Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Fake Facebook infection?


  • Please log in to reply
6 replies to this topic

#1 Kev35

Kev35

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Local time:01:10 PM

Posted 16 June 2016 - 07:40 PM

Hi, my mom was using my computer to check her Facebook page and she  clicked on a link then a screen came up and said to call Micosoft because I was hacked so closed it and not sure if anything happened



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,035 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:10 PM

Posted 18 June 2016 - 10:06 AM

Lets scan the machine.

3Al62Pm.pngMiniToolBox
  • Please download MiniToolBox, save it to your desktop and run it.
  • Checkmark the following checkboxes:
    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP configuration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
SXvL3ZF.pngTDSSKiller
  • Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is required, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
zcMPezJ.pngAdwCleaner
  • Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool. Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
lv0mVRW.pngJunkware Removal Tool
  • Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
cvMlKv6.pngESET Online Scanner
  • Click here to download the installer for ESET Online Scanner and save it to your Desktop.
  • Disable all your antivirus and antimalware software - see how to do that here.
  • Right click on esetsmartinstaller_enu.exe and select Run as Administrator.
  • Place a checkmark in YES, I accept the Terms of Use, then click Start. Wait for ESET Online Scanner to load its components.
  • Select Enable detection of potentially unwanted applications.
  • Click Advanced Settings, then place a checkmark in the following:
    • Remove found threats
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Click Start to begin scanning.
  • ESET Online Scanner will start downloading signatures and scan. Please be patient, as this scan can take quite some time.
  • When the scan is done, click List threats (only available if ESET Online Scanner found something).
  • Click Export, then save the file to your desktop.
  • Click Back, then Finish to exit ESET Online Scanner.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 Kev35

Kev35
  • Topic Starter

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Local time:01:10 PM

Posted 18 June 2016 - 11:19 AM

MiniToolBox by Farbar  Version: 17-06-2016
Ran by Kev (administrator) on 18-06-2016 at 12:12:52
Running from "C:\Users\Kev\Downloads"
Microsoft Windows 10 Home  (X64)
Model:  Manufacturer:
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================
========================= IP Configuration: ================================

Intel® 82579V Gigabit Network Connection = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global
set interface interface="Local Area Connection* 2" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : Kev-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : gha.chartermi.net

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . : gha.chartermi.net
   Description . . . . . . . . . . . : Intel® 82579V Gigabit Network Connection
   Physical Address. . . . . . . . . : 00-22-4D-7C-76-80
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv4 Address. . . . . . . . . . . : 75.128.130.138(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.248.0
   Lease Obtained. . . . . . . . . . : Saturday, June 18, 2016 12:07:31 PM
   Lease Expires . . . . . . . . . . : Saturday, June 18, 2016 1:07:30 PM
   Default Gateway . . . . . . . . . : 75.128.128.1
   DHCP Server . . . . . . . . . . . : 68.114.39.170
   DNS Servers . . . . . . . . . . . : 71.10.216.1
                                       71.10.216.2
   NetBIOS over Tcpip. . . . . . . . : Enabled
Server:  rns01.charter.com
Address:  71.10.216.1

DNS request timed out.
    timeout was 2 seconds.
Name:    google.com
Addresses:  2607:f8b0:4002:c07::64
      64.233.177.101
      64.233.177.138
      64.233.177.102
      64.233.177.100
      64.233.177.139
      64.233.177.113


Pinging google.com [64.233.176.102] with 32 bytes of data:
Reply from 64.233.176.102: bytes=32 time=48ms TTL=40
Reply from 64.233.176.102: bytes=32 time=49ms TTL=40

Ping statistics for 64.233.176.102:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 48ms, Maximum = 49ms, Average = 48ms
Server:  rns01.charter.com
Address:  71.10.216.1

DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
Name:    yahoo.com
Addresses:  2001:4998:c:a06::2:4008
      2001:4998:44:204::a7
      2001:4998:58:c02::a9


Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=83ms TTL=45
Reply from 206.190.36.45: bytes=32 time=81ms TTL=45

Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 81ms, Maximum = 83ms, Average = 82ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
  4...00 22 4d 7c 76 80 ......Intel® 82579V Gigabit Network Connection
  1...........................Software Loopback Interface 1
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0     75.128.128.1   75.128.130.138     10
     75.128.128.0    255.255.248.0         On-link    75.128.130.138    266
   75.128.130.138  255.255.255.255         On-link    75.128.130.138    266
   75.128.135.255  255.255.255.255         On-link    75.128.130.138    266
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link    75.128.130.138    266
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link    75.128.130.138    266
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
  1    306 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\WINDOWS\SysWOW64\NLAapi.dll [65024] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\SysWOW64\napinsp.dll [55808] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70656] (Microsoft Corporation)
Catalog5 04 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70656] (Microsoft Corporation)
Catalog5 05 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog5 06 C:\WINDOWS\SysWOW64\winrnr.dll [23552] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128] (Apple Inc.)
Catalog9 01 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [80896] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [87040] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [87040] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [31744] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [133392] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================

System errors:
=============
Error: (06/18/2016 12:07:56 PM) (Source: DCOM) (User: Kev-PC)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}Kev-PCKevS-1-5-21-1504955324-1184899576-4281465904-1000LocalHost (Using LRPC)UnavailableUnavailable

Error: (06/18/2016 12:07:56 PM) (Source: DCOM) (User: Kev-PC)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}Kev-PCKevS-1-5-21-1504955324-1184899576-4281465904-1000LocalHost (Using LRPC)UnavailableUnavailable

Error: (06/18/2016 12:07:55 PM) (Source: DCOM) (User: Kev-PC)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}Kev-PCKevS-1-5-21-1504955324-1184899576-4281465904-1000LocalHost (Using LRPC)UnavailableUnavailable

Error: (06/18/2016 12:07:55 PM) (Source: DCOM) (User: Kev-PC)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}Kev-PCKevS-1-5-21-1504955324-1184899576-4281465904-1000LocalHost (Using LRPC)UnavailableUnavailable

Error: (06/18/2016 12:07:33 PM) (Source: Service Control Manager) (User: )
Description: The NetTcpActivator service depends on the NetTcpPortSharing service which failed to start because of the following error:
%%1058 = The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.


Error: (06/18/2016 12:07:32 PM) (Source: Service Control Manager) (User: )
Description: The WMPNetworkSvc service depends on the WSearch service which failed to start because of the following error:
%%1058 = The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.


Error: (06/18/2016 01:25:18 AM) (Source: Service Control Manager) (User: )
Description: The Sync Host_2774d service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2016-06-18 12:09:26.508
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-17 08:12:00.353
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-15 21:08:28.099
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-05-14 20:08:26.662
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-05-11 19:31:20.060
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-14 18:24:47.435
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-12 18:55:40.354
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-06 18:50:14.545
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-23 18:29:16.985
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-20 11:27:38.659
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


