Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Certain programs do not launch,possible malware


  • Please log in to reply
17 replies to this topic

#1 Papadopoulos

Papadopoulos

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:07:54 PM

Posted 28 September 2014 - 05:50 PM

Some of my programs dont launch when I click their .exe files.The waiting circle appears next to my mouse cursor for a few seconds and then nothing happens.No error messages or anything.Possible malware infection?

Thanks in advance for your help. :)

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 10.0.9200.16843  BrowserJavaVersion: 11.0.2
Run by Giannis at 1:28:43 on 2014-09-29
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.1.1033.18.4079.2155 [GMT 3:00]
.
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
C:\Program Files\WTouch\WTouchService.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Program Files\WTouch\WTouchUser.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Users\Giannis\AppData\Local\MEDIAF~1\MFUSNM~1.EXE
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\Pen_Tablet.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\WUDFHost.exe
C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
C:\Program Files\Tablet\Pen\WacomHost.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Tablet\Pen\Pen_Tablet.exe
C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Users\Giannis\AppData\Roaming\uTorrent\uTorrent.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Users\Giannis\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Program Files\CCleaner\CCleaner64.exe
C:\Program Files\Logitech\SetPoint II\SetPointII.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Users\Giannis\AppData\Local\Apps\2.0\G4MPM1X5.WW6\D7A3DBOD.NBE\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b6290e21932c\CurseClient.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre8\bin\ssv.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre8\bin\jp2ssv.dll
uRun: [uTorrent] "C:\Users\Giannis\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
uRun: [f.lux] "C:\Users\Giannis\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
uRun: [MediaFire Tray] C:\Users\Giannis\AppData\Local\MediaFire Desktop\mf_watch.exe
uRun: [MK LOL] "C:\Program Files (x86)\MKJogo\MK IM\Bin\MKIM.exe" -auto
uRun: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [BambooCore] C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
StartupFolder: C:\Users\Giannis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SETPOI~1.LNK - C:\Program Files\Logitech\SetPoint II\SetPointII.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
   If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{0A578128-B6A9-4798-9308-562FAE622D68} : DHCPNameServer = 192.168.1.1
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre8\bin\ssv.dll
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre8\bin\jp2ssv.dll
x64-Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
.
INFO: x64-HKLM has more than 50 listed domains.
   If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
Hosts: 127.0.0.1 www.spywareinfo.com
Hosts: 194.145.200.27 pagead2.googlesyndication.com
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2014-9-29 65776]
R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2014-9-29 224896]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2014-9-29 1041168]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswsp.sys [2014-9-29 427360]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2014-4-8 283064]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2013-12-6 239616]
R2 aswHwid;avast! HardwareID;C:\Windows\System32\drivers\aswHwid.sys [2014-9-29 29208]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2014-9-29 79184]
R2 aswStm;aswStm;C:\Windows\System32\drivers\aswStm.sys [2014-9-29 92008]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-9-29 50344]
R2 MF NTFS Monitor;MediaFire NTFS Monitor;C:\Users\Giannis\AppData\Local\MEDIAF~1\MFUSNM~1.EXE [2014-6-12 456504]
R2 mfmonitor;mfmonitor;C:\Windows\System32\drivers\mfmonitor_x64.sys [2014-6-12 20696]
R2 TabletServicePen;TabletServicePen;C:\Windows\System32\Pen_Tablet.exe [2014-6-12 5556520]
R2 WTabletServiceCon;Wacom Consumer Service;C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [2014-6-12 627992]
R2 WTouchService;WTouch Service;C:\Program Files\WTouch\WTouchService.exe [2014-6-12 127784]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2013-9-24 94208]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1C62x64.sys [2010-8-24 76912]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-7-9 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-7-9 123856]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;C:\Program Files (x86)\Steam\SteamApps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [2014-3-18 25832]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168]
S3 hidkmdf;KMDF Driver;C:\Windows\System32\drivers\hidkmdf.sys [2014-6-12 14136]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-21 20992]
S3 Synth3dVsc;Synth3dVsc;C:\Windows\System32\drivers\Synth3dVsc.sys [2010-11-21 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2010-11-21 34816]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 tsusbhub;tsusbhub;C:\Windows\System32\drivers\tsusbhub.sys [2010-11-21 117248]
S3 WacHidRouter;Wacom Hid Router;C:\Windows\System32\drivers\wachidrouter.sys [2014-6-12 90424]
S3 wacomrouterfilter;Wacom Router Filter Driver;C:\Windows\System32\drivers\wacomrouterfilter.sys [2014-6-12 15160]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2014-3-9 1255736]
.
=============== Created Last 30 ================
.
2014-09-28 22:22:57 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{40A141F5-E049-41AF-BA6F-A315E38603CC}\offreg.dll
2014-09-28 22:15:40 701104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-09-28 22:03:09 -------- d-sh--w- C:\$RECYCLE.BIN
2014-09-28 21:38:05 -------- d-----w- C:\Users\Giannis\AppData\Roaming\Dropbox
2014-09-28 21:36:55 -------- d-----w- C:\Users\Giannis\AppData\Roaming\AVAST Software
2014-09-28 21:35:45 92008 ----a-w- C:\Windows\System32\drivers\aswStm.sys
2014-09-28 21:35:44 224896 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
2014-09-28 21:35:43 1041168 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2014-09-28 21:35:42 79184 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2014-09-28 21:35:42 65776 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
2014-09-28 21:35:41 93568 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2014-09-28 21:35:41 29208 ----a-w- C:\Windows\System32\drivers\aswHwid.sys
2014-09-28 21:35:36 43152 ----a-w- C:\Windows\avastSS.scr
2014-09-28 21:34:07 -------- d-----w- C:\Program Files\AVAST Software
2014-09-28 21:33:38 -------- d-----w- C:\ProgramData\AVAST Software
2014-09-28 21:30:42 -------- d-----w- C:\Program Files\CCleaner
2014-09-28 21:13:03 122584 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-09-28 21:12:53 91352 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-09-28 21:12:53 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
2014-09-28 21:12:53 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-09-28 21:12:53 -------- d-----w- C:\ProgramData\Malwarebytes
2014-09-28 21:12:53 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-28 19:45:49 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-09-25 20:34:36 -------- d-----w- C:\Program Files (x86)\TeamSpeak 3 Client
2014-09-22 19:24:19 -------- d-----w- C:\Users\Giannis\AppData\Roaming\HeroesAndGeneralsDesktop
2014-09-22 10:47:38 -------- d-----w- C:\Users\Giannis\AppData\Roaming\stetic
2014-09-22 10:47:34 -------- d-----w- C:\Users\Giannis\AppData\Roaming\MonoDevelop-Unity-4.0
2014-09-22 10:47:24 -------- d-----w- C:\Users\Giannis\AppData\Local\MonoDevelop-Unity-4.0
2014-09-21 18:52:59 -------- d-----w- C:\Users\Giannis\AppData\Local\Harebrained Schemes
2014-09-20 17:06:53 -------- d-----w- C:\Users\Giannis\AppData\Local\Apple Computer
2014-09-20 17:06:50 -------- d-----w- C:\ProgramData\Unity
2014-09-20 11:04:26 -------- d-----w- C:\Users\Giannis\AppData\Local\Ankama
2014-09-17 22:58:16 -------- d-----w- C:\Users\Giannis\jagexcache
2014-09-12 21:05:44 -------- d-----w- C:\Program Files (x86)\Unity
2014-09-08 21:23:27 -------- d-----w- C:\Program Files (x86)\Strife
2014-09-05 18:45:18 -------- d-----w- C:\ProgramData\Oracle
2014-09-05 00:38:57 -------- d-----w- C:\Program Files (x86)\Space Run
2014-09-04 22:50:03 -------- d-----w- C:\Program Files (x86)\MKJogo
2014-09-04 14:33:00 -------- d-----w- C:\Program Files (x86)\Star Realms
2014-09-04 12:11:20 11319192 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{40A141F5-E049-41AF-BA6F-A315E38603CC}\mpengine.dll
.
==================== Find3M  ====================
.
2014-08-25 03:53:42 270496 ------w- C:\Windows\System32\MpSigStub.exe
2014-07-31 02:08:59 20696 ----a-w- C:\Windows\System32\drivers\mfmonitor_x64.sys
.
============= FINISH:  1:29:10.21 ===============
 

 

 

Attached Files



BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 38,746 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:12:54 PM

Posted 02 October 2014 - 08:12 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).
===

Download the version of this tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
===

Please paste the logs in your next reply DO NOT ATTACH THEM unless specified.
To attach a file select the "More Reply Option" and follow the instructions.

How is the computer running?
Wait for further instructions.

#3 nasdaq

nasdaq

  • Malware Response Team
  • 38,746 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:12:54 PM

Posted 07 October 2014 - 09:05 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.

#4 nasdaq

nasdaq

  • Malware Response Team
  • 38,746 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:12:54 PM

Posted 08 October 2014 - 12:23 PM

This topic has been re-opened at the request of the person who originally posted.

#5 Papadopoulos

Papadopoulos
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:07:54 PM

Posted 08 October 2014 - 01:50 PM

AdwCleaner log:

 

# AdwCleaner v3.311 - Report created 08/10/2014 at 19:36:51

# Updated 30/09/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Giannis - GIANNIS-PC
# Running from : C:\Users\Giannis\Desktop\adwcleaner_3.311.exe
# Option : Clean
 
***** [ Services ] *****
 
[#] Service Deleted : Update AdvanceElite
[#] Service Deleted : Util AdvanceElite
Service Deleted : {bb7b7a60-f574-47c2-8a0b-4c56f2da9802}Gw64
 
***** [ Files / Folders ] *****
 
[!] Folder Deleted : C:\Program Files (x86)\AdvanceElite
Folder Deleted : C:\Users\Giannis\AppData\Local\Temp\OCS
Folder Deleted : C:\Users\Giannis\AppData\Local\Temp\AdvanceElite
File Deleted : C:\END
File Deleted : C:\Windows\System32\drivers\{bb7b7a60-f574-47c2-8a0b-4c56f2da9802}Gw64.sys
File Deleted : C:\Users\Giannis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\Giannis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
 
***** [ Scheduled Tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AdvanceElite_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AdvanceElite_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\updateAdvanceElite_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\updateAdvanceElite_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\utilAdvanceElite_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\utilAdvanceElite_RASMANCS
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Update AdvanceElite
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Util AdvanceElite
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3b2cb4c8-72ab-4b25-8fa1-219b36a60bed}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D6625FAD-EF8D-465C-B9D3-81BB22C40253}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9303da31-7a21-45fd-bd61-03ea56853012}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3b2cb4c8-72ab-4b25-8fa1-219b36a60bed}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3b2cb4c8-72ab-4b25-8fa1-219b36a60bed}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3b2cb4c8-72ab-4b25-8fa1-219b36a60bed}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D6625FAD-EF8D-465C-B9D3-81BB22C40253}
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\OCS
Key Deleted : HKCU\Software\AdvanceElite
Key Deleted : HKLM\SOFTWARE\AdvanceElite
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AdvanceElite
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v10.0.9200.16843
 
 
-\\ Google Chrome v37.0.2062.124
 
[ File : C:\Users\Giannis\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
 
*************************
 
AdwCleaner[R0].txt - [4384 octets] - [08/10/2014 19:33:29]
AdwCleaner[S0].txt - [4001 octets] - [08/10/2014 19:36:51]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4061 octets] ##########
 
 
Farbar log:
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-10-2014 01
Ran by Giannis (administrator) on GIANNIS-PC on 08-10-2014 19:48:48
Running from C:\Users\Giannis\Desktop\New folder
Loaded Profile: Giannis (Available profiles: Giannis)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 10
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(Wacom Technology, Corp.) C:\Program Files\WTouch\WTouchService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Wacom Technology, Corp.) C:\Program Files\WTouch\WTouchUser.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Users\Giannis\AppData\Local\MediaFire Desktop\MFUsnMonitorService.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Wacom Technology, Corp.) C:\Windows\System32\Pen_Tablet.exe
(Flux Software LLC) C:\Users\Giannis\AppData\Local\FluxSoftware\Flux\flux.exe
(BitTorrent Inc.) C:\Users\Giannis\AppData\Roaming\uTorrent\uTorrent.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Logitech Inc.) C:\Program Files\Logitech\SetPoint II\SetPointII.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
() C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
(Curse) C:\Users\Giannis\AppData\Local\Apps\2.0\G4MPM1X5.WW6\D7A3DBOD.NBE\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b6290e21932c\CurseClient.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [Kernel and Hardware Abstraction Layer] => C:\Windows\KHALMNPR.EXE [130576 2009-06-17] (Logitech, Inc.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11660904 2010-11-30] (Realtek Semiconductor)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [224128 2014-03-04] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BambooCore] => C:\Program Files (x86)\Bamboo Dock\BambooCore.exe [646744 2012-10-16] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-09-29] (AVAST Software)
HKU\S-1-5-21-3976655141-4257086221-1959697038-1000\...\Run: [uTorrent] => C:\Users\Giannis\AppData\Roaming\uTorrent\uTorrent.exe [1385808 2014-10-08] (BitTorrent Inc.)
HKU\S-1-5-21-3976655141-4257086221-1959697038-1000\...\Run: [f.lux] => C:\Users\Giannis\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-24] (Flux Software LLC)
HKU\S-1-5-21-3976655141-4257086221-1959697038-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-3976655141-4257086221-1959697038-1000\...\Run: [MediaFire Tray] => C:\Users\Giannis\AppData\Local\MediaFire Desktop\mf_watch.exe [3822920 2014-09-12] ()
HKU\S-1-5-21-3976655141-4257086221-1959697038-1000\...\Run: [MK LOL] => C:\Program Files (x86)\MKJogo\MK IM\Bin\MKIM.exe [1092296 2014-09-26] ()
HKU\S-1-5-21-3976655141-4257086221-1959697038-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6480664 2014-09-25] (Piriform Ltd)
HKU\S-1-5-21-3976655141-4257086221-1959697038-1000\...\MountPoints2: {45a8cf2c-b9c0-11e3-965a-002522b94fb8} - E:\setup.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SetPointII.lnk
ShortcutTarget: SetPointII.lnk -> C:\Program Files\Logitech\SetPoint II\SetPointII.exe (Logitech Inc.)
Startup: C:\Users\Giannis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [1MediaFireIconError] -> {5EE8C634-CDC0-453D-9731-DF0B19F4E807} => C:\Program Files (x86)\MediaFire Desktop\MediaFireIcon3_ed9c6.dll (TODO: <Company name>)
ShellIconOverlayIdentifiers: [1MediaFireIconReadOnly] -> {7995D0FC-769B-4197-AEC0-991921CB99E1} => C:\Program Files (x86)\MediaFire Desktop\MediaFireIcon5_ed9c6.dll (TODO: <Company name>)
ShellIconOverlayIdentifiers: [1MediaFireIconSynched] -> {9A3B79CB-D899-40B5-8DBC-20447F1ADC8F} => C:\Program Files (x86)\MediaFire Desktop\MediaFireIcon_ed9c6.dll (TODO: <Company name>)
ShellIconOverlayIdentifiers: [1MediaFireIconSyncing] -> {C4D81971-6B13-4173-AB21-F83AD20CCC04} => C:\Program Files (x86)\MediaFire Desktop\MediaFireIcon2_ed9c6.dll (TODO: <Company name>)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Giannis\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Giannis\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Giannis\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Giannis\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [MediaFireIconLock] -> {759F3E92-F4E8-4953-8315-238B8B17E0F3} => C:\Program Files (x86)\MediaFire Desktop\MediaFireIcon4_ed9c6.dll (TODO: <Company name>)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xB6361649853CCF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre8\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre8\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/DTPlugin,version=11.0.2 -> C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.0.2 -> C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.0.2 -> C:\Program Files (x86)\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.0.2 -> C:\Program Files (x86)\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @wacom.com/wacom-plugin,version=1.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Giannis\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKCU: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-09-29]
 
