Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Every sticks to one and another.


  • Please log in to reply
14 replies to this topic

#1 Drazala

Drazala

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Local time:07:58 PM

Posted 08 August 2017 - 07:52 PM

I cant interact with any of the opened windows without starting up the task manger. I think there is a virus in my pc please help when you can!



BC AdBot (Login to Remove)

 


#2 britechguy

britechguy

    Been there, done that, got the T-shirt


  • Moderator
  • 9,008 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Staunton, VA
  • Local time:08:58 PM

Posted 08 August 2017 - 08:09 PM

Drazala,

 

           I am going to escort you over to the "Am I Infected?  What Do I Do?" forum since you suspect an infection.  

 

           Please refer to the thread, Before You Post About A Problem, for the "Am I Infected?" forum and try to add as much of the information as you can to this thread.  It will help those who want to help you.


Brian  AKA  Bri the Tech Guy (website in my user profile) - Windows 10 Home, 64-Bit, Version 1803, Build 17134 

     . . . the presumption of innocence, while essential in the legal realm, does not mean the elimination of common sense outside it.  The willing suspension of disbelief has its limits, or should.

    ~ Ruth Marcus,  November 10, 2017, in Washington Post article, Bannon is right: It’s no coincidence The Post broke the Moore story


 

 

 

              

 


#3 Drazala

Drazala
  • Topic Starter

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Local time:07:58 PM

Posted 08 August 2017 - 08:36 PM

I am currently using windows pro 10 64bit

 

                                              Programs

Basically when it boots the windows stay stuck, When I use task manager the windows work for about three second and then the task manager is stuck like the rest of them.

Any help will be appreciated.



#4 Drazala

Drazala
  • Topic Starter

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Local time:07:58 PM

Posted 09 August 2017 - 06:14 AM

I would also like to add ever since I started having this problem, my mouse cursor icon is a large red icon now.



#5 Drazala

Drazala
  • Topic Starter

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Local time:07:58 PM

Posted 10 August 2017 - 03:18 PM

I think I know what the problem is. An auto clicker that I use (for those stupid click games)  some how is in my start processes. However, I still would like someone to take a quick peek and make sure there isn't something else going on.



#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:58 PM

Posted 11 August 2017 - 02:46 PM

Well then we will run these

MiniToolBox
  • Please download MiniToolBox, save it to your desktop and run it.
  • Checkmark the following checkboxes:
    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP conf[iguration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
SXvL3ZF.pngTDSSKiller
  • Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is required, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
zcMPezJ.pngAdwCleaner
  • Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool. Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
lv0mVRW.pngJunkware Removal Tool
  • Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
And finally I'd like us to scan your machine with ESET OnlineScan:
  • It is recommended to turn off your antivirus program. Click on the E5rfZI9.png button to see which antivirus is currently enabled:
c4VVzVO.png
  • Turn off your antivirus program. See here how to do this.
  • Check the option beside: Enable detection of potentially unwanted applications.
  • Now click on Advanced Settings and make sure that the option Clean threats automatically is NOT checked, and select the following:
Enable detection of potentially unsafe applications
Enable detection of suspicious applications
Scan archives
Enable Anti-Stealth Technology
  • Click on the Change button and select only Operating memory, Autostart locations and drive C:\ to be scanned.
yKulboi.jpg
  • Push the dtoGjAL.png button.
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
8L8IBHJ.png
  • When the scan completes a list of found threats will open automatically (if any malicious files are found).
imxEgHt.png
  • Push thecRhRYZ8.png button and save the file to your desktop using a unique name, such as ESETScan.txt. Include the contents of this report in your next reply.
  • Push the 9IjfdXq.png button.
  • Check the box beside RHzfZB1.png to uninstall the application when closed.
  • Push Vc3btaC.png and the close the application clicking the X in upper right corner.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 Drazala

Drazala
  • Topic Starter

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Local time:07:58 PM

Posted 11 August 2017 - 09:24 PM

I think Eset is stuck. It has been looking at my operating memory for the last two and a half hours. I think I might have had this same problem the last time I used it. I'll be more then glad to let it run all night but I do not think it will move from this point.

 

Left it to run all night and it didn't finish past operating memory portion of the scan. I decided to shut it down to do a scan of all the files and then when that is done I will do another scan of just operating memory and see if that would work. If nothing else I will at least post the logs of the autostart locations and what is on my hd. I can't promise anything with a full scan of operating memory.


Edited by Drazala, 12 August 2017 - 10:30 AM.


#8 Drazala

Drazala
  • Topic Starter

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Local time:07:58 PM

Posted 12 August 2017 - 01:28 PM

Here is what I have thus far. I am still having trouble with Eset scanning my pc memory processes. However, I will allow it to continue to run until I am instructed otherwise.

 

