Buonasera a tutti.
Mi trovo a dover scrivere perché ho bisogno del vostro aiuto. Sono stato un pirlone, lo so, ma ci sono caduto dentro mani e piedi. In cosa? Allora: guardando la mia posta su un tablet android ho visto tra le altre una mail proveniente da Photo.net. Photo.net è un sito per fotografi al quale ero iscritto da 12 anni ma per il quale non ho rinnovato l'iscrizione in quanto non lo trovo più utile e interessante. La mail parlava di rinnovo automatico dal 1° ottobre. Mi sono subito "arrabbiato" e non ho pensato neanche un minuto alla possibilità di pishing. Quindi apro la mail, la leggo ed essendoci anche dei link al regolamento, al sito, alle mie impostazioni personali comincio a cliccare per fare chiarezza. Poi un link portava ad un sito, uno dove avrebbe dovuto esserci il regolamento in realtà c'era qualcosa scritto che sembrava quando non si riesce a raggiungere un sito e gli altri non ricordo. Ma ero al lavoro, quindi ho dato una occhiata veloce. Poi a casa ho rifatto lo stesso errore, con più calma, ma comunque dopo cena, ho riaperto la mail con i mei due PC (un fisso ed un portatile, quest'ultimo nuovo, tenuti maniacalmente non essendo io uno che ne capisce molto). Ho poi scritto al forum del sito ed ho scoperto che anche altri intimavano di non volere il rinnovo automatico, fino a quando, ieri, si è capito che le mail non erano state spedite dal sito ma da qualcuno in Cina, e che sicuramente la mail avrebbe dovuto essere cestinata e mai cliccare su uno dei suoi link; leggendo sul forum gli altri utenti hanno individuato uno script in java, altri un exe all'interno di uno zip,....io non ricordo esattamente cosa ho fatto e su quale PC ho cliccato, se su uno o su tutti e tre (incredibile a pensarci adesso...), fatto sta che adesso ho paura di avere i PC infettati. Sui miei due di casa ho effettuato una scansione con Mac Afee Life Save, a cui sono abbonato, che non ha riscontrato nulla. Poi su quello fisso ho installato Bit Defender in versione gratuita ed anche questo non segnala nulla di anomalo.
La domanda che pongo a voi esperti è questa:
- si può essere certi che se la scansione con Mac Afee non segnala nulla di anmalo il PC non sia infettato?
- cosa dovrei fare secondo voi?
- visto che la mail parlava di "rinnovo con passaggio automatico al profilo Premium" il 1/10/2017..devo temere che il virus o malware o quello che è possa fare la sua azione il primo di ottobre?
- ha senso cambiare le password ai miei accessi principali (posta, banca, carta di credito, paypal...) su un PC potenzialmente infetto?

Sono stato proprio un babbeo, ma la mail era in inglese, in realtà aveva un senso che potessi riceverla perché non rinnovavo l'abbonamento dopo più di dieci anni...ora però non ci dormo.
I mie PC di casa sono entrambi con Windows 10, due DELL:
il portatile è un XPS 15. il fisso un Dell XPS8700.
(Ah, il tablet: è un Samsung android. Su questo ho installato, dopo il fattaccio però, la versione di prova di Kaspersky ed anche questo dice che il tablet non ha problemi...ma vale per lui quanto detto sopra per i PC).

Dopo due o tre giorni non noto comportamenti anomali, a parte che il portatile ha fatto due aggiornamenti BIOS (....?) e che qualche volta le pagine internet si sono bloccate e devo chiuderle e ricaricarle.....ma per il resto è tutto come prima, anche se adesso mi sembra di vedere comportamenti anomali e minacce dappertutto.
Grazie a chi vorrà/potrà aiutarmi grazie alla sua competenza.

Massimo

ecco la mail...in effetti l'indirizzo di spedizione era una indicazione forte della provenienza farlocca, ma era tanta la sorpresa che ci sono caduto. Ho cancellato il mio nome, cognome e mail, ed i link...

Da: photo at sudjam punto com
Data: 21-set-2017 13.08
A: .......
Ogg: Your Photo.net Subscription Confirmation and Receipt




Dear photo.net member,...........

Your account will be billed and switched automatically to Premium Membership starting October 1, 2017.


Please read Details and our Terms & Conditions of Use changes here
Here is what you will get as a Premium Member for less than $2.50/month
($29.95 billed annually)
Please note: If you already have a premium membership please follow the steps provided in the link above.*
*

Premium Membership includes:
Ad Free Portfolio
"Follow" link to your website - see My Account
Discounted Photography Insurance
- use code photoinsurance2016 (US only)
Sell (and buy) your photography prints on photo.net!
Unlimited Uploads
Photography Contests
For more on your Premium Membership benefits please visit here.
*
*
Thank you for for becoming a premium member !
Your account will be billed $29.95 yearly.
The next charge will be 10/01/2017.


Your Receipt:
You Purchased:
1 year Premium Membership
You Paid:
$29.95
Your Name:
..........
Your Email:
.............
Premium Expires:
Sunday 1th of*October 2018
*
Since 1993, photo.net has been an engaging community for photography enthusiasts, collaborative peer-to-peer educational platform for photographers ranging from hobbyists to professionals. We have created an online community that brings people together and provides lively forums , competitive photo contests , information about the hottest gear , tutorials to help you on your journey, inspirational interviews, and more. But in today's internet environment, in order for us to survive, we are no longer able to provide free service to all of our members ! We know that this is difficult to hear, just as it was a difficult decision to make.

Aggiungo che oltre che con MacAfee ho effettuato una scansione anche con Bit Defender e non mi dà allarmi, ma c'è da fidarsi? Oppure da qualche parte il virus si può ancora annidare? E come fare ad essere certo che il mio Pc non è afffetto da qualche virus che ho preso aprendo la mail e cliccando sui vari link come un babbeo?

Ciao
esegui i software sotto in sequenza come postati :

Malwarebyte antimalware scaricalo da qui https://it.malwarebytes.com/
fai la scansione ed elimina cio che trova e posta il log generato

Poi scarica adwcleaner da qui https://www.bleepingcomputer.com/download/adwcleaner/
tasto dx sopra eseguibile avvia come amministratore e fai la scansione
elimina quello che trova e posta il log

Scarica tdsskiller da qui https://www.bleepingcomputer.com/download/tdsskiller/
Fai una scansione e dopo
Posta il log report

Poi scarica Malwarebyte Antirootkit da qui https://it.malwarebytes.com/antirootkit/
Segui la guida fornita nel sito nella stessa pagina del download
Posta il log report

Infine ,esegui una scansione con roguekiller...
Scaricalo da qui...
http://www.adlice.com/download/roguekiller/
Segui questa guida per usare il programma
http://it.ccm.net/faq/3204-come-usare
Cancella solo le voci di colore rosso...
Posta il.report

Infine scarica frst da qui https://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/
scarica la versione adatta al tuosistemaoperativo 32 o 64 bit
posiziona l eseguibile sul desktop
tasto dx sopra eseguibile--apri comeamministratore
una volta aperto clicca su scan
postare log frst.txt e addition.txt

le scansioni sono tutte relativamente veloci...

Ciao

Grazie mille Dan, stasera eseguo. Intanto ho verificato sul PC di lavoro dove sono adesso: c'è installato un Symantec endpoint ed aveva individuato e cancellato il virus. Nel report c'è scritta la posizione dove lo hanno individuato:

C:\users\miausers\AppData\Local|Temp\Temp1_Photonet_membership_Premium_Info_html.zip\

Il virus è JS.Downloader!gen39

Cancellato.

Ora: o sui miei PC di casa non l'ho scaricato, oppure BitDefender e MacAfee ...fanno cilecca.
Il brutto è che non mi ricordo su ogni PC cosa ho fatto...va bè intanto stasera eseguo quanto suggeritomi.
Ciao

Sul PC fisso di casa ho eseguito alcuni dei tool indicatimi. Non ho eseguito due dei 6 processi:
il 4° (ANTIROOKIT) perché nbel sito era scritto che è una versione Beta e che potrebbe creare dei problemi al funzionamento del computer, ed io che non sono bravo in queste cose temo che in questo caso non sarei riuscito a rimediare.
Il 6° (FARBAR RECOVERY TOOL) perché Windows mi ha bloccato dicendomi che è poco scaricato e quindi potenzialmente dannoso, e poi mi da la possibilità di eseguire comunque ma non come amministratore.

Aspetto vostre indicazioni se e come procedere anche con questi due tools. Di seguito i report degli altri 4.

