Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Latest News:    Microsoft Released Windows 10 Cumulative Updates KB4345421 & KB4345420

Featured Deal: Get 96% off the MCSA SQL Server Training Deal

Photo

Browser Hijacked with popped up searches to 'legitimate' help sites

Started by DerekJ , Dec 21 2016 09:00 PM

  • This topic is locked This topic is locked
10 replies to this topic

#1 DerekJ

DerekJ

  • Members
  • 11 posts
  • OFFLINE
    •  

Posted 21 December 2016 - 09:00 PM


I have been wrestling with a particularly nasty problem that I cannot get rid of.  I'm running Windows 10 Professional 64-bit on an AMD FX-8350 based system.  This problem occurs randomly.  Sometimes it will not appear for hours and sometimes, it will appear right after I boot.  Long story short, the following three "help" searches show up both in Chrome and Microsoft Edge.  
 
https://www.dropbox.com/s/5pxf15k4ywgtafl/File%20Dec%2021%2C%206%2048%2031%20PM.jpeg?dl=0
 
https://www.dropbox.com/s/87iyd6lrdw0sufi/File%20Dec%2021%2C%206%2048%2011%20PM.jpeg?dl=0
 
 
https://www.dropbox.com/s/jqqi6ixl2gghddu/File%20Dec%2021%2C%206%2047%2045%20PM.jpeg?dl=0
 
 
They will sometimes open randomly when I am not using either browser or will open in a new tab, if I have a browser open.  Sometimes, they will open multiple instances in  new tabs if I'm using Chrome or tabs/cascade if I'm using Edge.  They will sometimes appear when I click on any icon or on the desktop.  An instance will appear sometimes for each letter I attempt to type into the address bar of a browser.  When it rears it's head, I cannot use any program that requires me to type something.  Oddly, this behavior doesn't happen when I'm in a game.  Only solution is to restart my machine.  Sometimes, it lies dormant after restart and others it comes right back. 
 
I have used just about everything to get rid of it.  Rogue Killer, Malwarebytes, Hijack This, Hitman Pro, Microsoft Safety Scanner, Malicious Software Removal Tool, TDSSKiller, Zemana, NPE, Spybot, Adaware, Super Anti-Spyware.  Still no joy.
 
Has anyone seen this beast and have a solution?
 
Thanks in advance.
 
Derek
 
Mod Edit:  Merged posts - Hamluis.
 
Attached FRST log files


 

Attached Files


Edited by hamluis, 22 December 2016 - 11:15 AM.

BC AdBot (Login to Remove)

 

#2 DerekJ

DerekJ
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
    •  

Posted 22 December 2016 - 10:04 AM

bump

 

Another hint on the behavior of this thing is that when it is going to appear after startup, I do not hear the windows startup tone and the hard disk activity light is very busy for much longer after startup.


Edited by DerekJ, 22 December 2016 - 10:13 AM.

#3 nasdaq

nasdaq

  • Malware Response Team
  • 39,191 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:02:45 AM

Posted 22 December 2016 - 10:56 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Press the windows key Windows_Logo_key.gif+ r on your keyboard at the same time. This will open the RUN BOX.
Type Notepad and and click the OK key.

Please copy the entire contents of the code box below to a new file.
 
Start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:

HKLM-x32\...\Run: [] => [X]
ShortcutTarget: Universal Media Server.lnk -> C:\Program Files (x86)\Universal Media Server\UMS.exe (No File)
URLSearchHook: [S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415_classes] ATTENTION => Default URLSearchHook is missing
CHR Extension: (Chrome Web Store Payments) - C:\Users\Derek Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-11-06]
CHR Extension: (Chrome Media Router) - C:\Users\Derek Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-06]
S3 dbx; system32\DRIVERS\dbx.sys [X]
U3 idsvc; no ImagePath
S1 ZAM; \??\C:\WINDOWS\System32\drivers\zam64.sys [X]
AlternateDataStreams: C:\ProgramData\TEMP:69E87FA2 [290]
AlternateDataStreams: C:\ProgramData\TEMP:A9967A61 [132]
AlternateDataStreams: C:\ProgramData\TEMP:F4C624DE [124]

Reboot:

End
Save the file as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

Reset Chrome...
Open Google Chrome, click on menu icon google-chrome-setting-icon.png which is located right side top of the google chrome.
 
Click "Settings" then "Show advanced settings" at the bottom of the screen.
 
Click "Reset browser settings" button.
 
Restart Chrome.
===

For your added security.
ADOBE AIR

Navigate to this page and follow the instructions to get the latest version.
https://get.adobe.com/air/
==============

ADOBE READER
http://get.adobe.com/reader/
Before your download I suggest you unckeck the box on the top right "Yes, install McAfee Security Scan Plus - optional" this is not required if you are not a McAfee subscriber. While the installation is in progress you can also deny the installation of any other programs that may be suggested.
<<<>>>

Remove this old versions via the Control Panel > Programs > Programs and Features if still present.
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.0.4990 - Adobe Systems Inc.)
Adobe Reader 9.1 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A91000000001}) (Version: 9.1.0 - Adobe Systems Incorporated)

Please let me know what problem persists with this computer.

===

If the problem persists please run this cleaning tool.

Temporarily disable your AV program so it does not interfere.
Info on how to disable your security applications How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs - Security Mini-Guides.

Download Zoek tool from here

When the download appears, save to the Desktop.
On the Desktop, right-click the Zoek.exe file and select: Run as Administrator
(Give it a few seconds to appear.)

Next, copy/paste the entire script inside the code box below to the input field of Zoek:
createsrpoint;
autoclean;
emptyclsid;
emptyffcache;
FFdefaults;
emptyiecache;
iedefaults;
emptychrcache;
CHRdefaults;
emptyalltemp;
emptyfolderscheck;delete
ipconfig /flushdns;b
Now...
Close any open Browsers.
Click the Run script button, and wait. It takes a few minutes to run all the script.

When the tool finishes, the zoek-results.log is opened in Notepad.
The log is also found on the systemdrive, normally C:\
If a reboot is needed, the log is opened after the reboot.

Please attach the zoek-results.log in your reply.
===

Also, please provide an update on how the computer is behaving after running the above script.

#4 DerekJ

DerekJ
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
    •  

Posted 23 December 2016 - 12:35 AM

Thank you, nasdaq.  Not having a problem so far.  I will post a periodic update on how I'm doing.  Attached is the Fixlog.txt file.

Attached Files


#5 nasdaq

nasdaq

  • Malware Response Team
  • 39,191 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:02:45 AM

Posted 23 December 2016 - 08:45 AM

If all is well.

To learn more about how to protect yourself while on the internet read this little guide best security practices keep safe.
http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/

#6 DerekJ

DerekJ
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
    •  

Posted 23 December 2016 - 11:00 AM

Well, it came back after I booted up this morning.  I restarted and then ran the Zoek tool.  My log file is attached.

Attached Files


#7 DerekJ

DerekJ
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
    •  

Posted 23 December 2016 - 02:05 PM

It's back again.  This time, it happened when I was in-game.  I was playing Battlefield 1 when I noticed strange behavior with my shift key when trying to sprint.  Exited out of the game to find Chrome open with about 30 tabs of the ea\Origin help page.  Any ideas?


#8 nasdaq

nasdaq

  • Malware Response Team
  • 39,191 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:02:45 AM

Posted 24 December 2016 - 08:01 AM

We will check your BIOS and Master boot record.

Read carefully and follow these steps.
TDSS
  • Download TDSSKiller and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application.
  • Then click on Start Scan.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.

    TDSSKillerSuspicious-1.png
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • Important: Do NOT change the default action on your own unless instructed by a malware Helper! Doing so may render your computer unbootable.
    TDSSKillerMal-1.png
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.

    TDSSKillerCompleted.png
  • If no reboot is required, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.
===

Download http://public.avast.com/~gmerek/aswMBR.exe (aswMBR.exe) to your desktop. Double click the aswMBR.exe to run it.
aswMBRScan.gif
  • Click the "Scan" button to start scan.
  • Upon completion of the scan, click Save log, and save it to your desktop. (Note - do not select any Fix at this time) <- IMPORTANT
  • Please paste the contents of that log in your next reply.
  • There shall also be a file on your desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) folder. Please attach that zipped file in your next reply.
    ===

    Wait for further instructions.

#9 DerekJ

DerekJ
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
    •  

Posted 24 December 2016 - 10:53 AM

Here are my log files:

 

 