15:03:50.0646 0x4dc4  TDSS rootkit removing tool 3.1.0.15 Apr 18 2017 11:34:02
15:03:53.0997 0x4dc4  ============================================================
15:03:53.0997 0x4dc4  Current date / time: 2017/08/11 15:03:53.0997
15:03:53.0997 0x4dc4  SystemInfo:
15:03:53.0998 0x4dc4  
15:03:53.0998 0x4dc4  OS Version: 10.0.14393 ServicePack: 0.0
15:03:53.0998 0x4dc4  Product type: Workstation
15:03:53.0998 0x4dc4  ComputerName: DESKTOP-SIPDIDA
15:03:53.0998 0x4dc4  UserName: Drazala
15:03:53.0998 0x4dc4  Windows directory: C:\WINDOWS
15:03:53.0998 0x4dc4  System windows directory: C:\WINDOWS
15:03:53.0998 0x4dc4  Running under WOW64
15:03:53.0998 0x4dc4  Processor architecture: Intel x64
15:03:53.0998 0x4dc4  Number of processors: 8
15:03:53.0998 0x4dc4  Page size: 0x1000
15:03:53.0998 0x4dc4  Boot type: Normal boot
15:03:53.0998 0x4dc4  CodeIntegrityOptions = 0x00000001
15:03:53.0998 0x4dc4  ============================================================
15:03:54.0258 0x4dc4  KLMD registered as C:\WINDOWS\system32\drivers\90558615.sys
15:03:54.0258 0x4dc4  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 14393.1593, osProperties = 0x19
15:03:54.0421 0x4dc4  System UUID: {639C63F4-7E91-9EED-CAC6-342583C52A07}
15:03:54.0812 0x4dc4  Drive \Device\Harddisk0\DR0 - Size: 0x2BAA1476000 ( 2794.52 Gb ), SectorSize: 0x200, Cylinders: 0x59101, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:03:54.0821 0x4dc4  Drive \Device\Harddisk1\DR50 - Size: 0x6FC86D6000 ( 447.13 Gb ), SectorSize: 0x200, Cylinders: 0xE401, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:03:54.0827 0x4dc4  ============================================================
15:03:54.0827 0x4dc4  \Device\Harddisk0\DR0:
15:03:54.0828 0x4dc4  MBR partitions:
15:03:54.0828 0x4dc4  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xFA000
15:03:54.0828 0x4dc4  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xFA800, BlocksNum 0xFFF05800
15:03:54.0828 0x4dc4  \Device\Harddisk1\DR50:
15:03:54.0828 0x4dc4  MBR partitions:
15:03:54.0828 0x4dc4  \Device\Harddisk1\DR50\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x37E42000
15:03:54.0828 0x4dc4  ============================================================
15:03:54.0840 0x4dc4  C: <-> \Device\Harddisk0\DR0\Partition2
15:03:54.0841 0x4dc4  D: <-> \Device\Harddisk1\DR50\Partition1
15:03:54.0841 0x4dc4  ============================================================
15:03:54.0841 0x4dc4  Initialize success
15:03:54.0841 0x4dc4  ============================================================
15:04:18.0834 0x4150  ============================================================
15:04:18.0834 0x4150  Scan started
15:04:18.0834 0x4150  Mode: Manual;
15:04:18.0834 0x4150  ============================================================
15:04:18.0834 0x4150  KSN ping started
15:04:18.0960 0x4150  KSN ping finished: true
15:04:19.0782 0x4150  ================ Scan system memory ========================
15:04:19.0782 0x4150  System memory - ok
15:04:19.0783 0x4150  ================ Scan services =============================
15:04:19.0889 0x4150  1394ohci - ok
15:04:19.0893 0x4150  3ware - ok
15:04:19.0910 0x4150  ACPI - ok
15:04:19.0913 0x4150  AcpiDev - ok
15:04:19.0917 0x4150  acpiex - ok
15:04:19.0920 0x4150  acpipagr - ok
15:04:19.0947 0x4150  AcpiPmi - ok
15:04:19.0957 0x4150  acpitime - ok
15:04:20.0035 0x4150  [ 9B112FDA1D5FB7B75627461001AC692A, 2EDF7C8FD59CD5FCD19FA528F60CBD6DDB9A8076AE0280B11D8EA8EAF7D39958 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:04:20.0036 0x4150  AdobeARMservice - ok
15:04:20.0123 0x4150  [ C52B8980692CACB057742C450D734149, BB2D7034592B6EBBECE5A73FB625E1352FD59972620523022CABA68EE00B7B98 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:04:20.0128 0x4150  AdobeFlashPlayerUpdateSvc - ok
15:04:20.0132 0x4150  ADP80XX - ok
15:04:20.0146 0x4150  AFD - ok
15:04:20.0152 0x4150  ahcache - ok
15:04:20.0157 0x4150  AJRouter - ok
15:04:20.0164 0x4150  ALG - ok
15:04:20.0167 0x4150  AmdK8 - ok
15:04:20.0170 0x4150  AmdPPM - ok
15:04:20.0177 0x4150  amdsata - ok
15:04:20.0179 0x4150  amdsbs - ok
15:04:20.0182 0x4150  amdxata - ok
15:04:20.0184 0x4150  AppID - ok
15:04:20.0199 0x4150  AppIDSvc - ok
15:04:20.0209 0x4150  Appinfo - ok
15:04:20.0283 0x4150  [ 7DEFAE8665BCEDDC2C9983138D69D7A5, BDD39E55DDFD33114EC36CBE79298149E6A920A6B8F440A8C1F7A7003D1867C9 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:04:20.0285 0x4150  Apple Mobile Device Service - ok
15:04:20.0297 0x4150  applockerfltr - ok
15:04:20.0300 0x4150  AppMgmt - ok
15:04:20.0318 0x4150  AppReadiness - ok
15:04:20.0331 0x4150  AppVClient - ok
15:04:20.0342 0x4150  AppvStrm - ok
15:04:20.0369 0x4150  AppvVemgr - ok
15:04:20.0381 0x4150  AppvVfs - ok
15:04:20.0395 0x4150  AppXSvc - ok
15:04:20.0397 0x4150  arcsas - ok
15:04:20.0416 0x4150  [ E42B80A2A0E0192626DC3AFCA1B95DE6, 8E8D9AC610B8D6D4CACC863CFAFB98E375632ADF1A6A96ECC2D131817C7564A9 ] asstahci64      C:\WINDOWS\system32\drivers\asstahci64.sys
15:04:20.0418 0x4150  asstahci64 - ok
15:04:20.0420 0x4150  AsyncMac - ok
15:04:20.0429 0x4150  atapi - ok
15:04:20.0439 0x4150  AudioEndpointBuilder - ok
15:04:20.0462 0x4150  Audiosrv - ok
15:04:20.0531 0x4150  [ 50C3C62FFE6337E6E4F2F01CB07DF63C, CC9C7D2827E872F22A2A79D42195530F61DF6EA6A1C8F520E25DB35537574FAB ] AVP16.0.0       C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\avp.exe
15:04:20.0534 0x4150  AVP16.0.0 - ok
15:04:20.0537 0x4150  AxInstSV - ok
15:04:20.0541 0x4150  b06bdrv - ok
15:04:20.0558 0x4150  BasicDisplay - ok
15:04:20.0575 0x4150  BasicRender - ok
15:04:20.0580 0x4150  bcmfn - ok
15:04:20.0583 0x4150  bcmfn2 - ok
15:04:20.0590 0x4150  BDESVC - ok
15:04:20.0599 0x4150  Beep - ok
15:04:20.0611 0x4150  BFE - ok
15:04:20.0620 0x4150  BITS - ok
15:04:20.0658 0x4150  [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:04:20.0663 0x4150  Bonjour Service - ok
15:04:20.0677 0x4150  bowser - ok
15:04:20.0688 0x4150  BrokerInfrastructure - ok
15:04:20.0691 0x4150  Browser - ok
15:04:20.0698 0x4150  BthAvrcpTg - ok
15:04:20.0701 0x4150  BthHFEnum - ok
15:04:20.0703 0x4150  bthhfhid - ok
15:04:20.0716 0x4150  BthHFSrv - ok
15:04:20.0719 0x4150  BTHMODEM - ok
15:04:20.0734 0x4150  bthserv - ok
15:04:20.0747 0x4150  buttonconverter - ok
15:04:20.0759 0x4150  CapImg - ok
15:04:20.0762 0x4150  cdfs - ok
15:04:20.0770 0x4150  CDPSvc - ok
15:04:20.0782 0x4150  CDPUserSvc - ok
15:04:20.0803 0x4150  cdrom - ok
15:04:20.0833 0x4150  CertPropSvc - ok
15:04:20.0863 0x4150  [ C7ABFBFF0FA0EC2E89C42D2E63C22AC9, 5A6532CF20F76EA455309289C83F20E3DB68DA8F2BF50A02A09C2F931D0897CC ] CGKDarkWatcher  C:\WINDOWS\system32\drivers\CGKDarkWatcher.sys
15:04:20.0863 0x4150  CGKDarkWatcher - ok
15:04:20.0866 0x4150  cht4iscsi - ok
15:04:20.0869 0x4150  cht4vbd - ok
15:04:20.0873 0x4150  circlass - ok
15:04:20.0889 0x4150  CLFS - ok
15:04:20.0892 0x4150  ClipSVC - ok
15:04:20.0894 0x4150  clreg - ok
15:04:20.0904 0x4150  CmBatt - ok
15:04:20.0946 0x4150  [ B2A6D2A30E93B6F215F74AC7E1733C9C, 960299F7BF2501B46296EDEA050BF30313C17A9B785574B56B79C070BD1B6E1A ] cm_km           C:\WINDOWS\system32\DRIVERS\cm_km.sys
15:04:20.0951 0x4150  cm_km - ok
15:04:20.0970 0x4150  CNG - ok
15:04:20.0972 0x4150  cnghwassist - ok
15:04:21.0009 0x4150  CompositeBus - ok
15:04:21.0011 0x4150  COMSysApp - ok
15:04:21.0015 0x4150  condrv - ok
15:04:21.0027 0x4150  CoreMessagingRegistrar - ok
15:04:21.0034 0x4150  CryptSvc - ok
15:04:21.0045 0x4150  CSC - ok
15:04:21.0047 0x4150  CscService - ok
15:04:21.0081 0x4150  [ E94E2A73DD415849CCAEEF50899FC486, 7A93BA6386DCD6F4CF1E41D347C19F844B51EC4EBA710601E9963A655467A691 ] CTAudSvcService C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
15:04:21.0086 0x4150  CTAudSvcService - ok
15:04:21.0133 0x4150  [ 222A22D196C594645C871EB49CEC9E83, 28BFA480501789063426BA3DCDE9E596758227BB4026706141AB3122DA0A2C33 ] cthda           C:\WINDOWS\system32\drivers\cthda.sys
15:04:21.0146 0x4150  cthda - ok
15:04:21.0196 0x4150  [ 95B9243AE7203DC33DADCD3D53CAE9BE, E53FE0DA826B0B4A3AFA7C5D5C269E9E16105F1061233F026EEC795C5A580F95 ] CtHdaSvc        C:\WINDOWS\sysWow64\CtHdaSvc.exe
15:04:21.0198 0x4150  CtHdaSvc - ok
15:04:21.0202 0x4150  dam - ok
15:04:21.0221 0x4150  DcomLaunch - ok
15:04:21.0224 0x4150  DcpSvc - ok
15:04:21.0235 0x4150  defragsvc - ok
15:04:21.0285 0x4150  [ BEC95854461667C029939ADACAC84007, E70E78BC41AF499C3D9FF9B83F33C6919097AF4A8075F313D336AFB258133CBC ] Desura Install Service C:\Program Files (x86)\Common Files\Desura\desura_service.exe
15:04:21.0297 0x4150  Desura Install Service - ok
15:04:21.0327 0x4150  DeviceAssociationService - ok
15:04:21.0352 0x4150  DeviceInstall - ok
15:04:21.0356 0x4150  DevQueryBroker - ok
15:04:21.0371 0x4150  Dfsc - ok
15:04:21.0397 0x4150  Dhcp - ok
15:04:21.0441 0x4150  diagnosticshub.standardcollector.service - ok
15:04:21.0458 0x4150  DiagTrack - ok
15:04:21.0490 0x4150  [ 68BFCCC1EC25F0F942EA32AD9D67A131, CF19DA2816262D9D532249970581E55DF595A5FD0ABE44C5124A40F42A9B28B4 ] DigitalWave.Update.Service C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
15:04:21.0496 0x4150  DigitalWave.Update.Service - ok
15:04:21.0515 0x4150  disk - ok
15:04:21.0553 0x4150  DmEnrollmentSvc - ok
15:04:21.0556 0x4150  dmvsc - ok
15:04:21.0564 0x4150  dmwappushservice - ok
15:04:21.0583 0x4150  Dnscache - ok
15:04:21.0587 0x4150  dot3svc - ok
15:04:21.0591 0x4150  DPS - ok
15:04:21.0601 0x4150  drmkaud - ok
15:04:21.0661 0x4150  [ CB7A9D3C7B5A49B3904B9C415204533F, 5AD535902F28DB481DC12C49E900A0E5C7FA15D7747D0C0351332523F66D0330 ] Ds3Service      C:\Program Files\Scarlet.Crush Productions\bin\ScpService.exe
15:04:21.0666 0x4150  Ds3Service - ok
15:04:21.0704 0x4150  DsmSvc - ok
