk

2017-12-15 13:05 - 2017-12-15 13:05 - 000000649 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audials 2017.lnk

2017-12-12 20:13 - 2017-12-22 05:45 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe

2017-12-12 20:13 - 2017-12-22 05:45 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

2017-12-12 19:17 - 2017-12-07 22:52 - 000666112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll

2017-12-12 19:17 - 2017-12-07 15:34 - 001925296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll

2017-12-12 19:17 - 2017-12-07 15:34 - 001634288 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll

2017-12-12 19:17 - 2017-12-07 15:28 - 000710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll

2017-12-12 19:17 - 2017-12-07 15:28 - 000630752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcrt.dll

2017-12-12 19:17 - 2017-12-07 15:27 - 004504456 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe

2017-12-12 19:17 - 2017-12-07 15:26 - 000525208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe

2017-12-12 19:17 - 2017-12-07 15:24 - 000705944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll

2017-12-12 19:17 - 2017-12-07 15:24 - 000437144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS

2017-12-12 19:17 - 2017-12-07 15:24 - 000246168 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll

2017-12-12 19:17 - 2017-12-07 15:22 - 001003104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll

2017-12-12 19:17 - 2017-12-07 15:22 - 000979352 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll

2017-12-12 19:17 - 2017-12-07 15:22 - 000137544 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll

2017-12-12 19:17 - 2017-12-07 15:16 - 001776272 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll

2017-12-12 19:17 - 2017-12-07 15:15 - 000721592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll

2017-12-12 19:17 - 2017-12-07 15:12 - 000401304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys

2017-12-12 19:17 - 2017-12-07 14:56 - 001528904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll

2017-12-12 19:17 - 2017-12-07 14:55 - 001490328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll

2017-12-12 19:17 - 2017-12-07 14:55 - 000097144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll

2017-12-12 19:17 - 2017-12-07 14:37 - 001145104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll

2017-12-12 19:17 - 2017-12-07 14:36 - 000769096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcrt.dll

2017-12-12 19:17 - 2017-12-07 14:33 - 000747416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll

2017-12-12 19:17 - 2017-12-07 14:33 - 000592280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll

2017-12-12 19:17 - 2017-12-07 14:31 - 001522176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll

2017-12-12 19:17 - 2017-12-07 14:29 - 000047000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KeyboardFilterShim.dll

2017-12-12 19:17 - 2017-12-07 14:12 - 000101376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscript.ocx

2017-12-12 19:17 - 2017-12-07 14:10 - 006466048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll

2017-12-12 19:17 - 2017-12-07 14:10 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll

2017-12-12 19:17 - 2017-12-07 14:10 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll

2017-12-12 19:17 - 2017-12-07 14:09 - 001663488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\batmeter.dll

2017-12-12 19:17 - 2017-12-07 14:09 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll

2017-12-12 19:17 - 2017-12-07 14:09 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscript.exe

2017-12-12 19:17 - 2017-12-07 14:09 - 000143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscript.exe

2017-12-12 19:17 - 2017-12-07 14:09 - 000136704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gamingtcui.dll

2017-12-12 19:17 - 2017-12-07 14:08 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll

2017-12-12 19:17 - 2017-12-07 14:08 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrobj.dll

2017-12-12 19:17 - 2017-12-07 14:08 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll

2017-12-12 19:17 - 2017-12-07 14:07 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\PushToInstall.dll

2017-12-12 19:17 - 2017-12-07 14:07 - 000246272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll

2017-12-12 19:17 - 2017-12-07 14:07 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll

2017-12-12 19:17 - 2017-12-07 14:07 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe

2017-12-12 19:17 - 2017-12-07 14:06 - 000676352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll

2017-12-12 19:17 - 2017-12-07 14:06 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcui.dll

2017-12-12 19:17 - 2017-12-07 14:06 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscript.exe

2017-12-12 19:17 - 2017-12-07 14:05 - 001670656 _____ (Microsoft Corporation) C:\WINDOWS\system32\batmeter.dll

2017-12-12 19:17 - 2017-12-07 14:05 - 000559616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll

2017-12-12 19:17 - 2017-12-07 14:05 - 000539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll

2017-12-12 19:17 - 2017-12-07 14:05 - 000481792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll

2017-12-12 19:17 - 2017-12-07 14:05 - 000363008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll

2017-12-12 19:17 - 2017-12-07 14:05 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll

2017-12-12 19:17 - 2017-12-07 14:05 - 000222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrobj.dll

2017-12-12 19:17 - 2017-12-07 14:05 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscript.exe

2017-12-12 19:17 - 2017-12-07 14:05 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll

2017-12-12 19:17 - 2017-12-07 14:04 - 001498112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll

2017-12-12 19:17 - 2017-12-07 14:04 - 001321472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll

2017-12-12 19:17 - 2017-12-07 14:03 - 001230848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll

2017-12-12 19:17 - 2017-12-07 14:03 - 000841728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll

2017-12-12 19:17 - 2017-12-07 14:03 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll

2017-12-12 19:17 - 2017-12-07 14:03 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll

2017-12-12 19:17 - 2017-12-07 14:03 - 000085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\hascsp.dll

2017-12-12 19:17 - 2017-12-07 14:02 - 007545344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll

2017-12-12 19:17 - 2017-12-07 14:02 - 002864640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll

2017-12-12 19:17 - 2017-12-07 14:02 - 002117632 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll

2017-12-12 19:17 - 2017-12-07 14:02 - 000496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll

2017-12-12 19:17 - 2017-12-07 14:01 - 004592640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll

2017-12-12 19:17 - 2017-12-07 14:01 - 001980928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll

2017-12-12 19:17 - 2017-12-07 14:01 - 000601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll

2017-12-12 19:17 - 2017-12-07 14:01 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll

2017-12-12 19:17 - 2017-12-07 14:00 - 001509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll

2017-12-12 19:17 - 2017-12-07 13:59 - 002105856 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys

2017-12-12 19:17 - 2017-12-07 13:59 - 001666048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll

2017-12-12 19:17 - 2017-12-07 13:59 - 001058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll

2017-12-12 19:17 - 2017-12-07 13:58 - 003478016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll

2017-12-12 19:17 - 2017-12-07 13:58 - 003211776 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll

2017-12-12 19:17 - 2017-12-07 13:58 - 001353728 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll

2017-12-12 19:17 - 2017-12-07 13:56 - 002666496 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll

2017-12-12 19:17 - 2017-12-07 13:56 - 001739264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll

2017-12-12 19:17 - 2017-12-07 13:54 - 001570816 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe

2017-12-12 19:17 - 2017-11-26 12:35 - 017084416 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll

2017-12-12 19:17 - 2017-11-26 12:32 - 021754368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll

2017-12-12 19:17 - 2017-11-26 12:15 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll

2017-12-12 19:17 - 2017-11-26 08:43 - 000618496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll

2017-12-12 19:17 - 2017-11-26 05:45 - 001642520 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll

2017-12-12 19:17 - 2017-11-26 05:45 - 000264040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe

2017-12-12 19:17 - 2017-11-26 05:45 - 000198888 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll

2017-12-12 19:17 - 2017-11-26 05:41 - 000285080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys

2017-12-12 19:17 - 2017-11-26 05:38 - 001636376 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll

2017-12-12 19:17 - 2017-11-26 05:32 - 000373656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys

2017-12-12 19:17 - 2017-11-26 05:31 - 000187288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys

2017-12-12 19:17 - 2017-11-26 05:30 - 001488792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll

2017-12-12 19:17 - 2017-11-26 05:29 - 003010720 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll

2017-12-12 19:17 - 2017-11-26 05:29 - 002573208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys

2017-12-12 19:17 - 2017-11-26 05:29 - 000891800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe

2017-12-12 19:17 - 2017-11-26 05:29 - 000840440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Perception.Stub.dll

2017-12-12 19:17 - 2017-11-26 05:29 - 000749976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys

2017-12-12 19:17 - 2017-11-26 05:29 - 000703536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll

2017-12-12 19:17 - 2017-11-26 05:29 - 000436120 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll

2017-12-12 19:17 - 2017-11-26 05:28 - 001259344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll

2017-12-12 19:17 - 2017-11-26 05:28 - 001012120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Services.TargetedContent.dll

2017-12-12 19:17 - 2017-11-26 05:28 - 000495000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys

2017-12-12 19:17 - 2017-11-26 05:28 - 000149400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys

2017-12-12 19:17 - 2017-11-26 05:27 - 002446744 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll

2017-12-12 19:17 - 2017-11-26 05:27 - 002412168 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll

2017-12-12 19:17 - 2017-11-26 05:27 - 000464408 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll

2017-12-12 19:17 - 2017-11-26 05:27 - 000230296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys

2017-12-12 19:17 - 2017-11-26 05:26 - 000048112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe

2017-12-12 19:17 - 2017-11-26 05:23 - 001694224 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll

2017-12-12 19:17 - 2017-11-26 05:23 - 001054280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll

2017-12-12 19:17 - 2017-11-26 05:23 - 000754688 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll

2017-12-12 19:17 - 2017-11-26 05:22 - 000404888 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll

2017-12-12 19:17 - 2017-11-26 05:21 - 002220952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll

2017-12-12 19:17 - 2017-11-26 05:21 - 001778584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll

2017-12-12 19:17 - 2017-11-26 05:21 - 001628056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll

2017-12-12 19:17 - 2017-11-26 05:21 - 001585376 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll

2017-12-12 19:17 - 2017-11-26 05:21 - 001420696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll

2017-12-12 19:17 - 2017-11-26 05:21 - 000831384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll

2017-12-12 19:17 - 2017-11-26 05:21 - 000819096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe

2017-12-12 19:17 - 2017-11-26 05:21 - 000813976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll

2017-12-12 19:17 - 2017-11-26 05:21 - 000744856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll

2017-12-12 19:17 - 2017-11-26 05:21 - 000669592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll

2017-12-12 19:17 - 2017-11-26 05:21 - 000654048 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll

2017-12-12 19:17 - 2017-11-26 05:21 - 000645528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll

2017-12-12 19:17 - 2017-11-26 04:57 - 001664000 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll

2017-12-12 19:17 - 2017-11-26 04:55 - 001289216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll

2017-12-12 19:17 - 2017-11-26 04:55 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll

2017-12-12 19:17 - 2017-11-26 04:55 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll

2017-12-12 19:17 - 2017-11-26 04:55 - 000211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe

2017-12-12 19:17 - 2017-11-26 04:55 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll

2017-12-12 19:17 - 2017-11-26 04:55 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceUpdateAgent.dll

2017-12-12 19:17 - 2017-11-26 04:54 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe

2017-12-12 19:17 - 2017-11-26 04:54 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll

2017-12-12 19:17 - 2017-11-26 04:47 - 002890240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll

2017-12-12 19:17 - 2017-11-26 04:43 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll

2017-12-12 19:17 - 2017-11-26 04:36 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll

2017-12-12 19:17 - 2017-11-26 04:36 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SIUF.dll

2017-12-12 19:17 - 2017-11-26 04:36 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys

2017-12-12 19:17 - 2017-11-26 04:35 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ContentDeliveryManager.dll

2017-12-12 19:17 - 2017-11-26 04:35 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll

2017-12-12 19:17 - 2017-11-26 04:34 - 000126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll

2017-12-12 19:17 - 2017-11-26 04:33 - 000361984 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatializerApo.dll

glhglh · Jan 25, 2018

Frst 3:

2017-12-12 19:17 - 2017-11-26 04:31 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys

2017-12-12 19:17 - 2017-11-26 04:31 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll

2017-12-12 19:17 - 2017-11-26 04:29 - 000474112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DictationManager.dll

2017-12-12 19:17 - 2017-11-26 04:29 - 000238080 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupManager.dll

2017-12-12 19:17 - 2017-11-26 04:28 - 000394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys

2017-12-12 19:17 - 2017-11-26 04:26 - 000830464 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9on12.dll

2017-12-12 19:17 - 2017-11-26 04:26 - 000770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys

2017-12-12 19:17 - 2017-11-26 04:26 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll

2017-12-12 19:17 - 2017-11-26 04:25 - 001425408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll

2017-12-12 19:17 - 2017-11-26 04:25 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll

2017-12-12 19:17 - 2017-11-26 04:25 - 000354304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll

2017-12-12 19:17 - 2017-11-26 04:25 - 000292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExecModelClient.dll

2017-12-12 19:17 - 2017-11-26 04:25 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe

2017-12-12 19:17 - 2017-11-26 04:19 - 001167360 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll

2017-12-12 19:17 - 2017-11-26 04:19 - 000887296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll

2017-12-12 19:17 - 2017-11-26 04:19 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadjcsp.dll

2017-12-12 19:17 - 2017-11-26 04:18 - 003186688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll

2017-12-12 19:17 - 2017-11-26 04:18 - 000556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll

2017-12-12 19:17 - 2017-11-26 04:17 - 001054720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll

2017-12-12 19:17 - 2017-11-26 04:08 - 017159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll

2017-12-12 19:17 - 2017-11-26 04:05 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll

2017-12-12 19:17 - 2017-11-26 04:04 - 003578368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll

2017-12-12 19:17 - 2017-11-26 04:04 - 002596352 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe

2017-12-12 19:17 - 2017-11-26 04:03 - 004772352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll

2017-12-12 19:17 - 2017-11-26 04:03 - 002783744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll

2017-12-12 19:17 - 2017-11-26 04:00 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll

2017-12-12 19:17 - 2017-11-26 03:59 - 004814848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll

2017-12-12 19:17 - 2017-11-26 03:59 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys

2017-12-12 19:17 - 2017-11-26 03:58 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll

2017-12-12 19:17 - 2017-11-26 03:48 - 000534528 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll

2017-12-12 19:17 - 2017-11-26 03:48 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\acppage.dll

2017-12-12 19:17 - 2017-11-26 03:21 - 001474680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll

2017-12-12 19:17 - 2017-11-26 03:21 - 001432816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll

2017-12-12 19:17 - 2017-11-26 03:02 - 001124760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll

2017-12-12 19:17 - 2017-11-26 03:01 - 002339296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll

2017-12-12 19:17 - 2017-11-26 03:01 - 000791960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe

2017-12-12 19:17 - 2017-11-26 03:01 - 000746904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Services.TargetedContent.dll

2017-12-12 19:17 - 2017-11-26 03:01 - 000590944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll

2017-12-12 19:17 - 2017-11-26 03:01 - 000506256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll

2017-12-12 19:17 - 2017-11-26 03:01 - 000354200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll

2017-12-12 19:17 - 2017-11-26 03:00 - 001990160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll

2017-12-12 19:17 - 2017-11-26 03:00 - 000353848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll

2017-12-12 19:17 - 2017-11-26 02:58 - 001148216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll

2017-12-12 19:17 - 2017-11-26 02:58 - 001057824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll

2017-12-12 19:17 - 2017-11-26 02:57 - 001490840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll

2017-12-12 19:17 - 2017-11-26 02:51 - 001558856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll

2017-12-12 19:17 - 2017-11-26 02:51 - 000661664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll

2017-12-12 19:17 - 2017-11-26 02:41 - 002393600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll

2017-12-12 19:17 - 2017-11-26 02:41 - 001470976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll

2017-12-12 19:17 - 2017-11-26 02:41 - 000372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll

2017-12-12 19:17 - 2017-11-26 02:41 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll

2017-12-12 19:17 - 2017-11-26 02:41 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll

2017-12-12 19:17 - 2017-11-26 02:40 - 000160256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll

2017-12-12 19:17 - 2017-11-26 02:38 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatializerApo.dll