=========================== Installed Programs ============================

64 Bit HP CIO Components Installer (HKLM\...\{55D55008-E5F6-47D6-B16F-B2A40D4D145F}) (Version: 6.2.1 - Hewlett-Packard) Hidden
9-lab Removal Tool (HKLM-x32\...\9-lab Removal Tool) (Version:  - )
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.016.20045 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.192 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.5.155 - Adobe Systems, Inc.)
Adobe Shockwave Player 12.2 (HKLM-x32\...\{C1F3739C-D31D-4062-8788-29261C4A2A68}) (Version: 12.2.4.194 - Adobe Systems, Inc)
Age of Empires III: Complete Collection (HKLM-x32\...\{4541091F-1F3D-4BA3-A5A3-F71000000100}) (Version: 1.0.0000.1 - Microsoft Game Studios) Hidden
Age of Empires III: Complete Collection (HKLM-x32\...\GFWL_{4541091F-1F3D-4BA3-A5A3-F71000000100}) (Version: 1.0.0000.1 - Microsoft Game Studios)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
AntiLogger Free version 1.8.2.198 (HKLM-x32\...\{A80DB23D-0618-405B-89D9-28F99814E287}_is1) (Version: 1.8.2.198 - Zemana Ltd.)
Apple Application Support (32-bit) (HKLM-x32\...\{26356515-5821-40FA-9C3D-9785052A1062}) (Version: 4.3.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{C2651553-6CA3-4822-B2E6-BC4ACA6E0EA2}) (Version: 4.3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Babel Rising (HKLM-x32\...\Steam App 204840) (Version:  - Mando productions)
BlueStacks App Player (HKLM-x32\...\{D080F290-4B2A-4C67-9757-63DA0C6E8855}) (Version: 2.0.0.1011 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Bounce Metronome (remove only) (HKLM-x32\...\Bounce Metronome) (Version:  - )
Brain Spa (HKLM-x32\...\Brain Spa) (Version:  - )
Catalyst Control Center Next Localization BR (HKLM\...\{E9FCBCA6-B640-BC24-2421-269E77FD02EB}) (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{3177480E-9364-D504-6944-30074551E934}) (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{44FE1644-EDE2-181E-1306-30A38EC9954C}) (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{39722D5E-22CC-AD1A-2DCF-F6A82EAA11EA}) (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{72F286EC-9E02-9BB4-05E4-7474557AAA77}) (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{CCC54BB5-5278-2E3E-7F99-401CDF93B9A2}) (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{61D499A4-7054-6BE0-565F-D426740D4796}) (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{899D78B5-6CC0-555D-7943-327447DCBE7D}) (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{B0F6C9EE-EC57-D6D8-96F9-C490B0198547}) (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{C22DDF07-59F5-BA4E-7058-7E894E4C960B}) (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{7318F79A-D1D5-74EF-5F0E-21D8BC79413D}) (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{233F1B62-FC39-A7BD-B2E9-43EF05CA97E0}) (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{25679A80-0DF7-EFBA-2686-3333B3AA9220}) (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{305C1CE5-C4F8-C65B-E334-B193AECFF49C}) (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{94AEEE03-D17F-9E1A-95DF-9DD9B2906189}) (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{8829CC83-C9A5-B471-5796-55FE6099FD3B}) (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{6C36F215-AE3A-9BA3-779B-B9E44518A5FB}) (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{56A90BB4-F4B4-5106-CB1A-9ECCCE13DC3E}) (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{235371F3-FF77-AC03-0856-12AD9D6239F4}) (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{2C8498CD-BA4F-D820-3C2D-36F1152C71D3}) (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{19D9E938-3CD5-438F-04FE-782C7BE308A0}) (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.18 - Piriform)
Command & Conquer™ 3 Tiberium Wars and Kane's Wrath (HKLM-x32\...\{35A2FE53-CC80-4D17-941F-3A7C82824FC7}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Command & Conquer™ 4 Tiberian Twilight (HKLM-x32\...\{BA4C8F9F-D81B-4AFE-AE5A-3837830F5B89}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Command & Conquer™ and The Covert Operations™ (HKLM-x32\...\{050E298D-C9B8-4582-A332-26201268A297}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Command & Conquer™ Red Alert 2 and Yuri’s Revenge (HKLM-x32\...\{F5275D1C-D133-486D-8F07-D6C571F0A8EC}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Command & Conquer™ Red Alert, Counterstrike and The Aftermath (HKLM-x32\...\{25456D58-2414-4CC4-AA1B-CF3A2BE00A79}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Command & Conquer™ Red Alert™ 3 and Uprising (HKLM-x32\...\{3C315BF7-4B64-4024-8102-174A197437FA}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Command & Conquer™ Renegade (HKLM-x32\...\{97B5E8B9-D5E6-49C4-8CDA-7E096BE2601A}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Command & Conquer™ The Ultimate Collection Additional Content (HKLM-x32\...\{1A882F29-BC18-4AC2-A71E-0FC30FA32568}) (Version: 1.0.0.0 - Electronic Arts)
Command & Conquer™ Tiberian Sun™ and Firestorm™ (HKLM-x32\...\{517FAF1E-3045-49DE-8079-107C2851389E}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Command & Conquer™: Generals and Zero Hour (HKLM-x32\...\{609F6FD5-4B22-4D7A-AD30-8C9DD480D5BE}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
CrystalDiskInfo 6.6.0 Shizuku Edition (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.6.0 - Crystal Dew World)
CyberLink BD Advisor 2.0 (HKLM-x32\...\{2D2D8FE2-605C-4D3C-B706-36E981E7EEF0}) (Version:  - )
CyberLink Blu-ray Disc Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.3226 - CyberLink Corp.)
CyberLink LG Burning Tool (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.2.3714 - CyberLink Corp.)
CyberLink PowerProducer (HKLM-x32\...\InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 5.0.1.1520 - CyberLink Corp.)
Dead Space™ (HKLM-x32\...\{9789E33B-317A-44B2-AF9A-FF8708AD93E0}) (Version: 1.0.0.222 - Electronic Arts)
Diskeeper 12 Home (HKLM\...\{1A6D6767-B771-4752-81C2-1CC30BE941BA}) (Version: 16.0.1017.64 - Condusiv Technologies)
Download Lucid logix Virtu (HKLM-x32\...\{549158FF-FC69-468D-A380-12157F90D170}) (Version: 1.0.0 - Intel Corporation)
Empire: Total War (HKLM-x32\...\Steam App 10500) (Version:  - The Creative Assembly)
ESET Smart Security (HKLM\...\{0C26C0D5-9A65-45B6-83CE-AF5105212A06}) (Version: 9.0.375.0 - ESET, spol. s r.o.)
Fallout 4 (HKLM-x32\...\Steam App 377160) (Version:  - Bethesda Game Studios)
Guitar Pro 6 Demo (HKLM-x32\...\{14A487F2-1259-4E6C-AE3C-3C888DDBCB60}_is1) (Version:  - Arobas Music)
Heaven Benchmark version 4.0 (HKLM-x32\...\Unigine Heaven Benchmark (Basic Edition)_is1) (Version: 4.0 - Unigine Corp.)
HP Deskjet 1510 series Basic Device Software (HKLM\...\{D17E60E8-478A-4D4A-8147-21D481B5CA55}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
HP Deskjet 1510 series Help (HKLM-x32\...\{2E25FCEB-EFCB-4696-AA01-D3CBAC721831}) (Version: 30.0.0 - Hewlett Packard)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Support Solutions Framework (HKLM-x32\...\{96D12EC9-720B-45FB-904C-36D6307A1C76}) (Version: 11.51.0048 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{E35601C0-BA8E-4F32-919A-C7EF4CA81F67}) (Version: 11.51.0048 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (HKLM-x32\...\{B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D}) (Version: 1.00.0001 - Microsoft) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel® Corporation) Hidden
Intel® Desktop Utilities (HKLM-x32\...\{F01CBA59-B5BD-4608-A834-1CBE8C292A71}) (Version: 1.0.0 - Intel Corporation)
Intel® Driver Update Utility 2.4 (HKLM-x32\...\{1766DD04-5D4D-40BC-953A-D80624BCC063}) (Version: 2.4.0.7 - Intel) Hidden
Intel® Driver Update Utility 2.4 (HKLM-x32\...\{FE96516D-D1A0-48FB-9AF5-DE4FB010395C}) (Version: 2.4.0.5 - Intel) Hidden
Intel® Integrator Toolkit 5 (HKLM-x32\...\{E7597FFE-2C87-4939-89E6-38EF01C247DF}) (Version: 1.0.0 - Intel Corporation)
Intel® Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{0EC7F9CC-4741-45AE-9F55-6E9343F726F5}) (Version: 1.1.0.36960 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel® Network Connections 20.2.4001.0 (HKLM\...\PROSetDX) (Version: 20.2.4001.0 - Intel)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.10.255 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{270e4d1a-19f9-46c3-93b3-e61d4a24ab9f}) (Version: 2.4.0.5 - Intel)
Intel® Driver Update Utility (HKLM-x32\...\{561b5fb5-1d4d-40e8-b3e4-ad52858b217c}) (Version: 2.4.0.7 - Intel)
iTunes (HKLM\...\{9F4BF859-C3A4-4AB6-BDD1-9C5D58188598}) (Version: 12.4.1.6 - Apple Inc.)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
LG Tool Kit (HKLM-x32\...\{6179550A-3E7C-499E-BCC9-9E8113E0A285}) (Version: 10.01.0712.01 - )
Major League Baseball 2K11 (HKLM-x32\...\{96A628B7-93D6-46CC-9E74-02F7D2E21E96}) (Version: 1.0.0 - 2K Sports)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 47.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 47.0 (x86 en-US)) (Version: 47.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.0.5999 - Mozilla)
Musicnotes Player V1.40.3 and Viewer V1.20.0 (HKLM-x32\...\Musicnotes Player_is1) (Version: 1.40.3 - Musicnotes Inc.)
Origin (HKLM-x32\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.)
Pavtube Video Converter Ver 4.6.0.5344 (HKLM-x32\...\{B4EE51E6-2C80-4B04-BDE0-ED4E87BEFECD}_is1) (Version:  - )
PerformanceTest v7.0 (64-bit) (HKLM\...\PerformanceTest 7_is1) (Version: 7.0 - Passmark Software)
PlaysTV (HKLM-x32\...\PlaysTV) (Version: 1.9.2-r111395-release - Plays.tv, LLC)
PurgeFox - 5.03 (HKLM-x32\...\PurgeFox_is1) (Version: 5.03 - Assistance and Resources for Computing, Inc.)
Raptr (HKLM-x32\...\Raptr) (Version: 5.2.0-r112326-release - Raptr, Inc)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.21236 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7553 - Realtek Semiconductor Corp.)
Riffstation Trial version 1.531 (HKLM-x32\...\{91CCBC53-0045-4F53-9907-785159683401}_is1) (Version: 1.531 - Sonic Ladder Ltd)
SDFormatter (HKLM-x32\...\{179324FF-7B16-4BA8-9836-055CAAEE4F08}) (Version: 4.0.0 - SD Association)
SeaTools for Windows (HKLM-x32\...\SeaTools for Windows) (Version:  - Seagate Technology)
Security Task Manager 2.0d (HKLM-x32\...\Security Task Manager) (Version: 2.0d - Neuber Software)
Speccy (HKLM\...\Speccy) (Version: 1.29 - Piriform)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab (HKLM-x32\...\{F89CDED6-B1F1-489F-BA44-698BF6A737C2}) (Version: 6.1.6.0 - Husdawg, LLC)
System Requirements Lab for Intel (HKLM-x32\...\{04C4B49D-45D9-4A28-9ED1-B45CBD99B8C7}) (Version: 4.5.24.0 - Husdawg, LLC)
TreeSize Free V3.2.1 (HKLM-x32\...\TreeSize Free_is1) (Version: 3.2.1 - JAM Software)
Tweaking.com - Hardware Identify (HKLM-x32\...\Tweaking.com - Hardware Identify) (Version: 1.1.0 - Tweaking.com)
Tweaking.com - Simple System Tweaker (HKLM-x32\...\Tweaking.com - Simple System Tweaker) (Version: 2.1.0 - Tweaking.com)
Tweaking.com - Technicians Toolbox (HKLM-x32\...\Tweaking.com - Technicians Toolbox) (Version: 1.0.0 - Tweaking.com)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: 5.0.1f1 - Unity Technologies ApS)
Universal Adb Driver (HKLM-x32\...\{D9C4202E-6D51-4B06-A8F1-22316E654BCA}) (Version: 1.0.0 - ClockworkMod)
Vulkan Run Time Libraries 1.0.3.1 (HKLM\...\VulkanRT1.0.3.1) (Version: 1.0.3.1 - LunarG, Inc.)
WestwoodChat (HKLM-x32\...\{7CAE6A67-AF7B-4A6A-8705-8AFACA45BB60}) (Version: 1.0.0.0 - WestwoodChat)
WestwoodOnline (HKLM-x32\...\{BBCD6D56-8A26-4DDE-9482-DBC9C7B7341D}) (Version: 1.0.0.0 - WestwoodOnline)
WinPatrol (HKLM\...\{6A206A04-6BC1-411B-AA04-4E52EDEEADF2}) (Version: 32.0.2014.5 - Ruiware)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
Wireshark 1.12.5 (64-bit) (HKLM-x32\...\Wireshark) (Version: 1.12.5 - The Wireshark developer community, http://www.wireshark.org)
WM Capture 8 (HKLM-x32\...\WM Capture 8) (Version: 8.4.2 - AllAlex, Inc.)
WM Recorder (HKLM-x32\...\WM Recorder14.16.2.0) (Version: 14.16.2.0 - AllAlex, Inc)
WM Recorder 15 (HKLM-x32\...\WM Recorder 1515.2.1.0) (Version: 15.2.1.0 - AllAlex, Inc)
WM Recorder 16 (HKLM-x32\...\WM Recorder 1616.4.0.0) (Version: 16.4.0.0 - AllAlex, Inc)
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version:  - )
Zemana AntiMalware (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.21.15 - Zemana Ltd.)

