Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Need Help- My laptop may be monitored by roommate


  • This topic is locked This topic is locked
11 replies to this topic

#1 commandershepard

commandershepard

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:08:34 PM

Posted 07 February 2015 - 09:53 AM

Hi! I've been living with this person for around six months now. There is a router in our room and I own it, but we split the internet bill. For the past few months he has been dropping hints about what I search in the internet and even about what I chat with my friends in facebook quite often. He also works in IT. I am worried that he may not just see my internet history but also my screen, and possibly in real time. I find this very creepy and am worried for my privacy. Any help on how to remove and track software like this would be very helpful. Thanks!  


Edited by hamluis, 07 February 2015 - 10:58 AM.
Moved from MRL to Am I Infected, no logs - Hamluis.


BC AdBot (Login to Remove)

 


#2 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:04:34 AM

Posted 08 February 2015 - 10:17 AM

Hello,
 
We will be helping you with your problems. Please be patient while we assist you.
 
Some points for you to keep in mind while we are helping you to make things go easier and faster for both of us:
 

  • Please do NOT run, install or uninstall any programs,  unless instructed to do so.
    We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.

 
NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.
 
NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.
- Do NOT backup any unknown files ending in .exe, .com, .scr, .pif, and .bat since files of these types are more likely to be infected.
 
NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to  
 
For Win 8, Win 7 and Win Vista: "Windows Orb"> Programs > Accessories > Notepad
For Win XP: Start Menu > All Programs > Accessories > Notepad.
 
Please remember to copy the entire post so you do not miss any instructions.
 
----------------------------------------------
 
Please do the following:
 
:step1:
 
Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!
  • Double-click on TDSSKiller.exe on your desktop to run the tool for known TDSS variants.
    Win Vista/Win 7 / Win 8 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.  
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click on change parameters
  • Under Objects to scan, check the boxes next to Verify file digital signatures, Detect TDLFS file system, then click OK.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not an option, Skip instead, do NOT choose Delete or Quarantine unless instructed.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2014_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the full contents of that file in your next reply. - If the log is too long, then split it into multiple posts.  

 
:step2:
 
Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan.
  • Confirm each time with Ok.
  • Then click on Clean.
  • Confirm each time with Ok.
  • You will be prompted to restart your computer. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

 
:step3:
 
Please download Farbar Service Scanner to the Desktop of the computer with the issue, and run it.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press Scan.
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the full contents of the log in your next reply.

 
:step4:
 
Please download MiniToolBox, save it to your Desktop and run it.
 
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices (Only Problems)
  • List Users, Partitions and Memory size.
  • List Minidump Files
  • List Restore points

NOTE: When using "Reset FF Proxy Settings" option Firefox should be closed.
 
Click Go and post the full contents of the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.


Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#3 commandershepard

commandershepard
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:08:34 PM

Posted 09 February 2015 - 09:15 AM

Hi I followed all the instructions. I have posted the logs below. Thanks for the help

 

TDSSKiller

 