Chrome: 
=======
CHR Profile: C:\Users\Giannis\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Media Hint) - C:\Users\Giannis\AppData\Local\Google\Chrome\User Data\Default\Extensions\akipcefbjlmpbcejgdaopmmidpnjlhnb [2014-04-01]
CHR Extension: (Έγγραφα Google) - C:\Users\Giannis\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-10]
CHR Extension: (Google Drive ) - C:\Users\Giannis\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-10]
CHR Extension: (YouTube) - C:\Users\Giannis\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-10]
CHR Extension: (Adblock Plus) - C:\Users\Giannis\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-09-10]
CHR Extension: (Αναζήτηση Google) - C:\Users\Giannis\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-10]
CHR Extension: (Lucidchart Διαγράμματα - Desktop) - C:\Users\Giannis\AppData\Local\Google\Chrome\User Data\Default\Extensions\djejicklhojeokkfmdelnempiecmdomj [2014-04-13]
CHR Extension: (avast! Online Security) - C:\Users\Giannis\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-09-29]
CHR Extension: (Πορτοφόλι Google) - C:\Users\Giannis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-10]
CHR Extension: (Gmail) - C:\Users\Giannis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-10]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-09-29]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-09-29] (AVAST Software)
S3 BRSptSvc; C:\ProgramData\BitRaider\BRSptSvc.exe [477960 2014-10-07] (BitRaider, LLC)
S3 DAUpdaterSvc; C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [25832 2014-03-18] (BioWare)
R2 MF NTFS Monitor; C:\Users\Giannis\AppData\Local\MediaFire Desktop\MFUsnMonitorService.exe [456504 2014-09-12] ()
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [627992 2014-01-13] (Wacom Technology, Corp.)
R2 WTouchService; C:\Program Files\WTouch\WTouchService.exe [127784 2009-11-23] (Wacom Technology, Corp.)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-09-29] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-09-29] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-09-29] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-09-29] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-09-29] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-09-29] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-09-29] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-09-29] ()
S3 BRDriver64; C:\ProgramData\BitRaider\BRDriver64.sys [75048 2014-10-08] (BitRaider)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-04-08] (Disc Soft Ltd)
R2 mfmonitor; C:\Windows\System32\DRIVERS\mfmonitor_x64.sys [20696 2014-09-12] (Windows ® Win 7 DDK provider)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-10-08 19:48 - 2014-10-08 19:48 - 00000000 ____D () C:\FRST
2014-10-08 19:45 - 2014-10-08 19:45 - 00004165 _____ () C:\Users\Giannis\Desktop\AdwCleaner[S0].txt
2014-10-08 19:35 - 2014-10-08 19:35 - 00004384 _____ () C:\Users\Giannis\Desktop\AdwCleaner[R0].txt
2014-10-08 19:34 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-10-08 19:33 - 2014-10-08 19:37 - 00000000 ____D () C:\AdwCleaner
2014-10-08 19:31 - 2014-10-08 19:48 - 00000000 ____D () C:\Users\Giannis\Desktop\New folder
2014-10-08 19:14 - 2014-10-08 19:14 - 01375089 _____ () C:\Users\Giannis\Desktop\adwcleaner_3.311.exe
2014-10-08 01:00 - 2014-10-08 01:00 - 00000000 ____D () C:\Users\Giannis\AppData\Local\SWTOR
2014-10-07 23:36 - 2014-10-08 01:00 - 00000000 ____D () C:\ProgramData\BitRaider
2014-10-07 23:36 - 2014-10-07 23:36 - 00000000 ____D () C:\Users\Public\Documents\BitRaider
2014-10-07 23:36 - 2014-10-07 23:36 - 00000000 ____D () C:\Users\Giannis\AppData\Local\SWTORPerf
2014-10-07 23:35 - 2014-10-07 23:35 - 00001453 _____ () C:\Users\Public\Desktop\Star Wars - The Old Republic.lnk
2014-10-07 23:31 - 2014-10-07 23:35 - 00014493 _____ () C:\Users\Giannis\Documents\Install STAR WARS The Old Republic.log
2014-10-07 23:31 - 2014-10-07 23:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA
2014-10-07 23:30 - 2014-10-07 23:31 - 29720272 _____ () C:\Users\Giannis\Downloads\SWTOR_setup.exe
2014-10-07 22:19 - 2014-10-07 22:19 - 00010142 _____ () C:\Users\Giannis\Downloads\2.b.The Nameless.odt
2014-10-07 22:19 - 2014-10-07 22:19 - 00009001 _____ () C:\Users\Giannis\Downloads\1.b.Prologue.odt
2014-10-07 16:52 - 2014-10-07 22:16 - 00008040 _____ () C:\Users\Giannis\Desktop\New Text Document.txt
2014-10-06 00:26 - 2014-10-06 00:27 - 00000189 _____ () C:\Users\Giannis\Desktop\General Observations Journal.txt
2014-10-05 17:24 - 2014-10-06 21:45 - 00015788 _____ () C:\Users\Giannis\Desktop\Tech 1 crap.ods
2014-10-05 16:57 - 2014-10-05 17:02 - 350569449 ____R () C:\Users\Giannis\Downloads\[HorribleSubs] Log Horizon 2 - 01 [720p].mkv
2014-10-05 16:57 - 2014-10-05 16:57 - 00027164 _____ () C:\Users\Giannis\Downloads\[HorribleSubs] Log Horizon 2 - 01 [720p].mkv.torrent
2014-10-04 18:43 - 2014-10-04 18:43 - 00000428 _____ () C:\Users\Giannis\Documents\telemetry.lsx
2014-10-04 17:59 - 2014-10-04 17:59 - 00001887 _____ () C:\Users\Public\Desktop\Divinity - Dragon Commander.lnk
2014-10-04 17:59 - 2014-10-04 17:59 - 00000000 ____D () C:\Users\Giannis\Documents\Larian Studios
2014-10-04 17:59 - 2014-10-04 17:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2014-10-04 17:42 - 2014-10-04 17:42 - 00000000 ____D () C:\GOG Games
2014-10-04 17:40 - 2014-10-04 17:40 - 00028274 _____ () C:\Users\Giannis\Documents\ts3_clientui-win32-1407159763-2014-10-04 17_40_08.573844.dmp
2014-10-04 17:40 - 2014-10-04 17:40 - 00026990 _____ () C:\Users\Giannis\Documents\ts3_clientui-win32-1407159763-2014-10-04 17_40_08.596845.dmp
2014-10-04 17:38 - 2014-10-04 17:38 - 00000000 _____ () C:\Users\Giannis\Desktop\Stuff Im Grateful about.txt
2014-10-04 16:30 - 2014-10-04 16:30 - 00000000 _____ () C:\Users\Giannis\Desktop\New Semester Resolutions.txt
2014-10-04 00:29 - 2014-10-04 00:57 - 00000000 ____D () C:\Users\Giannis\Downloads\Inception (2010) [1080p]
2014-10-02 23:50 - 2014-10-05 17:02 - 00000000 ____D () C:\Users\Giannis\AppData\Roaming\EVEMon
2014-10-02 23:50 - 2014-10-02 23:50 - 00000000 ____D () C:\Users\Giannis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EVEMon
2014-10-02 23:50 - 2014-10-02 23:50 - 00000000 ____D () C:\Program Files (x86)\EVEMon
2014-10-02 23:49 - 2014-10-02 23:49 - 04949062 _____ (EVEMon Development Team) C:\Users\Giannis\Downloads\EVEMon-install-1.9.0.exe
2014-10-02 20:48 - 2014-10-02 20:48 - 00027186 _____ () C:\Users\Giannis\Documents\ts3_clientui-win32-1407159763-2014-10-02 20_48_25.256316.dmp
2014-10-02 20:48 - 2014-10-02 20:48 - 00025566 _____ () C:\Users\Giannis\Documents\ts3_clientui-win32-1407159763-2014-10-02 20_48_22.673168.dmp
2014-10-02 11:53 - 2014-10-02 11:53 - 00000464 __RSH () C:\ProgramData\ntuser.pol
2014-10-01 23:16 - 2014-10-02 01:14 - 00017302 _____ () C:\Users\Giannis\Desktop\I HATE MATH.ods
2014-10-01 21:42 - 2014-10-01 21:45 - 00000000 ____D () C:\Users\Giannis\Desktop\PI is hard
2014-09-29 19:30 - 2014-10-04 00:57 - 00140799 _____ () C:\Users\Giannis\Desktop\Fire Emblem - The Sacred Stones 3.SGM
2014-09-29 19:28 - 2014-10-04 01:05 - 00117702 _____ () C:\Users\Giannis\Desktop\Fire Emblem - The Sacred Stones 2.SGM
2014-09-29 18:02 - 2014-09-29 21:07 - 00138824 _____ () C:\Users\Giannis\Desktop\Fire Emblem - The Sacred Stones.sgm
2014-09-29 17:57 - 2014-10-04 01:12 - 00065536 _____ () C:\Users\Giannis\Desktop\Fire Emblem - The Sacred Stones.sav
2014-09-29 17:56 - 2014-10-04 01:12 - 00002093 _____ () C:\Users\Giannis\Desktop\vba.ini
2014-09-29 17:56 - 2014-09-29 17:56 - 09781391 _____ () C:\Users\Giannis\Downloads\Fire Emblem - The Sacred Stones.zip
2014-09-29 17:56 - 2008-05-25 04:33 - 00000706 _____ () C:\Users\Giannis\Desktop\readme.html
2014-09-29 17:56 - 1996-12-25 00:32 - 16777216 _____ () C:\Users\Giannis\Desktop\Fire Emblem - The Sacred Stones.gba
2014-09-29 17:54 - 2005-10-01 14:08 - 01974352 _____ (None) C:\Users\Giannis\Desktop\VisualBoyAdvance.exe
2014-09-29 17:54 - 2002-10-19 07:38 - 00018349 _____ () C:\Users\Giannis\Desktop\COPYING
2014-09-29 17:53 - 2014-09-29 17:53 - 00659797 _____ () C:\Users\Giannis\Downloads\VisualBoyAdvance-1.8.0-beta3 (1).zip
2014-09-29 17:49 - 2014-10-08 19:36 - 00000000 ____D () C:\Program Files (x86)\AdvanceElite
2014-09-29 17:49 - 2014-09-29 17:49 - 00003828 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1412002158
2014-09-29 17:49 - 2014-09-29 17:49 - 00001139 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2014-09-29 17:49 - 2014-09-29 17:49 - 00000000 ____D () C:\Users\Giannis\AppData\Roaming\Opera Software
2014-09-29 17:49 - 2014-09-29 17:49 - 00000000 ____D () C:\Users\Giannis\AppData\Local\Opera Software
2014-09-29 17:49 - 2014-09-29 17:49 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-09-29 17:48 - 2014-09-29 17:48 - 00659797 _____ () C:\Users\Giannis\Downloads\VisualBoyAdvance-1.8.0-beta3.zip
2014-09-29 17:48 - 2014-09-29 17:48 - 00003554 _____ () C:\Windows\System32\Tasks\GoodGameEmpire NextW2
2014-09-29 17:48 - 2014-09-29 17:48 - 00003554 _____ () C:\Windows\System32\Tasks\GoodGameEmpire NextW1
2014-09-29 17:48 - 2014-09-29 17:48 - 00000000 ____D () C:\Users\Giannis\AppData\Roaming\GoodGameEmpire
2014-09-29 17:48 - 2014-09-29 17:48 - 00000000 ____D () C:\Users\Giannis\AppData\Local\GGEmpire
2014-09-29 17:47 - 2014-09-29 17:47 - 00754608 _____ ( ) C:\Users\Giannis\Downloads\CR_Downloader_for_visual-boy-advance.exe
2014-09-29 01:29 - 2014-09-29 01:49 - 00009105 _____ () C:\Users\Giannis\Desktop\attach.txt
2014-09-29 01:29 - 2014-09-29 01:30 - 00014747 _____ () C:\Users\Giannis\Desktop\dds.txt
2014-09-29 01:19 - 2014-09-29 01:19 - 00688992 ____R (Swearware) C:\Users\Giannis\Desktop\dds.com
2014-09-29 01:15 - 2014-10-08 19:22 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-29 01:15 - 2014-09-29 01:15 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-29 01:15 - 2014-09-29 01:15 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-29 01:15 - 2014-09-29 01:15 - 00000000 ____D () C:\Windows\system32\Macromed
2014-09-29 01:08 - 2014-09-29 01:08 - 00026362 _____ () C:\Users\Giannis\Documents\ts3_clientui-win32-1407159763-2014-09-29 01_08_53.203710.dmp
2014-09-29 01:07 - 2014-09-29 01:07 - 00000180 _____ () C:\Users\Giannis\Desktop\cc_20140929_010739.reg
2014-09-29 01:06 - 2014-09-29 01:06 - 00026646 _____ () C:\Users\Giannis\Documents\ts3_clientui-win32-1407159763-2014-09-29 01_06_39.141262.dmp
2014-09-29 00:59 - 2014-09-29 00:59 - 00000085 _____ () C:\Windows\wininit.ini
2014-09-29 00:58 - 2014-09-29 00:58 - 00000000 ____D () C:\Qoobox
2014-09-29 00:57 - 2014-09-29 00:58 - 00000000 ___SD () C:\32788R22FWJFW
2014-09-29 00:57 - 2014-09-29 00:57 - 00000000 ____D () C:\Windows\erdnt
2014-09-29 00:38 - 2014-09-29 00:38 - 00000000 ____D () C:\Users\Giannis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-09-29 00:38 - 2014-09-29 00:38 - 00000000 ____D () C:\Users\Giannis\AppData\Roaming\Dropbox
2014-09-29 00:36 - 2014-10-08 13:52 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-09-29 00:36 - 2014-10-04 21:37 - 00002010 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-09-29 00:36 - 2014-09-29 00:36 - 00000000 ____D () C:\Users\Giannis\AppData\Roaming\AVAST Software
2014-09-29 00:36 - 2014-09-29 00:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-09-29 00:35 - 2014-09-29 00:36 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-09-29 00:35 - 2014-09-29 00:35 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-09-29 00:35 - 2014-09-29 00:35 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-09-29 00:35 - 2014-09-29 00:35 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-09-29 00:35 - 2014-09-29 00:35 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-09-29 00:35 - 2014-09-29 00:35 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-09-29 00:35 - 2014-09-29 00:35 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-09-29 00:35 - 2014-09-29 00:35 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-09-29 00:35 - 2014-09-29 00:35 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-09-29 00:35 - 2014-09-29 00:35 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-09-29 00:34 - 2014-09-29 00:34 - 00000000 ____D () C:\Program Files\AVAST Software
2014-09-29 00:33 - 2014-09-29 00:34 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-09-29 00:33 - 2014-09-29 00:33 - 04862664 _____ (AVAST Software) C:\Users\Giannis\Downloads\avast_free_antivirus_setup_online.exe
2014-09-29 00:31 - 2014-09-29 00:31 - 00027210 _____ () C:\Users\Giannis\Documents\ts3_clientui-win32-1407159763-2014-09-29 00_31_39.116041.dmp
2014-09-29 00:30 - 2014-10-04 21:37 - 00000866 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-09-29 00:30 - 2014-09-29 00:30 - 04964488 _____ (Piriform Ltd) C:\Users\Giannis\Downloads\ccsetup418.exe
2014-09-29 00:30 - 2014-09-29 00:30 - 00002776 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-09-29 00:30 - 2014-09-29 00:30 - 00000000 ____D () C:\Program Files\CCleaner
2014-09-29 00:27 - 2014-09-29 00:27 - 00027202 _____ () C:\Users\Giannis\Documents\ts3_clientui-win32-1407159763-2014-09-29 00_27_38.242211.dmp
2014-09-29 00:13 - 2014-09-29 00:41 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-29 00:12 - 2014-09-29 00:12 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Giannis\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-29 00:12 - 2014-09-29 00:12 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-29 00:12 - 2014-09-29 00:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-29 00:12 - 2014-09-29 00:12 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-29 00:12 - 2014-09-29 00:12 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-29 00:12 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-29 00:12 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-29 00:12 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-28 23:57 - 2014-09-28 23:57 - 00028342 _____ () C:\Users\Giannis\Documents\ts3_clientui-win32-1407159763-2014-09-28 23_57_07.850216.dmp
2014-09-28 23:33 - 2014-09-28 23:33 - 00028566 _____ () C:\Users\Giannis\Documents\ts3_clientui-win32-1407159763-2014-09-28 23_33_13.492680.dmp
2014-09-28 23:10 - 2014-06-24 22:14 - 00000872 _____ () C:\Windows\system32\Drivers\etc\hosts.20140928-231045.backup
2014-09-28 23:03 - 2014-09-28 23:03 - 00028458 _____ () C:\Users\Giannis\Documents\ts3_clientui-win32-1407159763-2014-09-28 23_03_14.533933.dmp
2014-09-28 22:56 - 2014-09-28 22:56 - 00986624 _____ () C:\Users\Giannis\Downloads\MicrosoftFixit50850.msi
2014-09-28 22:45 - 2014-09-29 01:15 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-28 22:45 - 2014-09-28 22:45 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-09-28 18:50 - 2014-10-04 15:30 - 00000000 ____D () C:\Users\Giannis\Downloads\Dragon Commander
2014-09-28 15:44 - 2014-09-28 15:44 - 00000000 ____D () C:\Users\Giannis\Documents\My Curse
2014-09-26 14:11 - 2014-09-26 14:11 - 00027594 _____ () C:\Users\Giannis\Documents\ts3_clientui-win32-1407159763-2014-09-26 14_11_33.781925.dmp
2014-09-26 00:04 - 2014-09-26 00:04 - 00027898 _____ () C:\Users\Giannis\Documents\ts3_clientui-win32-1407159763-2014-09-26 00_04_25.775736.dmp
2014-09-25 23:53 - 2014-09-25 23:53 - 00033718 _____ () C:\Users\Giannis\Documents\ts3_clientui-win32-1407159763-2014-09-25 23_53_22.003771.dmp
2014-09-25 23:53 - 2014-09-25 23:53 - 00033110 _____ () C:\Users\Giannis\Documents\ts3_clientui-win32-1407159763-2014-09-25 23_53_07.075917.dmp
2014-09-25 23:53 - 2014-09-25 23:53 - 00002996 _____ () C:\Windows\System32\Tasks\{74A8FB77-0F22-49AF-AED5-25FB5F7211D8}
2014-09-25 23:53 - 2014-09-25 23:53 - 00002996 _____ () C:\Windows\System32\Tasks\{46FE5785-866A-4C65-A3F7-171EA2AE3932}
2014-09-25 23:44 - 2014-09-25 23:44 - 00026742 _____ () C:\Users\Giannis\Documents\ts3_clientui-win32-1407159763-2014-09-25 23_44_23.095947.dmp
2014-09-25 23:44 - 2014-09-25 23:44 - 00026734 _____ () C:\Users\Giannis\Documents\ts3_clientui-win32-1407159763-2014-09-25 23_44_35.443653.dmp
2014-09-25 23:43 - 2014-09-25 23:43 - 00028798 _____ () C:\Users\Giannis\Documents\ts3_clientui-win32-1407159763-2014-09-25 23_43_59.947623.dmp
2014-09-25 23:35 - 2014-09-25 23:35 - 00028174 _____ () C:\Users\Giannis\Documents\ts3_clientui-win32-1407159763-2014-09-25 23_35_29.173408.dmp
2014-09-25 23:35 - 2014-09-25 23:35 - 00027682 _____ () C:\Users\Giannis\Documents\ts3_clientui-win32-1407159763-2014-09-25 23_35_12.833474.dmp
2014-09-25 23:34 - 2014-09-25 23:34 - 00028642 _____ () C:\Users\Giannis\Documents\ts3_clientui-win32-1407159763-2014-09-25 23_34_43.553799.dmp
2014-09-25 23:34 - 2014-09-25 23:34 - 00001166 _____ () C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2014-09-25 23:34 - 2014-09-25 23:34 - 00000000 ____D () C:\Program Files (x86)\TeamSpeak 3 Client
2014-09-25 23:32 - 2014-09-25 23:33 - 28115400 _____ (TeamSpeak Systems GmbH) C:\Users\Giannis\Downloads\TeamSpeak3-Client-win32-3.0.16.exe
2014-09-24 19:33 - 2014-09-24 19:50 - 00000167 _____ () C:\Users\Giannis\Desktop\Code I learned so far(WARNING sadness and despair inside).txt
2014-09-24 03:37 - 2014-09-24 03:38 - 00000267 _____ () C:\Users\Giannis\Desktop\Tip of the day.txt
2014-09-22 19:33 - 2014-09-22 20:07 - 00000000 ____D () C:\Users\Giannis\Downloads\Wasteland 2 - GOG
2014-09-22 13:47 - 2014-09-22 13:47 - 00000000 ____D () C:\Users\Giannis\AppData\Roaming\stetic
2014-09-22 13:47 - 2014-09-22 13:47 - 00000000 ____D () C:\Users\Giannis\AppData\Roaming\MonoDevelop-Unity-4.0
2014-09-22 13:47 - 2014-09-22 13:47 - 00000000 ____D () C:\Users\Giannis\AppData\Local\MonoDevelop-Unity-4.0
2014-09-22 13:27 - 2014-09-22 13:57 - 00000000 ____D () C:\Users\Giannis\Documents\Unity 101
2014-09-21 21:54 - 2014-09-21 21:54 - 00000000 ____D () C:\Users\Giannis\Documents\Shadowrun Returns
2014-09-21 21:52 - 2014-09-21 21:52 - 00000000 ____D () C:\Users\Giannis\AppData\Local\Harebrained Schemes
2014-09-21 21:06 - 2014-09-21 21:06 - 00000222 _____ () C:\Users\Giannis\Desktop\Shadowrun Returns.url
2014-09-20 20:35 - 2014-09-24 03:39 - 00001251 _____ () C:\Users\Giannis\Desktop\Project Overview.txt
2014-09-20 20:14 - 2014-09-20 20:14 - 02494726 _____ () C:\Users\Giannis\Downloads\2D Assets Pack V15.zip
2014-09-20 20:14 - 2014-09-20 20:14 - 00000000 ____D () C:\Users\Giannis\Desktop\2D Assets Pack
2014-09-20 20:09 - 2014-09-22 13:27 - 00000000 ____D () C:\Users\Giannis\Documents\New Unity Project
2014-09-20 20:06 - 2014-09-22 13:27 - 00000000 ____D () C:\ProgramData\Unity
2014-09-20 20:06 - 2014-09-20 20:06 - 00000000 ____D () C:\Users\Giannis\AppData\Roaming\Apple Computer
2014-09-20 20:06 - 2014-09-20 20:06 - 00000000 ____D () C:\Users\Giannis\AppData\Local\Apple Computer
2014-09-20 14:04 - 2014-09-20 14:04 - 00000000 ____D () C:\Users\Giannis\AppData\Local\Ankama
2014-09-19 11:31 - 2014-09-19 11:31 - 00007605 _____ () C:\Users\Giannis\AppData\Local\Resmon.ResmonCfg
2014-09-19 07:40 - 2014-09-19 07:40 - 00000222 _____ () C:\Users\Giannis\Desktop\Wakfu.url
2014-09-18 02:51 - 2014-09-18 02:53 - 00000185 _____ () C:\Users\Giannis\Desktop\BEST SUPPORT WORLD.txt
2014-09-18 01:58 - 2014-09-18 17:22 - 00000024 _____ () C:\Users\Giannis\random.dat
2014-09-18 01:58 - 2014-09-18 17:19 - 00000046 _____ () C:\Users\Giannis\jagex_cl_runescape_LIVE.dat
2014-09-18 01:58 - 2014-09-18 01:58 - 00000000 ____D () C:\Users\Giannis\jagexcache
2014-09-15 22:29 - 2014-09-15 22:29 - 00000000 ____D () C:\Users\Giannis\Desktop\Fysikh II
2014-09-15 19:05 - 2014-09-15 19:06 - 00000000 ____D () C:\Users\Giannis\Desktop\Geniki Fusiki
2014-09-15 19:05 - 2014-09-15 19:05 - 04532690 _____ () C:\Users\Giannis\Downloads\sos-askiseis (1).zip
2014-09-15 19:05 - 2014-09-15 19:05 - 00743777 _____ () C:\Users\Giannis\Downloads\themata (1).zip
2014-09-13 22:59 - 2014-09-14 17:09 - 00000000 ____D () C:\Users\Giannis\Downloads\My Little Pony Season 4 - iTunes 1080p
2014-09-13 17:20 - 2014-09-13 17:20 - 00146245 _____ () C:\Users\Giannis\Downloads\DM14_week3-FormalProofs (2).pptx
2014-09-13 17:19 - 2014-09-13 17:19 - 00146245 _____ () C:\Users\Giannis\Downloads\DM14_week3-FormalProofs (1).pptx
2014-09-13 13:31 - 2014-09-13 13:32 - 01497701 _____ () C:\Users\Giannis\Downloads\Επισκόπηση.pptx
2014-09-13 00:15 - 2014-09-13 00:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity
2014-09-13 00:15 - 2014-09-13 00:15 - 00000000 ____D () C:\Users\Public\Documents\Unity Projects
2014-09-13 00:05 - 2014-09-13 00:17 - 00000000 ____D () C:\Program Files (x86)\Unity
2014-09-12 23:30 - 2014-09-12 23:54 - 1308543464 _____ (Unity Technologies ApS) C:\Users\Giannis\Downloads\UnitySetup-4.5.4.exe
2014-09-12 22:30 - 2014-09-12 22:30 - 00408832 _____ () C:\Users\Giannis\Downloads\DM14_week4-Induction.pptx
2014-09-12 22:30 - 2014-09-12 22:30 - 00146245 _____ () C:\Users\Giannis\Downloads\DM14_week3-FormalProofs.pptx
2014-09-12 22:23 - 2014-09-13 22:53 - 00000000 ____D () C:\Users\Giannis\Desktop\Diakrita Ecourse
2014-09-12 04:24 - 2014-09-12 04:24 - 06049702 _____ () C:\Users\Giannis\Downloads\Ultimate Skin of Airman Slaying - MKV Codename Stealth Impostor.rar
2014-09-09 00:28 - 2014-09-09 00:29 - 00000000 ____D () C:\Users\Giannis\Documents\Strife
2014-09-09 00:28 - 2014-09-09 00:28 - 00000000 ____D () C:\Users\Giannis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Strife
2014-09-09 00:28 - 2014-09-09 00:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Strife
2014-09-09 00:23 - 2014-09-09 00:29 - 00000000 ____D () C:\Program Files (x86)\Strife
2014-09-08 23:51 - 2014-09-09 00:21 - 1778312128 _____ () C:\Users\Giannis\Downloads\StrifeWindows-0.4.0.2.exe
2014-09-08 22:31 - 2014-09-08 22:31 - 10547569 _____ () C:\Users\Giannis\Downloads\[Normal] Before The Date.zip
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-10-08 19:45 - 2014-03-10 20:39 - 00000000 ____D () C:\Users\Giannis\AppData\Roaming\uTorrent
2014-10-08 19:44 - 2014-03-09 18:13 - 01699498 _____ () C:\Windows\WindowsUpdate.log
2014-10-08 19:43 - 2014-06-12 11:37 - 00000000 ___HD () C:\Users\Giannis\.mediafire
2014-10-08 19:42 - 2014-06-12 11:37 - 00000000 ___RD () C:\Users\Giannis\MediaFire
2014-10-08 19:42 - 2014-03-10 20:23 - 00000000 ____D () C:\Users\Giannis\AppData\Local\Deployment
2014-10-08 19:39 - 2014-03-10 20:23 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-08 19:39 - 2009-07-14 08:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-08 19:39 - 2009-07-14 07:51 - 00039394 _____ () C:\Windows\setupact.log
2014-10-08 19:38 - 2010-11-21 06:47 - 00017612 _____ () C:\Windows\PFRO.log
2014-10-08 19:37 - 2009-07-14 05:34 - 00000505 _____ () C:\Windows\win.ini
2014-10-08 19:00 - 2014-03-10 20:23 - 00000900 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-07 23:31 - 2014-05-17 06:25 - 00000000 ____D () C:\Program Files (x86)\Electronic Arts
2014-10-07 23:31 - 2009-07-14 08:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-10-07 02:54 - 2014-03-10 21:31 - 00000000 ____D () C:\Users\Giannis\AppData\Roaming\Skype
2014-10-05 18:57 - 2014-03-10 22:05 - 00000000 ____D () C:\Users\Giannis\AppData\Local\PMB Files
2014-10-02 09:58 - 2009-07-14 06:20 - 00000000 ____D () C:\Windows\system32\GroupPolicy
2014-10-02 04:37 - 2009-07-14 07:45 - 00020640 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-02 04:37 - 2009-07-14 07:45 - 00020640 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-30 01:04 - 2014-03-10 20:38 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-09-29 15:58 - 2014-03-25 23:52 - 00000000 ____D () C:\Program Files (x86)\WinRAR
2014-09-29 01:15 - 2014-03-25 23:52 - 00000000 ____D () C:\Users\Giannis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-09-29 01:15 - 2014-03-25 23:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-09-29 01:02 - 2014-03-10 22:17 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-09-29 00:59 - 2014-03-10 22:17 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-09-29 00:25 - 2009-07-14 06:20 - 00000000 ____D () C:\Windows\system
2014-09-29 00:08 - 2009-07-14 08:13 - 00781298 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-28 22:41 - 2014-03-12 18:16 - 00456559 _____ () C:\Windows\DirectX.log
2014-09-28 15:43 - 2014-03-30 23:09 - 00000000 ____D () C:\Users\Giannis\Documents\My Games
2014-09-25 13:02 - 2014-03-10 20:24 - 00002189 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-20 21:59 - 2014-03-10 22:05 - 00000000 ____D () C:\ProgramData\PMB Files
2014-09-20 20:09 - 2014-03-22 03:31 - 00000000 ____D () C:\Users\Giannis\AppData\Roaming\Unity
2014-09-20 20:06 - 2014-03-22 02:37 - 00000000 ____D () C:\Users\Giannis\AppData\Local\Unity
2014-09-19 22:50 - 2014-05-31 04:02 - 00000000 ____D () C:\Users\Giannis\Desktop\Photographs
2014-09-19 08:10 - 2014-04-28 12:41 - 00000000 ____D () C:\Users\Giannis\AppData\Local\Battle.net
2014-09-19 07:38 - 2014-04-28 12:41 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-09-18 13:11 - 2014-03-24 03:14 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-18 01:58 - 2014-03-09 18:15 - 00000000 ____D () C:\Users\Giannis
2014-09-18 00:04 - 2014-03-23 15:33 - 00000000 ____D () C:\Program Files (x86)\osu!
2014-09-12 00:26 - 2014-06-12 11:24 - 00020696 _____ (Windows ® Win 7 DDK provider) C:\Windows\system32\Drivers\mfmonitor_x64.sys
 
