Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

General Scan and Cleanup Guidance


  • Please log in to reply
5 replies to this topic

#1 macman104

macman104

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:07:41 PM

Posted 25 August 2013 - 12:15 PM

Hello,

 

I just received help cleaning out my grandfather's computer and I was wondering if I could just get some guidance to do a good thorough scan of my own personal computer as that hasn't been done in quite a while.  So not sure if this is the appropriate forum to conduct this.

 

I do perform fairly frequent malwarebyte scans and use AVG.

 

Would love to do something more thorough though just in case there are sneaky things hiding somewhere.



BC AdBot (Login to Remove)

 


#2 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:12:41 AM

Posted 25 August 2013 - 01:59 PM

Hello,

I will be helping you with your problems. Please be patient while I assist you.

Some points for you to keep in mind while I am helping you to make things go easier and faster for both of us
 

  • Please do NOT run, install or uninstall any programs,  unless instructed to do so. 
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
          
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
          
  • Please read every post completely before doing anything.     
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
          
  • Please provide feedback about your experience as we go.  
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
          

NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.
- Do NOT backup any unknown files ending in .exe, .com, .scr, .pif, and .bat since files of these types are more likely to be infected.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

----------------------------------------------

Please do the following:

:step1:

Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!


  • Double-click on TDSSKiller.exe on your desktop to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click on change parameters
  • Under Objects to scan, check the boxes next to Verify file digital signatures, Detect TDLFS file system, then click OK.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not an option, Skip instead, do NOT choose Delete or Quarantine unless instructed.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the full contents of that file in your next reply. - If the log is too long, then split it into multiple posts.


:step2:

Please download AdwCleaner by Xplode onto your desktop.


  • Double click on AdwCleaner.exe to run the tool.
  • Click on Search.
  • A logfile will automatically open after the scan has finished.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[R1].txt as well.


:step3:

Please download Farbar Service Scanner and run it on the computer with the issue.


  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press Scan.
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the full contents of the log in your next reply.


:step4:

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:


  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices (Only Problems)
  • List Users, Partitions and Memory size.
  • List Minidump Files
  • List Restore points

NOTE: When using "Reset FF Proxy Settings" option Firefox should be closed.

Click Go and post the full contents of the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

 

 


Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#3 macman104

macman104
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:07:41 PM

Posted 26 August 2013 - 09:38 PM

Here it is

 