21:27:03.0385 0x1478  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
21:27:08.0315 0x1478  ============================================================
21:27:08.0315 0x1478  Current date / time: 2015/02/09 21:27:08.0315
21:27:08.0315 0x1478  SystemInfo:
21:27:08.0315 0x1478  
21:27:08.0315 0x1478  OS Version: 6.1.7601 ServicePack: 1.0
21:27:08.0315 0x1478  Product type: Workstation
21:27:08.0315 0x1478  ComputerName: GAB-PC
21:27:08.0315 0x1478  UserName: Gab
21:27:08.0315 0x1478  Windows directory: C:\Windows
21:27:08.0315 0x1478  System windows directory: C:\Windows
21:27:08.0315 0x1478  Processor architecture: Intel x86
21:27:08.0315 0x1478  Number of processors: 4
21:27:08.0315 0x1478  Page size: 0x1000
21:27:08.0315 0x1478  Boot type: Normal boot
21:27:08.0315 0x1478  ============================================================
21:27:10.0904 0x1478  KLMD registered as C:\Windows\system32\drivers\32784139.sys
21:27:11.0528 0x1478  System UUID: {D11E6170-6FD4-D7A1-0C80-F81E624CB366}
21:27:12.0745 0x1478  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
21:27:12.0761 0x1478  ============================================================
21:27:12.0761 0x1478  \Device\Harddisk0\DR0:
21:27:12.0761 0x1478  MBR partitions:
21:27:12.0761 0x1478  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
21:27:12.0761 0x1478  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D3800
21:27:12.0761 0x1478  ============================================================
21:27:12.0776 0x1478  C: <-> \Device\Harddisk0\DR0\Partition2
21:27:12.0776 0x1478  ============================================================
21:27:12.0776 0x1478  Initialize success
21:27:12.0776 0x1478  ============================================================
21:28:01.0433 0x0750  ============================================================
21:28:01.0433 0x0750  Scan started
21:28:01.0433 0x0750  Mode: Manual; SigCheck; TDLFS; 
21:28:01.0433 0x0750  ============================================================
21:28:01.0433 0x0750  KSN ping started
21:28:17.0641 0x0750  KSN ping finished: true
21:28:18.0577 0x0750  ================ Scan system memory ========================
21:28:18.0577 0x0750  System memory - ok
21:28:18.0577 0x0750  ================ Scan services =============================
21:28:18.0655 0x0750  [ 72D6D8E2D4F82C6E829125C7EC2A88F9, F357CFC3D04EB3F8E1A504D531D099698C6E2B29EB6CEDF75C08BF8917C46573 ] !SASCORE        C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
21:28:18.0764 0x0750  !SASCORE - ok
21:28:18.0920 0x0750  [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
21:28:18.0998 0x0750  1394ohci - ok
21:28:19.0045 0x0750  [ CC1F1D3D70DC13C2C281488D347D4415, 3AB1495F8982C727D02E9975E2E04203B918AFAA7B05B5E7FEB5142EB30D1998 ] Accelerometer   C:\Windows\system32\DRIVERS\Accelerometer.sys
21:28:19.0061 0x0750  Accelerometer - ok
21:28:19.0092 0x0750  [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI            C:\Windows\system32\drivers\ACPI.sys
21:28:19.0139 0x0750  ACPI - ok
21:28:19.0154 0x0750  [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
21:28:19.0217 0x0750  AcpiPmi - ok
21:28:19.0295 0x0750  [ 080255CDCB878813B481B8C348D47D8E, 75808821FBC732D0504795B8F85852E4C01D3B412989A1E597E1295CFF7B7A45 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
21:28:19.0326 0x0750  AdobeFlashPlayerUpdateSvc - ok
21:28:19.0388 0x0750  [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
21:28:19.0451 0x0750  adp94xx - ok
21:28:19.0497 0x0750  [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci         C:\Windows\system32\drivers\adpahci.sys
21:28:19.0544 0x0750  adpahci - ok
21:28:19.0575 0x0750  [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320         C:\Windows\system32\drivers\adpu320.sys
21:28:19.0607 0x0750  adpu320 - ok
21:28:19.0638 0x0750  [ 8B5EEFEEC1E6D1A72A06C526628AD161, 026CDF4C96F4D493E7BABF79A14C4B0B5ADCCEF0B081FFFA2E3B243B2414167F ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
21:28:19.0731 0x0750  AeLookupSvc - ok
21:28:19.0794 0x0750  [ F81BB7E487EDCEAB630A7EE66CF23913, 7D1638FD7E388EF670FA0A421762E0413351058A20DDF0F9988A383F05395A68 ] AFD             C:\Windows\system32\drivers\afd.sys
21:28:19.0872 0x0750  AFD - ok
21:28:19.0981 0x0750  [ 7E10E3BB9B258AD8A9300F91214D67B9, CE5FAD7BF78234B64EAADF64DB23F3C342AADB9C5E3B0168E57863F494F30318 ] AgereSoftModem  C:\Windows\system32\DRIVERS\AGRSM.sys
21:28:20.0121 0x0750  AgereSoftModem - ok
21:28:20.0168 0x0750  [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440          C:\Windows\system32\drivers\agp440.sys
21:28:20.0199 0x0750  agp440 - ok
21:28:20.0215 0x0750  [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
21:28:20.0246 0x0750  aic78xx - ok
21:28:20.0293 0x0750  [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG             C:\Windows\System32\alg.exe
21:28:20.0355 0x0750  ALG - ok
21:28:20.0387 0x0750  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide          C:\Windows\system32\drivers\aliide.sys
21:28:20.0418 0x0750  aliide - ok
21:28:20.0449 0x0750  [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
21:28:20.0480 0x0750  amdagp - ok
21:28:20.0511 0x0750  [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide          C:\Windows\system32\drivers\amdide.sys
21:28:20.0527 0x0750  amdide - ok
21:28:20.0558 0x0750  [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
21:28:20.0605 0x0750  AmdK8 - ok
21:28:20.0636 0x0750  [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
21:28:20.0683 0x0750  AmdPPM - ok
21:28:20.0730 0x0750  [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
21:28:20.0761 0x0750  amdsata - ok
21:28:20.0792 0x0750  [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
21:28:20.0839 0x0750  amdsbs - ok
21:28:20.0839 0x0750  [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
21:28:20.0870 0x0750  amdxata - ok
21:28:20.0901 0x0750  [ AEA177F783E20150ACE5383EE368DA19, 8FA9EE27AA1F22E8B8FE33A21028CA1E0062BAA95CB132C20D55B98C03B4254F ] AppID           C:\Windows\system32\drivers\appid.sys
21:28:20.0995 0x0750  AppID - ok
21:28:21.0026 0x0750  [ 62A9C86CB6085E20DB4823E4E97826F5, E0F840B49710022C4FB437002AD06F64B0F6B5D628B32D00F2B66765E6B97E4B ] AppIDSvc        C:\Windows\System32\appidsvc.dll
21:28:21.0120 0x0750  AppIDSvc - ok
21:28:21.0135 0x0750  [ EACFDF31921F51C097629F1F3C9129B4, 24138755D823E69760579ECBD672421192457CDC9941B2BC499C2D34D83E86C3 ] Appinfo         C:\Windows\System32\appinfo.dll
21:28:21.0198 0x0750  Appinfo - ok
21:28:21.0260 0x0750  [ 6B73E94F9FE82D45781B8C8A09483082, C35EEAE7457168387A7C77A315524A3703ABDE49D9F23F59057315D9249D3473 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:28:21.0276 0x0750  Apple Mobile Device - ok
21:28:21.0323 0x0750  [ A45D184DF6A8803DA13A0B329517A64A, C1D16B60A6D69689AE951DC3D6884ED2E233D144B3FC0B86BC1C50AAAAA01ED2 ] AppMgmt         C:\Windows\System32\appmgmts.dll
21:28:21.0385 0x0750  AppMgmt - ok
21:28:21.0416 0x0750  [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc             C:\Windows\system32\drivers\arc.sys
21:28:21.0447 0x0750  arc - ok
21:28:21.0479 0x0750  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas          C:\Windows\system32\drivers\arcsas.sys
21:28:21.0510 0x0750  arcsas - ok
21:28:21.0619 0x0750  [ 2FE0D5DB69014980A970D3BF9A85D2B1, 3837F176B0CB7FEA2689D90B50B62F660FE579A5EB1E47C827DFA95596B72D1E ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
21:28:21.0650 0x0750  aspnet_state - ok
21:28:21.0713 0x0750  [ 3BFBB5DAE801CB893B8B46345FED6437, 2C2B71C1294585265D4871E74F17541500CA20DE34AC516F2A906DD81964C833 ] aswHwid         C:\Windows\system32\drivers\aswHwid.sys
21:28:21.0791 0x0750  aswHwid - ok
21:28:21.0822 0x0750  [ C3014C735F450FE822C97FFBB0627113, 1CCFE845AED1757B8C1F52D310933076FF1EC197D82E499DB4592B09D66137B0 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
21:28:21.0853 0x0750  aswMonFlt - ok
21:28:21.0869 0x0750  [ A4614218584E41C31C7D1CBFF0432ED5, C9632FDB13FB0DD73A5FA5E2DFA5EFF97A9CD719DC0D28097B765077AD0FB3E7 ] aswRdr          C:\Windows\system32\drivers\aswRdr2.sys
21:28:21.0900 0x0750  aswRdr - ok
21:28:21.0900 0x0750  [ B7750AF7EDFD95674EB7CA92BCDD3358, A097577004F3CF71E2F9465F02B073D39926D7DEE2E2A9516D888158A5CB19E9 ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
21:28:21.0931 0x0750  aswRvrt - ok
21:28:21.0993 0x0750  [ 893D49B6342808E5A27491FD8F6DF0ED, 8A07648FC8D628D95CF475C16223A5ECBAA1FE77B01EF3B17FA9A9F815D7A866 ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
21:28:22.0087 0x0750  aswSnx - ok
21:28:22.0165 0x0750  [ 1AEB8CDB797666AF709A291B47AE81E0, 12AC4DBC6338BA5E5C04B449FF8362E7EC8EBFCA675C4F21BE847DFDCAE8F7C9 ] aswSP           C:\Windows\system32\drivers\aswSP.sys
21:28:22.0212 0x0750  aswSP - ok
21:28:22.0259 0x0750  [ 83378AE48209388D0F9BD16A44D19EEC, 0BEBD1E425077D81B5439E90B2C518EA8B94F590B551F52289842012BA3BAB2C ] aswStm          C:\Windows\system32\drivers\aswStm.sys
21:28:22.0290 0x0750  aswStm - ok
21:28:22.0305 0x0750  [ 90BEE0170D70D6744CEF2355EEAF8086, 8F9FF53F529B854934020E2F8163605DC794FF48464D3D4439BAAF70ECE8E963 ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
21:28:22.0352 0x0750  aswVmm - ok
21:28:22.0368 0x0750  [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
21:28:22.0461 0x0750  AsyncMac - ok
21:28:22.0493 0x0750  [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi           C:\Windows\system32\drivers\atapi.sys
21:28:22.0508 0x0750  atapi - ok
21:28:22.0571 0x0750  [ CE3B4E731638D2EF62FCB419BE0D39F0, 3B98179CB0101778D9E7810D2CD46D9C0D7120E141BA11471666E7D9EB3C93CC ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:28:22.0680 0x0750  AudioEndpointBuilder - ok
21:28:22.0711 0x0750  [ CE3B4E731638D2EF62FCB419BE0D39F0, 3B98179CB0101778D9E7810D2CD46D9C0D7120E141BA11471666E7D9EB3C93CC ] Audiosrv        C:\Windows\System32\Audiosrv.dll
21:28:22.0820 0x0750  Audiosrv - ok
21:28:22.0867 0x0750  [ 73F5C13B431915BAE35254B4E95DFB71, 393A045859382C44133C004598B1512048046BCC129FED2247A77FDBFCDB6DFF ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
21:28:22.0898 0x0750  avast! Antivirus - ok
21:28:22.0929 0x0750  [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV        C:\Windows\System32\AxInstSV.dll
21:28:23.0007 0x0750  AxInstSV - ok
21:28:23.0070 0x0750  [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv         C:\Windows\system32\drivers\bxvbdx.sys
21:28:23.0163 0x0750  b06bdrv - ok
21:28:23.0195 0x0750  [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
21:28:23.0273 0x0750  b57nd60x - ok
21:28:23.0335 0x0750  [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC          C:\Windows\System32\bdesvc.dll
21:28:23.0382 0x0750  BDESVC - ok
21:28:23.0397 0x0750  [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep            C:\Windows\system32\drivers\Beep.sys
21:28:23.0491 0x0750  Beep - ok
21:28:23.0553 0x0750  [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE             C:\Windows\System32\bfe.dll
21:28:23.0647 0x0750  BFE - ok
21:28:23.0709 0x0750  [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS            C:\Windows\System32\qmgr.dll
21:28:23.0834 0x0750  BITS - ok
21:28:23.0865 0x0750  [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
21:28:23.0912 0x0750  blbdrive - ok
21:28:24.0021 0x0750  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
21:28:24.0068 0x0750  Bonjour Service - ok
21:28:24.0099 0x0750  [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
21:28:24.0131 0x0750  bowser - ok
21:28:24.0240 0x0750  [ CE8942ECAAA5D598CFCCC7C33E2EEAD9, 98BA120A08AD35D54E3FF114E11AA48966D5DE64A51302A7261B03F10A698641 ] BRDriver        C:\ProgramData\BitRaider\BRDriver.sys
21:28:24.0255 0x0750  BRDriver - ok
21:28:24.0302 0x0750  [ 0C4D83F01A5D3A1EF88945AB70F2BB7A, 413542C46C8BCDF3802FF9F98CEC22A0A82A961DFE438CA6C2AE89F7480FFF5E ] BRDriver_1_3_3_E02B25FC C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver.sys
21:28:24.0333 0x0750  BRDriver_1_3_3_E02B25FC - ok
21:28:24.0365 0x0750  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
21:28:24.0411 0x0750  BrFiltLo - ok
21:28:24.0443 0x0750  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
21:28:24.0489 0x0750  BrFiltUp - ok
21:28:24.0536 0x0750  [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser         C:\Windows\System32\browser.dll
21:28:24.0599 0x0750  Browser - ok
21:28:24.0645 0x0750  [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
21:28:24.0723 0x0750  Brserid - ok
21:28:24.0755 0x0750  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
21:28:24.0801 0x0750  BrSerWdm - ok
21:28:24.0879 0x0750  [ 448917845F097FCE9D4554C3D2001EF3, BDCBEC01579D7CF28963E4E13CDC5B26E4B69CA24FA2CC4D6E24CAE0DDBCB3FE ] BRSptStub       C:\ProgramData\BitRaider\BRSptStub.exe
21:28:24.0926 0x0750  BRSptStub - ok
21:28:24.0989 0x0750  [ 78561B78811A147B99CB47EBBD2D2847, 4EF1ED64CAF0549B43A660FF70D5035DFD59CCD22E7353150E8A13944C936520 ] BRSptSvc        C:\ProgramData\BitRaider\BRSptSvc.exe
21:28:25.0051 0x0750  BRSptSvc - ok
21:28:25.0082 0x0750  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
21:28:25.0145 0x0750  BrUsbMdm - ok
21:28:25.0176 0x0750  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
21:28:25.0238 0x0750  BrUsbSer - ok
21:28:25.0285 0x0750  [ 2865A5C8E98C70C605F417908CEBB3A4, B1C5AC228BD7072AF8668C009C6CDC13EE9FCB9481F57524300F37C40BF1E935 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
21:28:25.0347 0x0750  BthEnum - ok
21:28:25.0363 0x0750  [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
21:28:25.0425 0x0750  BTHMODEM - ok
21:28:25.0472 0x0750  [ AD1872E5829E8A2C3B5B4B641C3EAB0E, 8C2DBCAC08DDB41E2B44E257C55FA2D0272959B308EFF9EAF5FF9AE1E4A0AA39 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
21:28:25.0503 0x0750  BthPan - ok
21:28:25.0566 0x0750  [ 1153DE2E4F5941E10C399CB5592F78A1, 2B88AF246D62F72FA9F5B921B0375AE59A0F263672472D5EC9FDB5CA5EF51C31 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
21:28:25.0644 0x0750  BTHPORT - ok
21:28:25.0675 0x0750  [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv         C:\Windows\system32\bthserv.dll
21:28:25.0769 0x0750  bthserv - ok
21:28:25.0784 0x0750  [ C81E9413A25A439F436B1D4B6A0CF9E9, A4C290163207AED22C70C7F90B28F6FC24892889643D60D915059405AC5A4A72 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
21:28:25.0847 0x0750  BTHUSB - ok
21:28:25.0878 0x0750  [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
21:28:25.0971 0x0750  cdfs - ok
21:28:26.0034 0x0750  [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
21:28:26.0096 0x0750  cdrom - ok
21:28:26.0143 0x0750  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc     C:\Windows\System32\certprop.dll
21:28:26.0237 0x0750  CertPropSvc - ok
21:28:26.0268 0x0750  [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass        C:\Windows\system32\drivers\circlass.sys
21:28:26.0315 0x0750  circlass - ok
21:28:26.0330 0x0750  [ 635181E0E9BBF16871BF5380D71DB02D, 58D5150C6F3B9F1730FFDF3A8A2ABF5FF207F9785BD66C0C1E03A0F1C223A26A ] CLFS            C:\Windows\system32\CLFS.sys
21:28:26.0377 0x0750  CLFS - ok
21:28:26.0549 0x0750  [ F7263E6FA44F972F30456E5E008A4A14, B86723B6F322CFE852E71A29C671AA18B381418A755504F3700A14FDC04ACA37 ] ClickToRunSvc   C:\Program Files\Microsoft Office 15\ClientX86\OfficeClickToRun.exe
21:28:26.0689 0x0750  ClickToRunSvc - ok
21:28:26.0751 0x0750  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:28:26.0783 0x0750  clr_optimization_v2.0.50727_32 - ok
21:28:26.0814 0x0750  [ 6D7C8A951AF6AD6835C029B3CB88D333, 66F3D79887B2449B4C6912D1A258D1A96056888F51A8AA24FEDF37942AD5BDBB ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:28:26.0861 0x0750  clr_optimization_v4.0.30319_32 - ok
21:28:26.0876 0x0750  [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
21:28:26.0939 0x0750  CmBatt - ok
21:28:26.0970 0x0750  [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
21:28:26.0985 0x0750  cmdide - ok
21:28:27.0079 0x0750  [ 85449EEBE8F8EBD6481EFBF0F352B4EB, E6FF04970C5A5BFDE7297A86C1C7B9BFE2E0F976A1A1AFB874CEB488DC6151CC ] CNG             C:\Windows\system32\Drivers\cng.sys
21:28:27.0157 0x0750  CNG - ok
21:28:27.0188 0x0750  [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
21:28:27.0219 0x0750  Compbatt - ok
21:28:27.0235 0x0750  [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
21:28:27.0297 0x0750  CompositeBus - ok
21:28:27.0313 0x0750  COMSysApp - ok
21:28:27.0344 0x0750  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
21:28:27.0375 0x0750  crcdisk - ok
21:28:27.0407 0x0750  [ 7CA1BECEA5DE2643ADDAD32670E7A4C9, E3AB4CC52A97E3855D7EAB87363F807FDD2162ED8C76A036CD71549ED64E7797 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
21:28:27.0469 0x0750  CryptSvc - ok
21:28:27.0531 0x0750  [ 3C2177A897B4CA2788C6FB0C3FD81D4B, 98575CBD0664586E6211D02E71BDD52CBAA149A1658573550E29E74E5F7B1553 ] CSC             C:\Windows\system32\drivers\csc.sys
21:28:27.0625 0x0750  CSC - ok
21:28:27.0687 0x0750  [ 15F93B37F6801943360D9EB42485D5D3, DD6838C6496CB15F8BB57A6596F6A64ADD9C36B09F062295699131232712B558 ] CscService      C:\Windows\System32\cscsvc.dll
21:28:27.0797 0x0750  CscService - ok
21:28:27.0906 0x0750  [ 80861969541971176E005D2C09DAE851, F82A054DE0425ACB758A3792D902A38D01BE0ADEE933B5878C8F8017C148063A ] DAUpdaterSvc    C:\Program Files\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
21:28:27.0921 0x0750  DAUpdaterSvc - ok
21:28:27.0984 0x0750  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch      C:\Windows\system32\rpcss.dll
21:28:28.0109 0x0750  DcomLaunch - ok
21:28:28.0155 0x0750  [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc       C:\Windows\System32\defragsvc.dll
21:28:28.0280 0x0750  defragsvc - ok
21:28:28.0311 0x0750  [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
21:28:28.0389 0x0750  DfsC - ok
21:28:28.0467 0x0750  [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp            C:\Windows\system32\dhcpcore.dll
21:28:28.0545 0x0750  Dhcp - ok
21:28:28.0561 0x0750  [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache        C:\Windows\system32\drivers\discache.sys
21:28:28.0655 0x0750  discache - ok
21:28:28.0701 0x0750  [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk            C:\Windows\system32\drivers\disk.sys
21:28:28.0733 0x0750  Disk - ok
21:28:28.0764 0x0750  [ 2A958EF85DB1B61FFCA65044FA4BCE9E, C83511685EE1CE85A5ADF9B5BE96C375A521601F66024BDC3EE044C0B6E85D69 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
21:28:28.0826 0x0750  dmvsc - ok
21:28:28.0857 0x0750  [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache        C:\Windows\System32\dnsrslvr.dll
21:28:28.0935 0x0750  Dnscache - ok
21:28:28.0967 0x0750  [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc         C:\Windows\System32\dot3svc.dll
21:28:29.0076 0x0750  dot3svc - ok
21:28:29.0107 0x0750  [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS             C:\Windows\system32\dps.dll
21:28:29.0216 0x0750  DPS - ok
21:28:29.0247 0x0750  [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
21:28:29.0294 0x0750  drmkaud - ok
21:28:29.0372 0x0750  [ 00C161B3D20AE0F9C7C3C0EB53AB7155, 38FE83B482FA580B292F7DFC8B372C78AECD6FF53EC41EB7BF4A2461827CDD64 ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
21:28:29.0403 0x0750  dtsoftbus01 - ok
21:28:29.0466 0x0750  [ 71BC35067CABC02C9453AEAA42B2E43E, 713B19F2C08EA5E4C087F7A74A8856932CF33E19D63384823DD4E02ED8798619 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
21:28:29.0559 0x0750  DXGKrnl - ok
21:28:29.0591 0x0750  [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost         C:\Windows\System32\eapsvc.dll
21:28:29.0684 0x0750  EapHost - ok
21:28:29.0903 0x0750  [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv           C:\Windows\system32\drivers\evbdx.sys
21:28:30.0246 0x0750  ebdrv - ok
21:28:30.0293 0x0750  [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] EFS             C:\Windows\System32\lsass.exe
21:28:30.0339 0x0750  EFS - ok
21:28:30.0417 0x0750  [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
21:28:30.0495 0x0750  ehRecvr - ok
21:28:30.0511 0x0750  [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched         C:\Windows\ehome\ehsched.exe
21:28:30.0573 0x0750  ehSched - ok
21:28:30.0636 0x0750  [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
21:28:30.0729 0x0750  elxstor - ok
21:28:30.0745 0x0750  [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
21:28:30.0807 0x0750  ErrDev - ok
21:28:30.0870 0x0750  [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem     C:\Windows\system32\es.dll
21:28:31.0010 0x0750  EventSystem - ok
21:28:31.0041 0x0750  ewusbnet - ok
21:28:31.0057 0x0750  ew_hwusbdev - ok
21:28:31.0088 0x0750  [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat           C:\Windows\system32\drivers\exfat.sys
21:28:31.0166 0x0750  exfat - ok
21:28:31.0229 0x0750  [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
21:28:31.0338 0x0750  fastfat - ok