Files to move or delete:
====================
C:\Users\Giannis\jagex_cl_runescape_LIVE.dat
C:\Users\Giannis\random.dat
 
 
Some content of TEMP:
====================
C:\Users\Giannis\AppData\Local\Temp\MediaFireIcon2_x64.dll
C:\Users\Giannis\AppData\Local\Temp\MediaFireIcon3_x64.dll
C:\Users\Giannis\AppData\Local\Temp\MediaFireIcon4_x64.dll
C:\Users\Giannis\AppData\Local\Temp\MediaFireIcon5_x64.dll
C:\Users\Giannis\AppData\Local\Temp\MediaFireIcon_x64.dll
C:\Users\Giannis\AppData\Local\Temp\MFDesktopShellStatic_x64.dll
C:\Users\Giannis\AppData\Local\Temp\Quarantine.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-09-30 09:38
 
==================== End Of Log ============================
 
 
 
Computer is running fine.

Programms like teamspeak3 still wont launch. :(

Attached Files



#6 nasdaq

nasdaq

  • Malware Response Team
  • 38,746 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:12:54 PM

Posted 09 October 2014 - 07:19 AM


Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below.

start

ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
C:\Users\Giannis\AppData\Local\Temp\MediaFireIcon2_x64.dll
C:\Users\Giannis\AppData\Local\Temp\MediaFireIcon3_x64.dll
C:\Users\Giannis\AppData\Local\Temp\MediaFireIcon4_x64.dll
C:\Users\Giannis\AppData\Local\Temp\MediaFireIcon5_x64.dll
C:\Users\Giannis\AppData\Local\Temp\MediaFireIcon_x64.dll
C:\Users\Giannis\AppData\Local\Temp\MFDesktopShellStatic_x64.dll
HKU\S-1-5-21-3976655141-4257086221-1959697038-1000\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION!
HKU\S-1-5-21-3976655141-4257086221-1959697038-1000\Software\Classes\exefile: "%1" %* <===== ATTENTION!

End
Save the files as fixlist.txt into the same folder as FRST

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
p.s.
If the SecurityCheck program fails to run for any reason, run it as an Administrator.

If the site is busy or not available use this mirror site:
http://www.bleepingcomputer.com/download/securitycheck/
===

p.s.
If teamspeak still does not launch I suggest your re-nstall the application.

Keep me posted.

#7 Papadopoulos

Papadopoulos
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:07:54 PM

Posted 09 October 2014 - 08:39 AM

FRST log:

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 06-10-2014 01
Ran by Giannis at 2014-10-09 16:04:57 Run:1
Running from C:\Users\Giannis\Desktop\New folder
Loaded Profile: Giannis (Available profiles: Giannis)
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
start
 
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
C:\Users\Giannis\AppData\Local\Temp\MediaFireIcon2_x64.dll
C:\Users\Giannis\AppData\Local\Temp\MediaFireIcon3_x64.dll
C:\Users\Giannis\AppData\Local\Temp\MediaFireIcon4_x64.dll
C:\Users\Giannis\AppData\Local\Temp\MediaFireIcon5_x64.dll
C:\Users\Giannis\AppData\Local\Temp\MediaFireIcon_x64.dll
C:\Users\Giannis\AppData\Local\Temp\MFDesktopShellStatic_x64.dll
HKU\S-1-5-21-3976655141-4257086221-1959697038-1000\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION!
HKU\S-1-5-21-3976655141-4257086221-1959697038-1000\Software\Classes\exefile: "%1" %* <===== ATTENTION!
 
End
*****************
 
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt1" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" => Key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt2" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" => Key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt3" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" => Key not found.
C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
VGPU => Service deleted successfully.
C:\Users\Giannis\AppData\Local\Temp\MediaFireIcon2_x64.dll => Moved successfully.
C:\Users\Giannis\AppData\Local\Temp\MediaFireIcon3_x64.dll => Moved successfully.
C:\Users\Giannis\AppData\Local\Temp\MediaFireIcon4_x64.dll => Moved successfully.
C:\Users\Giannis\AppData\Local\Temp\MediaFireIcon5_x64.dll => Moved successfully.
C:\Users\Giannis\AppData\Local\Temp\MediaFireIcon_x64.dll => Moved successfully.
C:\Users\Giannis\AppData\Local\Temp\MFDesktopShellStatic_x64.dll => Moved successfully.
"HKU\S-1-5-21-3976655141-4257086221-1959697038-1000\Software\Classes\exefile" => Key deleted successfully.
"HKU\S-1-5-21-3976655141-4257086221-1959697038-1000\Software\Classes\.exe" => Key deleted successfully.
"HKU\S-1-5-21-3976655141-4257086221-1959697038-1000\Software\Classes\exefile" => Key not found.
 
 
The system needed a reboot. 
 
==== End of Fixlog ====
 
 
Security Check log:
 

 Results of screen317's Security Check version 0.99.88  
 Windows 7 Service Pack 1 x64 (UAC is disabled!)  
 Internet Explorer 10 Out of date! 
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
avast! Antivirus   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 MVPS Hosts File  
 Java 7 Update 67  
 Java 8    
 Java SE Development Kit 8 
 Adobe Flash Player 15.0.0.152  
 Adobe Reader XI  
 Google Chrome 37.0.2062.120  
 Google Chrome 37.0.2062.124  
````````Process Check: objlist.exe by Laurent````````  
 AVAST Software Avast AvastSvc.exe  
 AVAST Software Avast avastui.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C: 4% 
````````````````````End of Log`````````````````````` 
 
 
I tried reinstalling teamspeak but the problem persisted,same with a couple of games.

 



#8 nasdaq

nasdaq

  • Malware Response Team
  • 38,746 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:12:54 PM

Posted 09 October 2014 - 09:10 AM

Following steps involve registry editing. Please create new restore point before proceeding!!!
How to:
Vista and Seven - http://windows.microsoft.com/en-gb/windows7/create-a-restore-point
Windows 8 - http://www.eightforums.com/tutorials/4690-restore-point-create-windows-8-a.html

Download this program to your desktop.
Tweaking.com - Windows Repair
http://www.bleepingcomputer.com/download/windows-repair-all-in-one-portable/


Extract and launch the Repair_Windows.exe file

Click on Start repairs tab-click on Start

check mark the following options only.

01 - Reset Registry Permissions
02 - Reset File Permissions
03 - Reset Service permissions
04 - Register System Files
05 - Repair WMI
10 - Remove Policies Set By Infections
14 - Remove Temp Files
15 - Repair Proxy Settings
17 - Repair Windows Updates
21 - Repair MSI (Windows Installer)
23 - Repair File Associatesions
26 - Restore Important Windows Services
27 - Set Windows Services to Default Startup
  • Checkmark Restart System When Finished option
  • click the Start button
  • System should restart after repair


#9 Papadopoulos

Papadopoulos
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:07:54 PM

Posted 10 October 2014 - 08:00 AM

Finished the repairs and the computer restarted normally.Programms still wont launch.



#10 nasdaq

nasdaq

  • Malware Response Team
  • 38,746 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:12:54 PM

Posted 10 October 2014 - 08:54 AM




Please run Farbar Service Scanner.

There is a Search Registry button on the FRST Console. You can type or copy and paste the item(s) names you wish to search for into the Search box.



Type the following in the edit box after "Search:".

TeamSpeak.

Click the Search Registry button and post the log (FSS.txt) it makes to your reply.
===

This may give me an indication if you have a policy restriction on that program.

Also your Windows Firewall Enabled!
Disable it and try to run the .exe files that are giving your problems.

Restore the Firewall after the test.

It may just be that you have some restrictions set in the Firewall.

#11 Papadopoulos

Papadopoulos
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:07:54 PM

Posted 11 October 2014 - 06:46 PM

Farbar Recovery Scan Tool (x64) Version: 06-10-2014 01
Ran by Giannis at 2014-10-12 02:45:36
Running from C:\Users\Giannis\Desktop\New folder
Boot Mode: Normal
 
================== Search Registry: "TeamSpeak" ===========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ts3addon]
""="TeamSpeak Add-On"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ts3addon\DefaultIcon]
""="C:\Program Files\TeamSpeak 3 Client\package_inst.exe,0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ts3addon\shell\open\command]
""=""C:\Program Files\TeamSpeak 3 Client\package_inst.exe" "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ts3file]
""="URL:TeamSpeak 3 file"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ts3file\shell\open\command]
""=""C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe" "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ts3server]
""="URL:TeamSpeak 3 file"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ts3server\shell\open\command]
""=""C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe" "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FTH\State]
"C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe"="0x0C0000001000000090B4F80C74007300330063006C00690065006E0074005F00770069006E00360034002E006500780065000000000000000000000000000000A08668604BE5000026B235FD03000000000000001000000000000000"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\TeamSpeak 3 Client]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\TeamSpeak 3 Client]
"DisplayName"="TeamSpeak 3 Client"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\TeamSpeak 3 Client]
"DisplayIcon"="C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe,0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\TeamSpeak 3 Client]
"UninstallString"=""C:\Program Files\TeamSpeak 3 Client\uninstall.exe""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\TeamSpeak 3 Client]
"Publisher"="TeamSpeak Systems GmbH"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\TeamSpeak 3 Client]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\TeamSpeak 3 Client]
"InstallLocation"="C:\Program Files\TeamSpeak 3 Client"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers]
"C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe"="FaultTolerantHeap"
[HKEY_LOCAL_MACHINE\SOFTWARE\TeamSpeak 3 Client]
[HKEY_LOCAL_MACHINE\SOFTWARE\TeamSpeak 3 Client]
""="C:\Program Files\TeamSpeak 3 Client"
[HKEY_LOCAL_MACHINE\SOFTWARE\TeamSpeak 3 Client]
"Start Menu Folder"="TeamSpeak 3 Client"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\OverwolfTeamSpeakInstaller_RASAPI32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\OverwolfTeamSpeakInstaller_RASMANCS]
[HKEY_USERS\S-1-5-21-3976655141-4257086221-1959697038-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\ea328d1_0]
""="{0.0.0.00000000}.{7f993dce-a8e3-494a-b346-0f8001dbca14}|\Device\HarddiskVolume2\Program Files\TeamSpeak 3 Client\ts3client_win64.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-3976655141-4257086221-1959697038-1000\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted]
"C:\Users\Giannis\Downloads\TeamSpeak3-Client-win64-3.0.13.1.exe"="1"
[HKEY_USERS\S-1-5-21-3976655141-4257086221-1959697038-1000\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted]
"C:\Users\Giannis\Downloads\TeamSpeak3-Client-win64-3.0.16.exe"="1"
[HKEY_USERS\S-1-5-21-3976655141-4257086221-1959697038-1000\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.8\com.trolltech.Qt.QImageIOHandlerFactoryInterface:\C:\Program Files\TeamSpeak 3 Client]
[HKEY_USERS\S-1-5-21-3976655141-4257086221-1959697038-1000\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.8\com.trolltech.Qt.QSqlDriverFactoryInterface:\C:\Program Files\TeamSpeak 3 Client]
[HKEY_USERS\S-1-5-21-3976655141-4257086221-1959697038-1000\Software\Trolltech\OrganizationDefaults\Qt Plugin Cache 4.8.false\C:\Program Files\TeamSpeak 3 Client]
[HKEY_USERS\S-1-5-21-3976655141-4257086221-1959697038-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe"="TeamSpeak 3 Client"
[HKEY_USERS\S-1-5-21-3976655141-4257086221-1959697038-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe"="TeamSpeak 3 Client"
[HKEY_USERS\S-1-5-21-3976655141-4257086221-1959697038-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe"="TeamSpeak 3 Client"
[HKEY_USERS\S-1-5-21-3976655141-4257086221-1959697038-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe"="TeamSpeak 3 Client"
[HKEY_USERS\S-1-5-21-3976655141-4257086221-1959697038-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe"="TeamSpeak 3 Client"
[HKEY_USERS\S-1-5-21-3976655141-4257086221-1959697038-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe"="TeamSpeak 3 Client"
[HKEY_USERS\S-1-5-21-3976655141-4257086221-1959697038-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe"="TeamSpeak 3 Client"
[HKEY_USERS\S-1-5-21-3976655141-4257086221-1959697038-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe"="TeamSpeak 3 Client"
 
====== End Of Search ======
 
Disabled the firewall but nothing changed.I re-enabled it right after that.


#12 nasdaq

nasdaq

  • Malware Response Team
  • 38,746 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:12:54 PM

Posted 12 October 2014 - 08:36 AM

The only Policy key I found on this program is this.

[HKEY_USERS\S-1-5-21-3976655141-4257086221-1959697038-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\ea328d1_0]
""="{0.0.0.00000000}.{7f993dce-a8e3-494a-b346-0f8001dbca14}|\Device\HarddiskVolume2\Program Files\TeamSpeak 3 Client\ts3client_win64.exe%b{00000000-0000-0000-0000-000000000000}"


Because of this entry in bold
\Device\HarddiskVolume2\Program Files\TeamSpeak 3 Client

We will check your BIOS and Master boot record.

Read carefully and follow these steps.
TDSS
  • Download TDSSKiller and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application.
  • Then click on Start Scan.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.

    TDSSKillerSuspicious-1.png
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • Important: Do NOT change the default action on your own unless instructed by a malware Helper! Doing so may render your computer unbootable.
    TDSSKillerMal-1.png
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.

    TDSSKillerCompleted.png
  • If no reboot is required, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.
===

Download http://public.avast.com/~gmerek/aswMBR.exe (aswMBR.exe) to your desktop. Double click the aswMBR.exe to run it.
  • Click the "Scan" button to start scan.
  • Upon completion of the scan, click Save log, and save it to your desktop. (Note - do not select any Fix at this time) <- IMPORTANT
  • Please paste the contents of that log in your next reply.
There shall also be a file on your desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) folder. Please attach that zipped file in your next reply.
===

Wait for further instructions.

#13 Papadopoulos

Papadopoulos
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:07:54 PM

Posted 13 October 2014 - 08:19 AM

TDSSKiller log:
 
