Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I was Keylogged and I hear IE page loading sounds on the background


  • This topic is locked This topic is locked
29 replies to this topic

#1 Sam.Baker

Sam.Baker

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:12:02 PM

Posted 16 October 2014 - 08:36 AM

Hello BC community I have found files that indicated that I was Ratted using Darkcomet few month I cleaned these files and did many scans and found nothing, then I have started hearing these Internet explorer loading sounds on the background which sounds like "tock tock". 
I'm sorry it took me long enough to post I was really busy with work.

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 10.65.2
Run by Sam at 15:30:05 on 2014-10-16
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.7879.3552 [GMT 2:00]
.
AV: Bitdefender Antivirus *Enabled/Updated* {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
SP: Bitdefender Antispyware *Enabled/Updated* {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall *Enabled* {A23392FD-84B9-F933-2C71-81E751F6EF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\igfxCUIService.exe
C:\Program Files\Sandboxie\SbieSvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k apphost
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\inetsrv\inetinfo.exe
C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
C:\Windows\System32\tcpsvcs.exe
C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
C:\Program Files\CyberGhost 5\Service.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\system32\igfxHK.exe
C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe
C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe
C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Sandboxie\SbieCtrl.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\explorer.exe
C:\Program Files\SUPERAntiSpyware\92f216cf-8c5f-4645-a137-7817117d3a11.com
C:\Windows\explorer.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
mStart Page = about:blank
mWinlogon: Userinit = userinit.exe
BHO: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: SpeedBit Link Verification Helper: {D5974A72-C81C-4DC3-BE77-A8A7BBC8864E} - C:\Program Files (x86)\DAP\LinkVerifier.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: Bitdefender Wallet: {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll
uRun: [Bitdefender Wallet Agent] "C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe"
mRun: [Super Charger] C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe
StartupFolder: C:\Users\Sam\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Sam\AppData\Roaming\Dropbox\bin\Dropbox.exe
uPolicies-Explorer: NoDrives = dword:0
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:60
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: &Download with &DAP - C:\Program Files (x86)\DAP\dapextie.htm
IE: &Verify with DAP - C:\Program Files (x86)\DAP\dapverify.htm
IE: Download &all with DAP - C:\Program Files (x86)\DAP\dapextie2.htm
IE: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
IE: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-001045-0002-0045-ABCDEFFEDCBC} - <orphaned>
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: Interfaces\{671F9943-DB13-42EA-9197-CE82EF46A0E6} : DHCPNameServer = 192.168.42.129
TCP: Interfaces\{7D048352-7666-4349-82CE-203F53915991} : DHCPNameServer = 10.77.0.254
TCP: Interfaces\{90205BEB-1FCC-4540-BBC0-06F9271F0FF6} : NameServer = 8.8.8.8,8.8.4.4
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
x64-mStart Page = about:blank
x64-BHO: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll
x64-BHO: ExplorerWnd Helper: {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-TB: Bitdefender Wallet : {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll
x64-Run: [Bdagent] "C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe"
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Sam\AppData\Roaming\Mozilla\Firefox\Profiles\iiumsl52.default\
FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelog.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll
FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll
FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll
FF - plugin: C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\LastPass\nplastpass.dll
FF - plugin: C:\Program Files (x86)\LastPass\nplastpass64.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrlui.dll
FF - plugin: C:\Users\Sam\AppData\Local\Citrix\Plugins\104\npappdetector.dll
FF - plugin: C:\Users\Sam\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll
FF - plugin: C:\Users\Sam\AppData\Local\Spoon\3.33.6.102\npMozillaSpoonPlugin.dll
FF - plugin: C:\Users\Sam\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Users\Sam\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\Sam\AppData\Roaming\Mozilla\plugins\npo1d.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll
.
============= SERVICES / DRIVERS ===============
.
R0 asstor64;asstor64;C:\Windows\System32\drivers\asstor64.sys [2014-1-27 84816]
R0 avc3;avc3;C:\Windows\System32\drivers\avc3.sys [2014-8-25 1260120]
R0 gzflt;gzflt;C:\Windows\System32\drivers\gzflt.sys [2014-8-28 150256]
R0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2014-4-8 20464]
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2014-1-25 268512]
R1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver;C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys [2014-8-28 93600]
R1 bdfwfpf;bdfwfpf;C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [2014-8-28 107080]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2013-4-1 283200]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R2 BstHdDrv;BlueStacks Hypervisor;C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [2014-2-18 122128]
R2 CGVPNCliService;CyberGhost 5 Client Service;C:\Program Files\CyberGhost 5\Service.exe [2014-10-2 64624]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2014-9-4 2525008]
R2 igfxCUIService1.0.0.0;Intel® HD Graphics Control Panel Service;C:\Windows\System32\igfxCUIService.exe [2014-6-5 315352]
R2 IntelHaxm;Intel Haxm;C:\Windows\System32\drivers\IntelHaxm.sys [2013-4-2 89072]
R2 iocbios2;iocbios2;C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [2014-6-17 28912]
R2 LMIGuardianSvc;LMIGuardianSvc;C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [2014-8-8 377616]
R2 MSI_LiveUpdate_Service;MSI_LiveUpdate_Service;C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [2014-7-10 83952]
R2 MSI_SuperCharger;MSI_SuperCharger;C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [2014-8-19 162800]
R2 RzKLService;RzKLService;C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [2014-10-12 105448]
R2 TeamViewer9;TeamViewer 9;C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2013-12-5 4799760]
R2 UPDATESRV;Bitdefender Desktop Update Service;C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe [2014-10-7 67320]
R2 XTU3SERVICE;Intel® Extreme Tuning Utility Service;C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe [2014-7-9 18384]
R3 avchv;avchv Function Driver;C:\Windows\System32\drivers\avchv.sys [2014-2-16 261056]
R3 avckf;avckf;C:\Windows\System32\drivers\avckf.sys [2014-8-1 647752]
R3 ICCS;Intel® Integrated Clock Controller Service - Intel® ICCS;C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [2013-4-10 160256]
R3 ICCWDT;Intel® Watchdog Timer Driver (Intel® WDT);C:\Windows\System32\drivers\ICCWDT.sys [2013-8-13 27608]
R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2014-6-5 450520]
R3 ISCT;Intel® Smart Connect Technology Device Driver;C:\Windows\System32\drivers\ISCTD64.sys [2013-1-19 46568]
R3 iusb3hub;Intel® USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2014-4-8 358896]
R3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2014-4-8 792560]
R3 MBfilt;MBfilt;C:\Windows\System32\drivers\MBfilt64.sys [2014-7-14 32344]
R3 NTIOLib_1_0_3;NTIOLib_1_0_3;C:\Program Files (x86)\MSI\Super Charger\NTIOLib_X64.sys [2014-8-19 13368]
R3 SbieDrv;SbieDrv;C:\Program Files\Sandboxie\SbieDrv.sys [2012-12-16 202632]
R3 V0520Vid;Creative Camera VF0520 Driver;C:\Windows\System32\drivers\V0520Vid.sys [2011-9-2 280704]
S1 HssDRV6;Hotspot Shield Routing Driver 6;C:\Windows\System32\drivers\hssdrv6.sys [2014-5-17 44744]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-7-9 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-7-8 123856]
S3 BdDesktopParental;Bitdefender Desktop Parental Control;C:\Program Files\Bitdefender\Bitdefender 2015\bdparentalservice.exe [2014-8-28 78144]
S3 bdfwfpf_pc;bdfwfpf_pc;C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [2014-8-28 121928]
S3 BDSandBox;BDSandBox;C:\Windows\System32\drivers\bdsandbox.sys [2014-8-1 82824]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2014-5-4 108800]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2011-4-12 71168]
S3 IDMWFP;IDMWFP;C:\Windows\System32\drivers\idmwfp.sys [2014-2-5 175480]
S3 NTIOLib_1_0_4;NTIOLib_1_0_4;C:\Program Files (x86)\MSI\Live Update\NTIOLib_X64.sys [2014-7-10 14136]
S3 NTIOLib_1_0_T;NTIOLib_1_0_T;C:\Program Files (x86)\MSI\OTPService\NTIOLib_X64.sys [2014-1-5 14136]
S3 NTIOLib_FastBoot;NTIOLib_FastBoot;C:\Program Files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [2014-4-2 13368]
S3 NTIOLib_MSISMB_CC;NTIOLib_MSISMB_CC;C:\Program Files (x86)\MSI\ControlCenter\Sleep\NTIOLib_X64.sys [2014-7-10 13368]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-21 20992]
S3 Revoflt;Revoflt;C:\Windows\System32\drivers\revoflt.sys [2013-10-3 31800]
S3 RZMAELSTROMVADService;Razer Surround Audio Enhancer Service;C:\Windows\System32\drivers\RzMaelstromVAD.sys [2014-5-23 32768]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2014-5-4 206080]
S3 Synth3dVsc;Synth3dVsc;C:\Windows\System32\drivers\Synth3dVsc.sys [2011-4-12 88960]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);C:\Windows\System32\drivers\tap0901t.sys [2013-4-26 31232]
S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2011-4-12 34816]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 tsusbhub;tsusbhub;C:\Windows\System32\drivers\tsusbhub.sys [2011-4-12 117248]
S3 TunngleService;TunngleService;C:\Program Files (x86)\Tunngle\TnglCtrl.exe [2014-6-11 758224]
S3 usbUDisc;usbUDisc;C:\Windows\System32\drivers\USBDrv_AMD64.sys [2013-6-14 17280]
S3 WinRing0_1_2_0;WinRing0_1_2_0;C:\Users\Sam\Desktop\temp\WinRing0x64.sys [2014-9-4 14544]
S4 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2013-5-23 172344]
S4 BstHdAndroidSvc;BlueStacks Android Service;C:\Program Files (x86)\BlueStacks\HD-Service.exe [2014-2-18 402192]
S4 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [2014-2-18 385808]
S4 BstHdUpdaterSvc;BlueStacks Updater Service;C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [2014-2-18 766736]
S4 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-12-10 732160]
S4 Intel® Capability Licensing Service TCP IP Interface;Intel® Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2012-12-10 803872]
S4 LiveUpdateSvc;LiveUpdate;C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2013-12-26 2152736]
S4 McciCMService64;McciCMService64;C:\Program Files\Common Files\Motive\McciCMService.exe [2013-5-18 517632]
S4 MSI_FastBoot;MSI_FastBoot;C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe [2014-4-2 103992]
S4 MSI_OTPService;MSI_OTPService;C:\Program Files (x86)\MSI\OTPService\OTPService.exe [2014-1-5 252432]
S4 SBUpdd;SpeedBit UpdateD;C:\Program Files\Common Files\SpeedBit\SBUpdate\sbw.sys [2013-10-6 41368]
S4 ss_conn_service;SAMSUNG Mobile Connectivity Service;C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [2014-5-4 728328]
S4 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
.
=============== Created Last 30 ================
.
2014-10-14 18:20:20 -------- d-----w- C:\CCE_Quarantine
2014-10-12 12:52:23 -------- d-----w- C:\Users\Sam\AppData\Local\Razer_Inc
2014-10-07 10:36:01 42152 ----a-w- C:\Windows\System32\drivers\cnnctfy3.sys
2014-10-05 00:00:42 -------- d-----w- C:\ProgramData\FlyVPN
2014-10-02 19:25:55 -------- d-----w- C:\Users\Sam\AppData\Local\CyberGhost
2014-10-02 19:25:51 -------- d-----w- C:\Program Files\TAP-Windows
2014-10-02 19:25:47 -------- d-----w- C:\Program Files\CyberGhost 5
2014-10-01 18:24:21 -------- d-----w- C:\Users\Sam\AppData\Local\ElevatedDiagnostics
2014-10-01 16:26:47 -------- d-----w- C:\AdwCleaner
2014-10-01 15:55:30 -------- d-sh--w- C:\$RECYCLE.BIN
2014-09-17 20:30:26 -------- d-----w- C:\Users\Sam\AppData\Roaming\TS3Client
2014-09-17 20:30:15 -------- d-----w- C:\Program Files\TeamSpeak 3 Client
2014-09-16 22:29:48 -------- d-----w- C:\Users\Sam\AppData\Local\NeoSmart_Technologies
.
==================== Find3M ====================
.
2014-10-16 12:39:17 122584 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-10-09 13:41:09 348928 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
2014-10-09 13:41:09 348928 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2014-10-09 13:40:42 280904 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2014-10-05 16:26:35 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-10-05 16:26:35 701104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-08-28 22:15:05 419616 ----a-w- C:\Windows\System32\drivers\trufos.sys
2014-08-25 15:02:50 1260120 ----a-w- C:\Windows\System32\drivers\avc3.sys
2014-08-25 14:59:57 647752 ----a-w- C:\Windows\System32\drivers\avckf.sys
2014-08-19 09:40:06 451 ----a-w- C:\Windows\System32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2014-08-01 06:26:46 74512 ----a-w- C:\Windows\System32\bdsandboxuiskin32.dll
2014-08-01 06:26:04 76944 ----a-w- C:\Windows\System32\drivers\bdvedisk.sys
2014-07-21 15:08:16 46136 ---ha-w- C:\Windows\System32\drivers\Hamdrv.sys
.
============= FINISH: 15:30:57.16 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume1
Install Date: 6/11/2014 11:04:34 PM
System Uptime: 10/16/2014 12:00:23 PM (3 hours ago)
.
Motherboard: MSI | | Z77A-GD65 (MS-7751)
Processor: Intel® Core™ i5-3570K CPU @ 3.40GHz | SOCKET 0 | 3401/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 154 GiB total, 50.892 GiB free.
D: is FIXED (NTFS) - 244 GiB total, 44.061 GiB free.
E: is FIXED (NTFS) - 244 GiB total, 8.502 GiB free.
F: is FIXED (NTFS) - 244 GiB total, 63.996 GiB free.
G: is FIXED (NTFS) - 244 GiB total, 44.61 GiB free.
H: is FIXED (NTFS) - 244 GiB total, 4.49 GiB free.
I: is FIXED (NTFS) - 122 GiB total, 9.433 GiB free.
J: is FIXED (NTFS) - 244 GiB total, 10.948 GiB free.
K: is CDROM ()
M: is CDROM ()
N: is FIXED (NTFS) - 0 GiB total, 0.024 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: Hotspot Shield Routing Driver 6
Device ID: ROOT\LEGACY_HSSDRV6\0000
Manufacturer:
Name: Hotspot Shield Routing Driver 6
PNP Device ID: ROOT\LEGACY_HSSDRV6\0000
Service: HssDRV6
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: TAP-Windows Adapter V9
Device ID: ROOT\NET\0000
Manufacturer: TAP-Windows Provider V9
Name: TAP-Windows Adapter V9
PNP Device ID: ROOT\NET\0000
Service: tap0901
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: TAP-Win32 Adapter V9 (Tunngle)
Device ID: ROOT\NET\0001
Manufacturer: TAP-Win32 Provider V9 (Tunngle)
Name: TAP-Win32 Adapter V9 (Tunngle)
PNP Device ID: ROOT\NET\0001
Service: tap0901t
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: ElRawDisk
Device ID: ROOT\LEGACY_ELRAWDISK\0000
Manufacturer:
Name: ElRawDisk
PNP Device ID: ROOT\LEGACY_ELRAWDISK\0000
Service: ElRawDisk
.
==== System Restore Points ===================
.
RP51: 10/14/2014 12:53:17 PM - Scheduled Checkpoint
.
==== Installed Programs ======================
.
µTorrent
7-Zip 9.20 (x64 edition)
Adobe AIR
Adobe Flash Player 14 ActiveX
Adobe Flash Player 15 Plugin
Adobe Reader XI (11.0.06)
Advanced Renamer
Android SDK Tools
Asmedia ASM106x SATA Host Controller Driver
Assassins Creed IV Black Flag
Audio Record Wizard
AudioGenie
Battlefield 3™
Battlelog Web Plugins
Bitdefender Internet Security 2015
BlueStacks App Player
BlueStacks Notification Center
Camtasia Studio 7
CCleaner
CLICKBIOSII
Command & Conquer Generals
Command and ConquerTM Generals Zero Hour
ControlCenter
Corel Graphics - Windows Shell Extension
CorelDRAW Graphics Suite X5 - Windows Shell Extension 64 Bit
CPUID HWMonitor 1.25
CPUID HWMonitor Pro 1.18
Creative Live! Cam Sync (VF0520) Driver (1.01.04.00)
Crystal Reports for Visual Studio
CyberGhost 5
DAEMON Tools Lite
Download Accelerator Plus (DAP)
Driver Booster
Dropbox
Easy Drive Data Recovery
EasyBCD 2.2
Express Talk
Expresso
Fast Boot
Flickr Uploadr 3.2.1
Foxit Reader
Fraps
Game Booster 3
Google Chrome
Google Talk Plugin
Google Update Helper
GreedyTorrent v1.01 beta build 170
Hard Disk Sentinel PRO
HD Tune Pro 5.50
hdparm
HiJackThis
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946040)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946308)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946344)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947540)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789)
HP LaserJet P1000 series
ILMerge
ImageShack Uploader 2.2.0
Inkscape 0.48.4
Intel Extreme Tuning Utility
Intel® Management Engine Components
Intel® ME UninstallLegacy
Intel® Network Connections 18.5.54.0
Intel® Processor Graphics
Intel® SDK for OpenCL - CPU Only Runtime Package
Intel® Hardware Accelerated Execution Manager
Intel® Trusted Connect Service Client
Internet Download Manager
IObit Uninstaller
iTunes
Java 7 Update 65
Java Auto Updater
JDownloader 0.9
LastPass (uninstall only)
Light Image Resizer 4.5.8.0
Live Update 5
LogMeIn Hamachi
Malwarebytes Anti-Malware version 2.0.2.1012
Microsoft .NET Framework 1.1
Microsoft .NET Framework 4.5
Microsoft Application Error Reporting
Microsoft Games for Windows - LIVE
Microsoft Games for Windows - LIVE Redistributable
Microsoft Help Viewer 1.0
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Silverlight
Microsoft SQL Server 2008 R2 Data-Tier Application Framework
Microsoft SQL Server 2008 R2 Data-Tier Application Project
Microsoft SQL Server 2008 R2 Management Objects
Microsoft SQL Server 2008 R2 Management Objects (x64)
Microsoft SQL Server 2008 R2 Transact-SQL Language Service
Microsoft SQL Server Compact 3.5 SP2 ENU
Microsoft SQL Server Compact 3.5 SP2 x64 ENU
Microsoft SQL Server Database Publishing Wizard 1.4
Microsoft SQL Server System CLR Types
Microsoft SQL Server System CLR Types (x64)
Microsoft Sync Framework Runtime v1.0 SP1 (x64)
Microsoft Sync Framework SDK v1.0 SP1
Microsoft Sync Framework Services v1.0 SP1 (x64)
Microsoft Sync Services for ADO.NET v2.0 SP1 (x64)
Microsoft Team Foundation Server 2010 Object Model - ENU
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Designtime - 10.0.30319
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Runtime - 10.0.30319
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
Microsoft Visual Studio 2010 Professional - ENU
Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
Microsoft Visual Studio Macro Tools
Microsoft Visual Studio Tools for Applications 2.0 - ENU
Microsoft Visual Studio Tools for Applications 2.0 Runtime
Microsoft XNA Framework Redistributable 4.0
Microsoft_VC80_CRT_x86
Microsoft_VC90_CRT_x86
MiraScan 6.2 (5000)
MouseServer version 1.4.0.0
Mozilla Firefox 32.0.2 (x86 en-US)
Mozilla Maintenance Service
MSI Live Update
MSI Super Charger
Notepad++
Origin
OSCAR Editor
OTPService
Patch PS CS6 Extended 13.0
PdaNet+ for Android 4.12
PDF Settings CC
PDF Settings CS6
Peggle
Pixel Piracy
Plants vs. Zombies™
Populous
Process Hacker 2.33 (r5590)
Razer Cortex
Realtek High Definition Audio Driver
Recuva
Revo Uninstaller Pro 3.0.7
Rockstar Games Social Club
ROTR ECA Beta 1.8
ROTR Map Pack
Samsung Kies3
Samsung SideSync 3.0
SAMSUNG USB Driver for Mobile Phones
Sandboxie 3.76 (64-bit)
Seagate File Recovery for Windows 2.0
SeaTools for Windows
Sid Meier`s Civilization V
Skype™ 6.20
SoundWire Server version 1.9
Spoon.net Sandbox Manager 3.33
Steam
SUPERAntiSpyware
System Requirements Lab for Intel
Tango
TAP-Windows 9.9.2
TeamSpeak 3 Client
TeamViewer 9
THX TruStudio Pro
Tunngle beta
Tweaking.com - Windows Repair (All in One)
Unity Web Player
Universal Extractor 1.6.1
Unlocker 1.9.2
Uplay
VC_CRT_x64
VideoGenie
Visual Studio 2010 Prerequisites - English
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU
VLC media player
Windows 7 USB/DVD Download Tool
WinRAR 5.00 beta 3 (64-bit)
Wise Data Recovery 3.44
X7 Oscar Editor
.
==== Event Viewer Messages From Past Week ========
.
10/9/2014 5:53:16 AM, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
10/16/2014 12:01:53 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: ElRawDisk HssDRV6
10/16/2014 12:01:44 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Microsoft Antimalware Service service to connect.
10/16/2014 12:01:44 PM, Error: Service Control Manager [7000] - The Microsoft Antimalware Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
10/14/2014 9:22:39 AM, Error: Tcpip [4199] - The system detected an address conflict for IP address 192.168.1.3 with the system having network hardware address 30-A8-DB-C9-C8-72. Network operations on this system may be disrupted as a result.
10/14/2014 5:44:33 PM, Error: Service Control Manager [7034] - The Intel® Integrated Clock Controller Service - Intel® ICCS service terminated unexpectedly. It has done this 1 time(s).
10/14/2014 5:37:57 PM, Error: Service Control Manager [7034] - The MSI_LiveUpdate_Service service terminated unexpectedly. It has done this 1 time(s).
10/14/2014 5:37:54 PM, Error: Service Control Manager [7034] - The LMIGuardianSvc service terminated unexpectedly. It has done this 1 time(s).
10/14/2014 2:19:47 PM, Error: Tcpip [4199] - The system detected an address conflict for IP address 192.168.1.3 with the system having network hardware address 00-13-13-00-65-9E. Network operations on this system may be disrupted as a result.
.
==== End Of File ===========================

Attached Files


Edited by Oh My!, 22 October 2014 - 08:07 PM.
Posted logs


BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,631 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:02 AM

Posted 21 October 2014 - 08:40 AM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/552181 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,624 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:03:02 AM

Posted 22 October 2014 - 08:10 PM

Greetings Sam and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met. :)
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • When you post your reply, use the Replytopic.jpg button instead.
  • In the upper right hand corner of the topic you will see the Followtopic.jpg button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
  • Now let's get started :thumbup2:
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far. While I review our situation please run the below for me.