2017-12-12 19:17 - 2017-11-26 02:37 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll

2017-12-12 19:17 - 2017-11-26 02:36 - 013703168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll

2017-12-12 19:17 - 2017-11-26 02:36 - 000444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll

2017-12-12 19:17 - 2017-11-26 02:36 - 000351232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DictationManager.dll

2017-12-12 19:17 - 2017-11-26 02:36 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll

2017-12-12 19:17 - 2017-11-26 02:35 - 000557056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9on12.dll

2017-12-12 19:17 - 2017-11-26 02:35 - 000293888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll

2017-12-12 19:17 - 2017-11-26 02:35 - 000242176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExecModelClient.dll

2017-12-12 19:17 - 2017-11-26 02:31 - 000660480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll

2017-12-12 19:17 - 2017-11-26 02:31 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll

2017-12-12 19:17 - 2017-11-26 02:30 - 004385280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll

2017-12-12 19:17 - 2017-11-26 02:30 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll

2017-12-12 19:17 - 2017-11-26 02:29 - 000823808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll

2017-12-12 19:17 - 2017-11-26 02:28 - 004249600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll

2017-12-12 19:17 - 2017-11-26 02:24 - 000614912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll

2017-12-12 19:17 - 2017-11-26 02:24 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\acppage.dll

2017-12-12 19:17 - 2017-11-18 23:35 - 003331520 _____ C:\WINDOWS\system32\Windows.Mirage.dll

2017-12-12 19:17 - 2017-11-18 18:20 - 002491112 _____ C:\WINDOWS\SysWOW64\Windows.Mirage.dll

2017-11-29 12:59 - 2017-11-29 12:59 - 000000000 ____D C:\ProgramData\MB2Migration

2017-11-28 14:24 - 2017-11-28 14:24 - 000000000 ____D C:\Users\garyh\AppData\Local\ESET

2017-11-28 11:26 - 2017-11-28 11:26 - 000000000 ____D C:\WINDOWS\System32\Tasks\Leader Technologies

2017-11-28 11:25 - 2017-11-28 11:25 - 000000000 ____D C:\Users\garyh\AppData\Roaming\Leadertech

2017-11-28 11:24 - 2017-11-28 11:24 - 000004982 _____ C:\WINDOWS\System32\Tasks\Xerox XeroxPrintExperience Printer Configuration - New or Changed

2017-11-28 11:24 - 2017-11-28 11:24 - 000004002 _____ C:\WINDOWS\System32\Tasks\Xerox XeroxPrintExperience Printer Configuration - Periodic Refresh

2017-11-28 11:24 - 2017-11-28 11:24 - 000000000 ____D C:\Program Files\Xerox

2017-11-28 10:37 - 2017-11-28 10:37 - 000002134 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk

2017-11-28 10:36 - 2017-11-28 11:37 - 000000000 ____D C:\Users\garyh\AppData\Local\PlaceholderTileLogoFolder

2017-11-28 10:36 - 2017-11-28 10:36 - 000000000 ____D C:\ProgramData\Microsoft OneDrive

2017-11-28 10:35 - 2017-11-28 10:35 - 000000020 ___SH C:\Users\garyh\ntuser.ini

2017-11-28 10:35 - 2017-11-28 10:35 - 000000000 ___HD C:\Users\garyh\MicrosoftEdgeBackups

2017-11-28 10:30 - 2018-01-25 13:26 - 000004166 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{0A67693B-C4D2-43F4-8D9C-F95F60CE280C}

2017-11-28 10:30 - 2018-01-24 15:35 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT

2017-11-28 10:30 - 2018-01-18 09:13 - 000003828 _____ C:\WINDOWS\System32\Tasks\G2MUploadTask-S-1-5-21-1582027158-3427342393-2586192252-1001

2017-11-28 10:30 - 2018-01-18 09:13 - 000003732 _____ C:\WINDOWS\System32\Tasks\G2MUpdateTask-S-1-5-21-1582027158-3427342393-2586192252-1001

2017-11-28 10:30 - 2018-01-09 17:51 - 000003376 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1582027158-3427342393-2586192252-1001

2017-11-28 10:30 - 2018-01-05 14:29 - 000004222 _____ C:\WINDOWS\System32\Tasks\Open URL by RoboForm

2017-11-28 10:30 - 2018-01-05 14:29 - 000003690 _____ C:\WINDOWS\System32\Tasks\Run RoboForm TaskBar Icon

2017-11-28 10:30 - 2017-12-06 11:37 - 000003966 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA

2017-11-28 10:30 - 2017-12-06 11:37 - 000003734 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore

2017-11-28 10:30 - 2017-11-30 22:11 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task

2017-11-28 10:30 - 2017-11-28 10:31 - 000019053 _____ C:\WINDOWS\diagwrn.xml

2017-11-28 10:30 - 2017-11-28 10:31 - 000019053 _____ C:\WINDOWS\diagerr.xml

2017-11-28 10:30 - 2017-11-28 10:30 - 000003616 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1582027158-3427342393-2586192252-1001UA

2017-11-28 10:30 - 2017-11-28 10:30 - 000003552 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1582027158-3427342393-2586192252-1001UA1d257ea6aa290f9

2017-11-28 10:30 - 2017-11-28 10:30 - 000003348 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1582027158-3427342393-2586192252-1001Core

2017-11-28 10:30 - 2017-11-28 10:30 - 000003344 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA

2017-11-28 10:30 - 2017-11-28 10:30 - 000003284 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1582027158-3427342393-2586192252-1001Core1d257ea6a9fa9da

2017-11-28 10:30 - 2017-11-28 10:30 - 000003120 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore

2017-11-28 10:30 - 2017-11-28 10:30 - 000003110 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater

2017-11-28 10:30 - 2017-11-28 10:30 - 000002700 _____ C:\WINDOWS\System32\Tasks\HPCustParticipation HP Officejet Pro 8600

2017-11-28 10:30 - 2017-11-28 10:30 - 000002670 _____ C:\WINDOWS\System32\Tasks\CCleanerClean

2017-11-28 10:30 - 2017-11-28 10:30 - 000002652 _____ C:\WINDOWS\System32\Tasks\HPCustParticipation HP OfficeJet Pro 8720

2017-11-28 10:30 - 2017-11-28 10:30 - 000002420 _____ C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe

2017-11-28 10:30 - 2017-11-28 10:30 - 000002404 _____ C:\WINDOWS\System32\Tasks\{2EE708D3-AF0B-40B6-B84A-40E122817F95}

2017-11-28 10:30 - 2017-11-28 10:30 - 000002394 _____ C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe

2017-11-28 10:30 - 2017-11-28 10:30 - 000002392 _____ C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_itype_exe

2017-11-28 10:30 - 2017-11-28 10:30 - 000002378 _____ C:\WINDOWS\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe

2017-11-28 10:30 - 2017-11-28 10:30 - 000002376 _____ C:\WINDOWS\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe

2017-11-28 10:30 - 2017-11-28 10:30 - 000002330 _____ C:\WINDOWS\System32\Tasks\{80489BCB-EE3D-4BE7-8EC5-3FF208178E34}

2017-11-28 10:30 - 2017-11-28 10:30 - 000002320 _____ C:\WINDOWS\System32\Tasks\{88FFE30B-44F2-4C15-804E-4C25BAAEA64F}

2017-11-28 10:30 - 2017-11-28 10:30 - 000002220 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC

2017-11-28 10:30 - 2017-11-28 10:30 - 000002130 _____ C:\WINDOWS\System32\Tasks\{A4A3037D-6915-4CFA-B777-F2345A305136}

2017-11-28 10:30 - 2017-11-28 10:30 - 000002130 _____ C:\WINDOWS\System32\Tasks\{86D647C4-0E71-4FC9-A15B-A3A9240B1764}

2017-11-28 10:30 - 2017-11-28 10:30 - 000002130 _____ C:\WINDOWS\System32\Tasks\{04203175-1EFD-48AD-AD2F-ADE80ED6A6E9}

2017-11-28 10:30 - 2017-11-28 10:30 - 000000000 ____D C:\WINDOWS\System32\Tasks\WPD

2017-11-28 10:30 - 2017-11-28 10:30 - 000000000 ____D C:\WINDOWS\System32\Tasks\OfficeSoftwareProtectionPlatform

2017-11-28 10:30 - 2017-11-28 10:30 - 000000000 ____D C:\WINDOWS\System32\Tasks\Apple

2017-11-28 10:28 - 2017-11-28 10:28 - 000000020 ___SH C:\Users\QBDataServiceUser26\ntuser.ini

2017-11-28 10:28 - 2017-11-28 10:28 - 000000020 ___SH C:\Users\QBDataServiceUser23\ntuser.ini

2017-11-28 10:25 - 2017-11-28 10:25 - 000001519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk

2017-11-28 10:24 - 2017-11-28 10:24 - 000000000 ____D C:\ProgramData\USOShared

2017-11-28 10:20 - 2018-01-24 15:35 - 000000000 ____D C:\Users\garyh

2017-11-28 10:20 - 2018-01-24 15:23 - 000000000 ____D C:\Users\garyh\AppData\Local\Packages

2017-11-28 10:20 - 2017-12-13 22:20 - 000000000 ____D C:\Users\QBDataServiceUser26

2017-11-28 10:20 - 2017-12-13 22:19 - 000000000 ____D C:\Users\QBDataServiceUser23

2017-11-28 10:20 - 2017-11-28 10:30 - 000000000 ____D C:\Users\DefaultAppPool

2017-11-28 10:15 - 2018-01-24 15:40 - 002096674 _____ C:\WINDOWS\system32\PerfStringBackup.INI

2017-11-28 10:15 - 2017-11-28 10:15 - 000000000 ____D C:\Program Files (x86)\VulkanRT

2017-11-28 10:15 - 2017-10-27 08:06 - 000136312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe

2017-11-28 10:15 - 2017-09-29 05:41 - 002241024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll

2017-11-28 10:15 - 2017-09-13 15:20 - 000798008 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll

2017-11-28 10:15 - 2017-09-13 15:20 - 000490296 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe

2017-11-28 10:15 - 2017-09-13 15:19 - 000927544 _____ C:\WINDOWS\system32\vulkan-1.dll

2017-11-28 10:15 - 2017-09-13 15:19 - 000591160 _____ C:\WINDOWS\system32\vulkaninfo.exe

2017-11-28 10:14 - 2018-01-25 15:17 - 000000000 ____D C:\WINDOWS\system32\SleepStudy

2017-11-28 10:14 - 2018-01-05 15:32 - 000606912 _____ C:\WINDOWS\system32\FNTCACHE.DAT

2017-11-28 10:14 - 2017-11-09 04:43 - 000540784 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll

2017-11-28 10:12 - 2017-12-11 07:31 - 000000000 ____D C:\Windows.old

2017-11-27 17:16 - 2017-11-28 10:12 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate

2017-11-27 17:16 - 2017-11-27 17:16 - 000000000 ___DL C:\Users\Public\Recorded TV (1)

2017-11-27 17:16 - 2017-11-27 17:16 - 000000000 ____D C:\Program Files\Common Files\SpeechEngines

2017-11-27 17:15 - 2017-11-27 17:16 - 000000000 ____D C:\WINDOWS\ServiceProfiles

2017-11-27 17:15 - 2017-11-27 17:15 - 000000000 ____D C:\WINDOWS\containers

2017-11-27 17:14 - 2017-11-27 17:14 - 006791472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll

2017-11-27 17:14 - 2017-11-27 17:14 - 006015200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll

2017-11-27 17:14 - 2017-11-27 17:14 - 002972672 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll

2017-11-27 17:14 - 2017-11-27 17:14 - 002717392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll

2017-11-27 17:14 - 2017-11-27 17:14 - 002465848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll

2017-11-27 17:14 - 2017-11-27 17:14 - 002269080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll

2017-11-27 17:14 - 2017-11-27 17:14 - 001970520 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll

2017-11-27 17:14 - 2017-11-27 17:14 - 001806336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll

2017-11-27 17:14 - 2017-11-27 17:14 - 001554216 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll

2017-11-27 17:14 - 2017-11-27 17:14 - 001507736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll

2017-11-27 17:14 - 2017-11-27 17:14 - 001463856 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll

2017-11-27 17:14 - 2017-11-27 17:14 - 001454568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll

2017-11-27 17:14 - 2017-11-27 17:14 - 001377080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll

2017-11-27 17:14 - 2017-11-27 17:14 - 001323840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll

2017-11-27 17:14 - 2017-11-27 17:14 - 001280000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll

2017-11-27 17:14 - 2017-11-27 17:14 - 001261864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll

2017-11-27 17:14 - 2017-11-27 17:14 - 001015008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll

2017-11-27 17:14 - 2017-11-27 17:14 - 000975872 _____ C:\WINDOWS\system32\FaceProcessor.dll

2017-11-27 17:14 - 2017-11-27 17:14 - 000768512 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll

2017-11-27 17:14 - 2017-11-27 17:14 - 000739696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll

2017-11-27 17:14 - 2017-11-27 17:14 - 000665088 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll

2017-11-27 17:14 - 2017-11-27 17:14 - 000654848 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll

2017-11-27 17:14 - 2017-11-27 17:14 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll

2017-11-27 17:14 - 2017-11-27 17:14 - 000612760 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll

2017-11-27 17:14 - 2017-11-27 17:14 - 000610712 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll

2017-11-27 17:14 - 2017-11-27 17:14 - 000597160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll

2017-11-27 17:14 - 2017-11-27 17:14 - 000591872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll

2017-11-27 17:14 - 2017-11-27 17:14 - 000566272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll

2017-11-27 17:14 - 2017-11-27 17:14 - 000555416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS

2017-11-27 17:14 - 2017-11-27 17:14 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll

2017-11-27 17:14 - 2017-11-27 17:14 - 000479912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll

2017-11-27 17:14 - 2017-11-27 17:14 - 000478208 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll

2017-11-27 17:14 - 2017-11-27 17:14 - 000442880 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll

2017-11-27 17:14 - 2017-11-27 17:14 - 000418712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll

2017-11-27 17:14 - 2017-11-27 17:14 - 000362176 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioIso.exe

2017-11-27 17:14 - 2017-11-27 17:14 - 000353688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll

2017-11-27 17:14 - 2017-11-27 17:14 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll

2017-11-27 17:14 - 2017-11-27 17:14 - 000336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicRuntimes.dll

2017-11-27 17:14 - 2017-11-27 17:14 - 000326144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll

2017-11-27 17:14 - 2017-11-27 17:14 - 000285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys

2017-11-27 17:14 - 2017-11-27 17:14 - 000269696 _____ C:\WINDOWS\system32\FaceProcessorCore.dll

2017-11-27 17:14 - 2017-11-27 17:14 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll

2017-11-27 17:14 - 2017-11-27 17:14 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll

2017-11-27 17:14 - 2017-11-27 17:14 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys

2017-11-27 17:14 - 2017-11-27 17:14 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys

2017-11-27 17:14 - 2017-11-27 17:14 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll

2017-11-27 17:14 - 2017-11-27 17:14 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll

2017-11-27 17:14 - 2017-11-27 17:14 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll

2017-11-27 17:14 - 2017-11-27 17:14 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CapabilityAccessManagerClient.dll

2017-11-27 17:14 - 2017-11-27 17:14 - 000060824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\urscx01000.sys

2017-11-27 17:14 - 2017-11-27 17:14 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll

2017-11-27 17:14 - 2017-11-27 17:14 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys

2017-11-27 17:14 - 2017-11-27 17:14 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcSpecfc.dll

2017-11-27 17:14 - 2017-11-27 17:14 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdrleakdiag.exe

2017-11-27 17:14 - 2017-11-27 17:14 - 000045464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys

2017-11-27 17:14 - 2017-11-27 17:14 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdrleakdiag.exe

2017-11-27 17:14 - 2017-11-27 17:14 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys

2017-11-27 17:14 - 2017-11-27 17:14 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcVSp1res.dll

2017-11-27 17:14 - 2017-11-27 17:14 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcVSp1res.dll

2017-11-27 17:14 - 2017-11-27 17:14 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll

2017-11-27 17:12 - 2018-01-24 15:40 - 000702804 _____ C:\WINDOWS\system32\perfh012.dat

2017-11-27 17:12 - 2018-01-24 15:40 - 000201580 _____ C:\WINDOWS\system32\perfc012.dat

2017-11-27 17:12 - 2017-11-27 17:12 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer

2017-11-27 17:12 - 2017-11-27 17:11 - 000159618 _____ C:\WINDOWS\system32\perfi012.dat

2017-11-27 17:12 - 2017-11-27 17:11 - 000033406 _____ C:\WINDOWS\system32\perfd012.dat

2017-11-27 17:11 - 2017-11-27 17:11 - 000000000 ____D C:\WINDOWS\SysWOW64\ko

2017-11-27 17:11 - 2017-11-27 17:11 - 000000000 ____D C:\WINDOWS\system32\ko

2017-11-27 17:08 - 2017-11-27 17:08 - 012023100 _____ C:\WINDOWS\system32\korwbrkr.lex

2017-11-27 17:08 - 2017-11-27 17:08 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\korwbrkr.dll

2017-11-27 17:08 - 2017-11-27 17:08 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\korwbrkr.dll

2017-11-27 17:08 - 2017-11-27 17:08 - 000124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll

2017-11-27 17:08 - 2017-11-27 17:08 - 000000000 ____D C:\WINDOWS\SysWOW64\BestPractices

2017-11-27 17:08 - 2017-11-27 17:08 - 000000000 ____D C:\WINDOWS\system32\msmq

2017-11-27 17:08 - 2017-11-27 17:08 - 000000000 ____D C:\WINDOWS\system32\BestPractices

2017-11-27 17:08 - 2017-11-27 17:08 - 000000000 ____D C:\Program Files\Reference Assemblies

2017-11-27 17:08 - 2017-11-27 17:08 - 000000000 ____D C:\Program Files\MSBuild

2017-11-27 17:08 - 2017-11-27 17:08 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies

2017-11-27 17:08 - 2017-11-27 17:08 - 000000000 ____D C:\Program Files (x86)\MSBuild

2017-11-27 17:08 - 2017-11-27 17:08 - 000000000 ____D C:\inetpub

2017-11-27 17:07 - 2017-11-27 17:07 - 001166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll

2017-11-27 17:07 - 2017-11-27 17:07 - 000778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll

2017-11-27 17:07 - 2017-11-27 17:07 - 000103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll

2017-11-27 17:07 - 2017-11-27 17:07 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe

2017-11-27 17:07 - 2017-11-27 17:07 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe

2017-11-27 17:02 - 2017-11-27 17:02 - 000008192 _____ C:\WINDOWS\system32\config\userdiff

2017-11-27 16:46 - 2017-12-12 20:13 - 000000000 ___DC C:\WINDOWS\Panther

2017-11-20 10:17 - 2017-11-28 10:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation

2017-11-09 04:40 - 2017-11-09 04:40 - 036248176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll

2017-11-09 04:40 - 2017-11-09 04:40 - 029279672 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll

2017-11-09 04:39 - 2017-11-09 04:39 - 000989808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll

2017-11-09 04:39 - 2017-11-09 04:39 - 000940984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll

2017-11-09 04:39 - 2017-11-09 04:39 - 000054192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll

2017-11-09 04:38 - 2017-11-09 04:38 - 001997752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438813.dll

2017-11-09 04:38 - 2017-11-09 04:38 - 001682544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438813.dll

2017-11-09 04:38 - 2017-11-09 04:38 - 001624168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll

2017-11-09 04:38 - 2017-11-09 04:38 - 001108408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll

2017-11-09 04:38 - 2017-11-09 04:38 - 001039800 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll

2017-11-09 04:38 - 2017-11-09 04:38 - 000233904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys

2017-11-09 04:37 - 2017-11-09 04:37 - 040246384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll

2017-11-09 04:37 - 2017-11-09 04:37 - 035165624 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll

2017-11-09 04:37 - 2017-11-09 04:37 - 004210288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll

2017-11-09 04:37 - 2017-11-09 04:37 - 003623024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll

2017-11-09 04:30 - 2017-11-09 04:30 - 023474480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll

2017-11-09 04:30 - 2017-11-09 04:30 - 019212720 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll

2017-11-09 04:30 - 2017-11-09 04:30 - 013379352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll

2017-11-09 04:30 - 2017-11-09 04:30 - 010986768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll

2017-11-09 04:26 - 2017-11-09 04:26 - 001154296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll

2017-11-09 04:26 - 2017-11-09 04:26 - 000902312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll

2017-11-09 04:25 - 2017-11-09 04:25 - 013994136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll

2017-11-09 04:25 - 2017-11-09 04:25 - 011891200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll

2017-11-09 04:25 - 2017-11-09 04:25 - 004533184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll

2017-11-09 04:25 - 2017-11-09 04:25 - 003859848 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll

2017-11-09 03:57 - 2017-11-09 03:57 - 000048442 _____ C:\WINDOWS\system32\nvinfo.pb

2017-11-09 03:57 - 2017-11-09 03:57 - 000000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json

2017-11-09 03:57 - 2017-11-09 03:57 - 000000669 _____ C:\WINDOWS\system32\nv-vk64.json

2017-11-07 15:53 - 2017-11-28 10:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Office Timeline

2017-11-07 14:26 - 2017-11-28 10:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Directory List & Print (Pro)

2017-11-07 14:26 - 2017-11-07 14:26 - 000000977 _____ C:\Users\garyh\Desktop\Directory List & Print (Pro).lnk

2017-11-07 14:01 - 2017-11-07 14:27 - 000000000 ____D C:\Users\garyh\AppData\Roaming\DirectoryListPrintPro

2017-11-06 11:06 - 2017-11-06 11:06 - 000000000 ____D C:\Users\DefaultAppPool\AppData\Local\TileDataLayer

2017-11-01 13:35 - 2017-11-01 13:35 - 001172360 _____ C:\Users\garyh\Desktop\Kitchen Aid Model KODT107ESS.pdf

==================== Three Months Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-01-25 15:18 - 2016-05-03 16:57 - 000000000 ____D C:\FRST

2018-01-25 04:26 - 2017-09-29 05:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization

2018-01-25 04:25 - 2017-09-29 05:46 - 000000000 ___HD C:\Program Files\WindowsApps

2018-01-25 04:25 - 2017-09-29 05:46 - 000000000 ____D C:\WINDOWS\AppReadiness

2018-01-24 17:16 - 2015-06-08 14:09 - 000000000 ____D C:\Users\garyh\Desktop\1 - Virus

2018-01-24 16:36 - 2016-04-17 13:25 - 000000000 ____D C:\ProgramData\Malwarebytes

2018-01-24 15:41 - 2010-11-20 19:27 - 000548000 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe

2018-01-24 15:37 - 2017-09-29 05:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft

2018-01-24 15:35 - 2017-09-29 00:45 - 000786432 _____ C:\WINDOWS\system32\config\BBI

2018-01-24 15:35 - 2017-06-11 14:01 - 000000000 ____D C:\ProgramData\NVIDIA

2018-01-24 15:35 - 2016-02-23 12:04 - 000000000 ____D C:\Program Files (x86)\Microsoft Office

2018-01-24 15:35 - 2015-12-15 09:02 - 000000660 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-1582027158-3427342393-2586192252-1001.job

2018-01-24 15:35 - 2015-12-15 09:02 - 000000564 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-1582027158-3427342393-2586192252-1001.job

2018-01-18 15:39 - 2015-06-14 11:33 - 000000000 ____D C:\Program Files (x86)\Dropbox

2018-01-18 09:13 - 2017-07-08 05:43 - 000000000 ____D C:\Users\garyh\AppData\Local\GoToMeeting

2018-01-17 19:50 - 2015-06-08 06:57 - 000000000 ____D C:\Users\garyh\AppData\Local\ElevatedDiagnostics

2018-01-09 17:51 - 2017-10-26 10:43 - 000002411 _____ C:\Users\garyh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk

2018-01-09 17:51 - 2015-08-04 17:25 - 000000000 __RHD C:\Users\garyh\OneDrive

2018-01-09 15:17 - 2015-05-29 10:16 - 000000000 ____D C:\WINDOWS\system32\MRT

2018-01-09 15:14 - 2017-10-11 08:57 - 129365736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe

2018-01-09 15:14 - 2015-05-29 10:16 - 129365736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

2018-01-09 15:13 - 2017-09-29 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp

2018-01-08 15:32 - 2015-07-14 15:40 - 000002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk

2018-01-07 12:51 - 2015-08-19 07:51 - 000000000 ____D C:\Users\garyh\AppData\Roaming\Intuit

2018-01-07 12:51 - 2015-08-19 07:47 - 000000000 ____D C:\Program Files (x86)\TurboTax

2018-01-07 12:42 - 2016-04-19 11:13 - 000000479 _____ C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc

2018-01-05 19:35 - 2017-09-29 05:46 - 000000000 ____D C:\WINDOWS\rescache

2018-01-05 15:34 - 2017-09-29 05:44 - 000000000 ____D C:\WINDOWS\INF

2018-01-05 15:32 - 2017-09-29 05:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12

2018-01-05 15:32 - 2017-09-29 05:46 - 000000000 ___SD C:\WINDOWS\system32\F12

2018-01-05 15:32 - 2017-09-29 05:46 - 000000000 ____D C:\WINDOWS\TextInput

2018-01-05 15:32 - 2017-09-29 05:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism

2018-01-05 15:32 - 2017-09-29 05:46 - 000000000 ____D C:\WINDOWS\system32\oobe

2018-01-05 15:32 - 2017-09-29 05:46 - 000000000 ____D C:\WINDOWS\system32\migwiz

2018-01-05 15:32 - 2017-09-29 05:46 - 000000000 ____D C:\WINDOWS\system32\appraiser

2018-01-05 15:32 - 2017-09-29 05:46 - 000000000 ____D C:\WINDOWS\Provisioning

2018-01-05 15:32 - 2017-09-29 05:46 - 000000000 ____D C:\WINDOWS\PolicyDefinitions

2018-01-05 15:32 - 2017-09-29 00:45 - 000000000 ____D C:\WINDOWS\system32\Dism

2018-01-05 15:32 - 2015-09-18 08:32 - 000000000 ___RD C:\Users\garyh\3D Objects

2018-01-05 15:32 - 2015-08-04 17:23 - 000000000 __RHD C:\Users\Public\AccountPictures

2018-01-05 14:29 - 2016-04-11 08:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RoboForm

2018-01-05 10:20 - 2017-09-29 05:41 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll

2018-01-05 10:20 - 2017-09-29 05:41 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll

2018-01-05 10:20 - 2017-09-29 05:41 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll

2017-12-30 01:24 - 2017-10-25 10:42 - 000000000 ____D C:\Users\garyh\AppData\Local\RoboForm

==================== Files in the root of some directories =======

2017-08-17 09:25 - 2017-08-17 09:32 - 000159200 ____T () C:\Users\garyh\AppData\Roaming\CrashRpt1402.dll

2016-07-08 12:13 - 2016-07-08 13:15 - 000049028 _____ () C:\Users\garyh\AppData\Roaming\FileDrTool.log

2016-06-02 15:43 - 2016-07-08 13:41 - 000054679 _____ () C:\Users\garyh\AppData\Roaming\QBFileDrTool.log

2016-05-27 09:10 - 2016-12-28 12:02 - 004224000 _____ () C:\Users\garyh\AppData\Local\rx_audio.Cache

2016-04-20 12:04 - 2016-12-28 12:02 - 082116608 _____ () C:\Users\garyh\AppData\Local\rx_image32.Cache

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed

C:\WINDOWS\system32\wininit.exe => File is digitally signed

C:\WINDOWS\explorer.exe => File is digitally signed

C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed

C:\WINDOWS\system32\svchost.exe => File is digitally signed

C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed

C:\WINDOWS\system32\services.exe => File is digitally signed

C:\WINDOWS\system32\User32.dll => File is digitally signed

C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed

C:\WINDOWS\system32\userinit.exe => File is digitally signed

C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed

C:\WINDOWS\system32\rpcss.dll => File is digitally signed

C:\WINDOWS\system32\dnsapi.dll => File is digitally signed

C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed

C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-01-17 17:47

==================== End of FRST.txt ============================

Do I wait for this before trying a repair?

I've upgraded this to Win10 all along online, so will need to make a boot disk.

addition next

glhglh · Jan 25, 2018

Addition 1:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21.01.2018

Ran by garyh (25-01-2018 15:19:13)

Running from H:\Virus

Windows 10 Pro Version 1709 16299.192 (X64) (2017-11-28 18:32:29)

Boot Mode: Normal

==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-1582027158-3427342393-2586192252-500 - Administrator - Enabled)

DefaultAccount (S-1-5-21-1582027158-3427342393-2586192252-503 - Limited - Disabled)

garyh (S-1-5-21-1582027158-3427342393-2586192252-1001 - Administrator - Enabled) => C:\Users\garyh

Guest (S-1-5-21-1582027158-3427342393-2586192252-501 - Limited - Disabled)

iBuyPower (S-1-5-21-1582027158-3427342393-2586192252-1000 - Administrator - Enabled)

QBDataServiceUser23 (S-1-5-21-1582027158-3427342393-2586192252-1002 - Limited - Enabled) => C:\Users\QBDataServiceUser23

QBDataServiceUser26 (S-1-5-21-1582027158-3427342393-2586192252-1003 - Limited - Enabled) => C:\Users\QBDataServiceUser26

WDAGUtilityAccount (S-1-5-21-1582027158-3427342393-2586192252-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.009.20050 - Adobe Systems Incorporated)

Adobe Photoshop Lightroom 5.7 64-bit (HKLM\...\{1B77B02E-17E4-4B6D-B8A1-74B29AF3D8DD}) (Version: 5.7.0 - Adobe Systems Incorporated)

AmericasCardroom (HKLM-x32\...\296836EA-EF3A-4C36-8C13-3A6C1DB2D4BE) (Version: 16.6 - IGSoft)

Apple Application Support (32-bit) (HKLM-x32\...\{BC7C46A4-D7A7-48EC-A98C-32A7762B5EFA}) (Version: 6.2.1 - Apple Inc.)

Apple Application Support (64-bit) (HKLM\...\{F0C4B709-8BF4-4A72-B527-12E7BF5482F8}) (Version: 6.2.1 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{BD6778C5-6FA5-492A-ADD6-E706339C2A7B}) (Version: 11.0.2.4 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{C1BBFD2A-BCDD-45B3-8C0B-66BD434970A8}) (Version: 2.4.8.1 - Apple Inc.)

Audials (HKLM-x32\...\{A3D8060F-ACB0-4C73-B25B-72582A0B6402}) (Version: 17.1.86.8500 - Audials AG)

BCL easyConverter SDK 3 (Word Version) 64 (HKLM\...\{350CC85B-CA59-4F85-909D-8E4CDBF532FA}) (Version: 3.0.64 - BCL Technologies)

Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)

CCleaner (HKLM\...\CCleaner) (Version: 5.24 - Piriform)

ChromecastApp (HKU\S-1-5-21-1582027158-3427342393-2586192252-1001\...\{079ede36-133d-44b0-8053-c7c1fa8d2e0d}_is1) (Version: 1.5.1693.0 - Google Inc.)