15:45:14.0071 0x106c  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
15:45:20.0125 0x106c  ============================================================
15:45:20.0125 0x106c  Current date / time: 2014/10/13 15:45:20.0125
15:45:20.0125 0x106c  SystemInfo:
15:45:20.0125 0x106c  
15:45:20.0125 0x106c  OS Version: 6.1.7601 ServicePack: 1.0
15:45:20.0125 0x106c  Product type: Workstation
15:45:20.0125 0x106c  ComputerName: GIANNIS-PC
15:45:20.0125 0x106c  UserName: Giannis
15:45:20.0125 0x106c  Windows directory: C:\Windows
15:45:20.0125 0x106c  System windows directory: C:\Windows
15:45:20.0125 0x106c  Running under WOW64
15:45:20.0125 0x106c  Processor architecture: Intel x64
15:45:20.0125 0x106c  Number of processors: 4
15:45:20.0125 0x106c  Page size: 0x1000
15:45:20.0125 0x106c  Boot type: Normal boot
15:45:20.0125 0x106c  ============================================================
15:45:22.0090 0x106c  KLMD registered as C:\Windows\system32\drivers\42372820.sys
15:45:22.0358 0x106c  System UUID: {7965BC64-B8F4-F747-6AA4-4AA9EFB3C51B}
15:45:23.0306 0x106c  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:45:23.0327 0x106c  ============================================================
15:45:23.0327 0x106c  \Device\Harddisk0\DR0:
15:45:23.0351 0x106c  MBR partitions:
15:45:23.0351 0x106c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1770000
15:45:23.0351 0x106c  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1770800, BlocksNum 0x72F95800
15:45:23.0351 0x106c  ============================================================
15:45:23.0398 0x106c  C: <-> \Device\Harddisk0\DR0\Partition2
15:45:23.0398 0x106c  ============================================================
15:45:23.0398 0x106c  Initialize success
15:45:23.0398 0x106c  ============================================================
15:45:41.0409 0x0d28  ============================================================
15:45:41.0409 0x0d28  Scan started
15:45:41.0409 0x0d28  Mode: Manual; 
15:45:41.0409 0x0d28  ============================================================
15:45:41.0409 0x0d28  KSN ping started
15:45:44.0080 0x0d28  KSN ping finished: true
15:45:45.0217 0x0d28  ================ Scan system memory ========================
15:45:45.0217 0x0d28  System memory - ok
15:45:45.0217 0x0d28  ================ Scan services =============================
15:45:45.0369 0x0d28  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
15:45:45.0379 0x0d28  1394ohci - ok
15:45:45.0418 0x0d28  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
15:45:45.0426 0x0d28  ACPI - ok
15:45:45.0430 0x0d28  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
15:45:45.0431 0x0d28  AcpiPmi - ok
15:45:45.0523 0x0d28  [ C5679E5186B2FC95BC76A8A9870D5456, 70AC61850B811A0A902532F098AE1D5DF4622455E56C78B89D4ABDBE4A061A48 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:45:45.0526 0x0d28  AdobeARMservice - ok
15:45:45.0663 0x0d28  [ FBB312C9DA3863673EC18F4AE4101778, 4E9AAE7C700E485C17FDFCC9100A79784673B006D00D4D4CE8F1DB617D25C864 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:45:45.0668 0x0d28  AdobeFlashPlayerUpdateSvc - ok
15:45:45.0705 0x0d28  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
15:45:45.0715 0x0d28  adp94xx - ok
15:45:45.0724 0x0d28  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
15:45:45.0740 0x0d28  adpahci - ok
15:45:45.0752 0x0d28  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
15:45:45.0756 0x0d28  adpu320 - ok
15:45:45.0781 0x0d28  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
15:45:45.0783 0x0d28  AeLookupSvc - ok
15:45:45.0835 0x0d28  [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD             C:\Windows\system32\drivers\afd.sys
15:45:45.0853 0x0d28  AFD - ok
15:45:45.0872 0x0d28  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
15:45:45.0874 0x0d28  agp440 - ok
15:45:45.0894 0x0d28  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
15:45:45.0897 0x0d28  ALG - ok
15:45:45.0905 0x0d28  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
15:45:45.0906 0x0d28  aliide - ok
15:45:45.0968 0x0d28  [ 66B54471B5856E314947881E28263A6D, 2D60706B52A2CE98FF806337D62CD010C1DEB2AEDDF899C7B67173928B2D7C4C ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
15:45:45.0978 0x0d28  AMD External Events Utility - ok
15:45:45.0989 0x0d28  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
15:45:45.0991 0x0d28  amdide - ok
15:45:45.0998 0x0d28  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
15:45:46.0001 0x0d28  AmdK8 - ok
15:45:46.0345 0x0d28  [ FBB35875FEFE53D4280259842069ED72, B1A1B5799A6C50C244182CD201A1E9FCB7BE3B5ED4BB2E2E6BCF8E1BF53B75DB ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
15:45:46.0655 0x0d28  amdkmdag - ok
15:45:46.0697 0x0d28  [ A32BCAD9377E3B75D034CAFBA463A0AE, F504895D9C9CD1B4607806BCAF15A1CBFBAC2E5824903277A1350C9F35045602 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
15:45:46.0709 0x0d28  amdkmdap - ok
15:45:46.0713 0x0d28  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
15:45:46.0715 0x0d28  AmdPPM - ok
15:45:46.0766 0x0d28  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
15:45:46.0768 0x0d28  amdsata - ok
15:45:46.0789 0x0d28  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
15:45:46.0793 0x0d28  amdsbs - ok
15:45:46.0812 0x0d28  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
15:45:46.0813 0x0d28  amdxata - ok
15:45:46.0816 0x0d28  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
15:45:46.0818 0x0d28  AppID - ok
15:45:46.0826 0x0d28  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
15:45:46.0828 0x0d28  AppIDSvc - ok
15:45:46.0844 0x0d28  [ 3977D4A871CA0D4F2ED1E7DB46829731, 2AF1C3225994769C3FD25CD7E9603964B035576F25B0B6D91545566E0722FFAA ] Appinfo         C:\Windows\System32\appinfo.dll
15:45:46.0846 0x0d28  Appinfo - ok
15:45:46.0861 0x0d28  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
15:45:46.0865 0x0d28  AppMgmt - ok
15:45:46.0878 0x0d28  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
15:45:46.0880 0x0d28  arc - ok
15:45:46.0902 0x0d28  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
15:45:46.0905 0x0d28  arcsas - ok
15:45:46.0968 0x0d28  [ 6053C47F327C78F7176D2797BBFA8348, B388A427E61D1738FDED108F4AA7B23363DF59EA19442420CC5988C8FA75560A ] ArvoFltr        C:\Windows\system32\drivers\ArvoFltr.sys
15:45:46.0970 0x0d28  ArvoFltr - ok
15:45:47.0025 0x0d28  [ 108FB6DDB69E537A2EA53F425363FAE5, B12A9F5338D39805E08A44A335FF7AA77F2266F535A2F5C8412CC746C75E5B1D ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:45:47.0029 0x0d28  aspnet_state - ok
15:45:47.0066 0x0d28  [ D95E64416A4A3ED6986E0F474DA934BD, DBB4A0DED0DABE1F8FF0DB8C0E9EC4EC906A85A45DC0AEC013A8744F9BF5D40E ] aswHwid         C:\Windows\system32\drivers\aswHwid.sys
15:45:47.0069 0x0d28  aswHwid - ok
15:45:47.0086 0x0d28  [ FF1E537A3632CBB9A0BF72B9FD0878D5, B26E6A1F6E6FA5280A12861EFAD44D8F49353F47B21843EBA73E149CF613DCBC ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
15:45:47.0090 0x0d28  aswMonFlt - ok
15:45:47.0122 0x0d28  [ A5757DE5F9C83AB40667A53D5126EA40, 58B72B1B126CF641188703CE82E26BEB0C41AD7587CFFCCCE9E3C64CC7AACC90 ] aswRdr          C:\Windows\system32\drivers\aswRdr2.sys
15:45:47.0126 0x0d28  aswRdr - ok
15:45:47.0132 0x0d28  [ 645D97385F3F284FB5604F9B970F4D24, 15A9D7F0F4C1062210E4E744A9069B8645177D19F35B8740D74022639DC05F2E ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
15:45:47.0136 0x0d28  aswRvrt - ok
15:45:47.0217 0x0d28  [ B8FDEDE963B82CFD23B3A53A3084666D, 3537E5B684FB6F0AA589A5FA7CD111E1744DF384AB1A266D4114100F104ED11B ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
15:45:47.0251 0x0d28  aswSnx - ok
15:45:47.0292 0x0d28  [ 0DEDC041DF594AEC2C3BD00417CFAF60, 0D3A8924503986546EE256D185225C0B080FDB6B0C8B0BED7516B07A7334371B ] aswSP           C:\Windows\system32\drivers\aswSP.sys
15:45:47.0300 0x0d28  aswSP - ok
15:45:47.0320 0x0d28  [ 48DED912CDE54FC0923B9858512366E1, 9B216B934408A7CB3CE2B41240B7EF01EAA3BC066211B784064FF8AC97A29B4E ] aswStm          C:\Windows\system32\drivers\aswStm.sys
15:45:47.0323 0x0d28  aswStm - ok
15:45:47.0355 0x0d28  [ 471A311745848B80339436688A8286E6, E51C57236CEC19AC38E85D115DB97875517D837811188AD2E53FA49055B53890 ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
15:45:47.0364 0x0d28  aswVmm - ok
15:45:47.0391 0x0d28  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
15:45:47.0393 0x0d28  AsyncMac - ok
15:45:47.0409 0x0d28  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
15:45:47.0410 0x0d28  atapi - ok
15:45:47.0455 0x0d28  [ 770A3B0D78232B0C1054495392A1FBA3, 733BB08BAFE42E848F3A3CDFD80A2C37DB829CAD2E18B3D6299FDEE6EF30C9CD ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
15:45:47.0460 0x0d28  AtiHDAudioService - ok
15:45:47.0493 0x0d28  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:45:47.0528 0x0d28  AudioEndpointBuilder - ok
15:45:47.0556 0x0d28  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
15:45:47.0575 0x0d28  AudioSrv - ok
15:45:47.0715 0x0d28  [ 73F5C13B431915BAE35254B4E95DFB71, 393A045859382C44133C004598B1512048046BCC129FED2247A77FDBFCDB6DFF ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
15:45:47.0717 0x0d28  avast! Antivirus - ok
15:45:47.0737 0x0d28  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
15:45:47.0740 0x0d28  AxInstSV - ok
15:45:47.0764 0x0d28  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
15:45:47.0781 0x0d28  b06bdrv - ok
15:45:47.0794 0x0d28  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
15:45:47.0801 0x0d28  b57nd60a - ok
15:45:47.0814 0x0d28  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
15:45:47.0817 0x0d28  BDESVC - ok
15:45:47.0824 0x0d28  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
15:45:47.0825 0x0d28  Beep - ok
15:45:47.0848 0x0d28  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
15:45:47.0862 0x0d28  BFE - ok
15:45:47.0904 0x0d28  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
15:45:47.0925 0x0d28  BITS - ok
15:45:47.0938 0x0d28  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
15:45:47.0940 0x0d28  blbdrive - ok
15:45:47.0973 0x0d28  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
15:45:47.0978 0x0d28  bowser - ok
15:45:48.0071 0x0d28  [ D4F84730BE7FEB435D119792F84EA934, AE66026CEF3E3F71A210C903E55C327955872B22F01E80FC3410B0AA1355062C ] BRDriver64      C:\ProgramData\BitRaider\BRDriver64.sys
15:45:48.0075 0x0d28  BRDriver64 - ok
15:45:48.0081 0x0d28  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
15:45:48.0083 0x0d28  BrFiltLo - ok
15:45:48.0088 0x0d28  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
15:45:48.0089 0x0d28  BrFiltUp - ok
15:45:48.0097 0x0d28  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
15:45:48.0101 0x0d28  BridgeMP - ok
15:45:48.0119 0x0d28  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
15:45:48.0125 0x0d28  Browser - ok
15:45:48.0138 0x0d28  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
15:45:48.0147 0x0d28  Brserid - ok
15:45:48.0150 0x0d28  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
15:45:48.0152 0x0d28  BrSerWdm - ok
15:45:48.0182 0x0d28  [ 78561B78811A147B99CB47EBBD2D2847, 4EF1ED64CAF0549B43A660FF70D5035DFD59CCD22E7353150E8A13944C936520 ] BRSptSvc        C:\ProgramData\BitRaider\BRSptSvc.exe
15:45:48.0192 0x0d28  BRSptSvc - ok
15:45:48.0195 0x0d28  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
15:45:48.0197 0x0d28  BrUsbMdm - ok
15:45:48.0200 0x0d28  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
15:45:48.0201 0x0d28  BrUsbSer - ok
15:45:48.0204 0x0d28  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
15:45:48.0207 0x0d28  BTHMODEM - ok
15:45:48.0227 0x0d28  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
15:45:48.0229 0x0d28  bthserv - ok
15:45:48.0244 0x0d28  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
15:45:48.0246 0x0d28  cdfs - ok
15:45:48.0258 0x0d28  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
15:45:48.0262 0x0d28  cdrom - ok
15:45:48.0273 0x0d28  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
15:45:48.0276 0x0d28  CertPropSvc - ok
15:45:48.0279 0x0d28  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
15:45:48.0280 0x0d28  circlass - ok
15:45:48.0294 0x0d28  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
15:45:48.0301 0x0d28  CLFS - ok
15:45:48.0362 0x0d28  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:45:48.0366 0x0d28  clr_optimization_v2.0.50727_32 - ok
15:45:48.0399 0x0d28  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:45:48.0404 0x0d28  clr_optimization_v2.0.50727_64 - ok
15:45:48.0486 0x0d28  [ 6D7C8A951AF6AD6835C029B3CB88D333, 66F3D79887B2449B4C6912D1A258D1A96056888F51A8AA24FEDF37942AD5BDBB ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:45:48.0492 0x0d28  clr_optimization_v4.0.30319_32 - ok
15:45:48.0504 0x0d28  [ 86329C35FF23CFEF0FB6C0023BA06BCE, D915CE7AD564F97A1C3B047D5248B7EF67ADDC59687FBC90F1776C21DAA0D3FD ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:45:48.0510 0x0d28  clr_optimization_v4.0.30319_64 - ok
15:45:48.0515 0x0d28  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
15:45:48.0517 0x0d28  CmBatt - ok
15:45:48.0532 0x0d28  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
15:45:48.0534 0x0d28  cmdide - ok
15:45:48.0581 0x0d28  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
15:45:48.0595 0x0d28  CNG - ok
15:45:48.0605 0x0d28  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
15:45:48.0607 0x0d28  Compbatt - ok
15:45:48.0621 0x0d28  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
15:45:48.0623 0x0d28  CompositeBus - ok
15:45:48.0625 0x0d28  COMSysApp - ok
15:45:48.0629 0x0d28  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
15:45:48.0630 0x0d28  crcdisk - ok
15:45:48.0674 0x0d28  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
15:45:48.0678 0x0d28  CryptSvc - ok
15:45:48.0711 0x0d28  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
15:45:48.0721 0x0d28  CSC - ok
15:45:48.0746 0x0d28  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
15:45:48.0758 0x0d28  CscService - ok
15:45:49.0023 0x0d28  [ 914A7156B0C0F10BE645A02E13F576B2, C8686CE4DD9C457D56D5535307FD210AE057BFF94AC59665681DA6CF46DBE2E8 ] DAUpdaterSvc    C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe
15:45:49.0025 0x0d28  DAUpdaterSvc - ok
15:45:49.0056 0x0d28  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
15:45:49.0075 0x0d28  DcomLaunch - ok
15:45:49.0093 0x0d28  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
15:45:49.0100 0x0d28  defragsvc - ok
15:45:49.0119 0x0d28  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
15:45:49.0121 0x0d28  DfsC - ok
15:45:49.0149 0x0d28  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
15:45:49.0162 0x0d28  Dhcp - ok
15:45:49.0166 0x0d28  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
15:45:49.0167 0x0d28  discache - ok
15:45:49.0178 0x0d28  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
15:45:49.0180 0x0d28  Disk - ok
15:45:49.0199 0x0d28  [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
15:45:49.0252 0x0d28  dmvsc - ok
15:45:49.0290 0x0d28  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
15:45:49.0295 0x0d28  Dnscache - ok
15:45:49.0312 0x0d28  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