===================================================

Farbar Recovery Scan Tool (FRST)

--------------------
  • Download Farbar Recover Scan Tool for either 32 bit or 64 bit systems and save it to your desktop <<< Important
  • If you are unsure if you have 32 bit or 64 bit simply download and try one. If that doesn't run properly the other one should
  • Double click the icon
  • Click Yes to the disclaimer
  • Make sure the Addition.txt box is checked
  • Click Scan and allow the program to run
  • Click OK on the Scan complete screen, then OK on the Addition.txt pop up screen
  • 2 Notepad documents should now be open on your desktop.
  • Please copy and paste the contents of both in your reply
===================================================

System Summary Information

--------------------
  • Press the windows key Windows_Logo_key.gif + r on your keyboard at the same time
  • Type msinfo32 and press Enter
  • Left click on System Summary
  • Click File, Save, and name the file Summary
  • Zip and attach the file to your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • FRST results
  • Addition log
  • System Summary Information

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#4 Sam.Baker

Sam.Baker
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:12:02 PM

Posted 23 October 2014 - 10:24 AM

FRST :

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-10-2014
Ran by Sam (administrator) on SAM-PC on 23-10-2014 17:17:29
Running from C:\Users\Sam\Desktop
Loaded Profile: Sam (Available profiles: Sam & Mama & DefaultAppPool)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 8
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(SANDBOXIE L.T.D) C:\Program Files\Sandboxie\SbieSvc.exe
(Microsoft Corporation) C:\Windows\System32\inetsrv\inetinfo.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Micro-Star International) C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
(MSI) C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe
() C:\Windows\System32\PnkBstrA.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
(Microsoft Corporation) C:\Windows\System32\TCPSVCS.EXE
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(CyberGhost S.R.L) C:\Program Files\CyberGhost 5\Service.exe
(Intel® Corporation) C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe
(MSI) C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe [1621072 2014-10-07] (Bitdefender)
HKLM-x32\...\Run: [Super Charger] => C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe [1014736 2014-07-22] (MSI)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3835728 2014-10-18] (LogMeIn Inc.)
HKU\S-1-5-21-999232901-536510049-1691571904-1000\...\Run: [Bitdefender Wallet Agent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe [780080 2014-10-07] (Bitdefender)
HKU\S-1-5-21-999232901-536510049-1691571904-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-999232901-536510049-1691571904-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-18\...\Policies\system: [DisableLockWorkstation] 0
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll (Tonec Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x6F27CED95EC1CE01
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.)
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: SpeedBit Link Verification Helper -> {D5974A72-C81C-4DC3-BE77-A8A7BBC8864E} -> C:\Program Files (x86)\DAP\LinkVerifier.dll (Speedbit Ltd.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Bitdefender Wallet  - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll (Bitdefender)
Toolbar: HKLM-x32 - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll (Bitdefender)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\..\Interfaces\{90205BEB-1FCC-4540-BBC0-06F9271F0FF6}: [NameServer] 8.8.8.8,8.8.4.4
 
FireFox:
========
FF ProfilePath: C:\Users\Sam\AppData\Roaming\Mozilla\Firefox\Profiles\iiumsl52.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll No File
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=10.17.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll (LastPass)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.66 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll No File
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass.dll (LastPass)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @citrixonline.com/appdetectorplugin -> C:\Users\Sam\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF Plugin HKCU: @spoon.net/Spoon Plugin 3.33 -> C:\Users\Sam\AppData\Local\Spoon\3.33.6.102\npMozillaSpoonPlugin.dll (Code Systems Corporation)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin -> C:\Users\Sam\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin -> C:\Users\Sam\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Sam\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Sam\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Sam\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Users\Sam\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Sam\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF Extension: Live HTTP Headers - C:\Users\Sam\AppData\Roaming\Mozilla\Firefox\Profiles\iiumsl52.default\Extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a} [2013-09-23]
FF Extension: NoScript - C:\Users\Sam\AppData\Roaming\Mozilla\Firefox\Profiles\iiumsl52.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-10-05]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext
FF Extension: Bitdefender Antispam Toolbar - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext [2014-08-28]
FF HKLM-x32\...\Firefox\Extensions: [daplinkchecker@speedbit.com] - C:\Program Files (x86)\DAP\daplinkchecker
FF Extension: DAP Link Checker - C:\Program Files (x86)\DAP\daplinkchecker [2013-10-11]
FF HKLM-x32\...\Firefox\Extensions: [bdwteff@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff [2014-08-28]
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext
FF HKCU\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Sam\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\Sam\AppData\Roaming\IDM\idmmzcc5 [2014-02-16]
FF HKCU\...\Firefox\Extensions: [{F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}] - C:\Program Files (x86)\DAP\DAPFireFox
FF Extension: Download Accelerator Plus (DAP) extension - C:\Program Files (x86)\DAP\DAPFireFox [2013-10-11]
FF HKCU\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Sam\AppData\Roaming\IDM\idmmzcc5
 
Chrome: 
=======
CHR Profile: C:\Users\Sam\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Sam\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-07]
CHR Extension: (Google Drive) - C:\Users\Sam\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-07]
CHR Extension: (YouTube Center) - C:\Users\Sam\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcegdpionpopahcglnfiiioapcclamdj [2014-09-13]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Sam\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-12]
CHR Extension: (YouTube) - C:\Users\Sam\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-07]
CHR Extension: (Adblock Plus) - C:\Users\Sam\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-08-07]
CHR Extension: (Google Search) - C:\Users\Sam\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-07]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Sam\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2014-08-07]
CHR Extension: (Google Wallet) - C:\Users\Sam\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-01]
CHR Extension: (Gmail) - C:\Users\Sam\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-07]
CHR HKLM-x32\...\Chrome\Extension: [ffdcfjdljhbehggjdkdioajnknjcpbjb] - C:\Program Files (x86)\DAP\DAPChrome\DAPChrome6.crx [2013-10-11]
CHR HKLM-x32\...\Chrome\Extension: [fnefekibahpibgnllfjpckodgobkpije] - C:\Users\Sam\AppData\Local\ObviousIdea\extension.crx [2013-05-07]
CHR HKLM-x32\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2014-02-05]
CHR HKLM-x32\...\Chrome\Extension: [palpbfjgianahgbbeodmcohjdmaelbeo] - C:\Program Files\Common Files\SpeedBit\SBUpdate\SpeedbitNewTab.crx [2013-10-06]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S4 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-08-22] (SUPERAntiSpyware.com)
S3 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender 2015\bdparentalservice.exe [78144 2014-10-07] (Bitdefender)
S4 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2014-02-18] (BlueStack Systems, Inc.)
S4 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2014-02-18] (BlueStack Systems, Inc.)
S4 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [766736 2014-02-18] (BlueStack Systems, Inc.)
R2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [64624 2014-06-12] (CyberGhost S.R.L)
R3 ICCS; C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [160256 2012-02-01] (Intel Corporation) [File not signed]
S4 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [315352 2014-06-05] (Intel Corporation)
R2 IISADMIN; C:\Windows\system32\inetsrv\inetinfo.exe [15872 2010-11-21] (Microsoft Corporation)
S4 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel® Corporation) [File not signed]
S4 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel® Corporation)
S4 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2152736 2014-05-04] (IObit)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2014-10-18] (LogMeIn, Inc.)
S4 McciCMService; C:\Program Files (x86)\Common Files\Motive\McciCMService.exe [319488 2011-06-15] (Alcatel-Lucent) [File not signed]
S4 McciCMService64; C:\Program Files\Common Files\Motive\McciCMService.exe [517632 2011-06-15] (Alcatel-Lucent) [File not signed]
S4 MSI_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe [103992 2012-10-26] (MSI)
R2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [83952 2014-03-27] (Micro-Star International)
S4 MSI_OTPService; C:\Program Files (x86)\MSI\OTPService\OTPService.exe [252432 2012-04-12] ()
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [162800 2014-03-17] (MSI)
S2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1891184 2014-10-19] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2014-10-20] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-10-19] ()
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [105448 2014-08-28] (Razer Inc.)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [123664 2012-12-16] (SANDBOXIE L.T.D)
R2 simptcp; C:\Windows\SysWOW64\tcpsvcs.exe [9216 2009-07-14] (Microsoft Corporation)
S4 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [728328 2014-02-28] (DEVGURU Co., LTD.)
S4 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [758224 2013-11-06] (Tunngle.net GmbH)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe [67320 2014-10-07] (Bitdefender)
R2 vsserv; C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe [1523752 2014-10-07] (Bitdefender)
S4 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-21] (Microsoft Corporation)
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe [18384 2014-07-09] (Intel® Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R0 asstor64; C:\Windows\System32\DRIVERS\asstor64.sys [84816 2014-01-27] (Asmedia Technology)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1260120 2014-08-25] (BitDefender)
R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [261056 2012-11-02] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [647752 2014-08-25] (BitDefender)
R1 BdfNdisf; c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [93600 2013-11-13] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [107080 2012-10-29] (BitDefender LLC)
S3 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [121928 2013-07-02] (Bitdefender SRL)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2013-11-04] (BitDefender SRL)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [122128 2014-02-18] (BlueStack Systems)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2014-06-21] (DT Soft Ltd)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [150256 2013-08-23] (BitDefender LLC)
S1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [44744 2014-05-13] (AnchorFree Inc.)
R2 IntelHaxm; C:\Windows\System32\DRIVERS\IntelHaxm.sys [89072 2013-03-21] ()
R2 iocbios2; C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [28912 2014-06-17] (Intel Corporation)
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-01-19] ()
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [125952 2014-06-16] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
S3 MREMP50; C:\Program Files (x86)\Common Files\Motive\MREMP50.sys [21248 2011-06-15] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 MREMP50a64; C:\Program Files\Common Files\Motive\MREMP50a64.sys [43008 2011-06-15] (Printing Communications Assoc., Inc. (PCAUSA))
S3 MRESP50; C:\Program Files (x86)\Common Files\Motive\MRESP50.sys [20096 2011-06-15] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 MRESP50a64; C:\Program Files\Common Files\Motive\MRESP50a64.sys [40960 2011-06-15] (Printing Communications Assoc., Inc. (PCAUSA))
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
S3 NTIOLib_1_0_4; C:\Program Files (x86)\MSI\Live Update\NTIOLib_X64.sys [14136 2010-10-22] (MSI)
S3 NTIOLib_1_0_T; C:\Program Files (x86)\MSI\OTPService\NTIOLib_X64.sys [14136 2009-10-06] (MSI)
S3 NTIOLib_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [13368 2012-10-26] (MSI)
S3 NTIOLib_MSISMB_CC; C:\Program Files (x86)\MSI\ControlCenter\Sleep\NTIOLib_X64.sys [13368 2012-11-09] (MSI)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [79872 2013-06-27] (Research In Motion Limited)
S3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
S3 RZMAELSTROMVADService; C:\Windows\System32\drivers\RzMaelstromVAD.sys [32768 2014-05-23] (Windows ® Win 7 DDK provider)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [202632 2012-12-16] (SANDBOXIE L.T.D)
S4 SBUpdd; C:\Program Files\Common Files\SpeedBit\SBUpdate\sbw.sys [41368 2013-10-06] ()
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
R2 trufos; C:\Windows\System32\DRIVERS\trufos.sys [419616 2014-08-29] (BitDefender S.R.L.)
S3 usbscan; C:\Windows\SysWOW64\DRIVERS\usbscan.sys [8944 2004-12-29] (Microsoft Corporation) [File not signed]
S3 usbUDisc; C:\Windows\System32\DRIVERS\USBDrv_AMD64.sys [17280 2013-06-14] (Scott)
R3 V0520Vid; C:\Windows\System32\DRIVERS\V0520Vid.sys [280704 2011-09-02] (Creative Technology Ltd.)
S3 WinRing0_1_2_0; C:\Users\Sam\Desktop\temp\WinRing0x64.sys [14544 2008-07-26] (OpenLibSys.org)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S1 ElRawDisk; \??\C:\Windows\system32\drivers\rsdrvx64.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-10-23 17:17 - 2014-10-23 17:17 - 00024716 _____ () C:\Users\Sam\Desktop\FRST.txt
2014-10-23 17:16 - 2014-10-23 17:17 - 00000000 ____D () C:\FRST
2014-10-23 17:16 - 2014-10-23 17:16 - 02112000 _____ (Farbar) C:\Users\Sam\Desktop\FRST64.exe
2014-10-23 17:15 - 2014-10-23 17:16 - 02112000 _____ (Farbar) C:\Users\Sam\Downloads\FRST64.exe
2014-10-23 04:58 - 2014-10-23 05:12 - 00000000 ____D () C:\Users\Sam\Desktop\MMOGah
2014-10-23 04:30 - 2014-10-23 04:30 - 00674803 _____ () C:\Users\Sam\Downloads\FinalVectorMMOGAH.zip
2014-10-23 03:53 - 2014-10-23 05:12 - 00000000 ____D () C:\Users\Sam\Desktop\LawTax Halloween
2014-10-22 14:16 - 2014-10-22 14:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-10-22 14:16 - 2014-10-22 14:16 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-10-22 00:27 - 2014-10-22 01:23 - 00000000 ____D () C:\Users\Sam\Desktop\WF Wrestling Fusion Halloween
2014-10-20 21:01 - 2009-07-14 03:39 - 00010240 _____ (Microsoft Corporation) C:\Users\Sam\Desktop\TCPSVCS.EXE
2014-10-20 00:21 - 2014-10-20 00:21 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe
2014-10-19 23:47 - 2014-10-19 23:51 - 00000000 ____D () C:\Users\Sam\Documents\Battlefield 4
2014-10-19 23:44 - 2014-10-19 23:44 - 01402920 _____ () C:\Users\Sam\Downloads\battlelog-web-plugins_2.5.1_149 (1).exe
2014-10-19 23:26 - 2014-10-19 23:26 - 00001194 _____ () C:\Users\Public\Desktop\Battlefield 4.lnk
2014-10-19 23:26 - 2014-10-19 23:26 - 00001170 _____ () C:\Users\Public\Desktop\Battlefield 4(64 bit).lnk
2014-10-19 23:26 - 2014-10-19 23:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 4
2014-10-19 23:25 - 2014-10-19 23:25 - 00017437 _____ () C:\Windows\DirectX.log
2014-10-18 21:45 - 2014-10-18 21:45 - 00000138 _____ () C:\Users\Sam\Desktop\Old Sign.txt
2014-10-18 18:48 - 2014-10-18 18:48 - 01014089 _____ () C:\Users\Sam\Desktop\MuperSario.rar
2014-10-18 18:42 - 2014-10-18 18:42 - 00397418 _____ () C:\Users\Sam\Desktop\TorldOfWanks.rar
2014-10-18 18:33 - 2014-10-18 18:33 - 00876695 _____ () C:\Users\Sam\Desktop\MackPan.rar
2014-10-17 20:56 - 2014-10-17 20:56 - 00000676 _____ () C:\Users\Sam\Desktop\Support.txt
2014-10-16 15:31 - 2014-10-16 15:31 - 00010923 _____ () C:\Users\Sam\Desktop\attach.txt
2014-10-16 15:31 - 2014-10-16 15:30 - 00020286 _____ () C:\Users\Sam\Desktop\dds.txt
2014-10-16 15:21 - 2014-10-16 15:41 - 07063856 _____ () C:\Users\Sam\Desktop\ChileMonster_finalHalloween.psd
2014-10-16 12:42 - 2014-10-16 12:42 - 01304859 _____ () C:\Users\Sam\Downloads\fit_psd.zip
2014-10-16 01:39 - 2014-10-16 01:39 - 01371486 _____ () C:\Users\Sam\Desktop\ChileMonster_final.eps
2014-10-16 01:38 - 2014-10-16 01:39 - 01371486 _____ () C:\Users\Sam\Downloads\ChileMonster_final.eps
2014-10-15 18:26 - 2014-10-15 18:43 - 30199420 _____ () C:\Users\Sam\Downloads\halloween_styles.rar
2014-10-15 17:44 - 2014-10-15 17:46 - 06723873 _____ () C:\Users\Sam\Downloads\2147498464.zip
2014-10-15 17:43 - 2014-10-15 17:44 - 08457107 _____ () C:\Users\Sam\Downloads\2147497728.zip
2014-10-15 17:41 - 2014-10-15 17:42 - 03289252 _____ () C:\Users\Sam\Downloads\2147498589.zip
2014-10-15 17:08 - 2014-10-15 17:08 - 02771718 _____ () C:\Users\Sam\Downloads\609469.zip
2014-10-14 20:20 - 2014-10-14 23:16 - 00000000 ____D () C:\CCE_Quarantine
2014-10-14 16:12 - 2014-10-14 23:19 - 00000000 ____D () C:\Users\Sam\Desktop\CCE
2014-10-14 16:05 - 2014-10-14 16:09 - 25543261 _____ () C:\Users\Sam\Downloads\cce_2.5.242177.201_x64.zip
2014-10-12 18:49 - 2014-10-12 18:49 - 02262318 _____ () C:\Users\Sam\Downloads\combat-aircraft.zip
2014-10-12 18:38 - 2014-10-12 18:38 - 00122370 _____ () C:\Users\Sam\Downloads\fighter-plane-vector.zip
2014-10-12 18:38 - 2014-10-12 18:38 - 00122370 _____ () C:\Users\Sam\Downloads\fighter-plane-vector (1).zip
2014-10-12 18:32 - 2014-10-12 18:32 - 00631218 _____ () C:\Users\Sam\Downloads\Professions3 (1).rar
2014-10-12 18:31 - 2014-10-12 18:31 - 00631218 _____ () C:\Users\Sam\Downloads\Professions3.rar
2014-10-12 17:25 - 2014-10-12 17:25 - 00339620 _____ () C:\Users\Sam\Downloads\2147491746.zip
2014-10-12 17:18 - 2014-10-12 17:18 - 00745216 _____ () C:\Users\Sam\Downloads\2147493416.zip
2014-10-12 14:52 - 2014-10-12 14:52 - 00000000 ____D () C:\Users\Sam\Documents\Razer
2014-10-12 14:52 - 2014-10-12 14:52 - 00000000 ____D () C:\Users\Sam\AppData\Local\Razer_Inc
2014-10-12 14:02 - 2014-10-12 14:02 - 00002046 _____ () C:\Users\Public\Desktop\Razer Cortex.lnk
2014-10-12 14:02 - 2014-10-12 14:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2014-10-12 14:02 - 2014-10-12 14:02 - 00000000 ____D () C:\Program Files (x86)\Razer
2014-10-11 18:35 - 2014-10-11 18:35 - 00423865 _____ () C:\Users\Sam\Downloads\609479.zip
2014-10-11 18:34 - 2014-10-11 18:36 - 04234995 _____ () C:\Users\Sam\Downloads\2147497681.zip
2014-10-11 18:20 - 2014-10-11 18:22 - 05778816 _____ () C:\Users\Sam\Downloads\1351494648233_zcool.com.cn.rar
2014-10-11 17:28 - 2014-10-11 17:28 - 01140284 _____ () C:\Users\Sam\Downloads\vector_hanukkah (1).zip
2014-10-11 17:16 - 2014-10-11 17:16 - 01471038 _____ () C:\Users\Sam\Downloads\2147493232.zip
2014-10-11 17:16 - 2014-10-11 17:16 - 01471038 _____ () C:\Users\Sam\Desktop\2147493232.zip
2014-10-11 16:42 - 2014-10-11 16:42 - 01237481 _____ () C:\Users\Sam\Downloads\2147491953.zip
2014-10-11 16:32 - 2014-10-11 16:33 - 02985969 _____ () C:\Users\Sam\Downloads\2147487166.zip
2014-10-11 16:25 - 2014-10-11 16:26 - 06659389 _____ () C:\Users\Sam\Downloads\2147487174.zip
2014-10-10 22:30 - 2014-10-10 22:30 - 00000017 _____ () C:\Users\Sam\Desktop\BF4.txt
2014-10-09 10:33 - 2014-10-09 10:33 - 00543042 _____ () C:\Users\Sam\Downloads\So_Sell_It_Logo.psd
2014-10-09 10:15 - 2014-10-09 10:15 - 01557440 _____ () C:\Users\Sam\Downloads\2147495916.zip
2014-10-09 10:08 - 2014-10-09 10:08 - 00926712 _____ () C:\Users\Sam\Downloads\2147492263.zip
2014-10-09 09:59 - 2014-10-09 10:00 - 03894041 _____ () C:\Users\Sam\Downloads\2147490725.zip
2014-10-09 09:54 - 2014-10-09 09:55 - 03580340 _____ () C:\Users\Sam\Downloads\2147491720.zip
2014-10-09 08:50 - 2014-10-09 08:51 - 03879434 _____ () C:\Users\Sam\Downloads\2147494363.zip
2014-10-09 08:47 - 2014-10-09 08:47 - 03258883 _____ () C:\Users\Sam\Downloads\2147492334.zip
2014-10-09 08:42 - 2014-10-09 08:42 - 01553955 _____ () C:\Users\Sam\Downloads\2147490880.zip
2014-10-09 06:09 - 2014-10-09 06:09 - 01443141 _____ () C:\Users\Sam\Downloads\2147492435.zip
2014-10-08 12:41 - 2014-10-08 12:41 - 01067439 _____ () C:\Users\Sam\Downloads\2147497478.zip
2014-10-08 12:09 - 2014-10-08 12:09 - 00155370 _____ () C:\Users\Sam\Downloads\skull-in-military-helmet-vector.zip
2014-10-08 11:54 - 2014-10-08 11:55 - 03732668 _____ () C:\Users\Sam\Downloads\2147492717.zip
2014-10-08 11:36 - 2014-10-08 11:36 - 00188600 _____ () C:\Users\Sam\Downloads\businessman-character-set.zip
2014-10-08 11:32 - 2014-10-08 11:32 - 00506105 _____ () C:\Users\Sam\Downloads\Currency.rar
2014-10-08 10:56 - 2014-10-08 10:56 - 00993477 _____ () C:\Users\Sam\Downloads\2147494348.zip
2014-10-08 06:37 - 2014-10-08 06:37 - 00688992 ____R (Swearware) C:\Users\Sam\Desktop\dds.com
2014-10-08 06:37 - 2014-10-08 06:37 - 00688992 _____ (Swearware) C:\Users\Sam\Downloads\dds.com
2014-10-08 05:55 - 2014-10-08 05:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-10-07 12:36 - 2014-10-07 12:36 - 00042152 _____ (Connectify) C:\Windows\system32\Drivers\cnnctfy3.sys
2014-10-07 12:28 - 2014-10-07 12:28 - 08959928 _____ (Connectify) C:\Users\Sam\Downloads\ConnectifyInstaller.exe
2014-10-07 06:46 - 2014-10-07 06:46 - 00583033 _____ () C:\Users\Sam\Downloads\2147493409.zip
2014-10-07 06:36 - 2014-10-07 06:36 - 03350220 _____ () C:\Users\Sam\Downloads\2147497367.zip
2014-10-07 06:33 - 2014-10-07 06:33 - 00717192 _____ () C:\Users\Sam\Downloads\2147485982.zip
2014-10-07 05:25 - 2014-10-07 05:25 - 00000011 _____ () C:\Users\Sam\Desktop\Number.txt
2014-10-05 18:44 - 2014-10-05 18:44 - 00915254 _____ () C:\Users\Sam\Downloads\2147492669.zip
2014-10-05 18:44 - 2014-10-05 18:44 - 00915254 _____ () C:\Users\Sam\Downloads\2147492669 (1).zip
2014-10-05 02:00 - 2014-10-05 02:00 - 01688304 _____ (www.flyvpn.com) C:\Users\Sam\Downloads\FlyClient_3.0.1.8.exe
2014-10-05 02:00 - 2014-10-05 02:00 - 00000000 ____D () C:\ProgramData\FlyVPN
2014-10-04 23:53 - 2014-10-04 23:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-10-04 05:38 - 2014-10-04 05:38 - 00344162 _____ () C:\Users\Sam\Downloads\FlickeringNaughtyGharial.mp4
2014-10-03 05:09 - 2014-10-03 05:11 - 05785629 _____ () C:\Users\Sam\Downloads\2147498065.zip
2014-10-03 04:01 - 2014-10-03 04:01 - 00483354 _____ () C:\Users\Sam\Downloads\LogoPSD5-by-heroturko.zip
2014-10-03 03:38 - 2014-10-03 03:38 - 01179699 _____ () C:\Users\Sam\Downloads\2147497452.zip
2014-10-03 03:22 - 2014-10-03 03:22 - 00552520 _____ () C:\Users\Sam\Downloads\5-vector-logo-templates-collection.zip
2014-10-03 03:21 - 2014-10-03 03:21 - 01389560 _____ () C:\Users\Sam\Downloads\house-theme-logotype-vector-pack.zip
2014-10-02 21:25 - 2014-10-02 21:30 - 00000000 ____D () C:\Users\Sam\AppData\Local\CyberGhost
2014-10-02 21:25 - 2014-10-02 21:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberGhost 5
2014-10-02 21:25 - 2014-10-02 21:25 - 00000000 ____D () C:\Program Files\TAP-Windows
2014-10-02 21:25 - 2014-10-02 21:25 - 00000000 ____D () C:\Program Files\CyberGhost 5
2014-10-02 21:21 - 2014-10-02 21:24 - 08646824 _____ (CyberGhost S.R.L. ) C:\Users\Sam\Downloads\CG_5.0.13.17.exe
2014-10-02 07:15 - 2014-10-02 07:16 - 02979895 _____ () C:\Users\Sam\Downloads\2147497337.zip
2014-10-02 07:10 - 2014-10-02 07:10 - 00920742 _____ () C:\Users\Sam\Downloads\2147497332.zip
2014-10-02 06:56 - 2014-10-02 06:56 - 01189868 _____ () C:\Users\Sam\Downloads\2147494332.zip
2014-10-02 06:32 - 2014-10-02 06:32 - 00197324 _____ () C:\Users\Sam\Downloads\AnimalLogoPack03_by_LogoOpenStock.zip
2014-10-02 06:22 - 2014-10-02 06:22 - 01384096 _____ () C:\Users\Sam\Downloads\12-blue-fish-vector-illustrations-set.zip
2014-10-02 06:17 - 2014-10-02 06:17 - 00937817 _____ () C:\Users\Sam\Downloads\2147494662.zip
2014-10-02 06:13 - 2014-10-02 06:13 - 00015091 _____ () C:\Users\Sam\Downloads\big_surprise.zip
2014-10-02 04:04 - 2014-10-02 04:05 - 02824295 _____ () C:\Users\Sam\Downloads\2147494661.zip
2014-10-02 03:42 - 2014-10-02 03:42 - 01366340 _____ () C:\Users\Sam\Downloads\2147491985.zip
2014-10-01 18:26 - 2014-10-01 18:27 - 00000000 ____D () C:\AdwCleaner
2014-10-01 18:26 - 2014-10-01 18:26 - 01375089 _____ () C:\Users\Sam\Downloads\AdwCleaner.exe
2014-10-01 18:08 - 2014-10-01 18:11 - 11194928 _____ (SurfRight B.V.) C:\Users\Sam\Downloads\HitmanPro_x64.exe
2014-10-01 17:55 - 2014-10-01 17:55 - 00028553 _____ () C:\ComboFix.txt
2014-10-01 17:42 - 2014-10-01 17:42 - 01701878 _____ (Thisisu) C:\Users\Sam\Downloads\JRT.exe
2014-10-01 17:41 - 2014-10-01 17:42 - 05582345 ____R (Swearware) C:\Users\Sam\Downloads\ComboFix.exe
2014-09-30 01:42 - 2014-09-30 01:38 - 01207142 _____ () C:\Users\Sam\Desktop\New_TerranceB_logomarkonly (1).eps
2014-09-30 01:38 - 2014-09-30 01:38 - 01207142 _____ () C:\Users\Sam\Downloads\New_TerranceB_logomarkonly (1).eps
2014-09-29 10:35 - 2014-09-29 10:35 - 00749990 _____ () C:\Users\Sam\Desktop\amtlib.rar
2014-09-29 05:00 - 2014-09-29 05:00 - 00089324 _____ () C:\Users\Sam\Downloads\Family.Guy.S13E01.720p.HDTV.x264-KILLERS [IPT].torrent
2014-09-29 04:00 - 2014-09-29 04:00 - 01207142 _____ () C:\Users\Sam\Downloads\New_TerranceB_logomarkonly.eps
2014-09-26 23:50 - 2014-09-26 23:50 - 01141408 _____ ( ) C:\Users\Sam\Downloads\hwmonitor_1.25-setup.exe
2014-09-23 13:36 - 2014-09-23 13:36 - 00000051 _____ () C:\Users\Sam\Documents\CGhostUpdate.log
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-10-23 17:15 - 2013-04-01 20:38 - 00000000 ____D () C:\Users\Sam\AppData\Roaming\Skype
2014-10-23 17:14 - 2013-06-30 16:00 - 00000900 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-999232901-536510049-1691571904-1000UA.job
2014-10-23 16:38 - 2013-04-01 19:59 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-23 15:03 - 2013-04-25 19:19 - 00000000 ____D () C:\Users\Sam\AppData\Local\LogMeIn Hamachi
2014-10-23 15:03 - 2013-04-01 19:59 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-23 14:34 - 2009-07-14 06:45 - 00028976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-23 14:34 - 2009-07-14 06:45 - 00028976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-23 14:30 - 2014-06-11 21:08 - 00765318 _____ () C:\Windows\WindowsUpdate.log
2014-10-23 14:30 - 2009-07-14 07:13 - 00879954 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-23 14:28 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\inetsrv
2014-10-23 14:26 - 2014-08-08 12:46 - 04850362 _____ () C:\Windows\setupact.log
2014-10-23 14:26 - 2014-02-28 17:50 - 00000124 _____ () C:\HaxLogs.log
2014-10-23 14:26 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-23 05:07 - 2014-03-10 22:02 - 00000132 _____ () C:\Users\Sam\AppData\Roaming\Adobe PNG Format CC Prefs
2014-10-23 03:18 - 2013-04-04 00:54 - 00000000 ____D () C:\ProgramData\Origin
2014-10-23 03:18 - 2013-04-04 00:54 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-10-23 02:52 - 2014-09-17 22:30 - 00000000 ____D () C:\Users\Sam\AppData\Roaming\TS3Client
2014-10-23 02:14 - 2013-06-30 16:00 - 00000848 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-999232901-536510049-1691571904-1000Core.job
2014-10-23 00:34 - 2013-08-31 10:54 - 00215416 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-10-23 00:34 - 2013-08-31 10:54 - 00214392 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-10-22 19:52 - 2014-06-21 17:39 - 00003910 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{3CFB61FE-4C7C-43B7-BA19-96FD1065C868}
2014-10-22 16:01 - 2013-04-01 21:36 - 00000000 ____D () C:\Users\Sam\AppData\Roaming\vlc
2014-10-21 16:37 - 2014-06-17 03:07 - 00009728 _____ () C:\Users\Sam\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-10-21 11:31 - 2013-11-11 00:12 - 00000000 ___RD () C:\Users\Sam\Dropbox
2014-10-21 11:10 - 2013-09-27 16:22 - 00000000 ____D () C:\Users\Sam\AppData\Roaming\Dropbox
2014-10-21 02:09 - 2013-06-30 16:00 - 00003866 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-999232901-536510049-1691571904-1000UA
2014-10-21 02:09 - 2013-06-30 16:00 - 00003470 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-999232901-536510049-1691571904-1000Core
2014-10-20 21:03 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-20 12:20 - 2014-08-08 12:46 - 00280150 _____ () C:\Windows\PFRO.log
2014-10-20 12:20 - 2014-02-02 17:12 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-10-19 23:49 - 2013-11-11 14:13 - 00000000 ____D () C:\Users\Sam\AppData\Local\PunkBuster
2014-10-19 23:26 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-10-19 23:25 - 2013-08-31 10:54 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-10-19 18:46 - 2013-04-05 01:02 - 00000000 ____D () C:\Users\Sam\AppData\Roaming\uTorrent
2014-10-19 14:02 - 2013-11-11 14:14 - 00348928 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-10-19 13:51 - 2013-04-04 00:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2014-10-19 12:33 - 2013-04-01 19:59 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-19 12:33 - 2013-04-01 19:59 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-16 15:11 - 2013-08-26 07:24 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-10-16 14:39 - 2014-06-10 23:03 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-14 20:20 - 2014-06-30 07:11 - 00000000 ____D () C:\Program Files (x86)\Age of Wonders III
2014-10-14 20:20 - 2013-10-18 07:35 - 00000000 ____D () C:\Program Files (x86)\Rayman Legends
2014-10-12 19:46 - 2013-10-03 00:53 - 00000000 ____D () C:\Users\Sam\AppData\Roaming\DMCache
2014-10-12 14:03 - 2014-05-31 07:28 - 00000000 ____D () C:\Users\Sam\AppData\Local\Razer
2014-10-12 14:02 - 2014-02-22 14:11 - 00000000 ____D () C:\ProgramData\Razer
2014-10-08 05:55 - 2013-04-01 20:38 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-10-08 05:55 - 2013-04-01 20:38 - 00000000 ____D () C:\ProgramData\Skype
2014-10-07 12:34 - 2014-06-11 21:10 - 00871856 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-10-07 12:08 - 2013-04-04 01:03 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-10-06 01:35 - 2014-06-11 22:56 - 00000000 ____D () C:\ProgramData\Tunngle
2014-10-06 01:35 - 2013-04-26 01:13 - 00000000 ____D () C:\Users\Sam\AppData\Roaming\Tunngle
2014-10-05 18:26 - 2013-06-10 07:19 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-10-05 18:26 - 2013-06-10 07:19 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-10-05 17:23 - 2013-04-04 15:17 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-10-02 21:30 - 2013-04-01 19:41 - 00000000 ____D () C:\Users\Sam\AppData\Local\VirtualStore
2014-10-02 19:04 - 2009-07-14 06:45 - 05213544 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-02 06:17 - 2014-06-11 22:06 - 00133168 _____ () C:\Users\Sam\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-01 17:55 - 2013-09-22 16:12 - 00000000 ____D () C:\Qoobox
2014-10-01 17:55 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-10-01 17:54 - 2009-07-14 04:34 - 00000243 _____ () C:\Windows\system.ini
2014-10-01 17:53 - 2014-06-11 21:12 - 00000000 ____D () C:\Users\Sam
2014-10-01 17:48 - 2009-07-14 07:08 - 00032608 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-09-26 23:51 - 2013-04-11 15:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2014-09-26 23:51 - 2013-04-11 15:09 - 00000000 ____D () C:\Program Files\CPUID
2014-09-23 13:35 - 2013-09-27 23:49 - 00000000 ____D () C:\Program Files\CyberGhost VPN
 