TDSS Rootkit Removing Tool

16:23:13.0067 0x1d10  TDSS rootkit removing tool 2.9.2.0 Aug 15 2013 16:44:29
16:23:13.0492 0x1d10  ============================================================
16:23:13.0492 0x1d10  Current date / time: 2013/08/26 16:23:13.0492
16:23:13.0492 0x1d10  SystemInfo:
16:23:13.0492 0x1d10  
16:23:13.0493 0x1d10  OS Version: 6.2.9200 ServicePack: 0.0
16:23:13.0493 0x1d10  Product type: Workstation
16:23:13.0493 0x1d10  ComputerName: JOSH-PC
16:23:13.0493 0x1d10  UserName: Josh
16:23:13.0493 0x1d10  Windows directory: C:\WINDOWS
16:23:13.0493 0x1d10  System windows directory: C:\WINDOWS
16:23:13.0493 0x1d10  Running under WOW64
16:23:13.0493 0x1d10  Processor architecture: Intel x64
16:23:13.0493 0x1d10  Number of processors: 4
16:23:13.0493 0x1d10  Page size: 0x1000
16:23:13.0493 0x1d10  Boot type: Normal boot
16:23:13.0493 0x1d10  ============================================================
16:23:14.0147 0x1d10  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:23:14.0150 0x1d10  ============================================================
16:23:14.0150 0x1d10  \Device\Harddisk0\DR0:
16:23:14.0150 0x1d10  MBR partitions:
16:23:14.0150 0x1d10  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
16:23:14.0150 0x1d10  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
16:23:14.0150 0x1d10  ============================================================
16:23:14.0152 0x1d10  C: <-> \Device\Harddisk0\DR0\Partition2
16:23:14.0153 0x1d10  ============================================================
16:23:14.0153 0x1d10  Initialize success
16:23:14.0153 0x1d10  ============================================================
16:24:52.0296 0x27ac  ============================================================
16:24:52.0296 0x27ac  Scan started
16:24:52.0296 0x27ac  Mode: Manual; SigCheck; TDLFS; 
16:24:52.0296 0x27ac  ============================================================
16:24:53.0093 0x27ac  ================ Scan system memory ========================
16:24:53.0093 0x27ac  System memory - ok
16:24:53.0093 0x27ac  ================ Scan services =============================
16:24:53.0264 0x27ac  [ E890C46E4754F0DF51BAFCC8D2E07498 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
16:24:53.0311 0x27ac  1394ohci - ok
16:24:53.0327 0x27ac  [ 4F18D4C7EA14F11A7211F60D553C03DB ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
16:24:53.0343 0x27ac  3ware - ok
16:24:53.0405 0x27ac  [ 975AABEB243B800C23626D6B652C5A9C ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
16:24:53.0421 0x27ac  ACPI - ok
16:24:53.0843 0x27ac  [ DC968C37822117E576B933F34A2D130C ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
16:24:53.0858 0x27ac  acpiex - ok
16:24:53.0858 0x27ac  [ 0CA9F7C3A78227C21A0A7854E245CFB2 ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
16:24:53.0890 0x27ac  acpipagr - ok
16:24:53.0921 0x27ac  [ 8EB8DA03B142D3DD1EB9ED8107A76C43 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
16:24:53.0936 0x27ac  AcpiPmi - ok
16:24:53.0968 0x27ac  [ CBCE725C5D86ABA7D2604E22951AA9B8 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
16:24:54.0046 0x27ac  acpitime - ok
16:24:54.0140 0x27ac  [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:24:54.0140 0x27ac  AdobeARMservice - ok
16:24:54.0155 0x27ac  [ 93C6388592B99925C1D1576E465BC80F ] adp94xx         C:\WINDOWS\system32\drivers\adp94xx.sys
16:24:54.0186 0x27ac  adp94xx - ok
16:24:54.0202 0x27ac  [ D27763E0247292654E7F7D16444C7C72 ] adpahci         C:\WINDOWS\system32\drivers\adpahci.sys
16:24:54.0218 0x27ac  adpahci - ok
16:24:54.0218 0x27ac  [ 67B90070FF48F794AF19F9FCF0080D75 ] adpu320         C:\WINDOWS\system32\drivers\adpu320.sys
16:24:54.0233 0x27ac  adpu320 - ok
16:24:54.0265 0x27ac  [ 974AE60BF5B90E31412D93596C968E5B ] AeLookupSvc     C:\WINDOWS\System32\aelupsvc.dll
16:24:54.0296 0x27ac  AeLookupSvc - ok
16:24:54.0343 0x27ac  [ 36D6A3201721558A8AFBCC09C2DA4C2C ] AFD             C:\WINDOWS\system32\drivers\afd.sys
16:24:54.0374 0x27ac  AFD - ok
16:24:54.0390 0x27ac  [ 01590377A5AB19E792528C628A2A68F9 ] agp440          C:\WINDOWS\system32\drivers\agp440.sys
16:24:54.0390 0x27ac  agp440 - ok
16:24:54.0421 0x27ac  [ D1BE8E6E5B3AF23A4393AF1BF867977A ] ALG             C:\WINDOWS\System32\alg.exe
16:24:54.0468 0x27ac  ALG - ok
16:24:54.0499 0x27ac  [ 025E8C755BE293E50854D26D1BBE5133 ] AllUserInstallAgent C:\WINDOWS\system32\AUInstallAgent.dll
16:24:54.0546 0x27ac  AllUserInstallAgent - ok
16:24:54.0546 0x27ac  [ 5A81054B824004B1ECC04F0034A1CDF9 ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
16:24:54.0561 0x27ac  AmdK8 - ok
16:24:54.0577 0x27ac  [ B849D453E644FAB9BC8EF6DC8CA9C4C6 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
16:24:54.0577 0x27ac  AmdPPM - ok
16:24:54.0593 0x27ac  [ 35A0EB5AECB0FA3C41A2FB514A562304 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
16:24:54.0608 0x27ac  amdsata - ok
16:24:54.0624 0x27ac  [ 00452671904F5EE94B50BF0219C97164 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
16:24:54.0640 0x27ac  amdsbs - ok
16:24:54.0655 0x27ac  [ EA3FFE53E92E59C87E3ECA9BEB20D9B7 ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
16:24:54.0671 0x27ac  amdxata - ok
16:24:54.0702 0x27ac  [ 83B3682CE922FB0F415734B26D9D6233 ] AppID           C:\WINDOWS\system32\drivers\appid.sys
16:24:54.0749 0x27ac  AppID - ok
16:24:54.0780 0x27ac  [ CE2BEAD7F31816FF0AC490D048C969F9 ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
16:24:54.0811 0x27ac  AppIDSvc - ok
16:24:54.0858 0x27ac  [ 4F750B7EFCB6520AE01E01D082D7D476 ] Appinfo         C:\WINDOWS\System32\appinfo.dll
16:24:54.0874 0x27ac  Appinfo - ok
16:24:54.0936 0x27ac  [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:24:54.0952 0x27ac  Apple Mobile Device - ok
16:24:54.0968 0x27ac  [ 2D14788C5D0836292BEB27BBE109BE56 ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
16:24:55.0015 0x27ac  AppMgmt - ok
16:24:55.0030 0x27ac  [ E933401B392387F4BE34DE8BAF1722A7 ] arc             C:\WINDOWS\system32\drivers\arc.sys
16:24:55.0030 0x27ac  arc - ok
16:24:55.0046 0x27ac  [ 07CA323EF2E8247A568AB0F3662AD644 ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
16:24:55.0061 0x27ac  arcsas - ok
16:24:55.0061 0x27ac  [ 74DBAEC35366C4EE7670428808715A6A ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
16:24:55.0093 0x27ac  AsyncMac - ok
16:24:55.0108 0x27ac  [ A721FF570C2387E383BDDEA9632863C9 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
16:24:55.0108 0x27ac  atapi - ok
16:24:55.0186 0x27ac  [ DECE3E2832F125A41A02FB59F4C54EEA ] athr            C:\WINDOWS\system32\DRIVERS\athrx.sys
16:24:55.0311 0x27ac  athr - ok
16:24:55.0343 0x27ac  [ BCD7A47EF587DC00DD61D12D9C2D1E44 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
16:24:55.0358 0x27ac  AudioEndpointBuilder - ok
16:24:55.0405 0x27ac  [ 810F30FF8490ED5ED510621DF10DE320 ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
16:24:55.0436 0x27ac  Audiosrv - ok
16:24:55.0436 0x27ac  [ 58D7FAF5C81ECEFFD2EDEDA9C2619D82 ] Avgboota        C:\WINDOWS\system32\DRIVERS\avgboota.sys
16:24:55.0452 0x27ac  Avgboota - ok
16:24:55.0546 0x27ac  [ 4DB93F4DB7077801D2D82013506AC1D0 ] AVGIDSAgent     C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
16:24:55.0671 0x27ac  AVGIDSAgent - ok
16:24:55.0671 0x27ac  [ 241C32E942869FD1351CC5864976C3AC ] AVGIDSDriver    C:\WINDOWS\system32\DRIVERS\avgidsdrivera.sys
16:24:55.0702 0x27ac  AVGIDSDriver - ok
16:24:55.0702 0x27ac  [ C8D9EEACF266512C1FA52E2ECF5AD944 ] AVGIDSHA        C:\WINDOWS\system32\DRIVERS\avgidsha.sys
16:24:55.0702 0x27ac  AVGIDSHA - ok
16:24:55.0718 0x27ac  [ FACD18A89FDEBC35C85CAF762B294BE2 ] Avgldx64        C:\WINDOWS\system32\DRIVERS\avgldx64.sys
16:24:55.0734 0x27ac  Avgldx64 - ok
16:24:55.0749 0x27ac  [ 29FCDEAC6086FB7E55344B51E35D99CE ] Avgloga         C:\WINDOWS\system32\DRIVERS\avgloga.sys
16:24:55.0749 0x27ac  Avgloga - ok
16:24:55.0765 0x27ac  [ 85053293DCDE19829E8691A9E9E8A6FF ] Avgmfx64        C:\WINDOWS\system32\DRIVERS\avgmfx64.sys
16:24:55.0765 0x27ac  Avgmfx64 - ok
16:24:55.0765 0x27ac  [ 0638096A30B7081DAACB8DCC39BD16EF ] Avgrkx64        C:\WINDOWS\system32\DRIVERS\avgrkx64.sys
16:24:55.0780 0x27ac  Avgrkx64 - ok
16:24:55.0796 0x27ac  [ 48939D9F350AEF9370F03A1E49A49BE2 ] avgwd           C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
16:24:55.0812 0x27ac  avgwd - ok
16:24:55.0812 0x27ac  [ 958F862A0BC07E539BC9D52DBD2D227B ] Avgwfpa         C:\WINDOWS\system32\DRIVERS\avgwfpa.sys
16:24:55.0827 0x27ac  Avgwfpa - ok
16:24:55.0859 0x27ac  [ 89491EF71D5EA011127832C588002853 ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
16:24:55.0874 0x27ac  AxInstSV - ok
16:24:55.0905 0x27ac  [ 87AB5BB072A3F128541D5B815F82FFDD ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
16:24:55.0921 0x27ac  b06bdrv - ok
16:24:55.0921 0x27ac  [ 81703BC5D68DEDBB086C2368FBE7B334 ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
16:24:55.0952 0x27ac  BasicDisplay - ok
16:24:55.0968 0x27ac  [ 5EC68164E14D25675C98BBB5F09E8606 ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
16:24:55.0999 0x27ac  BasicRender - ok
16:24:56.0030 0x27ac  [ 89143A7BA7850F5C7E61B43BB44B6418 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
16:24:56.0046 0x27ac  BDESVC - ok
16:24:56.0077 0x27ac  [ 9E7AEA59776D904607985AFFE7E5E183 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
16:24:56.0093 0x27ac  Beep - ok
16:24:56.0124 0x27ac  [ 9E6A544F465C582AB42444A217CF04DC ] BFE             C:\WINDOWS\System32\bfe.dll
16:24:56.0155 0x27ac  BFE - ok
16:24:56.0202 0x27ac  [ D598C44A7072D3108D8D8102EC5E07F7 ] BITS            C:\WINDOWS\System32\qmgr.dll
16:24:56.0249 0x27ac  BITS - ok
16:24:56.0296 0x27ac  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
16:24:56.0312 0x27ac  Bonjour Service - ok
16:24:56.0312 0x27ac  [ B17AC10B47C7FCB44D22A1F06415840E ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
16:24:56.0327 0x27ac  bowser - ok
16:24:56.0359 0x27ac  [ 038FA1B55531E7020DB705B42FCCE373 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
16:24:56.0390 0x27ac  BrokerInfrastructure - ok
16:24:56.0405 0x27ac  [ 310068BDA80B1D55C36580FD8A873FAF ] Browser         C:\WINDOWS\System32\browser.dll
16:24:56.0468 0x27ac  Browser - ok
16:24:56.0484 0x27ac  [ F17DEEAC7D51D44CF1BFF8DD4F0A2B6D ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
16:24:56.0530 0x27ac  BthAvrcpTg - ok
16:24:56.0562 0x27ac  [ 616EB8748C988AEE98D93DA141C3D3B4 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
16:24:56.0593 0x27ac  BthHFEnum - ok
16:24:56.0593 0x27ac  [ DCB4EBD928A6FB368BE6CAE522412DE1 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
16:24:56.0609 0x27ac  bthhfhid - ok
16:24:56.0609 0x27ac  [ 033916CE8784A848B9A3D686B7F66D97 ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
16:24:56.0655 0x27ac  BTHMODEM - ok
16:24:56.0655 0x27ac  [ A4387C3D271959313E2577DB7BE8BA7A ] bthserv         C:\WINDOWS\system32\bthserv.dll
16:24:56.0671 0x27ac  bthserv - ok
16:24:56.0687 0x27ac  [ 990B1BABE6E81FB18E65A87EBEFB1772 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
16:24:56.0702 0x27ac  cdfs - ok
16:24:56.0718 0x27ac  [ 339BFF85D788268752DA8C9644B188EE ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
16:24:56.0734 0x27ac  cdrom - ok
16:24:56.0796 0x27ac  [ BAF8F0F55BC300E5F882E521F054E345 ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
16:24:56.0812 0x27ac  CertPropSvc - ok
16:24:56.0812 0x27ac  [ F64B7D1A37CC1D5F421D5359EEC81E2E ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
16:24:56.0843 0x27ac  circlass - ok
16:24:56.0874 0x27ac  [ 9905168708DB68849B879B5548F68AB3 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
16:24:56.0890 0x27ac  CLFS - ok
16:24:56.0905 0x27ac  [ 2DC8538A2260647484A6C921CA837313 ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
16:24:56.0952 0x27ac  CmBatt - ok
16:24:56.0999 0x27ac  [ E708BFF0473EC6B271EA46B65B16CA56 ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
16:24:57.0015 0x27ac  CNG - ok
16:24:57.0030 0x27ac  [ 0E5B1E9E7122EDAAF1F6CE047965CA92 ] CompositeBus    C:\WINDOWS\System32\drivers\CompositeBus.sys
16:24:57.0046 0x27ac  CompositeBus - ok
16:24:57.0046 0x27ac  COMSysApp - ok
16:24:57.0062 0x27ac  [ D9CB0782AF819548072AA45B70F8B22D ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
16:24:57.0062 0x27ac  condrv - ok
16:24:57.0156 0x27ac  [ 815F3180B5117E42E422188E9CCC89C6 ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
16:24:57.0171 0x27ac  cphs - ok
16:24:57.0202 0x27ac  [ AFA426B0E7975CEB21F8B6711EFA8945 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
16:24:57.0218 0x27ac  CryptSvc - ok
16:24:57.0280 0x27ac  [ F2C69C3D98249DE14D4B2832516D4FD5 ] CSC             C:\WINDOWS\system32\drivers\csc.sys
16:24:57.0296 0x27ac  CSC - ok
16:24:57.0343 0x27ac  [ 22CCB6AFF617AAC6121DF6CDA5ABF3F4 ] CscService      C:\WINDOWS\System32\cscsvc.dll
16:24:57.0374 0x27ac  CscService - ok
16:24:57.0374 0x27ac  [ C4D01BD86D6B207275FC143EEA951D75 ] dam             C:\WINDOWS\system32\drivers\dam.sys
16:24:57.0390 0x27ac  dam - ok
16:24:57.0437 0x27ac  [ 1EC6E533C954BDDF2A37E7851A7E58FD ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
16:24:57.0468 0x27ac  DcomLaunch - ok
16:24:57.0515 0x27ac  [ C8650D1F61149AA546BDBC99172EBBC1 ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
16:24:57.0531 0x27ac  defragsvc - ok
16:24:57.0546 0x27ac  [ 5EAEF67AE2AF4D2DC664B649DB7B2E16 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
16:24:57.0593 0x27ac  DeviceAssociationService - ok
16:24:57.0609 0x27ac  [ 799BE46D45D486704CE0F37CA5385262 ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
16:24:57.0624 0x27ac  DeviceInstall - ok
16:24:57.0656 0x27ac  [ 09D9EB9E7898F8E6561473A20CC808B9 ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
16:24:57.0671 0x27ac  Dfsc - ok
16:24:57.0687 0x27ac  [ 9E0E72222264745ADEB0E5AC680B0ED6 ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
16:24:57.0734 0x27ac  Dhcp - ok
16:24:57.0749 0x27ac  [ 3C736FAE17BA6F91BA37594AAB139CD0 ] discache        C:\WINDOWS\system32\drivers\discache.sys
16:24:57.0765 0x27ac  discache - ok
16:24:57.0781 0x27ac  [ 560495FF4CA22E1D9B1972FA18F43B6F ] disk            C:\WINDOWS\system32\drivers\disk.sys
16:24:57.0781 0x27ac  disk - ok