Cisco WebEx Meetings (HKLM-x32\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC)

Citrix Online Launcher (HKLM-x32\...\{678753E6-E526-4AE5-A144-00240772543A}) (Version: 1.0.393 - Citrix)

Contents (HKLM-x32\...\{C8A4DA60-6A94-4627-B7C9-DB6223D531FE}) (Version: 1.0.0.93 - Corel Corporation) Hidden

Corel FastFlick (HKLM-x32\...\_{10EC8494-8A92-49D8-9677-2483EB01F7F1}) (Version: 1.0.0.93 - Corel Corporation)

Corel PaintShop Pro X6 (HKLM-x32\...\_{166D1CB6-DD8A-40DD-9E25-4D31D2D6DE4D}) (Version: 16.2.0.20 - Corel Corporation)

Corel WinDVD (HKLM-x32\...\{5C1F18D2-F6B7-4242-B803-B5A78648185D}) (Version: 10.8.0.211 - Corel Inc.)

Creator NXT 3 Content (HKLM-x32\...\{246D31A0-7B8A-41EA-8E31-33C2F2F26B53}) (Version: 16.0.004 - Roxio) Hidden

Dazzle Video Capture DVC100 X64 Driver 1.06 (HKLM-x32\...\{BFF23267-1D19-444E-93E2-E5059BE805EA}) (Version: 1.06.0000 - Pinnacle) Hidden

Directory List & Print (Pro) (HKLM-x32\...\{6336F23D-1D20-4E02-9FBD-20B3A8210E4D}_is1) (Version: 3.39 - Infonautics GmbH, Switzerland)

DirectX 9 Runtime (HKLM-x32\...\{3A9527CF-4E91-4683-A03F-F1AD022126E5}) (Version: 1.00.0000 - Sonic Solutions) Hidden

Dropbox (HKLM-x32\...\Dropbox) (Version: 42.3.113 - Dropbox, Inc.)

Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.65.1 - Dropbox, Inc.) Hidden

Extended Asian Language font pack for Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-2530-0000-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)

Family Tree Maker 2014 (HKLM\...\{39EF38DF-2727-4C09-A165-FD3B87BA3AE9}) (Version: 22.0.207 - Ancestry.com, Inc.) Hidden

Family Tree Maker 2014 (HKLM-x32\...\Family Tree Maker 2014) (Version: 22.0.207 - Ancestry.com, Inc.)

Fitbit Connect (HKLM-x32\...\{6EB73D9D-645E-415B-8008-83C3CB865968}) (Version: 2.0.1.6742 - Fitbit Inc.)

Full Flush Poker 8.2 (HKLM-x32\...\Full Flush Poker 8.2) (Version: 8.2.12.201509140800 - Full Flush Poker)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 63.0.3239.132 - Google Inc.)

Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden

Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)

Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden

Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.24.7 - Google Inc.) Hidden

GoToMeeting 8.20.0.8199 (HKU\S-1-5-21-1582027158-3427342393-2586192252-1001\...\GoToMeeting) (Version: 8.20.0.8199 - LogMeIn, Inc.)

Grammarly (HKU\S-1-5-21-1582027158-3427342393-2586192252-1001\...\GrammarlyForWindows) (Version: 1.5.32 - Grammarly)

Grammarly for Microsoft® Office Suite (HKLM\...\{A7CA0D32-2DB1-44B7-9A23-1EB8412DE0E4}) (Version: 6.6.115 - Grammarly) Hidden

Grammarly for Microsoft® Office Suite (HKU\S-1-5-21-1582027158-3427342393-2586192252-1001\...\{221c9b72-21d0-4d4e-8ee7-f35ebc4214f5}) (Version: 6.6.115 - Grammarly)

HDR Express 3 (HKLM-x32\...\HDR Express 3) (Version: 3.0.0.11677 - Unified Color Technologies)

HomeBase 3 (HKLM-x32\...\{ECF43B43-F239-496F-9792-AEEEBF999C6C}) (Version: 3.0.308.0 - AbeBooks)

HP Dropbox Plugin (HKLM-x32\...\{3E261474-8DF2-463B-984E-0B6396F58D1C}) (Version: 36.0.39.57346 - HP)

HP Google Drive Plugin (HKLM-x32\...\{9469285B-AB76-434A-8533-2EE643318F2E}) (Version: 36.0.39.57346 - HP)

HP Officejet Pro 8600 Basic Device Software (HKLM\...\{791A06E2-340F-43B0-8FAB-62D151339362}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)

HP Officejet Pro 8600 Help (HKLM-x32\...\{46235FF7-2CBE-4A84-BEDA-87348D1F7850}) (Version: 28.0.0 - Hewlett Packard)

HP Officejet Pro 8600 Product Improvement Study (HKLM\...\{2BF5E9CC-C55D-4B0F-ACAF-FFE77F333CD8}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)

HP OfficeJet Pro 8720 Basic Device Software (HKLM\...\{98A7C54D-74EB-461C-8124-E78BF938401F}) (Version: 38.1.1881.57490 - HP Inc.)

HP OfficeJet Pro 8720 Help (HKLM-x32\...\{18E5A98E-E857-4087-AF73-4E6B9AB0A140}) (Version: 38.0.0 - HP)

HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)

HP Support Solutions Framework (HKLM-x32\...\{FC3C2B77-6800-48C6-A15D-9D1031130C16}) (Version: 11.51.0049 - Hewlett-Packard Company)

HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)

HPDiagnosticAlert (HKLM-x32\...\{B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D}) (Version: 1.00.0001 - Microsoft) Hidden

I.R.I.S. OCR (HKLM-x32\...\{093C645A-294E-41E4-904C-DDF13DC47A27}) (Version: 12.3.6.12 - HP)

I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)

ICA (HKLM-x32\...\{10EC8494-8A92-49D8-9677-2483EB01F7F1}) (Version: 1.0.0.93 - Corel Corporation) Hidden

ICA (HKLM-x32\...\{166D1CB6-DD8A-40DD-9E25-4D31D2D6DE4D}) (Version: 16.2.0.20 - Corel Corporation) Hidden

Image Composite Editor (HKLM\...\{92AB5708-1AAA-4B1B-A8D5-45CF3AD77519}) (Version: 2.0.3 - Microsoft Corporation)

InstaRate (HKLM-x32\...\{7AABFAB3-D4D0-4316-A70A-72CC369A8A12}) (Version: 4.0.0 - DYMO Endicia)

Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.0.0.102 - Intel Corporation)

IPM_PSP_COM64 (HKLM\...\{1678F86C-889D-4198-8249-F4625058256B}) (Version: 16.2.0.20 - Corel Corporation) Hidden

IPM_VS_Pro (HKLM-x32\...\{126FB9B0-85B6-476A-AF26-BE008D8DFC53}) (Version: 1.0 - Corel Corporation) Hidden

iTunes (HKLM\...\{D7D4465C-B3B6-4BC1-B336-2803FB57BFAF}) (Version: 12.7.2.60 - Apple Inc.)

iZotope Music & Speech Cleaner (HKLM-x32\...\iZotope Music & Speech Cleaner_is1) (Version: 1.00 - iZotope, Inc.)

KakaoTalk (HKLM-x32\...\KakaoTalk) (Version: 2.2.4.1337 - Kakao Corp.)

LifeScan USB Device Driver vSL2.0 (Driver Removal) (HKLM-x32\...\LFSVCOMM&10C4&85A7) (Version: - LifeScan Inc)

Living Cookbook 2015 (HKLM-x32\...\{1DA632BA-F963-4B97-A2B6-50F9003A13B8}) (Version: 5.0.85 - Radium Technologies) Hidden

Living Cookbook 2015 (HKLM-x32\...\Living Cookbook 2015) (Version: 5.0.85 - Radium Technologies, Inc.)

Logitech Media Server 7.7.5 (HKLM-x32\...\Logitech Media Server_is1) (Version: 7.7.5 - Logitech)

Malwarebytes version 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)

Meter Drivers for OneTouch(R) Software (HKLM-x32\...\{A2C173E1-FB29-4B31-8ED6-CBEE8025E00A}) (Version: 1.10.0.0 - LifeScan) Hidden

Meter Drivers for OneTouch(R) Software (HKLM-x32\...\{B28470A5-F73F-432C-8066-05BA652AA5D1}) (Version: 1.9.1.0 - LifeScan) Hidden

Meter Drivers for OneTouch(R) Software v1.10.0.0 (HKLM-x32\...\InstallShield_{A2C173E1-FB29-4B31-8ED6-CBEE8025E00A}) (Version: 1.10.0.0 - LifeScan)

Microsoft ASP.NET MVC 2 (HKLM-x32\...\{DD8FF2F3-0D97-4CF3-AF78-FA0E1B242244}) (Version: 2.0.60926.0 - Microsoft Corporation)

Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)

Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.8431.2153 - Microsoft Corporation)

Microsoft Office 365 ProPlus - ko-kr (HKLM\...\O365ProPlusRetail - ko-kr) (Version: 16.0.8431.2153 - Microsoft Corporation)

Microsoft Office 365 Support and Recovery Assistant (HKU\S-1-5-21-1582027158-3427342393-2586192252-1001\...\4415f693b586d348) (Version: 16.0.965.6 - Microsoft Corporation)

Microsoft Office 언어 교정 도구 2013 - 한국어 (HKLM\...\{90150000-001F-0412-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)

Microsoft OneDrive (HKU\S-1-5-21-1582027158-3427342393-2586192252-1001\...\OneDriveSetup.exe) (Version: 17.3.7131.1115 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)

Microsoft Sync Framework 2.0 Core Components (x64) ENU (HKLM\...\{8CCBEC22-D2DB-4DC9-A58A-E1A1F3A38C8A}) (Version: 2.0.1578.0 - Microsoft Corporation)

Microsoft Sync Framework 2.0 Provider Services (x64) ENU (HKLM\...\{03AC245F-4C64-425C-89CF-7783C1D3AB2C}) (Version: 2.0.1578.0 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)

Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.60825 - Microsoft Corporation)

MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)

Napster (HKU\S-1-5-21-1582027158-3427342393-2586192252-1001\...\5d01cae694a4998b) (Version: 6.17.55.0 - Rhapsody International Inc.)

NETGEAR Genie (HKLM-x32\...\NETGEAR Genie) (Version: 2.4.12.00 - NETGEAR Inc.)

NVIDIA 3D Vision Driver 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 388.13 - NVIDIA Corporation)

NVIDIA Graphics Driver 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.13 - NVIDIA Corporation)

NVIDIA HD Audio Driver 1.3.35.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.35.1 - NVIDIA Corporation)

NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)

Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.8431.2153 - Microsoft Corporation) Hidden

Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.8431.2153 - Microsoft Corporation) Hidden

Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.8431.2153 - Microsoft Corporation) Hidden

Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.8326.2076 - Microsoft Corporation) Hidden

Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0412-0000-0000000FF1CE}) (Version: 16.0.8326.2076 - Microsoft Corporation) Hidden

Office Timeline (HKLM-x32\...\{6EFD7A0E-723E-4722-B71F-2E7CF0F4DBFD}) (Version: 3.1.6 - Office Timeline)

OneTouch Software (HKLM-x32\...\{82FEBE5D-61EC-4365-A213-2B278780945E}) (Version: - )

PDFill PDF Editor with FREE Writer and FREE Tools (HKLM\...\{D1399216-81B2-457C-A0F7-73B9A2EF6902}) (Version: 11.0 - PlotSoft LLC)

PL-2303 USB-to-Serial (HKLM-x32\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: 1.3.0 - Prolific Technology INC)

Product Improvement Study for HP OfficeJet Pro 8720 (HKLM\...\{6BC83816-BBE7-435F-8C06-2E2F3CD9C864}) (Version: 38.1.1881.57490 - Hewlett-Packard Co.)

PSPPContent (HKLM-x32\...\{162BD2D6-6C63-41A7-8151-93188450D36A}) (Version: 16.2.0.20 - Corel Corporation) Hidden

PSPPHelp (HKLM-x32\...\{16346B2A-87BC-407C-9D6B-72A4D21ABF03}) (Version: 16.2.0.20 - Corel Corporation) Hidden

PSPPro64 (HKLM\...\{16582334-495C-4F1C-A66B-3BFD8866B674}) (Version: 16.2.0.20 - Corel Corporation) Hidden

QuickBooks (HKLM-x32\...\{2B0E1E07-2F3D-4E7D-AD0A-1C74A8881B9B}) (Version: 26.0.4013.2607 - Intuit Inc.) Hidden

QuickBooks (HKLM-x32\...\{3167CC62-C775-4E47-92C1-73EBB845751A}) (Version: 23.0.4018.2305 - Intuit Inc.) Hidden

QuickBooks File Doctor (HKLM-x32\...\{5716778B-DC86-475F-9977-1E7153F7B588}) (Version: 3.6.9 - Intuit)

QuickBooks Pro 2013 (HKLM-x32\...\{3C631966-387E-4054-85D9-BBFFABE32BD8}) (Version: 23.0.4012.2305 - Intuit Inc.)

QuickBooks Pro 2016 (HKLM-x32\...\{4338BDE2-0035-41BC-87BE-EE0AD5D48042}) (Version: 26.0.4013.2607 - Intuit Inc.)

QuickBooks Runtime Redistributable (HKLM\...\{F2A4F809-2DE6-4D27-888B-4D2BB8DAF20E}) (Version: 1.00.0000 - Intuit Inc.)

QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)

RBVirtualFolder64Inst (HKLM\...\{9D6DFAD6-09E5-445E-A4B5-A388FEEBD90D}) (Version: 1.00.0000 - Roxio, Inc.) Hidden

Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.68.201.2013 - Realtek)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6873 - Realtek Semiconductor Corp.)