15:04:21.0706 0x4150  DsSvc - ok
15:04:21.0709 0x4150  DXGKrnl - ok
15:04:21.0718 0x4150  e1iexpress - ok
15:04:21.0796 0x4150  [ 9A3705761247F2B291351C6BA2F79EA0, C6FC2EBF5C9FDCE86EFB5BBF7AA26C67C96860776565170049C498CC3C167B1C ] e2xw10x64       C:\WINDOWS\System32\drivers\e2xw10x64.sys
15:04:21.0798 0x4150  e2xw10x64 - ok
15:04:21.0809 0x4150  EapHost - ok
15:04:21.0812 0x4150  EasyAntiCheat - ok
15:04:21.0887 0x4150  [ 529D10A7FDA25CE6BC6E3396C34DFD53, 55E511A175D0322A18B2428B68F426CCB29E56E0CE9DFB8598AF092A643EC9D1 ] EasyTuneEngineService C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\EasyTuneEngineService.exe
15:04:21.0889 0x4150  EasyTuneEngineService - ok
15:04:21.0892 0x4150  ebdrv - ok
15:04:21.0910 0x4150  EFS - ok
15:04:21.0915 0x4150  EhStorClass - ok
15:04:21.0926 0x4150  EhStorTcgDrv - ok
15:04:21.0932 0x4150  embeddedmode - ok
15:04:21.0948 0x4150  EntAppSvc - ok
15:04:21.0951 0x4150  ErrDev - ok
15:04:21.0977 0x4150  [ 5C9CA030C451CB3553DB9094C68EE6E9, 0C2E6C874F4B19CA4A603B7767077378ABBDA325D9D73DB971D5DDF52C827745 ] ESProtectionDriver C:\WINDOWS\system32\drivers\mbae64.sys
15:04:21.0979 0x4150  ESProtectionDriver - ok
15:04:21.0984 0x4150  EventSystem - ok
15:04:21.0986 0x4150  exfat - ok
15:04:21.0989 0x4150  fastfat - ok
15:04:22.0017 0x4150  Fax - ok
15:04:22.0020 0x4150  fdc - ok
15:04:22.0024 0x4150  fdPHost - ok
15:04:22.0027 0x4150  FDResPub - ok
15:04:22.0042 0x4150  fhsvc - ok
15:04:22.0065 0x4150  FileCrypt - ok
15:04:22.0067 0x4150  FileInfo - ok
15:04:22.0070 0x4150  Filetrace - ok
15:04:22.0072 0x4150  flpydisk - ok
15:04:22.0075 0x4150  FltMgr - ok
15:04:22.0098 0x4150  FontCache - ok
15:04:22.0182 0x4150  FontCache3.0.0.0 - ok
15:04:22.0195 0x4150  FrameServer - ok
15:04:22.0203 0x4150  FsDepends - ok
15:04:22.0205 0x4150  Fs_Rec - ok
15:04:22.0213 0x4150  fvevol - ok
15:04:22.0271 0x4150  [ 9777CE1847281E82CD4B03EAB528803B, EDDF98A41D0125FE8CD78B231A31E4182A1F11C24E0E9958FF715EBEBEEE6B9E ] gadjservice     C:\Program Files (x86)\GIGABYTE\AppCenter\AdjustService.exe
15:04:22.0272 0x4150  gadjservice - ok
15:04:22.0293 0x4150  [ 9AB9F3B75A2EB87FAFB1B7361BE9DFB3, 31F4CFB4C71DA44120752721103A16512444C13C2AC2D857A7E6F13CB679B427 ] gdrv            C:\Windows\gdrv.sys
15:04:22.0294 0x4150  gdrv - ok
15:04:22.0298 0x4150  gencounter - ok
15:04:22.0301 0x4150  genericusbfn - ok
15:04:22.0349 0x4150  [ 2D0D67E2609992BEACA065B5FE4115D5, 64E7E3631284AA6D23B87EE8234C82E42E3BED0A0E10298392BA957285697697 ] GenieTimelineService C:\Program Files\NETGEAR\ReadySHARE Vault\GenieTimelineService.exe
15:04:22.0358 0x4150  GenieTimelineService - ok
15:04:22.0361 0x4150  GPIOClx0101 - ok
15:04:22.0381 0x4150  gpsvc - ok
15:04:22.0384 0x4150  GpuEnergyDrv - ok
15:04:22.0424 0x4150  [ 0C53B692D3FC0170211CA6742548E2EB, D7394D8703EF17D7E397970D48AC72FECE2AC918E186479CAA0F5C87CFA191D1 ] Gservice        C:\Program Files (x86)\GIGABYTE\GService\GCloud.exe
15:04:22.0424 0x4150  Gservice - ok
15:04:22.0484 0x4150  [ 053EEEE1ABAE53F044F1E386E22AE525, 195C8B78C0CF68F3DC1C08E58CE2A7146764F9273C39EF369194A366FA8EE1AD ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:04:22.0486 0x4150  gupdate - ok
15:04:22.0490 0x4150  [ 053EEEE1ABAE53F044F1E386E22AE525, 195C8B78C0CF68F3DC1C08E58CE2A7146764F9273C39EF369194A366FA8EE1AD ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:04:22.0492 0x4150  gupdatem - ok
15:04:22.0509 0x4150  [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
15:04:22.0512 0x4150  gusvc - ok
15:04:22.0515 0x4150  HDAudBus - ok
15:04:22.0518 0x4150  HidBatt - ok
15:04:22.0521 0x4150  HidBth - ok
15:04:22.0524 0x4150  hidi2c - ok
15:04:22.0526 0x4150  hidinterrupt - ok
15:04:22.0530 0x4150  HidIr - ok
15:04:22.0543 0x4150  hidserv - ok
15:04:22.0579 0x4150  HidUsb - ok
15:04:22.0592 0x4150  HomeGroupListener - ok
15:04:22.0602 0x4150  HomeGroupProvider - ok
15:04:22.0605 0x4150  HpSAMD - ok
15:04:22.0614 0x4150  HTTP - ok
15:04:22.0634 0x4150  HvHost - ok
15:04:22.0641 0x4150  hvservice - ok
15:04:22.0643 0x4150  hwpolicy - ok
15:04:22.0647 0x4150  hyperkbd - ok
15:04:22.0650 0x4150  i8042prt - ok
15:04:22.0653 0x4150  iagpio - ok
15:04:22.0655 0x4150  iai2c - ok
15:04:22.0660 0x4150  iaLPSS2i_GPIO2 - ok
15:04:22.0663 0x4150  iaLPSS2i_I2C - ok
15:04:22.0666 0x4150  iaLPSSi_GPIO - ok
15:04:22.0668 0x4150  iaLPSSi_I2C - ok
15:04:22.0737 0x4150  [ 153104208EE55B2C5556A7EC629302E7, 0C5164BE04E91B2F3F8B53B9DE609941A9A733B4AFA1080EE48D6491591F77BE ] iaStorA         C:\WINDOWS\system32\drivers\iaStorA.sys
15:04:22.0749 0x4150  iaStorA - ok
15:04:22.0754 0x4150  iaStorAV - ok
15:04:22.0887 0x4150  [ B0C691D2E5B8FBDA4D08C4EE172409D1, C7CF3FC4D0ADE33AA419A1810187B4C4E81A4A7FE1458326434E614C93FED2A4 ] IAStorDataMgrSvc C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
15:04:22.0888 0x4150  IAStorDataMgrSvc - ok
15:04:22.0892 0x4150  iaStorV - ok
15:04:22.0894 0x4150  ibbus - ok
15:04:22.0931 0x4150  [ E54BFAB1679CCFBE2C28AD18BE9D0E5F, DAFFCFEBDADEE43FE657FFFFCFADA2F7AE62FCB29915540F620FDC0041A99CD1 ] ICCS            C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
15:04:22.0934 0x4150  ICCS - ok
15:04:22.0944 0x4150  icssvc - ok
15:04:22.0962 0x4150  IKEEXT - ok
15:04:22.0973 0x4150  IndirectKmd - ok
15:04:23.0011 0x4150  [ 03CD3245E52C8A87E3B14832DC8A6A7D, C2AAB4E754479F0AA0AE86D51E721E5A11624681D5EC823E25E460EE146E70E9 ] Intel® PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe
15:04:23.0019 0x4150  Intel® PROSet Monitoring Service - ok
15:04:23.0028 0x4150  intelide - ok
15:04:23.0031 0x4150  intelpep - ok
15:04:23.0033 0x4150  intelppm - ok
15:04:23.0047 0x4150  iorate - ok
15:04:23.0050 0x4150  IpFilterDriver - ok
15:04:23.0073 0x4150  iphlpsvc - ok
15:04:23.0083 0x4150  IPMIDRV - ok
15:04:23.0085 0x4150  IPNAT - ok
15:04:23.0116 0x4150  [ 9B24DED2B57F2E47A78BE6B1BC87F3DD, 237E47356F26A0783267B350730A27E4A51B32ABDAC98346F39347183DD3F063 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
15:04:23.0125 0x4150  iPod Service - ok
15:04:23.0129 0x4150  irda - ok
15:04:23.0133 0x4150  IRENUM - ok
15:04:23.0153 0x4150  irmon - ok
15:04:23.0159 0x4150  isapnp - ok
15:04:23.0164 0x4150  iScsiPrt - ok
15:04:23.0180 0x4150  kbdclass - ok
15:04:23.0191 0x4150  kbdhid - ok
15:04:23.0202 0x4150  kdnic - ok
15:04:23.0204 0x4150  KeyIso - ok
15:04:23.0329 0x4150  [ F9F655AA946582BDF55D1333BF75D4D3, 8941504815AF1543BD9DE447E67C1EB2EE93BB9781C60E0D6FA0510F67018505 ] Killer Network Service x64 C:\Program Files\Killer Networking\Killer Control Center\KillerNetworkService.exe
15:04:23.0354 0x4150  Killer Network Service x64 - ok
15:04:23.0379 0x4150  [ 9A3705761247F2B291351C6BA2F79EA0, C6FC2EBF5C9FDCE86EFB5BBF7AA26C67C96860776565170049C498CC3C167B1C ] KillerEth       C:\WINDOWS\System32\drivers\e2xw10x64.sys
15:04:23.0382 0x4150  KillerEth - ok
15:04:23.0417 0x4150  [ BEE1682DA217A4AD46C36896769AA580, 4D853D78E459F7BFE4F4217FCAD47CDACFAC19C2F6CF8261FBAA46BDB387FFDC ] kl1             C:\WINDOWS\system32\DRIVERS\kl1.sys
15:04:23.0424 0x4150  kl1 - ok
15:04:23.0435 0x4150  [ 86F40D79CE80ACBE6BEBAC8CE89D75A0, 8B800425160D1AF3C32EF7B5CA794658EE09CD3EE782473D8D38E1C7706076B3 ] klbackupdisk    C:\WINDOWS\system32\DRIVERS\klbackupdisk.sys
15:04:23.0436 0x4150  klbackupdisk - ok
15:04:23.0441 0x4150  [ 2B4BC41223326FF440E2DB32B9239138, E95D5BB3388D6B219A4C175D5DA77CEB620A27A13F5AA4E7E2C05694B6E26947 ] klbackupflt     C:\WINDOWS\system32\DRIVERS\klbackupflt.sys
15:04:23.0442 0x4150  klbackupflt - ok
15:04:23.0461 0x4150  [ 80D7529E1CF09261FADF55E69EFDA90B, 2FE5EC38866E12D78AE3F4AD8CF647BDED616E8A36D9D737F9B6564DDA4685E7 ] kldisk          C:\WINDOWS\system32\DRIVERS\kldisk.sys
15:04:23.0463 0x4150  kldisk - ok
15:04:23.0485 0x4150  [ E2097C8F18F1E8E3B7D09F12B51843A3, 0506A99BD0962AAE64692BD7F080DB080F8B678DC59685CF22830A47B486430C ] klelam          C:\WINDOWS\system32\DRIVERS\klelam.sys
15:04:23.0486 0x4150  klelam - ok
15:04:23.0510 0x4150  [ BACE50477C184A3AA0755702C23B8B27, 5708A1B7C22702AD2E5DD4491A911A51D2FB768E46857639C0C5D8736E487D0F ] klflt           C:\WINDOWS\system32\DRIVERS\klflt.sys
15:04:23.0512 0x4150  klflt - ok
15:04:23.0531 0x4150  [ BE1DF4E950FF00A19BB72FA29CAEE32E, 24D8111B8782B4FB8612AB9DCE6A3A5EA63CE4B75DC717D0ECC5C6BCBCCF01AA ] klhk            C:\WINDOWS\system32\DRIVERS\klhk.sys
15:04:23.0534 0x4150  klhk - ok
15:04:23.0571 0x4150  [ B72D1864B3EC6E429DB127A642CFB8BB, 43954F7E04158D79D44D0D6866838043A2B49B49EBF15A57DB120DB7AC3C19CE ] KLIF            C:\WINDOWS\system32\DRIVERS\klif.sys
15:04:23.0582 0x4150  KLIF - ok
15:04:23.0589 0x4150  [ 161573B8BE82D24ED8B5B8EBA01245EA, 3CC124C717C2484A4DE0D415A2564D62D1A4B6E9DED65136B094304FCDE74CE0 ] KLIM6           C:\WINDOWS\system32\DRIVERS\klim6.sys
15:04:23.0590 0x4150  KLIM6 - ok
15:04:23.0617 0x4150  [ DAE5768E6FD34A36E3B9D1AF1FCA682B, 24DA0B71E3B4AC0FABEE0BF687DF8D35283DBF808CA3AB6F86E72B37471F6B33 ] klkbdflt        C:\WINDOWS\system32\DRIVERS\klkbdflt.sys
15:04:23.0618 0x4150  klkbdflt - ok
15:04:23.0622 0x4150  [ FD47C92A63B6EADEA830BFA96C06EAEE, C15C39B6FA53CBD01A2F95243845C4B706B4229F8FFB75C7128819B9CEE5B2CB ] klmouflt        C:\WINDOWS\system32\DRIVERS\klmouflt.sys
15:04:23.0623 0x4150  klmouflt - ok
15:04:23.0633 0x4150  [ F610F5F17BC87D61EF8954CCD793BAE4, A77FE26B4A474FE799C3D569BDD7858319C57FC14C1BB43ECFAB1FDB19AF5DC6 ] klpd            C:\WINDOWS\system32\DRIVERS\klpd.sys
15:04:23.0634 0x4150  klpd - ok
15:04:23.0655 0x4150  [ 8334692AFEB3289984B40898B6B30C06, 6A337CC33B0EFC3B61BFCABFDFE305BE1D334620FB4D87DDEDBC8214966D6DDE ] klwfp           C:\WINDOWS\system32\DRIVERS\klwfp.sys
15:04:23.0656 0x4150  klwfp - ok
15:04:23.0667 0x4150  [ 91234D71CEED29F2DBA16942CABDCA4F, 5D71BAC86C33BC77EEBF1ECB8F372DFE631991E4C5F36EAF0C8C957150BD6D52 ] Klwtp           C:\WINDOWS\system32\DRIVERS\klwtp.sys