16:24:57.0796 0x27ac  [ 82A7C72593793FE1EADA7A305BD1567A ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
16:24:57.0796 0x27ac  dmvsc - ok
16:24:57.0812 0x27ac  [ 066B9710B36AB550E01EEFCA52155968 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
16:24:57.0827 0x27ac  Dnscache - ok
16:24:57.0843 0x27ac  [ 9949AD2ABA168A618D46C799D6CC898C ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
16:24:57.0890 0x27ac  dot3svc - ok
16:24:57.0890 0x27ac  [ 109FC3F80BF4F4DC5A071058074F13C1 ] DPS             C:\WINDOWS\system32\dps.dll
16:24:57.0921 0x27ac  DPS - ok
16:24:57.0937 0x27ac  [ 9C7C183F937951AE17C5B8B3259CF3FF ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
16:24:57.0952 0x27ac  drmkaud - ok
16:24:57.0968 0x27ac  [ BF48F32EE248C3D371DA5DC93BBEADA7 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
16:24:57.0984 0x27ac  DsmSvc - ok
16:24:58.0015 0x27ac  [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01     C:\WINDOWS\System32\drivers\dtsoftbus01.sys
16:24:58.0015 0x27ac  dtsoftbus01 - ok
16:24:58.0077 0x27ac  [ 6D1B8A9A2C0BD4851D8AF1AB43E67AD9 ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
16:24:58.0124 0x27ac  DXGKrnl - ok
16:24:58.0140 0x27ac  [ 58BA473DD88F5FC1932282BA683AA03E ] Eaphost         C:\WINDOWS\System32\eapsvc.dll
16:24:58.0156 0x27ac  Eaphost - ok
16:24:58.0234 0x27ac  [ 5AB97B3282D7D6114949D1EB5C8598E4 ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
16:24:58.0327 0x27ac  ebdrv - ok
16:24:58.0359 0x27ac  [ F702AB6181513303AB0FC8D59E52708B ] EFS             C:\WINDOWS\System32\lsass.exe
16:24:58.0406 0x27ac  EFS - ok
16:24:58.0421 0x27ac  [ 66D60BD9A4C05616ABECA2A901475098 ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
16:24:58.0437 0x27ac  EhStorClass - ok
16:24:58.0452 0x27ac  [ A61D0F543024E458C0FE32352E1978E2 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
16:24:58.0468 0x27ac  EhStorTcgDrv - ok
16:24:58.0468 0x27ac  [ D790D058D67582DB9C84C2D33695FE6B ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
16:24:58.0484 0x27ac  ErrDev - ok
16:24:58.0515 0x27ac  [ 94E572DB9A55B64EF01838933A620769 ] ETD             C:\WINDOWS\system32\DRIVERS\ETD.sys
16:24:58.0531 0x27ac  ETD - ok
16:24:58.0562 0x27ac  [ F9E01C2D9F8BC049E04CF5DC24A5F638 ] EventSystem     C:\WINDOWS\system32\es.dll
16:24:58.0593 0x27ac  EventSystem - ok
16:24:58.0609 0x27ac  [ 7A4D6FEB8C52B3FE855E4DCDF9107E03 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
16:24:58.0624 0x27ac  exfat - ok
16:24:58.0640 0x27ac  [ 60996602A7111FD2D086E803F33E4282 ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
16:24:58.0656 0x27ac  fastfat - ok
16:24:58.0702 0x27ac  [ F0E7F8382ED5E138B0DFA4CB5058BCFE ] Fax             C:\WINDOWS\system32\fxssvc.exe
16:24:58.0718 0x27ac  Fax - ok
16:24:58.0749 0x27ac  [ 73B2D11DF0B6E03A0CB0323218ACB3E4 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
16:24:58.0749 0x27ac  fdc - ok
16:24:58.0796 0x27ac  [ 0828E3E7BD77C89149EAD3232BFD38DB ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
16:24:58.0812 0x27ac  fdPHost - ok
16:24:58.0827 0x27ac  [ 872506AAB591E8908DF4461475AF92DF ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
16:24:58.0843 0x27ac  FDResPub - ok
16:24:58.0859 0x27ac  [ 0588950D93A426F97C7AAADB1A9B0458 ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
16:24:59.0312 0x27ac  fhsvc - ok
16:24:59.0312 0x27ac  [ 88A9EBACD1058ABB237A6B4E96E7F397 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
16:24:59.0327 0x27ac  FileInfo - ok
16:24:59.0343 0x27ac  [ 9E4EE3A0B00FF7D5F42A4AF9744CBA02 ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
16:24:59.0359 0x27ac  Filetrace - ok
16:24:59.0359 0x27ac  [ B1D4C168FF7B8579E3745888658FFB1D ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
16:24:59.0374 0x27ac  flpydisk - ok
16:24:59.0406 0x27ac  [ B33EC133AE4E6C1881D2302D93D2467D ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
16:24:59.0421 0x27ac  FltMgr - ok
16:24:59.0468 0x27ac  [ 0BCDC0FF11B984162B0CF0FF6E9E0146 ] FontCache       C:\WINDOWS\system32\FntCache.dll
16:24:59.0515 0x27ac  FontCache - ok
16:24:59.0577 0x27ac  [ 0B56259F5611787222A04A8F254E51D4 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:24:59.0593 0x27ac  FontCache3.0.0.0 - ok
16:24:59.0609 0x27ac  [ A5F7873A39E4E9FAAAE59B7E9E36B705 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
16:24:59.0624 0x27ac  FsDepends - ok
16:24:59.0624 0x27ac  [ A6DD7D491F587F4BC13FB972977DC8E8 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
16:24:59.0640 0x27ac  Fs_Rec - ok
16:24:59.0687 0x27ac  [ FA228F4BB10DC7ED7E7D131C034E2331 ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
16:24:59.0702 0x27ac  fvevol - ok
16:24:59.0749 0x27ac  [ A969D92973DFA895E7776B4BFE36DBB2 ] FxPPM           C:\WINDOWS\System32\drivers\fxppm.sys
16:24:59.0765 0x27ac  FxPPM - ok
16:24:59.0781 0x27ac  [ 52BC441E07A827EBAB70CDC7EAEDB28D ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys
16:24:59.0781 0x27ac  gagp30kx - ok
16:24:59.0812 0x27ac  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
16:24:59.0812 0x27ac  GEARAspiWDM - ok
16:24:59.0843 0x27ac  [ 721F8EEF5E9747F32670DEFF7FB92541 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
16:24:59.0859 0x27ac  gencounter - ok
16:24:59.0890 0x27ac  [ CA18ECFCFFDD638ECE80799A9056B238 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
16:24:59.0890 0x27ac  GPIOClx0101 - ok
16:24:59.0937 0x27ac  [ 5358678C6370F2ADC5291849F6503262 ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
16:24:59.0968 0x27ac  gpsvc - ok
16:24:59.0999 0x27ac  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:24:59.0999 0x27ac  gupdate - ok
16:25:00.0015 0x27ac  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:25:00.0015 0x27ac  gupdatem - ok
16:25:00.0046 0x27ac  [ C2504AA983B5D411F7D31402E8B57725 ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys
16:25:00.0062 0x27ac  HdAudAddService - ok
16:25:00.0077 0x27ac  [ 7D87B5B6C7188D553E11B59DC7F0B111 ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
16:25:00.0077 0x27ac  HDAudBus - ok
16:25:00.0093 0x27ac  [ 3F76BBA53D65E85A7F53E7A71082082C ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
16:25:00.0093 0x27ac  HidBatt - ok
16:25:00.0124 0x27ac  [ 085F150D002B7F0153D3C06DDF33A143 ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
16:25:00.0156 0x27ac  HidBth - ok
16:25:00.0171 0x27ac  [ CC4A07E51D89575CAB6F4EB590D87CD4 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
16:25:00.0187 0x27ac  hidi2c - ok
16:25:00.0203 0x27ac  [ DC96F7DACB777CDEAEF9958A50BFDA06 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
16:25:00.0234 0x27ac  HidIr - ok
16:25:00.0249 0x27ac  [ FAC37D7B3D6354A5A5E19A45B50B4008 ] hidserv         C:\WINDOWS\system32\hidserv.dll
16:25:00.0265 0x27ac  hidserv - ok
16:25:00.0265 0x27ac  [ 012C354B4AB48E9A7A657DF39E3A2073 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
16:25:00.0296 0x27ac  HidUsb - ok
16:25:00.0343 0x27ac  [ 43F884B61A24377567CD0FEB35236334 ] hkmsvc          C:\WINDOWS\system32\kmsvc.dll
16:25:00.0359 0x27ac  hkmsvc - ok
16:25:00.0390 0x27ac  [ 33DFC14DFDCCFA7AA10E392F6A8EC1CF ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
16:25:00.0406 0x27ac  HomeGroupListener - ok
16:25:00.0421 0x27ac  [ E0D9F6FE18FA7F53ADD29AF719CE2B7E ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
16:25:00.0437 0x27ac  HomeGroupProvider - ok
16:25:00.0453 0x27ac  [ 64DB7A8D97CA53DCCF93D0A1E08342CF ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
16:25:00.0468 0x27ac  HpSAMD - ok
16:25:00.0531 0x27ac  [ F4A91D985EB9D1D2717D538F3424603C ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
16:25:00.0562 0x27ac  HTTP - ok
16:25:00.0562 0x27ac  [ 2A98301068801700906C06649860FE94 ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
16:25:00.0578 0x27ac  hwpolicy - ok
16:25:00.0609 0x27ac  [ DC76901D82097C9E297F20C287CB9A27 ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
16:25:00.0624 0x27ac  hyperkbd - ok
16:25:00.0624 0x27ac  [ 716413AB3CA12DE0A7222D28C1C9352C ] HyperVideo      C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
16:25:00.0640 0x27ac  HyperVideo - ok
16:25:00.0640 0x27ac  [ C9E9CBF73AFFBFE3E801EFB516787BA3 ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
16:25:00.0656 0x27ac  i8042prt - ok
16:25:00.0671 0x27ac  [ 5E394EBD26FD68AA9300332C46BEDD62 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
16:25:00.0687 0x27ac  iaStorV - ok
16:25:00.0781 0x27ac  [ 348214F96642FD4FEF630DE021BA3540 ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
16:25:00.0953 0x27ac  igfx - ok
16:25:00.0984 0x27ac  [ 24847A06B84339FEEDE5CABF3D27D320 ] iirsp           C:\WINDOWS\system32\drivers\iirsp.sys
16:25:00.0984 0x27ac  iirsp - ok
16:25:01.0015 0x27ac  [ 531B5A98145DA689741A0AC18F14EA94 ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
16:25:01.0062 0x27ac  IKEEXT - ok
16:25:01.0078 0x27ac  [ 4F37726CF764CA18A8A84F85EF3A7F24 ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
16:25:01.0093 0x27ac  intelide - ok
16:25:01.0093 0x27ac  [ E15CDF68DD73423F15D4AC404793AF0D ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
16:25:01.0109 0x27ac  intelppm - ok
16:25:01.0124 0x27ac  [ 8FCA66234A0933D796BB780B7953BAB9 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
16:25:01.0140 0x27ac  IpFilterDriver - ok
16:25:01.0156 0x27ac  [ C217B8D2E58C57A319B16125C3D4B69C ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
16:25:01.0187 0x27ac  iphlpsvc - ok
16:25:01.0187 0x27ac  [ 6E98A046A12AA113F8898AA5D612BD6E ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
16:25:01.0203 0x27ac  IPMIDRV - ok
16:25:01.0203 0x27ac  [ 3969B9C218DD3FAA9F4ED2FFC3651C02 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
16:25:01.0218 0x27ac  IPNAT - ok
16:25:01.0296 0x27ac  [ 78486992AC657AE5065C4A2135838570 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
16:25:01.0312 0x27ac  iPod Service - ok
16:25:01.0312 0x27ac  [ 25CD7C4BB2863FFC2B0B311F0AEBF77C ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
16:25:01.0343 0x27ac  IRENUM - ok
16:25:01.0359 0x27ac  [ D940C5BB9DC92E588533C19ABCC3D2C2 ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
16:25:01.0359 0x27ac  isapnp - ok
16:25:01.0374 0x27ac  [ 69C8BF0BC2B0EA10F130F4D3104DC2EF ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
16:25:01.0390 0x27ac  iScsiPrt - ok
16:25:01.0437 0x27ac  [ BD5BF20EC242E003A2F570B8754A56D1 ] ivusb           C:\WINDOWS\System32\drivers\ivusb.sys
16:25:01.0437 0x27ac  ivusb - ok
16:25:01.0437 0x27ac  [ 8FBD94B69D6423E20ABCD59D86368B21 ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
16:25:01.0453 0x27ac  kbdclass - ok
16:25:01.0468 0x27ac  [ E88C932ABDF8185A62C8F2FC7B051FB6 ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
16:25:01.0484 0x27ac  kbdhid - ok
16:25:01.0499 0x27ac  [ FB6C185092E18011EF49989425C2AA87 ] kdnic           C:\WINDOWS\system32\DRIVERS\kdnic.sys
16:25:01.0531 0x27ac  kdnic - ok
16:25:01.0531 0x27ac  [ F702AB6181513303AB0FC8D59E52708B ] KeyIso          C:\WINDOWS\system32\lsass.exe
16:25:01.0546 0x27ac  KeyIso - ok
16:25:01.0562 0x27ac  [ DFA480F6DED551464F3A5B959F437800 ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
16:25:01.0578 0x27ac  KSecDD - ok
16:25:01.0593 0x27ac  [ 127FB0AAD232BAAD2C9BBACD374F4FC5 ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
16:25:01.0609 0x27ac  KSecPkg - ok
16:25:01.0609 0x27ac  [ 81492FEEBF2F26455B00EE8DBAE8A1B0 ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
16:25:01.0624 0x27ac  ksthunk - ok
16:25:01.0671 0x27ac  [ 5825DBACEDC3812B5CF8D40B997BF210 ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
16:25:01.0703 0x27ac  KtmRm - ok
16:25:01.0734 0x27ac  [ 256EE31588257E8A555DBFAA13F1908E ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
16:25:01.0765 0x27ac  LanmanServer - ok
16:25:01.0812 0x27ac  [ 16650912BE5A94B40E0B3B4C39652B56 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
16:25:01.0828 0x27ac  LanmanWorkstation - ok
16:25:01.0843 0x27ac  [ CEEFD29FC551F289810B0B9381B321DC ] lltdio          C:\WINDOWS\system32\DRIVERS\lltdio.sys
16:25:01.0874 0x27ac  lltdio - ok
16:25:01.0921 0x27ac  [ BCF53485E0A94722CDE3C4A93CD8EB8C ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
16:25:01.0937 0x27ac  lltdsvc - ok
16:25:01.0953 0x27ac  [ 5A2F7F1CBC2E631A497DAD16164E06D2 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
16:25:01.0968 0x27ac  lmhosts - ok
16:25:02.0047 0x27ac  [ 8F2CFF01F12955477450DA5E572D4001 ] LMIGuardianSvc  C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
16:25:02.0047 0x27ac  LMIGuardianSvc - ok
16:25:02.0062 0x27ac  [ 0F28935ECF1FBDEC22BAF720A5A94564 ] LMIInfo         C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys
16:25:02.0078 0x27ac  LMIInfo - ok
16:25:02.0093 0x27ac  [ CA86C7042E406070B905AE6CA45D22EA ] LMIMaint        C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
16:25:02.0093 0x27ac  LMIMaint - ok
16:25:02.0109 0x27ac  [ 413ECDCFAD9A82804D3674C8D7EEC24E ] lmimirr         C:\WINDOWS\system32\DRIVERS\lmimirr.sys
16:25:02.0109 0x27ac  lmimirr - ok
16:25:02.0109 0x27ac  LMIRfsClientNP - ok
16:25:02.0140 0x27ac  [ C57D3FAA50E6F395759FFB7C709BD944 ] LMIRfsDriver    C:\WINDOWS\system32\drivers\LMIRfsDriver.sys
16:25:02.0140 0x27ac  LMIRfsDriver - ok
16:25:02.0156 0x27ac  [ D3760BC17E1755091B7120CF32DBF56B ] LogMeIn         C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
16:25:02.0172 0x27ac  LogMeIn - ok
16:25:02.0187 0x27ac  [ 022CDD12161B063D7852B1075BF3FFF2 ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
16:25:02.0187 0x27ac  LSI_SAS - ok
16:25:02.0234 0x27ac  [ 07AD59D669B996F29F91817F0ECFA34F ] LSI_SAS2        C:\WINDOWS\system32\drivers\lsi_sas2.sys
16:25:02.0250 0x27ac  LSI_SAS2 - ok
16:25:02.0265 0x27ac  [ 216FB796AA4E252ACCE93B1BCB80B5EC ] LSI_SCSI        C:\WINDOWS\system32\drivers\lsi_scsi.sys
16:25:02.0265 0x27ac  LSI_SCSI - ok
16:25:02.0281 0x27ac  [ 5E80530AF37102488EE980B4A92AF99F ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
16:25:02.0297 0x27ac  LSI_SSS - ok
16:25:02.0312 0x27ac  [ A57BA284F5996FFD32DCDBC41A4657DB ] LSM             C:\WINDOWS\System32\lsm.dll
16:25:02.0343 0x27ac  LSM - ok
16:25:02.0359 0x27ac  [ 2BDC5D711FA61307CE6190D47C956368 ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
16:25:02.0390 0x27ac  luafv - ok