RealTimes (RealPlayer) (HKLM-x32\...\RealPlayer 18.0) (Version: 18.0.0 - RealNetworks)

RoboForm 8-4-6-6 (All Users) (HKLM-x32\...\AI RoboForm) (Version: 8-4-6-6 - Siber Systems)

Roxio Creator NXT 3 Content (HKLM-x32\...\{2DF5BF6E-D32C-4B81-9012-F62B58AFF819}) (Version: 1.0.4.0 - Roxio)

Roxio Creator NXT Pro 3 (HKLM-x32\...\{7B4B9450-39C8-454A-AA2D-6548EE4D21EB}) (Version: 16.0.50.1 - Roxio)

Roxio Virtual Drive x64 (HKLM\...\{632DCE79-2711-4B07-BB89-DA763E96840C}) (Version: 1.00.0000 - Roxio, Inc.) Hidden

Setup (HKLM-x32\...\{16006EE1-DDB7-4E5F-8696-9FEF32C0151A}) (Version: 16.2.0.20 - Corel Corporation) Hidden

Setup (HKLM-x32\...\{F2BACD4C-71F0-487C-AC11-247833494E52}) (Version: 1.0.0.93 - Corel Corporation) Hidden

Share (HKLM-x32\...\{4AA35E5E-F12E-4CC9-92CD-049AF647841B}) (Version: 1.0.0.93 - Corel Corporation) Hidden

Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.5.5 - Sophos Limited)

SyncToy 2.1 (x64) (HKLM\...\{88DAAF05-5A72-46D2-A7C5-C3759697E943}) (Version: 2.1.0 - Microsoft)

TurboTax 2015 (HKLM-x32\...\TurboTax 2015) (Version: 2015.0 - Intuit, Inc)

TurboTax 2016 (HKLM-x32\...\TurboTax 2016) (Version: 2016.0 - Intuit, Inc)

TurboTax Business 2014 (HKLM-x32\...\TurboTax Business 2014) (Version: 2014.0 - Intuit, Inc)

TurboTax Business 2015 (HKLM-x32\...\TurboTax Business 2015) (Version: 2015.0 - Intuit, Inc)

TurboTax Business 2016 (HKLM-x32\...\TurboTax Business 2016) (Version: 2016.0 - Intuit, Inc)

TurboTax Business 2017 (HKLM-x32\...\TurboTax Business 2017) (Version: 2017.0 - Intuit, Inc)

VSClassic (HKLM-x32\...\{3342D238-E332-43BB-B406-C6EE82273708}) (Version: 1.0.0.93 - Corel Corporation) Hidden

VSPro (HKLM-x32\...\{6AA550DB-4863-44C7-863F-4F4C7D13649F}) (Version: 1.0.0.93 - Corel Corporation) Hidden

Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden

Windows 10 Upgrade Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17346 - Microsoft Corporation)

Xerox Print Experience 3.0 (HKLM\...\{3C1E81CF-D1EB-C911-6C3D-E1A2BBAB776A}) (Version: 6.242.9.0 - Xerox)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1582027158-3427342393-2586192252-1001_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\garyh\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll => No File

CustomCLSID: HKU\S-1-5-21-1582027158-3427342393-2586192252-1001_Classes\CLSID\{1F6DE925-8416-40D4-BC66-D69DB9D4360B}\InprocServer32 -> E:\Program Files (x86)\Roxio Creator NXT Pro 3\Virtual Drive 10\DC_ShellExt64.dll (Corel Corporation)

CustomCLSID: HKU\S-1-5-21-1582027158-3427342393-2586192252-1001_Classes\CLSID\{2AD206F1-152C-4F9D-A24E-6F93FE7A4AFC}\InprocServer32 -> C:\Users\garyh\AppData\Local\Grammarly\Grammarly for Microsoft Office Suite\6.6.115\35496389B5\GrammarlyShim64.dll (CompanyName)

CustomCLSID: HKU\S-1-5-21-1582027158-3427342393-2586192252-1001_Classes\CLSID\{4BE56754-B616-4998-B825-D16983AEE1B2}\InprocServer32 -> C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-1582027158-3427342393-2586192252-1001_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\garyh\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => No File

CustomCLSID: HKU\S-1-5-21-1582027158-3427342393-2586192252-1001_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\garyh\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => No File

CustomCLSID: HKU\S-1-5-21-1582027158-3427342393-2586192252-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\garyh\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => No File

CustomCLSID: HKU\S-1-5-21-1582027158-3427342393-2586192252-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\garyh\AppData\Local\Citrix\GoToMeeting\5530\G2MOutlookAddin64.dll => No File

CustomCLSID: HKU\S-1-5-21-1582027158-3427342393-2586192252-1001_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\garyh\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => No File

CustomCLSID: HKU\S-1-5-21-1582027158-3427342393-2586192252-1001_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\garyh\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll (Google Inc.)

CustomCLSID: HKU\S-1-5-21-1582027158-3427342393-2586192252-1001_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\garyh\AppData\Local\Google\Update\1.3.32.8\psuser_64.dll => No File

CustomCLSID: HKU\S-1-5-21-1582027158-3427342393-2586192252-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\garyh\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll (Google Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-17] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-17] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-17] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-17] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-17] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-17] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-17] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-17] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-17] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-17] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-17] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-17] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-17] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-17] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-17] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-17] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-17] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-17] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-17] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-17] (Dropbox, Inc.)

ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-17] (Dropbox, Inc.)

ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\ShellExt.dll [2017-09-29] (Microsoft Corporation)

ContextMenuHandlers1: [Roxio Burn] -> {E8CB9D53-A47A-42B5-9F5B-96B037C9DD4C} => C:\Program Files\Roxio\Roxio Burn\RB_ContextMenu64.dll [2012-07-05] ()

ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\ShellExt.dll [2017-09-29] (Microsoft Corporation)

ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)

ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpcontextmenu.dll [2015-06-07] (RealNetworks, Inc.)

ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-17] (Dropbox, Inc.)

ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\ShellExt.dll [2017-09-29] (Microsoft Corporation)

ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-17] (Dropbox, Inc.)

ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File

ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-10-27] (NVIDIA Corporation)

ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)

ContextMenuHandlers1_S-1-5-21-1582027158-3427342393-2586192252-1001: [RXDCExtSvr] -> {1F6DE925-8416-40D4-BC66-D69DB9D4360B} => E:\Program Files (x86)\Roxio Creator NXT Pro 3\Virtual Drive 10\DC_ShellExt64.dll [2014-09-01] (Corel Corporation)

ContextMenuHandlers2_S-1-5-21-1582027158-3427342393-2586192252-1001: [RXDCExtSvr] -> {1F6DE925-8416-40D4-BC66-D69DB9D4360B} => E:\Program Files (x86)\Roxio Creator NXT Pro 3\Virtual Drive 10\DC_ShellExt64.dll [2014-09-01] (Corel Corporation)

ContextMenuHandlers6_S-1-5-21-1582027158-3427342393-2586192252-1001: [RXDCExtSvr] -> {1F6DE925-8416-40D4-BC66-D69DB9D4360B} => E:\Program Files (x86)\Roxio Creator NXT Pro 3\Virtual Drive 10\DC_ShellExt64.dll [2014-09-01] (Corel Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {020CDFF2-405F-4755-86F8-BAF383A7306B} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe

Task: {0286A298-A8B9-4D00-8CED-C19FAAF9D314} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe

Task: {062F0973-D01E-4C34-91D8-A29B62C997C8} - System32\Tasks\Open URL by RoboForm => C:\WINDOWS\system32\rundll32.exe url.dll,FileProtocolHandler "hxxps://www.roboform.com/test-pass.html?aaa=KICMLMJJHMJJGMMJJJHMCNOJKMHMGMCNLMMJPMKMCNNJOJHMNJCNJJJJHMGMJMNMLJKJMJMJMMJMJNJICMHMCNLMCNJMFMOMOMCNOMNMKMCNOMJMNMGMGMFMPMCNPMCNOMJMNMGMGMCNNMJNPICMOMFMEKMICNJJCKFMOMKMJMIMJNHICMEKMICNJJCKJNBJCMIJOJNIGIHJJNKJCMJNNICMJNDJCMKJBJJ (the data entry has 56 more characters).

Task: {06827A60-3614-46B2-80CD-80AD103BBE68} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe

Task: {0B26111B-25C5-4269-9887-B21B9D498676} - System32\Tasks\HPCustParticipation HP OfficeJet Pro 8720 => C:\Program Files\HP\HP OfficeJet Pro 8720\Bin\HPCustPartic.exe [2015-08-31] (HP Inc.)

Task: {138563B4-C6DC-4F6E-8AC2-48DA77D634B4} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-01-19] (Microsoft Corporation)

Task: {15AF6BF3-EA88-4D9F-96F2-03646CB3A6D6} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe

Task: {167F38BC-283D-4BE7-8286-D1E4FE1D3484} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated)

Task: {16CF9C2D-90FC-47CD-9015-8D5F5C826F8F} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe

Task: {17D257EE-4694-4A73-8236-914BE8949B7C} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe

Task: {19909A94-529E-43B0-BAB1-ABBA87990796} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe

Task: {2039FD54-B504-43B5-AF0C-7208A113DB7B} - System32\Tasks\Xerox XeroxPrintExperience Printer Configuration - New or Changed => c:\program files\xerox\xeroxprintexperience\xeroxprintexperience\XeroxPrinterConfiguration.exe [2017-03-22] (Xerox Corporation)

Task: {234FF421-A0BB-4DB2-BF70-C92D75A25F99} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-19] (Microsoft Corporation)

Task: {26A5020E-A70F-4307-9675-5AF4BE91FB41} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-07-24] (Apple Inc.)

Task: {29C3DDF4-32D3-4B0E-A23E-F4453C3BA37B} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-10-06] (Dropbox, Inc.)

Task: {34025BF5-5271-4658-B156-61FFE889B4E9} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-12-23] (Microsoft Corporation)

Task: {36E052B8-60B8-44C6-B307-A38B845839E3} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe

Task: {3B106F1C-E631-4729-9DD3-88366D1022A3} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-12-23] (Microsoft Corporation)

Task: {42D23C9A-2C08-4F81-BBD4-8C7B85705817} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-19] (Microsoft Corporation)

Task: {444E8B98-2120-4CDD-8707-BE33754CD225} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-10-06] (Dropbox, Inc.)

Task: {4589D9A4-8370-45BF-A1D6-1AE56143A5CF} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)

Task: {49F3326E-AE0B-49E3-93CB-3D2231196ED8} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION

Task: {4A55944B-0A06-43B8-A06C-104D43FA5535} - System32\Tasks\HPCustParticipation HP Officejet Pro 8600 => C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)

Task: {5034A374-1A75-470D-B140-73958A98B40F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1582027158-3427342393-2586192252-1001Core1d257ea6a9fa9da => C:\Users\garyh\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)

Task: {51645DF7-A320-4243-90FB-E86AF6666CB5} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-01-19] ()

Task: {51C21FB6-DD43-4E1F-B2BE-0E5C99C29135} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)

Task: {5279A8AE-46B0-46AA-A8A1-5FB2BB63E7B8} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\MpCmdRun.exe

Task: {548B8F39-71A9-45B4-8368-D24F97BBF07B} - System32\Tasks\CCleanerSkipUAC => E:\Program Files\CCleaner\CCleaner.exe [2016-11-15] (Piriform Ltd)

Task: {55CDD935-986B-49BD-98E2-44124B12CD1F} - System32\Tasks\{04203175-1EFD-48AD-AD2F-ADE80ED6A6E9} => E:\Program Files (x86)\LifeScan\OneTouch\Bin\OneTouch.exe [2010-10-29] (Lifescan, Inc.)

Task: {5713DD19-2C95-463B-B2D2-4A1A4D858908} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-19] (Microsoft Corporation)

Task: {5A18E9CC-B380-440A-A894-00D1863C4FFC} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe

Task: {65472034-27B1-4069-AE6E-4A92CD7785A4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-23] (Google Inc.)

Task: {6C76BBF0-3FEC-4EA5-A7F0-E59C91643893} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)

Task: {722BEF1A-4E17-4F22-B665-85ED51061FEF} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe

Task: {7299E463-BE92-49BF-A444-95C0E5BD0FDA} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2018-01-05] (Siber Systems)

Task: {741D0B93-B846-4D3F-957D-BE57578B2264} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION

Task: {7A513374-8710-4256-82F4-65DD82458D77} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe

Task: {7D0AD3FD-9759-4B2C-BF9A-474DAD3E0881} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe

Task: {822C2D6E-1031-4FCF-A869-CEA96F83C01E} - System32\Tasks\{88FFE30B-44F2-4C15-804E-4C25BAAEA64F} => C:\Windows\system32\pcalua.exe -a "E:\Dropbox\GLH Download\One Touch Verio IQ\onetouchsetup.exe" -d C:\Users\garyh\Desktop

Task: {84ABABEA-D515-499A-92C7-D491948F20FD} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2018-01-09] (Microsoft Corporation)

Task: {8E67863A-61E2-4EF7-ADA9-A899604F47E0} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1582027158-3427342393-2586192252-1001UA => C:\Users\garyh\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)

Task: {8E9EB077-8E93-4C4B-AC23-2137259DAAF9} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe

Task: {8FAA5D71-5329-4331-8EA6-FC4F8CF89562} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)

Task: {8FAD31C0-B191-4780-AA18-CEB660D5C293} - System32\Tasks\{86D647C4-0E71-4FC9-A15B-A3A9240B1764} => E:\Program Files (x86)\LifeScan\OneTouch\Bin\OneTouch.exe [2010-10-29] (Lifescan, Inc.)

Task: {9037D9B4-2274-4389-AC8A-2658012583E2} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe

Task: {906BE972-4F57-415A-8A6E-4C83BA26C1C4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-01-19] (Microsoft Corporation)

Task: {9C78AFE9-1156-49AD-9016-A7D9685690E6} - System32\Tasks\{2EE708D3-AF0B-40B6-B84A-40E122817F95} => C:\Windows\system32\pcalua.exe -a "E:\Dropbox\GLH Download\Quickbooks\QB Pro 2013 R11\QuickBooksPro2013.exe" -d "E:\Dropbox\GLH Download\Quickbooks\QB Pro 2013 R11"

Task: {A05FDA29-9558-4679-80FB-B80444214EB1} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe

Task: {A0C12B6A-96D6-44BA-95C5-235B7BD9A8DF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-19] (Microsoft Corporation)

Task: {A2ACC27C-FE23-48FB-86DE-395AAF78A9B0} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1582027158-3427342393-2586192252-1001UA1d257ea6aa290f9 => C:\Users\garyh\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)

Task: {ABEC5067-563A-47D6-B689-0F650A15BF9A} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe

Task: {B032B24A-FD04-490E-BF8F-994CCDA15F61} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-21] (Adobe Systems Incorporated)

Task: {B51C5F63-0C86-45EF-A078-9170A8E591F6} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-01-19] ()

Task: {B9A36C72-1437-4C85-A78B-85665348DF01} - System32\Tasks\CCleanerClean => E:\Program Files\CCleaner\CCleaner.exe [2016-11-15] (Piriform Ltd)

Task: {BB285A88-CE86-41E8-B079-DA7C726227C5} - System32\Tasks\G2MUpdateTask-S-1-5-21-1582027158-3427342393-2586192252-1001 => C:\Users\garyh\AppData\Local\GoToMeeting\8199\g2mupdate.exe [2018-01-18] (LogMeIn, Inc.)

Task: {C1C40053-ED42-42EC-BFC3-661385B47A8E} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe

Task: {C833DCAE-33AC-43BF-BE50-B257C078880E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-23] (Google Inc.)

Task: {C9A57C46-374F-44B4-B0F6-BE356E11189A} - System32\Tasks\G2MUploadTask-S-1-5-21-1582027158-3427342393-2586192252-1001 => C:\Users\garyh\AppData\Local\GoToMeeting\8199\g2mupload.exe [2018-01-18] (LogMeIn, Inc.)

Task: {D09D6C48-4606-484E-8B36-5A8996D99EB6} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe

Task: {E2CCC9A0-B087-4DE2-A3B3-4AE5E6FE21B4} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe

Task: {F1961095-2E7F-4A26-9C99-DE0D1F04FAA3} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe

Task: {F1B2935D-C89E-44F3-A426-40A1844D3C8C} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)

Task: {F1C9BA7D-4928-4BD5-A0AA-1C28C96BE954} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe

Task: {F258A9D3-A55D-41A3-B410-01AB24B32055} - System32\Tasks\{80489BCB-EE3D-4BE7-8EC5-3FF208178E34} => C:\Windows\system32\pcalua.exe -a C:\Windows\system32\pcwrun.exe -c "E:\Program Files (x86)\LifeScan\OneTouch\Bin\OneTouch.exe"

Task: {F638E72F-3482-4DF7-A67E-54884BA4D375} - System32\Tasks\{A4A3037D-6915-4CFA-B777-F2345A305136} => E:\Program Files (x86)\LifeScan\OneTouch\Bin\OneTouch.exe [2010-10-29] (Lifescan, Inc.)