Files to move or delete:
====================
C:\Users\Sam\Network_Meter_Data.js
 
 
Some content of TEMP:
====================
C:\Users\Sam\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpwwcajl.dll
C:\Users\Sam\AppData\Local\Temp\sonarinst.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-10-16 12:38
 
==================== End Of Log ============================




Addition:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-10-2014
Ran by Sam at 2014-10-23 17:18:10
Running from C:\Users\Sam\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Bitdefender Antivirus (Enabled - Up to date) {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
AS: Bitdefender Antispyware (Enabled - Up to date) {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall (Enabled) {A23392FD-84B9-F933-2C71-81E751F6EF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.32126 - BitTorrent Inc.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.1.0.4880 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Advanced Renamer (HKLM-x32\...\Advanced Renamer_is1) (Version: 3.62 - Hulubulu Software)
Android SDK Tools (HKLM-x32\...\Android SDK Tools) (Version: 1.16 - Google Inc.)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 1.3.8.000 - Asmedia Technology)
Assassins Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version:  - Ubisoft)
Audio Record Wizard (HKLM-x32\...\Audio Record Wizard) (Version: 7.12 - NowSmart)
AudioGenie (HKLM-x32\...\AudioGenie_is1) (Version:  - msi, Inc.)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.3.2.15221 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.5.1 - EA Digital Illusions CE AB)
Bitdefender Internet Security 2015 (HKLM\...\Bitdefender) (Version: 18.12.0.958 - Bitdefender)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.8.6.3059 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{62763BAD-53A8-4C9F-B4CF-7CCABFEFD725}) (Version: 0.8.6.3059 - BlueStack Systems, Inc.)
Camtasia Studio 7 (HKLM-x32\...\{49471DB8-7F3C-42DB-89C2-AC50FA0C5290}) (Version: 7.1.0 - TechSmith Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform)
CLICKBIOSII (HKLM-x32\...\{EBCB111F-4907-4B28-BD03-F5BD901106D2}_is1) (Version: 1.0.123 - MSI)
Command & Conquer Generals (HKLM-x32\...\InstallShield_{06F80017-8F98-4C94-B868-52358569FC32}) (Version: 0.50.0000 - Electronic Arts)
Command & Conquer Generals (x32 Version: 0.50.0000 - Electronic Arts) Hidden
Command and ConquerTM Generals Zero Hour (HKLM-x32\...\InstallShield_{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1}) (Version: 1.00.0000 - Electronic Arts)
Command and ConquerTM Generals Zero Hour (x32 Version: 1.00.0000 - Electronic Arts) Hidden
ControlCenter (HKLM-x32\...\{AF14F0CD-5307-4134-BDFA-15974473C1EE}_is1) (Version: 2.5.060 - MSI)
Corel Graphics - Windows Shell Extension (HKLM-x32\...\_{51DD370C-6690-424E-9674-5F14468B323F}) (Version: 15.0.0.487 - Corel Corporation)
Corel Graphics - Windows Shell Extension (x32 Version: 15.0.487 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Windows Shell Extension 64 Bit (Version: 15.0.487 - Corel Corporation) Hidden
CPUID HWMonitor 1.25 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
CPUID HWMonitor Pro 1.18 (HKLM\...\CPUID HWMonitorPro_is1) (Version:  - )
Creative Live! Cam Sync (VF0520) Driver (1.01.04.00) (HKLM\...\Creative VF0520) (Version:  - Creative Technology Ltd.)
Crystal Reports for Visual Studio (x32 Version: 12.51.0.240 - SAP) Hidden
CyberGhost 5 (HKLM\...\CyberGhost 5_is1) (Version:  - CyberGhost S.R.L.)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0333 - Disc Soft Ltd)
Download Accelerator Plus (DAP) (HKLM-x32\...\Download Accelerator Plus (DAP)) (Version: 10053 (Build 2558) - Speedbit Ltd.)
Driver Booster (HKLM-x32\...\Driver Booster_is1) (Version: 1.3 - IObit)
Dropbox (HKCU\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.)
Easy Drive Data Recovery (HKLM-x32\...\Easy Drive Data Recovery) (Version: 3.0 - MunSoft)
EasyBCD 2.2 (HKLM-x32\...\EasyBCD) (Version: 2.2 - NeoSmart Technologies)
Express Talk (HKLM-x32\...\Talk) (Version: 4.35 - NCH Software)
Expresso (HKLM-x32\...\{81A1B78B-69B5-4F71-950D-598FA62FCB73}) (Version: 3.0.4750 - Ultrapico) <==== ATTENTION
Fast Boot (HKLM-x32\...\{0F212E7A-65EB-4668-A8D7-749026A64F8E}_is1) (Version: 1.0.0.9 - MSI)
Flickr Uploadr 3.2.1 (HKLM-x32\...\Flickr Uploadr) (Version:  - )
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.2.0.429 - Foxit Corporation)
Fraps (HKLM-x32\...\Fraps) (Version:  - )
Game Booster 3 (HKLM-x32\...\Game Booster_is1) (Version: 3.4 - IObit)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.104 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}) (Version: 5.4.2.18903 - Google)
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
GreedyTorrent v1.01 beta build 170 (HKLM-x32\...\GreedyTorrent_is1) (Version:  - Alex N J (www.alexnj.com))
Hard Disk Sentinel PRO (HKLM-x32\...\Hard Disk Sentinel_is1) (Version:  - HDS)
HD Tune Pro 5.50 (HKLM-x32\...\HD Tune Pro_is1) (Version:  - EFD Software)
hdparm (HKLM-x32\...\{A4B1007B-7728-4422-93E5-3C649A8091B5}) (Version: 6.9.2 - hdparm tool for Windows)
HiJackThis (HKLM-x32\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro)
HP LaserJet P1000 series (HKLM-x32\...\HP LaserJet P1000 series) (Version:  - )
ILMerge (HKLM-x32\...\{B7B9AF9F-408C-4168-985B-9861055B58C5}) (Version: 2.12.0803 - Microsoft)
ImageShack Uploader 2.2.0 (HKLM-x32\...\{8BCD7AE7-F713-4D50-BAB9-7839B9386870}) (Version: 2.2.0 - ImageShack Corp.)
Inkscape 0.48.4 (HKLM-x32\...\Inkscape) (Version: 0.48.4 - )
Intel Extreme Tuning Utility (HKLM-x32\...\{a6e81627-a651-408c-8fb6-19a078070830}) (Version: 5.1.0.23 - Intel Corporation)
Intel Extreme Tuning Utility (x32 Version: 5.1.0.23 - Intel Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.25.1036 - Intel Corporation)
Intel® Management Engine Components (Version: 10.0.25.1036 - Intel Corporation) Hidden
Intel® ME UninstallLegacy (Version: 1.0.1.0 - Intel Corporation) Hidden
Intel® Network Connections 18.5.54.0 (HKLM\...\PROSetDX) (Version: 18.5.54.0 - Intel)
Intel® Network Connections 18.5.54.0 (Version: 18.5.54.0 - Intel) Hidden
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3621 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
Intel® Hardware Accelerated Execution Manager (HKLM\...\{7824FFE2-E5BE-4530-91AA-C1F442FD4A83}) (Version: 1.0.6 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.27.757.1 - Intel Corporation) Hidden
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version:  - Tonec Inc.)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 3.2.10.2466 - IObit)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.650 - Oracle)
Java Auto Updater (x32 Version: 2.1.65.20 - Oracle, Inc.) Hidden
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
LastPass (uninstall only) (HKLM-x32\...\LastPass) (Version:  - LastPass)
Light Image Resizer 4.5.8.0 (HKLM-x32\...\{EBE030DD-D404-4D92-85E9-8C3624820808}_is1) (Version: 4.5.8.0 - ObviousIdea)
Live Update 5 (HKLM-x32\...\{E8BAA541-D161-4C9B-85BF-01F05A56BD7F}}_is1) (Version: 5.0.114 - MSI)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.255 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.255 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Games for Windows - LIVE (HKLM-x32\...\{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}) (Version: 3.1.186.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}) (Version: 3.1.99.0 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Data-Tier Application Framework (HKLM-x32\...\{0DDCEC37-369C-484B-B16D-B4413FD42FB9}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Data-Tier Application Project (HKLM-x32\...\{E5AE9031-79A5-4627-9641-BEFA82819B08}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{4E968D9C-21A7-4915-B698-F7AEB913541D}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (x64) (HKLM\...\{DA67488A-2689-4F10-B90F-D2F6977509D6}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Transact-SQL Language Service (HKLM-x32\...\{78C3657E-742C-40B1-9F53-E5A921D40F17}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Database Publishing Wizard 1.4 (HKLM-x32\...\{ACE28263-76A4-4BF5-B6F4-8BD719595969}) (Version: 10.1.2512.8 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{2A2F3AE8-246A-4252-BB26-1BEB45627074}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4A8CE6D7-4D52-43B9-970B-03FC75FAD667}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft Sync Framework Runtime v1.0 SP1 (x64) (HKLM\...\{8438EC02-B8A9-462D-AC72-1B521349C001}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework SDK v1.0 SP1 (HKLM-x32\...\{0E3DFC64-CC49-4BE2-8C9C-58EF129675DB}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework Services v1.0 SP1 (x64) (HKLM\...\{034106B5-54B7-467F-B477-5B7DBB492624}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) (HKLM\...\{1D1CEEF8-3741-45BD-8E77-963E1DEBDDD3}) (Version: 2.0.3010.0 - Microsoft Corporation)
Microsoft Team Foundation Server 2010 Object Model - ENU (HKLM\...\Microsoft Team Foundation Server 2010 Object Model - ENU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{887868A2-D6DE-3255-AA92-AA0B5A59B874}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM-x32\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Designtime - 10.0.30319 (HKLM\...\{F5079164-1DB9-3BDA-853B-F78AF67CE071}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.30319 (HKLM-x32\...\{6A86554B-8928-30E4-A53C-D7337689134D}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{14DD7530-CCD2-3798-B37D-3839ED6A441C}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Professional - ENU (HKLM-x32\...\Microsoft Visual Studio 2010 Professional - ENU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio Macro Tools (HKLM-x32\...\Microsoft Visual Studio Macro Tools) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
MiraScan 6.2 (5000) (HKLM-x32\...\{EA2E8D6D-EE50-4689-B7ED-1E580BC04CC1}) (Version: V6.2(5000) - Benq Scan)
MouseServer version 1.4.0.0 (HKLM-x32\...\{E13018F5-FFC7-4729-9C1B-1A85807D03E6}_is1) (Version: 1.4.0.0 - Necta Co.)
Mozilla Firefox 32.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 32.0.2 (x86 en-US)) (Version: 32.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSI Live Update (HKLM-x32\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.0.005 - MSI)
MSI Super Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.2.026 - MSI)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.8 - Notepad++ Team)
Origin (HKLM-x32\...\Origin) (Version: 9.4.22.2815 - Electronic Arts, Inc.)
OSCAR Editor (x32 Version: 12.03.0004 - A4TECH) Hidden
OTPService (HKLM-x32\...\{B05F7750-8800-4520-9732-9C841246C8E2}_is1) (Version: 1.0.004 - MSI)
Patch PS CS6 Extended 13.0 (HKLM-x32\...\Patch PS CS6 Extended 13.0) (Version: 13.0 - Dr.Adham eL Sharkawy © Startimes)
PdaNet+ for Android 4.12 (HKLM-x32\...\PdaNet_is1) (Version:  - June Fabrics Technology Inc)
PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Peggle (HKLM-x32\...\{715AD72D-887A-459E-988B-D4F3E87FA24B}) (Version: 1.04.0.0 - PopCap Games)
Pixel Piracy (HKLM-x32\...\Steam App 264140) (Version:  - Vitali Kirpu)
Plants vs. Zombies™ (HKLM-x32\...\{5E6536C2-E79A-49CF-83EA-817AD81F9FC8}) (Version: 1.2.0.1093 - Electronic Arts, Inc.)
Populous (HKLM-x32\...\{476CD9DE-C45F-4443-BFA7-E51C58B7E455}) (Version: 5.0.0.2 - Electronic Arts)
Process Hacker 2.33 (r5590) (HKLM\...\Process_Hacker2_is1) (Version: 2.33.0.5590 - wj32)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 5.0.89.0 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Revo Uninstaller Pro 3.0.7 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.0.7 - VS Revo Group, Ltd.)
Rockstar Games Social Club (HKLM-x32\...\{08B3869E-D282-424C-9AFC-870E04A4BA14}) (Version: 1.00.0000 - Rockstar Games)
ROTR ECA Beta 1.8 (HKCU\...\ROTR ECA Beta 1.8) (Version:  - )
ROTR Map Pack (HKCU\...\ROTR Map Pack) (Version:  - )
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14055.3 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.14055.3 - Samsung Electronics Co., Ltd.) Hidden
Samsung SideSync 3.0 (HKLM-x32\...\Samsung SideSync) (Version: 3.0.1.459 - Samsung Electronics Co., Ltd.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.39.0 - SAMSUNG Electronics Co., Ltd.)
Sandboxie 3.76 (64-bit) (HKLM\...\Sandboxie) (Version: 3.76 - SANDBOXIE L.T.D)
Seagate File Recovery for Windows 2.0 (HKLM-x32\...\Seagate File Recovery for WindowsNSIS) (Version: 2.0.9729 - Seagate)
SeaTools for Windows (HKLM-x32\...\SeaTools for Windows) (Version:  - Seagate Technology)
Sid Meier`s Civilization V (HKLM-x32\...\{ED441FBE-D1C7-42A9-B410-455732962728}_is1) (Version:  - )
Skype™ 6.20 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.)
SoundWire Server version 1.9 (HKLM-x32\...\{E15658BC-7742-4397-999F-98B1BD11B784}_is1) (Version: 1.9 - GeorgieLabs)
Spoon.net Sandbox Manager 3.33 (HKCU\...\Spoon.net Sandbox Manager 3.33) (Version: 3.33.6.102 - Code Systems Corporation)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.6.1032 - SUPERAntiSpyware.com)
System Requirements Lab for Intel (HKLM-x32\...\{53C63F43-B827-42D9-8886-4698D91EA33B}) (Version: 4.5.15.0 - Husdawg, LLC)
Tango (HKCU\...\Tango) (Version: 1.6.14117 - TangoMe, Inc.)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer)
THX TruStudio Pro (HKLM-x32\...\{4FA6CB9A-2972-4AAF-A36E-3C40FCC22395}) (Version: 1.04.00 - Creative Technology Limited)
Tunngle beta (HKLM-x32\...\Tunngle beta_is1) (Version:  - Tunngle.net GmbH)
Tweaking.com - Windows Repair (All in One) (HKLM-x32\...\Tweaking.com - Windows Repair (All in One)) (Version: 2.7.5 - Tweaking.com)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: 4.5.3f3 - Unity Technologies ApS)
Universal Extractor 1.6.1 (HKLM-x32\...\Universal Extractor_is1) (Version: 1.6.1 - Jared Breland)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Uplay (HKLM-x32\...\Uplay) (Version: 4.3 - Ubisoft)
VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden
VideoGenie (HKLM-x32\...\{FC54FD8D-789C-406D-BB88-F7C4421B7E83}_is1) (Version: 1.0.0.12 - MSI)
Visual Studio 2010 Prerequisites - English (HKLM\...\{662014D2-0450-37ED-ABAE-157C88127BEB}) (Version: 10.0.30319 - Microsoft Corporation)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{112C23F2-C036-4D40-BED4-0CB47BF5555C}) (Version: 4.0.8080.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
WinRAR 5.00 beta 3 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.3 - win.rar GmbH)
Wise Data Recovery 3.44 (HKLM-x32\...\Wise Data Recovery_is1) (Version: 3.44 - WiseCleaner.com, Inc.)
X7 Oscar Editor (HKLM-x32\...\InstallShield_{3C2379D2-337A-4FFA-9017-BDFB80EC0931}) (Version: 12.03.0004 - A4TECH)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-999232901-536510049-1691571904-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Sam\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-999232901-536510049-1691571904-1000_Classes\CLSID\{083f5ae0-2b0a-11dd-bd0b-0800200c9a66}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-999232901-536510049-1691571904-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Sam\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-999232901-536510049-1691571904-1000_Classes\CLSID\{25815CC0-43F4-3C75-8C3A-A139D9ADE740}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-999232901-536510049-1691571904-1000_Classes\CLSID\{3D58DDEA-561E-45BA-AA6A-0AB04BCD9FAD}\InprocServer32 -> C:\Users\Sam\AppData\Local\Spoon\3.33.6.102\Spoon-Plugin-x64.dll (Code Systems Corporation)
CustomCLSID: HKU\S-1-5-21-999232901-536510049-1691571904-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-999232901-536510049-1691571904-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Sam\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-999232901-536510049-1691571904-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Sam\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-999232901-536510049-1691571904-1000_Classes\CLSID\{F4ED81FD-58BB-4AD4-96EF-193A2F480262}\InprocServer32 -> C:\Users\Sam\AppData\Local\Spoon\3.33.6.102\Spoon.Client.Shell64.dll (Code Systems Corporation)
CustomCLSID: HKU\S-1-5-21-999232901-536510049-1691571904-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sam\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-999232901-536510049-1691571904-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sam\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-999232901-536510049-1691571904-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sam\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-999232901-536510049-1691571904-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sam\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-999232901-536510049-1691571904-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sam\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-999232901-536510049-1691571904-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sam\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-999232901-536510049-1691571904-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sam\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-999232901-536510049-1691571904-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sam\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-999232901-536510049-1691571904-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Sam\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
 