16:25:02.0406 0x27ac  [ 9B0D829C3BE4E7472DB9DD2B79908E3C ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
16:25:02.0406 0x27ac  megasas - ok
16:25:02.0437 0x27ac  [ ECC3F54C7AFC318271C4F0B4606D8DB0 ] MegaSR          C:\WINDOWS\system32\drivers\MegaSR.sys
16:25:02.0453 0x27ac  MegaSR - ok
16:25:02.0468 0x27ac  [ 2BB3EAE2EA641515D4B205CAB29E1624 ] MEIx64          C:\WINDOWS\System32\drivers\HECIx64.sys
16:25:02.0484 0x27ac  MEIx64 - ok
16:25:02.0515 0x27ac  Microsoft SharePoint Workspace Audit Service - ok
16:25:02.0562 0x27ac  [ EEE908BE7143FCA48CF0CB87214E2AB8 ] MMCSS           C:\WINDOWS\system32\mmcss.dll
16:25:02.0578 0x27ac  MMCSS - ok
16:25:02.0578 0x27ac  [ 780098AD5DA8A4822E2563984C85EF7B ] Modem           C:\WINDOWS\system32\drivers\modem.sys
16:25:02.0593 0x27ac  Modem - ok
16:25:02.0609 0x27ac  [ EA8EAD3F5B762F889CC7F3966625B48B ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
16:25:02.0625 0x27ac  monitor - ok
16:25:02.0625 0x27ac  [ 618446B98C79776654340CE27C73485E ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
16:25:02.0640 0x27ac  mouclass - ok
16:25:02.0640 0x27ac  [ C0ADEBED913295803B579ED288936CBB ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
16:25:02.0656 0x27ac  mouhid - ok
16:25:02.0672 0x27ac  [ 89D263DBF08119CE16273991C120D6DD ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
16:25:02.0672 0x27ac  mountmgr - ok
16:25:02.0687 0x27ac  [ 0D1609DD82C7440F5D5BF21A9D4D5C0C ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
16:25:02.0718 0x27ac  mpsdrv - ok
16:25:02.0765 0x27ac  [ 3031573A739DBEE8923851929D0AF423 ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
16:25:02.0797 0x27ac  MpsSvc - ok
16:25:02.0812 0x27ac  [ 3D70147F55F1EC84EB9139ED7FFE48BC ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
16:25:02.0828 0x27ac  MRxDAV - ok
16:25:02.0875 0x27ac  [ 93179D48066918323628CB016D8C94DC ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
16:25:02.0906 0x27ac  mrxsmb - ok
16:25:02.0938 0x27ac  [ 06D5F2FA3C61E8EA91648EA8E9F99FD3 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
16:25:02.0953 0x27ac  mrxsmb10 - ok
16:25:02.0969 0x27ac  [ 5C7DD2E5759FFCCD2C7341C1B90F2B26 ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
16:25:02.0984 0x27ac  mrxsmb20 - ok
16:25:03.0000 0x27ac  [ 98487487D6B3797CA927E9D7B030AE13 ] MsBridge        C:\WINDOWS\system32\DRIVERS\bridge.sys
16:25:03.0031 0x27ac  MsBridge - ok
16:25:03.0063 0x27ac  [ 4A07458EB4F17573BD39F22029A991C1 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
16:25:03.0078 0x27ac  MSDTC - ok
16:25:03.0094 0x27ac  [ 3886F1F2A4D2900ABAA7E4486BEEE6A2 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
16:25:03.0109 0x27ac  Msfs - ok
16:25:03.0125 0x27ac  [ C32A7A39B960A42BA9D4FBE47213CA03 ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
16:25:03.0141 0x27ac  msgpiowin32 - ok
16:25:03.0141 0x27ac  [ D3857A767B91A061B408CCAB02DA4F40 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
16:25:03.0156 0x27ac  mshidkmdf - ok
16:25:03.0156 0x27ac  [ 839B48910FB1E887635C48F3EC11A05E ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
16:25:03.0172 0x27ac  mshidumdf - ok
16:25:03.0203 0x27ac  [ 55C0DB741E3AB7463242B185B1C2997C ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
16:25:03.0203 0x27ac  msisadrv - ok
16:25:03.0219 0x27ac  [ 216C6B035A4BA5560E1255BD8E5BB89F ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
16:25:03.0234 0x27ac  MSiSCSI - ok
16:25:03.0250 0x27ac  msiserver - ok
16:25:03.0250 0x27ac  [ 509809566E49F4411055864EA8D437CD ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
16:25:03.0266 0x27ac  MSKSSRV - ok
16:25:03.0266 0x27ac  [ 63145201D6458E4958E572E7D6FC2604 ] MsLldp          C:\WINDOWS\system32\DRIVERS\mslldp.sys
16:25:03.0281 0x27ac  MsLldp - ok
16:25:03.0281 0x27ac  [ 99D526E803DB6D7FF290FD98B6204641 ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
16:25:03.0297 0x27ac  MSPCLOCK - ok
16:25:03.0313 0x27ac  [ 06FA77C3E2A491ADCD704C5E73006269 ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
16:25:03.0313 0x27ac  MSPQM - ok
16:25:03.0328 0x27ac  [ E134EC4DE11CF78CB01432D180710D84 ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
16:25:03.0344 0x27ac  MsRPC - ok
16:25:03.0344 0x27ac  [ B5AECF12F09DEE97C9FCAA5BA016CE1E ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
16:25:03.0359 0x27ac  mssmbios - ok
16:25:03.0375 0x27ac  [ 72D66A05E0F99F2528F6C6204FD22AA1 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
16:25:03.0375 0x27ac  MSTEE - ok
16:25:03.0391 0x27ac  [ 8AAAE399FC255FA105D4158CBA289001 ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
16:25:03.0406 0x27ac  MTConfig - ok
16:25:03.0438 0x27ac  [ 3BCB702F3E6CC622DCAFCAA45D7CDE0A ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
16:25:03.0438 0x27ac  Mup - ok
16:25:03.0453 0x27ac  [ 3A1E095277BBD406CEA8EA6B76950664 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
16:25:03.0469 0x27ac  mvumis - ok
16:25:03.0516 0x27ac  [ 4B18840511D720BA118D3017E8165875 ] napagent        C:\WINDOWS\system32\qagentRT.dll
16:25:03.0531 0x27ac  napagent - ok
16:25:03.0547 0x27ac  [ 43D7388A90A4C6EA346A4D6FF0377479 ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
16:25:03.0578 0x27ac  NativeWifiP - ok
16:25:03.0609 0x27ac  [ 6A0C3996DA7DAE6D6939676D786EEEC4 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
16:25:03.0625 0x27ac  NcaSvc - ok
16:25:03.0656 0x27ac  [ C982FE4CC91DECE2259F494FCEB4030F ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
16:25:03.0672 0x27ac  NcdAutoSetup - ok
16:25:03.0734 0x27ac  [ 03CFE4108D1DE16D6C59455B5C73319C ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
16:25:03.0766 0x27ac  NDIS - ok
16:25:03.0766 0x27ac  [ 39C8A1D9D46F5E83A016BCAB72455284 ] NdisCap         C:\WINDOWS\system32\DRIVERS\ndiscap.sys
16:25:03.0781 0x27ac  NdisCap - ok
16:25:03.0797 0x27ac  [ 762941932B7E4C588E48A577BA9D6440 ] NdisImPlatform  C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
16:25:03.0828 0x27ac  NdisImPlatform - ok
16:25:03.0859 0x27ac  [ 7A6F8A6D0E01432EBA294EF29CDD0FA7 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
16:25:03.0875 0x27ac  NdisTapi - ok
16:25:03.0875 0x27ac  [ 79AB68BB3FFF974AD4F41FA559F4EC67 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
16:25:03.0891 0x27ac  Ndisuio - ok
16:25:03.0906 0x27ac  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
16:25:03.0922 0x27ac  NdisWan - ok
16:25:03.0922 0x27ac  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] NDISWANLEGACY   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
16:25:03.0938 0x27ac  NDISWANLEGACY - ok
16:25:03.0953 0x27ac  [ 3730942D7DB2F8BB5F84542B7FF6F650 ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
16:25:03.0969 0x27ac  NDProxy - ok
16:25:03.0969 0x27ac  [ D3F60A4345FCA9C1BE68AD7D0D6DE770 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
16:25:03.0984 0x27ac  Ndu - ok
16:25:04.0016 0x27ac  [ 6F4607E2333FE21E9E3FF8133A88B35B ] Netaapl         C:\WINDOWS\system32\DRIVERS\netaapl64.sys
16:25:04.0031 0x27ac  Netaapl - ok
16:25:04.0031 0x27ac  [ 7C203A76394F9AE68F69EEE5F9612C4A ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
16:25:04.0047 0x27ac  NetBIOS - ok
16:25:04.0063 0x27ac  [ 7CEC25C682D319D484630B3952C31A11 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
16:25:04.0094 0x27ac  NetBT - ok
16:25:04.0109 0x27ac  [ F702AB6181513303AB0FC8D59E52708B ] Netlogon        C:\WINDOWS\system32\lsass.exe
16:25:04.0109 0x27ac  Netlogon - ok
16:25:04.0141 0x27ac  [ 89519D29CBEC2121CA65CC29C4D345E0 ] Netman          C:\WINDOWS\System32\netman.dll
16:25:04.0172 0x27ac  Netman - ok
16:25:04.0188 0x27ac  [ 79FA9393C67EBBF92A56923592CF7A7C ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
16:25:04.0219 0x27ac  netprofm - ok
16:25:04.0266 0x27ac  [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:25:04.0281 0x27ac  NetTcpPortSharing - ok
16:25:04.0297 0x27ac  [ 12DD2800E4EEA37DC9AE256AD62423B4 ] nfrd960         C:\WINDOWS\system32\drivers\nfrd960.sys
16:25:04.0297 0x27ac  nfrd960 - ok
16:25:04.0359 0x27ac  [ 80ABCD4C2DE9FD832477303AE0CA3BE5 ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
16:25:04.0375 0x27ac  NlaSvc - ok
16:25:04.0391 0x27ac  [ 17E19A742FB30C002F8B43575451DBE1 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
16:25:04.0844 0x27ac  Npfs - ok
16:25:04.0922 0x27ac  [ 8ED299C30792544264E558BEA79F0947 ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
16:25:04.0938 0x27ac  npsvctrig - ok
16:25:04.0938 0x27ac  [ 832B5FDF0B5577713FD7F2465FCD0ACE ] nsi             C:\WINDOWS\system32\nsisvc.dll
16:25:04.0969 0x27ac  nsi - ok
16:25:04.0985 0x27ac  [ 689B3B1E95C70ABF7AFF29F9406EF1E0 ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
16:25:05.0000 0x27ac  nsiproxy - ok
16:25:05.0063 0x27ac  [ 76929F4A69E425911A63B407E26C2589 ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
16:25:05.0125 0x27ac  Ntfs - ok
16:25:05.0125 0x27ac  [ 4163ADE07DB51843AE31F65B94F5398D ] Null            C:\WINDOWS\system32\drivers\Null.sys
16:25:05.0157 0x27ac  Null - ok
16:25:05.0172 0x27ac  [ D6D34118263412D3AAA8348A9572B7F2 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
16:25:05.0188 0x27ac  nvraid - ok
16:25:05.0219 0x27ac  [ 27AFC428D1D32ABD04A86763A4EDDEA9 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
16:25:05.0235 0x27ac  nvstor - ok
16:25:05.0235 0x27ac  [ 051CFB5107BAAE510419BDC41F8C4036 ] nv_agp          C:\WINDOWS\system32\drivers\nv_agp.sys
16:25:05.0250 0x27ac  nv_agp - ok
16:25:05.0297 0x27ac  [ 7C72AA890A16A43ECF24D0F27CE74C87 ] nxaudio_serv    C:\WINDOWS\system32\drivers\nxaudio.sys
16:25:05.0297 0x27ac  nxaudio_serv - ok
16:25:05.0344 0x27ac  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:25:05.0360 0x27ac  ose - ok
16:25:05.0500 0x27ac  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:25:05.0625 0x27ac  osppsvc - ok
16:25:05.0657 0x27ac  [ AB76700D764A342D7475FB8F47CAB18C ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
16:25:05.0672 0x27ac  p2pimsvc - ok
16:25:05.0688 0x27ac  [ 4319FD931DCD796435ECB5DB4A04FBA5 ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
16:25:05.0703 0x27ac  p2psvc - ok
16:25:05.0735 0x27ac  [ 4563DAF8C6A740AD7F501E219BD10766 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
16:25:05.0735 0x27ac  Parport - ok
16:25:05.0750 0x27ac  [ D6ACCF9F2EEEEA711C14EFD976E573F3 ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
16:25:05.0750 0x27ac  partmgr - ok
16:25:05.0782 0x27ac  [ 4811D9EC53649105A5A8BEA661B0F936 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
16:25:05.0813 0x27ac  PcaSvc - ok
16:25:05.0813 0x27ac  [ 4A003E8F718C1E6A2050CA98CD53E3E2 ] pci             C:\WINDOWS\system32\drivers\pci.sys
16:25:05.0828 0x27ac  pci - ok
16:25:05.0844 0x27ac  [ F9908D274D458220F91E89B54D78D837 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
16:25:05.0844 0x27ac  pciide - ok
16:25:05.0875 0x27ac  [ 84D19CB6102627932DCB5DFDF89FE269 ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
16:25:05.0891 0x27ac  pcmcia - ok
16:25:05.0891 0x27ac  [ CEBBAD5391C2644560C55628A40BFD27 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
16:25:05.0891 0x27ac  pcw - ok
16:25:05.0922 0x27ac  [ 0698DEDEAD6A00AD0D468C687D830FBF ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
16:25:05.0938 0x27ac  pdc - ok
16:25:05.0969 0x27ac  [ 61FE70659CD43E07F94DA4DC31DEC493 ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
16:25:06.0000 0x27ac  PEAUTH - ok
16:25:06.0047 0x27ac  [ DF0D9BDCB600913F40FF125BF8CE1979 ] PeerDistSvc     C:\WINDOWS\system32\peerdistsvc.dll
16:25:06.0125 0x27ac  PeerDistSvc - ok
16:25:06.0203 0x27ac  [ EB88FA19F0EA05DD04BE9C5FFEEFFE1A ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
16:25:06.0219 0x27ac  PerfHost - ok
16:25:06.0282 0x27ac  [ 6E84BFF58F7643499277F29DFA2F8C8D ] pla             C:\WINDOWS\system32\pla.dll
16:25:06.0360 0x27ac  pla - ok
16:25:06.0375 0x27ac  [ 799BE46D45D486704CE0F37CA5385262 ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
16:25:06.0391 0x27ac  PlugPlay - ok
16:25:06.0407 0x27ac  [ 8E2414E818C26C4A9C70CB2B8567F04F ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
16:25:06.0438 0x27ac  PNRPAutoReg - ok
16:25:06.0438 0x27ac  [ AB76700D764A342D7475FB8F47CAB18C ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
16:25:06.0453 0x27ac  PNRPsvc - ok
16:25:06.0500 0x27ac  [ 34A8FAE065249F85A67A3215FF5ECB34 ] Point64         C:\WINDOWS\System32\drivers\point64.sys
16:25:06.0500 0x27ac  Point64 - ok
16:25:06.0547 0x27ac  [ 0108C8E5176D590F242701EF5A62CC26 ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
16:25:06.0579 0x27ac  PolicyAgent - ok
16:25:06.0610 0x27ac  [ F1E067F56373F11EA4B785CAE823740A ] Power           C:\WINDOWS\system32\umpo.dll
16:25:06.0625 0x27ac  Power - ok
16:25:06.0625 0x27ac  [ 362D47E5B4D67270DE4B8606036F4ADD ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
16:25:06.0657 0x27ac  PptpMiniport - ok
16:25:06.0750 0x27ac  [ C2D3B3D0060619D5E03E696BD56FF59F ] PrintNotify     C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll
16:25:06.0875 0x27ac  PrintNotify - ok
16:25:06.0907 0x27ac  [ DD979EB6A7212F60E4AFBE96EDC7AE6D ] Processor       C:\WINDOWS\System32\drivers\processr.sys
16:25:06.0907 0x27ac  Processor - ok
16:25:06.0938 0x27ac  [ 429E8502AD2227CF88F8840FC5BD590D ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
16:25:06.0954 0x27ac  ProfSvc - ok
16:25:06.0969 0x27ac  [ EB8034147D4820CD31BFCB11A2A652DF ] Psched          C:\WINDOWS\system32\DRIVERS\pacer.sys
16:25:07.0000 0x27ac  Psched - ok
16:25:07.0032 0x27ac  [ 0AFBF333B6F87A2F598EAB379AF100B8 ] QWAVE           C:\WINDOWS\system32\qwave.dll
16:25:07.0047 0x27ac  QWAVE - ok
16:25:07.0047 0x27ac  [ 13D47BB0CCA2FC51BD15F8E85C6A078E ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
16:25:07.0079 0x27ac  QWAVEdrv - ok
16:25:07.0110 0x27ac  [ 194ED3C117525613E701FF257882303E ] RadioHIDMini    C:\WINDOWS\System32\drivers\RadioHIDMini.sys
16:25:07.0110 0x27ac  RadioHIDMini - ok
16:25:07.0141 0x27ac  [ 873C60F8178100557740A832FCE10B5F ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
16:25:07.0157 0x27ac  RasAcd - ok
16:25:07.0157 0x27ac  [ 69B93F623B130976243ECA3D84CC99CA ] RasAgileVpn     C:\WINDOWS\system32\DRIVERS\AgileVpn.sys
16:25:07.0172 0x27ac  RasAgileVpn - ok