Adw cleaner 1° report

Adv Cleaner report dopo pulizia

Tdss killer il report devo incollarlo perchè è troppo grosso per allegarlo-

Tdss killer

19:45:34.0170 0x119c TDSS rootkit removing tool 3.1.0.15 Apr 18 2017 11:34:02
19:45:34.0170 0x119c UEFI system
19:45:39.0720 0x119c ============================================================
19:45:39.0720 0x119c Current date / time: 2017/09/25 19:45:39.0720
19:45:39.0720 0x119c SystemInfo:
19:45:39.0720 0x119c
19:45:39.0720 0x119c OS Version: 10.0.15063 ServicePack: 0.0
19:45:39.0720 0x119c Product type: Workstation
19:45:39.0720 0x119c ComputerName: PC-MASSIMO
19:45:39.0720 0x119c UserName: Massimo
19:45:39.0720 0x119c Windows directory: C:\WINDOWS
19:45:39.0720 0x119c System windows directory: C:\WINDOWS
19:45:39.0720 0x119c Running under WOW64
19:45:39.0720 0x119c Processor architecture: Intel x64
19:45:39.0720 0x119c Number of processors: 8
19:45:39.0720 0x119c Page size: 0x1000
19:45:39.0720 0x119c Boot type: Normal boot
19:45:39.0720 0x119c CodeIntegrityOptions = 0x00000001
19:45:39.0720 0x119c ============================================================
19:45:40.0871 0x119c KLMD registered as C:\WINDOWS\system32\drivers\76736674.sys
19:45:40.0871 0x119c KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 15063.0, osProperties = 0x19
19:45:41.0117 0x119c System UUID: {554AAF06-7297-6B7B-6678-127C4EBCE30A}
19:45:41.0457 0x119c Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:45:41.0457 0x119c Drive \Device\Harddisk1\DR1 - Size: 0x3B9E656000 ( 238.47 Gb ), SectorSize: 0x200, Cylinders: 0x799A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:45:41.0507 0x119c ============================================================
19:45:41.0507 0x119c \Device\Harddisk0\DR0:
19:45:41.0652 0x119c GPT partitions:
19:45:41.0653 0x119c \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {BB3B5887-9231-4E28-9C53-E404E0EC1F87}, Name: Microsoft reserved partition, StartLBA 0x800, BlocksNum 0x40000
19:45:41.0654 0x119c \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {1770B15B-C2B4-4AA2-8EFE-05C3618457D3}, Name: Basic data partition, StartLBA 0x40800, BlocksNum 0xE8DC8000
19:45:41.0654 0x119c MBR partitions:
19:45:41.0654 0x119c \Device\Harddisk1\DR1:
19:45:41.0654 0x119c GPT partitions:
19:45:41.0656 0x119c \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {CF8879A9-04CB-4974-B6C4-0C66E949AFE8}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0xFA000
19:45:41.0656 0x119c \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {796BADD3-6BBF-4D9F-B631-466EB71A4965}, UniqueGUID: {E0542F16-9FC1-4F12-8132-D5F20876818B}, Name: Basic data partition, StartLBA 0xFA800, BlocksNum 0x14000
19:45:41.0656 0x119c \Device\Harddisk1\DR1\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {6A991581-7309-43A6-93EB-16CC4E0F2730}, Name: Microsoft reserved partition, StartLBA 0x10E800, BlocksNum 0x40000
19:45:41.0656 0x119c \Device\Harddisk1\DR1\Partition4: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {F1C348B9-AF0D-4337-ADAA-78822DED5633}, Name: Basic data partition, StartLBA 0x14E800, BlocksNum 0x400000
19:45:41.0657 0x119c \Device\Harddisk1\DR1\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {C223472A-7377-462C-8047-D194B7F99553}, Name: Basic data partition, StartLBA 0x54E800, BlocksNum 0x1C336800
19:45:41.0657 0x119c \Device\Harddisk1\DR1\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {272AD64E-825C-4506-BE25-A2B39C6AD217}, Name: , StartLBA 0x1C885000, BlocksNum 0xE1000
19:45:41.0657 0x119c \Device\Harddisk1\DR1\Partition7: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {E4A92B2B-6094-47A1-8D73-4F0D5AC3AE4A}, Name: Microsoft recovery partition, StartLBA 0x1C966000, BlocksNum 0x138CAB0
19:45:41.0657 0x119c MBR partitions:
19:45:41.0657 0x119c ============================================================
19:45:41.0662 0x119c C: <-> \Device\Harddisk1\DR1\Partition5
19:45:41.0682 0x119c D: <-> \Device\Harddisk0\DR0\Partition2
19:45:41.0682 0x119c Z: <-> \Device\Harddisk1\DR1\Partition4
19:45:41.0682 0x119c ============================================================
19:45:41.0687 0x119c Initialize success
19:45:41.0687 0x119c ============================================================
19:45:49.0002 0x2b8c ============================================================
19:45:49.0002 0x2b8c Scan started
19:45:49.0002 0x2b8c Mode: Manual;
19:45:49.0002 0x2b8c ============================================================
19:45:49.0002 0x2b8c KSN ping started
19:45:49.0252 0x2b8c KSN ping finished: true
19:45:49.0827 0x2b8c ================ Scan system memory ========================
19:45:49.0827 0x2b8c System memory - ok
19:45:49.0827 0x2b8c ================ Scan services =============================
19:45:49.0877 0x2b8c [ AAB860A5E606B9621E130D8C29D3F305, 93466620433B27F3BCFECDA26DD420AD1E5219034BA3B4E930EDED6D6728AE5C ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
19:45:49.0887 0x2b8c 1394ohci - ok
19:45:49.0907 0x2b8c [ 4140B14929C555E9513D59A2EEB5C471, 39A8400B3AA7FB1D8EBE87E65F89881AB23B6AE911BECAEC1FD86C7DADD4F1AA ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
19:45:49.0912 0x2b8c 3ware - ok
19:45:49.0937 0x2b8c [ AC251B31370C1E00F577928260B8939F, D60946F1C43A8C2B9C989A1E259FDA44055F94766615F344CF8E28A7F104BC70 ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
19:45:49.0952 0x2b8c ACPI - ok
19:45:49.0957 0x2b8c [ 3E5E5DAE5CAEC0209C93D3AD8128D8A0, 5CFA4D715AE8D928EA11F213C5A7B0B1C1705D2A8FF041E0A1988E645E669C54 ] AcpiDev C:\WINDOWS\System32\drivers\AcpiDev.sys
19:45:49.0957 0x2b8c AcpiDev - ok
19:45:49.0962 0x2b8c [ F72D7CC7E7A97A09757313F3B4C7E17A, 36E3363380C51A2DB58D3177655A0A75DAA977C00C5A9C60A189068C0AFDC643 ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
19:45:49.0962 0x2b8c acpiex - ok
19:45:49.0970 0x2b8c [ F04B6F53FBDB2B6B0451AE53DE19F0C9, 41A8C314A46867BAA45CD9666AAF734AD45B74E2033A8E66D93E17CDDAD66578 ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
19:45:49.0971 0x2b8c acpipagr - ok
19:45:49.0974 0x2b8c [ C347A6095F3BE417D24F1E1349F4AF0F, 72C9D759BB132985AF55860658DC01F08590A2BD7E976FCF25E1314C5AA1D37B ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
19:45:49.0976 0x2b8c AcpiPmi - ok
19:45:49.0978 0x2b8c [ 686BFFC47454DD2F58795C2EE891CA9F, 6CC4B6679914742D700A8373DED2DD9A821CA5284D4D73493BA0855DB8E6520A ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
19:45:49.0979 0x2b8c acpitime - ok
19:45:49.0997 0x2b8c [ FBDA59118E59B3722248C66BAD89CAA9, 11AB83499757E3143834348DE39E85D56EC853071C96337C3ADD8A1E374C6CBC ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS
19:45:50.0012 0x2b8c ADP80XX - ok
19:45:50.0027 0x2b8c [ 5A6D591D56791BA63CE73FCAD60D89A1, 7467E40EF0653A1A09CFD28A1EF8B75052D010E42C32F2E8B60B98ED87092CE1 ] AFD C:\WINDOWS\system32\drivers\afd.sys
19:45:50.0037 0x2b8c AFD - ok
19:45:50.0078 0x2b8c [ 078B785A7533B7059A236017B3B060A4, 43B3E716009136A5A5A86BF8546DE6C416CA3B7F8EEC242D9D44EF12111B7A6E ] AGSService C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
19:45:50.0102 0x2b8c AGSService - ok
19:45:50.0107 0x2b8c [ 1D914C996F2C3134E2344BB74F79BCF6, D27AF01BA29784555AF7D2E89A3A65E81D6AFE1D3C7E8F9367F06D9DF5F88069 ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
19:45:50.0112 0x2b8c ahcache - ok
19:45:50.0117 0x2b8c [ 41856B40EE15F96DEC8755AB01FA3CF7, 33C3C899AF9CA15BE5A4CF097FF43DF3F0DBA0E48B6F1E28AE3E76AD76A1C361 ] AJRouter C:\WINDOWS\System32\AJRouter.dll
19:45:50.0117 0x2b8c AJRouter - ok
19:45:50.0122 0x2b8c [ F485CA5559DB37A4882467A4F7D58BEA, A1C648EFE12A5A3356BC0949372ADD0FF0CA2F5A8F992EB71C87E9C0D5C92BB2 ] ALG C:\WINDOWS\System32\alg.exe
19:45:50.0122 0x2b8c ALG - ok
19:45:50.0132 0x2b8c [ D3E9EEDC0128DD1FB9E45D85E7E21F0B, 73853DC77CCE335F1571DB31C6F7E97D71625DC6226089E8281F62020F58CB8F ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe
19:45:50.0142 0x2b8c AMD External Events Utility - ok
19:45:50.0147 0x2b8c [ 9C39FBA94FFEF04561D13ED0D1B50DD0, 53FA118DEF37F0BA6030B9CB4C17019E6B5934941514756D66143B7BB66D7CA1 ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
19:45:50.0147 0x2b8c AmdK8 - ok
19:45:50.0152 0x2b8c [ 66CD2F9A6AD1B720E448053B5CE6F3A4, D9156F311E36297BE63A5BE8E41AA2E6C32AA5A9BD188C4BC6D804BA39F71E15 ] amdkmafd C:\WINDOWS\system32\drivers\amdkmafd.sys
19:45:50.0152 0x2b8c amdkmafd - ok
19:45:50.0168 0x2b8c amdkmdag - ok
19:45:50.0180 0x2b8c [ 0E2B0B8C871A4BDA103B857E07CAC833, 80A3DB55FEBD3C6FEC0C6078D998F2B3A802425569F57ABCB2AF0D5C37D4A280 ] amdkmdap C:\WINDOWS\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmpag.sys
19:45:50.0187 0x2b8c amdkmdap - ok
19:45:50.0192 0x2b8c [ 395D56FA2E22A10AE4774440D086F559, 24D7CBE9B82DC8900D9A5E345347FEC330D47FDBD1517A2AC10218BA2A9DFAA9 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
19:45:50.0192 0x2b8c AmdPPM - ok
19:45:50.0197 0x2b8c [ EB729A9ADCB9F9C406B533F95E2F67D4, EDCB8E39C503FF30ECB82F368242179E2788C12B4FD9B557F38380A934E7D8E7 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
19:45:50.0202 0x2b8c amdsata - ok
19:45:50.0207 0x2b8c [ 3B5C5C696F33FE61F1922533B03B9316, C9BAAA9B02547C66A276A31958DFD2A289C5963A4EE3FF306535565240D816CC ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
19:45:50.0212 0x2b8c amdsbs - ok
19:45:50.0212 0x2b8c [ A7D45A303FF8A9493C96C4B804051E6E, 6074C264876A398039D3F89905A486ABA5BDACA038B79920A34323B38CFCB358 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
19:45:50.0217 0x2b8c amdxata - ok
19:45:50.0222 0x2b8c [ 5180537517C27375B1F2CB37ED599FAF, 121BF0E3BDE068CC1E1E9B24DC334BA29348725E9BFB790699E4CC66664A4C3D ] AppID C:\WINDOWS\system32\drivers\appid.sys
19:45:50.0227 0x2b8c AppID - ok
19:45:50.0232 0x2b8c [ F7FEBF66A705F18DC063DFD259F15102, 394DA8A7355573C4D81C375450DF5C5B2FA6360E246B06FDE8E7F9ADF21360FA ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
19:45:50.0232 0x2b8c AppIDSvc - ok
19:45:50.0237 0x2b8c [ 43116A8BCA28D336205D539EAAE200C6, AC4783D766949770FEBAA55BD38CA0DB703944D64A4AEC8754C023807002A72B ] Appinfo C:\WINDOWS\System32\appinfo.dll
19:45:50.0237 0x2b8c Appinfo - ok
19:45:50.0242 0x2b8c [ EAF36A714E16A69B8B4ED7591CBA77B6, 11FE2A5D991FB8AF78F4E78FB6DF02005EC5404DC298FE2D4E7774BB0011AB52 ] applockerfltr C:\WINDOWS\system32\drivers\applockerfltr.sys
19:45:50.0242 0x2b8c applockerfltr - ok
19:45:50.0257 0x2b8c [ 91DB5775249920FD245851E0BC97D8C4, FCB53766AB377EF2E385CD2F6D0D2CEF485C07A5EAAB68FB1C798E6264832386 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll
19:45:50.0267 0x2b8c AppReadiness - ok
19:45:50.0307 0x2b8c [ BFFD13AC0E8D9B044B4D41E09C3E6991, FD1EB0785F79477D0ADF43976DC3FE8721615C9B98DEE693694F037E490EA92D ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll
19:45:50.0342 0x2b8c AppXSvc - ok
19:45:50.0347 0x2b8c [ 6E456A94B9BD7F6B4758729BCEDE40C3, 2F3146AC960992FA947A8E8C4D5497624A5BC69B7A3EECA117AD599C70DDE8E3 ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
19:45:50.0352 0x2b8c arcsas - ok
19:45:50.0352 0x2b8c [ 766F3A7E42AFCF74265FAC78987D1665, 8FE82913DF5CF79B49B28B3CD782AF09FF30585A37473AE3E518A26C5D6453D0 ] AsyncMac C:\WINDOWS\System32\drivers\asyncmac.sys
19:45:50.0357 0x2b8c AsyncMac - ok
19:45:50.0357 0x2b8c [ 01733BEEE02E51F712330D5909BD701C, A583B482DBE701A752EDFDEAE2EF16D7160DFEA6077E0C8EF013828E285D960A ] atapi C:\WINDOWS\system32\drivers\atapi.sys
19:45:50.0362 0x2b8c atapi - ok
19:45:50.0379 0x2b8c [ 6E7122FFFF7BEFB1DC256234E02CE1B9, BB67C41A4164287B928556D3C1615ACDAD7D3B66CF3C4C1D4AE1726EEC9425D6 ] atc C:\WINDOWS\system32\DRIVERS\atc.sys
19:45:50.0393 0x2b8c atc - ok
19:45:50.0398 0x2b8c [ 2A38B5218A7BE3CE0E0B3D92E3844782, 2B0799EF6E5A5EE65AC91E394F6C0EDE95067BB96567FD25DA0C003F9FB7E84E ] AtiHDAudioService C:\WINDOWS\system32\drivers\AtihdWT6.sys
19:45:50.0398 0x2b8c AtiHDAudioService - ok
19:45:50.0413 0x2b8c [ 329F315D04B64BC185A59FE17A2AD6CE, B9721AD1641E3E96D1C07294884506EBED5D05921A9F9FC263711C28AD040693 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
19:45:50.0418 0x2b8c AudioEndpointBuilder - ok
19:45:50.0443 0x2b8c [ 67ADB26CC1B504E9566B9106277DE92B, AF137C9FE9B3A231C7662F2E59EF12482396CFD8AC020DF6BDBFDD9A1209A98D ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
19:45:50.0458 0x2b8c Audiosrv - ok
19:45:50.0488 0x2b8c [ 39993659695A6C37933AA2A4B5477622, 4F2F4B27AC7F1B7936156F8C1500B80739FF6E809C1FB4B6C65EEC9D073679B1 ] avc3 C:\WINDOWS\system32\DRIVERS\avc3.sys
19:45:50.0507 0x2b8c avc3 - ok
19:45:50.0512 0x2b8c [ 6086B5EE0DA4600B2EC2725D82DEB74E, C67CA7021D710CFDCF62B17A2B2890E61E4F1E3D956312688454FD85738C303F ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
19:45:50.0517 0x2b8c AxInstSV - ok
19:45:50.0527 0x2b8c [ 0914A5E66C0775CE11960452A6434FEC, 978C1E20023841FBFEF0CEAFE09EDB679612C8E5986C6E40C1F6D0835112D13E ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
19:45:50.0537 0x2b8c b06bdrv - ok
19:45:50.0542 0x2b8c [ F8129321B1874D4386F7FEB754BC3380, 7264E7E2A339E456C0A1A40FDFAE0D202905467400B93FA0700498B86172337F ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
19:45:50.0542 0x2b8c BasicDisplay - ok
19:45:50.0547 0x2b8c [ E2BFD01BD0ECF2BDE9420022147952A4, 7798211996143067787881A1362D07B95CF688E96192E3627D30347C719D40CB ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
19:45:50.0547 0x2b8c BasicRender - ok
19:45:50.0552 0x2b8c [ 739D089777D2B66DBE7201E5EA4BA2D7, 9AD12E18A042C5B8EFB19297BC2E7BD1FEF75A138FEFB64C6BF0261FD3E53AB1 ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys
19:45:50.0552 0x2b8c bcmfn2 - ok
19:45:50.0557 0x2b8c [ 4B190ACAE90EC79AD4D43EFCD3743DA0, 9D5187D4E1DF1672DEA2EF5C910FCA08BD8ED0573A55DF774E5300312ED87E05 ] bdelam C:\WINDOWS\system32\drivers\bdelam.sys
19:45:50.0557 0x2b8c bdelam - ok
19:45:50.0567 0x2b8c [ C3B27514035315E3C1FCE64E69E253ED, 03AF100927077AD608C5EA47A17081CEA849F44C471AF978F410B83E2ABA5AE7 ] BDESVC C:\WINDOWS\System32\bdesvc.dll
19:45:50.0572 0x2b8c BDESVC - ok
19:45:50.0577 0x2b8c [ 2002BA3B4D228547D73E2ADB9EFF7BB1, 0BAF65045F415B5EEFC5014616249C16883AB60273C12940E5CCC56D1B10C4DE ] bdfwfpf C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys
19:45:50.0582 0x2b8c bdfwfpf - ok
19:45:50.0582 0x2b8c [ 802F75687B8C129917785F7AAB16BA2B, 850008EB03D82CEBC6DEADC62373250F5F865615DD502A8146D0E72F3CFE8CBC ] bdprivmon C:\WINDOWS\system32\DRIVERS\bdprivmon.sys
19:45:50.0588 0x2b8c bdprivmon - ok
19:45:50.0618 0x2b8c [ EEC7C45FAB1EDB61B2C8CF32CAAEC062, A40A53E5BDEAABCD75EE266C3B76396B632EB55BDC0CA2486BAE5FD47C9CA5CD ] bdredline C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe
19:45:50.0638 0x2b8c bdredline - ok
19:45:50.0643 0x2b8c [ D8FAF7CFBC81E5E15CA7A7EC8EE1B409, 75E60DF2147DFB109E628FDF80EB1BFA5360E5935BB9237B67053588F906E1B1 ] BDVEDISK C:\WINDOWS\system32\DRIVERS\bdvedisk.sys
19:45:50.0648 0x2b8c BDVEDISK - ok
19:45:50.0653 0x2b8c [ ED03D2ACE378C9EB8BB957ABBD85B951, E9AE3025DC4956B736651B20AEA665909C2B468F9AE3E317F545DD4EEEA7D9E8 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
19:45:50.0653 0x2b8c Beep - ok
19:45:50.0668 0x2b8c [ 1FDC6CB56572203E6F4BF4E3FB30B886, 81D5C77C823DC078EEEB2DABEE5203D542C824E04FEDD96AA58F96037C065155 ] BFE C:\WINDOWS\System32\bfe.dll
19:45:50.0699 0x2b8c BFE - ok
19:45:50.0723 0x2b8c [ 5C0D4DBACB90D9ECE77907F4F6CF9EF6, FC29F03FB7E58A9ED17A34BC2D8E39533070B8B23D1A110622C3A213BF48CD2D ] BITS C:\WINDOWS\System32\qmgr.dll
19:45:50.0738 0x2b8c BITS - ok
19:45:50.0743 0x2b8c [ 2342B8619193B0D9FAC0D02C69DCE74A, 06A1512C9750ACD154DE8873DE6628355B7195759CE54FA96097EA6D56BE320E ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
19:45:50.0748 0x2b8c bowser - ok
19:45:50.0758 0x2b8c [ 06373FF017097FD40D60219980871FA0, 9366823AA3C248DD06FBFA237DCFDB2A9B7F93BA7115D235792DD81DDDA79C1F ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
19:45:50.0773 0x2b8c BrokerInfrastructure - ok
19:45:50.0778 0x2b8c [ 9C7F445B018AB4744B6E0C657B5D1833, 83D04F5E3D4BA46BBD8A67764A60F5731F86B0BE3A85C2858E002ABCC362F592 ] Browser C:\WINDOWS\System32\browser.dll
19:45:50.0783 0x2b8c Browser - ok
19:45:50.0783 0x2b8c [ AF57F0B0E284BE06860A7B701341324D, F94E44C777FDC049158B7BF73DAFCDB103D08493AC898D1C928771650F664412 ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
19:45:50.0789 0x2b8c BthAvrcpTg - ok
19:45:50.0793 0x2b8c [ CE5210E1DFD49B2F02507C30B9B26CB4, DEFF3AC61FFD39EDB5C42E2623B35471292A5182A001511D9209C4BA5377A3E1 ] BthEnum C:\WINDOWS\System32\drivers\BthEnum.sys
19:45:50.0795 0x2b8c BthEnum - ok
19:45:50.0800 0x2b8c [ E1E55BA45510B2B0309E2C77ABEB1BFE, EA7BDEC354190F1033B14847606220D414C1A52C938C9327A4765032D28B6960 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
19:45:50.0802 0x2b8c BthHFEnum - ok
19:45:50.0803 0x2b8c [ 336A9C0254A0178ED50281B6EDF5B836, C9C454C6EC4FF5897B1873A7E90D1CE8122E43783E978A570CEA75E15F65DE97 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
19:45:50.0808 0x2b8c bthhfhid - ok
19:45:50.0813 0x2b8c [ 47D2C4722BF3C7340B475B386AA8D78D, 045F63F8E2E222E192880EDDC4B54C3741F42ED9C13322678BE2AAF28BB240CD ] BthHFSrv C:\WINDOWS\System32\BthHFSrv.dll
19:45:50.0823 0x2b8c BthHFSrv - ok
19:45:50.0828 0x2b8c [ 2175D891ABDC407699FFDBC4C3B131FA, 07B858B2B8AEF62682FCCF7CFC4B23A6073D3E55B2E96F4BA63B6031D234A9AA ] BthLEEnum C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys
19:45:50.0828 0x2b8c BthLEEnum - ok
19:45:50.0833 0x2b8c [ 5428242193611BF91DDBF4F58900A55A, 91D59B0D0C7CA3DBBA8CA7CAD1E24845A224F451FC1880BE8CB7C1585AC79080 ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
19:45:50.0833 0x2b8c BTHMODEM - ok
19:45:50.0838 0x2b8c [ D8044E77B06BAE2F8B5C48F3C7E1FF98, 85055EE08BAB6A55FEA1DAA385CDE9940B5BA31B5D4B84ADFE629C1AD94D8B3A ] BthPan C:\WINDOWS\System32\drivers\bthpan.sys
19:45:50.0843 0x2b8c BthPan - ok
19:45:50.0858 0x2b8c [ 27B7348B88DE2F93C4FB4D53EC469AB0, 6B36724956C6A8AC453F279AF4CF70FD12BD57DFC68D880EBD84DFFDABF499BD ] BTHPORT C:\WINDOWS\System32\drivers\BTHport.sys
19:45:50.0873 0x2b8c BTHPORT - ok
19:45:50.0878 0x2b8c [ 6927D295017E9F1A5D655A8F3A122672, 4B686C93056924580390440B49C721BD9039D5C972994D8EA96CA848B786B693 ] bthserv C:\WINDOWS\system32\bthserv.dll
19:45:50.0883 0x2b8c bthserv - ok
19:45:50.0889 0x2b8c [ FA5CE6301192DD6ED4AA747B2C88FD42, F06A7748FCB6BBF0BB0A8348F505A1703EF2D1B59DC5BA6B600951200463F876 ] BTHUSB C:\WINDOWS\System32\drivers\BTHUSB.sys
19:45:50.0891 0x2b8c BTHUSB - ok
19:45:50.0894 0x2b8c [ FF4F46CEF5ED7FDE650CA1D73D9FB663, 42B1E911793D57D148ABCB5CEC5990A62E4C8FE17F9D71951AEA3921DC6B4DE3 ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
19:45:50.0896 0x2b8c buttonconverter - ok
19:45:50.0899 0x2b8c [ 029434AC0A3935F9125ABBD08BF7C30B, 742338B882488CA83F502ACEBFEDC2783B8D9D6C391FE1088988276315A065F6 ] CAD C:\WINDOWS\System32\drivers\CAD.sys
19:45:50.0901 0x2b8c CAD - ok
19:45:50.0903 0x2b8c [ 307AE8BC9B45772DA02FB952A1D86C35, 4983AC71C8E164D9E6669D345925B4FBEDD0A0A4566887E7ECC56C996B66DBD4 ] CapImg C:\WINDOWS\System32\drivers\capimg.sys
19:45:50.0903 0x2b8c CapImg - ok
19:45:50.0908 0x2b8c [ B6E5AD7C83A5254DEE9D86023C0E5A81, 40F297406A025378A6273535475C1FF8C99BC6502B17C0E161131DA754D7974B ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
19:45:50.0913 0x2b8c cdfs - ok
19:45:50.0928 0x2b8c [ A0E5905465CBCCB63FE915F5B08752A8, 435B39A8B1684FFE9F2720A2CD11AF5A5F55E701709939756322C2CD6A22E0FA ] CDPSvc C:\WINDOWS\System32\CDPSvc.dll
19:45:50.0943 0x2b8c CDPSvc - ok
19:45:50.0953 0x2b8c [ 618DA70D0D90DF3602259C1B121794DD, D2AF7967DE38F3B7C10824A1C900A145F45C57C0F179753A85989406600C4279 ] CDPUserSvc C:\WINDOWS\System32\CDPUserSvc.dll
19:45:50.0958 0x2b8c CDPUserSvc - ok
19:45:50.0968 0x2b8c [ ABE77AD954BC3D72F559CF0C381E50BC, D0F24B023D7CADD4893AAF223A9BAC00B2C58D552E0C314B506C01767FB74133 ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
19:45:50.0968 0x2b8c cdrom - ok
19:45:50.0973 0x2b8c [ 62E13528B9F900A5662E243D4315F10B, B3F4868E80A3A2EDEC19E5AA32C96FF90B08D6B9BD35B80EA01E6A098D46040B ] CertPropSvc C:\WINDOWS\System32\certprop.dll
19:45:50.0978 0x2b8c CertPropSvc - ok
19:45:50.0989 0x2b8c [ 05EA22CFC40EDE05BF6E3BC782E5204C, F0C9C692FC31387E9D19426D3253317B6BA86D7118E3884C11E3287695006443 ] cht4iscsi C:\WINDOWS\system32\drivers\cht4sx64.sys
19:45:50.0994 0x2b8c cht4iscsi - ok
19:45:51.0023 0x2b8c [ 863E1C9F6750446DFB9EDCAEC3531367, 88C5EE76FD85640EB1440DEFC7B6CB918E18DC09507BA91FAE285370B8C7D56A ] cht4vbd C:\WINDOWS\System32\drivers\cht4vx64.sys
19:45:51.0053 0x2b8c cht4vbd - ok
19:45:51.0058 0x2b8c [ 3E416539352B007AD0610BF34AC15D31, E2041129770B24AE95C5EC4B507477C72DFE8CB08D412E2621BF67207F9DEB8C ] circlass C:\WINDOWS\System32\drivers\circlass.sys
19:45:51.0058 0x2b8c circlass - ok
19:45:51.0058 0x2b8c [ 616E1ED94FA7F96D429D985FDB203D2E, EA681C442AA0F7D424C8DABD8D1C14653E61BDE740C0BC4C6C308B5FB4FE67AA ] CldFlt C:\WINDOWS\system32\drivers\cldflt.sys
19:45:51.0063 0x2b8c CldFlt - ok
19:45:51.0068 0x2b8c [ AF0BF03C8574DD026FAF9A82A64C2D04, 363BF0C42181FA4CFBC3DB504F48496D62023F0E4A858DC8F739C08CC5AFA228 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
19:45:51.0073 0x2b8c CLFS - ok
19:45:51.0092 0x2b8c [ 6EA702AD5307947122E5C726047F0B8E, 98F22573944A69CFEDAEB79D308B703385CDFDE9C4CFBC8CDA44D837489122FE ] ClipSVC C:\WINDOWS\System32\ClipSVC.dll
19:45:51.0103 0x2b8c ClipSVC - ok
19:45:51.0113 0x2b8c [ 05B6692427B4FD1364876E74DA80868F, 1CC6ED7BBA2FCDA37735F3A5304FFBA8BFBF3DEDD57B9ED449DE29E7DDDFE508 ] CLKMSVC10_99E320F5 C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\kmsvc.exe
19:45:51.0118 0x2b8c CLKMSVC10_99E320F5 - ok
19:45:51.0118 0x2b8c [ 5118CFC33BBB51C7E3ED441B7085AD26, 8D33864FF750926C4B95827FFAD24C558DE8A90FC5B2663084DEAB5ADBBFAFD2 ] clreg C:\WINDOWS\System32\drivers\registry.sys
19:45:51.0118 0x2b8c clreg - ok
19:45:51.0128 0x2b8c [ 3E76A1547F2448BCEE3D2F4AE3931AB5, 31B41723FAA4210A86B1AE02D6C052BD8B738C4B89FB0177C1AE997D24BA5B8C ] CLVirtualDrive C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys
19:45:51.0128 0x2b8c CLVirtualDrive - ok
19:45:51.0133 0x2b8c [ 232F3A3AC3A2FB32C5C46503A6517073, 9E0232E095471E6C8825E870F5842838F1AE515E56410F6A5CC3D58A9A4AF33A ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
19:45:51.0133 0x2b8c CmBatt - ok
19:45:51.0148 0x2b8c [ 3413CE81E02C091F33C4C3DD3071630F, 4758A2BB2FD453E9867C04CC420D12B279BB97E3C4E664A7058EA5F1EC63D04C ] CNG C:\WINDOWS\system32\Drivers\cng.sys
19:45:51.0158 0x2b8c CNG - ok
19:45:51.0158 0x2b8c [ E1BFF774FF67CA951A5DFF0E104FB132, 68809C4B72C54CEDE3AD33F5634E15A0225A67B391F9012EC7CEBA8AFC6EC3D5 ] cnghwassist C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
19:45:51.0163 0x2b8c cnghwassist - ok
19:45:51.0168 0x2b8c [ DFDAEDB857BC18764F0D8ECDCC3C1499, AE12E908BAF53C605A17A9FB1AFD6BFBEC75EBE45D893541281473C197C71FED ] CompositeBus C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_de4c68ea4fb1be53\CompositeBus.sys
19:45:51.0168 0x2b8c CompositeBus - ok
19:45:51.0168 0x2b8c COMSysApp - ok
19:45:51.0173 0x2b8c [ 04532711732BE9DBC364E88E4A9EC18A, FCEB1F486E146A3FE7307397C1EB6760BFD8A327545F81C546F7134B08615B9E ] condrv C:\WINDOWS\system32\drivers\condrv.sys
19:45:51.0173 0x2b8c condrv - ok
19:45:51.0193 0x2b8c [ 45E027357EB67E29DA732463FE0B6074, 5097151C35BD7E3B9381751AFFF01014624375A479044F761108267F6B8BFB06 ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
19:45:51.0203 0x2b8c CoreMessagingRegistrar - ok
19:45:51.0208 0x2b8c [ 1F7F1A15B807BC7B241BB2FEEA79BC92, D756E2247757C274F3470B46FCDBB63317C05E8E66FDA9DB7ABF3A6820933D4C ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
19:45:51.0213 0x2b8c CryptSvc - ok
19:45:51.0218 0x2b8c [ F51953EC4B9AACD92A3B3CE66E05CEF4, D39C9696213F53F89209000F245AC178B342A84E46EE766B634BB8DB86A26BB8 ] dam C:\WINDOWS\system32\drivers\dam.sys
19:45:51.0218 0x2b8c dam - ok
19:45:51.0238 0x2b8c [ AA7F1C36F5BC779964CFA4F98D224D9F, 6DAF4FCE696B1D6A76E127A905C158724B13C20D2AA0F460F6C2E747E9525D98 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
19:45:51.0253 0x2b8c DcomLaunch - ok
19:45:51.0258 0x2b8c [ A9DD971DDC793C549AFB97A6DDBD76B6, 5E35F4FFF5DC09A122DB93B760E13538AC5B6034EF72DB544815B3C6CD42DDD4 ] DDDriver C:\WINDOWS\system32\drivers\DDDriver64Dcsa.sys
19:45:51.0258 0x2b8c DDDriver - ok
19:45:51.0268 0x2b8c [ 5EF7C24A40B15B4931F44461B41B3BDC, BCF968B0F9CF72047F61C688D62922D38BB290FB357EDB72876627980AF78F8E ] DDVCollectorSvcApi C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
19:45:51.0268 0x2b8c DDVCollectorSvcApi - ok
19:45:51.0318 0x2b8c [ 2108F9CE0C447B4935BF5976C7A8AD27, 683667B3884D9769AFFDC805495C6296B7ADFA4B4464F2C1E8CCEF98A9E2B796 ] DDVDataCollector C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
19:45:51.0353 0x2b8c DDVDataCollector - ok
19:45:51.0358 0x2b8c [ EB42E818A401740986483147C842AFFC, 632367EFBA90AE445F1D234C68A3358207AA284292C89BEF6AFDD4522BDBFF90 ] DDVRulesProcessor C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
19:45:51.0363 0x2b8c DDVRulesProcessor - ok
19:45:51.0373 0x2b8c [ 1175E107082287A58A756239F48E1A73, 0DB2017061D94FAC95CEBD7C4729E42018A92698D72CEE3EA412A9D14DB8D552 ] defragsvc C:\WINDOWS\System32\defragsvc.dll
19:45:51.0378 0x2b8c defragsvc - ok
19:45:51.0383 0x2b8c [ 04D91223860DB9B4169909A01CD66819, 0B598306E99BF9AF036908C9333D34A81F7A9FF292213A9EB583F3F4C8FE2CB1 ] Dell Customer Connect C:\Program Files (x86)\Dell Customer Connect\DCCService.exe
19:45:51.0388 0x2b8c Dell Customer Connect - ok
19:45:51.0393 0x2b8c [ 802FC4E1B3E24185C731C81CD629F41D, FDA38B16E3D8CB1C6D7621AAD25663B954B7015F21F84524DAE2BB04923A996F ] Dell Foundation Services C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe
19:45:51.0394 0x2b8c Dell Foundation Services - ok
19:45:51.0399 0x2b8c [ 498A482C902D492F2C053CCC3DA91A53, 43A675FB345610F8FDB209310EB1D1509643BF45ACCFDD9E160D97FC31B77A1E ] Dell Help & Support C:\Program Files\Dell\Dell Help & Support\MDLCSvc.exe
19:45:51.0400 0x2b8c Dell Help & Support - ok
19:45:51.0403 0x2b8c [ 188BCE1A33FAEE1F19A8D8875B0781DC, 0167783D063826325C856FC0FC0595A9E53F22D655D450EE01F04AB30EC6CECA ] DellDigitalDelivery C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
19:45:51.0408 0x2b8c DellDigitalDelivery - ok
19:45:51.0413 0x2b8c [ 9B6C0BEF7B031CAD335ED25A22D49D54, D5BB1BCF608B22F41969ED994F6C4CFB0A069BDB390CC9473B9F01EF1C0CC236 ] DellProdRegManager C:\Program Files (x86)\Dell Product Registration\regmgrsvc.exe
19:45:51.0418 0x2b8c DellProdRegManager - ok
19:45:51.0423 0x2b8c [ 8205B97AAF15AFDD2ED7D8E6C5088396, E0B3E8E2856FD06F8AC892266E00D157F55A0EC895B8FF16AC6EDE9467694985 ] DellProf C:\WINDOWS\system32\drivers\DellProf.sys
19:45:51.0423 0x2b8c DellProf - ok
19:45:51.0428 0x2b8c [ CAE8AEB8CABCC87D87763B7B97C24532, FE2EE43A44DA70CA45F783A25B94FE9D70E4B717D1BF2F28927FA1CD0A0460E9 ] DellUpdate C:\Program Files (x86)\Dell Update\DellUpService.exe
19:45:51.0428 0x2b8c DellUpdate - ok
19:45:51.0438 0x2b8c [ BBCAC50027D030E07EC7E5C36469FAFF, FEF39659F21D2AE676E4882FBAF5A881C534BB7EA26E5EFF9F7B5F8B952D6532 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
19:45:51.0448 0x2b8c DeviceAssociationService - ok
19:45:51.0453 0x2b8c [ A2BACEBAC01BE7A6656B454E75C23262, C2C168718A341D48679AC4CA8005BD06E9F1F0D1F7C72D3C30A7A8CE1F665A43 ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
19:45:51.0458 0x2b8c DeviceInstall - ok
19:45:51.0468 0x2b8c [ 5B84093D490A6B060C8BE60BA52C876F, D34A854418A66529B18313A50E6D7EAB982611AD9AB0335245AE764FE0602C22 ] DevicesFlowUserSvc C:\WINDOWS\System32\DevicesFlowBroker.dll
19:45:51.0478 0x2b8c DevicesFlowUserSvc - ok
19:45:51.0490 0x2b8c [ 80B74A309ACF057184E88FE4992A1A60, 6AF0444831712A45FE435E2AED5EC13530EF60A4B667B3D3FAFDE1AEBF9F5515 ] DevMgmtService C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe
19:45:51.0491 0x2b8c DevMgmtService - ok
19:45:51.0495 0x2b8c [ F08F70BBD833BAA3BF0D5E500CBEE6CC, 8BB99E6D96CB8B25036549030986EC267C26BF1FC66E4EB00A3E41FE3BB5DE70 ] DevQueryBroker C:\WINDOWS\system32\DevQueryBroker.dll
19:45:51.0496 0x2b8c DevQueryBroker - ok
19:45:51.0502 0x2b8c [ 185A4519B7764F4DEF714D890A7A9FD2, 9805D9DB42D11582583EA3F0FFEE9EF2B0C536DA99A9A3D3863B2669B1CC34A7 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
19:45:51.0503 0x2b8c Dfsc - ok
19:45:51.0508 0x2b8c [ 9593475FBC857A05D93BFF4FA7323C2B, D2A958AF5EFDC6136A6ABB7F8D5FE1F84C967E79BEA96C5BE3661A0145DEB907 ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys
19:45:51.0513 0x2b8c dg_ssudbus - ok
19:45:51.0518 0x2b8c [ BC5188B3F35BB8070888441A2A740465, 05C18A3DC1BD96C6751E76DBF57C47E526A1F9DF5E013B20B69EA0159CD6CE56 ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
19:45:51.0523 0x2b8c Dhcp - ok
19:45:51.0528 0x2b8c [ 5DF493C7954890EEC65CC2A21D479F76, 67087AAAC2AF93F265077AA392444E32DC299918A843A8AECFBE73636A5F2314 ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
19:45:51.0533 0x2b8c diagnosticshub.standardcollector.service - ok
19:45:51.0568 0x2b8c [ 9B844411D91C9BF616D2BCD91CC20723, 78C57216B4350E0AB4957423737FEE48B04A6D3C9F6BAF1A998D0FC1BD78ED17 ] DiagTrack C:\WINDOWS\system32\diagtrack.dll
19:45:51.0603 0x2b8c DiagTrack - ok
19:45:51.0608 0x2b8c [ 1203EA16F36C5BEB2509FB7CC03DC178, 195209CB711E5BDE24A50C88AA62F32E8AE26F6A83B423374FCA41444F55D1CE ] Disk C:\WINDOWS\system32\drivers\disk.sys
19:45:51.0608 0x2b8c Disk - ok
19:45:51.0618 0x2b8c [ 8BCFD0A4900E197DFA8679A13128EC79, DF09F3996F25F025E171DF3EF068BB9AC2DEC79BFCBCA5D58E9158CD7AD785B6 ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
19:45:51.0628 0x2b8c DmEnrollmentSvc - ok
19:45:51.0633 0x2b8c [ 038B8B76284BC291EC75B005BB3EB13F, FE7BD7CF833C4A96ABF4FD6EBAB829CC4D8096780A22A313035D7E49BBA12D36 ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
19:45:51.0633 0x2b8c dmvsc - ok
19:45:51.0638 0x2b8c [ 32C76DFE2586EBECFFA4112E9196591C, 190C294F50B96B13D0B776F7C19DCB47EAACBEE999CBA50236CF8C856CF38B17 ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
19:45:51.0638 0x2b8c dmwappushservice - ok
19:45:51.0648 0x2b8c [ 8FD84F504BFD27FA9261B33F39737E5A, EE73EDA1314680C15C22A2EC65756677E805C7F2F7C5C01543CDD3D68F96F79F ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
19:45:51.0653 0x2b8c Dnscache - ok
19:45:51.0658 0x2b8c [ F08CB37830A1F9950E8B2F7B1F78CC7E, E4E75645893597F6A02B98DC4F126A664F5DEF7B1CD4C2DEE5CA8ED18DB64C9C ] dot3svc C:\WINDOWS\System32\dot3svc.dll
19:45:51.0663 0x2b8c dot3svc - ok
19:45:51.0668 0x2b8c [ 3425E26D0A7792F2EE7745C0336C2062, 54A3AFFC31C2641BCE1877F2CBA61D2CD7191BA39FD5B3659491E4E307570C1E ] DPS C:\WINDOWS\system32\dps.dll
19:45:51.0673 0x2b8c DPS - ok
19:45:51.0673 0x2b8c [ 3D934A1C02EB6979CF45C70A71F580EC, 279B325E18ABF82FF523095D8D5958A3A48C7B7A4F64BD562DDED1D0662B608A ] drmkaud C:\WINDOWS\System32\drivers\drmkaud.sys
19:45:51.0678 0x2b8c drmkaud - ok
19:45:51.0683 0x2b8c [ 5E92CB292D676634058E6C62653C9227, CE35C51B444664641306B4C2E21978B3418B58B2A973B19B908D86FE723FB4C4 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
19:45:51.0688 0x2b8c DsmSvc - ok
19:45:51.0696 0x2b8c [ E479C2656A3A47F5D4FAD10AE6EAED52, B17D18D5440CF131EEADA385989A8ED0DB7728CAAC4E745720947DD1BC4F9EF6 ] DsSvc C:\WINDOWS\System32\DsSvc.dll
19:45:51.0699 0x2b8c DsSvc - ok
19:45:51.0703 0x2b8c [ 682D7DF9704217DD8716307F9E2EEC05, A8D36414A7316C59995CF9689DD84B2FD3FECE47E39F515C81BC3C439890E993 ] DusmSvc C:\WINDOWS\System32\dusmsvc.dll
19:45:51.0708 0x2b8c DusmSvc - ok
19:45:51.0748 0x2b8c [ 43693E1E7E73A8CE25E8E64F1063F26D, BA6ACA2A11D1B7A5FF93A464DF72E847988B1191A8B9BEDD2275590F7E9849A8 ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
19:45:51.0778 0x2b8c DXGKrnl - ok
19:45:51.0783 0x2b8c [ ECA1628436628362856ACF239E6AFD29, 19051DC348918B863E0A272CF56891B8CB49E7E705B8BAC7663D36C797A7B962 ] EapHost C:\WINDOWS\System32\eapsvc.dll
19:45:51.0788 0x2b8c EapHost - ok
19:45:51.0834 0x2b8c [ D64CD3AE93125EDA383190C2AF607E70, 3D180B96C6A2318842FA03AE5F703320A93CF1F440FF7D0E6F6F9BAD98F2FA02 ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
19:45:51.0874 0x2b8c ebdrv - ok
19:45:51.0884 0x2b8c [ 9936F9E94C6E3F47A158D7BFF020575A, D28F6BBCBA07AD8FC17C99D701A0C9367270C4A504BAAB7B840931BBF333D65D ] EFS C:\WINDOWS\System32\lsass.exe
19:45:51.0884 0x2b8c EFS - ok
19:45:51.0890 0x2b8c [ FFBB37982E6D24AEC7A2E5459098EAC9, E89DD74540088ECAC9E802D7A059C0A6E3E5412BD42E5E9F26258724458EF8DB ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
19:45:51.0892 0x2b8c EhStorClass - ok
19:45:51.0896 0x2b8c [ ABF38D02E01D6ED87AE1DF65FC5DF62D, 57D48609DA30F60016D2ADEB9A772942FB39A117247EB63FAE3FCF50D726B698 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
19:45:51.0898 0x2b8c EhStorTcgDrv - ok
19:45:51.0903 0x2b8c [ 5E4AB60D50F368A09275F4055D621EDC, C840F5DF3C0813EC6CB9BA0C3C91F2C6410227A6255DEF5FA94C8AC1E43E36A0 ] embeddedmode C:\WINDOWS\System32\embeddedmodesvc.dll
19:45:51.0903 0x2b8c embeddedmode - ok
19:45:51.0913 0x2b8c [ CA966CED8970A60FB00A3592564EF093, 4BD904032445235EE69DAA0024E0FB3D8B2325D897A683E334754EB3CA90AB39 ] EntAppSvc C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
19:45:51.0918 0x2b8c EntAppSvc - ok
19:45:51.0918 0x2b8c [ B9A59B4AD516E38C39FA416398B96CCB, 4630A9AD414476B47F634F2EB5659597797222A8938B68847B97FECCE1A1B5F8 ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
19:45:51.0923 0x2b8c ErrDev - ok
19:45:51.0928 0x2b8c [ 11B9D886D7AE2F2F5C6BC03D7C52FD31, CA3EB6AB127A01311DA1C7CE3A2F4C2C3E3641F45718CFCA0F8AED7235BE910D ] ESProtectionDriver C:\WINDOWS\system32\drivers\mbae64.sys
19:45:51.0928 0x2b8c ESProtectionDriver - ok
19:45:51.0938 0x2b8c [ 1541374239F33512D7F4D24ED1E9238C, 8B1548D4052A72175EB6ADA9FD4286ACD5041E1CE071DCAC3760BB227FCD3621 ] EventSystem C:\WINDOWS\system32\es.dll
19:45:51.0943 0x2b8c EventSystem - ok
19:45:51.0953 0x2b8c [ 9C4D88E8614487AD85A6F18A71A7298F, EE6F48C89D6379C7361484EAE7C7FAAA477D48032BFDD0D363E48642E62EADF4 ] exfat C:\WINDOWS\system32\drivers\exfat.sys
19:45:51.0958 0x2b8c exfat - ok
19:45:51.0968 0x2b8c [ C61014A176ECAAF97589E6FC979CE786, FB913AC647B68DB9854367BB1E53A504A85833966211279C8D7171698F743B27 ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
19:45:51.0973 0x2b8c fastfat - ok
19:45:51.0990 0x2b8c [ ECC5AEFEA31F1A078E954305B8CA6373, 15948D017E3B52D3B4BBEC047F963BD77247E24A59F0532B6A023B0C4159FC84 ] Fax C:\WINDOWS\system32\fxssvc.exe
19:45:52.0000 0x2b8c Fax - ok
19:45:52.0003 0x2b8c [ 853081957BA148F38FD8DE4390CFCF4A, 37C92C7ABA55A5FF7094F77F8EBEEE1F4BEE161CEC6B01A50FC0D0C39E36C142 ] fdc C:\WINDOWS\System32\drivers\fdc.sys
19:45:52.0003 0x2b8c fdc - ok
19:45:52.0008 0x2b8c [ 885C06C35CC8FAEDDE3CDA36B72CA2A9, FF6584E7AF2FB540B2183665C3E216BE98DE953CEA6A7E4C5F13514BE4AAC9D3 ] fdPHost C:\WINDOWS\system32\fdPHost.dll
19:45:52.0008 0x2b8c fdPHost - ok
19:45:52.0013 0x2b8c [ 367E878C79D9F391E3D53B6BBC1B6386, 739D89F6954E17B73F53702CFF8EE985FB241255D962A83BAF1A20E783CAF466 ] FDResPub C:\WINDOWS\system32\fdrespub.dll
19:45:52.0013 0x2b8c FDResPub - ok
19:45:52.0018 0x2b8c [ 514F6A0B83527DD6ACCC8B21A57B10E3, EA3D401E42D05BA39E5874513DFB895A086BECE4D69FC1AC12F85F326A435A4B ] fhsvc C:\WINDOWS\system32\fhsvc.dll
19:45:52.0018 0x2b8c fhsvc - ok
19:45:52.0023 0x2b8c [ 27E764D6460504B7271AFECE7A59FB76, A32B08142068BF042B3E47C0CA7F4FCFD07A37807B1B8DAAE614F3A132475D52 ] FileCrypt C:\WINDOWS\system32\drivers\filecrypt.sys
19:45:52.0023 0x2b8c FileCrypt - ok
19:45:52.0028 0x2b8c [ 3D6087F51110F3CC0DA89385354F8C5E, 49FF976C3391A257BCD4B048BF6D1273F8537005E32D65E5F272AF3294639F05 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
19:45:52.0033 0x2b8c FileInfo - ok
19:45:52.0033 0x2b8c [ 057E95E53C38260C4EF49B3A077770CD, 7008E71663046FF1D91D9DC3570094561C812067E1CA07715A1D2E4F787207AE ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
19:45:52.0033 0x2b8c Filetrace - ok
19:45:52.0038 0x2b8c [ 90B2983D8495C26345A1DC5F0C3BB07B, 50D834D40C27EEF5023556A77B13D3335789333E302A73DF221CD86D156FDEE9 ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
19:45:52.0038 0x2b8c flpydisk - ok
19:45:52.0048 0x2b8c [ A84261F75F490E45CFEDBA77EFE4F67E, 292BA04D8996140255E4B6105015C2A640890BEFB6C022E30E0D9CBF45D5F4DB ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
19:45:52.0053 0x2b8c FltMgr - ok
19:45:52.0078 0x2b8c [ 3020F526B7E94A178D3EBF958397F7BC, DD0105BBEFFA7E1F54BC2199C7DB60F9C650D76DA36598E934F45D44BCE1DE3A ] FontCache C:\WINDOWS\system32\FntCache.dll
19:45:52.0104 0x2b8c FontCache - ok
19:45:52.0109 0x2b8c [ B282011D13BBEEA0273DF33C5E776D55, B4AF068BBB09D0F546F5590FCDD745250CFD58DD3A8ABF5DC26670FA32D181FB ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:45:52.0114 0x2b8c FontCache3.0.0.0 - ok
19:45:52.0124 0x2b8c [ 58811D00A582A89B7839B4B2CE7302BE, D2B6C197BD257B462FC3E8E7A8E7C3F910282FDAA61DB00ADB64DA0698C203C7 ] FrameServer C:\WINDOWS\system32\FrameServer.dll
19:45:52.0134 0x2b8c FrameServer - ok
19:45:52.0139 0x2b8c [ D2814848206DFC18EB8D3D069FAE703E, A62263CDF9261B692423473F4FF23B01AC864C05850BA5591EB9019906B4A08B ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
19:45:52.0139 0x2b8c FsDepends - ok
19:45:52.0144 0x2b8c [ AE7EDF845F41ACA3B74567C3CE20E987, 6159C227C85912B03D8C35A1EF91705AE6C1C23C7228D6FCC0A9529844798E1B ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:45:52.0144 0x2b8c Fs_Rec - ok
19:45:52.0159 0x2b8c [ 7C14404ADEF7D6F1D4D5346CF1849DDC, B8B44F3630A9A63F3E80D1A28BFEECC2372D75B68E25749B858EAD612FB784A4 ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
19:45:52.0169 0x2b8c fvevol - ok
19:45:52.0189 0x2b8c [ 2C3D5F5B28164C3624012E55B8DED3ED, 9948E1C72561D93C4C2D98E84F16998739E25ED8E455EE61BAE52C95C96F2785 ] Garmin Device Interaction Service C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
19:45:52.0201 0x2b8c Garmin Device Interaction Service - ok
19:45:52.0204 0x2b8c [ 4616F61E24B3AEA6E0E4EA7D69531EF4, 34CB16F68E4A4D19346C7FEC29BB5FE09BAAEC19EA730C9B93450F940D124D49 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
19:45:52.0204 0x2b8c gencounter - ok
19:45:52.0209 0x2b8c [ 23174BB6937459B924BB8EF667FB28EF, 6675B87F4DE9CCA96B6BAB9F77C4E0B377828613D9FFB03F7D443AF11321F157 ] genericusbfn C:\WINDOWS\System32\drivers\genericusbfn.sys
19:45:52.0209 0x2b8c genericusbfn - ok
19:45:52.0214 0x2b8c [ 4B11CFBE1D9B73A9D865F6AB26F800BA, BD76CB5AF0EE6DD404875A4C36622C6BC8CCF2975C47E28DD305EB041C6C0B91 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
19:45:52.0219 0x2b8c GPIOClx0101 - ok
19:45:52.0239 0x2b8c [ CF22C0941409C772AA1568DC4F89A111, ED5895F024E64B672EB3FAE6C456FA0D30A068CF2B475A7EE988DEA4DCD6D8DE ] gpsvc C:\WINDOWS\System32\gpsvc.dll
19:45:52.0259 0x2b8c gpsvc - ok
19:45:52.0259 0x2b8c [ 3FC3FCF557D0BE3D724EA10642E1F6FF, 744D0DDE748A1B681087668CB893F9A60A2BBE80A71098944E75B6A9AA934C82 ] GpuEnergyDrv C:\WINDOWS\system32\drivers\gpuenergydrv.sys
19:45:52.0259 0x2b8c GpuEnergyDrv - ok
19:45:52.0264 0x2b8c [ B9893A68032A6D9ADDB5B98287C630F7, F0280764D7B31F1EA634E91397229B1C064A7C1B3A77A6BBD123CEA74180789F ] grmnusb C:\WINDOWS\system32\drivers\grmnusb.sys
19:45:52.0264 0x2b8c grmnusb - ok
19:45:52.0269 0x2b8c [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:45:52.0274 0x2b8c gupdate - ok
19:45:52.0276 0x2b8c [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:45:52.0281 0x2b8c gupdatem - ok
19:45:52.0286 0x2b8c [ DD528E0A0C57B02A6FC311AA05D430C2, 1803882AF4AF6826D9B3A30074C1A95117AAFE64E693E003825401BB8F76838A ] gzflt C:\WINDOWS\system32\DRIVERS\gzflt.sys
19:45:52.0291 0x2b8c gzflt - ok
19:45:52.0295 0x2b8c [ 02B9639D9997E95CDF2F4C4F3BDCC73D, 612F472A72E44199E0B1ECEE6FF2836359039402212CBD26D1A1CDDAC61052A9 ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
19:45:52.0297 0x2b8c HDAudBus - ok
19:45:52.0301 0x2b8c [ 9F90819E301C70A3A042FC05D3E41B5F, D2175786775D08686264001ABAA4B61DC08A847666F6B9A2A64D10BFC022F646 ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
19:45:52.0302 0x2b8c HidBatt - ok
19:45:52.0303 0x2b8c [ 1FE8E2676CD512181F84B27EE86CE29C, C694918ABD6533C04CF1F48A0ACB279391B020B3842AB47E7F1402DCC2DBA7BB ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
19:45:52.0303 0x2b8c HidBth - ok
19:45:52.0309 0x2b8c [ 55DAF856F9633DD2519BA4E942870F02, 5283548CB93EB46C5FD3B08E45C97BBFB33D47F11F89560508775889FBF2F754 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
19:45:52.0309 0x2b8c hidi2c - ok
19:45:52.0314 0x2b8c [ E34216A190D9BF8EAA666F6903BCD0EF, DA8529DAF903B447CC5FF2D112F670696549A4B66F54DF9A8C8C615D969CD477 ] hidinterrupt C:\WINDOWS\System32\drivers\hidinterrupt.sys
19:45:52.0319 0x2b8c hidinterrupt - ok
19:45:52.0319 0x2b8c [ 852DBB5185996AD8C73872A43A453729, 8C20331AE99E280799407CC5FCF88F8F645C331604230876A2CD7C253B9BD633 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
19:45:52.0324 0x2b8c HidIr - ok
19:45:52.0324 0x2b8c [ 6339CC87F0F610D1575C9A419940602A, B2A054ED0B669FA54E250EC2926955B1D944FA1FB2AF5B590C181CB2E9D297BA ] hidserv C:\WINDOWS\system32\hidserv.dll
19:45:52.0324 0x2b8c hidserv - ok
19:45:52.0329 0x2b8c [ C1A608120DE0DF52E51B8BAF86AF19F9, F3529822E78CFCA2E323A75926A833529889E40BB9602B287CC343C496CB2062 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
19:45:52.0329 0x2b8c HidUsb - ok
19:45:52.0339 0x2b8c [ BD1CF47172B97707DFC66ADA741AE2BE, 9607AB7074FC54D88FDF6E2A31506BCF8ECBF8FD651BB5CEA2421471C24BCED1 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
19:45:52.0344 0x2b8c HomeGroupListener - ok
19:45:52.0354 0x2b8c [ A004895B838003BAE2281DAF193B6A09, 587FCDCEF769B2AED12551B6426477B764CB8A025E692D4EC8B24E1CBA1C06E3 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
19:45:52.0364 0x2b8c HomeGroupProvider - ok
19:45:52.0364 0x2b8c [ 8ADD9CA3E0F18CEA11EA6FAED794A228, B46BA885ED8253A253B1C87C331CA145F7F397AF49853038B3F1EDAF81B2C4BA ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
19:45:52.0369 0x2b8c HpSAMD - ok
19:45:52.0390 0x2b8c [ BB1AE72906564A6E81B79D73A05AE21F, 9BAC18FE0F99479E7B2AB804A0B4C286E55155A8C051CC7D20CE94798EEA0721 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
19:45:52.0404 0x2b8c HTTP - ok
19:45:52.0409 0x2b8c [ D3C45F1B5BB3EE772CDA416A4A3EEB9B, 97CD988CF307EBCC34F37F130F4F2C989DD17E70B2498DB1929B566A3387887B ] HvHost C:\WINDOWS\System32\hvhostsvc.dll
19:45:52.0414 0x2b8c HvHost - ok
19:45:52.0414 0x2b8c [ F60F8390B635156593F7493AE898AFB0, AC5E58CDA12072C5FDBFEA0FA009CE2E251D143FC0878B2658ECCCF797B8B0EC ] hvservice C:\WINDOWS\system32\drivers\hvservice.sys
19:45:52.0419 0x2b8c hvservice - ok
19:45:52.0424 0x2b8c [ 563F5FC3B46A70A91AB6C8822AC8BF25, 43E647A7752D7444BF306E38571130AB778AA2A6892782C6C1112E47FBEFBC87 ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
19:45:52.0424 0x2b8c hwpolicy - ok
19:45:52.0424 0x2b8c [ C082249BC3E972C8A132D9EC6AD9EAD5, D69EEFD97CF5E0BD64D11DE1C331D02A9BE522BB93A40FF32ED434D960B85D39 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
19:45:52.0429 0x2b8c hyperkbd - ok
19:45:52.0429 0x2b8c [ C6C8315E3262FAE460529C6DA2951682, 4ADBFA6601209BF6F5A9797721CBE2011905775CF4E266D7B42F89915D477E95 ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
19:45:52.0434 0x2b8c i8042prt - ok
19:45:52.0439 0x2b8c [ C6B8743B213F06AA60943D8366FE968F, 758954F70B810063914B243115B2C753B2BCE40190F95C30ACBA0BF04EBD5B33 ] iagpio C:\WINDOWS\System32\drivers\iagpio.sys
19:45:52.0439 0x2b8c iagpio - ok
19:45:52.0444 0x2b8c [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c C:\WINDOWS\System32\drivers\iai2c.sys
19:45:52.0444 0x2b8c iai2c - ok
19:45:52.0449 0x2b8c [ 42962355A7911407026E920E7252E3E5, 4A4016A53ED61354C81C594968339E6F3CCCFF4A64F8F28AD008ED8137E05AD2 ] iaLPSS2i_GPIO2 C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys
19:45:52.0449 0x2b8c iaLPSS2i_GPIO2 - ok
19:45:52.0454 0x2b8c [ BD47B2FEABFA48C6224D43EE9EA9BC06, 304628CA458AA7B1B8B1CFF12074AD75C1CE7BD41820B99607D7FA99A817D007 ] iaLPSS2i_GPIO2_BXT_P C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys
19:45:52.0454 0x2b8c iaLPSS2i_GPIO2_BXT_P - ok
19:45:52.0459 0x2b8c [ 2184CB3A65888F446FCD6DBA9F073F4C, 0B3D63EC7F61BFAD490C123084965A9F38DBFE587AC9DAE6F4E6B68AD8093DB2 ] iaLPSS2i_I2C C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys
19:45:52.0464 0x2b8c iaLPSS2i_I2C - ok
19:45:52.0469 0x2b8c [ 4126F8DA08CE7924A3AE6F7235F85D5F, 668DC1D09496A95F44C07C5C1F6ED7D3EFC6F89523B2744A86B460E5BECAEFB5 ] iaLPSS2i_I2C_BXT_P C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys
19:45:52.0474 0x2b8c iaLPSS2i_I2C_BXT_P - ok
19:45:52.0474 0x2b8c [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
19:45:52.0479 0x2b8c iaLPSSi_GPIO - ok
19:45:52.0484 0x2b8c [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
19:45:52.0484 0x2b8c iaLPSSi_I2C - ok
19:45:52.0500 0x2b8c [ 57CD95DEB3529181BCC931DD2DFB2341, 03ACF906E4C3CF954F503900F42C7A60FCD5624772B90A956F032484146E42B7 ] iaStorA C:\WINDOWS\system32\drivers\iaStorA.sys
19:45:52.0504 0x2b8c iaStorA - ok
19:45:52.0519 0x2b8c [ D820075D3395BED28FC57AEF8FBA666F, 7589CCCD355D2685C0E6D317AB39F0DB061153E6859A0F53834B001643CFDF57 ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys
19:45:52.0529 0x2b8c iaStorAV - ok
19:45:52.0529 0x2b8c [ 20E83F4632E15A5E9E716FF2E8AC7FAE, 7CA1A4924F432AD30ED7FA6247C6513DA173EE31132AE115E85C0ED7E5971029 ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
19:45:52.0534 0x2b8c IAStorDataMgrSvc - ok
19:45:52.0539 0x2b8c [ A243E0CE8644378C9A9D015ABC3EDA27, 0C72F6D39DD64A16F54BCE185F4D8E670D386823F6364E9ED284F7F8DE11CBF5 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
19:45:52.0549 0x2b8c iaStorV - ok
19:45:52.0559 0x2b8c [ E16E4FC9F250E48CB2CAD93E59D010E2, EFF558EDD63DB0FD8BA240E94BD5999106233B95BF86BFB99EE9B897F41C542B ] ibbus C:\WINDOWS\System32\drivers\ibbus.sys
19:45:52.0569 0x2b8c ibbus - ok
19:45:52.0569 0x2b8c ibtsiva - ok
19:45:52.0574 0x2b8c [ EAD6C953C40FC06E8E56182D9C27C480, E1DF45FF871B0A777A37702A5EF2379164DDD646D294F4520379979B7BD23B3F ] ibtusb C:\WINDOWS\system32\DRIVERS\ibtusb.sys
19:45:52.0579 0x2b8c ibtusb - ok
19:45:52.0584 0x2b8c [ E3061D5ABA80394D29E26EA58AF7F69A, 9BCF1AD2CC9C7E48FD350F9D59797E17F355C840EDE428143764F93716159C20 ] icssvc C:\WINDOWS\System32\tetheringservice.dll
19:45:52.0593 0x2b8c icssvc - ok
19:45:52.0601 0x2b8c [ ACD51FF445862B7655D457E12B6AACBE, AB9635290752506C35B9D496597B0B4C30221F009F5B98979C2B67DEF5773C77 ] Ignis C:\WINDOWS\system32\DRIVERS\ignis.sys
19:45:52.0604 0x2b8c Ignis - ok
19:45:52.0619 0x2b8c [ E9E4BB312F6B544392F44D513FAA2243, 3E6917BCE9F1AF554D57FED9E76B33F36D92145B0090A5F8F64E2A53EB4C54A4 ] IKEEXT C:\WINDOWS\System32\ikeext.dll
19:45:52.0634 0x2b8c IKEEXT - ok
19:45:52.0639 0x2b8c [ 0E33BC018502E7FDE77C343055D9C626, CD1C60E8EDAA044E03E5776962E091C1288204033A57A799D446F9B058D6AD59 ] IndirectKmd C:\WINDOWS\System32\drivers\IndirectKmd.sys
19:45:52.0639 0x2b8c IndirectKmd - ok
19:45:52.0702 0x2b8c [ 48AC5F706780BCC34811EA89A0727189, F76EC13A5A0FD24D9B63B7546FF749739022D1785357AD06E3FAA7F608E8C714 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
19:45:52.0754 0x2b8c IntcAzAudAddService - ok
19:45:52.0774 0x2b8c [ 4C17F57E43645E75800E9E84787E34E5, 6A1531D97462BA3B3DBDAD472AF15B717C958AA8C5CE2373DE0B2A41C35BE33E ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
19:45:52.0790 0x2b8c Intel(R) Capability Licensing Service TCP IP Interface - ok
19:45:52.0795 0x2b8c [ 2390C395882F7773AB7D6CC2547B41DE, 220EBA14BC4A686ED9879D27900AD66ACD937899759A4319297E0F15DFAB247C ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
19:45:52.0797 0x2b8c Intel(R) ME Service - ok
19:45:52.0800 0x2b8c [ 4B7F8A1AAC7172DB6918A0E10E1D78A3, 1E9922AF9B5458F23A379EDCD61B615B6E53BAF8927237C1C7DCC04122CCF417 ] intelide C:\WINDOWS\system32\drivers\intelide.sys
19:45:52.0801 0x2b8c intelide - ok
19:45:52.0804 0x2b8c [ 0A3DBE89C965FFB7C0D0E38834E77B90, 0166BE79228ED6B3D7AA1BACB4F1BB68357DBF70DF778B2F8A3776E374EE690C ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys
19:45:52.0804 0x2b8c intelpep - ok
19:45:52.0809 0x2b8c [ 64EC687A811DC4F69DF3816F073352AA, F70942B67448DF9848F32F88D37E1E0C548CE9FEFC4376628D7CBEF62494D8E1 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
19:45:52.0814 0x2b8c intelppm - ok
19:45:52.0814 0x2b8c [ 549C278119FF539C3B219C55B98B0E87, B4C15AB0C77EAB6C5ADEBD014F610BBFC537EAEB0E3960636624001C8A5DE56E ] iorate C:\WINDOWS\system32\drivers\iorate.sys
19:45:52.0819 0x2b8c iorate - ok
19:45:52.0819 0x2b8c [ A0F9F2E87F0C751FE164D90EB44A9B63, BE816F17E43E5F80AC65E913AB7F9E77B8D6B70B90A784CB00C907D3DAFFD4DB ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:45:52.0824 0x2b8c IpFilterDriver - ok
19:45:52.0839 0x2b8c [ 16DBEB4BBB9A79490D772F136FF9696E, C4246BAD502D333B5E76520C9F2AD09CF00719341FD9C522FD76DDBD911AE125 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
19:45:52.0854 0x2b8c iphlpsvc - ok
19:45:52.0859 0x2b8c [ 656DDB34996A96539BA6E2843B5F2A77, EDC3F1A2BA38A9655361A20B6C8001984AEB1A530C5385CF6EC0AF595305DBC7 ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
19:45:52.0859 0x2b8c IPMIDRV - ok
19:45:52.0864 0x2b8c [ DCC05E5EAA580C97F13B434FAFACED85, 5C6CFD3D9FAEB7274E05F3D19D3AA064624500C616650DE227B849B505662BB4 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
19:45:52.0869 0x2b8c IPNAT - ok
19:45:52.0874 0x2b8c [ 9A6B993A95CCA15502DE3C980508DC44, 370A1A4531A72CFBF331ED274913925A269115A13E3A6B5E1821FB48DD7242AE ] IpxlatCfgSvc C:\WINDOWS\System32\IpxlatCfg.dll
19:45:52.0874 0x2b8c IpxlatCfgSvc - ok
19:45:52.0879 0x2b8c [ 9035C10C7EB8CF7C87CEA82A62EBB43A, A0DA94E80E503DB3C2877CE1BCDC70B3FCC6861ADFBCCE66C6D2592BD63F27DC ] irda C:\WINDOWS\system32\drivers\irda.sys
19:45:52.0879 0x2b8c irda - ok
19:45:52.0884 0x2b8c [ E7FD479E3298F3C8852A0D2F092BDB35, 07F2E779268EBBF4F32ED1C8423493B36BA823905E71B524C6AEBA0093193307 ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
19:45:52.0884 0x2b8c IRENUM - ok
19:45:52.0891 0x2b8c [ 65B145143F6E5E1B5A213F0D9F4C4C44, 0E390BD8D7B4B9562E8FEE0D109DCE0D9EA823FD2D20B39FFACE3331F30FE5BC ] irmon C:\WINDOWS\System32\irmon.dll
19:45:52.0892 0x2b8c irmon - ok
19:45:52.0895 0x2b8c [ 7FE3B3A30FA20F27AF7022A01C2266BA, 8AB924F08ABF1DCB154B6A3BDB7E3E5A863008B5AFF8E3DB9759848774E00E8A ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
19:45:52.0896 0x2b8c isapnp - ok
19:45:52.0904 0x2b8c [ 618707F3F742BF67AB578808171F60EB, AC9322483A450856B60F61D0CC58380148C52451863364C6FF3A2FAB4173A7A5 ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
19:45:52.0904 0x2b8c iScsiPrt - ok
19:45:52.0914 0x2b8c [ 8B9EB2DD362921E91A254CF0D00CF263, BA63C7D1C259DF7FCCFBA8901FF02D6E6002EA809EEE1C3D281185A799B7319A ] iumsvc C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
19:45:52.0919 0x2b8c iumsvc - ok
19:45:52.0924 0x2b8c [ BDC9C7931DB723CB1AF9F7075EA06645, EEBD5DC9C4656F14F8F0A0A5E84657B6B2BA35283E0E571119DA82F131D5C21B ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
19:45:52.0924 0x2b8c jhi_service - ok
19:45:52.0929 0x2b8c [ D36B404BF979297C6572AEF98B2594F2, CB2F4E6589936D35D59CA70B39A29D091540EA125BE4B937AF92CEA0C6D0AAEB ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
19:45:52.0929 0x2b8c kbdclass - ok
19:45:52.0934 0x2b8c [ 7E2036A846789D6D6A2EE21915017EE1, 82AF85CA30B440E453F7694C7EDABB5D2DB213AD2FE8620B92667DFB492229A1 ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
19:45:52.0934 0x2b8c kbdhid - ok
19:45:52.0939 0x2b8c [ 4C054B8E901F41F5743DADE8A29FF256, 1009CC2503E08AFEA849BA83135C2D75C573FC4D6EFB5DBCDCC7ACB17AF83152 ] kdnic C:\WINDOWS\System32\drivers\kdnic.sys
19:45:52.0939 0x2b8c kdnic - ok
19:45:52.0944 0x2b8c [ 9936F9E94C6E3F47A158D7BFF020575A, D28F6BBCBA07AD8FC17C99D701A0C9367270C4A504BAAB7B840931BBF333D65D ] KeyIso C:\WINDOWS\system32\lsass.exe
19:45:52.0944 0x2b8c KeyIso - ok
19:45:52.0949 0x2b8c [ 588332B483111CCDCA8E8AB2F239489E, EE3D633F4C013ED5166020C95A4BF6003988C629133B8CD950D9C8EBA131A484 ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
19:45:52.0949 0x2b8c KSecDD - ok
19:45:52.0954 0x2b8c [ 6629CAA1F157088B9EDD1EAD24C6D753, 3E5F3BCB34F4B52BE46B96F9F720FE5FB37A01D4E408875F6BB89F5B5C5A3900 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
19:45:52.0959 0x2b8c KSecPkg - ok
19:45:52.0964 0x2b8c [ 9778205F28DC4F2EFFCC146647FE5CF0, 6B7EFFB08C7757A2830745920A624F89DBD5B323E0A884932FECF06471894F9D ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
19:45:52.0964 0x2b8c ksthunk - ok
19:45:52.0974 0x2b8c [ 08F9C3F7FE3019BF53B1405B1820528F, E90940533F88A33C396E1DF9D186E945F030315FB2201E479F144E27387333CA ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
19:45:52.0979 0x2b8c KtmRm - ok
19:45:52.0984 0x2b8c [ ECFFCC67C47A86CA32D0953428699210, F5A06E82FDC092549623FD41C82B082092529808BA12339DE5B1D72B9B12072D ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
19:45:52.0993 0x2b8c LanmanServer - ok
19:45:53.0000 0x2b8c [ B82D6C634638534E41748FCEC909E55D, C286EB7B3E780549F77E75B4B9F053861D82EFDCD43B1308848A08D23EFADDCA ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
19:45:53.0005 0x2b8c LanmanWorkstation - ok
19:45:53.0010 0x2b8c [ AF1077E89AD4458EC9B1CABB35595346, 762AE3218B7B05032C4199F0AE9ABCC822C3DF88BBB09536202B6B26A7944024 ] lfsvc C:\WINDOWS\System32\lfsvc.dll
19:45:53.0010 0x2b8c lfsvc - ok
19:45:53.0015 0x2b8c [ 02538E602280C07438C94489DCBE77D5, 2E2B60E5FB7A274F4945444D5EDB058E62CAC268C5336FF8F4B9E82245095211 ] libusb0 C:\WINDOWS\system32\DRIVERS\libusb0.sys
19:45:53.0015 0x2b8c libusb0 - ok
19:45:53.0020 0x2b8c [ C0CB3B9F1F92C36B91309FDACCDF918B, 5D40C11388A48323D9D9AC18A950B09E2654092BC2F9DE45779A9354668BA18E ] LicenseManager C:\WINDOWS\system32\LicenseManagerSvc.dll
19:45:53.0020 0x2b8c LicenseManager - ok
19:45:53.0025 0x2b8c [ FC37745959DFA4871759E4DCC836227A, 8B63F798440FD0A34E2F2940B2598238BC852EF3EFD22147A77AB4BA6FB9E704 ] lltdio C:\WINDOWS\system32\drivers\lltdio.sys
19:45:53.0025 0x2b8c lltdio - ok
19:45:53.0030 0x2b8c [ 1797F544956D46966C67A2F7879403A9, D7820D2F8E936FF13D709BA1BD0541AABA8402F38698FE96DAE70B4E7A730835 ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
19:45:53.0035 0x2b8c lltdsvc - ok
19:45:53.0040 0x2b8c [ AE561CB0813D4DFA7D3E4471B2B70F5F, 344EA5E02D04098F032353962C1B70B0F578BCCD2843C70D6330B3F967D2FDB5 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
19:45:53.0040 0x2b8c lmhosts - ok
19:45:53.0050 0x2b8c [ A7D2A96187E5C5F4F7650900A15788AA, F131C3E8206A89A9244ECF2507F4FC1A8550E594A58F75338939A54C973078AF ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
19:45:53.0055 0x2b8c LMS - ok
19:45:53.0060 0x2b8c [ 16C9D4D822CCA795A72DC88B25A577CC, AEF93AA4E815F90C1A42D574C6DE7EF31FE69AD7B78B8E1AC7C27304F3CD7959 ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
19:45:53.0065 0x2b8c LSI_SAS - ok
19:45:53.0065 0x2b8c [ 920F0CFCED5F28A31B79F1C470649D11, 5A5F390F2FD7C26807E7896E9F8F94EE7E69FE3C4B247BEA515588EB076148EF ] LSI_SAS2i C:\WINDOWS\system32\drivers\lsi_sas2i.sys
19:45:53.0070 0x2b8c LSI_SAS2i - ok
19:45:53.0075 0x2b8c [ 0FE63316F1C70A0F759A449FAC64C24B, CF99D62FDA862095BA1EB57DD58CEC070E0552E15B6F454B87D593707132636B ] LSI_SAS3i C:\WINDOWS\system32\drivers\lsi_sas3i.sys
19:45:53.0075 0x2b8c LSI_SAS3i - ok
19:45:53.0080 0x2b8c [ 80E82C46B27A923A3744531069B63857, C73A200FC2A009D19F2C26FAC07489EA0F4329CD7A1D80EB3200B19DFC883F8D ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
19:45:53.0080 0x2b8c LSI_SSS - ok
19:45:53.0097 0x2b8c [ A69A59CD52D26443FF728FD52283598C, E416481B23CDADBB9E608E49C9DC9A520D14935E92CA9B63E7763692DB382D7D ] LSM C:\WINDOWS\System32\lsm.dll
19:45:53.0104 0x2b8c LSM - ok
19:45:53.0109 0x2b8c [ 88F5570C04766EE561FF129B2F93030C, A36F7FF563F813EC0F69E5BFB76C58A1C9824F54BA1729C4096E8B7B7C8D90EC ] luafv C:\WINDOWS\system32\drivers\luafv.sys
19:45:53.0114 0x2b8c luafv - ok
19:45:53.0114 0x2b8c [ D365217A6D4528ABB41B40C8FBD227E8, 340129785A5788A8FFE0E1B339A616D290F7504F3658F63E1A3B169B38460FBF ] MapsBroker C:\WINDOWS\System32\moshost.dll
19:45:53.0119 0x2b8c MapsBroker - ok
19:45:53.0129 0x2b8c [ C3EED732789052C98A2613A7E1C37CDA, D71735C8FB772EEB7F3F304CD79D8D774A9A285A94365DE0E635F61357EC9F0F ] mausbhost C:\WINDOWS\System32\drivers\mausbhost.sys
19:45:53.0134 0x2b8c mausbhost - ok
19:45:53.0139 0x2b8c [ 4DCE65116A28488593FF5A6A18B03DB0, AAFA7E7C1C9A38B8CF5CE530F96028191F52B1FDD2790246E413B63CF7C5F02A ] mausbip C:\WINDOWS\System32\drivers\mausbip.sys
19:45:53.0139 0x2b8c mausbip - ok
19:45:53.0144 0x2b8c [ 25FAEF6CCFF6D9912A65641AE60711EB, AD83C6DE72D7C416EC7765DBA2EF41B32084980EE071A17CA2C360CDF91212AE ] MBAMChameleon C:\WINDOWS\system32\drivers\MBAMChameleon.sys
19:45:53.0149 0x2b8c MBAMChameleon - ok
19:45:53.0154 0x2b8c [ 4988F9AEE3B9E4545975CAA9381DB0EF, DC6030468783BF02DAA6922A5469D73D56642963F7212398A959AD7915D9E76B ] MBAMFarflt C:\WINDOWS\system32\DRIVERS\farflt.sys
19:45:53.0154 0x2b8c MBAMFarflt - ok
19:45:53.0159 0x2b8c [ 149E252142950594695178971748D056, 6F3EBAD6CB87A21B457AA09CA56EF01B48D4478CB94BD09834E72BE9A41265A4 ] MBAMProtection C:\WINDOWS\system32\drivers\mbam.sys
19:45:53.0159 0x2b8c MBAMProtection - ok
19:45:53.0240 0x2b8c [ FEAF4E98C93BC3512B8108D2F534A3BA, 6D93EF21DB9BFFACC1241E823F9BB7719B9395D64BBF952874CFF015B7930D92 ] MBAMService C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
19:45:53.0304 0x2b8c MBAMService - ok
19:45:53.0315 0x2b8c [ 94FCA94EE7937EA3ED75F39DE4C8E292, CD41ACBC70412B61C844ADC26413728A09D60983A464327A285C80E08D37F8B6 ] MBAMSwissArmy C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
19:45:53.0317 0x2b8c MBAMSwissArmy - ok
19:45:53.0322 0x2b8c [ CC6522BC2BD971FEBADC5A794A908E4D, 388E612B4BC4E5A6E547D94D4C81D3301D664CDA77798FC0EFC0EF1F811E734C ] MBAMWebProtection C:\WINDOWS\system32\drivers\mwac.sys
19:45:53.0323 0x2b8c MBAMWebProtection - ok
19:45:53.0325 0x2b8c [ 0609BF877A2F4DEECC62EEE220AB6242, 393268836EB055669997BD05866487497AFC396C9516DA4C4F143679B1DDCA6E ] megasas C:\WINDOWS\system32\drivers\megasas.sys
19:45:53.0325 0x2b8c megasas - ok
19:45:53.0330 0x2b8c [ EEC64C8D498D121607C7615FDFBEE4D0, B605B9886C1A05C999B005AEA6D0677DF632E2F34F4FF03F09C2E6C05F554D50 ] megasas2i C:\WINDOWS\system32\drivers\MegaSas2i.sys
19:45:53.0330 0x2b8c megasas2i - ok
19:45:53.0345 0x2b8c [ 2B7D3B206833D769218A1F4BE2D73B97, 25901A5E931DC3659993448E59ABC3601B7B0ED9AFEF0F5ECC139D0D0442F73B ] megasr C:\WINDOWS\system32\drivers\megasr.sys
19:45:53.0350 0x2b8c megasr - ok
19:45:53.0355 0x2b8c [ AFEA4FAABCE6F0C299E9231FF4F466BE, BCF0C50F02C4AC2784139935F3756F5C4D24FCAF07ACD9567B87991A9D1F16DB ] MEIx64 C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys
19:45:53.0360 0x2b8c MEIx64 - ok
19:45:53.0360 0x2b8c [ 4F708DA590EDBCC124FB79066D44759B, B8DA803299AF5FDE1594CF958EA6B99D4B99E8163438A70A692CA33A96DBF8DE ] MessagingService C:\WINDOWS\System32\MessagingService.dll
19:45:53.0365 0x2b8c MessagingService - ok
19:45:53.0370 0x2b8c Microsoft SharePoint Workspace Audit Service - ok
19:45:53.0385 0x2b8c [ 89257B8D3826B5629CF7F73F97DA44F9, F056D67EC82072BA209FF7942862862FDF562F8C038F3128861C387F8F63B494 ] mlx4_bus C:\WINDOWS\System32\drivers\mlx4_bus.sys
19:45:53.0400 0x2b8c mlx4_bus - ok
19:45:53.0405 0x2b8c [ 9AE3C0CC0865B1618A3C97744A6A9E9B, BF72AEF0360AC278B36ED31E5BFC2E8F72136B0952490A105CB6929654C97F6C ] MMCSS C:\WINDOWS\system32\drivers\mmcss.sys
19:45:53.0405 0x2b8c MMCSS - ok
19:45:53.0410 0x2b8c [ 0CD29540C32C2E2E0E3D7E9832752AF3, E64C3F5323C59D53409E33E88989FDD2A38B5B602336FC1D8C3702CA9B5EBFC7 ] Modem C:\WINDOWS\system32\drivers\modem.sys
19:45:53.0412 0x2b8c Modem - ok
19:45:53.0414 0x2b8c [ 534477FCAFDFCA6B841BFA06BD26BCC5, 96404FDF0BA2127A3BD24319637EC0C8BE8C42618D9FEDF66F41C5F72840D427 ] monitor C:\WINDOWS\System32\drivers\monitor.sys
19:45:53.0415 0x2b8c monitor - ok
19:45:53.0418 0x2b8c [ F5D4E18A70BA069D479154442CDEB60D, 96345E88BC6A50415E112A4B4CFDF3F4306EA049741C5B0A2BFFC142F15EB5CB ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
19:45:53.0420 0x2b8c mouclass - ok
19:45:53.0423 0x2b8c [ 5C09868963B0C076AC3BC7759A46B7B1, 64CD200A8D90CDC31317009636A3BB6574ABF04BCAC903F93C47823C40CC03F6 ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
19:45:53.0424 0x2b8c mouhid - ok
19:45:53.0425 0x2b8c [ 8BF7039787036529B98E50AE86A0E46B, 69C04D012D026A14E2D2A138EDA79227F9BE4BE1892D517DCDB797F2A5AEDB14 ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
19:45:53.0430 0x2b8c mountmgr - ok
19:45:53.0435 0x2b8c [ AD118EC95E9EF4D5223D681D8F183567, 395B76626956F5B7992676B9CA57B2CA075F0CDA881E14B3ED07ABE2DC0EEDBC ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
19:45:53.0435 0x2b8c mpsdrv - ok
19:45:53.0450 0x2b8c [ 97106D80FD861D5762D5B93D1058D053, 4236FD178ECFC8978FFB3FC0890F357BB4AE10F88AF696617CCD24D93360BA3C ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
19:45:53.0465 0x2b8c MpsSvc - ok
19:45:53.0470 0x2b8c [ D14C297933C82B8CB0B5CBBA4DDC830B, 2EF356F5373F16A7AE2421187FC5C150C09452C835229275B7403181D65C210F ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
19:45:53.0475 0x2b8c MRxDAV - ok
19:45:53.0485 0x2b8c [ F2AD1B72C5A6475FB5FF332E1980DF88, 41E24496FBD61C0A333F567DA7C4E38C5A792724FB56448189099F60114749D5 ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:45:53.0490 0x2b8c mrxsmb - ok
19:45:53.0500 0x2b8c [ 84700F40C0E41AEA91F8F3D6218A8A68, 72BB529367095EE19F299232648B7E347590C9F4F89DE3FDA41724BFCAC1F49C ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
19:45:53.0500 0x2b8c mrxsmb10 - ok
19:45:53.0512 0x2b8c [ BBE8708149EA1C0E981F31291F25895F, E7C9318DE94520606F5806F454BD28E050B9052409FDD5B934B3FF421C1A4C2B ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
19:45:53.0515 0x2b8c mrxsmb20 - ok
19:45:53.0520 0x2b8c [ 44A8A52763381E5DCAE122330191493C, 578630611F151C6D20D52145312F4A824C6FF80E27F282A2109BA6E54FDDC9BB ] MsBridge C:\WINDOWS\system32\drivers\bridge.sys
19:45:53.0522 0x2b8c MsBridge - ok
19:45:53.0525 0x2b8c [ 41C5D9B52F4A1B30C3F7219D601CF12C, E1C1B1CED19D32FA1B765C7C380B9E749893B2018CF358F448E40DA60CB63166 ] MSDTC C:\WINDOWS\System32\msdtc.exe
19:45:53.0530 0x2b8c MSDTC - ok
19:45:53.0535 0x2b8c [ 92C00BD9616F353CA59A755C33269757, E67F05A4A1C44137CCAC0C7292A7010B5920172ACAE32638600E231F28F33035 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
19:45:53.0535 0x2b8c Msfs - ok
19:45:53.0540 0x2b8c [ F27EC8F7A0A779276E5DA2E70C2B01EE, A450DB309F84CAFFCE2A720612BDB260D88E9C390D2BC60874D73A55D8567E04 ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
19:45:53.0540 0x2b8c msgpiowin32 - ok
19:45:53.0540 0x2b8c [ CBA955A54C9446CAAD28C76789D3B071, F6CA1BECA35B13B7CCC9FFB325FACF22713F6B81E8A6540C9967A462E425BBEC ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
19:45:53.0545 0x2b8c mshidkmdf - ok
19:45:53.0545 0x2b8c [ E8E568EF60677E4534F387C53EE1B35F, 2E250EE1A9AE8AFDCA5216BED87328B05713386BD7E61C66A74EF021F2AFE7D7 ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
19:45:53.0545 0x2b8c mshidumdf - ok
19:45:53.0550 0x2b8c [ 16376B7B0730C04DD1A2C0CC8E09E420, 2F39D3254FD272E277B5496A8C93A7CBFBF80F6004AE0343BE9F09C538975910 ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
19:45:53.0550 0x2b8c msisadrv - ok
19:45:53.0555 0x2b8c [ 75FE54E84C1EB0C9C5E09F9FD5928ECC, 971CFEE8FB8364D17CD392E32A32AE57BE6461EAB6C580B52E6D752D4CFDD6B3 ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
19:45:53.0560 0x2b8c MSiSCSI - ok
19:45:53.0560 0x2b8c msiserver - ok
19:45:53.0565 0x2b8c [ C2939119A17E52D74191EFC1E4CDEE09, B5738A32B02CDD816F086BA84C733D9597A0193F42C068D7B90E386D1CA92EE1 ] MSKSSRV C:\WINDOWS\system32\DRIVERS\MSKSSRV.sys
19:45:53.0565 0x2b8c MSKSSRV - ok
19:45:53.0570 0x2b8c [ E40B960078A15D4901265D32E071C42D, AC11B8221C8F529FE3CA6FEB99AF699664C86008A732C3A8E6B1CE31C2272454 ] MsLldp C:\WINDOWS\system32\drivers\mslldp.sys
19:45:53.0575 0x2b8c MsLldp - ok
19:45:53.0575 0x2b8c [ B4860AB91DC4E73936F0FF504D6B4B07, 7371093D9EB62218D20F6B8B3C88CBF01932AEA2923ED119962A78BE46E5A939 ] MSPCLOCK C:\WINDOWS\system32\DRIVERS\MSPCLOCK.sys
19:45:53.0575 0x2b8c MSPCLOCK - ok
19:45:53.0580 0x2b8c [ 8EDC45C3F7F64A51C98B59E24648F74B, 445731F32A37A99FAB3CD5D178A84FB4F835727826211FF18623409D29FF3A1A ] MSPQM C:\WINDOWS\system32\DRIVERS\MSPQM.sys
19:45:53.0580 0x2b8c MSPQM - ok
19:45:53.0590 0x2b8c [ 7DA5FAC2A49D30CA5B7B96B8B26281AC, 168C3AA5C7318184D8F67EA832920FCE64E11D4CC418517D7BDACB9632F0BEA8 ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
19:45:53.0593 0x2b8c MsRPC - ok
19:45:53.0598 0x2b8c [ 7E3365C8BC83DCE88D6226BB5C7170C4, 69D741039CAAFCA93A4CC09CEC14F117527D732A6CF3077AA83E935B03EC3F9C ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
19:45:53.0598 0x2b8c mssmbios - ok
19:45:53.0603 0x2b8c [ 09D51564E49181E9928910D6B91C920E, FB3C918820ACF4506AC49478709B4D4C6489BA0B5113E666C34B916CA5CD6DE7 ] MSTEE C:\WINDOWS\system32\DRIVERS\MSTEE.sys
19:45:53.0603 0x2b8c MSTEE - ok
19:45:53.0608 0x2b8c [ 793AE56A3946EAD5F906C28D294FEFE6, BB563D088084026606C2FBD30A0850BA18363CC173CC6C77272D727CA6C1F9BD ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
19:45:53.0608 0x2b8c MTConfig - ok
19:45:53.0613 0x2b8c [ E35F51C7474A26680627477462715206, 435490915CDD416D666B64C6B4526285EC946E6918CFA85585692B9ED43518B6 ] Mup C:\WINDOWS\system32\Drivers\mup.sys
19:45:53.0615 0x2b8c Mup - ok
19:45:53.0620 0x2b8c [ 74BD1149BF50F1E24934042A3BD17C90, DC4626DC4D629CA7DF336EC7E6435F27D2E252D81945E57F4BF2C981DBCD9B45 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
19:45:53.0622 0x2b8c mvumis - ok
19:45:53.0630 0x2b8c [ 39C772E20B8C61858F969E4D60699D89, 32146D265CD315597C48FB233D77DDACB0FEDDB7E800A0F411A67844BB3ACC67 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
19:45:53.0640 0x2b8c NativeWifiP - ok
19:45:53.0655 0x2b8c [ BC80F85C129F12A5F64D6741A120B539, AD410F13BCBDE54F98E353BD4DAF30CC5A0A9990FC4F1AB3623EF3175EEBCAF7 ] NaturalAuthentication C:\WINDOWS\System32\NaturalAuth.dll
19:45:53.0665 0x2b8c NaturalAuthentication - ok
19:45:53.0670 0x2b8c [ F2EA6F3165E154C24C084AC35DD6C3F8, 4F8CB75770945F5A28CC308917A124109F7462CE933695B9CAA3FE2CAE76C445 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
19:45:53.0675 0x2b8c NcaSvc - ok
19:45:53.0680 0x2b8c [ 9B3C6582CFB91BA2A04B1D06D8E2FB98, 431E6B075FD24002724E8A2ED9FB3221AD66D1F1D021B56466187D97E5B43A1F ] NcbService C:\WINDOWS\System32\ncbservice.dll
19:45:53.0690 0x2b8c NcbService - ok
19:45:53.0690 0x2b8c [ 932E2E43078A3D786A46A5428F21B314, 17F1CC3388D80F1E1850063114C1EB72EEA149D9C8FA3501C0F9EB55C9E0C58D ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
19:45:53.0695 0x2b8c NcdAutoSetup - ok
19:45:53.0700 0x2b8c [ 0FFE8AF1B94C5FD54E6ACC6DAE990D31, B67D3CA3460D4700D8B83EFE4B6A7AA940650E84D985484FBAA1EE80F3632133 ] ndfltr C:\WINDOWS\System32\drivers\ndfltr.sys
19:45:53.0700 0x2b8c ndfltr - ok
19:45:53.0725 0x2b8c [ 64BB1D5A6A8711C980D2ABAB0ADFFF8E, 85061564E6684136D544A556896C9BDDC93146B94416F49DB8E9321E38DF46D0 ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
19:45:53.0740 0x2b8c NDIS - ok
19:45:53.0745 0x2b8c [ 4EA73CFDEE4A628D387D95464A131F29, 38A6E2389FA9B20A7AFDF3CFCD13B66489B92D853EE486BF81019F0A36A142E1 ] NdisCap C:\WINDOWS\system32\drivers\ndiscap.sys
19:45:53.0750 0x2b8c NdisCap - ok
19:45:53.0750 0x2b8c [ EB127689AF6F24091AB73538A556257F, BC25067D355084D6893E9262750433044C28893BB27A67BF7AF5008742C6D359 ] NdisImPlatform C:\WINDOWS\system32\drivers\NdisImPlatform.sys
19:45:53.0755 0x2b8c NdisImPlatform - ok
19:45:53.0755 0x2b8c [ 73B4C72FB6170A08C64BDA92DE93ECF7, 766BBE659232F0F5EAEE577EE88091FB76175BC52D65B9637126069C97E795D4 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:45:53.0760 0x2b8c NdisTapi - ok
19:45:53.0760 0x2b8c [ 6704F27EB15A5B30AA7FA5A4F4D1FD47, 841F99B3C751F4D4E23C0E7B5C275B4871C1D5EF937A93129DF64DF49F6B6736 ] Ndisuio C:\WINDOWS\system32\drivers\ndisuio.sys
19:45:53.0765 0x2b8c Ndisuio - ok
19:45:53.0765 0x2b8c [ FE87CCAA89433FC306A80F15E848F4B2, 3269FDF53DA59057E066D582FCBB96B71C8063B8F488856A9DEA414B4797E43A ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
19:45:53.0765 0x2b8c NdisVirtualBus - ok
19:45:53.0775 0x2b8c [ 94517BC9F29A1B73D377F1BF1C3DCA34, 45A34D7AAA851C643E80C0F61CBF8544B8A2E8E7DAB2D5AB6F3A34FDEE4AB0B3 ] NdisWan C:\WINDOWS\System32\drivers\ndiswan.sys
19:45:53.0775 0x2b8c NdisWan - ok
19:45:53.0780 0x2b8c [ 94517BC9F29A1B73D377F1BF1C3DCA34, 45A34D7AAA851C643E80C0F61CBF8544B8A2E8E7DAB2D5AB6F3A34FDEE4AB0B3 ] ndiswanlegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:45:53.0785 0x2b8c ndiswanlegacy - ok
19:45:53.0785 0x2b8c [ AC6AC99075732F5C29DB0004DD5B1AC6, 684EC821EF5C60DA540CA36EC192B09E62440AAD5B13F0F4C23DDC4A9B96F28C ] ndproxy C:\WINDOWS\system32\DRIVERS\NDProxy.sys
19:45:53.0790 0x2b8c ndproxy - ok
19:45:53.0795 0x2b8c [ 9AC090451D92E6081EB89CDA83D74189, D4D442412F112853AA8D88DFB5F695AE4E8E2C361905992537EE53BE675FECE8 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
19:45:53.0795 0x2b8c Ndu - ok
19:45:53.0800 0x2b8c [ A115DDB2C7805C41EEC9A5276FF5764E, FC81D0BE2DAAC6E7161C0FC5C90050022A39AD50E28040D5357C0E1FD6C0B6B5 ] NetAdapterCx C:\WINDOWS\system32\drivers\NetAdapterCx.sys
19:45:53.0805 0x2b8c NetAdapterCx - ok
19:45:53.0805 0x2b8c [ F420B6CAB5151A38E4DBBFFB500C11DA, 271F495B261461B8EA847BFDD87C155E6DC1B6236C161B8253A1F023706B1B1D ] NetBIOS C:\WINDOWS\system32\drivers\netbios.sys
19:45:53.0810 0x2b8c NetBIOS - ok
19:45:53.0818 0x2b8c [ BAD3C424788BC071C3EC82CFCDA954D2, 7AA11C36C8365B476361FC4F05C612066C5159C7C1813314E881E1A3A4B75271 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
19:45:53.0823 0x2b8c NetBT - ok
19:45:53.0824 0x2b8c [ 9936F9E94C6E3F47A158D7BFF020575A, D28F6BBCBA07AD8FC17C99D701A0C9367270C4A504BAAB7B840931BBF333D65D ] Netlogon C:\WINDOWS\system32\lsass.exe
19:45:53.0824 0x2b8c Netlogon - ok
19:45:53.0835 0x2b8c [ D9FF8CA42C3541F4840693F17143C595, B05FB0B6439B34BD93EE59DC48BBE3D712A7428EFBFE37A887CE8546E57EE68F ] Netman C:\WINDOWS\System32\netman.dll
19:45:53.0840 0x2b8c Netman - ok
19:45:53.0850 0x2b8c [ 96173660A4DD4A56E4B8938A67DAD9B7, F1D8F94625C6461DB89F8D3BDC73748F8A7F3446694BD1F148AF9BE6F17E9543 ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
19:45:53.0855 0x2b8c netprofm - ok
19:45:53.0865 0x2b8c [ 79C810D49E6D2825F51B0D7CAA6E2FAD, 19B7FB87FC8CE8FEA456F06D32099ED5B69FE38D2954580D4CEC32998D206E9F ] NetSetupSvc C:\WINDOWS\System32\NetSetupSvc.dll
19:45:53.0870 0x2b8c NetSetupSvc - ok
19:45:53.0875 0x2b8c [ 4D37150AB4D61598919AB70ACFD1369A, 9ABF73213988ED9AA72B2658F8B91967A24C7CC2049859D86CE9C51A4AB57A84 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:45:53.0880 0x2b8c NetTcpPortSharing - ok
19:45:53.0885 0x2b8c [ 8C03F2F5A9E93AEB08B3AEE51552394A, F95185FB8D5FDEAB39E593488BA6ABCFA9C081BFED05008E0CD95F29B894AFC8 ] netvsc C:\WINDOWS\System32\drivers\netvsc.sys
19:45:53.0885 0x2b8c netvsc - ok
19:45:53.0940 0x2b8c [ 387ADDE3084B0E98CD2943705377F9C8, CC29F396277518CED5453870E08653BE95BF0E0BD7DD94DF9E84A35FFE80CDAB ] NETwNb64 C:\WINDOWS\System32\drivers\Netwbw02.sys
19:45:53.0985 0x2b8c NETwNb64 - ok
19:45:54.0000 0x2b8c [ 56CB676DC058995ED3AD61AF233B9975, 2658B1B5E0059D4C0CE8F82D327AFBBAD5CF6C5774C95039D39815092A74E4A1 ] NgcCtnrSvc C:\WINDOWS\System32\NgcCtnrSvc.dll
19:45:54.0005 0x2b8c NgcCtnrSvc - ok
19:45:54.0025 0x2b8c [ 7D50141D1705AFB6BF2683201699FEC1, 1D333DD10BA6987A2787F2CF492E38029E2744BAA6B9354E8B2B8D22971B3D79 ] NgcSvc C:\WINDOWS\system32\ngcsvc.dll
19:45:54.0040 0x2b8c NgcSvc - ok
19:45:54.0050 0x2b8c [ 50F98CD010326B58F09082BACF3123AE, 124446A2905E23BB3F5763E347842F3F511EC44C37C2F85E409F73EC8F53924E ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
19:45:54.0055 0x2b8c NlaSvc - ok
19:45:54.0060 0x2b8c [ 6D8F6A9C53CFB0C49E8251A442B7283F, C3E913E4997C35A9B4C2E613A499F01D15264EAB699B93269B690B2A74A70E9A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
19:45:54.0060 0x2b8c Npfs - ok
19:45:54.0065 0x2b8c [ BABF7E1757D6908941C9F9CBD66A5EF0, 323E743CB26583763A9C5DE64E7E08138CB8D3E2DE0A8BCE9F774E1C7426E7F8 ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
19:45:54.0065 0x2b8c npsvctrig - ok
19:45:54.0070 0x2b8c [ A85EB5721C7203AAAAAA04F551960CD9, E61ED728E154799346C749159BFE36FAEB2CE64FC5735F533B910017D66A7EE5 ] nsi C:\WINDOWS\system32\nsisvc.dll
19:45:54.0070 0x2b8c nsi - ok
19:45:54.0075 0x2b8c [ 244C3E541E741C9D8F67E05D9D9AFBE7, 5848515910FD6FF01B94108E33BEBCA26D46DE54C6AC9CF9F5533180E16788AB ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
19:45:54.0075 0x2b8c nsiproxy - ok
19:45:54.0120 0x2b8c [ 075F8C81457804BB79DD33FE69A96C57, EFAA1C6CEEC995E87EB15DA40178EA3534A73C8F6ADCF5F3FEC1C7BB99B78687 ] NTFS C:\WINDOWS\system32\drivers\NTFS.sys
19:45:54.0150 0x2b8c NTFS - ok
19:45:54.0155 0x2b8c [ 4FFB2D5655D10700D5B8E205C4DB86BD, 69078960669A373F9C2D47AF2ED841619831106B681EBAAEAAE5BD569A54CE6D ] Null C:\WINDOWS\system32\drivers\Null.sys
19:45:54.0155 0x2b8c Null - ok
19:45:54.0155 0x2b8c [ 99EB6376EC2C03CE5F668577651E3454, A783FFBF89A9074E2074ACAF3F55862DF2F05CAFEAF6A2D509DDA665EB0D59CB ] nvdimmn C:\WINDOWS\System32\drivers\nvdimmn.sys
19:45:54.0160 0x2b8c nvdimmn - ok
19:45:54.0165 0x2b8c [ 3DB2E9E207358BFBD09B77B5119ECA5B, 55FED85EFC06B7AB5031D9986E4E4D2FA8841C549081ABBA9F9D9BBAB7852B37 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
19:45:54.0165 0x2b8c nvraid - ok
19:45:54.0170 0x2b8c [ 4C04BFBD4DB2EECCC47F5FA39D65BB6E, 9312DC4F7000991946D92D87DD9D37D70E336629EDBA553BFC79804049E34B73 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
19:45:54.0175 0x2b8c nvstor - ok
19:45:54.0185 0x2b8c [ 0D611DC17E48B6F8DD466A089170D118, E55A78E2CC6A0A5F7B8F0B75DFB2297FBC3B959C4FDEFBEA1C6C4E7706724AEB ] OneSyncSvc C:\WINDOWS\System32\APHostService.dll
19:45:54.0190 0x2b8c OneSyncSvc - ok
19:45:54.0195 0x2b8c [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:45:54.0200 0x2b8c ose - ok
19:45:54.0265 0x2b8c [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:45:54.0330 0x2b8c osppsvc - ok
19:45:54.0345 0x2b8c [ F5F10CE848CAF07A12A7B92290DBA38A, AC6AC13B692D07A6853B24A6396F1C3388586FD5D528F79FA3E373428D54D29A ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
19:45:54.0350 0x2b8c p2pimsvc - ok
19:45:54.0360 0x2b8c [ D1A9C22A98A10EB11A190B8FC7C07C6A, 1DE5F07E707DA9D833F105A8D948BBAEF0172DB2147D9A665EC7320F88D57B9E ] p2psvc C:\WINDOWS\system32\p2psvc.dll
19:45:54.0370 0x2b8c p2psvc - ok
19:45:54.0375 0x2b8c [ 2CC6C325B271C7CA60F374F8F868CB45, 569391CA5DF003ED33CAA89FD38834641023C24F7FAE2261F6DA8ABC5CC9C3C9 ] Parport C:\WINDOWS\System32\drivers\parport.sys
19:45:54.0375 0x2b8c Parport - ok
19:45:54.0380 0x2b8c [ ABE0711474C0518FD914F62AB4FB83E8, 17F38D28D0A2275A6A1E5BC2C60BF2459B0D642EDC42B59F4A1BCFC1100C8502 ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
19:45:54.0385 0x2b8c partmgr - ok
19:45:54.0395 0x2b8c [ 72ABB842C15A6C3AC3D954308C6BF206, 8F2A69E3BE43BCD2C8A39153062216B5CCEC9FA62205EC8A23FAB209DFAE7062 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
19:45:54.0400 0x2b8c PcaSvc - ok
19:45:54.0412 0x2b8c [ 4B5F5774FF1C577B9515FDD2B5C535C5, 1D053020079124AC526D84AFFB17BF4A1563ECD872C83B4B6299C9AA6A732557 ] PCDSRVC{3B54B31B-D06B6431-06020200}_0 c:\program files\dell\supportassist\pcdsrvc_x64.pkms
19:45:54.0430 0x2b8c PCDSRVC{3B54B31B-D06B6431-06020200}_0 - ok
19:45:54.0440 0x2b8c [ C5B74C6D87E77BC64DEBD1BF57DEB375, AEBC86E404D4E3985D9FBAD9913AC52127DDE7C79062830717CDFEEA4CD7CC0B ] pci C:\WINDOWS\system32\drivers\pci.sys
19:45:54.0445 0x2b8c pci - ok
19:45:54.0450 0x2b8c [ CFB85CB7A6F6926EA0EB96EDFB3C8A91, 7B3A58C165DF231BB202D8A2036272932439864F8EBDC62811E2BEFA8B36FC01 ] pciide C:\WINDOWS\system32\drivers\pciide.sys
19:45:54.0450 0x2b8c pciide - ok
19:45:54.0455 0x2b8c [ 13B7D84B397A90E82682C47A15C3A98D, 7F897DA83209381A8C26B34416899E276256AB587DC4E2B60B185CAC8D1877F0 ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
19:45:54.0460 0x2b8c pcmcia - ok
19:45:54.0460 0x2b8c [ 76EA512FD9D4673CF7A57775EE8922E2, 6D2B90616A46BC4F9BB6BACBD78EB33C23834987365C87617AFC2E147871C984 ] pcw C:\WINDOWS\system32\drivers\pcw.sys
19:45:54.0465 0x2b8c pcw - ok
19:45:54.0470 0x2b8c [ 10E48E45A03A7F4C2B7C11738BE87816, 44870E26C3B75D51F5035DE78E62F3EFF222D314DAACBD60AE40BF34BC706F2E ] pdc C:\WINDOWS\system32\drivers\pdc.sys
19:45:54.0470 0x2b8c pdc - ok
19:45:54.0485 0x2b8c [ 4F190BA3C9BD2F0277BCBF480F396091, F09613C76350706992B39D7EA9B859D28F00790E5AC17CA7D49C3E270B9D8994 ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
19:45:54.0495 0x2b8c PEAUTH - ok
19:45:54.0500 0x2b8c [ FE52FF97A094609429FEF098EDC6FB08, 6762ED340048AF61B756CB7B576BE2057768FDB677623D01F2A592727C0E5A00 ] percsas2i C:\WINDOWS\system32\drivers\percsas2i.sys
19:45:54.0500 0x2b8c percsas2i - ok
19:45:54.0505 0x2b8c [ FCA143274792F12383C35902E801E83A, 87D93226E32153794993035553C9935D07242631E182460D8ED13650175C0F01 ] percsas3i C:\WINDOWS\system32\drivers\percsas3i.sys
19:45:54.0505 0x2b8c percsas3i - ok
19:45:54.0523 0x2b8c [ 4DAD2C73778D41F951B33854936E7BDC, 1421FDA2D083D5923422A038C54603BF798C48DDB7244DBEDA46D537B8CE1534 ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
19:45:54.0525 0x2b8c PerfHost - ok
19:45:54.0540 0x2b8c [ D4D4AFF22AEC7595EF24DB0FDCC06259, 4D3D7ECB724FE41924BA7699316D50566FE828B5B53616EC50DFBEE91C6464FA ] PhoneSvc C:\WINDOWS\System32\PhoneService.dll
19:45:54.0550 0x2b8c PhoneSvc - ok
19:45:54.0560 0x2b8c [ 97D85602B8131C487EB08A36F7343F5E, BEDC106AF06358D40BB034390645A5BFF9C138CFD51B5997D32614741D3D2372 ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
19:45:54.0560 0x2b8c PimIndexMaintenanceSvc - ok
19:45:54.0585 0x2b8c [ F9FB601621FF33376F3908C2C27C6EF4, 8689565D4FD1C68826EA0A9C2B44377A2AEC3CD812595F0D32904D8FA5809672 ] pla C:\WINDOWS\system32\pla.dll
19:45:54.0606 0x2b8c pla - ok
19:45:54.0616 0x2b8c [ 7737AC3A01EC8B5872A810B4C69D84CB, B1CD40A6810EBFC173DBB4B69F35B013E136FC3C0783A5144D5613A8B6E600D9 ] PlaysService C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
19:45:54.0617 0x2b8c PlaysService - ok
19:45:54.0622 0x2b8c [ A2BACEBAC01BE7A6656B454E75C23262, C2C168718A341D48679AC4CA8005BD06E9F1F0D1F7C72D3C30A7A8CE1F665A43 ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
19:45:54.0624 0x2b8c PlugPlay - ok
19:45:54.0625 0x2b8c [ 414CA4DCC31D795882B25ADC1DACE779, AFD8D9AA24C64DD9569FDCBE65171810FE27AF24B8DD2941FECE6245EABB6AAC ] pmem C:\WINDOWS\System32\drivers\pmem.sys
19:45:54.0630 0x2b8c pmem - ok
19:45:54.0635 0x2b8c [ D54385DD5A39A5636D1587FC9ECFC337, DEEA5D433CB2DA55AE58C7C5431A1249C94B61606F0A75E4A44D516619060263 ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
19:45:54.0635 0x2b8c PNRPAutoReg - ok
19:45:54.0645 0x2b8c [ F5F10CE848CAF07A12A7B92290DBA38A, AC6AC13B692D07A6853B24A6396F1C3388586FD5D528F79FA3E373428D54D29A ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
19:45:54.0650 0x2b8c PNRPsvc - ok
19:45:54.0660 0x2b8c [ 118E91AEE8F6DDAD088F955498CF2487, F4447C64CF1F36432E0FF09B6712DCE61BF28E3499F20C6C69E80D98B42D671E ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
19:45:54.0665 0x2b8c PolicyAgent - ok
19:45:54.0670 0x2b8c [ F6A0B848F75CF55E3980EA0FADCBA317, 11D8B12B4DE867B180965B0F2FD0F362265C518F76FE3351A2B7C9C2FFC5E137 ] Power C:\WINDOWS\system32\umpo.dll
19:45:54.0675 0x2b8c Power - ok
19:45:54.0680 0x2b8c [ D292D7FADCEE481CC64A9DE8FE9C3347, BD870A375E33CD8434CA97FFE9C2F84E58C6CD0EAEEEE8922172CB01F9674B55 ] PptpMiniport C:\WINDOWS\System32\drivers\raspptp.sys
19:45:54.0680 0x2b8c PptpMiniport - ok
19:45:54.0726 0x2b8c [ 5404E7A968A26DF03793B6F68536594D, BE5A85581E87EFE4DB43AD17B8D42D3F7F32364AEEC1416DBB94279C4A203FF2 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
19:45:54.0761 0x2b8c PrintNotify - ok
19:45:54.0766 0x2b8c [ D57CF871B3977731A91FE9611A54C7C1, B6C7F685716A88D0978377B83C5320C88EED0CAA44A001849AAFF71E4E0682E7 ] Processor C:\WINDOWS\System32\drivers\processr.sys
19:45:54.0771 0x2b8c Processor - ok
19:45:54.0796 0x2b8c [ B41C744B12DE152865D37F9854A46331, E32777054089D06ED260AA0F4964D56D162F51FD63BCF2B9E3401FCED9F317F3 ] ProductAgentService C:\Program Files\Bitdefender Agent\ProductAgentService.exe
19:45:54.0811 0x2b8c ProductAgentService - ok
19:45:54.0821 0x2b8c [ EBBAEA19BB7BF5E7CF09BE1C294E2699, 4FAF59D5393A6979627A061216676106A3941F2FBAE8E1CD5485E49BB57A6297 ] ProfSvc C:\WINDOWS\system32\profsvc.dll
19:45:54.0826 0x2b8c ProfSvc - ok
19:45:54.0832 0x2b8c [ B60431D2A046AD97F8427F6E568370F5, CD488E343585A5AC19D9AAF88BF0BB7EEA1BC48F6DA4A4FBF9BE5A04ECF5040B ] Psched C:\WINDOWS\system32\drivers\pacer.sys
19:45:54.0834 0x2b8c Psched - ok
19:45:54.0839 0x2b8c [ E0DCCA2A78516D155A6485CCA99F0EA5, EAFD24F815ECD6373BEC8E75B24FB54694CB8E4FF430FB6886F9B5B1C1762BFC ] QWAVE C:\WINDOWS\system32\qwave.dll
19:45:54.0849 0x2b8c QWAVE - ok
19:45:54.0849 0x2b8c [ A2B0F46FBA2521E7E732BDBDB1238515, 7F0FEFB09770BF5889D6C2219F68399C962A3F1071E70C4951B6FDAE196CF041 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
19:45:54.0854 0x2b8c QWAVEdrv - ok
19:45:54.0854 0x2b8c [ EA9EB06EFC325CD2ACF5DF2F26A4894E, 32AC7EDB42CDA736E2AD9AB67795735F16234D9BD80D56FDAE5B8B3C3C1CC26F ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
19:45:54.0859 0x2b8c RasAcd - ok
19:45:54.0864 0x2b8c [ 4E9379389D0A851DD19D130C8FAEFBD0, 279A25EF8949A5BAF311CA75493A5F89F74A02711EF875F67D0A95849B409C00 ] RasAgileVpn C:\WINDOWS\System32\drivers\AgileVpn.sys
19:45:54.0864 0x2b8c RasAgileVpn - ok
19:45:54.0869 0x2b8c [ 3E8CB44832FE3F96047187291523CDA1, 999A10D4D50CD2C39309FDC04A9F4CB0959BA061AE9305D4DF7F00F37F3813F9 ] RasAuto C:\WINDOWS\System32\rasauto.dll
19:45:54.0874 0x2b8c RasAuto - ok
19:45:54.0879 0x2b8c [ 5279EC98F6218D29EADDFECCC0D80E9A, 6F376FC3BEFA9F521635192177962AF1F41173502EC067896B7C2A5FB71E7A3B ] Rasl2tp C:\WINDOWS\System32\drivers\rasl2tp.sys
19:45:54.0879 0x2b8c Rasl2tp - ok
19:45:54.0894 0x2b8c [ FCC5824BCB4D12AFC40C61CADDC7175C, 2C2464849320B2E18B9A94574AA20218AF4EA50E9947C990068F086061400275 ] RasMan C:\WINDOWS\System32\rasmans.dll
19:45:54.0909 0x2b8c RasMan - ok
19:45:54.0915 0x2b8c [ D7FF75ED7A48FD60A573C9E959CF4DB5, C67673E2D678527F8C07C9BCC487D385B92282D9D73396CFB01F14F5211CA991 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
19:45:54.0917 0x2b8c RasPppoe - ok
19:45:54.0921 0x2b8c [ 6A4E45A7F17FA0B4B1B48C550E311944, 1E84A559B7AA5F07E8156D223EFFB1B2B43D1E4E90E561D8DF2C257FFBCFDC0D ] RasSstp C:\WINDOWS\System32\drivers\rassstp.sys
19:45:54.0922 0x2b8c RasSstp - ok
19:45:54.0931 0x2b8c [ F2C575A9657F7B2E027C6CE7BC8F1A2D, 5D002488CCEDCEBF0542F508FCE47DC9105C67D5685489970048437BD243AC0E ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
19:45:54.0936 0x2b8c rdbss - ok
19:45:54.0941 0x2b8c [ 9414B22E093243636D362BF8C8C12A67, 575CE91AFADD771CBF86377962EDFAF70150BBA575F8DF144FEE6CC1C0FF88E0 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
19:45:54.0946 0x2b8c rdpbus - ok
19:45:54.0951 0x2b8c [ 53A01D3FDB701AC5D9DDE4140227E3D9, 833AF0BAAB49B58C71C684D2AA20B900C27E19DDCE5E15355C7ABAAB33BC7673 ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
19:45:54.0951 0x2b8c RDPDR - ok
19:45:54.0956 0x2b8c [ DF32ED51DC0C3F6F3B1C4CEF71B8B426, DBEAD271B5DE6439E3106BDDB8B1E47D7BA47AE203CF3E1F8924CE02FDCA6E0B ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
19:45:54.0961 0x2b8c RdpVideoMiniport - ok
19:45:54.0966 0x2b8c [ 2369A5B651308E0C3458143976E9B03B, 0EDE99F7E2A7668E90C2FCA11D4BCE0676FBEA2CCFB57A004827CE5FE96D1584 ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
19:45:54.0971 0x2b8c rdyboost - ok
19:45:54.0996 0x2b8c [ 3581FB9529035F8EC6DB681664CA70B1, 0C7BCD6A3B4248683C52B69F0B373D5929C2375F9BBF6CA80C480A8E7446A30C ] ReFS C:\WINDOWS\system32\drivers\ReFS.sys
19:45:55.0022 0x2b8c ReFS - ok
19:45:55.0036 0x2b8c [ 79E1ADE19D8B7C56EF29D098EAF57AD0, 295D0F04359A00849759976710F6CB83DB96E5007946930EA19865620EA3EFE7 ] ReFSv1 C:\WINDOWS\system32\drivers\ReFSv1.sys
19:45:55.0051 0x2b8c ReFSv1 - ok
19:45:55.0061 0x2b8c [ D91C597DE82E1500525945E1FFF24B0F, 3F5837A743715FB2CCBFC9458FBE010AED170B46515925D4C7C59BBAC792F695 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
19:45:55.0071 0x2b8c RemoteAccess - ok
19:45:55.0076 0x2b8c [ 19D1072193DAF71C97E5A05FC7673BB3, 313C3762CCC490C20B5561A78E6002E7A52F0142B370F17849DD4AB2F0AF6513 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
19:45:55.0076 0x2b8c RemoteRegistry - ok
19:45:55.0091 0x2b8c [ A12D167F73C3E285AC623BCA62B3A8BC, 6E8213808C22C0688BD40721FBBBAA88BFEFA1BD304BC19AA015FC541CA5BF84 ] RetailDemo C:\WINDOWS\system32\RDXService.dll
19:45:55.0101 0x2b8c RetailDemo - ok
19:45:55.0106 0x2b8c [ 9179005CD2702635CF12DB5E0A9D1B0E, 31D777C82A44A2420F0415E182C12CE4EDFF60362B2136EC074E38B2DC7BDB8E ] RFCOMM C:\WINDOWS\System32\drivers\rfcomm.sys
19:45:55.0113 0x2b8c RFCOMM - ok
19:45:55.0120 0x2b8c [ CBE300DA6064C31F2AC4ED8A0722BEF0, D98D41937E36390426F521713AF2BAA1E49E750BBEAC420D1BD770EB303F1E4F ] RichVideo C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
19:45:55.0123 0x2b8c RichVideo - ok
19:45:55.0125 0x2b8c [ D31B2CD9458D2E212A5F24D56D2FB8D5, D8EC0BDB9D143C050A48217C57AA1BA6D60EEFEF67A98441064BD8FD339987DD ] RmSvc C:\WINDOWS\System32\RMapi.dll
19:45:55.0130 0x2b8c RmSvc - ok
19:45:55.0135 0x2b8c [ C79F1F7C8A5FCBE90E3C833299AA1F59, 7969E79B2095BDA144AA369DE21F49C9FAD272B5864B2F0FD28CB28D148F2AD6 ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
19:45:55.0135 0x2b8c RpcEptMapper - ok
19:45:55.0140 0x2b8c [ 1CE6928C1587F9760F7C3A036786CAE8, 3E4F5371E0DDDBA612BF61891D17D691DCAFB2E1010BBD84737FBD98DA8C03DE ] RpcLocator C:\WINDOWS\system32\locator.exe
19:45:55.0140 0x2b8c RpcLocator - ok
19:45:55.0160 0x2b8c [ AA7F1C36F5BC779964CFA4F98D224D9F, 6DAF4FCE696B1D6A76E127A905C158724B13C20D2AA0F460F6C2E747E9525D98 ] RpcSs C:\WINDOWS\system32\rpcss.dll
19:45:55.0170 0x2b8c RpcSs - ok
19:45:55.0175 0x2b8c [ E87EECED9287C275B6CF30EB598B1D77, D0C5D4E37A3FAD422C0ECFFAB53904D9FD5385129DE2BC5AF75D91CD016EA6AC ] rspndr C:\WINDOWS\system32\drivers\rspndr.sys
19:45:55.0175 0x2b8c rspndr - ok
19:45:55.0185 0x2b8c [ 9CF8593B62102545CB1652A1D8748FDD, 818639795720A7567CCE01EBC24A0119BFDCEA1B7A5ED4A11B5012D763C1B5CC ] RSUSBSTOR C:\WINDOWS\System32\Drivers\RtsUStor.sys
19:45:55.0190 0x2b8c RSUSBSTOR - ok
19:45:55.0205 0x2b8c [ 12A3D1530E3F67B8664EBA923A3981E4, 8670C39EB0A7C37C17D014A8917493B776DE0829B55EFED13D91B6FA7B81CA11 ] rt640x64 C:\WINDOWS\System32\drivers\rt640x64.sys
19:45:55.0221 0x2b8c rt640x64 - ok
19:45:55.0225 0x2b8c [ DBE1ADA144291F8E0F29ECC40AE14562, D85E5F698EFC6B2374FB330BE4C6828AA3E1A87D3F08BB855A790A5113D5ED5B ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
19:45:55.0230 0x2b8c RtkAudioService - ok
19:45:55.0235 0x2b8c [ 6308366D3CDEA5F427CFF4BCF0081B4E, ABB91A41C09A1607C66BD380FD0A3EECAAF9AD534856CCC78DE1A4E450ADB07F ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
19:45:55.0235 0x2b8c s3cap - ok
19:45:55.0240 0x2b8c [ 9936F9E94C6E3F47A158D7BFF020575A, D28F6BBCBA07AD8FC17C99D701A0C9367270C4A504BAAB7B840931BBF333D65D ] SamSs C:\WINDOWS\system32\lsass.exe
19:45:55.0240 0x2b8c SamSs - ok
19:45:55.0245 0x2b8c [ 33B2DC5C2F19DA89F862484E23D9833D, 1C3BD1804767D087BE1510EEDCE94FFAC096922C821A123DB1BACDA5777246A7 ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
19:45:55.0245 0x2b8c sbp2port - ok
19:45:55.0255 0x2b8c [ 53F03A8A228D6C8016139A4B2583A2D8, 8EA046C7537B2D926D3AE1F058A9880F823EBEA6DC77F312082EDE1722F08236 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
19:45:55.0260 0x2b8c SCardSvr - ok
19:45:55.0265 0x2b8c [ CBCC25CDF5D30ACB253CC92ADC7D569C, 0DF0DE3B0F0007E4F3D663EB7CC503C38B5A99F5859A6BD8564F8153F1D925D5 ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll
19:45:55.0270 0x2b8c ScDeviceEnum - ok
19:45:55.0270 0x2b8c [ 5CFEEFCC6FAD1FD09ACCFBD652DDD85B, F90104CC42073ACD48A2FCCEDF58B57D8663223406ECB0A270140A053E9260B3 ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
19:45:55.0275 0x2b8c scfilter - ok
19:45:55.0290 0x2b8c [ 5BBFA6CA63E8A5BB8FA2FA84A5562CE2, C74CD0A76473343A8620D26C96F7300026C295EDF61B8A336AB326DFE861678D ] Schedule C:\WINDOWS\system32\schedsvc.dll
19:45:55.0305 0x2b8c Schedule - ok
19:45:55.0305 0x2b8c [ 5C8620FAC0E3C1658C8EF7AD7BB7EA5F, FEBE7FC79FCDF692167D82DE54031FD68BD2941544007EEB3D82C21E7F1C5C83 ] scmbus C:\WINDOWS\system32\drivers\scmbus.sys
19:45:55.0311 0x2b8c scmbus - ok
19:45:55.0317 0x2b8c [ 62E13528B9F900A5662E243D4315F10B, B3F4868E80A3A2EDEC19E5AA32C96FF90B08D6B9BD35B80EA01E6A098D46040B ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
19:45:55.0319 0x2b8c SCPolicySvc - ok
19:45:55.0325 0x2b8c [ 958E956E119EB7B9ABA142AFED1B5FF4, DB76B53124C91C959AF6F6E3FA8BEE4B74C1D7CB4684CD88380270CFF3C4469F ] ScsiAccess C:\Program Files (x86)\Photodex\ProShow Producer\ScsiAccess.exe
19:45:55.0325 0x2b8c ScsiAccess - ok
19:45:55.0336 0x2b8c [ 134FB9DCA9244455917D80D33CA31ACA, 0B17BB514A14096C8F67D73F27E52C90E4BD343B131BD554D7DD3B424B4E070B ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
19:45:55.0336 0x2b8c sdbus - ok
19:45:55.0341 0x2b8c [ 464B615872981015AC4FEEBDEA83A063, 5CF491352B267241CA11F08E72E6EA668A595662561892E0D02CCA5B71172E14 ] SDFRd C:\WINDOWS\System32\drivers\SDFRd.sys
19:45:55.0341 0x2b8c SDFRd - ok
19:45:55.0346 0x2b8c [ 847F01FB8504425BB255856A14278A86, 41997D25D12779CA79551988C56FA0A302367076B09A82F620858EDDDBFCE3FF ] SDRSVC C:\WINDOWS\System32\SDRSVC.dll
19:45:55.0351 0x2b8c SDRSVC - ok
19:45:55.0356 0x2b8c [ 6BC219F1D9CDE08CEB9084ADB41FBA01, DA8AC3B42A72515A1976961976203A52D4C8636586EB5EF6B466AAF967A6567E ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
19:45:55.0356 0x2b8c sdstor - ok
19:45:55.0361 0x2b8c [ 2AE8505519C7E8A903DD7BE793A79846, 7044B1BC183E028BCFB544489B033F0968F033696F9816F354329ABD26C6EE7E ] seclogon C:\WINDOWS\system32\seclogon.dll
19:45:55.0361 0x2b8c seclogon - ok
19:45:55.0371 0x2b8c [ 1D4F5F50BEA1329FAEFA5D15F683F87F, C5E0BFFB4E4589AAD87D8BA0F779DC94ED6F85A8003B71D0A858CC32912A3F0F ] SecurityHealthService C:\WINDOWS\system32\SecurityHealthService.exe
19:45:55.0376 0x2b8c SecurityHealthService - ok
19:45:55.0396 0x2b8c [ 77FB9BE8EDDCC999D09F2B1A7878A2A9, 589774C006A339FCA9772C37C9103C73C8592E018553804B97F34E2A0069A3F7 ] SEMgrSvc C:\WINDOWS\system32\SEMgrSvc.dll
19:45:55.0415 0x2b8c SEMgrSvc - ok
19:45:55.0420 0x2b8c [ 25456AF499A0C9C4A93CFAC70BDE9CC2, 885C1A9C8BFA73D9C9C454759DF871237F7C0F28D879E98B4BE0D0113C549B09 ] SENS C:\WINDOWS\System32\sens.dll
19:45:55.0422 0x2b8c SENS - ok
19:45:55.0441 0x2b8c [ 892C955E1081412942F64679E0DD7A5D, 6A28012270FA1FB3BB279102C67FA5296564630181C887E1EA6EA1F952A30C37 ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
19:45:55.0461 0x2b8c SensorDataService - ok
19:45:55.0471 0x2b8c [ AA4BA5CCB3B01E23605ACE13F4A94ECE, 7D8374FA03C33CFC7EA7CF680F81B0090AB22076E389EB6B6233F696FC63E1B0 ] SensorService C:\WINDOWS\system32\SensorService.dll
19:45:55.0481 0x2b8c SensorService - ok
19:45:55.0486 0x2b8c [ 00897F867A525D2118DF98E2DCADA050, ADAEB414EE5F3EFE90AE8A56136FB0165CF68962661FE0B937150235DE1F4DE6 ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
19:45:55.0491 0x2b8c SensrSvc - ok
19:45:55.0496 0x2b8c [ 585329F62195A4B7AAD0A95F6EC89751, E7ADED97ACA8E8E06C368E24702C22D4C2B0B9495DEA24A2DC2A30782099BDCE ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
19:45:55.0496 0x2b8c SerCx - ok
19:45:55.0501 0x2b8c [ C8F4FDA8B3D039D7947344614FF5BFB2, 1A3B88EC59F2A820AFE4F3AC65F7149EAC68672D1F0D729CBB575694005A8911 ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys
19:45:55.0506 0x2b8c SerCx2 - ok
19:45:55.0511 0x2b8c [ E5B450E4E0DC1591254BF9CCF6C57B40, 958E7378D9BDE1F2EBE736D8D9912D56835A606AABDD042443A35CA37EC70F11 ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
19:45:55.0512 0x2b8c Serenum - ok
19:45:55.0516 0x2b8c [ 628D8DD136F92316BFEB58FA005338B7, 0CDA673D31F40EBD07E9F67667DB6077F23DCADE2DD8376AB550575224625D44 ] Serial C:\WINDOWS\System32\drivers\serial.sys
19:45:55.0518 0x2b8c Serial - ok
19:45:55.0521 0x2b8c [ E5BA0B7353ADC5C95AB466D2E4DC89B1, 98F2A22ED892B2610C85EAAAB51DF25939599955A27611FCE9E68C3701CFD4EA ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
19:45:55.0523 0x2b8c sermouse - ok
19:45:55.0536 0x2b8c [ 043D7B39E693C610036BD56DF30EF440, 329D29CE1CB5F502B7DFCBE24878CA61EC56787A1B02195E19499701B194DE08 ] SessionEnv C:\WINDOWS\system32\sessenv.dll
19:45:55.0541 0x2b8c SessionEnv - ok
19:45:55.0546 0x2b8c [ 15CFCC4692DA8887B977CE5FC5181084, 31D86E122E35AB9E7275F2B0573EE98770BBE517ED3B9CCED97F4969C9A619F9 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
19:45:55.0546 0x2b8c sfloppy - ok
19:45:55.0586 0x2b8c [ CDBE10C33C305BFCD0BEA2507D7EE826, 3646200B80E0D56796D5899BB641D1353ED4E9568EDC2C578984FFC40F10E5ED ] SftService C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe
19:45:55.0619 0x2b8c SftService - ok
19:45:55.0630 0x2b8c [ 87B083252816171A17F833CBCB7AA85E, 200AB93CEF384791DC9B04D2AF17877CA10595B2CEDF4B9505E367A2382C4AB7 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
19:45:55.0635 0x2b8c SharedAccess - ok
19:45:55.0650 0x2b8c [ 490F6144273A85A3CFF3D416850E0611, F703D32580405B9CEF0E601222C2CE584B076B2E58710D66A15AFEA2A6907514 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
19:45:55.0660 0x2b8c ShellHWDetection - ok
19:45:55.0665 0x2b8c [ 7CA2E9B6EDC87FCCA9C49D3D9BE62B65, 3FE1A2DD8581BF8D29EA2000424EB992BCA8E00986F107C22489D006F729D2E3 ] shpamsvc C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
19:45:55.0670 0x2b8c shpamsvc - ok
19:45:55.0675 0x2b8c [ 2339F6B45E1D863B1D327F3AFD75A675, 03304ADC42EF6E8F671C8AA78A0D3E40408D870FBF2DA2B31A1727F86EF8F213 ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
19:45:55.0675 0x2b8c SiSRaid2 - ok
19:45:55.0680 0x2b8c [ F520D50AD7266ED31D25DF4C8EA6BC2D, F68CF9EFB8319E59A8D9C24A36A198185DD79CBACD14510F5450F0024F0CD4D3 ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
19:45:55.0680 0x2b8c SiSRaid4 - ok
19:45:55.0685 0x2b8c [ 70A2FD5F5B7B1A5E1146BE45E4DFB75D, 598824F06BBC2E37B9A6474411637C73233C8D2E13AE963C3229279A8519A9D3 ] smphost C:\WINDOWS\System32\smphost.dll
19:45:55.0685 0x2b8c smphost - ok
19:45:55.0700 0x2b8c [ 15684D78C67B63475EABAB5A6ECF32A8, 46BA6830BC42839E22F600ED591E23611E092C2342702F403553BB0B9177E835 ] SmsRouter C:\WINDOWS\system32\SmsRouterSvc.dll
19:45:55.0710 0x2b8c SmsRouter - ok
19:45:55.0716 0x2b8c [ 9977AFF389C0C32DE419226564886E09, 453ABAB020E3ACD04A45BD05B224C182A47534C23023C4E1AD1903E5377B3CCF ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
19:45:55.0719 0x2b8c SNMPTRAP - ok
19:45:55.0731 0x2b8c [ 2334ED0B61CAE7E7B1B454674206CDAC, 4EAA11805C2282E0306A381CF56E4B28D83C68BA1B401BFD512AE70C05C8A4CD ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
19:45:55.0741 0x2b8c spaceport - ok
19:45:55.0746 0x2b8c [ F3F0B8CAC1F3E6C3382EAFCE762475AD, 9F2EB373FB9216CDA71965979EE5E18F3AFDD26FF7E0C09DD7C3D880205C2554 ] SpatialGraphFilter C:\WINDOWS\system32\drivers\SpatialGraphFilter.sys
19:45:55.0746 0x2b8c SpatialGraphFilter - ok
19:45:55.0751 0x2b8c [ 83E82B0E292DCDE4C75B9241BF0FB300, 494D2FD4CD082CC416CA5FF1ABE06BDC65A769F371CF0E18AD25C380B45AEE32 ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
19:45:55.0756 0x2b8c SpbCx - ok
19:45:55.0771 0x2b8c [ 10CD42898C9E4849193E78A87337B2E9, 7C4FCB36EE1AF92C6962F14AE6DEF2CB154468EC3963DCDB9BDF8398C98B475B ] spectrum C:\WINDOWS\system32\spectrum.exe
19:45:55.0781 0x2b8c spectrum - ok
19:45:55.0796 0x2b8c [ 250B6272326FC54414231AC71176E6FA, DE531EEADD24F1866A5BD74411E91E0934B23DC508855D2B9AC88BC25EE7A4E0 ] Spooler C:\WINDOWS\System32\spoolsv.exe
19:45:55.0806 0x2b8c Spooler - ok
19:45:55.0871 0x2b8c [ E910861720DE6EDFB5CC6158CE3C7E17, 526BA8EEB9EE5312FEC39753D728E05F49AD81132346A354C95D4D4938001E2B ] sppsvc C:\WINDOWS\system32\sppsvc.exe
19:45:55.0922 0x2b8c sppsvc - ok
19:45:55.0928 0x2b8c [ D8B882C520FC83547E22014FF5EC66D7, FC239052E74EEEC9B3CCE21B0D1D2127662ED68367D08C51F3D040AC368E1CAE ] Spyder3 C:\WINDOWS\System32\drivers\Spyder3.sys
19:45:55.0930 0x2b8c Spyder3 - ok
19:45:55.0933 0x2b8c [ 1D437579B9E02829011BE00E482C63A0, DF2CFDAD690543CEC79EEE548E643929093FC7AEBF9E409A7DF8B1F64860F7C5 ] Spyder5 C:\WINDOWS\System32\drivers\dccmtr.sys
19:45:55.0934 0x2b8c Spyder5 - ok
19:45:55.0943 0x2b8c [ 36EAC4FE629FC036632F13EC14788FD1, 6AEE37816306FE46FA99EADB23E98CE6A6674C11ED847F1F5575926E26B09F9A ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
19:45:55.0949 0x2b8c srv - ok
19:45:55.0963 0x2b8c [ A84B05C7C2A233497BE1D518A662C326, 85B291B6783AD48F2111B46050311A553BE6D6A7C3D90861DC010FA65730D2B5 ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
19:45:55.0973 0x2b8c srv2 - ok
19:45:55.0981 0x2b8c [ 62E6CF587C037E99F7450F5BAAF0CB87, 3EED46313FD5A9C942F447F531121395C31C1AE2DED0F7B2E4A974F6024E8330 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
19:45:55.0985 0x2b8c srvnet - ok
19:45:55.0991 0x2b8c [ E95A6C339AE68515897B2E4C6B0842CA, 29DD7E83CD68432EAE4A7ED92CDA40AA52028F5FBB52152F0A1C752B572C2684 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
19:45:55.0996 0x2b8c SSDPSRV - ok
19:45:56.0002 0x2b8c [ FBD45746B2EDEECA10CCA6A861F8049B, 34383B0A07A93E0FA89CA32CD45AC5061F73723B2A9E0BF4AF93A53F70F1678E ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
19:45:56.0007 0x2b8c SstpSvc - ok
19:45:56.0013 0x2b8c [ 592FF34A2FD6C6351B8A3AA76B2C0A9E, 152B7472DE531AC45492F562DD470B2CE33F1EEF13BC78F26046AE5ABF54E32F ] ssudmdm C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
19:45:56.0017 0x2b8c ssudmdm - ok
19:45:56.0091 0x2b8c [ AE1918EED1E4925778B92061CC2B8D18, 21B3D1685906BC4BA3C8A54C40ABC631F2F312926111BCE48AFEA8B96942DF22 ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
19:45:56.0158 0x2b8c StateRepository - ok
19:45:56.0166 0x2b8c [ D40C589F80EB1C511263D0547C0259AE, A0236F6BB515AE006CC4C9F40FCCE250407888757A3646BB4BCB59EF8EEF1311 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
19:45:56.0167 0x2b8c stexstor - ok
19:45:56.0177 0x2b8c [ F83F43CD328E6CEEAAC27612F3EB1FF5, E3D35E5154CD228301806706E6EADCA36E9113EAF44BC06E3C43B2E902187326 ] stisvc C:\WINDOWS\System32\wiaservc.dll
19:45:56.0187 0x2b8c stisvc - ok
19:45:56.0192 0x2b8c [ 576A818562069B1E091CC719C143AED2, 48880CF4D33033E9A6024C2A0AD673AFBCE400C74574913F8E24717BA6BADE7C ] storahci C:\WINDOWS\system32\drivers\storahci.sys
19:45:56.0197 0x2b8c storahci - ok
19:45:56.0202 0x2b8c [ E5F703788DFA05411F1469E96838F438, A7E8D2DC23E23EA52B068C71D9387E69FF49798A27CE0243A994A2B1B09FA042 ] storflt C:\WINDOWS\system32\drivers\vmstorfl.sys
19:45:56.0202 0x2b8c storflt - ok
19:45:56.0207 0x2b8c [ 0D0128244FF55EAD3F878D3FE542DBA5, 4FCFA1B2113E07264A71A22298CA6E9FDC2AB722E0AE184A8F5656C18113A858 ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys
19:45:56.0207 0x2b8c stornvme - ok
19:45:56.0212 0x2b8c [ 3A62FF78619258E6126C5C4B4CC82C8E, C72CC295680B35E0EEE5A5310E0241E2FFE0E540BFAA49C35C06AA882229C1CD ] storqosflt C:\WINDOWS\system32\drivers\storqosflt.sys
19:45:56.0217 0x2b8c storqosflt - ok
19:45:56.0232 0x2b8c [ 212CB512B785E218667CCA56C4BFD71D, 5FD4CFEE5AB2187D928632076E6AD5C2C53D66884479C4D34930DCFCA3CCEE34 ] StorSvc C:\WINDOWS\system32\storsvc.dll
19:45:56.0242 0x2b8c StorSvc - ok
19:45:56.0247 0x2b8c [ C6097966F8EA3B288070CDF7C3C8C3E8, D12C4AF3E54DCE1E5DC9C8AA0E83420F481DC0165A7F7845083A85BABC102D37 ] storufs C:\WINDOWS\system32\drivers\storufs.sys
19:45:56.0247 0x2b8c storufs - ok
19:45:56.0252 0x2b8c [ 3DC3B17E92DA02E36B4138733DF6C1AC, 398F20B6D6DAF6DA950C149F63F3B23864E1478119BFE53218C220CEADEC800D ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
19:45:56.0252 0x2b8c storvsc - ok
19:45:56.0257 0x2b8c [ 803A6D5FF15542B6DF8C588D19D84183, 75B1E1899DBE4C7DF6AE314BDC46D5CD7174865A4285D7FC7A5C92E51ED3D896 ] SupportAssistAgent C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
19:45:56.0257 0x2b8c SupportAssistAgent - ok
19:45:56.0263 0x2b8c [ D284AB2CA6C30317D142D38CE1F848BE, 4C9EAE174F5C673CA550C9382E85CE7DAF5DC9965495BAB09078B634A4CDD4FB ] svsvc C:\WINDOWS\system32\svsvc.dll
19:45:56.0265 0x2b8c svsvc - ok
19:45:56.0268 0x2b8c [ 2BC4D0EBC2467FE90302AE0AFAF23768, CF8BCC9CA1FBA8407FD044613A2497BEEC641DE463B076F0ED1FA7674C202ADE ] swenum C:\WINDOWS\System32\drivers\swenum.sys
19:45:56.0269 0x2b8c swenum - ok
19:45:56.0276 0x2b8c [ 13985DA558FBCBFD9108A2CACB5FE494, DD457A73E82147AA90C36D695A47E862FF90D96FB1E22760FAB5780F7C332A46 ] swprv C:\WINDOWS\System32\swprv.dll
19:45:56.0287 0x2b8c swprv - ok
19:45:56.0292 0x2b8c [ 572F81CF08972D53BAFFC2A110A2A586, D9AF8EBB31CE097849F93FC8C0F06178B2E1CA8C48D08BBDD85174CCD64A16D6 ] Synth3dVsc C:\WINDOWS\System32\drivers\Synth3dVsc.sys
19:45:56.0292 0x2b8c Synth3dVsc - ok
19:45:56.0307 0x2b8c [ 7C29BBF63178BB6788AD1C2B231150A5, 5114AC1260C5447D3B21C7C56D825C1E77FCE388C5630D0200C8256F69EFA6B4 ] SysMain C:\WINDOWS\system32\sysmain.dll
19:45:56.0322 0x2b8c SysMain - ok
19:45:56.0332 0x2b8c [ 97E0FD613D031EAA73E8AD259169AC22, E86E9B9C18AF2E79D7CF80B177A12D89418CDBD3CBB74307809DD0377408DB82 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
19:45:56.0337 0x2b8c SystemEventsBroker - ok
19:45:56.0342 0x2b8c [ 7750219DFABC38261575B6CEFBF84EC6, 50DF85E34AF7C1343281AD0EF34FD94AB0E279DA5C61976ABA0135B8F013C543 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
19:45:56.0347 0x2b8c TabletInputService - ok
19:45:56.0357 0x2b8c [ C1C6A802C2A9A57029D4347E251F4D18, 9F75B7F003C829FFDB2CDC98231D32FE988754D23873048FA4F6EB82ED1DCED4 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
19:45:56.0363 0x2b8c TapiSrv - ok
19:45:56.0397 0x2b8c [ FD4E819C0017074B33BAE343F9559162, EED3F611AD841DBC420D4DE60E527389C7D68C136D8E7074A0F6852F037B33F0 ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
19:45:56.0432 0x2b8c Tcpip - ok
19:45:56.0475 0x2b8c [ FD4E819C0017074B33BAE343F9559162, EED3F611AD841DBC420D4DE60E527389C7D68C136D8E7074A0F6852F037B33F0 ] Tcpip6 C:\WINDOWS\system32\drivers\tcpip.sys
19:45:56.0501 0x2b8c Tcpip6 - ok
19:45:56.0506 0x2b8c [ 1C35A5C62D110346379C55E39A3D547C, 5BDBD593AB51ECA5A6B703E86F300E3B2B153E128BEB9A006ABD827AE726BD62 ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
19:45:56.0506 0x2b8c tcpipreg - ok
19:45:56.0516 0x2b8c [ D74756DD1518D28A09CDA99696273FA4, F01DDF8CDBBC70BB086970C324E60CF7A1828CA6DE5A4F5B1BA4686BC31C4058 ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
19:45:56.0516 0x2b8c tdx - ok
19:45:56.0521 0x2b8c [ 96A35CDBA661D41C5A3914257CA1D200, 691ABBAA99C673E7D0B81D811BCC60976C3EC050F2B39B35B87A3BCC211F119A ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
19:45:56.0521 0x2b8c terminpt - ok
19:45:56.0541 0x2b8c [ 0B5C6D1683CDE89B3488326C60EA6EF2, 3B822CF005FA3002F27FF9BF39E7E133987230DA3481CFCF99F3B2B6B373A718 ] TermService C:\WINDOWS\System32\termsrv.dll
19:45:56.0551 0x2b8c TermService - ok
19:45:56.0556 0x2b8c [ 6568EF1B30101979107055B7E515EE58, A318082E5FDD79C9F85E8C00A78EBFA0EC44B1046976E85633DC7BD123DA38B9 ] Themes C:\WINDOWS\system32\themeservice.dll
19:45:56.0563 0x2b8c Themes - ok
19:45:56.0570 0x2b8c [ 2ABC11CFC2F03A919AF78A6E3E29C570, 54D91F89993A0FF090E2213EED92DE3659DCB693FBDA5932E31C6D6D7CFC8E80 ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe
19:45:56.0576 0x2b8c TieringEngineService - ok
19:45:56.0587 0x2b8c [ 4F9A5CE9F3C75AF1EE4B00D5E69F7CF7, 5FEE41C10629E89BD372E5D6C05A78FC0F2C394F4DE7C70AACC8720C6C6590DA ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll
19:45:56.0597 0x2b8c tiledatamodelsvc - ok
19:45:56.0602 0x2b8c [ E59D4F92FE11B47AB727C6D192CC977F, 1DA06663889A20A1B22DDF90E5C99A5668023C0B89E252F3E820C0D1964B1948 ] TimeBrokerSvc C:\WINDOWS\System32\TimeBrokerServer.dll
19:45:56.0607 0x2b8c TimeBrokerSvc - ok
19:45:56.0627 0x2b8c [ 5379471B971D29EFCECBA87200C9FBFC, 7621258DA5EF0F4B2FFC344BCE0B6442E0AEE6BA795B65EBB5786D7A7C208A1F ] TokenBroker C:\WINDOWS\System32\TokenBroker.dll
19:45:56.0637 0x2b8c TokenBroker - ok
19:45:56.0647 0x2b8c [ F76A92975340DAA99939DA297D677EA8, 51DA87E921BBA21BF39D7D9B691CEF8B1D2BCE2BBB0BA5B3C12B7E98CB5C702E ] TPM C:\WINDOWS\System32\drivers\tpm.sys
19:45:56.0652 0x2b8c TPM - ok
19:45:56.0657 0x2b8c [ 85E0D4431D61675A94EA99C9E1F56436, 9FA750703E04D20A62DBB0185CBDD70AFC4573FB65F86E61AAF7CF7A7D8E1E3E ] TrkWks C:\WINDOWS\System32\trkwks.dll
19:45:56.0657 0x2b8c TrkWks - ok
19:45:56.0671 0x2b8c [ E767A2187925FAA6D74FA3C6EDF72DF4, 77589A7B68E3104F7E40B46E8224C5F898B5504FB4E4D76574E537D808BC4E96 ] trufos C:\WINDOWS\system32\DRIVERS\trufos.sys
19:45:56.0677 0x2b8c trufos - ok
19:45:56.0682 0x2b8c [ F21A69013A67B372675F523262AC1E33, C3F910E375C0F4B7FFA6F6D755622FF6B0CAE36DF691C938DE177C94815FE3C8 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
19:45:56.0682 0x2b8c TrustedInstaller - ok
19:45:56.0692 0x2b8c [ 9856BCCD1CD5DE4D17E8DBBA7CEFC688, F4B532DCE6F4728092848FE7B2FC05AB921EC7B3FDD7E62AB40EE0029C008398 ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys
19:45:56.0692 0x2b8c TsUsbFlt - ok
19:45:56.0697 0x2b8c [ 837AD2B941E721BCCEB7EF137E2DEE18, 84BE22616A50467B1957434C8BD19C8B0FC3B21CD77FFB8E16A09347CEAE0F4E ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
19:45:56.0697 0x2b8c TsUsbGD - ok
19:45:56.0702 0x2b8c [ B3142C6118703E98EB0510CF7B43D0F2, 40FDCBAA2AD93026AD479BF8C1B4EE7A4E2E65590608B6B1C5DEB3C4716E5C03 ] tunnel C:\WINDOWS\System32\drivers\tunnel.sys
19:45:56.0702 0x2b8c tunnel - ok
19:45:56.0707 0x2b8c [ B097B77121A057AB6D70C647636978D4, 10F78A18AC898CDD0FA91D6FA29B8B45C6D8F6CE65B064C39256EB20FC6CD085 ] tzautoupdate C:\WINDOWS\system32\tzautoupdate.dll
19:45:56.0712 0x2b8c tzautoupdate - ok
19:45:56.0717 0x2b8c [ B4C846ABD462558D45CA578C855759C3, E0F0DD39A6C101C2209CA46EF2B5A5F4559843C9EE37CC08ED78D9E124A566D2 ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
19:45:56.0717 0x2b8c UASPStor - ok
19:45:56.0722 0x2b8c [ 7B2B767C4DB23F87C698C139BEBEA400, 8E58AA7C05C183EC88423FA2CB72E082D0177120DAFE798EA04C5BB91ED52D89 ] UcmCx0101 C:\WINDOWS\system32\Drivers\UcmCx.sys
19:45:56.0727 0x2b8c UcmCx0101 - ok
19:45:56.0732 0x2b8c [ 8BB64E04CD97AD8C68543181D93E2AFC, FBA2FB9A9906721BAD42CDFFCCE0234AF3F72B83E2571E526801F19173B7C9CE ] UcmTcpciCx0101 C:\WINDOWS\system32\Drivers\UcmTcpciCx.sys
19:45:56.0732 0x2b8c UcmTcpciCx0101 - ok
19:45:56.0737 0x2b8c [ F083A400FB9CB8ADD1783848CB1C76F0, 7E543E5F81C04AF486ACC08B94F785B9702B743C96079241925C385BF8411EB9 ] UcmUcsi C:\WINDOWS\System32\drivers\UcmUcsi.sys
19:45:56.0737 0x2b8c UcmUcsi - ok
19:45:56.0747 0x2b8c [ 5D4EAF3D0911338CB8FDB088386D6DCA, 1AC5B494C39570E66C4D4F867C6B8E37C174FB5D67C2865B07247122F60F8895 ] Ucx01000 C:\WINDOWS\system32\drivers\ucx01000.sys
19:45:56.0747 0x2b8c Ucx01000 - ok
19:45:56.0752 0x2b8c [ 384E1F0D84B465820416338E52FE7C2B, 8F82778332EA1199987BA569536CBED8FEAF5E9D920321B0C9DFCBDDD91EEA35 ] UdeCx C:\WINDOWS\system32\drivers\udecx.sys
19:45:56.0752 0x2b8c UdeCx - ok
19:45:56.0764 0x2b8c [ C82BE75239D412057C9E3DB1785680C6, AE712E40440F5725DA41C95C3E558B5E9ABB17C55B70297DD40D7D1BDA7CE45D ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
19:45:56.0770 0x2b8c udfs - ok
19:45:56.0773 0x2b8c [ CCDF6EFF952BF3BF34DC17600F479397, 2A2009B3C4BD1A44F1C6E334CB0A7DD02443BCE1EB48837C1C70A2A04CC7C54A ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys
19:45:56.0774 0x2b8c UEFI - ok
19:45:56.0777 0x2b8c [ 00BEF71C45FD6B06E7525E7B31EFA88C, C0BDE8CB41BF9A34E395EA86756637E4CD6B88EF1C842364ECA639948D6CD59A ] Ufx01000 C:\WINDOWS\system32\drivers\ufx01000.sys
19:45:56.0782 0x2b8c Ufx01000 - ok
19:45:56.0787 0x2b8c [ 9450AB15C30CF7D1F23C8A42E778C3A2, E62455008ED5B7220AEE62E0F459A67E26FB2878349ABA5AAF0164C2E7A8C0E9 ] UfxChipidea C:\WINDOWS\System32\drivers\UfxChipidea.sys
19:45:56.0792 0x2b8c UfxChipidea - ok
19:45:56.0797 0x2b8c [ CEE12C7A689BDF448715024A7E0EB9C3, EC48E1469800E34A71C8A97A6F2F0B7C67385BCB8438844E6967DE0A82E39B94 ] ufxsynopsys C:\WINDOWS\System32\drivers\ufxsynopsys.sys
19:45:56.0797 0x2b8c ufxsynopsys - ok
19:45:56.0807 0x2b8c [ 5A2F610B31CC3FD23D3E20C1D5F1EF52, D470B7C1CAE066C2DCDBA47001913FB1A7C9CC5B200FB8324DB896B641C1A132 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
19:45:56.0807 0x2b8c UI0Detect - ok
19:45:56.0812 0x2b8c [ F39ED750EDF5948FA8CD99D1F4EC9372, AE42AE50DE09F26D3CA4ACDCD5ECABD59D26926707030F0532A885266FE83EF9 ] umbus C:\WINDOWS\System32\drivers\umbus.sys
19:45:56.0812 0x2b8c umbus - ok
19:45:56.0817 0x2b8c [ 55984D4E64C2F8E4223542CBCC15EDEB, ECBC832FBBA6AFCAEDEBB2728FA4A6DDCF52A6421929E72CA29B61CDBED840DF ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
19:45:56.0817 0x2b8c UmPass - ok
19:45:56.0822 0x2b8c [ FBEF4641E3E08A03CA84AF5C393CA86B, 9A14A0FB645AB6DD0B49F3A14FBF38FECC65796F2503324E93994113CC7AD52F ] UmRdpService C:\WINDOWS\System32\umrdp.dll
19:45:56.0827 0x2b8c UmRdpService - ok
19:45:56.0847 0x2b8c [ 5B17D5E9FBF65ED93078DEB687357BAF, 00BC68F16E36681254E72D8D39006F695D38246EAB6ABC6F40E5305D5ACE26A1 ] UnistoreSvc C:\WINDOWS\System32\unistore.dll
19:45:56.0867 0x2b8c UnistoreSvc - ok
19:45:56.0882 0x2b8c [ 0D6457A2456D69A392D080633D21B6EC, 3BD5034974B8C501FCA7B3773DD282E8C449BBEBA5ABF30508F82D84FF1A23E4 ] UPDATESRV C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe
19:45:56.0892 0x2b8c UPDATESRV - ok
19:45:56.0902 0x2b8c [ BBB6BDBE5ADCE6F87F70623D5A1EC5BC, E8BD5804FF82417890A9D1A44096B174E81A8C7AD3059B1F0C62740E0B39D137 ] upnphost C:\WINDOWS\System32\upnphost.dll
19:45:56.0907 0x2b8c upnphost - ok
19:45:56.0912 0x2b8c [ 4D23214CB8B1C36B82061280EB8FDAB3, 387C01A7F9D8F89ED894EDF894AAAF8830DD7C90DF2F12A2CB4C4E9C7CB773BE ] UrsChipidea C:\WINDOWS\System32\drivers\urschipidea.sys
19:45:56.0912 0x2b8c UrsChipidea - ok
19:45:56.0917 0x2b8c [ 4329D880DB96B504F0DDC991A7374CCD, 1486BEF2C03ED281B24A17D3C18FEA2360E37A6B46D1A67D4690CD871B0A13DA ] UrsCx01000 C:\WINDOWS\system32\drivers\urscx01000.sys
19:45:56.0917 0x2b8c UrsCx01000 - ok
19:45:56.0922 0x2b8c [ 93FAD0AC5879F274FA248A49E3F3EA33, D936F408E23040B33F30AB3B43D8B8BB9F3CCF2549E821F4C47357987AFF386F ] UrsSynopsys C:\WINDOWS\System32\drivers\urssynopsys.sys
19:45:56.0922 0x2b8c UrsSynopsys - ok
19:45:56.0932 0x2b8c [ 6B09AA6A04C8261E787B6523229E7159, F97BED424E988AC6272D51025FD0D3180E89BAF0FFC83DAB609774D6269B353A ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
19:45:56.0932 0x2b8c usbccgp - ok
19:45:56.0937 0x2b8c [ ECE3AD18B4C22ED0C4AB1A2AD9AC32C8, 2062D400305075E886CF2C9D710A1C48B3F4AD48E7A75A77C66547357E96CB6E ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
19:45:56.0942 0x2b8c usbcir - ok
19:45:56.0947 0x2b8c [ F8BCB536866474C6D8008F4C69B778A1, F86F4330DE2F50D48559C1ED46168ADB8F6AA7C8FE3834FFE00085C1783C5750 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
19:45:56.0947 0x2b8c usbehci - ok
19:45:56.0957 0x2b8c [ 1F723DA014062DBF3288B408A7611845, 0CCC9360259E6FBC510BBF69AE991A53A92516023AAC32C60A44BD3B43371C66 ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
19:45:56.0967 0x2b8c usbhub - ok
19:45:56.0977 0x2b8c [ 0939AD44244AA9D348187015083E17DF, D48C8032333D30019BC5FD4BAF97A2AB1A80488D4881F3437C3D5341DE5294CA ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
19:45:56.0982 0x2b8c USBHUB3 - ok
19:45:56.0987 0x2b8c [ BE6ED98FD0D3FE5FB11762AD7CCD6C96, 54C6C929CA55EA6770474F7E230190FC7574C1FA52437B564B3B5FA4D6106D8A ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
19:45:56.0992 0x2b8c usbohci - ok
19:45:56.0992 0x2b8c [ CEE43CD5357DB8786CE6E2C430841AE4, 50F4629AE488A12D18EFFAD486D2F95545049AB1F6A3248BA44D2132EEC9A653 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
19:45:56.0997 0x2b8c usbprint - ok
19:45:56.0997 0x2b8c [ 8E6AE06A1CA4055340A49D73C9E0C21B, 82DC9F8A70FB1EB1F4A7B5697C72926C352FBA2DF06F539BDCDF0AE574D67CB9 ] usbser C:\WINDOWS\System32\drivers\usbser.sys
19:45:57.0002 0x2b8c usbser - ok
19:45:57.0007 0x2b8c [ 67E26F56CF7EACCBD9C9F75343A3D7C2, 210FA280897CCCB2458E9E683A8B4CA8A5DF9606B54F8B9CE05CA4AA6FD810AB ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
19:45:57.0007 0x2b8c USBSTOR - ok
19:45:57.0012 0x2b8c [ 7BA802C9F73A84B75BB22538ADA495BE, 7D97E6305168C4CA86AB9BD5B63300156DFE97032251CB83DB1D4C4DB9C28DC8 ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
19:45:57.0012 0x2b8c usbuhci - ok
19:45:57.0022 0x2b8c [ 50E70B3A95138AA4A30B095270EE0DE6, 9B7072C36230102A089C4A6DFE1980CD9DB28E566EF02830600DEBAF3AAD31C7 ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
19:45:57.0027 0x2b8c USBXHCI - ok
19:45:57.0052 0x2b8c [ 3156FFFB2B3BF5375814F777D343AD9F, C4E63043EB9D9227CDD487608AF9BA25C755D85E5FF8E63C2079D68CCC79E4BB ] UserDataSvc C:\WINDOWS\System32\userdataservice.dll
19:45:57.0076 0x2b8c UserDataSvc - ok
19:45:57.0092 0x2b8c [ C0E60CC6D48013728C7E4168D61A0B39, CA283312E9669BCC74A3B5E6332502D1CAA7148C049B94AF3996F3C7CD2676EF ] UserManager C:\WINDOWS\System32\usermgr.dll
19:45:57.0107 0x2b8c UserManager - ok
19:45:57.0122 0x2b8c [ 65D70A530105E0576641493D6292C9EA, 1059285060E700449C6BB99DB0E5E4FF4A32215323F45C11DA7617785F073276 ] UsoSvc C:\WINDOWS\system32\usocore.dll
19:45:57.0132 0x2b8c UsoSvc - ok
19:45:57.0137 0x2b8c [ 9936F9E94C6E3F47A158D7BFF020575A, D28F6BBCBA07AD8FC17C99D701A0C9367270C4A504BAAB7B840931BBF333D65D ] VaultSvc C:\WINDOWS\system32\lsass.exe
19:45:57.0137 0x2b8c VaultSvc - ok
19:45:57.0142 0x2b8c [ C1EC9211C7759D2487FD30934AA3EE96, 6914BB8B44550DFE75E5A3772E93ADF8459EB621CA400BDD9B7E3185A09B6F9A ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
19:45:57.0142 0x2b8c vdrvroot - ok
19:45:57.0163 0x2b8c [ 374CD93271184F04988FDC1C25B3E855, 09727093C5F7B258867C16D41F7F9835BF549CC339288BFE01A8F34AC7E93E23 ] vds C:\WINDOWS\System32\vds.exe
19:45:57.0182 0x2b8c vds - ok
19:45:57.0187 0x2b8c [ C83F3BC00651448DB127D497CF955089, 31B8838CEED08E7D5DD8635A805A8010798BD9B10A3775FAFDB576FBD7303D39 ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
19:45:57.0192 0x2b8c VerifierExt - ok
19:45:57.0207 0x2b8c [ 0E12F5F6B1C813D17AFDA197C4394423, B0AFDFE0E12633C6D984DA366197BE09ED2649BAFF525FA0DE84701E5B335DB9 ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
19:45:57.0217 0x2b8c vhdmp - ok
19:45:57.0222 0x2b8c [ 1AD096A5C00E522398D0092D875A8CB6, 6959FCD6DD2115CD293DBD4BCD6D1BA0AE4F7495A9BBB48F7388384EEABB38E9 ] vhf C:\WINDOWS\System32\drivers\vhf.sys
19:45:57.0222 0x2b8c vhf - ok
19:45:57.0227 0x2b8c [ EE9A22CFD9AEDD7B52F98B0272494609, F668131BABD048857F011A471936B52EDF0F2A42CB6000ACB4E0E43F88782AAD ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
19:45:57.0227 0x2b8c vmbus - ok
19:45:57.0232 0x2b8c [ BFBD0895926FD98A03AD6BB845B569B7, 5B7913ACD6CC132B2F36B079BC5F897C21884A7F21046B8996CC3D74C4B6DA4C ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
19:45:57.0232 0x2b8c VMBusHID - ok
19:45:57.0237 0x2b8c [ C123C97D351C56C75FE5335AB18255EE, 67315E332E863E5C233BA113826A5DEEE08C1A0A3358E6AC21F25DC5EAC86D07 ] vmgid C:\WINDOWS\System32\drivers\vmgid.sys
19:45:57.0237 0x2b8c vmgid - ok
19:45:57.0247 0x2b8c [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmicguestinterface C:\WINDOWS\System32\icsvc.dll
19:45:57.0247 0x2b8c vmicguestinterface - ok
19:45:57.0257 0x2b8c [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmicheartbeat C:\WINDOWS\System32\icsvc.dll
19:45:57.0257 0x2b8c vmicheartbeat - ok
19:45:57.0268 0x2b8c [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmickvpexchange C:\WINDOWS\System32\icsvc.dll
19:45:57.0272 0x2b8c vmickvpexchange - ok
19:45:57.0278 0x2b8c [ F8F380ABEAFBC589FF6D2D96267C1210, 0CFA3D9E88D984BAFED8E08102BF4DC4077856C6C8C1EBD8D4C4D0D49B673F44 ] vmicrdv C:\WINDOWS\System32\icsvcext.dll
19:45:57.0283 0x2b8c vmicrdv - ok
19:45:57.0288 0x2b8c [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmicshutdown C:\WINDOWS\System32\icsvc.dll
19:45:57.0293 0x2b8c vmicshutdown - ok
19:45:57.0298 0x2b8c [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmictimesync C:\WINDOWS\System32\icsvc.dll
19:45:57.0303 0x2b8c vmictimesync - ok
19:45:57.0313 0x2b8c [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmicvmsession C:\WINDOWS\System32\icsvc.dll
19:45:57.0313 0x2b8c vmicvmsession - ok
19:45:57.0323 0x2b8c [ F8F380ABEAFBC589FF6D2D96267C1210, 0CFA3D9E88D984BAFED8E08102BF4DC4077856C6C8C1EBD8D4C4D0D49B673F44 ] vmicvss C:\WINDOWS\System32\icsvcext.dll
19:45:57.0328 0x2b8c vmicvss - ok
19:45:57.0328 0x2b8c [ 0AB9C264F13E2A070A8CF10EDD099ED2, 2E7EB4EE8DCBBCA497CC0E7F4BE057627E9702B6FAF56A7DBCA1325236C880EC ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
19:45:57.0333 0x2b8c volmgr - ok
19:45:57.0343 0x2b8c [ 6EE608257C1137A25B402EF8FC77E83A, 3AE684EBA32563468AD917155C93220F938460A699FBFC3DB8436F83C0C54209 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
19:45:57.0348 0x2b8c volmgrx - ok
19:45:57.0353 0x2b8c [ E3429DBBEA3965BB96E24B16EF4A2551, 0CEE2DEF75C6761DA67AFD3BBF8DEEB1331796719EB84D658B3E517DEC824B49 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
19:45:57.0363 0x2b8c volsnap - ok
19:45:57.0366 0x2b8c [ 86E790B503C771E674C7DF8FFCBFEFDB, 634B27C4FA363A2165D3D6929D3B22F41EE06198C579A70D446A48830924467B ] volume C:\WINDOWS\system32\drivers\volume.sys
19:45:57.0367 0x2b8c volume - ok
19:45:57.0371 0x2b8c [ B25589A0892E6DF8CC07E5CB48BFC954, DA29974426EFD4472A3828FA0EF31AD3860AA8068AB66B5F4BE6A412BC3E73E9 ] vpci C:\WINDOWS\System32\drivers\vpci.sys
19:45:57.0374 0x2b8c vpci - ok
19:45:57.0377 0x2b8c [ AA4466A47D2CA7ECE3DCF5256017DCC3, 83414BFBD3DF1CB7417F0F55709E8180D97FA20A74581C34EAAFF667FBEBFD93 ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
19:45:57.0382 0x2b8c vsmraid - ok
19:45:57.0407 0x2b8c [ 0BB73BF6FDDD19DE3DE9377EA95E4C64, 74B6E612F9E009A5E43B603BCAD854F3711F6C8A7ED0328B1E3A9B2D4C9EA342 ] VSS C:\WINDOWS\system32\vssvc.exe
19:45:57.0427 0x2b8c VSS - ok
19:45:57.0452 0x2b8c [ FDB7BC121D3BF3BC7C6253BF6D56013E, DC21605B213DE861406FDA00E846BC86A28BE18C138D9AEF6FE477F6508ADE49 ] VSSERV C:\Program Files\Bitdefender\Bitdefender Security\vsserv.exe
19:45:57.0468 0x2b8c VSSERV - ok
19:45:57.0478 0x2b8c [ 4889BF61752AD05C2AC73CF72A7C8F16, 9B2FF0CAF57855AA1F37933F2B9DC2B845D6BAD80C5DD400BD688DF343AFCDF5 ] vsservp C:\Program Files\Bitdefender\Bitdefender Security\vsservp.exe
19:45:57.0483 0x2b8c vsservp - ok
19:45:57.0493 0x2b8c [ 98BB6C9AD39D8F2E883093F28282FAEC, 63F4036A1DB23C20AAEEC1CA8ABDE9B46FA09A55EA4E5DB0C0B5D6D58ABAD62F ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
19:45:57.0498 0x2b8c VSTXRAID - ok
19:45:57.0503 0x2b8c [ B47026E109828102266CBE2F5F9AD113, 28C76B34C48BACEA267A208CC758BB55539323B16300E869AE71B6A99A849AB5 ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
19:45:57.0503 0x2b8c vwifibus - ok
19:45:57.0508 0x2b8c [ 799ECD541A9B2764B36A22A095885365, E255E74682927D662294AA3F88FDA211EEE603466EB264E8941C3BACC6A0E530 ] vwififlt C:\WINDOWS\system32\drivers\vwififlt.sys
19:45:57.0508 0x2b8c vwififlt - ok
19:45:57.0513 0x2b8c [ 82CA088A33517D1C8571D6850CC13D7E, 0401A08EAF36DB393B74FE8693C60F62EDE10BBC9300C76812C7D01B6AE9A051 ] vwifimp C:\WINDOWS\System32\drivers\vwifimp.sys
19:45:57.0513 0x2b8c vwifimp - ok
19:45:57.0523 0x2b8c [ E75460AC4E936BFC0703021DB0BB17B8, D9985C3206B503659FD2F4EE7FD0B9AF8CB2DE821BFD68B13C9E3BD9CE5AEF6B ] W32Time C:\WINDOWS\system32\w32time.dll
19:45:57.0533 0x2b8c W32Time - ok
19:45:57.0538 0x2b8c [ F0F477541F7AF67CC05DA1CF4921A500, F7DD2F49B61C484596DE3893683B1172A138386BD71F54BFCF37A31005C7368F ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
19:45:57.0538 0x2b8c WacomPen - ok
19:45:57.0548 0x2b8c [ A0957CBC1C054A87EE7A65A994102A96, CB6339F3F67D0E33C26E6756F88869574B84426B20C907E094F83B9DC5E36A3E ] WalletService C:\WINDOWS\system32\WalletService.dll
19:45:57.0558 0x2b8c WalletService - ok
19:45:57.0558 0x2b8c [ FDD16EF9177A8A2EF08A7FA3D3EFAA13, 148F34CBEEF0CE87103C76294AE5BE318F990A5FE7A5EDE6F47D85361248582B ] wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:45:57.0564 0x2b8c wanarp - ok
19:45:57.0567 0x2b8c [ FDD16EF9177A8A2EF08A7FA3D3EFAA13, 148F34CBEEF0CE87103C76294AE5BE318F990A5FE7A5EDE6F47D85361248582B ] wanarpv6 C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:45:57.0568 0x2b8c wanarpv6 - ok
19:45:57.0592 0x2b8c [ EA0524A2A01792796EC80AE2FE08307A, 68CC0F3451C6797222411C276376C7741C96C45E628DD77FB1FB17C10DC0EA8A ] wbengine C:\WINDOWS\system32\wbengine.exe
19:45:57.0612 0x2b8c wbengine - ok
19:45:57.0632 0x2b8c [ 39A0B8DD517E3CBF0A6EED5A12BB182F, A25E7D3DC4DF9D0439627CFA0C4AD2292FDF29F4EFC832AEA5A2F774766F76D7 ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
19:45:57.0647 0x2b8c WbioSrvc - ok
19:45:57.0652 0x2b8c [ 923200B78F5284D674A3712204D0FEFA, 4B00785D2E9D12052C2C8E80C568606E0148AA230285D4018A0A603E16224CEE ] wcifs C:\WINDOWS\system32\drivers\wcifs.sys
19:45:57.0652 0x2b8c wcifs - ok
19:45:57.0671 0x2b8c [ 4CC7119E1527B0A34C50870002E6B7AC, 2C93CF62E01A208453A291A74E0392BA1CA1407CD76E506D7DD638386FE1DE99 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
19:45:57.0683 0x2b8c Wcmsvc - ok
19:45:57.0693 0x2b8c [ 2C396871F724DDF871A2EF4CADE5151D, 8CAD8A393F0CC447432E1BED21A691E25356F7DBC06E3887138A6F86CB1D656D ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
19:45:57.0698 0x2b8c wcncsvc - ok
19:45:57.0703 0x2b8c [ 1737BEF60CA384423CE4B32AF1C2BFFC, D61353D3B2EAEDFDCBB5DB3AD27E76396CC7755AFF01233307EAA1967493DE63 ] wcnfs C:\WINDOWS\system32\drivers\wcnfs.sys
19:45:57.0708 0x2b8c wcnfs - ok
19:45:57.0708 0x2b8c [ 38130C1C5FE0E08820EE57E1B087B659, 3705AA4699D4C402C0BBC5BC4E1EE67CB4A4B9C27702E88952A76891C3A3F496 ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
19:45:57.0713 0x2b8c WdBoot - ok
19:45:57.0713 0x2b8c [ A556768CC1FA4F36022BEE2F0EDE2566, 3A4BC9DE614F43CD94FA354A565C66B2E1E36C0608D84C6288010B97B9D811AA ] WDC_SAM C:\WINDOWS\System32\drivers\wdcsam64.sys
19:45:57.0718 0x2b8c WDC_SAM - ok
19:45:57.0733 0x2b8c [ 0C6CBF3490EE5F0D62B5820568CA30B8, 97EDEC84DA72A900D7740B8763DDDAB600628F3F1E1DDE1212383C2E60FDC77C ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
19:45:57.0748 0x2b8c Wdf01000 - ok
19:45:57.0753 0x2b8c [ F7B6CB0F9ECD28848E2BDACEAB0D9204, B64D91A36600AEBE656F0514AF8653C294DE88054FE6DBB7B1A6D0A23D2A5131 ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
19:45:57.0758 0x2b8c WdFilter - ok
19:45:57.0764 0x2b8c [ 501CB5E6999B7336BE5D0D401013D251, D4581E4FD8BE65D611E763AE88D2982A785036B2A93F2A00D3A3A395AB2AD5B3 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
19:45:57.0768 0x2b8c WdiServiceHost - ok
19:45:57.0771 0x2b8c [ 501CB5E6999B7336BE5D0D401013D251, D4581E4FD8BE65D611E763AE88D2982A785036B2A93F2A00D3A3A395AB2AD5B3 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
19:45:57.0773 0x2b8c WdiSystemHost - ok
19:45:57.0788 0x2b8c [ BF45B43BA47D0FA769CE5AFBF7104F01, CBEEC0E915162BEBFCD2CA9EF72C02E82AFAB2A016F1750A7982975A94599CF6 ] wdiwifi C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
19:45:57.0798 0x2b8c wdiwifi - ok
19:45:57.0803 0x2b8c [ 82A4F22C884B4BAE8B531640859F9871, 1C662557F671FA680E7CC2FC565B198470E421778BD03749CD05B2928568C430 ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys
19:45:57.0803 0x2b8c WdNisDrv - ok
19:45:57.0808 0x2b8c WdNisSvc - ok
19:45:57.0813 0x2b8c [ 9066FE8EAB91E15437CB3C43757F2A65, 1F8B3D8C90C7862CCAB91D170F49E7F1D58FABAFA1C8DDDE1796404D1DD98707 ] WebClient C:\WINDOWS\System32\webclnt.dll
19:45:57.0818 0x2b8c WebClient - ok
19:45:57.0823 0x2b8c [ F322B8E6C5614E7975C8BF34B7A6710E, 299816001856E8C91BFBB9C48D87B7ACBD5A39F6A65147F5AE6EDB3065A893E9 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
19:45:57.0828 0x2b8c Wecsvc - ok
19:45:57.0833 0x2b8c [ 04CA184EB5743DE5A2CCEEF2DB2DA8B3, E16921496F57B78A152A103F8D58601C9687360048A6CB51E76A96E3B64CC0FA ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll
19:45:57.0833 0x2b8c WEPHOSTSVC - ok
19:45:57.0838 0x2b8c [ A92AE9A042298E00BCC9BE877654DCA6, ACB2BE9F96CEF870043CFE69B98625779842518DB4F079F1E5C17E135A2EFAE3 ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
19:45:57.0843 0x2b8c wercplsupport - ok
19:45:57.0848 0x2b8c [ EB3E11EC54371D840C9861EEFDAE1832, 568E3C63BE9A721001704967F57359A9243F50B620B77EC09BA4AB7F6AE324B0 ] WerSvc C:\WINDOWS\System32\WerSvc.dll
19:45:57.0853 0x2b8c WerSvc - ok
19:45:57.0866 0x2b8c [ 4D64719B4819CA22A046EC32809BBD98, 0ABD6C7D039E57F5637E843388FA8D52072237061EB75C7CDEBC9E13A6C8F06E ] WFDSConMgrSvc C:\WINDOWS\System32\wfdsconmgrsvc.dll
19:45:57.0876 0x2b8c WFDSConMgrSvc - ok
19:45:57.0878 0x2b8c [ 3C8F0ABD00E197101DCF43FEF8FB0D76, AF5C68B85EE1503ACD4AEA1D997F816C34293A77791D59A605DC18450B4906DE ] WFPLWFS C:\WINDOWS\system32\drivers\wfplwfs.sys
19:45:57.0883 0x2b8c WFPLWFS - ok
19:45:57.0888 0x2b8c [ 2DEB40D6837956CE08A8F9EB3ECA5A01, B40D23E54CDF6BE05D6C5DA536BF6D998E79EDE9C391A42452F9F69EE206EA1E ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
19:45:57.0888 0x2b8c WiaRpc - ok
19:45:57.0893 0x2b8c [ 75014BF6510D4C6C69EEE5B7743A52AF, 11AEEF4D52C35E5A7006713836ECF1198A53CD02736E792B1C698144CA1363F0 ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
19:45:57.0893 0x2b8c WIMMount - ok
19:45:57.0898 0x2b8c WinDefend - ok
19:45:57.0903 0x2b8c [ C8EBCFED8FD2CDF725E44AF93016621E, A0B76E55CC535A0F1D79C3C0EC59753086EAB669EC7ADA4F97656DCAD2A69448 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
19:45:57.0908 0x2b8c WindowsTrustedRT - ok
19:45:57.0908 0x2b8c [ D318557F9D7CA3836104F0B8ECB1F32E, 6850BBFB4F65167B052F3CA22FD72E9188A14FD2A9CC085861B4BC40CBA34249 ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
19:45:57.0913 0x2b8c WindowsTrustedRTProxy - ok
19:45:57.0928 0x2b8c [ F99F66FD660B1CD01EE410F6B4BB3C25, 4B6993791DF31DBB84722BD0BA01AF7952375D2E01F7B8D92AAB53C50AFB59A8 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
19:45:57.0938 0x2b8c WinHttpAutoProxySvc - ok
19:45:57.0943 0x2b8c [ 31DDF1D001336B2DCE7DF24E99EF1D04, A1FCABF4A263BFAE042FE7A9F6C15FD9B3D8E985278C32AE8975ECE79B341277 ] WinMad C:\WINDOWS\System32\drivers\winmad.sys
19:45:57.0948 0x2b8c WinMad - ok
19:45:57.0958 0x2b8c [ 9A26F7834706A6D8C8824EB08FD7C362, 750F6A0759D70BE481C70FE4BB21D18E756A8F0C23A014C2CE1E7729A1E625FE ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
19:45:57.0958 0x2b8c Winmgmt - ok
19:45:57.0968 0x2b8c [ 2E1A614EFB0523E20860AE7978DDA0A4, E13564690F9977747CA676D3843B467506447F060A5FF6676835A9C7A30BA409 ] WinNat C:\WINDOWS\system32\drivers\winnat.sys
19:45:57.0972 0x2b8c WinNat - ok
19:45:58.0008 0x2b8c [ 27DAA9AA3E03C1068678D5659461BB32, AFDED6D671C430F296C9EAA73590111D6A8A9FA93DFE0595B90467FFE28EFB35 ] WinRM C:\WINDOWS\system32\WsmSvc.dll
19:45:58.0043 0x2b8c WinRM - ok
19:45:58.0053 0x2b8c [ 03858B18BB6DF6A400D9FC5153FD28A8, C7AD69B022AEFDDDAFB74CCCDF20AF9CCDBA0097634BBBD07A2EFBA5922560C1 ] WINUSB C:\WINDOWS\System32\drivers\WinUsb.sys
19:45:58.0058 0x2b8c WINUSB - ok
19:45:58.0058 0x2b8c [ 0BF4A43CF1F3A4D50AFA4561C3B4628D, 2D0B4E7004C8AC8A9EE07E6D5241BF32395CA142BF3B03FA9CF00BC6720A6AC7 ] WinVerbs C:\WINDOWS\System32\drivers\winverbs.sys
19:45:58.0063 0x2b8c WinVerbs - ok
19:45:58.0077 0x2b8c [ 2E15586B76465941D1DEE75625B9484E, 609E6BEAFF340A403F50A20D1609D3A8A2C990234064DD154A08C737DE3E0907 ] wisvc C:\WINDOWS\system32\flightsettings.dll
19:45:58.0083 0x2b8c wisvc - ok
19:45:58.0123 0x2b8c [ E624376E7E7D9AC203113140D9E618A2, 3553D343665194492E38B8C437DE429CEAC135D69EC0CB951BA3E3A7549F673E ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
19:45:58.0153 0x2b8c WlanSvc - ok
19:45:58.0183 0x2b8c [ FFC5E4855C3EA1F3E65F0DC93A48D0EF, 82FADBDD8061764282FD31339B47B61CC0FB112ABE400C721535A66A39D0CD37 ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
19:45:58.0213 0x2b8c wlidsvc - ok
19:45:58.0238 0x2b8c [ 24A624FC6DED20C3B7980BD71D6540D7, A1564B903E2B54106E6665B212E4F8E1A90B2B6CB966F5E965BA5602A801B7D3 ] wlpasvc C:\WINDOWS\System32\lpasvc.dll
19:45:58.0253 0x2b8c wlpasvc - ok
19:45:58.0258 0x2b8c [ 0D6E1347A891607759340B1E55BA2A77, 033DF14920A581FE7E21C6930280AE159B5634F2FEAF79423E8D0B7D46500048 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
19:45:58.0258 0x2b8c WmiAcpi - ok
19:45:58.0269 0x2b8c [ F7B122E8A238354DE344B77216E8D9AC, 3C4F864655CFF786B33333E643AA929B2D2B01ECD56EEEEADE7CEAB38249DA3B ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
19:45:58.0273 0x2b8c wmiApSrv - ok
19:45:58.0275 0x2b8c WMPNetworkSvc - ok
19:45:58.0278 0x2b8c [ 1AE1076034392218EE89D2744EC2A071, 695C28E2697B12BBD919687176CE082E94887A5D8B6229F163A26F6EDF401C4C ] Wof C:\WINDOWS\system32\drivers\Wof.sys
19:45:58.0283 0x2b8c Wof - ok
19:45:58.0313 0x2b8c [ 5D9A8A2BB555B743334A096C5B1774E2, 660136C1E8D6CA1F7BD1AE0EC4E28B65527BFE69339589A8E3017EFE2BBDC41C ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll
19:45:58.0338 0x2b8c workfolderssvc - ok
19:45:58.0343 0x2b8c [ 2AD9CC8445F0E1A8900A9DE123643CD2, A5928B26722DFBB201A32DEF48B25D4BF291815EA68CF50CBE79EEA9260A71E3 ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
19:45:58.0348 0x2b8c WPDBusEnum - ok
19:45:58.0353 0x2b8c [ 1FD80CBB192A20375F3664639DEB57B5, 7A4789D4B2F8E289726E1C723DC00D5AC1F8C5E00FB2879C9D0E6DDC97D2B1A6 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
19:45:58.0353 0x2b8c WpdUpFltr - ok
19:45:58.0358 0x2b8c [ 3369EF007E43B88EAC8F1789B43D4393, 347F9F7DF980BB739895EDFE72E2E595EF56634330DC63DAA36403AB232B5B5A ] WpnService C:\WINDOWS\system32\WpnService.dll
19:45:58.0368 0x2b8c WpnService - ok
19:45:58.0373 0x2b8c [ 41403B9466EDA80FACD7713478A56DF8, A71BF9C7A2483FE1F660AC9688FCB38BA2310F16A69EB117C948458364953F34 ] WpnUserService C:\WINDOWS\System32\WpnUserService.dll
19:45:58.0376 0x2b8c WpnUserService - ok
19:45:58.0378 0x2b8c [ DAF4451760B46CB383D287C4FAFFE97D, 658AFE31EF50E934FEDD2E7048257DBFE9E6DE5F1ACDC658B21737391CF1CC5A ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
19:45:58.0378 0x2b8c ws2ifsl - ok
19:45:58.0388 0x2b8c [ D4A0661AB0FE542460CA76BFB4FAA2D6, 149F0A0720C47BFFCA68165A46382E5CBB273F48483DBB598CEA320801664718 ] wscsvc C:\WINDOWS\System32\wscsvc.dll
19:45:58.0393 0x2b8c wscsvc - ok
19:45:58.0393 0x2b8c [ F6E37A2C168A58F0172DA50018959228, C97305641F63BC84F5207A739F442ACB0A5FD9262331BB61C4B00CF2C6D94121 ] WSDPrintDevice C:\WINDOWS\System32\drivers\WSDPrint.sys
19:45:58.0393 0x2b8c WSDPrintDevice - ok
19:45:58.0398 0x2b8c [ F454BF3F0D3F19057B8612CA523D22D5, 869EC91E7D709C15ADF9D53C82A87F2D5220ED3CA44CEBF34F4D601E78DA0481 ] WSDScan C:\WINDOWS\system32\DRIVERS\WSDScan.sys
19:45:58.0398 0x2b8c WSDScan - ok
19:45:58.0403 0x2b8c WSearch - ok
19:45:58.0438 0x2b8c [ B5CE28EA62B4DB7884FE3295A444C086, 125B63841B31526612A538364EB022461151E23C6091B590F8D254D489996B4B ] wuauserv C:\WINDOWS\system32\wuaueng.dll
19:45:58.0478 0x2b8c wuauserv - ok
19:45:58.0488 0x2b8c [ 455609BF60DA3B57EEAB863DEFCCF14D, F55271C42B7AFD17D01275703719C1F52C21996DB82AC78A70A8A8B62370623B ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
19:45:58.0488 0x2b8c WudfPf - ok
19:45:58.0493 0x2b8c [ 5068DAA8F67A62E964C9C9F88B159EA9, 09FCB7A817280957D1AD365EF8B46F666C70957238BF9FBC87D51115E1B0FCB0 ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys
19:45:58.0498 0x2b8c WUDFRd - ok
19:45:58.0503 0x2b8c [ 9EFE23CA208BF4B613FF4A6028DFAB10, 483D8D8DA578BF3EA5617EAB42457543EC6F97C1977BDD8ABFDF854AE3AAFD35 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
19:45:58.0508 0x2b8c wudfsvc - ok
19:45:58.0513 0x2b8c [ 5068DAA8F67A62E964C9C9F88B159EA9, 09FCB7A817280957D1AD365EF8B46F666C70957238BF9FBC87D51115E1B0FCB0 ] WUDFWpdFs C:\WINDOWS\System32\drivers\WUDFRd.sys
19:45:58.0518 0x2b8c WUDFWpdFs - ok
19:45:58.0523 0x2b8c [ 5068DAA8F67A62E964C9C9F88B159EA9, 09FCB7A817280957D1AD365EF8B46F666C70957238BF9FBC87D51115E1B0FCB0 ] WUDFWpdMtp C:\WINDOWS\System32\drivers\WUDFRd.sys
19:45:58.0523 0x2b8c WUDFWpdMtp - ok
19:45:58.0548 0x2b8c [ 45F6E61F95C41A0D5800875866EDA2D1, 59BFB3AFB029F245A6B4D3768EC9698A4038368B4B274CDA30E7F374A6128484 ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
19:45:58.0569 0x2b8c WwanSvc - ok
19:45:58.0578 0x2b8c [ FC0147AB34C7CDB2D8A1B29C207F2CD1, 737D40A4BE35AD13C091D8E320FAD3FD7C0C7E41C8B50E48D3C2151712A55718 ] xbgm C:\WINDOWS\System32\xbgmsvc.dll
19:45:58.0583 0x2b8c xbgm - ok
19:45:58.0598 0x2b8c [ 7FE60B52DD841ED374285B7ED9210222, 0F7743A5A9289E47EE07477313083CE07B46F1C9C5CF83130303A7BAB2F3842B ] XblAuthManager C:\WINDOWS\System32\XblAuthManager.dll
19:45:58.0613 0x2b8c XblAuthManager - ok
19:45:58.0633 0x2b8c [ A8BD191F46CC58E45637CB3E262CF0F2, CA65524427ECDB5E1138A5F8E885566064E507BA60FC31E0D9D17B9556CC9ADC ] XblGameSave C:\WINDOWS\System32\XblGameSave.dll
19:45:58.0648 0x2b8c XblGameSave - ok
19:45:58.0658 0x2b8c [ B10655A4C2EFDC25483D670EF52A4854, 2D9DC81AE73FDFE7F4E395BEC8E806E6BAD8DE0470027EEEC256AC4A4B7C7AA4 ] xboxgip C:\WINDOWS\System32\drivers\xboxgip.sys
19:45:58.0665 0x2b8c xboxgip - ok
19:45:58.0669 0x2b8c [ E099DED5C602AE4A7ECCF7CD4B1D2E33, 7FDAFFE13B87A8E6AA8721F8905FFF6EF04CAB93009F68EDA862B57EBB04514F ] XboxGipSvc C:\WINDOWS\System32\XboxGipSvc.dll
19:45:58.0672 0x2b8c XboxGipSvc - ok
19:45:58.0688 0x2b8c [ EF83C2EF7F152DFDC6D9F1AEC6FBE66F, 21D4FCD12F9D40D066F05936131A4F7BAB301DD800C85921476EC182B9D27D0B ] XboxNetApiSvc C:\WINDOWS\system32\XboxNetApiSvc.dll
19:45:58.0703 0x2b8c XboxNetApiSvc - ok
19:45:58.0708 0x2b8c [ 2E50A379A8E4F6C5D85E87C26C08D329, ADA0C344FE58A3772FFF7417268160E488741C5B2F08CA12ED587AB7F75756F6 ] xinputhid C:\WINDOWS\System32\drivers\xinputhid.sys
19:45:58.0708 0x2b8c xinputhid - ok
19:45:58.0713 0x2b8c ================ Scan global ===============================
19:45:58.0713 0x2b8c [ EEA8447A2E39A39F66C74BA66C421F92, 7FFC5294E0D0438E7450ED36947AB04D0C84DF4E1C9F2D49340D3BA586FFFAB2 ] C:\WINDOWS\system32\basesrv.dll
19:45:58.0718 0x2b8c [ 0F873CD0851C8FCD195DAD6D560E9F1F, AE19561187908D2BD6B97B0F94920837CC1F2F6158F6F3AD81DDFDF2648724D1 ] C:\WINDOWS\system32\winsrv.dll
19:45:58.0723 0x2b8c [ 7DD72CBE412C9567661F4B1CE9631FC1, 8D914805CBDAF448C8C132C4C3FEB1D90804F4F485180F7364A75EC5655A4DDB ] C:\WINDOWS\system32\sxssrv.dll
19:45:58.0738 0x2b8c [ C81F9707DEA008EED4071B5A39B7C76E, 47FFEF27A479ED6B325B22296B6853D7E57B53E8E712824F3881E510D5C93667 ] C:\WINDOWS\system32\services.exe
19:45:58.0743 0x2b8c [ Global ] - ok
19:45:58.0743 0x2b8c ================ Scan MBR ==================================
19:45:58.0743 0x2b8c [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
19:45:58.0753 0x2b8c \Device\Harddisk0\DR0 - ok
19:45:58.0753 0x2b8c [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
19:45:58.0758 0x2b8c \Device\Harddisk1\DR1 - ok
19:45:58.0758 0x2b8c ================ Scan VBR ==================================
19:45:58.0764 0x2b8c [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition1
19:45:58.0764 0x2b8c \Device\Harddisk0\DR0\Partition1 - ok
19:45:58.0766 0x2b8c [ DE2397F33B875756A7BAA9538835E5B5 ] \Device\Harddisk0\DR0\Partition2
19:45:58.0767 0x2b8c \Device\Harddisk0\DR0\Partition2 - ok
19:45:58.0768 0x2b8c [ 076898E0EE877F99830F09C59A60BE4D ] \Device\Harddisk1\DR1\Partition1
19:45:58.0769 0x2b8c \Device\Harddisk1\DR1\Partition1 - ok
19:45:58.0771 0x2b8c [ 2950437B132C1AEB87918E19BAEC190A ] \Device\Harddisk1\DR1\Partition2
19:45:58.0772 0x2b8c \Device\Harddisk1\DR1\Partition2 - ok
19:45:58.0774 0x2b8c [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk1\DR1\Partition3
19:45:58.0775 0x2b8c \Device\Harddisk1\DR1\Partition3 - ok
19:45:58.0777 0x2b8c [ FF04ECD51649378D5A33AAE54901F47C ] \Device\Harddisk1\DR1\Partition4
19:45:58.0778 0x2b8c \Device\Harddisk1\DR1\Partition4 - ok
19:45:58.0778 0x2b8c [ 7BB879BFF128E3D31481C27B64807931 ] \Device\Harddisk1\DR1\Partition5
19:45:58.0778 0x2b8c \Device\Harddisk1\DR1\Partition5 - ok
19:45:58.0783 0x2b8c [ A35149E07A305A74C86D58A86E24A647 ] \Device\Harddisk1\DR1\Partition6
19:45:58.0783 0x2b8c \Device\Harddisk1\DR1\Partition6 - ok
19:45:58.0783 0x2b8c [ 2D2290263D702A53004631757066513E ] \Device\Harddisk1\DR1\Partition7
19:45:58.0788 0x2b8c \Device\Harddisk1\DR1\Partition7 - ok
19:45:58.0788 0x2b8c ================ Scan generic autorun ======================
19:45:58.0788 0x2b8c SecurityHealth - ok
19:45:58.0898 0x2b8c [ 641B19018CB32619ADBD0AED4964E1D9, 4F85CD33E69A1EE9C145407E2FE28C0D6EAE0782576D656E583052A69677A910 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
19:45:58.0983 0x2b8c RTHDVCPL - ok
19:45:59.0008 0x2b8c [ BC5A40AEAC1CF7708D07CBC2F577F90B, A70B2C08CE007532739C60B474289459225D0554C8C5DA113DC649955BDC9DF6 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
19:45:59.0023 0x2b8c RtHDVBg - ok
19:45:59.0028 0x2b8c [ 4A0477ADCD07EC9D21257A2E456B16C5, CEF9C81730C12283A7600C3D921D89A62B14D1C46544B493F3AF7520DD2D1F79 ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
19:45:59.0028 0x2b8c IAStorIcon - ok
19:45:59.0038 0x2b8c [ 48515EEA1608ECD83FE26C7490460F59, C7C552D13ED12B4165FDE45F69E170D4F18B746D84B3B08E7254AAF8D9671D0C ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
19:45:59.0043 0x2b8c AdobeAAMUpdater-1.0 - ok
19:45:59.0053 0x2b8c [ 3E1EF2FA106DC079C6B2C20B79A6526B, 891522585FD5260647E6B975719DCE9F4C89CF488B4C914243A4AC8B83B747A1 ] C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe
19:45:59.0058 0x2b8c DropboxOEM - ok
19:45:59.0068 0x2b8c [ 187F4C75A89E3F412322C94526320074, D78FA7EF93C8C7B4326A5B6DB04A92ADD091DF00658FA8731D07C5D3BE29ED04 ] C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe
19:45:59.0069 0x2b8c BCSSync - ok
19:45:59.0075 0x2b8c [ 8B8D5163D9FAE0C9AE0BA9FF39874EF8, 371FCE09EAC6E8C8CC97CA629FD00567A0A31AFB64D93B043C3570702B74EB0C ] C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe
19:45:59.0088 0x2b8c Raptr - ok
19:45:59.0093 0x2b8c [ A6945440C3303811C5255EC5EE56FA8E, AF5220018266FD515CD8A040C06C2CD80A4AD62A32D6296C3AB793CEB8BAD639 ] C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe
19:45:59.0093 0x2b8c PlaysTV - ok
19:45:59.0103 0x2b8c [ CD41B0206FD50FC310AC8FE6E1DF9A7D, 16AF23E61992924EC42CDAA77CEBD0BA89C386E6FE91C172BD2470E1599CA95D ] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe
19:45:59.0113 0x2b8c Nikon Message Center 2 - ok
19:45:59.0113 0x2b8c Adobe Creative Cloud - ok
19:45:59.0398 0x2b8c [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
19:45:59.0637 0x2b8c OneDriveSetup - ok
19:45:59.0931 0x2b8c [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
19:46:00.0130 0x2b8c OneDriveSetup - ok
19:46:00.0176 0x2b8c [ EE2826CAAF139688445D93C7C6613EE3, A343D94D748F8A2C06EA45566ECCCE1FCDC7660E0A2DBFF92E9741904FE0D559 ] C:\Users\Massimo\AppData\Local\Microsoft\OneDrive\OneDrive.exe
19:46:00.0191 0x2b8c OneDrive - ok
19:46:00.0221 0x2b8c [ DEE1DEA6062FFD0D5114A58F89273C5E, EBA0DE566AFFB5FFE8302DB5962FD4C53D906818F5B3A2B6CB09372F86D7464D ] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATI9SE.EXE
19:46:00.0226 0x2b8c EPSON Stylus Photo R2400 - ok
19:46:00.0252 0x2b8c [ 72BC198F29E8E32DD4BD2B32625683AB, 6BE16DBD9FE94CED59F902D135013201E8AD74516C1DA3323F0F981198AD7E76 ] C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
19:46:00.0262 0x2b8c GarminExpressTrayApp - ok
19:46:00.0267 0x2b8c Waiting for KSN requests completion. In queue: 231
19:46:01.0326 0x2b8c AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.11.15063.332 ), 0x60100 ( disabled : updated )
19:46:01.0326 0x2b8c AV detected via SS2: Malwarebytes, C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe ( 3.0.0.143 ), 0x61000 ( enabled : updated )
19:46:01.0326 0x2b8c AV detected via SS2: Bitdefender Antivirus, C:\Program Files\Bitdefender\Bitdefender Security\wscfix.exe ( 22.0.10.127 ), 0x41000 ( enabled : updated )
19:46:01.0331 0x2b8c FW detected via SS2: Bitdefender Firewall, C:\Program Files\Bitdefender\Bitdefender Security\wscfix.exe ( 22.0.10.127 ), 0x41010 ( enabled )
19:46:01.0613 0x2b8c ============================================================
19:46:01.0613 0x2b8c Scan finished
19:46:01.0613 0x2b8c ============================================================
19:46:01.0628 0x2c78 Detected object count: 0
19:46:01.0628 0x2c78 Actual detected object count: 0