========================= Memory info: ===================================

Percentage of memory in use: 9%
Total physical RAM: 16351.92 MB
Available physical RAM: 14738.75 MB
Total Virtual: 17375.92 MB
Available Virtual: 15797.42 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:931.02 GB) (Free:353.89 GB) NTFS

========================= Users: ========================================

User accounts for \\KEV-PC

Administrator            DefaultAccount           Guest                    
Kev                      


**** End of log ****



#4 Kev35

Kev35
  • Topic Starter

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Local time:01:10 PM

Posted 18 June 2016 - 11:23 AM

12:20:44.0619 0x0138  TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
12:20:50.0617 0x0138  ============================================================
12:20:50.0617 0x0138  Current date / time: 2016/06/18 12:20:50.0617
12:20:50.0617 0x0138  SystemInfo:
12:20:50.0617 0x0138 
12:20:50.0617 0x0138  OS Version: 10.0.10586 ServicePack: 0.0
12:20:50.0617 0x0138  Product type: Workstation
12:20:50.0617 0x0138  ComputerName: KEV-PC
12:20:50.0617 0x0138  UserName: Kev
12:20:50.0617 0x0138  Windows directory: C:\WINDOWS
12:20:50.0617 0x0138  System windows directory: C:\WINDOWS
12:20:50.0617 0x0138  Running under WOW64
12:20:50.0617 0x0138  Processor architecture: Intel x64
12:20:50.0617 0x0138  Number of processors: 8
12:20:50.0617 0x0138  Page size: 0x1000
12:20:50.0617 0x0138  Boot type: Normal boot
12:20:50.0617 0x0138  ============================================================
12:20:50.0921 0x0138  KLMD registered as C:\WINDOWS\system32\drivers\70689457.sys
12:20:51.0234 0x0138  System UUID: {1284B01E-7049-84F2-067D-9B54AFA72326}
12:20:51.0625 0x0138  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:20:51.0727 0x0138  ============================================================
12:20:51.0727 0x0138  \Device\Harddisk0\DR0:
12:20:51.0727 0x0138  MBR partitions:
12:20:51.0727 0x0138  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xFA000
12:20:51.0727 0x0138  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xFA800, BlocksNum 0x7460B800
12:20:51.0727 0x0138  ============================================================
12:20:51.0763 0x0138  C: <-> \Device\Harddisk0\DR0\Partition2
12:20:51.0763 0x0138  ============================================================
12:20:51.0764 0x0138  Initialize success
12:20:51.0764 0x0138  ============================================================
12:21:07.0374 0x1760  ============================================================
12:21:07.0374 0x1760  Scan started
12:21:07.0374 0x1760  Mode: Manual;
12:21:07.0374 0x1760  ============================================================
12:21:07.0374 0x1760  KSN ping started
12:21:07.0461 0x1760  KSN ping finished: true
12:21:09.0626 0x1760  ================ Scan system memory ========================
12:21:09.0626 0x1760  System memory - ok
12:21:09.0627 0x1760  ================ Scan services =============================
12:21:09.0768 0x1760  1394ohci - ok
12:21:09.0771 0x1760  3ware - ok
12:21:09.0786 0x1760  ACPI - ok
12:21:09.0789 0x1760  acpiex - ok
12:21:09.0793 0x1760  acpipagr - ok
12:21:09.0802 0x1760  AcpiPmi - ok
12:21:09.0805 0x1760  acpitime - ok
12:21:09.0872 0x1760  [ 36114214BF8D7C464D1E92E4EB6B2DD3, 8E7CB266D4ABCDF332A3D4D341753811D51B72985E36F24A7E757DCA11A65A2A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:21:09.0875 0x1760  AdobeARMservice - ok
12:21:09.0945 0x1760  [ E324D38B6CCF843ED4F6D521908AEE5B, D34DAF5AB7A3C2751C0C3BD3C21E52909E6D182DD202BD3C0B4981535320E64A ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:21:09.0953 0x1760  AdobeFlashPlayerUpdateSvc - ok
12:21:09.0960 0x1760  ADP80XX - ok
12:21:09.0985 0x1760  AFD - ok
12:21:09.0989 0x1760  agp440 - ok
12:21:09.0993 0x1760  ahcache - ok
12:21:10.0007 0x1760  AJRouter - ok
12:21:10.0018 0x1760  ALG - ok
12:21:10.0054 0x1760  [ D2AC5BEE06DAD97FBDB9E0D743C800A4, 8BCE35C6808DABB657CD587B6F97E5EA006A50B9942FE3D1DAEDDF9702FA0136 ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe
12:21:10.0061 0x1760  AMD External Events Utility - ok
12:21:10.0065 0x1760  AmdK8 - ok
12:21:10.0076 0x1760  [ B28145E732EDEBBEDABC311DBA56D52A, 43745C17A3AC2A7A6FB0DBF1A2158C6B365198581E8E3B1F7E7E9EE9763A2735 ] amdkmafd        C:\WINDOWS\system32\drivers\amdkmafd.sys
12:21:10.0077 0x1760  amdkmafd - ok
12:21:10.0085 0x1760  amdkmdag - ok
12:21:10.0121 0x1760  [ DF91A7FE2D8F487EE5769BAC2D297D76, B401E2A14AB1E4194C19DF5C938A57262B55751C344E94864DCCC6304F1027FF ] amdkmdap        C:\WINDOWS\system32\DRIVERS\atikmpag.sys
12:21:10.0133 0x1760  amdkmdap - ok
12:21:10.0169 0x1760  [ 3F11DB5FF2B4E52CA4B5979A37B97A6F, 59350E37AB2FE8D7290B0B9A4C84ADBC69A4EBCEA5AD208E2E5D047C8EE5B65A ] amdkmpfd        C:\WINDOWS\system32\drivers\amdkmpfd.sys
12:21:10.0171 0x1760  amdkmpfd - ok
12:21:10.0175 0x1760  AmdPPM - ok
12:21:10.0179 0x1760  amdsata - ok
12:21:10.0197 0x1760  amdsbs - ok
12:21:10.0199 0x1760  amdxata - ok
12:21:10.0236 0x1760  AppHostSvc - ok
12:21:10.0238 0x1760  AppID - ok
12:21:10.0240 0x1760  AppIDSvc - ok
12:21:10.0242 0x1760  Appinfo - ok
12:21:10.0306 0x1760  [ 3B3774C868868257533EC7E715BB6D53, 4AF1DADCEDBD80BE6EDEC696DF59E65B51D31E33F4C84413CA03C7BD959FF4E5 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:21:10.0308 0x1760  Apple Mobile Device Service - ok
12:21:10.0314 0x1760  AppReadiness - ok
12:21:10.0328 0x1760  AppXSvc - ok
12:21:10.0331 0x1760  arcsas - ok
12:21:10.0383 0x1760  aspnet_state - ok
12:21:10.0387 0x1760  AsyncMac - ok
12:21:10.0391 0x1760  atapi - ok
12:21:10.0426 0x1760  [ 2A38B5218A7BE3CE0E0B3D92E3844782, 2B0799EF6E5A5EE65AC91E394F6C0EDE95067BB96567FD25DA0C003F9FB7E84E ] AtiHDAudioService C:\WINDOWS\system32\drivers\AtihdWT6.sys
12:21:10.0427 0x1760  AtiHDAudioService - ok
12:21:10.0447 0x1760  AudioEndpointBuilder - ok
12:21:10.0470 0x1760  Audiosrv - ok
12:21:10.0472 0x1760  AxInstSV - ok
12:21:10.0474 0x1760  b06bdrv - ok
12:21:10.0484 0x1760  BasicDisplay - ok
12:21:10.0487 0x1760  BasicRender - ok
12:21:10.0490 0x1760  bcmfn - ok
12:21:10.0491 0x1760  bcmfn2 - ok
12:21:10.0501 0x1760  BDESVC - ok
12:21:10.0503 0x1760  Beep - ok
12:21:10.0506 0x1760  BFE - ok
12:21:10.0570 0x1760  BITS - ok
12:21:10.0609 0x1760  [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
12:21:10.0614 0x1760  Bonjour Service - ok
12:21:10.0617 0x1760  bowser - ok
12:21:10.0630 0x1760  BrokerInfrastructure - ok
12:21:10.0631 0x1760  Browser - ok
12:21:10.0648 0x1760  [ F702AFA6B13BB143757AEFAE423B6865, 65FDFD3C642D81EE95CBC68D6BA4FD69EF6A83F9AF7948DC993C783DF1AA8772 ] BstHdAndroidSvc C:\Program Files (x86)\BlueStacks\HD-Service.exe
12:21:10.0654 0x1760  BstHdAndroidSvc - ok
12:21:10.0660 0x1760  [ 464D771701C5413C1EDD504D745698F0, C82B9F9C621654914F980EC9DA5879703014066E93CC7D21B9B241E0D16FA325 ] BstHdDrv        C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys
12:21:10.0662 0x1760  BstHdDrv - ok
12:21:10.0681 0x1760  [ 202A388A6CC6D1A00CBB6E3EAEAA2B89, 588AB5DA62C98E8B3B332043BFCC03A8286FBF4E2C2181E4C9295B247BE75DD8 ] BstHdLogRotatorSvc C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
12:21:10.0685 0x1760  BstHdLogRotatorSvc - ok
12:21:10.0765 0x1760  [ 250FB3DBCB2E4E538EA466ABF48859E7, A9C839CB675DABDB71571E60BC69C1C027F129FABA821454C1BBF5B4A7CC9725 ] BstHdUpdaterSvc C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