15:45:49.0318 0x0d28  dot3svc - ok
15:45:49.0330 0x0d28  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
15:45:49.0334 0x0d28  DPS - ok
15:45:49.0352 0x0d28  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
15:45:49.0353 0x0d28  drmkaud - ok
15:45:49.0417 0x0d28  [ 33F90B202E9DD9B7D489EB59310FDC34, 6ECF6669433E090E9CF6B1875AF18D2C06F8CDB3901D58BF89C3E2202574ABBD ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
15:45:49.0428 0x0d28  dtsoftbus01 - ok
15:45:49.0499 0x0d28  [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
15:45:49.0524 0x0d28  DXGKrnl - ok
15:45:49.0541 0x0d28  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
15:45:49.0544 0x0d28  EapHost - ok
15:45:49.0643 0x0d28  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
15:45:49.0737 0x0d28  ebdrv - ok
15:45:49.0786 0x0d28  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS             C:\Windows\System32\lsass.exe
15:45:49.0788 0x0d28  EFS - ok
15:45:49.0842 0x0d28  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
15:45:49.0867 0x0d28  ehRecvr - ok
15:45:49.0882 0x0d28  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
15:45:49.0885 0x0d28  ehSched - ok
15:45:49.0925 0x0d28  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
15:45:49.0935 0x0d28  elxstor - ok
15:45:49.0946 0x0d28  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
15:45:49.0947 0x0d28  ErrDev - ok
15:45:49.0970 0x0d28  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
15:45:49.0978 0x0d28  EventSystem - ok
15:45:49.0984 0x0d28  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
15:45:49.0988 0x0d28  exfat - ok
15:45:50.0008 0x0d28  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
15:45:50.0013 0x0d28  fastfat - ok
15:45:50.0044 0x0d28  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
15:45:50.0057 0x0d28  Fax - ok
15:45:50.0061 0x0d28  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
15:45:50.0063 0x0d28  fdc - ok
15:45:50.0078 0x0d28  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
15:45:50.0079 0x0d28  fdPHost - ok
15:45:50.0093 0x0d28  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
15:45:50.0096 0x0d28  FDResPub - ok
15:45:50.0112 0x0d28  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
15:45:50.0115 0x0d28  FileInfo - ok
15:45:50.0129 0x0d28  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
15:45:50.0131 0x0d28  Filetrace - ok
15:45:50.0133 0x0d28  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
15:45:50.0134 0x0d28  flpydisk - ok
15:45:50.0152 0x0d28  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
15:45:50.0158 0x0d28  FltMgr - ok
15:45:50.0216 0x0d28  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
15:45:50.0250 0x0d28  FontCache - ok
15:45:50.0273 0x0d28  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:45:50.0274 0x0d28  FontCache3.0.0.0 - ok
15:45:50.0283 0x0d28  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
15:45:50.0284 0x0d28  FsDepends - ok
15:45:50.0318 0x0d28  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
15:45:50.0321 0x0d28  Fs_Rec - ok
15:45:50.0370 0x0d28  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
15:45:50.0378 0x0d28  fvevol - ok
15:45:50.0397 0x0d28  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
15:45:50.0401 0x0d28  gagp30kx - ok
15:45:50.0445 0x0d28  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
15:45:50.0469 0x0d28  gpsvc - ok
15:45:50.0512 0x0d28  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:45:50.0516 0x0d28  gupdate - ok
15:45:50.0523 0x0d28  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:45:50.0527 0x0d28  gupdatem - ok
15:45:50.0532 0x0d28  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
15:45:50.0534 0x0d28  hcw85cir - ok
15:45:50.0562 0x0d28  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:45:50.0571 0x0d28  HdAudAddService - ok
15:45:50.0602 0x0d28  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
15:45:50.0606 0x0d28  HDAudBus - ok
15:45:50.0611 0x0d28  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
15:45:50.0614 0x0d28  HidBatt - ok
15:45:50.0621 0x0d28  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
15:45:50.0625 0x0d28  HidBth - ok
15:45:50.0631 0x0d28  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
15:45:50.0634 0x0d28  HidIr - ok
15:45:50.0676 0x0d28  [ 943B20F119F05BCAB4D2593E2D3D4278, 7056691C0EFF0AA236195BD254E452C026EEDFB2E257330F92A072D4CEC3B712 ] hidkmdf         C:\Windows\system32\DRIVERS\hidkmdf.sys
15:45:50.0677 0x0d28  hidkmdf - ok
15:45:50.0692 0x0d28  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
15:45:50.0695 0x0d28  hidserv - ok
15:45:50.0730 0x0d28  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
15:45:50.0733 0x0d28  HidUsb - ok
15:45:50.0754 0x0d28  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
15:45:50.0757 0x0d28  hkmsvc - ok
15:45:50.0773 0x0d28  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:45:50.0779 0x0d28  HomeGroupListener - ok
15:45:50.0802 0x0d28  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:45:50.0807 0x0d28  HomeGroupProvider - ok
15:45:50.0833 0x0d28  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
15:45:50.0835 0x0d28  HpSAMD - ok
15:45:50.0881 0x0d28  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
15:45:50.0910 0x0d28  HTTP - ok
15:45:50.0920 0x0d28  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
15:45:50.0922 0x0d28  hwpolicy - ok
15:45:50.0937 0x0d28  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
15:45:50.0940 0x0d28  i8042prt - ok
15:45:50.0979 0x0d28  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
15:45:50.0987 0x0d28  iaStorV - ok
15:45:51.0026 0x0d28  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:45:51.0042 0x0d28  idsvc - ok
15:45:51.0056 0x0d28  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
15:45:51.0058 0x0d28  iirsp - ok
15:45:51.0122 0x0d28  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
15:45:51.0192 0x0d28  IKEEXT - ok
15:45:51.0336 0x0d28  [ A0C2C3D4C03C4FB896CFC53873784178, 7C2178B72D7B7B8FD9045A40656A4492ACF4527AAA0B7D9CB7881487AAD67D95 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
15:45:51.0398 0x0d28  IntcAzAudAddService - ok
15:45:51.0407 0x0d28  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
15:45:51.0408 0x0d28  intelide - ok
15:45:51.0428 0x0d28  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
15:45:51.0429 0x0d28  intelppm - ok
15:45:51.0447 0x0d28  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
15:45:51.0453 0x0d28  IPBusEnum - ok
15:45:51.0468 0x0d28  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:45:51.0472 0x0d28  IpFilterDriver - ok
15:45:51.0494 0x0d28  [ A34A587FFFD45FA649FBA6D03784D257, C9A2BCD4E2A5EB6E320092A3AFD5737ECDCDA0B83EE42314A23C4978F2974767 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
15:45:51.0507 0x0d28  iphlpsvc - ok
15:45:51.0511 0x0d28  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
15:45:51.0514 0x0d28  IPMIDRV - ok
15:45:51.0518 0x0d28  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
15:45:51.0521 0x0d28  IPNAT - ok
15:45:51.0527 0x0d28  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
15:45:51.0529 0x0d28  IRENUM - ok
15:45:51.0551 0x0d28  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
15:45:51.0552 0x0d28  isapnp - ok
15:45:51.0565 0x0d28  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
15:45:51.0572 0x0d28  iScsiPrt - ok
15:45:51.0582 0x0d28  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
15:45:51.0584 0x0d28  kbdclass - ok
15:45:51.0593 0x0d28  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
15:45:51.0594 0x0d28  kbdhid - ok
15:45:51.0608 0x0d28  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso          C:\Windows\system32\lsass.exe
15:45:51.0610 0x0d28  KeyIso - ok
15:45:51.0653 0x0d28  [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
15:45:51.0657 0x0d28  KSecDD - ok
15:45:51.0671 0x0d28  [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
15:45:51.0678 0x0d28  KSecPkg - ok
15:45:51.0687 0x0d28  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
15:45:51.0689 0x0d28  ksthunk - ok
15:45:51.0707 0x0d28  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
15:45:51.0718 0x0d28  KtmRm - ok
15:45:51.0750 0x0d28  [ A4A9CA24E54E81C6C3E469EAEB4B3F42, FB6B72BF973EC2EE2D81AAAF47B030C0A5E7E7B079DAB257C52FEFC3F222CDC8 ] L1C             C:\Windows\system32\DRIVERS\L1C62x64.sys
15:45:51.0753 0x0d28  L1C - ok
15:45:51.0787 0x0d28  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\System32\srvsvc.dll
15:45:51.0794 0x0d28  LanmanServer - ok
15:45:51.0810 0x0d28  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:45:51.0814 0x0d28  LanmanWorkstation - ok
15:45:51.0863 0x0d28  [ B6552D382FF070B4ED34CBD6737277C0, 7C2C24454037170311B0267DEFB797E8DF8D157D62157D271BF7F5F74B2A12F3 ] LHidFilt        C:\Windows\system32\DRIVERS\LHidFilt.Sys
15:45:51.0867 0x0d28  LHidFilt - ok
15:45:51.0882 0x0d28  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
15:45:51.0886 0x0d28  lltdio - ok
15:45:51.0909 0x0d28  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
15:45:51.0923 0x0d28  lltdsvc - ok
15:45:51.0939 0x0d28  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
15:45:51.0942 0x0d28  lmhosts - ok
15:45:51.0950 0x0d28  [ 73C1F563AB73D459DFFE682D66476558, 9B8BEE384C968DC6C37DD54B9128D9C2BA92EDBF7BDF49D753AA7DB165F18D00 ] LMouFilt        C:\Windows\system32\DRIVERS\LMouFilt.Sys
15:45:51.0953 0x0d28  LMouFilt - ok
15:45:51.0973 0x0d28  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
15:45:51.0977 0x0d28  LSI_FC - ok
15:45:51.0986 0x0d28  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
15:45:51.0989 0x0d28  LSI_SAS - ok
15:45:52.0007 0x0d28  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
15:45:52.0009 0x0d28  LSI_SAS2 - ok
15:45:52.0013 0x0d28  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
15:45:52.0016 0x0d28  LSI_SCSI - ok
15:45:52.0035 0x0d28  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
15:45:52.0038 0x0d28  luafv - ok
15:45:52.0058 0x0d28  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
15:45:52.0062 0x0d28  Mcx2Svc - ok
15:45:52.0071 0x0d28  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
15:45:52.0073 0x0d28  megasas - ok
15:45:52.0097 0x0d28  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
15:45:52.0104 0x0d28  MegaSR - ok
15:45:52.0126 0x0d28  [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
15:45:52.0129 0x0d28  MEIx64 - ok
15:45:52.0313 0x0d28  [ B6DAC0B7460920B8C41C3BE85547396F, CD1EF49402392994A4718CD2995E73A2E3ED544734CB06D25B4FECB84C1D9AA5 ] MF NTFS Monitor C:\Users\Giannis\AppData\Local\MEDIAF~1\MFUSNM~1.EXE
15:45:52.0331 0x0d28  MF NTFS Monitor - ok
15:45:52.0382 0x0d28  [ 0574AF96D86AD36CAEDFAA94D256C1F3, 29EA8D34B3EFB8E483033AB9CAC0D4463E0A11AE3E0A167E3BE124D14DFA3E2C ] mfmonitor       C:\Windows\system32\DRIVERS\mfmonitor_x64.sys
15:45:52.0384 0x0d28  mfmonitor - ok
15:45:52.0395 0x0d28  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
15:45:52.0400 0x0d28  MMCSS - ok
15:45:52.0416 0x0d28  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
15:45:52.0419 0x0d28  Modem - ok
15:45:52.0430 0x0d28  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
15:45:52.0432 0x0d28  monitor - ok
15:45:52.0443 0x0d28  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
15:45:52.0446 0x0d28  mouclass - ok
15:45:52.0450 0x0d28  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
15:45:52.0452 0x0d28  mouhid - ok
15:45:52.0462 0x0d28  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
15:45:52.0466 0x0d28  mountmgr - ok
15:45:52.0482 0x0d28  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
15:45:52.0487 0x0d28  mpio - ok
15:45:52.0509 0x0d28  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
15:45:52.0512 0x0d28  mpsdrv - ok
15:45:52.0543 0x0d28  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
15:45:52.0571 0x0d28  MpsSvc - ok
15:45:52.0576 0x0d28  [ DC722758B8261E1ABAFD31A3C0A66380, 88BBE073E2CCD1DAB4656DDC53D5161E8A91D035ADAC1465D0CEBA86F1BB6D9A ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
15:45:52.0580 0x0d28  MRxDAV - ok
15:45:52.0611 0x0d28  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
15:45:52.0615 0x0d28  mrxsmb - ok
15:45:52.0629 0x0d28  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:45:52.0635 0x0d28  mrxsmb10 - ok
15:45:52.0670 0x0d28  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:45:52.0673 0x0d28  mrxsmb20 - ok
15:45:52.0688 0x0d28  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
15:45:52.0689 0x0d28  msahci - ok
15:45:52.0709 0x0d28  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
15:45:52.0713 0x0d28  msdsm - ok
15:45:52.0734 0x0d28  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
15:45:52.0738 0x0d28  MSDTC - ok
15:45:52.0751 0x0d28  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
15:45:52.0752 0x0d28  Msfs - ok
15:45:52.0769 0x0d28  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
15:45:52.0770 0x0d28  mshidkmdf - ok
15:45:52.0777 0x0d28  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
15:45:52.0778 0x0d28  msisadrv - ok
15:45:52.0814 0x0d28  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
15:45:52.0818 0x0d28  MSiSCSI - ok
15:45:52.0821 0x0d28  msiserver - ok
15:45:52.0839 0x0d28  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
15:45:52.0840 0x0d28  MSKSSRV - ok
15:45:52.0854 0x0d28  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
15:45:52.0856 0x0d28  MSPCLOCK - ok
15:45:52.0864 0x0d28  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
15:45:52.0871 0x0d28  MSPQM - ok
15:45:52.0887 0x0d28  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
15:45:52.0895 0x0d28  MsRPC - ok
15:45:52.0908 0x0d28  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
15:45:52.0909 0x0d28  mssmbios - ok
15:45:52.0920 0x0d28  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
15:45:52.0921 0x0d28  MSTEE - ok
15:45:52.0935 0x0d28  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
15:45:52.0936 0x0d28  MTConfig - ok
15:45:52.0944 0x0d28  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
15:45:52.0946 0x0d28  Mup - ok
15:45:52.0983 0x0d28  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
15:45:53.0002 0x0d28  napagent - ok
15:45:53.0046 0x0d28  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
15:45:53.0058 0x0d28  NativeWifiP - ok
15:45:53.0089 0x0d28  [ 79B47FD40D9A817E932F9D26FAC0A81C, 53E260B8BFC50BA45FA73BFCF4E58C233890D0EAA9DEFDCCBB55FD3EB992FF2D ] NDIS            C:\Windows\system32\drivers\ndis.sys
15:45:53.0123 0x0d28  NDIS - ok
15:45:53.0146 0x0d28  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
15:45:53.0148 0x0d28  NdisCap - ok
15:45:53.0163 0x0d28  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
15:45:53.0165 0x0d28  NdisTapi - ok
15:45:53.0176 0x0d28  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
15:45:53.0179 0x0d28  Ndisuio - ok
15:45:53.0199 0x0d28  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
15:45:53.0203 0x0d28  NdisWan - ok
15:45:53.0217 0x0d28  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
15:45:53.0220 0x0d28  NDProxy - ok
15:45:53.0226 0x0d28  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
15:45:53.0228 0x0d28  NetBIOS - ok
15:45:53.0243 0x0d28  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