ROGUEKILLER

Se ho capito qualcosa mi sembra che adv cleaner ha trovato due folders sospetti e li ho eliminati.

Roguekiller 3 PUM che come da istruzioni non ho eliminato.

Quanto sopra per PC fisso. Attendo "responso" e se devo eseguire anche i due che non sono riuscito o non mi sono arrischiato di eseguire per quanto detto sopra.

Ora devo fare PC portatile ma aspetto prima risposte a questo.

Grazie

Nom preoccuparti, antirootkit non fa danni....
Frst non è dannoso, quindi eseguilo è il piu importante,posti i due report vhe rilascia...puo capitare che lo rilevano come dannoso ....ma ti ci posso meztere la mano sul fuoco che non è pericoso....

Ciao.
Ho eseguito antirootkit e non mi ha segnalato problemi. Però non sono riuscito a salvare il log, però mi diceva tutto ok. Se serve lo faccio rigirare.

Poi ho provato a far girare FRST ma il sistema me lo blocca. Mi appare un messaggio di application error che dice:

"Exception EAccessViolation in module ERUNT.exe at 00003A68. Access violation at address 00403A68 in module 'ERUNT'.exe'. Write of address 0069005C."

E non mi fa girare il programma. Che devo fare? Per il resto gli altri log vanno bene, posso dire che il PC non è infetto? Ed i due file PUM che ha rilevato Rogue Killer, li devo eliminare?

Grazie

Ho poi eseguito tutti i programmi indicati sul PC PORTATILE, di seguito posto i report.
Quelli di sopra erano del desktop, questi di seguito del portatile.

malware bytes

adv cleaner 1° report

adv cleaner 2° report

tdss ha sempre il problema che è troppo grosso per inviarlo come allegato. Lo incollo di nuovo:

04:49:56.0792 0x30b8 TDSS rootkit removing tool 3.1.0.15 Apr 18 2017 11:34:02
04:49:56.0792 0x30b8 UEFI system
04:50:01.0351 0x30b8 ============================================================
04:50:01.0351 0x30b8 Current date / time: 2017/09/27 04:50:01.0351
04:50:01.0351 0x30b8 SystemInfo:
04:50:01.0351 0x30b8
04:50:01.0351 0x30b8 OS Version: 10.0.15063 ServicePack: 0.0
04:50:01.0351 0x30b8 Product type: Workstation
04:50:01.0351 0x30b8 ComputerName: DESKTOP-J6B9VBM
04:50:01.0351 0x30b8 UserName: numer
04:50:01.0351 0x30b8 Windows directory: C:\Windows
04:50:01.0351 0x30b8 System windows directory: C:\Windows
04:50:01.0351 0x30b8 Running under WOW64
04:50:01.0351 0x30b8 Processor architecture: Intel x64
04:50:01.0351 0x30b8 Number of processors: 8
04:50:01.0351 0x30b8 Page size: 0x1000
04:50:01.0351 0x30b8 Boot type: Normal boot
04:50:01.0351 0x30b8 CodeIntegrityOptions = 0x0000C001
04:50:01.0351 0x30b8 ============================================================
04:50:03.0959 0x30b8 KLMD registered as C:\Windows\system32\drivers\74847907.sys
04:50:03.0959 0x30b8 KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 15063.0, osProperties = 0x19
04:50:06.0070 0x30b8 System UUID: {D2F69DE0-3099-6A66-E55F-9E7EF9EF070B}
04:50:06.0529 0x30b8 Drive \Device\Harddisk0\DR0 - Size: 0x773C256000 ( 476.94 Gb ), SectorSize: 0x200, Cylinders: 0xF334, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
04:50:06.0529 0x30b8 ============================================================
04:50:06.0529 0x30b8 \Device\Harddisk0\DR0:
04:50:06.0529 0x30b8 GPT partitions:
04:50:06.0529 0x30b8 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {C0264DCB-875A-4FD3-82B1-A353E72E9006}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0xFA000
04:50:06.0529 0x30b8 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {E4BF9792-4312-4F67-AA4C-85C6E4842725}, Name: Microsoft reserved partition, StartLBA 0xFA800, BlocksNum 0x40000
04:50:06.0529 0x30b8 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {D6518B33-0224-4E99-BD41-12996C09411E}, Name: Basic data partition, StartLBA 0x13A800, BlocksNum 0x39973800
04:50:06.0529 0x30b8 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {BA3C55F9-C342-4FEC-8DA9-33D29EEF5800}, Name: , StartLBA 0x39AAE000, BlocksNum 0xF9000
04:50:06.0529 0x30b8 \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {3C130A3C-97A1-450B-8F3B-3AECF86A0D63}, Name: , StartLBA 0x39BA7000, BlocksNum 0x1BDB000
04:50:06.0529 0x30b8 \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {F78369C6-A914-45E2-B52A-EFF22D39D693}, Name: , StartLBA 0x3B782800, BlocksNum 0x25E800
04:50:06.0529 0x30b8 MBR partitions:
04:50:06.0529 0x30b8 ============================================================
04:50:06.0529 0x30b8 C: <-> \Device\Harddisk0\DR0\Partition3
04:50:06.0529 0x30b8 ============================================================
04:50:06.0529 0x30b8 Initialize success
04:50:06.0529 0x30b8 ============================================================
04:50:14.0531 0x2f5c ============================================================
04:50:14.0531 0x2f5c Scan started
04:50:14.0531 0x2f5c Mode: Manual;
04:50:14.0531 0x2f5c ============================================================
04:50:14.0531 0x2f5c KSN ping started
04:50:15.0052 0x2f5c KSN ping finished: true
04:50:15.0484 0x2f5c ================ Scan system memory ========================
04:50:15.0484 0x2f5c System memory - ok
04:50:15.0484 0x2f5c ================ Scan services =============================
04:50:15.0552 0x2f5c [ AAB860A5E606B9621E130D8C29D3F305, 93466620433B27F3BCFECDA26DD420AD1E5219034BA3B4E930EDED6D6728AE5C ] 1394ohci C:\Windows\System32\drivers\1394ohci.sys
04:50:15.0568 0x2f5c 1394ohci - ok
04:50:15.0568 0x2f5c [ 4140B14929C555E9513D59A2EEB5C471, 39A8400B3AA7FB1D8EBE87E65F89881AB23B6AE911BECAEC1FD86C7DADD4F1AA ] 3ware C:\Windows\system32\drivers\3ware.sys
04:50:15.0568 0x2f5c 3ware - ok
04:50:15.0584 0x2f5c [ AC251B31370C1E00F577928260B8939F, D60946F1C43A8C2B9C989A1E259FDA44055F94766615F344CF8E28A7F104BC70 ] ACPI C:\Windows\system32\drivers\ACPI.sys
04:50:15.0600 0x2f5c ACPI - ok
04:50:15.0600 0x2f5c [ 3E5E5DAE5CAEC0209C93D3AD8128D8A0, 5CFA4D715AE8D928EA11F213C5A7B0B1C1705D2A8FF041E0A1988E645E669C54 ] AcpiDev C:\Windows\System32\drivers\AcpiDev.sys
04:50:15.0600 0x2f5c AcpiDev - ok
04:50:15.0600 0x2f5c [ F72D7CC7E7A97A09757313F3B4C7E17A, 36E3363380C51A2DB58D3177655A0A75DAA977C00C5A9C60A189068C0AFDC643 ] acpiex C:\Windows\system32\Drivers\acpiex.sys
04:50:15.0600 0x2f5c acpiex - ok
04:50:15.0615 0x2f5c [ F04B6F53FBDB2B6B0451AE53DE19F0C9, 41A8C314A46867BAA45CD9666AAF734AD45B74E2033A8E66D93E17CDDAD66578 ] acpipagr C:\Windows\System32\drivers\acpipagr.sys
04:50:15.0615 0x2f5c acpipagr - ok
04:50:15.0615 0x2f5c [ C347A6095F3BE417D24F1E1349F4AF0F, 72C9D759BB132985AF55860658DC01F08590A2BD7E976FCF25E1314C5AA1D37B ] AcpiPmi C:\Windows\System32\drivers\acpipmi.sys
04:50:15.0615 0x2f5c AcpiPmi - ok
04:50:15.0615 0x2f5c [ 686BFFC47454DD2F58795C2EE891CA9F, 6CC4B6679914742D700A8373DED2DD9A821CA5284D4D73493BA0855DB8E6520A ] acpitime C:\Windows\System32\drivers\acpitime.sys
04:50:15.0615 0x2f5c acpitime - ok
04:50:15.0631 0x2f5c [ FBDA59118E59B3722248C66BAD89CAA9, 11AB83499757E3143834348DE39E85D56EC853071C96337C3ADD8A1E374C6CBC ] ADP80XX C:\Windows\system32\drivers\ADP80XX.SYS
04:50:15.0653 0x2f5c ADP80XX - ok
04:50:15.0669 0x2f5c [ 5A6D591D56791BA63CE73FCAD60D89A1, 7467E40EF0653A1A09CFD28A1EF8B75052D010E42C32F2E8B60B98ED87092CE1 ] AFD C:\Windows\system32\drivers\afd.sys
04:50:15.0669 0x2f5c AFD - ok
04:50:15.0700 0x2f5c [ 078B785A7533B7059A236017B3B060A4, 43B3E716009136A5A5A86BF8546DE6C416CA3B7F8EEC242D9D44EF12111B7A6E ] AGSService C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
04:50:15.0731 0x2f5c AGSService - ok
04:50:15.0731 0x2f5c [ 1D914C996F2C3134E2344BB74F79BCF6, D27AF01BA29784555AF7D2E89A3A65E81D6AFE1D3C7E8F9367F06D9DF5F88069 ] ahcache C:\Windows\system32\DRIVERS\ahcache.sys
04:50:15.0731 0x2f5c ahcache - ok
04:50:15.0748 0x2f5c [ 41856B40EE15F96DEC8755AB01FA3CF7, 33C3C899AF9CA15BE5A4CF097FF43DF3F0DBA0E48B6F1E28AE3E76AD76A1C361 ] AJRouter C:\Windows\System32\AJRouter.dll
04:50:15.0750 0x2f5c AJRouter - ok
04:50:15.0753 0x2f5c [ F485CA5559DB37A4882467A4F7D58BEA, A1C648EFE12A5A3356BC0949372ADD0FF0CA2F5A8F992EB71C87E9C0D5C92BB2 ] ALG C:\Windows\System32\alg.exe
04:50:15.0753 0x2f5c ALG - ok
04:50:15.0753 0x2f5c [ 9C39FBA94FFEF04561D13ED0D1B50DD0, 53FA118DEF37F0BA6030B9CB4C17019E6B5934941514756D66143B7BB66D7CA1 ] AmdK8 C:\Windows\System32\drivers\amdk8.sys
04:50:15.0753 0x2f5c AmdK8 - ok
04:50:15.0753 0x2f5c [ 395D56FA2E22A10AE4774440D086F559, 24D7CBE9B82DC8900D9A5E345347FEC330D47FDBD1517A2AC10218BA2A9DFAA9 ] AmdPPM C:\Windows\System32\drivers\amdppm.sys
04:50:15.0769 0x2f5c AmdPPM - ok
04:50:15.0769 0x2f5c [ EB729A9ADCB9F9C406B533F95E2F67D4, EDCB8E39C503FF30ECB82F368242179E2788C12B4FD9B557F38380A934E7D8E7 ] amdsata C:\Windows\system32\drivers\amdsata.sys
04:50:15.0769 0x2f5c amdsata - ok
04:50:15.0769 0x2f5c [ 3B5C5C696F33FE61F1922533B03B9316, C9BAAA9B02547C66A276A31958DFD2A289C5963A4EE3FF306535565240D816CC ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
04:50:15.0785 0x2f5c amdsbs - ok
04:50:15.0785 0x2f5c [ A7D45A303FF8A9493C96C4B804051E6E, 6074C264876A398039D3F89905A486ABA5BDACA038B79920A34323B38CFCB358 ] amdxata C:\Windows\system32\drivers\amdxata.sys
04:50:15.0785 0x2f5c amdxata - ok
04:50:15.0785 0x2f5c [ 5180537517C27375B1F2CB37ED599FAF, 121BF0E3BDE068CC1E1E9B24DC334BA29348725E9BFB790699E4CC66664A4C3D ] AppID C:\Windows\system32\drivers\appid.sys
04:50:15.0800 0x2f5c AppID - ok
04:50:15.0800 0x2f5c [ F7FEBF66A705F18DC063DFD259F15102, 394DA8A7355573C4D81C375450DF5C5B2FA6360E246B06FDE8E7F9ADF21360FA ] AppIDSvc C:\Windows\System32\appidsvc.dll
04:50:15.0800 0x2f5c AppIDSvc - ok
04:50:15.0800 0x2f5c [ 43116A8BCA28D336205D539EAAE200C6, AC4783D766949770FEBAA55BD38CA0DB703944D64A4AEC8754C023807002A72B ] Appinfo C:\Windows\System32\appinfo.dll
04:50:15.0800 0x2f5c Appinfo - ok
04:50:15.0816 0x2f5c [ EAF36A714E16A69B8B4ED7591CBA77B6, 11FE2A5D991FB8AF78F4E78FB6DF02005EC5404DC298FE2D4E7774BB0011AB52 ] applockerfltr C:\Windows\system32\drivers\applockerfltr.sys
04:50:15.0816 0x2f5c applockerfltr - ok
04:50:15.0816 0x2f5c [ 91DB5775249920FD245851E0BC97D8C4, FCB53766AB377EF2E385CD2F6D0D2CEF485C07A5EAAB68FB1C798E6264832386 ] AppReadiness C:\Windows\system32\AppReadiness.dll
04:50:15.0832 0x2f5c AppReadiness - ok
04:50:15.0869 0x2f5c [ BFFD13AC0E8D9B044B4D41E09C3E6991, FD1EB0785F79477D0ADF43976DC3FE8721615C9B98DEE693694F037E490EA92D ] AppXSvc C:\Windows\system32\appxdeploymentserver.dll
04:50:15.0901 0x2f5c AppXSvc - ok
04:50:15.0916 0x2f5c [ 6E456A94B9BD7F6B4758729BCEDE40C3, 2F3146AC960992FA947A8E8C4D5497624A5BC69B7A3EECA117AD599C70DDE8E3 ] arcsas C:\Windows\system32\drivers\arcsas.sys
04:50:15.0916 0x2f5c arcsas - ok
04:50:15.0916 0x2f5c [ 766F3A7E42AFCF74265FAC78987D1665, 8FE82913DF5CF79B49B28B3CD782AF09FF30585A37473AE3E518A26C5D6453D0 ] AsyncMac C:\Windows\System32\drivers\asyncmac.sys
04:50:15.0916 0x2f5c AsyncMac - ok
04:50:15.0916 0x2f5c [ 01733BEEE02E51F712330D5909BD701C, A583B482DBE701A752EDFDEAE2EF16D7160DFEA6077E0C8EF013828E285D960A ] atapi C:\Windows\system32\drivers\atapi.sys
04:50:15.0916 0x2f5c atapi - ok
04:50:15.0932 0x2f5c [ 344566D820BED968FA65F5F7F14D56D4, 9B483FF87EEA67D5A2FC233F4735D676777B7478929D5B30D439C81EC2D2B66C ] AtherosSvc C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
04:50:15.0932 0x2f5c AtherosSvc - ok
04:50:15.0952 0x2f5c [ 329F315D04B64BC185A59FE17A2AD6CE, B9721AD1641E3E96D1C07294884506EBED5D05921A9F9FC263711C28AD040693 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
04:50:15.0953 0x2f5c AudioEndpointBuilder - ok
04:50:15.0969 0x2f5c [ 67ADB26CC1B504E9566B9106277DE92B, AF137C9FE9B3A231C7662F2E59EF12482396CFD8AC020DF6BDBFDD9A1209A98D ] Audiosrv C:\Windows\System32\Audiosrv.dll
04:50:15.0985 0x2f5c Audiosrv - ok
04:50:16.0000 0x2f5c [ 6086B5EE0DA4600B2EC2725D82DEB74E, C67CA7021D710CFDCF62B17A2B2890E61E4F1E3D956312688454FD85738C303F ] AxInstSV C:\Windows\System32\AxInstSV.dll
04:50:16.0000 0x2f5c AxInstSV - ok
04:50:16.0000 0x2f5c [ 0914A5E66C0775CE11960452A6434FEC, 978C1E20023841FBFEF0CEAFE09EDB679612C8E5986C6E40C1F6D0835112D13E ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
04:50:16.0016 0x2f5c b06bdrv - ok
04:50:16.0016 0x2f5c [ F8129321B1874D4386F7FEB754BC3380, 7264E7E2A339E456C0A1A40FDFAE0D202905467400B93FA0700498B86172337F ] BasicDisplay C:\Windows\System32\drivers\BasicDisplay.sys
04:50:16.0016 0x2f5c BasicDisplay - ok
04:50:16.0016 0x2f5c [ E2BFD01BD0ECF2BDE9420022147952A4, 7798211996143067787881A1362D07B95CF688E96192E3627D30347C719D40CB ] BasicRender C:\Windows\System32\drivers\BasicRender.sys
04:50:16.0016 0x2f5c BasicRender - ok
04:50:16.0032 0x2f5c [ 739D089777D2B66DBE7201E5EA4BA2D7, 9AD12E18A042C5B8EFB19297BC2E7BD1FEF75A138FEFB64C6BF0261FD3E53AB1 ] bcmfn2 C:\Windows\System32\drivers\bcmfn2.sys
04:50:16.0032 0x2f5c bcmfn2 - ok
04:50:16.0032 0x2f5c [ C3B27514035315E3C1FCE64E69E253ED, 03AF100927077AD608C5EA47A17081CEA849F44C471AF978F410B83E2ABA5AE7 ] BDESVC C:\Windows\System32\bdesvc.dll
04:50:16.0051 0x2f5c BDESVC - ok
04:50:16.0054 0x2f5c [ ED03D2ACE378C9EB8BB957ABBD85B951, E9AE3025DC4956B736651B20AEA665909C2B468F9AE3E317F545DD4EEEA7D9E8 ] Beep C:\Windows\system32\drivers\Beep.sys
04:50:16.0054 0x2f5c Beep - ok
04:50:16.0054 0x2f5c [ 1FDC6CB56572203E6F4BF4E3FB30B886, 81D5C77C823DC078EEEB2DABEE5203D542C824E04FEDD96AA58F96037C065155 ] BFE C:\Windows\System32\bfe.dll
04:50:16.0069 0x2f5c BFE - ok
04:50:16.0069 0x2f5c [ AA383BD1C5FD0B13160F075FE6DD6E99, B4B1E667B26E15AA8EA1E86D601027E13F374901338D7DCA47794122C477D40D ] BfLwf C:\Windows\system32\DRIVERS\bwcW10x64.sys
04:50:16.0085 0x2f5c BfLwf - ok
04:50:16.0101 0x2f5c [ 5C0D4DBACB90D9ECE77907F4F6CF9EF6, FC29F03FB7E58A9ED17A34BC2D8E39533070B8B23D1A110622C3A213BF48CD2D ] BITS C:\Windows\System32\qmgr.dll
04:50:16.0116 0x2f5c BITS - ok
04:50:16.0116 0x2f5c [ 2342B8619193B0D9FAC0D02C69DCE74A, 06A1512C9750ACD154DE8873DE6628355B7195759CE54FA96097EA6D56BE320E ] bowser C:\Windows\system32\DRIVERS\bowser.sys
04:50:16.0116 0x2f5c bowser - ok
04:50:16.0132 0x2f5c [ 06373FF017097FD40D60219980871FA0, 9366823AA3C248DD06FBFA237DCFDB2A9B7F93BA7115D235792DD81DDDA79C1F ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
04:50:16.0154 0x2f5c BrokerInfrastructure - ok
04:50:16.0154 0x2f5c [ 9C7F445B018AB4744B6E0C657B5D1833, 83D04F5E3D4BA46BBD8A67764A60F5731F86B0BE3A85C2858E002ABCC362F592 ] Browser C:\Windows\System32\browser.dll
04:50:16.0154 0x2f5c Browser - ok
04:50:16.0169 0x2f5c [ 528C1166F873E1F5AE3D38748139036C, 4DB53DB42E7820D47DE15C41FD797BA0C0499C829CB7220700ACEECAD96B0EB0 ] BtFilter C:\Windows\system32\DRIVERS\btfilter.sys
04:50:16.0169 0x2f5c BtFilter - ok
04:50:16.0185 0x2f5c [ AF57F0B0E284BE06860A7B701341324D, F94E44C777FDC049158B7BF73DAFCDB103D08493AC898D1C928771650F664412 ] BthAvrcpTg C:\Windows\System32\drivers\BthAvrcpTg.sys
04:50:16.0185 0x2f5c BthAvrcpTg - ok
04:50:16.0185 0x2f5c [ CE5210E1DFD49B2F02507C30B9B26CB4, DEFF3AC61FFD39EDB5C42E2623B35471292A5182A001511D9209C4BA5377A3E1 ] BthEnum C:\Windows\System32\drivers\BthEnum.sys
04:50:16.0185 0x2f5c BthEnum - ok
04:50:16.0185 0x2f5c [ E1E55BA45510B2B0309E2C77ABEB1BFE, EA7BDEC354190F1033B14847606220D414C1A52C938C9327A4765032D28B6960 ] BthHFEnum C:\Windows\System32\drivers\bthhfenum.sys
04:50:16.0185 0x2f5c BthHFEnum - ok
04:50:16.0200 0x2f5c [ 336A9C0254A0178ED50281B6EDF5B836, C9C454C6EC4FF5897B1873A7E90D1CE8122E43783E978A570CEA75E15F65DE97 ] bthhfhid C:\Windows\System32\drivers\BthHFHid.sys
04:50:16.0200 0x2f5c bthhfhid - ok
04:50:16.0200 0x2f5c [ 47D2C4722BF3C7340B475B386AA8D78D, 045F63F8E2E222E192880EDDC4B54C3741F42ED9C13322678BE2AAF28BB240CD ] BthHFSrv C:\Windows\System32\BthHFSrv.dll
04:50:16.0222 0x2f5c BthHFSrv - ok
04:50:16.0224 0x2f5c [ 2175D891ABDC407699FFDBC4C3B131FA, 07B858B2B8AEF62682FCCF7CFC4B23A6073D3E55B2E96F4BA63B6031D234A9AA ] BthLEEnum C:\Windows\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys
04:50:16.0224 0x2f5c BthLEEnum - ok
04:50:16.0224 0x2f5c [ 5428242193611BF91DDBF4F58900A55A, 91D59B0D0C7CA3DBBA8CA7CAD1E24845A224F451FC1880BE8CB7C1585AC79080 ] BTHMODEM C:\Windows\System32\drivers\bthmodem.sys
04:50:16.0224 0x2f5c BTHMODEM - ok
04:50:16.0224 0x2f5c [ D8044E77B06BAE2F8B5C48F3C7E1FF98, 85055EE08BAB6A55FEA1DAA385CDE9940B5BA31B5D4B84ADFE629C1AD94D8B3A ] BthPan C:\Windows\System32\drivers\bthpan.sys
04:50:16.0241 0x2f5c BthPan - ok
04:50:16.0254 0x2f5c [ 27B7348B88DE2F93C4FB4D53EC469AB0, 6B36724956C6A8AC453F279AF4CF70FD12BD57DFC68D880EBD84DFFDABF499BD ] BTHPORT C:\Windows\System32\drivers\BTHport.sys
04:50:16.0269 0x2f5c BTHPORT - ok
04:50:16.0269 0x2f5c [ 6927D295017E9F1A5D655A8F3A122672, 4B686C93056924580390440B49C721BD9039D5C972994D8EA96CA848B786B693 ] bthserv C:\Windows\system32\bthserv.dll
04:50:16.0269 0x2f5c bthserv - ok
04:50:16.0269 0x2f5c [ FA5CE6301192DD6ED4AA747B2C88FD42, F06A7748FCB6BBF0BB0A8348F505A1703EF2D1B59DC5BA6B600951200463F876 ] BTHUSB C:\Windows\System32\drivers\BTHUSB.sys
04:50:16.0269 0x2f5c BTHUSB - ok
04:50:16.0285 0x2f5c [ FF4F46CEF5ED7FDE650CA1D73D9FB663, 42B1E911793D57D148ABCB5CEC5990A62E4C8FE17F9D71951AEA3921DC6B4DE3 ] buttonconverter C:\Windows\System32\drivers\buttonconverter.sys
04:50:16.0285 0x2f5c buttonconverter - ok
04:50:16.0285 0x2f5c [ 029434AC0A3935F9125ABBD08BF7C30B, 742338B882488CA83F502ACEBFEDC2783B8D9D6C391FE1088988276315A065F6 ] CAD C:\Windows\System32\drivers\CAD.sys
04:50:16.0285 0x2f5c CAD - ok
04:50:16.0285 0x2f5c [ 307AE8BC9B45772DA02FB952A1D86C35, 4983AC71C8E164D9E6669D345925B4FBEDD0A0A4566887E7ECC56C996B66DBD4 ] CapImg C:\Windows\System32\drivers\capimg.sys
04:50:16.0285 0x2f5c CapImg - ok
04:50:16.0300 0x2f5c [ B6E5AD7C83A5254DEE9D86023C0E5A81, 40F297406A025378A6273535475C1FF8C99BC6502B17C0E161131DA754D7974B ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
04:50:16.0300 0x2f5c cdfs - ok
04:50:16.0316 0x2f5c [ A0E5905465CBCCB63FE915F5B08752A8, 435B39A8B1684FFE9F2720A2CD11AF5A5F55E701709939756322C2CD6A22E0FA ] CDPSvc C:\Windows\System32\CDPSvc.dll
04:50:16.0332 0x2f5c CDPSvc - ok
04:50:16.0332 0x2f5c [ 618DA70D0D90DF3602259C1B121794DD, D2AF7967DE38F3B7C10824A1C900A145F45C57C0F179753A85989406600C4279 ] CDPUserSvc C:\Windows\System32\CDPUserSvc.dll
04:50:16.0350 0x2f5c CDPUserSvc - ok
04:50:16.0354 0x2f5c [ ABE77AD954BC3D72F559CF0C381E50BC, D0F24B023D7CADD4893AAF223A9BAC00B2C58D552E0C314B506C01767FB74133 ] cdrom C:\Windows\System32\drivers\cdrom.sys
04:50:16.0354 0x2f5c cdrom - ok
04:50:16.0354 0x2f5c [ 62E13528B9F900A5662E243D4315F10B, B3F4868E80A3A2EDEC19E5AA32C96FF90B08D6B9BD35B80EA01E6A098D46040B ] CertPropSvc C:\Windows\System32\certprop.dll
04:50:16.0354 0x2f5c CertPropSvc - ok
04:50:16.0370 0x2f5c [ 3E2FA290F870DBF55AFA8E69C1DC307C, 53B3669B62935B204024E4E6B8B8DCC61E0C073DE9901EA17D2B11F610A55DFE ] cfwids C:\Windows\system32\drivers\cfwids.sys
04:50:16.0370 0x2f5c cfwids - ok
04:50:16.0370 0x2f5c [ 05EA22CFC40EDE05BF6E3BC782E5204C, F0C9C692FC31387E9D19426D3253317B6BA86D7118E3884C11E3287695006443 ] cht4iscsi C:\Windows\system32\drivers\cht4sx64.sys
04:50:16.0370 0x2f5c cht4iscsi - ok
04:50:16.0416 0x2f5c [ 863E1C9F6750446DFB9EDCAEC3531367, 88C5EE76FD85640EB1440DEFC7B6CB918E18DC09507BA91FAE285370B8C7D56A ] cht4vbd C:\Windows\System32\drivers\cht4vx64.sys
04:50:16.0432 0x2f5c cht4vbd - ok
04:50:16.0432 0x2f5c [ 3E416539352B007AD0610BF34AC15D31, E2041129770B24AE95C5EC4B507477C72DFE8CB08D412E2621BF67207F9DEB8C ] circlass C:\Windows\System32\drivers\circlass.sys
04:50:16.0449 0x2f5c circlass - ok
04:50:16.0452 0x2f5c [ 616E1ED94FA7F96D429D985FDB203D2E, EA681C442AA0F7D424C8DABD8D1C14653E61BDE740C0BC4C6C308B5FB4FE67AA ] CldFlt C:\Windows\system32\drivers\cldflt.sys
04:50:16.0452 0x2f5c CldFlt - ok
04:50:16.0454 0x2f5c [ AF0BF03C8574DD026FAF9A82A64C2D04, 363BF0C42181FA4CFBC3DB504F48496D62023F0E4A858DC8F739C08CC5AFA228 ] CLFS C:\Windows\system32\drivers\CLFS.sys
04:50:16.0454 0x2f5c CLFS - ok
04:50:16.0532 0x2f5c [ C9FF79CD4268FB18314B09BDE296F0AD, C113201D7FCCE9E77549402900AC910262CE99B3072DE2E04A794C3D09454BFF ] ClickToRunSvc C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
04:50:16.0569 0x2f5c ClickToRunSvc - ok
04:50:16.0600 0x2f5c [ FD6B0EC992CF75A03784C2B3F30D0E0B, 521ADCD3102B50B74DD08643CCB22E9F0A6F474C6A15C4DED25292112B719126 ] ClientAnalyticsService C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe
04:50:16.0616 0x2f5c ClientAnalyticsService - ok
04:50:16.0632 0x2f5c [ 6EA702AD5307947122E5C726047F0B8E, 98F22573944A69CFEDAEB79D308B703385CDFDE9C4CFBC8CDA44D837489122FE ] ClipSVC C:\Windows\System32\ClipSVC.dll
04:50:16.0649 0x2f5c ClipSVC - ok
04:50:16.0652 0x2f5c [ 5118CFC33BBB51C7E3ED441B7085AD26, 8D33864FF750926C4B95827FFAD24C558DE8A90FC5B2663084DEAB5ADBBFAFD2 ] clreg C:\Windows\System32\drivers\registry.sys
04:50:16.0652 0x2f5c clreg - ok
04:50:16.0653 0x2f5c [ 232F3A3AC3A2FB32C5C46503A6517073, 9E0232E095471E6C8825E870F5842838F1AE515E56410F6A5CC3D58A9A4AF33A ] CmBatt C:\Windows\System32\drivers\CmBatt.sys
04:50:16.0653 0x2f5c CmBatt - ok
04:50:16.0669 0x2f5c [ 3413CE81E02C091F33C4C3DD3071630F, 4758A2BB2FD453E9867C04CC420D12B279BB97E3C4E664A7058EA5F1EC63D04C ] CNG C:\Windows\system32\Drivers\cng.sys
04:50:16.0669 0x2f5c CNG - ok
04:50:16.0669 0x2f5c [ E1BFF774FF67CA951A5DFF0E104FB132, 68809C4B72C54CEDE3AD33F5634E15A0225A67B391F9012EC7CEBA8AFC6EC3D5 ] cnghwassist C:\Windows\system32\DRIVERS\cnghwassist.sys
04:50:16.0669 0x2f5c cnghwassist - ok
04:50:16.0700 0x2f5c [ DFDAEDB857BC18764F0D8ECDCC3C1499, AE12E908BAF53C605A17A9FB1AFD6BFBEC75EBE45D893541281473C197C71FED ] CompositeBus C:\Windows\System32\DriverStore\FileRepository\compositebus.inf_amd64_de4c68ea4fb1be53\CompositeBus.sys
04:50:16.0700 0x2f5c CompositeBus - ok
04:50:16.0700 0x2f5c COMSysApp - ok
04:50:16.0700 0x2f5c [ 04532711732BE9DBC364E88E4A9EC18A, FCEB1F486E146A3FE7307397C1EB6760BFD8A327545F81C546F7134B08615B9E ] condrv C:\Windows\system32\drivers\condrv.sys
04:50:16.0700 0x2f5c condrv - ok
04:50:16.0716 0x2f5c [ 45E027357EB67E29DA732463FE0B6074, 5097151C35BD7E3B9381751AFFF01014624375A479044F761108267F6B8BFB06 ] CoreMessagingRegistrar C:\Windows\system32\coremessaging.dll
04:50:16.0731 0x2f5c CoreMessagingRegistrar - ok
04:50:16.0731 0x2f5c [ F8C1FCC9BBCF4D6E393D54011A74D8F9, BF1CF6F76796339273AA9C6D5B7A036D62CBAC1A765104B9C5B542D30C8F7DC1 ] cphs C:\Windows\System32\DriverStore\FileRepository\ki122581.inf_amd64_39d9112bbe77f060\IntelCpHeciSvc.exe
04:50:16.0749 0x2f5c cphs - ok
04:50:16.0753 0x2f5c [ D4A150E610BA7FE8883A552FFA55A336, 1CFD2AABE61D0A644D84CAE7AE40F74B594FA8FF109909E7D4AE8959BFA5CB92 ] cplspcon C:\Windows\System32\DriverStore\FileRepository\ki122581.inf_amd64_39d9112bbe77f060\IntelCpHDCPSvc.exe
04:50:16.0753 0x2f5c cplspcon - ok
04:50:16.0753 0x2f5c [ 1F7F1A15B807BC7B241BB2FEEA79BC92, D756E2247757C274F3470B46FCDBB63317C05E8E66FDA9DB7ABF3A6820933D4C ] CryptSvc C:\Windows\system32\cryptsvc.dll
04:50:16.0769 0x2f5c CryptSvc - ok
04:50:16.0769 0x2f5c [ F51953EC4B9AACD92A3B3CE66E05CEF4, D39C9696213F53F89209000F245AC178B342A84E46EE766B634BB8DB86A26BB8 ] dam C:\Windows\system32\drivers\dam.sys
04:50:16.0769 0x2f5c dam - ok
04:50:16.0784 0x2f5c [ AA7F1C36F5BC779964CFA4F98D224D9F, 6DAF4FCE696B1D6A76E127A905C158724B13C20D2AA0F460F6C2E747E9525D98 ] DcomLaunch C:\Windows\system32\rpcss.dll
04:50:16.0800 0x2f5c DcomLaunch - ok
04:50:16.0800 0x2f5c [ A9DD971DDC793C549AFB97A6DDBD76B6, 5E35F4FFF5DC09A122DB93B760E13538AC5B6034EF72DB544815B3C6CD42DDD4 ] DDDriver C:\Windows\system32\drivers\DDDriver64Dcsa.sys
04:50:16.0800 0x2f5c DDDriver - ok
04:50:16.0816 0x2f5c [ 5EF7C24A40B15B4931F44461B41B3BDC, BCF968B0F9CF72047F61C688D62922D38BB290FB357EDB72876627980AF78F8E ] DDVCollectorSvcApi C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
04:50:16.0816 0x2f5c DDVCollectorSvcApi - ok
04:50:16.0869 0x2f5c [ 2108F9CE0C447B4935BF5976C7A8AD27, 683667B3884D9769AFFDC805495C6296B7ADFA4B4464F2C1E8CCEF98A9E2B796 ] DDVDataCollector C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
04:50:16.0900 0x2f5c DDVDataCollector - ok
04:50:16.0900 0x2f5c [ EB42E818A401740986483147C842AFFC, 632367EFBA90AE445F1D234C68A3358207AA284292C89BEF6AFDD4522BDBFF90 ] DDVRulesProcessor C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
04:50:16.0916 0x2f5c DDVRulesProcessor - ok
04:50:16.0916 0x2f5c [ 1175E107082287A58A756239F48E1A73, 0DB2017061D94FAC95CEBD7C4729E42018A92698D72CEE3EA412A9D14DB8D552 ] defragsvc C:\Windows\System32\defragsvc.dll
04:50:16.0931 0x2f5c defragsvc - ok
04:50:16.0931 0x2f5c [ 5D900CE5B6C9DED7C3F6F5DF553B2B1D, 9A0CF511941AE2373BB0ACD7EA05AA83241C4E3D30636F8939E53BCB9459E33B ] Dell Customer Connect C:\Program Files (x86)\Dell Customer Connect\DCCService.exe
04:50:16.0931 0x2f5c Dell Customer Connect - ok
04:50:16.0931 0x2f5c [ 802FC4E1B3E24185C731C81CD629F41D, FDA38B16E3D8CB1C6D7621AAD25663B954B7015F21F84524DAE2BB04923A996F ] Dell Foundation Services C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe
04:50:16.0931 0x2f5c Dell Foundation Services - ok
04:50:16.0948 0x2f5c [ 72AC1295EBF268B34DD1C82A2D42ABC8, 92CEAECC2936FDD1781820ED689B067CCD24849BC27947659980021651D4FA76 ] Dell SupportAssist Remediation C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe
04:50:16.0950 0x2f5c Dell SupportAssist Remediation - ok
04:50:16.0953 0x2f5c [ 30CD1CA02D737CA4F3D0CE2A947EECC1, CD05D1B9E33E6EFED829AF30AB57C163BDAC1BCEEF26648B6730D0BAE4A9E7E0 ] DellDigitalDelivery c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
04:50:16.0953 0x2f5c DellDigitalDelivery - ok
04:50:16.0953 0x2f5c [ 8205B97AAF15AFDD2ED7D8E6C5088396, E0B3E8E2856FD06F8AC892266E00D157F55A0EC895B8FF16AC6EDE9467694985 ] DellProf C:\Windows\system32\drivers\DellProf.sys
04:50:16.0953 0x2f5c DellProf - ok
04:50:16.0953 0x2f5c [ CAE8AEB8CABCC87D87763B7B97C24532, FE2EE43A44DA70CA45F783A25B94FE9D70E4B717D1BF2F28927FA1CD0A0460E9 ] DellUpdate C:\Program Files (x86)\Dell Update\DellUpService.exe
04:50:16.0969 0x2f5c DellUpdate - ok
04:50:16.0969 0x2f5c [ BBCAC50027D030E07EC7E5C36469FAFF, FEF39659F21D2AE676E4882FBAF5A881C534BB7EA26E5EFF9F7B5F8B952D6532 ] DeviceAssociationService C:\Windows\system32\das.dll
04:50:16.0985 0x2f5c DeviceAssociationService - ok
04:50:16.0985 0x2f5c [ A2BACEBAC01BE7A6656B454E75C23262, C2C168718A341D48679AC4CA8005BD06E9F1F0D1F7C72D3C30A7A8CE1F665A43 ] DeviceInstall C:\Windows\system32\umpnpmgr.dll
04:50:16.0985 0x2f5c DeviceInstall - ok
04:50:17.0000 0x2f5c [ 5B84093D490A6B060C8BE60BA52C876F, D34A854418A66529B18313A50E6D7EAB982611AD9AB0335245AE764FE0602C22 ] DevicesFlowUserSvc C:\Windows\System32\DevicesFlowBroker.dll
04:50:17.0000 0x2f5c DevicesFlowUserSvc - ok
04:50:17.0016 0x2f5c [ F08F70BBD833BAA3BF0D5E500CBEE6CC, 8BB99E6D96CB8B25036549030986EC267C26BF1FC66E4EB00A3E41FE3BB5DE70 ] DevQueryBroker C:\Windows\system32\DevQueryBroker.dll
04:50:17.0016 0x2f5c DevQueryBroker - ok
04:50:17.0016 0x2f5c [ 185A4519B7764F4DEF714D890A7A9FD2, 9805D9DB42D11582583EA3F0FFEE9EF2B0C536DA99A9A3D3863B2669B1CC34A7 ] Dfsc C:\Windows\system32\Drivers\dfsc.sys
04:50:17.0016 0x2f5c Dfsc - ok
04:50:17.0031 0x2f5c [ BC5188B3F35BB8070888441A2A740465, 05C18A3DC1BD96C6751E76DBF57C47E526A1F9DF5E013B20B69EA0159CD6CE56 ] Dhcp C:\Windows\system32\dhcpcore.dll
04:50:17.0031 0x2f5c Dhcp - ok
04:50:17.0031 0x2f5c [ 5DF493C7954890EEC65CC2A21D479F76, 67087AAAC2AF93F265077AA392444E32DC299918A843A8AECFBE73636A5F2314 ] diagnosticshub.standardcollector.service C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
04:50:17.0031 0x2f5c diagnosticshub.standardcollector.service - ok
04:50:17.0075 0x2f5c [ 9B844411D91C9BF616D2BCD91CC20723, 78C57216B4350E0AB4957423737FEE48B04A6D3C9F6BAF1A998D0FC1BD78ED17 ] DiagTrack C:\Windows\system32\diagtrack.dll
04:50:17.0106 0x2f5c DiagTrack - ok
04:50:17.0106 0x2f5c [ 1203EA16F36C5BEB2509FB7CC03DC178, 195209CB711E5BDE24A50C88AA62F32E8AE26F6A83B423374FCA41444F55D1CE ] Disk C:\Windows\system32\drivers\disk.sys
04:50:17.0106 0x2f5c Disk - ok
04:50:17.0122 0x2f5c [ 8BCFD0A4900E197DFA8679A13128EC79, DF09F3996F25F025E171DF3EF068BB9AC2DEC79BFCBCA5D58E9158CD7AD785B6 ] DmEnrollmentSvc C:\Windows\system32\Windows.Internal.Management.dll
04:50:17.0122 0x2f5c DmEnrollmentSvc - ok
04:50:17.0144 0x2f5c [ 038B8B76284BC291EC75B005BB3EB13F, FE7BD7CF833C4A96ABF4FD6EBAB829CC4D8096780A22A313035D7E49BBA12D36 ] dmvsc C:\Windows\System32\drivers\dmvsc.sys
04:50:17.0145 0x2f5c dmvsc - ok
04:50:17.0149 0x2f5c [ 32C76DFE2586EBECFFA4112E9196591C, 190C294F50B96B13D0B776F7C19DCB47EAACBEE999CBA50236CF8C856CF38B17 ] dmwappushservice C:\Windows\system32\dmwappushsvc.dll
04:50:17.0150 0x2f5c dmwappushservice - ok
04:50:17.0153 0x2f5c [ 8FD84F504BFD27FA9261B33F39737E5A, EE73EDA1314680C15C22A2EC65756677E805C7F2F7C5C01543CDD3D68F96F79F ] Dnscache C:\Windows\System32\dnsrslvr.dll
04:50:17.0153 0x2f5c Dnscache - ok
04:50:17.0153 0x2f5c [ F08CB37830A1F9950E8B2F7B1F78CC7E, E4E75645893597F6A02B98DC4F126A664F5DEF7B1CD4C2DEE5CA8ED18DB64C9C ] dot3svc C:\Windows\System32\dot3svc.dll
04:50:17.0169 0x2f5c dot3svc - ok
04:50:17.0169 0x2f5c [ 3425E26D0A7792F2EE7745C0336C2062, 54A3AFFC31C2641BCE1877F2CBA61D2CD7191BA39FD5B3659491E4E307570C1E ] DPS C:\Windows\system32\dps.dll
04:50:17.0169 0x2f5c DPS - ok
04:50:17.0169 0x2f5c [ BA6D7FBD468074DBA4F053BF868CC31C, C808EF2752E2176032DBAC8C12A624CAD3D3495F8C9A9336D25A15A750BF9CBF ] dptf_acpi C:\Windows\System32\drivers\dptf_acpi.sys
04:50:17.0169 0x2f5c dptf_acpi - ok
04:50:17.0184 0x2f5c [ E3FF0C39090CEF3C46DBEF72F70ADCE7, 7F91DB567D9BFEB25FD8407C22725734E5975E68A101EBCC0345A72A7C3B791C ] dptf_cpu C:\Windows\System32\drivers\dptf_cpu.sys
04:50:17.0184 0x2f5c dptf_cpu - ok
04:50:17.0184 0x2f5c [ 3D934A1C02EB6979CF45C70A71F580EC, 279B325E18ABF82FF523095D8D5958A3A48C7B7A4F64BD562DDED1D0662B608A ] drmkaud C:\Windows\System32\drivers\drmkaud.sys
04:50:17.0184 0x2f5c drmkaud - ok
04:50:17.0184 0x2f5c [ 5E92CB292D676634058E6C62653C9227, CE35C51B444664641306B4C2E21978B3418B58B2A973B19B908D86FE723FB4C4 ] DsmSvc C:\Windows\System32\DeviceSetupManager.dll
04:50:17.0200 0x2f5c DsmSvc - ok
04:50:17.0200 0x2f5c [ E479C2656A3A47F5D4FAD10AE6EAED52, B17D18D5440CF131EEADA385989A8ED0DB7728CAAC4E745720947DD1BC4F9EF6 ] DsSvc C:\Windows\System32\DsSvc.dll
04:50:17.0200 0x2f5c DsSvc - ok
04:50:17.0216 0x2f5c [ 682D7DF9704217DD8716307F9E2EEC05, A8D36414A7316C59995CF9689DD84B2FD3FECE47E39F515C81BC3C439890E993 ] DusmSvc C:\Windows\System32\dusmsvc.dll
04:50:17.0216 0x2f5c DusmSvc - ok
04:50:17.0254 0x2f5c [ 43693E1E7E73A8CE25E8E64F1063F26D, BA6ACA2A11D1B7A5FF93A464DF72E847988B1191A8B9BEDD2275590F7E9849A8 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
04:50:17.0285 0x2f5c DXGKrnl - ok
04:50:17.0285 0x2f5c [ ECA1628436628362856ACF239E6AFD29, 19051DC348918B863E0A272CF56891B8CB49E7E705B8BAC7663D36C797A7B962 ] EapHost C:\Windows\System32\eapsvc.dll
04:50:17.0285 0x2f5c EapHost - ok
04:50:17.0332 0x2f5c [ D64CD3AE93125EDA383190C2AF607E70, 3D180B96C6A2318842FA03AE5F703320A93CF1F440FF7D0E6F6F9BAD98F2FA02 ] ebdrv C:\Windows\system32\drivers\evbda.sys
04:50:17.0369 0x2f5c ebdrv - ok
04:50:17.0385 0x2f5c [ 9936F9E94C6E3F47A158D7BFF020575A, D28F6BBCBA07AD8FC17C99D701A0C9367270C4A504BAAB7B840931BBF333D65D ] EFS C:\Windows\System32\lsass.exe
04:50:17.0385 0x2f5c EFS - ok
04:50:17.0385 0x2f5c [ FFBB37982E6D24AEC7A2E5459098EAC9, E89DD74540088ECAC9E802D7A059C0A6E3E5412BD42E5E9F26258724458EF8DB ] EhStorClass C:\Windows\system32\drivers\EhStorClass.sys
04:50:17.0385 0x2f5c EhStorClass - ok
04:50:17.0385 0x2f5c [ ABF38D02E01D6ED87AE1DF65FC5DF62D, 57D48609DA30F60016D2ADEB9A772942FB39A117247EB63FAE3FCF50D726B698 ] EhStorTcgDrv C:\Windows\system32\drivers\EhStorTcgDrv.sys
04:50:17.0385 0x2f5c EhStorTcgDrv - ok
04:50:17.0401 0x2f5c [ 5E4AB60D50F368A09275F4055D621EDC, C840F5DF3C0813EC6CB9BA0C3C91F2C6410227A6255DEF5FA94C8AC1E43E36A0 ] embeddedmode C:\Windows\System32\embeddedmodesvc.dll
04:50:17.0401 0x2f5c embeddedmode - ok
04:50:17.0401 0x2f5c [ CA966CED8970A60FB00A3592564EF093, 4BD904032445235EE69DAA0024E0FB3D8B2325D897A683E334754EB3CA90AB39 ] EntAppSvc C:\Windows\system32\EnterpriseAppMgmtSvc.dll
04:50:17.0416 0x2f5c EntAppSvc - ok
04:50:17.0416 0x2f5c [ B9A59B4AD516E38C39FA416398B96CCB, 4630A9AD414476B47F634F2EB5659597797222A8938B68847B97FECCE1A1B5F8 ] ErrDev C:\Windows\System32\drivers\errdev.sys
04:50:17.0416 0x2f5c ErrDev - ok
04:50:17.0454 0x2f5c [ 5726DCC37AA48A0C14942370117758E3, 93F9A177D5ECA6DDDE4B9288E3B5E0905CEB797B4FE4CA36A4127B60EF3DDA02 ] esifsvc C:\Windows\system32\Intel\DPTF\esif_uf.exe
04:50:17.0470 0x2f5c esifsvc - ok
04:50:17.0485 0x2f5c [ 4B5D0135E2DEC933413D423DA4E97235, C9CE7D503E09AFCE463D8E14BAC6FD7879F2AFD13975F88F2DDF59EB9D222536 ] esif_lf C:\Windows\system32\DRIVERS\esif_lf.sys
04:50:17.0485 0x2f5c esif_lf - ok
04:50:17.0485 0x2f5c [ 11B9D886D7AE2F2F5C6BC03D7C52FD31, CA3EB6AB127A01311DA1C7CE3A2F4C2C3E3641F45718CFCA0F8AED7235BE910D ] ESProtectionDriver C:\Windows\system32\drivers\mbae64.sys
04:50:17.0485 0x2f5c ESProtectionDriver - ok
04:50:17.0501 0x2f5c [ 1541374239F33512D7F4D24ED1E9238C, 8B1548D4052A72175EB6ADA9FD4286ACD5041E1CE071DCAC3760BB227FCD3621 ] EventSystem C:\Windows\system32\es.dll
04:50:17.0517 0x2f5c EventSystem - ok
04:50:17.0517 0x2f5c [ 9C4D88E8614487AD85A6F18A71A7298F, EE6F48C89D6379C7361484EAE7C7FAAA477D48032BFDD0D363E48642E62EADF4 ] exfat C:\Windows\system32\drivers\exfat.sys
04:50:17.0532 0x2f5c exfat - ok
04:50:17.0532 0x2f5c [ C61014A176ECAAF97589E6FC979CE786, FB913AC647B68DB9854367BB1E53A504A85833966211279C8D7171698F743B27 ] fastfat C:\Windows\system32\drivers\fastfat.sys
04:50:17.0532 0x2f5c fastfat - ok
04:50:17.0554 0x2f5c [ ECC5AEFEA31F1A078E954305B8CA6373, 15948D017E3B52D3B4BBEC047F963BD77247E24A59F0532B6A023B0C4159FC84 ] Fax C:\Windows\system32\fxssvc.exe
04:50:17.0554 0x2f5c Fax - ok
04:50:17.0554 0x2f5c [ 853081957BA148F38FD8DE4390CFCF4A, 37C92C7ABA55A5FF7094F77F8EBEEE1F4BEE161CEC6B01A50FC0D0C39E36C142 ] fdc C:\Windows\System32\drivers\fdc.sys
04:50:17.0554 0x2f5c fdc - ok
04:50:17.0570 0x2f5c [ 885C06C35CC8FAEDDE3CDA36B72CA2A9, FF6584E7AF2FB540B2183665C3E216BE98DE953CEA6A7E4C5F13514BE4AAC9D3 ] fdPHost C:\Windows\system32\fdPHost.dll
04:50:17.0570 0x2f5c fdPHost - ok
04:50:17.0570 0x2f5c [ 367E878C79D9F391E3D53B6BBC1B6386, 739D89F6954E17B73F53702CFF8EE985FB241255D962A83BAF1A20E783CAF466 ] FDResPub C:\Windows\system32\fdrespub.dll
04:50:17.0570 0x2f5c FDResPub - ok
04:50:17.0570 0x2f5c [ 514F6A0B83527DD6ACCC8B21A57B10E3, EA3D401E42D05BA39E5874513DFB895A086BECE4D69FC1AC12F85F326A435A4B ] fhsvc C:\Windows\system32\fhsvc.dll
04:50:17.0570 0x2f5c fhsvc - ok
04:50:17.0586 0x2f5c [ 27E764D6460504B7271AFECE7A59FB76, A32B08142068BF042B3E47C0CA7F4FCFD07A37807B1B8DAAE614F3A132475D52 ] FileCrypt C:\Windows\system32\drivers\filecrypt.sys
04:50:17.0586 0x2f5c FileCrypt - ok
04:50:17.0586 0x2f5c [ 3D6087F51110F3CC0DA89385354F8C5E, 49FF976C3391A257BCD4B048BF6D1273F8537005E32D65E5F272AF3294639F05 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
04:50:17.0586 0x2f5c FileInfo - ok
04:50:17.0586 0x2f5c [ 057E95E53C38260C4EF49B3A077770CD, 7008E71663046FF1D91D9DC3570094561C812067E1CA07715A1D2E4F787207AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
04:50:17.0586 0x2f5c Filetrace - ok
04:50:17.0586 0x2f5c [ 90B2983D8495C26345A1DC5F0C3BB07B, 50D834D40C27EEF5023556A77B13D3335789333E302A73DF221CD86D156FDEE9 ] flpydisk C:\Windows\System32\drivers\flpydisk.sys
04:50:17.0586 0x2f5c flpydisk - ok
04:50:17.0601 0x2f5c [ A84261F75F490E45CFEDBA77EFE4F67E, 292BA04D8996140255E4B6105015C2A640890BEFB6C022E30E0D9CBF45D5F4DB ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
04:50:17.0601 0x2f5c FltMgr - ok
04:50:17.0633 0x2f5c [ 3020F526B7E94A178D3EBF958397F7BC, DD0105BBEFFA7E1F54BC2199C7DB60F9C650D76DA36598E934F45D44BCE1DE3A ] FontCache C:\Windows\system32\FntCache.dll
04:50:17.0655 0x2f5c FontCache - ok
04:50:17.0655 0x2f5c [ B282011D13BBEEA0273DF33C5E776D55, B4AF068BBB09D0F546F5590FCDD745250CFD58DD3A8ABF5DC26670FA32D181FB ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
04:50:17.0655 0x2f5c FontCache3.0.0.0 - ok
04:50:17.0670 0x2f5c [ 58811D00A582A89B7839B4B2CE7302BE, D2B6C197BD257B462FC3E8E7A8E7C3F910282FDAA61DB00ADB64DA0698C203C7 ] FrameServer C:\Windows\system32\FrameServer.dll
04:50:17.0686 0x2f5c FrameServer - ok
04:50:17.0686 0x2f5c [ D2814848206DFC18EB8D3D069FAE703E, A62263CDF9261B692423473F4FF23B01AC864C05850BA5591EB9019906B4A08B ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
04:50:17.0686 0x2f5c FsDepends - ok
04:50:17.0686 0x2f5c [ AE7EDF845F41ACA3B74567C3CE20E987, 6159C227C85912B03D8C35A1EF91705AE6C1C23C7228D6FCC0A9529844798E1B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
04:50:17.0686 0x2f5c Fs_Rec - ok
04:50:17.0702 0x2f5c [ 7C14404ADEF7D6F1D4D5346CF1849DDC, B8B44F3630A9A63F3E80D1A28BFEECC2372D75B68E25749B858EAD612FB784A4 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
04:50:17.0702 0x2f5c fvevol - ok
04:50:17.0717 0x2f5c [ 4616F61E24B3AEA6E0E4EA7D69531EF4, 34CB16F68E4A4D19346C7FEC29BB5FE09BAAEC19EA730C9B93450F940D124D49 ] gencounter C:\Windows\System32\drivers\vmgencounter.sys
04:50:17.0717 0x2f5c gencounter - ok
04:50:17.0717 0x2f5c [ 23174BB6937459B924BB8EF667FB28EF, 6675B87F4DE9CCA96B6BAB9F77C4E0B377828613D9FFB03F7D443AF11321F157 ] genericusbfn C:\Windows\System32\drivers\genericusbfn.sys
04:50:17.0717 0x2f5c genericusbfn - ok
04:50:17.0717 0x2f5c [ 4B11CFBE1D9B73A9D865F6AB26F800BA, BD76CB5AF0EE6DD404875A4C36622C6BC8CCF2975C47E28DD305EB041C6C0B91 ] GPIOClx0101 C:\Windows\system32\Drivers\msgpioclx.sys
04:50:17.0717 0x2f5c GPIOClx0101 - ok
04:50:17.0751 0x2f5c [ CF22C0941409C772AA1568DC4F89A111, ED5895F024E64B672EB3FAE6C456FA0D30A068CF2B475A7EE988DEA4DCD6D8DE ] gpsvc C:\Windows\System32\gpsvc.dll
04:50:17.0755 0x2f5c gpsvc - ok
04:50:17.0755 0x2f5c [ 3FC3FCF557D0BE3D724EA10642E1F6FF, 744D0DDE748A1B681087668CB893F9A60A2BBE80A71098944E75B6A9AA934C82 ] GpuEnergyDrv C:\Windows\system32\drivers\gpuenergydrv.sys
04:50:17.0755 0x2f5c GpuEnergyDrv - ok
04:50:17.0770 0x2f5c [ 0545A3EB959CFA4790D267BFB8C1ACA4, 69061E33ACB7587D773D05000390F9101F71DFD6EED7973B551594EAF3F04193 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
04:50:17.0770 0x2f5c gupdate - ok
04:50:17.0770 0x2f5c [ 0545A3EB959CFA4790D267BFB8C1ACA4, 69061E33ACB7587D773D05000390F9101F71DFD6EED7973B551594EAF3F04193 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
04:50:17.0770 0x2f5c gupdatem - ok
04:50:17.0786 0x2f5c [ BF14976E8223D334B21792FB8B74D7FF, 0939B6605E9BCE2EC888AF3F3DA953351AB56E993B2C8BC6A6DC577D287811FD ] HdAudAddService C:\Windows\System32\drivers\HdAudio.sys
04:50:17.0786 0x2f5c HdAudAddService - ok
04:50:17.0786 0x2f5c [ 02B9639D9997E95CDF2F4C4F3BDCC73D, 612F472A72E44199E0B1ECEE6FF2836359039402212CBD26D1A1CDDAC61052A9 ] HDAudBus C:\Windows\System32\drivers\HDAudBus.sys
04:50:17.0786 0x2f5c HDAudBus - ok
04:50:17.0802 0x2f5c [ 9F90819E301C70A3A042FC05D3E41B5F, D2175786775D08686264001ABAA4B61DC08A847666F6B9A2A64D10BFC022F646 ] HidBatt C:\Windows\System32\drivers\HidBatt.sys
04:50:17.0802 0x2f5c HidBatt - ok
04:50:17.0802 0x2f5c [ 1FE8E2676CD512181F84B27EE86CE29C, C694918ABD6533C04CF1F48A0ACB279391B020B3842AB47E7F1402DCC2DBA7BB ] HidBth C:\Windows\System32\drivers\hidbth.sys
04:50:17.0802 0x2f5c HidBth - ok
04:50:17.0802 0x2f5c [ 35DA2D71B8DA743233F712678A4A5AE1, 1DA1D3DEAFE182A4932BBD1C990C5E1DB71E6DC51824041E23168A3370B0C23A ] HidEventFilter C:\Windows\System32\drivers\HidEventFilter.sys
04:50:17.0802 0x2f5c HidEventFilter - ok
04:50:17.0817 0x2f5c [ 55DAF856F9633DD2519BA4E942870F02, 5283548CB93EB46C5FD3B08E45C97BBFB33D47F11F89560508775889FBF2F754 ] hidi2c C:\Windows\System32\drivers\hidi2c.sys
04:50:17.0817 0x2f5c hidi2c - ok
04:50:17.0817 0x2f5c [ E34216A190D9BF8EAA666F6903BCD0EF, DA8529DAF903B447CC5FF2D112F670696549A4B66F54DF9A8C8C615D969CD477 ] hidinterrupt C:\Windows\System32\drivers\hidinterrupt.sys
04:50:17.0817 0x2f5c hidinterrupt - ok
04:50:17.0817 0x2f5c [ 852DBB5185996AD8C73872A43A453729, 8C20331AE99E280799407CC5FCF88F8F645C331604230876A2CD7C253B9BD633 ] HidIr C:\Windows\System32\drivers\hidir.sys
04:50:17.0817 0x2f5c HidIr - ok
04:50:17.0833 0x2f5c [ 6339CC87F0F610D1575C9A419940602A, B2A054ED0B669FA54E250EC2926955B1D944FA1FB2AF5B590C181CB2E9D297BA ] hidserv C:\Windows\system32\hidserv.dll
04:50:17.0833 0x2f5c hidserv - ok
04:50:17.0833 0x2f5c [ C1A608120DE0DF52E51B8BAF86AF19F9, F3529822E78CFCA2E323A75926A833529889E40BB9602B287CC343C496CB2062 ] HidUsb C:\Windows\System32\drivers\hidusb.sys
04:50:17.0833 0x2f5c HidUsb - ok
04:50:17.0833 0x2f5c [ 5B8F560D2335A872733F41362E80AF2D, EB01B77F1AD3151049A4C5B49C5BE9884ED8CB228847DBA109737F774D5264BD ] HipShieldK C:\Windows\system32\drivers\HipShieldK.sys
04:50:17.0833 0x2f5c HipShieldK - ok
04:50:17.0854 0x2f5c [ BD1CF47172B97707DFC66ADA741AE2BE, 9607AB7074FC54D88FDF6E2A31506BCF8ECBF8FD651BB5CEA2421471C24BCED1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
04:50:17.0855 0x2f5c HomeGroupListener - ok
04:50:17.0855 0x2f5c [ A004895B838003BAE2281DAF193B6A09, 587FCDCEF769B2AED12551B6426477B764CB8A025E692D4EC8B24E1CBA1C06E3 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
04:50:17.0870 0x2f5c HomeGroupProvider - ok
04:50:17.0870 0x2f5c [ A52ACBECFE7BE36E377A203B969705AE, F42FB19123C5EF404267A911305E3A86411BD22E78944FAF2F189382E364CDF2 ] HomeNetSvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
04:50:17.0886 0x2f5c HomeNetSvc - ok
04:50:17.0886 0x2f5c [ 8ADD9CA3E0F18CEA11EA6FAED794A228, B46BA885ED8253A253B1C87C331CA145F7F397AF49853038B3F1EDAF81B2C4BA ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
04:50:17.0886 0x2f5c HpSAMD - ok
04:50:17.0902 0x2f5c [ BB1AE72906564A6E81B79D73A05AE21F, 9BAC18FE0F99479E7B2AB804A0B4C286E55155A8C051CC7D20CE94798EEA0721 ] HTTP C:\Windows\system32\drivers\HTTP.sys
04:50:17.0917 0x2f5c HTTP - ok
04:50:17.0917 0x2f5c [ D3C45F1B5BB3EE772CDA416A4A3EEB9B, 97CD988CF307EBCC34F37F130F4F2C989DD17E70B2498DB1929B566A3387887B ] HvHost C:\Windows\System32\hvhostsvc.dll
04:50:17.0933 0x2f5c HvHost - ok
04:50:17.0933 0x2f5c [ F60F8390B635156593F7493AE898AFB0, AC5E58CDA12072C5FDBFEA0FA009CE2E251D143FC0878B2658ECCCF797B8B0EC ] hvservice C:\Windows\system32\drivers\hvservice.sys
04:50:17.0933 0x2f5c hvservice - ok
04:50:17.0933 0x2f5c [ 563F5FC3B46A70A91AB6C8822AC8BF25, 43E647A7752D7444BF306E38571130AB778AA2A6892782C6C1112E47FBEFBC87 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
04:50:17.0933 0x2f5c hwpolicy - ok
04:50:17.0933 0x2f5c [ C082249BC3E972C8A132D9EC6AD9EAD5, D69EEFD97CF5E0BD64D11DE1C331D02A9BE522BB93A40FF32ED434D960B85D39 ] hyperkbd C:\Windows\System32\drivers\hyperkbd.sys
04:50:17.0933 0x2f5c hyperkbd - ok
04:50:17.0949 0x2f5c [ C6C8315E3262FAE460529C6DA2951682, 4ADBFA6601209BF6F5A9797721CBE2011905775CF4E266D7B42F89915D477E95 ] i8042prt C:\Windows\System32\drivers\i8042prt.sys
04:50:17.0951 0x2f5c i8042prt - ok
04:50:17.0953 0x2f5c [ C6B8743B213F06AA60943D8366FE968F, 758954F70B810063914B243115B2C753B2BCE40190F95C30ACBA0BF04EBD5B33 ] iagpio C:\Windows\System32\drivers\iagpio.sys
04:50:17.0955 0x2f5c iagpio - ok
04:50:17.0955 0x2f5c [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c C:\Windows\System32\drivers\iai2c.sys
04:50:17.0955 0x2f5c iai2c - ok
04:50:17.0955 0x2f5c [ 42962355A7911407026E920E7252E3E5, 4A4016A53ED61354C81C594968339E6F3CCCFF4A64F8F28AD008ED8137E05AD2 ] iaLPSS2i_GPIO2 C:\Windows\System32\drivers\iaLPSS2i_GPIO2.sys
04:50:17.0955 0x2f5c iaLPSS2i_GPIO2 - ok
04:50:17.0955 0x2f5c [ BD47B2FEABFA48C6224D43EE9EA9BC06, 304628CA458AA7B1B8B1CFF12074AD75C1CE7BD41820B99607D7FA99A817D007 ] iaLPSS2i_GPIO2_BXT_P C:\Windows\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys
04:50:17.0971 0x2f5c iaLPSS2i_GPIO2_BXT_P - ok
04:50:17.0971 0x2f5c [ 2184CB3A65888F446FCD6DBA9F073F4C, 0B3D63EC7F61BFAD490C123084965A9F38DBFE587AC9DAE6F4E6B68AD8093DB2 ] iaLPSS2i_I2C C:\Windows\System32\drivers\iaLPSS2i_I2C.sys
04:50:17.0971 0x2f5c iaLPSS2i_I2C - ok
04:50:17.0971 0x2f5c [ 4126F8DA08CE7924A3AE6F7235F85D5F, 668DC1D09496A95F44C07C5C1F6ED7D3EFC6F89523B2744A86B460E5BECAEFB5 ] iaLPSS2i_I2C_BXT_P C:\Windows\System32\drivers\iaLPSS2i_I2C_BXT_P.sys
04:50:17.0987 0x2f5c iaLPSS2i_I2C_BXT_P - ok
04:50:17.0987 0x2f5c [ 456C87D2EB2ADC2F3DBA6667897BD393, B81655118364A1560E44F8CA5B3F568EC2C7BFC1E55A6FFBE928DCE3B099B941 ] iaLPSS2_GPIO2 C:\Windows\System32\drivers\iaLPSS2_GPIO2.sys
04:50:17.0987 0x2f5c iaLPSS2_GPIO2 - ok
04:50:17.0987 0x2f5c [ E2C14D6C31F27C4C370E41484674BD81, 73AEB6E4A3F43F0EC33576DBC75C3259D5D4F9302C2D79871B66C47DE7D03C40 ] iaLPSS2_I2C C:\Windows\System32\drivers\iaLPSS2_I2C.sys
04:50:17.0987 0x2f5c iaLPSS2_I2C - ok
04:50:18.0002 0x2f5c [ 187BB3CA635BF2F57E8F4EFDB2CF7B1B, C701AC32F77FB183BC1AD2D13973ABF5FDF1199886AA4E0BA8456600CF2ADD30 ] iaLPSS2_SPI C:\Windows\System32\drivers\iaLPSS2_SPI.sys
04:50:18.0002 0x2f5c iaLPSS2_SPI - ok
04:50:18.0002 0x2f5c [ 641D449D8CFB2ACDBF4D09B4E17AD537, CDEBA85FE53D73ECC16D8E548C6FD7E79594A01AA926A8403517171CCC99ED28 ] iaLPSS2_UART2 C:\Windows\System32\drivers\iaLPSS2_UART2.sys
04:50:18.0018 0x2f5c iaLPSS2_UART2 - ok
04:50:18.0018 0x2f5c [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO C:\Windows\System32\drivers\iaLPSSi_GPIO.sys
04:50:18.0018 0x2f5c iaLPSSi_GPIO - ok
04:50:18.0018 0x2f5c [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C C:\Windows\System32\drivers\iaLPSSi_I2C.sys
04:50:18.0018 0x2f5c iaLPSSi_I2C - ok
04:50:18.0034 0x2f5c [ 79562AEBCA0A6301721672C2B308F83C, 544B4021CD26AA8421B282883A1D4ED745DB4C0BE1E8529A14CBA44B3D49728F ] iaStorA C:\Windows\system32\drivers\iaStorA.sys
04:50:18.0052 0x2f5c iaStorA - ok
04:50:18.0056 0x2f5c [ D820075D3395BED28FC57AEF8FBA666F, 7589CCCD355D2685C0E6D317AB39F0DB061153E6859A0F53834B001643CFDF57 ] iaStorAV C:\Windows\system32\drivers\iaStorAV.sys
04:50:18.0071 0x2f5c iaStorAV - ok
04:50:18.0071 0x2f5c [ 4AD3F91DBA2D8184B1442F969738403B, C70E3264B6C8A9E4346B7810E368978022A3C6473B821CD4D72082FE3932FC1B ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
04:50:18.0071 0x2f5c IAStorDataMgrSvc - ok
04:50:18.0071 0x2f5c [ A243E0CE8644378C9A9D015ABC3EDA27, 0C72F6D39DD64A16F54BCE185F4D8E670D386823F6364E9ED284F7F8DE11CBF5 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
04:50:18.0087 0x2f5c iaStorV - ok
04:50:18.0087 0x2f5c [ E16E4FC9F250E48CB2CAD93E59D010E2, EFF558EDD63DB0FD8BA240E94BD5999106233B95BF86BFB99EE9B897F41C542B ] ibbus C:\Windows\System32\drivers\ibbus.sys
04:50:18.0103 0x2f5c ibbus - ok
04:50:18.0103 0x2f5c [ E3061D5ABA80394D29E26EA58AF7F69A, 9BCF1AD2CC9C7E48FD350F9D59797E17F355C840EDE428143764F93716159C20 ] icssvc C:\Windows\System32\tetheringservice.dll
04:50:18.0118 0x2f5c icssvc - ok
04:50:18.0271 0x2f5c [ 9FBA0873B4EE950498326F8E0DFFF448, 2F8FCD2935C6E50920E326F619F80523E6736E26E33AE9A76FA35EF0E590EF23 ] igfx C:\Windows\System32\DriverStore\FileRepository\ki122581.inf_amd64_39d9112bbe77f060\igdkmd64.sys
04:50:18.0402 0x2f5c igfx - ok
04:50:18.0418 0x2f5c [ 214891E67890EC503EC73E7146D5CB0F, 9460F508485FCB668A547B8D983EBD3FDA90185A00F4034F03D13DD7ACB2065F ] igfxCUIService2.0.0.0 C:\Windows\System32\DriverStore\FileRepository\ki122581.inf_amd64_39d9112bbe77f060\igfxCUIService.exe
04:50:18.0418 0x2f5c igfxCUIService2.0.0.0 - ok
04:50:18.0434 0x2f5c [ E9E4BB312F6B544392F44D513FAA2243, 3E6917BCE9F1AF554D57FED9E76B33F36D92145B0090A5F8F64E2A53EB4C54A4 ] IKEEXT C:\Windows\System32\ikeext.dll
04:50:18.0450 0x2f5c IKEEXT - ok
04:50:18.0454 0x2f5c [ 0E33BC018502E7FDE77C343055D9C626, CD1C60E8EDAA044E03E5776962E091C1288204033A57A799D446F9B058D6AD59 ] IndirectKmd C:\Windows\System32\drivers\IndirectKmd.sys
04:50:18.0455 0x2f5c IndirectKmd - ok
04:50:18.0456 0x2f5c [ 72F3073C13C95085F45C68D37055CB0F, ACC1A6026800E79920A69317F8437476C1E72467E6F9778DAFB4735D393098C4 ] IntcAudioBus C:\Windows\System32\drivers\IntcAudioBus.sys
04:50:18.0456 0x2f5c IntcAudioBus - ok
04:50:18.0534 0x2f5c [ 0B80D606DBE5B2387DC538D45B85B903, 058199086BFC5E3BB5D4F6EEF31D1104522D069FFAA9FAE9DC74E6C2873296AB ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
04:50:18.0603 0x2f5c IntcAzAudAddService - ok
04:50:18.0619 0x2f5c [ E4E42ADB9B710CAA2801F5AA3705A8CC, A67EFE80F383A5117E37DE1B48045BA31E09950F9D4EAEE1E023BF1B7F5FC3C3 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
04:50:18.0634 0x2f5c IntcDAud - ok
04:50:18.0651 0x2f5c [ 984329D2DC641244C05BED62A3D90D90, 4AFD490A02A1BA494E975AB2BCEDF6BBE6B3083C7298457B41B5FE71F9701293 ] IntcOED C:\Windows\System32\drivers\IntcOED.sys
04:50:18.0656 0x2f5c IntcOED - ok
04:50:18.0672 0x2f5c [ CB0B993C2C6CFC658645A39F072D0B83, 07A29A91630319FD75D3BFE7A8F71A4F5E1746B23AD5181C98332DDC99A57C94 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
04:50:18.0672 0x2f5c Intel(R) Capability Licensing Service TCP IP Interface - ok
04:50:18.0672 0x2f5c [ 4B7F8A1AAC7172DB6918A0E10E1D78A3, 1E9922AF9B5458F23A379EDCD61B615B6E53BAF8927237C1C7DCC04122CCF417 ] intelide C:\Windows\system32\drivers\intelide.sys
04:50:18.0672 0x2f5c intelide - ok
04:50:18.0687 0x2f5c [ 0A3DBE89C965FFB7C0D0E38834E77B90, 0166BE79228ED6B3D7AA1BACB4F1BB68357DBF70DF778B2F8A3776E374EE690C ] intelpep C:\Windows\system32\drivers\intelpep.sys
04:50:18.0687 0x2f5c intelpep - ok
04:50:18.0687 0x2f5c [ 64EC687A811DC4F69DF3816F073352AA, F70942B67448DF9848F32F88D37E1E0C548CE9FEFC4376628D7CBEF62494D8E1 ] intelppm C:\Windows\System32\drivers\intelppm.sys
04:50:18.0687 0x2f5c intelppm - ok
04:50:18.0687 0x2f5c [ 549C278119FF539C3B219C55B98B0E87, B4C15AB0C77EAB6C5ADEBD014F610BBFC537EAEB0E3960636624001C8A5DE56E ] iorate C:\Windows\system32\drivers\iorate.sys
04:50:18.0687 0x2f5c iorate - ok
04:50:18.0703 0x2f5c [ A0F9F2E87F0C751FE164D90EB44A9B63, BE816F17E43E5F80AC65E913AB7F9E77B8D6B70B90A784CB00C907D3DAFFD4DB ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
04:50:18.0703 0x2f5c IpFilterDriver - ok
04:50:18.0719 0x2f5c [ 16DBEB4BBB9A79490D772F136FF9696E, C4246BAD502D333B5E76520C9F2AD09CF00719341FD9C522FD76DDBD911AE125 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
04:50:18.0734 0x2f5c iphlpsvc - ok
04:50:18.0734 0x2f5c [ 656DDB34996A96539BA6E2843B5F2A77, EDC3F1A2BA38A9655361A20B6C8001984AEB1A530C5385CF6EC0AF595305DBC7 ] IPMIDRV C:\Windows\System32\drivers\IPMIDrv.sys
04:50:18.0734 0x2f5c IPMIDRV - ok
04:50:18.0734 0x2f5c [ DCC05E5EAA580C97F13B434FAFACED85, 5C6CFD3D9FAEB7274E05F3D19D3AA064624500C616650DE227B849B505662BB4 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
04:50:18.0734 0x2f5c IPNAT - ok
04:50:18.0755 0x2f5c [ 9A6B993A95CCA15502DE3C980508DC44, 370A1A4531A72CFBF331ED274913925A269115A13E3A6B5E1821FB48DD7242AE ] IpxlatCfgSvc C:\Windows\System32\IpxlatCfg.dll
04:50:18.0756 0x2f5c IpxlatCfgSvc - ok
04:50:18.0756 0x2f5c [ 9035C10C7EB8CF7C87CEA82A62EBB43A, A0DA94E80E503DB3C2877CE1BCDC70B3FCC6861ADFBCCE66C6D2592BD63F27DC ] irda C:\Windows\system32\drivers\irda.sys
04:50:18.0756 0x2f5c irda - ok
04:50:18.0772 0x2f5c [ E7FD479E3298F3C8852A0D2F092BDB35, 07F2E779268EBBF4F32ED1C8423493B36BA823905E71B524C6AEBA0093193307 ] IRENUM C:\Windows\system32\drivers\irenum.sys
04:50:18.0772 0x2f5c IRENUM - ok
04:50:18.0772 0x2f5c [ 65B145143F6E5E1B5A213F0D9F4C4C44, 0E390BD8D7B4B9562E8FEE0D109DCE0D9EA823FD2D20B39FFACE3331F30FE5BC ] irmon C:\Windows\System32\irmon.dll
04:50:18.0772 0x2f5c irmon - ok
04:50:18.0788 0x2f5c [ 7FE3B3A30FA20F27AF7022A01C2266BA, 8AB924F08ABF1DCB154B6A3BDB7E3E5A863008B5AFF8E3DB9759848774E00E8A ] isapnp C:\Windows\system32\drivers\isapnp.sys
04:50:18.0788 0x2f5c isapnp - ok
04:50:18.0788 0x2f5c [ 618707F3F742BF67AB578808171F60EB, AC9322483A450856B60F61D0CC58380148C52451863364C6FF3A2FAB4173A7A5 ] iScsiPrt C:\Windows\System32\drivers\msiscsi.sys
04:50:18.0788 0x2f5c iScsiPrt - ok
04:50:18.0803 0x2f5c [ 233020F1A7DDF9432C71CBE0257A4EE8, 9AC4ACA0500D3F8E57374FB4A07D9C215472803AE9253B35E55D2D766C1990DE ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
04:50:18.0803 0x2f5c jhi_service - ok
04:50:18.0803 0x2f5c [ D36B404BF979297C6572AEF98B2594F2, CB2F4E6589936D35D59CA70B39A29D091540EA125BE4B937AF92CEA0C6D0AAEB ] kbdclass C:\Windows\System32\drivers\kbdclass.sys
04:50:18.0803 0x2f5c kbdclass - ok
04:50:18.0803 0x2f5c [ 7E2036A846789D6D6A2EE21915017EE1, 82AF85CA30B440E453F7694C7EDABB5D2DB213AD2FE8620B92667DFB492229A1 ] kbdhid C:\Windows\System32\drivers\kbdhid.sys
04:50:18.0803 0x2f5c kbdhid - ok
04:50:18.0819 0x2f5c [ 4C054B8E901F41F5743DADE8A29FF256, 1009CC2503E08AFEA849BA83135C2D75C573FC4D6EFB5DBCDCC7ACB17AF83152 ] kdnic C:\Windows\System32\drivers\kdnic.sys
04:50:18.0819 0x2f5c kdnic - ok
04:50:18.0819 0x2f5c [ 9936F9E94C6E3F47A158D7BFF020575A, D28F6BBCBA07AD8FC17C99D701A0C9367270C4A504BAAB7B840931BBF333D65D ] KeyIso C:\Windows\system32\lsass.exe
04:50:18.0819 0x2f5c KeyIso - ok
04:50:18.0834 0x2f5c [ 7FE3F6D2F894DA962F3F39878B73C972, E64E0E4096761A312CC0054C280BAA64E789536B65EF4306AB26A5117F8C2439 ] Killer Service V2 C:\Program Files\Killer Networking\Network Manager\KillerService.exe
04:50:18.0834 0x2f5c Killer Service V2 - ok
04:50:18.0834 0x2f5c [ 588332B483111CCDCA8E8AB2F239489E, EE3D633F4C013ED5166020C95A4BF6003988C629133B8CD950D9C8EBA131A484 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
04:50:18.0834 0x2f5c KSecDD - ok
04:50:18.0854 0x2f5c [ 6629CAA1F157088B9EDD1EAD24C6D753, 3E5F3BCB34F4B52BE46B96F9F720FE5FB37A01D4E408875F6BB89F5B5C5A3900 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
04:50:18.0856 0x2f5c KSecPkg - ok
04:50:18.0857 0x2f5c [ 9778205F28DC4F2EFFCC146647FE5CF0, 6B7EFFB08C7757A2830745920A624F89DBD5B323E0A884932FECF06471894F9D ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
04:50:18.0857 0x2f5c ksthunk - ok
04:50:18.0857 0x2f5c [ 08F9C3F7FE3019BF53B1405B1820528F, E90940533F88A33C396E1DF9D186E945F030315FB2201E479F144E27387333CA ] KtmRm C:\Windows\system32\msdtckrm.dll
04:50:18.0872 0x2f5c KtmRm - ok
04:50:18.0872 0x2f5c [ ECFFCC67C47A86CA32D0953428699210, F5A06E82FDC092549623FD41C82B082092529808BA12339DE5B1D72B9B12072D ] LanmanServer C:\Windows\system32\srvsvc.dll
04:50:18.0872 0x2f5c LanmanServer - ok
04:50:18.0888 0x2f5c [ B82D6C634638534E41748FCEC909E55D, C286EB7B3E780549F77E75B4B9F053861D82EFDCD43B1308848A08D23EFADDCA ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
04:50:18.0888 0x2f5c LanmanWorkstation - ok
04:50:18.0888 0x2f5c [ AF1077E89AD4458EC9B1CABB35595346, 762AE3218B7B05032C4199F0AE9ABCC822C3DF88BBB09536202B6B26A7944024 ] lfsvc C:\Windows\System32\lfsvc.dll
04:50:18.0888 0x2f5c lfsvc - ok
04:50:18.0904 0x2f5c [ C0CB3B9F1F92C36B91309FDACCDF918B, 5D40C11388A48323D9D9AC18A950B09E2654092BC2F9DE45779A9354668BA18E ] LicenseManager C:\Windows\system32\LicenseManagerSvc.dll
04:50:18.0904 0x2f5c LicenseManager - ok
04:50:18.0904 0x2f5c [ FC37745959DFA4871759E4DCC836227A, 8B63F798440FD0A34E2F2940B2598238BC852EF3EFD22147A77AB4BA6FB9E704 ] lltdio C:\Windows\system32\drivers\lltdio.sys
04:50:18.0904 0x2f5c lltdio - ok
04:50:18.0919 0x2f5c [ 1797F544956D46966C67A2F7879403A9, D7820D2F8E936FF13D709BA1BD0541AABA8402F38698FE96DAE70B4E7A730835 ] lltdsvc C:\Windows\System32\lltdsvc.dll
04:50:18.0919 0x2f5c lltdsvc - ok
04:50:18.0919 0x2f5c [ AE561CB0813D4DFA7D3E4471B2B70F5F, 344EA5E02D04098F032353962C1B70B0F578BCCD2843C70D6330B3F967D2FDB5 ] lmhosts C:\Windows\System32\lmhsvc.dll
04:50:18.0919 0x2f5c lmhosts - ok
04:50:18.0935 0x2f5c [ BCB8B54599708CDE84B17A704B1AF6DC, 6020E704949FC1EC68EC40240323D2796E5A6C2169AA355B488735CB45248D9A ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
04:50:18.0935 0x2f5c LMS - ok
04:50:18.0935 0x2f5c [ 16C9D4D822CCA795A72DC88B25A577CC, AEF93AA4E815F90C1A42D574C6DE7EF31FE69AD7B78B8E1AC7C27304F3CD7959 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
04:50:18.0935 0x2f5c LSI_SAS - ok
04:50:18.0954 0x2f5c [ 920F0CFCED5F28A31B79F1C470649D11, 5A5F390F2FD7C26807E7896E9F8F94EE7E69FE3C4B247BEA515588EB076148EF ] LSI_SAS2i C:\Windows\system32\drivers\lsi_sas2i.sys
04:50:18.0956 0x2f5c LSI_SAS2i - ok
04:50:18.0957 0x2f5c [ 0FE63316F1C70A0F759A449FAC64C24B, CF99D62FDA862095BA1EB57DD58CEC070E0552E15B6F454B87D593707132636B ] LSI_SAS3i C:\Windows\system32\drivers\lsi_sas3i.sys
04:50:18.0957 0x2f5c LSI_SAS3i - ok
04:50:18.0957 0x2f5c [ 80E82C46B27A923A3744531069B63857, C73A200FC2A009D19F2C26FAC07489EA0F4329CD7A1D80EB3200B19DFC883F8D ] LSI_SSS C:\Windows\system32\drivers\lsi_sss.sys
04:50:18.0957 0x2f5c LSI_SSS - ok
04:50:18.0973 0x2f5c [ A69A59CD52D26443FF728FD52283598C, E416481B23CDADBB9E608E49C9DC9A520D14935E92CA9B63E7763692DB382D7D ] LSM C:\Windows\System32\lsm.dll
04:50:18.0988 0x2f5c LSM - ok
04:50:18.0988 0x2f5c [ 88F5570C04766EE561FF129B2F93030C, A36F7FF563F813EC0F69E5BFB76C58A1C9824F54BA1729C4096E8B7B7C8D90EC ] luafv C:\Windows\system32\drivers\luafv.sys
04:50:18.0988 0x2f5c luafv - ok
04:50:18.0988 0x2f5c [ D365217A6D4528ABB41B40C8FBD227E8, 340129785A5788A8FFE0E1B339A616D290F7504F3658F63E1A3B169B38460FBF ] MapsBroker C:\Windows\System32\moshost.dll
04:50:18.0988 0x2f5c MapsBroker - ok
04:50:19.0004 0x2f5c [ C3EED732789052C98A2613A7E1C37CDA, D71735C8FB772EEB7F3F304CD79D8D774A9A285A94365DE0E635F61357EC9F0F ] mausbhost C:\Windows\System32\drivers\mausbhost.sys
04:50:19.0004 0x2f5c mausbhost - ok
04:50:19.0004 0x2f5c [ 4DCE65116A28488593FF5A6A18B03DB0, AAFA7E7C1C9A38B8CF5CE530F96028191F52B1FDD2790246E413B63CF7C5F02A ] mausbip C:\Windows\System32\drivers\mausbip.sys
04:50:19.0004 0x2f5c mausbip - ok
04:50:19.0019 0x2f5c [ 25FAEF6CCFF6D9912A65641AE60711EB, AD83C6DE72D7C416EC7765DBA2EF41B32084980EE071A17CA2C360CDF91212AE ] MBAMChameleon C:\Windows\system32\drivers\MBAMChameleon.sys
04:50:19.0019 0x2f5c MBAMChameleon - ok
04:50:19.0019 0x2f5c [ 4988F9AEE3B9E4545975CAA9381DB0EF, DC6030468783BF02DAA6922A5469D73D56642963F7212398A959AD7915D9E76B ] MBAMFarflt C:\Windows\system32\DRIVERS\farflt.sys
04:50:19.0019 0x2f5c MBAMFarflt - ok
04:50:19.0019 0x2f5c [ 149E252142950594695178971748D056, 6F3EBAD6CB87A21B457AA09CA56EF01B48D4478CB94BD09834E72BE9A41265A4 ] MBAMProtection C:\Windows\system32\drivers\mbam.sys
04:50:19.0035 0x2f5c MBAMProtection - ok
04:50:19.0109 0x2f5c [ FEAF4E98C93BC3512B8108D2F534A3BA, 6D93EF21DB9BFFACC1241E823F9BB7719B9395D64BBF952874CFF015B7930D92 ] MBAMService C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
04:50:19.0173 0x2f5c MBAMService - ok
04:50:19.0188 0x2f5c [ 94FCA94EE7937EA3ED75F39DE4C8E292, CD41ACBC70412B61C844ADC26413728A09D60983A464327A285C80E08D37F8B6 ] MBAMSwissArmy C:\Windows\system32\drivers\MBAMSwissArmy.sys
04:50:19.0188 0x2f5c MBAMSwissArmy - ok
04:50:19.0188 0x2f5c [ CC6522BC2BD971FEBADC5A794A908E4D, 388E612B4BC4E5A6E547D94D4C81D3301D664CDA77798FC0EFC0EF1F811E734C ] MBAMWebProtection C:\Windows\system32\drivers\mwac.sys
04:50:19.0188 0x2f5c MBAMWebProtection - ok
04:50:19.0204 0x2f5c [ AB9C0164BCF2471399546EBF0A4BA0E2, 769435CF72E713BED898FB0FEB018C0C6FA114A4F084BFE667A737582CBE637F ] McAfee SiteAdvisor Service C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
04:50:19.0220 0x2f5c McAfee SiteAdvisor Service - ok
04:50:19.0238 0x2f5c [ C1B9AC58CDBF33276D565ABCC2662034, A7E77C3A7030B203B9360670FDBDB72FDA4C7AD8732800080DBECF553BF61301 ] McAPExe C:\Program Files\Common Files\McAfee\VSCore_15_7\McApExe.exe
04:50:19.0238 0x2f5c McAPExe - ok
04:50:19.0257 0x2f5c [ FC8B2CE405F4523F6CD218F5ED295EBF, 63C318E74776D19736C0C2A9048D860A83D49A38B381C77C6E4D5769F8A55A43 ] McAWFwk c:\PROGRA~1\COMMON~1\mcafee\actwiz\mcawfwk.exe
04:50:19.0257 0x2f5c McAWFwk - ok
04:50:19.0272 0x2f5c [ A52ACBECFE7BE36E377A203B969705AE, F42FB19123C5EF404267A911305E3A86411BD22E78944FAF2F189382E364CDF2 ] McBootDelayStartSvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
04:50:19.0272 0x2f5c McBootDelayStartSvc - ok
04:50:19.0304 0x2f5c [ 859EE4B50C89ACD15F32F9F435CB78F3, 2579B4DD3065C7FF42E937CA9FF8E69883AD9EEC25588951E2AA337AE16F1830 ] mccspsvc C:\Program Files\Common Files\McAfee\CSP\2.5.312.0\\McCSPServiceHost.exe
04:50:19.0335 0x2f5c mccspsvc - ok
04:50:19.0335 0x2f5c [ A52ACBECFE7BE36E377A203B969705AE, F42FB19123C5EF404267A911305E3A86411BD22E78944FAF2F189382E364CDF2 ] McMPFSvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
04:50:19.0356 0x2f5c McMPFSvc - ok
04:50:19.0356 0x2f5c [ A52ACBECFE7BE36E377A203B969705AE, F42FB19123C5EF404267A911305E3A86411BD22E78944FAF2F189382E364CDF2 ] mcpltsvc C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
04:50:19.0372 0x2f5c mcpltsvc - ok
04:50:19.0372 0x2f5c [ A52ACBECFE7BE36E377A203B969705AE, F42FB19123C5EF404267A911305E3A86411BD22E78944FAF2F189382E364CDF2 ] McProxy C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
04:50:19.0387 0x2f5c McProxy - ok
04:50:19.0387 0x2f5c [ 0609BF877A2F4DEECC62EEE220AB6242, 393268836EB055669997BD05866487497AFC396C9516DA4C4F143679B1DDCA6E ] megasas C:\Windows\system32\drivers\megasas.sys
04:50:19.0387 0x2f5c megasas - ok
04:50:19.0387 0x2f5c [ EEC64C8D498D121607C7615FDFBEE4D0, B605B9886C1A05C999B005AEA6D0677DF632E2F34F4FF03F09C2E6C05F554D50 ] megasas2i C:\Windows\system32\drivers\MegaSas2i.sys
04:50:19.0403 0x2f5c megasas2i - ok
04:50:19.0403 0x2f5c [ 2B7D3B206833D769218A1F4BE2D73B97, 25901A5E931DC3659993448E59ABC3601B7B0ED9AFEF0F5ECC139D0D0442F73B ] megasr C:\Windows\system32\drivers\megasr.sys
04:50:19.0419 0x2f5c megasr - ok
04:50:19.0419 0x2f5c [ 9D1B63E0FA537C3E77D4EAB73A299A34, A9816444F5984AA9ED57644746E9896952DBEAF4ED57820CC30D340A1046906C ] MEIx64 C:\Windows\System32\drivers\TeeDriverW8x64.sys
04:50:19.0419 0x2f5c MEIx64 - ok
04:50:19.0419 0x2f5c [ 4F708DA590EDBCC124FB79066D44759B, B8DA803299AF5FDE1594CF958EA6B99D4B99E8163438A70A692CA33A96DBF8DE ] MessagingService C:\Windows\System32\MessagingService.dll
04:50:19.0434 0x2f5c MessagingService - ok
04:50:19.0434 0x2f5c [ 5B1B2BC9D54B5E47479192BC8AFAB48B, 866FEDE3310E51B30EB73DCE0D362070A56A21BDEEA8377DDF541CB2F3642E38 ] mfeaack C:\Windows\system32\drivers\mfeaack.sys
04:50:19.0450 0x2f5c mfeaack - ok
04:50:19.0456 0x2f5c [ 3306DF94814B2877344C0371F58A5955, 4AB89D183527A86551153B4E08CAACE3C9BF13ADE503AC5FDD55D6392232AE24 ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
04:50:19.0456 0x2f5c mfeavfk - ok
04:50:19.0456 0x2f5c mfeavfk01 - ok
04:50:19.0456 0x2f5c [ A202530D7B80D29655FEDFA0943D7308, EB16A666AEC63AAE9CBDAEF7260C6BD9F33B5363D90739D2F6AEF20A0F79A577 ] mfeelamk C:\Windows\system32\drivers\mfeelamk.sys
04:50:19.0456 0x2f5c mfeelamk - ok
04:50:19.0472 0x2f5c [ 761019374B62A037A3E782927ADC55F8, 10040E320AB67B113B8596547F5F54895B4C284C63D112CD53E4FF643D7E6A53 ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
04:50:19.0472 0x2f5c mfefire - ok
04:50:19.0472 0x2f5c [ 894154053CFB72E66425DB9B241F44B0, 877A3CA059695E19257F846D9C8661E52BC5C680DAD1F63065FB2CEA98A1F393 ] mfefirek C:\Windows\system32\drivers\mfefirek.sys
04:50:19.0488 0x2f5c mfefirek - ok
04:50:19.0503 0x2f5c [ AD6213A606CB0A5D9980AB484DD1D1D8, CA15F066924760113B00222FF0B0C970B28F43B18211606E12163B5E747FB79A ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
04:50:19.0519 0x2f5c mfehidk - ok
04:50:19.0519 0x2f5c [ 45C7BCD80C7EB24F29059010D91A314F, 97C1EFAD8E01093884A98AB2BC1991DE87CD5E47B2FFE63D5311289AC52FD720 ] mfemms C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
04:50:19.0519 0x2f5c mfemms - ok
04:50:19.0535 0x2f5c [ 25F7E8052FEDD1B6BCC7E81A73F4ECC1, 691A25201A0BF8DD8177F43447B55A50FEB7F3C203D36A12059DC4877C254F0E ] mfencbdc C:\Windows\system32\DRIVERS\mfencbdc.sys
04:50:19.0535 0x2f5c mfencbdc - ok
04:50:19.0553 0x2f5c [ 152B04D10655FBA01C6F0B4A29F96DA8, 4BD9FFA5AF5F81A178119D6AADBC9109B3C6361D896AFD3B84DC7473ED14405C ] mfencrk C:\Windows\system32\DRIVERS\mfencrk.sys
04:50:19.0555 0x2f5c mfencrk - ok
04:50:19.0556 0x2f5c [ 109F3BFD84E296F305E8D39865D329C1, 67452D3798FF037822FD5AC8725E8463EDC00A64F5FEC4523FDB5D46ECBBF826 ] mfeplk C:\Windows\system32\drivers\mfeplk.sys
04:50:19.0556 0x2f5c mfeplk - ok
04:50:19.0556 0x2f5c [ B3096F77D6D876B712D27F574DABEA27, B2A974C0944628E8C8539BE43995949D5A2912E74FC4180F9A1D50967E170D7B ] mfesapsn C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys
04:50:19.0556 0x2f5c mfesapsn - ok
04:50:19.0572 0x2f5c [ 743D25ADB0642DAD832E02BB2D3A1077, A46505215CF126751E40BA8BAE5940B2E56DF73ECFBF06A4BFD458BE68C40FF2 ] mfevtp C:\Windows\system32\mfevtps.exe
04:50:19.0572 0x2f5c mfevtp - ok
04:50:19.0572 0x2f5c [ 28C153E1DC7B1F324283BA5E7911262F, EF23BD3BEFE45CCB95E30ACC4186B311FE94A1399793AC9922F8FB3F8879218A ] mfewfpk C:\Windows\system32\drivers\mfewfpk.sys
04:50:19.0588 0x2f5c mfewfpk - ok
04:50:19.0588 0x2f5c [ 89257B8D3826B5629CF7F73F97DA44F9, F056D67EC82072BA209FF7942862862FDF562F8C038F3128861C387F8F63B494 ] mlx4_bus C:\Windows\System32\drivers\mlx4_bus.sys
04:50:19.0603 0x2f5c mlx4_bus - ok
04:50:19.0603 0x2f5c [ 9AE3C0CC0865B1618A3C97744A6A9E9B, BF72AEF0360AC278B36ED31E5BFC2E8F72136B0952490A105CB6929654C97F6C ] MMCSS C:\Windows\system32\drivers\mmcss.sys
04:50:19.0603 0x2f5c MMCSS - ok
04:50:19.0619 0x2f5c [ 0CD29540C32C2E2E0E3D7E9832752AF3, E64C3F5323C59D53409E33E88989FDD2A38B5B602336FC1D8C3702CA9B5EBFC7 ] Modem C:\Windows\system32\drivers\modem.sys
04:50:19.0619 0x2f5c Modem - ok
04:50:19.0635 0x2f5c [ DD7A056CD45DA16E148AAB8C371E1EC5, 3EA2EA9B9435BFF9B536961D615433BF8DD993B704B7938C80D08D35B0604433 ] ModuleCoreService C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
04:50:19.0657 0x2f5c ModuleCoreService - ok
04:50:19.0657 0x2f5c [ 534477FCAFDFCA6B841BFA06BD26BCC5, 96404FDF0BA2127A3BD24319637EC0C8BE8C42618D9FEDF66F41C5F72840D427 ] monitor C:\Windows\System32\drivers\monitor.sys
04:50:19.0657 0x2f5c monitor - ok
04:50:19.0672 0x2f5c [ 58B2F71C650DB7451B38A216252FB12D, 2027FCF2BF64AB5AEFE9D921F4CECDAE857EE724433C6059F0C9C20E9A2BE8B2 ] mosuport C:\Windows\System32\drivers\mosuport.sys
04:50:19.0672 0x2f5c mosuport - ok
04:50:19.0672 0x2f5c [ F5D4E18A70BA069D479154442CDEB60D, 96345E88BC6A50415E112A4B4CFDF3F4306EA049741C5B0A2BFFC142F15EB5CB ] mouclass C:\Windows\System32\drivers\mouclass.sys
04:50:19.0672 0x2f5c mouclass - ok
04:50:19.0672 0x2f5c [ 5C09868963B0C076AC3BC7759A46B7B1, 64CD200A8D90CDC31317009636A3BB6574ABF04BCAC903F93C47823C40CC03F6 ] mouhid C:\Windows\System32\drivers\mouhid.sys
04:50:19.0672 0x2f5c mouhid - ok
04:50:19.0688 0x2f5c [ 8BF7039787036529B98E50AE86A0E46B, 69C04D012D026A14E2D2A138EDA79227F9BE4BE1892D517DCDB797F2A5AEDB14 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
04:50:19.0688 0x2f5c mountmgr - ok
04:50:19.0688 0x2f5c [ AD118EC95E9EF4D5223D681D8F183567, 395B76626956F5B7992676B9CA57B2CA075F0CDA881E14B3ED07ABE2DC0EEDBC ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
04:50:19.0688 0x2f5c mpsdrv - ok
04:50:19.0704 0x2f5c [ 97106D80FD861D5762D5B93D1058D053, 4236FD178ECFC8978FFB3FC0890F357BB4AE10F88AF696617CCD24D93360BA3C ] MpsSvc C:\Windows\system32\mpssvc.dll
04:50:19.0719 0x2f5c MpsSvc - ok
04:50:19.0719 0x2f5c [ D14C297933C82B8CB0B5CBBA4DDC830B, 2EF356F5373F16A7AE2421187FC5C150C09452C835229275B7403181D65C210F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
04:50:19.0719 0x2f5c MRxDAV - ok
04:50:19.0735 0x2f5c [ F2AD1B72C5A6475FB5FF332E1980DF88, 41E24496FBD61C0A333F567DA7C4E38C5A792724FB56448189099F60114749D5 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
04:50:19.0735 0x2f5c mrxsmb - ok
04:50:19.0755 0x2f5c [ 84700F40C0E41AEA91F8F3D6218A8A68, 72BB529367095EE19F299232648B7E347590C9F4F89DE3FDA41724BFCAC1F49C ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
04:50:19.0757 0x2f5c mrxsmb10 - ok
04:50:19.0757 0x2f5c [ BBE8708149EA1C0E981F31291F25895F, E7C9318DE94520606F5806F454BD28E050B9052409FDD5B934B3FF421C1A4C2B ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
04:50:19.0757 0x2f5c mrxsmb20 - ok
04:50:19.0757 0x2f5c [ 44A8A52763381E5DCAE122330191493C, 578630611F151C6D20D52145312F4A824C6FF80E27F282A2109BA6E54FDDC9BB ] MsBridge C:\Windows\system32\drivers\bridge.sys
04:50:19.0772 0x2f5c MsBridge - ok
04:50:19.0772 0x2f5c [ 41C5D9B52F4A1B30C3F7219D601CF12C, E1C1B1CED19D32FA1B765C7C380B9E749893B2018CF358F448E40DA60CB63166 ] MSDTC C:\Windows\System32\msdtc.exe
04:50:19.0772 0x2f5c MSDTC - ok
04:50:19.0772 0x2f5c [ 92C00BD9616F353CA59A755C33269757, E67F05A4A1C44137CCAC0C7292A7010B5920172ACAE32638600E231F28F33035 ] Msfs C:\Windows\system32\drivers\Msfs.sys
04:50:19.0772 0x2f5c Msfs - ok
04:50:19.0788 0x2f5c [ F27EC8F7A0A779276E5DA2E70C2B01EE, A450DB309F84CAFFCE2A720612BDB260D88E9C390D2BC60874D73A55D8567E04 ] msgpiowin32 C:\Windows\System32\drivers\msgpiowin32.sys
04:50:19.0788 0x2f5c msgpiowin32 - ok
04:50:19.0788 0x2f5c [ CBA955A54C9446CAAD28C76789D3B071, F6CA1BECA35B13B7CCC9FFB325FACF22713F6B81E8A6540C9967A462E425BBEC ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
04:50:19.0788 0x2f5c mshidkmdf - ok
04:50:19.0788 0x2f5c [ E8E568EF60677E4534F387C53EE1B35F, 2E250EE1A9AE8AFDCA5216BED87328B05713386BD7E61C66A74EF021F2AFE7D7 ] mshidumdf C:\Windows\System32\drivers\mshidumdf.sys
04:50:19.0788 0x2f5c mshidumdf - ok
04:50:19.0788 0x2f5c [ 16376B7B0730C04DD1A2C0CC8E09E420, 2F39D3254FD272E277B5496A8C93A7CBFBF80F6004AE0343BE9F09C538975910 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
04:50:19.0788 0x2f5c msisadrv - ok
04:50:19.0804 0x2f5c [ 75FE54E84C1EB0C9C5E09F9FD5928ECC, 971CFEE8FB8364D17CD392E32A32AE57BE6461EAB6C580B52E6D752D4CFDD6B3 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
04:50:19.0804 0x2f5c MSiSCSI - ok
04:50:19.0804 0x2f5c msiserver - ok
04:50:19.0804 0x2f5c [ A52ACBECFE7BE36E377A203B969705AE, F42FB19123C5EF404267A911305E3A86411BD22E78944FAF2F189382E364CDF2 ] MSK80Service C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
04:50:19.0819 0x2f5c MSK80Service - ok
04:50:19.0819 0x2f5c [ C2939119A17E52D74191EFC1E4CDEE09, B5738A32B02CDD816F086BA84C733D9597A0193F42C068D7B90E386D1CA92EE1 ] MSKSSRV C:\Windows\system32\DRIVERS\MSKSSRV.sys
04:50:19.0819 0x2f5c MSKSSRV - ok
04:50:19.0819 0x2f5c [ E40B960078A15D4901265D32E071C42D, AC11B8221C8F529FE3CA6FEB99AF699664C86008A732C3A8E6B1CE31C2272454 ] MsLldp C:\Windows\system32\drivers\mslldp.sys
04:50:19.0835 0x2f5c MsLldp - ok
04:50:19.0835 0x2f5c [ B4860AB91DC4E73936F0FF504D6B4B07, 7371093D9EB62218D20F6B8B3C88CBF01932AEA2923ED119962A78BE46E5A939 ] MSPCLOCK C:\Windows\system32\DRIVERS\MSPCLOCK.sys
04:50:19.0835 0x2f5c MSPCLOCK - ok
04:50:19.0835 0x2f5c [ 8EDC45C3F7F64A51C98B59E24648F74B, 445731F32A37A99FAB3CD5D178A84FB4F835727826211FF18623409D29FF3A1A ] MSPQM C:\Windows\system32\DRIVERS\MSPQM.sys
04:50:19.0835 0x2f5c MSPQM - ok
04:50:19.0835 0x2f5c [ 7DA5FAC2A49D30CA5B7B96B8B26281AC, 168C3AA5C7318184D8F67EA832920FCE64E11D4CC418517D7BDACB9632F0BEA8 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
04:50:19.0854 0x2f5c MsRPC - ok
04:50:19.0857 0x2f5c [ 7E3365C8BC83DCE88D6226BB5C7170C4, 69D741039CAAFCA93A4CC09CEC14F117527D732A6CF3077AA83E935B03EC3F9C ] mssmbios C:\Windows\System32\drivers\mssmbios.sys
04:50:19.0857 0x2f5c mssmbios - ok
04:50:19.0857 0x2f5c [ 09D51564E49181E9928910D6B91C920E, FB3C918820ACF4506AC49478709B4D4C6489BA0B5113E666C34B916CA5CD6DE7 ] MSTEE C:\Windows\system32\DRIVERS\MSTEE.sys
04:50:19.0857 0x2f5c MSTEE - ok
04:50:19.0857 0x2f5c [ 793AE56A3946EAD5F906C28D294FEFE6, BB563D088084026606C2FBD30A0850BA18363CC173CC6C77272D727CA6C1F9BD ] MTConfig C:\Windows\System32\drivers\MTConfig.sys
04:50:19.0857 0x2f5c MTConfig - ok
04:50:19.0857 0x2f5c [ E35F51C7474A26680627477462715206, 435490915CDD416D666B64C6B4526285EC946E6918CFA85585692B9ED43518B6 ] Mup C:\Windows\system32\Drivers\mup.sys
04:50:19.0857 0x2f5c Mup - ok
04:50:19.0872 0x2f5c [ 74BD1149BF50F1E24934042A3BD17C90, DC4626DC4D629CA7DF336EC7E6435F27D2E252D81945E57F4BF2C981DBCD9B45 ] mvumis C:\Windows\system32\drivers\mvumis.sys
04:50:19.0872 0x2f5c mvumis - ok
04:50:19.0872 0x2f5c [ 39C772E20B8C61858F969E4D60699D89, 32146D265CD315597C48FB233D77DDACB0FEDDB7E800A0F411A67844BB3ACC67 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
04:50:19.0888 0x2f5c NativeWifiP - ok
04:50:19.0904 0x2f5c [ BC80F85C129F12A5F64D6741A120B539, AD410F13BCBDE54F98E353BD4DAF30CC5A0A9990FC4F1AB3623EF3175EEBCAF7 ] NaturalAuthentication C:\Windows\System32\NaturalAuth.dll
04:50:19.0904 0x2f5c NaturalAuthentication - ok
04:50:19.0919 0x2f5c [ F2EA6F3165E154C24C084AC35DD6C3F8, 4F8CB75770945F5A28CC308917A124109F7462CE933695B9CAA3FE2CAE76C445 ] NcaSvc C:\Windows\System32\ncasvc.dll
04:50:19.0919 0x2f5c NcaSvc - ok