16:25:07.0204 0x27ac  [ 005F6E54C4A2DA4EBF68FB0392CE8BB0 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
16:25:07.0235 0x27ac  RasAuto - ok
16:25:07.0235 0x27ac  [ A14D625C5AEE5FFE0F47D1A1D419FAAE ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
16:25:07.0250 0x27ac  Rasl2tp - ok
16:25:07.0266 0x27ac  [ C923C785A2DE0B396AD6D13ACAFF2DE9 ] RasMan          C:\WINDOWS\System32\rasmans.dll
16:25:07.0297 0x27ac  RasMan - ok
16:25:07.0297 0x27ac  [ 00695B9C2DB6111064499C529E90C042 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
16:25:07.0329 0x27ac  RasPppoe - ok
16:25:07.0329 0x27ac  [ A7F24D8CD1956B0A1FDCB86CC5114DE4 ] RasSstp         C:\WINDOWS\system32\DRIVERS\rassstp.sys
16:25:07.0344 0x27ac  RasSstp - ok
16:25:07.0375 0x27ac  [ CA03D642ACE58E1BA54E4B383F91CD69 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
16:25:07.0391 0x27ac  rdbss - ok
16:25:07.0391 0x27ac  [ CA7DF5EC95D8DE0DD24BE7FF97369F68 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
16:25:07.0407 0x27ac  rdpbus - ok
16:25:07.0438 0x27ac  [ B2A3AD74FF2E2FFA73AF2567108231B3 ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
16:25:07.0469 0x27ac  RDPDR - ok
16:25:07.0485 0x27ac  [ 57F4787E4602A3FCA719C0A33137C6DA ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
16:25:07.0500 0x27ac  RdpVideoMiniport - ok
16:25:07.0532 0x27ac  [ B3CB0721E81E30419CE7D837EF4EA151 ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
16:25:07.0563 0x27ac  RDPWD - ok
16:25:07.0563 0x27ac  [ 62C1F8A0685FE07E998AA296C4F697C4 ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
16:25:07.0579 0x27ac  rdyboost - ok
16:25:07.0610 0x27ac  [ 3663CCF243EE0C04E9F6F91ED1737273 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
16:25:07.0625 0x27ac  RemoteAccess - ok
16:25:07.0641 0x27ac  [ E80DD61E52EDFFF9DA1ED7260A68855B ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
16:25:07.0672 0x27ac  RemoteRegistry - ok
16:25:07.0688 0x27ac  [ 73F2E030B5C24E4E41401B5F0D59E6FD ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
16:25:07.0719 0x27ac  RpcEptMapper - ok
16:25:07.0735 0x27ac  [ 10B21284B3D964AB3DC45490E57D422E ] RpcLocator      C:\WINDOWS\system32\locator.exe
16:25:07.0750 0x27ac  RpcLocator - ok
16:25:07.0782 0x27ac  [ 1EC6E533C954BDDF2A37E7851A7E58FD ] RpcSs           C:\WINDOWS\system32\rpcss.dll
16:25:07.0797 0x27ac  RpcSs - ok
16:25:07.0813 0x27ac  [ E04E770DD198B9399640717145E79EBF ] rspndr          C:\WINDOWS\system32\DRIVERS\rspndr.sys
16:25:07.0829 0x27ac  rspndr - ok
16:25:07.0876 0x27ac  [ 15923AA360F7675D3D43C9669316A0BA ] RTL8168         C:\WINDOWS\system32\DRIVERS\Rt630x64.sys
16:25:07.0907 0x27ac  RTL8168 - ok
16:25:07.0922 0x27ac  [ 752EC7DCD2F96871A3857EEE6AFE965A ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
16:25:07.0938 0x27ac  s3cap - ok
16:25:07.0954 0x27ac  [ 62DB6CC4B0818F1B5F3441241B098F12 ] SABI            C:\WINDOWS\system32\Drivers\SABI.sys
16:25:07.0985 0x27ac  SABI - ok
16:25:07.0985 0x27ac  [ F702AB6181513303AB0FC8D59E52708B ] SamSs           C:\WINDOWS\system32\lsass.exe
16:25:08.0000 0x27ac  SamSs - ok
16:25:08.0032 0x27ac  [ 9C7B28CE0D136DB226E24DB3BC817F92 ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
16:25:08.0047 0x27ac  sbp2port - ok
16:25:08.0063 0x27ac  [ 14316954FCE79C9DE5A0AFF9D42C83AA ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
16:25:08.0094 0x27ac  SCardSvr - ok
16:25:08.0110 0x27ac  [ 5D7733A12756B267FCA021672B26BC9E ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
16:25:08.0141 0x27ac  scfilter - ok
16:25:08.0188 0x27ac  [ ED40ED9A65F3E79A8C43DD50C5FDADBF ] Schedule        C:\WINDOWS\system32\schedsvc.dll
16:25:08.0219 0x27ac  Schedule - ok
16:25:08.0235 0x27ac  [ BAF8F0F55BC300E5F882E521F054E345 ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
16:25:08.0250 0x27ac  SCPolicySvc - ok
16:25:08.0297 0x27ac  [ 047315E75392CEA447ACC86257824C16 ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
16:25:08.0297 0x27ac  sdbus - ok
16:25:08.0313 0x27ac  [ 92968277ED491E4B3DDA361E3952361E ] SDRSVC          C:\WINDOWS\System32\SDRSVC.dll
16:25:08.0344 0x27ac  SDRSVC - ok
16:25:08.0391 0x27ac  [ BB107AA9980B0DA4E19A3A90C3BD4460 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
16:25:08.0391 0x27ac  sdstor - ok
16:25:08.0407 0x27ac  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\WINDOWS\system32\drivers\secdrv.sys
16:25:08.0407 0x27ac  secdrv - ok
16:25:08.0407 0x27ac  [ CD282626738B6BC92B6E7CD0AAE95B63 ] seclogon        C:\WINDOWS\system32\seclogon.dll
16:25:08.0438 0x27ac  seclogon - ok
16:25:08.0454 0x27ac  [ 9C51620998F0763039DFA6BF68E475ED ] SENS            C:\WINDOWS\System32\sens.dll
16:25:08.0469 0x27ac  SENS - ok
16:25:08.0485 0x27ac  [ 0D50B4B860DAB65241628D04CD33ACAE ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
16:25:08.0500 0x27ac  SensrSvc - ok
16:25:08.0516 0x27ac  [ 87C46B239A7EEF30FDFDD5E9BD46130C ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
16:25:08.0532 0x27ac  SerCx - ok
16:25:08.0547 0x27ac  [ 7A1F9347C85FD55E39B8A76B3A25C5AD ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
16:25:08.0563 0x27ac  Serenum - ok
16:25:08.0579 0x27ac  [ F640A0A218BBF857F1D04A15D7D939F6 ] Serial          C:\WINDOWS\System32\drivers\serial.sys
16:25:08.0594 0x27ac  Serial - ok
16:25:08.0594 0x27ac  [ F1A5F56B2620B862CC28FF96A0A6DAAB ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
16:25:08.0625 0x27ac  sermouse - ok
16:25:08.0641 0x27ac  [ CB60A60340788C8D6DE2A269D28086AB ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
16:25:08.0688 0x27ac  SessionEnv - ok
16:25:08.0704 0x27ac  [ 7EE65419B29302C795714FF8073969A1 ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
16:25:08.0719 0x27ac  sfloppy - ok
16:25:08.0751 0x27ac  [ 090AE16F79C8EAD04E6031F863DA85F3 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
16:25:08.0766 0x27ac  SharedAccess - ok
16:25:08.0813 0x27ac  [ A77F3ABE13FCC698511E5DEC7ACEBD5F ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
16:25:08.0860 0x27ac  ShellHWDetection - ok
16:25:08.0891 0x27ac  [ 2560721D6F16D5B611C36A3A9D28C1B2 ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
16:25:08.0891 0x27ac  SiSRaid2 - ok
16:25:08.0907 0x27ac  [ 3AA8FDE1DBF65BB8B88B053529554A0D ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
16:25:08.0922 0x27ac  SiSRaid4 - ok
16:25:08.0954 0x27ac  [ 3E587DBBDFF938DDE5D4CE4047BE9041 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
16:25:08.0969 0x27ac  SkypeUpdate - ok
16:25:08.0985 0x27ac  [ E660156A4588A84305CB772FD2C0DB21 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
16:25:09.0016 0x27ac  SNMPTRAP - ok
16:25:09.0063 0x27ac  [ FD3AF5575B99871BADB94E7699DBCE08 ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
16:25:09.0079 0x27ac  spaceport - ok
16:25:09.0094 0x27ac  [ 3D8679C8DF52EB26EB7583A4E0A29202 ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
16:25:09.0110 0x27ac  SpbCx - ok
16:25:09.0110 0x27ac  [ 12583AF6CBE0050651EAF2723B3AD7B3 ] speedfan        C:\WINDOWS\syswow64\speedfan.sys
16:25:09.0126 0x27ac  speedfan - ok
16:25:09.0157 0x27ac  [ 3F215BF2D4D8D6756298B25B579772C2 ] Spooler         C:\WINDOWS\System32\spoolsv.exe
16:25:09.0188 0x27ac  Spooler - ok
16:25:09.0298 0x27ac  [ EC84D961501054F87A6878EC5D53388F ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
16:25:09.0423 0x27ac  sppsvc - ok
16:25:09.0454 0x27ac  [ 0F1FCD575A03ABDE13FCA9D0ADE4DDA6 ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
16:25:09.0469 0x27ac  srv - ok
16:25:09.0516 0x27ac  [ 56218A571ECF8D55E0CDFF8DF2546CF1 ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
16:25:09.0548 0x27ac  srv2 - ok
16:25:09.0563 0x27ac  [ 14FC338B80CFF7E04215133B568D15C4 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
16:25:09.0579 0x27ac  srvnet - ok
16:25:09.0594 0x27ac  [ 7A20882D76D4A78240A5AC9F2C2EBA21 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
16:25:09.0626 0x27ac  SSDPSRV - ok
16:25:09.0641 0x27ac  [ D233B16999A8E626F6004BD7814C57EC ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
16:25:09.0657 0x27ac  SstpSvc - ok
16:25:09.0704 0x27ac  [ 9E1380328C39D661E085B24D6A6E044E ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
16:25:09.0719 0x27ac  Steam Client Service - ok
16:25:09.0735 0x27ac  [ 4E85355B94CFCB67C135F6521A4895A7 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
16:25:09.0735 0x27ac  stexstor - ok
16:25:09.0782 0x27ac  [ F38F79114380246B6D40CD53FB2CA28D ] StillCam        C:\WINDOWS\system32\DRIVERS\serscan.sys
16:25:09.0798 0x27ac  StillCam - ok
16:25:09.0860 0x27ac  [ BAC8A721736AECC55A4F71523AEAB65F ] stisvc          C:\WINDOWS\System32\wiaservc.dll
16:25:10.0329 0x27ac  stisvc - ok
16:25:10.0376 0x27ac  [ B240874B2CA0CD02E8CD11E140B14C57 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
16:25:10.0376 0x27ac  storahci - ok
16:25:10.0391 0x27ac  [ F74DBC95A57B1EE866D3732EB5F79BE2 ] storflt         C:\WINDOWS\system32\DRIVERS\vmstorfl.sys
16:25:10.0407 0x27ac  storflt - ok
16:25:10.0407 0x27ac  [ 5337E138B49ED1F44CCBA4073BC35C20 ] StorSvc         C:\WINDOWS\system32\storsvc.dll
16:25:10.0423 0x27ac  StorSvc - ok
16:25:10.0438 0x27ac  [ 543CD3CC0E05B8D8815E0D4F040B6F59 ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
16:25:10.0454 0x27ac  storvsc - ok
16:25:10.0470 0x27ac  [ 1A36AC469140F87CDE62D7F8524E270C ] storvsp         C:\WINDOWS\System32\drivers\storvsp.sys
16:25:10.0485 0x27ac  storvsp - ok
16:25:10.0485 0x27ac  [ 8BC1C1ED6EF9C985A3FAA6A72F41679A ] svsvc           C:\WINDOWS\system32\svsvc.dll
16:25:10.0516 0x27ac  svsvc - ok
16:25:10.0516 0x27ac  [ 4AFD66AAE74FFB5986BC240744DC5FC9 ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
16:25:10.0516 0x27ac  swenum - ok
16:25:10.0548 0x27ac  [ 502F9488540051F3E6C39889ECFA76BB ] swprv           C:\WINDOWS\System32\swprv.dll
16:25:10.0579 0x27ac  swprv - ok
16:25:10.0610 0x27ac  [ A06CB9269D29EE3D0F3F5630ABB660B8 ] SysMain         C:\WINDOWS\system32\sysmain.dll
16:25:10.0641 0x27ac  SysMain - ok
16:25:10.0688 0x27ac  [ 6FB88606C4A71E1BFAF97D63A676C673 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
16:25:10.0735 0x27ac  SystemEventsBroker - ok
16:25:10.0751 0x27ac  [ A6C06C45C44AD06C70AF8899AEC15BDC ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
16:25:10.0782 0x27ac  TabletInputService - ok
16:25:10.0798 0x27ac  [ 88B7721AB551C4325036B25A34A2BF7B ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
16:25:10.0829 0x27ac  TapiSrv - ok
16:25:10.0891 0x27ac  [ D750CE2A52F1B95E654CF2904C88EF1F ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
16:25:10.0970 0x27ac  Tcpip - ok
16:25:11.0016 0x27ac  [ D750CE2A52F1B95E654CF2904C88EF1F ] TCPIP6          C:\WINDOWS\system32\DRIVERS\tcpip.sys
16:25:11.0063 0x27ac  TCPIP6 - ok
16:25:11.0079 0x27ac  [ 8F2A13A5DF99D72FDDE87F502A66F989 ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
16:25:11.0095 0x27ac  tcpipreg - ok
16:25:11.0126 0x27ac  [ 73DC722CE5DF26D7638CE2446F2655C7 ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
16:25:11.0157 0x27ac  tdx - ok
16:25:11.0157 0x27ac  [ F7C8AB5D8AFFAA318D6A21093D139BF4 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
16:25:11.0157 0x27ac  terminpt - ok
16:25:11.0188 0x27ac  [ 541EE228D0DEF392F7B2DFD885DD021B ] TermService     C:\WINDOWS\System32\termsrv.dll
16:25:11.0235 0x27ac  TermService - ok
16:25:11.0251 0x27ac  [ 519A6F672FFF56B7D8EE8C730CEC8ECD ] Themes          C:\WINDOWS\system32\themeservice.dll
16:25:11.0282 0x27ac  Themes - ok
16:25:11.0313 0x27ac  [ EEE908BE7143FCA48CF0CB87214E2AB8 ] THREADORDER     C:\WINDOWS\system32\mmcss.dll
16:25:11.0313 0x27ac  THREADORDER - ok
16:25:11.0360 0x27ac  [ 4515B9E4140F04FB3907692DF89FCA87 ] TimeBroker      C:\WINDOWS\System32\TimeBrokerServer.dll
16:25:11.0391 0x27ac  TimeBroker - ok
16:25:11.0407 0x27ac  [ 6F0BFF80EE2A5BC841286A51F893CBAD ] TPM             C:\WINDOWS\system32\drivers\tpm.sys
16:25:11.0423 0x27ac  TPM - ok
16:25:11.0454 0x27ac  [ 8C8CF3041B27E7657ADD0EE17F6DBFCA ] TrkWks          C:\WINDOWS\System32\trkwks.dll
16:25:11.0470 0x27ac  TrkWks - ok
16:25:11.0501 0x27ac  [ 8ABBB5CE0C62E0A6D28F32F44B7F865C ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
16:25:11.0501 0x27ac  TrustedInstaller - ok
16:25:11.0532 0x27ac  [ 4E7C5FB10A50435523DE0CAA37DE2BD3 ] TsUsbFlt        C:\WINDOWS\system32\drivers\tsusbflt.sys
16:25:11.0532 0x27ac  TsUsbFlt - ok
16:25:11.0563 0x27ac  [ 16D684A820872EE54F6370703AC0B513 ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
16:25:11.0563 0x27ac  TsUsbGD - ok
16:25:11.0579 0x27ac  [ 78C9EE193AC2B4CBDBC48B620314D740 ] tunnel          C:\WINDOWS\system32\DRIVERS\tunnel.sys
16:25:11.0595 0x27ac  tunnel - ok
16:25:11.0595 0x27ac  [ 6D4F67CA56ACA2085DFA2CD89EAFBC1A ] uagp35          C:\WINDOWS\system32\drivers\uagp35.sys
16:25:11.0610 0x27ac  uagp35 - ok
16:25:11.0610 0x27ac  [ 6FD6D03B7752C78712E5CFF29A305026 ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
16:25:11.0626 0x27ac  UASPStor - ok
16:25:11.0641 0x27ac  [ 7C33D8B8A5EA2321B84A1B6653CBD0DB ] UCX01000        C:\WINDOWS\System32\drivers\ucx01000.sys
16:25:11.0657 0x27ac  UCX01000 - ok
16:25:11.0673 0x27ac  [ DC5A461591C71AF7F19DC048A81E3F88 ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
16:25:11.0688 0x27ac  udfs - ok
16:25:11.0720 0x27ac  [ FB3475FEA1CCB0DAEA1EBE44D0E3BB7D ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
16:25:11.0751 0x27ac  UI0Detect - ok
16:25:11.0766 0x27ac  [ 07FEBCDF24FABA0D47B635D85A0FFB7A ] uliagpkx        C:\WINDOWS\system32\drivers\uliagpkx.sys
16:25:11.0782 0x27ac  uliagpkx - ok
16:25:11.0782 0x27ac  [ 02CEB3FE6152668A7BA420B93B664860 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
16:25:11.0813 0x27ac  umbus - ok
16:25:11.0829 0x27ac  [ 991EE6B5FC41EAEF99C8AF5B92F2CA09 ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
16:25:11.0829 0x27ac  UmPass - ok
16:25:11.0860 0x27ac  [ 43FEFB040A0CC30F795FBF544169594D ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
16:25:11.0876 0x27ac  UmRdpService - ok
16:25:11.0907 0x27ac  [ 14D22C411854AA2560AFC94CD2D5E61F ] upnphost        C:\WINDOWS\System32\upnphost.dll
16:25:11.0954 0x27ac  upnphost - ok
16:25:11.0954 0x27ac  [ C9E9D59C0099A9FF51697E9306A44240 ] USBAAPL64       C:\WINDOWS\System32\Drivers\usbaapl64.sys
16:25:11.0970 0x27ac  USBAAPL64 - ok