10:33:36.0241 0x2794  TDSS rootkit removing tool 3.1.0.12 Nov  7 2016 07:10:01
10:33:43.0761 0x2794  ============================================================
10:33:43.0761 0x2794  Current date / time: 2016/12/24 10:33:43.0761
10:33:43.0761 0x2794  SystemInfo:
10:33:43.0761 0x2794  
10:33:43.0761 0x2794  OS Version: 10.0.14393 ServicePack: 0.0
10:33:43.0761 0x2794  Product type: Workstation
10:33:43.0761 0x2794  ComputerName: FRANKENSTEIN
10:33:43.0761 0x2794  UserName: Derek Jackson
10:33:43.0761 0x2794  Windows directory: C:\WINDOWS
10:33:43.0761 0x2794  System windows directory: C:\WINDOWS
10:33:43.0761 0x2794  Running under WOW64
10:33:43.0761 0x2794  Processor architecture: Intel x64
10:33:43.0761 0x2794  Number of processors: 8
10:33:43.0761 0x2794  Page size: 0x1000
10:33:43.0761 0x2794  Boot type: Normal boot
10:33:43.0761 0x2794  CodeIntegrityOptions = 0x00000001
10:33:43.0761 0x2794  ============================================================
10:33:43.0801 0x2794  KLMD registered as C:\WINDOWS\system32\drivers\00569303.sys
10:33:43.0801 0x2794  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 14393.576, osProperties = 0x19
10:33:43.0864 0x2794  System UUID: {8A603C4E-B02F-C788-9052-EF25497E9AB4}
10:33:44.0177 0x2794  Drive \Device\Harddisk1\DR1 - Size: 0x2542FCDE00 ( 149.05 Gb ), SectorSize: 0x200, Cylinders: 0x4BB4C, SectorsPerTrack: 0x3F, TracksPerCylinder: 0x10, Type 'K0', Flags 0x00000040
10:33:44.0177 0x2794  Drive \Device\Harddisk2\DR2 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:33:44.0177 0x2794  Drive \Device\Harddisk3\DR3 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:33:44.0177 0x2794  Drive \Device\Harddisk4\DR4 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:33:44.0178 0x2794  Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:33:44.0201 0x2794  Drive \Device\Harddisk9\DR9 - Size: 0x1D1C0F00000 ( 1863.01 Gb ), SectorSize: 0x200, Cylinders: 0x1D1C0F, SectorsPerTrack: 0x20, TracksPerCylinder: 0x40, Type 'W'
10:33:44.0602 0x2794  ============================================================
10:33:44.0602 0x2794  \Device\Harddisk1\DR1:
10:33:44.0602 0x2794  MBR partitions:
10:33:44.0602 0x2794  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x12A17E31
10:33:44.0602 0x2794  \Device\Harddisk2\DR2:
10:33:44.0603 0x2794  MBR partitions:
10:33:44.0603 0x2794  \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xA826B
10:33:44.0603 0x2794  \Device\Harddisk2\DR2\Partition2: MBR, Type 0x7, StartLBA 0xAC928, BlocksNum 0x3A115319
10:33:44.0603 0x2794  \Device\Harddisk3\DR3:
10:33:44.0603 0x2794  MBR partitions:
10:33:44.0603 0x2794  \Device\Harddisk3\DR3\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A381000
10:33:44.0603 0x2794  \Device\Harddisk3\DR3\Partition2: MBR, Type 0x7, StartLBA 0x3A381800, BlocksNum 0x3A385000
10:33:44.0603 0x2794  \Device\Harddisk4\DR4:
10:33:44.0603 0x2794  MBR partitions:
10:33:44.0603 0x2794  \Device\Harddisk4\DR4\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D1C4D61
10:33:44.0603 0x2794  \Device\Harddisk0\DR0:
10:33:44.0603 0x2794  MBR partitions:
10:33:44.0603 0x2794  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xE8E08871
10:33:44.0603 0x2794  \Device\Harddisk9\DR9:
10:33:44.0605 0x2794  MBR partitions:
10:33:44.0605 0x2794  \Device\Harddisk9\DR9\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07000
10:33:44.0605 0x2794  ============================================================
10:33:44.0606 0x2794  C: <-> \Device\Harddisk2\DR2\Partition2
10:33:44.0606 0x2794  D: <-> \Device\Harddisk2\DR2\Partition1
10:33:44.0620 0x2794  F: <-> \Device\Harddisk3\DR3\Partition1
10:33:44.0642 0x2794  G: <-> \Device\Harddisk3\DR3\Partition2
10:33:44.0682 0x2794  H: <-> \Device\Harddisk4\DR4\Partition1
10:33:44.0698 0x2794  I: <-> \Device\Harddisk0\DR0\Partition1
10:33:44.0725 0x2794  J: <-> \Device\Harddisk1\DR1\Partition1
10:33:44.0727 0x2794  ============================================================
10:33:44.0727 0x2794  Initialize success
10:33:44.0727 0x2794  ============================================================
10:33:50.0678 0x28d4  ============================================================
10:33:50.0678 0x28d4  Scan started
10:33:50.0678 0x28d4  Mode: Manual; 
10:33:50.0678 0x28d4  ============================================================
10:33:50.0678 0x28d4  KSN ping started
10:33:50.0784 0x28d4  KSN ping finished: true
10:33:51.0104 0x28d4  ================ Scan system memory ========================
10:33:51.0104 0x28d4  System memory - ok
10:33:51.0105 0x28d4  ================ Scan services =============================
10:33:51.0139 0x28d4  1394ohci - ok
10:33:51.0142 0x28d4  3ware - ok
10:33:51.0146 0x28d4  ACPI - ok
10:33:51.0149 0x28d4  AcpiDev - ok
10:33:51.0152 0x28d4  acpiex - ok
10:33:51.0156 0x28d4  acpipagr - ok
10:33:51.0159 0x28d4  AcpiPmi - ok
10:33:51.0162 0x28d4  acpitime - ok
10:33:51.0169 0x28d4  [ C92B0A0957ACAD3CEEF502A2CA10ACB8, 78BF46318B69D9479ECDC83446DD8D454AA2A9A9D94B33C5FC68933DB18AFA3B ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
10:33:51.0171 0x28d4  AdobeARMservice - ok
10:33:51.0198 0x28d4  [ 6F3C49799F770075E339E92B9B14AF21, 96295CA42275D7C22FEDC9567E8CCA4AB6584B7D38B4D1D62CCF197CA539C8A3 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:33:51.0203 0x28d4  AdobeFlashPlayerUpdateSvc - ok
10:33:51.0209 0x28d4  ADP80XX - ok
10:33:51.0214 0x28d4  AFD - ok
10:33:51.0219 0x28d4  ahcache - ok
10:33:51.0222 0x28d4  AJRouter - ok
10:33:51.0225 0x28d4  ALG - ok
10:33:51.0228 0x28d4  AmdK8 - ok
10:33:51.0231 0x28d4  AmdPPM - ok
10:33:51.0235 0x28d4  amdsata - ok
10:33:51.0238 0x28d4  amdsbs - ok
10:33:51.0241 0x28d4  amdxata - ok
10:33:51.0246 0x28d4  [ 172C69FE64D07BDF5CE24146274F8CB8, 0A36069BA7B1E2C8B00E8E611E5F2AEF3A7571FAEA252752577EF9DE11F343DA ] amd_sata        C:\WINDOWS\system32\drivers\amd_sata.sys
10:33:51.0249 0x28d4  amd_sata - ok
10:33:51.0254 0x28d4  [ A8FD2F5F3E70BE8FF66D2AFC6B6FB051, E5C9CDBEA96B008F2B73E5151B85867128479FBEEADF2500AB16E3B0692AC030 ] amd_xata        C:\WINDOWS\system32\drivers\amd_xata.sys
10:33:51.0255 0x28d4  amd_xata - ok
10:33:51.0259 0x28d4  AppHostSvc - ok
10:33:51.0262 0x28d4  AppID - ok
10:33:51.0266 0x28d4  AppIDSvc - ok
10:33:51.0269 0x28d4  Appinfo - ok
10:33:51.0275 0x28d4  [ 7D811EA7A2AAA49B0446D42CBC1CD338, AFECE5E44E48F756C7EB81D95C9237552AF8A9C02CBE756E0F3D3C6524DE49AD ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:33:51.0278 0x28d4  Apple Mobile Device Service - ok
10:33:51.0282 0x28d4  [ E4D0F0D5EB374D8BACF40E30E9771D60, 56C4E820485D100DACD4EF076E0B2607274B236CCC45E0CCD527C737645A1ACB ] AppleCharger    C:\WINDOWS\system32\DRIVERS\AppleCharger.sys
10:33:51.0283 0x28d4  AppleCharger - ok
10:33:51.0287 0x28d4  [ 95EF7247C50C7241FDAE39A9B3AFF4AE, 6E08FB095C04B2E217B139D6431336C0F24C128A2A83082A3085DC8C44AA247D ] AppleChargerSrv C:\WINDOWS\system32\AppleChargerSrv.exe
10:33:51.0294 0x28d4  AppleChargerSrv - ok
10:33:51.0297 0x28d4  applockerfltr - ok
10:33:51.0300 0x28d4  AppMgmt - ok
10:33:51.0303 0x28d4  AppReadiness - ok
10:33:51.0306 0x28d4  AppVClient - ok
10:33:51.0309 0x28d4  AppvStrm - ok
10:33:51.0312 0x28d4  AppvVemgr - ok
10:33:51.0316 0x28d4  AppvVfs - ok
10:33:51.0319 0x28d4  AppXSvc - ok
10:33:51.0323 0x28d4  arcsas - ok
10:33:51.0336 0x28d4  aspnet_state - ok
10:33:51.0339 0x28d4  AsyncMac - ok
10:33:51.0343 0x28d4  atapi - ok
10:33:51.0346 0x28d4  AudioEndpointBuilder - ok
10:33:51.0349 0x28d4  Audiosrv - ok
10:33:51.0352 0x28d4  AxInstSV - ok
10:33:51.0355 0x28d4  b06bdrv - ok
10:33:51.0359 0x28d4  BasicDisplay - ok
10:33:51.0362 0x28d4  BasicRender - ok
10:33:51.0367 0x28d4  bcmfn - ok
10:33:51.0370 0x28d4  bcmfn2 - ok
10:33:51.0374 0x28d4  BDESVC - ok
10:33:51.0377 0x28d4  Beep - ok
10:33:51.0380 0x28d4  BFE - ok
10:33:51.0383 0x28d4  BITS - ok
10:33:51.0395 0x28d4  [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
10:33:51.0404 0x28d4  Bonjour Service - ok
10:33:51.0408 0x28d4  bowser - ok
10:33:51.0411 0x28d4  BrokerInfrastructure - ok
10:33:51.0414 0x28d4  Browser - ok
10:33:51.0417 0x28d4  BthAvrcpTg - ok
10:33:51.0421 0x28d4  BthHFEnum - ok
10:33:51.0424 0x28d4  bthhfhid - ok
10:33:51.0427 0x28d4  BthHFSrv - ok
10:33:51.0430 0x28d4  BTHMODEM - ok
10:33:51.0435 0x28d4  bthserv - ok
10:33:51.0438 0x28d4  buttonconverter - ok
10:33:51.0441 0x28d4  CapImg - ok
10:33:51.0444 0x28d4  cdfs - ok
10:33:51.0447 0x28d4  CDPSvc - ok
10:33:51.0450 0x28d4  CDPUserSvc - ok
10:33:51.0455 0x28d4  cdrom - ok
10:33:51.0458 0x28d4  CertPropSvc - ok
10:33:51.0461 0x28d4  cht4iscsi - ok
10:33:51.0465 0x28d4  cht4vbd - ok
10:33:51.0468 0x28d4  circlass - ok
10:33:51.0471 0x28d4  CLFS - ok
10:33:51.0539 0x28d4  [ 069565979759A32A7E7FFF1541906B3F, E840AA394EB60120F8E6C4E7880A7F061070CAC5CC9AB1F74F88F65A6572BE08 ] ClickToRunSvc   C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