04:50:19.0919 0x2f5c [ 9B3C6582CFB91BA2A04B1D06D8E2FB98, 431E6B075FD24002724E8A2ED9FB3221AD66D1F1D021B56466187D97E5B43A1F ] NcbService C:\Windows\System32\ncbservice.dll
04:50:19.0935 0x2f5c NcbService - ok
04:50:19.0935 0x2f5c [ 932E2E43078A3D786A46A5428F21B314, 17F1CC3388D80F1E1850063114C1EB72EEA149D9C8FA3501C0F9EB55C9E0C58D ] NcdAutoSetup C:\Windows\System32\NcdAutoSetup.dll
04:50:19.0935 0x2f5c NcdAutoSetup - ok
04:50:19.0935 0x2f5c [ 0FFE8AF1B94C5FD54E6ACC6DAE990D31, B67D3CA3460D4700D8B83EFE4B6A7AA940650E84D985484FBAA1EE80F3632133 ] ndfltr C:\Windows\System32\drivers\ndfltr.sys
04:50:19.0935 0x2f5c ndfltr - ok
04:50:19.0957 0x2f5c [ 64BB1D5A6A8711C980D2ABAB0ADFFF8E, 85061564E6684136D544A556896C9BDDC93146B94416F49DB8E9321E38DF46D0 ] NDIS C:\Windows\system32\drivers\ndis.sys
04:50:19.0973 0x2f5c NDIS - ok
04:50:19.0973 0x2f5c [ 4EA73CFDEE4A628D387D95464A131F29, 38A6E2389FA9B20A7AFDF3CFCD13B66489B92D853EE486BF81019F0A36A142E1 ] NdisCap C:\Windows\system32\drivers\ndiscap.sys
04:50:19.0973 0x2f5c NdisCap - ok
04:50:19.0988 0x2f5c [ EB127689AF6F24091AB73538A556257F, BC25067D355084D6893E9262750433044C28893BB27A67BF7AF5008742C6D359 ] NdisImPlatform C:\Windows\system32\drivers\NdisImPlatform.sys
04:50:19.0988 0x2f5c NdisImPlatform - ok
04:50:19.0988 0x2f5c [ 73B4C72FB6170A08C64BDA92DE93ECF7, 766BBE659232F0F5EAEE577EE88091FB76175BC52D65B9637126069C97E795D4 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
04:50:19.0988 0x2f5c NdisTapi - ok
04:50:19.0988 0x2f5c [ 6704F27EB15A5B30AA7FA5A4F4D1FD47, 841F99B3C751F4D4E23C0E7B5C275B4871C1D5EF937A93129DF64DF49F6B6736 ] Ndisuio C:\Windows\system32\drivers\ndisuio.sys
04:50:19.0988 0x2f5c Ndisuio - ok
04:50:20.0004 0x2f5c [ FE87CCAA89433FC306A80F15E848F4B2, 3269FDF53DA59057E066D582FCBB96B71C8063B8F488856A9DEA414B4797E43A ] NdisVirtualBus C:\Windows\System32\drivers\NdisVirtualBus.sys
04:50:20.0004 0x2f5c NdisVirtualBus - ok
04:50:20.0004 0x2f5c [ 94517BC9F29A1B73D377F1BF1C3DCA34, 45A34D7AAA851C643E80C0F61CBF8544B8A2E8E7DAB2D5AB6F3A34FDEE4AB0B3 ] NdisWan C:\Windows\System32\drivers\ndiswan.sys
04:50:20.0004 0x2f5c NdisWan - ok
04:50:20.0004 0x2f5c [ 94517BC9F29A1B73D377F1BF1C3DCA34, 45A34D7AAA851C643E80C0F61CBF8544B8A2E8E7DAB2D5AB6F3A34FDEE4AB0B3 ] ndiswanlegacy C:\Windows\system32\DRIVERS\ndiswan.sys
04:50:20.0020 0x2f5c ndiswanlegacy - ok
04:50:20.0020 0x2f5c [ AC6AC99075732F5C29DB0004DD5B1AC6, 684EC821EF5C60DA540CA36EC192B09E62440AAD5B13F0F4C23DDC4A9B96F28C ] ndproxy C:\Windows\system32\DRIVERS\NDProxy.sys
04:50:20.0020 0x2f5c ndproxy - ok
04:50:20.0020 0x2f5c [ 9AC090451D92E6081EB89CDA83D74189, D4D442412F112853AA8D88DFB5F695AE4E8E2C361905992537EE53BE675FECE8 ] Ndu C:\Windows\system32\drivers\Ndu.sys
04:50:20.0020 0x2f5c Ndu - ok
04:50:20.0020 0x2f5c [ A115DDB2C7805C41EEC9A5276FF5764E, FC81D0BE2DAAC6E7161C0FC5C90050022A39AD50E28040D5357C0E1FD6C0B6B5 ] NetAdapterCx C:\Windows\system32\drivers\NetAdapterCx.sys
04:50:20.0035 0x2f5c NetAdapterCx - ok
04:50:20.0035 0x2f5c [ F420B6CAB5151A38E4DBBFFB500C11DA, 271F495B261461B8EA847BFDD87C155E6DC1B6236C161B8253A1F023706B1B1D ] NetBIOS C:\Windows\system32\drivers\netbios.sys
04:50:20.0035 0x2f5c NetBIOS - ok
04:50:20.0035 0x2f5c [ BAD3C424788BC071C3EC82CFCDA954D2, 7AA11C36C8365B476361FC4F05C612066C5159C7C1813314E881E1A3A4B75271 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
04:50:20.0052 0x2f5c NetBT - ok
04:50:20.0056 0x2f5c [ 9936F9E94C6E3F47A158D7BFF020575A, D28F6BBCBA07AD8FC17C99D701A0C9367270C4A504BAAB7B840931BBF333D65D ] Netlogon C:\Windows\system32\lsass.exe
04:50:20.0057 0x2f5c Netlogon - ok
04:50:20.0057 0x2f5c [ D9FF8CA42C3541F4840693F17143C595, B05FB0B6439B34BD93EE59DC48BBE3D712A7428EFBFE37A887CE8546E57EE68F ] Netman C:\Windows\System32\netman.dll
04:50:20.0057 0x2f5c Netman - ok
04:50:20.0072 0x2f5c [ 96173660A4DD4A56E4B8938A67DAD9B7, F1D8F94625C6461DB89F8D3BDC73748F8A7F3446694BD1F148AF9BE6F17E9543 ] netprofm C:\Windows\System32\netprofmsvc.dll
04:50:20.0072 0x2f5c netprofm - ok
04:50:20.0088 0x2f5c [ 79C810D49E6D2825F51B0D7CAA6E2FAD, 19B7FB87FC8CE8FEA456F06D32099ED5B69FE38D2954580D4CEC32998D206E9F ] NetSetupSvc C:\Windows\System32\NetSetupSvc.dll
04:50:20.0088 0x2f5c NetSetupSvc - ok
04:50:20.0088 0x2f5c [ 4D37150AB4D61598919AB70ACFD1369A, 9ABF73213988ED9AA72B2658F8B91967A24C7CC2049859D86CE9C51A4AB57A84 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
04:50:20.0104 0x2f5c NetTcpPortSharing - ok
04:50:20.0104 0x2f5c [ 8C03F2F5A9E93AEB08B3AEE51552394A, F95185FB8D5FDEAB39E593488BA6ABCFA9C081BFED05008E0CD95F29B894AFC8 ] netvsc C:\Windows\System32\drivers\netvsc.sys
04:50:20.0104 0x2f5c netvsc - ok
04:50:20.0119 0x2f5c [ 56CB676DC058995ED3AD61AF233B9975, 2658B1B5E0059D4C0CE8F82D327AFBBAD5CF6C5774C95039D39815092A74E4A1 ] NgcCtnrSvc C:\Windows\System32\NgcCtnrSvc.dll
04:50:20.0119 0x2f5c NgcCtnrSvc - ok
04:50:20.0135 0x2f5c [ 7D50141D1705AFB6BF2683201699FEC1, 1D333DD10BA6987A2787F2CF492E38029E2744BAA6B9354E8B2B8D22971B3D79 ] NgcSvc C:\Windows\system32\ngcsvc.dll
04:50:20.0157 0x2f5c NgcSvc - ok
04:50:20.0157 0x2f5c [ 50F98CD010326B58F09082BACF3123AE, 124446A2905E23BB3F5763E347842F3F511EC44C37C2F85E409F73EC8F53924E ] NlaSvc C:\Windows\System32\nlasvc.dll
04:50:20.0157 0x2f5c NlaSvc - ok
04:50:20.0173 0x2f5c [ 6D8F6A9C53CFB0C49E8251A442B7283F, C3E913E4997C35A9B4C2E613A499F01D15264EAB699B93269B690B2A74A70E9A ] Npfs C:\Windows\system32\drivers\Npfs.sys
04:50:20.0173 0x2f5c Npfs - ok
04:50:20.0173 0x2f5c [ BABF7E1757D6908941C9F9CBD66A5EF0, 323E743CB26583763A9C5DE64E7E08138CB8D3E2DE0A8BCE9F774E1C7426E7F8 ] npsvctrig C:\Windows\System32\drivers\npsvctrig.sys
04:50:20.0173 0x2f5c npsvctrig - ok
04:50:20.0173 0x2f5c [ A85EB5721C7203AAAAAA04F551960CD9, E61ED728E154799346C749159BFE36FAEB2CE64FC5735F533B910017D66A7EE5 ] nsi C:\Windows\system32\nsisvc.dll
04:50:20.0173 0x2f5c nsi - ok
04:50:20.0173 0x2f5c [ 244C3E541E741C9D8F67E05D9D9AFBE7, 5848515910FD6FF01B94108E33BEBCA26D46DE54C6AC9CF9F5533180E16788AB ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
04:50:20.0173 0x2f5c nsiproxy - ok
04:50:20.0220 0x2f5c [ 075F8C81457804BB79DD33FE69A96C57, EFAA1C6CEEC995E87EB15DA40178EA3534A73C8F6ADCF5F3FEC1C7BB99B78687 ] NTFS C:\Windows\system32\drivers\NTFS.sys
04:50:20.0235 0x2f5c NTFS - ok
04:50:20.0254 0x2f5c [ 4FFB2D5655D10700D5B8E205C4DB86BD, 69078960669A373F9C2D47AF2ED841619831106B681EBAAEAAE5BD569A54CE6D ] Null C:\Windows\system32\drivers\Null.sys
04:50:20.0255 0x2f5c Null - ok
04:50:20.0257 0x2f5c [ CEFDB5A85FF9F1F8E4CA832D41D59BFA, 11226E167A26F30AE970419ACB8A1D9749AF08365E2F88AE053B03EE18D3E163 ] NvContainerLocalSystem C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
04:50:20.0257 0x2f5c NvContainerLocalSystem - ok
04:50:20.0273 0x2f5c [ CEFDB5A85FF9F1F8E4CA832D41D59BFA, 11226E167A26F30AE970419ACB8A1D9749AF08365E2F88AE053B03EE18D3E163 ] NvContainerNetworkService C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
04:50:20.0273 0x2f5c NvContainerNetworkService - ok
04:50:20.0273 0x2f5c [ 99EB6376EC2C03CE5F668577651E3454, A783FFBF89A9074E2074ACAF3F55862DF2F05CAFEAF6A2D509DDA665EB0D59CB ] nvdimmn C:\Windows\System32\drivers\nvdimmn.sys
04:50:20.0288 0x2f5c nvdimmn - ok
04:50:20.0493 0x2f5c [ D5ED66CF1198CDA0E76539AA2D8BDB38, 102F4D3EFE1AD59A20136BCA937006AE5565C1A5526007F1280C236C07B26D80 ] nvlddmkm C:\Windows\System32\DriverStore\FileRepository\nvdm.inf_amd64_dc26d32481ff4137\nvlddmkm.sys
04:50:20.0650 0x2f5c nvlddmkm - ok
04:50:20.0665 0x2f5c [ 3DB2E9E207358BFBD09B77B5119ECA5B, 55FED85EFC06B7AB5031D9986E4E4D2FA8841C549081ABBA9F9D9BBAB7852B37 ] nvraid C:\Windows\system32\drivers\nvraid.sys
04:50:20.0667 0x2f5c nvraid - ok
04:50:20.0672 0x2f5c [ 4C04BFBD4DB2EECCC47F5FA39D65BB6E, 9312DC4F7000991946D92D87DD9D37D70E336629EDBA553BFC79804049E34B73 ] nvstor C:\Windows\system32\drivers\nvstor.sys
04:50:20.0675 0x2f5c nvstor - ok
04:50:20.0678 0x2f5c [ 6D0FBFF20D03AD65F361A4F992F4BD9E, 42B60EDAED47D17492271B1FAD83E67FB2AB38605AB0E937DFE6FD2658D69801 ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
04:50:20.0678 0x2f5c NvStreamKms - ok
04:50:20.0678 0x2f5c [ 1B221319F0FCFC8B741FE3777DC412D3, E33088E8297C4A1B1FC1BCB20F067140EABEC51D03989EDB583F569937009A72 ] NvTelemetryContainer C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
04:50:20.0694 0x2f5c NvTelemetryContainer - ok
04:50:20.0694 0x2f5c [ DAFDDA94A3AD4191071934288B2326DA, ED4E7B3DA58C5AE8D57B3A2A15ACE73FDC59E9D7F7647595BE808570D159703F ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
04:50:20.0694 0x2f5c nvvad_WaveExtensible - ok
04:50:20.0694 0x2f5c [ E922DF7E9767AB997EF82BD8DA37F84A, 15303C8DD36BAAB1007A364F3301A084E487D927B92CA66BEB42488241AF808D ] nvvhci C:\Windows\System32\drivers\nvvhci.sys
04:50:20.0694 0x2f5c nvvhci - ok
04:50:20.0709 0x2f5c [ 0D611DC17E48B6F8DD466A089170D118, E55A78E2CC6A0A5F7B8F0B75DFB2297FBC3B959C4FDEFBEA1C6C4E7706724AEB ] OneSyncSvc C:\Windows\System32\APHostService.dll
04:50:20.0709 0x2f5c OneSyncSvc - ok
04:50:20.0709 0x2f5c [ 6C7A7FDB373D42102A114CED1CB2EB30, 2ABEBB0687F77DFA5F65635042F4F15B7C31FCA8C037BA4A15385EC4579335D8 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
04:50:20.0725 0x2f5c ose - ok
04:50:20.0725 0x2f5c [ F5F10CE848CAF07A12A7B92290DBA38A, AC6AC13B692D07A6853B24A6396F1C3388586FD5D528F79FA3E373428D54D29A ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
04:50:20.0725 0x2f5c p2pimsvc - ok
04:50:20.0740 0x2f5c [ D1A9C22A98A10EB11A190B8FC7C07C6A, 1DE5F07E707DA9D833F105A8D948BBAEF0172DB2147D9A665EC7320F88D57B9E ] p2psvc C:\Windows\system32\p2psvc.dll
04:50:20.0740 0x2f5c p2psvc - ok
04:50:20.0756 0x2f5c [ 2CC6C325B271C7CA60F374F8F868CB45, 569391CA5DF003ED33CAA89FD38834641023C24F7FAE2261F6DA8ABC5CC9C3C9 ] Parport C:\Windows\System32\drivers\parport.sys
04:50:20.0756 0x2f5c Parport - ok
04:50:20.0756 0x2f5c [ ABE0711474C0518FD914F62AB4FB83E8, 17F38D28D0A2275A6A1E5BC2C60BF2459B0D642EDC42B59F4A1BCFC1100C8502 ] partmgr C:\Windows\system32\drivers\partmgr.sys
04:50:20.0756 0x2f5c partmgr - ok
04:50:20.0778 0x2f5c [ 72ABB842C15A6C3AC3D954308C6BF206, 8F2A69E3BE43BCD2C8A39153062216B5CCEC9FA62205EC8A23FAB209DFAE7062 ] PcaSvc C:\Windows\System32\pcasvc.dll
04:50:20.0778 0x2f5c PcaSvc - ok
04:50:20.0778 0x2f5c [ C5B74C6D87E77BC64DEBD1BF57DEB375, AEBC86E404D4E3985D9FBAD9913AC52127DDE7C79062830717CDFEEA4CD7CC0B ] pci C:\Windows\system32\drivers\pci.sys
04:50:20.0793 0x2f5c pci - ok
04:50:20.0793 0x2f5c [ CFB85CB7A6F6926EA0EB96EDFB3C8A91, 7B3A58C165DF231BB202D8A2036272932439864F8EBDC62811E2BEFA8B36FC01 ] pciide C:\Windows\system32\drivers\pciide.sys
04:50:20.0793 0x2f5c pciide - ok
04:50:20.0793 0x2f5c [ 13B7D84B397A90E82682C47A15C3A98D, 7F897DA83209381A8C26B34416899E276256AB587DC4E2B60B185CAC8D1877F0 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
04:50:20.0809 0x2f5c pcmcia - ok
04:50:20.0809 0x2f5c [ 76EA512FD9D4673CF7A57775EE8922E2, 6D2B90616A46BC4F9BB6BACBD78EB33C23834987365C87617AFC2E147871C984 ] pcw C:\Windows\system32\drivers\pcw.sys
04:50:20.0809 0x2f5c pcw - ok
04:50:20.0809 0x2f5c [ 10E48E45A03A7F4C2B7C11738BE87816, 44870E26C3B75D51F5035DE78E62F3EFF222D314DAACBD60AE40BF34BC706F2E ] pdc C:\Windows\system32\drivers\pdc.sys
04:50:20.0809 0x2f5c pdc - ok
04:50:20.0825 0x2f5c [ 4F190BA3C9BD2F0277BCBF480F396091, F09613C76350706992B39D7EA9B859D28F00790E5AC17CA7D49C3E270B9D8994 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
04:50:20.0840 0x2f5c PEAUTH - ok
04:50:20.0856 0x2f5c [ 042DE633AB8DF2258E3E38B2C44D4064, 509015040073280BCD48AFB266DD39666412EFE62FACD3E4D598A461BE38FC2F ] PEFService C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
04:50:20.0872 0x2f5c PEFService - ok
04:50:20.0877 0x2f5c [ FE52FF97A094609429FEF098EDC6FB08, 6762ED340048AF61B756CB7B576BE2057768FDB677623D01F2A592727C0E5A00 ] percsas2i C:\Windows\system32\drivers\percsas2i.sys
04:50:20.0878 0x2f5c percsas2i - ok
04:50:20.0878 0x2f5c [ FCA143274792F12383C35902E801E83A, 87D93226E32153794993035553C9935D07242631E182460D8ED13650175C0F01 ] percsas3i C:\Windows\system32\drivers\percsas3i.sys
04:50:20.0878 0x2f5c percsas3i - ok
04:50:20.0909 0x2f5c [ 4DAD2C73778D41F951B33854936E7BDC, 1421FDA2D083D5923422A038C54603BF798C48DDB7244DBEDA46D537B8CE1534 ] PerfHost C:\Windows\SysWow64\perfhost.exe
04:50:20.0909 0x2f5c PerfHost - ok
04:50:20.0925 0x2f5c [ D4D4AFF22AEC7595EF24DB0FDCC06259, 4D3D7ECB724FE41924BA7699316D50566FE828B5B53616EC50DFBEE91C6464FA ] PhoneSvc C:\Windows\System32\PhoneService.dll
04:50:20.0941 0x2f5c PhoneSvc - ok
04:50:20.0941 0x2f5c [ 97D85602B8131C487EB08A36F7343F5E, BEDC106AF06358D40BB034390645A5BFF9C138CFD51B5997D32614741D3D2372 ] PimIndexMaintenanceSvc C:\Windows\System32\PimIndexMaintenance.dll
04:50:20.0956 0x2f5c PimIndexMaintenanceSvc - ok
04:50:20.0978 0x2f5c [ F9FB601621FF33376F3908C2C27C6EF4, 8689565D4FD1C68826EA0A9C2B44377A2AEC3CD812595F0D32904D8FA5809672 ] pla C:\Windows\system32\pla.dll
04:50:20.0994 0x2f5c pla - ok
04:50:20.0994 0x2f5c [ A2BACEBAC01BE7A6656B454E75C23262, C2C168718A341D48679AC4CA8005BD06E9F1F0D1F7C72D3C30A7A8CE1F665A43 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
04:50:20.0994 0x2f5c PlugPlay - ok
04:50:21.0010 0x2f5c [ 414CA4DCC31D795882B25ADC1DACE779, AFD8D9AA24C64DD9569FDCBE65171810FE27AF24B8DD2941FECE6245EABB6AAC ] pmem C:\Windows\System32\drivers\pmem.sys
04:50:21.0010 0x2f5c pmem - ok
04:50:21.0010 0x2f5c [ D54385DD5A39A5636D1587FC9ECFC337, DEEA5D433CB2DA55AE58C7C5431A1249C94B61606F0A75E4A44D516619060263 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
04:50:21.0010 0x2f5c PNRPAutoReg - ok
04:50:21.0025 0x2f5c [ F5F10CE848CAF07A12A7B92290DBA38A, AC6AC13B692D07A6853B24A6396F1C3388586FD5D528F79FA3E373428D54D29A ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
04:50:21.0025 0x2f5c PNRPsvc - ok
04:50:21.0041 0x2f5c [ 118E91AEE8F6DDAD088F955498CF2487, F4447C64CF1F36432E0FF09B6712DCE61BF28E3499F20C6C69E80D98B42D671E ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
04:50:21.0041 0x2f5c PolicyAgent - ok
04:50:21.0041 0x2f5c [ F6A0B848F75CF55E3980EA0FADCBA317, 11D8B12B4DE867B180965B0F2FD0F362265C518F76FE3351A2B7C9C2FFC5E137 ] Power C:\Windows\system32\umpo.dll
04:50:21.0056 0x2f5c Power - ok
04:50:21.0063 0x2f5c [ D292D7FADCEE481CC64A9DE8FE9C3347, BD870A375E33CD8434CA97FFE9C2F84E58C6CD0EAEEEE8922172CB01F9674B55 ] PptpMiniport C:\Windows\System32\drivers\raspptp.sys
04:50:21.0065 0x2f5c PptpMiniport - ok
04:50:21.0094 0x2f5c [ 5404E7A968A26DF03793B6F68536594D, BE5A85581E87EFE4DB43AD17B8D42D3F7F32364AEEC1416DBB94279C4A203FF2 ] PrintNotify C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
04:50:21.0141 0x2f5c PrintNotify - ok
04:50:21.0141 0x2f5c [ D57CF871B3977731A91FE9611A54C7C1, B6C7F685716A88D0978377B83C5320C88EED0CAA44A001849AAFF71E4E0682E7 ] Processor C:\Windows\System32\drivers\processr.sys
04:50:21.0141 0x2f5c Processor - ok
04:50:21.0141 0x2f5c [ 24B3554CCBF7C5C22C86F870E23A4D23, 32185C6F1012E3286448D327C61B478E7E23F5C436D181C1F20885372363DBD7 ] Product Registration C:\Program Files\Dell\Dell Product Registration\PRSvc.exe
04:50:21.0141 0x2f5c Product Registration - ok
04:50:21.0156 0x2f5c [ EBBAEA19BB7BF5E7CF09BE1C294E2699, 4FAF59D5393A6979627A061216676106A3941F2FBAE8E1CD5485E49BB57A6297 ] ProfSvc C:\Windows\system32\profsvc.dll
04:50:21.0156 0x2f5c ProfSvc - ok
04:50:21.0174 0x2f5c [ B60431D2A046AD97F8427F6E568370F5, CD488E343585A5AC19D9AAF88BF0BB7EEA1BC48F6DA4A4FBF9BE5A04ECF5040B ] Psched C:\Windows\system32\drivers\pacer.sys
04:50:21.0177 0x2f5c Psched - ok
04:50:21.0210 0x2f5c [ 2F47CB7A52EDB17C7CCE5B2F03A9F547, 82B21A164C184EAE16F63F2404A66AE0D461416C94BC566E492DC1EC0048B1DB ] Qcamain10x64 C:\Windows\System32\drivers\Qcamain10x64.sys
04:50:21.0241 0x2f5c Qcamain10x64 - ok
04:50:21.0257 0x2f5c [ E0DCCA2A78516D155A6485CCA99F0EA5, EAFD24F815ECD6373BEC8E75B24FB54694CB8E4FF430FB6886F9B5B1C1762BFC ] QWAVE C:\Windows\system32\qwave.dll
04:50:21.0257 0x2f5c QWAVE - ok
04:50:21.0257 0x2f5c [ A2B0F46FBA2521E7E732BDBDB1238515, 7F0FEFB09770BF5889D6C2219F68399C962A3F1071E70C4951B6FDAE196CF041 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
04:50:21.0257 0x2f5c QWAVEdrv - ok
04:50:21.0257 0x2f5c [ EA9EB06EFC325CD2ACF5DF2F26A4894E, 32AC7EDB42CDA736E2AD9AB67795735F16234D9BD80D56FDAE5B8B3C3C1CC26F ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
04:50:21.0257 0x2f5c RasAcd - ok
04:50:21.0273 0x2f5c [ 4E9379389D0A851DD19D130C8FAEFBD0, 279A25EF8949A5BAF311CA75493A5F89F74A02711EF875F67D0A95849B409C00 ] RasAgileVpn C:\Windows\System32\drivers\AgileVpn.sys
04:50:21.0275 0x2f5c RasAgileVpn - ok
04:50:21.0278 0x2f5c [ 3E8CB44832FE3F96047187291523CDA1, 999A10D4D50CD2C39309FDC04A9F4CB0959BA061AE9305D4DF7F00F37F3813F9 ] RasAuto C:\Windows\System32\rasauto.dll
04:50:21.0278 0x2f5c RasAuto - ok
04:50:21.0278 0x2f5c [ 5279EC98F6218D29EADDFECCC0D80E9A, 6F376FC3BEFA9F521635192177962AF1F41173502EC067896B7C2A5FB71E7A3B ] Rasl2tp C:\Windows\System32\drivers\rasl2tp.sys
04:50:21.0278 0x2f5c Rasl2tp - ok
04:50:21.0294 0x2f5c [ FCC5824BCB4D12AFC40C61CADDC7175C, 2C2464849320B2E18B9A94574AA20218AF4EA50E9947C990068F086061400275 ] RasMan C:\Windows\System32\rasmans.dll
04:50:21.0310 0x2f5c RasMan - ok
04:50:21.0310 0x2f5c [ D7FF75ED7A48FD60A573C9E959CF4DB5, C67673E2D678527F8C07C9BCC487D385B92282D9D73396CFB01F14F5211CA991 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
04:50:21.0310 0x2f5c RasPppoe - ok
04:50:21.0310 0x2f5c [ 6A4E45A7F17FA0B4B1B48C550E311944, 1E84A559B7AA5F07E8156D223EFFB1B2B43D1E4E90E561D8DF2C257FFBCFDC0D ] RasSstp C:\Windows\System32\drivers\rassstp.sys
04:50:21.0310 0x2f5c RasSstp - ok
04:50:21.0326 0x2f5c [ F2C575A9657F7B2E027C6CE7BC8F1A2D, 5D002488CCEDCEBF0542F508FCE47DC9105C67D5685489970048437BD243AC0E ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
04:50:21.0326 0x2f5c rdbss - ok
04:50:21.0326 0x2f5c [ 9414B22E093243636D362BF8C8C12A67, 575CE91AFADD771CBF86377962EDFAF70150BBA575F8DF144FEE6CC1C0FF88E0 ] rdpbus C:\Windows\System32\drivers\rdpbus.sys
04:50:21.0341 0x2f5c rdpbus - ok
04:50:21.0341 0x2f5c [ 53A01D3FDB701AC5D9DDE4140227E3D9, 833AF0BAAB49B58C71C684D2AA20B900C27E19DDCE5E15355C7ABAAB33BC7673 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
04:50:21.0341 0x2f5c RDPDR - ok
04:50:21.0341 0x2f5c [ DF32ED51DC0C3F6F3B1C4CEF71B8B426, DBEAD271B5DE6439E3106BDDB8B1E47D7BA47AE203CF3E1F8924CE02FDCA6E0B ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
04:50:21.0341 0x2f5c RdpVideoMiniport - ok
04:50:21.0357 0x2f5c [ 2369A5B651308E0C3458143976E9B03B, 0EDE99F7E2A7668E90C2FCA11D4BCE0676FBEA2CCFB57A004827CE5FE96D1584 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
04:50:21.0357 0x2f5c rdyboost - ok
04:50:21.0379 0x2f5c [ 3581FB9529035F8EC6DB681664CA70B1, 0C7BCD6A3B4248683C52B69F0B373D5929C2375F9BBF6CA80C480A8E7446A30C ] ReFS C:\Windows\system32\drivers\ReFS.sys
04:50:21.0410 0x2f5c ReFS - ok
04:50:21.0426 0x2f5c [ 79E1ADE19D8B7C56EF29D098EAF57AD0, 295D0F04359A00849759976710F6CB83DB96E5007946930EA19865620EA3EFE7 ] ReFSv1 C:\Windows\system32\drivers\ReFSv1.sys
04:50:21.0426 0x2f5c ReFSv1 - ok
04:50:21.0441 0x2f5c [ D91C597DE82E1500525945E1FFF24B0F, 3F5837A743715FB2CCBFC9458FBE010AED170B46515925D4C7C59BBAC792F695 ] RemoteAccess C:\Windows\System32\mprdim.dll
04:50:21.0441 0x2f5c RemoteAccess - ok
04:50:21.0457 0x2f5c [ 19D1072193DAF71C97E5A05FC7673BB3, 313C3762CCC490C20B5561A78E6002E7A52F0142B370F17849DD4AB2F0AF6513 ] RemoteRegistry C:\Windows\system32\regsvc.dll
04:50:21.0457 0x2f5c RemoteRegistry - ok
04:50:21.0477 0x2f5c [ A12D167F73C3E285AC623BCA62B3A8BC, 6E8213808C22C0688BD40721FBBBAA88BFEFA1BD304BC19AA015FC541CA5BF84 ] RetailDemo C:\Windows\system32\RDXService.dll
04:50:21.0478 0x2f5c RetailDemo - ok
04:50:21.0478 0x2f5c [ 9179005CD2702635CF12DB5E0A9D1B0E, 31D777C82A44A2420F0415E182C12CE4EDFF60362B2136EC074E38B2DC7BDB8E ] RFCOMM C:\Windows\System32\drivers\rfcomm.sys
04:50:21.0478 0x2f5c RFCOMM - ok
04:50:21.0494 0x2f5c [ D31B2CD9458D2E212A5F24D56D2FB8D5, D8EC0BDB9D143C050A48217C57AA1BA6D60EEFEF67A98441064BD8FD339987DD ] RmSvc C:\Windows\System32\RMapi.dll
04:50:21.0494 0x2f5c RmSvc - ok
04:50:21.0494 0x2f5c [ C79F1F7C8A5FCBE90E3C833299AA1F59, 7969E79B2095BDA144AA369DE21F49C9FAD272B5864B2F0FD28CB28D148F2AD6 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
04:50:21.0494 0x2f5c RpcEptMapper - ok
04:50:21.0494 0x2f5c [ 1CE6928C1587F9760F7C3A036786CAE8, 3E4F5371E0DDDBA612BF61891D17D691DCAFB2E1010BBD84737FBD98DA8C03DE ] RpcLocator C:\Windows\system32\locator.exe
04:50:21.0510 0x2f5c RpcLocator - ok
04:50:21.0525 0x2f5c [ AA7F1C36F5BC779964CFA4F98D224D9F, 6DAF4FCE696B1D6A76E127A905C158724B13C20D2AA0F460F6C2E747E9525D98 ] RpcSs C:\Windows\system32\rpcss.dll
04:50:21.0541 0x2f5c RpcSs - ok
04:50:21.0541 0x2f5c [ E87EECED9287C275B6CF30EB598B1D77, D0C5D4E37A3FAD422C0ECFFAB53904D9FD5385129DE2BC5AF75D91CD016EA6AC ] rspndr C:\Windows\system32\drivers\rspndr.sys
04:50:21.0541 0x2f5c rspndr - ok
04:50:21.0541 0x2f5c [ BEE65FAEFB1EA112AA8E59A73A9FBA59, 0A38F42F24BA3652AADC26B99EE08133D78E9AA54F657C5BDEE6E66A53E299B4 ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
04:50:21.0557 0x2f5c RtkAudioService - ok
04:50:21.0557 0x2f5c [ 96CB7822C76EC1F24909D58350DA7DA7, 9F98CA000E24C40EBB2CE89D9547D05AF9D871E231BA30D6FD613D19F97A7355 ] RTSPER C:\Windows\system32\DRIVERS\RtsPer.sys
04:50:21.0579 0x2f5c RTSPER - ok
04:50:21.0579 0x2f5c [ 6C5C0EEF31B58AFA213C49A579CA33AD, 2212BD704485857FB7177B2DC5580DA28C2018E120FFF087FD218039A20C64D6 ] rtux64w10 C:\Windows\System32\drivers\rtux64w10.sys
04:50:21.0579 0x2f5c rtux64w10 - ok
04:50:21.0594 0x2f5c [ 6308366D3CDEA5F427CFF4BCF0081B4E, ABB91A41C09A1607C66BD380FD0A3EECAAF9AD534856CCC78DE1A4E450ADB07F ] s3cap C:\Windows\System32\drivers\vms3cap.sys
04:50:21.0594 0x2f5c s3cap - ok
04:50:21.0594 0x2f5c [ 9936F9E94C6E3F47A158D7BFF020575A, D28F6BBCBA07AD8FC17C99D701A0C9367270C4A504BAAB7B840931BBF333D65D ] SamSs C:\Windows\system32\lsass.exe
04:50:21.0594 0x2f5c SamSs - ok
04:50:21.0594 0x2f5c [ 33B2DC5C2F19DA89F862484E23D9833D, 1C3BD1804767D087BE1510EEDCE94FFAC096922C821A123DB1BACDA5777246A7 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
04:50:21.0610 0x2f5c sbp2port - ok
04:50:21.0610 0x2f5c [ 53F03A8A228D6C8016139A4B2583A2D8, 8EA046C7537B2D926D3AE1F058A9880F823EBEA6DC77F312082EDE1722F08236 ] SCardSvr C:\Windows\System32\SCardSvr.dll
04:50:21.0610 0x2f5c SCardSvr - ok
04:50:21.0626 0x2f5c [ CBCC25CDF5D30ACB253CC92ADC7D569C, 0DF0DE3B0F0007E4F3D663EB7CC503C38B5A99F5859A6BD8564F8153F1D925D5 ] ScDeviceEnum C:\Windows\System32\ScDeviceEnum.dll
04:50:21.0626 0x2f5c ScDeviceEnum - ok
04:50:21.0626 0x2f5c [ 5CFEEFCC6FAD1FD09ACCFBD652DDD85B, F90104CC42073ACD48A2FCCEDF58B57D8663223406ECB0A270140A053E9260B3 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
04:50:21.0626 0x2f5c scfilter - ok
04:50:21.0641 0x2f5c [ 5BBFA6CA63E8A5BB8FA2FA84A5562CE2, C74CD0A76473343A8620D26C96F7300026C295EDF61B8A336AB326DFE861678D ] Schedule C:\Windows\system32\schedsvc.dll
04:50:21.0657 0x2f5c Schedule - ok
04:50:21.0657 0x2f5c [ 5C8620FAC0E3C1658C8EF7AD7BB7EA5F, FEBE7FC79FCDF692167D82DE54031FD68BD2941544007EEB3D82C21E7F1C5C83 ] scmbus C:\Windows\system32\drivers\scmbus.sys
04:50:21.0657 0x2f5c scmbus - ok
04:50:21.0657 0x2f5c [ 62E13528B9F900A5662E243D4315F10B, B3F4868E80A3A2EDEC19E5AA32C96FF90B08D6B9BD35B80EA01E6A098D46040B ] SCPolicySvc C:\Windows\System32\certprop.dll
04:50:21.0675 0x2f5c SCPolicySvc - ok
04:50:21.0679 0x2f5c [ 134FB9DCA9244455917D80D33CA31ACA, 0B17BB514A14096C8F67D73F27E52C90E4BD343B131BD554D7DD3B424B4E070B ] sdbus C:\Windows\System32\drivers\sdbus.sys
04:50:21.0679 0x2f5c sdbus - ok
04:50:21.0679 0x2f5c [ 464B615872981015AC4FEEBDEA83A063, 5CF491352B267241CA11F08E72E6EA668A595662561892E0D02CCA5B71172E14 ] SDFRd C:\Windows\System32\drivers\SDFRd.sys
04:50:21.0679 0x2f5c SDFRd - ok
04:50:21.0679 0x2f5c [ 847F01FB8504425BB255856A14278A86, 41997D25D12779CA79551988C56FA0A302367076B09A82F620858EDDDBFCE3FF ] SDRSVC C:\Windows\System32\SDRSVC.dll
04:50:21.0694 0x2f5c SDRSVC - ok
04:50:21.0694 0x2f5c [ 6BC219F1D9CDE08CEB9084ADB41FBA01, DA8AC3B42A72515A1976961976203A52D4C8636586EB5EF6B466AAF967A6567E ] sdstor C:\Windows\System32\drivers\sdstor.sys
04:50:21.0694 0x2f5c sdstor - ok
04:50:21.0694 0x2f5c [ 2AE8505519C7E8A903DD7BE793A79846, 7044B1BC183E028BCFB544489B033F0968F033696F9816F354329ABD26C6EE7E ] seclogon C:\Windows\system32\seclogon.dll
04:50:21.0694 0x2f5c seclogon - ok
04:50:21.0710 0x2f5c [ 1D4F5F50BEA1329FAEFA5D15F683F87F, C5E0BFFB4E4589AAD87D8BA0F779DC94ED6F85A8003B71D0A858CC32912A3F0F ] SecurityHealthService C:\Windows\system32\SecurityHealthService.exe
04:50:21.0710 0x2f5c SecurityHealthService - ok
04:50:21.0726 0x2f5c [ 77FB9BE8EDDCC999D09F2B1A7878A2A9, 589774C006A339FCA9772C37C9103C73C8592E018553804B97F34E2A0069A3F7 ] SEMgrSvc C:\Windows\system32\SEMgrSvc.dll
04:50:21.0741 0x2f5c SEMgrSvc - ok
04:50:21.0757 0x2f5c [ 25456AF499A0C9C4A93CFAC70BDE9CC2, 885C1A9C8BFA73D9C9C454759DF871237F7C0F28D879E98B4BE0D0113C549B09 ] SENS C:\Windows\System32\sens.dll
04:50:21.0757 0x2f5c SENS - ok
04:50:21.0779 0x2f5c [ 892C955E1081412942F64679E0DD7A5D, 6A28012270FA1FB3BB279102C67FA5296564630181C887E1EA6EA1F952A30C37 ] SensorDataService C:\Windows\System32\SensorDataService.exe
04:50:21.0795 0x2f5c SensorDataService - ok
04:50:21.0795 0x2f5c [ AA4BA5CCB3B01E23605ACE13F4A94ECE, 7D8374FA03C33CFC7EA7CF680F81B0090AB22076E389EB6B6233F696FC63E1B0 ] SensorService C:\Windows\system32\SensorService.dll
04:50:21.0810 0x2f5c SensorService - ok
04:50:21.0810 0x2f5c [ 00897F867A525D2118DF98E2DCADA050, ADAEB414EE5F3EFE90AE8A56136FB0165CF68962661FE0B937150235DE1F4DE6 ] SensrSvc C:\Windows\system32\sensrsvc.dll
04:50:21.0810 0x2f5c SensrSvc - ok
04:50:21.0826 0x2f5c [ 585329F62195A4B7AAD0A95F6EC89751, E7ADED97ACA8E8E06C368E24702C22D4C2B0B9495DEA24A2DC2A30782099BDCE ] SerCx C:\Windows\system32\drivers\SerCx.sys
04:50:21.0826 0x2f5c SerCx - ok
04:50:21.0826 0x2f5c [ C8F4FDA8B3D039D7947344614FF5BFB2, 1A3B88EC59F2A820AFE4F3AC65F7149EAC68672D1F0D729CBB575694005A8911 ] SerCx2 C:\Windows\system32\drivers\SerCx2.sys
04:50:21.0826 0x2f5c SerCx2 - ok
04:50:21.0826 0x2f5c [ E5B450E4E0DC1591254BF9CCF6C57B40, 958E7378D9BDE1F2EBE736D8D9912D56835A606AABDD042443A35CA37EC70F11 ] Serenum C:\Windows\System32\drivers\serenum.sys
04:50:21.0826 0x2f5c Serenum - ok
04:50:21.0842 0x2f5c [ 628D8DD136F92316BFEB58FA005338B7, 0CDA673D31F40EBD07E9F67667DB6077F23DCADE2DD8376AB550575224625D44 ] Serial C:\Windows\System32\drivers\serial.sys
04:50:21.0842 0x2f5c Serial - ok
04:50:21.0842 0x2f5c [ E5BA0B7353ADC5C95AB466D2E4DC89B1, 98F2A22ED892B2610C85EAAAB51DF25939599955A27611FCE9E68C3701CFD4EA ] sermouse C:\Windows\System32\drivers\sermouse.sys
04:50:21.0842 0x2f5c sermouse - ok
04:50:21.0857 0x2f5c [ 043D7B39E693C610036BD56DF30EF440, 329D29CE1CB5F502B7DFCBE24878CA61EC56787A1B02195E19499701B194DE08 ] SessionEnv C:\Windows\system32\sessenv.dll
04:50:21.0857 0x2f5c SessionEnv - ok
04:50:21.0857 0x2f5c [ 15CFCC4692DA8887B977CE5FC5181084, 31D86E122E35AB9E7275F2B0573EE98770BBE517ED3B9CCED97F4969C9A619F9 ] sfloppy C:\Windows\System32\drivers\sfloppy.sys
04:50:21.0857 0x2f5c sfloppy - ok
04:50:21.0879 0x2f5c [ 87B083252816171A17F833CBCB7AA85E, 200AB93CEF384791DC9B04D2AF17877CA10595B2CEDF4B9505E367A2382C4AB7 ] SharedAccess C:\Windows\System32\ipnathlp.dll
04:50:21.0879 0x2f5c SharedAccess - ok
04:50:21.0895 0x2f5c [ 490F6144273A85A3CFF3D416850E0611, F703D32580405B9CEF0E601222C2CE584B076B2E58710D66A15AFEA2A6907514 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
04:50:21.0895 0x2f5c ShellHWDetection - ok
04:50:21.0911 0x2f5c [ 7CA2E9B6EDC87FCCA9C49D3D9BE62B65, 3FE1A2DD8581BF8D29EA2000424EB992BCA8E00986F107C22489D006F729D2E3 ] shpamsvc C:\Windows\system32\Windows.SharedPC.AccountManager.dll
04:50:21.0911 0x2f5c shpamsvc - ok
04:50:21.0911 0x2f5c [ 2339F6B45E1D863B1D327F3AFD75A675, 03304ADC42EF6E8F671C8AA78A0D3E40408D870FBF2DA2B31A1727F86EF8F213 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
04:50:21.0911 0x2f5c SiSRaid2 - ok
04:50:21.0911 0x2f5c [ F520D50AD7266ED31D25DF4C8EA6BC2D, F68CF9EFB8319E59A8D9C24A36A198185DD79CBACD14510F5450F0024F0CD4D3 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
04:50:21.0926 0x2f5c SiSRaid4 - ok
04:50:21.0926 0x2f5c [ 70A2FD5F5B7B1A5E1146BE45E4DFB75D, 598824F06BBC2E37B9A6474411637C73233C8D2E13AE963C3229279A8519A9D3 ] smphost C:\Windows\System32\smphost.dll
04:50:21.0926 0x2f5c smphost - ok
04:50:21.0942 0x2f5c [ 15684D78C67B63475EABAB5A6ECF32A8, 46BA6830BC42839E22F600ED591E23611E092C2342702F403553BB0B9177E835 ] SmsRouter C:\Windows\system32\SmsRouterSvc.dll
04:50:21.0942 0x2f5c SmsRouter - ok
04:50:21.0957 0x2f5c [ 9977AFF389C0C32DE419226564886E09, 453ABAB020E3ACD04A45BD05B224C182A47534C23023C4E1AD1903E5377B3CCF ] SNMPTRAP C:\Windows\System32\snmptrap.exe
04:50:21.0957 0x2f5c SNMPTRAP - ok
04:50:21.0957 0x2f5c [ 2334ED0B61CAE7E7B1B454674206CDAC, 4EAA11805C2282E0306A381CF56E4B28D83C68BA1B401BFD512AE70C05C8A4CD ] spaceport C:\Windows\system32\drivers\spaceport.sys
04:50:21.0978 0x2f5c spaceport - ok
04:50:21.0979 0x2f5c [ F3F0B8CAC1F3E6C3382EAFCE762475AD, 9F2EB373FB9216CDA71965979EE5E18F3AFDD26FF7E0C09DD7C3D880205C2554 ] SpatialGraphFilter C:\Windows\system32\drivers\SpatialGraphFilter.sys
04:50:21.0979 0x2f5c SpatialGraphFilter - ok
04:50:21.0979 0x2f5c [ 83E82B0E292DCDE4C75B9241BF0FB300, 494D2FD4CD082CC416CA5FF1ABE06BDC65A769F371CF0E18AD25C380B45AEE32 ] SpbCx C:\Windows\system32\drivers\SpbCx.sys
04:50:21.0979 0x2f5c SpbCx - ok
04:50:21.0994 0x2f5c [ 10CD42898C9E4849193E78A87337B2E9, 7C4FCB36EE1AF92C6962F14AE6DEF2CB154468EC3963DCDB9BDF8398C98B475B ] spectrum C:\Windows\system32\spectrum.exe
04:50:22.0010 0x2f5c spectrum - ok
04:50:22.0026 0x2f5c [ 250B6272326FC54414231AC71176E6FA, DE531EEADD24F1866A5BD74411E91E0934B23DC508855D2B9AC88BC25EE7A4E0 ] Spooler C:\Windows\System32\spoolsv.exe
04:50:22.0026 0x2f5c Spooler - ok
04:50:22.0095 0x2f5c [ E910861720DE6EDFB5CC6158CE3C7E17, 526BA8EEB9EE5312FEC39753D728E05F49AD81132346A354C95D4D4938001E2B ] sppsvc C:\Windows\system32\sppsvc.exe
04:50:22.0142 0x2f5c sppsvc - ok
04:50:22.0157 0x2f5c [ 36EAC4FE629FC036632F13EC14788FD1, 6AEE37816306FE46FA99EADB23E98CE6A6674C11ED847F1F5575926E26B09F9A ] srv C:\Windows\system32\DRIVERS\srv.sys
04:50:22.0157 0x2f5c srv - ok
04:50:22.0179 0x2f5c [ A84B05C7C2A233497BE1D518A662C326, 85B291B6783AD48F2111B46050311A553BE6D6A7C3D90861DC010FA65730D2B5 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
04:50:22.0179 0x2f5c srv2 - ok
04:50:22.0195 0x2f5c [ 62E6CF587C037E99F7450F5BAAF0CB87, 3EED46313FD5A9C942F447F531121395C31C1AE2DED0F7B2E4A974F6024E8330 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
04:50:22.0195 0x2f5c srvnet - ok
04:50:22.0195 0x2f5c [ E95A6C339AE68515897B2E4C6B0842CA, 29DD7E83CD68432EAE4A7ED92CDA40AA52028F5FBB52152F0A1C752B572C2684 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
04:50:22.0195 0x2f5c SSDPSRV - ok
04:50:22.0210 0x2f5c [ FBD45746B2EDEECA10CCA6A861F8049B, 34383B0A07A93E0FA89CA32CD45AC5061F73723B2A9E0BF4AF93A53F70F1678E ] SstpSvc C:\Windows\system32\sstpsvc.dll
04:50:22.0210 0x2f5c SstpSvc - ok
04:50:22.0295 0x2f5c [ AE1918EED1E4925778B92061CC2B8D18, 21B3D1685906BC4BA3C8A54C40ABC631F2F312926111BCE48AFEA8B96942DF22 ] StateRepository C:\Windows\system32\windows.staterepository.dll
04:50:22.0342 0x2f5c StateRepository - ok
04:50:22.0357 0x2f5c [ D40C589F80EB1C511263D0547C0259AE, A0236F6BB515AE006CC4C9F40FCCE250407888757A3646BB4BCB59EF8EEF1311 ] stexstor C:\Windows\system32\drivers\stexstor.sys
04:50:22.0357 0x2f5c stexstor - ok
04:50:22.0357 0x2f5c [ F83F43CD328E6CEEAAC27612F3EB1FF5, E3D35E5154CD228301806706E6EADCA36E9113EAF44BC06E3C43B2E902187326 ] stisvc C:\Windows\System32\wiaservc.dll
04:50:22.0379 0x2f5c stisvc - ok
04:50:22.0379 0x2f5c [ 576A818562069B1E091CC719C143AED2, 48880CF4D33033E9A6024C2A0AD673AFBCE400C74574913F8E24717BA6BADE7C ] storahci C:\Windows\system32\drivers\storahci.sys
04:50:22.0379 0x2f5c storahci - ok
04:50:22.0379 0x2f5c [ E5F703788DFA05411F1469E96838F438, A7E8D2DC23E23EA52B068C71D9387E69FF49798A27CE0243A994A2B1B09FA042 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
04:50:22.0379 0x2f5c storflt - ok
04:50:22.0395 0x2f5c [ 0D0128244FF55EAD3F878D3FE542DBA5, 4FCFA1B2113E07264A71A22298CA6E9FDC2AB722E0AE184A8F5656C18113A858 ] stornvme C:\Windows\system32\drivers\stornvme.sys
04:50:22.0395 0x2f5c stornvme - ok
04:50:22.0395 0x2f5c [ 3A62FF78619258E6126C5C4B4CC82C8E, C72CC295680B35E0EEE5A5310E0241E2FFE0E540BFAA49C35C06AA882229C1CD ] storqosflt C:\Windows\system32\drivers\storqosflt.sys
04:50:22.0395 0x2f5c storqosflt - ok
04:50:22.0410 0x2f5c [ 212CB512B785E218667CCA56C4BFD71D, 5FD4CFEE5AB2187D928632076E6AD5C2C53D66884479C4D34930DCFCA3CCEE34 ] StorSvc C:\Windows\system32\storsvc.dll
04:50:22.0426 0x2f5c StorSvc - ok
04:50:22.0426 0x2f5c [ C6097966F8EA3B288070CDF7C3C8C3E8, D12C4AF3E54DCE1E5DC9C8AA0E83420F481DC0165A7F7845083A85BABC102D37 ] storufs C:\Windows\system32\drivers\storufs.sys
04:50:22.0426 0x2f5c storufs - ok
04:50:22.0426 0x2f5c [ 3DC3B17E92DA02E36B4138733DF6C1AC, 398F20B6D6DAF6DA950C149F63F3B23864E1478119BFE53218C220CEADEC800D ] storvsc C:\Windows\system32\drivers\storvsc.sys
04:50:22.0426 0x2f5c storvsc - ok
04:50:22.0442 0x2f5c [ 803A6D5FF15542B6DF8C588D19D84183, 75B1E1899DBE4C7DF6AE314BDC46D5CD7174865A4285D7FC7A5C92E51ED3D896 ] SupportAssistAgent C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
04:50:22.0442 0x2f5c SupportAssistAgent - ok
04:50:22.0442 0x2f5c [ D284AB2CA6C30317D142D38CE1F848BE, 4C9EAE174F5C673CA550C9382E85CE7DAF5DC9965495BAB09078B634A4CDD4FB ] svsvc C:\Windows\system32\svsvc.dll
04:50:22.0442 0x2f5c svsvc - ok
04:50:22.0457 0x2f5c [ 2BC4D0EBC2467FE90302AE0AFAF23768, CF8BCC9CA1FBA8407FD044613A2497BEEC641DE463B076F0ED1FA7674C202ADE ] swenum C:\Windows\System32\drivers\swenum.sys
04:50:22.0457 0x2f5c swenum - ok
04:50:22.0457 0x2f5c [ 13985DA558FBCBFD9108A2CACB5FE494, DD457A73E82147AA90C36D695A47E862FF90D96FB1E22760FAB5780F7C332A46 ] swprv C:\Windows\System32\swprv.dll
04:50:22.0477 0x2f5c swprv - ok
04:50:22.0479 0x2f5c [ 572F81CF08972D53BAFFC2A110A2A586, D9AF8EBB31CE097849F93FC8C0F06178B2E1CA8C48D08BBDD85174CCD64A16D6 ] Synth3dVsc C:\Windows\System32\drivers\Synth3dVsc.sys
04:50:22.0479 0x2f5c Synth3dVsc - ok
04:50:22.0495 0x2f5c [ 7C29BBF63178BB6788AD1C2B231150A5, 5114AC1260C5447D3B21C7C56D825C1E77FCE388C5630D0200C8256F69EFA6B4 ] SysMain C:\Windows\system32\sysmain.dll
04:50:22.0511 0x2f5c SysMain - ok
04:50:22.0511 0x2f5c [ 97E0FD613D031EAA73E8AD259169AC22, E86E9B9C18AF2E79D7CF80B177A12D89418CDBD3CBB74307809DD0377408DB82 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
04:50:22.0511 0x2f5c SystemEventsBroker - ok
04:50:22.0526 0x2f5c [ 7750219DFABC38261575B6CEFBF84EC6, 50DF85E34AF7C1343281AD0EF34FD94AB0E279DA5C61976ABA0135B8F013C543 ] TabletInputService C:\Windows\System32\TabSvc.dll
04:50:22.0526 0x2f5c TabletInputService - ok
04:50:22.0526 0x2f5c [ C1C6A802C2A9A57029D4347E251F4D18, 9F75B7F003C829FFDB2CDC98231D32FE988754D23873048FA4F6EB82ED1DCED4 ] TapiSrv C:\Windows\System32\tapisrv.dll
04:50:22.0542 0x2f5c TapiSrv - ok
04:50:22.0580 0x2f5c [ FD4E819C0017074B33BAE343F9559162, EED3F611AD841DBC420D4DE60E527389C7D68C136D8E7074A0F6852F037B33F0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
04:50:22.0611 0x2f5c Tcpip - ok
04:50:22.0642 0x2f5c [ FD4E819C0017074B33BAE343F9559162, EED3F611AD841DBC420D4DE60E527389C7D68C136D8E7074A0F6852F037B33F0 ] Tcpip6 C:\Windows\system32\drivers\tcpip.sys
04:50:22.0680 0x2f5c Tcpip6 - ok
04:50:22.0680 0x2f5c [ 1C35A5C62D110346379C55E39A3D547C, 5BDBD593AB51ECA5A6B703E86F300E3B2B153E128BEB9A006ABD827AE726BD62 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
04:50:22.0680 0x2f5c tcpipreg - ok
04:50:22.0696 0x2f5c [ D74756DD1518D28A09CDA99696273FA4, F01DDF8CDBBC70BB086970C324E60CF7A1828CA6DE5A4F5B1BA4686BC31C4058 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
04:50:22.0696 0x2f5c tdx - ok
04:50:22.0696 0x2f5c [ 96A35CDBA661D41C5A3914257CA1D200, 691ABBAA99C673E7D0B81D811BCC60976C3EC050F2B39B35B87A3BCC211F119A ] terminpt C:\Windows\System32\drivers\terminpt.sys
04:50:22.0696 0x2f5c terminpt - ok
04:50:22.0711 0x2f5c [ 0B5C6D1683CDE89B3488326C60EA6EF2, 3B822CF005FA3002F27FF9BF39E7E133987230DA3481CFCF99F3B2B6B373A718 ] TermService C:\Windows\System32\termsrv.dll
04:50:22.0727 0x2f5c TermService - ok
04:50:22.0727 0x2f5c [ 6568EF1B30101979107055B7E515EE58, A318082E5FDD79C9F85E8C00A78EBFA0EC44B1046976E85633DC7BD123DA38B9 ] Themes C:\Windows\system32\themeservice.dll
04:50:22.0727 0x2f5c Themes - ok
04:50:22.0775 0x2f5c [ C9CC45ECC22E17FAE506B417292933B8, 5EAF39C06F3E2119BACC2D241368C9A7503DF74A6788C7B7DEBC8286EB428088 ] ThunderboltService c:\Program Files (x86)\Intel\Thunderbolt Software\tbtsvc.exe
04:50:22.0796 0x2f5c ThunderboltService - ok
04:50:22.0796 0x2f5c [ 2ABC11CFC2F03A919AF78A6E3E29C570, 54D91F89993A0FF090E2213EED92DE3659DCB693FBDA5932E31C6D6D7CFC8E80 ] TieringEngineService C:\Windows\system32\TieringEngineService.exe
04:50:22.0796 0x2f5c TieringEngineService - ok
04:50:22.0811 0x2f5c [ 4F9A5CE9F3C75AF1EE4B00D5E69F7CF7, 5FEE41C10629E89BD372E5D6C05A78FC0F2C394F4DE7C70AACC8720C6C6590DA ] tiledatamodelsvc C:\Windows\system32\tileobjserver.dll
04:50:22.0827 0x2f5c tiledatamodelsvc - ok
04:50:22.0827 0x2f5c [ E59D4F92FE11B47AB727C6D192CC977F, 1DA06663889A20A1B22DDF90E5C99A5668023C0B89E252F3E820C0D1964B1948 ] TimeBrokerSvc C:\Windows\System32\TimeBrokerServer.dll
04:50:22.0827 0x2f5c TimeBrokerSvc - ok
04:50:22.0842 0x2f5c [ 5379471B971D29EFCECBA87200C9FBFC, 7621258DA5EF0F4B2FFC344BCE0B6442E0AEE6BA795B65EBB5786D7A7C208A1F ] TokenBroker C:\Windows\System32\TokenBroker.dll
04:50:22.0858 0x2f5c TokenBroker - ok
04:50:22.0876 0x2f5c [ F76A92975340DAA99939DA297D677EA8, 51DA87E921BBA21BF39D7D9B691CEF8B1D2BCE2BBB0BA5B3C12B7E98CB5C702E ] TPM C:\Windows\System32\drivers\tpm.sys
04:50:22.0880 0x2f5c TPM - ok
04:50:22.0880 0x2f5c [ 85E0D4431D61675A94EA99C9E1F56436, 9FA750703E04D20A62DBB0185CBDD70AFC4573FB65F86E61AAF7CF7A7D8E1E3E ] TrkWks C:\Windows\System32\trkwks.dll
04:50:22.0880 0x2f5c TrkWks - ok
04:50:22.0880 0x2f5c [ F21A69013A67B372675F523262AC1E33, C3F910E375C0F4B7FFA6F6D755622FF6B0CAE36DF691C938DE177C94815FE3C8 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
04:50:22.0880 0x2f5c TrustedInstaller - ok
04:50:22.0896 0x2f5c [ 9856BCCD1CD5DE4D17E8DBBA7CEFC688, F4B532DCE6F4728092848FE7B2FC05AB921EC7B3FDD7E62AB40EE0029C008398 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
04:50:22.0896 0x2f5c TsUsbFlt - ok
04:50:22.0896 0x2f5c [ 837AD2B941E721BCCEB7EF137E2DEE18, 84BE22616A50467B1957434C8BD19C8B0FC3B21CD77FFB8E16A09347CEAE0F4E ] TsUsbGD C:\Windows\System32\drivers\TsUsbGD.sys
04:50:22.0896 0x2f5c TsUsbGD - ok
04:50:22.0896 0x2f5c [ B3142C6118703E98EB0510CF7B43D0F2, 40FDCBAA2AD93026AD479BF8C1B4EE7A4E2E65590608B6B1C5DEB3C4716E5C03 ] tunnel C:\Windows\System32\drivers\tunnel.sys
04:50:22.0896 0x2f5c tunnel - ok
04:50:22.0911 0x2f5c [ B097B77121A057AB6D70C647636978D4, 10F78A18AC898CDD0FA91D6FA29B8B45C6D8F6CE65B064C39256EB20FC6CD085 ] tzautoupdate C:\Windows\system32\tzautoupdate.dll
04:50:22.0911 0x2f5c tzautoupdate - ok
04:50:22.0911 0x2f5c [ B4C846ABD462558D45CA578C855759C3, E0F0DD39A6C101C2209CA46EF2B5A5F4559843C9EE37CC08ED78D9E124A566D2 ] UASPStor C:\Windows\System32\drivers\uaspstor.sys
04:50:22.0911 0x2f5c UASPStor - ok
04:50:22.0927 0x2f5c [ 7B2B767C4DB23F87C698C139BEBEA400, 8E58AA7C05C183EC88423FA2CB72E082D0177120DAFE798EA04C5BB91ED52D89 ] UcmCx0101 C:\Windows\system32\Drivers\UcmCx.sys
04:50:22.0927 0x2f5c UcmCx0101 - ok
04:50:22.0927 0x2f5c [ 8BB64E04CD97AD8C68543181D93E2AFC, FBA2FB9A9906721BAD42CDFFCCE0234AF3F72B83E2571E526801F19173B7C9CE ] UcmTcpciCx0101 C:\Windows\system32\Drivers\UcmTcpciCx.sys
04:50:22.0927 0x2f5c UcmTcpciCx0101 - ok
04:50:22.0927 0x2f5c [ F083A400FB9CB8ADD1783848CB1C76F0, 7E543E5F81C04AF486ACC08B94F785B9702B743C96079241925C385BF8411EB9 ] UcmUcsi C:\Windows\System32\drivers\UcmUcsi.sys
04:50:22.0942 0x2f5c UcmUcsi - ok
04:50:22.0942 0x2f5c [ 5D4EAF3D0911338CB8FDB088386D6DCA, 1AC5B494C39570E66C4D4F867C6B8E37C174FB5D67C2865B07247122F60F8895 ] Ucx01000 C:\Windows\system32\drivers\ucx01000.sys
04:50:22.0942 0x2f5c Ucx01000 - ok
04:50:22.0942 0x2f5c [ 384E1F0D84B465820416338E52FE7C2B, 8F82778332EA1199987BA569536CBED8FEAF5E9D920321B0C9DFCBDDD91EEA35 ] UdeCx C:\Windows\system32\drivers\udecx.sys
04:50:22.0942 0x2f5c UdeCx - ok
04:50:22.0958 0x2f5c [ C82BE75239D412057C9E3DB1785680C6, AE712E40440F5725DA41C95C3E558B5E9ABB17C55B70297DD40D7D1BDA7CE45D ] udfs C:\Windows\system32\DRIVERS\udfs.sys
04:50:22.0958 0x2f5c udfs - ok
04:50:22.0958 0x2f5c [ CCDF6EFF952BF3BF34DC17600F479397, 2A2009B3C4BD1A44F1C6E334CB0A7DD02443BCE1EB48837C1C70A2A04CC7C54A ] UEFI C:\Windows\System32\drivers\UEFI.sys
04:50:22.0958 0x2f5c UEFI - ok
04:50:22.0980 0x2f5c [ 00BEF71C45FD6B06E7525E7B31EFA88C, C0BDE8CB41BF9A34E395EA86756637E4CD6B88EF1C842364ECA639948D6CD59A ] Ufx01000 C:\Windows\system32\drivers\ufx01000.sys
04:50:22.0980 0x2f5c Ufx01000 - ok
04:50:22.0980 0x2f5c [ 9450AB15C30CF7D1F23C8A42E778C3A2, E62455008ED5B7220AEE62E0F459A67E26FB2878349ABA5AAF0164C2E7A8C0E9 ] UfxChipidea C:\Windows\System32\drivers\UfxChipidea.sys
04:50:22.0980 0x2f5c UfxChipidea - ok
04:50:22.0980 0x2f5c [ CEE12C7A689BDF448715024A7E0EB9C3, EC48E1469800E34A71C8A97A6F2F0B7C67385BCB8438844E6967DE0A82E39B94 ] ufxsynopsys C:\Windows\System32\drivers\ufxsynopsys.sys
04:50:22.0996 0x2f5c ufxsynopsys - ok
04:50:22.0996 0x2f5c [ 5A2F610B31CC3FD23D3E20C1D5F1EF52, D470B7C1CAE066C2DCDBA47001913FB1A7C9CC5B200FB8324DB896B641C1A132 ] UI0Detect C:\Windows\system32\UI0Detect.exe
04:50:22.0996 0x2f5c UI0Detect - ok
04:50:22.0996 0x2f5c [ F39ED750EDF5948FA8CD99D1F4EC9372, AE42AE50DE09F26D3CA4ACDCD5ECABD59D26926707030F0532A885266FE83EF9 ] umbus C:\Windows\System32\drivers\umbus.sys
04:50:22.0996 0x2f5c umbus - ok
04:50:23.0012 0x2f5c [ 55984D4E64C2F8E4223542CBCC15EDEB, ECBC832FBBA6AFCAEDEBB2728FA4A6DDCF52A6421929E72CA29B61CDBED840DF ] UmPass C:\Windows\System32\drivers\umpass.sys
04:50:23.0012 0x2f5c UmPass - ok
04:50:23.0012 0x2f5c [ FBEF4641E3E08A03CA84AF5C393CA86B, 9A14A0FB645AB6DD0B49F3A14FBF38FECC65796F2503324E93994113CC7AD52F ] UmRdpService C:\Windows\System32\umrdp.dll
04:50:23.0012 0x2f5c UmRdpService - ok
04:50:23.0027 0x2f5c [ 5B17D5E9FBF65ED93078DEB687357BAF, 00BC68F16E36681254E72D8D39006F695D38246EAB6ABC6F40E5305D5ACE26A1 ] UnistoreSvc C:\Windows\System32\unistore.dll
04:50:23.0043 0x2f5c UnistoreSvc - ok
04:50:23.0071 0x2f5c [ BBB6BDBE5ADCE6F87F70623D5A1EC5BC, E8BD5804FF82417890A9D1A44096B174E81A8C7AD3059B1F0C62740E0B39D137 ] upnphost C:\Windows\System32\upnphost.dll
04:50:23.0077 0x2f5c upnphost - ok
04:50:23.0080 0x2f5c [ 4D23214CB8B1C36B82061280EB8FDAB3, 387C01A7F9D8F89ED894EDF894AAAF8830DD7C90DF2F12A2CB4C4E9C7CB773BE ] UrsChipidea C:\Windows\System32\drivers\urschipidea.sys
04:50:23.0080 0x2f5c UrsChipidea - ok
04:50:23.0080 0x2f5c [ 4329D880DB96B504F0DDC991A7374CCD, 1486BEF2C03ED281B24A17D3C18FEA2360E37A6B46D1A67D4690CD871B0A13DA ] UrsCx01000 C:\Windows\system32\drivers\urscx01000.sys
04:50:23.0080 0x2f5c UrsCx01000 - ok
04:50:23.0080 0x2f5c [ 93FAD0AC5879F274FA248A49E3F3EA33, D936F408E23040B33F30AB3B43D8B8BB9F3CCF2549E821F4C47357987AFF386F ] UrsSynopsys C:\Windows\System32\drivers\urssynopsys.sys
04:50:23.0080 0x2f5c UrsSynopsys - ok
04:50:23.0096 0x2f5c [ 6B09AA6A04C8261E787B6523229E7159, F97BED424E988AC6272D51025FD0D3180E89BAF0FFC83DAB609774D6269B353A ] usbccgp C:\Windows\System32\drivers\usbccgp.sys
04:50:23.0096 0x2f5c usbccgp - ok
04:50:23.0096 0x2f5c [ ECE3AD18B4C22ED0C4AB1A2AD9AC32C8, 2062D400305075E886CF2C9D710A1C48B3F4AD48E7A75A77C66547357E96CB6E ] usbcir C:\Windows\System32\drivers\usbcir.sys
04:50:23.0096 0x2f5c usbcir - ok
04:50:23.0096 0x2f5c [ F8BCB536866474C6D8008F4C69B778A1, F86F4330DE2F50D48559C1ED46168ADB8F6AA7C8FE3834FFE00085C1783C5750 ] usbehci C:\Windows\System32\drivers\usbehci.sys
04:50:23.0096 0x2f5c usbehci - ok
04:50:23.0111 0x2f5c [ 1F723DA014062DBF3288B408A7611845, 0CCC9360259E6FBC510BBF69AE991A53A92516023AAC32C60A44BD3B43371C66 ] usbhub C:\Windows\System32\drivers\usbhub.sys
04:50:23.0111 0x2f5c usbhub - ok
04:50:23.0127 0x2f5c [ 0939AD44244AA9D348187015083E17DF, D48C8032333D30019BC5FD4BAF97A2AB1A80488D4881F3437C3D5341DE5294CA ] USBHUB3 C:\Windows\System32\drivers\UsbHub3.sys
04:50:23.0143 0x2f5c USBHUB3 - ok
04:50:23.0143 0x2f5c [ BE6ED98FD0D3FE5FB11762AD7CCD6C96, 54C6C929CA55EA6770474F7E230190FC7574C1FA52437B564B3B5FA4D6106D8A ] usbohci C:\Windows\System32\drivers\usbohci.sys
04:50:23.0143 0x2f5c usbohci - ok
04:50:23.0143 0x2f5c [ CEE43CD5357DB8786CE6E2C430841AE4, 50F4629AE488A12D18EFFAD486D2F95545049AB1F6A3248BA44D2132EEC9A653 ] usbprint C:\Windows\System32\drivers\usbprint.sys
04:50:23.0143 0x2f5c usbprint - ok
04:50:23.0143 0x2f5c [ 8E6AE06A1CA4055340A49D73C9E0C21B, 82DC9F8A70FB1EB1F4A7B5697C72926C352FBA2DF06F539BDCDF0AE574D67CB9 ] usbser C:\Windows\System32\drivers\usbser.sys
04:50:23.0143 0x2f5c usbser - ok
04:50:23.0158 0x2f5c [ 67E26F56CF7EACCBD9C9F75343A3D7C2, 210FA280897CCCB2458E9E683A8B4CA8A5DF9606B54F8B9CE05CA4AA6FD810AB ] USBSTOR C:\Windows\System32\drivers\USBSTOR.SYS
04:50:23.0158 0x2f5c USBSTOR - ok
04:50:23.0158 0x2f5c [ 7BA802C9F73A84B75BB22538ADA495BE, 7D97E6305168C4CA86AB9BD5B63300156DFE97032251CB83DB1D4C4DB9C28DC8 ] usbuhci C:\Windows\System32\drivers\usbuhci.sys
04:50:23.0158 0x2f5c usbuhci - ok
04:50:23.0174 0x2f5c [ 7DB399A665C703B053930A4B5FFBA0E7, 82E4A0CD17A251D1FCD75EA2548F16BE29B47A8B83F5C27D776748FE75024FD4 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
04:50:23.0177 0x2f5c usbvideo - ok
04:50:23.0180 0x2f5c [ 50E70B3A95138AA4A30B095270EE0DE6, 9B7072C36230102A089C4A6DFE1980CD9DB28E566EF02830600DEBAF3AAD31C7 ] USBXHCI C:\Windows\System32\drivers\USBXHCI.SYS
04:50:23.0180 0x2f5c USBXHCI - ok
04:50:23.0211 0x2f5c [ 3156FFFB2B3BF5375814F777D343AD9F, C4E63043EB9D9227CDD487608AF9BA25C755D85E5FF8E63C2079D68CCC79E4BB ] UserDataSvc C:\Windows\System32\userdataservice.dll
04:50:23.0227 0x2f5c UserDataSvc - ok
04:50:23.0243 0x2f5c [ C0E60CC6D48013728C7E4168D61A0B39, CA283312E9669BCC74A3B5E6332502D1CAA7148C049B94AF3996F3C7CD2676EF ] UserManager C:\Windows\System32\usermgr.dll
04:50:23.0258 0x2f5c UserManager - ok
04:50:23.0276 0x2f5c [ 65D70A530105E0576641493D6292C9EA, 1059285060E700449C6BB99DB0E5E4FF4A32215323F45C11DA7617785F073276 ] UsoSvc C:\Windows\system32\usocore.dll
04:50:23.0280 0x2f5c UsoSvc - ok
04:50:23.0280 0x2f5c [ 9936F9E94C6E3F47A158D7BFF020575A, D28F6BBCBA07AD8FC17C99D701A0C9367270C4A504BAAB7B840931BBF333D65D ] VaultSvc C:\Windows\system32\lsass.exe
04:50:23.0280 0x2f5c VaultSvc - ok
04:50:23.0280 0x2f5c [ C1EC9211C7759D2487FD30934AA3EE96, 6914BB8B44550DFE75E5A3772E93ADF8459EB621CA400BDD9B7E3185A09B6F9A ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
04:50:23.0280 0x2f5c vdrvroot - ok
04:50:23.0296 0x2f5c [ 374CD93271184F04988FDC1C25B3E855, 09727093C5F7B258867C16D41F7F9835BF549CC339288BFE01A8F34AC7E93E23 ] vds C:\Windows\System32\vds.exe
04:50:23.0312 0x2f5c vds - ok
04:50:23.0312 0x2f5c [ C83F3BC00651448DB127D497CF955089, 31B8838CEED08E7D5DD8635A805A8010798BD9B10A3775FAFDB576FBD7303D39 ] VerifierExt C:\Windows\system32\drivers\VerifierExt.sys
04:50:23.0312 0x2f5c VerifierExt - ok
04:50:23.0327 0x2f5c [ 0E12F5F6B1C813D17AFDA197C4394423, B0AFDFE0E12633C6D984DA366197BE09ED2649BAFF525FA0DE84701E5B335DB9 ] vhdmp C:\Windows\System32\drivers\vhdmp.sys
04:50:23.0343 0x2f5c vhdmp - ok
04:50:23.0343 0x2f5c [ 1AD096A5C00E522398D0092D875A8CB6, 6959FCD6DD2115CD293DBD4BCD6D1BA0AE4F7495A9BBB48F7388384EEABB38E9 ] vhf C:\Windows\System32\drivers\vhf.sys
04:50:23.0343 0x2f5c vhf - ok
04:50:23.0343 0x2f5c [ EE9A22CFD9AEDD7B52F98B0272494609, F668131BABD048857F011A471936B52EDF0F2A42CB6000ACB4E0E43F88782AAD ] vmbus C:\Windows\system32\drivers\vmbus.sys
04:50:23.0359 0x2f5c vmbus - ok
04:50:23.0359 0x2f5c [ BFBD0895926FD98A03AD6BB845B569B7, 5B7913ACD6CC132B2F36B079BC5F897C21884A7F21046B8996CC3D74C4B6DA4C ] VMBusHID C:\Windows\System32\drivers\VMBusHID.sys
04:50:23.0359 0x2f5c VMBusHID - ok
04:50:23.0359 0x2f5c [ C123C97D351C56C75FE5335AB18255EE, 67315E332E863E5C233BA113826A5DEEE08C1A0A3358E6AC21F25DC5EAC86D07 ] vmgid C:\Windows\System32\drivers\vmgid.sys
04:50:23.0359 0x2f5c vmgid - ok
04:50:23.0374 0x2f5c [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmicguestinterface C:\Windows\System32\icsvc.dll
04:50:23.0378 0x2f5c vmicguestinterface - ok
04:50:23.0380 0x2f5c [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmicheartbeat C:\Windows\System32\icsvc.dll
04:50:23.0380 0x2f5c vmicheartbeat - ok
04:50:23.0380 0x2f5c [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmickvpexchange C:\Windows\System32\icsvc.dll
04:50:23.0396 0x2f5c vmickvpexchange - ok
04:50:23.0396 0x2f5c [ F8F380ABEAFBC589FF6D2D96267C1210, 0CFA3D9E88D984BAFED8E08102BF4DC4077856C6C8C1EBD8D4C4D0D49B673F44 ] vmicrdv C:\Windows\System32\icsvcext.dll
04:50:23.0396 0x2f5c vmicrdv - ok
04:50:23.0412 0x2f5c [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmicshutdown C:\Windows\System32\icsvc.dll
04:50:23.0412 0x2f5c vmicshutdown - ok
04:50:23.0412 0x2f5c [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmictimesync C:\Windows\System32\icsvc.dll
04:50:23.0427 0x2f5c vmictimesync - ok
04:50:23.0427 0x2f5c [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmicvmsession C:\Windows\System32\icsvc.dll
04:50:23.0427 0x2f5c vmicvmsession - ok
04:50:23.0443 0x2f5c [ F8F380ABEAFBC589FF6D2D96267C1210, 0CFA3D9E88D984BAFED8E08102BF4DC4077856C6C8C1EBD8D4C4D0D49B673F44 ] vmicvss C:\Windows\System32\icsvcext.dll
04:50:23.0443 0x2f5c vmicvss - ok
04:50:23.0443 0x2f5c [ 0AB9C264F13E2A070A8CF10EDD099ED2, 2E7EB4EE8DCBBCA497CC0E7F4BE057627E9702B6FAF56A7DBCA1325236C880EC ] volmgr C:\Windows\system32\drivers\volmgr.sys
04:50:23.0443 0x2f5c volmgr - ok
04:50:23.0459 0x2f5c [ 6EE608257C1137A25B402EF8FC77E83A, 3AE684EBA32563468AD917155C93220F938460A699FBFC3DB8436F83C0C54209 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
04:50:23.0459 0x2f5c volmgrx - ok
04:50:23.0476 0x2f5c [ E3429DBBEA3965BB96E24B16EF4A2551, 0CEE2DEF75C6761DA67AFD3BBF8DEEB1331796719EB84D658B3E517DEC824B49 ] volsnap C:\Windows\system32\drivers\volsnap.sys
04:50:23.0481 0x2f5c volsnap - ok
04:50:23.0481 0x2f5c [ 86E790B503C771E674C7DF8FFCBFEFDB, 634B27C4FA363A2165D3D6929D3B22F41EE06198C579A70D446A48830924467B ] volume C:\Windows\system32\drivers\volume.sys
04:50:23.0481 0x2f5c volume - ok
04:50:23.0481 0x2f5c [ B25589A0892E6DF8CC07E5CB48BFC954, DA29974426EFD4472A3828FA0EF31AD3860AA8068AB66B5F4BE6A412BC3E73E9 ] vpci C:\Windows\System32\drivers\vpci.sys
04:50:23.0481 0x2f5c vpci - ok
04:50:23.0481 0x2f5c [ AA4466A47D2CA7ECE3DCF5256017DCC3, 83414BFBD3DF1CB7417F0F55709E8180D97FA20A74581C34EAAFF667FBEBFD93 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
04:50:23.0496 0x2f5c vsmraid - ok
04:50:23.0512 0x2f5c [ 0BB73BF6FDDD19DE3DE9377EA95E4C64, 74B6E612F9E009A5E43B603BCAD854F3711F6C8A7ED0328B1E3A9B2D4C9EA342 ] VSS C:\Windows\system32\vssvc.exe
04:50:23.0528 0x2f5c VSS - ok
04:50:23.0543 0x2f5c [ 98BB6C9AD39D8F2E883093F28282FAEC, 63F4036A1DB23C20AAEEC1CA8ABDE9B46FA09A55EA4E5DB0C0B5D6D58ABAD62F ] VSTXRAID C:\Windows\system32\drivers\vstxraid.sys
04:50:23.0543 0x2f5c VSTXRAID - ok
04:50:23.0543 0x2f5c [ B47026E109828102266CBE2F5F9AD113, 28C76B34C48BACEA267A208CC758BB55539323B16300E869AE71B6A99A849AB5 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
04:50:23.0543 0x2f5c vwifibus - ok
04:50:23.0559 0x2f5c [ 799ECD541A9B2764B36A22A095885365, E255E74682927D662294AA3F88FDA211EEE603466EB264E8941C3BACC6A0E530 ] vwififlt C:\Windows\system32\drivers\vwififlt.sys
04:50:23.0559 0x2f5c vwififlt - ok
04:50:23.0559 0x2f5c [ 82CA088A33517D1C8571D6850CC13D7E, 0401A08EAF36DB393B74FE8693C60F62EDE10BBC9300C76812C7D01B6AE9A051 ] vwifimp C:\Windows\System32\drivers\vwifimp.sys
04:50:23.0559 0x2f5c vwifimp - ok
04:50:23.0577 0x2f5c [ E75460AC4E936BFC0703021DB0BB17B8, D9985C3206B503659FD2F4EE7FD0B9AF8CB2DE821BFD68B13C9E3BD9CE5AEF6B ] W32Time C:\Windows\system32\w32time.dll
04:50:23.0581 0x2f5c W32Time - ok
04:50:23.0581 0x2f5c [ F0F477541F7AF67CC05DA1CF4921A500, F7DD2F49B61C484596DE3893683B1172A138386BD71F54BFCF37A31005C7368F ] WacomPen C:\Windows\System32\drivers\wacompen.sys
04:50:23.0581 0x2f5c WacomPen - ok
04:50:23.0597 0x2f5c [ A0957CBC1C054A87EE7A65A994102A96, CB6339F3F67D0E33C26E6756F88869574B84426B20C907E094F83B9DC5E36A3E ] WalletService C:\Windows\system32\WalletService.dll
04:50:23.0597 0x2f5c WalletService - ok
04:50:23.0597 0x2f5c [ FDD16EF9177A8A2EF08A7FA3D3EFAA13, 148F34CBEEF0CE87103C76294AE5BE318F990A5FE7A5EDE6F47D85361248582B ] wanarp C:\Windows\system32\DRIVERS\wanarp.sys
04:50:23.0597 0x2f5c wanarp - ok
04:50:23.0597 0x2f5c [ FDD16EF9177A8A2EF08A7FA3D3EFAA13, 148F34CBEEF0CE87103C76294AE5BE318F990A5FE7A5EDE6F47D85361248582B ] wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
04:50:23.0612 0x2f5c wanarpv6 - ok
04:50:23.0628 0x2f5c [ 7EA1722D9F229B404D9636E96735DA7D, C487A881952DE3F5427AFA7AD9EAAE0D21423A29842F1D86D417474595B0DC9B ] WavesSysSvc C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
04:50:23.0628 0x2f5c WavesSysSvc - ok
04:50:23.0659 0x2f5c [ EA0524A2A01792796EC80AE2FE08307A, 68CC0F3451C6797222411C276376C7741C96C45E628DD77FB1FB17C10DC0EA8A ] wbengine C:\Windows\system32\wbengine.exe
04:50:23.0681 0x2f5c wbengine - ok
04:50:23.0697 0x2f5c [ 39A0B8DD517E3CBF0A6EED5A12BB182F, A25E7D3DC4DF9D0439627CFA0C4AD2292FDF29F4EFC832AEA5A2F774766F76D7 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
04:50:23.0697 0x2f5c WbioSrvc - ok
04:50:23.0713 0x2f5c [ 923200B78F5284D674A3712204D0FEFA, 4B00785D2E9D12052C2C8E80C568606E0148AA230285D4018A0A603E16224CEE ] wcifs C:\Windows\system32\drivers\wcifs.sys
04:50:23.0713 0x2f5c wcifs - ok
04:50:23.0728 0x2f5c [ 4CC7119E1527B0A34C50870002E6B7AC, 2C93CF62E01A208453A291A74E0392BA1CA1407CD76E506D7DD638386FE1DE99 ] Wcmsvc C:\Windows\System32\wcmsvc.dll
04:50:23.0728 0x2f5c Wcmsvc - ok
04:50:23.0744 0x2f5c [ 2C396871F724DDF871A2EF4CADE5151D, 8CAD8A393F0CC447432E1BED21A691E25356F7DBC06E3887138A6F86CB1D656D ] wcncsvc C:\Windows\System32\wcncsvc.dll
04:50:23.0759 0x2f5c wcncsvc - ok
04:50:23.0759 0x2f5c [ 1737BEF60CA384423CE4B32AF1C2BFFC, D61353D3B2EAEDFDCBB5DB3AD27E76396CC7755AFF01233307EAA1967493DE63 ] wcnfs C:\Windows\system32\drivers\wcnfs.sys
04:50:23.0759 0x2f5c wcnfs - ok
04:50:23.0759 0x2f5c [ 38130C1C5FE0E08820EE57E1B087B659, 3705AA4699D4C402C0BBC5BC4E1EE67CB4A4B9C27702E88952A76891C3A3F496 ] WdBoot C:\Windows\system32\drivers\WdBoot.sys
04:50:23.0759 0x2f5c WdBoot - ok
04:50:23.0759 0x2f5c [ A556768CC1FA4F36022BEE2F0EDE2566, 3A4BC9DE614F43CD94FA354A565C66B2E1E36C0608D84C6288010B97B9D811AA ] WDC_SAM C:\Windows\System32\drivers\wdcsam64.sys
04:50:23.0759 0x2f5c WDC_SAM - ok
04:50:23.0782 0x2f5c [ 0C6CBF3490EE5F0D62B5820568CA30B8, 97EDEC84DA72A900D7740B8763DDDAB600628F3F1E1DDE1212383C2E60FDC77C ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
04:50:23.0797 0x2f5c Wdf01000 - ok
04:50:23.0797 0x2f5c [ F7B6CB0F9ECD28848E2BDACEAB0D9204, B64D91A36600AEBE656F0514AF8653C294DE88054FE6DBB7B1A6D0A23D2A5131 ] WdFilter C:\Windows\system32\drivers\WdFilter.sys
04:50:23.0797 0x2f5c WdFilter - ok
04:50:23.0813 0x2f5c [ 501CB5E6999B7336BE5D0D401013D251, D4581E4FD8BE65D611E763AE88D2982A785036B2A93F2A00D3A3A395AB2AD5B3 ] WdiServiceHost C:\Windows\system32\wdi.dll
04:50:23.0813 0x2f5c WdiServiceHost - ok
04:50:23.0813 0x2f5c [ 501CB5E6999B7336BE5D0D401013D251, D4581E4FD8BE65D611E763AE88D2982A785036B2A93F2A00D3A3A395AB2AD5B3 ] WdiSystemHost C:\Windows\system32\wdi.dll
04:50:23.0813 0x2f5c WdiSystemHost - ok
04:50:23.0828 0x2f5c [ BF45B43BA47D0FA769CE5AFBF7104F01, CBEEC0E915162BEBFCD2CA9EF72C02E82AFAB2A016F1750A7982975A94599CF6 ] wdiwifi C:\Windows\system32\DRIVERS\wdiwifi.sys
04:50:23.0844 0x2f5c wdiwifi - ok
04:50:23.0844 0x2f5c [ 82A4F22C884B4BAE8B531640859F9871, 1C662557F671FA680E7CC2FC565B198470E421778BD03749CD05B2928568C430 ] WdNisDrv C:\Windows\system32\Drivers\WdNisDrv.sys
04:50:23.0844 0x2f5c WdNisDrv - ok
04:50:23.0844 0x2f5c WdNisSvc - ok
04:50:23.0860 0x2f5c [ 9066FE8EAB91E15437CB3C43757F2A65, 1F8B3D8C90C7862CCAB91D170F49E7F1D58FABAFA1C8DDDE1796404D1DD98707 ] WebClient C:\Windows\System32\webclnt.dll
04:50:23.0860 0x2f5c WebClient - ok
04:50:23.0860 0x2f5c [ F322B8E6C5614E7975C8BF34B7A6710E, 299816001856E8C91BFBB9C48D87B7ACBD5A39F6A65147F5AE6EDB3065A893E9 ] Wecsvc C:\Windows\system32\wecsvc.dll
04:50:23.0876 0x2f5c Wecsvc - ok
04:50:23.0881 0x2f5c [ 04CA184EB5743DE5A2CCEEF2DB2DA8B3, E16921496F57B78A152A103F8D58601C9687360048A6CB51E76A96E3B64CC0FA ] WEPHOSTSVC C:\Windows\system32\wephostsvc.dll
04:50:23.0882 0x2f5c WEPHOSTSVC - ok
04:50:23.0882 0x2f5c [ A92AE9A042298E00BCC9BE877654DCA6, ACB2BE9F96CEF870043CFE69B98625779842518DB4F079F1E5C17E135A2EFAE3 ] wercplsupport C:\Windows\System32\wercplsupport.dll
04:50:23.0882 0x2f5c wercplsupport - ok
04:50:23.0898 0x2f5c [ EB3E11EC54371D840C9861EEFDAE1832, 568E3C63BE9A721001704967F57359A9243F50B620B77EC09BA4AB7F6AE324B0 ] WerSvc C:\Windows\System32\WerSvc.dll
04:50:23.0898 0x2f5c WerSvc - ok
04:50:23.0898 0x2f5c [ 4D64719B4819CA22A046EC32809BBD98, 0ABD6C7D039E57F5637E843388FA8D52072237061EB75C7CDEBC9E13A6C8F06E ] WFDSConMgrSvc C:\Windows\System32\wfdsconmgrsvc.dll
04:50:23.0913 0x2f5c WFDSConMgrSvc - ok
04:50:23.0913 0x2f5c [ 3C8F0ABD00E197101DCF43FEF8FB0D76, AF5C68B85EE1503ACD4AEA1D997F816C34293A77791D59A605DC18450B4906DE ] WFPLWFS C:\Windows\system32\drivers\wfplwfs.sys
04:50:23.0929 0x2f5c WFPLWFS - ok
04:50:23.0929 0x2f5c [ 2DEB40D6837956CE08A8F9EB3ECA5A01, B40D23E54CDF6BE05D6C5DA536BF6D998E79EDE9C391A42452F9F69EE206EA1E ] WiaRpc C:\Windows\System32\wiarpc.dll
04:50:23.0929 0x2f5c WiaRpc - ok
04:50:23.0929 0x2f5c [ 75014BF6510D4C6C69EEE5B7743A52AF, 11AEEF4D52C35E5A7006713836ECF1198A53CD02736E792B1C698144CA1363F0 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
04:50:23.0929 0x2f5c WIMMount - ok
04:50:23.0929 0x2f5c WinDefend - ok
04:50:23.0944 0x2f5c [ C8EBCFED8FD2CDF725E44AF93016621E, A0B76E55CC535A0F1D79C3C0EC59753086EAB669EC7ADA4F97656DCAD2A69448 ] WindowsTrustedRT C:\Windows\system32\drivers\WindowsTrustedRT.sys
04:50:23.0944 0x2f5c WindowsTrustedRT - ok
04:50:23.0944 0x2f5c [ D318557F9D7CA3836104F0B8ECB1F32E, 6850BBFB4F65167B052F3CA22FD72E9188A14FD2A9CC085861B4BC40CBA34249 ] WindowsTrustedRTProxy C:\Windows\system32\drivers\WindowsTrustedRTProxy.sys
04:50:23.0944 0x2f5c WindowsTrustedRTProxy - ok
04:50:23.0960 0x2f5c [ F99F66FD660B1CD01EE410F6B4BB3C25, 4B6993791DF31DBB84722BD0BA01AF7952375D2E01F7B8D92AAB53C50AFB59A8 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
04:50:23.0982 0x2f5c WinHttpAutoProxySvc - ok
04:50:23.0982 0x2f5c [ 31DDF1D001336B2DCE7DF24E99EF1D04, A1FCABF4A263BFAE042FE7A9F6C15FD9B3D8E985278C32AE8975ECE79B341277 ] WinMad C:\Windows\System32\drivers\winmad.sys
04:50:23.0982 0x2f5c WinMad - ok
04:50:23.0998 0x2f5c [ 9A26F7834706A6D8C8824EB08FD7C362, 750F6A0759D70BE481C70FE4BB21D18E756A8F0C23A014C2CE1E7729A1E625FE ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
04:50:23.0998 0x2f5c Winmgmt - ok
04:50:23.0998 0x2f5c [ 2E1A614EFB0523E20860AE7978DDA0A4, E13564690F9977747CA676D3843B467506447F060A5FF6676835A9C7A30BA409 ] WinNat C:\Windows\system32\drivers\winnat.sys
04:50:23.0998 0x2f5c WinNat - ok
04:50:24.0045 0x2f5c [ 27DAA9AA3E03C1068678D5659461BB32, AFDED6D671C430F296C9EAA73590111D6A8A9FA93DFE0595B90467FFE28EFB35 ] WinRM C:\Windows\system32\WsmSvc.dll
04:50:24.0082 0x2f5c WinRM - ok
04:50:24.0098 0x2f5c [ 03858B18BB6DF6A400D9FC5153FD28A8, C7AD69B022AEFDDDAFB74CCCDF20AF9CCDBA0097634BBBD07A2EFBA5922560C1 ] WINUSB C:\Windows\System32\drivers\WinUSB.SYS
04:50:24.0098 0x2f5c WINUSB - ok
04:50:24.0098 0x2f5c [ 0BF4A43CF1F3A4D50AFA4561C3B4628D, 2D0B4E7004C8AC8A9EE07E6D5241BF32395CA142BF3B03FA9CF00BC6720A6AC7 ] WinVerbs C:\Windows\System32\drivers\winverbs.sys
04:50:24.0098 0x2f5c WinVerbs - ok
04:50:24.0114 0x2f5c [ 2E15586B76465941D1DEE75625B9484E, 609E6BEAFF340A403F50A20D1609D3A8A2C990234064DD154A08C737DE3E0907 ] wisvc C:\Windows\system32\flightsettings.dll
04:50:24.0114 0x2f5c wisvc - ok
04:50:24.0161 0x2f5c [ E624376E7E7D9AC203113140D9E618A2, 3553D343665194492E38B8C437DE429CEAC135D69EC0CB951BA3E3A7549F673E ] WlanSvc C:\Windows\System32\wlansvc.dll
04:50:24.0183 0x2f5c WlanSvc - ok
04:50:24.0230 0x2f5c [ FFC5E4855C3EA1F3E65F0DC93A48D0EF, 82FADBDD8061764282FD31339B47B61CC0FB112ABE400C721535A66A39D0CD37 ] wlidsvc C:\Windows\system32\wlidsvc.dll
04:50:24.0245 0x2f5c wlidsvc - ok
04:50:24.0282 0x2f5c [ 24A624FC6DED20C3B7980BD71D6540D7, A1564B903E2B54106E6665B212E4F8E1A90B2B6CB966F5E965BA5602A801B7D3 ] wlpasvc C:\Windows\System32\lpasvc.dll
04:50:24.0298 0x2f5c wlpasvc - ok
04:50:24.0298 0x2f5c [ 0D6E1347A891607759340B1E55BA2A77, 033DF14920A581FE7E21C6930280AE159B5634F2FEAF79423E8D0B7D46500048 ] WmiAcpi C:\Windows\System32\drivers\wmiacpi.sys
04:50:24.0298 0x2f5c WmiAcpi - ok
04:50:24.0298 0x2f5c [ F7B122E8A238354DE344B77216E8D9AC, 3C4F864655CFF786B33333E643AA929B2D2B01ECD56EEEEADE7CEAB38249DA3B ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
04:50:24.0298 0x2f5c wmiApSrv - ok
04:50:24.0314 0x2f5c WMPNetworkSvc - ok
04:50:24.0314 0x2f5c [ 1AE1076034392218EE89D2744EC2A071, 695C28E2697B12BBD919687176CE082E94887A5D8B6229F163A26F6EDF401C4C ] Wof C:\Windows\system32\drivers\Wof.sys
04:50:24.0314 0x2f5c Wof - ok
04:50:24.0345 0x2f5c [ 5D9A8A2BB555B743334A096C5B1774E2, 660136C1E8D6CA1F7BD1AE0EC4E28B65527BFE69339589A8E3017EFE2BBDC41C ] workfolderssvc C:\Windows\system32\workfolderssvc.dll
04:50:24.0378 0x2f5c workfolderssvc - ok
04:50:24.0383 0x2f5c [ 2AD9CC8445F0E1A8900A9DE123643CD2, A5928B26722DFBB201A32DEF48B25D4BF291815EA68CF50CBE79EEA9260A71E3 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
04:50:24.0383 0x2f5c WPDBusEnum - ok
04:50:24.0383 0x2f5c [ 1FD80CBB192A20375F3664639DEB57B5, 7A4789D4B2F8E289726E1C723DC00D5AC1F8C5E00FB2879C9D0E6DDC97D2B1A6 ] WpdUpFltr C:\Windows\system32\drivers\WpdUpFltr.sys
04:50:24.0383 0x2f5c WpdUpFltr - ok
04:50:24.0399 0x2f5c [ 3369EF007E43B88EAC8F1789B43D4393, 347F9F7DF980BB739895EDFE72E2E595EF56634330DC63DAA36403AB232B5B5A ] WpnService C:\Windows\system32\WpnService.dll
04:50:24.0399 0x2f5c WpnService - ok
04:50:24.0399 0x2f5c [ 41403B9466EDA80FACD7713478A56DF8, A71BF9C7A2483FE1F660AC9688FCB38BA2310F16A69EB117C948458364953F34 ] WpnUserService C:\Windows\System32\WpnUserService.dll
04:50:24.0399 0x2f5c WpnUserService - ok
04:50:24.0414 0x2f5c [ DAF4451760B46CB383D287C4FAFFE97D, 658AFE31EF50E934FEDD2E7048257DBFE9E6DE5F1ACDC658B21737391CF1CC5A ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
04:50:24.0414 0x2f5c ws2ifsl - ok
04:50:24.0414 0x2f5c [ D4A0661AB0FE542460CA76BFB4FAA2D6, 149F0A0720C47BFFCA68165A46382E5CBB273F48483DBB598CEA320801664718 ] wscsvc C:\Windows\System32\wscsvc.dll
04:50:24.0414 0x2f5c wscsvc - ok
04:50:24.0430 0x2f5c WSearch - ok
04:50:24.0461 0x2f5c [ B5CE28EA62B4DB7884FE3295A444C086, 125B63841B31526612A538364EB022461151E23C6091B590F8D254D489996B4B ] wuauserv C:\Windows\system32\wuaueng.dll
04:50:24.0499 0x2f5c wuauserv - ok
04:50:24.0499 0x2f5c [ 455609BF60DA3B57EEAB863DEFCCF14D, F55271C42B7AFD17D01275703719C1F52C21996DB82AC78A70A8A8B62370623B ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
04:50:24.0499 0x2f5c WudfPf - ok
04:50:24.0499 0x2f5c [ 5068DAA8F67A62E964C9C9F88B159EA9, 09FCB7A817280957D1AD365EF8B46F666C70957238BF9FBC87D51115E1B0FCB0 ] WUDFRd C:\Windows\System32\drivers\WUDFRd.sys
04:50:24.0514 0x2f5c WUDFRd - ok
04:50:24.0514 0x2f5c [ 9EFE23CA208BF4B613FF4A6028DFAB10, 483D8D8DA578BF3EA5617EAB42457543EC6F97C1977BDD8ABFDF854AE3AAFD35 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
04:50:24.0514 0x2f5c wudfsvc - ok
04:50:24.0530 0x2f5c [ 5068DAA8F67A62E964C9C9F88B159EA9, 09FCB7A817280957D1AD365EF8B46F666C70957238BF9FBC87D51115E1B0FCB0 ] WUDFWpdFs C:\Windows\System32\drivers\WUDFRd.sys
04:50:24.0530 0x2f5c WUDFWpdFs - ok
04:50:24.0546 0x2f5c [ 45F6E61F95C41A0D5800875866EDA2D1, 59BFB3AFB029F245A6B4D3768EC9698A4038368B4B274CDA30E7F374A6128484 ] WwanSvc C:\Windows\System32\wwansvc.dll
04:50:24.0561 0x2f5c WwanSvc - ok
04:50:24.0583 0x2f5c [ FC0147AB34C7CDB2D8A1B29C207F2CD1, 737D40A4BE35AD13C091D8E320FAD3FD7C0C7E41C8B50E48D3C2151712A55718 ] xbgm C:\Windows\System32\xbgmsvc.dll
04:50:24.0583 0x2f5c xbgm - ok
04:50:24.0599 0x2f5c [ 7FE60B52DD841ED374285B7ED9210222, 0F7743A5A9289E47EE07477313083CE07B46F1C9C5CF83130303A7BAB2F3842B ] XblAuthManager C:\Windows\System32\XblAuthManager.dll
04:50:24.0615 0x2f5c XblAuthManager - ok
04:50:24.0630 0x2f5c [ A8BD191F46CC58E45637CB3E262CF0F2, CA65524427ECDB5E1138A5F8E885566064E507BA60FC31E0D9D17B9556CC9ADC ] XblGameSave C:\Windows\System32\XblGameSave.dll
04:50:24.0646 0x2f5c XblGameSave - ok
04:50:24.0646 0x2f5c [ B10655A4C2EFDC25483D670EF52A4854, 2D9DC81AE73FDFE7F4E395BEC8E806E6BAD8DE0470027EEEC256AC4A4B7C7AA4 ] xboxgip C:\Windows\System32\drivers\xboxgip.sys
04:50:24.0662 0x2f5c xboxgip - ok
04:50:24.0662 0x2f5c [ E099DED5C602AE4A7ECCF7CD4B1D2E33, 7FDAFFE13B87A8E6AA8721F8905FFF6EF04CAB93009F68EDA862B57EBB04514F ] XboxGipSvc C:\Windows\System32\XboxGipSvc.dll
04:50:24.0662 0x2f5c XboxGipSvc - ok
04:50:24.0684 0x2f5c [ EF83C2EF7F152DFDC6D9F1AEC6FBE66F, 21D4FCD12F9D40D066F05936131A4F7BAB301DD800C85921476EC182B9D27D0B ] XboxNetApiSvc C:\Windows\system32\XboxNetApiSvc.dll
04:50:24.0699 0x2f5c XboxNetApiSvc - ok
04:50:24.0699 0x2f5c [ 2E50A379A8E4F6C5D85E87C26C08D329, ADA0C344FE58A3772FFF7417268160E488741C5B2F08CA12ED587AB7F75756F6 ] xinputhid C:\Windows\System32\drivers\xinputhid.sys
04:50:24.0699 0x2f5c xinputhid - ok
04:50:24.0699 0x2f5c ================ Scan global ===============================
04:50:24.0699 0x2f5c [ EEA8447A2E39A39F66C74BA66C421F92, 7FFC5294E0D0438E7450ED36947AB04D0C84DF4E1C9F2D49340D3BA586FFFAB2 ] C:\Windows\system32\basesrv.dll
04:50:24.0715 0x2f5c [ 0F873CD0851C8FCD195DAD6D560E9F1F, AE19561187908D2BD6B97B0F94920837CC1F2F6158F6F3AD81DDFDF2648724D1 ] C:\Windows\system32\winsrv.dll
04:50:24.0715 0x2f5c [ 7DD72CBE412C9567661F4B1CE9631FC1, 8D914805CBDAF448C8C132C4C3FEB1D90804F4F485180F7364A75EC5655A4DDB ] C:\Windows\system32\sxssrv.dll
04:50:24.0731 0x2f5c [ C81F9707DEA008EED4071B5A39B7C76E, 47FFEF27A479ED6B325B22296B6853D7E57B53E8E712824F3881E510D5C93667 ] C:\Windows\system32\services.exe
04:50:24.0731 0x2f5c [ Global ] - ok
04:50:24.0731 0x2f5c ================ Scan MBR ==================================
04:50:24.0731 0x2f5c [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
04:50:24.0746 0x2f5c \Device\Harddisk0\DR0 - ok
04:50:24.0746 0x2f5c ================ Scan VBR ==================================
04:50:24.0746 0x2f5c [ 06C8315FB5819351ECC3123EA398E503 ] \Device\Harddisk0\DR0\Partition1
04:50:24.0746 0x2f5c \Device\Harddisk0\DR0\Partition1 - ok
04:50:24.0746 0x2f5c [ 2D524F05766D084E9BC1747B63390F77 ] \Device\Harddisk0\DR0\Partition2
04:50:24.0746 0x2f5c \Device\Harddisk0\DR0\Partition2 - ok
04:50:24.0746 0x2f5c [ CEBA1BA859042809D68C7E7CB1CE39EF ] \Device\Harddisk0\DR0\Partition3
04:50:24.0746 0x2f5c \Device\Harddisk0\DR0\Partition3 - ok
04:50:24.0746 0x2f5c [ BF9E784390A2B9784D58427A9B3D33D2 ] \Device\Harddisk0\DR0\Partition4
04:50:24.0746 0x2f5c \Device\Harddisk0\DR0\Partition4 - ok
04:50:24.0762 0x2f5c [ D278797F8D516B6336F7E80D2BF16916 ] \Device\Harddisk0\DR0\Partition5
04:50:24.0762 0x2f5c \Device\Harddisk0\DR0\Partition5 - ok
04:50:24.0762 0x2f5c [ 8E6D0984744120CDD94C71CB9498F352 ] \Device\Harddisk0\DR0\Partition6
04:50:24.0762 0x2f5c \Device\Harddisk0\DR0\Partition6 - ok
04:50:24.0762 0x2f5c ================ Scan generic autorun ======================
04:50:24.0762 0x2f5c SecurityHealth - ok
04:50:24.0900 0x2f5c [ 98F87A666833EF0EE85C118770AD4598, 492EFE7A8CDFD38980E3E92752F71CA1FF19C63759E0813653FD65FF5F0935E9 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
04:50:25.0003 0x2f5c RTHDVCPL - ok
04:50:25.0025 0x2f5c [ 101FF97F121F088D41ABA4F28AEAA6B0, 88F2F2A9DF66AFC0D7B4BBFC8D8925BEDDA23F7840E5A9E5E4143B82A2EF8365 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
04:50:25.0040 0x2f5c RtHDVBg_PushButton - ok
04:50:25.0040 0x2f5c [ 84171243E652C4E1A3B282084E35B072, C3E29A1093F438759753536D2C1833472BAD142AF8205159A1B090168C1BA712 ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
04:50:25.0040 0x2f5c IAStorIcon - ok
04:50:25.0061 0x2f5c [ 48515EEA1608ECD83FE26C7490460F59, C7C552D13ED12B4165FDE45F69E170D4F18B746D84B3B08E7254AAF8D9671D0C ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
04:50:25.0061 0x2f5c AdobeAAMUpdater-1.0 - ok
04:50:25.0061 0x2f5c [ ECB702B8C5650381C0784F1EEABB97BC, 9CC4DDAD2E9AE05A8C5762BA88A13C2B1EE4E25AE98EF01DD041FE35D611DA87 ] C:\Windows\system32\rundll32.exe
04:50:25.0061 0x2f5c ShadowPlay - ok
04:50:25.0077 0x2f5c [ 0B8E281BEA5CF5B8BDBB7B2F377B09D4, 1CCACC6E04DA224EBF218520916B34CED75162F482B592FB4B3653AB9EA1B94B ] C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
04:50:25.0093 0x2f5c WavesSvc - ok
04:50:25.0093 0x2f5c Adobe Creative Cloud - ok
04:50:25.0429 0x2f5c [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
04:50:25.0683 0x2f5c OneDriveSetup - ok
04:50:25.0998 0x2f5c [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
04:50:26.0231 0x2f5c OneDriveSetup - ok
04:50:26.0274 0x2f5c [ EE2826CAAF139688445D93C7C6613EE3, A343D94D748F8A2C06EA45566ECCCE1FCDC7660E0A2DBFF92E9741904FE0D559 ] C:\Users\numer\AppData\Local\Microsoft\OneDrive\OneDrive.exe
04:50:26.0293 0x2f5c OneDrive - ok
04:50:26.0296 0x2f5c Waiting for KSN requests completion. In queue: 268
04:50:27.0308 0x2f5c AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.11.15063.332 ), 0x60100 ( disabled : updated )
04:50:27.0308 0x2f5c AV detected via SS2: Malwarebytes, C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe ( 3.0.0.143 ), 0x61000 ( enabled : updated )
04:50:27.0308 0x2f5c AV detected via SS2: McAfee VirusScan, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 16.3.0.0 ), 0x51000 ( enabled : updated )
04:50:27.0308 0x2f5c FW detected via SS2: McAfee Firewall, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 16.3.0.0 ), 0x51010 ( enabled )
04:50:27.0625 0x2f5c ============================================================
04:50:27.0625 0x2f5c Scan finished
04:50:27.0625 0x2f5c ============================================================
04:50:27.0625 0x3008 Detected object count: 0
04:50:27.0625 0x3008 Actual detected object count: 0