16:25:11.0970 0x27ac  [ 2AF9F0E16D75B8F783A1ACE74EF51C9B ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
16:25:11.0985 0x27ac  usbccgp - ok
16:25:12.0001 0x27ac  [ B395B62B62F28106218FA6FB17F4C797 ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
16:25:12.0016 0x27ac  usbcir - ok
16:25:12.0048 0x27ac  [ 52F267AEE8CA5AA5CEB88C6A71EE1E86 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
16:25:12.0048 0x27ac  usbehci - ok
16:25:12.0079 0x27ac  [ ADBF89B8E0BB372FEFE2E4B84E1E20AE ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
16:25:12.0095 0x27ac  usbhub - ok
16:25:12.0126 0x27ac  [ EA040D4C6C94F315A85F3D0EAA884B37 ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
16:25:12.0141 0x27ac  USBHUB3 - ok
16:25:12.0157 0x27ac  [ 325F6179009B5A7F6118951A5BA422AB ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
16:25:12.0157 0x27ac  usbohci - ok
16:25:12.0173 0x27ac  [ BA3ABE0CD1C14B3295BAD0F076B84CAC ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
16:25:12.0188 0x27ac  usbprint - ok
16:25:12.0204 0x27ac  [ F77177F6C95B2116EE7AD23B5EF57007 ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
16:25:12.0220 0x27ac  USBSTOR - ok
16:25:12.0220 0x27ac  [ D25EF4A6EC244C5DE85D88A05B7C149D ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
16:25:12.0235 0x27ac  usbuhci - ok
16:25:12.0251 0x27ac  [ 09799E701B4327097E9F63D3FE221083 ] usbvideo        C:\WINDOWS\System32\Drivers\usbvideo.sys
16:25:12.0266 0x27ac  usbvideo - ok
16:25:12.0282 0x27ac  [ 11C0CF143D246E2F0E9BDBF17A0CC70B ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
16:25:12.0298 0x27ac  USBXHCI - ok
16:25:12.0298 0x27ac  [ F702AB6181513303AB0FC8D59E52708B ] VaultSvc        C:\WINDOWS\system32\lsass.exe
16:25:12.0313 0x27ac  VaultSvc - ok
16:25:12.0313 0x27ac  [ BACECBFF9C97F7627A60B0E0F1FE7EE8 ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
16:25:12.0329 0x27ac  vdrvroot - ok
16:25:12.0360 0x27ac  [ 8A8CDA9E3CF2E0B4C6CC19FBC6FB9A71 ] vds             C:\WINDOWS\System32\vds.exe
16:25:12.0391 0x27ac  vds - ok
16:25:12.0391 0x27ac  [ 74FA2D4368DE6F6CE14393EDF1F342BE ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
16:25:12.0407 0x27ac  VerifierExt - ok
16:25:12.0438 0x27ac  [ 500BE6B2E49883720D0AE8BB859ED7A3 ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
16:25:12.0454 0x27ac  vhdmp - ok
16:25:12.0470 0x27ac  [ F5B4A14B00E89250C50982AC762DDD1D ] viaide          C:\WINDOWS\system32\drivers\viaide.sys
16:25:12.0485 0x27ac  viaide - ok
16:25:12.0501 0x27ac  [ 0E43886F01C85B47BA0A3157274BCF59 ] Vid             C:\WINDOWS\System32\drivers\Vid.sys
16:25:12.0516 0x27ac  Vid - ok
16:25:12.0532 0x27ac  [ 78DB50F7329F6D1311658DABFFFC8BE0 ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
16:25:12.0548 0x27ac  vmbus - ok
16:25:12.0548 0x27ac  [ ECFEE2F2BA3932C7880D1A8F67D68F91 ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
16:25:12.0563 0x27ac  VMBusHID - ok
16:25:12.0579 0x27ac  [ B4F432A51826FFC66F4DF72A83E8E4B1 ] vmbusr          C:\WINDOWS\System32\drivers\vmbusr.sys
16:25:12.0610 0x27ac  vmbusr - ok
16:25:12.0642 0x27ac  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicheartbeat   C:\WINDOWS\System32\ICSvc.dll
16:25:12.0704 0x27ac  vmicheartbeat - ok
16:25:12.0704 0x27ac  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
16:25:12.0720 0x27ac  vmickvpexchange - ok
16:25:12.0735 0x27ac  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicrdv         C:\WINDOWS\System32\ICSvc.dll
16:25:12.0735 0x27ac  vmicrdv - ok
16:25:12.0751 0x27ac  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicshutdown    C:\WINDOWS\System32\ICSvc.dll
16:25:12.0751 0x27ac  vmicshutdown - ok
16:25:12.0766 0x27ac  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmictimesync    C:\WINDOWS\System32\ICSvc.dll
16:25:12.0782 0x27ac  vmictimesync - ok
16:25:12.0782 0x27ac  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicvss         C:\WINDOWS\System32\ICSvc.dll
16:25:12.0798 0x27ac  vmicvss - ok
16:25:12.0798 0x27ac  [ CB60FAAED8B49B812EBBF77EB87D9B18 ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
16:25:12.0813 0x27ac  volmgr - ok
16:25:12.0829 0x27ac  [ A74101DA9809251BCD0E5A26BAE0F824 ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
16:25:12.0845 0x27ac  volmgrx - ok
16:25:12.0860 0x27ac  [ 2FB3CDFD5EAF4CD9D4AFAF96877D13AE ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
16:25:12.0876 0x27ac  volsnap - ok
16:25:12.0892 0x27ac  [ A8DA1C1B52ECEA3726DEBED4FF1B700D ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
16:25:12.0907 0x27ac  vpci - ok
16:25:12.0923 0x27ac  [ 0190AFFF28F600461C0164353CC7EE27 ] vpcivsp         C:\WINDOWS\System32\drivers\vpcivsp.sys
16:25:12.0938 0x27ac  vpcivsp - ok
16:25:12.0954 0x27ac  [ 38A60CD9C009C55C6D3B5586F8E6A353 ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
16:25:12.0970 0x27ac  vsmraid - ok
16:25:13.0001 0x27ac  [ D0C69E44BC1E1D4AD290FD84104623D8 ] VSS             C:\WINDOWS\system32\vssvc.exe
16:25:13.0063 0x27ac  VSS - ok
16:25:13.0079 0x27ac  [ A0F6FE0FC2F647C22BBFD6BD4249DBCC ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
16:25:13.0095 0x27ac  VSTXRAID - ok
16:25:13.0110 0x27ac  [ 62460A45435A26A334907E3F2EA45611 ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
16:25:13.0126 0x27ac  vwifibus - ok
16:25:13.0142 0x27ac  [ 095E943D27025E4D588AF0A72CC2318F ] vwififlt        C:\WINDOWS\system32\DRIVERS\vwififlt.sys
16:25:13.0157 0x27ac  vwififlt - ok
16:25:13.0157 0x27ac  [ 73FA1A41A97A5C34ADC03B3577FF1A86 ] vwifimp         C:\WINDOWS\system32\DRIVERS\vwifimp.sys
16:25:13.0173 0x27ac  vwifimp - ok
16:25:13.0204 0x27ac  [ F690B6EEAA94576727B24376D7ED3601 ] W32Time         C:\WINDOWS\system32\w32time.dll
16:25:13.0251 0x27ac  W32Time - ok
16:25:13.0251 0x27ac  [ 6B806E893714019969E2B50D7EF6A4D9 ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
16:25:13.0267 0x27ac  WacomPen - ok
16:25:13.0282 0x27ac  [ 61F6972FF9AC9A8D0B4D62076DC30051 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
16:25:13.0298 0x27ac  Wanarp - ok
16:25:13.0298 0x27ac  [ 61F6972FF9AC9A8D0B4D62076DC30051 ] Wanarpv6        C:\WINDOWS\system32\DRIVERS\wanarp.sys
16:25:13.0313 0x27ac  Wanarpv6 - ok
16:25:13.0360 0x27ac  [ 42DF22F8C448E7CD219F6D63743505E2 ] wbengine        C:\WINDOWS\system32\wbengine.exe
16:25:13.0423 0x27ac  wbengine - ok
16:25:13.0470 0x27ac  [ 31D37B2F6069C631EF0557D322924812 ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
16:25:13.0501 0x27ac  WbioSrvc - ok
16:25:13.0517 0x27ac  [ D9C1E82651BF19C6FF69CEC6FD400124 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
16:25:13.0532 0x27ac  Wcmsvc - ok
16:25:13.0563 0x27ac  [ 5B5FEAB51172F5513C2CF7B39CFA6A01 ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
16:25:13.0595 0x27ac  wcncsvc - ok
16:25:13.0610 0x27ac  [ E19556D414332E2BEBA1F368229006B4 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
16:25:13.0657 0x27ac  WcsPlugInService - ok
16:25:13.0673 0x27ac  [ B3A4D918DAB90505B6BC7B70632913CB ] Wd              C:\WINDOWS\system32\drivers\wd.sys
16:25:13.0673 0x27ac  Wd - ok
16:25:13.0720 0x27ac  [ 6F4B5DDDC3B86091E94BC47347A78AF7 ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
16:25:13.0720 0x27ac  WdBoot - ok
16:25:13.0767 0x27ac  [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM         C:\WINDOWS\System32\drivers\wdcsam64.sys
16:25:13.0767 0x27ac  WDC_SAM - ok
16:25:13.0798 0x27ac  [ 2ADC985B85A71BD7D99712EC0C24358B ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
16:25:13.0813 0x27ac  Wdf01000 - ok
16:25:13.0845 0x27ac  [ 99D404A9A0AFC4734E014EBEBAC13F8F ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
16:25:13.0845 0x27ac  WdFilter - ok
16:25:13.0876 0x27ac  [ 240FC332484572227CD1DF82407F33E5 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
16:25:13.0892 0x27ac  WdiServiceHost - ok
16:25:13.0892 0x27ac  [ 240FC332484572227CD1DF82407F33E5 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
16:25:13.0923 0x27ac  WdiSystemHost - ok
16:25:13.0954 0x27ac  [ F2002DA5E6B78C15B2CD48CFF8F0FBB6 ] WebClient       C:\WINDOWS\System32\webclnt.dll
16:25:13.0985 0x27ac  WebClient - ok
16:25:13.0985 0x27ac  [ 35FD720943D4FCD75C3275BF062FF140 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
16:25:14.0017 0x27ac  Wecsvc - ok
16:25:14.0032 0x27ac  [ 4D2612E3C462B68F499D840B1133263E ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
16:25:14.0095 0x27ac  wercplsupport - ok
16:25:14.0126 0x27ac  [ 5F70EBFC1F75B487DE79501E3CCBDB54 ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
16:25:14.0157 0x27ac  WerSvc - ok
16:25:14.0188 0x27ac  [ FE762D3498719C3A23471BBA62F747B4 ] WFPLWFS         C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
16:25:14.0204 0x27ac  WFPLWFS - ok
16:25:14.0204 0x27ac  [ 60E0C220593DA4F7C289CB909D2DBAE0 ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
16:25:14.0220 0x27ac  WiaRpc - ok
16:25:14.0235 0x27ac  [ A3C7624A42A3447EF5EDD1ED37FE4E60 ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
16:25:14.0251 0x27ac  WIMMount - ok
16:25:14.0267 0x27ac  WinDefend - ok
16:25:14.0313 0x27ac  [ 7911470B6018059A880469A63B65700A ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
16:25:14.0329 0x27ac  WinHttpAutoProxySvc - ok
16:25:14.0376 0x27ac  [ 3D6B518B71C75C8FA4115A33615C107A ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
16:25:14.0392 0x27ac  Winmgmt - ok
16:25:14.0454 0x27ac  [ 8E212A627F33F6FC3B5F3BB47212F66E ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
16:25:14.0532 0x27ac  WinRM - ok
16:25:14.0564 0x27ac  [ BB20956C424531003F7FA6CD36F11D5D ] WinUsb          C:\WINDOWS\system32\DRIVERS\WinUsb.sys
16:25:14.0579 0x27ac  WinUsb - ok
16:25:14.0626 0x27ac  [ 6351724B8FA0255C2DBD970297F00B93 ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
16:25:14.0673 0x27ac  WlanSvc - ok
16:25:14.0720 0x27ac  [ B330CE47FB74A6BE9A3FFFF4B3F64D9B ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
16:25:14.0782 0x27ac  wlidsvc - ok
16:25:14.0782 0x27ac  [ E2A596CACFC6504306CDB7B593B90084 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
16:25:14.0798 0x27ac  WmiAcpi - ok
16:25:14.0845 0x27ac  [ D113499052C5E541906B727779F0F959 ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
16:25:14.0860 0x27ac  wmiApSrv - ok
16:25:14.0860 0x27ac  WMPNetworkSvc - ok
16:25:14.0876 0x27ac  [ C6FF953D5D6F2EAE3B8883474D5076B3 ] wpcfltr         C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
16:25:14.0892 0x27ac  wpcfltr - ok
16:25:14.0907 0x27ac  [ A6ED163169876BFD2437E872FE2F1509 ] WPCSvc          C:\WINDOWS\System32\wpcsvc.dll
16:25:14.0923 0x27ac  WPCSvc - ok
16:25:14.0939 0x27ac  [ 3013658A4D327854BEEC4A08D9655194 ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
16:25:14.0954 0x27ac  WPDBusEnum - ok
16:25:14.0970 0x27ac  [ 0346CAFC181C91C6E2330332EB332ED6 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
16:25:15.0001 0x27ac  WpdUpFltr - ok
16:25:15.0034 0x27ac  [ BC8B5CB336E63BB25EAD1CE8EDD34B81 ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
16:25:15.0064 0x27ac  ws2ifsl - ok
16:25:15.0080 0x27ac  [ 012CFE7F0F95266F554EE3B91EE2128A ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
16:25:15.0095 0x27ac  wscsvc - ok
16:25:15.0126 0x27ac  [ 74EFDA0526862C3D8D01A776182798EA ] WSDPrintDevice  C:\WINDOWS\System32\drivers\WSDPrint.sys
16:25:15.0142 0x27ac  WSDPrintDevice - ok
16:25:15.0173 0x27ac  [ FA07DF46070F0826139709EF4D31FB71 ] WSDScan         C:\WINDOWS\system32\DRIVERS\WSDScan.sys
16:25:15.0173 0x27ac  WSDScan - ok
16:25:15.0189 0x27ac  WSearch - ok
16:25:15.0267 0x27ac  [ C10BFFEE7E0D7A1366E84F251796C51D ] WSService       C:\WINDOWS\System32\WSService.dll
16:25:15.0330 0x27ac  WSService - ok
16:25:15.0845 0x27ac  [ BE302BABE45EC05995F8DC66E37BBB3D ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
16:25:15.0955 0x27ac  wuauserv - ok
16:25:16.0001 0x27ac  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
16:25:16.0017 0x27ac  WudfPf - ok
16:25:16.0017 0x27ac  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
16:25:16.0048 0x27ac  WUDFRd - ok
16:25:16.0048 0x27ac  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFSensorLP    C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
16:25:16.0064 0x27ac  WUDFSensorLP - ok
16:25:16.0080 0x27ac  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
16:25:16.0111 0x27ac  wudfsvc - ok
16:25:16.0126 0x27ac  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFWpdFs       C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
16:25:16.0126 0x27ac  WUDFWpdFs - ok
16:25:16.0142 0x27ac  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFWpdMtp      C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
16:25:16.0142 0x27ac  WUDFWpdMtp - ok
16:25:16.0189 0x27ac  [ F9D8D2E6ECE08B278621D5BF3A7240A6 ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
16:25:16.0220 0x27ac  WwanSvc - ok
16:25:16.0236 0x27ac  ================ Scan global ===============================
16:25:16.0267 0x27ac  [ DDC1AFBF9DDF880CE9BD3896114D8DED ] C:\WINDOWS\system32\basesrv.dll
16:25:16.0283 0x27ac  [ E9343076AE704D20BB0D01F3AF3EFFEF ] C:\WINDOWS\system32\winsrv.dll
16:25:16.0298 0x27ac  [ BD7C6949984D19AAA609896B675E7357 ] C:\WINDOWS\system32\sxssrv.dll
16:25:16.0330 0x27ac  [ 8F226143046435C75C033B0C52E90FFE ] C:\WINDOWS\system32\services.exe
16:25:16.0345 0x27ac  [Global] - ok
16:25:16.0345 0x27ac  ================ Scan MBR ==================================
16:25:16.0345 0x27ac  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:25:16.0627 0x27ac  \Device\Harddisk0\DR0 - ok
16:25:16.0627 0x27ac  ================ Scan VBR ==================================
16:25:16.0627 0x27ac  [ F704171A37E8212DC03993659E840620 ] \Device\Harddisk0\DR0\Partition1
16:25:16.0627 0x27ac  \Device\Harddisk0\DR0\Partition1 - ok
16:25:16.0627 0x27ac  [ 9AA4E8672BBC648FBCDEB2DCA0AB935B ] \Device\Harddisk0\DR0\Partition2
16:25:16.0627 0x27ac  \Device\Harddisk0\DR0\Partition2 - ok
16:25:16.0627 0x27ac  ============================================================
16:25:16.0627 0x27ac  Scan finished
16:25:16.0627 0x27ac  ============================================================
16:25:16.0642 0x1130  Detected object count: 0
16:25:16.0642 0x1130  Actual detected object count: 0
16:34:59.0234 0x2780  Deinitialize success
 