12:21:10.0775 0x1760  BstHdUpdaterSvc - ok
12:21:10.0792 0x1760  BthAvrcpTg - ok
12:21:10.0794 0x1760  BthHFEnum - ok
12:21:10.0795 0x1760  bthhfhid - ok
12:21:10.0797 0x1760  BthHFSrv - ok
12:21:10.0799 0x1760  BTHMODEM - ok
12:21:10.0804 0x1760  bthserv - ok
12:21:10.0806 0x1760  buttonconverter - ok
12:21:10.0811 0x1760  CapImg - ok
12:21:10.0812 0x1760  cdfs - ok
12:21:10.0814 0x1760  CDPSvc - ok
12:21:10.0816 0x1760  cdrom - ok
12:21:10.0819 0x1760  CertPropSvc - ok
12:21:10.0821 0x1760  circlass - ok
12:21:10.0823 0x1760  CLFS - ok
12:21:10.0831 0x1760  ClipSVC - ok
12:21:10.0836 0x1760  CmBatt - ok
12:21:10.0863 0x1760  CNG - ok
12:21:10.0864 0x1760  cnghwassist - ok
12:21:10.0887 0x1760  CompositeBus - ok
12:21:10.0889 0x1760  COMSysApp - ok
12:21:10.0891 0x1760  condrv - ok
12:21:10.0936 0x1760  CoreMessagingRegistrar - ok
12:21:10.0948 0x1760  CryptSvc - ok
12:21:10.0951 0x1760  dam - ok
12:21:10.0968 0x1760  DcomLaunch - ok
12:21:10.0970 0x1760  DcpSvc - ok
12:21:10.0973 0x1760  defragsvc - ok
12:21:10.0974 0x1760  DeviceAssociationService - ok
12:21:10.0976 0x1760  DeviceInstall - ok
12:21:10.0978 0x1760  DevQueryBroker - ok
12:21:10.0980 0x1760  Dfsc - ok
12:21:11.0007 0x1760  [ 85137571AEC8AC757D497B9DD30D544D, 6E15C9FB4010B26A8E5AFD4E85F7362B2616EB8503ACCE28EC31AC1E7D18566F ] dg_ssudbus      C:\WINDOWS\system32\DRIVERS\ssudbus.sys
12:21:11.0012 0x1760  dg_ssudbus - ok
12:21:11.0016 0x1760  Dhcp - ok
12:21:11.0055 0x1760  diagnosticshub.standardcollector.service - ok
12:21:11.0059 0x1760  DiagTrack - ok
12:21:11.0061 0x1760  disk - ok
12:21:11.0166 0x1760  [ 2E279CABD74C2BD983E40210EA80B702, EE61F095D3473E47D08DEC1260F14E9DC4263D7A11BBD5C8E31C5A8A99A61BCD ] Diskeeper       C:\Program Files\Condusiv Technologies\Diskeeper\DkService.exe
12:21:11.0196 0x1760  Diskeeper - ok
12:21:11.0218 0x1760  [ 87DF6F629C01B91AD24D64BCA6C04DD5, 3C0CEBFC77564DBA88097B74B7A4165DB02BD1B0858EC87641A3B2121B960978 ] DKDFM           C:\WINDOWS\system32\drivers\DKDFM.sys
12:21:11.0219 0x1760  DKDFM - ok
12:21:11.0235 0x1760  [ 50669EA06563BE99C1786BC41F859AEA, 08FCB845DA1629A0C06C78B7ED430F2C7F1902BFD2FD93D63F0EC63BD676E48B ] DKRtWrt         C:\WINDOWS\system32\DRIVERS\DKRtWrt.sys
12:21:11.0236 0x1760  DKRtWrt - ok
12:21:11.0240 0x1760  [ 15BFCEBC1E7D9C165CBEFB4D98D96262, 1807DEC1A3D0C77B906DCF4B6496E202EE51828AEB98D9AF7E8D70C969CBA840 ] DKTLFSMF        C:\WINDOWS\system32\drivers\DKTLFSMF.sys
12:21:11.0241 0x1760  DKTLFSMF - ok
12:21:11.0256 0x1760  DmEnrollmentSvc - ok
12:21:11.0258 0x1760  dmvsc - ok
12:21:11.0260 0x1760  dmwappushservice - ok
12:21:11.0262 0x1760  Dnscache - ok
12:21:11.0264 0x1760  dot3svc - ok
12:21:11.0266 0x1760  DPS - ok
12:21:11.0282 0x1760  [ 25FA06D3B49D6ADF8E874FFCDCD76B50, 9AF09B96ED79D94EA36581ABE6CC73313A72891779774B15860D018BEA2BBA0F ] drmkaud         C:\WINDOWS\System32\drivers\drmkaud.sys
12:21:11.0283 0x1760  drmkaud - ok
12:21:11.0342 0x1760  [ 1ED08A6264C5C92099D6D1DAE5E8F530, 4045AE77859B1DBF13972451972EAAF6F3C97BEA423E9E78F1C2F14330CD47CA ] DrvAgent64      C:\WINDOWS\SysWOW64\Drivers\DrvAgent64.SYS
12:21:11.0342 0x1760  DrvAgent64 - ok
12:21:11.0346 0x1760  DsmSvc - ok
12:21:11.0347 0x1760  DsSvc - ok
12:21:11.0360 0x1760  DXGKrnl - ok
12:21:11.0361 0x1760  e1iexpress - ok
12:21:11.0385 0x1760  [ B4B52D2D4976FB06C53DCC6F476EAE2F, 2D48A3A6DC4E19840543A2F22CA45D3F6C0C989E00CBCA65F7B4B7222E6D69ED ] eamonm          C:\WINDOWS\system32\DRIVERS\eamonm.sys
12:21:11.0388 0x1760  eamonm - ok
12:21:11.0390 0x1760  Eaphost - ok
12:21:11.0392 0x1760  ebdrv - ok
12:21:11.0416 0x1760  [ 86F4D86CD3ABBD75EB578A91C403FF93, 2C259AD584D6AB0FB9144651CCF44F23BA507EAF6DDB5A525EA705A7700D4F09 ] eelam           C:\WINDOWS\system32\DRIVERS\eelam.sys
12:21:11.0418 0x1760  eelam - ok
12:21:11.0436 0x1760  [ B7B44DAB9C3E40519E1EB9ACADD06B23, 7507F5541B04A31C842688BC02F5591775D17102A8707D07B3E3443312568598 ] EfiInvoker      C:\Windows\SysWOW64\Drivers\invoker64.sys
12:21:11.0436 0x1760  EfiInvoker - ok
12:21:11.0440 0x1760  EFS - ok
12:21:11.0460 0x1760  [ 2072E5C612C0C178A1E725433EB4E7EB, FA99355AE119FFEB1C9C2DB1349ABCF59F87AB113C9D91186F59829FFFBA1286 ] ehdrv           C:\WINDOWS\system32\DRIVERS\ehdrv.sys
12:21:11.0465 0x1760  ehdrv - ok
12:21:11.0469 0x1760  EhStorClass - ok
12:21:11.0493 0x1760  EhStorTcgDrv - ok
12:21:11.0516 0x1760  [ 70350E9D75CE4479AA1A046887F11519, 46FFACBBB8BC2B1F45D83884D7298F8B82EF24A033D173B3DA812BA42D2296C5 ] ekbdflt         C:\WINDOWS\system32\DRIVERS\ekbdflt.sys
12:21:11.0520 0x1760  ekbdflt - ok
12:21:11.0615 0x1760  [ 287D7C125CCCBA0D2111181F44BE2C2A, 7D9892BB0CAF30AC90E5CE7D93FF85ED7B5D95418D13475CF7D2E66BEDDD574E ] ekrn            C:\Program Files\ESET\ESET Smart Security\ekrn.exe
12:21:11.0643 0x1760  ekrn - ok
12:21:11.0646 0x1760  embeddedmode - ok
12:21:11.0648 0x1760  EntAppSvc - ok
12:21:11.0659 0x1760  [ D0268AFCBE7E16A30D4C7A0D91526BD1, D398E04EBC97F69CFE785B829ECB5CB15A21B5F3E82405D5221DFD122DC0D248 ] epfw            C:\WINDOWS\system32\DRIVERS\epfw.sys
12:21:11.0661 0x1760  epfw - ok
12:21:11.0666 0x1760  [ 6B19C4B37E06E275D9AE54F06B1DEAAA, 62EEF3A5611456226D0B7B48738D0AE443375353BF631A4D07485680F4EAA212 ] EpfwLWF         C:\WINDOWS\system32\DRIVERS\EpfwLWF.sys
12:21:11.0667 0x1760  EpfwLWF - ok
12:21:11.0680 0x1760  [ 75815E12D7B8209BD26E8DC4E6708A4F, CB3E443C3AC851A971B921C967025C12377E398E9069FD3DC2F33907DBB168BD ] epfwwfp         C:\WINDOWS\system32\DRIVERS\epfwwfp.sys
12:21:11.0682 0x1760  epfwwfp - ok
12:21:11.0684 0x1760  ErrDev - ok
12:21:11.0705 0x1760  [ F037314138494EE6BD7DDC4C19C63012, C78477093374BA57DDDDC8F25E67397126AF03700513D24128BDA5C8EA8CFF1A ] ESETCleanersDriver C:\Windows\system32\Drivers\ESETCleanersDriver.sys
12:21:11.0708 0x1760  ESETCleanersDriver - ok
12:21:11.0770 0x1760  EventSystem - ok
12:21:11.0774 0x1760  exfat - ok
12:21:11.0796 0x1760  fastfat - ok
12:21:11.0803 0x1760  Fax - ok
12:21:11.0806 0x1760  fdc - ok
12:21:11.0810 0x1760  fdPHost - ok
12:21:11.0815 0x1760  FDResPub - ok
12:21:11.0820 0x1760  fhsvc - ok
12:21:11.0843 0x1760  FileCrypt - ok
12:21:11.0846 0x1760  FileInfo - ok
12:21:11.0850 0x1760  Filetrace - ok
12:21:11.0855 0x1760  flpydisk - ok
12:21:11.0859 0x1760  FltMgr - ok
12:21:11.0863 0x1760  FontCache - ok
12:21:11.0947 0x1760  FontCache3.0.0.0 - ok
12:21:11.0951 0x1760  FsDepends - ok
12:21:11.0955 0x1760  Fs_Rec - ok
12:21:11.0959 0x1760  fvevol - ok
12:21:11.0964 0x1760  gagp30kx - ok
12:21:11.0995 0x1760  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
12:21:11.0996 0x1760  GEARAspiWDM - ok
12:21:12.0017 0x1760  gencounter - ok
12:21:12.0048 0x1760  genericusbfn - ok
12:21:12.0050 0x1760  GPIOClx0101 - ok
12:21:12.0052 0x1760  gpsvc - ok
12:21:12.0069 0x1760  GpuEnergyDrv - ok
12:21:12.0071 0x1760  HdAudAddService - ok
12:21:12.0099 0x1760  [ 84BC034B6BB763733C1949B7B9BAF976, 18C2C0F15BAFA46197F0BB629C4F585D893C2A78324CA198F88A04527D524F23 ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
12:21:12.0101 0x1760  HDAudBus - ok
12:21:12.0126 0x1760  HidBatt - ok
12:21:12.0128 0x1760  HidBth - ok
12:21:12.0130 0x1760  hidi2c - ok
12:21:12.0136 0x1760  hidinterrupt - ok
12:21:12.0137 0x1760  HidIr - ok
12:21:12.0139 0x1760  hidserv - ok
12:21:12.0168 0x1760  HidUsb - ok
12:21:12.0170 0x1760  HomeGroupListener - ok