ANTIROOKIT

Malwarebytes Anti-Rootkit BETA 1.09.3.1001

(c) Malwarebytes Corporation 2011-2012

OS version: 10.0.9200 Windows 10 x64

Account is Administrative

Internet Explorer version: 11.608.15063.0

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 2.808000 GHz
Memory total: 17024622592, free: 12993241088

Downloaded database version: v2017.09.26.09
Downloaded database version: v2017.09.13.01
Downloaded database version: v2017.09.01.01
Initializing...
======================
------------ Kernel report ------------
09/27/2017 04:55:24
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kd.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\System32\drivers\msrpc.sys
\SystemRoot\System32\drivers\ksecdd.sys
\SystemRoot\System32\drivers\werkernel.sys
\SystemRoot\System32\drivers\CLFS.SYS
\SystemRoot\System32\drivers\tm.sys
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\System32\drivers\FLTMGR.SYS
\SystemRoot\System32\drivers\clipsp.sys
\SystemRoot\System32\drivers\cmimcext.sys
\SystemRoot\System32\drivers\ntosext.sys
\SystemRoot\system32\CI.dll
\SystemRoot\System32\drivers\cng.sys
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\SleepStudyHelper.sys
\SystemRoot\System32\Drivers\acpiex.sys
\SystemRoot\System32\Drivers\WppRecorder.sys
\SystemRoot\System32\drivers\ACPI.sys
\SystemRoot\System32\drivers\WMILIB.SYS
\SystemRoot\System32\drivers\msisadrv.sys
\SystemRoot\System32\drivers\pci.sys
\SystemRoot\System32\drivers\tpm.sys
\SystemRoot\System32\drivers\intelpep.sys
\SystemRoot\system32\drivers\WindowsTrustedRT.sys
\SystemRoot\System32\drivers\WindowsTrustedRTProxy.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\drivers\vdrvroot.sys
\SystemRoot\system32\drivers\pdc.sys
\SystemRoot\system32\drivers\CEA.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\System32\drivers\spaceport.sys
\SystemRoot\System32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\System32\drivers\iaStorA.sys
\SystemRoot\System32\drivers\storport.sys
\SystemRoot\System32\drivers\EhStorClass.sys
\SystemRoot\System32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Wof.sys
\SystemRoot\system32\drivers\mfehidk.sys
\SystemRoot\System32\Drivers\NTFS.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\System32\drivers\wfplwfs.sys
\SystemRoot\system32\drivers\mfewfpk.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\System32\drivers\volume.sys
\SystemRoot\System32\drivers\volsnap.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\system32\drivers\iorate.sys
\SystemRoot\System32\drivers\disk.sys
\SystemRoot\System32\drivers\CLASSPNP.SYS
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\drivers\cdrom.sys
\SystemRoot\system32\drivers\filecrypt.sys
\SystemRoot\system32\drivers\tbs.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\BasicDisplay.sys
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\vmbkmclr.sys
\SystemRoot\System32\drivers\BasicRender.sys
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\bwcW10x64.sys
\SystemRoot\System32\drivers\vwififlt.sys
\SystemRoot\System32\drivers\pacer.sys
\SystemRoot\system32\drivers\netbios.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\System32\drivers\npsvctrig.sys
\SystemRoot\System32\drivers\mssmbios.sys
\SystemRoot\System32\drivers\gpuenergydrv.sys
\??\C:\Windows\system32\drivers\mbae64.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\ahcache.sys
\SystemRoot\System32\DriverStore\FileRepository\compositebus.inf_amd64_de4c68ea4fb1be53\CompositeBus.sys
\SystemRoot\System32\drivers\kdnic.sys
\SystemRoot\System32\drivers\umbus.sys
\SystemRoot\System32\drivers\CAD.sys
\SystemRoot\System32\DriverStore\FileRepository\nvdm.inf_amd64_dc26d32481ff4137\nvlddmkm.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\System32\DriverStore\FileRepository\ki122581.inf_amd64_39d9112bbe77f060\igdkmd64.sys
\SystemRoot\System32\drivers\dptf_cpu.sys
\SystemRoot\System32\drivers\USBXHCI.SYS
\SystemRoot\system32\drivers\ucx01000.sys
\SystemRoot\System32\drivers\iaLPSS2_I2C.sys
\SystemRoot\system32\drivers\SpbCx.sys
\SystemRoot\System32\drivers\TeeDriverW8x64.sys
\SystemRoot\System32\drivers\Qcamain10x64.sys
\SystemRoot\system32\DRIVERS\wdiwifi.sys
\SystemRoot\System32\drivers\vwifibus.sys
\SystemRoot\System32\drivers\dptf_acpi.sys
\SystemRoot\System32\drivers\i8042prt.sys
\SystemRoot\System32\drivers\kbdclass.sys
\SystemRoot\System32\drivers\mouclass.sys
\SystemRoot\System32\drivers\IntcAudioBus.sys
\SystemRoot\System32\drivers\portcls.sys
\SystemRoot\System32\drivers\drmk.sys
\SystemRoot\System32\drivers\ks.sys
\SystemRoot\System32\drivers\wmiacpi.sys
\SystemRoot\System32\drivers\intelppm.sys
\SystemRoot\System32\drivers\acpipagr.sys
\SystemRoot\System32\drivers\CmBatt.sys
\SystemRoot\System32\drivers\BATTC.SYS
\SystemRoot\System32\drivers\HidEventFilter.sys
\SystemRoot\System32\drivers\mshidkmdf.sys
\SystemRoot\System32\drivers\HIDCLASS.SYS
\SystemRoot\System32\drivers\HIDPARSE.SYS
\SystemRoot\System32\drivers\UEFI.sys
\SystemRoot\system32\drivers\nvvad64v.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\System32\drivers\nvvhci.sys
\SystemRoot\System32\drivers\NdisVirtualBus.sys
\SystemRoot\System32\drivers\swenum.sys
\SystemRoot\system32\drivers\DDDriver64Dcsa.sys
\SystemRoot\system32\drivers\DellProf.sys
\SystemRoot\System32\drivers\rdpbus.sys
\SystemRoot\System32\drivers\buttonconverter.sys
\SystemRoot\System32\drivers\UsbHub3.sys
\SystemRoot\System32\drivers\USBD.SYS
\SystemRoot\System32\drivers\hidi2c.sys
\SystemRoot\System32\drivers\IntcOED.sys
\SystemRoot\System32\drivers\mouhid.sys
\SystemRoot\System32\drivers\MTConfig.sys
\SystemRoot\System32\drivers\kbdhid.sys
\SystemRoot\System32\drivers\hidusb.sys
\SystemRoot\system32\DRIVERS\btfilter.sys
\SystemRoot\System32\drivers\BTHUSB.sys
\SystemRoot\System32\drivers\bthport.sys
\SystemRoot\System32\drivers\usbccgp.sys
\SystemRoot\system32\drivers\RTKVHD64.sys
\SystemRoot\system32\DRIVERS\IntcDAud.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys
\SystemRoot\System32\drivers\rfcomm.sys
\SystemRoot\System32\drivers\BthEnum.sys
\SystemRoot\System32\drivers\bthpan.sys
\SystemRoot\system32\drivers\mfeaack.sys
\SystemRoot\system32\drivers\mfeplk.sys
\SystemRoot\system32\drivers\mfeavfk.sys
\SystemRoot\system32\drivers\mfefirek.sys
\SystemRoot\system32\DRIVERS\mfencbdc.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\win32kfull.sys
\SystemRoot\System32\win32kbase.sys
\SystemRoot\System32\Drivers\dump_diskdump.sys
\SystemRoot\System32\Drivers\dump_iaStorA.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\drivers\dxgmms2.sys
\SystemRoot\System32\drivers\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\DRIVERS\esif_lf.sys
\SystemRoot\System32\drivers\WUDFRd.sys
\SystemRoot\system32\drivers\wcifs.sys
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\drivers\mmcss.sys
\SystemRoot\system32\drivers\storqosflt.sys
\SystemRoot\system32\drivers\MBAMChameleon.sys
\SystemRoot\System32\drivers\registry.sys
\SystemRoot\system32\drivers\lltdio.sys
\SystemRoot\system32\drivers\mslldp.sys
\SystemRoot\system32\drivers\rspndr.sys
\SystemRoot\System32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\drivers\ndisuio.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\drivers\Ndu.sys
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\System32\drivers\vwifimp.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\??\C:\Windows\system32\drivers\mwac.sys
\SystemRoot\System32\drivers\condrv.sys
\SystemRoot\system32\DRIVERS\farflt.sys
\??\C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys
\??\C:\Windows\system32\drivers\mbam.sys
\SystemRoot\System32\drivers\tunnel.sys
\SystemRoot\system32\drivers\cfwids.sys
\SystemRoot\system32\drivers\wcnfs.sys
\SystemRoot\system32\drivers\74847907.sys
----------- End -----------
Done!

Scan started
Database versions:
main: v2017.09.26.09
rootkit: v2017.09.13.01

<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffff9608faf27510, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffff9608f3fad9f0, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffff9608faf27510, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xffff9608f256d040, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xffff9608f25693c0, DeviceName: \Device\00000045\, DriverName: \Driver\iaStorA\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
This drive is a GPT Drive.
MBR Signature: 55AA
Disk Signature: 34F321CA

GPT Protective MBR Partition information:

Partition 0 type is EFI-GPT (0xee)
Partition is NOT ACTIVE.
Partition starts at LBA: 1 Numsec = 4294967295

Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

GPT Partition information:

GPT Header Signature 4546492050415254
GPT Header Revision 65536 Size 92 CRC 903586759
GPT Header CurrentLba = 1 BackupLba 1000215215
GPT Header FirstUsableLba 34 LastUsableLba 1000215182
GPT Header Guid daab197e-f3f-4c51-b3d4-12646089a6e9
GPT Header Contains 128 partition entries starting at LBA 2
GPT Header Partition entry size = 128

Backup GPT header Signature 4546492050415254
Backup GPT header Revision 65536 Size 92 CRC 903586759
Backup GPT header CurrentLba = 1000215215 BackupLba 1
Backup GPT header FirstUsableLba 34 LastUsableLba 1000215182
Backup GPT header Guid daab197e-f3f-4c51-b3d4-12646089a6e9
Backup GPT header Contains 128 partition entries starting at LBA 1000215183
Backup GPT header Partition entry size = 128

Partition 0 Type c12a7328-f81f-11d2-ba4b-0a0c93ec93b
Partition ID c0264dcb-875a-4fd3-82b1-a353e72e906
FirstLBA 2048 Last LBA 1026047
Attributes 0
Partition Name EFI system partition

GPT Partition 0 is bootable
Partition 1 Type e3c9e316-b5c-4db8-817d-f92df0215ae
Partition ID e4bf9792-4312-4f67-aa4c-85c6e4842725
FirstLBA 1026048 Last LBA 1288191
Attributes 0
Partition Name Microsoft reserved partition

Partition 2 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
Partition ID d6518b33-224-4e99-bd41-12996c9411e
FirstLBA 1288192 Last LBA 967499775
Attributes 0
Partition Name Basic data partition

Partition 3 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
Partition ID ba3c55f9-c342-4fec-8da9-33d29eef580
FirstLBA 967499776 Last LBA 968519679
Attributes 1
Partition Name

Partition 4 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
Partition ID 3c130a3c-97a1-450b-8f3b-3aecf86ad63
FirstLBA 968519680 Last LBA 997728255
Attributes 1
Partition Name

Partition 5 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
Partition ID f78369c6-a914-45e2-b52a-eff22d39d693
FirstLBA 997730304 Last LBA 1000214527
Attributes 1
Partition Name

Disk Size: 512110190592 bytes
Sector size: 512 bytes

Done!
File "C:\Users\numer\AppData\Local\Comms\UnistoreDB\store.vol" is sparse (flags = 32768)
File "C:\Windows\System32\config\systemprofile\AppData\Local\DataSharing\Storage\DSTokenDB2.dat" is sparse (flags = 32768)
File "C:\ProgramData\Microsoft\Network\Downloader\qmgr.db" is sparse (flags = 32768)
Scan finished
=======================================


Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removal finished

ROGUE KILLER

FRST PRIMO REPORT

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-09-2017
Ran by numer (administrator) on DESKTOP-J6B9VBM (27-09-2017 05:38:35)
Running from C:\Users\numer\Desktop
Loaded Profiles: numer (Available Profiles: numer)
Platform: Windows 10 Home Version 1703 (X64) Language: Italiano (Italia)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki122581.inf_amd64_39d9112bbe77f060\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki122581.inf_amd64_39d9112bbe77f060\IntelCpHDCPSvc.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Rivet Networks) C:\Program Files\Killer Networking\Network Manager\KillerService.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\modulecore\ModuleCoreService.exe
(Intel Security, Inc.) C:\Program Files\Common Files\intel security\pef\CORE\PEFService.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\SystemCore\mfemms.exe
(Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki122581.inf_amd64_39d9112bbe77f060\IntelCpHeciSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\mcafee\MfeAV\MfeAVSvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\VSCore_15_7\mcapexe.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\mcsvchost\McSvHost.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\csp\2.5.312.0\McCSPServiceHost.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki122581.inf_amd64_39d9112bbe77f060\igfxEM.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\modulecore\ModuleCoreService.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McUICnt.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Dell Inc.) C:\Program Files (x86)\Dell Customer Connect\DCCService.exe
(Dell) C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe
(Dell) C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Dell) C:\Program Files\Dell\Dell Product Registration\PRSvc.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpTray.exe
(Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\nvapiw.exe
(Dell) C:\Program Files\Dell\Dell Foundation Services\DFS.Common.Agent.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe
(McAfee LLC.) C:\Program Files\Common Files\mcafee\amcore\mcshield.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9240048 2017-09-20] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1502696 2017-09-20] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320584 2017-03-25] (Intel Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [1189744 2017-06-27] (Waves Audio Ltd.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
HKU\S-1-5-21-1420259285-3256734564-2012207256-1001\...\Run: [AdobeBridge] => [X]

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{62627152-b5ac-463b-b8b4-7432c4e63803}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-1420259285-3256734564-2012207256-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1420259285-3256734564-2012207256-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-09-23] (Microsoft Corporation)
BHO: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-09-06] (McAfee, Inc.)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-09-23] (Microsoft Corporation)
BHO-x32: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-09-06] (McAfee, Inc.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-23] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-23] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-23] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-23] (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-09-06] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-09-06] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2017-08-08] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2017-08-08] (McAfee, Inc.)

FireFox:
========
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF Extension: (McAfee WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2017-07-20]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2017-09-15] [not signed]
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2017-08-08] ()
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2017-08-08] ()
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-09-23] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-07-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-07-05] (Google Inc.)

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2246256 2017-05-18] (Adobe Systems, Incorporated)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [338312 2016-09-07] (Windows (R) Win 7 DDK provider)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [4424392 2017-09-08] (Microsoft Corporation)
S3 ClientAnalyticsService; C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe [1511728 2017-08-10] (McAfee, Inc.)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [208760 2017-07-27] (Dell Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3294584 2017-07-27] (Dell Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [217464 2017-07-27] (Dell Inc.)
R2 Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [130936 2017-05-02] (Dell Inc.)
R2 Dell Foundation Services; C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe [97616 2017-01-11] (Dell)
R2 Dell SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe [120872 2017-05-04] (Dell)
R2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [230248 2017-05-02] (Dell Inc.)
R2 esifsvc; C:\Windows\system32\Intel\DPTF\esif_uf.exe [2208888 2016-09-02] (Intel Corporation)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [17992 2017-03-25] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [630048 2016-10-14] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [196200 2016-12-19] (Intel Corporation)
R2 Killer Service V2; C:\Program Files\Killer Networking\Network Manager\KillerService.exe [457104 2017-04-18] (Rivet Networks)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-07] (Malwarebytes)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [590880 2017-09-06] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_15_7\McApExe.exe [993256 2017-08-07] (McAfee, Inc.)
S3 McAWFwk; c:\Program Files\Common Files\mcafee\actwiz\McAWFwk.exe [454560 2017-01-17] (McAfee, Inc.)
R2 McBootDelayStartSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\2.5.312.0\\McCSPServiceHost.exe [2139832 2017-05-31] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [242640 2017-06-21] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [394704 2017-06-21] (McAfee, Inc.)
R3 mfevtp; C:\Windows\system32\mfevtps.exe [350160 2017-06-21] (McAfee, Inc.)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1546904 2017-08-17] (McAfee, Inc.)
S3 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
S3 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495040 2017-05-04] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495040 2017-05-04] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-05-01] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [449984 2017-05-04] (NVIDIA Corporation)
R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1043864 2017-07-31] (Intel Security, Inc.)
R2 Product Registration; C:\Program Files\Dell\Dell Product Registration\PRSvc.exe [46632 2017-04-18] (Dell)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [333296 2017-09-20] (Realtek Semiconductor)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [53208 2017-08-04] (Dell Inc.)
S3 ThunderboltService; c:\Program Files (x86)\Intel\Thunderbolt Software\tbtsvc.exe [2018024 2016-11-17] (Intel Corporation)
R2 WavesSysSvc; C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe [828792 2017-06-27] (Waves Audio Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 BfLwf; C:\Windows\system32\DRIVERS\bwcW10x64.sys [148200 2017-04-04] (Rivet Networks, LLC.)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [77800 2017-06-26] (McAfee, Inc.)
R3 DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [32960 2017-04-11] (Dell Inc.)
R3 DellProf; C:\Windows\system32\drivers\DellProf.sys [32568 2017-04-11] (Dell Computer Corporation)
R3 dptf_acpi; C:\Windows\System32\drivers\dptf_acpi.sys [71232 2016-08-13] (Intel Corporation)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [66624 2016-08-13] (Intel Corporation)
R3 esif_lf; C:\Windows\system32\DRIVERS\esif_lf.sys [350272 2016-08-13] (Intel Corporation)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77440 2017-08-24] ()
R3 HidEventFilter; C:\Windows\System32\drivers\HidEventFilter.sys [54816 2016-10-29] (Intel Corporation)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [209608 2017-08-07] (McAfee, Inc.)
S3 iaLPSS2_GPIO2; C:\Windows\System32\drivers\iaLPSS2_GPIO2.sys [89912 2016-08-30] (Intel Corporation)
R2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [192960 2017-09-27] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\system32\DRIVERS\farflt.sys [101824 2017-09-27] (Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [45472 2017-09-27] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [253888 2017-09-27] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\drivers\mwac.sys [94144 2017-09-27] (Malwarebytes)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [487408 2017-06-26] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [355312 2017-06-26] (McAfee, Inc.)
U3 mfeavfk01; no ImagePath
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [84544 2017-06-26] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [506352 2017-06-26] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [933360 2017-06-26] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [504792 2017-06-27] (McAfee LLC.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [108504 2017-06-27] (McAfee LLC.)
R3 mfeplk; C:\Windows\System32\drivers\mfeplk.sys [116208 2017-06-26] (McAfee, Inc.)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [111608 2017-02-14] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [253424 2017-06-26] (McAfee, Inc.)
S3 mosuport; C:\Windows\System32\drivers\mosuport.sys [367744 2016-12-23] (ASIX Electronics Corporation)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nvdm.inf_amd64_dc26d32481ff4137\nvlddmkm.sys [14456912 2017-05-11] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-05-04] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [48064 2017-05-04] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [57792 2017-05-04] (NVIDIA Corporation)
S3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [779232 2016-08-05] (Realsil Semiconductor Corporation)
S3 rtux64w10; C:\Windows\System32\drivers\rtux64w10.sys [375296 2017-01-18] (Realtek )
S3 SDFRd; C:\Windows\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-09-27 05:38 - 2017-09-27 05:38 - 000021818 _____ C:\Users\numer\Desktop\FRST.txt
2017-09-27 05:38 - 2017-09-27 05:38 - 000000000 ____D C:\FRST
2017-09-27 05:37 - 2017-09-27 05:37 - 002399744 _____ (Farbar) C:\Users\numer\Desktop\FRST64.exe
2017-09-27 05:23 - 2017-09-27 05:23 - 000004222 _____ C:\Windows\System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse
2017-09-27 05:19 - 2017-09-27 05:19 - 000028272 _____ C:\Windows\system32\Drivers\TrueSight.sys
2017-09-27 05:17 - 2017-09-27 05:35 - 000000000 ____D C:\ProgramData\RogueKiller
2017-09-27 05:17 - 2017-09-27 05:17 - 026704968 _____ C:\Users\numer\Desktop\RogueKiller_portable64.exe
2017-09-27 04:55 - 2017-09-27 05:00 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-09-27 04:54 - 2017-09-27 05:00 - 000000000 ____D C:\Users\numer\Desktop\mbar
2017-09-27 04:53 - 2017-09-27 04:53 - 016563352 _____ (Malwarebytes Corp.) C:\Users\numer\Downloads\mbar-1.09.3.1001.exe
2017-09-27 04:50 - 2017-09-27 04:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2017-09-27 04:49 - 2017-09-27 05:00 - 000295708 _____ C:\TDSSKiller.3.1.0.15_27.09.2017_04.49.56_log.txt
2017-09-27 04:49 - 2017-09-27 04:49 - 004922400 _____ (AO Kaspersky Lab) C:\Users\numer\Downloads\tdsskiller.exe
2017-09-27 04:44 - 2017-09-27 04:46 - 000000000 ____D C:\AdwCleaner
2017-09-27 04:43 - 2017-09-27 04:43 - 008182736 _____ (Malwarebytes) C:\Users\numer\Downloads\AdwCleaner.exe
2017-09-27 04:42 - 2017-09-27 05:35 - 000000000 ____D C:\Users\numer\Desktop\VIRUS
2017-09-27 04:40 - 2017-09-27 04:55 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-09-27 04:40 - 2017-09-27 04:47 - 000253888 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-09-27 04:40 - 2017-09-27 04:47 - 000101824 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2017-09-27 04:40 - 2017-09-27 04:47 - 000094144 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-09-27 04:40 - 2017-09-27 04:47 - 000045472 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-09-27 04:40 - 2017-09-27 04:40 - 000192960 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
2017-09-27 04:40 - 2017-09-27 04:40 - 000001914 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-09-27 04:40 - 2017-09-27 04:40 - 000001115 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Waves MaxxAudioPro.lnk
2017-09-27 04:40 - 2017-09-27 04:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-09-27 04:40 - 2017-09-27 04:40 - 000000000 ____D C:\Program Files\Waves
2017-09-27 04:40 - 2017-09-27 04:40 - 000000000 ____D C:\Program Files\Malwarebytes
2017-09-27 04:40 - 2017-08-24 11:27 - 000077440 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-09-27 04:39 - 2017-09-27 04:39 - 068408664 _____ (Malwarebytes ) C:\Users\numer\Downloads\mb3-setup-35891.35891-3.2.2.2029.exe
2017-09-27 04:35 - 2017-09-27 04:35 - 000000000 ___HD C:\OneDriveTemp
2017-09-23 16:15 - 2017-09-23 16:15 - 000000000 ____D C:\Users\numer\AppData\Local\Tempzxpsign49656b7ddfbac53d
2017-09-23 16:15 - 2017-09-23 16:15 - 000000000 ____D C:\Users\numer\AppData\Local\Tempzxpsign47242e8cfe98e629
2017-09-23 16:15 - 2017-09-23 16:15 - 000000000 ____D C:\Users\numer\AppData\Local\Tempzxpsign11ac591ad79f05a0
2017-09-23 10:55 - 2017-09-23 10:55 - 000544424 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2017-09-23 10:11 - 2017-09-27 05:33 - 000004034 _____ C:\Windows\System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse
2017-09-20 20:19 - 2017-09-20 20:19 - 003685864 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2017-09-20 20:19 - 2017-09-20 20:19 - 003213832 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2017-09-20 20:19 - 2017-09-20 20:19 - 000248840 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTHDASIO64.dll
2017-09-20 20:18 - 2017-09-20 20:18 - 024252360 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRenderAVX64.dll
2017-09-20 20:18 - 2017-09-20 20:18 - 003548616 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2017-09-20 20:18 - 2017-09-20 20:18 - 002219504 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2017-09-20 20:18 - 2017-09-20 20:18 - 001367728 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2017-09-20 20:18 - 2017-09-20 20:18 - 000749544 _____ (Intel(R) Corporation) C:\Windows\system32\Drivers\IntcOED.sys
2017-09-20 20:18 - 2017-09-20 20:18 - 000705608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2017-09-20 20:18 - 2017-09-20 20:18 - 000353848 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2017-09-20 20:18 - 2017-09-20 20:18 - 000237288 _____ (Intel(R) Corporation) C:\Windows\system32\Drivers\IntcAudioBus.sys
2017-09-20 20:18 - 2017-09-20 20:18 - 000209416 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RTHDASIO.dll
2017-09-20 19:58 - 2017-09-20 19:58 - 012951320 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2017-09-20 19:58 - 2017-09-20 19:58 - 000243016 _____ C:\Windows\system32\Drivers\dsp_fw_release.bin
2017-09-20 19:58 - 2017-09-20 19:58 - 000012288 _____ C:\Windows\system32\Drivers\dsp_fw_release_7CAD0808-AB10-CD23-EF45-12AB34CD56EF.bin
2017-09-15 16:14 - 2017-09-15 16:14 - 000004308 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-09-15 16:14 - 2017-09-15 16:14 - 000004000 _____ C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-09-15 16:14 - 2017-09-15 16:14 - 000003994 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-09-15 16:14 - 2017-09-15 16:14 - 000003894 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-09-15 16:14 - 2017-09-15 16:14 - 000003866 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-09-15 16:14 - 2017-09-15 16:14 - 000003858 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-09-15 16:14 - 2017-09-15 16:14 - 000003696 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-09-15 16:14 - 2017-09-15 16:14 - 000003654 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-09-15 16:14 - 2017-09-15 16:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-09-15 16:14 - 2017-05-04 06:19 - 001893312 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2017-09-15 16:14 - 2017-05-04 06:19 - 001755072 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2017-09-15 16:14 - 2017-05-04 06:19 - 001477056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2017-09-15 16:14 - 2017-05-04 06:19 - 001317312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2017-09-15 16:14 - 2017-05-04 06:19 - 000121280 _____ C:\Windows\system32\NvRtmpStreamer64.dll
2017-09-15 16:14 - 2017-05-04 05:28 - 000001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat
2017-09-15 16:14 - 2017-05-04 01:41 - 000001951 _____ C:\Windows\NvContainerRecovery.bat
2017-09-15 16:14 - 2017-05-02 08:38 - 000018040 _____ (NVIDIA Corporation) C:\Windows\system32\NVMUPEventMsg.dll
2017-09-15 16:13 - 2017-05-04 06:19 - 000175552 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2017-09-15 16:13 - 2017-05-04 06:19 - 000143296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2017-09-15 16:13 - 2017-05-04 06:19 - 000057792 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvhci.sys
2017-09-15 16:13 - 2017-05-04 06:19 - 000048064 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2017-09-15 16:13 - 2017-05-02 08:38 - 040201848 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2017-09-15 16:13 - 2017-05-02 08:38 - 035388864 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2017-09-15 16:13 - 2017-05-02 08:38 - 035281528 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2017-09-15 16:13 - 2017-05-02 08:38 - 028623480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2017-09-15 16:13 - 2017-05-02 08:38 - 011056456 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2017-09-15 16:13 - 2017-05-02 08:38 - 011024384 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2017-09-15 16:13 - 2017-05-02 08:38 - 010547440 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2017-09-15 16:13 - 2017-05-02 08:38 - 009245744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2017-09-15 16:13 - 2017-05-02 08:38 - 009014792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2017-09-15 16:13 - 2017-05-02 08:38 - 008805232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2017-09-15 16:13 - 2017-05-02 08:38 - 003792320 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2017-09-15 16:13 - 2017-05-02 08:38 - 003607464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2017-09-15 16:13 - 2017-05-02 08:38 - 003247736 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2017-09-15 16:13 - 2017-05-02 08:38 - 001988032 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6438205.dll
2017-09-15 16:13 - 2017-05-02 08:38 - 001589696 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6438205.dll
2017-09-15 16:13 - 2017-05-02 08:38 - 001278528 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncMFTH264.dll
2017-09-15 16:13 - 2017-05-02 08:38 - 001276128 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncMFThevc.dll
2017-09-15 16:13 - 2017-05-02 08:38 - 001054144 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2017-09-15 16:13 - 2017-05-02 08:38 - 000995736 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFTH264.dll
2017-09-15 16:13 - 2017-05-02 08:38 - 000993872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFThevc.dll
2017-09-15 16:13 - 2017-05-02 08:38 - 000991168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2017-09-15 16:13 - 2017-05-02 08:38 - 000960960 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2017-09-15 16:13 - 2017-05-02 08:38 - 000911992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2017-09-15 16:13 - 2017-05-02 08:38 - 000776048 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2017-09-15 16:13 - 2017-05-02 08:38 - 000688968 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2017-09-15 16:13 - 2017-05-02 08:38 - 000612088 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2017-09-15 16:13 - 2017-05-02 08:38 - 000609912 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2017-09-15 16:13 - 2017-05-02 08:38 - 000577728 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2017-09-15 16:13 - 2017-05-02 08:38 - 000499320 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2017-09-15 16:12 - 2017-09-15 16:12 - 000000000 ____D C:\Windows\nvmup
2017-09-15 15:37 - 2017-09-05 07:30 - 000287648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2017-09-15 15:37 - 2017-09-05 07:21 - 000189344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2017-09-15 15:37 - 2017-09-05 07:18 - 000820128 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
2017-09-15 15:37 - 2017-09-05 07:16 - 000546208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2017-09-15 15:37 - 2017-09-05 07:12 - 001409048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2017-09-15 15:37 - 2017-09-05 07:12 - 001292880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2017-09-15 15:37 - 2017-09-05 07:12 - 000627080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2017-09-15 15:37 - 2017-09-05 07:12 - 000081176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32u.dll
2017-09-15 15:37 - 2017-09-05 07:11 - 002675104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2017-09-15 15:37 - 2017-09-05 06:53 - 001839872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-09-15 15:37 - 2017-09-05 06:52 - 002259760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreUIComponents.dll
2017-09-15 15:37 - 2017-09-05 06:50 - 004330920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupapi.dll
2017-09-15 15:37 - 2017-09-05 06:46 - 004471888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2017-09-15 15:37 - 2017-09-05 06:45 - 005821496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2017-09-15 15:37 - 2017-09-05 06:45 - 002476712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2017-09-15 15:37 - 2017-09-05 06:45 - 002166808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-09-15 15:37 - 2017-09-05 06:45 - 000750496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2017-09-15 15:37 - 2017-09-05 06:45 - 000085784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CredentialUIBroker.exe
2017-09-15 15:37 - 2017-09-05 06:44 - 000569264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2017-09-15 15:37 - 2017-09-05 06:43 - 000611096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2017-09-15 15:37 - 2017-09-05 06:43 - 000359560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2017-09-15 15:37 - 2017-09-05 06:43 - 000280480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2017-09-15 15:37 - 2017-09-05 06:43 - 000169376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2017-09-15 15:37 - 2017-09-05 06:43 - 000042456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tbs.dll
2017-09-15 15:37 - 2017-09-05 06:42 - 002330520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2017-09-15 15:37 - 2017-09-05 06:42 - 000703056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2017-09-15 15:37 - 2017-09-05 06:42 - 000519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2017-09-15 15:37 - 2017-09-05 06:42 - 000291904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wevtapi.dll
2017-09-15 15:37 - 2017-09-05 06:42 - 000182688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
2017-09-15 15:37 - 2017-09-05 06:41 - 020373408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2017-09-15 15:37 - 2017-09-05 06:41 - 006761560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-09-15 15:37 - 2017-09-05 06:41 - 004671832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2017-09-15 15:37 - 2017-09-05 06:41 - 001106904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2017-09-15 15:37 - 2017-09-05 06:41 - 001013912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvproc.dll
2017-09-15 15:37 - 2017-09-05 06:40 - 000052768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2017-09-15 15:37 - 2017-09-05 06:37 - 000583160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreMessaging.dll
2017-09-15 15:37 - 2017-09-05 06:28 - 000071680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbser.sys
2017-09-15 15:37 - 2017-09-05 06:28 - 000039424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\buttonconverter.sys
2017-09-15 15:37 - 2017-09-05 06:27 - 000128000 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2017-09-15 15:37 - 2017-09-05 06:26 - 002953216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2017-09-15 15:37 - 2017-09-05 06:26 - 000404480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werui.dll
2017-09-15 15:37 - 2017-09-05 06:26 - 000130560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthpan.sys
2017-09-15 15:37 - 2017-09-05 06:26 - 000107008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidbth.sys
2017-09-15 15:37 - 2017-09-05 06:25 - 013844480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2017-09-15 15:37 - 2017-09-05 06:25 - 001448960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2017-09-15 15:37 - 2017-09-05 06:25 - 000293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32k.sys
2017-09-15 15:37 - 2017-09-05 06:25 - 000154624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWWIN.EXE
2017-09-15 15:37 - 2017-09-05 06:24 - 002199552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-09-15 15:37 - 2017-09-05 06:23 - 000025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcconf.dll
2017-09-15 15:37 - 2017-09-05 06:22 - 000742912 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2017-09-15 15:37 - 2017-09-05 06:22 - 000165888 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2017-09-15 15:37 - 2017-09-05 06:22 - 000079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2017-09-15 15:37 - 2017-09-05 06:21 - 006728704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2017-09-15 15:37 - 2017-09-05 06:21 - 001178624 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Vpn.dll
2017-09-15 15:37 - 2017-09-05 06:21 - 000123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srpapi.dll
2017-09-15 15:37 - 2017-09-05 06:21 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.exe
2017-09-15 15:37 - 2017-09-05 06:20 - 000370176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\daxexec.dll
2017-09-15 15:37 - 2017-09-05 06:19 - 000364032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msIso.dll
2017-09-15 15:37 - 2017-09-05 06:19 - 000311296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll
2017-09-15 15:37 - 2017-09-05 06:19 - 000181760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authz.dll
2017-09-15 15:37 - 2017-09-05 06:19 - 000134656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dinput.dll
2017-09-15 15:37 - 2017-09-05 06:18 - 000524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ngccredprov.dll
2017-09-15 15:37 - 2017-09-05 06:18 - 000471040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TpmCoreProvisioning.dll
2017-09-15 15:37 - 2017-09-05 06:18 - 000452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasplap.dll
2017-09-15 15:37 - 2017-09-05 06:18 - 000175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dinput8.dll
2017-09-15 15:37 - 2017-09-05 06:18 - 000100352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasman.dll
2017-09-15 15:37 - 2017-09-05 06:17 - 008213504 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2017-09-15 15:37 - 2017-09-05 06:17 - 000918528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Vpn.dll
2017-09-15 15:37 - 2017-09-05 06:17 - 000852480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasgcw.dll
2017-09-15 15:37 - 2017-09-05 06:17 - 000586240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2017-09-15 15:37 - 2017-09-05 06:17 - 000307712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptngc.dll
2017-09-15 15:37 - 2017-09-05 06:16 - 005961728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2017-09-15 15:37 - 2017-09-05 06:16 - 000844288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasdlg.dll
2017-09-15 15:37 - 2017-09-05 06:16 - 000563200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2017-09-15 15:37 - 2017-09-05 06:16 - 000357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActivationManager.dll
2017-09-15 15:37 - 2017-09-05 06:16 - 000257024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Phoneutil.dll
2017-09-15 15:37 - 2017-09-05 06:15 - 001248768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AzureSettingSyncProvider.dll
2017-09-15 15:37 - 2017-09-05 06:15 - 000657408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2017-09-15 15:37 - 2017-09-05 06:15 - 000636416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WpcWebFilter.dll
2017-09-15 15:37 - 2017-09-05 06:15 - 000430592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2017-09-15 15:37 - 2017-09-05 06:15 - 000223744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2017-09-15 15:37 - 2017-09-05 06:14 - 000754176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-09-15 15:37 - 2017-09-05 06:14 - 000590336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PCPKsp.dll
2017-09-15 15:37 - 2017-09-05 06:14 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsreg.dll
2017-09-15 15:37 - 2017-09-05 06:13 - 007598080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2017-09-15 15:37 - 2017-09-05 06:13 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cldapi.dll
2017-09-15 15:37 - 2017-09-05 06:12 - 005225984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2017-09-15 15:37 - 2017-09-05 06:12 - 002859520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-09-15 15:37 - 2017-09-05 06:12 - 000899584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2017-09-15 15:37 - 2017-09-05 06:11 - 003667456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
2017-09-15 15:37 - 2017-09-05 06:11 - 001355264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OpcServices.dll
2017-09-15 15:37 - 2017-09-05 06:11 - 001060352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2017-09-15 15:37 - 2017-09-05 06:11 - 001019904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aadtb.dll
2017-09-15 15:37 - 2017-09-05 06:11 - 000787456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2017-09-15 15:37 - 2017-09-05 06:10 - 004559360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2017-09-15 15:37 - 2017-09-05 06:10 - 001627136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-09-15 15:37 - 2017-09-05 06:10 - 000761344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasapi32.dll
2017-09-15 15:37 - 2017-09-05 06:10 - 000431616 _____ (Microsoft Corporation) C:\Windows\system32\BthHFSrv.dll
2017-09-15 15:37 - 2017-09-05 06:06 - 000221696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wisp.dll
2017-09-15 15:37 - 2017-09-05 06:06 - 000089088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2017-09-15 15:37 - 2017-09-05 06:04 - 000175616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RstrtMgr.dll
2017-09-15 15:37 - 2017-09-05 06:04 - 000057856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\offreg.dll
2017-09-15 15:37 - 2017-08-01 04:38 - 000406544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\policymanager.dll
2017-09-15 15:37 - 2017-08-01 04:36 - 000119712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2017-09-15 15:37 - 2017-08-01 04:35 - 000133904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2017-09-15 15:37 - 2017-08-01 04:34 - 000349600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-09-15 15:37 - 2017-08-01 04:31 - 000176024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\basecsp.dll
2017-09-15 15:37 - 2017-08-01 04:17 - 000034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tokenbinding.dll
2017-09-15 15:37 - 2017-08-01 04:14 - 000035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2017-09-15 15:37 - 2017-08-01 04:13 - 000127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdeploy.dll
2017-09-15 15:37 - 2017-08-01 04:12 - 000229888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scksp.dll
2017-09-15 15:37 - 2017-08-01 04:09 - 000394240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll
2017-09-15 15:37 - 2017-08-01 04:08 - 000267264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptprov.dll
2017-09-15 15:37 - 2017-08-01 04:07 - 002671616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2017-09-15 15:37 - 2017-08-01 04:06 - 000798208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll
2017-09-15 15:37 - 2017-08-01 03:30 - 003377664 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2017-09-15 15:37 - 2017-08-01 00:45 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2017-09-15 15:37 - 2017-08-01 00:45 - 000866816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswdat10.dll
2017-09-15 15:37 - 2017-08-01 00:45 - 000641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswstr10.dll
2017-09-15 15:37 - 2017-08-01 00:45 - 000616448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrepl40.dll
2017-09-15 15:37 - 2017-08-01 00:45 - 000518144 _____ C:\Windows\SysWOW64\msjetoledb40.dll
2017-09-15 15:37 - 2017-08-01 00:45 - 000475648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxbde40.dll
2017-09-15 15:37 - 2017-08-01 00:45 - 000375808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mspbde40.dll
2017-09-15 15:37 - 2017-08-01 00:45 - 000343552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2017-09-15 15:37 - 2017-08-01 00:45 - 000339968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2017-09-15 15:37 - 2017-08-01 00:45 - 000310272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd2x40.dll
2017-09-15 15:37 - 2017-08-01 00:45 - 000290816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjtes40.dll
2017-09-15 15:37 - 2017-08-01 00:45 - 000272896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstext40.dll
2017-09-15 15:37 - 2017-08-01 00:45 - 000240640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msltus40.dll
2017-09-15 15:37 - 2017-08-01 00:45 - 000144896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjint40.dll
2017-09-15 15:37 - 2017-08-01 00:45 - 000083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjter40.dll
2017-09-15 15:37 - 2017-07-28 07:23 - 000723360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys
2017-09-15 15:37 - 2017-07-28 07:20 - 000279968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2017-09-15 15:37 - 2017-07-28 07:15 - 000554400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2017-09-15 15:37 - 2017-07-28 07:07 - 000805816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.dll
2017-09-15 15:37 - 2017-07-28 06:48 - 000096648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmcmnutils.dll
2017-09-15 15:37 - 2017-07-28 06:40 - 000551200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2017-09-15 15:37 - 2017-07-28 06:38 - 004213656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepository.dll
2017-09-15 15:37 - 2017-07-28 06:36 - 005808640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2017-09-15 15:37 - 2017-07-28 06:36 - 002424024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2017-09-15 15:37 - 2017-07-28 06:36 - 001195760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2017-09-15 15:37 - 2017-07-28 06:36 - 000866808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DolbyDecMFT.dll
2017-09-15 15:37 - 2017-07-28 06:36 - 000864248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2017-09-15 15:37 - 2017-07-28 06:36 - 000173104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsensorgroup.dll
2017-09-15 15:37 - 2017-07-28 06:36 - 000090464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msacm32.dll
2017-09-15 15:37 - 2017-07-28 06:35 - 000988168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2017-09-15 15:37 - 2017-07-28 06:35 - 000277432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shlwapi.dll
2017-09-15 15:37 - 2017-07-28 06:33 - 000967584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll
2017-09-15 15:37 - 2017-07-28 06:33 - 000414296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TextInputFramework.dll
2017-09-15 15:37 - 2017-07-28 06:26 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\cmintegrator.dll
2017-09-15 15:37 - 2017-07-28 06:21 - 000029184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cmintegrator.dll
2017-09-15 15:37 - 2017-07-28 06:20 - 000018432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IpNatHlpClient.dll
2017-09-15 15:37 - 2017-07-28 06:19 - 000417792 _____ (Microsoft Corporation) C:\Windows\system32\InstallAgentUserBroker.exe
2017-09-15 15:37 - 2017-07-28 06:19 - 000147456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VCardParser.dll
2017-09-15 15:37 - 2017-07-28 06:19 - 000117760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryUpgrade.dll
2017-09-15 15:37 - 2017-07-28 06:18 - 000139776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BluetoothApis.dll
2017-09-15 15:37 - 2017-07-28 06:16 - 001291776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVPXENC.dll
2017-09-15 15:37 - 2017-07-28 06:16 - 000383488 _____ (Microsoft Corporation) C:\Windows\system32\InstallAgent.exe
2017-09-15 15:37 - 2017-07-28 06:16 - 000135680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qasf.dll
2017-09-15 15:37 - 2017-07-28 06:15 - 005721600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingMaps.dll
2017-09-15 15:37 - 2017-07-28 06:15 - 000586752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2017-09-15 15:37 - 2017-07-28 06:14 - 000368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallAgentUserBroker.exe
2017-09-15 15:37 - 2017-07-28 06:14 - 000331264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastlsext.dll
2017-09-15 15:37 - 2017-07-28 06:13 - 000932352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GamePanel.exe
2017-09-15 15:37 - 2017-07-28 06:12 - 000952832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll
2017-09-15 15:37 - 2017-07-28 06:12 - 000446464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2017-09-15 15:37 - 2017-07-28 06:12 - 000337920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallAgent.exe
2017-09-15 15:37 - 2017-07-28 06:10 - 000564224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shsvcs.dll
2017-09-15 15:37 - 2017-07-28 06:08 - 004417024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2017-09-15 15:37 - 2017-07-28 06:08 - 004056064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2017-09-15 15:37 - 2017-07-28 06:08 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthhfenum.sys
2017-09-15 15:37 - 2017-07-28 06:07 - 002211840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InputService.dll
2017-09-15 15:37 - 2017-07-28 06:05 - 001536512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2017-09-15 15:37 - 2017-07-28 06:05 - 000892928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autochk.exe
2017-09-15 15:37 - 2017-07-28 06:05 - 000538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2017-09-15 15:37 - 2017-07-28 06:02 - 000877056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autoconv.exe
2017-09-15 15:37 - 2017-07-28 06:02 - 000853504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autofmt.exe
2017-09-15 15:37 - 2017-07-28 06:02 - 000077312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spbcd.dll
2017-09-15 15:36 - 2017-09-05 07:31 - 001596592 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2017-09-15 15:36 - 2017-09-05 07:31 - 001346112 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2017-09-15 15:36 - 2017-09-05 07:31 - 001147296 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2017-09-15 15:36 - 2017-09-05 07:31 - 001024928 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2017-09-15 15:36 - 2017-09-05 07:31 - 000821664 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.exe
2017-09-15 15:36 - 2017-09-05 07:31 - 000750560 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2017-09-15 15:36 - 2017-09-05 07:31 - 000115792 _____ (Microsoft Corporation) C:\Windows\system32\win32u.dll
2017-09-15 15:36 - 2017-09-05 07:27 - 002399728 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-09-15 15:36 - 2017-09-05 07:27 - 000136096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-09-15 15:36 - 2017-09-05 07:26 - 008319904 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-09-15 15:36 - 2017-09-05 07:26 - 001930840 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2017-09-15 15:36 - 2017-09-05 07:25 - 002969880 _____ (Microsoft Corporation) C:\Windows\system32\CoreUIComponents.dll
2017-09-15 15:36 - 2017-09-05 07:25 - 000159648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2017-09-15 15:36 - 2017-09-05 07:24 - 000923040 _____ (Microsoft Corporation) C:\Windows\system32\CoreMessaging.dll
2017-09-15 15:36 - 2017-09-05 07:24 - 000519584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2017-09-15 15:36 - 2017-09-05 07:23 - 004462120 _____ (Microsoft Corporation) C:\Windows\system32\setupapi.dll
2017-09-15 15:36 - 2017-09-05 07:23 - 001242528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2017-09-15 15:36 - 2017-09-05 07:20 - 001057824 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2017-09-15 15:36 - 2017-09-05 07:19 - 004848960 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2017-09-15 15:36 - 2017-09-05 07:19 - 002443168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2017-09-15 15:36 - 2017-09-05 07:18 - 007326128 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2017-09-15 15:36 - 2017-09-05 07:18 - 005477096 _____ (Microsoft Corporation) C:\Windows\system32\OneCoreUAPCommonProxyStub.dll
2017-09-15 15:36 - 2017-09-05 07:18 - 002972552 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2017-09-15 15:36 - 2017-09-05 07:18 - 002647224 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-09-15 15:36 - 2017-09-05 07:18 - 001668344 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2017-09-15 15:36 - 2017-09-05 07:18 - 000685512 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2017-09-15 15:36 - 2017-09-05 07:18 - 000212384 _____ (Microsoft Corporation) C:\Windows\system32\browserbroker.dll
2017-09-15 15:36 - 2017-09-05 07:17 - 000316320 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2017-09-15 15:36 - 2017-09-05 07:16 - 001320344 _____ (Microsoft Corporation) C:\Windows\system32\wpx.dll
2017-09-15 15:36 - 2017-09-05 07:16 - 000872472 _____ (Microsoft Corporation) C:\Windows\system32\ClipSVC.dll
2017-09-15 15:36 - 2017-09-05 07:16 - 000724200 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2017-09-15 15:36 - 2017-09-05 07:16 - 000715168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2017-09-15 15:36 - 2017-09-05 07:16 - 000410168 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2017-09-15 15:36 - 2017-09-05 07:16 - 000228256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-09-15 15:36 - 2017-09-05 07:16 - 000182688 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2017-09-15 15:36 - 2017-09-05 07:16 - 000049720 _____ (Microsoft Corporation) C:\Windows\system32\tbs.dll
2017-09-15 15:36 - 2017-09-05 07:15 - 003116184 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2017-09-15 15:36 - 2017-09-05 07:15 - 000871448 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2017-09-15 15:36 - 2017-09-05 07:15 - 000654976 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2017-09-15 15:36 - 2017-09-05 07:15 - 000381824 _____ (Microsoft Corporation) C:\Windows\system32\wevtapi.dll
2017-09-15 15:36 - 2017-09-05 07:15 - 000257440 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll
2017-09-15 15:36 - 2017-09-05 07:14 - 021352656 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2017-09-15 15:36 - 2017-09-05 07:14 - 007907344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2017-09-15 15:36 - 2017-09-05 07:14 - 004708504 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2017-09-15 15:36 - 2017-09-05 07:14 - 001146176 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2017-09-15 15:36 - 2017-09-05 07:14 - 000958664 _____ (Microsoft Corporation) C:\Windows\system32\msvproc.dll
2017-09-15 15:36 - 2017-09-05 07:14 - 000254176 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2017-09-15 15:36 - 2017-09-05 07:14 - 000094624 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2017-09-15 15:36 - 2017-09-05 07:13 - 001619816 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2017-09-15 15:36 - 2017-09-05 07:13 - 000064680 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2017-09-15 15:36 - 2017-09-05 07:11 - 000610720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2017-09-15 15:36 - 2017-09-05 07:11 - 000387936 _____ (Microsoft Corporation) C:\Windows\system32\wmpps.dll
2017-09-15 15:36 - 2017-09-05 06:53 - 001620880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2017-09-15 15:36 - 2017-09-05 06:45 - 023679488 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2017-09-15 15:36 - 2017-09-05 06:31 - 003668992 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2017-09-15 15:36 - 2017-09-05 06:30 - 001639936 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2017-09-15 15:36 - 2017-09-05 06:30 - 001275904 _____ (Microsoft Corporation) C:\Windows\system32\werconcpl.dll
2017-09-15 15:36 - 2017-09-05 06:30 - 000584192 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbonRes.dll
2017-09-15 15:36 - 2017-09-05 06:30 - 000463360 _____ (Microsoft Corporation) C:\Windows\system32\werui.dll
2017-09-15 15:36 - 2017-09-05 06:30 - 000447488 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-09-15 15:36 - 2017-09-05 06:30 - 000184320 _____ (Microsoft Corporation) C:\Windows\system32\DWWIN.EXE
2017-09-15 15:36 - 2017-09-05 06:30 - 000093184 _____ (Microsoft Corporation) C:\Windows\system32\wercplsupport.dll
2017-09-15 15:36 - 2017-09-05 06:30 - 000089088 _____ (Microsoft Corporation) C:\Windows\system32\winsrvext.dll
2017-09-15 15:36 - 2017-09-05 06:30 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\wsqmcons.exe
2017-09-15 15:36 - 2017-09-05 06:29 - 000037376 _____ (Microsoft Corporation) C:\Windows\system32\SEMgrPS.dll
2017-09-15 15:36 - 2017-09-05 06:28 - 017371136 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2017-09-15 15:36 - 2017-09-05 06:28 - 002199552 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Resources.dll
2017-09-15 15:36 - 2017-09-05 06:27 - 007931392 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2017-09-15 15:36 - 2017-09-05 06:27 - 000133632 _____ (Microsoft Corporation) C:\Windows\system32\CfgSPCellular.dll
2017-09-15 15:36 - 2017-09-05 06:27 - 000131584 _____ (Microsoft Corporation) C:\Windows\system32\EnterpriseAPNCsp.dll
2017-09-15 15:36 - 2017-09-05 06:27 - 000104960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UcmCx.sys
2017-09-15 15:36 - 2017-09-05 06:27 - 000095232 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2017-09-15 15:36 - 2017-09-05 06:27 - 000090112 _____ (Microsoft Corporation) C:\Windows\system32\datamarketsvc.dll
2017-09-15 15:36 - 2017-09-05 06:27 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2017-09-15 15:36 - 2017-09-05 06:27 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\odbcconf.dll
2017-09-15 15:36 - 2017-09-05 06:26 - 000499712 _____ (Microsoft Corporation) C:\Windows\system32\nltest.exe
2017-09-15 15:36 - 2017-09-05 06:26 - 000156160 _____ (Microsoft Corporation) C:\Windows\system32\csplte.dll
2017-09-15 15:36 - 2017-09-05 06:26 - 000142848 _____ (Microsoft Corporation) C:\Windows\system32\srpapi.dll
2017-09-15 15:36 - 2017-09-05 06:26 - 000124928 _____ (Microsoft Corporation) C:\Windows\system32\httpprxm.dll
2017-09-15 15:36 - 2017-09-05 06:26 - 000113152 _____ (Microsoft Corporation) C:\Windows\system32\wuuhosdeployment.dll
2017-09-15 15:36 - 2017-09-05 06:26 - 000084992 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-09-15 15:36 - 2017-09-05 06:26 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe
2017-09-15 15:36 - 2017-09-05 06:26 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe
2017-09-15 15:36 - 2017-09-05 06:25 - 000584192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbonRes.dll
2017-09-15 15:36 - 2017-09-05 06:25 - 000527872 _____ (Microsoft Corporation) C:\Windows\system32\daxexec.dll
2017-09-15 15:36 - 2017-09-05 06:25 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-09-15 15:36 - 2017-09-05 06:25 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\TpmTasks.dll
2017-09-15 15:36 - 2017-09-05 06:25 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nsiproxy.sys
2017-09-15 15:36 - 2017-09-05 06:24 - 000457728 _____ (Microsoft Corporation) C:\Windows\system32\webplatstorageserver.dll
2017-09-15 15:36 - 2017-09-05 06:24 - 000385536 _____ (Microsoft Corporation) C:\Windows\system32\tpmvsc.dll
2017-09-15 15:36 - 2017-09-05 06:24 - 000353280 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2017-09-15 15:36 - 2017-09-05 06:24 - 000334336 _____ (Microsoft Corporation) C:\Windows\system32\wc_storage.dll
2017-09-15 15:36 - 2017-09-05 06:24 - 000274432 _____ (Microsoft Corporation) C:\Windows\system32\authz.dll
2017-09-15 15:36 - 2017-09-05 06:24 - 000182272 _____ (Microsoft Corporation) C:\Windows\system32\ngcrecovery.dll
2017-09-15 15:36 - 2017-09-05 06:24 - 000160768 _____ (Microsoft Corporation) C:\Windows\system32\dinput.dll
2017-09-15 15:36 - 2017-09-05 06:24 - 000109056 _____ (Microsoft Corporation) C:\Windows\system32\dab.dll
2017-09-15 15:36 - 2017-09-05 06:24 - 000096256 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-09-15 15:36 - 2017-09-05 06:23 - 020509184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2017-09-15 15:36 - 2017-09-05 06:23 - 000739840 _____ (Microsoft Corporation) C:\Windows\system32\PhoneProviders.dll
2017-09-15 15:36 - 2017-09-05 06:23 - 000450048 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2017-09-15 15:36 - 2017-09-05 06:23 - 000433664 _____ (Microsoft Corporation) C:\Windows\system32\msIso.dll
2017-09-15 15:36 - 2017-09-05 06:23 - 000305152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2017-09-15 15:36 - 2017-09-05 06:23 - 000140288 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2017-09-15 15:36 - 2017-09-05 06:23 - 000138752 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2017-09-15 15:36 - 2017-09-05 06:23 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\rasman.dll
2017-09-15 15:36 - 2017-09-05 06:23 - 000107008 _____ (Microsoft Corporation) C:\Windows\system32\ngcpopkeysrv.dll
2017-09-15 15:36 - 2017-09-05 06:22 - 023684608 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-09-15 15:36 - 2017-09-05 06:22 - 000640512 _____ (Microsoft Corporation) C:\Windows\system32\ngccredprov.dll
2017-09-15 15:36 - 2017-09-05 06:22 - 000556032 _____ (Microsoft Corporation) C:\Windows\system32\TpmCoreProvisioning.dll
2017-09-15 15:36 - 2017-09-05 06:22 - 000527360 _____ (Microsoft Corporation) C:\Windows\system32\aadcloudap.dll
2017-09-15 15:36 - 2017-09-05 06:22 - 000477696 _____ (Microsoft Corporation) C:\Windows\system32\rasplap.dll
2017-09-15 15:36 - 2017-09-05 06:22 - 000458752 _____ (Microsoft Corporation) C:\Windows\system32\NgcCtnr.dll
2017-09-15 15:36 - 2017-09-05 06:22 - 000413184 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2017-09-15 15:36 - 2017-09-05 06:22 - 000388096 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-09-15 15:36 - 2017-09-05 06:22 - 000329728 _____ (Microsoft Corporation) C:\Windows\system32\RasMediaManager.dll
2017-09-15 15:36 - 2017-09-05 06:22 - 000327168 _____ (Microsoft Corporation) C:\Windows\system32\WinBioDataModel.dll
2017-09-15 15:36 - 2017-09-05 06:22 - 000274944 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-09-15 15:36 - 2017-09-05 06:22 - 000225792 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-09-15 15:36 - 2017-09-05 06:22 - 000213504 _____ (Microsoft Corporation) C:\Windows\system32\dinput8.dll
2017-09-15 15:36 - 2017-09-05 06:22 - 000173568 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2017-09-15 15:36 - 2017-09-05 06:21 - 001051136 _____ (Microsoft Corporation) C:\Windows\system32\nettrace.dll
2017-09-15 15:36 - 2017-09-05 06:21 - 000946688 _____ (Microsoft Corporation) C:\Windows\system32\rasgcw.dll
2017-09-15 15:36 - 2017-09-05 06:21 - 000773120 _____ (Microsoft Corporation) C:\Windows\system32\PhoneService.dll
2017-09-15 15:36 - 2017-09-05 06:21 - 000691712 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2017-09-15 15:36 - 2017-09-05 06:21 - 000422400 _____ (Microsoft Corporation) C:\Windows\system32\WpAXHolder.dll
2017-09-15 15:36 - 2017-09-05 06:21 - 000408576 _____ (Microsoft Corporation) C:\Windows\system32\cryptngc.dll
2017-09-15 15:36 - 2017-09-05 06:21 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\Phoneutil.dll
2017-09-15 15:36 - 2017-09-05 06:21 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-09-15 15:36 - 2017-09-05 06:20 - 007337472 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2017-09-15 15:36 - 2017-09-05 06:20 - 001878016 _____ (Microsoft Corporation) C:\Windows\system32\AzureSettingSyncProvider.dll
2017-09-15 15:36 - 2017-09-05 06:20 - 000925696 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebFilter.dll
2017-09-15 15:36 - 2017-09-05 06:20 - 000805888 _____ (Microsoft Corporation) C:\Windows\system32\ieproxy.dll
2017-09-15 15:36 - 2017-09-05 06:20 - 000546816 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2017-09-15 15:36 - 2017-09-05 06:20 - 000412160 _____ (Microsoft Corporation) C:\Windows\system32\ActivationManager.dll
2017-09-15 15:36 - 2017-09-05 06:20 - 000282112 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2017-09-15 15:36 - 2017-09-05 06:20 - 000229888 _____ (Microsoft Corporation) C:\Windows\system32\SIHClient.exe
2017-09-15 15:36 - 2017-09-05 06:19 - 019336192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-09-15 15:36 - 2017-09-05 06:19 - 001260544 _____ (Microsoft Corporation) C:\Windows\system32\GamePanel.exe
2017-09-15 15:36 - 2017-09-05 06:19 - 001085440 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2017-09-15 15:36 - 2017-09-05 06:19 - 001028608 _____ (Microsoft Corporation) C:\Windows\system32\modernexecserver.dll
2017-09-15 15:36 - 2017-09-05 06:19 - 000996864 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2017-09-15 15:36 - 2017-09-05 06:19 - 000772096 _____ (Microsoft Corporation) C:\Windows\system32\PCPKsp.dll
2017-09-15 15:36 - 2017-09-05 06:19 - 000772096 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2017-09-15 15:36 - 2017-09-05 06:19 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2017-09-15 15:36 - 2017-09-05 06:19 - 000124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2017-09-15 15:36 - 2017-09-05 06:19 - 000080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-09-15 15:36 - 2017-09-05 06:18 - 012801536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-09-15 15:36 - 2017-09-05 06:18 - 004175872 _____ (Microsoft Corporation) C:\Windows\system32\StartTileData.dll
2017-09-15 15:36 - 2017-09-05 06:18 - 002078720 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-09-15 15:36 - 2017-09-05 06:18 - 000922112 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-09-15 15:36 - 2017-09-05 06:18 - 000921600 _____ (Microsoft Corporation) C:\Windows\system32\rasdlg.dll
2017-09-15 15:36 - 2017-09-05 06:18 - 000874496 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
2017-09-15 15:36 - 2017-09-05 06:18 - 000864256 _____ (Microsoft Corporation) C:\Windows\system32\NotificationController.dll
2017-09-15 15:36 - 2017-09-05 06:18 - 000832000 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelinesvc.exe
2017-09-15 15:36 - 2017-09-05 06:18 - 000803328 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2017-09-15 15:36 - 2017-09-05 06:18 - 000752640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-09-15 15:36 - 2017-09-05 06:18 - 000564736 _____ (Microsoft Corporation) C:\Windows\system32\dsreg.dll
2017-09-15 15:36 - 2017-09-05 06:18 - 000491520 _____ (Microsoft Corporation) C:\Windows\system32\NgcCtnrSvc.dll
2017-09-15 15:36 - 2017-09-05 06:18 - 000339968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-09-15 15:36 - 2017-09-05 06:18 - 000266240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-09-15 15:36 - 2017-09-05 06:18 - 000257024 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-09-15 15:36 - 2017-09-05 06:18 - 000176640 _____ (Microsoft Corporation) C:\Windows\system32\wersvc.dll
2017-09-15 15:36 - 2017-09-05 06:18 - 000056832 _____ (Microsoft Corporation) C:\Windows\system32\cldapi.dll
2017-09-15 15:36 - 2017-09-05 06:17 - 008207872 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2017-09-15 15:36 - 2017-09-05 06:17 - 002765824 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-09-15 15:36 - 2017-09-05 06:17 - 001886208 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2017-09-15 15:36 - 2017-09-05 06:17 - 001397760 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2017-09-15 15:36 - 2017-09-05 06:17 - 000757760 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2017-09-15 15:36 - 2017-09-05 06:16 - 002805248 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2017-09-15 15:36 - 2017-09-05 06:16 - 002680320 _____ (Microsoft Corporation) C:\Windows\system32\Windows.CloudStore.dll
2017-09-15 15:36 - 2017-09-05 06:16 - 000440320 _____ (Microsoft Corporation) C:\Windows\system32\windows.immersiveshell.serviceprovider.dll
2017-09-15 15:36 - 2017-09-05 06:16 - 000397312 _____ (Microsoft Corporation) C:\Windows\system32\rascustom.dll
2017-09-15 15:36 - 2017-09-05 06:16 - 000358400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll
2017-09-15 15:36 - 2017-09-05 06:15 - 004730368 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-09-15 15:36 - 2017-09-05 06:15 - 004396032 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2017-09-15 15:36 - 2017-09-05 06:15 - 003307008 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-09-15 15:36 - 2017-09-05 06:15 - 003059200 _____ (Microsoft Corporation) C:\Windows\system32\NetworkMobileSettings.dll
2017-09-15 15:36 - 2017-09-05 06:15 - 002503680 _____ (Microsoft Corporation) C:\Windows\system32\twinui.pcshell.dll
2017-09-15 15:36 - 2017-09-05 06:15 - 002055680 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2017-09-15 15:36 - 2017-09-05 06:15 - 001736704 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2017-09-15 15:36 - 2017-09-05 06:15 - 001460224 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-09-15 15:36 - 2017-09-05 06:15 - 001293824 _____ (Microsoft Corporation) C:\Windows\system32\aadtb.dll
2017-09-15 15:36 - 2017-09-05 06:15 - 001143296 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2017-09-15 15:36 - 2017-09-05 06:15 - 001077248 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2017-09-15 15:36 - 2017-09-05 06:15 - 000706560 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2017-09-15 15:36 - 2017-09-05 06:15 - 000664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-09-15 15:36 - 2017-09-05 06:15 - 000232960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-09-15 15:36 - 2017-09-05 06:14 - 011887104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-09-15 15:36 - 2017-09-05 06:14 - 005557760 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2017-09-15 15:36 - 2017-09-05 06:14 - 002516480 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2017-09-15 15:36 - 2017-09-05 06:14 - 002445824 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-09-15 15:36 - 2017-09-05 06:14 - 002177024 _____ (Microsoft Corporation) C:\Windows\system32\OpcServices.dll
2017-09-15 15:36 - 2017-09-05 06:14 - 002006528 _____ (Microsoft Corporation) C:\Windows\system32\LocationFramework.dll
2017-09-15 15:36 - 2017-09-05 06:14 - 001657344 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2017-09-15 15:36 - 2017-09-05 06:14 - 001583616 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-09-15 15:36 - 2017-09-05 06:14 - 001046016 _____ (Microsoft Corporation) C:\Windows\system32\ngcsvc.dll
2017-09-15 15:36 - 2017-09-05 06:14 - 000986624 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2017-09-15 15:36 - 2017-09-05 06:14 - 000827904 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2017-09-15 15:36 - 2017-09-05 06:14 - 000810496 _____ (Microsoft Corporation) C:\Windows\system32\rasapi32.dll
2017-09-15 15:36 - 2017-09-05 06:13 - 002009600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-09-15 15:36 - 2017-09-05 06:13 - 001802752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-09-15 15:36 - 2017-09-05 06:13 - 000407040 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2017-09-15 15:36 - 2017-09-05 06:12 - 006265856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2017-09-15 15:36 - 2017-09-05 06:12 - 002153984 _____ (Microsoft Corporation) C:\Windows\system32\wlidsvc.dll
2017-09-15 15:36 - 2017-09-05 06:11 - 003654656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-09-15 15:36 - 2017-09-05 06:11 - 001463296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-09-15 15:36 - 2017-09-05 06:11 - 000254976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2017-09-15 15:36 - 2017-09-05 06:09 - 000268288 _____ (Microsoft Corporation) C:\Windows\system32\wisp.dll
2017-09-15 15:36 - 2017-09-05 06:07 - 000201728 _____ (Microsoft Corporation) C:\Windows\system32\RstrtMgr.dll
2017-09-15 15:36 - 2017-09-05 06:07 - 000061952 _____ (Microsoft Corporation) C:\Windows\system32\vss_ps.dll
2017-09-15 15:36 - 2017-09-05 06:06 - 000078848 _____ (Microsoft Corporation) C:\Windows\system32\offreg.dll
2017-09-15 15:36 - 2017-09-01 07:55 - 000031932 _____ C:\Windows\system32\edgehtmlpluginpolicy.bin
2017-09-15 15:36 - 2017-08-01 04:38 - 000382368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2017-09-15 15:36 - 2017-08-01 04:33 - 000473240 _____ (Microsoft Corporation) C:\Windows\system32\policymanager.dll
2017-09-15 15:36 - 2017-08-01 04:32 - 000712600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2017-09-15 15:36 - 2017-08-01 04:30 - 000411040 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-09-15 15:36 - 2017-08-01 04:30 - 000143736 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2017-09-15 15:36 - 2017-08-01 04:30 - 000082336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmbkmcl.sys
2017-09-15 15:36 - 2017-08-01 04:26 - 000204192 _____ (Microsoft Corporation) C:\Windows\system32\basecsp.dll
2017-09-15 15:36 - 2017-08-01 04:16 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
2017-09-15 15:36 - 2017-08-01 03:44 - 000083968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmbkmclr.sys
2017-09-15 15:36 - 2017-08-01 03:41 - 000180736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rfcomm.sys
2017-09-15 15:36 - 2017-08-01 03:41 - 000130560 _____ (Microsoft Corporation) C:\Windows\system32\policymanagerprecheck.dll
2017-09-15 15:36 - 2017-08-01 03:41 - 000110592 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2017-09-15 15:36 - 2017-08-01 03:41 - 000042496 _____ (Microsoft Corporation) C:\Windows\system32\tokenbinding.dll
2017-09-15 15:36 - 2017-08-01 03:40 - 000290816 _____ (Microsoft Corporation) C:\Windows\system32\dmenterprisediagnostics.dll
2017-09-15 15:36 - 2017-08-01 03:39 - 000046592 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2017-09-15 15:36 - 2017-08-01 03:38 - 000153088 _____ (Microsoft Corporation) C:\Windows\system32\fdeploy.dll
2017-09-15 15:36 - 2017-08-01 03:38 - 000143872 _____ (Microsoft Corporation) C:\Windows\system32\profsvcext.dll
2017-09-15 15:36 - 2017-08-01 03:37 - 000582656 _____ (Microsoft Corporation) C:\Windows\system32\SmsRouterSvc.dll
2017-09-15 15:36 - 2017-08-01 03:37 - 000255488 _____ (Microsoft Corporation) C:\Windows\system32\scksp.dll
2017-09-15 15:36 - 2017-08-01 03:35 - 000692736 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-09-15 15:36 - 2017-08-01 03:33 - 001269760 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
2017-09-15 15:36 - 2017-08-01 03:33 - 000315904 _____ (Microsoft Corporation) C:\Windows\system32\ncryptprov.dll
2017-09-15 15:36 - 2017-08-01 03:31 - 004445696 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
2017-09-15 15:36 - 2017-08-01 03:30 - 001052160 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll
2017-09-15 15:36 - 2017-08-01 03:30 - 000303104 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2017-09-15 15:36 - 2017-08-01 03:27 - 000574464 _____ (Microsoft Corporation) C:\Windows\system32\configmanager2.dll
2017-09-15 15:36 - 2017-08-01 03:27 - 000482816 _____ (Microsoft Corporation) C:\Windows\system32\dmenrollengine.dll
2017-09-15 15:36 - 2017-08-01 03:26 - 000323584 _____ (Microsoft Corporation) C:\Windows\system32\DeviceEnroller.exe
2017-09-15 15:36 - 2017-08-01 03:25 - 000249344 _____ (Microsoft Corporation) C:\Windows\system32\coredpus.dll
2017-09-15 15:36 - 2017-08-01 03:25 - 000194048 _____ (Microsoft Corporation) C:\Windows\system32\mdmregistration.dll
2017-09-15 15:36 - 2017-08-01 03:25 - 000140800 _____ (Microsoft Corporation) C:\Windows\system32\dmcsps.dll
2017-09-15 15:36 - 2017-07-28 07:30 - 001068720 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.dll
2017-09-15 15:36 - 2017-07-28 07:24 - 002327456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2017-09-15 15:36 - 2017-07-28 07:24 - 000455584 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2017-09-15 15:36 - 2017-07-28 07:24 - 000119904 _____ (Microsoft Corporation) C:\Windows\system32\dmcmnutils.dll
2017-09-15 15:36 - 2017-07-28 07:24 - 000116280 _____ (Microsoft Corporation) C:\Windows\system32\bcd.dll
2017-09-15 15:36 - 2017-07-28 07:17 - 000660680 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2017-09-15 15:36 - 2017-07-28 07:16 - 000961952 _____ (Microsoft Corporation) C:\Windows\system32\efscore.dll
2017-09-15 15:36 - 2017-07-28 07:15 - 005302968 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepository.dll
2017-09-15 15:36 - 2017-07-28 07:14 - 000318232 _____ (Microsoft Corporation) C:\Windows\system32\wininit.exe
2017-09-15 15:36 - 2017-07-28 07:13 - 006557520 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2017-09-15 15:36 - 2017-07-28 07:13 - 002604248 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2017-09-15 15:36 - 2017-07-28 07:13 - 001054280 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2017-09-15 15:36 - 2017-07-28 07:13 - 001033544 _____ (Microsoft Corporation) C:\Windows\system32\DolbyDecMFT.dll
2017-09-15 15:36 - 2017-07-28 07:13 - 000192264 _____ (Microsoft Corporation) C:\Windows\system32\mfsensorgroup.dll
2017-09-15 15:36 - 2017-07-28 07:13 - 000104432 _____ (Microsoft Corporation) C:\Windows\system32\msacm32.dll
2017-09-15 15:36 - 2017-07-28 07:12 - 001337856 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2017-09-15 15:36 - 2017-07-28 07:12 - 001325968 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2017-09-15 15:36 - 2017-07-28 07:12 - 000323936 _____ (Microsoft Corporation) C:\Windows\system32\shlwapi.dll
2017-09-15 15:36 - 2017-07-28 07:10 - 001114528 _____ (Microsoft Corporation) C:\Windows\system32\ReAgent.dll
2017-09-15 15:36 - 2017-07-28 07:09 - 000529992 _____ (Microsoft Corporation) C:\Windows\system32\TextInputFramework.dll
2017-09-15 15:36 - 2017-07-28 07:09 - 000527976 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2017-09-15 15:36 - 2017-07-28 06:48 - 000100232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcd.dll
2017-09-15 15:36 - 2017-07-28 06:31 - 003995136 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbon.dll
2017-09-15 15:36 - 2017-07-28 06:30 - 001722880 _____ (Microsoft Corporation) C:\Windows\system32\dui70.dll
2017-09-15 15:36 - 2017-07-28 06:29 - 000142848 _____ (Microsoft Corporation) C:\Windows\system32\dwmredir.dll
2017-09-15 15:36 - 2017-07-28 06:27 - 000051712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UcmUcsi.sys
2017-09-15 15:36 - 2017-07-28 06:26 - 000102912 _____ (Microsoft Corporation) C:\Windows\system32\officecsp.dll
2017-09-15 15:36 - 2017-07-28 06:26 - 000090112 _____ (Microsoft Corporation) C:\Windows\system32\ofdeploy.exe
2017-09-15 15:36 - 2017-07-28 06:26 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\IpNatHlpClient.dll
2017-09-15 15:36 - 2017-07-28 06:25 - 003464704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbon.dll
2017-09-15 15:36 - 2017-07-28 06:25 - 000231936 _____ (Microsoft Corporation) C:\Windows\system32\DolbyMATEnc.dll
2017-09-15 15:36 - 2017-07-28 06:25 - 000115712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys
2017-09-15 15:36 - 2017-07-28 06:25 - 000105472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthenum.sys
2017-09-15 15:36 - 2017-07-28 06:25 - 000097280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys
2017-09-15 15:36 - 2017-07-28 06:24 - 000184832 _____ (Microsoft Corporation) C:\Windows\system32\VCardParser.dll
2017-09-15 15:36 - 2017-07-28 06:24 - 000136192 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryUpgrade.dll
2017-09-15 15:36 - 2017-07-28 06:23 - 000778240 _____ (Microsoft Corporation) C:\Windows\system32\DolbyHrtfEnc.dll
2017-09-15 15:36 - 2017-07-28 06:23 - 000189440 _____ (Microsoft Corporation) C:\Windows\system32\BluetoothApis.dll
2017-09-15 15:36 - 2017-07-28 06:22 - 000778240 _____ C:\Windows\system32\MBR2GPT.EXE
2017-09-15 15:36 - 2017-07-28 06:22 - 000500224 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Shell.BlueLightReduction.dll
2017-09-15 15:36 - 2017-07-28 06:22 - 000491520 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Display.dll
2017-09-15 15:36 - 2017-07-28 06:22 - 000259072 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Flights.dll
2017-09-15 15:36 - 2017-07-28 06:22 - 000209408 _____ (Microsoft Corporation) C:\Windows\system32\psmsrv.dll
2017-09-15 15:36 - 2017-07-28 06:22 - 000197120 _____ (Microsoft Corporation) C:\Windows\system32\bcdboot.exe
2017-09-15 15:36 - 2017-07-28 06:21 - 008333312 _____ (Microsoft Corporation) C:\Windows\system32\BingMaps.dll
2017-09-15 15:36 - 2017-07-28 06:21 - 000699904 _____ (Microsoft Corporation) C:\Windows\system32\FlightSettings.dll
2017-09-15 15:36 - 2017-07-28 06:21 - 000365056 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Notifications.dll
2017-09-15 15:36 - 2017-07-28 06:21 - 000150528 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll
2017-09-15 15:36 - 2017-07-28 06:20 - 001015296 _____ (Microsoft Corporation) C:\Windows\system32\XblAuthManager.dll
2017-09-15 15:36 - 2017-07-28 06:20 - 000982016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2017-09-15 15:36 - 2017-07-28 06:20 - 000524800 _____ (Microsoft Corporation) C:\Windows\system32\TileDataRepository.dll
2017-09-15 15:36 - 2017-07-28 06:19 - 000942592 _____ (Microsoft Corporation) C:\Windows\system32\wbiosrvc.dll
2017-09-15 15:36 - 2017-07-28 06:19 - 000847360 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2017-09-15 15:36 - 2017-07-28 06:19 - 000817664 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll
2017-09-15 15:36 - 2017-07-28 06:19 - 000687616 _____ (Microsoft Corporation) C:\Windows\system32\LogonController.dll
2017-09-15 15:36 - 2017-07-28 06:19 - 000566784 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.UX.EapRequestHandler.dll
2017-09-15 15:36 - 2017-07-28 06:19 - 000370688 _____ (Microsoft Corporation) C:\Windows\system32\rastlsext.dll
2017-09-15 15:36 - 2017-07-28 06:18 - 001468416 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2017-09-15 15:36 - 2017-07-28 06:18 - 001298432 _____ (Microsoft Corporation) C:\Windows\system32\lpasvc.dll
2017-09-15 15:36 - 2017-07-28 06:18 - 000586240 _____ (Microsoft Corporation) C:\Windows\system32\AppReadiness.dll
2017-09-15 15:36 - 2017-07-28 06:18 - 000536064 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll
2017-09-15 15:36 - 2017-07-28 06:17 - 000497152 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2017-09-15 15:36 - 2017-07-28 06:17 - 000420864 _____ (Microsoft Corporation) C:\Windows\system32\facecredentialprovider.dll
2017-09-15 15:36 - 2017-07-28 06:16 - 001046016 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
2017-09-15 15:36 - 2017-07-28 06:15 - 003204608 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2017-09-15 15:36 - 2017-07-28 06:15 - 000612864 _____ (Microsoft Corporation) C:\Windows\system32\shsvcs.dll
2017-09-15 15:36 - 2017-07-28 06:14 - 001305088 _____ (Microsoft Corporation) C:\Windows\system32\dosvc.dll
2017-09-15 15:36 - 2017-07-28 06:13 - 004535296 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2017-09-15 15:36 - 2017-07-28 06:13 - 000972288 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2017-09-15 15:36 - 2017-07-28 06:12 - 004707840 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2017-09-15 15:36 - 2017-07-28 06:12 - 002939392 _____ (Microsoft Corporation) C:\Windows\system32\InputService.dll
2017-09-15 15:36 - 2017-07-28 06:11 - 001357312 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2017-09-15 15:36 - 2017-07-28 06:10 - 001706496 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2017-09-15 15:36 - 2017-07-28 06:10 - 000625152 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2017-09-15 15:36 - 2017-07-28 06:09 - 000971264 _____ (Microsoft Corporation) C:\Windows\system32\autochk.exe
2017-09-15 15:36 - 2017-07-28 06:09 - 000579072 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2017-09-15 15:36 - 2017-07-28 06:08 - 000600576 _____ (Microsoft Corporation) C:\Windows\system32\FrameServer.dll
2017-09-15 15:36 - 2017-07-28 06:07 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\MDMAppInstaller.exe
2017-09-15 15:36 - 2017-07-28 06:07 - 000105472 _____ (Microsoft Corporation) C:\Windows\system32\RjvMDMConfig.dll
2017-09-15 15:36 - 2017-07-28 06:07 - 000074240 _____ (Microsoft Corporation) C:\Windows\system32\EnterpriseDesktopAppMgmtCSP.dll
2017-09-15 15:36 - 2017-07-28 06:07 - 000059392 _____ (Microsoft Corporation) C:\Windows\system32\DmApiSetExtImplDesktop.dll
2017-09-15 15:36 - 2017-07-28 06:06 - 001833984 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2017-09-15 15:36 - 2017-07-28 06:06 - 000593408 _____ (Microsoft Corporation) C:\Windows\system32\BootMenuUX.dll
2017-09-15 15:36 - 2017-07-28 06:06 - 000093696 _____ (Microsoft Corporation) C:\Windows\system32\spbcd.dll
2017-09-15 15:36 - 2017-07-28 06:05 - 001525760 _____ (Microsoft Corporation) C:\Windows\system32\RecoveryDrive.exe
2017-09-15 15:36 - 2017-07-28 06:05 - 001087488 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2017-09-15 15:36 - 2017-07-28 06:05 - 000954368 _____ (Microsoft Corporation) C:\Windows\system32\autoconv.exe
2017-09-15 15:36 - 2017-07-28 06:05 - 000926208 _____ (Microsoft Corporation) C:\Windows\system32\autofmt.exe
2017-09-15 15:36 - 2017-07-28 06:05 - 000078848 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2017-09-15 15:28 - 2017-09-15 15:28 - 000002119 _____ C:\Users\Public\Desktop\SupportAssist.lnk
2017-09-15 15:28 - 2017-09-15 15:28 - 000000000 ____D C:\ProgramData\PC-Doctor for Windows
2017-09-15 15:28 - 2017-09-15 15:28 - 000000000 ____D C:\Program Files\Dell Support Center
2017-09-15 15:23 - 2017-09-15 15:23 - 000003934 _____ C:\Windows\System32\Tasks\Dell SupportAssistAgent AnonymousRegistration
2017-09-15 15:23 - 2017-09-15 15:23 - 000000000 ____D C:\ProgramData\PC-Doctor, Inc
2017-09-15 15:22 - 2017-09-15 15:23 - 000000000 ____D C:\Users\numer\AppData\Roaming\PCDr