21:28:31.0416 0x0750  [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax             C:\Windows\system32\fxssvc.exe
21:28:31.0541 0x0750  Fax - ok
21:28:31.0572 0x0750  [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc             C:\Windows\system32\drivers\fdc.sys
21:28:31.0603 0x0750  fdc - ok
21:28:31.0619 0x0750  [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost         C:\Windows\system32\fdPHost.dll
21:28:31.0697 0x0750  fdPHost - ok
21:28:31.0728 0x0750  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub        C:\Windows\system32\fdrespub.dll
21:28:31.0821 0x0750  FDResPub - ok
21:28:31.0837 0x0750  [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
21:28:31.0868 0x0750  FileInfo - ok
21:28:31.0899 0x0750  [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
21:28:31.0962 0x0750  Filetrace - ok
21:28:31.0993 0x0750  [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
21:28:32.0040 0x0750  flpydisk - ok
21:28:32.0087 0x0750  [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
21:28:32.0118 0x0750  FltMgr - ok
21:28:32.0211 0x0750  [ E12C4928B32ACE04610259647F072635, B71B9C2DF45F33C4DAC88435129B08B0BCDBBE82E8C3AD0A95F00137CC8B619F ] FontCache       C:\Windows\system32\FntCache.dll
21:28:32.0289 0x11d0  Object required for P2P: [ 6D7C8A951AF6AD6835C029B3CB88D333 ] clr_optimization_v4.0.30319_32
21:28:32.0336 0x0750  FontCache - ok
21:28:32.0399 0x0750  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
21:28:32.0430 0x0750  FontCache3.0.0.0 - ok
21:28:32.0492 0x0750  [ 26EABEEA7F30DCF21DA0577C4EE26FAA, 20C3CD2579ED6853249B1EAEF23DF2904779BA2E806D00C30F81EA9A1612AE0F ] FoxitCloudUpdateService C:\Program Files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
21:28:32.0539 0x0750  FoxitCloudUpdateService - ok
21:28:32.0555 0x0750  [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
21:28:32.0586 0x0750  FsDepends - ok
21:28:32.0617 0x0750  [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
21:28:32.0648 0x0750  Fs_Rec - ok
21:28:32.0679 0x0750  [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
21:28:32.0726 0x0750  fvevol - ok
21:28:32.0757 0x0750  [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
21:28:32.0789 0x0750  gagp30kx - ok
21:28:32.0820 0x0750  [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
21:28:32.0835 0x0750  GEARAspiWDM - ok
21:28:32.0898 0x0750  [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc           C:\Windows\System32\gpsvc.dll
21:28:33.0038 0x0750  gpsvc - ok
21:28:33.0101 0x0750  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
21:28:33.0132 0x0750  gupdate - ok
21:28:33.0147 0x0750  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
21:28:33.0163 0x0750  gupdatem - ok
21:28:33.0194 0x0750  [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
21:28:33.0225 0x0750  hcw85cir - ok
21:28:33.0272 0x0750  [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:28:33.0350 0x0750  HdAudAddService - ok
21:28:33.0397 0x0750  [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
21:28:33.0444 0x0750  HDAudBus - ok
21:28:33.0475 0x0750  [ A88485DC6A7136C10D9A6C7E38FDFE3C, B651823E5F6D13B086B00440AD17C7C2756F079DD9290E0FEB1A3A48D0104F8C ] HECI            C:\Windows\system32\DRIVERS\HECI.sys
21:28:33.0522 0x0750  HECI - ok
21:28:33.0553 0x0750  [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
21:28:33.0600 0x0750  HidBatt - ok
21:28:33.0615 0x0750  [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth          C:\Windows\system32\drivers\hidbth.sys
21:28:33.0678 0x0750  HidBth - ok
21:28:33.0709 0x0750  [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr           C:\Windows\system32\drivers\hidir.sys
21:28:33.0756 0x0750  HidIr - ok
21:28:33.0803 0x0750  [ C541B86F99A50DB11E3D3B1CF6F4BD1C, 5E3DCBF1927DFC2D729F9425728B50D414DF5B3DEABCF2A7370C96700295CD89 ] hidkmdf         C:\Windows\system32\DRIVERS\hidkmdf.sys
21:28:33.0818 0x0750  hidkmdf - ok
21:28:33.0849 0x0750  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv         C:\Windows\system32\hidserv.dll
21:28:33.0943 0x0750  hidserv - ok
21:28:33.0974 0x0750  [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
21:28:34.0021 0x0750  HidUsb - ok
21:28:34.0068 0x0750  [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc          C:\Windows\system32\kmsvc.dll
21:28:34.0146 0x0750  hkmsvc - ok
21:28:34.0161 0x0750  [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:28:34.0255 0x0750  HomeGroupListener - ok
21:28:34.0286 0x0750  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:28:34.0380 0x0750  HomeGroupProvider - ok
21:28:34.0427 0x0750  [ 4EF10B866C62ABBEAF7511CDD05A19BE, B758DCB9CD8C7E6ED4DEFB666A94B0F749CB86964D2CA9004DF94C5E321F5151 ] hpdskflt        C:\Windows\system32\DRIVERS\hpdskflt.sys
21:28:34.0442 0x0750  hpdskflt - ok
21:28:34.0489 0x0750  [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
21:28:34.0520 0x0750  HpSAMD - ok
21:28:34.0536 0x0750  [ C0BEB56ED79B59B7B33D0AA6C38A0BA6, 8A21DB7B51BF533CBA08640498C132560641244B9218C483E2053502DF88313D ] hpsrv           C:\Windows\system32\Hpservice.exe
21:28:34.0551 0x0750  hpsrv - ok
21:28:34.0598 0x0750  [ 871917B07A141BFF43D76D8844D48106, 30C702008D0EE57D63F74864967DD19A55A268E77E42B5B3CC73037AD51D2987 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
21:28:34.0723 0x0750  HTTP - ok
21:28:34.0739 0x0750  huawei_enumerator - ok
21:28:34.0754 0x0750  hwdatacard - ok
21:28:34.0754 0x0750  [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
21:28:34.0785 0x0750  hwpolicy - ok
21:28:34.0832 0x0750  [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
21:28:34.0895 0x0750  i8042prt - ok
21:28:34.0941 0x0750  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
21:28:34.0988 0x0750  iaStorV - ok
21:28:35.0051 0x0750  [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
21:28:35.0082 0x0750  IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
21:28:36.0018 0x11d0  Object send P2P result: true
21:28:38.0654 0x0750  Detect skipped due to KSN trusted
21:28:38.0654 0x0750  IDriverT - ok
21:28:38.0779 0x0750  [ C521D7EB6497BB1AF6AFA89E322FB43C, BDDCFCBB5B76A9295669B5AC9F732D6127199ED5C300770B554C4E4794F66BB7 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
21:28:38.0873 0x0750  idsvc - ok
21:28:39.0528 0x0750  [ 3E03360B3DC0264DE66EF496F44A7AE0, 634278BBE8A4B28DA76AF3688F7D63ECB5CE27258B03EB2D835FDF0A38186962 ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
21:28:40.0464 0x0750  igfx - ok
21:28:40.0604 0x0750  [ 537AB93B5D8A3FD5F2FFE254E1748B42, 128B377BB92DDA33E55D7D22A0081F9E70B327A87FD02A1F2CE1A1E238FF474B ] IHProtect Service C:\Program Files\STab\ProtectService.exe
21:28:40.0636 0x0750  IHProtect Service - ok
21:28:40.0667 0x0750  [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp           C:\Windows\system32\drivers\iirsp.sys
21:28:40.0698 0x0750  iirsp - ok
21:28:40.0760 0x0750  [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT          C:\Windows\System32\ikeext.dll
21:28:40.0885 0x0750  IKEEXT - ok
21:28:40.0948 0x0750  [ E3C36AC5AE87EC970AE8EA2A93D59AE1, 8403A5243DF38EFC35A0200760EC081E42467744AF25A1F2168D5A8198AF6A5B ] Impcd           C:\Windows\system32\DRIVERS\Impcd.sys
21:28:40.0994 0x0750  Impcd - ok
21:28:41.0041 0x0750  [ C4FA261B9B5C9822D26020949605AC43, BECBB28675759BEF7C86F1ACD66C6928BC86EF59FAE34F3067928AC0D2FB33A5 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
21:28:41.0119 0x0750  IntcDAud - ok
21:28:41.0150 0x0750  [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide        C:\Windows\system32\drivers\intelide.sys
21:28:41.0182 0x0750  intelide - ok
21:28:41.0228 0x0750  [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
21:28:41.0275 0x0750  intelppm - ok
21:28:41.0291 0x0750  [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
21:28:41.0384 0x0750  IPBusEnum - ok
21:28:41.0400 0x0750  [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:28:41.0478 0x0750  IpFilterDriver - ok
21:28:41.0556 0x0750  [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
21:28:41.0665 0x0750  iphlpsvc - ok
21:28:41.0712 0x0750  [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
21:28:41.0743 0x0750  IPMIDRV - ok
21:28:41.0759 0x0750  [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
21:28:41.0837 0x0750  IPNAT - ok
21:28:41.0899 0x0750  [ 35828479CCB4EE3CFD7523AF63443D5B, CA582DB092DC049597268B8245F2EEFF5DB807CBE2CFABEA04EA00DD5ED9A2B6 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
21:28:41.0962 0x0750  iPod Service - ok
21:28:41.0993 0x0750  [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM          C:\Windows\system32\drivers\irenum.sys
21:28:42.0040 0x0750  IRENUM - ok
21:28:42.0071 0x0750  [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp          C:\Windows\system32\drivers\isapnp.sys
21:28:42.0102 0x0750  isapnp - ok
21:28:42.0118 0x0750  [ CB7A9ABB12B8415BCE5D74994C7BA3AE, 464BFF3F5EEE985BE075E23E1813F5CB82A9A0771A92C6D889B13B867BCDF647 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
21:28:42.0164 0x0750  iScsiPrt - ok
21:28:42.0196 0x0750  [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
21:28:42.0211 0x0750  kbdclass - ok
21:28:42.0242 0x0750  [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
21:28:42.0305 0x0750  kbdhid - ok
21:28:42.0336 0x0750  [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] KeyIso          C:\Windows\system32\lsass.exe
21:28:42.0367 0x0750  KeyIso - ok
21:28:42.0398 0x0750  [ F286830298323272260332D6ABC905C1, FF4CD182A95CA53119B228690D682EE9214BE131A0DBCB09B6189FBEBBFF902C ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
21:28:42.0430 0x0750  KSecDD - ok
21:28:42.0445 0x0750  [ D7C760D57B1656DD748B9E4AB6CB5A51, F8AE4185A6A9F7005DEFF1FDC03F395C6189825B482B8C650637FD29DE93AB68 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
21:28:42.0476 0x0750  KSecPkg - ok
21:28:42.0523 0x0750  [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm           C:\Windows\system32\msdtckrm.dll
21:28:42.0601 0x0750  KtmRm - ok
21:28:42.0632 0x0750  [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer    C:\Windows\system32\srvsvc.dll
21:28:42.0726 0x0750  LanmanServer - ok
21:28:42.0788 0x0750  [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:28:42.0851 0x0750  LanmanWorkstation - ok
21:28:42.0898 0x0750  [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
21:28:42.0960 0x0750  lltdio - ok
21:28:43.0007 0x0750  [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
21:28:43.0085 0x0750  lltdsvc - ok
21:28:43.0100 0x0750  [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts         C:\Windows\System32\lmhsvc.dll
21:28:43.0178 0x0750  lmhosts - ok
21:28:43.0225 0x0750  [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
21:28:43.0256 0x0750  LSI_FC - ok
21:28:43.0288 0x0750  [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
21:28:43.0319 0x0750  LSI_SAS - ok
21:28:43.0350 0x0750  [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
21:28:43.0381 0x0750  LSI_SAS2 - ok
21:28:43.0397 0x0750  [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
21:28:43.0428 0x0750  LSI_SCSI - ok
21:28:43.0444 0x0750  [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv           C:\Windows\system32\drivers\luafv.sys
21:28:43.0537 0x0750  luafv - ok
21:28:43.0584 0x0750  [ 8FD868E32459ECE2A1BB0169F513D31E, F28E47FBEC8EC8424FFFB359668E0FEEA66A69E9D737D75472934FAC39770390 ] mcdbus          C:\Windows\system32\DRIVERS\mcdbus.sys
21:28:43.0615 0x0750  mcdbus - detected UnsignedFile.Multi.Generic ( 1 )
21:28:46.0423 0x0750  Detect skipped due to KSN trusted
21:28:46.0423 0x0750  mcdbus - ok
21:28:46.0501 0x0750  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
21:28:46.0548 0x0750  Mcx2Svc - ok
21:28:46.0579 0x0750  [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas         C:\Windows\system32\drivers\megasas.sys
21:28:46.0610 0x0750  megasas - ok
21:28:46.0642 0x0750  [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
21:28:46.0688 0x0750  MegaSR - ok
21:28:46.0751 0x0750  MFE_RR - ok
21:28:46.0766 0x0750  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS           C:\Windows\system32\mmcss.dll
21:28:46.0860 0x0750  MMCSS - ok
21:28:46.0891 0x0750  [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem           C:\Windows\system32\drivers\modem.sys
21:28:46.0985 0x0750  Modem - ok
21:28:47.0032 0x0750  [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
21:28:47.0078 0x0750  monitor - ok
21:28:47.0188 0x0750  [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
21:28:47.0234 0x0750  mouclass - ok
21:28:47.0375 0x0750  [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
21:28:47.0422 0x0750  mouhid - ok
21:28:47.0453 0x0750  [ FC8771F45ECCCFD89684E38842539B9B, 806DDF2B4830CA866582FE74A521BB7DF26CA0E19013DAF584D3677FB48CC77A ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
21:28:47.0484 0x0750  mountmgr - ok
21:28:47.0546 0x0750  [ B4E9C7383A705628AD491CF0F87D901F, 5C0CD7133D4F5B1E0466CDB2A2210ECA57206A8BC41F37BC6324120AE5501C70 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
21:28:47.0578 0x0750  MozillaMaintenance - ok
21:28:47.0624 0x0750  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio            C:\Windows\system32\drivers\mpio.sys
21:28:47.0656 0x0750  mpio - ok
21:28:47.0671 0x0750  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
21:28:47.0765 0x0750  mpsdrv - ok
21:28:47.0843 0x0750  [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc          C:\Windows\system32\mpssvc.dll
21:28:47.0968 0x0750  MpsSvc - ok
21:28:48.0014 0x0750  [ 21F4B24ACFC79A483515BD986DD9043F, 22681907E02E0B723ABE2CEF0602D36C8EF862E7E2B62A9B40A5EF582E58D7BA ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
21:28:48.0108 0x0750  MRxDAV - ok
21:28:48.0155 0x0750  [ 5D16C921E3671636C0EBA3BBAAC5FD25, 5BC107B95CAFC88F51FBB9F657B99944B20627A2B618F263093D7045E4FFD65C ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
21:28:48.0202 0x0750  mrxsmb - ok
21:28:48.0264 0x0750  [ 6D17A4791ACA19328C685D256349FEFC, 012AA3D84EEAAF53780D06D2D11B9727DFC3441F3FAD75BC9E751FB814403668 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:28:48.0311 0x0750  mrxsmb10 - ok
21:28:48.0326 0x0750  [ B81F204D146000BE76651A50670A5E9E, 78193D0F967BE9829E53F9B500342934B4B1E1F4CEFC444382959E2061BC3B17 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:28:48.0373 0x0750  mrxsmb20 - ok
21:28:48.0389 0x0750  [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci          C:\Windows\system32\drivers\msahci.sys
21:28:48.0420 0x0750  msahci - ok
21:28:48.0451 0x0750  [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
21:28:48.0482 0x0750  msdsm - ok
21:28:48.0545 0x0750  [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC           C:\Windows\System32\msdtc.exe
21:28:48.0607 0x0750  MSDTC - ok
21:28:48.0654 0x0750  [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs            C:\Windows\system32\drivers\Msfs.sys
21:28:48.0716 0x0750  Msfs - ok
21:28:48.0748 0x0750  [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
21:28:48.0810 0x0750  mshidkmdf - ok
21:28:48.0826 0x0750  [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
21:28:48.0841 0x0750  msisadrv - ok
21:28:48.0888 0x0750  [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
21:28:48.0982 0x0750  MSiSCSI - ok
21:28:48.0982 0x0750  msiserver - ok
21:28:49.0013 0x0750  [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
21:28:49.0091 0x0750  MSKSSRV - ok
21:28:49.0122 0x0750  [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
21:28:49.0216 0x0750  MSPCLOCK - ok
21:28:49.0247 0x0750  [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
21:28:49.0325 0x0750  MSPQM - ok
21:28:49.0356 0x0750  [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
21:28:49.0387 0x0750  MsRPC - ok
21:28:49.0403 0x0750  [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
21:28:49.0434 0x0750  mssmbios - ok
21:28:49.0450 0x0750  [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
21:28:49.0512 0x0750  MSTEE - ok
21:28:49.0528 0x0750  [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
21:28:49.0574 0x0750  MTConfig - ok
21:28:49.0606 0x0750  [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup             C:\Windows\system32\Drivers\mup.sys
21:28:49.0637 0x0750  Mup - ok
21:28:49.0668 0x0750  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent        C:\Windows\system32\qagentRT.dll
21:28:49.0808 0x0750  napagent - ok
21:28:49.0871 0x0750  [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
21:28:49.0933 0x0750  NativeWifiP - ok
21:28:50.0011 0x0750  [ 8C9C922D71F1CD4DEF73F186416B7896, 15FF43CD90C7913F83B35F2E7986561584588E8A45196EBD965C3A355836A9C7 ] NDIS            C:\Windows\system32\drivers\ndis.sys
21:28:50.0089 0x0750  NDIS - ok
21:28:50.0120 0x0750  [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
21:28:50.0198 0x0750  NdisCap - ok
21:28:50.0230 0x0750  [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
21:28:50.0308 0x0750  NdisTapi - ok
21:28:50.0339 0x0750  [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
21:28:50.0417 0x0750  Ndisuio - ok
21:28:50.0448 0x0750  [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
21:28:50.0542 0x0750  NdisWan - ok
21:28:50.0573 0x0750  [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
21:28:50.0635 0x0750  NDProxy - ok
21:28:50.0666 0x0750  [ 9213AA35BCA94EB79D366DA254E4BDF5, 5E1C71BEB6CFFF5A6F149E9FE6E169D087A6CBE63A504FEE8D42170284952F85 ] Netaapl         C:\Windows\system32\DRIVERS\netaapl.sys
21:28:50.0698 0x0750  Netaapl - ok
21:28:50.0744 0x0750  [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
21:28:50.0822 0x0750  NetBIOS - ok
21:28:50.0869 0x0750  [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
21:28:50.0947 0x0750  NetBT - ok
21:28:50.0963 0x0750  [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] Netlogon        C:\Windows\system32\lsass.exe
21:28:50.0994 0x0750  Netlogon - ok
21:28:51.0041 0x0750  [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman          C:\Windows\System32\netman.dll
21:28:51.0150 0x0750  Netman - ok
21:28:51.0197 0x0750  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
21:28:51.0244 0x0750  NetMsmqActivator - ok
21:28:51.0259 0x0750  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
21:28:51.0290 0x0750  NetPipeActivator - ok
21:28:51.0337 0x0750  [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm        C:\Windows\System32\netprofm.dll
21:28:51.0446 0x0750  netprofm - ok
21:28:51.0462 0x0750  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
21:28:51.0509 0x0750  NetTcpActivator - ok
21:28:51.0524 0x0750  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
21:28:51.0556 0x0750  NetTcpPortSharing - ok
21:28:51.0992 0x0750  [ 5B2DFA9C5C02DDF2A113CC0F551B59DF, C599955025A64A735AD8C7E24F52525CD7A82438A7214EB9103AAAD137EB9989 ] NETw5s32        C:\Windows\system32\DRIVERS\NETw5s32.sys
21:28:52.0616 0x0750  NETw5s32 - ok
21:28:52.0741 0x0750  [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
21:28:52.0772 0x0750  nfrd960 - ok
21:28:52.0819 0x0750  [ 374071043F9E4231EE43BE2BB48DD36D, C4FA3FC40CC49DBBB91901D14210A55D3831FAC9F9B3FF45FCA7F5CF242C9E92 ] NlaSvc          C:\Windows\System32\nlasvc.dll
21:28:52.0897 0x0750  NlaSvc - ok
21:28:52.0913 0x0750  [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
21:28:52.0991 0x0750  Npfs - ok
21:28:53.0022 0x0750  [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi             C:\Windows\system32\nsisvc.dll
21:28:53.0100 0x0750  nsi - ok
21:28:53.0116 0x0750  [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
21:28:53.0209 0x0750  nsiproxy - ok
21:28:53.0318 0x0750  [ 5E43D2B0EE64123D4880DFA6626DEFDE, 164413A22DE58B19EA2B4120034B46D6BE1F424B80C3421E10BE5C81153D049F ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
21:28:53.0443 0x0750  Ntfs - ok
21:28:53.0474 0x0750  [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null            C:\Windows\system32\drivers\Null.sys
21:28:53.0552 0x0750  Null - ok
21:28:53.0615 0x0750  [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid          C:\Windows\system32\drivers\nvraid.sys
21:28:53.0646 0x0750  nvraid - ok
21:28:53.0677 0x0750  [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
21:28:53.0708 0x0750  nvstor - ok
21:28:53.0740 0x0750  [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
21:28:53.0771 0x0750  nv_agp - ok
21:28:53.0802 0x0750  [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
21:28:53.0849 0x0750  ohci1394 - ok
21:28:54.0036 0x0750  [ EF8DA126239D08B7B4734256417AE702, 4BBA0577C20E851F5B30D0D0F19382AB32AF57EFF7AA5B394E0FF6358A7AB287 ] Origin Client Service C:\Program Files\Origin\OriginClientService.exe
21:28:54.0192 0x0750  Origin Client Service - ok
21:28:54.0254 0x0750  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:28:54.0286 0x0750  ose - ok
21:28:54.0644 0x0750  [ EE5756BDA5BE5891270E0CC6CEC44096, EA18073EEE0F461B14C539D49A7DD91D33AB0C503236F67F70A000835FAAC890 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:28:55.0112 0x0750  osppsvc - ok
21:28:55.0159 0x0750  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