15:45:53.0249 0x0d28  NetBT - ok
15:45:53.0264 0x0d28  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\Windows\system32\lsass.exe
15:45:53.0265 0x0d28  Netlogon - ok
15:45:53.0293 0x0d28  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
15:45:53.0302 0x0d28  Netman - ok
15:45:53.0356 0x0d28  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:45:53.0359 0x0d28  NetMsmqActivator - ok
15:45:53.0364 0x0d28  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:45:53.0366 0x0d28  NetPipeActivator - ok
15:45:53.0393 0x0d28  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
15:45:53.0404 0x0d28  netprofm - ok
15:45:53.0408 0x0d28  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:45:53.0411 0x0d28  NetTcpActivator - ok
15:45:53.0416 0x0d28  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:45:53.0419 0x0d28  NetTcpPortSharing - ok
15:45:53.0436 0x0d28  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
15:45:53.0438 0x0d28  nfrd960 - ok
15:45:53.0458 0x0d28  [ 1EE99A89CC788ADA662441D1E9830529, 6B4FDD74BB81E12BD4B25A3E8AECB0FA77FA0075D454DD1D6DC1790ADF1F2AA8 ] NlaSvc          C:\Windows\System32\nlasvc.dll
15:45:53.0465 0x0d28  NlaSvc - ok
15:45:53.0477 0x0d28  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
15:45:53.0479 0x0d28  Npfs - ok
15:45:53.0498 0x0d28  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
15:45:53.0501 0x0d28  nsi - ok
15:45:53.0511 0x0d28  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
15:45:53.0513 0x0d28  nsiproxy - ok
15:45:53.0607 0x0d28  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
15:45:53.0669 0x0d28  Ntfs - ok
15:45:53.0700 0x0d28  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
15:45:53.0702 0x0d28  Null - ok
15:45:53.0752 0x0d28  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
15:45:53.0758 0x0d28  nvraid - ok
15:45:53.0803 0x0d28  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
15:45:53.0807 0x0d28  nvstor - ok
15:45:53.0829 0x0d28  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
15:45:53.0833 0x0d28  nv_agp - ok
15:45:53.0836 0x0d28  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
15:45:53.0838 0x0d28  ohci1394 - ok
15:45:53.0978 0x0d28  [ 419B46AEF57049CAB061E39F06BE4C5E, 1DD289A4FB37056A453D43B1DADA78F40696FDEFAD5D10B2E0CCC5F9BFCFA2DF ] OverwolfUpdater C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe
15:45:54.0000 0x0d28  OverwolfUpdater - ok
15:45:54.0032 0x0d28  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
15:45:54.0040 0x0d28  p2pimsvc - ok
15:45:54.0063 0x0d28  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
15:45:54.0073 0x0d28  p2psvc - ok
15:45:54.0108 0x0d28  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
15:45:54.0111 0x0d28  Parport - ok
15:45:54.0156 0x0d28  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
15:45:54.0158 0x0d28  partmgr - ok
15:45:54.0170 0x0d28  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
15:45:54.0175 0x0d28  PcaSvc - ok
15:45:54.0184 0x0d28  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
15:45:54.0187 0x0d28  pci - ok
15:45:54.0199 0x0d28  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
15:45:54.0200 0x0d28  pciide - ok
15:45:54.0214 0x0d28  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
15:45:54.0218 0x0d28  pcmcia - ok
15:45:54.0222 0x0d28  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
15:45:54.0223 0x0d28  pcw - ok
15:45:54.0252 0x0d28  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
15:45:54.0265 0x0d28  PEAUTH - ok
15:45:54.0336 0x0d28  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
15:45:54.0384 0x0d28  PeerDistSvc - ok
15:45:54.0472 0x0d28  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
15:45:54.0476 0x0d28  PerfHost - ok
15:45:54.0539 0x0d28  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
15:45:54.0567 0x0d28  pla - ok
15:45:54.0646 0x0d28  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
15:45:54.0668 0x0d28  PlugPlay - ok
15:45:54.0701 0x0d28  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
15:45:54.0707 0x0d28  PNRPAutoReg - ok
15:45:54.0727 0x0d28  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
15:45:54.0740 0x0d28  PNRPsvc - ok
15:45:54.0791 0x0d28  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
15:45:54.0807 0x0d28  PolicyAgent - ok
15:45:54.0843 0x0d28  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
15:45:54.0848 0x0d28  Power - ok
15:45:54.0871 0x0d28  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
15:45:54.0874 0x0d28  PptpMiniport - ok
15:45:54.0877 0x0d28  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
15:45:54.0879 0x0d28  Processor - ok
15:45:54.0892 0x0d28  [ 5C78838B4D166D1A27DB3A8A820C799A, BBF7E1D0B6754CF06BF3936671FDF5BF6E845CA5678D0940EA54E9212B539B7F ] ProfSvc         C:\Windows\system32\profsvc.dll
15:45:54.0898 0x0d28  ProfSvc - ok
15:45:54.0901 0x0d28  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:45:54.0903 0x0d28  ProtectedStorage - ok
15:45:54.0921 0x0d28  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
15:45:54.0924 0x0d28  Psched - ok
15:45:54.0990 0x0d28  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
15:45:55.0080 0x0d28  ql2300 - ok
15:45:55.0106 0x0d28  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
15:45:55.0113 0x0d28  ql40xx - ok
15:45:55.0129 0x0d28  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
15:45:55.0135 0x0d28  QWAVE - ok
15:45:55.0139 0x0d28  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
15:45:55.0140 0x0d28  QWAVEdrv - ok
15:45:55.0158 0x0d28  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
15:45:55.0159 0x0d28  RasAcd - ok
15:45:55.0177 0x0d28  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
15:45:55.0179 0x0d28  RasAgileVpn - ok
15:45:55.0196 0x0d28  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
15:45:55.0200 0x0d28  RasAuto - ok
15:45:55.0217 0x0d28  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
15:45:55.0220 0x0d28  Rasl2tp - ok
15:45:55.0242 0x0d28  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
15:45:55.0250 0x0d28  RasMan - ok
15:45:55.0265 0x0d28  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
15:45:55.0268 0x0d28  RasPppoe - ok
15:45:55.0280 0x0d28  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
15:45:55.0282 0x0d28  RasSstp - ok
15:45:55.0293 0x0d28  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
15:45:55.0300 0x0d28  rdbss - ok
15:45:55.0314 0x0d28  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
15:45:55.0316 0x0d28  rdpbus - ok
15:45:55.0328 0x0d28  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
15:45:55.0329 0x0d28  RDPCDD - ok
15:45:55.0354 0x0d28  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
15:45:55.0358 0x0d28  RDPDR - ok
15:45:55.0361 0x0d28  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
15:45:55.0363 0x0d28  RDPENCDD - ok
15:45:55.0367 0x0d28  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
15:45:55.0368 0x0d28  RDPREFMP - ok
15:45:55.0432 0x0d28  [ 70CBA1A0C98600A2AA1863479B35CB90, 91A133297921B4955817176251AFC5283DA3C7D2099700C4C92ECC94DBE9A99E ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
15:45:55.0433 0x0d28  RdpVideoMiniport - ok
15:45:55.0478 0x0d28  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
15:45:55.0486 0x0d28  RDPWD - ok
15:45:55.0514 0x0d28  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
15:45:55.0523 0x0d28  rdyboost - ok
15:45:55.0541 0x0d28  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
15:45:55.0548 0x0d28  RemoteAccess - ok
15:45:55.0571 0x0d28  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
15:45:55.0577 0x0d28  RemoteRegistry - ok
15:45:55.0589 0x0d28  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
15:45:55.0593 0x0d28  RpcEptMapper - ok
15:45:55.0603 0x0d28  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
15:45:55.0605 0x0d28  RpcLocator - ok
15:45:55.0630 0x0d28  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
15:45:55.0638 0x0d28  RpcSs - ok
15:45:55.0654 0x0d28  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
15:45:55.0656 0x0d28  rspndr - ok
15:45:55.0671 0x0d28  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
15:45:55.0672 0x0d28  s3cap - ok
15:45:55.0676 0x0d28  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs           C:\Windows\system32\lsass.exe
15:45:55.0678 0x0d28  SamSs - ok
15:45:55.0699 0x0d28  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
15:45:55.0702 0x0d28  sbp2port - ok
15:45:55.0724 0x0d28  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
15:45:55.0730 0x0d28  SCardSvr - ok
15:45:55.0737 0x0d28  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
15:45:55.0739 0x0d28  scfilter - ok
15:45:55.0772 0x0d28  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
15:45:55.0806 0x0d28  Schedule - ok
15:45:55.0862 0x0d28  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
15:45:55.0864 0x0d28  SCPolicySvc - ok
15:45:55.0876 0x0d28  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
15:45:55.0881 0x0d28  SDRSVC - ok
15:45:55.0894 0x0d28  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
15:45:55.0896 0x0d28  secdrv - ok
15:45:55.0916 0x0d28  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
15:45:55.0922 0x0d28  seclogon - ok
15:45:55.0938 0x0d28  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
15:45:55.0944 0x0d28  SENS - ok
15:45:55.0957 0x0d28  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
15:45:55.0963 0x0d28  SensrSvc - ok
15:45:55.0982 0x0d28  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
15:45:55.0985 0x0d28  Serenum - ok
15:45:56.0014 0x0d28  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
15:45:56.0019 0x0d28  Serial - ok
15:45:56.0031 0x0d28  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
15:45:56.0034 0x0d28  sermouse - ok
15:45:56.0054 0x0d28  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
15:45:56.0063 0x0d28  SessionEnv - ok
15:45:56.0066 0x0d28  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
15:45:56.0068 0x0d28  sffdisk - ok
15:45:56.0071 0x0d28  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
15:45:56.0074 0x0d28  sffp_mmc - ok
15:45:56.0076 0x0d28  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
15:45:56.0078 0x0d28  sffp_sd - ok
15:45:56.0081 0x0d28  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
15:45:56.0083 0x0d28  sfloppy - ok
15:45:56.0105 0x0d28  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
15:45:56.0115 0x0d28  SharedAccess - ok
15:45:56.0148 0x0d28  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:45:56.0158 0x0d28  ShellHWDetection - ok
15:45:56.0177 0x0d28  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
15:45:56.0179 0x0d28  SiSRaid2 - ok
15:45:56.0195 0x0d28  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
15:45:56.0198 0x0d28  SiSRaid4 - ok
15:45:56.0277 0x0d28  [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
15:45:56.0284 0x0d28  SkypeUpdate - ok
15:45:56.0304 0x0d28  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
15:45:56.0309 0x0d28  Smb - ok
15:45:56.0334 0x0d28  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
15:45:56.0340 0x0d28  SNMPTRAP - ok
15:45:56.0349 0x0d28  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
15:45:56.0352 0x0d28  spldr - ok
15:45:56.0384 0x0d28  [ B96C17B5DC1424D56EEA3A99E97428CD, AF0A85066A7983878DC1C663811CE61C6CA1912DC956184F878B7B82DB93C651 ] Spooler         C:\Windows\System32\spoolsv.exe
15:45:56.0411 0x0d28  Spooler - ok
15:45:56.0543 0x0d28  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
15:45:56.0665 0x0d28  sppsvc - ok
15:45:56.0703 0x0d28  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
15:45:56.0709 0x0d28  sppuinotify - ok
15:45:56.0763 0x0d28  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
15:45:56.0781 0x0d28  srv - ok
15:45:56.0841 0x0d28  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
15:45:56.0854 0x0d28  srv2 - ok
15:45:56.0926 0x0d28  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
15:45:56.0930 0x0d28  srvnet - ok
15:45:56.0951 0x0d28  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
15:45:56.0957 0x0d28  SSDPSRV - ok
15:45:56.0966 0x0d28  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
15:45:56.0971 0x0d28  SstpSvc - ok
15:45:57.0028 0x0d28  [ 3F0826F632F66906CB3ED62202A6BAD7, CA21B038DD1A1BED7293A8DEEBE19D43D1C12378ED5C6B82D36900CD4FFF23B7 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
15:45:57.0041 0x0d28  Steam Client Service - ok
15:45:57.0101 0x0d28  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
15:45:57.0108 0x0d28  stexstor - ok
15:45:57.0164 0x0d28  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
15:45:57.0199 0x0d28  stisvc - ok
15:45:57.0250 0x0d28  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
15:45:57.0253 0x0d28  storflt - ok
15:45:57.0267 0x0d28  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
15:45:57.0269 0x0d28  storvsc - ok
15:45:57.0283 0x0d28  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
15:45:57.0284 0x0d28  swenum - ok
15:45:57.0306 0x0d28  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
15:45:57.0318 0x0d28  swprv - ok
15:45:57.0349 0x0d28  [ C3A39C4079305480972D29C44B868C78, 8F1BB75C743256F905EAEDE744B6082C53774C49126875FB4E4FBA30F5478B17 ] Synth3dVsc      C:\Windows\system32\drivers\synth3dvsc.sys
15:45:57.0351 0x0d28  Synth3dVsc - ok
15:45:57.0420 0x0d28  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
15:45:57.0506 0x0d28  SysMain - ok
15:45:57.0533 0x0d28  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:45:57.0537 0x0d28  TabletInputService - ok
15:45:57.0714 0x0d28  [ B5B736216FF7C71D320BF493825752A1, B8B71658CBF7155269AEFA663BCA3C2FFA9811637C953F2CCDD60247F5277BD0 ] TabletServicePen C:\Windows\system32\Pen_Tablet.exe
15:45:57.0872 0x0d28  TabletServicePen - ok
15:45:57.0895 0x0d28  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
15:45:57.0903 0x0d28  TapiSrv - ok
15:45:57.0920 0x0d28  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
15:45:57.0923 0x0d28  TBS - ok
15:45:58.0020 0x0d28  [ DB74544B75566C974815E79A62433F29, 035EBF70FDA28CF2B6C1FD7EE0ED703DB4B647064B5DBA6E258878A19B1BCCA4 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
15:45:58.0065 0x0d28  Tcpip - ok
15:45:58.0112 0x0d28  [ DB74544B75566C974815E79A62433F29, 035EBF70FDA28CF2B6C1FD7EE0ED703DB4B647064B5DBA6E258878A19B1BCCA4 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
15:45:58.0137 0x0d28  TCPIP6 - ok
15:45:58.0156 0x0d28  [ DF687E3D8836BFB04FCC0615BF15A519, 7C5B1E72673B4299DFC21E869F0FBB28198CA54DF4F4AF7080005F2D82467784 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
15:45:58.0158 0x0d28  tcpipreg - ok
15:45:58.0176 0x0d28  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
15:45:58.0177 0x0d28  TDPIPE - ok
15:45:58.0211 0x0d28  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
15:45:58.0214 0x0d28  TDTCP - ok
15:45:58.0227 0x0d28  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
15:45:58.0233 0x0d28  tdx - ok
15:45:58.0249 0x0d28  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
15:45:58.0253 0x0d28  TermDD - ok
15:45:58.0258 0x0d28  [ 2B5BDFF688EC9871D7EC5837833374E9, BD6C629FA2938987ABF95B790B20F0B7D4D023D5013E575F343A802D6213074E ] terminpt        C:\Windows\system32\drivers\terminpt.sys