==================== Restore Points  =========================
 
19-10-2014 21:24:42 Installed DirectX
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2014-03-06 19:32 - 2014-10-07 12:40 - 00000065 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {097ADC20-18BE-4A25-9081-994556AF5C83} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-999232901-536510049-1691571904-1000Core => C:\Users\Sam\AppData\Local\Google\Update\GoogleUpdate.exe [2013-06-30] (Google Inc.)
Task: {0DEB529F-D1A8-4C14-BCC3-F60F0E174B2C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-999232901-536510049-1691571904-1000UA => C:\Users\Sam\AppData\Local\Google\Update\GoogleUpdate.exe [2013-06-30] (Google Inc.)
Task: {173A7DC7-3ECB-457A-9D1B-E4C8DDADB91B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-01] (Google Inc.)
Task: {20629758-597F-4D0B-9F96-8F0B3565FCA9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-01] (Google Inc.)
Task: {69FA4643-38DA-4583-B7BD-BD321FD0CA92} - System32\Tasks\hdparm-disable-apm64 => C:\Program Files (x86)\hdparm\hdparm.exe [2007-02-28] ()
Task: {95C22E09-5B82-4083-B02E-6B0F56EA64A4} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-05-06] (IObit)
Task: {9DB59EAC-7180-4304-8E45-44BBD21B87D0} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe [2014-02-03] ()
Task: {A029DAD0-AEA9-4766-9626-6349300C90C0} - System32\Tasks\IHUninstallTrackingTASK => CMD
Task: {CF7A2267-31E3-49A7-B894-1C3CD0759521} - System32\Tasks\{137A04AF-5E89-4BEB-B38B-90DBF6080A3C} => Chrome.exe http://www.skype.com/go/downloading?source=lightinstaller&amp;ver=6.13.0.104&amp;LastError=12007
Task: {E22A521E-17A9-43BF-8765-E42350B28705} - System32\Tasks\Driver Booster SkipUAC (Sam) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2014-03-14] (IObit)
Task: {F1B1C481-9C3B-4F5B-96A6-7D007D490BD0} - System32\Tasks\Games\UpdateCheck_S-1-5-21-999232901-536510049-1691571904-1000
Task: {F4A83656-3D15-4FDF-9C54-882E67E38649} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-06-24] (Piriform Ltd)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-999232901-536510049-1691571904-1000Core.job => C:\Users\Sam\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-999232901-536510049-1691571904-1000UA.job => C:\Users\Sam\AppData\Local\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2014-09-05 02:29 - 2014-09-05 02:29 - 00265080 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\txmlutil.dll
2014-08-28 23:41 - 2013-09-03 13:29 - 00101328 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\bdmetrics.dll
2014-08-28 23:44 - 2014-08-22 11:04 - 00003072 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\UI\accessl.ui
2014-08-28 23:43 - 2012-10-29 13:22 - 00152816 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\bdfwcore.dll
2014-08-28 23:41 - 2014-07-24 08:44 - 00780592 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_001_001\ashttpbr.mdl
2014-08-28 23:41 - 2014-07-24 08:44 - 00568400 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_001_001\ashttpdsp.mdl
2014-08-28 23:41 - 2014-07-24 08:44 - 02602680 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_001_001\ashttpph.mdl
2014-08-28 23:41 - 2014-07-24 08:44 - 01323408 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_001_001\ashttprbl.mdl
2013-10-05 01:59 - 2013-04-15 11:50 - 00198144 _____ () C:\Windows\System32\HP1006LM.DLL
2013-10-05 01:59 - 2013-04-15 11:50 - 00065024 _____ () C:\Windows\system32\spool\PRTPROCS\x64\HP1006PP.dll
2014-10-20 00:21 - 2014-10-20 00:21 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe
2014-10-15 11:59 - 2014-10-10 03:31 - 01366856 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\libglesv2.dll
2014-10-15 11:59 - 2014-10-10 03:31 - 00204616 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\libegl.dll
2014-10-15 11:59 - 2014-10-10 03:31 - 10578760 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\pdf.dll
2014-10-15 11:59 - 2014-10-10 03:31 - 01859400 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\ffmpegsumo.dll
2013-04-05 23:09 - 2013-04-05 23:09 - 00163840 _____ () C:\Program Files (x86)\DroidCam\lib\DroidCam.dll
2013-04-05 23:00 - 2013-04-05 23:00 - 00081920 _____ () C:\Program Files (x86)\DroidCam\lib\DroidCamFilter.ax
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\ProgramData\TEMP:CCA964A4
AlternateDataStreams: C:\Users\Sam\Desktop\dds.com:BDU
AlternateDataStreams: C:\Users\Sam\Desktop\FRST64.exe:BDU
AlternateDataStreams: C:\Users\Sam\Downloads\battlelog-web-plugins_2.5.1_149 (1).exe:BDU
AlternateDataStreams: C:\Users\Sam\Downloads\battlelog-web-plugins_2.5.1_149.exe:BDU
AlternateDataStreams: C:\Users\Sam\Downloads\CG_5.0.13.17.exe:BDU
AlternateDataStreams: C:\Users\Sam\Downloads\ComboFix.exe:BDU
AlternateDataStreams: C:\Users\Sam\Downloads\ConnectifyInstaller.exe:BDU
AlternateDataStreams: C:\Users\Sam\Downloads\dds.com:BDU
AlternateDataStreams: C:\Users\Sam\Downloads\FlyClient_3.0.1.8.exe:BDU
AlternateDataStreams: C:\Users\Sam\Downloads\FRST64.exe:BDU
AlternateDataStreams: C:\Users\Sam\Downloads\hwmonitor_1.25-setup.exe:BDU
AlternateDataStreams: C:\Users\Sam\Downloads\JRT.exe:BDU
AlternateDataStreams: C:\Users\Sam\Downloads\UnityWebPlayer.exe:BDU
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\Services: !SASCORE => 2
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AeLookupSvc => 3
MSCONFIG\Services: BlackBerry Device Manager => 3
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: BstHdAndroidSvc => 2
MSCONFIG\Services: BstHdLogRotatorSvc => 2
MSCONFIG\Services: BstHdUpdaterSvc => 2
MSCONFIG\Services: CGVPNCliSrvc => 3
MSCONFIG\Services: CodeMeter.exe => 2
MSCONFIG\Services: cphs => 3
MSCONFIG\Services: FoxitCloudUpdateService => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: Hamachi2Svc => 2
MSCONFIG\Services: hshld => 3
MSCONFIG\Services: HssTrayService => 3
MSCONFIG\Services: HssWd => 3
MSCONFIG\Services: ICCS => 3
MSCONFIG\Services: IDriverT => 3
MSCONFIG\Services: Intel® Capability Licensing Service Interface => 3
MSCONFIG\Services: Intel® Capability Licensing Service TCP IP Interface => 3
MSCONFIG\Services: Intel® ME Service => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: jhi_service => 3
MSCONFIG\Services: LiveUpdateSvc => 2
MSCONFIG\Services: LMIGuardianSvc => 2
MSCONFIG\Services: LMS => 3
MSCONFIG\Services: MBAMScheduler => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: McciCMService => 2
MSCONFIG\Services: McciCMService64 => 2
MSCONFIG\Services: MF NTFS Monitor => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: MSI_FastBoot => 2
MSCONFIG\Services: MSI_OTPService => 2
MSCONFIG\Services: SbieSvc => 2
MSCONFIG\Services: SBUpd => 3
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: SplashtopRemoteService => 2
MSCONFIG\Services: SSUService => 2
MSCONFIG\Services: ss_conn_service => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: SwitchBoard => 3
MSCONFIG\Services: TeamViewer9 => 2
MSCONFIG\Services: TunngleService => 2
MSCONFIG\Services: UNS => 3
MSCONFIG\Services: XTU3SERVICE => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Enable HDD APM (for max performance).lnk => C:\Windows\pss\Enable HDD APM (for max performance).lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FileBox eXtender.lnk.disabled => C:\Windows\pss\FileBox eXtender.lnk.disabled.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Start livePCsupport Client.lnk => C:\Windows\pss\Start livePCsupport Client.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Sam^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Sam^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^PdaNet Desktop.lnk => C:\Windows\pss\PdaNet Desktop.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Sam^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Spoon.net Console.lnk => C:\Windows\pss\Spoon.net Console.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Sam^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Spoon.net Sandbox Manager 3.33.lnk => C:\Windows\pss\Spoon.net Sandbox Manager 3.33.lnk.Startup
MSCONFIG\startupreg: AdAwareTray => 
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCEPServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Advanced SystemCare 6 => 
MSCONFIG\startupreg: Advanced SystemCare 7 => 
MSCONFIG\startupreg: APSDaemon => 
MSCONFIG\startupreg: avgnt => 
MSCONFIG\startupreg: Avira Systray => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
MSCONFIG\startupreg: Bitdefender Wallet => 
MSCONFIG\startupreg: Bitdefender Wallet Agent => 
MSCONFIG\startupreg: Bitdefender Wallet Application Agent => 
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: ControlCenterCount => C:\Program Files (x86)\MSI\ControlCenter\ControlCenterCount.exe
MSCONFIG\startupreg: CyberGhost => "C:\Program Files\CyberGhost 5\CyberGhost.EXE" /autostart
MSCONFIG\startupreg: DownloadAccelerator => "C:\Program Files (x86)\DAP\DAP.EXE" /STARTUP
MSCONFIG\startupreg: Fast Boot => C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe
MSCONFIG\startupreg: gbrspcontrol => 
MSCONFIG\startupreg: Google Update => "C:\Users\Sam\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: GoogleChromeAutoLaunch_FD70E4195A4DE5E83920BD6414A71B17 => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: IDMan => C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: InstallerLauncher => 
MSCONFIG\startupreg: IObit Malware Fighter => 
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: KiesAirMessage => 
MSCONFIG\startupreg: KiesPreload => 
MSCONFIG\startupreg: KiesTrayAgent => 
MSCONFIG\startupreg: Live Update => C:\Program Files (x86)\MSI\Live Update\StartLiveUpdate.exe /REMINDER
MSCONFIG\startupreg: Live Update 5 => C:\Program Files (x86)\MSI\Live Update 5\BootStartLiveupdate.exe /reminder
MSCONFIG\startupreg: LiveUpdate 5 => C:\Program Files (x86)\MSI\Live Update 5\BootStartLiveupdate.exe /reminder
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: Malwarebytes Anti-Exploit => 
MSCONFIG\startupreg: MediaFire Tray => 
MSCONFIG\startupreg: MicroUpdate => 
MSCONFIG\startupreg: MsmqIntCert => regsvr32 /s mqrt.dll
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: QuickTime Task => 
MSCONFIG\startupreg: RESTART_STICKY_NOTES => C:\Windows\System32\StikyNot.exe
MSCONFIG\startupreg: RGSC => C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
MSCONFIG\startupreg: RIMBBLaunchAgent.exe => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
MSCONFIG\startupreg: RTHDVCPL => "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
MSCONFIG\startupreg: SandboxieControl => "C:\Program Files\Sandboxie\SbieCtrl.exe"
MSCONFIG\startupreg: SDTray => 
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: Super-Charger => 
MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: TEData_McciTrayApp => "C:\Program Files\TEData\McciTrayApp.exe"
MSCONFIG\startupreg: THX Audio Control Panel => "c:\program files (x86)\creative\thx trustudio pro\thxaudiocp\thxaudio.exe" /r
MSCONFIG\startupreg: THXCfg64 => c:\windows\system32\rundll32.exe c:\windows\system32\thxcfg64.dll,rundllentry thxcfg64
MSCONFIG\startupreg: UpdReg => 
MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
MSCONFIG\startupreg: ZoomInfo Contact Contributor => 
 
========================= Accounts: ==========================
 
Administrator (S-1-5-21-999232901-536510049-1691571904-500 - Administrator - Disabled)
ASPNET (S-1-5-21-999232901-536510049-1691571904-1005 - Limited - Enabled)
Guest (S-1-5-21-999232901-536510049-1691571904-501 - Limited - Disabled)
Mama (S-1-5-21-999232901-536510049-1691571904-1007 - Administrator - Enabled) => C:\Users\Mama
Sam (S-1-5-21-999232901-536510049-1691571904-1000 - Administrator - Enabled) => C:\Users\Sam
 
==================== Faulty Device Manager Devices =============
 
Name: Hotspot Shield Routing Driver 6
Description: Hotspot Shield Routing Driver 6
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: HssDRV6
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
Name: TAP-Windows Adapter V9
Description: TAP-Windows Adapter V9
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: tap0901
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: TAP-Win32 Adapter V9 (Tunngle)
Description: TAP-Win32 Adapter V9 (Tunngle)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Win32 Provider V9 (Tunngle)
Service: tap0901t
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: ElRawDisk
Description: ElRawDisk
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: ElRawDisk
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (10/23/2014 02:27:21 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/22/2014 11:12:25 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/22/2014 02:15:22 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/21/2014 11:11:29 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/21/2014 00:28:19 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/20/2014 02:51:43 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program bf4.exe version 1.3.2.15221 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 1444
 
Start Time: 01cfec5e7977d697
 
Termination Time: 0
 
Application Path: C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
 
Report Id:
 
Error: (10/20/2014 01:12:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: bf4.exe, version: 1.3.2.15221, time stamp: 0x541a1598
Faulting module name: bf4.exe, version: 1.3.2.15221, time stamp: 0x541a1598
Exception code: 0xc0000005
Fault offset: 0x00000000008c42e0
Faulting process id: 0x1790
Faulting application start time: 0xbf4.exe0
Faulting application path: bf4.exe1
Faulting module path: bf4.exe2
Report Id: bf4.exe3
 
Error: (10/20/2014 00:22:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/19/2014 11:09:53 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/19/2014 04:16:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.1.7601.17514, time stamp: 0x4ce7a144
Faulting module name: bcryptprimitives.dll, version: 6.1.7601.17514, time stamp: 0x4ce7c4f0
Exception code: 0xc0000005
Fault offset: 0x0000000000007a94
Faulting process id: 0x404
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3
 
 
System errors:
=============
Error: (10/23/2014 02:27:04 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
ElRawDisk
HssDRV6
 
Error: (10/23/2014 02:26:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Microsoft Antimalware Service service failed to start due to the following error: 
%%1053
 
Error: (10/23/2014 02:26:38 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Microsoft Antimalware Service service to connect.
 
Error: (10/22/2014 11:12:03 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
ElRawDisk
HssDRV6
 
Error: (10/22/2014 11:11:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Microsoft Antimalware Service service failed to start due to the following error: 
%%1053
 
Error: (10/22/2014 11:11:50 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Microsoft Antimalware Service service to connect.
 
Error: (10/22/2014 11:11:50 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 9:23:39 PM on ‎10/‎22/‎2014 was unexpected.
 
Error: (10/22/2014 02:16:21 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The LogMeIn Hamachi Tunneling Engine service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.
 
Error: (10/22/2014 02:14:49 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
ElRawDisk
HssDRV6
 
Error: (10/22/2014 02:14:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Microsoft Antimalware Service service failed to start due to the following error: 
%%1053
 
 
Microsoft Office Sessions:
=========================
Error: (10/23/2014 02:27:21 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/22/2014 11:12:25 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/22/2014 02:15:22 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/21/2014 11:11:29 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/21/2014 00:28:19 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/20/2014 02:51:43 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: bf4.exe1.3.2.15221144401cfec5e7977d6970C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
 
Error: (10/20/2014 01:12:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: bf4.exe1.3.2.15221541a1598bf4.exe1.3.2.15221541a1598c000000500000000008c42e0179001cfec53ac541d4eC:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exeC:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exeea4ffe4e-5849-11e4-b119-8c89a5c14ab8
 
Error: (10/20/2014 00:22:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/19/2014 11:09:53 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/19/2014 04:16:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.1.7601.175144ce7a144bcryptprimitives.dll6.1.7601.175144ce7c4f0c00000050000000000007a9440401cfeb90cd305125C:\Windows\Explorer.EXEC:\Windows\system32\bcryptprimitives.dll7a01213c-579a-11e4-a07d-8c89a5c14ab8
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-10-01 17:53:55.593
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-10-01 17:53:55.593
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-05-09 20:05:55.631
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-05-09 20:05:55.631
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-05-09 20:05:55.631
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-05-09 20:05:55.616
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-05-09 20:05:55.616
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-05-09 20:05:55.616
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-05-09 20:05:55.600
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-05-09 20:05:55.600
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-3570K CPU @ 3.40GHz
Percentage of memory in use: 41%
Total physical RAM: 7879.19 MB
Available physical RAM: 4608.47 MB
Total Pagefile: 15756.57 MB
Available Pagefile: 12045.68 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:153.8 GB) (Free:10.94 GB) NTFS
Drive d: (Games) (Fixed) (Total:244.13 GB) (Free:44.06 GB) NTFS
Drive e: (Movies) (Fixed) (Total:244.14 GB) (Free:8.5 GB) NTFS
Drive f: (Programs) (Fixed) (Total:244.14 GB) (Free:61.8 GB) NTFS
Drive g: (Other) (Fixed) (Total:244.14 GB) (Free:44.61 GB) NTFS
Drive h: (Music) (Fixed) (Total:244.14 GB) (Free:4.49 GB) NTFS
Drive i: () (Fixed) (Total:122.07 GB) (Free:9.38 GB) NTFS
Drive j: () (Fixed) (Total:244.25 GB) (Free:10.95 GB) NTFS
Drive n: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.02 GB) NTFS ==>[System with boot components (obtained from reading drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 5F23471C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=153.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=1709.1 GB) - (Type=OF Extended)
 
==================== End Of Log ============================


 

 

Attached Files



#5 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,624 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:03:02 AM

Posted 23 October 2014 - 01:32 PM

Greetings,

There are quite a number of zipped files in the C:\Users\Sam\Downloads folder. Are you aware of those?

Please consider and do this.

===================================================

P2P Warning

--------------------

Going over your logs I noticed that you have µTorrent installed. It is pretty much certain that if you continue to use P2P programs, you will get infected again.
  • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
  • They are a security risk which can make your computer susceptible to a smörgåsbord of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.
  • Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users.
  • The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications.
I would recommend that you uninstall µTorrent, however that choice is up to you. If you choose to remove the program, you can do so via Start > Control Panel > Add/Remove Programs.

If you are still leaning toward using this program, please take a look at this information about Ransomware which can be delivered via P2P file transfers. The newest variation of Ransomware can make it impossible to recover the files this malicious software encrypts. In other words, you will probably lose most if not all of your valuable information, including pictures. In addition it has recently been reported that P2P downloads may be tracked resulting in your IP address being monitored by copyright authorities. .

If you wish to keep it, please do not use it until we are completely done and your machine is determined to be clean and updated.

===================================================

Farbar's Recovery Scan Tool - Run Fix in Normal or Safe Mode

--------------------
  • Press the Windows key Windows_Logo_key.gif + r on your keyboard at the same time. Type in notepad and press Enter
  • Please copy and paste the contents of the below code box into the open notepad and save it to your desktop (<<<Important) as fixlist.txt
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.66 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll No File
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll No File
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S1 ElRawDisk; \??\C:\Windows\system32\drivers\rsdrvx64.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
C:\Users\Sam\Network_Meter_Data.js
CustomCLSID: HKU\S-1-5-21-999232901-536510049-1691571904-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Sam\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-999232901-536510049-1691571904-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Sam\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
AlternateDataStreams: C:\ProgramData\TEMP:CCA964A4
File: C:\Windows\SysWOW64\DRIVERS\usbscan.sys
  • Launch FRST and press the Fix button just once and wait, the program will automatically launch fixlist.txt.
  • The tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Fixlog
  • What symptoms are you currently experiencing?

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#6 Sam.Baker

Sam.Baker
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:12:02 PM

Posted 23 October 2014 - 11:24 PM

Yes Gary I'm aware, I'm a graphic designer and i download a lot of resources all the time :)

Here is the logo :

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 22-10-2014
Ran by Sam at 2014-10-24 06:20:36 Run:1
Running from C:\Users\Sam\Desktop
Loaded Profile: Sam (Available profiles: Sam & Mama & DefaultAppPool)
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.66 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll No File
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll No File
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S1 ElRawDisk; \??\C:\Windows\system32\drivers\rsdrvx64.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
C:\Users\Sam\Network_Meter_Data.js
CustomCLSID: HKU\S-1-5-21-999232901-536510049-1691571904-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Sam\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-999232901-536510049-1691571904-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Sam\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
AlternateDataStreams: C:\ProgramData\TEMP:CCA964A4
File: C:\Windows\SysWOW64\DRIVERS\usbscan.sys
*****************
 
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => Key deleted successfully.
"HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}" => Key not found.
"HKLM\Software\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.66" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater" => Key deleted successfully.
catchme => Service deleted successfully.
ElRawDisk => Service deleted successfully.
VGPU => Service deleted successfully.
C:\Users\Sam\Network_Meter_Data.js => Moved successfully.
"HKU\S-1-5-21-999232901-536510049-1691571904-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}" => Key deleted successfully.
"HKU\S-1-5-21-999232901-536510049-1691571904-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}" => Key deleted successfully.
C:\ProgramData\TEMP => ":CCA964A4" ADS removed successfully.
 
========================= File: C:\Windows\SysWOW64\DRIVERS\usbscan.sys ========================
 
MD5: 45F1636265B41F9ECC4F33A721A411E1
Creation and modification date: 2014-03-07 20:10 - 2004-12-29 15:59
Size: 0008944
Attributes: ----A
Company Name: Microsoft Corporation
Internal Name: USBSCAN.SYS
Original Name: USBSCAN.SYS
Product Name: Microsoft® Windows® Operating System
Description: Logitech USB Scanner driver
File Version: 4.10.1998
Product Version: 4.10.1998
Copyright: Copyright © Microsoft Corp. 1981-1998
 
====== End Of File: ======
 
 
==== End of Fixlog ====

And as for the symptoms as I said I hear IE loading sounds from time to time on the background. Might be a badly coded botnet that is using an IE component ? I don't know.
And I have also found an old log ( from a keylogger ) saved on my computer from a darkcomet RAT ( As you may know Darkcomet saves the logs on computer first before sending it ) I deleted those but couldn't detected anything else.

Also...I would like to take the time to thank you for helping me, you rock gary :))


#7 Sam.Baker

Sam.Baker
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:12:02 PM

Posted 24 October 2014 - 09:25 AM

Also I have forgot to mention that before the login screen on windows there's a black screen with a cursor that lasts for several minutes, and no hitting ALT+CTR+DEL brings up nothing.



#8 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,624 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:03:02 AM

Posted 24 October 2014 - 10:33 AM

Thanks Sam.

I appreciate the info on the files. Just needed to make sure.

Please do these things.

===================================================

Run TDSSKiller by Kaspersky on Vista/7

--------------------
  • Please download Kaspersky's TDSSKiller and save it to your Desktop. <-Important!!!
  • Right-click on TDSSKiller.exe and select Run As Administrator.
  • When the program opens, click the Start Scan button.

tdss1.png

  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • Any objects found will show in the Scan results - Select action for found objects and offer three options.
  • If an infected file is detected, the default action will be Cure...do not change it.

tdss2.png

  • Click Continue > Reboot now to finish the cleaning process.<- Important!!

tdss4.png

  • If 'Suspicious' objects are detected, you will be given the option to Skip or Quarantine. Skip will be the default selection. Leave it as such for now.
  • A log file named TDSSKiller_version_date_time_log.txt will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply even if no threats are found.
-- If TDSSKiller does not run, try renaming it. To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to these instructions. In some cases it may be necessary to redownload TDSSKiller and randomly rename it before downloading and saving to the computer or to perform the scan in "safe mode".

===================================================

aswMBR

--------------------
  • Download aswMBR and save it to your desktop.
  • Please disable your real time protection of any Antivirus, Antispyware or Antimalware programs temporarily. They will interfere and may cause unexpected results.
  • If you need help to disable your protection programs see here and here.
  • Double click the aswMBR.exe file to run it. Please allow when you are asked to download AVAST antivirus engine defs.
  • Wait until the AV update is done, then click on the Scan button to start. The program will launch a scan.

aswMBR1.png

  • When done, you will see Scan finished successfully. Please click on Save log and save the file to your desktop.

aswMBR2.png

  • Please post the contents of the log in your next reply.
NOTE: aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.