21:28:55.0253 0x0750  p2pimsvc - ok
21:28:55.0284 0x0750  [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc          C:\Windows\system32\p2psvc.dll
21:28:55.0362 0x0750  p2psvc - ok
21:28:55.0393 0x0750  [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport         C:\Windows\system32\drivers\parport.sys
21:28:55.0424 0x0750  Parport - ok
21:28:55.0456 0x0750  [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
21:28:55.0487 0x0750  partmgr - ok
21:28:55.0502 0x0750  [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
21:28:55.0549 0x0750  Parvdm - ok
21:28:55.0580 0x0750  [ 358AB7956D3160000726574083DFC8A6, 6CAFD4D1B8AB8C1D167ADC018985DDAB5AC2CBFFB3434FE6390F14AF50C19025 ] PcaSvc          C:\Windows\System32\pcasvc.dll
21:28:55.0627 0x0750  PcaSvc - ok
21:28:55.0658 0x0750  [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci             C:\Windows\system32\drivers\pci.sys
21:28:55.0690 0x0750  pci - ok
21:28:55.0721 0x0750  [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide          C:\Windows\system32\drivers\pciide.sys
21:28:55.0752 0x0750  pciide - ok
21:28:55.0783 0x0750  [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
21:28:55.0830 0x0750  pcmcia - ok
21:28:55.0846 0x0750  [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw             C:\Windows\system32\drivers\pcw.sys
21:28:55.0877 0x0750  pcw - ok
21:28:55.0924 0x0750  [ 9E0104BA49F4E6973749A02BF41344ED, B32F39F38DB48D77FBA884DEE34112BAB81CCEF5DD2EAAA12D9589D73D2BB116 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
21:28:56.0064 0x0750  PEAUTH - ok
21:28:56.0142 0x0750  [ AF4D64D2A57B9772CF3801950B8058A6, C9C493A3775E6E1660CE5DF75DA574D0C04245FB88CF41B96217A725359C350D ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
21:28:56.0282 0x0750  PeerDistSvc - ok
21:28:56.0423 0x0750  [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla             C:\Windows\system32\pla.dll
21:28:56.0641 0x0750  pla - ok
21:28:56.0704 0x0750  [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
21:28:56.0797 0x0750  PlugPlay - ok
21:28:56.0844 0x0750  [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
21:28:56.0891 0x0750  PNRPAutoReg - ok
21:28:56.0922 0x0750  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
21:28:56.0984 0x0750  PNRPsvc - ok
21:28:57.0031 0x0750  [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
21:28:57.0187 0x0750  PolicyAgent - ok
21:28:57.0218 0x0750  [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power           C:\Windows\system32\umpo.dll
21:28:57.0296 0x0750  Power - ok
21:28:57.0328 0x0750  [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
21:28:57.0421 0x0750  PptpMiniport - ok
21:28:57.0452 0x0750  [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor       C:\Windows\system32\drivers\processr.sys
21:28:57.0577 0x0750  Processor - ok
21:28:57.0764 0x0750  [ CADEFAC453040E370A1BDFF3973BE00D, 2E3DD8DA702468D8AB0F3CE27188B1991D4CB015FB36BAE4C6E7996B61CF49B8 ] ProfSvc         C:\Windows\system32\profsvc.dll
21:28:57.0811 0x0750  ProfSvc - ok
21:28:57.0827 0x0750  [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] ProtectedStorage C:\Windows\system32\lsass.exe
21:28:57.0858 0x0750  ProtectedStorage - ok
21:28:57.0889 0x0750  [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
21:28:57.0967 0x0750  Psched - ok
21:28:58.0030 0x0750  [ 543A4EF0923BF70D126625B034EF25AF, 9CC82C5221F11850419A796D48D5452B3DEE0C8E8E85A818F4AAA869673F9740 ] PSI_SVC_2       c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
21:28:58.0061 0x0750  PSI_SVC_2 - ok
21:28:58.0139 0x0750  [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300          C:\Windows\system32\drivers\ql2300.sys
21:28:58.0264 0x0750  ql2300 - ok
21:28:58.0295 0x0750  [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
21:28:58.0326 0x0750  ql40xx - ok
21:28:58.0373 0x0750  [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE           C:\Windows\system32\qwave.dll
21:28:58.0466 0x0750  QWAVE - ok
21:28:58.0482 0x0750  [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
21:28:58.0529 0x0750  QWAVEdrv - ok
21:28:58.0544 0x0750  [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
21:28:58.0622 0x0750  RasAcd - ok
21:28:58.0654 0x0750  [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
21:28:58.0716 0x0750  RasAgileVpn - ok
21:28:58.0763 0x0750  [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto         C:\Windows\System32\rasauto.dll
21:28:58.0856 0x0750  RasAuto - ok
21:28:58.0888 0x0750  [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
21:28:58.0981 0x0750  Rasl2tp - ok
21:28:59.0044 0x0750  [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan          C:\Windows\System32\rasmans.dll
21:28:59.0184 0x0750  RasMan - ok
21:28:59.0200 0x0750  [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
21:28:59.0278 0x0750  RasPppoe - ok
21:28:59.0293 0x0750  [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
21:28:59.0387 0x0750  RasSstp - ok
21:28:59.0418 0x0750  [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
21:28:59.0527 0x0750  rdbss - ok
21:28:59.0558 0x0750  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
21:28:59.0605 0x0750  rdpbus - ok
21:28:59.0621 0x0750  [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
21:28:59.0699 0x0750  RDPCDD - ok
21:28:59.0746 0x0750  [ B973FCFC50DC1434E1970A146F7E3885, BE797E5F5AE34D37F8DA1134CE94DD14DBE36D2BC405B97E992E2257848B7CA9 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
21:28:59.0792 0x0750  RDPDR - ok
21:28:59.0824 0x0750  [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
21:28:59.0902 0x0750  RDPENCDD - ok
21:28:59.0933 0x0750  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
21:29:00.0026 0x0750  RDPREFMP - ok
21:29:00.0089 0x0750  [ 68A0387F58E226DEEE23D9715955572A, F95BB1D2BB3E79AF47B1C715BB5E3003EEF888AAA963F46F4A2FE8AFBD4F37A4 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
21:29:00.0136 0x0750  RdpVideoMiniport - ok
21:29:00.0182 0x0750  [ F031683E6D1FEA157ABB2FF260B51E61, 83B552819A5964152882C527E1421DBCEAACC74DEB897E3C4B53F52F1467FED3 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
21:29:00.0245 0x0750  RDPWD - ok
21:29:00.0260 0x0750  [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
21:29:00.0307 0x0750  rdyboost - ok
21:29:00.0338 0x0750  [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess    C:\Windows\System32\mprdim.dll
21:29:00.0401 0x0750  RemoteAccess - ok
21:29:00.0432 0x0750  [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry  C:\Windows\system32\regsvc.dll
21:29:00.0510 0x0750  RemoteRegistry - ok
21:29:00.0557 0x0750  [ CB928D9E6DAF51879DD6BA8D02F01321, DFD263B67DDF98AE09AF6D6986CBC7BE3206BCE8403AAC51BCF9459E78233D12 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
21:29:00.0588 0x0750  RFCOMM - ok
21:29:00.0604 0x0750  [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
21:29:00.0697 0x0750  RpcEptMapper - ok
21:29:00.0728 0x0750  [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator      C:\Windows\system32\locator.exe
21:29:00.0791 0x0750  RpcLocator - ok
21:29:00.0838 0x0750  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs           C:\Windows\system32\rpcss.dll
21:29:00.0947 0x0750  RpcSs - ok
21:29:00.0994 0x0750  [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
21:29:01.0087 0x0750  rspndr - ok
21:29:01.0118 0x0750  [ 7DFD48E24479B68B258D8770121155A0, 3B5F7309403C46855DB888CF2058B07C9029690DBC7FB3224BAC7BE5547D2D57 ] RTL8167         C:\Windows\system32\DRIVERS\Rt86win7.sys
21:29:01.0181 0x0750  RTL8167 - ok
21:29:01.0259 0x0750  [ FEFA32073D77BB9C741A63B6286479F6, 7E62CF6244ACC964C21248AF6A7010EA9BBE220345E2DF361E661A746C18CBD1 ] RzKLService     C:\Program Files\Razer\Razer Game Booster\RzKLService.exe
21:29:01.0274 0x0750  RzKLService - ok
21:29:01.0306 0x0750  [ 7FA7F2E249A5DCBB7970630E15E1F482, 9633B193F3FDA67BC551C6DCA4788AB83E9F45F77763EE579D02FE5D6B80DEDF ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
21:29:01.0352 0x0750  s3cap - ok
21:29:01.0368 0x0750  [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] SamSs           C:\Windows\system32\lsass.exe
21:29:01.0399 0x0750  SamSs - ok
21:29:01.0462 0x0750  [ 39763504067962108505BFF25F024345, 73C9710B61EDC7FBEDE1D7A767AA3D3A169E7AD012494D05CB5EE7E5C5752BB9 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
21:29:01.0477 0x0750  SASDIFSV - ok
21:29:01.0508 0x0750  [ 77B9FC20084B48408AD3E87570EB4A85, B5BC5FEC1356DECB66A7A671DB67112BDAC8F942BF1C4B986B1805B41EF362B1 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
21:29:01.0540 0x0750  SASKUTIL - ok
21:29:01.0571 0x0750  [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
21:29:01.0602 0x0750  sbp2port - ok
21:29:01.0618 0x0750  [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
21:29:01.0727 0x0750  SCardSvr - ok
21:29:01.0758 0x0750  [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
21:29:01.0852 0x0750  scfilter - ok
21:29:01.0930 0x0750  [ A04BB13F8A72F8B6E8B4071723E4E336, E63287FF71C39CBF64C3347C455324C8437F9CF398153E269543588B65389502 ] Schedule        C:\Windows\system32\schedsvc.dll
21:29:02.0132 0x0750  Schedule - ok
21:29:02.0164 0x0750  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc     C:\Windows\System32\certprop.dll
21:29:02.0242 0x0750  SCPolicySvc - ok
21:29:02.0257 0x0750  [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
21:29:02.0320 0x0750  SDRSVC - ok
21:29:02.0351 0x0750  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
21:29:02.0444 0x0750  secdrv - ok
21:29:02.0476 0x0750  [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon        C:\Windows\system32\seclogon.dll
21:29:02.0569 0x0750  seclogon - ok
21:29:02.0600 0x0750  [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS            C:\Windows\System32\sens.dll
21:29:02.0678 0x0750  SENS - ok
21:29:02.0710 0x0750  [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
21:29:02.0756 0x0750  SensrSvc - ok
21:29:02.0819 0x0750  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum         C:\Windows\system32\drivers\serenum.sys
21:29:02.0850 0x0750  Serenum - ok
21:29:02.0881 0x0750  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial          C:\Windows\system32\drivers\serial.sys
21:29:02.0944 0x0750  Serial - ok
21:29:02.0975 0x0750  [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse        C:\Windows\system32\drivers\sermouse.sys
21:29:03.0006 0x0750  sermouse - ok
21:29:03.0037 0x0750  [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv      C:\Windows\system32\sessenv.dll
21:29:03.0146 0x0750  SessionEnv - ok
21:29:03.0178 0x0750  [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
21:29:03.0240 0x0750  sffdisk - ok
21:29:03.0256 0x0750  [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
21:29:03.0302 0x0750  sffp_mmc - ok
21:29:03.0318 0x0750  [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
21:29:03.0365 0x0750  sffp_sd - ok
21:29:03.0396 0x0750  [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
21:29:03.0443 0x0750  sfloppy - ok
21:29:03.0505 0x0750  [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess    C:\Windows\System32\ipnathlp.dll
21:29:03.0630 0x0750  SharedAccess - ok
21:29:03.0677 0x0750  [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:29:03.0802 0x0750  ShellHWDetection - ok
21:29:03.0833 0x0750  [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp          C:\Windows\system32\drivers\sisagp.sys
21:29:03.0864 0x0750  sisagp - ok
21:29:03.0895 0x0750  [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
21:29:03.0926 0x0750  SiSRaid2 - ok
21:29:03.0942 0x0750  [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
21:29:03.0973 0x0750  SiSRaid4 - ok
21:29:03.0989 0x0750  [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
21:29:04.0067 0x0750  Smb - ok
21:29:04.0129 0x0750  [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
21:29:04.0160 0x0750  SNMPTRAP - ok
21:29:04.0207 0x0750  [ 3BB48F7E33C2B76184DDF233000C09CD, D1AAE5B0425047CA0C2D376D3E59324D35A90DF9074CD442DFD0ED6E434D3C84 ] Sony SCSI Helper Service C:\Program Files\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe
21:29:04.0223 0x0750  Sony SCSI Helper Service - detected UnsignedFile.Multi.Generic ( 1 )
21:29:08.0482 0x0750  Detect skipped due to KSN trusted
21:29:08.0482 0x0750  Sony SCSI Helper Service - ok
21:29:08.0591 0x0750  [ 9CDDE99782A5276E3206128E9727670D, 0230A194F2BDD7F7E91C0859CE5699AC63CF6503A85FD1AAF833C3065B730170 ] SophosVirusRemovalTool C:\Program Files\Sophos\Sophos Virus Removal Tool\SVRTservice.exe
21:29:08.0622 0x0750  SophosVirusRemovalTool - ok
21:29:08.0638 0x0750  [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr           C:\Windows\system32\drivers\spldr.sys
21:29:08.0653 0x0750  spldr - ok
21:29:08.0700 0x0750  [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler         C:\Windows\System32\spoolsv.exe
21:29:08.0778 0x0750  Spooler - ok
21:29:08.0981 0x0750  [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc          C:\Windows\system32\sppsvc.exe
21:29:09.0371 0x0750  sppsvc - ok
21:29:09.0402 0x0750  [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify     C:\Windows\system32\sppuinotify.dll
21:29:09.0496 0x0750  sppuinotify - ok
21:29:09.0605 0x0750  [ 4E3C4FFCB2C95C2EC1FA04A6F4531533, BEBFE9DEF1340AC1135211EA52D7407140514258A2BFE99BC28C9B8F7D407139 ] sptd            C:\Windows\system32\Drivers\sptd.sys
21:29:09.0683 0x0750  sptd - ok
21:29:09.0730 0x0750  [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv             C:\Windows\system32\DRIVERS\srv.sys
21:29:09.0792 0x0750  srv - ok
21:29:09.0839 0x0750  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
21:29:09.0917 0x0750  srv2 - ok
21:29:09.0964 0x0750  [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
21:29:09.0995 0x0750  srvnet - ok
21:29:10.0026 0x0750  [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
21:29:10.0135 0x0750  SSDPSRV - ok
21:29:10.0166 0x0750  [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
21:29:10.0260 0x0750  SstpSvc - ok
21:29:10.0369 0x0750  [ 7E815DDD79CC73A02A33DF11FABE4E1E, A05A85CDB0CB0AA1AAC93AA801C39242BFE59082E2BC580F04EBFA71B5B61F07 ] Steam Client Service C:\Program Files\Common Files\Steam\SteamService.exe
21:29:10.0447 0x0750  Steam Client Service - ok
21:29:10.0478 0x0750  [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor        C:\Windows\system32\drivers\stexstor.sys
21:29:10.0510 0x0750  stexstor - ok
21:29:10.0572 0x0750  [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc          C:\Windows\System32\wiaservc.dll
21:29:10.0666 0x0750  StiSvc - ok
21:29:10.0697 0x0750  [ 472AF0311073DCECEAA8FA18BA2BDF89, 089414057EB2047E42C96C1ACE79D509967461DC5A4D2836F63C04268637A3FC ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
21:29:10.0728 0x0750  storflt - ok
21:29:10.0775 0x0750  [ DCAFFD62259E0BDB433DD67B5BB37619, CBD12FF9BBF33D18B0F3D322B12EC62E7DF3BF45C6AD43D2E91FF4C4762E05D0 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
21:29:10.0806 0x0750  storvsc - ok
21:29:10.0837 0x0750  [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
21:29:10.0868 0x0750  swenum - ok
21:29:10.0962 0x0750  [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard     C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
21:29:11.0040 0x0750  SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 )
21:29:20.0884 0x05b8  Object required for P2P: [ 2A958EF85DB1B61FFCA65044FA4BCE9E ] dmvsc
21:29:21.0196 0x0750  SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
21:29:21.0196 0x0750  Force sending object to P2P due to detect: SwitchBoard
21:29:39.0307 0x05b8  Object send P2P result: true
21:29:39.0307 0x05b8  Object required for P2P: [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr
21:29:41.0242 0x0750  Object send P2P result: false
21:29:42.0973 0x05b8  Object send P2P result: true
21:29:42.0973 0x05b8  Object required for P2P: [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc
21:29:44.0486 0x0750  [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv           C:\Windows\System32\swprv.dll
21:29:44.0627 0x0750  swprv - ok
21:29:44.0658 0x0750  [ F2AD8960812FD111E20E84659EF19D43, FAC91E940D3735738908447E58792C32E6F86427612114A624041B7213831105 ] Synth3dVsc      C:\Windows\system32\drivers\synth3dvsc.sys
21:29:44.0689 0x0750  Synth3dVsc - ok
21:29:44.0767 0x0750  [ 36650D618CA34C9D357DFD3D89B2C56F, 7C3774E53DCF32CB3A4B3504E32D2A651E18467FA0A6AC4C7993C696741B704B ] SysMain         C:\Windows\system32\sysmain.dll
21:29:44.0923 0x0750  SysMain - ok
21:29:44.0970 0x0750  [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
21:29:45.0048 0x0750  TabletInputService - ok
21:29:45.0079 0x0750  [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv         C:\Windows\System32\tapisrv.dll
21:29:45.0188 0x0750  TapiSrv - ok
21:29:45.0204 0x0750  [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS             C:\Windows\System32\tbssvc.dll
21:29:45.0282 0x0750  TBS - ok
21:29:45.0376 0x0750  [ CA59F7C570AF70BC174F477CFE2D9EE3, F09E4E14207A2AC6957D2C0AC8707D0E356A9087FA6DC703373242D8EEB026BD ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
21:29:45.0485 0x0750  Tcpip - ok
21:29:45.0563 0x0750  [ CA59F7C570AF70BC174F477CFE2D9EE3, F09E4E14207A2AC6957D2C0AC8707D0E356A9087FA6DC703373242D8EEB026BD ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
21:29:45.0656 0x0750  TCPIP6 - ok
21:29:45.0688 0x0750  [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
21:29:45.0734 0x0750  tcpipreg - ok
21:29:45.0781 0x0750  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
21:29:45.0828 0x0750  TDPIPE - ok
21:29:45.0859 0x0750  [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
21:29:45.0890 0x0750  TDTCP - ok
21:29:45.0906 0x0750  [ B459575348C20E8121D6039DA063C704, 1B4328A9EA39FF5A57F258E02254D04B73455F1DF7C997C13702A8B2F12D0347 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
21:29:45.0968 0x0750  tdx - ok
21:29:45.0984 0x0750  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
21:29:46.0015 0x0750  TermDD - ok
21:29:46.0046 0x0750  [ 052306FD76793D5D5AB5D9891FD1ADBB, A590F01A42EC979664044B811E7C98F58D6A23AA025B5A1DD0E5F63BF70B2649 ] terminpt        C:\Windows\system32\drivers\terminpt.sys
21:29:46.0093 0x0750  terminpt - ok
21:29:46.0156 0x0750  [ 382C804C92811BE57829D8E550A900E2, 5F52C2E7902024CF1C9CC0069F411C3F19CCA3DB209F437FA0F3932D4898EB50 ] TermService     C:\Windows\System32\termsrv.dll
21:29:46.0280 0x0750  TermService - ok
21:29:46.0296 0x0750  [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes          C:\Windows\system32\themeservice.dll
21:29:46.0374 0x0750  Themes - ok
21:29:46.0405 0x0750  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER     C:\Windows\system32\mmcss.dll
21:29:46.0483 0x0750  THREADORDER - ok
21:29:46.0499 0x0750  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks          C:\Windows\System32\trkwks.dll
21:29:46.0530 0x05b8  Object send P2P result: true
21:29:46.0530 0x05b8  Object required for P2P: [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub
21:29:46.0608 0x0750  TrkWks - ok
21:29:46.0670 0x0750  [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:29:46.0748 0x0750  TrustedInstaller - ok
21:29:46.0780 0x0750  [ B37B08F2E5EEB1A37E448E09BACE1101, 32CC9E06B88BAB6FAB4696B744548DFCE9199A7FD2BA8B019F269CA75895852C ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
21:29:46.0826 0x0750  tssecsrv - ok
21:29:46.0858 0x0750  [ FD1D6C73E6333BE727CBCC6054247654, 6F7B9AE1A5986204DB3348D13B303F30FC17624939DA74D6BD114FAEED0FB30E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
21:29:46.0920 0x0750  TsUsbFlt - ok
21:29:46.0951 0x0750  [ 01246F0BAAD7B68EC0F472AA41E33282, 51F975AF029AD015576FFFA3E88F5DBB8B40C7CD30ECDEDE8AFABCB08C954199 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
21:29:46.0998 0x0750  TsUsbGD - ok
21:29:47.0029 0x0750  [ 045ACB987C650D8186C6B4A692223860, C1CDDF7DABAE531C53290C7C70F35DD65751B399D269711865AD65F9E4E43B0B ] tsusbhub        C:\Windows\system32\drivers\tsusbhub.sys
21:29:47.0076 0x0750  tsusbhub - ok
21:29:47.0092 0x0750  [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
21:29:47.0170 0x0750  tunnel - ok
21:29:47.0201 0x0750  [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
21:29:47.0232 0x0750  uagp35 - ok
21:29:47.0263 0x0750  [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
21:29:47.0357 0x0750  udfs - ok
21:29:47.0388 0x0750  [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect       C:\Windows\system32\UI0Detect.exe
21:29:47.0450 0x0750  UI0Detect - ok
21:29:47.0497 0x0750  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
21:29:47.0513 0x0750  uliagpkx - ok
21:29:47.0544 0x0750  [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
21:29:47.0591 0x0750  umbus - ok
21:29:47.0622 0x0750  [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass          C:\Windows\system32\drivers\umpass.sys
21:29:47.0669 0x0750  UmPass - ok