15:04:23.0669 0x4150  Klwtp - ok
15:04:23.0682 0x4150  [ 1686DE8288052316EFDD49EEA8929065, AD43D6ACCD8693BD76F218E1A4EE088BA061C1309A3E7DAA7EC94D875985D895 ] kneps           C:\WINDOWS\system32\DRIVERS\kneps.sys
15:04:23.0685 0x4150  kneps - ok
15:04:23.0701 0x4150  KSecDD - ok
15:04:23.0770 0x4150  KSecPkg - ok
15:04:23.0776 0x4150  ksthunk - ok
15:04:23.0787 0x4150  KtmRm - ok
15:04:23.0794 0x4150  LanmanServer - ok
15:04:23.0802 0x4150  LanmanWorkstation - ok
15:04:23.0814 0x4150  lfsvc - ok
15:04:23.0816 0x4150  LicenseManager - ok
15:04:23.0825 0x4150  lltdio - ok
15:04:23.0828 0x4150  lltdsvc - ok
15:04:23.0837 0x4150  lmhosts - ok
15:04:23.0842 0x4150  LSI_SAS - ok
15:04:23.0844 0x4150  LSI_SAS2i - ok
15:04:23.0848 0x4150  LSI_SAS3i - ok
15:04:23.0851 0x4150  LSI_SSS - ok
15:04:23.0863 0x4150  LSM - ok
15:04:23.0865 0x4150  luafv - ok
15:04:23.0876 0x4150  MapsBroker - ok
15:04:23.0895 0x4150  [ 0C847B9BD2D1F1E97037F8C3DA6D5A1B, B2405BBAFBE78DF554B963C53DE843419AE873B82A1B0C2FA8D1779D1CC142BE ] MBAMChameleon   C:\WINDOWS\system32\drivers\MBAMChameleon.sys
15:04:23.0897 0x4150  MBAMChameleon - ok
15:04:23.0926 0x4150  [ 19956478146DC7884812C24B74D7132E, D6795397398C942530B8618F15B7BE6FDB84BAD61DE1B61A9AB85EBCB29EAEF3 ] MBAMFarflt      C:\WINDOWS\system32\drivers\farflt.sys
15:04:23.0928 0x4150  MBAMFarflt - ok
15:04:23.0967 0x4150  [ 149E252142950594695178971748D056, 6F3EBAD6CB87A21B457AA09CA56EF01B48D4478CB94BD09834E72BE9A41265A4 ] MBAMProtection  C:\WINDOWS\system32\drivers\mbam.sys
15:04:23.0968 0x4150  MBAMProtection - ok
15:04:24.0083 0x4150  [ D76E56108E6482905D3FAEA0649919E4, E10285889570A01E544B027F4A17BA7242E5E3EF93D20A19B05091DB237C6DD1 ] MBAMService     C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
15:04:24.0141 0x4150  MBAMService - ok
15:04:24.0201 0x4150  [ C3549BE8C1FE4ECBEE21DAD3378F6CD0, E4FB6856C1A8B9185322EFC4AF31A3748365ED2E3E4FB6DF57B35569D8D42AAD ] MBAMSwissArmy   C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
15:04:24.0205 0x4150  MBAMSwissArmy - ok
15:04:24.0268 0x4150  [ 56D97EB1ACE0B76D500E7E1F1AB72023, 37A3103598CF739B36E370E2033BA208C499D6479F661820AA1708212D20FAFC ] MBAMWebProtection C:\WINDOWS\system32\drivers\mwac.sys
15:04:24.0271 0x4150  MBAMWebProtection - ok
15:04:24.0292 0x4150  megasas - ok
15:04:24.0321 0x4150  megasas2i - ok
15:04:24.0324 0x4150  megasr - ok
15:04:24.0354 0x4150  [ 48F64A35BA9F2E4AC0587DDA555FF951, 77FE2BE86ADCE103F4220A641139C42B1407CF8EFFEB66F841ABF9CFC3621558 ] MEIx64          C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys
15:04:24.0358 0x4150  MEIx64 - ok
15:04:24.0381 0x4150  MessagingService - ok
15:04:24.0386 0x4150  mlx4_bus - ok
15:04:24.0392 0x4150  MMCSS - ok
15:04:24.0403 0x4150  Modem - ok
15:04:24.0408 0x4150  monitor - ok
15:04:24.0411 0x4150  mouclass - ok
15:04:24.0414 0x4150  mouhid - ok
15:04:24.0416 0x4150  mountmgr - ok
15:04:24.0443 0x4150  [ 86C9215967686BB8A6AEE8008D914BF8, 907A156AADC880F06EB7BBBC0C57EC14A205CEE43A2AD509F6BD4040CA4F327D ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:04:24.0445 0x4150  MozillaMaintenance - ok
15:04:24.0448 0x4150  mpsdrv - ok
15:04:24.0464 0x4150  MpsSvc - ok
15:04:24.0468 0x4150  MRxDAV - ok
15:04:24.0473 0x4150  mrxsmb - ok
15:04:24.0482 0x4150  mrxsmb10 - ok
15:04:24.0489 0x4150  mrxsmb20 - ok
15:04:24.0493 0x4150  MsBridge - ok
15:04:24.0502 0x4150  MSDTC - ok
15:04:24.0508 0x4150  Msfs - ok
15:04:24.0512 0x4150  msgpiowin32 - ok
15:04:24.0515 0x4150  mshidkmdf - ok
15:04:24.0518 0x4150  mshidumdf - ok
15:04:24.0522 0x4150  msisadrv - ok
15:04:24.0557 0x4150  MSiSCSI - ok
15:04:24.0560 0x4150  msiserver - ok
15:04:24.0563 0x4150  MSKSSRV - ok
15:04:24.0566 0x4150  MsLldp - ok
15:04:24.0568 0x4150  MSPCLOCK - ok
15:04:24.0571 0x4150  MSPQM - ok
15:04:24.0574 0x4150  MsRPC - ok
15:04:24.0578 0x4150  MsSecFlt - ok
15:04:24.0580 0x4150  mssmbios - ok
15:04:24.0583 0x4150  MSTEE - ok
15:04:24.0586 0x4150  MTConfig - ok
15:04:24.0589 0x4150  Mup - ok
15:04:24.0592 0x4150  mvumis - ok
15:04:24.0596 0x4150  NativeWifiP - ok
15:04:24.0599 0x4150  NcaSvc - ok
15:04:24.0602 0x4150  NcbService - ok
15:04:24.0610 0x4150  NcdAutoSetup - ok
15:04:24.0612 0x4150  ndfltr - ok
15:04:24.0615 0x4150  NDIS - ok
15:04:24.0617 0x4150  NdisCap - ok
15:04:24.0636 0x4150  NdisImPlatform - ok
15:04:24.0638 0x4150  NdisTapi - ok
15:04:24.0641 0x4150  Ndisuio - ok
15:04:24.0644 0x4150  NdisVirtualBus - ok
15:04:24.0646 0x4150  NdisWan - ok
15:04:24.0649 0x4150  ndiswanlegacy - ok
15:04:24.0652 0x4150  ndproxy - ok
15:04:24.0654 0x4150  Ndu - ok
15:04:24.0659 0x4150  NetAdapterCx - ok
15:04:24.0662 0x4150  NetBIOS - ok
15:04:24.0666 0x4150  NetBT - ok
15:04:24.0669 0x4150  Netlogon - ok
15:04:24.0688 0x4150  Netman - ok
15:04:24.0698 0x4150  netprofm - ok
15:04:24.0724 0x4150  NetSetupSvc - ok
15:04:24.0778 0x4150  NetTcpPortSharing - ok
15:04:24.0794 0x4150  NgcCtnrSvc - ok
15:04:24.0797 0x4150  NgcSvc - ok
15:04:24.0815 0x4150  [ ED2CF5DF4FD6CF739A9218281A83D295, 36176F5DE8188A4A4BBE3CD8B45A5D24CD03C6AEC962D9094AD7B27FB7936E67 ] nhi             C:\WINDOWS\system32\DRIVERS\tbt81x.sys
15:04:24.0818 0x4150  nhi - ok
15:04:24.0835 0x4150  NlaSvc - ok
15:04:24.0839 0x4150  Npfs - ok
15:04:24.0842 0x4150  npsvctrig - ok
15:04:24.0846 0x4150  nsi - ok
15:04:24.0848 0x4150  nsiproxy - ok
15:04:24.0862 0x4150  NTFS - ok
15:04:24.0865 0x4150  Null - ok
15:04:24.0943 0x4150  [ 43F315F0F7A179C46ED3BA44CFBBC162, 544FF013BF6E9569F22752470F6F21CAE5B654AE5FE793B86D22E926E0B783A8 ] NvContainerLocalSystem C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
15:04:24.0948 0x4150  NvContainerLocalSystem - ok
15:04:24.0957 0x4150  [ 43F315F0F7A179C46ED3BA44CFBBC162, 544FF013BF6E9569F22752470F6F21CAE5B654AE5FE793B86D22E926E0B783A8 ] NvContainerNetworkService C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
15:04:24.0963 0x4150  NvContainerNetworkService - ok
15:04:24.0998 0x4150  [ 4938CCA6E12A7FDA5324FFF0DF5DB8EC, 053D4D21014020C0D39F7BFC480EAE1458E1ABA1C40E11190204C4A2CB0D46EF ] NVHDA           C:\WINDOWS\system32\drivers\nvhda64v.sys
15:04:25.0001 0x4150  NVHDA - ok
15:04:25.0332 0x4150  [ 573640A3EEDF56FDA11085E63ED2C792, 36ECF85E5C9ADC1ECDBCCBEB0A78A1CD0B3F2DADE040D46A2F887CCB7ED2C5DE ] nvlddmkm        C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_2386fda73b467ac8\nvlddmkm.sys
15:04:25.0513 0x4150  nvlddmkm - ok
15:04:25.0558 0x4150  nvraid - ok
15:04:25.0570 0x4150  nvstor - ok
15:04:25.0615 0x4150  [ 530E825A38753DA3ED21FD689F961344, 9A72C18014F2D7E2CB31FB562A0CD47BC13E00B3C6CCFA4469229562D010FF2A ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
15:04:25.0616 0x4150  NvStreamKms - ok
15:04:25.0689 0x4150  [ A9FD0F6BD72EA00049EAD30EFB9A7602, 7205A0519EB41C64E4CB5715805DF140566BFE2508D568024A66455DCCAE8E25 ] NvTelemetryContainer C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
15:04:25.0694 0x4150  NvTelemetryContainer - ok
15:04:25.0723 0x4150  [ 21D89A95055DEBEEAC9566536D0A8527, C2C753295BF6E0905CB6605888269873CF935ED1EB132A0456C93E5CBD4BE669 ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
15:04:25.0724 0x4150  nvvad_WaveExtensible - ok
15:04:25.0760 0x4150  [ FE9178D6C9A4BDE30A43B66AD8F3B70A, 17D22CF02B4121EFD4526F30B16371A084F5F41B8746F9359BAD4C29D7DEB715 ] nvvhci          C:\WINDOWS\System32\drivers\nvvhci.sys
15:04:25.0762 0x4150  nvvhci - ok
15:04:25.0831 0x4150  [ 35D6FD09F53421D1BBE827EE3C0929B7, D91B3CACCA8898E51B5A2F0E4390069F6E65DD9FFD46328E58642703C9E6F0ED ] OcButtonService C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\OcButtonService.exe
15:04:25.0833 0x4150  OcButtonService - ok
15:04:25.0857 0x4150  OneSyncSvc - ok
15:04:25.0932 0x4150  [ 6573D86AF82EE9D10C466D0CF23BB72D, 548FD4094691264435F2AA7F0CB3BAF5BDC70B2D1E1D169FAD726DD6F11F2750 ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
15:04:25.0959 0x4150  Origin Client Service - ok
15:04:26.0019 0x4150  [ 031E8E20DFA1E379727ACE4C8B580FF1, B782548DA03711407D7F45EE73521F431D6F3B90B585A82A47520CDD77516EFC ] Origin Web Helper Service C:\Program Files (x86)\Origin\OriginWebHelperService.exe
15:04:26.0058 0x4150  Origin Web Helper Service - ok
15:04:26.0076 0x4150  p2pimsvc - ok
15:04:26.0083 0x4150  p2psvc - ok
15:04:26.0093 0x4150  Parport - ok
15:04:26.0099 0x4150  partmgr - ok
15:04:26.0117 0x4150  PcaSvc - ok
15:04:26.0131 0x4150  pci - ok
15:04:26.0158 0x4150  pciide - ok
15:04:26.0162 0x4150  pcmcia - ok
15:04:26.0164 0x4150  pcw - ok
15:04:26.0177 0x4150  pdc - ok
15:04:26.0184 0x4150  PEAUTH - ok
15:04:26.0203 0x4150  PeerDistSvc - ok
15:04:26.0207 0x4150  percsas2i - ok
15:04:26.0210 0x4150  percsas3i - ok
15:04:26.0253 0x4150  PerfHost - ok
15:04:26.0261 0x4150  PhoneSvc - ok
15:04:26.0273 0x4150  PimIndexMaintenanceSvc - ok
15:04:26.0286 0x4150  pla - ok
15:04:26.0316 0x4150  PlugPlay - ok
15:04:26.0318 0x4150  PnkBstrA - ok
15:04:26.0322 0x4150  PNRPAutoReg - ok
15:04:26.0325 0x4150  PNRPsvc - ok
15:04:26.0336 0x4150  PolicyAgent - ok
15:04:26.0342 0x4150  Power - ok
15:04:26.0345 0x4150  PptpMiniport - ok
15:04:26.0480 0x4150  [ 30AA256A85C1A7B17A590B1C5244D28E, 2C1FB30DEF53C37CA0D0CA54B65CB8572C53DDFB430DE57F964253F1082ACEA0 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
15:04:26.0521 0x4150  PrintNotify - ok
15:04:26.0542 0x4150  Processor - ok
15:04:26.0550 0x4150  ProfSvc - ok
15:04:26.0558 0x4150  Psched - ok
15:04:26.0562 0x4150  QWAVE - ok
15:04:26.0568 0x4150  QWAVEdrv - ok
15:04:26.0571 0x4150  RasAcd - ok
15:04:26.0608 0x4150  RasAgileVpn - ok
15:04:26.0612 0x4150  RasAuto - ok
15:04:26.0615 0x4150  Rasl2tp - ok
15:04:26.0627 0x4150  RasMan - ok
15:04:26.0630 0x4150  RasPppoe - ok
15:04:26.0633 0x4150  RasSstp - ok