15:45:58.0260 0x0d28  terminpt - ok
15:45:58.0295 0x0d28  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
15:45:58.0314 0x0d28  TermService - ok
15:45:58.0325 0x0d28  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
15:45:58.0328 0x0d28  Themes - ok
15:45:58.0339 0x0d28  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
15:45:58.0341 0x0d28  THREADORDER - ok
15:45:58.0363 0x0d28  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
15:45:58.0368 0x0d28  TrkWks - ok
15:45:58.0411 0x0d28  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:45:58.0418 0x0d28  TrustedInstaller - ok
15:45:58.0462 0x0d28  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
15:45:58.0465 0x0d28  tssecsrv - ok
15:45:58.0493 0x0d28  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
15:45:58.0497 0x0d28  TsUsbFlt - ok
15:45:58.0502 0x0d28  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
15:45:58.0505 0x0d28  TsUsbGD - ok
15:45:58.0528 0x0d28  [ E1748D04AE40118B62BC18AC86032192, A954B141D1B27272C771D14F3B40C7CC1F572DD72559F2C96182EFBE2B095FDE ] tsusbhub        C:\Windows\system32\drivers\tsusbhub.sys
15:45:58.0534 0x0d28  tsusbhub - ok
15:45:58.0567 0x0d28  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
15:45:58.0573 0x0d28  tunnel - ok
15:45:58.0579 0x0d28  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
15:45:58.0583 0x0d28  uagp35 - ok
15:45:58.0604 0x0d28  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
15:45:58.0616 0x0d28  udfs - ok
15:45:58.0631 0x0d28  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
15:45:58.0635 0x0d28  UI0Detect - ok
15:45:58.0650 0x0d28  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
15:45:58.0652 0x0d28  uliagpkx - ok
15:45:58.0671 0x0d28  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
15:45:58.0674 0x0d28  umbus - ok
15:45:58.0689 0x0d28  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
15:45:58.0691 0x0d28  UmPass - ok
15:45:58.0718 0x0d28  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
15:45:58.0725 0x0d28  UmRdpService - ok
15:45:58.0748 0x0d28  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
15:45:58.0758 0x0d28  upnphost - ok
15:45:58.0812 0x0d28  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
15:45:58.0818 0x0d28  usbaudio - ok
15:45:58.0835 0x0d28  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
15:45:58.0840 0x0d28  usbccgp - ok
15:45:58.0884 0x0d28  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
15:45:58.0890 0x0d28  usbcir - ok
15:45:58.0906 0x0d28  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
15:45:58.0910 0x0d28  usbehci - ok
15:45:58.0929 0x0d28  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
15:45:58.0937 0x0d28  usbhub - ok
15:45:58.0951 0x0d28  [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
15:45:58.0953 0x0d28  usbohci - ok
15:45:58.0956 0x0d28  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\drivers\usbprint.sys
15:45:58.0958 0x0d28  usbprint - ok
15:45:59.0003 0x0d28  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\drivers\USBSTOR.SYS
15:45:59.0007 0x0d28  USBSTOR - ok
15:45:59.0013 0x0d28  [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
15:45:59.0015 0x0d28  usbuhci - ok
15:45:59.0030 0x0d28  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
15:45:59.0037 0x0d28  UxSms - ok
15:45:59.0053 0x0d28  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc        C:\Windows\system32\lsass.exe
15:45:59.0057 0x0d28  VaultSvc - ok
15:45:59.0072 0x0d28  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
15:45:59.0075 0x0d28  vdrvroot - ok
15:45:59.0119 0x0d28  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
15:45:59.0134 0x0d28  vds - ok
15:45:59.0144 0x0d28  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
15:45:59.0146 0x0d28  vga - ok
15:45:59.0164 0x0d28  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
15:45:59.0165 0x0d28  VgaSave - ok
15:45:59.0178 0x0d28  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
15:45:59.0183 0x0d28  vhdmp - ok
15:45:59.0196 0x0d28  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
15:45:59.0198 0x0d28  viaide - ok
15:45:59.0220 0x0d28  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
15:45:59.0229 0x0d28  vmbus - ok
15:45:59.0257 0x0d28  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
15:45:59.0260 0x0d28  VMBusHID - ok
15:45:59.0278 0x0d28  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
15:45:59.0282 0x0d28  volmgr - ok
15:45:59.0308 0x0d28  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
15:45:59.0321 0x0d28  volmgrx - ok
15:45:59.0352 0x0d28  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
15:45:59.0360 0x0d28  volsnap - ok
15:45:59.0375 0x0d28  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
15:45:59.0379 0x0d28  vsmraid - ok
15:45:59.0430 0x0d28  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
15:45:59.0487 0x0d28  VSS - ok
15:45:59.0512 0x0d28  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
15:45:59.0513 0x0d28  vwifibus - ok
15:45:59.0538 0x0d28  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
15:45:59.0556 0x0d28  W32Time - ok
15:45:59.0627 0x0d28  [ 0D67B715AE6729D0B518D20B7A7BAD1C, 05B044CB816CBF54DCB634AC765A5937C76B471722C6D6E1A9C27E7EBAB68913 ] WacHidRouter    C:\Windows\system32\DRIVERS\wachidrouter.sys
15:45:59.0632 0x0d28  WacHidRouter - ok
15:45:59.0659 0x0d28  [ E04D43C7D1641E95D35CAE6086C7E350, BF08ED680EC835D70C522B91560B8987F206793E8E2987117C1D7B77DEFF8556 ] wacommousefilter C:\Windows\system32\DRIVERS\wacommousefilter.sys
15:45:59.0661 0x0d28  wacommousefilter - ok
15:45:59.0671 0x0d28  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
15:45:59.0674 0x0d28  WacomPen - ok
15:45:59.0690 0x0d28  [ 1042B08B4336EF3CE34E09435BB33A4A, A42B447B4A9B364BAE329F75D36A906999E8CB754F1B10DE322B6611FF9764F7 ] wacomrouterfilter C:\Windows\system32\DRIVERS\wacomrouterfilter.sys
15:45:59.0692 0x0d28  wacomrouterfilter - ok
15:45:59.0742 0x0d28  [ 26B430E7C5F598FE7353E3BC4B261321, 86D612DAA7381CD9A58AF4F60D2413705DD6C8DC2BDCC43ACD3C8063A7D52E07 ] wacomvhid       C:\Windows\system32\DRIVERS\wacomvhid.sys
15:45:59.0745 0x0d28  wacomvhid - ok
15:45:59.0759 0x0d28  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
15:45:59.0764 0x0d28  WANARP - ok
15:45:59.0776 0x0d28  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
15:45:59.0780 0x0d28  Wanarpv6 - ok
15:45:59.0879 0x0d28  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
15:45:59.0945 0x0d28  WatAdminSvc - ok
15:46:00.0006 0x0d28  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
15:46:00.0062 0x0d28  wbengine - ok
15:46:00.0082 0x0d28  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
15:46:00.0089 0x0d28  WbioSrvc - ok
15:46:00.0102 0x0d28  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
15:46:00.0112 0x0d28  wcncsvc - ok
15:46:00.0129 0x0d28  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:46:00.0132 0x0d28  WcsPlugInService - ok
15:46:00.0145 0x0d28  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
15:46:00.0146 0x0d28  Wd - ok
15:46:00.0195 0x0d28  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
15:46:00.0210 0x0d28  Wdf01000 - ok
15:46:00.0229 0x0d28  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
15:46:00.0233 0x0d28  WdiServiceHost - ok
15:46:00.0236 0x0d28  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
15:46:00.0239 0x0d28  WdiSystemHost - ok
15:46:00.0246 0x0d28  [ 3DB6D04E1C64272F8B14EB8BC4616280, 9138642B1C19F895D4ECFD930160C80FBF15813CE63BBF4C899842C300FD3026 ] WebClient       C:\Windows\System32\webclnt.dll
15:46:00.0254 0x0d28  WebClient - ok
15:46:00.0265 0x0d28  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
15:46:00.0272 0x0d28  Wecsvc - ok
15:46:00.0287 0x0d28  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
15:46:00.0291 0x0d28  wercplsupport - ok
15:46:00.0302 0x0d28  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
15:46:00.0306 0x0d28  WerSvc - ok
15:46:00.0321 0x0d28  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
15:46:00.0323 0x0d28  WfpLwf - ok
15:46:00.0336 0x0d28  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
15:46:00.0338 0x0d28  WIMMount - ok
15:46:00.0347 0x0d28  WinDefend - ok
15:46:00.0351 0x0d28  WinHttpAutoProxySvc - ok
15:46:00.0396 0x0d28  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
15:46:00.0406 0x0d28  Winmgmt - ok
15:46:00.0475 0x0d28  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
15:46:00.0548 0x0d28  WinRM - ok
15:46:00.0597 0x0d28  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
15:46:00.0601 0x0d28  WinUsb - ok
15:46:00.0655 0x0d28  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
15:46:00.0688 0x0d28  Wlansvc - ok
15:46:00.0691 0x0d28  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
15:46:00.0693 0x0d28  WmiAcpi - ok
15:46:00.0700 0x0d28  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
15:46:00.0705 0x0d28  wmiApSrv - ok
15:46:00.0715 0x0d28  WMPNetworkSvc - ok
15:46:00.0730 0x0d28  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
15:46:00.0733 0x0d28  WPCSvc - ok
15:46:00.0749 0x0d28  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
15:46:00.0754 0x0d28  WPDBusEnum - ok
15:46:00.0759 0x0d28  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
15:46:00.0761 0x0d28  ws2ifsl - ok
15:46:00.0773 0x0d28  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\system32\wscsvc.dll
15:46:00.0777 0x0d28  wscsvc - ok
15:46:00.0779 0x0d28  WSearch - ok
15:46:00.0889 0x0d28  [ CD16EB55F78AB1C92A0711F92B04B570, 387FCC84DD142AF66E15871F9D9EF67096EDFBECC6DEB9A8FB75A09168737723 ] WTabletServiceCon C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
15:46:00.0917 0x0d28  WTabletServiceCon - ok
15:46:00.0961 0x0d28  [ A2CC9A9BC30C6141FF99D85A4E26D7A7, AF6B6FD67B0A0CCB72215E2311EFCC27BF0B1805F3FF207056FE8B1FBDD374BE ] WTouchService   C:\Program Files\WTouch\WTouchService.exe
15:46:00.0964 0x0d28  WTouchService - ok
15:46:01.0069 0x0d28  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\Windows\system32\wuaueng.dll
15:46:01.0138 0x0d28  wuauserv - ok
15:46:01.0191 0x0d28  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
15:46:01.0194 0x0d28  WudfPf - ok
15:46:01.0220 0x0d28  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
15:46:01.0228 0x0d28  WUDFRd - ok
15:46:01.0267 0x0d28  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
15:46:01.0275 0x0d28  wudfsvc - ok
15:46:01.0288 0x0d28  [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc         C:\Windows\System32\wwansvc.dll
15:46:01.0301 0x0d28  WwanSvc - ok
15:46:01.0306 0x0d28  ================ Scan global ===============================
15:46:01.0334 0x0d28  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
15:46:01.0377 0x0d28  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
15:46:01.0411 0x0d28  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
15:46:01.0458 0x0d28  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
15:46:01.0485 0x0d28  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
15:46:01.0494 0x0d28  [ Global ] - ok
15:46:01.0495 0x0d28  ================ Scan MBR ==================================
15:46:01.0504 0x0d28  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:46:01.0728 0x0d28  \Device\Harddisk0\DR0 - ok
15:46:01.0729 0x0d28  ================ Scan VBR ==================================
15:46:01.0732 0x0d28  [ 0716C7474C8D20B760C8FD58796AD078 ] \Device\Harddisk0\DR0\Partition1
15:46:01.0798 0x0d28  \Device\Harddisk0\DR0\Partition1 - ok
15:46:01.0802 0x0d28  [ 6B1AE807D0C02693C5A6C8F6583F7E55 ] \Device\Harddisk0\DR0\Partition2
15:46:01.0830 0x0d28  \Device\Harddisk0\DR0\Partition2 - ok
15:46:01.0831 0x0d28  ================ Scan generic autorun ======================
15:46:01.0878 0x0d28  [ 74354790ECAE60C11631BD7856C0AFD0, 4932908C79842CFDB4882A767BCAECB97F663892C9715D4FA1F4AE902335DCB5 ] C:\Windows\KHALMNPR.EXE
15:46:01.0883 0x0d28  Kernel and Hardware Abstraction Layer - ok
15:46:02.0198 0x0d28  [ FF01BF4D9C1D6AB832E0A788E75CC330, 64B2D68947000B3970AA97AC548791220BF5BF12B4D7F39C6BB3E373BB42BD3E ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
15:46:02.0473 0x0d28  RtHDVCpl - ok
15:46:02.0618 0x0d28  [ 16598A9758F386F82D2C447C70C95D10, 0A698135EFC195C359702AA76897B9C67712FDE0A54B51587134B65510B154ED ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe
15:46:02.0652 0x0d28  StartCCC - ok
15:46:02.0696 0x0d28  [ 9284C2B7FC23FC8CB1A1C9DFDB27FB5F, 17AE41AFE6C48B0C1965D586A1C66128C6A3BECE74845A7580A5898F24B85369 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
15:46:02.0703 0x0d28  SunJavaUpdateSched - ok
15:46:02.0787 0x0d28  [ 47EA5F76FAB723C61AB4A0D79BAD512C, A7A38EB0A7068B160E6949945EF639F999A06AE35746F6E79C7350745798E5C9 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
15:46:02.0821 0x0d28  Adobe ARM - ok
15:46:02.0918 0x0d28  [ C6352C29C56077749CEEDD08680D347D, DF520DA9E9F8D34004E497969FC4AB0D9F057EEE5D8A0BBB91C5EBC983011ABD ] C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
15:46:02.0937 0x0d28  BambooCore - ok
15:46:03.0185 0x0d28  [ 26B558B2D31C7425B455B00E562EAD93, B64D128A2F1FC42BA4376F8EB08D70F4B705745CB983D0631DB45851BF34BBDF ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
15:46:03.0342 0x0d28  AvastUI.exe - ok
15:46:03.0415 0x0d28  [ 7471E1F519EA02B49EAAC01E80E3009A, EE6E96C10EB737C244DB4244BC5975CE2E1912337F5E7A952B17FF1F45527CA8 ] C:\Program Files (x86)\ROCCAT\Arvo Keyboard\ArvoHID.EXE
15:46:03.0421 0x0d28  Arvo - ok
15:46:03.0561 0x0d28  [ 0DF3D43C5FE1495BEB3B6739379EF2B9, 44393AF83BC77C61E025FEF7143563018346F94CEAEE4FAEF9A8240AD0AB7F1F ] C:\Users\Giannis\AppData\Roaming\uTorrent\uTorrent.exe
15:46:03.0594 0x0d28  uTorrent - ok
15:46:03.0685 0x0d28  [ 44A9229022A519ED45294A1934C05EEC, 6DEF0DB5F9B50E9B0AFEE1CF50066BEB4FB7E15E2DC829A499509925660D6992 ] C:\Users\Giannis\AppData\Local\FluxSoftware\Flux\flux.exe
15:46:03.0704 0x0d28  f.lux - ok
15:46:04.0058 0x0d28  [ 766C46D6506492C67CEAADBC22F79304, 299B048CCF2DE7A32E6BD82D40B50EFF9EBF283394D51338BA18547D9AC0EAC1 ] C:\Users\Giannis\AppData\Local\MediaFire Desktop\mf_watch.exe
15:46:04.0128 0x0d28  MediaFire Tray - ok
15:46:04.0530 0x0d28  [ E25C14FCBCADAAAFFBED5C608DF0B2F2, 3FA493B6DBB7D24C00B8CE171ADB17C19E5FC770F83B4725B5ACFA3340B33E67 ] C:\Program Files\CCleaner\CCleaner64.exe
15:46:04.0693 0x0d28  CCleaner Monitoring - ok
15:46:04.0762 0x0d28  [ 525BCBD5BC2365FDD438FE389D896A55, 960CAC1C72039B565F9895242FF3EFA6612E4D915BE0D426D4039E1CF3C0887D ] C:\Program Files (x86)\Overwolf\Overwolf.exe
15:46:04.0764 0x0d28  Overwolf - ok
15:46:04.0765 0x0d28  Waiting for KSN requests completion. In queue: 45
15:46:05.0765 0x0d28  Waiting for KSN requests completion. In queue: 45
15:46:06.0765 0x0d28  Waiting for KSN requests completion. In queue: 45
15:46:07.0800 0x0d28  AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 9.0.2021.515 ), 0x41000 ( enabled : updated )
15:46:07.0827 0x0d28  Win FW state via NFP2: enabled
15:46:10.0534 0x0d28  ============================================================
15:46:10.0534 0x0d28  Scan finished
15:46:10.0534 0x0d28  ============================================================
15:46:10.0543 0x1a58  Detected object count: 0
15:46:10.0543 0x1a58  Actual detected object count: 0
 