21:29:47.0716 0x0750  [ 409994A8EACEEE4E328749C0353527A0, FFC57B647147DE2957A7DE4B330CC534DE7AC892A2FCE3BB164F7A516CAB1B56 ] UmRdpService    C:\Windows\System32\umrdp.dll
21:29:47.0794 0x0750  UmRdpService - ok
21:29:47.0840 0x0750  [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost        C:\Windows\System32\upnphost.dll
21:29:47.0950 0x0750  upnphost - ok
21:29:47.0981 0x0750  [ 6E421CCC57059B0186C6259CA3B6DFC9, E348BF23CCD6C14FD10C1689BBDC77E125245331F97BFE60D4C8FD9A8711CB59 ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys
21:29:48.0012 0x0750  USBAAPL - ok
21:29:48.0043 0x0750  [ 0803FBA9FE829D61AE26EC0BCC910C46, 30D00E2C7DFC630C99C1599587D4F9C272BC30D444E07C961AA05BF84587806B ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
21:29:48.0106 0x0750  usbccgp - ok
21:29:48.0168 0x0750  [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir          C:\Windows\system32\drivers\usbcir.sys
21:29:48.0215 0x0750  usbcir - ok
21:29:48.0262 0x0750  [ D40855F89B69305140BBD7E9A3BA2DA6, 745DC6D770666F6B19C2B6AA89C21D1A314732E291453BFA2367F9AF86F97C3C ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
21:29:48.0293 0x0750  usbehci - ok
21:29:48.0340 0x0750  [ EDF2DF71C4F1E13A6AC75F5224DE655A, 1764D155C6B99201774B57195349304259232A12868ECFC2069CA49443EBDC2C ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
21:29:48.0402 0x0750  usbhub - ok
21:29:48.0449 0x0750  [ 9828C8D14CC2676421778F0DE638CF97, 479A28211FFB85190A01FAB0283B927588805D2C0CDB03F85F8F814B88E4F453 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
21:29:48.0496 0x0750  usbohci - ok
21:29:48.0542 0x0750  [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
21:29:48.0574 0x0750  usbprint - ok
21:29:48.0620 0x0750  [ FC6B21DB4B5B398AB93DBE59CBF11036, A94094C208F376405C07822A6143001EF1B12AE93205CD8002E87F6EB45F6374 ] usbscan         C:\Windows\system32\drivers\usbscan.sys
21:29:48.0652 0x0750  usbscan - ok
21:29:48.0683 0x0750  [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:29:48.0745 0x0750  USBSTOR - ok
21:29:48.0776 0x0750  [ 800AABFD625EEFF899F7E5496BDE37AB, 3EB7ED07760CB348FCA9A06C2B838EF79B51A83C5F70A9C9EAAEAE54480067E2 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
21:29:48.0808 0x0750  usbuhci - ok
21:29:48.0854 0x0750  [ AF77716205C97E902E6C5B78DECE2CCA, ED99EABED1C7F323EE2A76413E2B260F8EE1D76FDF1E60EE35136D060E756735 ] usb_rndisx      C:\Windows\system32\drivers\usb8023x.sys
21:29:48.0886 0x0750  usb_rndisx - ok
21:29:48.0901 0x0750  [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms           C:\Windows\System32\uxsms.dll
21:29:48.0979 0x0750  UxSms - ok
21:29:48.0995 0x0750  [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] VaultSvc        C:\Windows\system32\lsass.exe
21:29:49.0026 0x0750  VaultSvc - ok
21:29:49.0088 0x0750  [ E74EC30ED50F381E36491EAA656C3AF5, AE9F638A049FED864D22D0AC12020D7C48212E47D9D32AD31A210DF51FE476B7 ] VBoxDrv         C:\Windows\system32\DRIVERS\VBoxDrv.sys
21:29:49.0120 0x0750  VBoxDrv - ok
21:29:49.0182 0x0750  [ B1EF938CEF5C6F24D89E567893E01C39, 37C2B52F0C59BA372643DE2EF653F88F03AE4C5D486417F22966852141985763 ] VBoxNetAdp      C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
21:29:49.0213 0x0750  VBoxNetAdp - ok
21:29:49.0244 0x0750  [ CE82E6842751BF6B9B95DE176D0378B5, FFB24A7A6875999C10D183DEB3FE8879887560442B8937597604F9CAE49F9254 ] VBoxNetFlt      C:\Windows\system32\DRIVERS\VBoxNetFlt.sys
21:29:49.0276 0x0750  VBoxNetFlt - ok
21:29:49.0307 0x0750  [ F71A17A8834AF81D9B287F63DA59D725, 9C4996CE58491DB525D629B6527E784B255101760369DE864DBAEEA4D90CD3A9 ] VBoxUSBMon      C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
21:29:49.0338 0x0750  VBoxUSBMon - ok
21:29:49.0385 0x0750  [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
21:29:49.0416 0x0750  vdrvroot - ok
21:29:49.0447 0x0750  [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds             C:\Windows\System32\vds.exe
21:29:49.0572 0x0750  vds - ok
21:29:49.0603 0x0750  [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
21:29:49.0650 0x0750  vga - ok
21:29:49.0681 0x0750  [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave         C:\Windows\System32\drivers\vga.sys
21:29:49.0744 0x0750  VgaSave - ok
21:29:49.0744 0x0750  VGPU - ok
21:29:49.0775 0x0750  [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
21:29:49.0806 0x0750  vhdmp - ok
21:29:49.0837 0x0750  [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
21:29:49.0853 0x0750  viaagp - ok
21:29:49.0868 0x0750  [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7           C:\Windows\system32\drivers\viac7.sys
21:29:49.0915 0x0750  ViaC7 - ok
21:29:49.0962 0x0750  [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide          C:\Windows\system32\drivers\viaide.sys
21:29:49.0978 0x0750  viaide - ok
21:29:50.0009 0x0750  [ C2F2911156FDC7817C52829C86DA494E, FE499F189B5016FCE0018AA3DE3970B72275B7B15F3D4D608117F6DDEC6B90DC ] vmbus           C:\Windows\system32\drivers\vmbus.sys
21:29:50.0040 0x0750  vmbus - ok
21:29:50.0071 0x0750  [ D4D77455211E204F370D08F4963063CE, 2018B2A84C73E0834200A594C02A9D28C74906F126DAD3CCDDFC9CD9A61669E2 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
21:29:50.0118 0x0750  VMBusHID - ok
21:29:50.0149 0x0750  [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
21:29:50.0180 0x0750  volmgr - ok
21:29:50.0212 0x0750  [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
21:29:50.0258 0x0750  volmgrx - ok
21:29:50.0290 0x0750  [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
21:29:50.0336 0x0750  volsnap - ok
21:29:50.0368 0x0750  [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
21:29:50.0414 0x0750  vsmraid - ok
21:29:50.0492 0x0750  [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS             C:\Windows\system32\vssvc.exe
21:29:50.0695 0x0750  VSS - ok
21:29:50.0726 0x0750  [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
21:29:50.0758 0x0750  vwifibus - ok
21:29:50.0773 0x0750  [ 7090D3436EEB4E7DA3373090A23448F7, 3A130B28F2BFA7DCEC8596C4CE4E187B019F5ECF1AAC8DD1BBDE9CBD2428FEC2 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
21:29:50.0836 0x0750  vwififlt - ok
21:29:50.0867 0x0750  [ A3F04CBEA6C2A10E6CB01F8B47611882, 32AFE18B07FECA30BC95831A5DC94C784E543784DF16165334A777DC84E91EF3 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
21:29:50.0914 0x0750  vwifimp - ok
21:29:50.0929 0x0750  [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time         C:\Windows\system32\w32time.dll
21:29:51.0054 0x0750  W32Time - ok
21:29:51.0085 0x0750  [ 1FAC120059722F2CEE5D4D6EF3A70C97, EC9EF5A99772F512F6FB926E0F63CD1B786FBCC57CD01151018E4E1B05ED2716 ] WacHidRouter    C:\Windows\system32\DRIVERS\wachidrouter.sys
21:29:51.0116 0x0750  WacHidRouter - ok
21:29:51.0148 0x0750  [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
21:29:51.0179 0x0750  WacomPen - ok
21:29:51.0194 0x0750  [ E9022E583467818766170BFFDAF4DDEB, 007112246C50DA87EF803D8E5D2790AFCFB54DECD27CAB4F803ECCF654FE468E ] wacomrouterfilter C:\Windows\system32\DRIVERS\wacomrouterfilter.sys
21:29:51.0210 0x0750  wacomrouterfilter - ok
21:29:51.0241 0x0750  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
21:29:51.0319 0x0750  WANARP - ok
21:29:51.0335 0x0750  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
21:29:51.0397 0x0750  Wanarpv6 - ok
21:29:51.0506 0x0750  [ 353A04C273EC58475D8633E75CCD5604, FFAE53B6B53AEFC9E8A10BF27480E072D74430276BEB532FE1D473E9616D8CE0 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
21:29:51.0647 0x0750  WatAdminSvc - ok
21:29:51.0740 0x0750  [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine        C:\Windows\system32\wbengine.exe
21:29:51.0865 0x0750  wbengine - ok
21:29:51.0896 0x0750  [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
21:29:51.0975 0x0750  WbioSrvc - ok
21:29:52.0007 0x0750  [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc         C:\Windows\System32\wcncsvc.dll
21:29:52.0100 0x0750  wcncsvc - ok
21:29:52.0116 0x0750  [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:29:52.0163 0x0750  WcsPlugInService - ok
21:29:52.0194 0x0750  [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd              C:\Windows\system32\drivers\wd.sys
21:29:52.0225 0x0750  Wd - ok
21:29:52.0272 0x0750  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
21:29:52.0350 0x0750  Wdf01000 - ok
21:29:52.0381 0x0750  [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiServiceHost  C:\Windows\system32\wdi.dll
21:29:52.0443 0x0750  WdiServiceHost - ok
21:29:52.0459 0x0750  [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiSystemHost   C:\Windows\system32\wdi.dll
21:29:52.0506 0x0750  WdiSystemHost - ok
21:29:52.0553 0x0750  [ 75E8EBD7040CE238684333F97014762A, 2CA0B267FBAEB303D1F8B639D733DC0DE17BA1276CC9096035B4F2BBBED3EF7F ] WebClient       C:\Windows\System32\webclnt.dll
21:29:52.0615 0x0750  WebClient - ok
21:29:52.0646 0x0750  [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc          C:\Windows\system32\wecsvc.dll
21:29:52.0724 0x0750  Wecsvc - ok
21:29:52.0740 0x0750  [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
21:29:52.0818 0x0750  wercplsupport - ok
21:29:52.0849 0x0750  [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc          C:\Windows\System32\WerSvc.dll
21:29:52.0958 0x0750  WerSvc - ok
21:29:53.0036 0x0750  [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
21:29:53.0114 0x0750  WfpLwf - ok
21:29:53.0130 0x0750  [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
21:29:53.0161 0x0750  WIMMount - ok
21:29:53.0255 0x0750  [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
21:29:53.0348 0x0750  WinDefend - ok
21:29:53.0426 0x0750  WindowsMangerProtect - ok
21:29:53.0426 0x0750  WinHttpAutoProxySvc - ok
21:29:53.0489 0x0750  [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
21:29:53.0582 0x0750  Winmgmt - ok
21:29:53.0660 0x0750  [ 1B91CD34EA3A90AB6A4EF0550174F4CC, 5B6618615EBFBA594C945AD35F5C68DA8C6053892B6D12D626BB6120910D80DC ] WinRM           C:\Windows\system32\WsmSvc.dll
21:29:53.0832 0x0750  WinRM - ok
21:29:53.0910 0x0750  [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
21:29:53.0957 0x0750  WinUsb - ok
21:29:54.0036 0x0750  [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc         C:\Windows\System32\wlansvc.dll
21:29:54.0192 0x0750  Wlansvc - ok
21:29:54.0238 0x0750  [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
21:29:54.0270 0x0750  WmiAcpi - ok
21:29:54.0285 0x0750  [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
21:29:54.0348 0x0750  wmiApSrv - ok
21:29:54.0457 0x0750  [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
21:29:54.0582 0x0750  WMPNetworkSvc - ok
21:29:54.0597 0x0750  [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
21:29:54.0660 0x0750  WPCSvc - ok
21:29:54.0691 0x0750  [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
21:29:54.0738 0x0750  WPDBusEnum - ok
21:29:54.0769 0x0750  [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
21:29:54.0847 0x0750  ws2ifsl - ok
21:29:54.0862 0x0750  [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc          C:\Windows\System32\wscsvc.dll
21:29:54.0925 0x0750  wscsvc - ok
21:29:54.0940 0x0750  WSearch - ok
21:29:55.0035 0x0750  [ D3F8FDEA40D73FB0173D273003454A31, 8CB0CF32F3B576CC12875331DBBB1832C9E748C29F8DFB243AF5ACD12242D346 ] WTabletServicePro C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
21:29:55.0097 0x0750  WTabletServicePro - ok
21:29:55.0238 0x0750  [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv        C:\Windows\system32\wuaueng.dll
21:29:55.0409 0x0750  wuauserv - ok
21:29:55.0441 0x0750  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
21:29:55.0472 0x0750  WudfPf - ok
21:29:55.0519 0x0750  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
21:29:55.0565 0x0750  WUDFRd - ok
21:29:55.0581 0x0750  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
21:29:55.0628 0x0750  wudfsvc - ok
21:29:55.0675 0x0750  [ 3C5E51C05BE9B56EAFF4E388C3AB25E4, 10D9FDEDAB1FB2E76D54661AFA5C1A6B1B0980525F38F5D061537077841C6AEE ] WwanSvc         C:\Windows\System32\wwansvc.dll
21:29:55.0737 0x0750  WwanSvc - ok
21:29:55.0784 0x0750  [ DE97908EF421CD019060101CDE9DC120, 22A22C1B5609404F28DF30FA71849D0BCFB74B2EB2E7EEB3C663BF1C74460592 ] {825c5be7-672f-4c14-9929-48a3a5e1a660}w C:\Windows\system32\drivers\{825c5be7-672f-4c14-9929-48a3a5e1a660}w.sys
21:29:55.0815 0x0750  {825c5be7-672f-4c14-9929-48a3a5e1a660}w - ok
21:29:55.0862 0x0750  [ 0441654C86D1019F5E3656F732713E46, 841C54BB42855C6AAF1B9A781FDDE66ACC6AD5D795D7D6511E6B2469FA99F565 ] {8ce1c375-1e13-43f7-a4fd-6530f47c4fde}Gw C:\Windows\system32\drivers\{8ce1c375-1e13-43f7-a4fd-6530f47c4fde}Gw.sys
21:29:55.0877 0x0750  {8ce1c375-1e13-43f7-a4fd-6530f47c4fde}Gw - ok
21:29:55.0924 0x0750  [ 3AB776A800AB3FC3C6F3DA73268E1598, 5A42E54B839E4E7607F10A5D8560F22F36EB522F574B770DA5676E77F867CB8D ] {a41197ef-0b95-4642-a2a8-7ab88e13264c}w C:\Windows\system32\drivers\{a41197ef-0b95-4642-a2a8-7ab88e13264c}w.sys
21:29:55.0955 0x0750  {a41197ef-0b95-4642-a2a8-7ab88e13264c}w - ok
21:29:55.0987 0x0750  ================ Scan global ===============================
21:29:56.0018 0x0750  [ DAB748AE0439955ED2FA22357533DDDB, 73EDD402C7479DDCE1998D0C7E99E1EC2974F64EFC33A851439CC85D09EDCDF9 ] C:\Windows\system32\basesrv.dll
21:29:56.0049 0x0750  [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
21:29:56.0096 0x0750  [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
21:29:56.0143 0x0750  [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
21:29:56.0189 0x0750  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6, D7BC4ED605B32274B45328FD9914FB0E7B90D869A38F0E6F94FB1BF4E9E2B407 ] C:\Windows\system32\services.exe
21:29:56.0221 0x0750  [ Global ] - ok
21:29:56.0221 0x0750  ================ Scan MBR ==================================
21:29:56.0236 0x0750  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:29:56.0595 0x0750  \Device\Harddisk0\DR0 - ok
21:29:56.0595 0x0750  ================ Scan VBR ==================================
21:29:56.0595 0x0750  [ EA8DF6B2AA7462BC67E75D6198423B2F ] \Device\Harddisk0\DR0\Partition1
21:29:56.0657 0x0750  \Device\Harddisk0\DR0\Partition1 - ok
21:29:56.0657 0x0750  [ 84F4FB116B4E9BD77B98BE37A52679AE ] \Device\Harddisk0\DR0\Partition2
21:29:56.0704 0x0750  \Device\Harddisk0\DR0\Partition2 - ok
21:29:56.0704 0x0750  ================ Scan generic autorun ======================
21:29:56.0782 0x0750  [ 605BB2B2A2171D3F5748F4919E80E6C7, 4EBAAE4E2122048603D058C83E32C56F64F8FB9E7B9BB2F83E659BFFD7CB12EE ] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe
21:29:56.0860 0x0750  CanonSolutionMenu - ok
21:29:56.0891 0x0750  [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
21:29:56.0954 0x0750  SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 )
21:29:56.0954 0x0750  Detect skipped due to KSN trusted
21:29:56.0954 0x0750  SwitchBoard - ok
21:29:57.0110 0x0750  [ F52AD8338663ACB19159A69231EFAB0B, C256EB0E5109352EA7D1AC19120C7A2BEACB23331EAF3A66434C4844F92EEED2 ] C:\Users\Gab\Downloads\D3DOverrider\D3DOverrider\D3DOverriderWrapper.exe
21:29:57.0141 0x0750  D3DOverrider - detected UnsignedFile.Multi.Generic ( 1 )
21:30:02.0242 0x0750  Detect skipped due to KSN trusted
21:30:02.0242 0x0750  D3DOverrider - ok
21:30:02.0944 0x0750  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
21:30:03.0085 0x0750  Sidebar - ok
21:30:03.0116 0x0750  [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
21:30:03.0178 0x0750  mctadmin - ok
21:30:03.0256 0x0750  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
21:30:03.0365 0x0750  Sidebar - ok
21:30:03.0381 0x0750  [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
21:30:03.0412 0x0750  mctadmin - ok
21:30:03.0833 0x0750  [ 80FB6185056A21AA77727984B5BA62A4, FC9FC2B8664F37E70AB159B04A944904B7C32001C3FE576528263F1BB6EA5CBB ] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
21:30:04.0114 0x10d8  Object required for P2P: [ B459575348C20E8121D6039DA063C704 ] tdx
21:30:04.0379 0x0750  SUPERAntiSpyware - ok
21:30:04.0582 0x0750  [ BA7D96395C57AAC5566FCA0C8D8EE596, 5B949F39CC66F407DB5A8B2E518743C1754FFA54EEE8E13143FD6602356CE84F ] C:\Program Files\Calibrize\CalibrizeLoader.exe
21:30:04.0754 0x0750  CGFLoader - detected UnsignedFile.Multi.Generic ( 1 )
21:30:06.0548 0x05b8  Object send P2P result: false
21:30:06.0548 0x05b8  Object required for P2P: [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2
21:30:07.0577 0x0750  Detect skipped due to KSN trusted
21:30:07.0577 0x0750  CGFLoader - ok
21:30:07.0640 0x0750  [ 1E469063A28AFA778999B98722F48513, 1868307696F70121F1F68366212F3DFF2016AB45886C96C3DF127A86AFD031A5 ] C:\Program Files\Calibrize\CalibrizeResume.exe
21:30:07.0702 0x0750  CalibrizeResume - detected UnsignedFile.Multi.Generic ( 1 )
21:30:08.0030 0x10d8  Object send P2P result: true
21:30:08.0030 0x10d8  Object required for P2P: [ C2F2911156FDC7817C52829C86DA494E ] vmbus
21:30:10.0635 0x05b8  Object send P2P result: true
21:30:10.0635 0x05b8  Object required for P2P: [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman
21:30:12.0772 0x0750  Detect skipped due to KSN trusted
21:30:12.0772 0x0750  CalibrizeResume - ok
21:30:12.0959 0x0750  [ 608BCDFD89DC6D80C7F20DE0CFC02BA7, 1A428412D3273ADAE489011BEEE943B12FBB069B6E22015BF7849B722696A29A ] C:\Users\Gab\AppData\Roaming\uTorrent\uTorrent.exe
21:30:13.0100 0x0750  uTorrent - ok
21:30:13.0162 0x0750  [ 2F0EAAF91FC7A5C70D1F4BE9B18A1CF5, 6075E8ADD4136AC6497C1FE9CC937E6652FAD5024AED1CF901CE107078955C4F ] C:\Windows\system32\StikyNot.exe
21:30:13.0256 0x0750  RESTART_STICKY_NOTES - ok
21:30:13.0256 0x0750  Waiting for KSN requests completion. In queue: 154
21:30:14.0270 0x0750  Waiting for KSN requests completion. In queue: 154
21:30:15.0284 0x0750  Waiting for KSN requests completion. In queue: 154
21:30:16.0298 0x0750  Waiting for KSN requests completion. In queue: 154
21:30:17.0312 0x0750  Waiting for KSN requests completion. In queue: 154
21:30:18.0326 0x0750  Waiting for KSN requests completion. In queue: 154
21:30:19.0340 0x0750  Waiting for KSN requests completion. In queue: 154
21:30:20.0354 0x0750  Waiting for KSN requests completion. In queue: 154
21:30:21.0368 0x0750  Waiting for KSN requests completion. In queue: 154
21:30:22.0382 0x0750  Waiting for KSN requests completion. In queue: 154
21:30:23.0396 0x0750  Waiting for KSN requests completion. In queue: 154
21:30:24.0410 0x0750  Waiting for KSN requests completion. In queue: 152
21:30:25.0424 0x0750  Waiting for KSN requests completion. In queue: 152
21:30:26.0438 0x0750  Waiting for KSN requests completion. In queue: 152
21:30:27.0452 0x0750  Waiting for KSN requests completion. In queue: 152
21:30:28.0060 0x10d8  Object send P2P result: false
21:30:28.0060 0x10d8  Object required for P2P: [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap
21:30:28.0466 0x0750  Waiting for KSN requests completion. In queue: 148
21:30:29.0480 0x0750  Waiting for KSN requests completion. In queue: 148
21:30:30.0494 0x0750  Waiting for KSN requests completion. In queue: 148
21:30:30.0665 0x05b8  Object send P2P result: false
21:30:31.0508 0x0750  Waiting for KSN requests completion. In queue: 49
21:30:32.0522 0x0750  Waiting for KSN requests completion. In queue: 49
21:30:33.0536 0x0750  Waiting for KSN requests completion. In queue: 49
21:30:34.0550 0x0750  Waiting for KSN requests completion. In queue: 49
21:30:35.0564 0x0750  Waiting for KSN requests completion. In queue: 49
21:30:36.0578 0x0750  Waiting for KSN requests completion. In queue: 49
21:30:37.0592 0x0750  Waiting for KSN requests completion. In queue: 49
21:30:38.0606 0x0750  Waiting for KSN requests completion. In queue: 49
21:30:39.0620 0x0750  Waiting for KSN requests completion. In queue: 49
21:30:40.0634 0x0750  Waiting for KSN requests completion. In queue: 49
21:30:41.0648 0x0750  Waiting for KSN requests completion. In queue: 49
21:30:42.0662 0x0750  Waiting for KSN requests completion. In queue: 49
21:30:43.0676 0x0750  Waiting for KSN requests completion. In queue: 49
21:30:44.0690 0x0750  Waiting for KSN requests completion. In queue: 49
21:30:45.0704 0x0750  Waiting for KSN requests completion. In queue: 49
21:30:46.0718 0x0750  Waiting for KSN requests completion. In queue: 49
21:30:47.0732 0x0750  Waiting for KSN requests completion. In queue: 49
21:30:48.0122 0x10d8  Object send P2P result: false
21:30:48.0824 0x0750  AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 9.0.2021.515 ), 0x41000 ( enabled : updated )
21:30:48.0840 0x0750  Win FW state via NFP2: enabled
21:31:08.0854 0x0750  ============================================================
21:31:08.0854 0x0750  Scan finished
21:31:08.0854 0x0750  ============================================================
21:31:08.0870 0x0b3c  Detected object count: 1
21:31:08.0870 0x0b3c  Actual detected object count: 1
21:32:51.0857 0x0b3c  SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
21:32:51.0857 0x0b3c  SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip 
21:33:09.0220 0x09a4  Deinitialize success
 