===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • TDSSKiller log
  • aswMBR report

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#9 Sam.Baker

Sam.Baker
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:12:02 PM

Posted 24 October 2014 - 03:41 PM

TDSS :
21:56:58.0810 0x1158  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
21:57:01.0164 0x1158  ============================================================
21:57:01.0164 0x1158  Current date / time: 2014/10/24 21:57:01.0164
21:57:01.0164 0x1158  SystemInfo:
21:57:01.0164 0x1158  
21:57:01.0164 0x1158  OS Version: 6.1.7601 ServicePack: 1.0
21:57:01.0164 0x1158  Product type: Workstation
21:57:01.0164 0x1158  ComputerName: SAM-PC
21:57:01.0164 0x1158  UserName: Sam
21:57:01.0164 0x1158  Windows directory: C:\Windows
21:57:01.0164 0x1158  System windows directory: C:\Windows
21:57:01.0164 0x1158  Running under WOW64
21:57:01.0164 0x1158  Processor architecture: Intel x64
21:57:01.0164 0x1158  Number of processors: 4
21:57:01.0164 0x1158  Page size: 0x1000
21:57:01.0164 0x1158  Boot type: Normal boot
21:57:01.0164 0x1158  ============================================================
21:57:03.0191 0x1158  KLMD registered as C:\Windows\system32\drivers\31459151.sys
21:57:03.0417 0x1158  System UUID: {AA327E1C-87BA-BF42-2864-0EA6FC482DF6}
21:57:03.0758 0x1158  Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:57:03.0769 0x1158  ============================================================
21:57:03.0769 0x1158  \Device\Harddisk0\DR0:
21:57:03.0770 0x1158  MBR partitions:
21:57:03.0770 0x1158  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
21:57:03.0770 0x1158  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x13398DFA
21:57:03.0786 0x1158  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x133CF4F9, BlocksNum 0x1E841FFF
21:57:03.0797 0x1158  \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0x31C153F6, BlocksNum 0x1E845EC1
21:57:03.0806 0x1158  \Device\Harddisk0\DR0\Partition5: MBR, Type 0x7, StartLBA 0x5045F1B4, BlocksNum 0x1E845EC2
21:57:03.0817 0x1158  \Device\Harddisk0\DR0\Partition6: MBR, Type 0x7, StartLBA 0x6ECA8F72, BlocksNum 0x1E845EC3
21:57:03.0875 0x1158  \Device\Harddisk0\DR0\Partition7: MBR, Type 0x7, StartLBA 0x8D4F2D30, BlocksNum 0x1E845EC4
21:57:03.0919 0x1158  \Device\Harddisk0\DR0\Partition8: MBR, Type 0x7, StartLBA 0xABD3CAEE, BlocksNum 0xF422F63
21:57:03.0930 0x1158  \Device\Harddisk0\DR0\Partition9: MBR, Type 0x7, StartLBA 0xCA5868AC, BlocksNum 0x1E880C15
21:57:03.0957 0x1158  ============================================================
21:57:04.0006 0x1158  C: <-> \Device\Harddisk0\DR0\Partition2
21:57:04.0112 0x1158  D: <-> \Device\Harddisk0\DR0\Partition3
21:57:04.0356 0x1158  E: <-> \Device\Harddisk0\DR0\Partition4
21:57:04.0482 0x1158  F: <-> \Device\Harddisk0\DR0\Partition5
21:57:04.0506 0x1158  G: <-> \Device\Harddisk0\DR0\Partition6
21:57:04.0674 0x1158  H: <-> \Device\Harddisk0\DR0\Partition7
21:57:04.0771 0x1158  I: <-> \Device\Harddisk0\DR0\Partition8
21:57:04.0842 0x1158  J: <-> \Device\Harddisk0\DR0\Partition9
21:57:04.0890 0x1158  N: <-> \Device\Harddisk0\DR0\Partition1
21:57:04.0891 0x1158  ============================================================
21:57:04.0891 0x1158  Initialize success
21:57:04.0891 0x1158  ============================================================
21:57:12.0697 0x16d0  ============================================================
21:57:12.0697 0x16d0  Scan started
21:57:12.0697 0x16d0  Mode: Manual; 
21:57:12.0697 0x16d0  ============================================================
21:57:12.0697 0x16d0  KSN ping started
21:57:26.0556 0x16d0  KSN ping finished: true
21:57:28.0804 0x16d0  ================ Scan system memory ========================
21:57:28.0804 0x16d0  System memory - ok
21:57:28.0805 0x16d0  ================ Scan services =============================
21:57:28.0871 0x16d0  [ 970C70F6B2953ED43822D3797855D84C, CB22723678B514277BC6E6DDDD206F3B2377CD889C9D473A47A7056BE597BC6B ] !SASCORE        C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
21:57:28.0889 0x16d0  !SASCORE - ok
21:57:29.0085 0x16d0  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
21:57:29.0097 0x16d0  1394ohci - ok
21:57:29.0141 0x16d0  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
21:57:29.0146 0x16d0  ACPI - ok
21:57:29.0156 0x16d0  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
21:57:29.0168 0x16d0  AcpiPmi - ok
21:57:29.0237 0x16d0  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:57:29.0248 0x16d0  AdobeARMservice - ok
21:57:29.0264 0x16d0  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
21:57:29.0274 0x16d0  adp94xx - ok
21:57:29.0291 0x16d0  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
21:57:29.0328 0x16d0  adpahci - ok
21:57:29.0342 0x16d0  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
21:57:29.0346 0x16d0  adpu320 - ok
21:57:29.0378 0x16d0  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
21:57:29.0379 0x16d0  AeLookupSvc - ok
21:57:29.0397 0x16d0  [ D31DC7A16DEA4A9BAF179F3D6FBDB38C, 532678D86E3E667F2E789C4873565E0B92C549A93F10802BB6D5B505CA3238CE ] AFD             C:\Windows\system32\drivers\afd.sys
21:57:29.0408 0x16d0  AFD - ok
21:57:29.0424 0x16d0  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
21:57:29.0427 0x16d0  agp440 - ok
21:57:29.0439 0x16d0  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
21:57:29.0443 0x16d0  ALG - ok
21:57:29.0452 0x16d0  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
21:57:29.0457 0x16d0  aliide - ok
21:57:29.0468 0x16d0  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
21:57:29.0471 0x16d0  amdide - ok
21:57:29.0484 0x16d0  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
21:57:29.0488 0x16d0  AmdK8 - ok
21:57:29.0498 0x16d0  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
21:57:29.0502 0x16d0  AmdPPM - ok
21:57:29.0515 0x16d0  [ 6EC6D772EAE38DC17C14AED9B178D24B, B4FB936B31B1265B8CC6B426C64965C34D0CCF1638E645ACD65E88F4AFFC57A6 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
21:57:29.0520 0x16d0  amdsata - ok
21:57:29.0534 0x16d0  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
21:57:29.0539 0x16d0  amdsbs - ok
21:57:29.0547 0x16d0  [ 1142A21DB581A84EA5597B03A26EBAA0, F94EB140D0CD068760D7EB081FF75154C75DAC75E5E24B6DE4E4F9CE65A70343 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
21:57:29.0548 0x16d0  amdxata - ok
21:57:29.0598 0x16d0  [ 59D01FA91962C9C1E9B4022B2D3B46DB, 3A111588538B77F010B5C900FB8425DDE55A08DBAC308CA7FB7BD9FCCCDEC69F ] AppHostSvc      C:\Windows\system32\inetsrv\apphostsvc.dll
21:57:29.0599 0x16d0  AppHostSvc - ok
21:57:29.0613 0x16d0  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
21:57:29.0616 0x16d0  AppID - ok
21:57:29.0628 0x16d0  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
21:57:29.0630 0x16d0  AppIDSvc - ok
21:57:29.0641 0x16d0  [ 3977D4A871CA0D4F2ED1E7DB46829731, 2AF1C3225994769C3FD25CD7E9603964B035576F25B0B6D91545566E0722FFAA ] Appinfo         C:\Windows\System32\appinfo.dll
21:57:29.0643 0x16d0  Appinfo - ok
21:57:29.0664 0x16d0  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
21:57:29.0670 0x16d0  AppMgmt - ok
21:57:29.0680 0x16d0  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
21:57:29.0685 0x16d0  arc - ok
21:57:29.0691 0x16d0  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
21:57:29.0695 0x16d0  arcsas - ok
21:57:29.0787 0x16d0  [ 108FB6DDB69E537A2EA53F425363FAE5, B12A9F5338D39805E08A44A335FF7AA77F2266F535A2F5C8412CC746C75E5B1D ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
21:57:29.0814 0x16d0  aspnet_state - ok
21:57:29.0825 0x16d0  [ 7F31020C06C8EC1B7013F8A8EF6B0C7E, BE94C92127FE88D5512D8C128CC7FFB2DF62285FE315319FF45E132FD3B6D47D ] asstor64        C:\Windows\system32\DRIVERS\asstor64.sys
21:57:29.0828 0x16d0  asstor64 - ok
21:57:29.0846 0x16d0  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
21:57:29.0849 0x16d0  AsyncMac - ok
21:57:29.0859 0x16d0  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
21:57:29.0860 0x16d0  atapi - ok
21:57:29.0878 0x16d0  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:57:29.0887 0x16d0  AudioEndpointBuilder - ok
21:57:29.0898 0x16d0  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
21:57:29.0905 0x16d0  AudioSrv - ok
21:57:29.0934 0x16d0  [ 8E36BAD24C8961A8895C2B5F6C6BCC3E, 28905FAC50884598CCAB1229AD12BC873BFC2AA649FC9B10A56A04655D90F7D9 ] avc3            C:\Windows\system32\DRIVERS\avc3.sys
21:57:29.0950 0x16d0  avc3 - ok
21:57:29.0971 0x16d0  [ 3B9549FEF98AB1768A1D6A919F355B70, 0014914051CB54CD7CC25561D29099A19DCFB2E1810FF635F9B6AD3D9C6FBC4B ] avchv           C:\Windows\system32\DRIVERS\avchv.sys
21:57:29.0976 0x16d0  avchv - ok
21:57:30.0004 0x16d0  [ 0956716D5565680DC83992C11BBDB2C2, 7349F32F3E8596E680EE26BB1CA97AFADB42ED1B4652859CE5E221F67371B412 ] avckf           C:\Windows\system32\DRIVERS\avckf.sys
21:57:30.0013 0x16d0  avckf - ok
21:57:30.0031 0x16d0  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
21:57:30.0035 0x16d0  AxInstSV - ok
21:57:30.0068 0x16d0  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
21:57:30.0077 0x16d0  b06bdrv - ok
21:57:30.0119 0x16d0  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
21:57:30.0125 0x16d0  b57nd60a - ok
21:57:30.0178 0x16d0  [ 593D73B1E897BA0C43BB76F92CFD2220, 70C5E9068C1E233A07B01C2DFE7E316677050216FF1F417B51334A4640FA2064 ] BdDesktopParental C:\Program Files\Bitdefender\Bitdefender 2015\bdparentalservice.exe
21:57:30.0182 0x16d0  BdDesktopParental - ok
21:57:30.0190 0x16d0  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
21:57:30.0195 0x16d0  BDESVC - ok
21:57:30.0257 0x16d0  [ 3533B749563E89EFAC7290A2BA3B4097, 1A1AB9D02EF729A622B2C2ECF788FD5DEC11A078C71CD31581D9F610D0050591 ] BdfNdisf        c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys
21:57:30.0263 0x16d0  BdfNdisf - ok
21:57:30.0277 0x16d0  [ EC80614A72BC7039D2B22E3DD6C15895, 932260AB126523428B884034162E3619E1B7FA13720F830783B592AAE825AC86 ] bdfwfpf         C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys
21:57:30.0282 0x16d0  bdfwfpf - ok
21:57:30.0310 0x16d0  [ C0247341C1BCD7FF2742821D0AD7AFBC, EC2B246F3233302DB540394AC0F11F294CA16FB9E44110126CC9807BAC20EA35 ] bdfwfpf_pc      C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys
21:57:30.0315 0x16d0  bdfwfpf_pc - ok
21:57:30.0335 0x16d0  [ B9ECE7FD9F58DAF19450C88338DC5267, 9857DFE0BDDEA791F2DDA99C24A064D488B52E4AC1402A37EF22C244C9283681 ] BDSandBox       C:\Windows\system32\drivers\bdsandbox.sys
21:57:30.0339 0x16d0  BDSandBox - ok
21:57:30.0348 0x16d0  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
21:57:30.0350 0x16d0  Beep - ok
21:57:30.0371 0x16d0  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
21:57:30.0381 0x16d0  BFE - ok
21:57:30.0505 0x16d0  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\system32\qmgr.dll
21:57:30.0552 0x16d0  BITS - ok
21:57:30.0561 0x16d0  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
21:57:30.0564 0x16d0  blbdrive - ok
21:57:30.0571 0x16d0  [ 91CE0D3DC57DD377E690A2D324022B08, 61874463956C0BCA5139522F34E974E5F638A092E0FD5C59DD30DE61D9AB8B0E ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
21:57:30.0574 0x16d0  bowser - ok
21:57:30.0583 0x16d0  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
21:57:30.0586 0x16d0  BrFiltLo - ok
21:57:30.0593 0x16d0  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
21:57:30.0595 0x16d0  BrFiltUp - ok
21:57:30.0611 0x16d0  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] Bridge          C:\Windows\system32\DRIVERS\bridge.sys
21:57:30.0615 0x16d0  Bridge - ok
21:57:30.0626 0x16d0  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
21:57:30.0628 0x16d0  BridgeMP - ok
21:57:30.0638 0x16d0  [ 8EF0D5C41EC907751B8429162B1239ED, 9CC25F1F93FACA6F6CE23F78EB58590C39A2E3C8A3ACDF400E8A9DE0757EADAE ] Browser         C:\Windows\System32\browser.dll
21:57:30.0640 0x16d0  Browser - ok
21:57:30.0665 0x16d0  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
21:57:30.0672 0x16d0  Brserid - ok
21:57:30.0681 0x16d0  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
21:57:30.0684 0x16d0  BrSerWdm - ok
21:57:30.0691 0x16d0  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
21:57:30.0693 0x16d0  BrUsbMdm - ok
21:57:30.0704 0x16d0  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
21:57:30.0706 0x16d0  BrUsbSer - ok
21:57:30.0739 0x16d0  [ 973CCA9BD91885568FD1AE3E14A99B4A, CB45A304A375EA21BE832209BAC6C8E909522432E31B97773D3E5FADE5D44751 ] BstHdAndroidSvc C:\Program Files (x86)\BlueStacks\HD-Service.exe
21:57:30.0750 0x16d0  BstHdAndroidSvc - ok
21:57:30.0772 0x16d0  [ F90A49573D4B2F305583DE596BC54BF7, CD4D58A1046B57B8760F1F8C54AF6712558722811054C6092EF650528243306D ] BstHdDrv        C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys
21:57:30.0774 0x16d0  BstHdDrv - ok
21:57:30.0786 0x16d0  [ B4FC11A45987925C70DFF8111C59996E, B10F6163E6AA98FC4FB6A3BD1E374BA430F22C12F8B90C341A14D2414B4ED655 ] BstHdLogRotatorSvc C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
21:57:30.0796 0x16d0  BstHdLogRotatorSvc - ok
21:57:30.0818 0x16d0  [ 53602748123D14A91DAFAF853B2D8F5B, 31BA1A10E47FF4BCA8A5C69C7F2DB99848E325A23909A9E24A772D7EDC96B51F ] BstHdUpdaterSvc C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
21:57:30.0836 0x16d0  BstHdUpdaterSvc - ok
21:57:30.0845 0x16d0  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
21:57:30.0849 0x16d0  BTHMODEM - ok
21:57:30.0870 0x16d0  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
21:57:30.0873 0x16d0  bthserv - ok
21:57:30.0884 0x16d0  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
21:57:30.0888 0x16d0  cdfs - ok
21:57:30.0901 0x16d0  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
21:57:30.0905 0x16d0  cdrom - ok
21:57:30.0921 0x16d0  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
21:57:30.0924 0x16d0  CertPropSvc - ok
21:57:30.0973 0x16d0  [ 855EBDDCFC5DE12F730C6C1DC994410B, 5F6E1BF571146802075C2C790D65979157F83CF4F7FA5B30D4811E9BDE4134BD ] CGVPNCliService C:\Program Files\CyberGhost 5\Service.exe
21:57:30.0974 0x16d0  CGVPNCliService - ok
21:57:30.0985 0x16d0  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
21:57:30.0988 0x16d0  circlass - ok
21:57:30.0999 0x16d0  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
21:57:31.0004 0x16d0  CLFS - ok
21:57:31.0050 0x16d0  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:57:31.0059 0x16d0  clr_optimization_v2.0.50727_32 - ok
21:57:31.0093 0x16d0  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:57:31.0097 0x16d0  clr_optimization_v2.0.50727_64 - ok
21:57:31.0133 0x16d0  [ 6D7C8A951AF6AD6835C029B3CB88D333, 66F3D79887B2449B4C6912D1A258D1A96056888F51A8AA24FEDF37942AD5BDBB ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:57:31.0220 0x16d0  clr_optimization_v4.0.30319_32 - ok
21:57:31.0224 0x16d0  [ 86329C35FF23CFEF0FB6C0023BA06BCE, D915CE7AD564F97A1C3B047D5248B7EF67ADDC59687FBC90F1776C21DAA0D3FD ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:57:31.0238 0x16d0  clr_optimization_v4.0.30319_64 - ok
21:57:31.0251 0x16d0  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
21:57:31.0253 0x16d0  CmBatt - ok
21:57:31.0259 0x16d0  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
21:57:31.0262 0x16d0  cmdide - ok
21:57:31.0279 0x16d0  [ D5FEA92400F12412B3922087C09DA6A5, C8CD9215D26D3295FE487C96A4FC3F4C8AFED764AE9445D9858D7489823A8A2B ] CNG             C:\Windows\system32\Drivers\cng.sys
21:57:31.0285 0x16d0  CNG - ok
21:57:31.0299 0x16d0  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
21:57:31.0301 0x16d0  Compbatt - ok
21:57:31.0315 0x16d0  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
21:57:31.0318 0x16d0  CompositeBus - ok
21:57:31.0320 0x16d0  COMSysApp - ok
21:57:31.0393 0x16d0  [ 900B0DA1BBCAAD8D8D567C4FB2FFC31A, D63F8028A3F277CE80A3E5135973756C2C85AF0AEDB3E17113AC05666A23D73F ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
21:57:31.0411 0x16d0  cphs - ok
21:57:31.0422 0x16d0  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
21:57:31.0425 0x16d0  crcdisk - ok
21:57:31.0438 0x16d0  [ 15597883FBE9B056F276ADA3AD87D9AF, B347E0B11228E38313C59C8ED984253A8A1FF482ED137CF5F488C4AFD6B08857 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
21:57:31.0441 0x16d0  CryptSvc - ok
21:57:31.0512 0x16d0  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
21:57:31.0533 0x16d0  CSC - ok
21:57:31.0552 0x16d0  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
21:57:31.0561 0x16d0  CscService - ok
21:57:31.0592 0x16d0  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
21:57:31.0599 0x16d0  DcomLaunch - ok
21:57:31.0645 0x16d0  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
21:57:31.0653 0x16d0  defragsvc - ok
21:57:31.0670 0x16d0  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
21:57:31.0672 0x16d0  DfsC - ok
21:57:31.0697 0x16d0  [ 73BDD44A6088916964945886F9025409, 8E2ECC9AAEF3C6EBA2E61D25F657FDFCC72AB517CC4FD5FFF992E1F9EB942662 ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
21:57:31.0719 0x16d0  dg_ssudbus - ok
21:57:31.0731 0x16d0  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
21:57:31.0736 0x16d0  Dhcp - ok
21:57:31.0743 0x16d0  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
21:57:31.0747 0x16d0  discache - ok
21:57:31.0759 0x16d0  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
21:57:31.0760 0x16d0  Disk - ok
21:57:31.0788 0x16d0  [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
21:57:31.0792 0x16d0  dmvsc - ok
21:57:31.0803 0x16d0  [ CD55F5355D8F55D44C9F4ED875705BD6, 321C26E3CD9F376D30F05FBDF00E96399512ED705D867E8B14793D9CE69A1C1F ] Dnscache        C:\Windows\System32\dnsrslvr.dll
21:57:31.0806 0x16d0  Dnscache - ok
21:57:31.0830 0x16d0  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
21:57:31.0837 0x16d0  dot3svc - ok
21:57:31.0849 0x16d0  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
21:57:31.0851 0x16d0  DPS - ok
21:57:31.0893 0x16d0  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
21:57:31.0896 0x16d0  drmkaud - ok
21:57:31.0912 0x16d0  [ 46571ED73AE84469DCA53081D33CF3C8, 8BB386BB4F6AD39F06A8607CD1DF3D67CFA45BBE52E40EDB90EB8C862283EBFF ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
21:57:31.0916 0x16d0  dtsoftbus01 - ok
21:57:31.0942 0x16d0  [ F5BEE30450E18E6B83A5012C100616FD, 44D0577D159FC2BDF4EAD1DC2C7FD14925D075225EF97608CAC52DEE405B08FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
21:57:31.0959 0x16d0  DXGKrnl - ok
21:57:31.0978 0x16d0  [ 3C1C5ABA3CF134C5378E7F1A0704C17C, F8D13025E360BD376A107C1386F6DD5F0C6012622D0A75111C2DF930748243A2 ] e1cexpress      C:\Windows\system32\DRIVERS\e1c62x64.sys
21:57:31.0989 0x16d0  e1cexpress - ok
21:57:31.0996 0x16d0  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
21:57:32.0000 0x16d0  EapHost - ok
21:57:32.0064 0x16d0  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
21:57:32.0131 0x16d0  ebdrv - ok
21:57:32.0146 0x16d0  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] EFS             C:\Windows\System32\lsass.exe
21:57:32.0149 0x16d0  EFS - ok
21:57:32.0195 0x16d0  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
21:57:32.0208 0x16d0  ehRecvr - ok
21:57:32.0217 0x16d0  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
21:57:32.0221 0x16d0  ehSched - ok
21:57:32.0235 0x16d0  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
21:57:32.0246 0x16d0  elxstor - ok
21:57:32.0255 0x16d0  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
21:57:32.0257 0x16d0  ErrDev - ok
21:57:32.0278 0x16d0  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
21:57:32.0284 0x16d0  EventSystem - ok
21:57:32.0296 0x16d0  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
21:57:32.0301 0x16d0  exfat - ok
21:57:32.0310 0x16d0  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
21:57:32.0315 0x16d0  fastfat - ok
21:57:32.0347 0x16d0  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
21:57:32.0356 0x16d0  Fax - ok
21:57:32.0363 0x16d0  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
21:57:32.0365 0x16d0  fdc - ok
21:57:32.0388 0x16d0  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
21:57:32.0389 0x16d0  fdPHost - ok
21:57:32.0398 0x16d0  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
21:57:32.0400 0x16d0  FDResPub - ok
21:57:32.0413 0x16d0  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
21:57:32.0415 0x16d0  FileInfo - ok
21:57:32.0425 0x16d0  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
21:57:32.0429 0x16d0  Filetrace - ok
21:57:32.0443 0x16d0  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
21:57:32.0445 0x16d0  flpydisk - ok
21:57:32.0458 0x16d0  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
21:57:32.0462 0x16d0  FltMgr - ok
21:57:32.0487 0x16d0  [ B4447F606BB19FD8AD0BAFB59B90F5D9, 043E686029DE2710305852E3A416176E400F9FD5FB98E4F2A6F14C060FAABED5 ] FontCache       C:\Windows\system32\FntCache.dll
21:57:32.0502 0x16d0  FontCache - ok
21:57:32.0546 0x16d0  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:57:32.0551 0x16d0  FontCache3.0.0.0 - ok
21:57:32.0562 0x16d0  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
21:57:32.0565 0x16d0  FsDepends - ok
21:57:32.0578 0x16d0  [ E95EF8547DE20CF0603557C0CF7A9462, 55540B06B7B380CA2DA6EEE2D76C6CD6131ADB02B2D0B172A36536863A0C57B6 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
21:57:32.0581 0x16d0  Fs_Rec - ok
21:57:32.0604 0x16d0  [ 1F7B25B858FA27015169FE95E54108ED, 72DD12E924AA7273B3E4BDD2A2C581DECE304C8EF3D44EA79ABB032F3F95DCE5 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
21:57:32.0608 0x16d0  fvevol - ok
21:57:32.0617 0x16d0  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
21:57:32.0621 0x16d0  gagp30kx - ok
21:57:32.0647 0x16d0  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
21:57:32.0650 0x16d0  GEARAspiWDM - ok
21:57:32.0674 0x16d0  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
21:57:32.0684 0x16d0  gpsvc - ok
21:57:32.0747 0x16d0  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:57:32.0749 0x16d0  gupdate - ok
21:57:32.0752 0x16d0  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:57:32.0754 0x16d0  gupdatem - ok
21:57:32.0772 0x16d0  [ 0A9D58AABD01DA97B1D101473EFA7659, C18EA4F5BF569C230AD682A418F69B6E4209AD467BCCBDABD0515DBB582BF04B ] gzflt           C:\Windows\system32\DRIVERS\gzflt.sys
21:57:32.0774 0x16d0  gzflt - ok
21:57:32.0784 0x16d0  [ 1E6438D4EA6E1174A3B3B1EDC4DE660B, F9995CFEC7BBFE10B06EEE04CA6B49658275C43096E57747BFF9C2C31A0F9011 ] hamachi         C:\Windows\system32\DRIVERS\hamachi.sys
21:57:32.0787 0x16d0  hamachi - ok
21:57:32.0859 0x16d0  [ 4E1EDE09C60524AB8D73A5C77A50EAFB, E21E0444B91E07926825C20D2C848D441C2AD1CA2F3BE611D74F5BCCEAB8BA8C ] Hamachi2Svc     C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
21:57:32.0910 0x16d0  Hamachi2Svc - ok
21:57:32.0927 0x16d0  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
21:57:32.0930 0x16d0  hcw85cir - ok
21:57:32.0964 0x16d0  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:57:32.0972 0x16d0  HdAudAddService - ok
21:57:33.0003 0x16d0  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
21:57:33.0005 0x16d0  HDAudBus - ok
21:57:33.0013 0x16d0  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
21:57:33.0016 0x16d0  HidBatt - ok
21:57:33.0022 0x16d0  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
21:57:33.0026 0x16d0  HidBth - ok
21:57:33.0031 0x16d0  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
21:57:33.0034 0x16d0  HidIr - ok
21:57:33.0041 0x16d0  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\System32\hidserv.dll
21:57:33.0042 0x16d0  hidserv - ok
21:57:33.0047 0x16d0  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
21:57:33.0050 0x16d0  HidUsb - ok
21:57:33.0073 0x16d0  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
21:57:33.0077 0x16d0  hkmsvc - ok
21:57:33.0103 0x16d0  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:57:33.0107 0x16d0  HomeGroupListener - ok
21:57:33.0147 0x16d0  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:57:33.0150 0x16d0  HomeGroupProvider - ok
21:57:33.0165 0x16d0  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
21:57:33.0170 0x16d0  HpSAMD - ok
21:57:33.0194 0x16d0  [ 5203258E61806A2D34EE6CE39B6DEB9E, 54583D6A9ADD5DD84FB2299A0547F441AFF0B29FE10F672EC33B6DABFCAB748C ] HssDRV6         C:\Windows\system32\DRIVERS\hssdrv6.sys
21:57:33.0197 0x16d0  HssDRV6 - ok
21:57:33.0222 0x16d0  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
21:57:33.0233 0x16d0  HTTP - ok
21:57:33.0250 0x16d0  [ C8F3119AD72A507D12EF389DF4C266EF, 3AFFFECCC63ED848FD5DF64C71AD543EC56314F35B54691CA419BCBB3CEEBCA0 ] hwdatacard      C:\Windows\system32\DRIVERS\ewusbmdm.sys
21:57:33.0254 0x16d0  hwdatacard - ok
21:57:33.0261 0x16d0  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
21:57:33.0262 0x16d0  hwpolicy - ok
21:57:33.0273 0x16d0  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
21:57:33.0278 0x16d0  i8042prt - ok
21:57:33.0307 0x16d0  [ 3DF4395A7CF8B7A72A5F4606366B8C2D, 483588B8FC6E05488ED631C4E1CFC398553FEBFA2CD2BB527B4DF12D19774F80 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
21:57:33.0316 0x16d0  iaStorV - ok
21:57:33.0368 0x16d0  [ 5621E6C6E819502051966EE1A17E37CD, 4E62935057972BBF3EAE69676A6C9B09A551B4EB2D0717DBC090CC94DA44E03C ] ICCS            C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
21:57:33.0370 0x16d0  ICCS - ok
21:57:33.0386 0x16d0  [ B9187F0E4F990357B9A5372066A40B57, BF9535335DAD8E26A3841FA07CFA937F9645AE4B1914C08C8029EDB020E8C694 ] ICCWDT          C:\Windows\system32\DRIVERS\ICCWDT.sys
21:57:33.0389 0x16d0  ICCWDT - ok
21:57:33.0410 0x16d0  [ 929DF302F15BFE24AC66EF45D858C413, 7FC0142EABEB74344D85D3912BC311F37D4136F24C93572E5199E25B40646615 ] IDMWFP          C:\Windows\system32\DRIVERS\idmwfp.sys
21:57:33.0415 0x16d0  IDMWFP - ok
21:57:33.0461 0x16d0  [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
21:57:33.0470 0x16d0  IDriverT - ok
21:57:33.0511 0x16d0  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:57:33.0526 0x16d0  idsvc - ok
21:57:33.0610 0x16d0  [ C38AFE18A40ADF005647090DD3AC24F3, 302810C31B005DD4C9143233AB5B4F332C62AD866A7C7AB0E8F8F81AE1766B11 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
21:57:33.0677 0x16d0  igfx - ok
21:57:33.0700 0x16d0  [ D4437FBA226DA44F691A4878CC6A1700, 5CF6DA8B56D79C3FACE2F2B87DA9F2F2B9F9FFD5AB365C967602B51D8DAB3E72 ] igfxCUIService1.0.0.0 C:\Windows\system32\igfxCUIService.exe
21:57:33.0705 0x16d0  igfxCUIService1.0.0.0 - ok
21:57:33.0712 0x16d0  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
21:57:33.0715 0x16d0  iirsp - ok
21:57:33.0747 0x16d0  [ AB55B8A9B13130F638546881CE4425F8, 8427E67BE02ECABAA3F0C48BD4205BCBD4C978B48AE4E7336DA5821DFC49029E ] IISADMIN        C:\Windows\system32\inetsrv\inetinfo.exe
21:57:33.0748 0x16d0  IISADMIN - ok
21:57:33.0788 0x16d0  [ FCD84C381E0140AF901E58D48882D26B, 76955FFC230C801E8ED890E32076075F04CD6E5EC79E594FDE6D23797A36B406 ] IKEEXT          C:\Windows\System32\ikeext.dll
21:57:33.0801 0x16d0  IKEEXT - ok
21:57:33.0883 0x16d0  [ 39246F2CFBF1D32C3A12E242661EC039, EADF06D9B142844C16C2B0E412D708DB02BA07E2CD96BBFB2F0984DD6BB63E28 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
21:57:33.0966 0x16d0  IntcAzAudAddService - ok
21:57:33.0984 0x16d0  [ 890144FA6AB42F2B54EE633BF96A019A, 8741904C66170BA11C78D31681E3759537C0BF2338538678BC64234DB8FDE93F ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
21:57:33.0994 0x16d0  IntcDAud - ok
21:57:34.0068 0x16d0  [ C6128F2E3DC6156C6F8828F9F1B96010, 612C1191AFB8F69BA5634E8C52BDDE608F57D98FA4C76C5A337676A5F1E8191D ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
21:57:34.0083 0x16d0  Intel® Capability Licensing Service Interface - ok
21:57:34.0114 0x16d0  [ 729AB4F0608E95EFF8FDEF23596283E2, 62A2091FF440C65505AB3E38436A86D9B0978BCB9485960EFCE0C5CBC8E06201 ] Intel® Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
21:57:34.0128 0x16d0  Intel® Capability Licensing Service TCP IP Interface - ok
21:57:34.0158 0x16d0  [ C63CE58E9FAC897A53DC3EE9580DE307, C112C2E351A1A6191AC074C8CF14C311E1619ADB661B3BCCFE97826ECBB8AAEE ] IntelHaxm       C:\Windows\system32\DRIVERS\IntelHaxm.sys
21:57:34.0160 0x16d0  IntelHaxm - ok
21:57:34.0173 0x16d0  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
21:57:34.0175 0x16d0  intelide - ok
21:57:34.0192 0x16d0  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
21:57:34.0193 0x16d0  intelppm - ok
21:57:34.0224 0x16d0  [ 6D71CC813AC0963C5C78C19EC656048A, E6D7AA29A5860C7FB8AA76A47BF64C12D7E68CF98EABB7A3F9D9F3A918155FA7 ] iocbios2        C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys
21:57:34.0232 0x16d0  iocbios2 - ok
21:57:34.0251 0x16d0  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
21:57:34.0256 0x16d0  IPBusEnum - ok
21:57:34.0266 0x16d0  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:57:34.0270 0x16d0  IpFilterDriver - ok
21:57:34.0290 0x16d0  [ A34A587FFFD45FA649FBA6D03784D257, C9A2BCD4E2A5EB6E320092A3AFD5737ECDCDA0B83EE42314A23C4978F2974767 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
21:57:34.0298 0x16d0  iphlpsvc - ok
21:57:34.0310 0x16d0  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
21:57:34.0314 0x16d0  IPMIDRV - ok
21:57:34.0326 0x16d0  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
21:57:34.0331 0x16d0  IPNAT - ok
21:57:34.0364 0x16d0  [ 842D1EDD0F2A6E0E6631BB96BAAA01DE, 9CDD0B99F2C5DAD573A9EA8D5AB2DBFD7A941454CBBA5BFE34E49F2D4EE96A90 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
21:57:34.0377 0x16d0  iPod Service - ok
21:57:34.0390 0x16d0  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
21:57:34.0393 0x16d0  IRENUM - ok
21:57:34.0403 0x16d0  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
21:57:34.0407 0x16d0  isapnp - ok
21:57:34.0424 0x16d0  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
21:57:34.0431 0x16d0  iScsiPrt - ok
21:57:34.0458 0x16d0  [ 4EE2423C38F43D37F8497A672FD10BDC, 031C5272DD28809255CF4FA8E6DE45DBFBD9A363BBD5156D0AEE0787C4297980 ] ISCT            C:\Windows\system32\DRIVERS\ISCTD64.sys
21:57:34.0461 0x16d0  ISCT - ok
21:57:34.0507 0x16d0  [ 75779002A6084C1A011E195E421A9C75, 03D84CE7E50EEA1DFB298F4CE3669F478920ECEB33513FE2DC16C8BF90DF3830 ] iusb3hcs        C:\Windows\system32\DRIVERS\iusb3hcs.sys
21:57:34.0509 0x16d0  iusb3hcs - ok
21:57:34.0536 0x16d0  [ F390B641FE6115F536B8B78AA71B8814, 8F26FCEC9B1442224A8DEE3B6459F788DBCEDFB206846BFAA3B26E40B06E2D28 ] iusb3hub        C:\Windows\system32\DRIVERS\iusb3hub.sys
21:57:34.0544 0x16d0  iusb3hub - ok
21:57:34.0571 0x16d0  [ 653B86AA174FF7661D00EE1E524B234F, F4598336206097DD3C838F7315D87D989D8AB755F773ED613E984C2CC95D511B ] iusb3xhc        C:\Windows\system32\DRIVERS\iusb3xhc.sys
21:57:34.0586 0x16d0  iusb3xhc - ok
21:57:34.0605 0x16d0  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
21:57:34.0608 0x16d0  kbdclass - ok
21:57:34.0615 0x16d0  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
21:57:34.0618 0x16d0  kbdhid - ok
21:57:34.0630 0x16d0  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] KeyIso          C:\Windows\system32\lsass.exe
21:57:34.0631 0x16d0  KeyIso - ok
21:57:34.0640 0x16d0  [ CCD53B5BD33CE0C889E830D839C8B66E, 51B7556DA7DAA0BC75E00E53099776016A55FAA115D5A4E6830E12A0A0869C10 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
21:57:34.0643 0x16d0  KSecDD - ok
21:57:34.0652 0x16d0  [ 9FF918A261752C12639E8AD4208D2C2F, B60F7A730C92F2BF7E85A6CA14DD7671AEECEE154CEC83B1E23EF268C25C9E5E ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
21:57:34.0654 0x16d0  KSecPkg - ok
21:57:34.0665 0x16d0  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
21:57:34.0668 0x16d0  ksthunk - ok
21:57:34.0692 0x16d0  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
21:57:34.0700 0x16d0  KtmRm - ok
21:57:34.0728 0x16d0  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\System32\srvsvc.dll
21:57:34.0732 0x16d0  LanmanServer - ok
21:57:34.0763 0x16d0  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:57:34.0766 0x16d0  LanmanWorkstation - ok
21:57:34.0877 0x16d0  [ FA149A9A6DDDCC222865077D07DD1C51, 4E70A024E4A2D5862425DD8A227EF0AE9B562099CDDC40FA7E15E19AA6CC8E47 ] LiveUpdateSvc   C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
21:57:34.0979 0x16d0  LiveUpdateSvc - ok
21:57:34.0990 0x16d0  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
21:57:34.0992 0x16d0  lltdio - ok
21:57:35.0008 0x16d0  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
21:57:35.0014 0x16d0  lltdsvc - ok
21:57:35.0046 0x16d0  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
21:57:35.0048 0x16d0  lmhosts - ok
21:57:35.0066 0x16d0  [ 56225C206C2F05F01A9AC93BCB5B658F, 03A37E9EACC412E0F7078738E041F6F80D974C956D014AB559B6037377A7B8AB ] LMIGuardianSvc  C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
21:57:35.0071 0x16d0  LMIGuardianSvc - ok
21:57:35.0089 0x16d0  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
21:57:35.0094 0x16d0  LSI_FC - ok
21:57:35.0106 0x16d0  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
21:57:35.0112 0x16d0  LSI_SAS - ok
21:57:35.0124 0x16d0  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
21:57:35.0128 0x16d0  LSI_SAS2 - ok
21:57:35.0142 0x16d0  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
21:57:35.0146 0x16d0  LSI_SCSI - ok
21:57:35.0162 0x16d0  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
21:57:35.0164 0x16d0  luafv - ok
21:57:35.0178 0x16d0  [ 8FF2D95CBA49B405C5DE27039FF0BF35, 03BF7FC7F1C2C76EDB583BA342EA1C325DB8058517744EF2A78529D3938F4DC1 ] MBfilt          C:\Windows\system32\drivers\MBfilt64.sys
21:57:35.0182 0x16d0  MBfilt - ok
21:57:35.0220 0x16d0  [ E6CB119EF2E148EAA1A247343550756E, 11729FDA2D41D00B43107391416651E674F23DE21D398DA299FFFF61032A98D0 ] McciCMService   C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
21:57:35.0242 0x16d0  McciCMService - ok
21:57:35.0305 0x16d0  [ BE3D584D7C021EB7D89166EECB83C341, D29FD9EC53454CBB28FAB5785F977E06A454194274583F01C08AB28D1059F69F ] McciCMService64 C:\Program Files\Common Files\Motive\McciCMService.exe
21:57:35.0316 0x16d0  McciCMService64 - ok
21:57:35.0342 0x16d0  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
21:57:35.0346 0x16d0  Mcx2Svc - ok
21:57:35.0354 0x16d0  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
21:57:35.0358 0x16d0  megasas - ok
21:57:35.0375 0x16d0  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
21:57:35.0381 0x16d0  MegaSR - ok
21:57:35.0404 0x16d0  [ 9042E630FE102F1A2436EE05857CD139, 96C855824E46E2863EBC4A70FC195A14BD9FDD35107358B83D6C3CD01C522F3C ] MEIx64          C:\Windows\system32\DRIVERS\TeeDriverx64.sys
21:57:35.0409 0x16d0  MEIx64 - ok
21:57:35.0422 0x16d0  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
21:57:35.0425 0x16d0  MMCSS - ok
21:57:35.0432 0x16d0  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
21:57:35.0435 0x16d0  Modem - ok
21:57:35.0445 0x16d0  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
21:57:35.0447 0x16d0  monitor - ok
21:57:35.0462 0x16d0  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
21:57:35.0465 0x16d0  mouclass - ok
21:57:35.0487 0x16d0  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
21:57:35.0490 0x16d0  mouhid - ok
21:57:35.0499 0x16d0  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
21:57:35.0501 0x16d0  mountmgr - ok
21:57:35.0532 0x16d0  [ FD5E45969B82B83E33CB05B5C9B0E3F2, A6C21F7A0A97683DA50FC102131618CC1BE5CA0C3625D2FDAF5861B9B6523E45 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:57:35.0543 0x16d0  MozillaMaintenance - ok
21:57:35.0563 0x16d0  [ 9EB89625A82AC961F25E7C865947BF9A, 91DB9530CDE883DC60BE621AC4210ACD069631D9466E37411D9D6AEE587098D9 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
21:57:35.0567 0x16d0  MpFilter - ok
21:57:35.0590 0x16d0  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
21:57:35.0595 0x16d0  mpio - ok
21:57:35.0616 0x16d0  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
21:57:35.0618 0x16d0  mpsdrv - ok
21:57:35.0639 0x16d0  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
21:57:35.0651 0x16d0  MpsSvc - ok
21:57:35.0663 0x16d0  [ 9BD4DCB5412921864A7AACDEDFBD1923, 46DEE9B9414D26203B62F0D6CAEBF37A3CEFD118556129547B2C5FC7B6FDBA05 ] MREMP50         C:\Program Files (x86)\Common Files\Motive\MREMP50.sys
21:57:35.0668 0x16d0  MREMP50 - ok
21:57:35.0675 0x16d0  [ C2758DF79C83A0D12A5599A040CA1818, 236641D2AD596CDC53AE8407F7A7AA02719764CCC7E6D5C547F41FE7C1D67BB5 ] MREMP50a64      C:\Program Files\Common Files\Motive\MREMP50a64.sys
21:57:35.0678 0x16d0  MREMP50a64 - ok
21:57:35.0689 0x16d0  [ 07C02C892E8E1A72D6BF35004F0E9C5E, 09ECD59AADF08E2AA0C1BAF5D3D7CBB0948153E531E1F82ECACD43F14F88106B ] MRESP50         C:\Program Files (x86)\Common Files\Motive\MRESP50.sys
21:57:35.0693 0x16d0  MRESP50 - ok
21:57:35.0703 0x16d0  [ 38BD5B32E0722752BE8465D2A6DA43D9, EE009F141D77A858C84B4294F4FF51ECA400D48B3AD735FAC99EEF4E3E00E9EE ] MRESP50a64      C:\Program Files\Common Files\Motive\MRESP50a64.sys
21:57:35.0707 0x16d0  MRESP50a64 - ok
21:57:35.0722 0x16d0  [ DC722758B8261E1ABAFD31A3C0A66380, 88BBE073E2CCD1DAB4656DDC53D5161E8A91D035ADAC1465D0CEBA86F1BB6D9A ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
21:57:35.0726 0x16d0  MRxDAV - ok
21:57:35.0740 0x16d0  [ FAF015B07E3A2874A790A39B7D2C579F, C614B0E80B38EBF7C670EEB833F5E476B33042097DA07206D6C5EE3E52B9A427 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
21:57:35.0742 0x16d0  mrxsmb - ok
21:57:35.0760 0x16d0  [ 08E2345DF129082BCDFFDC1440F9C00D, 2ADF69F49DF8C43D4440B6C8A62085C51518CA895A88D37264C60A0B4B1EC55F ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:57:35.0765 0x16d0  mrxsmb10 - ok
21:57:35.0778 0x16d0  [ 108D87409C5812EF47D81E22843E8C9D, CAE9B91B6BD1DF1552463BD63A06288F5D3E0B81B040BC1C7EC0C2A0119CCECA ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:57:35.0781 0x16d0  mrxsmb20 - ok
21:57:35.0798 0x16d0  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
21:57:35.0799 0x16d0  msahci - ok
21:57:35.0821 0x16d0  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
21:57:35.0827 0x16d0  msdsm - ok
21:57:35.0838 0x16d0  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
21:57:35.0843 0x16d0  MSDTC - ok
21:57:35.0850 0x16d0  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
21:57:35.0851 0x16d0  Msfs - ok
21:57:35.0873 0x16d0  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
21:57:35.0875 0x16d0  mshidkmdf - ok
21:57:35.0883 0x16d0  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
21:57:35.0884 0x16d0  msisadrv - ok
21:57:35.0901 0x16d0  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
21:57:35.0906 0x16d0  MSiSCSI - ok
21:57:35.0908 0x16d0  msiserver - ok
21:57:35.0945 0x16d0  [ 629CC5BE3BD275ECD8BBDBEC412C3C8A, 8E115809735AB0C578D1CB024D2162FB97EB884C8CF0324D6BCF6CCC0F248E7D ] MSI_FastBoot    C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe
21:57:35.0958 0x16d0  MSI_FastBoot - ok
21:57:35.0990 0x16d0  [ 8D682150F4FC7740D2D507D96E0726BF, 69226F2FA69562C6990309111B3C0319E7313D16BEAEF5B47F3AFB016F3EC756 ] MSI_LiveUpdate_Service C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
21:57:35.0992 0x16d0  MSI_LiveUpdate_Service - ok
21:57:36.0039 0x16d0  [ AA9D2BF07FB7F4DE5D2EC1F40C3E3715, 45A60D3DBC48668426F537657B6BA32FF60CB455DEE4D76868542C6A9862BC61 ] MSI_OTPService  C:\Program Files (x86)\MSI\OTPService\OTPService.exe
21:57:36.0063 0x16d0  MSI_OTPService - ok
21:57:36.0092 0x16d0  [ 6AFCD25B843D0C731B6987E39995AE72, FD0F2E15B0CEB1E558BD8A02D59B9002706A003049678281A446BC4398862B70 ] MSI_SuperCharger C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe
21:57:36.0094 0x16d0  MSI_SuperCharger - ok
21:57:36.0114 0x16d0  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
21:57:36.0116 0x16d0  MSKSSRV - ok
21:57:36.0157 0x16d0  [ 89F2AEDC2788696702141AB82C3E7866, E166CBD8D3C708737C37172221945D8E56C25C2CC750889C3CE14AA2DE750F33 ] MsMpSvc         C:\Program Files\Microsoft Security Client\MsMpEng.exe
21:57:36.0160 0x16d0  MsMpSvc - ok
21:57:36.0173 0x16d0  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
21:57:36.0175 0x16d0  MSPCLOCK - ok
21:57:36.0184 0x16d0  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
21:57:36.0186 0x16d0  MSPQM - ok
21:57:36.0200 0x16d0  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
21:57:36.0205 0x16d0  MsRPC - ok
21:57:36.0212 0x16d0  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
21:57:36.0214 0x16d0  mssmbios - ok
21:57:36.0225 0x16d0  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
21:57:36.0227 0x16d0  MSTEE - ok
21:57:36.0236 0x16d0  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
21:57:36.0239 0x16d0  MTConfig - ok
21:57:36.0246 0x16d0  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