12:21:12.0187 0x1760  HomeGroupProvider - ok
12:21:12.0190 0x1760  HpSAMD - ok
12:21:12.0263 0x1760  [ 4DB356DF142BAD89A5F9E798B2A01E01, F6D43410524ACB391FAA37D7B913775CA33E08F7B75C4621607BB62B812D99C5 ] HPSupportSolutionsFrameworkService C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
12:21:12.0265 0x1760  HPSupportSolutionsFrameworkService - ok
12:21:12.0286 0x1760  HTTP - ok
12:21:12.0312 0x1760  [ E5805896A55D4166C20F216249F40FA3, F426BF60D5B916E7A778EF24C49FE1FFE1B2977C2ABD2977FD5C38C6E6CB139F ] HWiNFO32        C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS
12:21:12.0313 0x1760  HWiNFO32 - ok
12:21:12.0318 0x1760  hwpolicy - ok
12:21:12.0322 0x1760  hyperkbd - ok
12:21:12.0326 0x1760  i8042prt - ok
12:21:12.0330 0x1760  iai2c - ok
12:21:12.0337 0x1760  iaLPSS2i_I2C - ok
12:21:12.0341 0x1760  iaLPSSi_GPIO - ok
12:21:12.0346 0x1760  iaLPSSi_I2C - ok
12:21:12.0350 0x1760  iaStorAV - ok
12:21:12.0354 0x1760  iaStorV - ok
12:21:12.0357 0x1760  ibbus - ok
12:21:12.0408 0x1760  icssvc - ok
12:21:12.0410 0x1760  IEEtwCollectorService - ok
12:21:12.0433 0x1760  IKEEXT - ok
12:21:12.0504 0x1760  [ DAE6C3099D291EED8922A65C29ABCF52, AD0A932345382824122F84AF97A8609BAE1B916A3B9FD608779A1411E37D3643 ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
12:21:12.0522 0x1760  Intel® Capability Licensing Service Interface - ok
12:21:12.0549 0x1760  [ D45226E3E7A25F1E7CE8DF8FD0A2A098, 7BD74E9E3CB0A83D26BA3FD8177C6B9BA46A8695B6569CF7887FDC87947DA2D6 ] Intel® Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
12:21:12.0563 0x1760  Intel® Capability Licensing Service TCP IP Interface - ok
12:21:12.0586 0x1760  [ F28C5A79A1698E9F1374569A1C0FB880, 9DD0A9539AFE0DB71C2CDE1E9649D4178C28E3740E99E54E3337E7DD32971D72 ] Intel® PROSet Monitoring Service C:\WINDOWS\system32\IProsetMonitor.exe
12:21:12.0595 0x1760  Intel® PROSet Monitoring Service - ok
12:21:12.0598 0x1760  intelide - ok
12:21:12.0600 0x1760  intelpep - ok
12:21:12.0602 0x1760  intelppm - ok
12:21:12.0605 0x1760  IoQos - ok
12:21:12.0607 0x1760  IpFilterDriver - ok
12:21:12.0610 0x1760  iphlpsvc - ok
12:21:12.0612 0x1760  IPMIDRV - ok
12:21:12.0614 0x1760  IPNAT - ok
12:21:12.0643 0x1760  [ 2BFF13AC46A5850161317D0F924B5B42, B8A09F66435EC6582F8772515988503CC13DC200A370EBB8C3FE661F2EA688DA ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
12:21:12.0652 0x1760  iPod Service - ok
12:21:12.0654 0x1760  IRENUM - ok
12:21:12.0656 0x1760  isapnp - ok
12:21:12.0658 0x1760  iScsiPrt - ok
12:21:12.0708 0x1760  [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service     C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
12:21:12.0710 0x1760  jhi_service - ok
12:21:12.0712 0x1760  kbdclass - ok
12:21:12.0713 0x1760  kbdhid - ok
12:21:12.0715 0x1760  kdnic - ok
12:21:12.0740 0x1760  [ 249B4AB4EA96E333AA0F01BF67209817, EEA976B7BAC3B49B52D2E1A3D308D9C5EF81DA4483DEC29CC4056319FA08E5DC ] keycrypt        C:\WINDOWS\system32\DRIVERS\KeyCrypt64.sys
12:21:12.0742 0x1760  keycrypt - ok
12:21:12.0743 0x1760  KeyIso - ok
12:21:12.0745 0x1760  KSecDD - ok
12:21:12.0756 0x1760  KSecPkg - ok
12:21:12.0758 0x1760  ksthunk - ok
12:21:12.0780 0x1760  KtmRm - ok
12:21:12.0782 0x1760  LanmanServer - ok
12:21:12.0784 0x1760  LanmanWorkstation - ok
12:21:12.0790 0x1760  lfsvc - ok
12:21:12.0791 0x1760  LicenseManager - ok
12:21:12.0793 0x1760  lltdio - ok
12:21:12.0795 0x1760  lltdsvc - ok
12:21:12.0797 0x1760  lmhosts - ok
12:21:12.0835 0x1760  [ E2952760B05A256FB1412D20A41C89C1, B5AF47DF90D5DC8E6549DE1AFF897669E8200D08083D43DF86E34F6EE19C59DA ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
12:21:12.0839 0x1760  LMS - ok
12:21:12.0843 0x1760  LSI_SAS - ok
12:21:12.0844 0x1760  LSI_SAS2i - ok
12:21:12.0846 0x1760  LSI_SAS3i - ok
12:21:12.0848 0x1760  LSI_SSS - ok
12:21:12.0850 0x1760  LSM - ok
12:21:12.0854 0x1760  luafv - ok
12:21:12.0856 0x1760  LVPr2M64 - ok
12:21:12.0858 0x1760  MapsBroker - ok
12:21:12.0860 0x1760  megasas - ok
12:21:12.0861 0x1760  megasr - ok
12:21:12.0898 0x1760  [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64          C:\WINDOWS\System32\drivers\HECIx64.sys
12:21:12.0900 0x1760  MEIx64 - ok
12:21:12.0904 0x1760  MessagingService - ok
12:21:13.0029 0x1760  mlx4_bus - ok
12:21:13.0053 0x1760  MMCSS - ok
12:21:13.0056 0x1760  Modem - ok
12:21:13.0060 0x1760  monitor - ok
12:21:13.0065 0x1760  mouclass - ok
12:21:13.0072 0x1760  mouhid - ok
12:21:13.0076 0x1760  mountmgr - ok
12:21:13.0122 0x1760  [ D6F67A73E6557578B755F7B534E00F47, 769F3D6CB86B2DC4065BDE4CE39139879B7D96F455A3BE80C7ECEAD5494E8B79 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
12:21:13.0126 0x1760  MozillaMaintenance - ok
12:21:13.0131 0x1760  mpsdrv - ok
12:21:13.0157 0x1760  MpsSvc - ok
12:21:13.0170 0x1760  MQAC - ok
12:21:13.0176 0x1760  MRxDAV - ok
12:21:13.0186 0x1760  mrxsmb - ok
12:21:13.0191 0x1760  mrxsmb10 - ok
12:21:13.0194 0x1760  mrxsmb20 - ok
12:21:13.0198 0x1760  MsBridge - ok
12:21:13.0205 0x1760  MSDTC - ok
12:21:13.0209 0x1760  Msfs - ok
12:21:13.0217 0x1760  msgpiowin32 - ok
12:21:13.0219 0x1760  mshidkmdf - ok
12:21:13.0222 0x1760  mshidumdf - ok
12:21:13.0224 0x1760  msisadrv - ok
12:21:13.0227 0x1760  MSiSCSI - ok
12:21:13.0229 0x1760  msiserver - ok
12:21:13.0230 0x1760  MSKSSRV - ok
12:21:13.0233 0x1760  MsLldp - ok
12:21:13.0239 0x1760  MSMQ - ok
12:21:13.0240 0x1760  MSPCLOCK - ok
12:21:13.0242 0x1760  MSPQM - ok
12:21:13.0244 0x1760  MsRPC - ok
12:21:13.0246 0x1760  mssmbios - ok
12:21:13.0248 0x1760  MSTEE - ok
12:21:13.0250 0x1760  MTConfig - ok
12:21:13.0252 0x1760  Mup - ok
12:21:13.0254 0x1760  mvumis - ok
12:21:13.0256 0x1760  NativeWifiP - ok
12:21:13.0258 0x1760  NcaSvc - ok
12:21:13.0276 0x1760  NcbService - ok
12:21:13.0278 0x1760  NcdAutoSetup - ok
12:21:13.0280 0x1760  ndfltr - ok
12:21:13.0282 0x1760  NDIS - ok
12:21:13.0286 0x1760  NdisCap - ok
12:21:13.0288 0x1760  NdisImPlatform - ok
12:21:13.0290 0x1760  NdisTapi - ok
12:21:13.0292 0x1760  Ndisuio - ok
12:21:13.0293 0x1760  NdisVirtualBus - ok
12:21:13.0295 0x1760  NdisWan - ok
12:21:13.0297 0x1760  ndiswanlegacy - ok
12:21:13.0299 0x1760  ndproxy - ok
12:21:13.0305 0x1760  Ndu - ok
12:21:13.0306 0x1760  NetBIOS - ok
12:21:13.0313 0x1760  NetBT - ok
12:21:13.0314 0x1760  Netlogon - ok
12:21:13.0316 0x1760  Netman - ok
12:21:13.0350 0x1760  NetMsmqActivator - ok
12:21:13.0351 0x1760  NetPipeActivator - ok
12:21:13.0353 0x1760  netprofm - ok
12:21:13.0372 0x1760  NetSetupSvc - ok
12:21:13.0373 0x1760  NetTcpActivator - ok
12:21:13.0375 0x1760  NetTcpPortSharing - ok
12:21:13.0415 0x1760  NgcCtnrSvc - ok
12:21:13.0462 0x1760  NgcSvc - ok
12:21:13.0470 0x1760  NlaSvc - ok
12:21:13.0487 0x1760  [ DE7FCC77F4A503AF4CA6A47D49B3713D, 4BFAA99393F635CD05D91A64DE73EDB5639412C129E049F0FE34F88517A10FC6 ] NPF             C:\WINDOWS\system32\drivers\npf.sys
12:21:13.0490 0x1760  NPF - ok
12:21:13.0494 0x1760  Npfs - ok
12:21:13.0497 0x1760  npsvctrig - ok
12:21:13.0499 0x1760  nsi - ok
12:21:13.0502 0x1760  nsiproxy - ok
12:21:13.0522 0x1760  NTFS - ok
12:21:13.0524 0x1760  Null - ok
12:21:13.0526 0x1760  nvraid - ok
12:21:13.0528 0x1760  nvstor - ok
12:21:13.0529 0x1760  nv_agp - ok
12:21:13.0541 0x1760  OneSyncSvc - ok
12:21:13.0616 0x1760  [ 29B093BA6759118DB14AF41026385E03, 660176D122344A79E52FFD9FE3D32D1967D9B22BC4AD76549D839B09693D0713 ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