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-09-27 05:33 - 2017-03-18 23:03 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2017-09-27 05:12 - 2017-03-18 22:51 - 000000000 ____D C:\Windows\CbsTemp
2017-09-27 04:56 - 2017-06-22 10:41 - 002521726 _____ C:\Windows\system32\PerfStringBackup.INI
2017-09-27 04:56 - 2017-04-04 22:00 - 001130176 _____ C:\Windows\system32\perfh010.dat
2017-09-27 04:56 - 2017-04-04 22:00 - 000247304 _____ C:\Windows\system32\perfc010.dat
2017-09-27 04:48 - 2017-07-25 19:49 - 000000000 ____D C:\Users\numer\AppData\Local\CrashDumps
2017-09-27 04:48 - 2017-07-05 21:20 - 000000000 ___RD C:\Users\numer\OneDrive
2017-09-27 04:47 - 2017-07-05 21:18 - 000000000 __SHD C:\Users\numer\IntelGraphicsProfiles
2017-09-27 04:47 - 2017-06-22 10:45 - 000000000 ____D C:\ProgramData\NVIDIA
2017-09-27 04:47 - 2017-06-22 10:36 - 000383776 _____ C:\Windows\system32\FNTCACHE.DAT
2017-09-27 04:47 - 2017-06-22 10:36 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-09-27 04:47 - 2017-03-18 13:40 - 000786432 _____ C:\Windows\system32\config\BBI
2017-09-27 04:41 - 2017-03-18 23:01 - 000000000 ____D C:\Windows\INF
2017-09-27 04:40 - 2017-06-22 10:41 - 000000000 ____D C:\Windows\SysWOW64\RTCOM
2017-09-27 04:40 - 2017-06-22 10:41 - 000000000 ____D C:\Windows\system32\RTCOM
2017-09-27 04:39 - 2017-03-18 23:03 - 000000000 ___HD C:\Program Files\WindowsApps
2017-09-27 04:39 - 2017-03-18 23:03 - 000000000 ____D C:\Windows\AppReadiness
2017-09-27 04:38 - 2017-07-05 21:30 - 000000000 ____D C:\Users\numer\AppData\Local\Adobe
2017-09-23 10:53 - 2017-06-22 10:48 - 000000000 ____D C:\Program Files (x86)\McAfee
2017-09-23 10:39 - 2017-06-22 10:36 - 000000000 ____D C:\Windows\system32\SleepStudy
2017-09-23 10:03 - 2017-03-18 23:03 - 000000000 ____D C:\Windows\rescache
2017-09-23 09:53 - 2017-06-22 10:55 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2017-09-23 08:58 - 2017-06-22 10:49 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-09-20 22:16 - 2017-04-04 22:00 - 000000000 ____D C:\Windows\system32\it
2017-09-20 22:16 - 2017-03-18 23:03 - 000000000 ___SD C:\Windows\SysWOW64\F12
2017-09-20 22:16 - 2017-03-18 23:03 - 000000000 ___SD C:\Windows\system32\F12
2017-09-20 22:16 - 2017-03-18 23:03 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2017-09-20 22:16 - 2017-03-18 23:03 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2017-09-20 22:16 - 2017-03-18 23:03 - 000000000 ____D C:\Windows\SysWOW64\setup
2017-09-20 22:16 - 2017-03-18 23:03 - 000000000 ____D C:\Windows\system32\WinMetadata
2017-09-20 22:16 - 2017-03-18 23:03 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2017-09-20 22:16 - 2017-03-18 23:03 - 000000000 ____D C:\Windows\system32\setup
2017-09-20 22:16 - 2017-03-18 23:03 - 000000000 ____D C:\Windows\system32\oobe
2017-09-20 22:16 - 2017-03-18 23:03 - 000000000 ____D C:\Windows\ShellExperiences
2017-09-20 22:16 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-09-20 22:16 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-09-20 20:19 - 2017-06-22 10:41 - 005881208 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2017-09-20 20:19 - 2017-06-22 10:41 - 000032408 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2017-09-20 20:18 - 2017-06-22 10:41 - 025135008 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioCapture64.dll
2017-09-20 20:18 - 2017-06-22 10:41 - 024153416 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRender64.dll
2017-09-20 20:18 - 2017-06-22 10:41 - 003556512 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2017-09-20 20:18 - 2017-06-22 10:41 - 000582080 _____ (Intel Corporation) C:\Windows\system32\tbb_waves.dll
2017-09-20 20:18 - 2017-06-22 10:41 - 000203448 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2017-09-20 19:30 - 2017-03-18 23:03 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-09-20 19:27 - 2017-07-05 21:19 - 000000000 ____D C:\Users\numer\AppData\Local\NVIDIA Corporation
2017-09-20 19:25 - 2017-07-20 21:29 - 000003378 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1420259285-3256734564-2012207256-1001
2017-09-20 19:25 - 2017-07-05 21:20 - 000002415 _____ C:\Users\numer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-09-15 17:51 - 2017-07-07 13:06 - 138202976 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-09-15 17:51 - 2017-07-07 13:06 - 000000000 ____D C:\Windows\system32\MRT
2017-09-15 17:39 - 2017-06-22 10:48 - 000019378 _____ C:\Windows\system32\results.xml
2017-09-15 17:39 - 2017-06-22 10:48 - 000000000 ____D C:\ProgramData\McAfee
2017-09-15 17:39 - 2017-06-22 10:40 - 000000000 ____D C:\ProgramData\PCDr
2017-09-15 16:31 - 2017-07-07 12:59 - 000003446 _____ C:\Windows\System32\Tasks\McAfee Remediation (Prepare)
2017-09-15 16:15 - 2017-06-22 10:43 - 000000000 _____ C:\Windows\system32\GfxValDisplayLog.bin
2017-09-15 16:14 - 2017-06-22 10:45 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2017-09-15 16:14 - 2017-06-22 10:45 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-09-15 16:14 - 2017-06-22 10:44 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2017-09-15 16:14 - 2017-06-22 10:43 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2017-09-15 15:41 - 2017-07-05 21:15 - 000000000 ____D C:\Users\numer
2017-09-15 15:34 - 2017-06-22 10:48 - 000003126 _____ C:\Windows\System32\Tasks\McAfeeLogon
2017-09-15 15:34 - 2017-06-22 10:48 - 000000000 ____D C:\Program Files\Common Files\mcafee
2017-09-15 15:33 - 2017-06-22 10:48 - 000000000 ____D C:\Windows\System32\Tasks\McAfee
2017-09-15 15:33 - 2017-03-18 23:03 - 000000000 ___HD C:\Windows\ELAMBKUP
2017-09-15 15:31 - 2017-07-05 21:18 - 000000000 ____D C:\Users\numer\AppData\Local\Packages
2017-09-15 15:28 - 2017-06-22 10:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2017-09-15 15:22 - 2017-07-11 22:46 - 000000000 ____D C:\ProgramData\SupportAssist
2017-09-02 17:15 - 2017-03-18 23:06 - 000835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-09-02 17:15 - 2017-03-18 23:06 - 000177656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2017-07-09 16:00 - 2017-08-11 16:19 - 000001456 _____ () C:\Users\numer\AppData\Local\Adobe Salva per Web e dispositivi 13.0 Prefs

Some files in TEMP:
====================
2017-09-27 05:17 - 2017-09-05 07:26 - 001930840 _____ (Microsoft Corporation) C:\Users\numer\AppData\Local\Temp\dllnt_dump.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-09-23 09:59

==================== End of FRST.txt ============================

FRST SECONDO REPORT

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-09-2017
Ran by numer (27-09-2017 05:39:02)
Running from C:\Users\numer\Desktop
Windows 10 Home Version 1703 (X64) (2017-07-05 21:09:29)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1420259285-3256734564-2012207256-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1420259285-3256734564-2012207256-503 - Limited - Disabled)
Guest (S-1-5-21-1420259285-3256734564-2012207256-501 - Limited - Disabled)
numer (S-1-5-21-1420259285-3256734564-2012207256-1001 - Administrator - Enabled) => C:\Users\numer

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: McAfee VirusScan (Enabled - Up to date) {8BCDACFA-D264-3528-5EF8-E94FD0BC1FBC}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee VirusScan (Enabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501}
FW: McAfee Firewall (Enabled) {B3F62DDF-980B-3470-75A7-407A2E6F58C7}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Bridge CC 2017 (HKLM-x32\...\KBRG_7_0) (Version: 7.0 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.2.0.211 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.12 - Adobe Systems Incorporated)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_1_1) (Version: 18.1.1 - Adobe Systems Incorporated)
Aggiornamenti NVIDIA 25.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 25.0.0.0 - NVIDIA Corporation) Hidden
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 382.05 - NVIDIA Corporation) Hidden
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.41.3 - Asmedia Technology)
Dell Customer Connect (HKLM-x32\...\{4D0D1313-C0BF-4092-944A-129C8469F794}) (Version: 1.4.17.0 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{7294961D-6EC1-4418-9017-0180A0C78A91}) (Version: 3.2.1006.0 - Dell Products, LP)
Dell Foundation Services (HKLM\...\{BDB50421-E961-42F3-B803-6DAC6F173834}) (Version: 3.4.16100.0 - Dell Inc.)
Dell Product Registration (HKLM-x32\...\InstallShield_{0CB75726-FC62-4609-B5DA-0031E64F771B}) (Version: 3.0.128.0 - Dell Inc.)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 2.0.6875.402 - Dell)
Dell SupportAssist Remediation (HKLM\...\{00A1B449-74C9-4FF4-A854-BFECFDAD97A3}) (Version: 2.0.2.1841 - Dell Inc.) Hidden
Dell SupportAssist Remediation (HKLM-x32\...\{073ace1c-7a67-4292-a718-f13deb6a1035}) (Version: 2.0.2.1841 - Dell Inc.)
Dell SupportAssistAgent (HKLM\...\{E1AA62F7-B32A-4090-814E-83BC7C3DF1FB}) (Version: 2.0.2.21 - Dell)
Dell Update - SupportAssist Update Plugin (HKLM\...\{2228BC43-73DA-4F9A-BEE6-8E9C15328513}) (Version: 3.1.1.3832 - Dell Inc.)
Dell Update (HKLM-x32\...\{F91263FA-BE4D-439D-9C0A-2E7204E0E9E3}) (Version: 1.9.20.0 - Dell Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.3 - Google Inc.) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.2.11000.2996 - Intel Corporation)
Intel(R) HID Event Filter (HKLM-x32\...\3FB06EEC-013D-4366-9918-71B97DFB84EB) (Version: 1.1.1.318 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1047 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4664 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.2.15.1058 - Intel Corporation)
Killer Bandwidth Control Filter Driver (HKLM\...\{DC2CA969-16A9-4C5C-8A39-702C037BE907}) (Version: 1.1.70.1349 - Rivet Networks) Hidden
Killer Network Manager (HKLM\...\{E9AE1148-5976-4398-A3A6-54969D08BFA9}) (Version: 1.1.70.1349 - Rivet Networks) Hidden
Killer Wireless Suite (HKLM-x32\...\{E70DB50B-10B4-46BC-9DE2-AB8B49E061EE}) (Version: 1.1.70.1349 - Rivet Networks)
Killer Wireless-AC Drivers (HKLM\...\{ECBF2450-EDB2-4543-8A4A-1DF1961D5290}) (Version: 1.1.70.1349 - Rivet Networks) Hidden
Malwarebytes versione 3.2.2.2029 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2029 - Malwarebytes)
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.7.9233.1 - Waves Audio Ltd.) Hidden
McAfee LiveSafe (HKLM-x32\...\MSC) (Version: 16.0.3 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.161 - McAfee, Inc.)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.8326.2107 - Microsoft Corporation)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.8326.2107 - Microsoft Corporation)
Microsoft Office 365 - fr-fr (HKLM\...\O365HomePremRetail - fr-fr) (Version: 16.0.8326.2107 - Microsoft Corporation)
Microsoft Office 365 - it-it (HKLM\...\O365HomePremRetail - it-it) (Version: 16.0.8326.2107 - Microsoft Corporation)
Microsoft Office 365 - nl-nl (HKLM\...\O365HomePremRetail - nl-nl) (Version: 16.0.8326.2107 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1420259285-3256734564-2012207256-1001\...\OneDriveSetup.exe) (Version: 17.3.6998.0830 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Neat Image v7.6.0 Pro plug-in for Photoshop (64-bit) (HKLM\...\Neat Image plug-in for Photoshop_is1) (Version: - Neat Image team, ABSoft)
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google)
NVIDIA Driver grafico 382.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 382.05 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.6.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.6.0.74 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation)
NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.4.10.0 - NVIDIA Corporation) Hidden
NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.8326.2107 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.8326.2107 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.8326.2107 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.8326.2107 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.8326.2107 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-040C-0000-0000000FF1CE}) (Version: 16.0.8326.2107 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0410-0000-0000000FF1CE}) (Version: 16.0.8326.2107 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0413-0000-0000000FF1CE}) (Version: 16.0.8326.2107 - Microsoft Corporation) Hidden
Pannello di controllo NVIDIA 382.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 382.05 - NVIDIA Corporation) Hidden
Product Registration (HKLM\...\{0CB75726-FC62-4609-B5DA-0031E64F771B}) (Version: 3.0.128.0 - Dell Inc.) Hidden
Qualcomm Atheros Bluetooth Installer (64) (HKLM\...\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}) (Version: 10.0.0.279 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.21292 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8216 - Realtek Semiconductor Corp.)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0370 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.10.0079 - ST Microelectronics)
Thunderbolt(TM) Software (HKLM-x32\...\{10877131-EC3F-4F2F-97CD-2B8341D461D7}) (Version: 16.2.55.275 - Intel Corporation)
Topaz DeNoise 5 (HKLM-x32\...\Topaz DeNoise 5) (Version: 5.1.0 - Topaz Labs, LLC)
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0-2) (Version: 1.0.33.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0-3) (Version: 1.0.33.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1420259285-3256734564-2012207256-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-08AD05FAD746}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => No File
ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\Program Files\mcafee\msc\McCtxMenuFrmWrk.dll [2017-08-08] (McAfee, Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\System32\DriverStore\FileRepository\ki122581.inf_amd64_39d9112bbe77f060\igfxDTCM.dll [2017-06-02] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2017-05-01] (NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\Program Files\mcafee\msc\McCtxMenuFrmWrk.dll [2017-08-08] (McAfee, Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0169E330-AE93-4DF8-929B-CD50F6EF5D35} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {1803579B-D055-4356-B710-77BFB470B367} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => ConditionalAppStarter.exe
Task: {18E41227-83BB-4FDB-ACB3-1FAF8C291CA4} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-04] (NVIDIA Corporation)
Task: {379EC537-B9FF-4A92-AA61-4F3BED21ECFB} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-10-14] (Intel(R) Corporation)
Task: {3B479536-3D42-40C1-A1E6-5EE52B384058} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-09-23] ()
Task: {40C603E9-F226-4EFC-BC0B-B67182454E41} - System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\1.50.1291.1\mcdatrep.exe [2016-10-20] (McAfee, Inc.)
Task: {483E0A2B-23F5-49B4-A407-E0A92D5E81FD} - System32\Tasks\Dell SupportAssistAgent AnonymousRegistration => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssist.exe [2017-08-04] (Dell Inc.)
Task: {4AFA6A61-EE27-4300-B8D4-F72B3CEC7279} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {4F385F40-76DD-4FFB-8913-434233B202CF} - System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\1.50.1291.1\mcdatrep.exe [2016-10-20] (McAfee, Inc.)
Task: {5260A396-F75D-4C4C-BF6D-10434CC30F67} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\mcafee\platform\McUICnt.exe [2017-05-31] (McAfee, Inc.)
Task: {63430842-DEC5-4103-8B3F-E05D45865148} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {66C684F9-BFB3-49BE-8FE6-536C026C5B94} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-09-23] ()
Task: {6737C339-447D-4359-9015-0AA6DBC9D227} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-05-04] (NVIDIA Corporation)
Task: {782205E7-BA68-47AB-87E8-CF41219EB0F3} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => ConditionalAppStarter.exe
Task: {80CD8BAB-295D-45C6-8517-6E0F9B5B873A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-07-05] (Google Inc.)
Task: {8222C1FD-EBBC-42C1-A8BB-908907CBB6AC} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-09-08] (Microsoft Corporation)
Task: {88887C45-43E7-453C-9340-ABD556991A9D} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-04] (NVIDIA Corporation)
Task: {906D3035-70D7-4100-BBDF-E1B4E8761CA6} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-05-04] (NVIDIA Corporation)
Task: {9490D823-2CB2-433D-BB72-4A0063755169} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssist.exe [2017-08-04] (Dell Inc.)
Task: {95BA3DD5-9AB0-465A-B42C-799D0833D300} - System32\Tasks\PCDDataUploadTask => uaclauncher.exe
Task: {976722CD-C9D9-494E-8F0F-853BACB6F08F} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2017-05-29] (PC-Doctor, Inc.)
Task: {9975A54E-B9F1-4238-9D34-CE764C3FACBE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-07-05] (Google Inc.)
Task: {9A136F90-323B-47C2-9CD4-A0203B4B27A4} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [2017-05-29] (PC-Doctor, Inc.)
Task: {AAD7F43E-5BF7-4BA6-8823-74A5F4480342} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-numerosette@alice.it => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {C060F8F0-06C2-4D06-B9EE-AC320A21C25B} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-05-04] (NVIDIA Corporation)
Task: {C0C86D74-3E56-4C76-9918-B12C7EE07EFD} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-05-04] (NVIDIA Corporation)
Task: {C688FDE3-6BFE-4B70-AA44-A55CF41CBD15} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-09-08] (Microsoft Corporation)
Task: {EA50C535-0CF4-456E-A422-5D4F40B10E14} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected => sc.exe start ThunderboltService
Task: {EAFA47C2-05C2-46D4-9611-B65F6D8923FC} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [2017-08-03] (McAfee, Inc.)
Task: {EFE2D76F-1638-4EC3-9D27-A2C2711EA311} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-04] (NVIDIA Corporation)
Task: {F05C8DA1-A153-4A35-A4F6-17B84CE3B23C} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-04] (NVIDIA Corporation)
Task: {FABF6635-CA6D-4D3B-BFF6-1C8777FDBC62} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => tbtsvc.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2017-09-15 15:34 - 2017-08-08 13:30 - 001436912 _____ () C:\Program Files\McAfee\MSC\WscInteractionHandler.dll
2017-09-27 04:40 - 2017-08-24 11:27 - 002264528 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-07-11 22:56 - 2017-08-11 14:08 - 000595608 _____ () C:\Program Files\McAfee\MfeAV\RealProtectAMScanIf.dll
2017-07-11 22:56 - 2017-08-11 14:08 - 000586728 _____ () C:\Program Files\McAfee\MfeAV\RepairModule.dll
2017-03-18 22:58 - 2017-03-18 22:58 - 000138000 _____ () C:\Windows\SYSTEM32\inputhost.dll
2017-03-18 22:59 - 2017-03-19 04:32 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-09-15 15:40 - 2017-09-15 15:40 - 000074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-09-15 15:40 - 2017-09-15 15:40 - 000203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-09-15 15:40 - 2017-09-15 15:40 - 036162048 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-09-15 15:40 - 2017-09-15 15:40 - 002237952 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\skypert.dll
2017-06-22 10:55 - 2017-09-23 09:47 - 000164544 _____ () C:\Program Files (x86)\Microsoft Office\root\Office16\JitV.dll
2017-05-02 16:39 - 2017-05-02 16:39 - 000134008 _____ () C:\Program Files (x86)\Dell Customer Connect\ServiceTagPlusPlus.dll
2017-04-28 16:05 - 2017-04-28 16:05 - 000134008 _____ () c:\Program Files (x86)\Dell Digital Delivery\ServiceTagPlusPlus.dll
2017-05-02 00:27 - 2017-05-02 00:27 - 000133992 _____ () C:\Program Files (x86)\Dell Update\ServiceTagPlusPlus.dll
2016-12-19 18:38 - 2016-12-19 18:38 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-03-18 23:03 - 2017-03-18 23:01 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1420259285-3256734564-2012207256-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\numer\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\win ltblue 1920x1200.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{963AA1DD-EAF5-4B02-B1A1-969F2C5FBD8B}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{B2CF7BAE-7CBA-40E5-A40C-92607C38E886}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{15F61D0F-00FE-4727-ADB9-1594B6D36C64}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{58396ED8-3A85-438E-B7FC-135DE0CB4490}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{3EE264C4-91A8-476E-A3AF-F7D483C11F95}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{D26AC0C8-3521-4DD4-BC99-3AAB86A09688}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{CA132BA6-5A2A-4311-B0F5-E9181DB4B13E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

==================== Restore Points =========================

15-09-2017 16:03:29 Punto di controllo pianificato
20-09-2017 19:27:39 Windows Update
27-09-2017 04:39:38 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/27/2017 05:33:39 AM) (Source: Microsoft Security Client) (EventID: 5000) (User: )
Description: Event-ID 5000

Error: (09/27/2017 05:33:39 AM) (Source: Microsoft Security Client) (EventID: 5000) (User: )
Description: Event-ID 5000

Error: (09/27/2017 05:33:30 AM) (Source: Microsoft Security Client) (EventID: 5000) (User: )
Description: Event-ID 5000

Error: (09/27/2017 05:33:30 AM) (Source: Microsoft Security Client) (EventID: 5000) (User: )
Description: Event-ID 5000

Error: (09/27/2017 05:19:36 AM) (Source: DellSupportAssistRemedationService.exe) (EventID: 0) (User: )
Description: [5] ERROR- Exception on processing Diags log: Path: C:\ProgramData\Dell\SARemediation\esp\EFI\Dell\logs\diags_current.xml #StackInfo#

Error: (09/27/2017 05:19:36 AM) (Source: DellSupportAssistRemedationService.exe) (EventID: 0) (User: )
Description: [5] ERROR- FindPartObjects() Lable not matched! Target:WINRETOOLS, Current:DELLSUPPORT, Partition:PartitionPos {disk:0, part:6}, curGptTypeStr:{de94bba4-06d1-4d40-a16a-bfd50179d6ac} #StackInfo#

Error: (09/27/2017 05:19:36 AM) (Source: DellSupportAssistRemedationService.exe) (EventID: 0) (User: )
Description: [5] ERROR- FindPartObjects() Lable not matched! Target:WINRETOOLS, Current:Image, Partition:PartitionPos {disk:0, part:5}, curGptTypeStr:{de94bba4-06d1-4d40-a16a-bfd50179d6ac} #StackInfo#

Error: (09/27/2017 04:49:35 AM) (Source: DellSupportAssistRemedationService.exe) (EventID: 0) (User: )
Description: [4] ERROR- ReadEpsaVersion() Exception: Path: C:\ProgramData\Dell\SARemediation\esp\EFI\Dell\logs\diags_current.xml #StackInfo#

Error: (09/27/2017 04:48:48 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-J6B9VBM)
Description: Attivazione dell'app Microsoft.MicrosoftEdge_8wekyb3d8bbwe!ContentProcess non riuscita con errore: -2144927142 Per ulteriori informazioni, consulta il registro Microsoft-Windows-TWinUI/Operativo.

Error: (09/27/2017 04:48:33 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome dell'applicazione che ha generato l'errore: MicrosoftEdgeCP.exe, versione: 11.0.15063.608, timestamp: 0x59ae240c
Nome del modulo che ha generato l'errore: unknown, versione: 0.0.0.0, timestamp: 0x00000000
Codice eccezione: 0xc0000604
Offset errore 0x0000000000000000
ID processo che ha generato l'errore: 0x8a4
Ora di avvio dell'applicazione che ha generato l'errore: 0x01d3373b1b8cf6e4
Percorso dell'applicazione che ha generato l'errore: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
Percorso del modulo che ha generato l'errore: unknown
ID segnalazione: 19b9ab96-495c-4b33-8e66-ad2c664aff02
Nome completo pacchetto che ha generato l'errore: Microsoft.MicrosoftEdge_40.15063.0.0_neutral__8wekyb3d8bbwe
ID applicazione relativo al pacchetto che ha generato l'errore: ContentProcess


System errors:
=============
Error: (09/27/2017 04:47:52 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-J6B9VBM)
Description: Le impostazioni delle autorizzazioni impostazioni predefinite del computer non concedono l'autorizzazione di Attivazione in Locale per l'applicazione server COM con CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
e APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
all'utente DESKTOP-J6B9VBM\SID numer (S-1-5-21-1420259285-3256734564-2012207256-1001) dall'indirizzo LocalHost (tramite LRPC) in esecuzione nel SID del contenitore di applicazioni C27EB4BA.DropboxOEM_1.1.27.0_x64__xbfy0k16fey96 (S-1-15-2-957046722-3704396400-4010937963-411832198-1131521071-1207666172-2334532315). Per modificare tale autorizzazione di sicurezza, è possibile utilizzare lo strumento amministrativo Servizi componenti.

Error: (09/27/2017 04:47:43 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Le impostazioni delle autorizzazioni impostazioni specifiche dell'applicazione non concedono l'autorizzazione di Attivazione in Locale per l'applicazione server COM con CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
e APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
all'utente NT AUTHORITY\SID SERVIZIO LOCALE (S-1-5-19) dall'indirizzo LocalHost (tramite LRPC) in esecuzione nel SID del contenitore di applicazioni Non disponibile (Non disponibile). Per modificare tale autorizzazione di sicurezza, è possibile utilizzare lo strumento amministrativo Servizi componenti.

Error: (09/27/2017 04:47:43 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Le impostazioni delle autorizzazioni impostazioni specifiche dell'applicazione non concedono l'autorizzazione di Attivazione in Locale per l'applicazione server COM con CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
e APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
all'utente NT AUTHORITY\SID SERVIZIO LOCALE (S-1-5-19) dall'indirizzo LocalHost (tramite LRPC) in esecuzione nel SID del contenitore di applicazioni Non disponibile (Non disponibile). Per modificare tale autorizzazione di sicurezza, è possibile utilizzare lo strumento amministrativo Servizi componenti.

Error: (09/27/2017 04:47:29 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Il servizio CldFlt non è stato avviato per il seguente errore:
Richiesta non supportata.

Error: (09/27/2017 04:46:45 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Il servizio Cache tipi di carattere Windows Presentation Foundation 3.0.0.0 è stato arrestato in modo imprevisto. Questo problema si è verificato 1 volta/e. Le seguenti azioni di correzione saranno eseguite tra 0 millisecondi: Riavvia il servizio.

Error: (09/27/2017 04:46:45 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Arresto imprevista del servizio Dell Data Vault Processor. Questo evento si è già verificato 1 volta(e).

Error: (09/27/2017 04:46:45 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Arresto imprevista del servizio Waves Audio Services. Questo evento si è già verificato 1 volta(e).

Error: (09/27/2017 04:46:45 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Arresto imprevista del servizio Dell Data Vault Service API. Questo evento si è già verificato 1 volta(e).

Error: (09/27/2017 04:46:45 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Arresto imprevista del servizio Dell Data Vault Collector. Questo evento si è già verificato 1 volta(e).

Error: (09/27/2017 04:46:45 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Arresto imprevista del servizio Dell Update Service. Questo evento si è già verificato 1 volta(e).


CodeIntegrity:
===================================
Date: 2017-09-27 05:33:42.535
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2017-09-27 05:27:29.718
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2017-09-27 05:22:25.811
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2017-09-27 05:18:30.868
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2017-09-27 05:18:23.883
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2017-09-27 05:17:58.908
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2017-09-27 05:17:12.128
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2017-09-27 05:15:00.972
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2017-09-27 05:12:32.659
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2017-09-27 05:09:20.231
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-7700HQ CPU @ 2.80GHz
Percentage of memory in use: 40%
Total physical RAM: 16235.95 MB
Available physical RAM: 9619.22 MB
Total Virtual: 18667.95 MB
Available Virtual: 13320.01 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:460.73 GB) (Free:393.51 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 34F321CA)

Partition: GPT.

==================== End of Addition.txt ============================

Sul PC portatile ho potuto eseguire tutti i programmi indicati, non ho avuto il blocco di frst come su quello fisso (sul fisso ho bitdefender e sul portatile MacAfee...forse è questa la differenza).

Tra i due sono preoccupato più per il portatile, perché ha avuto due aggiornamenti del BIOS...che sospetto siano stati legati al virus ma magari no.

Dan, dammi il responso...:) grazie ancora.

Ciao
facciamo chiarezza..
tutte le scansioni che hai effettuato compresa frst sono state fatte tutte nello stesso pc???

Il pc dove hai eseguito frst sembra pulito...
Comunque prendi il pc dove hai eseguito frst...
poi posiziona frst sul desktop assieme al file fixlist.txt allegato
tasto dx sopra frst--->esegui come amministratore
quando si apre clicca sul pulsante FIX
lascia finire e che il pc si riavvii (se non lo fa riavvia te)
posta il file fixlog


resetta i browser vedi qui http://it.ccm.net/faq/1767-come-ripristinare-il-browser
quando hai finito dovrai reinpostare la pagina iniziale dei browser

fai pulizia con ccleaner sia sistema che registro

Fa saper come va il pc...

Ciao

ciao.
Come dicevo ho due PC, uno fisso ed uno portatile. I primi report che ho postato sono tutti del fisso, poi ho postato quelli del portatile.

Sul fisso, non sono riuscito a eseguire FRST perché lo blocca e appare un messaggio di application error che dice:

"Exception EAccessViolation in module ERUNT.exe at 00003A68. Access violation at address 00403A68 in module 'ERUNT'.exe'. Write of address 0069005C."

Sul PC fisso ho avuto le segnalazioni da:
1) Adv Cleaner - due folders PUP.Optional.legacy - eliminati
2) Rogue kille - due file PUMP - li devo eliminare o sono falsi positivi?


Sul portatile ho avuto segnalazioni da:
1) Rogue Killer - due file PUMP - li devo eliminare o sono falsi positivi?


Nei report si dovrebbe vedere tutto.
Perché dici che il Pc portatile sembra pulito? Non possiamo dire che è pulito?
Certo che sono preoccupato comunque perché ha avuto, prima che mi rendessi conto della stupidaggine che avevo fatto, due aggiornamenti del BIOS. E' normale?
Ora eseguo quanto mi suggerisci ancora per il PC portatile (che è quello dove sono riuscito a far girare tutto), anche se mi intimorisce la tua frase: "poi fai sapere come va il PC...." :)

E per quanto riguarda il PC fisso?

Grazie

Sul PC portatile ho posizionato frst sul desktop assieme al file fixlist.txt che mi hai allegato
ho eseguito frst come amministratore ed una volta aperto ho cliccato su FIX
Allego il file del log.

Il PC si è riavviato da solo.

Poi volevo resettare il browser (Edge) ma non so come si fa, non riesco a capire e il link che mi hai dato non tratta il ripristino di Edge. Comunque sembra funzionare normalmente ed anche la pagina iniziale è rimasta quella...è un brutto segno?

Poi ho fatto pulizia con ccleaner sia sistema che registro e per il momento sembra tutto funzionare normalmente.

Fammi sapere.

Grazie

Ciao

Azitutto il.pc portatile è pulito , devi dirmi te se va bene o riscontri dei problemi....
Per edge lascia stare se il portatile va bene...
Per gli altri browser se hai seguito le istruzioni del link è ok...la pag iniziale se gia era inpostata va bene uguale..

Cominciamo con il pc fisso...
Fammi un favore ripostami i report se gia li hai o rifai le scansioni....cosi non creiamo confusione...
Disabilita l antivirus e fai pulizia con ccleaner ,prima di eseguire frst..prova se va...
Devi eseguire frst dal desktop e come amministratore ...
Mi raccomando scarica la versione giusta per il tuo pc o a 32 o 64 bit...
Poi dimmi tutti i sintomi che riscontri sul pc fisso...

Grazie DAN.
Volevo chiudere con il PC portatile: quindi è tutto OK? Bene. I due file PUMP che mi ha segnalato Rogue Killer li lascio o li tolgo?


Passiamo al FISSO: ho eliminato alcuni blocchi ed ho fatto girare FRST anche sul FISSO.
Purtroppo anche in questo caso gli allegati sono troppo grandi e devo copiare e incollare. Procedo.

can result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-09-2017 01
Ran by Massimo (administrator) on PC-MASSIMO (28-09-2017 19:02:20)
Running from C:\Users\Massimo\Desktop
Loaded Profiles: Massimo (Available Profiles: Massimo)
Platform: Windows 10 Home Version 1703 (X64) Language: Italiano (Italia)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\vsserv.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
(Copyright (c) 2017 Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe
(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\vsservp.exe
() C:\Program Files (x86)\Photodex\ProShow Producer\scsiaccess.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Bitdefender) C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe
(Dell Inc.) C:\Program Files (x86)\Dell Customer Connect\DCCService.exe
(Dell) C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe
(Dell Inc.) C:\Program Files\Dell\Dell Help & Support\MDLCSvc.exe
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Dell) C:\Program Files\Dell\Dell Foundation Services\DFS.Common.Agent.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
() C:\Program Files\EIZO\ColorNavigator 6\ColorNavigator 6.exe
() C:\Program Files\EIZO\ColorNavigator 6\core\cn6_eacore.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
(Copyright (c) 2017 Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
() C:\Program Files (x86)\Raptr Inc\PlaysTV\QtWebEngineProcess.exe
() C:\Program Files (x86)\Raptr Inc\PlaysTV\QtWebEngineProcess.exe
() C:\Program Files (x86)\Raptr Inc\PlaysTV\QtWebEngineProcess.exe
() C:\Program Files (x86)\Raptr Inc\PlaysTV\QtWebEngineProcess.exe
() C:\Program Files (x86)\Raptr Inc\PlaysTV\QtWebEngineProcess.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_ep64.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_ep64.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpTray.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssist\uaclauncher.exe
(PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssist\uaclauncher.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Toaster.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRSync.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
Failed to access process -> MicrosoftEdgeCP.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdwtxag.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8512760 2015-08-04] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411320 2015-08-04] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [DropboxOEM] => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [462160 2014-09-02] ()
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58584 2017-05-30] (Raptr, Inc)
HKLM-x32\...\Run: [PlaysTV] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [51416 2017-08-17] (Copyright (c) 2017 Plays.tv, LLC)
HKLM-x32\...\Run: [Nikon Message Center 2] => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [588288 2016-01-08] (Nikon Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
HKU\S-1-5-21-925684549-1631372041-3969593942-1001\...\Run: [EPSON Stylus Photo R2400] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATI9SE.EXE [211456 2007-01-10] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-925684549-1631372041-3969593942-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1421224 2017-05-18] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-925684549-1631372041-3969593942-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-18\...\Run: [EPSON Stylus Photo R2400] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATI9SE.EXE [211456 2007-01-10] (SEIKO EPSON CORPORATION)
Startup: C:\Users\Massimo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ColorNavigator 6.lnk [2017-07-07]
ShortcutTarget: ColorNavigator 6.lnk -> C:\Program Files\EIZO\ColorNavigator 6\ColorNavigator 6.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{08ef9d62-3123-408f-89bb-862044fabd0f}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{26431ded-4723-4d8e-8aab-38303ad447e8}: [DhcpNameServer] 10.72.0.68 10.72.0.69

Internet Explorer:
==================
HKU\S-1-5-21-925684549-1631372041-3969593942-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB
SearchScopes: HKU\S-1-5-21-925684549-1631372041-3969593942-1001 -> DefaultScope {705F355A-2E54-4618-BAF3-7CE9CE440EBB} URL =
SearchScopes: HKU\S-1-5-21-925684549-1631372041-3969593942-1001 -> {705F355A-2E54-4618-BAF3-7CE9CE440EBB} URL =
BHO: Portafoglio di Bitdefender -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2017-08-11] (Bitdefender)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Portafoglio di Bitdefender -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll [2017-08-11] (Bitdefender)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Toolbar: HKLM - Portafoglio di Bitdefender - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2017-08-11] (Bitdefender)
Toolbar: HKLM-x32 - Portafoglio di Bitdefender - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll [2017-08-11] (Bitdefender)
DPF: HKLM-x32 {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} hxxps://support.dell.com/systemprofiler/SysProExe.CAB

FireFox:
========
FF HKLM\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff
FF Extension: (Bitdefender Wallet) - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff [2017-08-29]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext
FF Extension: (Bitdefender Antispam Toolbar) - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext [2017-08-29] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-02-19] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-02-19] (Intel Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @photodex.com/PhotodexPresenter -> C:\Program Files (x86)\Photodex Presenter\npPxPlay.dll [2015-12-01] ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
FF Plugin HKU\S-1-5-21-925684549-1631372041-3969593942-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Massimo\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-11-03] (Citrix Online)

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [gannpgaobkkhmpomoijebaigcapoeebl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2246256 2017-05-18] (Adobe Systems, Incorporated)
R2 bdredline; C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe [2090152 2017-08-11] (Bitdefender)
S2 CLKMSVC10_99E320F5; C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\kmsvc.exe [243464 2013-08-06] (CyberLink)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [208760 2017-07-27] (Dell Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3294584 2017-07-27] (Dell Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [217464 2017-07-27] (Dell Inc.)
R2 Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [130936 2016-12-21] (Dell Inc.)
R2 Dell Foundation Services; C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe [97616 2017-01-11] (Dell)
R2 Dell Help & Support; C:\Program Files\Dell\Dell Help & Support\MDLCSvc.exe [77648 2016-12-22] (Dell Inc.)
S3 DellProdRegManager; C:\Program Files (x86)\Dell Product Registration\regmgrsvc.exe [278568 2014-10-31] (Aviata, Inc.)
R2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [230248 2017-05-01] (Dell Inc.)
R2 DevMgmtService; C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe [103072 2017-08-17] (Bitdefender)
R2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [1093136 2017-05-18] (Garmin Ltd. or its subsidiaries)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-02-19] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-01-17] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-02-19] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-07] (Malwarebytes)
R2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [55000 2017-08-17] (Copyright (c) 2017 Plays.tv, LLC)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1269824 2017-06-21] (Bitdefender)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2013-07-30] (CyberLink)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [312056 2015-08-04] (Realtek Semiconductor)
R2 ScsiAccess; C:\Program Files (x86)\Photodex\ProShow Producer\ScsiAccess.exe [186760 2015-12-01] ()
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe [2065808 2016-01-04] (SoftThinks SAS)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [53208 2017-09-22] (Dell Inc.)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe [218416 2017-08-17] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender Security\vsserv.exe [1421608 2017-08-17] (Bitdefender)
R2 vsservp; C:\Program Files\Bitdefender\Bitdefender Security\vsservp.exe [524872 2016-08-25] (Bitdefender)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [23240 2016-03-21] (Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmdag.sys [36558208 2017-05-16] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmpag.sys [528760 2017-05-16] (Advanced Micro Devices, Inc.)
R0 atc; C:\WINDOWS\System32\DRIVERS\atc.sys [950160 2017-06-07] (BitDefender S.R.L. Bucharest, ROMANIA)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [111120 2016-03-01] (Advanced Micro Devices)
R0 avc3; C:\WINDOWS\System32\DRIVERS\avc3.sys [1612648 2017-04-19] (BitDefender)
S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [23672 2016-03-14] (Bitdefender)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [133088 2017-06-06] (BitDefender LLC)
R0 bdprivmon; C:\WINDOWS\System32\DRIVERS\bdprivmon.sys [47856 2017-05-11] (© Bitdefender SRL)
R1 BDVEDISK; C:\WINDOWS\system32\DRIVERS\bdvedisk.sys [87912 2015-12-04] (BitDefender)
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
R3 DDDriver; C:\WINDOWS\system32\drivers\DDDriver64Dcsa.sys [32960 2017-04-11] (Dell Inc.)
R3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [32568 2017-04-11] (Dell Computer Corporation)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77440 2017-08-24] ()
R0 gzflt; C:\WINDOWS\System32\DRIVERS\gzflt.sys [187688 2017-05-11] (BitDefender LLC)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [230144 2016-11-11] (Intel Corporation)
R0 Ignis; C:\WINDOWS\system32\DRIVERS\ignis.sys [346704 2017-06-08] (Bitdefender)
R3 libusb0; C:\WINDOWS\system32\DRIVERS\libusb0.sys [44480 2011-05-17] (hxxp://libusb-win32.sourceforge.net)
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [192960 2017-09-25] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys [101824 2017-09-27] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [45472 2017-09-27] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [253888 2017-09-27] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [94144 2017-09-28] (Malwarebytes)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [116736 2014-02-19] (Intel Corporation)
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3776792 2015-06-21] (Intel Corporation)
R3 PCDSRVC{3B54B31B-D06B6431-06020200}_0; c:\program files\dell\supportassist\pcdsrvc_x64.pkms [25584 2017-09-12] (PC-Doctor, Inc.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2015-05-29] (Realtek )
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 Spyder3; C:\WINDOWS\System32\drivers\Spyder3.sys [15360 2010-03-30] ()
R3 Spyder5; C:\WINDOWS\System32\drivers\dccmtr.sys [15360 2015-04-13] (Datacolor)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R0 trufos; C:\WINDOWS\System32\DRIVERS\trufos.sys [439576 2017-04-11] (BitDefender S.R.L.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-09-28 19:01 - 2017-09-28 19:02 - 000021444 _____ C:\Users\Massimo\Desktop\FRST.txt
2017-09-28 18:57 - 2017-09-28 18:57 - 002399744 _____ (Farbar) C:\Users\Massimo\Desktop\FRST64.exe
2017-09-28 18:48 - 2017-09-28 18:48 - 000000000 ___HD C:\OneDriveTemp
2017-09-27 21:11 - 2017-09-27 21:11 - 000003932 _____ C:\WINDOWS\System32\Tasks\Dell SupportAssistAgent AnonymousRegistration
2017-09-27 05:35 - 2017-09-28 19:02 - 000000000 ____D C:\FRST
2017-09-27 05:30 - 2017-09-19 01:20 - 001065104 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2017-09-27 05:30 - 2017-09-19 01:20 - 000900376 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2017-09-27 05:30 - 2017-09-19 01:18 - 000965024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2017-09-27 05:30 - 2017-09-19 01:17 - 001395664 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2017-09-27 05:30 - 2017-09-19 01:17 - 001186464 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2017-09-27 05:30 - 2017-09-19 01:17 - 001147296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-09-27 05:30 - 2017-09-19 01:17 - 001024928 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-09-27 05:30 - 2017-09-19 01:17 - 000821664 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2017-09-27 05:30 - 2017-09-19 01:11 - 001018272 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2017-09-27 05:30 - 2017-09-19 01:09 - 000554400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2017-09-27 05:30 - 2017-09-19 00:26 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
2017-09-27 05:30 - 2017-09-19 00:25 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\eShims.dll
2017-09-27 05:30 - 2017-09-19 00:23 - 000210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2017-09-27 05:30 - 2017-09-19 00:20 - 000831488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2017-09-27 05:30 - 2017-09-19 00:20 - 000049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tetheringclient.dll
2017-09-27 05:30 - 2017-09-19 00:18 - 001398784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-09-27 05:30 - 2017-09-19 00:15 - 000648704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2017-09-27 05:23 - 2017-09-27 05:31 - 000000000 ____D C:\Users\Massimo\Desktop\mbar
2017-09-27 05:23 - 2017-09-27 05:30 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-09-27 05:21 - 2017-09-27 05:22 - 016563352 _____ (Malwarebytes Corp.) C:\Users\Massimo\Downloads\mbar-1.09.3.1001.exe
2017-09-25 21:09 - 2017-09-28 18:57 - 000000000 ____D C:\Users\Massimo\AppData\Local\CrashDumps
2017-09-25 19:59 - 2017-09-25 19:59 - 000028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2017-09-25 19:58 - 2017-09-25 21:21 - 000000000 ____D C:\ProgramData\RogueKiller
2017-09-25 19:58 - 2017-09-25 19:58 - 026704968 _____ C:\Users\Massimo\Downloads\RogueKiller_portable64.exe
2017-09-25 19:55 - 2017-09-25 19:55 - 035910920 _____ (Adlice Software ) C:\Users\Massimo\Downloads\setup.exe
2017-09-25 19:45 - 2017-09-25 19:58 - 000291704 _____ C:\TDSSKiller.3.1.0.15_25.09.2017_19.45.34_log.txt
2017-09-25 19:45 - 2017-09-25 19:45 - 004922400 _____ (AO Kaspersky Lab) C:\Users\Massimo\Downloads\tdsskiller.exe
2017-09-25 19:35 - 2017-09-25 19:40 - 000000000 ____D C:\AdwCleaner
2017-09-25 19:35 - 2017-09-25 19:35 - 008182736 _____ (Malwarebytes) C:\Users\Massimo\Downloads\AdwCleaner.exe
2017-09-25 19:33 - 2017-09-25 21:07 - 000000000 ____D C:\Users\Massimo\Documents\Virus
2017-09-25 19:30 - 2017-09-28 18:53 - 000094144 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-09-25 19:30 - 2017-09-27 21:05 - 000101824 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-09-25 19:30 - 2017-09-27 21:05 - 000045472 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-09-25 19:30 - 2017-09-25 19:30 - 000192960 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-09-25 19:29 - 2017-09-27 21:05 - 000253888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-09-25 19:29 - 2017-09-27 05:23 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-09-25 19:29 - 2017-09-25 19:29 - 000001914 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-09-25 19:29 - 2017-09-25 19:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-09-25 19:29 - 2017-09-25 19:29 - 000000000 ____D C:\Program Files\Malwarebytes
2017-09-25 19:29 - 2017-08-24 11:27 - 000077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-09-25 19:27 - 2017-09-25 19:27 - 068408664 _____ (Malwarebytes ) C:\Users\Massimo\Downloads\mb3-setup-35891.35891-3.2.2.2029.exe
2017-09-23 18:43 - 2017-09-23 18:43 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign2a320bc09aae1a80
2017-09-23 18:39 - 2017-09-23 18:39 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign479c025829a95e42
2017-09-23 18:30 - 2017-09-23 18:30 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsignda40dfc5ab25363f
2017-09-23 18:30 - 2017-09-23 18:30 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign2ddaface99846a8a
2017-09-23 13:02 - 2017-09-23 13:02 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign7997380020e32786
2017-09-23 12:47 - 2017-09-23 12:47 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign53c364e1a5886650
2017-09-23 12:47 - 2017-09-23 12:47 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign4da0e6ce8ca3057d
2017-09-23 12:04 - 2017-09-23 12:04 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign06e83898d9f60461
2017-09-23 12:02 - 2017-09-23 12:02 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign8c837a2b26383563
2017-09-23 12:02 - 2017-09-23 12:02 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign4c1bb57f89fc1310
2017-09-23 11:57 - 2017-09-27 06:06 - 000003146 _____ C:\bdlog.txt
2017-09-23 11:56 - 2017-09-23 11:56 - 000000000 ____D C:\Users\Massimo\AppData\Temp
2017-09-23 11:54 - 2017-09-23 11:54 - 000057201 _____ C:\ProgramData\dm.1506160479.bdinstall.bin
2017-09-23 11:54 - 2017-09-23 11:54 - 000000000 ____D C:\ProgramData\Bitdefender Device Management
2017-09-23 11:49 - 2017-09-23 11:49 - 000477336 _____ C:\ProgramData\cl.1506159941.bdinstall.bin
2017-09-23 11:49 - 2017-09-23 11:49 - 000003420 _____ C:\WINDOWS\System32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C
2017-09-23 11:47 - 2017-09-23 11:47 - 000002345 _____ C:\Users\Public\Desktop\Bitdefender.lnk
2017-09-23 11:47 - 2017-09-23 11:47 - 000000385 _____ C:\WINDOWS\system32\user_gensett.xml
2017-09-23 11:47 - 2017-09-23 11:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender Security
2017-09-23 11:47 - 2017-09-23 11:47 - 000000000 ____D C:\ProgramData\BDLogging
2017-09-23 11:47 - 2017-09-23 11:47 - 000000000 ____D C:\ProgramData\Atc
2017-09-23 11:46 - 2017-09-23 12:13 - 000000000 ____D C:\ProgramData\Bitdefender
2017-09-23 11:46 - 2017-09-23 11:54 - 000000000 ____D C:\Users\Massimo\AppData\Roaming\Bitdefender
2017-09-23 11:46 - 2017-09-23 11:46 - 000000000 ____D C:\Users\Massimo\AppData\Roaming\QuickScan
2017-09-23 11:46 - 2017-06-08 05:19 - 000346704 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\ignis.sys
2017-09-23 11:46 - 2017-06-07 05:04 - 000950160 _____ (BitDefender S.R.L. Bucharest, ROMANIA) C:\WINDOWS\system32\Drivers\atc.sys
2017-09-23 11:46 - 2017-05-11 05:37 - 000187688 _____ (BitDefender LLC) C:\WINDOWS\system32\Drivers\gzflt.sys
2017-09-23 11:46 - 2017-05-11 05:16 - 000047856 _____ (© Bitdefender SRL) C:\WINDOWS\system32\Drivers\bdprivmon.sys
2017-09-23 11:46 - 2017-04-19 07:19 - 001612648 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avc3.sys
2017-09-23 11:46 - 2016-03-14 22:04 - 000023672 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\bdelam.sys
2017-09-23 11:46 - 2015-12-04 19:27 - 000087912 _____ (BitDefender) C:\WINDOWS\system32\Drivers\bdvedisk.sys
2017-09-23 11:46 - 2007-04-11 11:11 - 000511328 _____ (Microsoft Corporation) C:\WINDOWS\capicom.dll
2017-09-23 11:45 - 2017-09-23 11:54 - 000000000 ____D C:\Program Files\Bitdefender
2017-09-23 11:45 - 2017-04-11 04:19 - 000439576 _____ (BitDefender S.R.L.) C:\WINDOWS\system32\Drivers\trufos.sys
2017-09-23 11:43 - 2017-09-23 11:42 - 000544424 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-09-23 11:39 - 2017-09-23 11:46 - 000000000 ____D C:\Program Files\Common Files\Bitdefender
2017-09-23 11:39 - 2017-09-23 11:39 - 000003802 _____ C:\WINDOWS\System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2017-09-23 11:37 - 2017-09-28 18:48 - 000000000 ____D C:\Program Files\Bitdefender Agent
2017-09-23 11:37 - 2017-09-23 11:37 - 009932864 _____ C:\Users\Massimo\Downloads\bitdefender_windows_1bbfc0b3-937d-461b-a1c3-17633c7763c0.exe
2017-09-23 11:37 - 2017-09-23 11:37 - 000048643 _____ C:\ProgramData\agent.1506159450.bdinstall.bin
2017-09-23 11:37 - 2017-09-23 11:37 - 000000000 ____D C:\ProgramData\Bitdefender Agent
2017-09-20 19:27 - 2017-09-20 19:27 - 000001052 _____ C:\Users\Public\Desktop\SupportAssist.lnk
2017-09-20 19:27 - 2017-09-20 19:27 - 000000000 ____D C:\ProgramData\PC-Doctor for Windows
2017-09-20 19:27 - 2017-09-20 19:27 - 000000000 ____D C:\Program Files\Dell Support Center
2017-09-17 17:08 - 2017-09-17 17:08 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign893c25815c3e4e3a
2017-09-17 17:06 - 2017-09-17 17:06 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign7987e0021284a74e
2017-09-17 17:06 - 2017-09-17 17:06 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign10ea50dbf0c340f7
2017-09-16 19:56 - 2017-09-16 19:56 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign62dd29928e5a996b
2017-09-16 19:50 - 2017-09-16 19:50 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsignb77f2abb1ed1c4b0
2017-09-16 19:48 - 2017-09-16 19:48 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsignd2f2a585e3b848fa
2017-09-16 19:46 - 2017-09-16 19:46 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign0fbdb4686c8ecb22
2017-09-16 19:45 - 2017-09-16 19:45 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign366ab3d56b989fd6
2017-09-16 19:41 - 2017-09-16 19:41 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign7232ff2237a0e253
2017-09-16 19:19 - 2017-09-16 19:19 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign084b333675e35f54
2017-09-16 19:17 - 2017-09-16 19:17 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign526ef1bb8f88d475
2017-09-16 19:07 - 2017-09-16 19:07 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsignf20327fecb0193a9
2017-09-16 19:06 - 2017-09-16 19:06 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsigndb98f867a6e6e1e7
2017-09-16 19:06 - 2017-09-16 19:06 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign34981d465a0fd3b8
2017-09-16 19:05 - 2017-09-16 19:05 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign9d29a0b28ce26a7f
2017-09-16 19:05 - 2017-09-16 19:05 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign11ee28dc4eacab8b
2017-09-16 12:00 - 2017-09-16 12:00 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign6454ee7fd0890f18
2017-09-16 11:59 - 2017-09-16 11:59 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign5629d315608a90a9
2017-09-16 11:58 - 2017-09-16 11:58 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsignb3103856265dec45
2017-09-16 11:54 - 2017-09-16 11:54 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign1c4274d3e38961df
2017-09-16 11:51 - 2017-09-16 11:51 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsignd51fef8312f2101a
2017-09-16 11:30 - 2017-09-16 11:30 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign833d8b9700f933df
2017-09-16 11:18 - 2017-09-16 11:18 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsignc8c51583e68e24b3
2017-09-16 11:18 - 2017-09-16 11:18 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign8248ae5e369eed0a
2017-09-16 10:57 - 2017-09-16 10:57 - 000000917 _____ C:\Users\Massimo\Desktop\SNS-HDR Home 2.lnk
2017-09-16 10:57 - 2017-09-16 10:57 - 000000000 ____D C:\Users\Massimo\Documents\SNS-HDR
2017-09-16 10:57 - 2017-09-16 10:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SNS-HDR Home 2
2017-09-16 10:57 - 2017-09-16 10:57 - 000000000 ____D C:\Program Files\SNS-HDR Home 2
2017-09-15 12:36 - 2017-09-15 12:36 - 000000000 ____D C:\WINDOWS\PCHEALTH
2017-09-15 12:35 - 2017-09-05 07:30 - 000287648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-09-15 12:35 - 2017-09-05 07:21 - 000189344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-09-15 12:35 - 2017-09-05 07:18 - 000820128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-09-15 12:35 - 2017-09-05 07:16 - 000546208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-09-15 12:35 - 2017-09-05 07:12 - 001409048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-09-15 12:35 - 2017-09-05 07:12 - 001292880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-09-15 12:35 - 2017-09-05 07:12 - 000627080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-09-15 12:35 - 2017-09-05 07:12 - 000081176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2017-09-15 12:35 - 2017-09-05 07:11 - 002675104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-09-15 12:35 - 2017-09-05 06:53 - 001839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-09-15 12:35 - 2017-09-05 06:52 - 002259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-09-15 12:35 - 2017-09-05 06:50 - 004330920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2017-09-15 12:35 - 2017-09-05 06:46 - 004471888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-09-15 12:35 - 2017-09-05 06:45 - 005821496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-09-15 12:35 - 2017-09-05 06:45 - 002476712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2017-09-15 12:35 - 2017-09-05 06:45 - 002166808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-09-15 12:35 - 2017-09-05 06:45 - 000750496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-09-15 12:35 - 2017-09-05 06:45 - 000085784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialUIBroker.exe
2017-09-15 12:35 - 2017-09-05 06:44 - 000569264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2017-09-15 12:35 - 2017-09-05 06:43 - 000611096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-09-15 12:35 - 2017-09-05 06:43 - 000359560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2017-09-15 12:35 - 2017-09-05 06:43 - 000280480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2017-09-15 12:35 - 2017-09-05 06:43 - 000169376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2017-09-15 12:35 - 2017-09-05 06:43 - 000042456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbs.dll
2017-09-15 12:35 - 2017-09-05 06:42 - 002330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-09-15 12:35 - 2017-09-05 06:42 - 000703056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2017-09-15 12:35 - 2017-09-05 06:42 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-09-15 12:35 - 2017-09-05 06:42 - 000291904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
2017-09-15 12:35 - 2017-09-05 06:42 - 000182688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2017-09-15 12:35 - 2017-09-05 06:41 - 020373408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-09-15 12:35 - 2017-09-05 06:41 - 006761560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-09-15 12:35 - 2017-09-05 06:41 - 004671832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-09-15 12:35 - 2017-09-05 06:41 - 001106904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2017-09-15 12:35 - 2017-09-05 06:41 - 001013912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2017-09-15 12:35 - 2017-09-05 06:40 - 000052768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll
2017-09-15 12:35 - 2017-09-05 06:37 - 000583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-09-15 12:35 - 2017-09-05 06:28 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2017-09-15 12:35 - 2017-09-05 06:28 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\buttonconverter.sys
2017-09-15 12:35 - 2017-09-05 06:27 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-09-15 12:35 - 2017-09-05 06:27 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys
2017-09-15 12:35 - 2017-09-05 06:26 - 002953216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-09-15 12:35 - 2017-09-05 06:26 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2017-09-15 12:35 - 2017-09-05 06:26 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys
2017-09-15 12:35 - 2017-09-05 06:26 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2017-09-15 12:35 - 2017-09-05 06:25 - 013844480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-09-15 12:35 - 2017-09-05 06:25 - 001448960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2017-09-15 12:35 - 2017-09-05 06:25 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2017-09-15 12:35 - 2017-09-05 06:25 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2017-09-15 12:35 - 2017-09-05 06:24 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-09-15 12:35 - 2017-09-05 06:23 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-09-15 12:35 - 2017-09-05 06:22 - 000742912 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2017-09-15 12:35 - 2017-09-05 06:22 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2017-09-15 12:35 - 2017-09-05 06:22 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2017-09-15 12:35 - 2017-09-05 06:22 - 000327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2017-09-15 12:35 - 2017-09-05 06:22 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2017-09-15 12:35 - 2017-09-05 06:22 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2017-09-15 12:35 - 2017-09-05 06:21 - 006728704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-09-15 12:35 - 2017-09-05 06:21 - 001178624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2017-09-15 12:35 - 2017-09-05 06:21 - 000408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2017-09-15 12:35 - 2017-09-05 06:21 - 000312320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Phoneutil.dll
2017-09-15 12:35 - 2017-09-05 06:21 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
2017-09-15 12:35 - 2017-09-05 06:21 - 000062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntprint.exe
2017-09-15 12:35 - 2017-09-05 06:20 - 000370176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-09-15 12:35 - 2017-09-05 06:19 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-09-15 12:35 - 2017-09-05 06:19 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntprint.dll
2017-09-15 12:35 - 2017-09-05 06:19 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
2017-09-15 12:35 - 2017-09-05 06:19 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput.dll
2017-09-15 12:35 - 2017-09-05 06:18 - 000524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2017-09-15 12:35 - 2017-09-05 06:18 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2017-09-15 12:35 - 2017-09-05 06:18 - 000471040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-09-15 12:35 - 2017-09-05 06:18 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasplap.dll
2017-09-15 12:35 - 2017-09-05 06:18 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput8.dll
2017-09-15 12:35 - 2017-09-05 06:18 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasman.dll
2017-09-15 12:35 - 2017-09-05 06:17 - 008213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-09-15 12:35 - 2017-09-05 06:17 - 000918528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2017-09-15 12:35 - 2017-09-05 06:17 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2017-09-15 12:35 - 2017-09-05 06:17 - 000586240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2017-09-15 12:35 - 2017-09-05 06:17 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2017-09-15 12:35 - 2017-09-05 06:16 - 005961728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-09-15 12:35 - 2017-09-05 06:16 - 000844288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2017-09-15 12:35 - 2017-09-05 06:16 - 000563200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2017-09-15 12:35 - 2017-09-05 06:16 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-09-15 12:35 - 2017-09-05 06:16 - 000257024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Phoneutil.dll
2017-09-15 12:35 - 2017-09-05 06:15 - 001248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-09-15 12:35 - 2017-09-05 06:15 - 000657408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2017-09-15 12:35 - 2017-09-05 06:15 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-09-15 12:35 - 2017-09-05 06:15 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2017-09-15 12:35 - 2017-09-05 06:15 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shdocvw.dll
2017-09-15 12:35 - 2017-09-05 06:14 - 002516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-09-15 12:35 - 2017-09-05 06:14 - 001046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2017-09-15 12:35 - 2017-09-05 06:14 - 000754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-09-15 12:35 - 2017-09-05 06:14 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-09-15 12:35 - 2017-09-05 06:14 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2017-09-15 12:35 - 2017-09-05 06:13 - 007598080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-09-15 12:35 - 2017-09-05 06:13 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-09-15 12:35 - 2017-09-05 06:12 - 005225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-09-15 12:35 - 2017-09-05 06:12 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-09-15 12:35 - 2017-09-05 06:12 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-09-15 12:35 - 2017-09-05 06:11 - 003667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-09-15 12:35 - 2017-09-05 06:11 - 001355264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2017-09-15 12:35 - 2017-09-05 06:11 - 001060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2017-09-15 12:35 - 2017-09-05 06:11 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-09-15 12:35 - 2017-09-05 06:11 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-09-15 12:35 - 2017-09-05 06:10 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-09-15 12:35 - 2017-09-05 06:10 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-09-15 12:35 - 2017-09-05 06:10 - 000761344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2017-09-15 12:35 - 2017-09-05 06:10 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthHFSrv.dll
2017-09-15 12:35 - 2017-09-05 06:06 - 000221696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wisp.dll
2017-09-15 12:35 - 2017-09-05 06:06 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-09-15 12:35 - 2017-09-05 06:04 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RstrtMgr.dll
2017-09-15 12:35 - 2017-09-05 06:04 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2017-09-15 12:34 - 2017-09-05 07:31 - 001596592 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-09-15 12:34 - 2017-09-05 07:31 - 001346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-09-15 12:34 - 2017-09-05 07:31 - 000750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-09-15 12:34 - 2017-09-05 07:31 - 000115792 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2017-09-15 12:34 - 2017-09-05 07:27 - 002399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-09-15 12:34 - 2017-09-05 07:27 - 000136096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2017-09-15 12:34 - 2017-09-05 07:26 - 008319904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-09-15 12:34 - 2017-09-05 07:26 - 001930840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-09-15 12:34 - 2017-09-05 07:25 - 002969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-09-15 12:34 - 2017-09-05 07:25 - 000159648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2017-09-15 12:34 - 2017-09-05 07:24 - 000923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-09-15 12:34 - 2017-09-05 07:24 - 000519584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2017-09-15 12:34 - 2017-09-05 07:23 - 004462120 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2017-09-15 12:34 - 2017-09-05 07:23 - 001242528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-09-15 12:34 - 2017-09-05 07:20 - 001057824 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2017-09-15 12:34 - 2017-09-05 07:19 - 004848960 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-09-15 12:34 - 2017-09-05 07:19 - 002443168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-09-15 12:34 - 2017-09-05 07:18 - 007326128 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-09-15 12:34 - 2017-09-05 07:18 - 005477096 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-09-15 12:34 - 2017-09-05 07:18 - 002972552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2017-09-15 12:34 - 2017-09-05 07:18 - 002647224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-09-15 12:34 - 2017-09-05 07:18 - 001668344 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2017-09-15 12:34 - 2017-09-05 07:18 - 000685512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2017-09-15 12:34 - 2017-09-05 07:18 - 000212384 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-09-15 12:34 - 2017-09-05 07:17 - 000316320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2017-09-15 12:34 - 2017-09-05 07:16 - 001320344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2017-09-15 12:34 - 2017-09-05 07:16 - 000872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-09-15 12:34 - 2017-09-05 07:16 - 000724200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-09-15 12:34 - 2017-09-05 07:16 - 000715168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2017-09-15 12:34 - 2017-09-05 07:16 - 000410168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2017-09-15 12:34 - 2017-09-05 07:16 - 000228256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-09-15 12:34 - 2017-09-05 07:16 - 000182688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2017-09-15 12:34 - 2017-09-05 07:16 - 000049720 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbs.dll
2017-09-15 12:34 - 2017-09-05 07:15 - 003116184 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-09-15 12:34 - 2017-09-05 07:15 - 000871448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2017-09-15 12:34 - 2017-09-05 07:15 - 000654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-09-15 12:34 - 2017-09-05 07:15 - 000381824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2017-09-15 12:34 - 2017-09-05 07:15 - 000257440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2017-09-15 12:34 - 2017-09-05 07:14 - 021352656 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-09-15 12:34 - 2017-09-05 07:14 - 007907344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-09-15 12:34 - 2017-09-05 07:14 - 004708504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-09-15 12:34 - 2017-09-05 07:14 - 001146176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2017-09-15 12:34 - 2017-09-05 07:14 - 000958664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2017-09-15 12:34 - 2017-09-05 07:14 - 000254176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-09-15 12:34 - 2017-09-05 07:14 - 000094624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-09-15 12:34 - 2017-09-05 07:13 - 001619816 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-09-15 12:34 - 2017-09-05 07:13 - 000064680 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll
2017-09-15 12:34 - 2017-09-05 07:11 - 000610720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2017-09-15 12:34 - 2017-09-05 07:11 - 000387936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-09-15 12:34 - 2017-09-05 06:53 - 001620880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2017-09-15 12:34 - 2017-09-05 06:45 - 023679488 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-09-15 12:34 - 2017-09-05 06:31 - 003668992 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-09-15 12:34 - 2017-09-05 06:30 - 001639936 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-09-15 12:34 - 2017-09-05 06:30 - 001275904 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2017-09-15 12:34 - 2017-09-05 06:30 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-09-15 12:34 - 2017-09-05 06:30 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2017-09-15 12:34 - 2017-09-05 06:30 - 000447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2017-09-15 12:34 - 2017-09-05 06:30 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2017-09-15 12:34 - 2017-09-05 06:30 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2017-09-15 12:34 - 2017-09-05 06:30 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrvext.dll
2017-09-15 12:34 - 2017-09-05 06:30 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2017-09-15 12:34 - 2017-09-05 06:29 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SEMgrPS.dll
2017-09-15 12:34 - 2017-09-05 06:28 - 017371136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-09-15 12:34 - 2017-09-05 06:28 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-09-15 12:34 - 2017-09-05 06:27 - 007931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-09-15 12:34 - 2017-09-05 06:27 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\CfgSPCellular.dll
2017-09-15 12:34 - 2017-09-05 06:27 - 000131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAPNCsp.dll
2017-09-15 12:34 - 2017-09-05 06:27 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2017-09-15 12:34 - 2017-09-05 06:27 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\datamarketsvc.dll
2017-09-15 12:34 - 2017-09-05 06:27 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2017-09-15 12:34 - 2017-09-05 06:27 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-09-15 12:34 - 2017-09-05 06:26 - 000499712 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2017-09-15 12:34 - 2017-09-05 06:26 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\csplte.dll
2017-09-15 12:34 - 2017-09-05 06:26 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2017-09-15 12:34 - 2017-09-05 06:26 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2017-09-15 12:34 - 2017-09-05 06:26 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-09-15 12:34 - 2017-09-05 06:26 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2017-09-15 12:34 - 2017-09-05 06:26 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.exe
2017-09-15 12:34 - 2017-09-05 06:26 - 000022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnpinst.exe
2017-09-15 12:34 - 2017-09-05 06:25 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-09-15 12:34 - 2017-09-05 06:25 - 000527872 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-09-15 12:34 - 2017-09-05 06:25 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-09-15 12:34 - 2017-09-05 06:25 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2017-09-15 12:34 - 2017-09-05 06:25 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nsiproxy.sys
2017-09-15 12:34 - 2017-09-05 06:24 - 000457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2017-09-15 12:34 - 2017-09-05 06:24 - 000385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\tpmvsc.dll
2017-09-15 12:34 - 2017-09-05 06:24 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.dll
2017-09-15 12:34 - 2017-09-05 06:24 - 000334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2017-09-15 12:34 - 2017-09-05 06:24 - 000274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2017-09-15 12:34 - 2017-09-05 06:24 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcrecovery.dll
2017-09-15 12:34 - 2017-09-05 06:24 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput.dll
2017-09-15 12:34 - 2017-09-05 06:24 - 000109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2017-09-15 12:34 - 2017-09-05 06:24 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-09-15 12:34 - 2017-09-05 06:23 - 020509184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-09-15 12:34 - 2017-09-05 06:23 - 000739840 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2017-09-15 12:34 - 2017-09-05 06:23 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-09-15 12:34 - 2017-09-05 06:23 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-09-15 12:34 - 2017-09-05 06:23 - 000305152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2017-09-15 12:34 - 2017-09-05 06:23 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-09-15 12:34 - 2017-09-05 06:23 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2017-09-15 12:34 - 2017-09-05 06:23 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasman.dll
2017-09-15 12:34 - 2017-09-05 06:23 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2017-09-15 12:34 - 2017-09-05 06:22 - 023684608 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-09-15 12:34 - 2017-09-05 06:22 - 000556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-09-15 12:34 - 2017-09-05 06:22 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-09-15 12:34 - 2017-09-05 06:22 - 000477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasplap.dll
2017-09-15 12:34 - 2017-09-05 06:22 - 000413184 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2017-09-15 12:34 - 2017-09-05 06:22 - 000388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-09-15 12:34 - 2017-09-05 06:22 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
2017-09-15 12:34 - 2017-09-05 06:22 - 000274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-09-15 12:34 - 2017-09-05 06:22 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-09-15 12:34 - 2017-09-05 06:22 - 000213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput8.dll
2017-09-15 12:34 - 2017-09-05 06:22 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetpp.dll
2017-09-15 12:34 - 2017-09-05 06:21 - 001051136 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2017-09-15 12:34 - 2017-09-05 06:21 - 000946688 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2017-09-15 12:34 - 2017-09-05 06:21 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2017-09-15 12:34 - 2017-09-05 06:21 - 000691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2017-09-15 12:34 - 2017-09-05 06:21 - 000422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-09-15 12:34 - 2017-09-05 06:21 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2017-09-15 12:34 - 2017-09-05 06:20 - 007337472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-09-15 12:34 - 2017-09-05 06:20 - 001878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-09-15 12:34 - 2017-09-05 06:20 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-09-15 12:34 - 2017-09-05 06:20 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-09-15 12:34 - 2017-09-05 06:20 - 000546816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-09-15 12:34 - 2017-09-05 06:20 - 000412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-09-15 12:34 - 2017-09-05 06:20 - 000282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2017-09-15 12:34 - 2017-09-05 06:20 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2017-09-15 12:34 - 2017-09-05 06:19 - 019336192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-09-15 12:34 - 2017-09-05 06:19 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-09-15 12:34 - 2017-09-05 06:19 - 001085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-09-15 12:34 - 2017-09-05 06:19 - 001028608 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-09-15 12:34 - 2017-09-05 06:19 - 000996864 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2017-09-15 12:34 - 2017-09-05 06:19 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-09-15 12:34 - 2017-09-05 06:19 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2017-09-15 12:34 - 2017-09-05 06:19 - 000243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2017-09-15 12:34 - 2017-09-05 06:19 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-09-15 12:34 - 2017-09-05 06:19 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-09-15 12:34 - 2017-09-05 06:18 - 012801536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-09-15 12:34 - 2017-09-05 06:18 - 004175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-09-15 12:34 - 2017-09-05 06:18 - 002078720 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-09-15 12:34 - 2017-09-05 06:18 - 000922112 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-09-15 12:34 - 2017-09-05 06:18 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2017-09-15 12:34 - 2017-09-05 06:18 - 000874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2017-09-15 12:34 - 2017-09-05 06:18 - 000864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2017-09-15 12:34 - 2017-09-05 06:18 - 000832000 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
2017-09-15 12:34 - 2017-09-05 06:18 - 000803328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2017-09-15 12:34 - 2017-09-05 06:18 - 000752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-09-15 12:34 - 2017-09-05 06:18 - 000564736 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2017-09-15 12:34 - 2017-09-05 06:18 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-09-15 12:34 - 2017-09-05 06:18 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-09-15 12:34 - 2017-09-05 06:18 - 000257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-09-15 12:34 - 2017-09-05 06:18 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2017-09-15 12:34 - 2017-09-05 06:18 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-09-15 12:34 - 2017-09-05 06:17 - 008207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-09-15 12:34 - 2017-09-05 06:17 - 002765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-09-15 12:34 - 2017-09-05 06:17 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-09-15 12:34 - 2017-09-05 06:17 - 000757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2017-09-15 12:34 - 2017-09-05 06:16 - 002805248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-09-15 12:34 - 2017-09-05 06:16 - 002680320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2017-09-15 12:34 - 2017-09-05 06:16 - 000440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2017-09-15 12:34 - 2017-09-05 06:16 - 000397312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2017-09-15 12:34 - 2017-09-05 06:16 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-09-15 12:34 - 2017-09-05 06:15 - 004730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-09-15 12:34 - 2017-09-05 06:15 - 004396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-09-15 12:34 - 2017-09-05 06:15 - 003307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-09-15 12:34 - 2017-09-05 06:15 - 003059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-09-15 12:34 - 2017-09-05 06:15 - 002503680 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-09-15 12:34 - 2017-09-05 06:15 - 002055680 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-09-15 12:34 - 2017-09-05 06:15 - 001736704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2017-09-15 12:34 - 2017-09-05 06:15 - 001460224 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-09-15 12:34 - 2017-09-05 06:15 - 001293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-09-15 12:34 - 2017-09-05 06:15 - 001143296 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-09-15 12:34 - 2017-09-05 06:15 - 001077248 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-09-15 12:34 - 2017-09-05 06:15 - 000706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-09-15 12:34 - 2017-09-05 06:15 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-09-15 12:34 - 2017-09-05 06:15 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-09-15 12:34 - 2017-09-05 06:14 - 011887104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-09-15 12:34 - 2017-09-05 06:14 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-09-15 12:34 - 2017-09-05 06:14 - 002445824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-09-15 12:34 - 2017-09-05 06:14 - 002177024 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2017-09-15 12:34 - 2017-09-05 06:14 - 002006528 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2017-09-15 12:34 - 2017-09-05 06:14 - 001657344 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2017-09-15 12:34 - 2017-09-05 06:14 - 001583616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-09-15 12:34 - 2017-09-05 06:14 - 000986624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-09-15 12:34 - 2017-09-05 06:14 - 000827904 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2017-09-15 12:34 - 2017-09-05 06:14 - 000810496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2017-09-15 12:34 - 2017-09-05 06:13 - 002009600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-09-15 12:34 - 2017-09-05 06:13 - 001802752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-09-15 12:34 - 2017-09-05 06:13 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-09-15 12:34 - 2017-09-05 06:12 - 006265856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-09-15 12:34 - 2017-09-05 06:12 - 002153984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2017-09-15 12:34 - 2017-09-05 06:11 - 003654656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-09-15 12:34 - 2017-09-05 06:11 - 001463296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-09-15 12:34 - 2017-09-05 06:11 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2017-09-15 12:34 - 2017-09-05 06:09 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll
2017-09-15 12:34 - 2017-09-05 06:07 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\RstrtMgr.dll
2017-09-15 12:34 - 2017-09-05 06:07 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2017-09-15 12:34 - 2017-09-05 06:06 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2017-09-15 12:34 - 2017-09-01 07:55 - 000031932 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2017-09-10 11:56 - 2017-09-10 11:56 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsignee18b00e325a1e80
2017-09-10 11:53 - 2017-09-10 11:53 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign9c85a5e26f0a7895
2017-09-10 11:51 - 2017-09-10 11:51 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign538caf5474ceeabc
2017-09-10 11:49 - 2017-09-10 11:49 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign6fa9b74abd1fb3a1
2017-09-10 11:45 - 2017-09-10 11:45 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsignbb386aaa93fbea85
2017-09-10 11:23 - 2017-09-10 11:23 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign891995a444fba673
2017-09-10 10:18 - 2017-09-10 10:18 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsignf98c9c47f93ca431
2017-09-10 10:16 - 2017-09-10 10:16 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign04d653af51384666
2017-09-10 10:08 - 2017-09-10 10:08 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsignd5187fbba5a664ed
2017-09-10 10:06 - 2017-09-10 10:06 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign4aa0d5c0956907c2
2017-09-10 10:02 - 2017-09-10 10:02 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign646ab2eec7c9e779
2017-09-10 09:54 - 2017-09-10 09:54 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsigna7cb8441e112d5f7
2017-09-10 09:43 - 2017-09-10 09:43 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign1d61bc997ca07367
2017-09-10 09:39 - 2017-09-10 09:39 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign657ed2562342561d
2017-09-10 09:37 - 2017-09-10 09:37 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign9c2a9532d8cc2517
2017-09-10 09:37 - 2017-09-10 09:37 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign40e3e5af22dfa156
2017-09-10 09:37 - 2017-09-10 09:37 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign39999b75eb0c922e
2017-09-10 09:37 - 2017-09-10 09:37 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign206bfaf458893073
2017-09-09 18:45 - 2017-09-09 18:45 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign043a21c81399d682
2017-09-09 18:42 - 2017-09-09 18:42 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign5e49fc571219bb1a
2017-09-09 18:40 - 2017-09-09 18:40 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsignc00ea6420f47aa89
2017-09-09 18:34 - 2017-09-09 18:34 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsigna01fe20e43eef2f3
2017-09-09 18:28 - 2017-09-09 18:28 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsigne975c3133a042e6e
2017-09-09 18:21 - 2017-09-09 18:21 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsignb1948ee5a5e73b5f
2017-09-09 18:18 - 2017-09-09 18:18 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsignd1d46bcbf974787a
2017-09-09 18:17 - 2017-09-09 18:17 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign4ae3ad1da5dc5a6d
2017-09-09 18:16 - 2017-09-09 18:16 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsignb588effe2b5a4d95
2017-09-09 18:08 - 2017-09-09 18:08 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign6ea268cae19881f7
2017-09-09 18:00 - 2017-09-09 18:00 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsignef834f4688bde796
2017-09-09 17:58 - 2017-09-09 17:58 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsignf8dfc166985e0737
2017-09-09 17:58 - 2017-09-09 17:58 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsignd797bb9123a1fe57
2017-09-09 17:58 - 2017-09-09 17:58 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsignc170cdf4cae92f1a
2017-09-09 17:58 - 2017-09-09 17:58 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign2d45ef39af036982