AdwCleaner

# AdwCleaner v3.001 - Report created 26/08/2013 at 16:35:37
# Updated 24/08/2013 by Xplode
# Operating System : Windows 8 Pro  (64 bits)
# Username : Josh - JOSH-PC
# Running from : C:\Users\Josh\Desktop\AdwCleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Found : HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\Conduit
Key Found : HKLM\Software\AVG Secure Search
Key Found : HKLM\Software\AVG Security Toolbar
Key Found : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v10.0.9200.16537
 
 
-\\ Google Chrome v29.0.1547.57
 
[ File : C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [844 octets] - [26/08/2013 16:35:37]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [903 octets] ##########
 

 

Farbar Service Scanner

Farbar Service Scanner Version: 18-08-2013
Ran by Josh (administrator) on 26-08-2013 at 21:20:58
Running from "C:\Users\Josh\Desktop"
Microsoft Windows 8 Pro  (X64)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
 
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
 
 
Windows Firewall:
=============
 
Firewall Disabled Policy: 
==================
 
 
System Restore:
============
 
System Restore Disabled Policy: 
========================
 
 
Action Center:
============
 
 
Windows Update:
============
 
Windows Autoupdate Disabled Policy: 
============================
 
 
Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend: ""%ProgramFiles%\Windows Defender\MsMpEng.exe"".
 
 
Windows Defender Disabled Policy: 
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1
 
 
Other Services:
==============
 
 
File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys
[2013-06-20 14:47] - [2013-05-04 02:45] - 2233600 ____A (Microsoft Corporation) D750CE2A52F1B95E654CF2904C88EF1F
 
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MsMpEng.exe => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
 
 
**** End of log ****

 

 

MiniToolBox

MiniToolBox by Farbar  Version: 13-07-2013
Ran by Josh (administrator) on 26-08-2013 at 21:21:53
Running from "C:\Users\Josh\Desktop"
Microsoft Windows 8 Pro  (X64)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
 
 
 
 
 
::1  localhost 
 
127.0.0.1  localhost
127.0.0.1  fr.a2dfp.net
127.0.0.1  m.fr.a2dfp.net
127.0.0.1  ad.a8.net
127.0.0.1  asy.a8ww.net
127.0.0.1  abcstats.com
127.0.0.1  a.abv.bg
127.0.0.1  adserver.abv.bg
127.0.0.1  adv.abv.bg
127.0.0.1  bimg.abv.bg
127.0.0.1  ca.abv.bg
127.0.0.1  www2.a-counter.kiev.ua
127.0.0.1  track.acclaimnetwork.com
 
There are 12643 more lines starting with "127.0.0.1"
 
========================= IP Configuration: ================================
 
Realtek PCIe GBE Family Controller = Ethernet (Connected)
Apple Mobile Device Ethernet = Local Area Connection (Hardware not present)
Qualcomm Atheros AR9285 Wireless Network Adapter = Wi-Fi (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
set interface interface="Local Area Connection* 9" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Wi-Fi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 11" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="other_0" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 12" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : Josh-PC
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : hsd1.mn.comcast.net.
 