 
AdwCleaner[S0]
 
# AdwCleaner v4.110 - Logfile created 09/02/2015 at 21:40:35
# Updated 05/02/2015 by Xplode
# Database : 2015-02-05.2 [Local]
# Operating system : Windows 7 Ultimate Service Pack 1 (x86)
# Username : Gab - GAB-PC
# Running from : C:\Users\Gab\Desktop\AdwCleaner.exe
# Option : Cleaning
 
***** [ Services ] *****
 
Service Deleted : WindowsMangerProtect
Service Deleted : IHProtect Service
Service Deleted : {825c5be7-672f-4c14-9929-48a3a5e1a660}w
Service Deleted : {8ce1c375-1e13-43f7-a4fd-6530f47c4fde}Gw
Service Deleted : {a41197ef-0b95-4642-a2a8-7ab88e13264c}w
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\WindowsMangerProtect
Folder Deleted : C:\ProgramData\IHProtectUpDate
Folder Deleted : C:\Program Files\STab
Folder Deleted : C:\Program Files\SourceApp
Folder Deleted : C:\Users\Gab\AppData\Local\CrashRpt
File Deleted : C:\END
File Deleted : C:\Windows\system32\drivers\{825c5be7-672f-4c14-9929-48a3a5e1a660}w.sys
File Deleted : C:\Windows\system32\drivers\{8ce1c375-1e13-43f7-a4fd-6530f47c4fde}Gw.sys
File Deleted : C:\Windows\system32\drivers\{a41197ef-0b95-4642-a2a8-7ab88e13264c}w.sys
File Deleted : C:\Users\Gab\AppData\Roaming\Mozilla\Firefox\Profiles\ghirumav.default\user.js
File Deleted : C:\Program Files\Mozilla Firefox\browser\searchplugins\omiga-plus.xml
File Deleted : C:\Users\Gab\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage
File Deleted : C:\Users\Gab\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal
File Deleted : C:\Users\Gab\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.lyricsfreak.com_0.localstorage
File Deleted : C:\Users\Gab\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.lyricsfreak.com_0.localstorage-journal
File Deleted : C:\Users\Gab\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.lyricsmode.com_0.localstorage
File Deleted : C:\Users\Gab\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.lyricsmode.com_0.localstorage-journal
File Deleted : C:\Users\Gab\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\Gab\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
File Deleted : C:\Users\Gab\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.ask.com_0.localstorage
File Deleted : C:\Users\Gab\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.ask.com_0.localstorage-journal
File Deleted : C:\Users\Gab\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_services.hearstmags.com_0.localstorage-journal
File Deleted : C:\Users\Gab\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage
File Deleted : C:\Users\Gab\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage-journal
File Deleted : C:\Users\Gab\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_services.hearstmags.com_0.localstorage
File Deleted : C:\Users\Gab\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.audienceinsights.net_0.localstorage
File Deleted : C:\Users\Gab\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.audienceinsights.net_0.localstorage-journal
File Deleted : C:\Users\Gab\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage-journal
 
***** [ Scheduled tasks ] *****
 
 
***** [ Shortcuts ] *****
 
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Gab\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\Gab\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Shortcut Disinfected : C:\Users\Gab\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Gab\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Shortcut Disinfected : C:\Users\Gab\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Gab\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk
 
***** [ Registry ] *****
 
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [faststartff@gmail.com]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Key Deleted : HKCU\Software\Mozilla\Extends
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\SourceApp
Key Deleted : HKLM\SOFTWARE\omiga-plusSoftware
Key Deleted : HKLM\SOFTWARE\SupDp
Key Deleted : HKLM\SOFTWARE\supWindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\IHProtect
Key Deleted : HKLM\SOFTWARE\SourceApp
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local
 
***** [ Web browsers ] *****
 
-\\ Internet Explorer v10.0.9200.16843
 
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
 
-\\ Mozilla Firefox v34.0.5 (x86 en-US)
 
[ghirumav.default\prefs.js] - Line Deleted : user_pref("browser.newtab.url", "chrome://quick_start/content/index.html");
[ghirumav.default\prefs.js] - Line Deleted : user_pref("extensions.quick_start.enable_search1", false);
[ghirumav.default\prefs.js] - Line Deleted : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);
 
-\\ Google Chrome v40.0.2214.111
 
[C:\Users\Gab\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\Gab\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
[C:\Users\Gab\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
[C:\Users\Gab\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1418673210&from=smt&uid=WDCXWD10JPVT-00MS8T0_WD-WXA1A13Y3176Y3176&q={searchTerms}
[C:\Users\Gab\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1418673210&from=smt&uid=WDCXWD10JPVT-00MS8T0_WD-WXA1A13Y3176Y3176&q={searchTerms}
[C:\Users\Gabby\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\Gabby\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
[C:\Users\Gabby\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : bopakagnckmlgajfccecajhnimjiiedh
 
*************************
 
AdwCleaner[R0].txt - [8187 bytes] - [09/02/2015 21:36:22]
AdwCleaner[S0].txt - [8300 bytes] - [09/02/2015 21:40:35]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8359  bytes] ##########
 
FSS
 
Farbar Service Scanner Version: 17-01-2015
Ran by Gab (administrator) on 09-02-2015 at 21:44:10
Running from "C:\Users\Gab\Desktop"
Microsoft Windows 7 Ultimate  Service Pack 1 (X86)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
 
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
 
 
Windows Firewall:
=============
 
Firewall Disabled Policy: 
==================
 
 
System Restore:
============
 
System Restore Policy: 
========================
 
 
Action Center:
============
 
 
Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.
 