Task: {F9C68FEA-3FBF-4541-8604-D8D0330B2306} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1582027158-3427342393-2586192252-1001Core => C:\Users\garyh\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)

Task: {FA507CC4-B915-47CD-BA6B-31892EB28757} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe

Task: {FC7C7D1F-0106-4A1E-A575-E807D05A1D26} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-01-19] (Microsoft Corporation)

Task: {FCA8C2E3-D6B7-4BBF-8791-F64EF14FFDB7} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe

Task: {FE9FBD8A-E25C-47E2-8BDF-7E6A4EAB39DF} - System32\Tasks\Xerox XeroxPrintExperience Printer Configuration - Periodic Refresh => c:\program files\xerox\xeroxprintexperience\xeroxprintexperience\XeroxPrinterConfiguration.exe [2017-03-22] (Xerox Corporation)

glhglh · Jan 25, 2018

Addition 2:

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\WINDOWS\Tasks\CCleanerClean.job => E:\Program Files\CCleaner\CCleaner.exe

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-1582027158-3427342393-2586192252-1001.job => C:\Users\garyh\AppData\Local\GoToMeeting\8199\g2mupdate.exe

Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-1582027158-3427342393-2586192252-1001.job => C:\Users\garyh\AppData\Local\GoToMeeting\8199\g2mupload.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1582027158-3427342393-2586192252-1001Core.job => C:\Users\garyh\AppData\Local\Google\Update\GoogleUpdate.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1582027158-3427342393-2586192252-1001UA.job => C:\Users\garyh\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2017-09-29 05:41 - 2017-09-29 05:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll

2017-12-08 01:48 - 2017-12-08 01:48 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll

2017-12-08 01:48 - 2017-12-08 01:48 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll

2014-01-22 01:04 - 2014-01-22 01:04 - 000022760 _____ () C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe

2014-10-23 06:12 - 2014-10-23 06:12 - 000032784 _____ () e:\Program Files\UCT\HDR Express 3\HDRExpress3Service.exe

2016-05-19 08:28 - 2018-01-19 03:22 - 008929480 _____ () C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\1033\GrooveIntlResource.dll

2017-12-12 19:17 - 2017-11-26 04:23 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll

2017-12-12 19:17 - 2017-11-26 04:01 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll

2017-12-11 11:05 - 2017-12-11 11:05 - 000088888 _____ () E:\Program Files\iTunes\zlib1.dll

2017-12-11 11:05 - 2017-12-11 11:05 - 001356088 _____ () E:\Program Files\iTunes\libxml2.dll

2013-10-16 02:02 - 2013-10-16 02:02 - 000535784 _____ () E:\Program Files (x86)\Roxio Creator NXT Pro 3\Roxio Burn\RoxioBurnLauncher.exe

2013-10-16 02:03 - 2013-10-16 02:03 - 001723624 _____ () E:\Program Files (x86)\Roxio Creator NXT Pro 3\Roxio Burn\Roxio Burn.exe

2018-01-09 03:51 - 2018-01-09 03:51 - 004698840 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11712.1001.13.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll

2017-12-14 06:01 - 2017-12-14 06:01 - 000477184 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe

2017-12-14 06:01 - 2017-12-14 06:01 - 058590720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll

2017-10-04 15:19 - 2017-10-04 15:19 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll

2017-11-11 07:45 - 2017-11-11 07:46 - 000164864 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\VideoPlugin.dll

2017-10-04 15:19 - 2017-10-04 15:19 - 000675328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\IPPNativePlugin.dll

2017-12-14 06:01 - 2017-12-14 06:01 - 003727360 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll

2017-12-14 06:01 - 2017-12-14 06:01 - 002270720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll

2017-12-14 06:01 - 2017-12-14 06:01 - 016395264 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll

2017-12-14 06:01 - 2017-12-14 06:01 - 003579904 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\MediaEngine.dll

2017-12-14 06:01 - 2017-12-14 06:01 - 003204096 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll

2017-08-29 03:00 - 2017-08-29 03:00 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll

2017-12-14 06:01 - 2017-12-14 06:01 - 000043520 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Edit.Services.dll

2017-12-14 06:01 - 2017-12-14 06:01 - 004038144 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\Microsoft.People.PeoplePicker.dll

2017-12-14 06:01 - 2017-12-14 06:01 - 001367040 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll

2017-12-14 06:01 - 2017-12-14 06:01 - 000214528 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\SKU.dll

2018-01-24 16:36 - 2018-01-24 17:39 - 002301384 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll

2017-09-29 05:41 - 2017-09-29 05:41 - 000047616 _____ () C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUITelemetry.dll

2017-09-29 05:41 - 2017-09-29 05:41 - 004173824 _____ () C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUIDataModel.dll

2017-09-29 05:41 - 2017-09-29 05:41 - 003634176 _____ () C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUIViewModels.dll

2018-01-08 15:32 - 2018-01-03 01:20 - 004063064 _____ () C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.132\libglesv2.dll

2018-01-08 15:32 - 2018-01-03 01:20 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.132\libegl.dll

2014-01-22 01:04 - 2014-01-22 01:04 - 003322600 _____ () C:\Program Files (x86)\Roxio\BackOnTrack\App\BEngine.dll

2014-01-22 01:04 - 2014-01-22 01:04 - 000108776 _____ () C:\Program Files (x86)\Roxio\BackOnTrack\App\Logging.dll

2014-01-22 01:04 - 2014-01-22 01:04 - 000524520 _____ () C:\Program Files (x86)\Roxio\BackOnTrack\App\TRREngine.dll

2018-01-18 15:39 - 2018-01-17 01:26 - 000732992 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll

2018-01-18 15:39 - 2018-01-17 01:26 - 002079040 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll

2015-11-19 17:00 - 2018-01-17 01:26 - 000100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd

2015-11-19 17:00 - 2018-01-17 01:26 - 000018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd

2015-11-19 17:00 - 2018-01-17 01:28 - 000020800 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd

2015-11-19 17:00 - 2018-01-17 01:26 - 000035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd

2015-11-19 17:00 - 2018-01-17 01:26 - 000694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd

2018-01-18 15:39 - 2018-01-17 01:28 - 000021848 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd

2015-11-19 17:00 - 2018-01-17 01:26 - 000130512 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd

2018-01-18 15:39 - 2018-01-17 01:28 - 001856848 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd

2018-01-18 15:39 - 2018-01-17 01:28 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd

2018-01-18 15:39 - 2018-01-17 01:26 - 000145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd

2018-01-18 15:39 - 2018-01-17 01:26 - 000116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll

2015-11-19 17:00 - 2018-01-17 01:26 - 000105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd

2016-07-06 18:02 - 2018-01-17 01:29 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd

2018-01-18 15:39 - 2018-01-17 01:28 - 000063296 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd

2015-11-19 17:00 - 2018-01-17 01:26 - 000024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd

2018-01-18 15:39 - 2018-01-17 01:28 - 000077112 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd

2018-01-18 15:39 - 2018-01-17 01:26 - 000020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd

2015-11-19 17:00 - 2018-01-17 01:26 - 000124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd

2015-11-19 17:00 - 2018-01-17 01:26 - 000116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd

2018-01-18 15:39 - 2018-01-17 01:26 - 000392656 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll

2015-11-19 17:00 - 2018-01-17 01:28 - 000392512 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd

2016-07-06 18:02 - 2018-01-17 01:29 - 000026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd

2015-11-19 17:00 - 2018-01-17 01:26 - 000024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd

2015-11-19 17:00 - 2018-01-17 01:26 - 000175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd

2015-11-19 17:00 - 2018-01-17 01:26 - 000030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd

2015-11-19 17:00 - 2018-01-17 01:26 - 000043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd

2017-09-12 13:08 - 2018-01-17 01:26 - 000026056 _____ () C:\Program Files (x86)\Dropbox\Client\win32job.pyd

2015-11-19 17:00 - 2018-01-17 01:26 - 000048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd

2015-11-19 17:00 - 2018-01-17 01:26 - 000057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd

2018-01-18 15:39 - 2018-01-17 01:28 - 000021824 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd

2017-08-22 09:16 - 2018-01-17 01:29 - 000023368 _____ () C:\Program Files (x86)\Dropbox\Client\winshell.compiled._winshell.pyd

2018-01-18 15:39 - 2018-01-17 01:28 - 000022856 _____ () C:\Program Files (x86)\Dropbox\Client\crashpad.compiled._Crashpad.pyd

2017-05-02 13:53 - 2018-01-17 01:29 - 000066392 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.pyd

2018-01-18 15:39 - 2018-01-17 01:28 - 001796920 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd

2015-11-19 17:00 - 2018-01-17 01:26 - 000084424 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd

2018-01-18 15:39 - 2018-01-17 01:28 - 001956152 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd

2018-01-18 15:39 - 2018-01-17 01:28 - 003859264 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd

2018-01-18 15:39 - 2018-01-17 01:28 - 000155464 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd

2018-01-18 15:39 - 2018-01-17 01:28 - 000521024 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd

2018-01-18 15:39 - 2018-01-17 01:28 - 000050496 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineCore.pyd

2018-01-18 15:39 - 2018-01-17 01:28 - 000042304 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd

2018-01-18 15:39 - 2018-01-17 01:28 - 000131384 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd

2018-01-18 15:39 - 2018-01-17 01:28 - 000218944 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd

2018-01-18 15:39 - 2018-01-17 01:28 - 000204096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd

2015-11-19 17:00 - 2018-01-17 01:29 - 000025432 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd

2015-11-19 17:00 - 2018-01-17 01:26 - 000060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd

2017-01-30 16:51 - 2018-01-17 01:29 - 000054608 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd

2015-11-19 17:00 - 2018-01-17 01:26 - 000024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd

2017-01-06 12:01 - 2018-01-17 01:29 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd

2016-03-22 18:04 - 2018-01-17 01:29 - 000100688 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd

2015-11-19 17:00 - 2018-01-17 01:26 - 000028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd

2018-01-10 09:52 - 2018-01-17 01:29 - 000024408 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.shell32.compiled._winffi_shell32.pyd

2017-01-06 12:01 - 2018-01-17 01:29 - 000022360 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd

2017-01-06 12:01 - 2018-01-17 01:29 - 000021848 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd

2017-01-06 12:01 - 2018-01-17 01:29 - 000022360 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd

2018-01-18 15:39 - 2018-01-17 01:28 - 000027488 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd

2015-11-19 17:00 - 2018-01-17 01:26 - 000349128 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd

2018-01-18 15:39 - 2018-01-17 01:28 - 000101184 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.pyd

2016-01-21 11:45 - 2018-01-17 01:29 - 000023896 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd

2018-01-18 15:39 - 2018-01-17 01:28 - 000025424 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd

2018-01-18 15:39 - 2018-01-17 01:26 - 000036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll

2018-01-18 15:39 - 2018-01-17 01:28 - 000032600 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd

2018-01-18 15:39 - 2018-01-17 01:26 - 000293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll

2017-12-14 09:06 - 2018-01-17 01:29 - 000021848 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.advapi32.compiled._winffi_advapi32.pyd

2018-01-18 15:39 - 2018-01-17 01:28 - 000181056 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL

2016-06-20 13:31 - 2018-01-17 01:29 - 000030536 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.pyd

2018-01-18 15:39 - 2018-01-17 01:28 - 000024368 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.DLL

2018-01-18 15:39 - 2018-01-17 01:28 - 001638200 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll

2016-07-06 18:02 - 2018-01-17 01:29 - 000026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd

2018-01-18 15:39 - 2018-01-17 01:28 - 000545080 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd

2018-01-18 15:39 - 2018-01-17 01:28 - 000359224 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd

2018-01-18 15:39 - 2018-01-17 01:28 - 000038208 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngine.pyd

2018-01-24 15:35 - 2018-01-24 15:35 - 000028774 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-5852\d1e7c33431cd8713f2ce3582829a8b14\Socket.dll

2018-01-24 15:35 - 2018-01-24 15:35 - 000024679 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-5852\c5cce8d16a1bd48692b421dcf46d3396\Util.dll

2018-01-24 15:35 - 2018-01-24 15:35 - 000032878 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-5852\7ef0d901bf4203fbcf7a0fff0e82aa5f\Encode.dll

2018-01-24 15:35 - 2018-01-24 15:35 - 000024701 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-5852\d10c2c06ba2044cccc247c4315f5c7d3\Process.dll

2018-01-24 15:35 - 2018-01-24 15:35 - 000028779 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-5852\60ff464e01c2cd5526dbdad5a125081d\Dumper.dll

2018-01-24 15:35 - 2018-01-24 15:35 - 000020601 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-5852\4461f48e31bde5c56b31b973b773de09\List.dll

2018-01-24 15:35 - 2018-01-24 15:35 - 000118918 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-5852\eaeabd54205de2f10c00aea80bbf0d83\Registry.dll

2018-01-24 15:35 - 2018-01-24 15:35 - 000082048 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-5852\3a7ccbf8181ee5a145227a6dfce3594c\WinError.dll

2018-01-24 15:35 - 2018-01-24 15:35 - 000020576 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-5852\31638f63e39b38d3e250a9a57cb9d1c5\Cwd.dll

2018-01-24 15:35 - 2018-01-24 15:35 - 000036964 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-5852\f233f63b6654362865c7577442edb9e3\Win32.dll

2018-01-24 15:35 - 2018-01-24 15:35 - 000020590 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-5852\5ffd05b2cbd58528e56519784ca9c869\Hostname.dll

2018-01-24 15:35 - 2018-01-24 15:35 - 000082033 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-5852\df1ba73f49c38cbbc7a11c779c3506d2\OLE.dll

2018-01-24 15:35 - 2018-01-24 15:35 - 000024676 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-5852\32785c19dc6898fbbbf06f3b776edd08\Fcntl.dll

2018-01-24 15:35 - 2018-01-24 15:35 - 000061540 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-5852\e56c61f7248672819579325af3387035\POSIX.dll

2018-01-24 15:35 - 2018-01-24 15:35 - 000094334 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-5852\eb138ef0e4282611dbf485a302784646\LibYAML.dll

2018-01-24 15:35 - 2018-01-24 15:35 - 000053340 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-5852\de446fdd1ae335c7d2b9e62bb8cdf765\B.dll

2018-01-24 15:35 - 2018-01-24 15:35 - 000184414 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-5852\bd5179a413bc0c4b82eedc22c6cab101\re.dll

2018-01-24 15:35 - 2018-01-24 15:35 - 000024701 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-5852\93e7e3d6030f426844228042348210cf\Service.dll

2018-01-24 15:35 - 2018-01-24 15:35 - 000020576 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-9084\31638f63e39b38d3e250a9a57cb9d1c5\Cwd.dll

2018-01-24 15:35 - 2018-01-24 15:35 - 000036964 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-9084\f233f63b6654362865c7577442edb9e3\Win32.dll

2018-01-24 15:35 - 2018-01-24 15:35 - 000024676 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-9084\32785c19dc6898fbbbf06f3b776edd08\Fcntl.dll

2018-01-24 15:35 - 2018-01-24 15:35 - 000061540 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-9084\e56c61f7248672819579325af3387035\POSIX.dll

2018-01-24 15:35 - 2018-01-24 15:35 - 000020590 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-9084\5ffd05b2cbd58528e56519784ca9c869\Hostname.dll

2018-01-24 15:35 - 2018-01-24 15:35 - 000082033 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-9084\df1ba73f49c38cbbc7a11c779c3506d2\OLE.dll

2018-01-24 15:35 - 2018-01-24 15:35 - 000118918 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-9084\eaeabd54205de2f10c00aea80bbf0d83\Registry.dll

2018-01-24 15:35 - 2018-01-24 15:35 - 000082048 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-9084\3a7ccbf8181ee5a145227a6dfce3594c\WinError.dll

2018-01-24 15:35 - 2018-01-24 15:35 - 000028779 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-9084\60ff464e01c2cd5526dbdad5a125081d\Dumper.dll

2018-01-24 15:35 - 2018-01-24 15:35 - 000020601 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-9084\4461f48e31bde5c56b31b973b773de09\List.dll

2018-01-24 15:35 - 2018-01-24 15:35 - 000024681 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-9084\c199d3c1960e7aeeecb599487952bed2\HiRes.dll

2018-01-24 15:35 - 2018-01-24 15:35 - 000090213 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-9084\961b0d62fa52b1dd29c795a822fbf1cf\DBI.dll

2018-01-24 15:35 - 2018-01-24 15:35 - 000024679 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-9084\c5cce8d16a1bd48692b421dcf46d3396\Util.dll

2018-01-24 15:35 - 2018-01-24 15:35 - 000077824 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-9084\7f177c338672436e01c4f0bdbcf94491\EV.dll

2018-01-24 15:35 - 2018-01-24 15:35 - 000138752 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-9084\44727051c604ef6b79894b64d4c63832\Expat.dll

2018-01-24 15:35 - 2018-01-24 15:35 - 000041080 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-9084\2b1fc61b36a6711ea149b18bf3b41500\Parser.dll