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-09-28 18:53 - 2016-10-07 12:32 - 000060003 _____ C:\IFRToolLog.txt
2017-09-28 18:53 - 2015-05-26 20:10 - 000000000 ____D C:\Program Files (x86)\Dell Backup and Recovery
2017-09-28 18:52 - 2017-03-18 23:03 - 000000000 ___HD C:\Program Files\WindowsApps
2017-09-28 18:52 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-09-28 18:51 - 2017-07-05 22:02 - 000004180 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{81E0AA04-6B72-44DD-AA52-09C77A6592D4}
2017-09-28 18:51 - 2015-07-07 22:58 - 000000000 ____D C:\Users\Massimo\AppData\Local\Adobe
2017-09-28 18:48 - 2016-04-02 09:09 - 000000000 ____D C:\Users\Massimo\AppData\Roaming\PlaysTV
2017-09-28 18:48 - 2015-12-22 17:13 - 000000000 ____D C:\Users\Massimo\AppData\Roaming\Raptr
2017-09-28 18:48 - 2015-07-07 22:51 - 000000000 __RDO C:\Users\Massimo\OneDrive
2017-09-27 22:17 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2017-09-27 22:14 - 2017-07-05 21:56 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-09-27 21:33 - 2015-07-07 22:48 - 000000000 ____D C:\Users\Massimo\AppData\Local\Packages
2017-09-27 21:13 - 2016-01-17 17:38 - 000000000 ____D C:\Users\Massimo\Documents\Running
2017-09-27 21:11 - 2017-03-18 23:01 - 000000000 ____D C:\WINDOWS\INF
2017-09-27 21:10 - 2017-03-18 13:40 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2017-09-27 21:09 - 2017-07-05 22:04 - 002192586 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-09-27 21:09 - 2017-03-20 06:10 - 000997506 _____ C:\WINDOWS\system32\perfh010.dat
2017-09-27 21:09 - 2017-03-20 06:10 - 000209364 _____ C:\WINDOWS\system32\perfc010.dat
2017-09-27 21:05 - 2017-07-05 22:02 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-09-27 21:05 - 2015-12-04 10:11 - 000147656 ____N (CyberLink Corp.) C:\WINDOWS\system32\Drivers\rikvm_99E320F5.sys
2017-09-27 06:06 - 2017-07-05 21:57 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2017-09-27 06:06 - 2017-03-18 13:40 - 001572864 _____ C:\WINDOWS\system32\config\BBI
2017-09-27 06:00 - 2017-03-18 22:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-09-25 20:25 - 2013-08-22 17:36 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2017-09-24 18:42 - 2015-09-13 17:19 - 000000000 ____D C:\Users\Massimo\Documents\ARCHIVIO FOTO
2017-09-23 12:05 - 2015-07-07 23:02 - 000000000 ____D C:\ProgramData\Adobe
2017-09-23 11:55 - 2017-03-18 23:03 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files
2017-09-23 11:55 - 2017-03-18 23:03 - 000000000 ___RD C:\WINDOWS\Offline Web Pages
2017-09-23 11:45 - 2015-05-26 20:14 - 000000000 ____D C:\ProgramData\McAfee
2017-09-23 11:45 - 2015-05-26 20:14 - 000000000 ____D C:\Program Files\Common Files\McAfee
2017-09-23 11:43 - 2017-07-05 22:02 - 000000000 ____D C:\WINDOWS\System32\Tasks\McAfee
2017-09-23 11:40 - 2015-10-30 08:28 - 000000000 ____D C:\Users\Default.migrated
2017-09-22 14:05 - 2017-07-27 21:20 - 000003370 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-925684549-1631372041-3969593942-1001
2017-09-22 14:05 - 2015-12-04 12:48 - 000002459 _____ C:\Users\Massimo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-09-20 19:27 - 2015-05-26 20:10 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2017-09-16 11:10 - 2015-11-29 22:25 - 000000000 ____D C:\Users\Massimo\AppData\Roaming\SNS-HDR
2017-09-15 16:50 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\rescache
2017-09-15 16:37 - 2015-07-07 22:56 - 000000000 ____D C:\ProgramData\softthinks
2017-09-15 14:42 - 2017-07-05 21:56 - 000314584 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-09-15 14:42 - 2015-07-07 22:39 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-09-15 13:04 - 2017-07-05 21:57 - 000000000 ____D C:\Users\Massimo
2017-09-15 13:03 - 2017-03-20 06:10 - 000000000 ____D C:\WINDOWS\system32\it
2017-09-15 13:03 - 2017-03-18 23:03 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-09-15 13:03 - 2017-03-18 23:03 - 000000000 ___SD C:\WINDOWS\system32\F12
2017-09-15 13:03 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2017-09-15 13:03 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-09-15 13:03 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\setup
2017-09-15 13:03 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-09-15 13:03 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-09-15 13:03 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-09-15 12:39 - 2015-07-10 19:25 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-09-15 12:38 - 2015-07-10 19:25 - 138202976 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-09-15 12:24 - 2015-05-26 20:16 - 000000000 ____D C:\Program Files\Dell
2017-09-10 11:10 - 2017-05-07 10:24 - 000001456 _____ C:\Users\Massimo\AppData\Local\Adobe Salva per Web e dispositivi 13.0 Prefs
2017-09-02 17:15 - 2017-03-18 23:06 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-09-02 17:15 - 2017-03-18 23:06 - 000177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-08-29 11:43 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\ELAMBKUP

==================== Files in the root of some directories =======

2016-10-24 19:46 - 2016-10-24 19:46 - 000000028 _____ () C:\Users\Massimo\AppData\Roaming\kulerdata.json
2017-05-07 10:24 - 2017-09-10 11:10 - 000001456 _____ () C:\Users\Massimo\AppData\Local\Adobe Salva per Web e dispositivi 13.0 Prefs
2016-10-16 18:48 - 2016-10-16 18:48 - 000000017 _____ () C:\Users\Massimo\AppData\Local\resmon.resmoncfg
2017-09-23 11:37 - 2017-09-23 11:37 - 000048643 _____ () C:\ProgramData\agent.1506159450.bdinstall.bin
2017-09-23 11:49 - 2017-09-23 11:49 - 000477336 _____ () C:\ProgramData\cl.1506159941.bdinstall.bin
2017-09-23 11:54 - 2017-09-23 11:54 - 000057201 _____ () C:\ProgramData\dm.1506160479.bdinstall.bin
2017-07-05 21:57 - 2017-07-05 21:57 - 000000000 ____H () C:\ProgramData\DP45977C.lfl
2015-05-26 20:04 - 2015-05-26 20:05 - 000000121 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log
2015-05-26 20:03 - 2015-05-26 20:03 - 000000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
2015-05-26 20:03 - 2015-05-26 20:04 - 000000111 _____ () C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log
2015-05-26 20:04 - 2015-05-26 20:04 - 000000108 _____ () C:\ProgramData\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}.log
2015-05-26 20:03 - 2015-05-26 20:03 - 000000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log

Some files in TEMP:
====================
2017-09-25 19:58 - 2017-09-05 07:26 - 001930840 _____ (Microsoft Corporation) C:\Users\Massimo\AppData\Local\Temp\dllnt_dump.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-09-27 05:59

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-09-2017 01
Ran by Massimo (28-09-2017 19:03:02)
Running from C:\Users\Massimo\Desktop
Windows 10 Home Version 1703 (X64) (2017-07-05 20:05:42)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-925684549-1631372041-3969593942-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-925684549-1631372041-3969593942-503 - Limited - Disabled)
Guest (S-1-5-21-925684549-1631372041-3969593942-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-925684549-1631372041-3969593942-1003 - Limited - Enabled)
Massimo (S-1-5-21-925684549-1631372041-3969593942-1001 - Administrator - Enabled) => C:\Users\Massimo

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: Bitdefender Antivirus (Enabled - Up to date) {3FB17364-4FCC-0FA7-6BBF-973897395371}
AS: Bitdefender Antispyware (Enabled - Up to date) {84D09280-69F6-0029-510F-AC4AECBE19CC}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall (Enabled) {078AF241-05A3-0EFF-40E0-3E0D69EA140A}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 26.0.0.127 - Adobe Systems Incorporated)
Adobe Bridge CC 2017 (HKLM-x32\...\KBRG_7_0) (Version: 7.0 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.2.0.211 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.12 - Adobe Systems Incorporated)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_1_1) (Version: 18.1.1 - Adobe Systems Incorporated)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
AMD Settings (HKLM\...\WUCCCApp) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.)
ANT Drivers Installer x64 (HKLM\...\{1B6B17C2-176C-433C-93F3-640D12825426}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 21.0.25.59 - Bitdefender)
Bitdefender Device Management (HKLM\...\Bitdefender Device Management) (Version: 22.0.10.141 - Bitdefender)
Bitdefender Total Security (HKLM\...\Bitdefender) (Version: 22.0.10.141 - Bitdefender)
BookWright versione 1.1.109 (HKLM-x32\...\{C17978EB-5A2C-40E3-B351-F03A27245BF9}_is1) (Version: 1.1.109 - Blurb, Inc.)
Capture NX-D (HKLM\...\{794529D3-D489-4CF2-B2ED-CF241809E5EC}) (Version: 1.4.1 - Nikon Corporation)
Catalyst Control Center Next Localization BR (HKLM\...\{118C2119-84B6-E32C-63E2-B56DBCF41CE5}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{3E245378-BF77-6946-C6F6-096DBE5EAB82}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{51F85784-6799-5CA3-97B2-2E5904FC3E58}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{E7AA1A02-575C-14C6-FBEF-4BE6D46A5B74}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{45907537-804A-514F-5280-5F4F12A6DCBC}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{5A083A57-10D6-D4E5-292C-F274870E73A4}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{8E6F5592-ED7E-9C50-74AC-BF417B1FE291}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{EB6C44F1-0F78-FE10-BC63-90BA50AB0CE9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{962364E4-08BB-347D-32E7-2B789F37BF8A}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{AD28960A-6190-C991-C964-308B86EAA2E2}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{B26D75B8-FAB7-6F8B-767F-BAF975383D91}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{DF0D7C1C-72B6-9FFB-DF66-B3720237BB80}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{238F6F6F-2544-86CF-3AB6-2CDADAB58CF0}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{36EDC500-E4C0-371C-9865-08450415C1E9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{84C3F2C5-F7B2-2F08-CDF4-79EF7CC55D74}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{A0407E39-2AA4-60B3-885F-3C5347B6909E}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{0989D0EA-AFF3-5F9A-3D25-20EE133E409B}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{0E8A3B17-D603-B1B6-C205-1685EBDD23E9}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{4C2FB7FD-89FD-BA5C-585A-3811F326AD34}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{EC688BD0-240D-AE40-55F3-234E54919AE6}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{1E7D3072-1D28-E33A-99DF-85D9F7ECD06E}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{A8689A0F-5928-7300-B82B-C5E85131B7BA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{D74218A3-C503-57EF-AC9F-2220082E7ADE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{E27224E3-7913-DA1E-5B08-9BEEC8FEE3D1}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{76AAF56B-93D8-161D-809A-EC05F3B913DA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{95A52FC1-C728-841D-1BFC-CC793B77B0A4}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{BA26B70C-3D8C-2D14-4122-211FB3E6F691}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{DA433FCF-90A1-19A5-65A7-FDF82DE4826D}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{063CED74-F5F0-870E-DC9C-2D78FDEDA3EE}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{5FEACE78-C338-9AED-FF05-7DE7E273C774}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{949F125B-A6CC-5A5E-EEE7-4AC50305C1FA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{A22CDEBA-6DB5-12CD-F6CE-6238C2D78363}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{13BB60AA-88F7-4B1F-2DEC-D81EEDE8B3AA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{20D46801-147B-30AD-7C5A-AC4560A79096}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{A3795528-F572-6314-C4E3-EE9DAF0FBF02}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{C0BFC67D-E447-02C8-6046-C078DFE9EC97}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{22C39711-2747-D264-319A-1550BEEAAEC6}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{37AA6227-FF2C-95AC-87C0-45DCC0BB87DA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{4853A56D-7931-A08B-5BA7-8E2D61043DF9}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{94C72EBE-2908-F0AC-62DA-D61951830F8F}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{1DBACFDB-5E43-7882-36BD-53526D34BD22}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{5B987681-3652-492B-6A11-E02AC0FE5959}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{B28CF677-E2C8-12CA-52BB-19B6F066D36A}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{EB328356-1DF0-1CCE-3607-6361DD329219}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{43F6D22B-E0E9-EE90-9B62-1C5FC5D15A55}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{86BFE5B4-1FCE-3C02-6373-92B1AE6431E8}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{87E6EC29-AEC5-28CB-F773-93EB6C1B8A2B}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{A91FC4BF-C1EC-ADCA-79D1-F4F0671F1D60}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{0742432E-42D9-2240-4CA1-8595CCCBAA77}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{CA55697D-BD74-3ED8-6B21-D7EDAD3B7D02}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{D4490E0F-8E7B-1097-B56A-7643C75F1C28}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{ED75A775-03A7-F214-868D-497748707968}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{07BFBD5C-2F63-6828-1B61-B41A44113F3B}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{CFC860C8-4F51-E08C-A74C-2E444ED06160}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{DAB44116-0266-C65B-B643-AC11217C3041}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{EAEAA839-44F4-22DF-D1CC-88C3B2A3D4B1}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{3AF70346-52C7-0334-606F-118D1C1CB7A2}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{9338D693-38B7-1ED4-9B42-BFA1D5600CCB}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{A3973655-E448-4A1B-477C-988A79D132D9}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{E6038D3E-5D87-8DF7-6D05-BE7532C3E73E}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{53AE8AC7-5213-67AF-0DC0-CED696B77643}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{6DC92550-D065-4B36-C4D3-D8D7A702A7A7}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{C971C145-258D-6650-7088-13DDB161327A}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{DFAD9DAC-4768-C8BB-4E0E-5239605A9BEA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{B2A83706-3F14-1532-20CD-B4EE715A8945}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{DC9DFCBF-87DA-892C-6151-99CC9EF46E3E}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{EBA09DAF-14B4-7BE7-676E-6E2FB21EDBDD}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{FFBFBD1F-B160-A119-7C43-8584FA2E5665}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{44ED2CDA-4197-E9E9-B328-26E1FB749116}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{4D1D5407-9B69-6422-629C-8518A26004A4}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{9AA4DD93-94BF-22EA-C9D2-7084F304A31B}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{C1EFF2A2-DF4A-F6D1-B99C-1ED194AE9E78}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{3450566C-4561-0EE8-B1AB-D5C79CCE8D2C}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{379D900B-A785-6DB0-012E-434356A365B3}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{46EB68BE-8AAC-8C2B-7284-8DEDE6B5CD2A}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{A8379BAB-59A9-C0A3-8BCC-4852EA403692}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{24DF617A-CD23-6E6A-126B-23630D2781CE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{366C4FB5-CF6E-258B-418D-E6D29549A278}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{7A6E431B-CF43-EC3E-FD7E-0A0AAB1B25FC}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{FCE8438C-3272-D63F-479F-670F082B294B}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{25D1751E-7CA2-5F6D-0125-0A16E47AF9FE}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{83DDDFD8-AD42-72F9-E4F1-5456FDB304C9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{89A1F076-19B8-A2B1-D5A3-E8247EFAF157}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{B10089DE-934F-6E0F-683A-B788F89348DF}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
CEWE.IT Foto World (HKLM-x32\...\CEWE.IT Foto World) (Version: 6.1.5 - CEWE Stiftung u Co. KGaA)
Citrix Online Launcher (HKLM-x32\...\{E5F6D26D-E180-4547-A865-565EAB61000C}) (Version: 1.0.362 - Citrix)
ColorNavigator 6 (HKLM\...\{207AD5A9-A797-4C4B-B8C5-1CB8B54972C8}_is1) (Version: 6.4.19 - EIZO Corporation)
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.9.2.8 - Dell Inc.)
Dell Customer Connect (HKLM-x32\...\{4FA72FF9-DD64-43A8-8704-6380A11F11D5}) (Version: 1.4.15.0 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{693A23FB-F28B-4F7A-A720-4C1263F97F43}) (Version: 3.1.1002.0 - Dell Products, LP)
Dell Foundation Services (HKLM\...\{BDB50421-E961-42F3-B803-6DAC6F173834}) (Version: 3.4.16100.0 - Dell Inc.)
Dell Help & Support (HKLM\...\{E8669F4E-F2BE-48A9-B5A5-0BC12CA4CB4F}) (Version: 2.4.18.0 - Dell Inc.) Hidden
Dell Help & Support (HKLM-x32\...\InstallShield_{E8669F4E-F2BE-48A9-B5A5-0BC12CA4CB4F}) (Version: 2.4.18.0 - Dell Inc.)
Dell Product Registration (HKLM-x32\...\{24F2AD94-CC1B-4294-B184-D4D31A3186A7}) (Version: 2.42.0012 - Aviata Inc.)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 2.0.6875.668 - Dell)
Dell SupportAssistAgent (HKLM\...\{18EF001B-B005-46CB-917B-112BA69ED85E}) (Version: 2.0.3.10 - Dell)
Dell System Detect (HKU\S-1-5-21-925684549-1631372041-3969593942-1001\...\73f463568823ebbe) (Version: 6.6.0.2 - Dell)
Dell Update - SupportAssist Update Plugin (HKLM\...\{2228BC43-73DA-4F9A-BEE6-8E9C15328513}) (Version: 3.1.1.3832 - Dell Inc.)
Dell Update (HKLM-x32\...\{F91263FA-BE4D-439D-9C0A-2E7204E0E9E3}) (Version: 1.9.20.0 - Dell Inc.)
Dropbox 20 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 0.9.0 - Dropbox, Inc.)
Elevated Installer (HKLM-x32\...\{BA007E03-72AE-4D2D-8A73-FA4B935D4015}) (Version: 5.4.1.0 - Garmin Ltd or its subsidiaries) Hidden
Epson Print Layout (HKLM-x32\...\{BE911FEE-42FB-4462-A94A-5D34CB84BDBD}) (Version: 1.3.2 - Seiko Epson Corporation)
Garmin Express (HKLM-x32\...\{2f694ffe-66ec-4674-a32d-ec690281ca57}) (Version: 5.4.1.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{BCEE507D-8D49-40FF-B437-70E3B9C2D51C}) (Version: 5.4.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (HKLM-x32\...\{198E262D-8C4F-4131-91C7-1F81FB8688F1}) (Version: 5.4.1.0 - Garmin Ltd or its subsidiaries) Hidden
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.3 - Google Inc.) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{e48a2f61-851a-4155-82f9-af1b04db8c3b}) (Version: 10.0.13 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.0.1168 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{AD6B46F2-FE21-496F-BE90-BE19AABE353C}) (Version: 2.2.12 - Intel Corporation)
Intel(R) Wireless Bluetooth(R)(patch version 17.0.1427.2) (HKLM\...\{302600C1-6BDF-4FD1-1406-148929CC1385}) (Version: 17.1.1406.0472 - Intel Corporation)
Malwarebytes versione 3.2.2.2029 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2029 - Malwarebytes)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-925684549-1631372041-3969593942-1001\...\OneDriveSetup.exe) (Version: 17.3.6998.0830 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools per Office Runtime (x64) - Language Pack - ITA (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ITA) (Version: 10.0.50903 - Microsoft Corporation)
Neat Image v7.6.0 Pro plug-in for Photoshop (64-bit) (HKLM\...\Neat Image plug-in for Photoshop_is1) (Version: - Neat Image team, ABSoft)
Neat Image v8.2.0 Pro plug-in for Photoshop (64-bit) (HKLM\...\Neat Image v8 plug-in for Photoshop_is1) (Version: - Neat Image team, ABSoft)
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google)
Nikon Message Center 2 (HKLM-x32\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.3.0 - Nikon Corporation)
Pacchetto driver Windows - Datacolor (Spyder4) USB (06/01/2011 1.0.0.1) (HKLM\...\E5E9268B6D7B0E662E34736CC110C89D595E4222) (Version: 06/01/2011 1.0.0.1 - Datacolor)
Pacchetto driver Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Pacchetto driver Windows - FTDI CDM Driver Package - Bus/D2XX Driver (07/10/2015 2.12.06) (HKLM\...\B85E5F21D69245012A4E4C2DFAF38615FC7CF7AA) (Version: 07/10/2015 2.12.06 - FTDI)
Pacchetto driver Windows - FTDI CDM Driver Package - VCP Driver (07/10/2015 2.12.06) (HKLM\...\71B7FC12B248030B4BBBCA0C57826D74F64DB010) (Version: 07/10/2015 2.12.06 - FTDI)
Pacchetto driver Windows - FTDI CDM Driver Package (07/12/2010 2.08.02) (HKLM\...\498B9978CE49397903524B0761200F43EC650044) (Version: 07/12/2010 2.08.02 - FTDI)
Pacchetto driver Windows - FTDI CDM Driver Package (07/12/2010 2.08.02) (HKLM\...\67170FB0228B69BCCBEF8CE14A76953A5505D8EA) (Version: 07/12/2010 2.08.02 - FTDI)
Pacchetto driver Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Pacchetto driver Windows - X-Rite (colormunki) XRiteDevices (08/21/2006 2.40.0.1315) (HKLM\...\975DA77B1E3D07FC79378569A82F13404D027518) (Version: 08/21/2006 2.40.0.1315 - X-Rite)
Pacchetto driver Windows - X-Rite (EyeOne) XRiteDevices (04/21/2009 2.40.0.1315) (HKLM\...\60DFC39027B2B7734E1FBB0C005E7A477317D42D) (Version: 04/21/2009 2.40.0.1315 - X-Rite)
Photodex Presenter (HKLM-x32\...\Photodex Presenter) (Version: - Photodex Corporation)
Picture Control Utility 2 (HKLM\...\{D4893C47-704F-4B84-8486-9DE4974ACA6F}) (Version: 2.2.0 - Nikon Corporation)
PlaysTV (HKLM-x32\...\PlaysTV) (Version: 1.26.0-r124601-release - Plays.tv, LLC)
ProShow Producer (HKLM-x32\...\ProShow Producer) (Version: - Photodex Corporation)
Quick Color Match (HKLM-x32\...\{ac680184-5327-4983-9d3a-2f1ba5240b81}_is1) (Version: 2.0.2 - EIZO Corporation)
Raptr (HKLM-x32\...\Raptr) (Version: 5.2.10-r123135-release - Raptr, Inc)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.30164 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7544 - Realtek Semiconductor Corp.)
Realtek USB Audio (HKLM-x32\...\{0A46A65D-89AC-464C-8026-3CD44960BD04}) (Version: 6.3.9600.41 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
SNS-HDR Home 2.2.2 (HKLM\...\snshdrhome2_is1) (Version: - Sebastian Nibisz)
SNS-HDR Home v1.4.22 (HKLM\...\SNS-HDR Home_is1) (Version: - Sebastian Nibisz)
Software Intel® PROSet/Wireless (HKLM-x32\...\{4544164b-edf0-455c-b150-bed7109d751e}) (Version: 18.11.0 - Intel Corporation)
Software per stampante EPSON (HKLM\...\EPSON Printer and Utilities) (Version: - SEIKO EPSON Corporation)
Software per stampante EPSON (HKLM-x32\...\EPSON Printer and Utilities) (Version: - )
Software Saal Design Italy (HKLM-x32\...\{A7B5A9C4-25AF-13A9-A505-7CAE78A14F3B}) (Version: 4.0 - Saal Digital Fotoservice GmbH) Hidden
Software Saal Design Italy (HKLM-x32\...\SoftwareSaalDesignItaly) (Version: 4.0 - Saal Digital Fotoservice GmbH)
SpyderCheckr (HKLM-x32\...\SpyderCheckr) (Version: - )
TomTom MyDrive Connect 4.1.4.3031 (HKLM-x32\...\MyDriveConnect) (Version: 4.1.4.3031 - TomTom)
Topaz DeNoise 5 (HKLM-x32\...\Topaz DeNoise 5) (Version: 5.1.0 - Topaz Labs, LLC)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
Vulkan Run Time Libraries 1.0.3.1 (HKLM\...\VulkanRT1.0.3.1) (Version: 1.0.3.1 - LunarG, Inc.)
Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-925684549-1631372041-3969593942-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-60C939DA79C8}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => No File
ContextMenuHandlers1: [BDFVCtxMenuExt] -> {9E96C1F5-0EFA-4348-9460-15D6802C70AA} => C:\Program Files\Bitdefender\Bitdefender Security\bdfvsctx.dll [2017-08-11] (Bitdefender)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2013-08-07] (Cyberlink)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2013-08-07] (Cyberlink)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers4: [BDFVCtxMenuExt] -> {9E96C1F5-0EFA-4348-9460-15D6802C70AA} => C:\Program Files\Bitdefender\Bitdefender Security\bdfvsctx.dll [2017-08-11] (Bitdefender)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-04-24] (Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [BDFVCtxMenuExt] -> {9E96C1F5-0EFA-4348-9460-15D6802C70AA} => C:\Program Files\Bitdefender\Bitdefender Security\bdfvsctx.dll [2017-08-11] (Bitdefender)
ContextMenuHandlers6: [BDFVCtxMenuExt] -> {9E96C1F5-0EFA-4348-9460-15D6802C70AA} => C:\Program Files\Bitdefender\Bitdefender Security\bdfvsctx.dll [2017-08-11] (Bitdefender)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {006FBF0C-5862-4D40-B585-0722F984D416} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {093D2323-3806-4366-961C-F2C112F1203B} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssist.exe [2017-09-22] (Dell Inc.)
Task: {0F17304E-A290-4100-B91D-0A8FD6DE2423} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2017-05-18] ()
Task: {163E4584-E82B-4692-96AB-AABE5A9958B6} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {18324A25-74C7-475B-9737-3ECE9AFD8FD0} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {2AACAEE8-0F48-4ADB-BB31-145E29AE924F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {2ED1D553-E8CA-4D91-8687-CE648A1BF016} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-01-17] ()
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {4260C037-7FBE-4F54-959F-F392CF06301C} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2017-09-14] (PC-Doctor, Inc.)
Task: {4337FA82-1BBE-4ACD-866E-E2BCE605CA16} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2017-04-24] (Advanced Micro Devices, Inc.)
Task: {679B1539-C8EC-48B4-8E8F-AD2D1A01B990} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-numerosette@alice.it => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {72211F69-29EB-4B22-9882-4F5CEFEA473C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {72BAC8CB-CB94-48E3-9BFD-64C315ECDFF7} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {731B6558-81E3-4373-ABDA-272B38D13DA1} - System32\Tasks\PCDoctorBackgroundMonitorTask-Retry => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [2017-09-14] (PC-Doctor, Inc.)
Task: {77B1D71B-A788-46C4-8002-2E05E40A3076} - System32\Tasks\Dell\Dell Product Registration Update => C:\Program Files (x86)\Dell Product Registration\prodreg.exe [2014-10-31] (Aviata Inc)
Task: {7862B8E9-F031-4490-A532-5E37D28096B9} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [2017-09-14] (PC-Doctor, Inc.)
Task: {7B6AE7E8-DC78-4B9C-AA2B-EEE36B5E3552} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-09-15] (Microsoft Corporation)
Task: {916E5A63-0014-4D9D-8E41-49A0A6C54E0C} - System32\Tasks\Dell\Dell Product Registration => C:\Program Files (x86)\Dell Product Registration\prodreg.exe [2014-10-31] (Aviata Inc)
Task: {9860BD16-BA1E-457A-9FBE-C88641EFB6C2} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-01-17] ()
Task: {A0DA00E6-9AB8-4A27-8825-F344E243AAB1} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {A54F49BD-201A-45A4-9972-349C47BE3203} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {A776D140-6982-498D-845B-FB6C75D4BB01} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {AC0F57B7-3FAD-4430-BEC9-9A468CEA5DF5} - System32\Tasks\PCDDataUploadTask => uaclauncher.exe
Task: {AEC981D8-E03F-4CE7-8D1F-0AC46FFFE2CA} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {B48003BD-00E0-4F19-97A8-7DE676C7F06D} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {BC29605D-AB8C-4477-A2E9-AB0CB07C9111} - System32\Tasks\GoogleUpdateTaskMachineUA1d0e1ad82743886 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {C7639CDE-F335-49AA-BB80-9DAA3ECB960F} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-03-05] (CyberLink)
Task: {CABE41DE-4AB5-472B-9C56-9318ECE9A74B} - System32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C => C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe [2017-08-17] (Bitdefender)
Task: {CF28F0FA-BAC2-40C2-AE92-93273143A03C} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2013-03-22] (CyberLink Corp.)
Task: {D017F14A-D5CA-4352-A20C-DCD379B98208} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2017-06-21] (Bitdefender)
Task: {D5AFD4DB-3CF1-4723-867E-7FE694630097} - \WPD\SqmUpload_S-1-5-21-925684549-1631372041-3969593942-1001 -> No File <==== ATTENTION
Task: {D5EA352D-C54B-4879-95C6-1E558DF4781A} - System32\Tasks\Dell SupportAssistAgent AnonymousRegistration => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssist.exe [2017-09-22] (Dell Inc.)
Task: {D9353FD3-E581-46C6-8BB3-B315F1F3352A} - System32\Tasks\UninstallDDS-C960901F-CE14-4DE1-9729-1305F719A337 => C:\WINDOWS\TEMP\DeleteFolderTask.exe <==== ATTENTION
Task: {E4832B87-0A85-4479-989E-89CD51D56D84} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {ED4A4EC5-8A5F-48A5-A998-05C94863101D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {EE7EEFC7-8816-4559-B819-23FDD5F20DE0} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {F12B1F3D-C1BD-4548-B84D-D4E3049CD0BF} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-03-21] (Advanced Micro Devices, Inc.)
Task: {FAEF1C22-CE3E-4315-93D1-2ACFDF164910} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2017-09-23 11:46 - 2013-09-03 14:29 - 000111832 _____ () C:\Program Files\Bitdefender\Bitdefender Security\bdmetrics.dll
2017-09-23 11:46 - 2017-02-07 12:34 - 001008448 _____ () C:\Program Files\Bitdefender\Bitdefender Security\otengines_001_001\ashttpbr.mdl
2017-09-23 11:46 - 2017-02-07 12:34 - 000541952 _____ () C:\Program Files\Bitdefender\Bitdefender Security\otengines_001_001\ashttpdsp.mdl
2017-09-23 11:46 - 2017-02-07 12:34 - 003243920 _____ () C:\Program Files\Bitdefender\Bitdefender Security\otengines_001_001\ashttpph.mdl
2017-09-23 11:46 - 2017-02-07 12:34 - 001544568 _____ () C:\Program Files\Bitdefender\Bitdefender Security\otengines_001_001\ashttprbl.mdl
2015-07-12 18:19 - 2015-12-01 22:05 - 000186760 _____ () C:\Program Files (x86)\Photodex\ProShow Producer\ScsiAccess.exe
2017-09-25 19:29 - 2017-08-24 11:27 - 002264528 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-03-18 22:58 - 2017-03-18 22:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-03-18 22:59 - 2017-03-20 06:11 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 000011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 002013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000191488 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2017-08-23 15:11 - 2017-08-23 15:11 - 000074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-08-23 15:11 - 2017-08-23 15:11 - 000203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-08-23 15:11 - 2017-08-23 15:11 - 036162048 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-08-23 15:11 - 2017-08-23 15:11 - 002237952 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\skypert.dll
2016-11-12 11:55 - 2017-04-21 13:44 - 000148096 _____ () C:\Program Files\EIZO\ColorNavigator 6\ColorNavigator 6.exe
2016-11-12 11:55 - 2017-04-21 13:44 - 000080512 _____ () C:\Program Files\EIZO\ColorNavigator 6\core\cn6_eacore.exe
2017-08-17 02:21 - 2017-08-17 02:21 - 000020184 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\QtWebEngineProcess.exe
2017-02-14 09:42 - 2017-02-14 09:42 - 000326144 _____ () C:\Program Files (x86)\Garmin\Device Interaction Service\GpsImgWrapper.dll
2017-05-18 10:56 - 2017-05-18 10:56 - 000073216 _____ () C:\Program Files (x86)\Garmin\Device Interaction Service\FixBootSector.dll
2017-08-17 02:21 - 2017-08-17 02:21 - 000033280 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\cx_Logging.cp35-win32.pyd
2017-08-17 02:21 - 2017-08-17 02:21 - 000103424 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32api.pyd
2017-08-17 02:21 - 2017-08-17 02:21 - 000111616 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pywintypes35.dll
2017-08-17 02:21 - 2017-08-17 02:21 - 000041984 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32process.pyd
2017-08-17 02:21 - 2017-08-17 02:21 - 000405504 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pythoncom35.dll
2017-08-17 02:21 - 2017-08-17 02:21 - 000173568 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32gui.pyd
2017-08-17 02:21 - 2017-08-17 02:21 - 001934336 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtGui.pyd
2017-08-17 02:21 - 2017-08-17 02:21 - 000077824 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\sip.pyd
2017-08-17 02:21 - 2017-08-17 02:21 - 001780736 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtCore.pyd
2017-08-17 02:21 - 2017-08-17 02:21 - 000505856 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtNetwork.pyd
2017-08-17 02:21 - 2017-08-17 02:21 - 003812864 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWidgets.pyd
2016-12-21 11:24 - 2016-12-21 11:24 - 000134008 _____ () C:\Program Files (x86)\Dell Customer Connect\ServiceTagPlusPlus.dll
2015-03-16 11:28 - 2015-03-16 11:28 - 000155528 _____ () C:\Program Files (x86)\Dell Digital Delivery\ServiceTagPlusPlus.dll
2017-05-01 15:27 - 2017-05-01 15:27 - 000133992 _____ () C:\Program Files (x86)\Dell Update\ServiceTagPlusPlus.dll
2014-02-19 18:51 - 2014-02-19 18:51 - 001241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2016-11-12 11:55 - 2017-04-21 13:43 - 000211968 _____ () C:\Program Files\EIZO\ColorNavigator 6\core\libcolour.dll
2016-11-12 11:55 - 2017-04-21 13:43 - 001026048 _____ () C:\Program Files\EIZO\ColorNavigator 6\core\plugins\cn_Procs.dll
2016-11-12 11:55 - 2017-04-21 13:43 - 000136192 _____ () C:\Program Files\EIZO\ColorNavigator 6\core\libimpronta.dll
2015-05-08 03:37 - 2015-05-08 03:37 - 000087040 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_ctypes.pyd
2015-05-08 03:37 - 2015-05-08 03:37 - 000043008 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_socket.pyd
2015-05-08 03:37 - 2015-05-08 03:37 - 000805376 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_ssl.pyd
2015-05-08 03:39 - 2015-05-08 03:39 - 005812736 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtGui.pyd
2017-05-04 21:01 - 2017-05-04 21:01 - 000067584 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\sip.pyd
2015-05-08 03:39 - 2015-05-08 03:39 - 001662464 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtCore.pyd
2015-05-08 03:39 - 2015-05-08 03:39 - 000494592 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtNetwork.pyd
2015-05-08 03:39 - 2015-05-08 03:39 - 000096256 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32api.pyd
2015-05-08 03:38 - 2015-05-08 03:38 - 000110592 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\pywintypes26.dll
2015-05-08 03:37 - 2015-05-08 03:37 - 000010240 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\select.pyd
2015-05-08 03:37 - 2015-05-08 03:37 - 000356864 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_hashlib.pyd
2015-05-08 03:39 - 2015-05-08 03:39 - 000036352 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32process.pyd
2015-05-08 03:39 - 2015-05-08 03:39 - 000111104 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32file.pyd
2015-05-08 03:37 - 2015-05-08 03:37 - 000044544 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_sqlite3.pyd
2015-05-08 03:49 - 2015-05-08 03:49 - 000417501 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\sqlite3.dll
2015-05-08 03:39 - 2015-05-08 03:39 - 000167936 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32gui.pyd
2015-05-08 03:39 - 2015-05-08 03:39 - 000313856 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtWebKit.pyd
2015-05-08 03:37 - 2015-05-08 03:37 - 000127488 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\pyexpat.pyd
2015-05-08 03:37 - 2015-05-08 03:37 - 000009216 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\winsound.pyd
2015-11-13 23:59 - 2015-11-13 23:59 - 000113171 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libvlc.dll
2015-11-13 23:59 - 2015-11-13 23:59 - 002396691 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libvlccore.dll
2015-05-08 03:37 - 2015-05-08 03:37 - 000583680 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\unicodedata.pyd
2015-05-08 03:37 - 2015-05-08 03:37 - 000324608 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PIL._imaging.pyd
2015-11-13 23:58 - 2015-11-13 23:58 - 000271872 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\amd_ags.dll
2015-05-08 03:39 - 2015-05-08 03:39 - 000024064 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32pipe.pyd
2017-08-17 02:21 - 2017-08-17 02:21 - 000021504 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32event.pyd
2017-08-17 02:21 - 2017-08-17 02:21 - 000113171 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\libvlc.dll
2017-08-17 02:21 - 2017-08-17 02:21 - 002396691 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\libvlccore.dll
2017-08-17 02:21 - 2017-08-17 02:21 - 000124416 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32file.pyd
2017-08-17 02:21 - 2017-08-17 02:21 - 000084992 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtSvg.pyd
2017-08-17 02:21 - 2017-08-17 02:21 - 000152064 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWebEngineWidgets.pyd
2017-08-17 02:21 - 2017-08-17 02:21 - 000033792 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWebEngineCore.pyd
2017-08-17 02:21 - 2017-08-17 02:21 - 000032256 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWebChannel.pyd
2017-08-17 02:21 - 2017-08-17 02:21 - 000035328 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\simplejson._speedups.pyd
2017-08-17 02:21 - 2017-08-17 02:21 - 000372736 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32com.shell.shell.pyd
2017-08-17 02:21 - 2017-08-17 02:21 - 000013824 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\libEGL.dll
2017-08-17 02:21 - 2017-08-17 02:21 - 001983488 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\libGLESv2.dll
2017-08-17 02:21 - 2017-08-17 02:21 - 000271872 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\amd_ags.dll
2017-08-17 02:21 - 2017-08-17 02:21 - 002658512 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\ltc_host_ex.DLL
2017-08-17 02:21 - 2017-08-17 02:21 - 000027667 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\plugins\audio_output\libdirectsound_plugin.dll
2017-08-17 02:21 - 2017-08-17 02:21 - 000031251 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\plugins\audio_output\libwaveout_plugin.dll
2017-08-17 02:21 - 2017-08-17 02:21 - 000066579 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\plugins\video_output\libdirectdraw_plugin.dll
2015-05-08 03:39 - 2015-05-08 03:39 - 000141312 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\gobject._gobject.pyd
2017-05-04 19:33 - 2017-05-04 19:33 - 002717595 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\heliotrope._purple.pyd
2015-05-08 03:49 - 2015-05-08 03:49 - 001213633 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libxml2-2.dll
2015-05-08 03:55 - 2015-05-08 03:55 - 000055808 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\zlib1.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 000495680 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libaim.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 001183699 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\liboscar.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 000483306 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libicq.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 000655356 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libirc.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 001306387 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libmsn.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 000565461 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libxmpp.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 001640221 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libjabber.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 000506276 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libyahoo.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 001053730 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libymsg.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 000497782 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libyahoojp.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 000603326 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\ssl-nss.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 000474199 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\ssl.dll
2015-05-26 20:03 - 2013-03-05 05:40 - 000626240 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2013-03-05 11:41 - 2013-03-05 11:41 - 000015424 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2016-01-05 19:17 - 2015-12-19 01:52 - 001607920 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\STRestoreAPI.dll
2015-05-26 20:12 - 2012-11-25 22:19 - 001153384 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\libxml2.dll
2015-05-26 20:10 - 2014-02-18 14:12 - 000117568 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\zlib1.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-925684549-1631372041-3969593942-1001\...\dell.com -> dell.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2017-09-28 18:48 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-925684549-1631372041-3969593942-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Massimo\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\win ltblue 1920x1200.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\Run: => "StartCN"
HKLM\...\StartupApproved\Run32: => "DropboxOEM"
HKLM\...\StartupApproved\Run32: => "BCSSync"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{50E94BF2-3882-41D1-9DF6-69ECC4FE7945}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{8515D71A-84AC-44E5-A945-8BB664CC4B28}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{26B03F73-7317-4AB1-8B02-CD52C3CC2880}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{5293F9AD-650E-4648-BB8E-68F4B054AFD7}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{3AD8D23B-C249-45B7-BD6B-E173E1B571BF}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD Cinema\PowerDVDCinema12.exe
FirewallRules: [{1354129C-7A9A-4642-982D-AFA1352DDB24}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{E243EA9D-2E1F-4F60-923A-17590FCEA86E}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{CE4EF3EC-3CDA-4C51-82D1-FDF9DFF21CB3}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{5F7131F5-B224-4CA4-9B68-97A00F6B3EA8}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{C7AAEE25-2F98-4C6D-AE0A-623FD4733094}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{A10559A4-C3C7-4703-8948-6CB4BB2DAF2B}] => (Allow) C:\Program Files\EIZO\ColorNavigator 6\core\cn6_eacore.exe
FirewallRules: [{2CA23CC7-77C5-461A-9457-92716A318BF9}] => (Allow) C:\Program Files\EIZO\ColorNavigator 6\core\cn6_eacore.exe
FirewallRules: [{4DB17993-A478-44E4-A8B2-1927992331E4}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{AC08FC18-EEE1-4A1B-9060-A721DE7BD5CE}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe

==================== Restore Points =========================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/28/2017 06:56:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome dell'applicazione che ha generato l'errore: MicrosoftEdgeCP.exe, versione: 11.0.15063.608, timestamp: 0x59ae240c
Nome del modulo che ha generato l'errore: edgehtml.dll, versione: 11.0.15063.608, timestamp: 0x5ff6c763
Codice eccezione: 0xcfffffff
Offset errore 0x0000000000295194
ID processo che ha generato l'errore: 0x3e80
Ora di avvio dell'applicazione che ha generato l'errore: 0x01d33879a5ca5554
Percorso dell'applicazione che ha generato l'errore: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
Percorso del modulo che ha generato l'errore: C:\WINDOWS\SYSTEM32\edgehtml.dll
ID segnalazione: 0aa22460-c82c-4a24-afe0-98f20af736d4
Nome completo pacchetto che ha generato l'errore: Microsoft.MicrosoftEdge_40.15063.0.0_neutral__8wekyb3d8bbwe
ID applicazione relativo al pacchetto che ha generato l'errore: ContentProcess

Error: (09/28/2017 06:53:30 PM) (Source: iumsvc) (EventID: 255) (User: )
Description: Exception : ('Device Profile Push Failure', ConnectionError(MaxRetryError("HTTPSConnectionPool(host='servicegateway.intel.com', port=443): Max retries exceeded with url: /DeviceProfile/Service.svc/Rest/DeviceProfileManager?deviceId=6c1de4c6-717d-48d9-894f-f3e2f4e64dbe&DomainId=E57B59E7-5862-4250-9CE0-76FB411DC0D2 (Caused by <class 'socket.gaierror'>: [Errno 11001] getaddrinfo failed)",),))

Error: (09/28/2017 06:53:30 PM) (Source: iumsvc) (EventID: 255) (User: )
Description: Exception : ('Device Profile Push Failure', ConnectionError(MaxRetryError("HTTPSConnectionPool(host='servicegateway.intel.com', port=443): Max retries exceeded with url: /DeviceProfile/Service.svc/Rest/DeviceProfileManager?deviceId=6c1de4c6-717d-48d9-894f-f3e2f4e64dbe&DomainId=50964a88-ab5f-4c91-b70e-66a2eadb5423 (Caused by <class 'socket.gaierror'>: [Errno 11001] getaddrinfo failed)",),))

Error: (09/28/2017 06:53:27 PM) (Source: iumsvc) (EventID: 255) (User: )
Description: Exception : ('Device Profile Push Failure', ConnectionError(MaxRetryError("HTTPSConnectionPool(host='servicegateway.intel.com', port=443): Max retries exceeded with url: /DeviceProfile/Service.svc/Rest/DeviceProfileManager?deviceId=6c1de4c6-717d-48d9-894f-f3e2f4e64dbe&DomainId=E57B59E7-5862-4250-9CE0-76FB411DC0D2 (Caused by <class 'socket.gaierror'>: [Errno 11001] getaddrinfo failed)",),))

Error: (09/28/2017 06:53:27 PM) (Source: iumsvc) (EventID: 255) (User: )
Description: Exception : ('Device Profile Push Failure', ConnectionError(MaxRetryError("HTTPSConnectionPool(host='servicegateway.intel.com', port=443): Max retries exceeded with url: /DeviceProfile/Service.svc/Rest/DeviceProfileManager?deviceId=6c1de4c6-717d-48d9-894f-f3e2f4e64dbe&DomainId=4E00205A-2AB1-4423-8F77-CC25B82CDE1D (Caused by <class 'socket.gaierror'>: [Errno 11001] getaddrinfo failed)",),))

Error: (09/28/2017 06:53:25 PM) (Source: iumsvc) (EventID: 255) (User: )
Description: Exception : ('Device Profile Push Failure', ConnectionError(MaxRetryError("HTTPSConnectionPool(host='servicegateway.intel.com', port=443): Max retries exceeded with url: /DeviceProfile/Service.svc/Rest/DeviceProfileManager?deviceId=6c1de4c6-717d-48d9-894f-f3e2f4e64dbe&DomainId=821fe777-bf67-463b-99f0-b2e0e4d9813b (Caused by <class 'socket.gaierror'>: [Errno 11001] getaddrinfo failed)",),))

Error: (09/28/2017 06:53:25 PM) (Source: iumsvc) (EventID: 255) (User: )
Description: Exception : ('Device Profile Push Failure', ConnectionError(MaxRetryError("HTTPSConnectionPool(host='servicegateway.intel.com', port=443): Max retries exceeded with url: /DeviceProfile/Service.svc/Rest/DeviceProfileManager?deviceId=6c1de4c6-717d-48d9-894f-f3e2f4e64dbe&DomainId=E57B59E7-5862-4250-9CE0-76FB411DC0D2 (Caused by <class 'socket.gaierror'>: [Errno 11001] getaddrinfo failed)",),))

Error: (09/27/2017 09:33:09 PM) (Source: Dell System Detect) (EventID: 0) (User: )
Description: <Exception><Type>System.Xml.XmlException</Type><Message><![CDATA[Il carattere '/', valore esadecimale 0x2F, non può essere utilizzato in un nome.]]></Message><Source><![CDATA[System.Xml]]></Source><StackTrace><![CDATA[ in System.Xml.XmlDocument.CheckName(String name)
in System.Xml.XmlElement..ctor(XmlName name, Boolean empty, XmlDocument doc)
in System.Xml.XmlDocument.CreateElement(String prefix, String localName, String namespaceURI)
in System.Xml.XmlDocument.CreateElement(String name)
in eSupport.Common.Client.Core.LastUpdatedHelper.SetLastUpdatedValue(String type, String value)]]></StackTrace><SysInfo STag="FPBCG52" SMBIOSMajVer="2" SMBIOSMinVer="7" SMBIOSBIOSVer="A09" SMBIOSPresent="True" Rel_Date="20141122000000.000000+000" DSDVersion="" Vendor="Dell Inc." PName="XPS 8700" Ident_Num="PC-MASSIMO" TimeZone="(UTC+01:00) Amsterdam, Berlino, Berna, Roma, Stoccolma, Vienna" OSName="Microsoft Windows 10 Home"/><Method>UpdateLastUpdatedConfig</Method><HostIP>192.168.1.153</HostIP></Exception>

Error: (09/27/2017 09:33:09 PM) (Source: Dell System Detect) (EventID: 0) (User: )
Description: <Exception><Type>System.Xml.XmlException</Type><Message><![CDATA[Il carattere '/', valore esadecimale 0x2F, non può essere utilizzato in un nome.]]></Message><Source><![CDATA[System.Xml]]></Source><StackTrace><![CDATA[ in System.Xml.XmlDocument.CheckName(String name)
in System.Xml.XmlElement..ctor(XmlName name, Boolean empty, XmlDocument doc)
in System.Xml.XmlDocument.CreateElement(String prefix, String localName, String namespaceURI)
in System.Xml.XmlDocument.CreateElement(String name)
in eSupport.Common.Client.Core.LastUpdatedHelper.SetLastUpdatedValue(String type, String value)]]></StackTrace><SysInfo STag="FPBCG52" SMBIOSMajVer="2" SMBIOSMinVer="7" SMBIOSBIOSVer="A09" SMBIOSPresent="True" Rel_Date="20141122000000.000000+000" DSDVersion="" Vendor="Dell Inc." PName="XPS 8700" Ident_Num="PC-MASSIMO" TimeZone="(UTC+01:00) Amsterdam, Berlino, Berna, Roma, Stoccolma, Vienna" OSName="Microsoft Windows 10 Home"/><Method>UpdateLastUpdatedConfig</Method><HostIP>192.168.1.153</HostIP></Exception>

Error: (09/27/2017 09:32:35 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Provider di eventi IntelWLANEventProvider: tentativo di registrazione della query "select * from CIntelQosEvent" con classe di destinazione "CIntelQosEvent" nello spazio dei nomi //./root/default, che non esiste. La query verrà ignorata.


System errors:
=============
Error: (09/28/2017 06:54:45 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Le impostazioni delle autorizzazioni impostazioni specifiche dell'applicazione non concedono l'autorizzazione di Attivazione in Locale per l'applicazione server COM con CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
all'utente NT AUTHORITY\SID SYSTEM (S-1-5-18) dall'indirizzo LocalHost (tramite LRPC) in esecuzione nel SID del contenitore di applicazioni Non disponibile (Non disponibile). Per modificare tale autorizzazione di sicurezza, è possibile utilizzare lo strumento amministrativo Servizi componenti.

Error: (09/28/2017 06:53:11 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Le impostazioni delle autorizzazioni impostazioni specifiche dell'applicazione non concedono l'autorizzazione di Attivazione in Locale per l'applicazione server COM con CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
all'utente NT AUTHORITY\SID SYSTEM (S-1-5-18) dall'indirizzo LocalHost (tramite LRPC) in esecuzione nel SID del contenitore di applicazioni Non disponibile (Non disponibile). Per modificare tale autorizzazione di sicurezza, è possibile utilizzare lo strumento amministrativo Servizi componenti.

Error: (09/28/2017 06:52:23 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Le impostazioni delle autorizzazioni impostazioni specifiche dell'applicazione non concedono l'autorizzazione di Attivazione in Locale per l'applicazione server COM con CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
all'utente NT AUTHORITY\SID SYSTEM (S-1-5-18) dall'indirizzo LocalHost (tramite LRPC) in esecuzione nel SID del contenitore di applicazioni Non disponibile (Non disponibile). Per modificare tale autorizzazione di sicurezza, è possibile utilizzare lo strumento amministrativo Servizi componenti.

Error: (09/28/2017 06:48:20 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Le impostazioni delle autorizzazioni impostazioni specifiche dell'applicazione non concedono l'autorizzazione di Attivazione in Locale per l'applicazione server COM con CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
e APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
all'utente NT AUTHORITY\SID SERVIZIO LOCALE (S-1-5-19) dall'indirizzo LocalHost (tramite LRPC) in esecuzione nel SID del contenitore di applicazioni Non disponibile (Non disponibile). Per modificare tale autorizzazione di sicurezza, è possibile utilizzare lo strumento amministrativo Servizi componenti.

Error: (09/28/2017 06:48:20 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Le impostazioni delle autorizzazioni impostazioni specifiche dell'applicazione non concedono l'autorizzazione di Attivazione in Locale per l'applicazione server COM con CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
e APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
all'utente NT AUTHORITY\SID SERVIZIO LOCALE (S-1-5-19) dall'indirizzo LocalHost (tramite LRPC) in esecuzione nel SID del contenitore di applicazioni Non disponibile (Non disponibile). Per modificare tale autorizzazione di sicurezza, è possibile utilizzare lo strumento amministrativo Servizi componenti.

Error: (09/27/2017 10:14:08 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Le impostazioni delle autorizzazioni impostazioni specifiche dell'applicazione non concedono l'autorizzazione di Attivazione in Locale per l'applicazione server COM con CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
all'utente NT AUTHORITY\SID SYSTEM (S-1-5-18) dall'indirizzo LocalHost (tramite LRPC) in esecuzione nel SID del contenitore di applicazioni Non disponibile (Non disponibile). Per modificare tale autorizzazione di sicurezza, è possibile utilizzare lo strumento amministrativo Servizi componenti.

Error: (09/27/2017 10:11:12 PM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (09/27/2017 09:06:03 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Le impostazioni delle autorizzazioni impostazioni specifiche dell'applicazione non concedono l'autorizzazione di Attivazione in Locale per l'applicazione server COM con CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
e APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
all'utente NT AUTHORITY\SID SERVIZIO LOCALE (S-1-5-19) dall'indirizzo LocalHost (tramite LRPC) in esecuzione nel SID del contenitore di applicazioni Non disponibile (Non disponibile). Per modificare tale autorizzazione di sicurezza, è possibile utilizzare lo strumento amministrativo Servizi componenti.

Error: (09/27/2017 09:06:03 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Le impostazioni delle autorizzazioni impostazioni specifiche dell'applicazione non concedono l'autorizzazione di Attivazione in Locale per l'applicazione server COM con CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
e APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
all'utente NT AUTHORITY\SID SERVIZIO LOCALE (S-1-5-19) dall'indirizzo LocalHost (tramite LRPC) in esecuzione nel SID del contenitore di applicazioni Non disponibile (Non disponibile). Per modificare tale autorizzazione di sicurezza, è possibile utilizzare lo strumento amministrativo Servizi componenti.

Error: (09/27/2017 09:05:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Il servizio CldFlt non è stato avviato per il seguente errore:
Richiesta non supportata.


CodeIntegrity:
===================================
Date: 2017-09-28 18:57:11.903
Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume7\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2017-09-28 18:56:39.866
Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume7\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2017-09-28 18:54:57.379
Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume7\Program Files (x86)\Raptr Inc\Raptr\ltc_help64-119906.dll that did not meet the Microsoft signing level requirements.

Date: 2017-09-28 18:54:57.372
Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume7\Program Files (x86)\Raptr Inc\PlaysTV\ltc_help64-124599.dll that did not meet the Microsoft signing level requirements.

Date: 2017-09-28 18:54:57.365
Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume7\Program Files (x86)\Raptr Inc\Raptr\ltc_help64-119906.dll that did not meet the Microsoft signing level requirements.

Date: 2017-09-28 18:54:57.358
Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume7\Program Files (x86)\Raptr Inc\PlaysTV\ltc_help64-124599.dll that did not meet the Microsoft signing level requirements.

Date: 2017-09-28 18:54:57.351
Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume7\Program Files (x86)\Raptr Inc\Raptr\ltc_help64-119906.dll that did not meet the Microsoft signing level requirements.

Date: 2017-09-28 18:54:57.343
Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume7\Program Files (x86)\Raptr Inc\PlaysTV\ltc_help64-124599.dll that did not meet the Microsoft signing level requirements.

Date: 2017-09-28 18:54:52.314
Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume7\Program Files (x86)\Raptr Inc\Raptr\ltc_help64-119906.dll that did not meet the Microsoft signing level requirements.

Date: 2017-09-28 18:54:52.313
Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume7\Program Files (x86)\Raptr Inc\PlaysTV\ltc_help64-124599.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-4790 CPU @ 3.60GHz
Percentage of memory in use: 14%
Total physical RAM: 32719.13 MB
Available physical RAM: 28044.55 MB
Total Virtual: 37583.13 MB
Available Virtual: 31379.55 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:225.61 GB) (Free:24 GB) NTFS
Drive d: (DATA) (Fixed) (Total:1862.89 GB) (Free:1862.56 GB) NTFS
Drive j: (ESP) (Fixed) (Total:0.48 GB) (Free:0.43 GB) FAT32
Drive w: () (Fixed) (Total:0.44 GB) (Free:0.04 GB) NTFS
Drive x: (PBR Image) (Fixed) (Total:9.77 GB) (Free:0.65 GB) NTFS
Drive z: (WINRETOOLS) (Fixed) (Total:2 GB) (Free:1.64 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: 16F139AB)

Partition: GPT.

========================================================
Disk: 1 (Size: 238.5 GB) (Disk ID: 16F13976)

Partition: GPT.

==================== End of Addition.txt ============================

Allora: i due ultimi messaggi sono i report di FRST che sono riuscito a far girare sul PC FISSO. Non ho fatto però girare prima CCCleaner spero non sia un problema. Prima di postare gli altri report, ed alcuni non sono allegabili, mi fermo qui in attesa della tua analisi per favorire la leggibilità del tutto.

Il pc portatile ok.. i pup che ti dava roguekiller del portatile lascia stare ....

Mentre il pc fisso le scansioni le hai gia fatte come ho visto i report a inizio topic...
Poi rigurdo ccleaner non inporta se non lo hai eseguito...

Allora con il fix risolviamo anche i pum rilevati nella scansione di roguekiller del fisso...
-posiziona frst sul desktop assieme al nuovo file allegato fixlist.txt (mi raccomando sul desktop)
-tasto dx sopra frst-->esegui come amministratore
-quando si apre frst clicca sul pulsante FIX
-attendi la fine delle operazioni e che il pc si riavvii (se non si riavvia fallo te manualmente)
-posta il fixlog.txt generato

-poi resetta i browser http://it.ccm.net/faq/1767-come-ripristinare-il-browser
-lascia stare edge
-dovrai reinpostare la pag iniziale di dei browser http://it.ccm.net/faq/2175-come-cambiare-la-pagina-iniziale-del-browser

-fai pulizia con ccleaner sia sistema che registro..

Fa sapere come va il pc....
Se tutto è ok seguiranno le ultime pulizie dei programmi usati per le sacnsioni...

Ciao

Posto il report fix, anche questo troppo grosso per allegarlo, lo copio e incollo:

Fix result of Farbar Recovery Scan Tool (x64) Version: 26-09-2017 01
Ran by Massimo (29-09-2017 19:15:06) Run:1
Running from C:\Users\Massimo\Desktop
Loaded Profiles: Massimo (Available Profiles: Massimo)
Boot Mode: Normal
==============================================

fixlist content:
*****************
start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:

HKU\S-1-5-21-925684549-1631372041-3969593942-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-925684549-1631372041-3969593942-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB
SearchScopes: HKU\S-1-5-21-925684549-1631372041-3969593942-1001 -> DefaultScope {705F355A-2E54-4618-BAF3-7CE9CE440EBB} URL =
SearchScopes: HKU\S-1-5-21-925684549-1631372041-3969593942-1001 -> {705F355A-2E54-4618-BAF3-7CE9CE440EBB} URL =
CHR HKLM-x32\...\Chrome\Extension: [gannpgaobkkhmpomoijebaigcapoeebl] - hxxps://clients2.google.com/service/update2/crx
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
2017-09-23 18:43 - 2017-09-23 18:43 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign2a320bc09aae1a80
2017-09-23 18:39 - 2017-09-23 18:39 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign479c025829a95e42
2017-09-23 18:30 - 2017-09-23 18:30 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsignda40dfc5ab25363f
2017-09-23 18:30 - 2017-09-23 18:30 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign2ddaface99846a8a
2017-09-23 13:02 - 2017-09-23 13:02 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign7997380020e32786
2017-09-23 12:47 - 2017-09-23 12:47 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign53c364e1a5886650
2017-09-23 12:47 - 2017-09-23 12:47 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign4da0e6ce8ca3057d
2017-09-23 12:04 - 2017-09-23 12:04 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign06e83898d9f60461
2017-09-23 12:02 - 2017-09-23 12:02 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign8c837a2b26383563
2017-09-23 12:02 - 2017-09-23 12:02 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign4c1bb57f89fc1310
2017-09-17 17:08 - 2017-09-17 17:08 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign893c25815c3e4e3a
2017-09-17 17:06 - 2017-09-17 17:06 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign7987e0021284a74e
2017-09-17 17:06 - 2017-09-17 17:06 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign10ea50dbf0c340f7
2017-09-16 19:56 - 2017-09-16 19:56 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign62dd29928e5a996b
2017-09-16 19:50 - 2017-09-16 19:50 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsignb77f2abb1ed1c4b0
2017-09-16 19:48 - 2017-09-16 19:48 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsignd2f2a585e3b848fa
2017-09-16 19:46 - 2017-09-16 19:46 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign0fbdb4686c8ecb22
2017-09-16 19:45 - 2017-09-16 19:45 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign366ab3d56b989fd6
2017-09-16 19:41 - 2017-09-16 19:41 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign7232ff2237a0e253
2017-09-16 19:19 - 2017-09-16 19:19 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign084b333675e35f54
2017-09-16 19:17 - 2017-09-16 19:17 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign526ef1bb8f88d475
2017-09-16 19:07 - 2017-09-16 19:07 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsignf20327fecb0193a9
2017-09-16 19:06 - 2017-09-16 19:06 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsigndb98f867a6e6e1e7
2017-09-16 19:06 - 2017-09-16 19:06 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign34981d465a0fd3b8
2017-09-16 19:05 - 2017-09-16 19:05 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign9d29a0b28ce26a7f
2017-09-16 19:05 - 2017-09-16 19:05 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign11ee28dc4eacab8b
2017-09-16 12:00 - 2017-09-16 12:00 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign6454ee7fd0890f18
2017-09-16 11:59 - 2017-09-16 11:59 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign5629d315608a90a9
2017-09-16 11:58 - 2017-09-16 11:58 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsignb3103856265dec45
2017-09-16 11:54 - 2017-09-16 11:54 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign1c4274d3e38961df
2017-09-16 11:51 - 2017-09-16 11:51 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsignd51fef8312f2101a
2017-09-16 11:30 - 2017-09-16 11:30 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign833d8b9700f933df
2017-09-16 11:18 - 2017-09-16 11:18 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsignc8c51583e68e24b3
2017-09-16 11:18 - 2017-09-16 11:18 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign8248ae5e369eed0a
2017-09-10 11:56 - 2017-09-10 11:56 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsignee18b00e325a1e80
2017-09-10 11:53 - 2017-09-10 11:53 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign9c85a5e26f0a7895
2017-09-10 11:51 - 2017-09-10 11:51 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign538caf5474ceeabc
2017-09-10 11:49 - 2017-09-10 11:49 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign6fa9b74abd1fb3a1
2017-09-10 11:45 - 2017-09-10 11:45 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsignbb386aaa93fbea85
2017-09-10 11:23 - 2017-09-10 11:23 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign891995a444fba673
2017-09-10 10:18 - 2017-09-10 10:18 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsignf98c9c47f93ca431
2017-09-10 10:16 - 2017-09-10 10:16 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign04d653af51384666
2017-09-10 10:08 - 2017-09-10 10:08 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsignd5187fbba5a664ed
2017-09-10 10:06 - 2017-09-10 10:06 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign4aa0d5c0956907c2
2017-09-10 10:02 - 2017-09-10 10:02 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign646ab2eec7c9e779
2017-09-10 09:54 - 2017-09-10 09:54 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsigna7cb8441e112d5f7
2017-09-10 09:43 - 2017-09-10 09:43 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign1d61bc997ca07367
2017-09-10 09:39 - 2017-09-10 09:39 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign657ed2562342561d
2017-09-10 09:37 - 2017-09-10 09:37 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign9c2a9532d8cc2517
2017-09-10 09:37 - 2017-09-10 09:37 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign40e3e5af22dfa156
2017-09-10 09:37 - 2017-09-10 09:37 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign39999b75eb0c922e
2017-09-10 09:37 - 2017-09-10 09:37 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign206bfaf458893073
2017-09-09 18:45 - 2017-09-09 18:45 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign043a21c81399d682
2017-09-09 18:42 - 2017-09-09 18:42 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign5e49fc571219bb1a
2017-09-09 18:40 - 2017-09-09 18:40 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsignc00ea6420f47aa89
2017-09-09 18:34 - 2017-09-09 18:34 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsigna01fe20e43eef2f3
2017-09-09 18:28 - 2017-09-09 18:28 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsigne975c3133a042e6e
2017-09-09 18:21 - 2017-09-09 18:21 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsignb1948ee5a5e73b5f
2017-09-09 18:18 - 2017-09-09 18:18 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsignd1d46bcbf974787a
2017-09-09 18:17 - 2017-09-09 18:17 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign4ae3ad1da5dc5a6d
2017-09-09 18:16 - 2017-09-09 18:16 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsignb588effe2b5a4d95
2017-09-09 18:08 - 2017-09-09 18:08 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign6ea268cae19881f7
2017-09-09 18:00 - 2017-09-09 18:00 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsignef834f4688bde796
2017-09-09 17:58 - 2017-09-09 17:58 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsignf8dfc166985e0737
2017-09-09 17:58 - 2017-09-09 17:58 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsignd797bb9123a1fe57
2017-09-09 17:58 - 2017-09-09 17:58 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsignc170cdf4cae92f1a
2017-09-09 17:58 - 2017-09-09 17:58 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign2d45ef39af036982
2017-09-23 11:45 - 2015-05-26 20:14 - 000000000 ____D C:\ProgramData\McAfee
2017-09-23 11:45 - 2015-05-26 20:14 - 000000000 ____D C:\Program Files\Common Files\McAfee
2017-09-23 11:43 - 2017-07-05 22:02 - 000000000 ____D C:\WINDOWS\System32\Tasks\McAfee
2017-07-05 21:57 - 2017-07-05 21:57 - 000000000 ____H () C:\ProgramData\DP45977C.lfl
2015-05-26 20:04 - 2015-05-26 20:05 - 000000121 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log
2015-05-26 20:03 - 2015-05-26 20:03 - 000000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
2015-05-26 20:03 - 2015-05-26 20:04 - 000000111 _____ () C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log
2015-05-26 20:04 - 2015-05-26 20:04 - 000000108 _____ () C:\ProgramData\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}.log
2015-05-26 20:03 - 2015-05-26 20:03 - 000000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
CustomCLSID: HKU\S-1-5-21-925684549-1631372041-3969593942-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-60C939DA79C8}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => No File
Task: {006FBF0C-5862-4D40-B585-0722F984D416} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {163E4584-E82B-4692-96AB-AABE5A9958B6} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {18324A25-74C7-475B-9737-3ECE9AFD8FD0} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {2AACAEE8-0F48-4ADB-BB31-145E29AE924F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {72BAC8CB-CB94-48E3-9BFD-64C315ECDFF7} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {A0DA00E6-9AB8-4A27-8825-F344E243AAB1} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {A54F49BD-201A-45A4-9972-349C47BE3203} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {A776D140-6982-498D-845B-FB6C75D4BB01} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {AEC981D8-E03F-4CE7-8D1F-0AC46FFFE2CA} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {B48003BD-00E0-4F19-97A8-7DE676C7F06D} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {D5AFD4DB-3CF1-4723-867E-7FE694630097} - \WPD\SqmUpload_S-1-5-21-925684549-1631372041-3969593942-1001 -> No File <==== ATTENTION
Task: {D9353FD3-E581-46C6-8BB3-B315F1F3352A} - System32\Tasks\UninstallDDS-C960901F-CE14-4DE1-9729-1305F719A337 => C:\WINDOWS\TEMP\DeleteFolderTask.exe <==== ATTENTION
Task: {E4832B87-0A85-4479-989E-89CD51D56D84} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {FAEF1C22-CE3E-4315-93D1-2ACFDF164910} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\WINDOWS\TEMP\DeleteFolderTask.exe

HOSTS:
Removeproxy:
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: ipconfig /flushdns
CMD: netsh winsock reset catalog
CMD: netsh int ip reset C:\resettcpip.txt
CMD: FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i"
CMD: Bitsadmin /Reset /Allusers
EMPTYTEMP:
Reboot:

End
*****************

Restore point was successfully created.
Processes closed successfully.
HKU\S-1-5-21-925684549-1631372041-3969593942-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => value removed successfully
HKU\S-1-5-21-925684549-1631372041-3969593942-1001\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKU\S-1-5-21-925684549-1631372041-3969593942-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-21-925684549-1631372041-3969593942-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{705F355A-2E54-4618-BAF3-7CE9CE440EBB} => key removed successfully
HKLM\Software\Classes\CLSID\{705F355A-2E54-4618-BAF3-7CE9CE440EBB} => key not found.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gannpgaobkkhmpomoijebaigcapoeebl => key removed successfully
HKLM\System\CurrentControlSet\Services\ibtsiva => key removed successfully
ibtsiva => service removed successfully
C:\Users\Massimo\AppData\Local\Tempzxpsign2a320bc09aae1a80 => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsign479c025829a95e42 => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsignda40dfc5ab25363f => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsign2ddaface99846a8a => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsign7997380020e32786 => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsign53c364e1a5886650 => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsign4da0e6ce8ca3057d => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsign06e83898d9f60461 => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsign8c837a2b26383563 => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsign4c1bb57f89fc1310 => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsign893c25815c3e4e3a => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsign7987e0021284a74e => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsign10ea50dbf0c340f7 => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsign62dd29928e5a996b => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsignb77f2abb1ed1c4b0 => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsignd2f2a585e3b848fa => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsign0fbdb4686c8ecb22 => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsign366ab3d56b989fd6 => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsign7232ff2237a0e253 => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsign084b333675e35f54 => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsign526ef1bb8f88d475 => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsignf20327fecb0193a9 => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsigndb98f867a6e6e1e7 => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsign34981d465a0fd3b8 => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsign9d29a0b28ce26a7f => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsign11ee28dc4eacab8b => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsign6454ee7fd0890f18 => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsign5629d315608a90a9 => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsignb3103856265dec45 => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsign1c4274d3e38961df => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsignd51fef8312f2101a => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsign833d8b9700f933df => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsignc8c51583e68e24b3 => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsign8248ae5e369eed0a => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsignee18b00e325a1e80 => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsign9c85a5e26f0a7895 => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsign538caf5474ceeabc => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsign6fa9b74abd1fb3a1 => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsignbb386aaa93fbea85 => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsign891995a444fba673 => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsignf98c9c47f93ca431 => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsign04d653af51384666 => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsignd5187fbba5a664ed => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsign4aa0d5c0956907c2 => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsign646ab2eec7c9e779 => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsigna7cb8441e112d5f7 => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsign1d61bc997ca07367 => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsign657ed2562342561d => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsign9c2a9532d8cc2517 => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsign40e3e5af22dfa156 => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsign39999b75eb0c922e => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsign206bfaf458893073 => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsign043a21c81399d682 => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsign5e49fc571219bb1a => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsignc00ea6420f47aa89 => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsigna01fe20e43eef2f3 => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsigne975c3133a042e6e => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsignb1948ee5a5e73b5f => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsignd1d46bcbf974787a => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsign4ae3ad1da5dc5a6d => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsignb588effe2b5a4d95 => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsign6ea268cae19881f7 => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsignef834f4688bde796 => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsignf8dfc166985e0737 => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsignd797bb9123a1fe57 => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsignc170cdf4cae92f1a => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsign2d45ef39af036982 => moved successfully
C:\ProgramData\McAfee => moved successfully
C:\Program Files\Common Files\McAfee => moved successfully
C:\WINDOWS\System32\Tasks\McAfee => moved successfully
C:\ProgramData\DP45977C.lfl => moved successfully
C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log => moved successfully
C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log => moved successfully
C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log => moved successfully
C:\ProgramData\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}.log => moved successfully
C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log => moved successfully
HKU\S-1-5-21-925684549-1631372041-3969593942-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-60C939DA79C8} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{006FBF0C-5862-4D40-B585-0722F984D416} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{006FBF0C-5862-4D40-B585-0722F984D416} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{163E4584-E82B-4692-96AB-AABE5A9958B6} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{163E4584-E82B-4692-96AB-AABE5A9958B6} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{18324A25-74C7-475B-9737-3ECE9AFD8FD0} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{18324A25-74C7-475B-9737-3ECE9AFD8FD0} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2AACAEE8-0F48-4ADB-BB31-145E29AE924F} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2AACAEE8-0F48-4ADB-BB31-145E29AE924F} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{352E6CA0-7314-4DF4-89C4-682368D80D57} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{352E6CA0-7314-4DF4-89C4-682368D80D57} => key removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{72BAC8CB-CB94-48E3-9BFD-64C315ECDFF7} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{72BAC8CB-CB94-48E3-9BFD-64C315ECDFF7} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A0DA00E6-9AB8-4A27-8825-F344E243AAB1} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A0DA00E6-9AB8-4A27-8825-F344E243AAB1} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A54F49BD-201A-45A4-9972-349C47BE3203} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A54F49BD-201A-45A4-9972-349C47BE3203} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A776D140-6982-498D-845B-FB6C75D4BB01} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A776D140-6982-498D-845B-FB6C75D4BB01} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{AEC981D8-E03F-4CE7-8D1F-0AC46FFFE2CA} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AEC981D8-E03F-4CE7-8D1F-0AC46FFFE2CA} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B48003BD-00E0-4F19-97A8-7DE676C7F06D} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B48003BD-00E0-4F19-97A8-7DE676C7F06D} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D5AFD4DB-3CF1-4723-867E-7FE694630097} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D5AFD4DB-3CF1-4723-867E-7FE694630097} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WPD\SqmUpload_S-1-5-21-925684549-1631372041-3969593942-1001 => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D9353FD3-E581-46C6-8BB3-B315F1F3352A} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D9353FD3-E581-46C6-8BB3-B315F1F3352A} => key removed successfully
C:\WINDOWS\System32\Tasks\UninstallDDS-C960901F-CE14-4DE1-9729-1305F719A337 => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\UninstallDDS-C960901F-CE14-4DE1-9729-1305F719A337 => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E4832B87-0A85-4479-989E-89CD51D56D84} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E4832B87-0A85-4479-989E-89CD51D56D84} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FAEF1C22-CE3E-4315-93D1-2ACFDF164910} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FAEF1C22-CE3E-4315-93D1-2ACFDF164910} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d => key removed successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
"C:\WINDOWS\TEMP\DeleteFolderTask.exe" => not found.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

========= RemoveProxy: =========

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-21-925684549-1631372041-3969593942-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-925684549-1631372041-3969593942-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully


========= End of RemoveProxy: =========


========= netsh advfirewall reset =========

OK.


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========

OK.


========= End of CMD: =========


========= ipconfig /flushdns =========


Configurazione IP di Windows

Cache del resolver DNS svuotata.

========= End of CMD: =========


========= netsh winsock reset catalog =========


Reimpostazione catalogo Winsock completata.
Ô necessario riavviare il computer per completare l'operazione.


========= End of CMD: =========


========= netsh int ip reset C:\resettcpip.txt =========

Reimpostazione di Inoltro raggruppamento completata.
Reimpostazione di Raggruppamento completata.
Reimpostazione di Protocollo di controllo completata.
Reimpostazione di Richiesta sequenza echo completata.
Reimpostazione di Globale completata.
Reimpostazione di Interfaccia completata.
Reimpostazione di Indirizzo Anycast completata.
Reimpostazione di Indirizzo multicast completata.
Reimpostazione di Indirizzo Unicast completata.
Reimpostazione di Router adiacente completata.
Reimpostazione di Percorso completata.
Reimpostazione di Potenziale completata.
Reimpostazione di Criteri di prefisso completata.
Reimpostazione di Router adiacente proxy completata.
Reimpostazione di Route completata.
Reimpostazione di Prefisso del sito completata.
Reimpostazione di Sottointerfaccia completata.
Reimpostazione di Pattern di attivazione completata.
Reimpostazione di Risolvi router adiacente completata.
Reimpostazione di completata.
Reimpostazione di completata.
Reimpostazione di completata.
Reimpostazione di completata.
Reimpostazione di non riuscita.
Accesso negato.

Reimpostazione di completata.
Reimpostazione di completata.
Reimpostazione di completata.
Reimpostazione di completata.
Reimpostazione di completata.
Reimpostazione di completata.
Reimpostazione di completata.
Riavviare il computer per completare l'azione.


========= End of CMD: =========


========= FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i" =========

Impossibile cancellare il registro DebugChannel. Impossibile eseguire l'operazione richiesta su un canale diretto attivato. Prima di eseguire l'operazione richiesta è necessario disattivare il canale.
Impossibile cancellare il registro Microsoft-Windows-LiveId/Analytic. Accesso negato.
Impossibile cancellare il registro Microsoft-Windows-LiveId/Operational. Accesso negato.

========= End of CMD: =========


========= Bitsadmin /Reset /Allusers =========


BITSADMIN version 3.0
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

0 out of 0 jobs canceled.

========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 7888896 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 354239345 B
Java, Flash, Steam htmlcache => 21767 B
Windows/system/drivers => 845533 B
Edge => 314850231 B
Chrome => 0 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 347265 B
systemprofile32 => 0 B
LocalService => 36848 B
NetworkService => 2466 B
Massimo => 94590177 B

RecycleBin => 0 B
EmptyTemp: => 737 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 19:19:07 ====

dopo IL FIX ho eseguito CCcleaner pulendo sistema e registro. Non ho dovuto reimpostare pagine iniziali e per il momento il PC sembra funzionare come prima. Attendo istruzioni successive. Ciao

Facciamo un ultima scansione per sicurezza con eset online scanner...
https://www.eset.com/us/home/online-scanner/
Collegati alla sua pagina principale usando Internet Explorer clicca sul pulsante Run Eset online scanner. Nella finestra che si apre, apponi il segno di spunta accanto alla voce Yes, I accept the Terms of Use e fai click su Start.
Successivamente, seleziona la barra gialla che compare in cima alla finestra del browser e clicca prima sulla voce Installa il componente aggiuntivo per tutti gli utenti del computer e poi sul pulsante Sì. Nella pagina che si apre, clicca prima su Next, poi su Sì e attendi che la scansione del sistema venga portata a termine (verranno scaricate prima le definizioni antivirus più recenti).
La scansione puo durare un po..
Posta il risultato....

Ciao ho eseguito ESET. Però non ha prodotto un report ma solo una immagine a schermo che non riesco a postare o allegare. Mi dice però che non ha rilevato virus.

Ok , se eset non ha prodotto il log vuol dire che non ha riscontrato problemi...

Anche il pc fisso è pulito...:D

Se non riscontri problemi,facciamo pulizia dei programmi installati per fare le scansioni....
Ora esegui questo programma sia sul portatile che sul fisso..
scarica sul desktop delfix da qui www.bleepingcomputer.com/download/delfix/
Aprilo e metti la spunta:

Activate uac
Remove disinfenction tool
Create registry beckup
Purge system restore

Clicca su run e attendi la fine delle operazioni....
Posta i due log generati (pc fisso - pc portatile)...

Dopo queste pulizie abbiamo concluso..
Ciao ,per qualsiasi cosa siamo qui...

Grazie Dan.
Ieri il PC fisso non leggeva più i pdf ho reinstallato acrobat reader ed è andato tutto ok.
Adesso appena riesco seguo le tue ultime istruzioni e ti dico.
Grazie
Ciao

Dam, ho letto sotto di CCcleaner...io l'ho fatto girare speriamo che non sia stato lui a diffondere un virus. Posso disinstallare tutti questi programmi che ho fatto girare alla ricerca di virus?
Ultima cosa: secondo te c'è proprio bisogno di far girare questo delfix? Ho sempre paura

Ciao
con delfix puliamo il pc da tutti i programmi usati per fare le scansioni e i relativi log....
per ccleaner verifica se hai la chiave interessata vedi qui al post n°4 scritto da me...https://www.tomshw.it/forum/threads/aiuto-virus-su-ccleaner.665763/
comunque dai log risulta che hai win 64bit ,non dovresti essere infetto...
a meno che non hai eseguito ccleaner 32bit (verifica che ccleaner hai, in pratica lo apri e ci dovrebbe essere scritto la versione e i bit)...

ciao Dan. Per quanto riguarda Ccleaner.
Quello che ho installato è
Piriform CCleaner Professional Edition
CCleaner Professional
Trial Version
Windows 10 64 bit

Nel file che ho scaricato per la installazione leggo versione 5.35.0.6210

REPORT DEL PC FISSO DOPO DELFIX: (anche se ad un certo punto Bitdefender lo ha bloccato perché voleva scrivere su ERUNT poi è proseguito...)

# DelFix v1.010 - Logfile created 02/10/2017 at 19:33:26
# Updated 26/04/2015 by Xplode
# Username : Massimo - PC-MASSIMO
# Operating System : Windows 10 Home (64 bits)

~ Activating UAC ... OK

~ Removing disinfection tools ...

Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\Users\Massimo\Desktop\mbar
Deleted : C:\TDSSKiller.3.1.0.15_25.09.2017_19.45.34_log.txt
Deleted : C:\Users\Massimo\Desktop\Fixlog.txt
Deleted : C:\Users\Massimo\Desktop\FRST64.exe
Deleted : C:\Users\Massimo\Downloads\AdwCleaner.exe
Deleted : C:\Users\Massimo\Downloads\RogueKiller_portable64.exe
Deleted : C:\Users\Massimo\Downloads\tdsskiller.exe

~ Creating registry backup ... OK

~ Cleaning system restore ...

Deleted : RP #17 [Punto di controllo pianificato | 09/30/2017 11:29:40]

New restore point created !

########## - EOF - ##########

REPORT DI DELFIX SUL PC PORTATILE (qui Macafee non ha avuto niente da eccepire ed una volta lanciato è arrivato a termine senza segnalazioni)

# DelFix v1.010 - Logfile created 02/10/2017 at 19:39:20
# Updated 26/04/2015 by Xplode
# Username : numer - DESKTOP-J6B9VBM
# Operating System : Windows 10 Home (64 bits)

~ Activating UAC ... OK

~ Removing disinfection tools ...

Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\Users\numer\Desktop\FRST-OlderVersion
Deleted : C:\Users\numer\Desktop\mbar
Deleted : C:\TDSSKiller.3.1.0.15_27.09.2017_04.49.56_log.txt
Deleted : C:\Users\numer\Desktop\Addition.txt
Deleted : C:\Users\numer\Desktop\Fixlog.txt
Deleted : C:\Users\numer\Desktop\FRST.txt
Deleted : C:\Users\numer\Desktop\FRST64.exe
Deleted : C:\Users\numer\Desktop\RogueKiller_portable64.exe
Deleted : C:\Users\numer\Downloads\AdwCleaner.exe
Deleted : C:\Users\numer\Downloads\tdsskiller.exe

~ Creating registry backup ... OK

~ Cleaning system restore ...

Deleted : RP #6 [Windows Update | 09/20/2017 17:27:39]
Deleted : RP #7 [Windows Update | 09/27/2017 02:39:38]
Deleted : RP #10 [Dell Update: Intel Rapid Storage Technology Driver and Management Console | 10/01/2017 10:53:08]
Deleted : RP #11 [IIF_MSI | 10/01/2017 10:53:25]

New restore point created !

########## - EOF - ##########

Va bene che i due report differiscano? Ora che faccio? Disinstallo tutti i sw che mi hai consigliato?
Grazie

No non cè bisogno di disinstallare i.programmi ,gli ha disonstallati.delfix....
Infatti se guardi i report vedrai che sono ststi cancellati i programmi e i report delle scansioni...
Si i report differiscono puo essere...è normale...

Quella versione di Ccleaner è l ultima....
Comunque penso che non sei stato infettato, hai
Win 64bit...

Se il pc funziona bene abbiamo finito...
Ciao

Bene grazie Dan. Un'ultima cosa: come "pensi" che non sono stato infettato? Vorrei esserne certo. Si può fare qualcosa per esserne certo? Altrimenti abbiamo risolto una cosa e creata un'altra... :burp:

Da fonti ufficiali (cioe talos ,chi ha scoperto il virus), solo i sistemai operativi a 32bit sono interessati....Quelli a 64bit non dovrebbero essere infetti...a meno che uno non ha scaricato ccleaner 32bit in data dal 15 agosto al 13 settembre , e poi lo ha installato in win64...in questo caso anche se hai win64 bit sei infetto...
Ti ricordi che ccleaner hai installato??? (se hai win 64bit penso che anche ccleaner sia stato 64bit)...
Hai gia aggiornato ccleaner...se no guarda la chiave agomo se cè...
Se gia hai aggiornato se c era adesso non ci sara piu la chiave agomo...
Se non hai informazioni, sul prima dell aggiornamento, non si puo essere sicuri..
Ma come ripeto se hai win64 bit stai tranquillo...

Ciao, come avevo scritto ho scaricato questa

Piriform CCleaner Professional Edition
CCleaner Professional
Trial Version
Windows 10 64 bit

Nel file che ho scaricato per la installazione leggo versione 5.35.0.6210
*
Quindi dovrei essere fuori pericolo. Però strano che nonostante l'allarme consentano di scaricarlo e addirittura consiglino di farlo, no?

No, la versione infetta è la 5.33, quindi consigliano di installare la 5.35 in modo tale che si elimina la famosa chiave...
All inizio, bastava aggiornare o installare la versione 5.35
e tutto era sistemato...invece con le ultime scoperte on basta piu questo stratagemma, e se si è infetti la soluzione per essere certi che non abbia installsto altri virus è formattare....
Ciao