10:33:51.0602 0x28d4  ClickToRunSvc - ok
10:33:51.0610 0x28d4  ClipSVC - ok
10:33:51.0613 0x28d4  clreg - ok
10:33:51.0622 0x28d4  CmBatt - ok
10:33:51.0626 0x28d4  CNG - ok
10:33:51.0630 0x28d4  cnghwassist - ok
10:33:51.0640 0x28d4  CompositeBus - ok
10:33:51.0644 0x28d4  COMSysApp - ok
10:33:51.0647 0x28d4  condrv - ok
10:33:51.0650 0x28d4  CoreMessagingRegistrar - ok
10:33:51.0656 0x28d4  [ D03466C36EF0E5C7694FF38B45271D9D, 367E0C1F0C49C31F26EC6A8828FE5727D70C637FD8C4213D10E43C80A0EA259E ] Creative Media Toolbox 6 Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\MT6Licensing.exe
10:33:51.0659 0x28d4  Creative Media Toolbox 6 Licensing Service - ok
10:33:51.0663 0x28d4  CryptSvc - ok
10:33:51.0666 0x28d4  CSC - ok
10:33:51.0669 0x28d4  CscService - ok
10:33:51.0679 0x28d4  [ 51D43B57EA8EFFE5CB1E27E01C100A2F, 68995F291422F2C5A2C9C4C673272754E3AC49ED53D6197675EB9E19028163C5 ] CTAudSvcService C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
10:33:51.0687 0x28d4  CTAudSvcService - ok
10:33:51.0709 0x28d4  [ 6332B269AE3024732C47317945F324E4, 5A996BC642A38C805668435BA4A434BA5E30A6C0D03DE217E1D8567A85A8EB3C ] cthda           C:\WINDOWS\system32\drivers\cthda.sys
10:33:51.0731 0x28d4  cthda - ok
10:33:51.0749 0x28d4  [ 58D0E3E66BD5ACE338325DDDFAEF7E1D, B8D862C606A974325BB0852A1E311EF9FA20E70E51D2A4BADB747581A83052B5 ] CtHdaSvc        C:\WINDOWS\sysWow64\CtHdaSvc.exe
10:33:51.0777 0x28d4  CtHdaSvc - ok
10:33:51.0782 0x28d4  [ 7BB910D70045EE8224575AB37B24FE35, F431A0351249CDA6E250A8CCF7B7B2B28B5EEAEE2155126CF1607C8C07D3669C ] cthdb           C:\WINDOWS\system32\DRIVERS\cthdb.sys
10:33:51.0784 0x28d4  cthdb - ok
10:33:51.0788 0x28d4  dam - ok
10:33:51.0793 0x28d4  [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdate        C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
10:33:51.0796 0x28d4  dbupdate - ok
10:33:51.0800 0x28d4  [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdatem       C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
10:33:51.0803 0x28d4  dbupdatem - ok
10:33:51.0807 0x28d4  [ BC8C3896575B06303564265742142775, 38F64F215755E410F69F5BD88FCE6011093665F4C29DEE60A70632221D0C2BB3 ] DbxSvc          C:\WINDOWS\system32\DbxSvc.exe
10:33:51.0829 0x28d4  DbxSvc - ok
10:33:51.0833 0x28d4  DcomLaunch - ok
10:33:51.0836 0x28d4  DcpSvc - ok
10:33:51.0839 0x28d4  defragsvc - ok
10:33:51.0842 0x28d4  DeviceAssociationService - ok
10:33:51.0845 0x28d4  DeviceInstall - ok
10:33:51.0849 0x28d4  DevQueryBroker - ok
10:33:51.0852 0x28d4  Dfsc - ok
10:33:51.0855 0x28d4  Dhcp - ok
10:33:51.0859 0x28d4  diagnosticshub.standardcollector.service - ok
10:33:51.0862 0x28d4  DiagTrack - ok
10:33:51.0865 0x28d4  disk - ok
10:33:51.0868 0x28d4  DmEnrollmentSvc - ok
10:33:51.0871 0x28d4  dmvsc - ok
10:33:51.0874 0x28d4  dmwappushservice - ok
10:33:51.0877 0x28d4  Dnscache - ok
10:33:51.0882 0x28d4  dot3svc - ok
10:33:51.0885 0x28d4  DPS - ok
10:33:51.0888 0x28d4  drmkaud - ok
10:33:51.0891 0x28d4  DsmSvc - ok
10:33:51.0895 0x28d4  DsSvc - ok
10:33:51.0898 0x28d4  DXGKrnl - ok
10:33:51.0901 0x28d4  EapHost - ok
10:33:51.0904 0x28d4  ebdrv - ok
10:33:51.0908 0x28d4  EFS - ok
10:33:51.0912 0x28d4  EhStorClass - ok
10:33:51.0915 0x28d4  EhStorTcgDrv - ok
10:33:51.0918 0x28d4  embeddedmode - ok
10:33:51.0921 0x28d4  EntAppSvc - ok
10:33:51.0925 0x28d4  ErrDev - ok
10:33:51.0930 0x28d4  [ DFF2F2688183E47F54B9BA12785B38BF, A9192F351F30FD8974444C2AEFE57F6C6B7A0A5348BAB2093F47630952C28C09 ] ESProtectionDriver C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys
10:33:51.0932 0x28d4  ESProtectionDriver - ok
10:33:51.0937 0x28d4  EventSystem - ok
10:33:51.0940 0x28d4  exfat - ok
10:33:51.0943 0x28d4  fastfat - ok
10:33:51.0946 0x28d4  Fax - ok
10:33:51.0949 0x28d4  fdc - ok
10:33:51.0952 0x28d4  fdPHost - ok
10:33:51.0955 0x28d4  FDResPub - ok
10:33:51.0958 0x28d4  fhsvc - ok
10:33:51.0961 0x28d4  FileCrypt - ok
10:33:51.0964 0x28d4  FileInfo - ok
10:33:51.0967 0x28d4  Filetrace - ok
10:33:51.0971 0x28d4  flpydisk - ok
10:33:51.0975 0x28d4  FltMgr - ok
10:33:51.0978 0x28d4  FontCache - ok
10:33:51.0981 0x28d4  FontCache3.0.0.0 - ok
10:33:51.0984 0x28d4  FrameServer - ok
10:33:51.0987 0x28d4  FsDepends - ok
10:33:51.0990 0x28d4  Fs_Rec - ok
10:33:51.0993 0x28d4  fvevol - ok
10:33:51.0996 0x28d4  [ 7907E14F9BCF3A4689C9A74A1A873CB6, 17927B93B2D6AB4271C158F039CAE2D60591D6A14458F5A5690AEC86F5D54229 ] gdrv            C:\Windows\gdrv.sys
10:33:51.0997 0x28d4  gdrv - ok
10:33:52.0001 0x28d4  gencounter - ok
10:33:52.0004 0x28d4  genericusbfn - ok
10:33:52.0008 0x28d4  GPIOClx0101 - ok
10:33:52.0011 0x28d4  gpsvc - ok
10:33:52.0014 0x28d4  GpuEnergyDrv - ok
10:33:52.0020 0x28d4  [ A8FD9222E4D72596BB37DA8BE95C0BA4, 52FC3AA9F704300041E486E57FE863218E4CDF4C8EEE05CA6B99A296EFEE5737 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:33:52.0023 0x28d4  gupdate - ok
10:33:52.0028 0x28d4  [ A8FD9222E4D72596BB37DA8BE95C0BA4, 52FC3AA9F704300041E486E57FE863218E4CDF4C8EEE05CA6B99A296EFEE5737 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:33:52.0031 0x28d4  gupdatem - ok
10:33:52.0033 0x28d4  [ 8126331FBD4ED29EB3B356F9C905064D, A58BCE904591DD762410E99960FD956FB579C2CE78FA7BF1406075D29537EF82 ] GVTDrv64        C:\Windows\GVTDrv64.sys
10:33:52.0035 0x28d4  GVTDrv64 - ok
10:33:52.0038 0x28d4  HdAudAddService - ok
10:33:52.0042 0x28d4  HDAudBus - ok
10:33:52.0045 0x28d4  HidBatt - ok
10:33:52.0048 0x28d4  HidBth - ok
10:33:52.0052 0x28d4  hidi2c - ok
10:33:52.0054 0x28d4  hidinterrupt - ok
10:33:52.0058 0x28d4  HidIr - ok
10:33:52.0061 0x28d4  hidserv - ok
10:33:52.0064 0x28d4  HidUsb - ok
10:33:52.0068 0x28d4  HomeGroupListener - ok
10:33:52.0071 0x28d4  HomeGroupProvider - ok
10:33:52.0074 0x28d4  HpSAMD - ok
10:33:52.0077 0x28d4  [ 02F1253476B7F5F818364443DFED3264, 645F51A6781E9DEB381694718EDEF38B02F5345ADCE8860EC2D9483F7C1C7CC2 ] HPSupportSolutionsFrameworkService C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
10:33:52.0078 0x28d4  HPSupportSolutionsFrameworkService - ok
10:33:52.0081 0x28d4  HTTP - ok
10:33:52.0084 0x28d4  HvHost - ok
10:33:52.0088 0x28d4  hvservice - ok
10:33:52.0091 0x28d4  hwpolicy - ok
10:33:52.0095 0x28d4  hyperkbd - ok
10:33:52.0098 0x28d4  i8042prt - ok
10:33:52.0101 0x28d4  iagpio - ok
10:33:52.0104 0x28d4  iai2c - ok
10:33:52.0107 0x28d4  iaLPSS2i_GPIO2 - ok
10:33:52.0110 0x28d4  iaLPSS2i_I2C - ok
10:33:52.0113 0x28d4  iaLPSSi_GPIO - ok
10:33:52.0116 0x28d4  iaLPSSi_I2C - ok
10:33:52.0119 0x28d4  iaStorAV - ok
10:33:52.0122 0x28d4  iaStorV - ok
10:33:52.0125 0x28d4  ibbus - ok
10:33:52.0129 0x28d4  icssvc - ok
10:33:52.0133 0x28d4  [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
10:33:52.0135 0x28d4  IDriverT - ok
10:33:52.0139 0x28d4  IKEEXT - ok
10:33:52.0141 0x28d4  IndirectKmd - ok
10:33:52.0147 0x28d4  intelide - ok
10:33:52.0151 0x28d4  intelpep - ok
10:33:52.0153 0x28d4  intelppm - ok
10:33:52.0158 0x28d4  iorate - ok
10:33:52.0162 0x28d4  IpFilterDriver - ok
10:33:52.0165 0x28d4  iphlpsvc - ok
10:33:52.0168 0x28d4  IPMIDRV - ok
10:33:52.0171 0x28d4  IPNAT - ok
10:33:52.0185 0x28d4  [ A9E19D4C0E9487544B0A87D511514DA9, 83767BA2A7EE1DE39DBF824B57D898355F8C5E3CE146CA280B0E336428837E70 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
10:33:52.0196 0x28d4  iPod Service - ok
10:33:52.0200 0x28d4  irda - ok
10:33:52.0203 0x28d4  IRENUM - ok
10:33:52.0206 0x28d4  irmon - ok
10:33:52.0210 0x28d4  isapnp - ok
10:33:52.0213 0x28d4  iScsiPrt - ok
10:33:52.0216 0x28d4  kbdclass - ok
10:33:52.0219 0x28d4  kbdhid - ok
10:33:52.0222 0x28d4  kdnic - ok
10:33:52.0226 0x28d4  KeyIso - ok
10:33:52.0229 0x28d4  KSecDD - ok
10:33:52.0232 0x28d4  KSecPkg - ok
10:33:52.0235 0x28d4  ksthunk - ok
10:33:52.0238 0x28d4  KtmRm - ok
10:33:52.0242 0x28d4  LanmanServer - ok
10:33:52.0245 0x28d4  LanmanWorkstation - ok
10:33:52.0249 0x28d4  lfsvc - ok
10:33:52.0253 0x28d4  [ A6F294B38F3DFB67D6B6E1D1E60A402A, 11C51B35DB2A3510258F3B722C12326BF068360CFA1E81FF552BA0BD19DE38E8 ] LGBusEnum       C:\WINDOWS\system32\drivers\LGBusEnum.sys
10:33:52.0260 0x28d4  LGBusEnum - ok
10:33:52.0263 0x28d4  [ 2D7F1C02B94D6F0F3E10107E5EA8E141, 93B266F38C3C3EAAB475D81597ABBD7CC07943035068BB6FD670DBBE15DE0131 ] LGCoreTemp      C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys
10:33:52.0264 0x28d4  LGCoreTemp - ok
10:33:52.0268 0x28d4  [ 2A9F60E6531F42B31874618743037719, BFD61AD03ADEF69421ECB07820EDB79D425048EC01A65A0D1E8A4527699196DC ] LGJoyXlCore     C:\WINDOWS\system32\drivers\LGJoyXlCore.sys
10:33:52.0271 0x28d4  LGJoyXlCore - ok
10:33:52.0276 0x28d4  [ F705A641C18DF31B48B5DBDA94B425E4, 1F47EE43CAFE5458E56467E127EE99B5FDBFF8B810CF92B232094B475DD42B21 ] LGPBTDD         C:\WINDOWS\System32\Drivers\LGPBTDD.sys
10:33:52.0277 0x28d4  LGPBTDD - ok
10:33:52.0281 0x28d4  [ FA59A7421049F5852C1182345A4B8C4F, 6E7DFBF8382187E01CA0AE9CB7A175B563DA6807909A8A7E67779C045F290A06 ] LGVirHid        C:\WINDOWS\system32\drivers\LGVirHid.sys