2018-01-24 15:35 - 2018-01-24 15:35 - 000030720 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-9084\dacfd0ab9b5fd029ed8d29e4482b0775\XS.dll

2018-01-24 15:35 - 2018-01-24 15:35 - 000020590 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-9084\fa9e3c814aa32db2ad5f17bdfbc22746\attributes.dll

2018-01-24 15:35 - 2018-01-24 15:35 - 000024694 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-9084\c344fd5536724b2af2e6453833b60203\SHA1.dll

2018-01-24 15:35 - 2018-01-24 15:35 - 000094334 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-9084\eb138ef0e4282611dbf485a302784646\LibYAML.dll

2018-01-24 15:35 - 2018-01-24 15:35 - 000053340 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-9084\de446fdd1ae335c7d2b9e62bb8cdf765\B.dll

2018-01-24 15:35 - 2018-01-24 15:35 - 000184414 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-9084\bd5179a413bc0c4b82eedc22c6cab101\re.dll

2018-01-24 15:35 - 2018-01-24 15:35 - 000020592 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-9084\b979ace6da01e63d651cce9ee2474fdc\Name.dll

2018-01-24 15:35 - 2018-01-24 15:35 - 000028774 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-9084\d1e7c33431cd8713f2ce3582829a8b14\Socket.dll

2018-01-24 15:35 - 2018-01-24 15:35 - 000182272 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-9084\d0bf009923f29116535c26d228271d6d\Scan.dll

2018-01-24 15:35 - 2018-01-24 15:35 - 000024672 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-9084\17d0b152e63e6bfe81b4b19588538896\mro.dll

2018-01-24 15:35 - 2018-01-24 15:35 - 000020596 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-9084\3b7106dd14676048b10bbb09a990f74c\XS.dll

2018-01-24 15:35 - 2018-01-24 15:35 - 000032878 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-9084\7ef0d901bf4203fbcf7a0fff0e82aa5f\Encode.dll

2018-01-24 15:35 - 2018-01-24 15:35 - 000024695 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-9084\cf5fe81e2f5dcbfecfd0495e1648c991\Unicode.dll

2018-01-24 15:35 - 2018-01-24 15:35 - 000024670 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-9084\3a8764e0d7c5d453e01d9ad08cf7fb58\IO.dll

2018-01-24 15:35 - 2018-01-24 15:35 - 000361472 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-9084\aff7ee779ea184f884ed432c30a58f5d\Scale.dll

2018-01-24 15:35 - 2018-01-24 15:35 - 000024701 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-9084\d10c2c06ba2044cccc247c4315f5c7d3\Process.dll

2018-01-24 15:35 - 2018-01-24 15:35 - 000061546 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-9084\4f2c03383aab0133b8dc0a3fa2dd92fa\Storable.dll

2018-01-24 15:35 - 2018-01-24 15:35 - 000110705 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-9084\7f2598c08178217a0e2c754f3d568f28\Byte.dll

2018-01-24 15:35 - 2018-01-24 15:35 - 000024679 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-9084\c19d5e3dc664d9f4ce700001e2621cee\MD5.dll

2018-01-24 15:35 - 2018-01-24 15:35 - 000608256 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-9084\e2e81dd6b3e5a36f0bdae076393cc11d\SQLite.dll

2018-01-24 15:35 - 2018-01-24 15:35 - 000001024 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-9084\e2e81dd6b3e5a36f0bdae076393cc11d\icudt46.dll

2018-01-24 15:35 - 2018-01-24 15:35 - 000020596 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-9084\d1c77e404b5c4b954fa537ed63c8fb7b\File.dll

2018-01-24 15:35 - 2018-01-24 15:35 - 000030208 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-9084\0665c25e931c1ac0151b062449e91028\XSAccessor.dll

2018-01-24 15:35 - 2018-01-24 15:35 - 000020587 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-9084\c668a322917d32a5ea22894518aa9897\Base64.dll

2018-01-24 15:35 - 2018-01-24 15:35 - 004547584 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-9084\38a10ee333cf1a9afec3f0acdf1bbebc\Scan.dll

2018-01-24 15:36 - 2018-01-24 15:36 - 000017920 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-9084\8fedeb86a4a984edfc1fb255d4ea965c\XS.dll

2018-01-24 15:36 - 2018-01-24 15:36 - 000061547 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-9084\bc147d83c7c868eeee67082dcf55430c\File.dll

2018-01-24 15:36 - 2018-01-24 15:36 - 000032881 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-9084\b6bd87c968599725b8ab2e5c25d3046a\API.dll

2018-01-24 15:36 - 2018-01-24 15:36 - 000098415 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-9084\19febd96672ffdb7ea244cef36aaa062\Zlib.dll

2018-01-25 00:28 - 2018-01-25 00:28 - 000024689 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-9084\fc02da2bf6cf444ed6ad589e94272526\encoding.dll

2014-12-11 17:40 - 2014-12-11 17:40 - 040622592 ____R () E:\Program Files (x86)\Fitbit Connect\libcef.dll

2013-10-16 02:02 - 2013-10-16 02:02 - 000679144 _____ () E:\Program Files (x86)\Roxio Creator NXT Pro 3\Roxio Burn\BBEngineAS.dll

2012-05-22 19:01 - 2012-05-22 19:01 - 000723600 _____ () E:\Program Files (x86)\Roxio Creator NXT Pro 3\Roxio Burn\AS_Archive.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\garyh\Desktop\Kitchen Aid Model KODT107ESS.pdf:com.dropbox.attributes [168]

AlternateDataStreams: C:\Users\garyh\Desktop\MENSprintableBRACKET.pdf:com.dropbox.attributes [168]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1582027158-3427342393-2586192252-1001\...\sharepoint.com -> hxxps://nwgroup.sharepoint.com

IE restricted site: HKU\S-1-5-21-1582027158-3427342393-2586192252-1001\...\about.com -> hxxp://index.about.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 18:34 - 2009-06-10 13:00 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1582027158-3427342393-2586192252-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\garyh\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper

HKU\S-1-5-21-1582027158-3427342393-2586192252-1002\Control Panel\Desktop\\Wallpaper ->

HKU\S-1-5-21-1582027158-3427342393-2586192252-1003\Control Panel\Desktop\\Wallpaper ->

DNS Servers: 192.168.1.1

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)

Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\StartupFolder: => "RealTimes.lnk"

HKLM\...\StartupApproved\Run32: => "TkBellExe"

HKU\S-1-5-21-1582027158-3427342393-2586192252-1001\...\StartupApproved\StartupFolder: => "Send to OneNote.lnk"

HKU\S-1-5-21-1582027158-3427342393-2586192252-1001\...\StartupApproved\Run: => "OneDrive"

HKU\S-1-5-21-1582027158-3427342393-2586192252-1001\...\StartupApproved\Run: => "CCleaner Monitoring"

HKU\S-1-5-21-1582027158-3427342393-2586192252-1001\...\StartupApproved\Run: => "Fitbit Connect"

HKU\S-1-5-21-1582027158-3427342393-2586192252-1001\...\StartupApproved\Run: => "HP Officejet 7500 E910 (NET)"

HKU\S-1-5-21-1582027158-3427342393-2586192252-1002\...\StartupApproved\Run: => "OneDriveSetup"

HKU\S-1-5-21-1582027158-3427342393-2586192252-1003\...\StartupApproved\Run: => "OneDriveSetup"

glhglh · Jan 25, 2018

Addition 3:

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{38CBD0D9-95FC-4074-90A9-153304D33C32}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe

FirewallRules: [{58D398D0-A24B-40E3-954C-CF5EA10FF476}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe

FirewallRules: [{90C2D823-C0DC-4E8A-B5C3-188FFD59757A}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe

FirewallRules: [{C7BA6735-C9A3-4310-A791-1CDF0835C0A7}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe

FirewallRules: [{83B14C07-296D-4C5E-A83D-CDE62DC6FDEF}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\qblaunch.exe

FirewallRules: [{81FAE095-5399-4F9B-9876-47E13F16B9F9}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\qblaunch.exe

FirewallRules: [{BF2B2E00-0454-4A68-B06D-92BA89C10CE1}] => (Allow) E:\Program Files (x86)\Intuit\QuickBooks 2016\filemanagement.exe

FirewallRules: [{F9DB96EE-E6EA-42F1-8550-66C3CD8C5AFA}] => (Allow) E:\Program Files (x86)\Intuit\QuickBooks 2016\filemanagement.exe

FirewallRules: [{67CF8C4C-561D-4CD4-8272-86E522DFCF9E}] => (Allow) E:\Program Files (x86)\Intuit\QuickBooks 2016\dbmanagerexe.exe

FirewallRules: [{BE8C0CC6-159A-4AAD-BC41-2F9172F31CA4}] => (Allow) E:\Program Files (x86)\Intuit\QuickBooks 2016\dbmanagerexe.exe

FirewallRules: [{72566329-F870-46C2-9D75-BE2E9D583446}] => (Allow) E:\Program Files (x86)\Intuit\QuickBooks 2016\qbw32.exe

FirewallRules: [{84D7C1B6-B481-4F32-B9BC-6D97AFE4A178}] => (Allow) E:\Program Files (x86)\Intuit\QuickBooks 2016\qbw32.exe

FirewallRules: [{7649CA30-A38C-4731-8D5A-AD6C9BBDC413}] => (Allow) E:\Program Files (x86)\Intuit\QuickBooks 2016\qbdbmgrn.exe

FirewallRules: [{F12814B7-E2D5-4350-9D28-754D4C660584}] => (Allow) E:\Program Files (x86)\Intuit\QuickBooks 2016\qbdbmgrn.exe

FirewallRules: [{A7AB52A5-2074-40D8-ACAB-0A7A344B5C8F}] => (Allow) E:\Program Files (x86)\Intuit\QuickBooks 2013\filemanagement.exe

FirewallRules: [{D99A9ECA-4CCE-4C2C-99A3-A3D92FF33D1B}] => (Allow) E:\Program Files (x86)\Intuit\QuickBooks 2013\filemanagement.exe

FirewallRules: [{58260E1E-C276-48E7-9334-4C1E31513184}] => (Allow) E:\Program Files (x86)\Intuit\QuickBooks 2013\dbmanagerexe.exe

FirewallRules: [{ADEAB2A0-6861-4C8D-9B99-549035DC8635}] => (Allow) E:\Program Files (x86)\Intuit\QuickBooks 2013\dbmanagerexe.exe

FirewallRules: [{B7FFBED7-2AC0-4D76-9214-4A626875E34B}] => (Allow) E:\Program Files (x86)\Intuit\QuickBooks 2013\qbw32.exe

FirewallRules: [{940F20BB-1C13-4586-A57B-C1682C1DC649}] => (Allow) E:\Program Files (x86)\Intuit\QuickBooks 2013\qbw32.exe

FirewallRules: [{0B49BF25-EC34-4E24-8F5B-2DA31EABBF04}] => (Allow) E:\Program Files (x86)\Intuit\QuickBooks 2013\qbdbmgrn.exe

FirewallRules: [{5616A280-9944-4DDD-AF1C-CD31A4B0A110}] => (Allow) E:\Program Files (x86)\Intuit\QuickBooks 2013\qbdbmgrn.exe

FirewallRules: [UDP Query User{AE64F0CC-76DD-4A57-8DBC-18053BE56650}E:\program files (x86)\kakao\kakaotalk\kakaotalk.exe] => (Allow) E:\program files (x86)\kakao\kakaotalk\kakaotalk.exe

FirewallRules: [TCP Query User{BA8F08C5-699A-41B6-979B-B36316F35BCE}E:\program files (x86)\kakao\kakaotalk\kakaotalk.exe] => (Allow) E:\program files (x86)\kakao\kakaotalk\kakaotalk.exe

FirewallRules: [{487D3A38-8AB1-48D6-B448-6C1EADCCE593}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe

FirewallRules: [{7B9DC21E-AF49-4964-A94B-5AE0E7C5AB0C}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe

FirewallRules: [UDP Query User{3FEA5E21-6EEE-45CA-8D76-CEE51EDC48C6}E:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) E:\program files (x86)\netgear genie\bin\netgeargenie.exe

FirewallRules: [TCP Query User{3CC0AA5C-495E-4840-89F7-F4E64FFD37DA}E:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) E:\program files (x86)\netgear genie\bin\netgeargenie.exe

FirewallRules: [UDP Query User{F69B742A-850C-40C5-B4F5-9C2362F0D591}E:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) E:\program files (x86)\netgear genie\bin\netgeargenie.exe

FirewallRules: [TCP Query User{C4133629-E94B-4D97-917C-D1383EC2C98D}E:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) E:\program files (x86)\netgear genie\bin\netgeargenie.exe

FirewallRules: [UDP Query User{C03DB45F-5A17-48F1-A376-48ED57899835}C:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) C:\program files (x86)\netgear genie\bin\netgeargenie.exe

FirewallRules: [TCP Query User{22877C1F-F472-4282-BDD7-C472CF529CE8}C:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) C:\program files (x86)\netgear genie\bin\netgeargenie.exe

FirewallRules: [{FFDF3704-F410-403D-91D5-154616B6BBB1}] => (Allow) e:\Program Files (x86)\Squeezebox\server\SqueezeSvr.exe

FirewallRules: [{CEB5C53F-8C1B-40F3-B73D-F4738A688C5A}] => (Allow) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe

FirewallRules: [{B6FBB69C-812A-480A-8415-42E7CC29B864}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe

FirewallRules: [{9BA983CD-6637-4F9B-9579-BC17A1E4759B}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe

FirewallRules: [{FDC30CD0-757A-4369-8359-00C9628A63E2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe

FirewallRules: [{F9BFF867-180A-4C2D-88CE-5C6E0AB51F36}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe

FirewallRules: [{76DF4009-D834-46B0-BA7E-872CDE355E7A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

FirewallRules: [{D6CAEBFC-6B35-4B05-BD53-E136DDB0BDE8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

FirewallRules: [TCP Query User{B7139463-D604-47F9-9D2A-C1A87D0EAEA0}C:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) C:\program files (x86)\netgear genie\bin\netgeargenie.exe

FirewallRules: [UDP Query User{A677FBD9-7B90-4329-9573-F5F53E6C848F}C:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) C:\program files (x86)\netgear genie\bin\netgeargenie.exe

FirewallRules: [{63270B0F-40A8-4225-9EA5-6678E257FA2E}] => (Allow) C:\Users\garyh\AppData\Local\Temp\7zS2603\HP.EasyStart.exe

FirewallRules: [{F3ED4A2D-F218-4CE4-8C28-B2B1BFADAA76}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 8720\bin\FaxApplications.exe

FirewallRules: [{6258740A-1B3F-487C-B0DE-4FF577D9C052}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 8720\bin\DigitalWizards.exe

FirewallRules: [{FD31C0EE-345C-4D91-A503-0CE45CAD5B7E}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 8720\bin\SendAFax.exe

FirewallRules: [{CD2CEF2F-789A-4F96-BB0F-0247F3EA2AF3}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 8720\bin\FaxPrinterUtility.exe

FirewallRules: [{7383FD3D-B3F4-4B64-A16B-D591860C9E86}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 8720\Bin\DeviceSetup.exe

FirewallRules: [{88F70A73-6708-44E4-A76D-5BAF818A475E}] => (Allow) LPort=5357

FirewallRules: [{AD2E816A-D7C0-462C-895F-49283BBF558C}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 8720\Bin\HPNetworkCommunicatorCom.exe

FirewallRules: [{1ABA758F-29FF-44C5-BF1C-5219CC94E27F}] => (Allow) C:\Users\garyh\AppData\Local\Temp\7zS3418\HPDiagnosticCoreUI.exe

FirewallRules: [{A0233030-3956-440A-AB63-435A07C6162C}] => (Allow) C:\Users\garyh\AppData\Local\Temp\7zS3418\HPDiagnosticCoreUI.exe