 
Windows Autoupdate Disabled Policy: 
============================
 
 
Windows Defender:
==============
 
Other Services:
==============
 
 
File Check:
========
C:\Windows\system32\nsisvc.dll => File is digitally signed
C:\Windows\system32\Drivers\nsiproxy.sys => File is digitally signed
C:\Windows\system32\dhcpcore.dll => File is digitally signed
C:\Windows\system32\Drivers\afd.sys => File is digitally signed
C:\Windows\system32\Drivers\tdx.sys => File is digitally signed
C:\Windows\system32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\system32\dnsrslvr.dll => File is digitally signed
C:\Windows\system32\mpssvc.dll => File is digitally signed
C:\Windows\system32\bfe.dll => File is digitally signed
C:\Windows\system32\Drivers\mpsdrv.sys => File is digitally signed
C:\Windows\system32\SDRSVC.dll => File is digitally signed
C:\Windows\system32\vssvc.exe => File is digitally signed
C:\Windows\system32\wscsvc.dll => File is digitally signed
C:\Windows\system32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\system32\wuaueng.dll => File is digitally signed
C:\Windows\system32\qmgr.dll => File is digitally signed
C:\Windows\system32\es.dll => File is digitally signed
C:\Windows\system32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\system32\ipnathlp.dll => File is digitally signed
C:\Windows\system32\iphlpsvc.dll => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
 
 
**** End of log ****

 

MiniToolBox

 

MiniToolBox by Farbar  Version: 30-11-2014

Ran by Gab (administrator) on 09-02-2015 at 21:45:27
Running from "C:\Users\Gab\Desktop"
Microsoft Windows 7 Ultimate  Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
 
 
 
========================= IP Configuration: ================================
 
Intel® Centrino® Advanced-N 6200 AGN = Wireless Network Connection (Connected)
VirtualBox Host-Only Ethernet Adapter = VirtualBox Host-Only Network (Connected)
Realtek RTL8168D/8111D Family PCI-E Gigabit Ethernet NIC (NDIS 6.20) = Local Area Connection (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
add address name="VirtualBox Host-Only Network" address=192.168.56.1 mask=255.255.255.0
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : Gab-PC
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
 
Wireless LAN adapter Wireless Network Connection 2:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
   Physical Address. . . . . . . . . : 58-94-6B-65-8C-9D
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Wireless Network Connection:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Intel® Centrino® Advanced-N 6200 AGN
   Physical Address. . . . . . . . . : 58-94-6B-65-8C-9C
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::1c5c:828c:3e9c:d69c%15(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.0.11(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Monday, February 09, 2015 9:41:57 PM
   Lease Expires . . . . . . . . . . : Monday, February 09, 2015 10:42:09 PM
   Default Gateway . . . . . . . . . : 192.168.0.1
   DHCP Server . . . . . . . . . . . : 192.168.0.1
   DHCPv6 IAID . . . . . . . . . . . : 559453291
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-19-F7-CC-E3-78-AC-C0-42-95-B0
   DNS Servers . . . . . . . . . . . : 114.108.193.201
                                       114.108.195.1
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Ethernet adapter Bluetooth Network Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
   Physical Address. . . . . . . . . : 70-F3-95-CA-23-99
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Ethernet adapter Local Area Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Realtek RTL8168D/8111D Family PCI-E Gigabit Ethernet NIC (NDIS 6.20)
   Physical Address. . . . . . . . . : 78-AC-C0-42-95-B0
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Ethernet adapter VirtualBox Host-Only Network:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : VirtualBox Host-Only Ethernet Adapter
   Physical Address. . . . . . . . . : 08-00-27-00-4C-62
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::ed0b:7c9f:fc42:b9f1%22(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.56.1(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 
   DHCPv6 IAID . . . . . . . . . . . : 554172455
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-19-F7-CC-E3-78-AC-C0-42-95-B0
   DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
                                       fec0:0:0:ffff::2%1
                                       fec0:0:0:ffff::3%1
   NetBIOS over Tcpip. . . . . . . . : Enabled
Server:  UnKnown
Address:  114.108.193.201
 
Name:    google.com
Addresses:  2404:6800:4008:c02::8b
 114.108.207.22
 114.108.207.23
 114.108.207.24
 114.108.207.25
 114.108.207.26
 114.108.207.27
 114.108.207.28
 114.108.207.29
 114.108.207.15
 114.108.207.16
 114.108.207.17
 114.108.207.18
 114.108.207.19
 114.108.207.20
 114.108.207.21
 
 
Pinging google.com [111.68.59.247] with 32 bytes of data:
Reply from 111.68.59.247: bytes=32 time=20ms TTL=60
Reply from 111.68.59.247: bytes=32 time=11ms TTL=60
 
Ping statistics for 111.68.59.247:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 11ms, Maximum = 20ms, Average = 15ms
Server:  UnKnown
Address:  114.108.193.201
 
Name:    yahoo.com
Addresses:  98.138.253.109
 98.139.183.24
 206.190.36.45
 
 
Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=206ms TTL=49
Reply from 206.190.36.45: bytes=32 time=219ms TTL=49
 
Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 206ms, Maximum = 219ms, Average = 212ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 16...58 94 6b 65 8c 9d ......Microsoft Virtual WiFi Miniport Adapter
 15...58 94 6b 65 8c 9c ......Intel® Centrino® Advanced-N 6200 AGN
 13...70 f3 95 ca 23 99 ......Bluetooth Device (Personal Area Network)
 11...78 ac c0 42 95 b0 ......Realtek RTL8168D/8111D Family PCI-E Gigabit Ethernet NIC (NDIS 6.20)
 22...08 00 27 00 4c 62 ......VirtualBox Host-Only Ethernet Adapter
  1...........................Software Loopback Interface 1
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.0.1     192.168.0.11     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.0.0    255.255.255.0         On-link      192.168.0.11    281
     192.168.0.11  255.255.255.255         On-link      192.168.0.11    281
    192.168.0.255  255.255.255.255         On-link      192.168.0.11    281
     192.168.56.0    255.255.255.0         On-link      192.168.56.1    276
     192.168.56.1  255.255.255.255         On-link      192.168.56.1    276
   192.168.56.255  255.255.255.255         On-link      192.168.56.1    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link      192.168.56.1    276
        224.0.0.0        240.0.0.0         On-link      192.168.0.11    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link      192.168.56.1    276
  255.255.255.255  255.255.255.255         On-link      192.168.0.11    281
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 22    276 fe80::/64                On-link
 15    281 fe80::/64                On-link
 15    281 fe80::1c5c:828c:3e9c:d69c/128
                                    On-link
 22    276 fe80::ed0b:7c9f:fc42:b9f1/128
                                    On-link
  1    306 ff00::/8                 On-link
 22    276 ff00::/8                 On-link
 15    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\system32\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Windows\system32\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 30 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 31 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 32 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 33 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 34 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 35 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 36 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 37 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 38 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 39 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 40 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 41 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (02/09/2015 09:43:36 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (02/09/2015 09:19:24 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
 
Error: (02/09/2015 09:19:24 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
 
Error: (02/09/2015 09:15:06 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (02/08/2015 03:54:42 AM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
 
Error: (02/08/2015 03:54:42 AM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
 
Error: (02/08/2015 03:51:56 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (02/08/2015 03:45:51 AM) (Source: Bonjour Service) (User: )
Description: 460: ERROR: read_msg errno 0 (The operation completed successfully.)
 
Error: (02/08/2015 03:45:51 AM) (Source: Bonjour Service) (User: )
Description: ERROR: mDNSPlatformReadTCP - recv: 10053
 
Error: (02/08/2015 03:45:51 AM) (Source: Bonjour Service) (User: )
Description: 460: ERROR: read_msg errno 0 (The operation completed successfully.)
 
 
System errors:
=============
Error: (02/09/2015 09:42:05 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
sptd
 
Error: (02/09/2015 09:41:38 PM) (Source: sptd) (User: )
Description: Driver detected an internal error in its data structures for .
 
Error: (02/09/2015 09:13:58 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
sptd
 
Error: (02/09/2015 09:13:06 PM) (Source: sptd) (User: )
Description: Driver detected an internal error in its data structures for .
 
Error: (02/08/2015 03:50:32 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
sptd
 
Error: (02/08/2015 03:50:19 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 3:49:23 AM on ‎2/‎8/‎2015 was unexpected.
 
Error: (02/08/2015 03:49:57 AM) (Source: sptd) (User: )
Description: Driver detected an internal error in its data structures for .
 
Error: (02/08/2015 01:00:17 AM) (Source: Microsoft-Windows-Time-Service) (User: NT AUTHORITY)
Description: The time service has detected that the system time needs to be  changed by -56805 seconds. The time service will not change the system time by more than 54000 seconds. Verify that your time and time zone are correct, and that the time source time.windows.com,0x9 (ntp.m|0x9|0.0.0.0:123->65.55.56.206:123) is working properly.
 
Error: (02/07/2015 10:55:13 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SophosVirusRemovalTool service.
 
Error: (02/07/2015 09:25:11 PM) (Source: DCOM) (User: )
Description: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
 
 
Microsoft Office Sessions:
=========================
Error: (02/09/2015 09:43:36 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (02/09/2015 09:19:24 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)
Description: WmiApRplWmiApRpl8F20300004D070000
 
Error: (02/09/2015 09:19:24 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)
Description: Performance1637070000000000000000000009030000
 
Error: (02/09/2015 09:15:06 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (02/08/2015 03:54:42 AM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)
Description: WmiApRplWmiApRpl8F20300004D070000
 
Error: (02/08/2015 03:54:42 AM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)
Description: Performance1637070000000000000000000009030000
 
Error: (02/08/2015 03:51:56 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (02/08/2015 03:45:51 AM) (Source: Bonjour Service)(User: )
Description: 460: ERROR: read_msg errno 0 (The operation completed successfully.)
 
Error: (02/08/2015 03:45:51 AM) (Source: Bonjour Service)(User: )
Description: ERROR: mDNSPlatformReadTCP - recv: 10053
 
Error: (02/08/2015 03:45:51 AM) (Source: Bonjour Service)(User: )
Description: 460: ERROR: read_msg errno 0 (The operation completed successfully.)
 
 
CodeIntegrity Errors:
===================================
  Date: 2015-01-13 04:12:36.654
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\dfdd320f4e4b1e8530f72d37ce93f294\mrt.exe because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-01-13 04:12:35.515
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\dfdd320f4e4b1e8530f72d37ce93f294\mrt.exe because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-12-18 01:11:22.042
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\dfdd320f4e4b1e8530f72d37ce93f294\mrt.exe because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-12-18 01:11:20.901
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\dfdd320f4e4b1e8530f72d37ce93f294\mrt.exe because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-08-27 21:54:21.883
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\dfdd320f4e4b1e8530f72d37ce93f294\mrt.exe because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-08-27 21:54:20.525
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\dfdd320f4e4b1e8530f72d37ce93f294\mrt.exe because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-05-31 16:34:14.079
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\dfdd320f4e4b1e8530f72d37ce93f294\mrt.exe because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-05-31 16:34:12.933
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\dfdd320f4e4b1e8530f72d37ce93f294\mrt.exe because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-02-04 13:26:33.751
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\dfdd320f4e4b1e8530f72d37ce93f294\mrt.exe because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-10-21 08:46:18.287
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\dfdd320f4e4b1e8530f72d37ce93f294\mrt.exe because the set of per-page image hashes could not be found on the system.
 
 
 
=========================== Installed Programs ============================
µTorrent (HKCU\...\uTorrent) (Version: 3.3.2.30180 - BitTorrent Inc.)
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Arena 3.5 (HKLM\...\Arena 3.5_is1) (Version:  - )
Audacity 2.0.6 (HKLM\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
BitRaider Streaming Client (HKLM\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
Calibrize 2.0 (HKLM\...\Calibrize_is1) (Version:  - Colorjinn)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Dragon Age: Origins (HKLM\...\{AEC81925-9C76-4707-84A9-40696C613ED3}) (Version: 1.00 - Electronic Arts, Inc.)
Google Chrome (HKLM\...\Google Chrome) (Version: 40.0.2214.111 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden
Intel® Chipset Device Software (Version: 10.0.13 - Intel Corporation) Hidden
Intel® Chipset Device Software (Version: 10.0.13 - Intel® Corporation) Hidden
Intel® Control Center (HKLM\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Driver Update Utility 2.0 (Version: 2.0.0.29 - Intel) Hidden
Intel® Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2993 - Intel Corporation)
Intel® Driver Update Utility (HKLM\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel)
Levelator (HKLM\...\Levelator_is1) (Version:  - The Conversations Network)
Magic 2015 (HKLM\...\Steam App 255420) (Version:  - Stainless Games)
Magic The Gathering Online  (HKCU\...\35c9d60442fbb010) (Version: 3.4.82.408 - Wizards of the Coast)
Manga Studio (HKLM\...\{CFA66508-B19D-4032-AB0A-EBBA2BDF1368}) (Version: 5.0.5 - Smith Micro)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 (Version: 4.5.50709 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4023.1211 - Microsoft Corporation)
Microsoft OneNote 2013 - en-us (HKLM\...\OneNoteFreeRetail - en-us) (Version: 15.0.4675.1003 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft WSE 3.0 Runtime (HKLM\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 4.0 (HKLM\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (Version: 1.00.0000 - Adobe) Hidden
Mozilla Firefox 34.0.5 (x86 en-US) (HKLM\...\Mozilla Firefox 34.0.5 (x86 en-US)) (Version: 34.0.5 - Mozilla)
Office 15 Click-to-Run Extensibility Component (Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Origin (HKLM\...\Origin) (Version: 9.5.1.571 - Electronic Arts, Inc.)
Process Hacker 2.33 (r5590) (HKLM\...\Process_Hacker2_is1) (Version: 2.33.0.5590 - wj32)
Sid Meier's Civilization 4 Complete (HKLM\...\{30D1F3D2-54CF-481D-A005-F94B0E98FEEC}) (Version: 1.74 - Firaxis Games)
SlimCleaner (HKLM\...\{6B8D6199-EE44-4FD7-813A-6D8C62C9B384}) (Version: 4.0.30878 - SlimWare Utilities, Inc.)
Spotify (HKCU\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Star Wars The Old Republic (HKLM\...\swtor_swtor) (Version: 8.0.0.5 - Bioware/EA)
Star Wars®: Knights of the Old Republic ™ (HKLM\...\{2A9A40C7-6670-4D5F-8F41-D12E2E08B48B}) (Version:  - )
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: 4.5.2f1 - Unity Technologies ApS)
 
========================= Devices: ================================
 
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 33%
Total physical RAM: 2991.43 MB
Available physical RAM: 1985.52 MB
Total Pagefile: 5981.15 MB
Available Pagefile: 4917.39 MB
Total Virtual: 2047.88 MB
Available Virtual: 1942.98 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:931.41 GB) (Free:100.17 GB) NTFS
3 Drive m: (DragonAge) (CDROM) (Total:7.72 GB) (Free:0 GB) CDFS
 
========================= Users: ========================================
 
User accounts for \\GAB-PC
 
Administrator            Gab                      Gabby                    
Guest                    
 
========================= Minidump Files ==================================
 
No minidump file found
 
========================= Restore Points ==================================
 
22-01-2015 07:09:58 Scheduled Checkpoint
29-01-2015 08:00:14 Scheduled Checkpoint
03-02-2015 12:09:49 Installed Splashtop Streamer.
08-02-2015 06:43:44 Removed Splashtop Streamer.
08-02-2015 06:47:12 Removed Splashtop Streamer.
 