10:33:52.0283 0x28d4  LGVirHid - ok
10:33:52.0287 0x28d4  LicenseManager - ok
10:33:52.0291 0x28d4  lltdio - ok
10:33:52.0294 0x28d4  lltdsvc - ok
10:33:52.0297 0x28d4  lmhosts - ok
10:33:52.0303 0x28d4  [ 8A742153A0559813ACFED9B16FC743FD, 75121ACA585FE124059BC5F9DB01C1D2115CAFFCDD7C135FC260A5E955A1DCA7 ] LogiRegistryService C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
10:33:52.0307 0x28d4  LogiRegistryService - ok
10:33:52.0312 0x28d4  LSI_SAS - ok
10:33:52.0315 0x28d4  LSI_SAS2i - ok
10:33:52.0318 0x28d4  LSI_SAS3i - ok
10:33:52.0322 0x28d4  LSI_SSS - ok
10:33:52.0325 0x28d4  LSM - ok
10:33:52.0328 0x28d4  luafv - ok
10:33:52.0338 0x28d4  [ A0A527569856B9814E8920F52EBB67F5, 4347277C84B47E4CC048850BDEFB258CFB3B476AA99FD503FD71FBB70FFF5ACF ] LVRS64          C:\WINDOWS\system32\DRIVERS\lvrs64.sys
10:33:52.0345 0x28d4  LVRS64 - ok
10:33:52.0432 0x28d4  [ 415E344294D1C0D04627B29146F68481, B4A1A05BDF07E8F226A98E51F62BE18BE2C046A084C495BD8A95CABC79FD0614 ] LVUVC64         C:\WINDOWS\system32\DRIVERS\lvuvc64.sys
10:33:52.0513 0x28d4  LVUVC64 - ok
10:33:52.0523 0x28d4  MapsBroker - ok
10:33:52.0528 0x28d4  [ A0C532297C7CB5A3E270C32D55B638EB, 6C8F108219FA3556BBDA5D28D9363EC9A5BBAA4CDCD0E99A206E65470E2EDB50 ] Marvell PNP Listener C:\Program Files (x86)\Marvell\mv91xx\util\mvpnplistener.exe
10:33:52.0530 0x28d4  Marvell PNP Listener - ok
10:33:52.0535 0x28d4  [ F4E29A91DF19BA8C4D72695887AA4DEF, 67F5D137209EF1323A03EC6F31DFCA10C7D1F19102FAC735D0DF8924879E22AA ] MbaeSvc         C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
10:33:52.0538 0x28d4  MbaeSvc - ok
10:33:52.0542 0x28d4  megasas - ok
10:33:52.0545 0x28d4  megasas2i - ok
10:33:52.0548 0x28d4  megasr - ok
10:33:52.0552 0x28d4  MessagingService - ok
10:33:52.0557 0x28d4  MFE_RR - ok
10:33:52.0561 0x28d4  mlx4_bus - ok
10:33:52.0564 0x28d4  MMCSS - ok
10:33:52.0567 0x28d4  Modem - ok
10:33:52.0570 0x28d4  monitor - ok
10:33:52.0574 0x28d4  mouclass - ok
10:33:52.0577 0x28d4  mouhid - ok
10:33:52.0580 0x28d4  mountmgr - ok
10:33:52.0583 0x28d4  mpsdrv - ok
10:33:52.0586 0x28d4  MpsSvc - ok
10:33:52.0589 0x28d4  MQAC - ok
10:33:52.0593 0x28d4  MRxDAV - ok
10:33:52.0596 0x28d4  mrxsmb - ok
10:33:52.0599 0x28d4  mrxsmb10 - ok
10:33:52.0603 0x28d4  mrxsmb20 - ok
10:33:52.0606 0x28d4  MsBridge - ok
10:33:52.0610 0x28d4  MSDTC - ok
10:33:52.0618 0x28d4  Msfs - ok
10:33:52.0622 0x28d4  msgpiowin32 - ok
10:33:52.0626 0x28d4  mshidkmdf - ok
10:33:52.0630 0x28d4  mshidumdf - ok
10:33:52.0634 0x28d4  msisadrv - ok
10:33:52.0638 0x28d4  MSiSCSI - ok
10:33:52.0642 0x28d4  msiserver - ok
10:33:52.0646 0x28d4  MSKSSRV - ok
10:33:52.0651 0x28d4  MsLldp - ok
10:33:52.0654 0x28d4  MSMQ - ok
10:33:52.0658 0x28d4  MSPCLOCK - ok
10:33:52.0662 0x28d4  MSPQM - ok
10:33:52.0666 0x28d4  MsRPC - ok
10:33:52.0671 0x28d4  MsSecFlt - ok
10:33:52.0676 0x28d4  mssmbios - ok
10:33:52.0679 0x28d4  MSTEE - ok
10:33:52.0683 0x28d4  MTConfig - ok
10:33:52.0687 0x28d4  Mup - ok
10:33:52.0697 0x28d4  [ 9D84E78FF2D1708E37BA8C47F02544BD, 484198084C1D4C6760FE4A8F4C816360627BFC520949C87EC5EAA0FCB83B2D13 ] mvs91xx         C:\WINDOWS\system32\drivers\mvs91xx.sys
10:33:52.0706 0x28d4  mvs91xx - ok
10:33:52.0709 0x28d4  mvumis - ok
10:33:52.0716 0x28d4  [ 984A6039BC06C2857599AF2CF8A40AD8, A28FE229E28B5C6F465545DE9ED195F0ACF4901A81FDF36789B9D9893D5CC70D ] NanoServiceMain C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
10:33:52.0720 0x28d4  NanoServiceMain - ok
10:33:52.0725 0x28d4  NativeWifiP - ok
10:33:52.0728 0x28d4  NcaSvc - ok
10:33:52.0731 0x28d4  NcbService - ok
10:33:52.0734 0x28d4  NcdAutoSetup - ok
10:33:52.0737 0x28d4  ndfltr - ok
10:33:52.0740 0x28d4  NDIS - ok
10:33:52.0744 0x28d4  NdisCap - ok
10:33:52.0747 0x28d4  NdisImPlatform - ok
10:33:52.0750 0x28d4  NdisTapi - ok
10:33:52.0754 0x28d4  Ndisuio - ok
10:33:52.0757 0x28d4  NdisVirtualBus - ok
10:33:52.0760 0x28d4  NdisWan - ok
10:33:52.0763 0x28d4  ndiswanlegacy - ok
10:33:52.0767 0x28d4  ndproxy - ok
10:33:52.0770 0x28d4  Ndu - ok
10:33:52.0773 0x28d4  NetAdapterCx - ok
10:33:52.0776 0x28d4  NetBIOS - ok
10:33:52.0781 0x28d4  NetBT - ok
10:33:52.0788 0x28d4  [ 236613650B2E2C0DC59F6C28C60F32E1, A5519DA028BB638A8BCAD82C3BEB9E267B22A0DC7381B389A23FEFED422D44F5 ] NETGEARGenieDaemon C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe
10:33:52.0794 0x28d4  NETGEARGenieDaemon - ok
10:33:52.0797 0x28d4  Netlogon - ok
10:33:52.0801 0x28d4  Netman - ok
10:33:52.0806 0x28d4  NetMsmqActivator - ok
10:33:52.0808 0x28d4  NetPipeActivator - ok
10:33:52.0812 0x28d4  netprofm - ok
10:33:52.0816 0x28d4  NetSetupSvc - ok
10:33:52.0818 0x28d4  NetTcpActivator - ok
10:33:52.0821 0x28d4  NetTcpPortSharing - ok
10:33:52.0827 0x28d4  NgcCtnrSvc - ok
10:33:52.0830 0x28d4  NgcSvc - ok
10:33:52.0834 0x28d4  NlaSvc - ok
10:33:52.0839 0x28d4  [ 88960DB46ACCC3FEDEBBB8184D1D8BF5, 6FC18EFC8B4BE7A2A64166C735E1CB9B20E8B62F2296A01576AC1769E3C24E31 ] NNSALPC         C:\WINDOWS\system32\DRIVERS\NNSALPC.sys
10:33:52.0842 0x28d4  NNSALPC - ok
10:33:52.0849 0x28d4  [ 528C0EDB540F0B0A7054D9E2517E8A35, 0762BF4C2D9D8DB648F58CC3D7A919239E4DB8712D8941D53652371F2C025378 ] NNSHTTP         C:\WINDOWS\system32\DRIVERS\NNSHTTP.sys
10:33:52.0854 0x28d4  NNSHTTP - ok
10:33:52.0860 0x28d4  [ DA4688175B84E522F4E0D269475D01D6, D330B09FDD7BEEDB65E7DC2AC3D410F2BC64BEE4ACD663237B4C0F0814C8CE3A ] NNSHTTPS        C:\WINDOWS\system32\DRIVERS\NNSHTTPS.sys
10:33:52.0863 0x28d4  NNSHTTPS - ok
10:33:52.0869 0x28d4  [ C71B72375BB54A22F053E7EBDA28BB5C, D188D16BDCED9A5877C8B7791B7C354E266B6B37C110140033E00850372700F5 ] NNSIDS          C:\WINDOWS\system32\DRIVERS\NNSIDS.sys
10:33:52.0872 0x28d4  NNSIDS - ok
10:33:52.0876 0x28d4  [ E4B9C6200A8A1213FD29FAF3C42F5F22, 32B21D03BAE08418E5E3B41D7A792378F9915A4AE24C9007B5192E98D480C12B ] NNSNAHSL        C:\WINDOWS\system32\DRIVERS\NNSNAHSL.sys
10:33:52.0879 0x28d4  NNSNAHSL - ok
10:33:52.0884 0x28d4  [ 3F6BAA8B1C4BC50735E54DBDBED734D8, 6E892687D12E947548059E1534ED12EB20DF1A6196EAF73657192C46C9CA7FBB ] NNSPICC         C:\WINDOWS\system32\DRIVERS\NNSPICC.sys
10:33:52.0888 0x28d4  NNSPICC - ok
10:33:52.0893 0x28d4  [ 7585AB5A79BC35C4892DC22E3F523516, DBEB3AB613801574883ADD2DD2011FF295DFB69CB3ACD1FA7952030ED5405CAB ] NNSPIHSW        C:\WINDOWS\system32\DRIVERS\NNSPIHSW.sys
10:33:52.0895 0x28d4  NNSPIHSW - ok
10:33:52.0901 0x28d4  [ D9609840CF0571B783A4E81B9061F2B6, 1CED58206E7D90FE20B689DD13427D4C7019239B0AF84CBDA656CF0F2437A726 ] NNSPOP3         C:\WINDOWS\system32\DRIVERS\NNSPOP3.sys
10:33:52.0905 0x28d4  NNSPOP3 - ok
10:33:52.0914 0x28d4  [ F3F228144410965A196123A4F4D60B66, 9132EE85915DB17B931C3C51819E8522033B3A7AE53B57593F7C77BAD43B9EC3 ] NNSPROT         C:\WINDOWS\system32\DRIVERS\NNSPROT.sys
10:33:52.0921 0x28d4  NNSPROT - ok
10:33:52.0928 0x28d4  [ 8B6BEB3F0980DB3928811F805E97F03E, 42FC0274E20670A81B19FEE7D56CBAAB42F5B632F9489D458E0DBB96B5088D3E ] NNSPRV          C:\WINDOWS\system32\DRIVERS\NNSPRV.sys
10:33:52.0932 0x28d4  NNSPRV - ok
10:33:52.0939 0x28d4  [ 4125E22EF46CFBFB59DEE7F7144E6D74, 4D5C451CA26CF34E0AB6F17F1862398F5E9F6513F306080BDC56893D9B6FBE53 ] NNSSMTP         C:\WINDOWS\system32\DRIVERS\NNSSMTP.sys
10:33:52.0942 0x28d4  NNSSMTP - ok
10:33:52.0951 0x28d4  [ 935ADC2A106BB366F148CB378686D26E, B5B059374CD2DC1CC9FE43046494E7AA880CBE752D38F1BD0EFD7E49879CFFD0 ] NNSSTRM         C:\WINDOWS\system32\DRIVERS\NNSSTRM.sys
10:33:52.0957 0x28d4  NNSSTRM - ok
10:33:52.0963 0x28d4  [ E74AA03D6C9E443EC1C7A35B9B04DAA2, A3B4CB031F33B11F4D5FFE610CD34F8BC4EC6892D850C9ED6B46B20BCFBF0DC1 ] NNSTLSC         C:\WINDOWS\system32\DRIVERS\NNSTLSC.sys
10:33:52.0966 0x28d4  NNSTLSC - ok
10:33:52.0971 0x28d4  [ 351533ACC2A069B94E80BBFC177E8FDF, 54B2749E0496ECC94CE65657627762B485CBC825767BAEDDAD0D2598820FFB9E ] NPF             C:\WINDOWS\system32\drivers\npf.sys
10:33:52.0973 0x28d4  NPF - ok
10:33:52.0977 0x28d4  Npfs - ok
10:33:52.0981 0x28d4  npsvctrig - ok
10:33:52.0985 0x28d4  [ 7E5B0FED87F679CFE547B9CB784DE546, 84559C174E0664BEA8F3108157CEC266F8109D448D88A230A6050079ED9DF15E ] npusbio         C:\WINDOWS\System32\Drivers\npusbio_x64.sys
10:33:52.0987 0x28d4  npusbio - ok
10:33:52.0992 0x28d4  nsi - ok
10:33:52.0995 0x28d4  nsiproxy - ok
10:33:53.0000 0x28d4  NTFS - ok
10:33:53.0004 0x28d4  Null - ok
10:33:53.0015 0x28d4  [ 43AD086280AB777A552CF8749751CC58, 3845F53A402E1EA4C5E09D37BE2C25BCFCBE93439A7D91CE1CC8051FE0B0E318 ] NvContainerLocalSystem C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
10:33:53.0023 0x28d4  NvContainerLocalSystem - ok
10:33:53.0034 0x28d4  [ 43AD086280AB777A552CF8749751CC58, 3845F53A402E1EA4C5E09D37BE2C25BCFCBE93439A7D91CE1CC8051FE0B0E318 ] NvContainerNetworkService C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
10:33:53.0042 0x28d4  NvContainerNetworkService - ok
10:33:53.0052 0x28d4  [ 64DA1993B1973F049C1347DA1B05185E, 2A04E263DB13751D033E2F9B9518820CF4942EEAFA5A32488570EEB699EE2A96 ] NVHDA           C:\WINDOWS\system32\drivers\nvhda64v.sys