12:21:13.0650 0x1760  Origin Client Service - ok
12:21:13.0654 0x1760  p2pimsvc - ok
12:21:13.0656 0x1760  p2psvc - ok
12:21:13.0664 0x1760  Parport - ok
12:21:13.0666 0x1760  partmgr - ok
12:21:13.0667 0x1760  PcaSvc - ok
12:21:13.0669 0x1760  pci - ok
12:21:13.0671 0x1760  pciide - ok
12:21:13.0673 0x1760  pcmcia - ok
12:21:13.0675 0x1760  pcw - ok
12:21:13.0677 0x1760  pdc - ok
12:21:13.0678 0x1760  PEAUTH - ok
12:21:13.0680 0x1760  percsas2i - ok
12:21:13.0682 0x1760  percsas3i - ok
12:21:13.0717 0x1760  PerfHost - ok
12:21:13.0742 0x1760  PhoneSvc - ok
12:21:13.0765 0x1760  PimIndexMaintenanceSvc - ok
12:21:13.0773 0x1760  pla - ok
12:21:13.0814 0x1760  [ 9B6D836FD84C34C9E751D0888A367625, 4DC5FC3B8813A19CD64C1B470272C1392BA56A7DCA7514F483C95A7022C8E17C ] PlaysService    C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
12:21:13.0815 0x1760  PlaysService - ok
12:21:13.0817 0x1760  PlugPlay - ok
12:21:13.0818 0x1760  PNRPAutoReg - ok
12:21:13.0820 0x1760  PNRPsvc - ok
12:21:13.0822 0x1760  PolicyAgent - ok
12:21:13.0825 0x1760  Power - ok
12:21:13.0827 0x1760  PptpMiniport - ok
12:21:13.0939 0x1760  [ 15709A9AB1411565754CEE33AAB36387, 77CBC04346F8F247B4614CE65FBD225F0A24827EDD1FDB34900D05673B682D84 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
12:21:14.0018 0x1760  PrintNotify - ok
12:21:14.0023 0x1760  Processor - ok
12:21:14.0042 0x1760  ProfSvc - ok
12:21:14.0044 0x1760  Psched - ok
12:21:14.0070 0x1760  [ D271C14EE0EEEA27359CD9E14E49F0DE, C69234841EE8E9A584CABF12CE2FA965F038BD30E78C57702B28EF4B3667BD7C ] PSKMAD          C:\WINDOWS\system32\DRIVERS\PSKMAD.sys
12:21:14.0071 0x1760  PSKMAD - ok
12:21:14.0087 0x1760  QWAVE - ok
12:21:14.0088 0x1760  QWAVEdrv - ok
12:21:14.0100 0x1760  RasAcd - ok
12:21:14.0123 0x1760  RasAgileVpn - ok
12:21:14.0142 0x1760  RasAuto - ok
12:21:14.0153 0x1760  Rasl2tp - ok
12:21:14.0154 0x1760  RasMan - ok
12:21:14.0156 0x1760  RasPppoe - ok
12:21:14.0159 0x1760  RasSstp - ok
12:21:14.0163 0x1760  rdbss - ok
12:21:14.0169 0x1760  rdpbus - ok
12:21:14.0172 0x1760  RDPDR - ok
12:21:14.0179 0x1760  RdpVideoMiniport - ok
12:21:14.0183 0x1760  rdyboost - ok
12:21:14.0186 0x1760  ReFSv1 - ok
12:21:14.0237 0x1760  RemoteAccess - ok
12:21:14.0239 0x1760  RemoteRegistry - ok
12:21:14.0257 0x1760  RetailDemo - ok
12:21:14.0279 0x1760  [ 83A6C2CAFE236652D1559640594A0EA8, 52360F17C9C70C9CEA3316560B40C4D89FD705ED7E6B6088C99FC54D4CC35EB5 ] rpcapd          C:\Program Files (x86)\WinPcap\rpcapd.exe
12:21:14.0285 0x1760  rpcapd - ok
12:21:14.0289 0x1760  RpcEptMapper - ok
12:21:14.0293 0x1760  RpcLocator - ok
12:21:14.0297 0x1760  RpcSs - ok
12:21:14.0301 0x1760  rspndr - ok
12:21:14.0306 0x1760  s3cap - ok
12:21:14.0322 0x1760  SamSs - ok
12:21:14.0324 0x1760  sbp2port - ok
12:21:14.0326 0x1760  SCardSvr - ok
12:21:14.0328 0x1760  ScDeviceEnum - ok
12:21:14.0331 0x1760  scfilter - ok
12:21:14.0336 0x1760  Schedule - ok
12:21:14.0338 0x1760  SCPolicySvc - ok
12:21:14.0364 0x1760  sdbus - ok
12:21:14.0366 0x1760  SDRSVC - ok
12:21:14.0368 0x1760  sdstor - ok
12:21:14.0371 0x1760  seclogon - ok
12:21:14.0373 0x1760  SENS - ok
12:21:14.0377 0x1760  SensorDataService - ok
12:21:14.0385 0x1760  SensorService - ok
12:21:14.0387 0x1760  SensrSvc - ok
12:21:14.0389 0x1760  SerCx - ok
12:21:14.0392 0x1760  SerCx2 - ok
12:21:14.0398 0x1760  Serenum - ok
12:21:14.0407 0x1760  Serial - ok
12:21:14.0408 0x1760  sermouse - ok
12:21:14.0414 0x1760  SessionEnv - ok
12:21:14.0418 0x1760  sfloppy - ok
12:21:14.0470 0x1760  SharedAccess - ok
12:21:14.0546 0x1760  ShellHWDetection - ok
12:21:14.0549 0x1760  SiSRaid2 - ok
12:21:14.0553 0x1760  SiSRaid4 - ok
12:21:14.0605 0x1760  smphost - ok
12:21:14.0629 0x1760  SmsRouter - ok
12:21:14.0638 0x1760  SNMPTRAP - ok
12:21:14.0643 0x1760  spaceport - ok
12:21:14.0647 0x1760  SpbCx - ok
12:21:14.0651 0x1760  Spooler - ok
12:21:14.0657 0x1760  sppsvc - ok
12:21:14.0661 0x1760  srv - ok
12:21:14.0666 0x1760  srv2 - ok
12:21:14.0670 0x1760  srvnet - ok
12:21:14.0672 0x1760  SSDPSRV - ok
12:21:14.0674 0x1760  SstpSvc - ok
12:21:14.0705 0x1760  [ 9B74226E10CD57E965F87014841016F9, 95C76049DBBF3B31A9B01CFD0EDAAC47DE9A1F096B61D05C47FB85E1AFC07288 ] ssudmdm         C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
12:21:14.0709 0x1760  ssudmdm - ok
12:21:14.0726 0x1760  StateRepository - ok
12:21:14.0789 0x1760  [ A831D5A4D2F5138E332AC1B98315EBB1, 2FF5C256A83ACFB5CEC17B9FA7875048F770B793C37657D6D4E37C70B2F857A8 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
12:21:14.0805 0x1760  Steam Client Service - ok
12:21:14.0810 0x1760  stexstor - ok
12:21:14.0850 0x1760  stisvc - ok
12:21:14.0853 0x1760  storahci - ok
12:21:14.0858 0x1760  storflt - ok
12:21:14.0863 0x1760  stornvme - ok
12:21:14.0867 0x1760  storqosflt - ok
12:21:14.0889 0x1760  StorSvc - ok
12:21:14.0890 0x1760  storufs - ok
12:21:14.0893 0x1760  storvsc - ok
12:21:14.0896 0x1760  svsvc - ok
12:21:14.0898 0x1760  swenum - ok
12:21:14.0902 0x1760  swprv - ok
12:21:14.0909 0x1760  Synth3dVsc - ok
12:21:14.0912 0x1760  SysMain - ok
12:21:14.0936 0x1760  SystemEventsBroker - ok
12:21:14.0953 0x1760  TabletInputService - ok
12:21:14.0955 0x1760  TapiSrv - ok
12:21:14.0958 0x1760  Tcpip - ok
12:21:14.0960 0x1760  Tcpip6 - ok
12:21:14.0963 0x1760  tcpipreg - ok
12:21:14.0977 0x1760  tdx - ok
12:21:14.0979 0x1760  terminpt - ok
12:21:14.0982 0x1760  TermService - ok
12:21:14.0984 0x1760  Themes - ok
12:21:14.0987 0x1760  TieringEngineService - ok
12:21:14.0990 0x1760  tiledatamodelsvc - ok
12:21:15.0007 0x1760  TimeBroker - ok
12:21:15.0019 0x1760  TPM - ok
12:21:15.0021 0x1760  TrkWks - ok
12:21:15.0033 0x1760  [ 0C997B061E3C66BD9E927C1288EB1CC7, 3807E9A1BC159B9E8FC0C7CAAD10D7213FF8ED8AD1CEA9EA552B093C81BF624B ] TrueSight       C:\Windows\System32\drivers\TrueSight.sys
12:21:15.0039 0x1760  TrueSight - ok
12:21:15.0107 0x1760  TrustedInstaller - ok
12:21:15.0112 0x1760  tsusbflt - ok
12:21:15.0117 0x1760  TsUsbGD - ok
12:21:15.0122 0x1760  tzautoupdate - ok
12:21:15.0126 0x1760  uagp35 - ok
12:21:15.0130 0x1760  UASPStor - ok
12:21:15.0135 0x1760  UcmCx0101 - ok
12:21:15.0140 0x1760  UcmUcsi - ok
12:21:15.0144 0x1760  Ucx01000 - ok
12:21:15.0147 0x1760  UdeCx - ok
12:21:15.0149 0x1760  udfs - ok
12:21:15.0151 0x1760  UEFI - ok
12:21:15.0153 0x1760  Ufx01000 - ok
12:21:15.0155 0x1760  UfxChipidea - ok
12:21:15.0157 0x1760  ufxsynopsys - ok
12:21:15.0161 0x1760  UI0Detect - ok
12:21:15.0162 0x1760  uliagpkx - ok
12:21:15.0164 0x1760  umbus - ok
12:21:15.0166 0x1760  UmPass - ok
12:21:15.0169 0x1760  UmRdpService - ok
12:21:15.0171 0x1760  UnistoreSvc - ok
12:21:15.0179 0x1760  upnphost - ok
12:21:15.0181 0x1760  UrsChipidea - ok
12:21:15.0183 0x1760  UrsCx01000 - ok
12:21:15.0185 0x1760  UrsSynopsys - ok
12:21:15.0187 0x1760  usbccgp - ok
12:21:15.0189 0x1760  usbcir - ok
12:21:15.0191 0x1760  usbehci - ok
12:21:15.0193 0x1760  usbhub - ok
12:21:15.0195 0x1760  USBHUB3 - ok
12:21:15.0196 0x1760  usbohci - ok
12:21:15.0198 0x1760  usbprint - ok
12:21:15.0201 0x1760  usbser - ok
12:21:15.0203 0x1760  USBSTOR - ok
12:21:15.0205 0x1760  usbuhci - ok
12:21:15.0206 0x1760  USBXHCI - ok
12:21:15.0225 0x1760  UserDataSvc - ok
12:21:15.0248 0x1760  UserManager - ok
12:21:15.0250 0x1760  UsoSvc - ok
12:21:15.0251 0x1760  VaultSvc - ok
12:21:15.0253 0x1760  vdrvroot - ok