15:04:26.0637 0x4150  rdbss - ok
15:04:26.0652 0x4150  rdpbus - ok
15:04:26.0655 0x4150  RDPDR - ok
15:04:26.0675 0x4150  RdpVideoMiniport - ok
15:04:26.0677 0x4150  rdyboost - ok
15:04:26.0681 0x4150  ReFSv1 - ok
15:04:26.0702 0x4150  RemoteAccess - ok
15:04:26.0720 0x4150  RemoteRegistry - ok
15:04:26.0728 0x4150  RetailDemo - ok
15:04:26.0747 0x4150  [ 498C3D4D44382A96812A0E0FF28D575B, 23CB784547268CF775636B07CAC4C00B962FD10A7F9144D5D5886A9166919BBA ] Revoflt         C:\WINDOWS\system32\DRIVERS\revoflt.sys
15:04:26.0748 0x4150  Revoflt - ok
15:04:26.0794 0x4150  [ 696E4FB4F1FB99C572325D9EE2A98356, 7BBC2DFA817A93B209B408A06C86832A2B94EAE7CC236531AB62E85B443418BA ] RfeCoSvc        C:\WINDOWS\system32\DRIVERS\RfeCo10X64.sys
15:04:26.0796 0x4150  RfeCoSvc - ok
15:04:26.0814 0x4150  RmSvc - ok
15:04:26.0839 0x4150  RpcEptMapper - ok
15:04:26.0852 0x4150  RpcLocator - ok
15:04:26.0864 0x4150  RpcSs - ok
15:04:26.0876 0x4150  rspndr - ok
15:04:26.0905 0x4150  [ A11B83372FE97BDE3084F5E30FA19F37, 951518AB6A66786AA92FD110F7FDE61C5D4934CBCEA6AA1EFE9A8A7BE16FF2BC ] rwpvcy          C:\WINDOWS\system32\drivers\rwpvcy.sys
15:04:26.0906 0x4150  rwpvcy - ok
15:04:26.0910 0x4150  s3cap - ok
15:04:26.0936 0x4150  SamSs - ok
15:04:26.0951 0x4150  sbp2port - ok
15:04:26.0992 0x4150  SCardSvr - ok
15:04:27.0012 0x4150  ScDeviceEnum - ok
15:04:27.0042 0x4150  scfilter - ok
15:04:27.0045 0x4150  Schedule - ok
15:04:27.0055 0x4150  scmbus - ok
15:04:27.0062 0x4150  scmdisk0101 - ok
15:04:27.0075 0x4150  SCPolicySvc - ok
15:04:27.0104 0x4150  [ AD7189E85A0801DE0507C610963A3CD0, 0AA9F3C9D252624CC62EC95FD910C6911E136DD3E66159CEB9857BC7AB70FAA2 ] ScpVBus         C:\WINDOWS\System32\drivers\ScpVBus.sys
15:04:27.0105 0x4150  ScpVBus - ok
15:04:27.0108 0x4150  sdbus - ok
15:04:27.0123 0x4150  SDRSVC - ok
15:04:27.0125 0x4150  sdstor - ok
15:04:27.0129 0x4150  seclogon - ok
15:04:27.0141 0x4150  SENS - ok
15:04:27.0160 0x4150  Sense - ok
15:04:27.0175 0x4150  SensorDataService - ok
15:04:27.0187 0x4150  SensorService - ok
15:04:27.0190 0x4150  SensrSvc - ok
15:04:27.0193 0x4150  SerCx - ok
15:04:27.0196 0x4150  SerCx2 - ok
15:04:27.0199 0x4150  Serenum - ok
15:04:27.0203 0x4150  Serial - ok
15:04:27.0206 0x4150  sermouse - ok
15:04:27.0213 0x4150  SessionEnv - ok
15:04:27.0216 0x4150  sfloppy - ok
15:04:27.0235 0x4150  SharedAccess - ok
15:04:27.0267 0x4150  ShellHWDetection - ok
15:04:27.0291 0x4150  shpamsvc - ok
15:04:27.0294 0x4150  SiSRaid2 - ok
15:04:27.0298 0x4150  SiSRaid4 - ok
15:04:27.0344 0x4150  [ 18614592402298F32EBE75B85AA98F6A, 94E914CF70006F272D1155ABCCF000691742EA6F81CA46FCADFEA1CA257B72C9 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
15:04:27.0347 0x4150  SkypeUpdate - ok
15:04:27.0369 0x4150  smphost - ok
15:04:27.0382 0x4150  SmsRouter - ok
15:04:27.0407 0x4150  SNMPTRAP - ok
15:04:27.0424 0x4150  spaceport - ok
15:04:27.0428 0x4150  SpbCx - ok
15:04:27.0478 0x4150  [ 0FFE35F0B0CD5A324BBE22F02569AE3B, F4EE803EEFDB4EAEEDB3024C3516F1F9A202C77F4870D6B74356BBDE32B3B560 ] speedfan        C:\WINDOWS\SysWOW64\speedfan.sys
15:04:27.0485 0x4150  speedfan - ok
15:04:27.0489 0x4150  Spooler - ok
15:04:27.0517 0x4150  sppsvc - ok
15:04:27.0525 0x4150  srv - ok
15:04:27.0529 0x4150  srv2 - ok
15:04:27.0532 0x4150  srvnet - ok
15:04:27.0540 0x4150  SSDPSRV - ok
15:04:27.0559 0x4150  SstpSvc - ok
15:04:27.0595 0x4150  StateRepository - ok
15:04:27.0667 0x4150  [ 03404CCE10E4A207953E954C2AF8D41E, 380841C60C7730E14F81C2E2D011E944BE45CA082997B82A4859C2E49F812D01 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
15:04:27.0687 0x4150  Steam Client Service - ok
15:04:27.0718 0x4150  stexstor - ok
15:04:27.0746 0x4150  stisvc - ok
15:04:27.0759 0x4150  storahci - ok
15:04:27.0762 0x4150  storflt - ok
15:04:27.0765 0x4150  stornvme - ok
15:04:27.0769 0x4150  storqosflt - ok
15:04:27.0778 0x4150  StorSvc - ok
15:04:27.0781 0x4150  storufs - ok
15:04:27.0785 0x4150  storvsc - ok
15:04:27.0819 0x4150  svsvc - ok
15:04:27.0822 0x4150  swenum - ok
15:04:27.0826 0x4150  swprv - ok
15:04:27.0849 0x4150  Synth3dVsc - ok
15:04:27.0857 0x4150  SysMain - ok
15:04:27.0874 0x4150  SystemEventsBroker - ok
15:04:27.0880 0x4150  TabletInputService - ok
15:04:27.0883 0x4150  TapiSrv - ok
15:04:27.0894 0x4150  Tcpip - ok
15:04:27.0897 0x4150  Tcpip6 - ok
15:04:27.0905 0x4150  tcpipreg - ok
15:04:27.0910 0x4150  tdx - ok
15:04:27.0913 0x4150  terminpt - ok
15:04:27.0921 0x4150  TermService - ok
15:04:27.0928 0x4150  Themes - ok
15:04:28.0022 0x4150  [ 40C52C3BFAB267FA844F79B81418A767, B5127D00CB7A366D5FFCEDD907474C3E75ED63108E88CA6378228A5D7AA9649F ] ThunderboltService C:\Program Files (x86)\Intel\Thunderbolt Software\tbtsvc.exe
15:04:28.0049 0x4150  ThunderboltService - ok
15:04:28.0071 0x4150  TieringEngineService - ok
15:04:28.0078 0x4150  tiledatamodelsvc - ok
15:04:28.0082 0x4150  TimeBrokerSvc - ok
15:04:28.0088 0x4150  TPM - ok
15:04:28.0091 0x4150  TrkWks - ok
15:04:28.0134 0x4150  TrustedInstaller - ok
15:04:28.0138 0x4150  tsusbflt - ok
15:04:28.0141 0x4150  TsUsbGD - ok
15:04:28.0145 0x4150  tsusbhub - ok
15:04:28.0162 0x4150  tzautoupdate - ok
15:04:28.0176 0x4150  UASPStor - ok
15:04:28.0179 0x4150  UcmCx0101 - ok
15:04:28.0183 0x4150  UcmTcpciCx0101 - ok
15:04:28.0185 0x4150  UcmUcsi - ok
15:04:28.0189 0x4150  Ucx01000 - ok
15:04:28.0192 0x4150  UdeCx - ok
15:04:28.0196 0x4150  udfs - ok
15:04:28.0199 0x4150  UEFI - ok
15:04:28.0202 0x4150  UevAgentDriver - ok
15:04:28.0208 0x4150  UevAgentService - ok
15:04:28.0211 0x4150  Ufx01000 - ok
15:04:28.0214 0x4150  UfxChipidea - ok
15:04:28.0217 0x4150  ufxsynopsys - ok
15:04:28.0229 0x4150  UI0Detect - ok
15:04:28.0232 0x4150  umbus - ok
15:04:28.0235 0x4150  UmPass - ok
15:04:28.0243 0x4150  UmRdpService - ok
15:04:28.0270 0x4150  UnistoreSvc - ok
15:04:28.0275 0x4150  upnphost - ok
15:04:28.0279 0x4150  UrsChipidea - ok
15:04:28.0282 0x4150  UrsCx01000 - ok
15:04:28.0285 0x4150  UrsSynopsys - ok
15:04:28.0312 0x4150  [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64       C:\WINDOWS\System32\Drivers\usbaapl64.sys
15:04:28.0314 0x4150  USBAAPL64 - ok
15:04:28.0328 0x4150  usbaudio - ok
15:04:28.0331 0x4150  usbccgp - ok
15:04:28.0334 0x4150  usbcir - ok
15:04:28.0338 0x4150  usbehci - ok
15:04:28.0341 0x4150  usbhub - ok
15:04:28.0344 0x4150  USBHUB3 - ok
15:04:28.0347 0x4150  usbohci - ok
15:04:28.0350 0x4150  usbprint - ok
15:04:28.0360 0x4150  usbser - ok
15:04:28.0372 0x4150  USBSTOR - ok
15:04:28.0376 0x4150  usbuhci - ok
15:04:28.0386 0x4150  USBXHCI - ok
15:04:28.0397 0x4150  UserDataSvc - ok
15:04:28.0421 0x4150  UserManager - ok
15:04:28.0428 0x4150  UsoSvc - ok
15:04:28.0436 0x4150  VaultSvc - ok
15:04:28.0490 0x4150  [ D6682C4EF3C0D3A94B79BB89A9D064D7, D620756CDD06F9936BA984145DFD2103050AB2E9AA69612EDAE63E776B73E327 ] VBoxDrv         C:\WINDOWS\system32\DRIVERS\VBoxDrv.sys
15:04:28.0502 0x4150  VBoxDrv - ok
15:04:28.0537 0x4150  [ FE9C37F13BCB36822844016990FE8DF4, 4F9A9745D7251D19D547283FB2A280FE4111322DC89BE1ED6BB3BE1DF2CEB7CF ] VBoxNetAdp      C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys
15:04:28.0540 0x4150  VBoxNetAdp - ok
15:04:28.0553 0x4150  [ CB6E6005225FB286152F2EB00E47895F, 64397DA1369A43D70ECFEF446E148B879EF42A3552CD0D5EE4214BFBAA3257A7 ] VBoxNetLwf      C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys
15:04:28.0557 0x4150  VBoxNetLwf - ok
15:04:28.0589 0x4150  [ 2E9672FF5E2A6C18D2D8807ABFF82F84, 94DBF4943C4C3F875D55148ED700721166E8929D6C50D8E6E35A852F8DBD9761 ] VBoxUSBMon      C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys
15:04:28.0592 0x4150  VBoxUSBMon - ok
15:04:28.0595 0x4150  vdrvroot - ok
15:04:28.0610 0x4150  vds - ok
15:04:28.0613 0x4150  VerifierExt - ok
15:04:28.0625 0x4150  vhdmp - ok
15:04:28.0635 0x4150  vhf - ok
15:04:28.0639 0x4150  vmbus - ok
15:04:28.0642 0x4150  VMBusHID - ok
15:04:28.0658 0x4150  vmgid - ok
15:04:28.0666 0x4150  vmicguestinterface - ok
15:04:28.0669 0x4150  vmicheartbeat - ok
15:04:28.0674 0x4150  vmickvpexchange - ok
15:04:28.0690 0x4150  vmicrdv - ok
15:04:28.0693 0x4150  vmicshutdown - ok
15:04:28.0697 0x4150  vmictimesync - ok
15:04:28.0701 0x4150  vmicvmsession - ok
15:04:28.0704 0x4150  vmicvss - ok
15:04:28.0709 0x4150  volmgr - ok
15:04:28.0712 0x4150  volmgrx - ok
15:04:28.0715 0x4150  volsnap - ok
15:04:28.0721 0x4150  volume - ok
15:04:28.0735 0x4150  vpci - ok
15:04:28.0739 0x4150  vsmraid - ok
15:04:28.0744 0x4150  VSS - ok
15:04:28.0804 0x4150  [ 79F4D90FAA0ACC1866F2F3E03E39CA89, EE08BCBF29A7E4AFFF520B8DF067281425F433EC275F8C86CE8F20F000E92E3D ] vssbrigde64     C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\x64\vssbridge64.exe
15:04:28.0806 0x4150  vssbrigde64 - ok
15:04:28.0810 0x4150  VSTXRAID - ok
15:04:28.0829 0x4150  vwifibus - ok
15:04:28.0833 0x4150  vwififlt - ok
15:04:28.0837 0x4150  W32Time - ok
15:04:28.0840 0x4150  WacomPen - ok
15:04:28.0864 0x4150  WalletService - ok
15:04:28.0867 0x4150  wanarp - ok
15:04:28.0871 0x4150  wanarpv6 - ok
15:04:28.0923 0x4150  [ 6C1039AD2D5F814ACEB3EEC95C25DE1F, F29DA57EF51D6D8EE2F781EEB16525C186A7269D6CBEE928FBC5BAC98896D21C ] WARSvc          C:\Program Files\Ruiware\WinAntiRansom\WARSvc.exe
15:04:28.0926 0x4150  WARSvc - ok
15:04:28.0951 0x4150  [ 6C6DB29088C195A4142F932650C6DA98, 8CA1A2936134861100FD4A7D810DE4AB334E28526BEA4AA8CD5ECDF349C15AF3 ] WARWDSvc        C:\Program Files\Ruiware\WinAntiRansom\WARWDSvc.exe
15:04:28.0953 0x4150  WARWDSvc - ok
15:04:28.0966 0x4150  wbengine - ok
15:04:28.0984 0x4150  WbioSrvc - ok
15:04:28.0993 0x4150  wcifs - ok
15:04:29.0005 0x4150  Wcmsvc - ok
15:04:29.0008 0x4150  wcncsvc - ok
15:04:29.0022 0x4150  wcnfs - ok
15:04:29.0035 0x4150  WdBoot - ok