10:33:53.0057 0x28d4  NVHDA - ok
10:33:53.0080 0x28d4  [ 67B1600134B1DA011D6009166792757B, 4A24E66681D5425A0AF9AE9BB4BD3CB9697EE6E397817A149BC1A601042CDE94 ] NVIDIA Wireless Controller Service C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
10:33:53.0100 0x28d4  NVIDIA Wireless Controller Service - ok
10:33:53.0364 0x28d4  [ 557A0393BDFED327968A9E695FB4CEBA, 76D39F74439205B5B614B0D99E9E10629738E00250A5E7FFEE50815F69EE70D0 ] nvlddmkm        C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_3f929cc119e3b994\nvlddmkm.sys
10:33:53.0605 0x28d4  nvlddmkm - ok
10:33:53.0631 0x28d4  nvraid - ok
10:33:53.0635 0x28d4  nvstor - ok
10:33:53.0640 0x28d4  [ 27668C46E3D846B9C8C4BEA77911E18A, 81B2C799704FF146513D7902872D5D649EB89FAF55331798AFA92137194D0DF9 ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
10:33:53.0642 0x28d4  NvStreamKms - ok
10:33:53.0653 0x28d4  [ 1ABEA7C30F41DEE360C63983825D7322, 34E173C3C8C954E2BCCD6C9959E36E0625D4FA1344BEA647667AF2AC5209AF80 ] NvTelemetryContainer C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
10:33:53.0661 0x28d4  NvTelemetryContainer - ok
10:33:53.0668 0x28d4  [ FF6BD6C9A4CF318C3D5ED494D578235C, AF6B934506C1DAB18C8A3EF99F829478492FCBE218A9643A59974A3302BEF668 ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
10:33:53.0670 0x28d4  nvvad_WaveExtensible - ok
10:33:53.0677 0x28d4  OneSyncSvc - ok
10:33:53.0773 0x28d4  [ AD851D818F399DD946A9C17AB2156F22, 4A541E7A3A3164581BFB9080DE0976E18F6DD00E39458EBBCBD3B2445708BEB5 ] Origin Client Service I:\Program Files (x86)\Origin\OriginClientService.exe
10:33:53.0830 0x28d4  Origin Client Service - ok
10:33:53.0898 0x28d4  [ 788363C87EBD90AC1EAD2DC5A9A40759, B565663B459414C5C9F81451D9A127D62CDF605BC2A9E686F74A2E4FD44A9B43 ] Origin Web Helper Service I:\Program Files (x86)\Origin\OriginWebHelperService.exe
10:33:53.0955 0x28d4  Origin Web Helper Service - ok
10:33:53.0965 0x28d4  [ 55AFF77D3DACE7ADCE146E70F4691979, 365E71EC1C01FFE715D37B652427ECE45E1960A13E4D11C3B2214ED11A3B6349 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:33:53.0969 0x28d4  ose - ok
10:33:53.0973 0x28d4  p2pimsvc - ok
10:33:53.0978 0x28d4  p2psvc - ok
10:33:53.0984 0x28d4  [ 823079C4FF6CE5AB1C61A332FFA8918E, D31EC3DF7F28875FE567D489000B2CC98D34ACB85598C584316047487E90985F ] PandaAgent      C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
10:33:53.0985 0x28d4  PandaAgent - ok
10:33:53.0988 0x28d4  Parport - ok
10:33:53.0993 0x28d4  partmgr - ok
10:33:53.0995 0x28d4  PcaSvc - ok
10:33:53.0999 0x28d4  pci - ok
10:33:54.0003 0x28d4  pciide - ok
10:33:54.0006 0x28d4  pcmcia - ok
10:33:54.0010 0x28d4  pcw - ok
10:33:54.0014 0x28d4  pdc - ok
10:33:54.0017 0x28d4  PEAUTH - ok
10:33:54.0021 0x28d4  PeerDistSvc - ok
10:33:54.0024 0x28d4  percsas2i - ok
10:33:54.0027 0x28d4  percsas3i - ok
10:33:54.0043 0x28d4  PerfHost - ok
10:33:54.0051 0x28d4  PhoneSvc - ok
10:33:54.0055 0x28d4  PimIndexMaintenanceSvc - ok
10:33:54.0060 0x28d4  pla - ok
10:33:54.0065 0x28d4  [ 2FE509AD76E7C1566747AB95953B2466, B1D3E910D8AAE0F3F49547DD5253C5DA26F94F6348604FCD1DDA6B95C79BFF10 ] PlaysService    C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
10:33:54.0067 0x28d4  PlaysService - ok
10:33:54.0071 0x28d4  PlugPlay - ok
10:33:54.0075 0x28d4  [ CD421DDB5C6E5458CE52EDC36DE7DC5B, 7B9C0A8B2B86BBF5D7E02F2620B0015A2530CBBC99724BE20313DE53EB31D62E ] PnkBstrA        C:\WINDOWS\system32\PnkBstrA.exe
10:33:54.0178 0x28d4  PnkBstrA - ok
10:33:54.0181 0x28d4  PNRPAutoReg - ok
10:33:54.0184 0x28d4  PNRPsvc - ok
10:33:54.0188 0x28d4  PolicyAgent - ok
10:33:54.0194 0x28d4  Power - ok
10:33:54.0197 0x28d4  PptpMiniport - ok
10:33:54.0259 0x28d4  [ 7196D3C2E2E3129814C8DAB91F9A7D1E, 6763E4BF8E846B597E78778E520F5BADC95608BAA4EA0AC84971384B5D976DD7 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
10:33:54.0317 0x28d4  PrintNotify - ok
10:33:54.0327 0x28d4  Processor - ok
10:33:54.0331 0x28d4  ProfSvc - ok
10:33:54.0335 0x28d4  Psched - ok
10:33:54.0341 0x28d4  [ D86DE53B3DDA59CF1A187687E038B3E1, A857BDA0F3A84F6D0EFCBF627AD1D1C1DB4326AF0C47182FB9984D124EB4ECFD ] PSINAflt        C:\WINDOWS\system32\DRIVERS\PSINAflt.sys
10:33:54.0347 0x28d4  PSINAflt - ok
10:33:54.0353 0x28d4  [ 7A0BB6EE85BD4CAC28E82FDC21CF5DBD, 30E9E4169930DC427C61A4AB5D96D0D4305865AC51C0A524621A9A605CB8006C ] PSINFile        C:\WINDOWS\system32\DRIVERS\PSINFile.sys
10:33:54.0357 0x28d4  PSINFile - ok
10:33:54.0366 0x28d4  [ 54994A5A8590B353DC6F827EACEA8824, F633FE283EB41B2206FB4B9E2BD3B1AE0DE8E1D752D18A90D976DB1B8333F483 ] PSINKNC         C:\WINDOWS\system32\DRIVERS\PSINKNC.sys
10:33:54.0370 0x28d4  PSINKNC - ok
10:33:54.0377 0x28d4  [ 3C3DC79600F296191B5E5EB8447F42E5, 5C9BCDEE9A5E71D8D148BA7EA3C40D5239F02D1983E14D4DC91C47D430358A7F ] PSINProc        C:\WINDOWS\system32\DRIVERS\PSINProc.sys
10:33:54.0380 0x28d4  PSINProc - ok
10:33:54.0387 0x28d4  [ 4478E2A174D133D9B7B281B98AE8BECD, F42281235F4E3BC794E60D8C20277A1F5548A855997A4A5691AC88105359F7B4 ] PSINProt        C:\WINDOWS\system32\DRIVERS\PSINProt.sys
10:33:54.0391 0x28d4  PSINProt - ok
10:33:54.0397 0x28d4  [ F50257866AA57FC263BB82654F421599, C0D86653CA9010C21E80AC3F6B98E08AF7D2DEE94E9E3524D7EB9CDBA56E197F ] PSINReg         C:\WINDOWS\system32\DRIVERS\PSINReg.sys
10:33:54.0402 0x28d4  PSINReg - ok
10:33:54.0407 0x28d4  [ 7A0DB69C5FAE330BD9F492A817B9AA8E, F2870DACA01331529FBEEC519510940FE5212FA2E45518FB32B43128AD9B4AB2 ] PSKMAD          C:\WINDOWS\system32\DRIVERS\PSKMAD.sys
10:33:54.0409 0x28d4  PSKMAD - ok
10:33:54.0415 0x28d4  [ D6BB4A20AED4C85645494C1B0C2D1472, E6BA2363A757D58D1784B531081E23F392A6D0443BCC22D615FCDCC75EA700B2 ] PSUAService     C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
10:33:54.0417 0x28d4  PSUAService - ok
10:33:54.0421 0x28d4  QWAVE - ok
10:33:54.0424 0x28d4  QWAVEdrv - ok
10:33:54.0428 0x28d4  RasAcd - ok
10:33:54.0433 0x28d4  RasAgileVpn - ok
10:33:54.0437 0x28d4  RasAuto - ok
10:33:54.0441 0x28d4  Rasl2tp - ok
10:33:54.0445 0x28d4  RasMan - ok
10:33:54.0451 0x28d4  RasPppoe - ok
10:33:54.0453 0x28d4  RasSstp - ok
10:33:54.0458 0x28d4  rdbss - ok
10:33:54.0463 0x28d4  rdpbus - ok
10:33:54.0467 0x28d4  RDPDR - ok
10:33:54.0475 0x28d4  RdpVideoMiniport - ok
10:33:54.0478 0x28d4  rdyboost - ok
10:33:54.0482 0x28d4  ReFSv1 - ok
10:33:54.0488 0x28d4  RemoteAccess - ok
10:33:54.0492 0x28d4  RemoteRegistry - ok
10:33:54.0496 0x28d4  RetailDemo - ok
10:33:54.0500 0x28d4  RmSvc - ok
10:33:54.0504 0x28d4  RpcEptMapper - ok
10:33:54.0507 0x28d4  RpcLocator - ok
10:33:54.0511 0x28d4  RpcSs - ok
10:33:54.0515 0x28d4  rspndr - ok
10:33:54.0537 0x28d4  [ FA00B16D06217288AFD700223DA131BA, 90688C3A8403FEF2A90550781CBA932A522125B47D71F3F0AF73E21E43BC5564 ] rt640x64        C:\WINDOWS\System32\drivers\rt640x64.sys
10:33:54.0555 0x28d4  rt640x64 - ok
10:33:54.0561 0x28d4  s3cap - ok
10:33:54.0564 0x28d4  SamSs - ok
10:33:54.0568 0x28d4  sbp2port - ok
10:33:54.0572 0x28d4  SCardSvr - ok
10:33:54.0576 0x28d4  ScDeviceEnum - ok
10:33:54.0580 0x28d4  scfilter - ok
10:33:54.0584 0x28d4  Schedule - ok
10:33:54.0588 0x28d4  scmbus - ok
10:33:54.0591 0x28d4  scmdisk0101 - ok
10:33:54.0595 0x28d4  SCPolicySvc - ok
10:33:54.0600 0x28d4  [ 0447065A6E10774EFCECFDD0EB970A79, 384A9AC72E756F96D43EE4B144A466564476AFD8778092C979116BB29A514433 ] ScpVBus         C:\WINDOWS\System32\drivers\ScpVBus.sys
10:33:54.0602 0x28d4  ScpVBus - ok
10:33:54.0606 0x28d4  sdbus - ok
10:33:54.0610 0x28d4  SDRSVC - ok
10:33:54.0613 0x28d4  sdstor - ok
10:33:54.0617 0x28d4  seclogon - ok
10:33:54.0621 0x28d4  SENS - ok
10:33:54.0623 0x28d4  Sense - ok
10:33:54.0628 0x28d4  SensorDataService - ok
10:33:54.0632 0x28d4  SensorService - ok
10:33:54.0636 0x28d4  SensrSvc - ok
10:33:54.0643 0x28d4  [ 81C4472F297BABE08CEA3A5E3CB3E5B4, 1E3C05AC3843C17B791CE3826EDAE7F3F6ED9A36358B6BE6E83E2FA08EE8A23C ] Ser2pl          C:\WINDOWS\system32\DRIVERS\ser2pl64.sys
10:33:54.0648 0x28d4  Ser2pl - ok
10:33:54.0652 0x28d4  SerCx - ok
10:33:54.0656 0x28d4  SerCx2 - ok
10:33:54.0660 0x28d4  Serenum - ok
10:33:54.0664 0x28d4  Serial - ok
10:33:54.0667 0x28d4  sermouse - ok
10:33:54.0676 0x28d4  SessionEnv - ok
10:33:54.0684 0x28d4  sfloppy - ok
10:33:54.0688 0x28d4  SharedAccess - ok
10:33:54.0692 0x28d4  ShellHWDetection - ok
10:33:54.0696 0x28d4  shpamsvc - ok
10:33:54.0700 0x28d4  SiSRaid2 - ok
10:33:54.0704 0x28d4  SiSRaid4 - ok
10:33:54.0709 0x28d4  smphost - ok
10:33:54.0714 0x28d4  SmsRouter - ok
10:33:54.0726 0x28d4  [ 9E8987EC160B9BFEBEE236D475CD4D43, 63830705A5EFFB4E75C86D088C2863601D85ADC3738648599C53BE91548216E5 ] SnakeEyes       C:\WINDOWS\system32\drivers\SnakeEyes.sys
10:33:54.0728 0x28d4  SnakeEyes - ok
10:33:54.0737 0x28d4  SNMPTRAP - ok
10:33:54.0742 0x28d4  spaceport - ok
10:33:54.0747 0x28d4  SpbCx - ok
10:33:54.0753 0x28d4  Spooler - ok
10:33:54.0758 0x28d4  sppsvc - ok