21:57:36.0248 0x16d0  Mup - ok
21:57:36.0281 0x16d0  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
21:57:36.0288 0x16d0  napagent - ok
21:57:36.0308 0x16d0  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
21:57:36.0314 0x16d0  NativeWifiP - ok
21:57:36.0344 0x16d0  [ 79B47FD40D9A817E932F9D26FAC0A81C, 53E260B8BFC50BA45FA73BFCF4E58C233890D0EAA9DEFDCCBB55FD3EB992FF2D ] NDIS            C:\Windows\system32\drivers\ndis.sys
21:57:36.0357 0x16d0  NDIS - ok
21:57:36.0368 0x16d0  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
21:57:36.0371 0x16d0  NdisCap - ok
21:57:36.0380 0x16d0  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
21:57:36.0383 0x16d0  NdisTapi - ok
21:57:36.0405 0x16d0  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
21:57:36.0408 0x16d0  Ndisuio - ok
21:57:36.0429 0x16d0  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
21:57:36.0434 0x16d0  NdisWan - ok
21:57:36.0444 0x16d0  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
21:57:36.0447 0x16d0  NDProxy - ok
21:57:36.0458 0x16d0  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
21:57:36.0460 0x16d0  NetBIOS - ok
21:57:36.0476 0x16d0  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
21:57:36.0482 0x16d0  NetBT - ok
21:57:36.0488 0x16d0  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] Netlogon        C:\Windows\system32\lsass.exe
21:57:36.0489 0x16d0  Netlogon - ok
21:57:36.0538 0x16d0  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
21:57:36.0544 0x16d0  Netman - ok
21:57:36.0591 0x16d0  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:57:36.0600 0x16d0  NetMsmqActivator - ok
21:57:36.0603 0x16d0  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:57:36.0605 0x16d0  NetPipeActivator - ok
21:57:36.0621 0x16d0  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
21:57:36.0628 0x16d0  netprofm - ok
21:57:36.0633 0x16d0  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:57:36.0635 0x16d0  NetTcpActivator - ok
21:57:36.0638 0x16d0  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:57:36.0640 0x16d0  NetTcpPortSharing - ok
21:57:36.0657 0x16d0  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
21:57:36.0661 0x16d0  nfrd960 - ok
21:57:36.0677 0x16d0  [ 1EE99A89CC788ADA662441D1E9830529, 6B4FDD74BB81E12BD4B25A3E8AECB0FA77FA0075D454DD1D6DC1790ADF1F2AA8 ] NlaSvc          C:\Windows\System32\nlasvc.dll
21:57:36.0682 0x16d0  NlaSvc - ok
21:57:36.0688 0x16d0  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
21:57:36.0689 0x16d0  Npfs - ok
21:57:36.0696 0x16d0  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
21:57:36.0699 0x16d0  nsi - ok
21:57:36.0710 0x16d0  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
21:57:36.0713 0x16d0  nsiproxy - ok
21:57:36.0748 0x16d0  [ 05D78AA5CB5F3F5C31160BDB955D0B7C, E3CD3FAF52ED11A8FB96D667510F1EDCA49053705AA3A13F560F8F6EC995CA45 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
21:57:36.0771 0x16d0  Ntfs - ok
21:57:36.0782 0x16d0  [ 23CF3DA010497EB2BF39A5C5A57E437C, 39CFDE7D401EFCE4F550E0A9461F5FC4D71FA07235E1336E4F0B4882BD76550E ] NTIOLib_1_0_3   C:\Program Files (x86)\MSI\Super Charger\NTIOLib_X64.sys
21:57:36.0783 0x16d0  NTIOLib_1_0_3 - ok
21:57:36.0799 0x16d0  [ 1B32C54B95121AB1683C7B83B2DB4B96, 99F4994A0E5BD1BF6E3F637D3225C69FF4CD620557E23637533E7F18D7D6CBA1 ] NTIOLib_1_0_4   C:\Program Files (x86)\MSI\Live Update\NTIOLib_X64.sys
21:57:36.0802 0x16d0  NTIOLib_1_0_4 - ok
21:57:36.0815 0x16d0  [ C3FEA895FE95EA7A57D9F4D7ABED5E71, 50D5EAA168C077CE5B7F15B3F2C43BD2B86B07B1E926C1B332F8CB13BD2E0793 ] NTIOLib_1_0_T   C:\Program Files (x86)\MSI\OTPService\NTIOLib_X64.sys
21:57:36.0818 0x16d0  NTIOLib_1_0_T - ok
21:57:36.0838 0x16d0  [ 992DED5B623BE3C228F32EDB4CA3F2D2, 47F0CDAA2359A63AD1389EF4A635F1F6EEE1F63BDF6EF177F114BDCDADC2E005 ] NTIOLib_FastBoot C:\Program Files (x86)\MSI\Fast Boot\NTIOLib_X64.sys
21:57:36.0841 0x16d0  NTIOLib_FastBoot - ok
21:57:36.0871 0x16d0  [ 2DA209DDE8188076A9579BD256DC90D0, 984A77E5424C6D099051441005F2938AE92B31B5AD8F6521C6B001932862ADD7 ] NTIOLib_MSISMB_CC C:\Program Files (x86)\MSI\ControlCenter\Sleep\NTIOLib_X64.sys
21:57:36.0880 0x16d0  NTIOLib_MSISMB_CC - ok
21:57:36.0890 0x16d0  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
21:57:36.0892 0x16d0  Null - ok
21:57:36.0910 0x16d0  [ 5D9FD91F3D38DC9DA01E3CB5FA89CD48, 7738785DE8B50D69993F4408498B812D0283FEE5C04FF5B89C20F149B44E9737 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
21:57:36.0928 0x16d0  nvraid - ok
21:57:36.0958 0x16d0  [ F7CD50FE7139F07E77DA8AC8033D1832, DA96F4B15C8165E6AE1D00E03A062C66CA3A3089E4FF0E9E11CE00B154DD12EC ] nvstor          C:\Windows\system32\drivers\nvstor.sys
21:57:36.0963 0x16d0  nvstor - ok
21:57:36.0972 0x16d0  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
21:57:36.0977 0x16d0  nv_agp - ok
21:57:36.0984 0x16d0  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
21:57:36.0988 0x16d0  ohci1394 - ok
21:57:37.0102 0x16d0  [ 49F419E3DB625A629368E090ECAF5439, E2C04872F901AD9BA5AD5709E27F1C6E51F11F53ED4915112D719BDC8EC39E51 ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
21:57:37.0147 0x16d0  Origin Client Service - ok
21:57:37.0206 0x16d0  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:57:37.0218 0x16d0  ose - ok
21:57:37.0358 0x16d0  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:57:37.0450 0x16d0  osppsvc - ok
21:57:37.0498 0x16d0  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
21:57:37.0506 0x16d0  p2pimsvc - ok
21:57:37.0540 0x16d0  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
21:57:37.0546 0x16d0  p2psvc - ok
21:57:37.0561 0x16d0  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
21:57:37.0565 0x16d0  Parport - ok
21:57:37.0578 0x16d0  [ 871EADAC56B0A4C6512BBE32753CCF79, F9FD9DBA55274BB72B897550988DCDFD0F2D9367BE641DFDE07D240052DDC180 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
21:57:37.0580 0x16d0  partmgr - ok
21:57:37.0592 0x16d0  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
21:57:37.0596 0x16d0  PcaSvc - ok
21:57:37.0609 0x16d0  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
21:57:37.0612 0x16d0  pci - ok
21:57:37.0619 0x16d0  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
21:57:37.0622 0x16d0  pciide - ok
21:57:37.0636 0x16d0  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
21:57:37.0642 0x16d0  pcmcia - ok
21:57:37.0652 0x16d0  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
21:57:37.0654 0x16d0  pcw - ok
21:57:37.0670 0x16d0  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
21:57:37.0679 0x16d0  PEAUTH - ok
21:57:37.0742 0x16d0  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
21:57:37.0760 0x16d0  PeerDistSvc - ok
21:57:37.0817 0x16d0  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
21:57:37.0821 0x16d0  PerfHost - ok
21:57:37.0856 0x16d0  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
21:57:37.0895 0x16d0  pla - ok
21:57:37.0944 0x16d0  [ B806E50427511BCF4AD8E8239C3E25FA, AB89B48ECCF90F701B314D18BE531CDA5ABE1636C17B994A5E4BE5AAC136B4E3 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
21:57:37.0971 0x16d0  PlugPlay - ok
21:57:37.0992 0x16d0  [ CD421DDB5C6E5458CE52EDC36DE7DC5B, 7B9C0A8B2B86BBF5D7E02F2620B0015A2530CBBC99724BE20313DE53EB31D62E ] PnkBstrA        C:\Windows\system32\PnkBstrA.exe
21:57:37.0994 0x16d0  PnkBstrA - ok
21:57:38.0017 0x16d0  PnkBstrB - ok
21:57:38.0025 0x16d0  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
21:57:38.0028 0x16d0  PNRPAutoReg - ok
21:57:38.0035 0x16d0  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
21:57:38.0039 0x16d0  PNRPsvc - ok
21:57:38.0073 0x16d0  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
21:57:38.0090 0x16d0  PolicyAgent - ok
21:57:38.0098 0x16d0  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
21:57:38.0101 0x16d0  Power - ok
21:57:38.0121 0x16d0  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
21:57:38.0125 0x16d0  PptpMiniport - ok
21:57:38.0135 0x16d0  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
21:57:38.0139 0x16d0  Processor - ok
21:57:38.0166 0x16d0  [ 5C78838B4D166D1A27DB3A8A820C799A, BBF7E1D0B6754CF06BF3936671FDF5BF6E845CA5678D0940EA54E9212B539B7F ] ProfSvc         C:\Windows\system32\profsvc.dll
21:57:38.0170 0x16d0  ProfSvc - ok
21:57:38.0181 0x16d0  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] ProtectedStorage C:\Windows\system32\lsass.exe
21:57:38.0182 0x16d0  ProtectedStorage - ok
21:57:38.0191 0x16d0  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
21:57:38.0193 0x16d0  Psched - ok
21:57:38.0239 0x16d0  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
21:57:38.0265 0x16d0  ql2300 - ok
21:57:38.0280 0x16d0  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
21:57:38.0284 0x16d0  ql40xx - ok
21:57:38.0299 0x16d0  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
21:57:38.0305 0x16d0  QWAVE - ok
21:57:38.0323 0x16d0  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
21:57:38.0328 0x16d0  QWAVEdrv - ok
21:57:38.0336 0x16d0  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
21:57:38.0339 0x16d0  RasAcd - ok
21:57:38.0352 0x16d0  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
21:57:38.0356 0x16d0  RasAgileVpn - ok
21:57:38.0366 0x16d0  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
21:57:38.0371 0x16d0  RasAuto - ok
21:57:38.0382 0x16d0  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
21:57:38.0387 0x16d0  Rasl2tp - ok
21:57:38.0405 0x16d0  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
21:57:38.0410 0x16d0  RasMan - ok
21:57:38.0416 0x16d0  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
21:57:38.0420 0x16d0  RasPppoe - ok
21:57:38.0427 0x16d0  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
21:57:38.0431 0x16d0  RasSstp - ok
21:57:38.0446 0x16d0  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
21:57:38.0451 0x16d0  rdbss - ok
21:57:38.0462 0x16d0  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
21:57:38.0465 0x16d0  rdpbus - ok
21:57:38.0467 0x16d0  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
21:57:38.0469 0x16d0  RDPCDD - ok
21:57:38.0490 0x16d0  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
21:57:38.0495 0x16d0  RDPDR - ok
21:57:38.0515 0x16d0  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
21:57:38.0518 0x16d0  RDPENCDD - ok
21:57:38.0526 0x16d0  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
21:57:38.0529 0x16d0  RDPREFMP - ok
21:57:38.0567 0x16d0  [ 70CBA1A0C98600A2AA1863479B35CB90, 91A133297921B4955817176251AFC5283DA3C7D2099700C4C92ECC94DBE9A99E ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
21:57:38.0569 0x16d0  RdpVideoMiniport - ok
21:57:38.0580 0x16d0  [ 15B66C206B5CB095BAB980553F38ED23, 3CA50786A8D3D6BAF145AFD22C1ED92C2EB39F5D6AF4F6B09B69610FDE0C5B24 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
21:57:38.0585 0x16d0  RDPWD - ok
21:57:38.0595 0x16d0  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
21:57:38.0598 0x16d0  rdyboost - ok
21:57:38.0627 0x16d0  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
21:57:38.0631 0x16d0  RemoteAccess - ok
21:57:38.0642 0x16d0  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
21:57:38.0647 0x16d0  RemoteRegistry - ok
21:57:38.0666 0x16d0  [ 9C3AC71A9934B884FAC567A8807E9C4D, 0B6B2970098E3C21E1E54A25785544903E8CD415B527FCEF86ABC7B33BEC83E7 ] Revoflt         C:\Windows\system32\DRIVERS\revoflt.sys
21:57:38.0669 0x16d0  Revoflt - ok
21:57:38.0688 0x16d0  [ 010C9C26AF2464023D1F084975E69F80, 52404C1FA02CDBD5787C80F417E770D4C467FA70F58382FCFD17ABD4BDC076DC ] RimUsb          C:\Windows\system32\Drivers\RimUsb_AMD64.sys
21:57:38.0691 0x16d0  RimUsb - ok
21:57:38.0712 0x16d0  [ 344604E6913BD6E4EAEC34AF2E0943D7, 4ADFE13AFECD0F263A27F647FC6BA1AB47B2A28F9D70FCAC90F23D0A2FB8C493 ] RimVSerPort     C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
21:57:38.0715 0x16d0  RimVSerPort - ok
21:57:38.0723 0x16d0  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
21:57:38.0727 0x16d0  RpcEptMapper - ok
21:57:38.0737 0x16d0  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
21:57:38.0740 0x16d0  RpcLocator - ok
21:57:38.0760 0x16d0  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
21:57:38.0766 0x16d0  RpcSs - ok
21:57:38.0778 0x16d0  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
21:57:38.0780 0x16d0  rspndr - ok
21:57:38.0843 0x16d0  [ 5BA81E54A094CA3A767EB727ACFCAEAB, E78BA811428665D65F84DE3AFA595700E78B4C8A0DD668D32D90788B54B4CF21 ] RzKLService     C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
21:57:38.0844 0x16d0  RzKLService - ok
21:57:38.0865 0x16d0  [ 2ADA9F126235A56EDC9F90C888E4D142, 4CE692D045F6F8A7A1D309376648E81066F6EBAF94580F2ED0B0FFC1FE6FE44E ] RZMAELSTROMVADService C:\Windows\system32\drivers\RzMaelstromVAD.sys
21:57:38.0868 0x16d0  RZMAELSTROMVADService - ok
21:57:38.0916 0x16d0  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
21:57:38.0922 0x16d0  s3cap - ok
21:57:38.0924 0x16d0  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] SamSs           C:\Windows\system32\lsass.exe
21:57:38.0925 0x16d0  SamSs - ok
21:57:38.0986 0x16d0  [ 3289766038DB2CB14D07DC84392138D5, A7790B787690CC1A8B97E4532090C5295350A836A9474DEA74CEB3E81CF26124 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
21:57:38.0988 0x16d0  SASDIFSV - ok
21:57:38.0994 0x16d0  [ 58A38E75F3316A83C23DF6173D41F2B5, B0A8CDA1D164B7534FB41AB80792861384709BF0F914F44553275CF20194F1A1 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
21:57:38.0997 0x16d0  SASKUTIL - ok
21:57:39.0039 0x16d0  [ CCBF62280DAF6D94A4C73E391CDAC68C, FA8B03C3A5FC46C7451C798203800AAF77F957C32A2F659CC4077D349687A376 ] SbieDrv         C:\Program Files\Sandboxie\SbieDrv.sys
21:57:39.0042 0x16d0  SbieDrv - ok
21:57:39.0050 0x16d0  [ 8A1F63C6EC01C56C9EC4C681E593FE34, 960D96333EF97D481C5CCDCADAEF8A7B537AECFA06B023AB0C81B828203D2A35 ] SbieSvc         C:\Program Files\Sandboxie\SbieSvc.exe
21:57:39.0052 0x16d0  SbieSvc - ok
21:57:39.0063 0x16d0  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
21:57:39.0067 0x16d0  sbp2port - ok
21:57:39.0098 0x16d0  [ 1D301BD24643A1E94D0800D597F25C0E, 82852D40FD9158DB5AA721BBF61F06796E0F175CFDC94D67AB50C616C1B98487 ] SBUpdd          C:\Program Files\Common Files\SpeedBit\SBUpdate\sbw.sys
21:57:39.0103 0x16d0  SBUpdd - ok
21:57:39.0115 0x16d0  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
21:57:39.0121 0x16d0  SCardSvr - ok
21:57:39.0131 0x16d0  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
21:57:39.0134 0x16d0  scfilter - ok
21:57:39.0159 0x16d0  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
21:57:39.0174 0x16d0  Schedule - ok
21:57:39.0197 0x16d0  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
21:57:39.0199 0x16d0  SCPolicySvc - ok
21:57:39.0225 0x16d0  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
21:57:39.0244 0x16d0  SDRSVC - ok
21:57:39.0263 0x16d0  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
21:57:39.0264 0x16d0  secdrv - ok
21:57:39.0275 0x16d0  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
21:57:39.0277 0x16d0  seclogon - ok
21:57:39.0290 0x16d0  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\system32\sens.dll
21:57:39.0293 0x16d0  SENS - ok
21:57:39.0300 0x16d0  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
21:57:39.0303 0x16d0  SensrSvc - ok
21:57:39.0314 0x16d0  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys
21:57:39.0318 0x16d0  Serenum - ok
21:57:39.0330 0x16d0  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
21:57:39.0334 0x16d0  Serial - ok
21:57:39.0354 0x16d0  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
21:57:39.0357 0x16d0  sermouse - ok
21:57:39.0368 0x16d0  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
21:57:39.0373 0x16d0  SessionEnv - ok
21:57:39.0381 0x16d0  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
21:57:39.0384 0x16d0  sffdisk - ok
21:57:39.0395 0x16d0  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
21:57:39.0398 0x16d0  sffp_mmc - ok
21:57:39.0403 0x16d0  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
21:57:39.0405 0x16d0  sffp_sd - ok
21:57:39.0413 0x16d0  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
21:57:39.0415 0x16d0  sfloppy - ok
21:57:39.0441 0x16d0  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
21:57:39.0449 0x16d0  SharedAccess - ok
21:57:39.0468 0x16d0  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:57:39.0474 0x16d0  ShellHWDetection - ok
21:57:39.0524 0x16d0  [ E9E830D540EDEDED650F906628468548, 9800160C6807B28A2A1E57810151473C96F1484F2EF75D3E378E8C96440CD4CE ] simptcp         C:\Windows\System32\tcpsvcs.exe
21:57:39.0525 0x16d0  simptcp - ok
21:57:39.0542 0x16d0  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
21:57:39.0564 0x16d0  SiSRaid2 - ok
21:57:39.0574 0x16d0  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
21:57:39.0646 0x16d0  SiSRaid4 - ok
21:57:39.0663 0x16d0  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
21:57:39.0667 0x16d0  Smb - ok
21:57:39.0696 0x16d0  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
21:57:39.0699 0x16d0  SNMPTRAP - ok
21:57:39.0704 0x16d0  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
21:57:39.0706 0x16d0  spldr - ok
21:57:39.0722 0x16d0  [ B96C17B5DC1424D56EEA3A99E97428CD, AF0A85066A7983878DC1C663811CE61C6CA1912DC956184F878B7B82DB93C651 ] Spooler         C:\Windows\System32\spoolsv.exe
21:57:39.0731 0x16d0  Spooler - ok
21:57:39.0795 0x16d0  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
21:57:39.0863 0x16d0  sppsvc - ok
21:57:39.0872 0x16d0  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
21:57:39.0876 0x16d0  sppuinotify - ok
21:57:39.0895 0x16d0  [ 2098B8556D1CEC2ACA9A29CD479E3692, D5826407C64F18C16EB36E6F00787CFAFCD9B24B5BD8AD126AD01E6E4134966F ] srv             C:\Windows\system32\DRIVERS\srv.sys
21:57:39.0901 0x16d0  srv - ok
21:57:39.0918 0x16d0  [ D0F73A42040F21F92FD314B42AC5C9E7, A021C4318C9CFA594305458B2643BB0C22DDE1F3D51C93C9F3E7F7AB75B31278 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
21:57:39.0924 0x16d0  srv2 - ok
21:57:39.0938 0x16d0  [ 2BA8F3250828CCDB4204ECF2C6F40B6A, 22C4FBF9A87C46E69C48B681FF733D68D9CB7B7D73FB14C8C2A06E9009F9860E ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
21:57:39.0941 0x16d0  srvnet - ok
21:57:39.0949 0x16d0  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
21:57:39.0952 0x16d0  SSDPSRV - ok
21:57:39.0963 0x16d0  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
21:57:39.0966 0x16d0  SstpSvc - ok
21:57:39.0992 0x16d0  [ 5252D7BC56E5E0ED715AEA8FE173A455, 1408B3E98B35A449434718777EE70595F0D306197A428279C6281D2F1953F259 ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
21:57:39.0998 0x16d0  ssudmdm - ok
21:57:40.0054 0x16d0  [ 6706EB2A5B2516F31EEA36CBD64C1737, E099A94BC365B385D34EEA1FD95B0C280B4E2EFD63DC54748A8BBAF98FA5D2B3 ] ss_conn_service C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
21:57:40.0076 0x16d0  ss_conn_service - ok
21:57:40.0117 0x16d0  [ 7E815DDD79CC73A02A33DF11FABE4E1E, A05A85CDB0CB0AA1AAC93AA801C39242BFE59082E2BC580F04EBFA71B5B61F07 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
21:57:40.0137 0x16d0  Steam Client Service - ok
21:57:40.0151 0x16d0  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
21:57:40.0154 0x16d0  stexstor - ok
21:57:40.0207 0x16d0  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
21:57:40.0216 0x16d0  stisvc - ok
21:57:40.0232 0x16d0  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
21:57:40.0233 0x16d0  storflt - ok
21:57:40.0274 0x16d0  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
21:57:40.0277 0x16d0  storvsc - ok
21:57:40.0284 0x16d0  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
21:57:40.0287 0x16d0  swenum - ok
21:57:40.0388 0x16d0  [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard     C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
21:57:40.0411 0x16d0  SwitchBoard - ok
21:57:40.0434 0x16d0  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
21:57:40.0445 0x16d0  swprv - ok
21:57:40.0478 0x16d0  [ C3A39C4079305480972D29C44B868C78, 8F1BB75C743256F905EAEDE744B6082C53774C49126875FB4E4FBA30F5478B17 ] Synth3dVsc      C:\Windows\system32\drivers\synth3dvsc.sys
21:57:40.0483 0x16d0  Synth3dVsc - ok
21:57:40.0520 0x16d0  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
21:57:40.0544 0x16d0  SysMain - ok
21:57:40.0554 0x16d0  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:57:40.0556 0x16d0  TabletInputService - ok
21:57:40.0574 0x16d0  [ 3C32FF010F869BC184DF71290477384E, 55CFCEC7F026C6E2E96A2FBE846AB513BB12BB0348735274FE1B71AF019C837B ] tap0901         C:\Windows\system32\DRIVERS\tap0901.sys
21:57:40.0583 0x16d0  tap0901 - ok
21:57:40.0619 0x16d0  [ B08740047145B9BCE15BF75CA0F9718A, 3E2A8A5A2A4DC4D0F05E22EA2C0EBD85AA5C7C6854E873D53538D1F54B8F7C63 ] tap0901t        C:\Windows\system32\DRIVERS\tap0901t.sys
21:57:40.0621 0x16d0  tap0901t - ok
21:57:40.0633 0x16d0  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
21:57:40.0638 0x16d0  TapiSrv - ok
21:57:40.0650 0x16d0  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
21:57:40.0652 0x16d0  TBS - ok
21:57:40.0689 0x16d0  [ 509383E505C973ED7534A06B3D19688D, 520AE434CCE1D365A45B2035283A4AD915E98D28D06BD73822F6FF865C2AE7DF ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
21:57:40.0715 0x16d0  Tcpip - ok
21:57:40.0744 0x16d0  [ 509383E505C973ED7534A06B3D19688D, 520AE434CCE1D365A45B2035283A4AD915E98D28D06BD73822F6FF865C2AE7DF ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
21:57:40.0765 0x16d0  TCPIP6 - ok
21:57:40.0772 0x16d0  [ DF687E3D8836BFB04FCC0615BF15A519, 7C5B1E72673B4299DFC21E869F0FBB28198CA54DF4F4AF7080005F2D82467784 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
21:57:40.0774 0x16d0  tcpipreg - ok
21:57:40.0787 0x16d0  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
21:57:40.0790 0x16d0  TDPIPE - ok
21:57:40.0797 0x16d0  [ E4245BDA3190A582D55ED09E137401A9, F59C983882997D68CC7B1B2080AEE9EBE2AE90D478F877559BD2AAA97158A116 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
21:57:40.0799 0x16d0  TDTCP - ok
21:57:40.0808 0x16d0  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
21:57:40.0812 0x16d0  tdx - ok
21:57:41.0005 0x16d0  [ 4ACFC5853A3F0C6C2F54E537C23EE90F, 47D81F471A250696A1A0D19294FC553EB88D813612A8351C89F65D7BF99C8532 ] TeamViewer9     C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
21:57:41.0056 0x16d0  TeamViewer9 - ok
21:57:41.0077 0x16d0  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
21:57:41.0083 0x16d0  TermDD - ok
21:57:41.0104 0x16d0  [ 2B5BDFF688EC9871D7EC5837833374E9, BD6C629FA2938987ABF95B790B20F0B7D4D023D5013E575F343A802D6213074E ] terminpt        C:\Windows\system32\drivers\terminpt.sys
21:57:41.0107 0x16d0  terminpt - ok
21:57:41.0124 0x16d0  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
21:57:41.0138 0x16d0  TermService - ok
21:57:41.0147 0x16d0  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
21:57:41.0150 0x16d0  Themes - ok
21:57:41.0265 0x16d0  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
21:57:41.0267 0x16d0  THREADORDER - ok
21:57:41.0303 0x16d0  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
21:57:41.0338 0x16d0  TrkWks - ok
21:57:41.0398 0x16d0  [ 64A1095DEF1C2D811F706B832BFCD27A, 3018B1AFB4DF4EDA04EB844783BC64CC04E5D05EEAC1B218EF28BAB9453596F4 ] trufos          C:\Windows\system32\DRIVERS\trufos.sys
21:57:41.0405 0x16d0  trufos - ok
21:57:41.0444 0x16d0  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:57:41.0449 0x16d0  TrustedInstaller - ok
21:57:41.0459 0x16d0  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30, CA302C2ED6A6BF4670BAAA4F5C14C0238CF0C80316856AA0DB053F4D593033AC ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
21:57:41.0481 0x16d0  tssecsrv - ok
21:57:41.0490 0x16d0  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
21:57:41.0493 0x16d0  TsUsbFlt - ok
21:57:41.0503 0x16d0  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
21:57:41.0506 0x16d0  TsUsbGD - ok
21:57:41.0519 0x16d0  [ E1748D04AE40118B62BC18AC86032192, A954B141D1B27272C771D14F3B40C7CC1F572DD72559F2C96182EFBE2B095FDE ] tsusbhub        C:\Windows\system32\drivers\tsusbhub.sys
21:57:41.0523 0x16d0  tsusbhub - ok
21:57:41.0541 0x16d0  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
21:57:41.0546 0x16d0  tunnel - ok
21:57:41.0596 0x16d0  [ 9B67EEB5ECCA7E7A57942D967DD59089, 6CD1575BB52A936875DB6E2EA541C7630CF1B0BC4947A5B12356F7C493316324 ] TunngleService  C:\Program Files (x86)\Tunngle\TnglCtrl.exe
21:57:41.0637 0x16d0  TunngleService - ok
21:57:41.0647 0x16d0  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
21:57:41.0651 0x16d0  uagp35 - ok
21:57:41.0665 0x16d0  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
21:57:41.0673 0x16d0  udfs - ok
21:57:41.0681 0x16d0  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
21:57:41.0685 0x16d0  UI0Detect - ok
21:57:41.0704 0x16d0  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
21:57:41.0707 0x16d0  uliagpkx - ok
21:57:41.0722 0x16d0  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
21:57:41.0725 0x16d0  umbus - ok
21:57:41.0745 0x16d0  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
21:57:41.0748 0x16d0  UmPass - ok
21:57:41.0767 0x16d0  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
21:57:41.0773 0x16d0  UmRdpService - ok
21:57:41.0809 0x16d0  [ BC212B919D64820F0D8150E037437894, 2549E969C09771F23F7069FB208E1D73865E0CA9AE998B1AFB3D5BA65BDFA88E ] UPDATESRV       C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe
21:57:41.0811 0x16d0  UPDATESRV - ok
21:57:41.0844 0x16d0  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
21:57:41.0849 0x16d0  upnphost - ok
21:57:41.0861 0x16d0  [ 481DFF26B4DCA8F4CBAC1F7DCE1D6829, 5D6E404FE0AB875202CA1A3E8E9D2F4368DF6ACCFA1C872ECFAF8399CBA3A485 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
21:57:41.0864 0x16d0  usbccgp - ok
21:57:41.0875 0x16d0  [ AF0892A803FDDA7492F595368E3B68E7, F263346DEB4D742EB436CF578F187AC8521D84CED52E98475E6198EC52244F07 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
21:57:41.0879 0x16d0  usbcir - ok
21:57:41.0895 0x16d0  [ 74EE782B1D9C241EFE425565854C661C, E8258EA65B0FCAD4E077B176E9D9324646B652D6E651241E397346A39770D065 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
21:57:41.0898 0x16d0  usbehci - ok
21:57:41.0939 0x16d0  [ DC96BD9CCB8403251BCF25047573558E, 66EBF8A6B3BC0634F32DDCC8BA31F1EB5987E8C6853E1DC26005E3EED0945565 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
21:57:41.0947 0x16d0  usbhub - ok
21:57:41.0967 0x16d0  [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
21:57:41.0970 0x16d0  usbohci - ok
21:57:41.0987 0x16d0  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
21:57:41.0990 0x16d0  usbprint - ok
21:57:42.0004 0x16d0  [ AAA2513C8AED8B54B189FD0C6B1634C0, 02FEE0B756AA559C29477A19861AC16D5A3152DC3C897C7D466423438B6A5E42 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
21:57:42.0007 0x16d0  usbscan - ok
21:57:42.0021 0x16d0  [ D76510CFA0FC09023077F22C2F979D86, 5662281C6D515423255D3C262EA368DBAFC250235E535FBFA3E59D3487695439 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:57:42.0025 0x16d0  USBSTOR - ok
21:57:42.0041 0x16d0  [ 6D14D8EC1DD33A072653E75E3B28B062, C50F1B1D055387D16363C5C6C04768B1FECC843242D7C09478990A136BF5F7D5 ] usbUDisc        C:\Windows\system32\DRIVERS\USBDrv_AMD64.sys
21:57:42.0045 0x16d0  usbUDisc - ok
21:57:42.0057 0x16d0  [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
21:57:42.0059 0x16d0  usbuhci - ok
21:57:42.0091 0x16d0  [ 70D05EE263568A742D14E1876DF80532, D49D7B60EE30F2398B8B532F4A4C3F17535485F2BDB9B14AB600E2A4E3F12A6B ] usb_rndisx      C:\Windows\system32\DRIVERS\usb8023x.sys
21:57:42.0094 0x16d0  usb_rndisx - ok
21:57:42.0101 0x16d0  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
21:57:42.0103 0x16d0  UxSms - ok
21:57:42.0139 0x16d0  [ 36E1E73E0F322E701B3936F31514D8FA, AB81EEB80B0B4743D0FC5D7C9B7F04BB1C981A5A57DCA93750D416BCE403B4D5 ] V0520Vid        C:\Windows\system32\DRIVERS\V0520Vid.sys
21:57:42.0146 0x16d0  V0520Vid - ok
21:57:42.0156 0x16d0  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] VaultSvc        C:\Windows\system32\lsass.exe
21:57:42.0157 0x16d0  VaultSvc - ok
21:57:42.0168 0x16d0  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
21:57:42.0169 0x16d0  vdrvroot - ok
21:57:42.0197 0x16d0  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
21:57:42.0207 0x16d0  vds - ok
21:57:42.0221 0x16d0  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
21:57:42.0223 0x16d0  vga - ok
21:57:42.0229 0x16d0  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
21:57:42.0232 0x16d0  VgaSave - ok
21:57:42.0244 0x16d0  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
21:57:42.0250 0x16d0  vhdmp - ok
21:57:42.0263 0x16d0  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
21:57:42.0266 0x16d0  viaide - ok
21:57:42.0285 0x16d0  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
21:57:42.0291 0x16d0  vmbus - ok
21:57:42.0303 0x16d0  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
21:57:42.0306 0x16d0  VMBusHID - ok
21:57:42.0320 0x16d0  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
21:57:42.0322 0x16d0  volmgr - ok
21:57:42.0339 0x16d0  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
21:57:42.0345 0x16d0  volmgrx - ok
21:57:42.0358 0x16d0  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
21:57:42.0362 0x16d0  volsnap - ok
21:57:42.0376 0x16d0  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
21:57:42.0380 0x16d0  vsmraid - ok
21:57:42.0414 0x16d0  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
21:57:42.0440 0x16d0  VSS - ok
21:57:42.0499 0x16d0  [ 7253E711F76339598266ED03A5791E6E, 75C475DFFD9B19179EC8F114865F8A49BE0F424411743BD332E2A50E15F5E71A ] vsserv          C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe
21:57:42.0520 0x16d0  vsserv - ok
21:57:42.0532 0x16d0  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
21:57:42.0538 0x16d0  vwifibus - ok
21:57:42.0574 0x16d0  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
21:57:42.0583 0x16d0  W32Time - ok
21:57:42.0629 0x16d0  [ B32009DB1972E7F2C227499289C4384A, D491CD90ACE895EC60A5A2F995EAE39F8ED662B71BC548C3FF5BBDBC60054788 ] W3SVC           C:\Windows\system32\inetsrv\iisw3adm.dll
21:57:42.0639 0x16d0  W3SVC - ok
21:57:42.0646 0x16d0  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
21:57:42.0649 0x16d0  WacomPen - ok
21:57:42.0663 0x16d0  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
21:57:42.0667 0x16d0  WANARP - ok
21:57:42.0670 0x16d0  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
21:57:42.0671 0x16d0  Wanarpv6 - ok
21:57:42.0679 0x16d0  [ B32009DB1972E7F2C227499289C4384A, D491CD90ACE895EC60A5A2F995EAE39F8ED662B71BC548C3FF5BBDBC60054788 ] WAS             C:\Windows\system32\inetsrv\iisw3adm.dll
21:57:42.0685 0x16d0  WAS - ok
21:57:42.0737 0x16d0  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
21:57:42.0770 0x16d0  wbengine - ok
21:57:42.0784 0x16d0  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
21:57:42.0800 0x16d0  WbioSrvc - ok
21:57:42.0813 0x16d0  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
21:57:42.0820 0x16d0  wcncsvc - ok
21:57:42.0834 0x16d0  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:57:42.0838 0x16d0  WcsPlugInService - ok
21:57:42.0852 0x16d0  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
21:57:42.0854 0x16d0  Wd - ok
21:57:42.0882 0x16d0  [ 442783E2CB0DA19873B7A63833FF4CB4, 09254970265476214F3187CC22A4F9C7C2769D419600E83FBE302C3A103E527F ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
21:57:42.0893 0x16d0  Wdf01000 - ok
21:57:42.0907 0x16d0  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
21:57:42.0909 0x16d0  WdiServiceHost - ok
21:57:42.0912 0x16d0  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
21:57:42.0914 0x16d0  WdiSystemHost - ok
21:57:42.0926 0x16d0  [ 3DB6D04E1C64272F8B14EB8BC4616280, 9138642B1C19F895D4ECFD930160C80FBF15813CE63BBF4C899842C300FD3026 ] WebClient       C:\Windows\System32\webclnt.dll
21:57:42.0933 0x16d0  WebClient - ok
21:57:42.0949 0x16d0  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
21:57:42.0957 0x16d0  Wecsvc - ok
21:57:42.0969 0x16d0  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
21:57:42.0971 0x16d0  wercplsupport - ok
21:57:42.0979 0x16d0  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
21:57:42.0984 0x16d0  WerSvc - ok
21:57:42.0993 0x16d0  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
21:57:42.0995 0x16d0  WfpLwf - ok
21:57:43.0001 0x16d0  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
21:57:43.0004 0x16d0  WIMMount - ok
21:57:43.0015 0x16d0  WinDefend - ok
21:57:43.0018 0x16d0  WinHttpAutoProxySvc - ok
21:57:43.0089 0x16d0  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
21:57:43.0093 0x16d0  Winmgmt - ok
21:57:43.0148 0x16d0  [ 0C0195C48B6B8582FA6F6373032118DA, 11BD2C9F9E2397C9A16E0990E4ED2CF0679498FE0FD418A3DFDAC60B5C160EE5 ] WinRing0_1_2_0  C:\Users\Sam\Desktop\temp\WinRing0x64.sys
21:57:43.0151 0x16d0  WinRing0_1_2_0 - ok
21:57:43.0202 0x16d0  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
21:57:43.0235 0x16d0  WinRM - ok
21:57:43.0264 0x16d0  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
21:57:43.0268 0x16d0  WinUsb - ok
21:57:43.0307 0x16d0  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
21:57:43.0323 0x16d0  Wlansvc - ok
21:57:43.0339 0x16d0  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
21:57:43.0341 0x16d0  WmiAcpi - ok
21:57:43.0361 0x16d0  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
21:57:43.0366 0x16d0  wmiApSrv - ok
21:57:43.0383 0x16d0  WMPNetworkSvc - ok
21:57:43.0393 0x16d0  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
21:57:43.0396 0x16d0  WPCSvc - ok
21:57:43.0411 0x16d0  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
21:57:43.0414 0x16d0  WPDBusEnum - ok
21:57:43.0427 0x16d0  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
21:57:43.0429 0x16d0  ws2ifsl - ok
21:57:43.0440 0x16d0  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\system32\wscsvc.dll
21:57:43.0443 0x16d0  wscsvc - ok
21:57:43.0445 0x16d0  WSearch - ok
21:57:43.0499 0x16d0  [ 9DF12EDBC698B0BC353B3EF84861E430, 5777972DC6242096EE2D4DAEEFC822DE9077560322DED7B9696BB23B7C240403 ] wuauserv        C:\Windows\system32\wuaueng.dll
21:57:43.0550 0x16d0  wuauserv - ok
21:57:43.0558 0x16d0  [ D3381DC54C34D79B22CEE0D65BA91B7C, 70DC4ADCA4C0C28BB133287511E329D1B6B9B97F96CDE5B1D2F1F59FE1A965D9 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
21:57:43.0562 0x16d0  WudfPf - ok
21:57:43.0575 0x16d0  [ CF8D590BE3373029D57AF80914190682, FB9641777E90A58C063FBE95F081DC6D2F4770827DE19108A9DC3E3D6B17B4BF ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
21:57:43.0580 0x16d0  WUDFRd - ok
21:57:43.0589 0x16d0  [ 7A95C95B6C4CF292D689106BCAE49543, 9029F489E1E817CE12839B8C6656E46190497D445DC3F43C20CF96E5E6BD0691 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
21:57:43.0592 0x16d0  wudfsvc - ok
21:57:43.0604 0x16d0  [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc         C:\Windows\System32\wwansvc.dll
21:57:43.0610 0x16d0  WwanSvc - ok
21:57:43.0658 0x16d0  [ 828896BF9BCB414BA583BC7879E35ACB, 2C9275ABE259101F79B000673A56F090E4C67D276A8F82E1F218E896479DDDCA ] XTU3SERVICE     C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe
21:57:43.0658 0x16d0  XTU3SERVICE - ok
21:57:43.0677 0x16d0  ================ Scan global ===============================
21:57:43.0710 0x16d0  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
21:57:43.0747 0x16d0  [ E0406AEF04B088D1C49FC78D0546F689, 7ADD4D1C174FAA5405BD94BAF104A5DD56BE00DBDC1ED9F069A95430A7B264AA ] C:\Windows\system32\winsrv.dll
21:57:43.0756 0x16d0  [ E0406AEF04B088D1C49FC78D0546F689, 7ADD4D1C174FAA5405BD94BAF104A5DD56BE00DBDC1ED9F069A95430A7B264AA ] C:\Windows\system32\winsrv.dll
21:57:43.0772 0x16d0  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
21:57:43.0813 0x16d0  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
21:57:43.0817 0x16d0  [ Global ] - ok
21:57:43.0818 0x16d0  ================ Scan MBR ==================================
21:57:43.0821 0x16d0  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:57:45.0031 0x16d0  \Device\Harddisk0\DR0 - ok
21:57:45.0032 0x16d0  ================ Scan VBR ==================================
21:57:45.0052 0x16d0  [ 9330650A65893EA1DF4C471E3B953003 ] \Device\Harddisk0\DR0\Partition1
21:57:45.0158 0x16d0  \Device\Harddisk0\DR0\Partition1 - ok
21:57:45.0184 0x16d0  [ 74909F69826C79C65B1BC9F8848A6DB7 ] \Device\Harddisk0\DR0\Partition2
21:57:45.0254 0x16d0  \Device\Harddisk0\DR0\Partition2 - ok
21:57:45.0273 0x16d0  [ E79EB4D5114DB4C4ADD6D60714AB7AC1 ] \Device\Harddisk0\DR0\Partition3
21:57:45.0366 0x16d0  \Device\Harddisk0\DR0\Partition3 - ok
21:57:45.0402 0x16d0  [ 259EE760C738590F5D91BE79CFBBC4D9 ] \Device\Harddisk0\DR0\Partition4
21:57:45.0481 0x16d0  \Device\Harddisk0\DR0\Partition4 - ok
21:57:45.0502 0x16d0  [ 714C126E9018C1C5127AAC4309AD0BF6 ] \Device\Harddisk0\DR0\Partition5
21:57:45.0552 0x16d0  \Device\Harddisk0\DR0\Partition5 - ok
21:57:45.0580 0x16d0  [ 3A5B0DED1C82AF9840F3F4B0B8851468 ] \Device\Harddisk0\DR0\Partition6
21:57:45.0646 0x16d0  \Device\Harddisk0\DR0\Partition6 - ok
21:57:45.0679 0x16d0  [ 0E533ED1B5AA39CBD28352589AB6B651 ] \Device\Harddisk0\DR0\Partition7
21:57:45.0785 0x16d0  \Device\Harddisk0\DR0\Partition7 - ok
21:57:45.0824 0x16d0  [ 147359AF73D672BAB53C8224DD3884C4 ] \Device\Harddisk0\DR0\Partition8
21:57:45.0827 0x16d0  \Device\Harddisk0\DR0\Partition8 - ok
21:57:45.0877 0x16d0  [ 2B4A9F7A570EDED19D3800FB1A792222 ] \Device\Harddisk0\DR0\Partition9
21:57:45.0958 0x16d0  \Device\Harddisk0\DR0\Partition9 - ok
21:57:45.0958 0x16d0  ================ Scan generic autorun ======================
21:57:46.0162 0x16d0  [ EB51D5190B0C89CB6690740C848E0DE9, 8C22F3854F56B9753EA299BBEA2EA7923BCF38552FF391CCB14DD8BF3EC88CD0 ] C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe
21:57:46.0191 0x16d0  Bdagent - ok
21:57:46.0234 0x16d0  [ C43736630B746B38C4E12C03F81AC1B9, BB3FD50A072AD96630E4D88726075313506BE7CE5F197A83BE2739FBA920C17E ] C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe
21:57:46.0247 0x16d0  Super Charger - ok
21:57:46.0342 0x16d0  [ 463990E85B88E37E3D2AB05270181749, F1E4CC5282E87C699822F28082866754A3FD0C1BC5AF2059BE5A053B048FE084 ] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
21:57:46.0417 0x16d0  LogMeIn Hamachi Ui - ok
21:57:46.0497 0x16d0  [ 292C97E052A16CF2850309F1883C31E5, 7CECA205787A689C79C42F9FC697C567FAA275A36ECFC03176AD79542984480B ] C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe
21:57:46.0505 0x16d0  Bitdefender Wallet Agent - ok
21:57:46.0992 0x16d0  [ C664CAF57AB0D22FD97E7395D1423185, 36D5487AC098BDC2B49BEB8EE0E7412CF1AFE8D368158B3814A4205E5E3DF803 ] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_15_0_0_152_Plugin.exe
21:57:47.0027 0x16d0  FlashPlayerUpdate - ok
21:57:47.0090 0x16d0  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
21:57:47.0111 0x16d0  Sidebar - ok
21:57:47.0132 0x16d0  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
21:57:47.0136 0x16d0  mctadmin - ok
21:57:47.0174 0x16d0  [ EF162817C730DB9355F6C28F2445D206, 84AC974BF163A6EB540744435FD65ADC951ECF1BFF77DBA7D2B5D9F389E1DAD7 ] C:\Program Files (x86)\Windows Mail\wab.exe
21:57:47.0186 0x16d0  WAB Migrate - ok
21:57:47.0204 0x16d0  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
21:57:47.0216 0x16d0  Sidebar - ok
21:57:47.0220 0x16d0  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
21:57:47.0221 0x16d0  mctadmin - ok
21:57:47.0230 0x16d0  [ EF162817C730DB9355F6C28F2445D206, 84AC974BF163A6EB540744435FD65ADC951ECF1BFF77DBA7D2B5D9F389E1DAD7 ] C:\Program Files (x86)\Windows Mail\wab.exe
21:57:47.0235 0x16d0  WAB Migrate - ok
21:57:47.0236 0x16d0  Waiting for KSN requests completion. In queue: 78
21:57:48.0236 0x16d0  Waiting for KSN requests completion. In queue: 78
21:57:49.0236 0x16d0  Waiting for KSN requests completion. In queue: 78
21:57:50.0236 0x16d0  Waiting for KSN requests completion. In queue: 78
21:57:51.0282 0x16d0  AV detected via SS2: Bitdefender Antivirus, C:\Program Files\Bitdefender\Bitdefender 2015\wscfix.exe ( 18.15.0.1157 ), 0x41000 ( enabled : updated )
21:57:51.0297 0x16d0  FW detected via SS2: Bitdefender Firewall, C:\Program Files\Bitdefender\Bitdefender 2015\wscfix.exe ( 18.15.0.1157 ), 0x41010 ( enabled )
21:57:54.0143 0x16d0  ============================================================
21:57:54.0143 0x16d0  Scan finished
21:57:54.0143 0x16d0  ============================================================
21:57:54.0156 0x16b0  Detected object count: 0
21:57:54.0156 0x16b0  Actual detected object count: 0