15:04:29.0059 0x4150  [ A556768CC1FA4F36022BEE2F0EDE2566, 3A4BC9DE614F43CD94FA354A565C66B2E1E36C0608D84C6288010B97B9D811AA ] WDC_SAM         C:\WINDOWS\System32\drivers\wdcsam64.sys
15:04:29.0060 0x4150  WDC_SAM - ok
15:04:29.0078 0x4150  Wdf01000 - ok
15:04:29.0081 0x4150  WdFilter - ok
15:04:29.0084 0x4150  WdiServiceHost - ok
15:04:29.0087 0x4150  WdiSystemHost - ok
15:04:29.0094 0x4150  wdiwifi - ok
15:04:29.0097 0x4150  WdNisDrv - ok
15:04:29.0122 0x4150  WdNisSvc - ok
15:04:29.0126 0x4150  WebClient - ok
15:04:29.0130 0x4150  Wecsvc - ok
15:04:29.0148 0x4150  WEPHOSTSVC - ok
15:04:29.0155 0x4150  wercplsupport - ok
15:04:29.0162 0x4150  WerSvc - ok
15:04:29.0167 0x4150  WFPLWFS - ok
15:04:29.0180 0x4150  WiaRpc - ok
15:04:29.0184 0x4150  WIMMount - ok
15:04:29.0187 0x4150  WinDefend - ok
15:04:29.0200 0x4150  WindowsTrustedRT - ok
15:04:29.0203 0x4150  WindowsTrustedRTProxy - ok
15:04:29.0207 0x4150  WinHttpAutoProxySvc - ok
15:04:29.0211 0x4150  WinMad - ok
15:04:29.0250 0x4150  Winmgmt - ok
15:04:29.0302 0x4150  [ 31947C7321C2E2E7E31C8C7345FA25E3, 76257CAAFE00BC71A278451FE0EFC17D21102DEBC8BB697B8DBB4926DB6AF719 ] WinPrivacySvc   C:\Program Files\Ruiware\WinPrivacy\WinPrivacySvc.exe
15:04:29.0308 0x4150  WinPrivacySvc - ok
15:04:29.0327 0x4150  WinRM - ok
15:04:29.0335 0x4150  WINUSB - ok
15:04:29.0339 0x4150  WinVerbs - ok
15:04:29.0368 0x4150  wisvc - ok
15:04:29.0373 0x4150  WlanSvc - ok
15:04:29.0399 0x4150  wlidsvc - ok
15:04:29.0403 0x4150  WmiAcpi - ok
15:04:29.0408 0x4150  wmiApSrv - ok
15:04:29.0430 0x4150  WMPNetworkSvc - ok
15:04:29.0448 0x4150  Wof - ok
15:04:29.0481 0x4150  workfolderssvc - ok
15:04:29.0501 0x4150  WPDBusEnum - ok
15:04:29.0506 0x4150  WpdUpFltr - ok
15:04:29.0528 0x4150  WpnService - ok
15:04:29.0532 0x4150  WpnUserService - ok
15:04:29.0597 0x4150  [ A51C238849E3E81B068A2B336C3B0135, 96B7C5A96CE721052485F0876920AB0199E0AAA40C48041C43D92DBE904BCF4F ] WPWDSvc         C:\Program Files\Ruiware\WinPrivacy\WPWDSvc.exe
15:04:29.0603 0x4150  WPWDSvc - ok
15:04:29.0608 0x4150  ws2ifsl - ok
15:04:29.0629 0x4150  wscsvc - ok
15:04:29.0632 0x4150  WSearch - ok
15:04:29.0644 0x4150  wuauserv - ok
15:04:29.0647 0x4150  WudfPf - ok
15:04:29.0651 0x4150  WUDFRd - ok
15:04:29.0655 0x4150  wudfsvc - ok
15:04:29.0658 0x4150  WUDFWpdFs - ok
15:04:29.0661 0x4150  WUDFWpdMtp - ok
15:04:29.0673 0x4150  WwanSvc - ok
15:04:29.0688 0x4150  XblAuthManager - ok
15:04:29.0697 0x4150  XblGameSave - ok
15:04:29.0700 0x4150  xboxgip - ok
15:04:29.0712 0x4150  XboxNetApiSvc - ok
15:04:29.0719 0x4150  xinputhid - ok
15:04:29.0732 0x4150  xusb22 - ok
15:04:29.0732 0x4150  ================ Scan global ===============================
15:04:29.0821 0x4150  [ Global ] - ok
15:04:29.0822 0x4150  ================ Scan MBR ==================================
15:04:29.0826 0x4150  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:04:29.0903 0x4150  \Device\Harddisk0\DR0 - ok
15:04:29.0906 0x4150  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR50
15:04:29.0911 0x4150  \Device\Harddisk1\DR50 - ok
15:04:29.0911 0x4150  ================ Scan VBR ==================================
15:04:29.0912 0x4150  [ A5BAF947EFBE850A9CA45B427A823DA0 ] \Device\Harddisk0\DR0\Partition1
15:04:29.0913 0x4150  \Device\Harddisk0\DR0\Partition1 - ok
15:04:29.0915 0x4150  [ 5F8E0A1FBEAD42B496AA882CDFA99097 ] \Device\Harddisk0\DR0\Partition2
15:04:29.0916 0x4150  \Device\Harddisk0\DR0\Partition2 - ok
15:04:29.0918 0x4150  [ D251E9D6487C9F5E3A46E72917B779F3 ] \Device\Harddisk1\DR50\Partition1
15:04:29.0919 0x4150  \Device\Harddisk1\DR50\Partition1 - ok
15:04:29.0919 0x4150  ================ Scan generic autorun ======================
15:04:29.0969 0x4150  [ ED43758BF94B8A5221D69F1B7F63F13D, F6E7418823E45085F4D4F50DD25A55ED517C0A335C6C2F69A1139B30677D3DA9 ] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe
15:04:29.0980 0x4150  XboxStat - ok
15:04:30.0040 0x4150  [ F500CC088F26F775452F0EAAAEA1C052, 2BD0235DB89DDDAE6C25BCC9F46635C772367BE1B24DF84F1948A7C9027910D1 ] C:\Program Files\Ruiware\WinPrivacy\WinPrivacyTrayApp.exe
15:04:30.0061 0x4150  WinPrivacy - ok
15:04:30.0066 0x4150  ShadowPlay - ok
15:04:30.0210 0x4150  [ 5602FF42444B4991E69C62E493BDAEC4, 7AE46CA0CD1E1C091B31EE4A691C26823E0F1AB1CA6B1C29E6C662BF7E28A996 ] C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe
15:04:30.0251 0x4150  Malwarebytes TrayApp - ok
15:04:30.0294 0x4150  [ B9D6C3C32FAB7DB4BC4DA90563B84765, C7C78BE9B697170FE7A1778BFE45D151C551A73497DD815C4F25709482E4D404 ] C:\Program Files\iTunes\iTunesHelper.exe
15:04:30.0297 0x4150  iTunesHelper - ok
15:04:30.0406 0x4150  [ 3AC07DE2420543417A1436A083379F1E, 6E7396A3D5DAE5DA28EABA77064889C326F31D728EA770E14E60DBC737D4B714 ] C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe
15:04:30.0407 0x4150  IAStorIcon - ok
15:04:30.0424 0x4150  [ C419DF63E0121D72411285780C2FC6CC, F47F854D327C589D174D3BB5B55D5C05F5ACA73DF52A6BEF47596B9010190291 ] C:\Windows\UpdReg.EXE
15:04:30.0425 0x4150  UpdReg - ok
15:04:30.0460 0x4150  [ F85C8852B663E1D1A69E9A59677AD393, 7065140F76ED16A760E6AC6386C47AD27A09CDAFD889DAA07A726819FDCAF34F ] C:\Program Files (x86)\Creative\Sound Blaster Recon3Di\Sound Blaster Recon3Di Control Panel\SBRcni.exe
15:04:30.0476 0x4150  Sound Blaster Recon3Di SBX Control Panel - ok
15:04:30.0503 0x4150  [ EBC0E8C0A4DDA2C32A7D5863462A321A, 2F410138DB66D0219254339F1F098E401CEDAA032596F1F67BC54F394256FC68 ] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
15:04:30.0504 0x4150  amd_dc_opt - ok
15:04:30.0568 0x4150  [ 9CE467BFF974344FB989F83D600B0A80, 40AEBDFEB9380ED5F3A6995F108C9D8D3D1433778C835B75FAE3B1A3534794DF ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
15:04:30.0576 0x4150  SunJavaUpdateSched - ok
15:04:30.0640 0x4150  [ 12AC70C6353054F56D72E2EDD6F39CC6, 22BC16080877A98E78A956F58379154AE76BDC90E1A5015932BF855EDA0D05CE ] C:\Program Files (x86)\GIGABYTE\AppCenter\PreRun.exe
15:04:30.0640 0x4150  PreRun - ok
15:04:30.0704 0x4150  OneDriveSetup - ok
15:04:30.0705 0x4150  OneDriveSetup - ok
15:04:30.0793 0x4150  [ 90029F7160037122DA12101C0C8850F7, DE4BFD8E60AC0222EACCA8BAC94562ED2B38CBEF569F8B927CCD197735655AC0 ] C:\Users\Drazala\AppData\Local\Microsoft\OneDrive\OneDrive.exe
15:04:30.0810 0x4150  OneDrive - ok
15:04:31.0045 0x4150  [ 24AFAD9B4B24FD1D4BF7127A2DC78D92, 86F801B1EA39CEE3A1A1969A02D32477040982339F837AE8FAAFF68F46D78822 ] C:\Program Files\CCleaner\CCleaner64.exe
15:04:31.0154 0x4150  CCleaner Monitoring - ok
15:04:31.0218 0x4150  [ 530A17C5143CE6149B08CAC0C79DE4D2, 2920CD49244BC743F59C6BB4A80996A0CAA08B92E6285FB08DABD6BEAC91A82E ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
15:04:31.0219 0x4150  iCloudServices - ok
15:04:31.0397 0x4150  [ E7897DBF7C5EF31B1AC7E35B6BB0BC88, 53BB3DBF2D7A490D3F56BD87F1B13CEE21D568412A836897E60421D9CE9378EC ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8.0.5\kpm.exe
15:04:31.0486 0x4150  kpm.exe - ok
15:04:31.0584 0x4150  [ 613BA4F63E78B279724B123DE7AE51E8, DCD8EE49FE18E3E67AF46F1767E203166E439391FA5F689FD8A16F7AAEF26B81 ] C:\Program Files (x86)\Origin\Origin.exe
15:04:31.0619 0x4150  EADM - ok
15:04:31.0689 0x4150  [ F0C9CEF765CC71AB717C1133CFF65235, 49FE08A1AD3846FFDD888BD5E4F333473A22C93ABEB913402A08058687020CC7 ] C:\Users\Drazala\AppData\Roaming\Auto Clicker\AutoClicker.exe
15:04:31.0690 0x4150  MurGee.com Auto Clicker - ok
15:04:31.0757 0x4150  [ 264FF661A5DA4211E85E55BCB0BF6D53, A7651C052DB3610A9625AE4F4A4DAAECA59EDC5A2A68F30D355475C4A9BF2717 ] C:\Program Files (x86)\Ruiware\WinPatrol\WinPatrol.exe
15:04:31.0770 0x4150  WinPatrol - ok
15:04:31.0880 0x4150  [ 5614A72C29D1BBEAD78FE507013B2488, 725BB9E65C18C83A7FD560242E72931358F4B7950F22DEC5FA434845B3221BD7 ] C:\Program Files (x86)\Steam\steam.exe
15:04:31.0916 0x4150  Steam - ok
15:04:31.0921 0x4150  OneDriveSetup - ok
15:04:32.0030 0x4150  [ 9F2ECA252720B25E8FEC1CAB2984B98D, 476EE2929901CD43F15869B763376393AA0942A3B934532055E037C6DCE3CD2D ] C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\OneDrive.exe
15:04:32.0037 0x4150  OneDrive - ok
15:04:32.0093 0x4150  [ 613BA4F63E78B279724B123DE7AE51E8, DCD8EE49FE18E3E67AF46F1767E203166E439391FA5F689FD8A16F7AAEF26B81 ] C:\Program Files (x86)\Origin\Origin.exe
15:04:32.0129 0x4150  EADM - ok
15:04:32.0190 0x4150  [ 5614A72C29D1BBEAD78FE507013B2488, 725BB9E65C18C83A7FD560242E72931358F4B7950F22DEC5FA434845B3221BD7 ] C:\Program Files (x86)\Steam\steam.exe
15:04:32.0224 0x4150  Steam - ok
15:04:32.0254 0x4150  Skype - ok
15:04:32.0290 0x4150  WAB Migrate - ok
15:04:32.0291 0x4150  Waiting for KSN requests completion. In queue: 23
15:04:32.0441 0x4eb4  Object required for P2P: [ 24AFAD9B4B24FD1D4BF7127A2DC78D92 ] C:\Program Files\CCleaner\CCleaner64.exe
15:04:32.0932 0x4eb4  Object send P2P result: true
15:04:33.0306 0x4150  AV detected via SS2: Kaspersky Total Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\wmiav.exe ( 16.0.0.614 ), 0x340000 ( disabled : updated )
15:04:33.0306 0x4150  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.14393.1198 ), 0x60100 ( disabled : updated )
15:04:33.0307 0x4150  AV detected via SS2: Malwarebytes, C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe ( 3.0.0.143 ), 0x61000 ( enabled : updated )
15:04:33.0308 0x4150  FW detected via SS2: Kaspersky Total Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\wmiav.exe ( 16.0.0.614 ), 0x40010 ( disabled )
15:04:33.0313 0x4150  Win FW state via NFP2: enabled ( trusted )
15:04:33.0551 0x4150  ============================================================
15:04:33.0551 0x4150  Scan finished
15:04:33.0551 0x4150  ============================================================
15:04:33.0557 0x0b4c  Detected object count: 0
15:04:33.0557 0x0b4c  Actual detected object count: 0