10:33:54.0763 0x28d4  srv - ok
10:33:54.0768 0x28d4  srv2 - ok
10:33:54.0776 0x28d4  srvnet - ok
10:33:54.0781 0x28d4  SSDPSRV - ok
10:33:54.0788 0x28d4  SstpSvc - ok
10:33:54.0793 0x28d4  StateRepository - ok
10:33:54.0823 0x28d4  [ 9867A86327E8AE3806305F1BCF01211A, CCDDB2560B30D27CE662F1B02710E1FAA9331E6A27D9A6629EEDED2CBA822062 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
10:33:54.0849 0x28d4  Steam Client Service - ok
10:33:54.0855 0x28d4  stexstor - ok
10:33:54.0859 0x28d4  [ B11724BFE7DA1BA55903B4D849415F1A, ED09B6AD68C87FED34FC66CB6C7A74DFC3AF524E3BE89EDD18A5B6685F656ACA ] StillCam        C:\WINDOWS\system32\DRIVERS\serscan.sys
10:33:54.0861 0x28d4  StillCam - ok
10:33:54.0866 0x28d4  stisvc - ok
10:33:54.0870 0x28d4  storahci - ok
10:33:54.0874 0x28d4  storflt - ok
10:33:54.0877 0x28d4  stornvme - ok
10:33:54.0882 0x28d4  storqosflt - ok
10:33:54.0886 0x28d4  StorSvc - ok
10:33:54.0889 0x28d4  storufs - ok
10:33:54.0893 0x28d4  storvsc - ok
10:33:54.0898 0x28d4  svsvc - ok
10:33:54.0902 0x28d4  swenum - ok
10:33:54.0905 0x28d4  swprv - ok
10:33:54.0911 0x28d4  Synth3dVsc - ok
10:33:54.0915 0x28d4  SysMain - ok
10:33:54.0919 0x28d4  SystemEventsBroker - ok
10:33:54.0923 0x28d4  TabletInputService - ok
10:33:54.0928 0x28d4  TapiSrv - ok
10:33:54.0932 0x28d4  Tcpip - ok
10:33:54.0936 0x28d4  Tcpip6 - ok
10:33:54.0942 0x28d4  tcpipreg - ok
10:33:54.0948 0x28d4  tdx - ok
10:33:54.0952 0x28d4  terminpt - ok
10:33:54.0956 0x28d4  TermService - ok
10:33:54.0960 0x28d4  Themes - ok
10:33:54.0965 0x28d4  TieringEngineService - ok
10:33:54.0969 0x28d4  tiledatamodelsvc - ok
10:33:54.0973 0x28d4  TimeBrokerSvc - ok
10:33:54.0978 0x28d4  [ 2867DEC7A25DCF98CA65BBDCEDA0A78E, 0AFAE82F00E7A111DD2ADD7AA59DA2AF4CDD5042CBE312639F61F3E420B41B11 ] TmBusEn         C:\WINDOWS\System32\drivers\TmBusEn.sys
10:33:54.0980 0x28d4  TmBusEn - ok
10:33:54.0985 0x28d4  [ C0C94A84AF75661E951AEAC04F044351, FC6F9C6D46EB0B3BE0E84963124BD8E1415D42FA8EF8F75300FC5D8F61DE0D96 ] TmFilter        C:\WINDOWS\System32\drivers\TmFilter.sys
10:33:54.0987 0x28d4  TmFilter - ok
10:33:54.0992 0x28d4  [ 59F698C8B9D9BBB84F3499A92C4B53E7, 86C6D06EA7E1A1E45DFD5ECDF70E11431FA1E700A0A0E6693877392780CA1B55 ] TmHid           C:\WINDOWS\system32\DRIVERS\TmHid.sys
10:33:54.0994 0x28d4  TmHid - ok
10:33:55.0002 0x28d4  [ 5944057FFDE07CFDB1CC4954B643F7BD, E6EF9DB9594B871814248574A0FB0700250CA80CC5E6A8DD6ED2EC4D370C03AB ] TmWinService    C:\Program Files (x86)\Thrustmaster\TARGET\TmService.exe
10:33:55.0008 0x28d4  TmWinService - ok
10:33:55.0013 0x28d4  TPM - ok
10:33:55.0017 0x28d4  TrkWks - ok
10:33:55.0025 0x28d4  [ 643F853A22B405E2D5AAB5927AE32DEC, E6A62D6E99C61A0903F671C0EB692488DA1493904ED913107D50527647F505FE ] truecrypt       C:\WINDOWS\system32\drivers\truecrypt.sys
10:33:55.0031 0x28d4  truecrypt - ok
10:33:55.0035 0x28d4  TrustedInstaller - ok
10:33:55.0041 0x28d4  tsusbflt - ok
10:33:55.0045 0x28d4  TsUsbGD - ok
10:33:55.0049 0x28d4  tsusbhub - ok
10:33:55.0053 0x28d4  tunnel - ok
10:33:55.0057 0x28d4  tzautoupdate - ok
10:33:55.0061 0x28d4  UASPStor - ok
10:33:55.0065 0x28d4  UcmCx0101 - ok
10:33:55.0069 0x28d4  UcmTcpciCx0101 - ok
10:33:55.0073 0x28d4  UcmUcsi - ok
10:33:55.0078 0x28d4  Ucx01000 - ok
10:33:55.0082 0x28d4  UdeCx - ok
10:33:55.0088 0x28d4  udfs - ok
10:33:55.0093 0x28d4  UEFI - ok
10:33:55.0097 0x28d4  UevAgentDriver - ok
10:33:55.0101 0x28d4  UevAgentService - ok
10:33:55.0110 0x28d4  Ufx01000 - ok
10:33:55.0116 0x28d4  UfxChipidea - ok
10:33:55.0120 0x28d4  ufxsynopsys - ok
10:33:55.0133 0x28d4  UI0Detect - ok
10:33:55.0137 0x28d4  umbus - ok
10:33:55.0141 0x28d4  UmPass - ok
10:33:55.0145 0x28d4  UmRdpService - ok
10:33:55.0149 0x28d4  UnistoreSvc - ok
10:33:55.0155 0x28d4  upnphost - ok
10:33:55.0159 0x28d4  UrsChipidea - ok
10:33:55.0163 0x28d4  UrsCx01000 - ok
10:33:55.0167 0x28d4  UrsSynopsys - ok
10:33:55.0172 0x28d4  [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64       C:\WINDOWS\System32\Drivers\usbaapl64.sys
10:33:55.0176 0x28d4  USBAAPL64 - ok
10:33:55.0180 0x28d4  usbaudio - ok
10:33:55.0184 0x28d4  usbccgp - ok
10:33:55.0188 0x28d4  usbcir - ok
10:33:55.0192 0x28d4  usbehci - ok
10:33:55.0198 0x28d4  [ 504901430B6E03B99EBB6BF26E0868C6, D00C0904B7008305DCA5D1E6FED153DD8875CAD14D80348E59F42A182FA7E832 ] usbfilter       C:\WINDOWS\system32\DRIVERS\usbfilter.sys
10:33:55.0200 0x28d4  usbfilter - ok
10:33:55.0205 0x28d4  usbhub - ok
10:33:55.0209 0x28d4  USBHUB3 - ok
10:33:55.0213 0x28d4  usbohci - ok
10:33:55.0217 0x28d4  usbprint - ok
10:33:55.0221 0x28d4  usbser - ok
10:33:55.0225 0x28d4  USBSTOR - ok
10:33:55.0229 0x28d4  usbuhci - ok
10:33:55.0233 0x28d4  usbvideo - ok
10:33:55.0237 0x28d4  USBXHCI - ok
10:33:55.0241 0x28d4  UserDataSvc - ok
10:33:55.0248 0x28d4  UserManager - ok
10:33:55.0252 0x28d4  UsoSvc - ok
10:33:55.0256 0x28d4  VaultSvc - ok
10:33:55.0260 0x28d4  vdrvroot - ok
10:33:55.0265 0x28d4  vds - ok
10:33:55.0269 0x28d4  VerifierExt - ok
10:33:55.0273 0x28d4  vhdmp - ok
10:33:55.0277 0x28d4  vhf - ok
10:33:55.0281 0x28d4  vmbus - ok
10:33:55.0285 0x28d4  VMBusHID - ok
10:33:55.0289 0x28d4  vmgid - ok
10:33:55.0293 0x28d4  vmicguestinterface - ok
10:33:55.0297 0x28d4  vmicheartbeat - ok
10:33:55.0301 0x28d4  vmickvpexchange - ok
10:33:55.0305 0x28d4  vmicrdv - ok
10:33:55.0309 0x28d4  vmicshutdown - ok
10:33:55.0313 0x28d4  vmictimesync - ok
10:33:55.0317 0x28d4  vmicvmsession - ok
10:33:55.0321 0x28d4  vmicvss - ok
10:33:55.0325 0x28d4  volmgr - ok
10:33:55.0329 0x28d4  volmgrx - ok
10:33:55.0334 0x28d4  volsnap - ok
10:33:55.0338 0x28d4  volume - ok
10:33:55.0342 0x28d4  vpci - ok
10:33:55.0347 0x28d4  vsmraid - ok
10:33:55.0351 0x28d4  VSS - ok
10:33:55.0357 0x28d4  VSTXRAID - ok
10:33:55.0361 0x28d4  vwifibus - ok
10:33:55.0365 0x28d4  vwififlt - ok
10:33:55.0371 0x28d4  W32Time - ok
10:33:55.0378 0x28d4  w3logsvc - ok
10:33:55.0382 0x28d4  W3SVC - ok
10:33:55.0386 0x28d4  WacomPen - ok
10:33:55.0395 0x28d4  WalletService - ok
10:33:55.0399 0x28d4  wanarp - ok
10:33:55.0403 0x28d4  wanarpv6 - ok
10:33:55.0408 0x28d4  WAS - ok
10:33:55.0412 0x28d4  wbengine - ok
10:33:55.0416 0x28d4  WbioSrvc - ok
10:33:55.0421 0x28d4  wcifs - ok
10:33:55.0425 0x28d4  Wcmsvc - ok
10:33:55.0430 0x28d4  wcncsvc - ok
10:33:55.0435 0x28d4  wcnfs - ok
10:33:55.0439 0x28d4  WdBoot - ok
10:33:55.0446 0x28d4  Wdf01000 - ok
10:33:55.0450 0x28d4  WdFilter - ok
10:33:55.0455 0x28d4  WdiServiceHost - ok
10:33:55.0459 0x28d4  WdiSystemHost - ok
10:33:55.0463 0x28d4  wdiwifi - ok
10:33:55.0467 0x28d4  WdNisDrv - ok
10:33:55.0470 0x28d4  WdNisSvc - ok
10:33:55.0476 0x28d4  WebClient - ok
10:33:55.0480 0x28d4  Wecsvc - ok
10:33:55.0484 0x28d4  WEPHOSTSVC - ok
10:33:55.0491 0x28d4  wercplsupport - ok
10:33:55.0496 0x28d4  WerSvc - ok
10:33:55.0501 0x28d4  WFPLWFS - ok
10:33:55.0506 0x28d4  WiaRpc - ok
10:33:55.0514 0x28d4  WIMMount - ok
10:33:55.0516 0x28d4  WinDefend - ok
10:33:55.0530 0x28d4  WindowsTrustedRT - ok
10:33:55.0534 0x28d4  WindowsTrustedRTProxy - ok
10:33:55.0539 0x28d4  WinHttpAutoProxySvc - ok
10:33:55.0544 0x28d4  WinMad - ok
10:33:55.0550 0x28d4  Winmgmt - ok
10:33:55.0555 0x28d4  WinRM - ok
10:33:55.0565 0x28d4  [ 4EFB346BFDAEEB29316AA52BBB9852B1, 4BC5554F44BD9549D0A929D77BD410FA3EB502A7D0170303D369268672505494 ] WINUSB          C:\WINDOWS\System32\drivers\WinUSB.SYS
10:33:55.0570 0x28d4  WINUSB - ok
10:33:55.0574 0x28d4  WinVerbs - ok
10:33:55.0579 0x28d4  wisvc - ok
10:33:55.0584 0x28d4  WlanSvc - ok
10:33:55.0588 0x28d4  wlidsvc - ok
10:33:55.0592 0x28d4  WmiAcpi - ok
10:33:55.0599 0x28d4  wmiApSrv - ok
10:33:55.0602 0x28d4  WMPNetworkSvc - ok
10:33:55.0607 0x28d4  Wof - ok
10:33:55.0614 0x28d4  workfolderssvc - ok
10:33:55.0618 0x28d4  WPDBusEnum - ok
10:33:55.0623 0x28d4  WpdUpFltr - ok
10:33:55.0627 0x28d4  WpnService - ok
10:33:55.0632 0x28d4  WpnUserService - ok
10:33:55.0638 0x28d4  ws2ifsl - ok
10:33:55.0643 0x28d4  wscsvc - ok
10:33:55.0648 0x28d4  WSDPrintDevice - ok
10:33:55.0652 0x28d4  WSDScan - ok
10:33:55.0657 0x28d4  WSearch - ok
10:33:55.0665 0x28d4  wuauserv - ok
10:33:55.0669 0x28d4  WudfPf - ok
10:33:55.0673 0x28d4  WUDFRd - ok
10:33:55.0679 0x28d4  wudfsvc - ok
10:33:55.0683 0x28d4  WUDFWpdFs - ok
10:33:55.0688 0x28d4  WUDFWpdMtp - ok
10:33:55.0693 0x28d4  WwanSvc - ok
10:33:55.0697 0x28d4  XblAuthManager - ok
10:33:55.0702 0x28d4  XblGameSave - ok
10:33:55.0707 0x28d4  xboxgip - ok
10:33:55.0712 0x28d4  XboxNetApiSvc - ok
10:33:55.0716 0x28d4  xinputhid - ok
10:33:55.0723 0x28d4  xusb22 - ok
10:33:55.0731 0x28d4  [ 21E13F2CB269DEFEAE5E1D09887D47BB, 543991CA8D1C65113DFF039B85AE3F9A87F503DAEC30F46929FD454BC57E5A91 ] ZAM_Guard       C:\WINDOWS\System32\drivers\zamguard64.sys
10:33:55.0737 0x28d4  ZAM_Guard - ok
10:33:55.0737 0x28d4  ================ Scan global ===============================
10:33:55.0753 0x28d4  [ Global ] - ok