aswMBR version 1.0.1.2161 Copyright© 2014 AVAST Software
Run date: 2014-10-24 21:59:57
-----------------------------
21:59:57.199 OS Version: Windows x64 6.1.7601 Service Pack 1
21:59:57.199 Number of processors: 4 586 0x3A09
21:59:57.199 ComputerName: SAM-PC UserName: Sam
21:59:57.554 Initialize success
21:59:57.565 VM: initialized successfully
21:59:57.567 VM: Intel CPU supported
22:00:32.149 VM: supported disk I/O ataport.SYS
22:22:22.513 AVAST engine defs: 14102400
22:23:28.918 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
22:23:28.919 Disk 0 Vendor: ST2000DM001-1CH164 CC24 Size: 1907729MB BusType: 11
22:23:29.019 VM: Disk 0 MBR read successfully
22:23:29.021 Disk 0 MBR scan
22:23:29.024 Disk 0 Windows 7 default MBR code
22:23:29.031 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
22:23:29.060 Disk 0 Boot: NTFS code=2
22:23:29.064 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 157489 MB offset 206848
22:23:29.067 Disk 0 Partition - 00 0F Extended LBA 1750127 MB offset 322761975
22:23:29.078 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 249987 MB offset 322761977
22:23:29.083 Disk 0 Partition - 00 05 Extended 249995 MB offset 834753465
22:23:29.098 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 249995 MB offset 834753526
22:23:29.102 Disk 0 Partition - 00 05 Extended 249995 MB offset 1858752570
22:23:29.114 Disk 0 Partition 5 00 07 HPFS/NTFS NTFS 249995 MB offset 1346761140
22:23:29.119 Disk 0 Partition - 00 05 Extended 249995 MB offset 2882767800
22:23:29.134 Disk 0 Partition 6 00 07 HPFS/NTFS NTFS 249995 MB offset 1858768754
22:23:29.139 Disk 0 Partition - 00 05 Extended 249995 MB offset 3906783030
22:23:29.150 Disk 0 Partition 7 00 07 HPFS/NTFS NTFS 249995 MB offset 2370776368
22:23:29.155 Disk 0 Partition - 00 05 Extended 124997 MB offset 4930798260
22:23:29.170 Disk 0 Partition 8 00 07 HPFS/NTFS NTFS 124997 MB offset 2882783982
22:23:29.175 Disk 0 Partition - 00 05 Extended 250113 MB offset 5954813490
22:23:29.189 Disk 0 Partition 9 00 07 HPFS/NTFS NTFS 250113 MB offset 3394791596
22:23:29.194 Disk 0 Partition - 00 05 Extended 116933 MB offset 6210809294
22:23:29.218 Disk 0 Partition 10 00 83 Linux 116933 MB offset 3138781184
22:23:29.223 Disk 0 Partition - 00 05 Extended 8071 MB offset 6194278409
22:23:29.246 Disk 0 Partition 11 00 82 Linux swap 8071 MB offset 3378262016
22:23:29.287 Disk 0 scanning C:\Windows\system32\drivers
22:23:37.885 Service scanning
22:23:39.427 Service BdfNdisf c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys **LOCKED** 5
22:23:39.464 Service bdfwfpf C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys **LOCKED** 5
22:23:39.489 Service bdfwfpf_pc C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys **LOCKED** 5
22:23:52.620 Modules scanning
22:23:52.625 Disk 0 trace - called modules:
22:23:52.670 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
22:23:52.674 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80077d5060]
22:23:52.676 3 CLASSPNP.SYS[fffff88001b9b43f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa80071b4680]
22:23:53.151 AVAST engine scan C:\Windows
22:23:54.702 AVAST engine scan C:\Windows\system32
22:26:23.286 AVAST engine scan C:\Windows\system32\drivers
22:26:35.688 AVAST engine scan C:\Users\Sam
22:36:58.923 AVAST engine scan C:\ProgramData
22:38:31.454 Disk 0 statistics 5286559/0/63 @ 4.28 MB/s
22:38:31.459 Scan finished successfully
22:40:54.572 Disk 0 MBR has been saved successfully to "C:\Users\Sam\Desktop\MBR.dat"
22:40:54.576 The log file has been saved successfully to "C:\Users\Sam\Desktop\aswMBR.txt"