 

 

# AdwCleaner 7.0.1.0 - Logfile created on Fri Aug 11 20:09:47 2017
# Updated on 2017/05/08 by Malwarebytes
# Database: 07-31-2017.1
# Running on Windows 10 Pro (X64)
# Mode: scan
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

PUP.Optional.Legacy, C:\Windows\System32\config\systemprofile\AppData\Local\YSearchUtil
PUP.Optional.Legacy, C:\Windows\SysWOW64\config\systemprofile\AppData\Local\YSearchUtil
PUP.Optional.Legacy, C:\Users\Drazala\AppData\Local\YSearchUtil
PUP.Optional.Legacy, C:\Users\All Users\Documents\Downloaded Installers
PUP.Optional.Legacy, C:\Users\Public\Documents\Downloaded Installers
PUP.Optional.Legacy, C:\Program Files (x86)\Yahoo!\yset


***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

PUP.Optional.Legacy, updateTask


***** [ Registry ] *****

PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\SlimWare Utilities Inc
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! SearchSet
PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-3440913725-1873978463-722000591-1001\Software\yahooprovidedsearch
PUP.Optional.Legacy, [Key] - HKCU\Software\yahooprovidedsearch


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries.

*************************



########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt ##########

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Pro x64
Ran by Drazala (Administrator) on Fri 08/11/2017 at 15:17:15.38
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 3

Successfully deleted: C:\Users\Drazala\AppData\Local\ysearchutil (Folder)
Successfully deleted: C:\Users\Drazala\AppData\Roaming\Mozilla\Firefox\Profiles\fsn1hd3u.default\user.js (File)
Successfully deleted: C:\users\Public\Documents\downloaded installers (Folder)



Registry: 1

Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1b31c9d2-7135-442b-bb93-7c002172adc6} (Registry Key)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 08/11/2017 at 15:20:17.64
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

MiniToolBox by Farbar  Version: 17-06-2016
Ran by Drazala (administrator) on 11-08-2017 at 14:51:42
Running from "C:\Users\Drazala\Downloads"
Microsoft Windows 10 Pro  (X64)
Model: Z170X-Gaming 7 Manufacturer: Gigabyte Technology Co., Ltd.
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================
========================= IP Configuration: ================================

VirtualBox Host-Only Ethernet Adapter = VirtualBox Host-Only Network (Connected)
Killer E2400 Gigabit Ethernet Controller = Ethernet 3 (Connected)
Intel® Ethernet Connection (2) I219-V = Ethernet (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global taskoffload=enabled
set interface interface="Local Area Connection* 1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet 2" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="VirtualBox Host-Only Network" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet 3" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
add address name="VirtualBox Host-Only Network" address=192.168.56.1 mask=255.255.255.0


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : DESKTOP-SIPDIDA
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Ethernet:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Intel® Ethernet Connection (2) I219-V
   Physical Address. . . . . . . . . : 40-8D-5C-52-36-D2
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter VirtualBox Host-Only Network:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : VirtualBox Host-Only Ethernet Adapter
   Physical Address. . . . . . . . . : 0A-00-27-00-00-07
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::e91c:130c:e39c:5101%7(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.56.1(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . :
   DHCPv6 IAID . . . . . . . . . . . : 537526311
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1D-D0-1F-65-40-8D-5C-52-36-D2
   DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
                                       fec0:0:0:ffff::2%1
                                       fec0:0:0:ffff::3%1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Ethernet 3:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Killer E2400 Gigabit Ethernet Controller #2
   Physical Address. . . . . . . . . : 40-8D-5C-52-36-D0
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::2405:7547:5e8b:8cce%24(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.3(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Wednesday, August 9, 2017 1:05:19 PM
   Lease Expires . . . . . . . . . . : Saturday, August 12, 2017 2:18:51 PM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 406883676
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1D-D0-1F-65-40-8D-5C-52-36-D2
   DNS Servers . . . . . . . . . . . : 192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled
Server:  UnKnown
Address:  192.168.1.1

Name:    google.com
Addresses:  2607:f8b0:4000:812::200e
      172.217.9.14


Pinging google.com [172.217.9.14] with 32 bytes of data:
Reply from 172.217.9.14: bytes=32 time=26ms TTL=55
Reply from 172.217.9.14: bytes=32 time=26ms TTL=55

Ping statistics for 172.217.9.14:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 26ms, Maximum = 26ms, Average = 26ms
Server:  UnKnown
Address:  192.168.1.1

Name:    yahoo.com
Addresses:  2001:4998:c:a06::2:4008
      2001:4998:44:204::a7
      2001:4998:58:c02::a9
      98.139.180.149
      206.190.36.45
      98.138.253.109


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=46ms TTL=53
Reply from 98.138.253.109: bytes=32 time=39ms TTL=53

Ping statistics for 98.138.253.109:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 39ms, Maximum = 46ms, Average = 42ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 13...40 8d 5c 52 36 d2 ......Intel® Ethernet Connection (2) I219-V
  7...0a 00 27 00 00 07 ......VirtualBox Host-Only Ethernet Adapter
 24...40 8d 5c 52 36 d0 ......Killer E2400 Gigabit Ethernet Controller #2
  1...........................Software Loopback Interface 1
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1      192.168.1.3     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    331
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    331
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    331
      192.168.1.0    255.255.255.0         On-link       192.168.1.3    281
      192.168.1.3  255.255.255.255         On-link       192.168.1.3    281
    192.168.1.255  255.255.255.255         On-link       192.168.1.3    281
     192.168.56.0    255.255.255.0         On-link      192.168.56.1    281
     192.168.56.1  255.255.255.255         On-link      192.168.56.1    281
   192.168.56.255  255.255.255.255         On-link      192.168.56.1    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    331
        224.0.0.0        240.0.0.0         On-link      192.168.56.1    281
        224.0.0.0        240.0.0.0         On-link       192.168.1.3    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    331
  255.255.255.255  255.255.255.255         On-link      192.168.56.1    281
  255.255.255.255  255.255.255.255         On-link       192.168.1.3    281
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    331 ::1/128                  On-link
  7    281 fe80::/64                On-link
 24    281 fe80::/64                On-link
 24    281 fe80::2405:7547:5e8b:8cce/128
                                    On-link
  7    281 fe80::e91c:130c:e39c:5101/128
                                    On-link
  1    331 ff00::/8                 On-link
  7    281 ff00::/8                 On-link
 24    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\WINDOWS\SysWOW64\napinsp.dll [55808] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70656] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70656] (Microsoft Corporation)
Catalog5 04 C:\WINDOWS\SysWOW64\NLAapi.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\WINDOWS\SysWOW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog5 06 C:\WINDOWS\SysWOW64\winrnr.dll [24064] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128] (Apple Inc.)
Catalog9 01 C:\WINDOWS\SysWOW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\SysWOW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\SysWOW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\SysWOW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\SysWOW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\SysWOW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\SysWOW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\SysWOW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\SysWOW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\SysWOW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\SysWOW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 12 C:\WINDOWS\SysWOW64\mswsock.dll [306016] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [67584] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [80896] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [31744] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [133392] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 12 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/11/2017 03:47:40 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_42151e83c686086b.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_42151e83c686086b.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_42151e83c686086b.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_42151e83c686086b.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_89c2555adb023171.manifest.

Error: (08/10/2017 03:36:34 PM) (Source: Perflib) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (08/10/2017 12:19:53 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_42151e83c686086b.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_42151e83c686086b.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_42151e83c686086b.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_42151e83c686086b.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_89c2555adb023171.manifest.

Error: (08/10/2017 03:16:36 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_42151e83c686086b.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_42151e83c686086b.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_42151e83c686086b.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_42151e83c686086b.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_89c2555adb023171.manifest.

Error: (08/10/2017 02:50:40 AM) (Source: Application Error) (User: )
Description: Faulting application name: GTA5.exe, version: 1.0.1103.2, time stamp: 0x593a8107
Faulting module name: GTA5.exe, version: 1.0.1103.2, time stamp: 0x593a8107
Exception code: 0xc0000005
Fault offset: 0x00000000005066dc
Faulting process id: 0x3f08
Faulting application start time: 0xGTA5.exe0
Faulting application path: GTA5.exe1
Faulting module path: GTA5.exe2
Report Id: GTA5.exe3
Faulting package full name: GTA5.exe4
Faulting package-relative application ID: GTA5.exe5

Error: (08/09/2017 03:30:09 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_42151e83c686086b.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_42151e83c686086b.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_42151e83c686086b.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_42151e83c686086b.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_89c2555adb023171.manifest.

Error: (08/09/2017 02:02:43 PM) (Source: Application Error) (User: )
Description: Faulting application name: GTAIV.exe, version: 1.0.8.0, time stamp: 0x57c6fb75
Faulting module name: GTAIV.exe, version: 1.0.8.0, time stamp: 0x57c6fb75
Exception code: 0xc0000005
Fault offset: 0x00056d16
Faulting process id: 0x2850
Faulting application start time: 0xGTAIV.exe0
Faulting application path: GTAIV.exe1
Faulting module path: GTAIV.exe2
Report Id: GTAIV.exe3
Faulting package full name: GTAIV.exe4
Faulting package-relative application ID: GTAIV.exe5

Error: (08/09/2017 01:58:18 PM) (Source: Application Error) (User: )
Description: Faulting application name: gt4e-Drazala.exe, version: 0.0.0.0, time stamp: 0x5023cba1
Faulting module name: gt4e-Drazala.exe, version: 0.0.0.0, time stamp: 0x5023cba1
Exception code: 0xc0000005
Fault offset: 0x00006760
Faulting process id: 0x27cc
Faulting application start time: 0xgt4e-Drazala.exe0
Faulting application path: gt4e-Drazala.exe1
Faulting module path: gt4e-Drazala.exe2
Report Id: gt4e-Drazala.exe3
Faulting package full name: gt4e-Drazala.exe4
Faulting package-relative application ID: gt4e-Drazala.exe5

Error: (08/09/2017 01:19:24 PM) (Source: MsiInstaller) (User: DESKTOP-SIPDIDA)
Description: Product: Thunderbolt™ Software -- Newer version already installed

Error: (08/09/2017 01:18:53 PM) (Source: Application Hang) (User: )
Description: The program iTunes.exe version 12.6.2.20 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 2be8

Start Time: 01d3113ade93c30c

Termination Time: 4294967295

Application Path: C:\Program Files\iTunes\iTunes.exe

Report Id: 33a7ee8e-7d2e-11e7-9c28-408d5c5236d0

Faulting package full name:

Faulting package-relative application ID:


System errors:
=============
Error: (08/10/2017 12:03:55 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x8024200d: Feature update to Windows 10, version 1703.

Error: (08/09/2017 02:30:20 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (08/09/2017 01:17:06 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (08/09/2017 01:15:01 PM) (Source: Service Control Manager) (User: )
Description: The WinPrivacySvc service terminated unexpectedly.  It has done this 2 time(s).

Error: (08/09/2017 01:14:45 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (08/09/2017 01:11:34 PM) (Source: Service Control Manager) (User: )
Description: The iPod Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (08/09/2017 01:11:20 PM) (Source: Service Control Manager) (User: )
Description: The WARWDSvc service terminated unexpectedly.  It has done this 1 time(s).

Error: (08/09/2017 01:11:17 PM) (Source: Service Control Manager) (User: )
Description: The WARSvc service terminated unexpectedly.  It has done this 3 time(s).

Error: (08/09/2017 01:11:12 PM) (Source: Service Control Manager) (User: )
Description: The WARSvc service terminated unexpectedly.  It has done this 2 time(s).

Error: (08/09/2017 01:11:09 PM) (Source: Service Control Manager) (User: )
Description: The WPWDSvc service terminated unexpectedly.  It has done this 1 time(s).