12:21:15.0265 0x1760  vds - ok
12:21:15.0266 0x1760  VerifierExt - ok
12:21:15.0268 0x1760  vhdmp - ok
12:21:15.0270 0x1760  vhf - ok
12:21:15.0273 0x1760  vmbus - ok
12:21:15.0274 0x1760  VMBusHID - ok
12:21:15.0286 0x1760  vmicguestinterface - ok
12:21:15.0287 0x1760  vmicheartbeat - ok
12:21:15.0289 0x1760  vmickvpexchange - ok
12:21:15.0291 0x1760  vmicrdv - ok
12:21:15.0293 0x1760  vmicshutdown - ok
12:21:15.0295 0x1760  vmictimesync - ok
12:21:15.0297 0x1760  vmicvmsession - ok
12:21:15.0299 0x1760  vmicvss - ok
12:21:15.0301 0x1760  volmgr - ok
12:21:15.0303 0x1760  volmgrx - ok
12:21:15.0305 0x1760  volsnap - ok
12:21:15.0307 0x1760  vpci - ok
12:21:15.0309 0x1760  vsmraid - ok
12:21:15.0315 0x1760  VSS - ok
12:21:15.0316 0x1760  VSTXRAID - ok
12:21:15.0319 0x1760  vwifibus - ok
12:21:15.0321 0x1760  vwififlt - ok
12:21:15.0323 0x1760  W32Time - ok
12:21:15.0354 0x1760  w3logsvc - ok
12:21:15.0370 0x1760  W3SVC - ok
12:21:15.0371 0x1760  WacomPen - ok
12:21:15.0374 0x1760  WalletService - ok
12:21:15.0375 0x1760  wanarp - ok
12:21:15.0377 0x1760  wanarpv6 - ok
12:21:15.0379 0x1760  WAS - ok
12:21:15.0390 0x1760  wbengine - ok
12:21:15.0396 0x1760  WbioSrvc - ok
12:21:15.0399 0x1760  Wcmsvc - ok
12:21:15.0488 0x1760  wcncsvc - ok
12:21:15.0492 0x1760  WcsPlugInService - ok
12:21:15.0496 0x1760  WdBoot - ok
12:21:15.0501 0x1760  Wdf01000 - ok
12:21:15.0506 0x1760  WdFilter - ok
12:21:15.0508 0x1760  WdiServiceHost - ok
12:21:15.0511 0x1760  WdiSystemHost - ok
12:21:15.0513 0x1760  wdiwifi - ok
12:21:15.0516 0x1760  WdNisDrv - ok
12:21:15.0536 0x1760  WdNisSvc - ok
12:21:15.0538 0x1760  WebClient - ok
12:21:15.0540 0x1760  Wecsvc - ok
12:21:15.0543 0x1760  WEPHOSTSVC - ok
12:21:15.0545 0x1760  wercplsupport - ok
12:21:15.0548 0x1760  WerSvc - ok
12:21:15.0557 0x1760  WFPLWFS - ok
12:21:15.0558 0x1760  WiaRpc - ok
12:21:15.0562 0x1760  WIMMount - ok
12:21:15.0563 0x1760  WinDefend - ok
12:21:15.0568 0x1760  WindowsTrustedRT - ok
12:21:15.0571 0x1760  WindowsTrustedRTProxy - ok
12:21:15.0573 0x1760  WinHttpAutoProxySvc - ok
12:21:15.0575 0x1760  WinMad - ok
12:21:15.0604 0x1760  Winmgmt - ok
12:21:15.0607 0x1760  WinRM - ok
12:21:15.0612 0x1760  WINUSB - ok
12:21:15.0614 0x1760  WinVerbs - ok
12:21:15.0620 0x1760  WlanSvc - ok
12:21:15.0622 0x1760  wlidsvc - ok
12:21:15.0624 0x1760  WmiAcpi - ok
12:21:15.0628 0x1760  wmiApSrv - ok
12:21:15.0650 0x1760  WMPNetworkSvc - ok
12:21:15.0659 0x1760  [ 2A9650FCC696DB28E45EA8B33B99B8E6, FBEBC6C05D50F578C6EEE0A7285EBE1DEADB08DD21FA3232630FD8D5A68FC3FB ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
12:21:15.0663 0x1760  Wof - ok
12:21:15.0666 0x1760  workfolderssvc - ok
12:21:15.0668 0x1760  wpcfltr - ok
12:21:15.0680 0x1760  WPDBusEnum - ok
12:21:15.0681 0x1760  WpdUpFltr - ok
12:21:15.0684 0x1760  WpnService - ok
12:21:15.0685 0x1760  ws2ifsl - ok
12:21:15.0688 0x1760  wscsvc - ok
12:21:15.0689 0x1760  WSearch - ok
12:21:15.0697 0x1760  WSService - ok
12:21:15.0699 0x1760  wuauserv - ok
12:21:15.0701 0x1760  WudfPf - ok
12:21:15.0703 0x1760  WUDFRd - ok
12:21:15.0705 0x1760  wudfsvc - ok
12:21:15.0707 0x1760  WUDFWpdFs - ok
12:21:15.0709 0x1760  WUDFWpdMtp - ok
12:21:15.0712 0x1760  WwanSvc - ok
12:21:15.0714 0x1760  XblAuthManager - ok
12:21:15.0734 0x1760  XblGameSave - ok
12:21:15.0736 0x1760  xboxgip - ok
12:21:15.0738 0x1760  XboxNetApiSvc - ok
12:21:15.0740 0x1760  xinputhid - ok
12:21:15.0767 0x1760  [ 99C131567C10C25589E741E69A8F8AA3, 45F42C5D874369D6BE270EA27A5511EFCCA512AEAC7977F83A51B7C4DEE6B5EF ] ZAM             C:\WINDOWS\System32\drivers\zam64.sys
12:21:15.0770 0x1760  ZAM - ok
12:21:16.0056 0x1760  [ 6EDFDB1E61DB0AE8C89072563913F382, 98BF38A003110B9BA42194F390C17BAF623D006EED498FFCC03A3CD6952EC20A ] ZAMSvc          C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
12:21:16.0292 0x1760  ZAMSvc - ok
12:21:16.0321 0x1760  [ 99C131567C10C25589E741E69A8F8AA3, 45F42C5D874369D6BE270EA27A5511EFCCA512AEAC7977F83A51B7C4DEE6B5EF ] ZAM_Guard       C:\WINDOWS\System32\drivers\zamguard64.sys
12:21:16.0324 0x1760  ZAM_Guard - ok
12:21:16.0324 0x1760  ================ Scan global ===============================
12:21:16.0358 0x1760  [ Global ] - ok
12:21:16.0358 0x1760  ================ Scan MBR ==================================
12:21:16.0376 0x1760  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:21:16.0512 0x1760  \Device\Harddisk0\DR0 - ok
12:21:16.0512 0x1760  ================ Scan VBR ==================================
12:21:16.0515 0x1760  [ 72E4A3BF31886550E98F4A2ED165C8E5 ] \Device\Harddisk0\DR0\Partition1
12:21:16.0570 0x1760  \Device\Harddisk0\DR0\Partition1 - ok
12:21:16.0571 0x1760  [ B7A7C915700BB18902C31C7244454212 ] \Device\Harddisk0\DR0\Partition2
12:21:16.0612 0x1760  \Device\Harddisk0\DR0\Partition2 - ok
12:21:16.0612 0x1760  ================ Scan generic autorun ======================
12:21:16.0874 0x1760  [ 6EDFDB1E61DB0AE8C89072563913F382, 98BF38A003110B9BA42194F390C17BAF623D006EED498FFCC03A3CD6952EC20A ] C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
12:21:17.0011 0x1760  ZAM - ok
12:21:17.0057 0x1760  RTHDVCPL - ok
12:21:17.0208 0x1760  [ E41245791F9B6F4022F8C46154C358E8, 3E1597352DC9DBBAD8262B8271FC532F38C39EBB2D7461DE6839880A0D099E2F ] C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
12:21:17.0258 0x1760  StartCN - ok
12:21:17.0288 0x1760  [ 747CEF68DA0B3BABD64B74C0E06C050E, C640AF94F66025E8B9937A37A361547580DB3F0B5F62F21E8B30A087BE018015 ] C:\Program Files\iTunes\iTunesHelper.exe
12:21:17.0291 0x1760  iTunesHelper - ok
12:21:17.0327 0x1760  OneDriveSetup - ok
12:21:17.0327 0x1760  OneDriveSetup - ok
12:21:17.0490 0x1760  [ 91DD4AD85BB341CC8CF5187EA06FD171, 68330A5EBDA7E4A51926EC2085D71C11BD2857A6EB1D4749DEE7A6D1D5679B98 ] C:\Users\Kev\AppData\Local\Microsoft\OneDrive\OneDrive.exe
12:21:17.0501 0x1760  OneDrive - ok
12:21:17.0694 0x1760  [ 6DD1DBC860FC89FB6FFE34CC3A80E508, AAB976878485CCBB46D007CB70372E5FB0166791E238F44C634ACCF4D8E34216 ] C:\Program Files\CCleaner\CCleaner64.exe
12:21:17.0871 0x1760  CCleaner Monitoring - ok
12:21:17.0877 0x1760  OneDriveSetup - ok
12:21:17.0915 0x1760  WAB Migrate - ok
12:21:17.0916 0x1760  Waiting for KSN requests completion. In queue: 34
12:21:18.0917 0x1760  Waiting for KSN requests completion. In queue: 34
12:21:18.0985 0x1730  Object required for P2P: [ 6EDFDB1E61DB0AE8C89072563913F382 ] ZAMSvc
12:21:19.0457 0x1730  Object send P2P result: true
12:21:19.0459 0x1730  Object required for P2P: [ 6EDFDB1E61DB0AE8C89072563913F382 ] C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
12:21:19.0904 0x1730  Object send P2P result: true
12:21:19.0929 0x1760  AV detected via SS2: ESET Smart Security 9.0.375.0, C:\Program Files\ESET\ESET Smart Security\ecmd.exe ( 9.0.376.0 ), 0x41000 ( enabled : updated )
12:21:19.0929 0x1760  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.9.10586.0 ), 0x60100 ( disabled : updated )
12:21:19.0930 0x1760  FW detected via SS2: ESET Personal firewall, C:\Program Files\ESET\ESET Smart Security\ecmd.exe ( 9.0.376.0 ), 0x41010 ( enabled )
12:21:30.0080 0x1760  ============================================================
12:21:30.0080 0x1760  Scan finished
12:21:30.0080 0x1760  ============================================================
12:21:30.0089 0x0280  Detected object count: 0
12:21:30.0089 0x0280  Actual detected object count: 0