Wireless LAN adapter Local Area Connection* 11:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
   Physical Address. . . . . . . . . : 62-B7-C3-46-A8-A5
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Ethernet adapter Ethernet:
 
   Connection-specific DNS Suffix  . : hsd1.mn.comcast.net.
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : E8-03-9A-F6-A8-F0
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::41a8:110:7f55:7bab%13(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.0.109(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Monday, August 26, 2013 9:37:22 AM
   Lease Expires . . . . . . . . . . : Monday, August 26, 2013 11:07:19 PM
   Default Gateway . . . . . . . . . : 192.168.0.1
   DHCP Server . . . . . . . . . . . : 192.168.0.1
   DHCPv6 IAID . . . . . . . . . . . : 367526810
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-5E-F0-5F-50-B7-C3-46-A8-A5
   DNS Servers . . . . . . . . . . . : 192.168.0.1
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Wireless LAN adapter Wi-Fi:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Qualcomm Atheros AR9285 Wireless Network Adapter
   Physical Address. . . . . . . . . : 50-B7-C3-46-A8-A5
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.hsd1.mn.comcast.net.:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : hsd1.mn.comcast.net.
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 13:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:4f7:3969:3f57:ff92(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::4f7:3969:3f57:ff92%16(Preferred) 
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  UnKnown
Address:  192.168.0.1
 
Name:    google.com
Addresses:  2607:f8b0:4009:805::1007
 74.125.225.131
 74.125.225.142
 74.125.225.130
 74.125.225.128
 74.125.225.133
 74.125.225.134
 74.125.225.137
 74.125.225.136
 74.125.225.135
 74.125.225.132
 74.125.225.129
 
 
Pinging google.com [74.125.225.70] with 32 bytes of data:
Reply from 74.125.225.70: bytes=32 time=583ms TTL=56
Reply from 74.125.225.70: bytes=32 time=606ms TTL=56
 
Ping statistics for 74.125.225.70:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 583ms, Maximum = 606ms, Average = 594ms
Server:  UnKnown
Address:  192.168.0.1
 
Name:    yahoo.com
Addresses:  98.139.183.24
 206.190.36.45
 98.138.253.109
 
 
Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=70ms TTL=50
Reply from 98.139.183.24: bytes=32 time=52ms TTL=50
 
Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 52ms, Maximum = 70ms, Average = 61ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 14...62 b7 c3 46 a8 a5 ......Microsoft Wi-Fi Direct Virtual Adapter
 13...e8 03 9a f6 a8 f0 ......Realtek PCIe GBE Family Controller
 12...50 b7 c3 46 a8 a5 ......Qualcomm Atheros AR9285 Wireless Network Adapter
  1...........................Software Loopback Interface 1
 15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 16...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.0.1    192.168.0.109     20
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.0.0    255.255.255.0         On-link     192.168.0.109    276
    192.168.0.109  255.255.255.255         On-link     192.168.0.109    276
    192.168.0.255  255.255.255.255         On-link     192.168.0.109    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.0.109    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.0.109    276
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 16    306 ::/0                     On-link
  1    306 ::1/128                  On-link
 16    306 2001::/32                On-link
 16    306 2001:0:4137:9e76:4f7:3969:3f57:ff92/128
                                    On-link
 13    276 fe80::/64                On-link
 16    306 fe80::/64                On-link
 16    306 fe80::4f7:3969:3f57:ff92/128
                                    On-link
 13    276 fe80::41a8:110:7f55:7bab/128
                                    On-link
  1    306 ff00::/8                 On-link
 16    306 ff00::/8                 On-link
 13    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\WINDOWS\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\SysWOW64\pnrpnsp.dll [67584] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\SysWOW64\pnrpnsp.dll [67584] (Microsoft Corporation)
Catalog5 04 C:\WINDOWS\SysWOW64\NLAapi.dll [55296] (Microsoft Corporation)
Catalog5 05 C:\WINDOWS\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog5 06 C:\WINDOWS\SysWOW64\winrnr.dll [21504] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\WINDOWS\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [66560] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [85504] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [85504] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [72192] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [53760] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (08/25/2013 10:50:16 AM) (Source: LogMeIn Guardian) (User: NT AUTHORITY)
Description: LogMeIn Guardian has detected a problem with the LogMeIn software installed on this machine. The problem is locally identified by the following reference ID: 'ee60d0dc9bb0a98e634c3641548cf1ac'.
 
Error: (08/25/2013 10:50:11 AM) (Source: Chrome) (User: NT AUTHORITY)
Description: Chrome has encountered a fatal error.
ver=29.0.1547.57;lang=;id=;is_machine=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\f516ce6c-39fe-469a-a12b-7e33fc892b0c.dmp
 
Error: (08/21/2013 02:01:42 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 59266
 
Error: (08/21/2013 02:01:42 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 59266
 
Error: (08/21/2013 02:01:42 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (08/21/2013 02:01:40 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 58031
 
Error: (08/21/2013 02:01:40 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 58031
 
Error: (08/21/2013 02:01:40 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (08/21/2013 02:01:39 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 56735
 
Error: (08/21/2013 02:01:39 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 56735
 
 
System errors:
=============
Error: (08/23/2013 11:29:08 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10.
 
Error: (08/23/2013 11:29:08 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10.
 
Error: (08/23/2013 11:29:08 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10.
 
Error: (08/23/2013 11:29:08 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10.
 
Error: (08/23/2013 05:08:42 PM) (Source: DCOM) (User: JOSH-PC)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
 
Error: (08/23/2013 00:30:33 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10.
 
Error: (08/23/2013 00:30:33 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10.
 
Error: (08/23/2013 00:30:31 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10.
 
Error: (08/23/2013 00:30:31 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10.
 
Error: (08/23/2013 00:21:02 PM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error: 
%%5
 
 
Microsoft Office Sessions:
=========================
Error: (08/25/2013 10:50:16 AM) (Source: LogMeIn Guardian)(User: NT AUTHORITY)
Description: ee60d0dc9bb0a98e634c3641548cf1ac
 
Error: (08/25/2013 10:50:11 AM) (Source: Chrome)(User: NT AUTHORITY)
Description: Chrome has encountered a fatal error.
ver=29.0.1547.57;lang=;id=;is_machine=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\f516ce6c-39fe-469a-a12b-7e33fc892b0c.dmp
 
Error: (08/21/2013 02:01:42 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 59266
 
Error: (08/21/2013 02:01:42 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 59266
 
Error: (08/21/2013 02:01:42 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (08/21/2013 02:01:40 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 58031
 
Error: (08/21/2013 02:01:40 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 58031
 
Error: (08/21/2013 02:01:40 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (08/21/2013 02:01:39 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 56735
 
Error: (08/21/2013 02:01:39 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 56735
 
 
=========================== Installed Programs ============================
 
µTorrent (Version: 3.3.0.29126)
Actual Window Manager 8.0.1 (Version: 8.0.1)
Adobe Acrobat X Pro - English, Français, Deutsch (Version: 10.1.7)
Adobe AIR (Version: 3.5.0.1060)
Air Video Server 2.4.6-beta3 (Version: 2.4.6-beta3)
Akamai NetSession Interface
Apple Application Support (Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (Version: 2.1.3.127)
AVG 2013 (Version: 13.0.3211)
AVG 2013 (Version: 13.0.3392)
AVG 2013 (Version: 2013.0.3392)
Bonjour (Version: 3.0.0.10)
CambridgeSoft ChemBioOffice 2012 (Version: 13.0)
CCleaner (Version: 3.27)
DAEMON Tools Lite (Version: 4.46.1.0328)
Dota 2
DriveImage XML (Private Edition) (Version: 2.44.000)
Dropbox (Version: 2.0.22)
Easy Display Manager (Version: 3.2)
ETDWare PS/2-X64 10.7.17.5_WHQL (Version: 10.7.17.5)
Fences 2 (Version: 2.01)
Gaussian 09W
GaussView 5.0.8 (Version: 5.0)
Google Chrome (Version: 29.0.1547.57)
Google Update Helper (Version: 1.3.21.153)
GPL Ghostscript (Version: 9.06)
HP Officejet Pro 8600 Basic Device Software (Version: 28.0.1315.0)
HP Officejet Pro 8600 Help (Version: 28.0.0)
HP Update (Version: 5.003.003.001)
HPDiagnosticAlert (Version: 1.00.0000)
I.R.I.S. OCR (Version: 12.3.4.0)
iExplorer 3.2.3.3
Intel® Processor Graphics (Version: 9.17.10.2932)
iSEEK AnswerWorks English Runtime (Version: 010.000.0101)
iSkysoft DVD Ripper(Build 2.6.1.3)
iTunes (Version: 11.0.5.5)
Java 7 Update 25 (Version: 7.0.250)
Java Auto Updater (Version: 2.1.9.5)
LastPass (uninstall only)
LogMeIn (Version: 4.1.2634)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
MediaInfo 0.7.62 (Version: 0.7.62)
Microsoft Mouse and Keyboard Center (Version: 2.1.177.0)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
MiKTeX 2.9 (Version: 2.9)
NoMachine Player 4.0.181 (Version: 4.0.181)
NX Client for Windows 3.5.0-9 (Version: 3.5.0-9)
Pcmodel v93
PuTTY version 0.62 (Version: 0.62)
Quicken 2012 (Version: 21.1.7.18)
Quicken 2013 (Version: 22.1.12.7)
QuickTime (Version: 7.74.80.86)
Samsung Update Plus (Version: 3.0.1.17)
Shutterfly Express Uploader (Version: 1.2.0)
Shutterfly Express Uploader (Version: 1.2.0.0)
Skype™ 6.6 (Version: 6.6.106)
SpeedFan (remove only)
Steam (Version: 1.0.0.0)
Texmaker
TextPad 5 (Version: 5.2.0)
TorGuard Deluge 1.3.5-Jfix (Version: 1.3.5-Jfix)
Unity Web Player (Version: )
Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1)
VLC media player 2.0.5 (Version: 2.0.5)
WinRAR 4.20 (64-bit) (Version: 4.20.0)
WinSCP 5.1.3 (Version: 5.1.3)
WinX Free VOB to MP4 Converter 2.0.9
Wisdom-soft ScreenHunter 6.0 Free
Xming-mesa 6.9.0.31 (Version: 6.9.0.31)
Yahoo! Messenger
 
========================= Devices: ================================
 
Name: Apple Mobile Device Ethernet
Description: Apple Mobile Device Ethernet
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Apple
Service: Netaapl
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 23%
Total physical RAM: 7891.53 MB
Available physical RAM: 6010.89 MB
Total Pagefile: 9107.54 MB
Available Pagefile: 6936.74 MB
Total Virtual: 4095.88 MB
Available Virtual: 3972.09 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:465.66 GB) (Free:158.59 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\JOSH-PC
 
Administrator            Guest                    Josh                     
 
========================= Minidump Files ==================================
 
No minidump file found
 
========================= Restore Points ==================================
 
08-08-2013 17:38:32 Scheduled Checkpoint
16-08-2013 14:58:50 Scheduled Checkpoint
24-08-2013 08:02:04 Scheduled Checkpoint
 
**** End of log ****
 

 



#4 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:12:41 AM

Posted 27 August 2013 - 03:15 AM

Hi

 

Please do the following next:

 

:step1:

 

Clear the Java cache

Clearing the Java Plug-in cache forces the browser to load the latest versions of web pages and programs.
Malicious software can frequently reside in the java cache.

To clear the Java Plug-in cache:

  • Click the Windows "Orb" Start button > Control Panel.

  • Double-click the Java icon in the control panel. The Java Control Panel appears.
  • Click Settings under Temporary Internet Files.The Temporary Files Settings dialog box appears.
  • Click Delete Files. The Delete Temporary Files dialog box appears.
  • Click OK on Delete Temporary Files window.
    Note: This deletes all the Downloaded Applications and Applets from the cache.
  • Click OK on Temporary Files Settings window. 
  • Click OK on Java Control Panel window. 

You can also view these instructions along with screenshots here.

 

 

:step2:

 

Do you get the redirects in just one browser or many? - If so which?


Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#5 macman104

macman104
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:07:41 PM

Posted 27 August 2013 - 01:55 PM

Ok, I did that.

 

Sorry, maybe I wasn't entirely clear before, I am not suffering from the browser hijacker I referenced in the earlier post.  I just wanted someone to walk me through a fairly thorough scanning and cleaning of my computer (moreso than malwarebytes and the free AVG that I currently use on my computer).  I am not sure there was anything on my computer, but I haven't really looked very carefully in quite a very long time.



#6 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:12:41 AM

Posted 27 August 2013 - 05:54 PM

Hi

We are having a look at your PC via various tools.

Please do the following next:

:step1:

Going over your logs I noticed that you have utorrent installed.

  • Avoid peer-to-peer (P2P) file sharing programs.
  • They are a security risk which can make your computer susceptible to a wide variety of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.
  • P2p programs share a directory or set of directories on your computer to the world. Anyone can type in a search, and potentially download something from your computer. This makes the machine an open web server -- massively increasing the attack surface of the machine.
  • To reduce the risk of infection avoid using any P2P applications.

It is pretty much certain that if you continue to use P2P programs, you will get infected again.
I would recommend that you uninstall utorrent, however that choice is up to you.

If you choose to remove these programs, you can do so via:

For Vista / Win 7:

  • Click the "Windows Orb" start button.
  • Click Control Panel then Programs and Features..

For Win 8:

  • Open Control Panel then Programs and Features..

If you wish to keep it, please do not use it until your computer is cleaned.


:step2:

  • Launch Malwarebytes' Anti-Malware (MBAM)
  • Click on the tab update, then click Check for Updates
  • If an update is found, it will download and install the latest version.
  • Then on the Scanner tab select Perform full scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad.
  • Post the full contents of the log in your next reply.

Note: Be sure to restart the computer.

The log can also be found here:
C:\Users\<Username>\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt


:step3:

I'd like us to scan your machine with ESET Online Scanner:

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.

Note: Vista / Windows 7 / Windows 8 users: You will need to to right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from the context menu.

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png  button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the esetsmartinstaller_enu.png
       icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • On ESET: Click the Back button, then the Finish button.

Note: Do not forget to re-enable your Anti-Virus application after running the above scan!


Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users