10:33:55.0754 0x28d4  ================ Scan MBR ==================================
10:33:55.0756 0x28d4  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
10:33:55.0957 0x28d4  \Device\Harddisk1\DR1 - ok
10:33:55.0960 0x28d4  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
10:33:56.0022 0x28d4  \Device\Harddisk2\DR2 - ok
10:33:56.0052 0x28d4  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk3\DR3
10:33:56.0195 0x28d4  \Device\Harddisk3\DR3 - ok
10:33:56.0197 0x28d4  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk4\DR4
10:33:56.0202 0x28d4  \Device\Harddisk4\DR4 - ok
10:33:56.0205 0x28d4  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
10:33:56.0347 0x28d4  \Device\Harddisk0\DR0 - ok
10:33:56.0351 0x28d4  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk9\DR9
10:33:56.0358 0x28d4  \Device\Harddisk9\DR9 - ok
10:33:56.0359 0x28d4  ================ Scan VBR ==================================
10:33:56.0361 0x28d4  [ 38B620431EF839C7B26092E27C9894E7 ] \Device\Harddisk1\DR1\Partition1
10:33:56.0363 0x28d4  \Device\Harddisk1\DR1\Partition1 - ok
10:33:56.0365 0x28d4  [ AFE08A64A5F5D771D8FE3E310B55933E ] \Device\Harddisk2\DR2\Partition1
10:33:56.0366 0x28d4  \Device\Harddisk2\DR2\Partition1 - ok
10:33:56.0368 0x28d4  [ 918D45CBF5044F2ACDEE604F1D5F8DDC ] \Device\Harddisk2\DR2\Partition2
10:33:56.0370 0x28d4  \Device\Harddisk2\DR2\Partition2 - ok
10:33:56.0372 0x28d4  [ 49FCA34D8A621397F01D8062D39BE930 ] \Device\Harddisk3\DR3\Partition1
10:33:56.0373 0x28d4  \Device\Harddisk3\DR3\Partition1 - ok
10:33:56.0375 0x28d4  [ 9852C714145C3DDE842699D9D609524B ] \Device\Harddisk3\DR3\Partition2
10:33:56.0376 0x28d4  \Device\Harddisk3\DR3\Partition2 - ok
10:33:56.0379 0x28d4  [ 9C51413551B4D1A142D2E44121C71833 ] \Device\Harddisk4\DR4\Partition1
10:33:56.0380 0x28d4  \Device\Harddisk4\DR4\Partition1 - ok
10:33:56.0382 0x28d4  [ D362879312B8F7962F52C7FA701D41C9 ] \Device\Harddisk0\DR0\Partition1
10:33:56.0383 0x28d4  \Device\Harddisk0\DR0\Partition1 - ok
10:33:56.0386 0x28d4  [ 33196207B06A49E84DEECA44DE311B2A ] \Device\Harddisk9\DR9\Partition1
10:33:56.0387 0x28d4  \Device\Harddisk9\DR9\Partition1 - ok
10:33:56.0387 0x28d4  ================ Scan generic autorun ======================
10:33:56.0388 0x28d4  ShadowPlay - ok
10:33:56.0679 0x28d4  [ 20AF39C7BE85BF7580A8EDF431A00974, C82F32547A80A786936A8E37CEC20D8C80A48B29A8C6157896C538A32D632AD4 ] C:\Program Files\Logitech Gaming Software\LCore.exe
10:33:56.0948 0x28d4  Launch LCore - ok
10:33:56.0974 0x28d4  [ 1710A603D1EEBF86D738D1C6283C39B3, 5427A41AB64122FC119A42D7E4954A04A650FE88BD2B7FD2D4CDD1E823433268 ] C:\Program Files\iTunes\iTunesHelper.exe
10:33:56.0978 0x28d4  iTunesHelper - ok
10:33:56.0979 0x28d4  WindowsDefender - ok
10:33:56.0984 0x28d4  [ 8C9E624E902A40A8FCDEB35D676455BC, C1A7189AD83A19CDE9F1773ADBF71BBF32106CB536BBF4612227F3A82FA27E37 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
10:33:56.0987 0x28d4  PSUAMain - ok
10:33:57.0020 0x28d4  [ 6AAE25010EB22659B0A65E419370F817, 26B9C51CA59E90B05D2B6F0BF36E572C4D418B9361839E062DAFF344A1196A3A ] C:\Program Files (x86)\Corsair\M65 Mouse\M65Hid.exe
10:33:57.0050 0x28d4  Corsair M65 Mouse - ok
10:33:57.0056 0x28d4  [ C419DF63E0121D72411285780C2FC6CC, F47F854D327C589D174D3BB5B55D5C05F5ACA73DF52A6BEF47596B9010190291 ] C:\Windows\UpdReg.EXE
10:33:57.0059 0x28d4  UpdReg - ok
10:33:57.0076 0x28d4  [ C6187854FFDB7B45831BE4372754F301, B007846CA450F3B5E18A10656357E991CBC385C1B883185CAF977005BF3E21CE ] C:\Program Files (x86)\Creative\Sound Blaster Z-Series\Sound Blaster Z-Series Control Panel\SBZ.exe
10:33:57.0091 0x28d4  Sound Blaster Z-Series Control Panel - ok
10:33:57.0096 0x28d4  [ 34D296AFC913E302953C70463EF09A48, BC413307CBC56C039EE8A05B51A56E14EF59678FBB33815AEB320078056C8CE7 ] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
10:33:57.0098 0x28d4  HP Software Update - ok
10:33:57.0101 0x28d4  Dropbox - ok
10:33:57.0107 0x28d4  [ C17F52F4827491DACA460E2661C0C850, 2F35052BA57D4ADD4019E46C001D46DC4DDBA8FEDFE6B490E88E23FEE429CA65 ] C:\PROGRA~2\RAPTRI~1\PlaysTV\playstv_launcher.exe
10:33:57.0108 0x28d4  PlaysTV - ok
10:33:57.0128 0x28d4  [ 229C29C3CA3BCCF24A0BAF36FE64D15C, 6C2D97DAE840A53F425AF62C92771437C4D1F04569A1C87785015EC39BA01063 ] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
10:33:57.0146 0x28d4  DivXMediaServer - ok
10:33:57.0153 0x28d4  [ 8FFDB89A0FB7C8ABC3A8825E38047341, B9107FAA3A885CD9A08C20F78D31C3642FA76812E417F41C4F2ADF7D90CA8C72 ] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
10:33:57.0157 0x28d4  LWS - ok
10:33:57.0205 0x28d4  [ FAAD67B0B5514A10F981CEB08F888A0F, E129B5B80F191214A6DC9F673B914CF25194692DB408B7DF2F64EDDBBD85CB52 ] C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
10:33:57.0249 0x28d4  Malwarebytes Anti-Exploit - ok
10:33:57.0266 0x28d4  OneDriveSetup - ok
10:33:57.0268 0x28d4  OneDriveSetup - ok
10:33:57.0298 0x28d4  [ 44348495F9D6ED21F4EFB3FF80677D99, 05B76248764B2BF7F9229626D7EFAFF96B724D38A82969EBE376CBE879E30450 ] C:\Users\Derek Jackson\AppData\Local\Microsoft\OneDrive\OneDrive.exe
10:33:57.0323 0x28d4  OneDrive - ok
10:33:57.0338 0x28d4  [ 96FDEFF9E6351CDE97677F54D19B9BE3, 76BF8F27BDD4EE97B29BB6B64DAC2CAE5DCE8F988E41D90A491B50F9DC41AA75 ] C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe
10:33:57.0349 0x28d4  NETGEARGenie - ok
10:33:57.0403 0x28d4  [ FF206944E3A8590FABE10FB2C321AA6D, 77C555667674C9E4473C64921C5F2A7D723FBE28A73EB5EBAA777CD04D11C06B ] C:\Program Files (x86)\Steam\steam.exe
10:33:57.0445 0x28d4  Steam - ok
10:33:57.0543 0x28d4  [ 376E709A4AE341CDB7E05FBFBF2E49AB, 7942E1EECC26A8B6B26EDB759723E5666654C5218E2BBC8F50FF192009EEF9FC ] I:\Program Files (x86)\Origin\Origin.exe
10:33:57.0587 0x28d4  EADM - ok
10:33:57.0684 0x28d4  [ BBC048995985EB7CA9B2E8EFF196E3BB, FF10C2247A036DD6579D2AF76EF2DA4F98D8F4BA69167EF4B5D2E0EDB00F2DF9 ] G:\Games\World_of_Warships\WargamingGameUpdater.exe
10:33:57.0735 0x28d4  World of Warships - ok
10:33:57.0856 0x28d4  [ 8D4645C731EFF74C32AD24C097E55F61, 01AFB71D8F278C9E89927C9F754861262A0AEC140FE559AE1AA7720EE2E8A35F ] I:\Games\World_of_Tanks\WargamingGameUpdater.exe
10:33:57.0943 0x28d4  World of Tanks - ok
10:33:57.0952 0x28d4  [ 6DB9A0FBDA5556B925D64651D57031D3, AE4C9196EFD61B973F93FDDAA001F7C239100EDD7E3F840927C0C07B08C69C04 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
10:33:57.0954 0x28d4  iCloudServices - ok
10:33:57.0959 0x28d4  [ DD854D7F89E3994DA48490E9C440036A, 25775650B62015D6F612C77ADCC7A31E019AEBDC2D40BB9EA1DA620F8B124007 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
10:33:57.0961 0x28d4  iCloudDrive - ok
10:33:57.0970 0x28d4  [ 3C9A02CB0C05C96263E2193C7B728930, 4B948C9DF036228145B60BA0327F259694D0812B99F92BDBBB2CD6ED997E9A13 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
10:33:57.0977 0x28d4  iCloudPhotos - ok
10:33:58.0005 0x28d4  [ 03316ED8BD428007777AB5785A33FAB4, 246C9957868A2565A266594F762CEB7AEFD5356BF88B7241F483AAC709AAE8DE ] C:\Program Files\TrueCrypt\TrueCrypt.exe
10:33:58.0030 0x28d4  TrueCrypt - ok
10:33:58.0052 0x28d4  [ F51BB12D8977D26C1A4CDA348770D9F1, DDA35CD8F8A6591B83821B5180D457740E0B820CCE000BC7FB1B78FB4AEAD3BA ] C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe
10:33:58.0069 0x28d4  SpybotPostWindows10UpgradeReInstall - ok
10:33:58.0236 0x28d4  [ 2269768074F6A93E454BA384ED9652E2, 3BB698018941471327A3031CC0F4011D69EBA03B00E9E6F2D99922639DCCDA59 ] C:\Program Files\CCleaner\CCleaner64.exe
10:33:58.0389 0x28d4  CCleaner Monitoring - ok
10:33:58.0425 0x28d4  [ 3AAA9DF77D5F41555B0587B0E1332EA5, D138F54F61BF7A6C734F1D97BA0D5F81B2C677B9006E51BBAD7952889FC36FFA ] C:\Program Files (x86)\Ruiware\WinPatrol\winpatrol.exe
10:33:58.0443 0x28d4  WinPatrol - ok
10:33:58.0472 0x28d4  Uninstall C:\Users\Derek Jackson\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64 - ok
10:33:58.0482 0x28d4  Uninstall C:\Users\Derek Jackson\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1 - ok
10:33:58.0484 0x28d4  OneDriveSetup - ok
10:33:58.0485 0x28d4  WAB Migrate - ok
10:33:58.0486 0x28d4  Waiting for KSN requests completion. In queue: 86
10:33:59.0500 0x28d4  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.14393.187 ), 0x60100 ( disabled : updated )
10:33:59.0501 0x28d4  AV detected via SS2: Panda Free Antivirus, C:\Program Files (x86)\Panda Security\Panda Security Protection\PAV3WSC.exe ( 6.0.0.0 ), 0x71000 ( enabled : updated )
10:33:59.0502 0x28d4  FW detected via SS2: Panda Firewall, C:\Program Files (x86)\Panda Security\Panda Security Protection\PAV3WSC.exe ( 6.0.0.0 ), 0x72010 ( disabled )
10:33:59.0505 0x28d4  Win FW state via NFP2: enabled ( trusted )
10:33:59.0726 0x28d4  ============================================================
10:33:59.0726 0x28d4  Scan finished
10:33:59.0726 0x28d4  ============================================================
10:33:59.0752 0x3a78  Detected object count: 0
10:33:59.0752 0x3a78  Actual detected object count: 0
 