aswMBR log:
 
aswMBR version 1.0.1.2041 Copyright© 2014 AVAST Software
Run date: 2014-10-13 15:50:20
-----------------------------
15:50:20.868    OS Version: Windows x64 6.1.7601 Service Pack 1
15:50:20.868    Number of processors: 4 586 0x2A07
15:50:20.868    ComputerName: GIANNIS-PC  UserName: Giannis
15:50:22.038    Initialize success
15:50:22.039    VM: initialized successfully
15:50:22.050    VM: Intel CPU supported virtualized 
15:50:35.816    VM: supported disk I/O ataport.SYS
15:50:39.544    AVAST engine defs: 14101300
15:50:52.583    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
15:50:52.587    Disk 0 Vendor: WDC_WD10EARX-00N0YB0 51.0AB51 Size: 953869MB BusType: 3
15:50:52.687    VM: Disk 0 MBR read successfully
15:50:52.691    Disk 0 MBR scan
15:50:52.696    Disk 0 Windows 7 default MBR code
15:50:52.700    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS        12000 MB offset 2048
15:50:52.704    Disk 0 default boot code
15:50:52.707    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       941867 MB offset 24578048
15:50:52.728    Disk 0 scanning C:\Windows\system32\drivers
15:51:00.149    Service scanning
15:51:13.322    Modules scanning
15:51:13.333    Disk 0 trace - called modules:
15:51:13.354    ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys 
15:51:13.361    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004a39060]
15:51:13.366    3 CLASSPNP.SYS[fffff8800193743f] -> nt!IofCallDriver -> [0xfffffa8004472e40]
15:51:13.372    5 ACPI.sys[fffff88000f9a7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa80047cd060]
15:51:14.659    AVAST engine scan C:\Windows
15:51:17.303    AVAST engine scan C:\Windows\system32
15:53:01.575    AVAST engine scan C:\Windows\system32\drivers
15:53:10.786    AVAST engine scan C:\Users\Giannis
16:08:10.049    File: C:\Users\Giannis\Desktop\Workspace\.metadata\.plugins\All My Stuff\Stuff\Windows Loader v2.2.1(32-64bit) (??e???p???ste ?a Windows 7)\Windows.Loader v2.2.1.exe  **INFECTED** Win32:Malware-gen
16:10:56.871    AVAST engine scan C:\ProgramData
16:13:13.483    Scan finished successfully
16:14:55.052    Disk 0 MBR has been saved successfully to "C:\Users\Giannis\Desktop\MBR.dat"
16:14:55.059    The log file has been saved successfully to "C:\Users\Giannis\Desktop\aswMBR.txt"
 
 

 

Attached Files

  • Attached File  MBR.zip   554bytes   0 downloads


#14 nasdaq

nasdaq

  • Malware Response Team
  • 38,746 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:12:54 PM

Posted 13 October 2014 - 08:37 AM

Now run the aswMBR.exe tool. Select the Fix button.

Important > you need to wait for the tool to report ... Infection fixed successfully or MBR fixed successfully"
Do not reboot the machine until it has said so.

When you see the message restart the computer normally.

Run aswBMR.exe normally this time and post the log.

Please let me know what problem persists.

#15 Papadopoulos

Papadopoulos
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:07:54 PM

Posted 13 October 2014 - 06:56 PM

The fix button is greyed out and unclickable.I can only click fixMBR.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users