**** End of log ****


#4 commandershepard

commandershepard
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:08:34 PM

Posted 09 February 2015 - 09:17 AM

BTW the Splashtop Streamer was installed by me to connect to my Android tablet. Thanks



#5 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:04:34 AM

Posted 12 February 2015 - 06:05 AM

Hi

Please do the following next:

:step1:

Going over your logs I noticed that you have utorrent installed.
  • Avoid peer-to-peer (P2P) file sharing programs.
  • They are a security risk which can make your computer susceptible to a wide variety of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.
  • P2p programs share a directory or set of directories on your computer to the world. Anyone can type in a search, and potentially download something from your computer. This makes the machine an open web server -- massively increasing the attack surface of the machine.
  • To reduce the risk of infection avoid using any P2P applications.
  • It is pretty much certain that if you continue to use P2P programs, you will get infected again.
    I would recommend that you uninstall utorrent, however that choice is up to you.

    If you choose to remove these programs, you can do so via:

    For Windows Vista / 7 / 8:
    • Click the "Windows Orb" button - start%20orb%20normal_thumb.png.
    • Click Control Panel then Programs and Features..
    For Windows XP:
    • Click the StartBtn.gif button.
    • Click Control Panel then Add/Remove Programs.
    If you wish to keep it, please do not use it until your computer is cleaned.

    :step2:
    • Launch Malwarebytes' Anti-Malware (MBAM)
    • Click on the tab update, then click Check for Updates
    • If an update is found, it will download and install the latest version.
    • Then on the Scan tab select Custom Scan, then click Start Scan.
    • When the scan is complete, click OK, then Show Results to view the results.
    • Be sure that everything is checked, and click Remove Selected.
    • When completed, a log will open in Notepad.
    • Post the log in your next reply.
    Note: Be sure to restart the computer.

    The log can also be found here:
    C:\Documents and Settings\<Username>\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
    Or at C:\Users\<Username>\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt


    :step3:

    I'd like us to scan your machine with ESET Online Scanner:

    Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.

    Note: Vista / Windows 7 / Windows 8 users: You will need to to right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from the context menu.
    • Hold down Control and click on this link to open ESET OnlineScan in a new window.
    • Click the esetonlinebtn.png button.
    • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
      • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
      • Double click on the esetsmartinstaller_enu.png
        icon on your desktop.
    • Check "YES, I accept the Terms of Use."
    • Click the Start button.
    • Accept any security warnings from your browser.
    • Under scan settings, check "Scan Archives" and "Remove found threats"
    • Click Advanced settings and select the following:
      • Scan potentially unwanted applications
      • Scan for potentially unsafe applications
      • Enable Anti-Stealth technology
    • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
    • When the scan completes, click List Threats
    • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
    • On ESET: Click the Back button, then the Finish button.
    Note: Do not forget to re-enable your Anti-Virus application after running the above scan!


    :step4:

    How is the computer running now?

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#6 commandershepard

commandershepard
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:08:34 PM

Posted 12 February 2015 - 06:32 AM

Hi, I will do what you recommended but after doing some more research on the net I suspect that my roommate may be using a program like Spector Soft. If you could recommend anything that can remove this and prevent it I would be really happy. Thanks again



#7 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:04:34 AM

Posted 12 February 2015 - 08:43 AM

Hi

but after doing some more research on the net I suspect that my roommate may be using a program like Spector Soft. If you could recommend anything that can remove this and prevent it I would be really happy

Please follow my previous instructions first. We can look into this question of yours later.
 


Edited by dev00790, 12 February 2015 - 08:43 AM.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#8 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:04:34 AM

Posted 15 February 2015 - 09:05 AM

Hi. It's been 2 days since my last post. Do you still need help?


Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#9 commandershepard

commandershepard
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:08:34 PM

Posted 15 February 2015 - 11:11 AM

Hi, sorry for the late post. I've been busy lately. My computer has been running normally. Here are the logs:

 

Malwarebytes

 

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 2/15/2015
Scan Time: 1:03:10 AM
Logfile: Malwarebytes Log.txt
Administrator: Yes
 
Version: 2.00.4.1028
Malware Database: v2015.02.14.03
Rootkit Database: v2015.02.03.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 7 Service Pack 1
CPU: x86
File System: NTFS
User: Gab
 
Scan Type: Custom Scan
Result: Completed
Objects Scanned: 374286
Time Elapsed: 16 min, 46 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Disabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 2
PUP.Optional.OmigaPlus.A, C:\Users\Gab\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_isearch.omiga-plus.com_0.localstorage, Quarantined, [8dce77a74f3b38fe4cb72673f60d32ce], 
PUP.Optional.OmigaPlus.A, C:\Users\Gab\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_isearch.omiga-plus.com_0.localstorage-journal, Quarantined, [a7b44dd1f29868ce71925148937020e0], 
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
 
 
ESET
 
 
C:\AdwCleaner\Quarantine\C\Program Files\SourceApp\SourceAppbho.dll.vir a variant of Win32/BrowseFox.O potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\SourceApp\SourceAppUn.exe.vir a variant of MSIL/BrowseFox.G potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\SourceApp\SourceAppUninstall.exe.vir Win32/BrowseFox.C potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\SourceApp\bin\a41197ef0b954642a2a8.dll.vir a variant of Win32/BrowseFox.N potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\SourceApp\bin\a41197ef0b954642a2a864.dll.vir a variant of Win64/BrowseFox.CI potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\SourceApp\bin\SourceApp.BrowserAdapter64.exe.vir a variant of Win64/BrowseFox.CN potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\SourceApp\bin\SourceApp.expextdll.dll.vir a variant of Win64/BrowseFox.CJ potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\SourceApp\bin\{a41197ef-0b95-4642-a2a8-7ab88e13264c}.dll.vir a variant of Win32/BrowseFox.M potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\SourceApp\bin\{a41197ef-0b95-4642-a2a8-7ab88e13264c}64.dll.vir a variant of Win64/BrowseFox.CK potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\SourceApp\bin\plugins\SourceApp.Bromon.dll.vir a variant of MSIL/BrowseFox.G potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\SourceApp\bin\plugins\SourceApp.BroStats.dll.vir a variant of MSIL/BrowseFox.G potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\SourceApp\bin\plugins\SourceApp.BrowserAdapter.dll.vir a variant of MSIL/BrowseFox.L potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\SourceApp\bin\plugins\SourceApp.CompatibilityChecker.dll.vir a variant of MSIL/BrowseFox.G potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\SourceApp\bin\plugins\SourceApp.ExpExt.dll.vir a variant of MSIL/BrowseFox.L potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\SourceApp\bin\plugins\SourceApp.FFUpdate.dll.vir a variant of MSIL/BrowseFox.L potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\SourceApp\bin\plugins\SourceApp.GCUpdate.dll.vir a variant of MSIL/BrowseFox.L potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\SourceApp\bin\plugins\SourceApp.IEUpdate.dll.vir a variant of MSIL/BrowseFox.L potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\SourceApp\bin\plugins\SourceApp.PurBrowse.dll.vir a variant of MSIL/BrowseFox.L potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\SourceApp\bin\plugins\SourceApp.Repmon.dll.vir a variant of MSIL/BrowseFox.G potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\STab\BrowerWatchCH.dll.vir Win32/ELEX.BM potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\STab\BrowerWatchFF.dll.vir Win32/ELEX.BM potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\STab\BrowserAction.dll.vir Win32/ELEX.BM potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\STab\IeWatchDog.dll.vir Win32/ELEX.BM potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\STab\ProtectService.exe.vir Win32/ELEX.BM potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe.vir a variant of Win32/ELEX.BH potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Windows\system32\drivers\{825c5be7-672f-4c14-9929-48a3a5e1a660}w.sys.vir a variant of Win64/BrowseFox.J potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Windows\system32\drivers\{8ce1c375-1e13-43f7-a4fd-6530f47c4fde}Gw.sys.vir a variant of Win64/BrowseFox.J potentially unwanted application deleted - quarantined
C:\Child of Light\steam_api.dll a variant of Win32/HackTool.Crack.CS potentially unsafe application deleted - quarantined
C:\Program Files\Child of Light\steam_api.dll a variant of Win32/HackTool.Crack.CS potentially unsafe application deleted - quarantined
C:\Program Files\Image-Line\FL Studio 11\fl.studio.producer.edition.v11.0.3.rc3.(signature.bundle)-patch.exe a variant of Win32/HackTool.Patcher.AD potentially unsafe application deleted - quarantined
C:\Program Files\Metal Slug 3\steam_api.dll a variant of Win32/HackTool.Crack.CS potentially unsafe application deleted - quarantined
C:\Program Files\R.G. Mechanics\Child of Light\steam_api.dll a variant of Win32/HackTool.Crack.CS potentially unsafe application deleted - quarantined
C:\Program Files\REAPER\patch.x86.exe a variant of Win32/HackTool.Patcher.AD potentially unsafe application deleted - quarantined
C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSS.exe a variant of Win32/Systweak.L potentially unwanted application deleted - quarantined
C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSSHelper.dll a variant of Win32/Systweak.N potentially unwanted application deleted - quarantined
C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSSPrivacyProtector.exe a variant of Win32/Systweak.L potentially unwanted application deleted - quarantined
C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSSRegClean.exe a variant of Win32/Systweak potentially unwanted application deleted - quarantined
C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSSRegistryOptimizer.exe a variant of Win32/Systweak.L potentially unwanted application deleted - quarantined
C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSSSystemCleaner.exe a variant of Win32/Systweak.L potentially unwanted application deleted - quarantined
C:\Qoobox\Quarantine\C\ProgramData\saFe save\51ece214e3bc6.dll.vir a variant of Win32/Adware.MultiPlug.I application cleaned by deleting - quarantined
C:\Temp\Runner2.exe MSIL/Riskware.ShimChanger.A application cleaned by deleting - quarantined
C:\Temp\Runner4.exe MSIL/Riskware.ShimChanger.A application cleaned by deleting - quarantined
C:\Temp\ttv.exe Win32/Adware.1ClickDownload.AY application cleaned by deleting - quarantined
C:\Users\Gab\AppData\Local\Temp\Bunndle\BunndleOfferManager.dll a variant of Win32/Bunndle potentially unsafe application deleted - quarantined
C:\Users\Gab\Downloads\ccsetup412.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted - quarantined
C:\Users\Gab\Downloads\cdbxp_setup_4.5.2.4478.exe Win32/OpenCandy potentially unsafe application deleted - quarantined
C:\Users\Gab\Downloads\Crysis_3-_Hunter_Edition_[v_1.3]_(2013)_PC_-_RePack__R_G.OldGames (1).exe multiple threats cleaned by deleting - quarantined
C:\Users\Gab\Downloads\Crysis_3-_Hunter_Edition_[v_1.3]_(2013)_PC_-_RePack__R_G.OldGames (2).exe multiple threats cleaned by deleting - quarantined
C:\Users\Gab\Downloads\Crysis_3-_Hunter_Edition_[v_1.3]_(2013)_PC_-_RePack__R_G.OldGames.exe multiple threats cleaned by deleting - quarantined
C:\Users\Gab\Downloads\CR_Downloader_for_pokemon-emerald.exe a variant of Win32/InstallCore.OI potentially unwanted application deleted - quarantined
C:\Users\Gab\Downloads\CR_Downloader_for_visual-boy-advance.exe a variant of Win32/InstallCore.OI potentially unwanted application deleted - quarantined
C:\Users\Gab\Downloads\DTLite4491-0356.exe Win32/DownWare.L potentially unwanted application deleted - quarantined
C:\Users\Gab\Downloads\eMu3Ds_Setup.zip multiple threats deleted - quarantined
C:\Users\Gab\Downloads\InternationalPrimoPDF.exe Win32/OpenCandy potentially unsafe application deleted - quarantined
C:\Users\Gab\Downloads\WinZip175.exe a variant of Win32/OpenInstall potentially unwanted application deleted - quarantined
C:\Users\Gab\Downloads\Child.of.Light-RELOADED\rld-chofli.iso a variant of Win32/HackTool.Crack.CS potentially unsafe application deleted - quarantined
C:\Users\Gab\Downloads\Child.of.Light-RELOADED\rld-chofli\Crack\steam_api.dll a variant of Win32/HackTool.Crack.CS potentially unsafe application deleted - quarantined
C:\Users\Gab\Downloads\Cockos Reaper v4.57 (x86-x64) Cracked-F4CG [TorDigger]\x64\patch.x64.exe a variant of Win32/HackTool.Patcher.AD potentially unsafe application deleted - quarantined
C:\Users\Gab\Downloads\Cockos Reaper v4.57 (x86-x64) Cracked-F4CG [TorDigger]\x86\patch.x86.exe a variant of Win32/HackTool.Patcher.AD potentially unsafe application deleted - quarantined
C:\Users\Gab\Downloads\Garden State (2004)\Goldeneye 007 Reloaded (2011) [Xbox360][RegFree][MULTi5][XDG3][WwW.ZoNaTorrent.CoM]\XDG3\SetupImgBurn_2.5.6.0.exe a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application deleted - quarantined
C:\Users\Gab\Downloads\Smith Micro Manga Studio EX 5.0.5 (keygen XForce) [ChingLiu]\Keygen X-Force\xf-sms505ex.exe a variant of Win32/Keygen.HA potentially unsafe application deleted - quarantined
C:\Windows\Installer\15bef77.msi a variant of Win32/Systweak.L potentially unwanted application deleted - quarantined
 
 
 


#10 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:04:34 AM

Posted 17 February 2015 - 09:58 PM

Hi

 

Please do the following next:

 

:step1:

 

C:\Program Files\Metal Slug 3\steam_api.dll a variant of Win32/HackTool.Crack.CS potentially unsafe application deleted - quarantined

 

Please do not use Hacktools, Cracks or Keygens going forward since they are illegal.

We'ld advise unistalling them.

 

:step2:

 

There are indications that Combofix has been run on the Computer in the past hence:

 

With the information you have provided I believe you will need help from the malware removal team. I would like you to start a new thread HERE and include a link to this thread. Please make sure that you read the information about getting started before you start your thread.

It would be helpful if you post a note here once you have completed the steps in the guide and have started your topic in malware removal. Good luck and be patient. Help is on the way!


Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#11 commandershepard

commandershepard
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:08:34 PM

Posted 20 February 2015 - 12:10 PM

Hi, I've posted on the thread you suggested. Thanks for the help again 



#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,430 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:34 AM

Posted 20 February 2015 - 03:30 PM

New topic here

http://www.bleepingcomputer.com/forums/t/567719/help-with-removing-spyware-possibly-installed-by-roommate/#entry3634030

Now that your log is properly posted, you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a Malware Removal Team member, nor should you continue to ask for help elsewhere. Doing so can result in system changes which may not show it the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.
From this point on the Malware Removal Team should be the only members that you take advice from, until they have verified your log as clean.
Please be patient. It may take a while to get a response because the Malware Removal Team members are very busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the Malware Removal Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another MRL Team member is already assisting you and not open the thread to respond.
The current wait time is 1 - 3 days and ALL logs are answered.
If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.
To avoid confusion, I am closing this topic.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users