#5 Kev35

Kev35
  • Topic Starter

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Local time:01:10 PM

Posted 18 June 2016 - 11:29 AM

# AdwCleaner v5.200 - Logfile created 18/06/2016 at 12:25:16
# Updated 14/06/2016 by ToolsLib
# Database : 2016-06-17.1 [Server]
# Operating system : Windows 10 Home  (X64)
# Username : Kev - KEV-PC
# Running from : C:\Users\Kev\Downloads\AdwCleaner(3).exe
# Option : Scan
# Support : https://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****


***** [ Files ] *****


***** [ DLL ] *****


***** [ WMI ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****


***** [ Web browsers ] *****


*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [3694 bytes] - [06/02/2016 15:44:32]
C:\AdwCleaner\AdwCleaner[C3].txt - [1286 bytes] - [20/09/2015 22:37:14]
C:\AdwCleaner\AdwCleaner[R0].txt - [845 bytes] - [31/05/2015 11:54:33]
C:\AdwCleaner\AdwCleaner[R1].txt - [909 bytes] - [31/05/2015 23:22:50]
C:\AdwCleaner\AdwCleaner[R2].txt - [967 bytes] - [31/05/2015 23:27:19]
C:\AdwCleaner\AdwCleaner[R3].txt - [1348 bytes] - [07/08/2015 22:24:49]
C:\AdwCleaner\AdwCleaner[S0].txt - [1034 bytes] - [31/05/2015 23:27:56]
C:\AdwCleaner\AdwCleaner[S10].txt - [642 bytes] - [21/11/2015 23:57:10]
C:\AdwCleaner\AdwCleaner[S1].txt - [4727 bytes] - [07/08/2015 22:25:47]
C:\AdwCleaner\AdwCleaner[S2].txt - [1786 bytes] - [16/06/2016 20:54:07]
C:\AdwCleaner\AdwCleaner[S3].txt - [1346 bytes] - [18/06/2016 12:25:16]
C:\AdwCleaner\AdwCleaner[S5].txt - [571 bytes] - [23/08/2015 21:46:12]
C:\AdwCleaner\AdwCleaner[S6].txt - [616 bytes] - [30/08/2015 14:26:36]
C:\AdwCleaner\AdwCleaner[S7].txt - [570 bytes] - [02/09/2015 20:43:44]
C:\AdwCleaner\AdwCleaner[S8].txt - [1156 bytes] - [20/09/2015 22:36:23]
C:\AdwCleaner\AdwCleaner[S9].txt - [616 bytes] - [20/09/2015 22:44:10]

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [1780 bytes] ##########



#6 Kev35

Kev35
  • Topic Starter

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Local time:01:10 PM

Posted 18 June 2016 - 11:35 AM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.6 (04.25.2016)
Operating System: Windows 10 Home x64
Ran by Kev (Administrator) on Sat 06/18/2016 at 12:31:15.38
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 0




Registry: 0





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 06/18/2016 at 12:32:23.72
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



#7 Kev35

Kev35
  • Topic Starter

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Local time:01:10 PM

Posted 18 June 2016 - 01:04 PM

Eset scanner found nothing






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users