Attached Files


Edited by Oh My!, 24 October 2014 - 04:36 PM.


#10 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,624 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:03:02 AM

Posted 24 October 2014 - 04:50 PM

Thanks Sam,

That all looks normal. Please do this.

===================================================

Disabling Internet Explorer Page Loading Sound

--------------------
  • Click Start, type Sounds, then click on Change system sounds above
  • Click the Sounds tab (should be selected by default)
  • In the Program Events: box scroll down to Windows Explorer
  • Locate and double click on Start Navigation and see if you hear the "tock" sound
  • If the sound is the same click the down arrow under Sounds, scroll to the top of the list and select None
  • Click Apply, then OK and the windows should close
  • Launch Internet Explorer, navigate to a web page and check for the sound
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Results?

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#11 Sam.Baker

Sam.Baker
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:12:02 PM

Posted 24 October 2014 - 08:13 PM

Thank you I have done that, and as for the dark screen on startup? :)



#12 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,624 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:03:02 AM

Posted 24 October 2014 - 08:19 PM

Hi Sam,

Did that last step resolve your IE issue? I wanted to determine if that was a setting or another underlying issue that could have affected the startup as well.

Please do this.

===================================================

Running Startup Repair

--------------------
  • Reboot your computer and gently tap F8 to enter the Advanced Boot Options menu
  • Highlight Repair Your Computer and press Enter
  • Click Next
  • Enter the password information if necessary then click OK
  • Click Startup Repair and allow the process to complete
  • Restart the computer if required
  • Boot your computer into Normal Mode and monitor the startup time
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Any difference?

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#13 Sam.Baker

Sam.Baker
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:12:02 PM

Posted 25 October 2014 - 10:21 PM

When I go to Repair your computer it simply shows a black screen with no cursor, I even left it for several minutes and it was the exact same thing.



#14 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,624 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:03:02 AM

Posted 26 October 2014 - 10:10 AM

Can you tell me if booting into Safe Mode seems normal?
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#15 Sam.Baker

Sam.Baker
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:12:02 PM

Posted 27 October 2014 - 06:55 PM

I apologize for the short delay I have been extremely busy at work, Yes safe mode works fine.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users