 
aswMBR version 1.0.1.2252 Copyright© 2014 AVAST Software
Run date: 2016-12-24 10:38:43
-----------------------------
10:38:43.537    OS Version: Windows x64 6.2.9200 
10:38:43.537    Number of processors: 8 586 0x200
10:38:43.538    ComputerName: FRANKENSTEIN  UserName: 
10:38:43.876    Initialize success
10:38:43.903    VM: initialized successfully
10:38:43.904    VM: Amd CPU supported 
10:40:06.043    AVAST engine defs: 16122400
10:40:21.388    Disk 0  \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T1L0-2
10:40:21.390    Disk 0 Vendor: WDC_WD2003FYPS-27Y2B0 04.05G11 Size: 1907729MB BusType: 3
10:40:21.393    Disk 1  \Device\Harddisk1\DR1 -> \Device\00000032
10:40:21.395    Disk 1 Vendor: SAMSUNG_ ZM10 Size: 152623MB BusType: 11
10:40:21.398    Disk 2 (boot) \Device\Harddisk2\DR2 -> \Device\00000033
10:40:21.400    Disk 2 Vendor: Samsung_ EMT0 Size: 476940MB BusType: 11
10:40:21.403    Disk 3  \Device\Harddisk3\DR3 -> \Device\00000034
10:40:21.406    Disk 3 Vendor: WDC_WD10 01.0 Size: 953869MB BusType: 11
10:40:21.409    Disk 4  \Device\Harddisk4\DR4 -> \Device\00000035
10:40:21.412    Disk 4 Vendor: SAMSUNG_ VT10 Size: 238475MB BusType: 11
10:40:21.415    Disk 9  \Device\Harddisk9\DR9 -> \Device\00000067
10:40:21.421    Disk 9 Vendor:   Size: 238475MB BusType: 0
10:40:21.427    Disk 2 MBR read successfully
10:40:21.431    Disk 2 MBR scan
10:40:21.437    Disk 2 Windows 7 default MBR code
10:40:21.441    Disk 2 Partition 1 00     07    HPFS/NTFS NTFS          336 MB offset 2048
10:40:21.447    Disk 2 Partition 2 80 (A) 07    HPFS/NTFS NTFS       475690 MB offset 706856
10:40:21.454    Disk 2 Partition 3 00     27 Hidden NTFS WinRE NTFS          450 MB offset 974921728
10:40:21.460    Disk 2 Partition 4 00     27 Hidden NTFS WinRE NTFS          450 MB offset 975845376
10:40:21.470    Disk 2 scanning C:\WINDOWS\system32\drivers
10:40:22.649    Service scanning
10:40:29.328    Modules scanning
10:40:29.334    Disk 2 trace - called modules:
10:40:29.343    ntoskrnl.exe CLASSPNP.SYS disk.sys amd_xata.sys storport.sys hal.dll amd_sata.sys 
10:40:29.347    1 nt!IofCallDriver -> \Device\Harddisk2\DR2[0xffffe587e7d85060]
10:40:29.350    3 CLASSPNP.SYS[fffff8069a6c5efb] -> nt!IofCallDriver -> [0xffffe587e5128040]
10:40:29.355    5 amd_xata.sys[fffff8069a7c1d00] -> nt!IofCallDriver -> \Device\00000033[0xffffe587e5131060]
10:40:29.712    AVAST engine scan C:\WINDOWS
10:40:30.180    AVAST engine scan C:\WINDOWS\system32
10:41:03.526    AVAST engine scan C:\WINDOWS\system32\drivers
10:41:06.235    AVAST engine scan C:\Users\Derek Jackson
10:43:42.854    AVAST engine scan C:\ProgramData
10:44:44.057    Disk 2 statistics 2609029/0/0 @ 7.40 MB/s
10:44:44.064    Scan finished successfully
10:46:04.649    Disk 2 MBR has been saved successfully to "C:\Users\Derek Jackson\Desktop\MBR.dat"
10:46:04.653    The log file has been saved successfully to "C:\Users\Derek Jackson\Desktop\aswMBR.txt"
 
 

#10 nasdaq

nasdaq

  • Malware Response Team
  • 39,191 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:02:45 AM

Posted 25 December 2016 - 09:18 AM


I was playing Battlefield 1 when I noticed strange behavior with my shift key when trying to sprint. Exited out of the game to find Chrome open with about 30 tabs of the ea\Origin help page. Any ideas?


The issue is not caused by Malware but by the programs you use.

My search revealed this page.

http://www.ghacks.net/2011/11/04/want-to-play-battlefield-3-without-origin-do-this/

Hope it helps.

If not check the appropriate game Forums.

===

p.s.
If not using Origin you can remove it via the Control Panel > Programs > Programs and features.

#11 DerekJ

DerekJ
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
    •  

Posted 25 December 2016 - 11:56 AM

Interesting.  Strange though that I have had Battlefield 3 on my machine and played without issues until recently.  I'll give it a whirl and let you know.  Thanks.


Back to Virus, Trojan, Spyware, and Malware Removal Assistance


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users


  1. BleepingComputer.com
  2. Security
  3. Virus, Trojan, Spyware, and Malware Removal Assistance
  4. Privacy Policy
  5. Rules ·