FirewallRules: [{4D811220-01FC-43DA-93FB-93C8C7A9023C}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\FaxApplications.exe

FirewallRules: [{C6E8438B-E28B-4344-A92D-C76AC81F4A68}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\DigitalWizards.exe

FirewallRules: [{A382BEE2-1146-4186-A0E3-511FBBAED44F}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\SendAFax.exe

FirewallRules: [{151AE8B0-08C9-455C-BD4E-42DE5FE937E8}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\DeviceSetup.exe

FirewallRules: [{103D172A-7E6D-4EC9-8E7E-C179ABB6DE99}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe

FirewallRules: [{B7FE8DC9-ADA6-4892-858E-EB2BF9E9F4E2}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicatorCom.exe

FirewallRules: [{AD1F634E-F243-4C57-ABA8-8D22C311064C}] => (Allow) C:\Users\garyh\AppData\Local\Temp\7zS14EC\HPDiagnosticCoreUI.exe

FirewallRules: [{C8F0AF90-EC8A-481C-9AFD-CFCB04132A58}] => (Allow) C:\Users\garyh\AppData\Local\Temp\7zS14EC\HPDiagnosticCoreUI.exe

FirewallRules: [{17A50090-5005-4336-B717-D47F7CA25EA5}] => (Allow) E:\Program Files (x86)\Audials\Audials 2017\Audials.exe

FirewallRules: [{0288421B-29B9-403B-BAB7-D5D3329742AE}] => (Allow) LPort=12972

FirewallRules: [{C6E1F8A0-37E4-41AF-B585-B4B2B026F85E}] => (Allow) LPort=14714

FirewallRules: [{B118A8DD-DFAB-4B85-82A2-8115F73E78B2}] => (Allow) LPort=31931

FirewallRules: [{58A5E7CF-A1F1-465F-8801-B618220ACA24}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe

FirewallRules: [{0BDB1CCC-3FCF-4C1B-90AE-3841D022694E}] => (Allow) E:\Program Files\iTunes\iTunes.exe

FirewallRules: [{85375D5B-1388-44C9-86D8-B54911A8BCD4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

FirewallRules: [{C96BBC98-D085-4AF7-AAE9-4F219E75049D}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdater.exe

FirewallRules: [{4CBA9A4F-D803-4E58-8F95-8F92A877324D}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe

FirewallRules: [{D82016CF-697B-4C98-994B-CCEDE23104E2}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe

FirewallRules: [{BD8BECA5-78DA-4F65-8E0B-8B28D05E407C}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe

FirewallRules: [{98F786D8-FB50-4787-8C73-64146CC03893}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe

FirewallRules: [{88911DDF-25A8-4DE4-AC03-8563A25BF6D1}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe

FirewallRules: [{0F58C2A5-D7BC-4B4E-B444-ABA61A2DABED}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe

FirewallRules: [{1646B20E-9601-4FD1-8627-6DB420978205}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe

DomainProfile\GloballyOpenPorts: [9000:TCP] => Enabled:Logitech Media Server 9000 tcp (UI)

DomainProfile\GloballyOpenPorts: [9001:TCP] => Enabled:Logitech Media Server 9001 tcp (UI)

DomainProfile\GloballyOpenPorts: [9002:TCP] => Enabled:Logitech Media Server 9002 tcp (UI)

DomainProfile\GloballyOpenPorts: [9003:TCP] => Enabled:Logitech Media Server 9003 tcp (UI)

DomainProfile\GloballyOpenPorts: [9004:TCP] => Enabled:Logitech Media Server 9004 tcp (UI)

DomainProfile\GloballyOpenPorts: [9005:TCP] => Enabled:Logitech Media Server 9005 tcp (UI)

DomainProfile\GloballyOpenPorts: [9006:TCP] => Enabled:Logitech Media Server 9006 tcp (UI)

DomainProfile\GloballyOpenPorts: [9007:TCP] => Enabled:Logitech Media Server 9007 tcp (UI)

DomainProfile\GloballyOpenPorts: [9008:TCP] => Enabled:Logitech Media Server 9008 tcp (UI)

DomainProfile\GloballyOpenPorts: [9009:TCP] => Enabled:Logitech Media Server 9009 tcp (UI)

DomainProfile\GloballyOpenPorts: [9010:TCP] => Enabled:Logitech Media Server 9010 tcp (UI)

DomainProfile\GloballyOpenPorts: [9100:TCP] => Enabled:Logitech Media Server 9100 tcp (UI)

DomainProfile\GloballyOpenPorts: [8000:TCP] => Enabled:Logitech Media Server 8000 tcp (UI)

DomainProfile\GloballyOpenPorts: [10000:TCP] => Enabled:Logitech Media Server 10000 tcp (UI)

DomainProfile\GloballyOpenPorts: [9090:TCP] => Enabled:Logitech Media Server 9090 tcp (UI)

DomainProfile\GloballyOpenPorts: [3483:UDP] => Enabled:Logitech Media Server 3483 udp

DomainProfile\GloballyOpenPorts: [3483:TCP] => Enabled:Logitech Media Server 3483 tcp

StandardProfile\GloballyOpenPorts: [9000:TCP] => Enabled:Logitech Media Server 9000 tcp (UI)

StandardProfile\GloballyOpenPorts: [9001:TCP] => Enabled:Logitech Media Server 9001 tcp (UI)

StandardProfile\GloballyOpenPorts: [9002:TCP] => Enabled:Logitech Media Server 9002 tcp (UI)

StandardProfile\GloballyOpenPorts: [9003:TCP] => Enabled:Logitech Media Server 9003 tcp (UI)

StandardProfile\GloballyOpenPorts: [9004:TCP] => Enabled:Logitech Media Server 9004 tcp (UI)

StandardProfile\GloballyOpenPorts: [9005:TCP] => Enabled:Logitech Media Server 9005 tcp (UI)

StandardProfile\GloballyOpenPorts: [9006:TCP] => Enabled:Logitech Media Server 9006 tcp (UI)

StandardProfile\GloballyOpenPorts: [9007:TCP] => Enabled:Logitech Media Server 9007 tcp (UI)

StandardProfile\GloballyOpenPorts: [9008:TCP] => Enabled:Logitech Media Server 9008 tcp (UI)

StandardProfile\GloballyOpenPorts: [9009:TCP] => Enabled:Logitech Media Server 9009 tcp (UI)

StandardProfile\GloballyOpenPorts: [9010:TCP] => Enabled:Logitech Media Server 9010 tcp (UI)

StandardProfile\GloballyOpenPorts: [9100:TCP] => Enabled:Logitech Media Server 9100 tcp (UI)

StandardProfile\GloballyOpenPorts: [8000:TCP] => Enabled:Logitech Media Server 8000 tcp (UI)

StandardProfile\GloballyOpenPorts: [10000:TCP] => Enabled:Logitech Media Server 10000 tcp (UI)

StandardProfile\GloballyOpenPorts: [9090:TCP] => Enabled:Logitech Media Server 9090 tcp (UI)

StandardProfile\GloballyOpenPorts: [3483:UDP] => Enabled:Logitech Media Server 3483 udp

StandardProfile\GloballyOpenPorts: [3483:TCP] => Enabled:Logitech Media Server 3483 tcp

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:

==================

Error: (01/25/2018 01:35:17 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: The program iexplore.exe version 11.0.16299.15 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 600

Start Time: 01d3956c1579bd8a

Termination Time: 44

Application Path: C:\Program Files (x86)\Internet Explorer\iexplore.exe

Report Id: 0b7d9bf3-e35f-4450-8424-93cb46610068

Faulting package full name:

Faulting package-relative application ID:

Error: (01/24/2018 04:19:35 PM) (Source: MsiInstaller) (EventID: 11730) (User: GLH-DESKTOP-I7)

Description: Product: PDFill PDF Editor with FREE Writer and FREE Tools -- Error 1730. You must be an Administrator to remove this application. To remove this application, you can log on as an Administrator, or contact your technical support group for assistance.

Error: (01/24/2018 04:18:56 PM) (Source: MsiInstaller) (EventID: 11730) (User: GLH-DESKTOP-I7)

Description: Product: PDFill PDF Editor with FREE Writer and FREE Tools -- Error 1730. You must be an Administrator to remove this application. To remove this application, you can log on as an Administrator, or contact your technical support group for assistance.

Error: (01/24/2018 04:09:24 PM) (Source: MsiInstaller) (EventID: 11730) (User: GLH-DESKTOP-I7)

Description: Product: PDFill PDF Editor with FREE Writer and FREE Tools -- Error 1730. You must be an Administrator to remove this application. To remove this application, you can log on as an Administrator, or contact your technical support group for assistance.

Error: (01/24/2018 03:44:41 PM) (Source: MsiInstaller) (EventID: 11730) (User: GLH-DESKTOP-I7)

Description: Product: PDFill PDF Editor with FREE Writer and FREE Tools -- Error 1730. You must be an Administrator to remove this application. To remove this application, you can log on as an Administrator, or contact your technical support group for assistance.

Error: (01/24/2018 03:40:44 PM) (Source: MsiInstaller) (EventID: 11730) (User: GLH-DESKTOP-I7)

Description: Product: PDFill PDF Editor with FREE Writer and FREE Tools -- Error 1730. You must be an Administrator to remove this application. To remove this application, you can log on as an Administrator, or contact your technical support group for assistance.

Error: (01/24/2018 03:37:42 PM) (Source: SideBySide) (EventID: 35) (User: )

Description: Activation context generation failed for "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest".Error in manifest or policy file "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" on line 1.

Component identity found in manifest does not match the identity of the component requested.

Reference is UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".

Definition is UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".

Please use sxstrace.exe for detailed diagnosis.

Error: (01/24/2018 03:36:20 PM) (Source: Outlook) (EventID: 35) (User: )

Description: Failed to determine if the store is in the crawl scope (error=0x8007045b).

Error: (01/24/2018 03:36:20 PM) (Source: Outlook) (EventID: 34) (User: )

Description: Failed to get the Crawl Scope Manager with error=0x8007045b.

Error: (01/24/2018 03:34:46 PM) (Source: .NET Runtime) (EventID: 1026) (User: )

Description: Application: XeroxDeviceStatus.exe

Framework Version: v4.0.30319

Description: The process was terminated due to an unhandled exception.

Exception Info: System.IO.FileNotFoundException

at System.IO.__Error.WinIOError(Int32, System.String)

at System.IO.FileStream.Init(System.String, System.IO.FileMode, System.IO.FileAccess, Int32, Boolean, System.IO.FileShare, Int32, System.IO.FileOptions, SECURITY_ATTRIBUTES, System.String, Boolean, Boolean, Boolean)

at System.IO.FileStream..ctor(System.String, System.IO.FileMode, System.IO.FileAccess, System.IO.FileShare, Int32)

at System.Xml.XmlDownloadManager.GetStream(System.Uri, System.Net.ICredentials, System.Net.IWebProxy, System.Net.Cache.RequestCachePolicy)

at System.Xml.XmlUrlResolver.GetEntity(System.Uri, System.String, System.Type)

at System.Xml.XmlTextReaderImpl.FinishInitUriString()

at System.Xml.XmlReaderSettings.CreateReader(System.String, System.Xml.XmlParserContext)

at System.Xml.Linq.XDocument.Load(System.String, System.Xml.Linq.LoadOptions)

at JobTracker.JobTrackerApplication.LaunchToastNotification(System.String, System.String, System.String, System.String, System.String, System.String)

at JobTracker.JobTrackerApplication.ProcessBidiUpdate(EventEnum, ObserverPriorityEnum)

at CoreInterop.EventObserverClr.raise_NotificationReceivedEvent(EventEnum, ObserverPriorityEnum)

at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)

at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)

at System.Windows.Application.RunDispatcher(System.Object)

at System.Windows.Application.RunInternal(System.Windows.Window)

at JobTracker.JobTrackerApplication.Main()

System errors:

=============

Error: (01/25/2018 01:45:49 PM) (Source: DCOM) (EventID: 10016) (User: GLH-DESKTOP-I7)

Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID

{D63B10C5-BB46-4990-A94F-E40B9D520160}

and APPID

{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}

to the user GLH-DESKTOP-I7\garyh SID (S-1-5-21-1582027158-3427342393-2586192252-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (01/25/2018 04:25:54 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)

Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID

{C2F03A33-21F5-47FA-B4BB-156362A2F239}

and APPID

{316CDED5-E4AE-4B15-9113-7055D84DCC97}

to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (01/25/2018 04:25:54 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)

Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID

{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}

and APPID

{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}

to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (01/25/2018 04:25:54 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)

Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID

{C2F03A33-21F5-47FA-B4BB-156362A2F239}

and APPID

{316CDED5-E4AE-4B15-9113-7055D84DCC97}

to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (01/25/2018 04:25:54 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)

Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID

{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}

and APPID

{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}

to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (01/25/2018 04:25:54 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)

Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID

{C2F03A33-21F5-47FA-B4BB-156362A2F239}

and APPID

{316CDED5-E4AE-4B15-9113-7055D84DCC97}

to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (01/25/2018 04:25:54 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)

Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID

{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}

and APPID

{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}

to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (01/25/2018 04:25:54 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)

Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID

{C2F03A33-21F5-47FA-B4BB-156362A2F239}

and APPID

{316CDED5-E4AE-4B15-9113-7055D84DCC97}

to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (01/25/2018 04:25:54 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)

Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID

{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}

and APPID

{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}

to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (01/24/2018 05:22:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The eapihdrv service failed to start due to the following error:

This driver has been blocked from loading

CodeIntegrity:

===================================

Date: 2018-01-25 15:13:59.884

Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-01-25 15:13:59.883

Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-01-25 14:58:59.063

Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-01-25 14:58:59.062

Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-01-25 14:45:59.547

Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-01-25 14:45:59.543

Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-01-25 14:43:58.552

Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-01-25 14:43:58.550

Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-01-25 14:28:58.149

Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-01-25 14:28:58.148

Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-4770 CPU @ 3.40GHz

Percentage of memory in use: 31%

Total physical RAM: 16322.37 MB

Available physical RAM: 11245.07 MB

Total Virtual: 32706.37 MB

Available Virtual: 25879.5 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.25 GB) (Free:38.28 GB) NTFS

Drive d: (TurboTax 2017) (CDROM) (Total:0.27 GB) (Free:0 GB) CDFS

Drive e: (New Volume) (Fixed) (Total:931.51 GB) (Free:384.06 GB) NTFS

Drive f: (Shared Media Backup) (Fixed) (Total:465.76 GB) (Free:5.91 GB) NTFS

Drive h: () (Removable) (Total:59.13 GB) (Free:59.12 GB) FAT32

==================== MBR & Partition Table ==================

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 5D226E4A)

Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=111.3 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

========================================================

Disk: 3 (Size: 465.8 GB) (Disk ID: A4B57300)

Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

========================================================

Disk: 4 (Size: 59.2 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================

Thank you as always for your help over the years. I'll wait till I hear from you before I try the repair process.

Broni · Jan 25, 2018

I don't see anything malicious there.
It must be some Windows issue.
I suggest new topic in Windows forum.

glhglh · Jan 25, 2018

Thanks, I appreciate it!

Broni · Jan 25, 2018

You're very welcome

Inactive Problem with 92062d.msi won't allow programs to install or uninstall

glhglh

Posts: 701 +0

glhglh

Posts: 701 +0

glhglh

Posts: 701 +0

Broni

Posts: 56,041 +516

glhglh

Posts: 701 +0

Broni

Posts: 56,041 +516

glhglh

Posts: 701 +0

Broni

Posts: 56,041 +516

glhglh

Posts: 701 +0

glhglh

Posts: 701 +0

glhglh

Posts: 701 +0

glhglh

Posts: 701 +0

glhglh

Posts: 701 +0

glhglh

Posts: 701 +0

Broni

Posts: 56,041 +516

glhglh

Posts: 701 +0

Broni

Posts: 56,041 +516

Similar threads

Latest posts