Microsoft Office Sessions:
=========================
Error: (08/11/2017 03:47:40 AM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_42151e83c686086b.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_89c2555adb023171.manifestc:\program files\netgear\readyshare vault\x86\GenieTimeLineAgent.exe

Error: (08/10/2017 03:36:34 PM) (Source: Perflib)(User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (08/10/2017 12:19:53 PM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_42151e83c686086b.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_89c2555adb023171.manifestc:\program files\netgear\readyshare vault\x86\GenieTimeLineAgent.exe

Error: (08/10/2017 03:16:36 AM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_42151e83c686086b.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_89c2555adb023171.manifestc:\program files\netgear\readyshare vault\x86\GenieTimeLineAgent.exe

Error: (08/10/2017 02:50:40 AM) (Source: Application Error)(User: )
Description: GTA5.exe1.0.1103.2593a8107GTA5.exe1.0.1103.2593a8107c000000500000000005066dc3f0801d311ad523b551fC:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTA5.exeC:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTA5.exedf274693-15ba-47d6-96f2-c85a7de07fa0

Error: (08/09/2017 03:30:09 PM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_42151e83c686086b.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_89c2555adb023171.manifestc:\program files\netgear\readyshare vault\x86\GenieTimeLineAgent.exe

Error: (08/09/2017 02:02:43 PM) (Source: Application Error)(User: )
Description: GTAIV.exe1.0.8.057c6fb75GTAIV.exe1.0.8.057c6fb75c000000500056d16285001d31142134f2ca2C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto IV\GTAIV\GTAIV.exeC:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto IV\GTAIV\GTAIV.exe604b5b40-6625-4ec0-8bff-01bfc2ae76b6

Error: (08/09/2017 01:58:18 PM) (Source: Application Error)(User: )
Description: gt4e-Drazala.exe0.0.0.05023cba1gt4e-Drazala.exe0.0.0.05023cba1c00000050000676027cc01d3114175b03855C:\Users\Drazala\Desktop\gt4e-Drazala.exeC:\Users\Drazala\Desktop\gt4e-Drazala.exe27db8496-d3f6-44fd-b9d1-e9bb681e1bd7

Error: (08/09/2017 01:19:24 PM) (Source: MsiInstaller)(User: DESKTOP-SIPDIDA)
Description: Product: Thunderbolt™ Software -- Newer version already installed(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (08/09/2017 01:18:53 PM) (Source: Application Hang)(User: )
Description: iTunes.exe12.6.2.202be801d3113ade93c30c4294967295C:\Program Files\iTunes\iTunes.exe33a7ee8e-7d2e-11e7-9c28-408d5c5236d0


CodeIntegrity Errors:
===================================
  Date: 2017-07-12 09:09:30.689
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-07-12 09:09:30.682
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-07-12 09:09:30.676
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-07-12 09:09:30.669
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-07-12 09:09:30.663
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-07-12 09:09:30.657
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-07-12 09:09:30.650
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-07-12 09:09:30.643
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-07-12 09:09:30.637
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-07-12 09:09:30.630
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.


=========================== Installed Programs ============================

@BIOS (HKLM-x32\...\{C9D46F25-5F9D-4E25-B24F-BC00E9EDF529}) (Version: 3.17.0710.1 - GIGABYTE) Hidden
@BIOS (HKLM-x32\...\InstallShield_{C9D46F25-5F9D-4E25-B24F-BC00E9EDF529}) (Version: 3.17.0710.1 - GIGABYTE)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 17.012.20093 - Adobe Systems Incorporated)
Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.151 - Adobe Systems Incorporated)
Alien: Isolation (HKLM\...\Steam App 214490) (Version:  - Creative Assembly)
Amihailu in Dreamland (HKLM\...\Steam App 497090) (Version:  - Delmunsoft)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 384.76 - NVIDIA Corporation) Hidden
APP Center (HKLM-x32\...\{D50BEE9A-0EC6-4A58-BF90-35BDC6D6495D}) (Version: 3.17.0630.1 - GIGABYTE) Hidden
APP Center (HKLM-x32\...\InstallShield_{D50BEE9A-0EC6-4A58-BF90-35BDC6D6495D}) (Version: 3.17.0630.1 - GIGABYTE)
Apple Application Support (32-bit) (HKLM-x32\...\{D2FE6376-E549-4F63-A2C5-CA24DA035DE4}) (Version: 5.6 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{BB109E24-EE90-485B-A28B-ADDEFB40540B}) (Version: 5.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{0A596141-97D5-45FA-9281-98DFAF48D579}) (Version: 10.3.2.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{DF6C3726-7E53-4772-9763-E9F147769F51}) (Version: 3.1.6.0000 - Asmedia Technology)
Assassin's Creed Rogue (HKLM\...\Steam App 311560) (Version:  - Ubisoft Sofia)
Assassin's Creed Syndicate (HKLM-x32\...\Uplay Install 1875) (Version: 1.51 - Ubisoft)
Assassin's Creed Unity (HKLM\...\Steam App 289650) (Version:  - Ubisoft)
Auto Clicker v3.1 (HKLM-x32\...\{C0A7E4F3-82CC-416B-82C6-BA06AACFD635}_is1) (Version: 3.1 - MurGee.com)
AutoHotkey 1.1.24.00 (HKLM\...\AutoHotkey) (Version: 1.1.24.00 - Lexikos)
AviSynth (HKLM-x32\...\AviSynth) (Version: 2.6.0 MT - )
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bayonetta (HKLM\...\Steam App 460790) (Version:  - PlatinumGames)
Bejeweled® 3 (HKLM-x32\...\{E99C27B2-EB2E-4244-9F5C-A96F55100F0C}) (Version: 1.1.13.4753 - Electronic Arts, Inc.)
BloodRayne (HKLM\...\Steam App 3810) (Version:  - Terminal Reality)
BloodRayne 2 (HKLM\...\Steam App 3820) (Version:  - Terminal Reality)
BloodRayne: Betrayal (HKLM\...\Steam App 281220) (Version:  - Abstraction Games)
Blossoms Bloom Brightest (HKLM\...\Steam App 437720) (Version:  - Reine Works)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Brave Path (HKLM\...\Steam App 669310) (Version:  - GooDCrafter)
Breaking Good (HKLM\...\Steam App 682780) (Version:  - SeekSick6)
Castlevania: Lords of Shadow 2 (HKLM\...\Steam App 239250) (Version:  - MercurySteam)
CCleaner (HKLM\...\CCleaner) (Version: 5.32 - Piriform)
Chromium (HKCU\...\Chromium) (Version: 46.0.2480.0 - Chromium)
Clicker Heroes (HKLM\...\Steam App 363970) (Version:  - Playsaurus)
Close Your Eyes (HKLM\...\Steam App 377330) (Version:  - Yai Gameworks)
Codename Gordon (HKLM\...\Steam App 92) (Version:  - Nuclear Vision)
Combined Community Codec Pack 64bit 2015-10-18 (HKLM\...\Combined Community Codec Pack 64bit_is1) (Version: 2015.10.19.0 - CCCP Project)
Comedy Quest (HKLM\...\Steam App 399520) (Version:  - Trav Nash)
Confess My Love (HKLM\...\Steam App 637850) (Version:  - LR Studio)
Crush Crush (HKLM\...\Steam App 459820) (Version:  - Sad Panda Studios)
Dark Age of Camelot (HKLM-x32\...\Dark Age of Camelot) (Version:  - Electronic Arts)
Dark Souls: Prepare to Die Edition (HKLM\...\Steam App 211420) (Version:  - FromSoftware)
Darksiders Warmastered Edition (HKLM\...\Steam App 462780) (Version:  - KAIKO)
Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform)
Delude - Succubus Prison (HKLM\...\Steam App 674380) (Version:  - Halissoni)
Désiré (HKLM\...\Steam App 399700) (Version:  - Sylvain Seccia)
Desura (HKLM-x32\...\Desura) (Version: 100.64 - Desura)
Diaries of a Spaceport Janitor (HKLM\...\Steam App 436500) (Version:  - Sundae Month)
Dies irae ~Amantes amentes~ (HKLM\...\Steam App 644540) (Version:  - light)
Dr. Langeskov, The Tiger, and The Terribly Cursed Emerald: A Whirlwind Heist (HKLM-x32\...\Steam App 409160) (Version:  - Crows Crows Crows)
Dragon Age™: Inquisition (HKLM-x32\...\{DC4C36DC-4E5B-4262-B0C7-157DF534B969}) (Version: 1.0.0.12 - Electronic Arts)
Dragon Quest Heroes (HKLM\...\Steam App 410850) (Version:  - KOEI TECMO GAMES CO., LTD.)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
EasyTuneEngineService (HKLM-x32\...\{964575C3-5820-4642-A89A-754255B5EFE1}) (Version: 1.17.0328 - GIGABYTE) Hidden
EasyTuneEngineService (HKLM-x32\...\InstallShield_{964575C3-5820-4642-A89A-754255B5EFE1}) (Version: 1.17.0328 - GIGABYTE)
Emily is Away (HKLM\...\Steam App 417860) (Version:  - Kyle Seeley)
Epic Battle Fantasy 3 (HKLM\...\Steam App 521200) (Version:  - Matt Roszak)
Eternal Senia (HKLM-x32\...\Steam App 351640) (Version:  - Holy Priest)
Everlasting Summer (HKLM-x32\...\Steam App 331470) (Version:  - Soviet Games)
Fallout 4 (HKLM-x32\...\Steam App 377160) (Version:  - Bethesda Game Studios)
Far Cry® 3 (HKLM\...\Steam App 220240) (Version:  - Ubisoft Montreal, Massive Entertainment, and Ubisoft Shanghai)
Fausts Alptraum (HKLM\...\Steam App 574740) (Version:  - LaboRatStudio)
FEMINAZI: The Triggering (HKLM\...\Steam App 585550) (Version:  - hyperboreanGames)
Firestorm SecondLife and OpenSim viewer (HKLM\...\{9F1A7E2F-AA04-4A8F-B578-5BCBB62A648F}) (Version: 4.7.47323 - Phoenix Viewer Project) Hidden
Firestorm-Releasex64 x64 (HKLM-x32\...\{87a36c50-4766-41e3-b23b-2354a2ff60bf}) (Version: 4.7.47323 - Phoenix Firestorm Project Inc)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Free Studio (HKLM-x32\...\Free Studio_is1) (Version: 6.6.0.1224 - DVDVideoSoft Ltd.)
Frosty Kiss (HKLM-x32\...\Steam App 431540) (Version:  - 2Chance Projects)
Game Genie Save Editor for PS3 (EU) (HKLM-x32\...\{9AC5F3D1-C008-4D62-B4D9-14B9EF3E0279}) (Version: 1.1.0.0 - Game Genie)
Garry's Mod (HKLM\...\Steam App 4000) (Version:  - Facepunch Studios)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 60.0.3112.90 - Google Inc.)
Google Drive (HKLM-x32\...\{A1238426-ECDF-4639-BE2F-8D12A97AE23C}) (Version: 2.34.5075.1619 - Google, Inc.)
Google Earth Pro (HKLM-x32\...\{35DAA04C-1720-4BE3-A920-A03731EC6A1D}) (Version: 7.1.5.1557 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Grand Theft Auto V (HKLM\...\Steam App 271590) (Version:  - Rockstar North)
G-Senjou no Maou English (HKLM-x32\...\G-Senjou_no_Maou_Aegis) (Version: 1.0.0.716 - AKABEiSOFT2)
GService (HKLM-x32\...\{D9CB4282-7B2A-4840-AD1D-9DA72B973DD9}) (Version: 1.16.1116.1 - GIGABYTE)
Guild Wars 2 (HKLM\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
GunGirl 2 (HKLM\...\Steam App 517320) (Version:  - BlueEagle Productions)
Hack RUN (HKLM\...\Steam App 378110) (Version:  - i273 LLC)
HACK_IT (HKLM\...\Steam App 444350) (Version:  - Dan_D)
Hacknet (HKLM-x32\...\Steam App 365450) (Version:  - Team Fractal Alligator)
HEBEREKE!: March! Red Army Girls' Brigade (HKLM\...\Steam App 531190) (Version:  - Japan War Game Development)
Hellblade: Senua's Sacrifice (HKLM\...\Steam App 414340) (Version:  - Ninja Theory)
Hunger Dungeon (HKLM\...\Steam App 513560) (Version:  - Buka Game Studio)
iCloud (HKLM\...\{C510BB61-AE0B-4420-87AF-9CF646E86364}) (Version: 6.2.3.17 - Apple Inc.)
Insanity Clicker (HKLM\...\Steam App 393530) (Version:  - PlayFlock)
Intel Processor Diagnostic Tool 64bit (HKLM\...\{D011AAF9-F756-43AB-8E91-47ADF0D86394}) (Version: 4.0.0.29 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation)
Intel® Network Connections 20.2.3001.0 (HKLM\...\PROSetDX) (Version: 20.2.3001.0 - Intel)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.7.1.1015 - Intel Corporation)
Iron Snout (HKLM\...\Steam App 424280) (Version:  - SnoutUp)
itch (HKCU\...\itch) (Version: 0.11.3 - Itch Corp)
iTunes (HKLM\...\{02F95875-9527-49CC-B32F-970ADAEBD1EF}) (Version: 12.6.2.20 - Apple Inc.)
Java 8 Update 144 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)
Kaspersky Password Manager (HKLM-x32\...\{2C74A102-DC39-4158-A831-02BDE2EC7D5D}) (Version: 8.0.5.485 - Kaspersky Lab) Hidden
Kaspersky Password Manager (HKLM-x32\...\InstallWIX_{2C74A102-DC39-4158-A831-02BDE2EC7D5D}) (Version: 8.0.5.485 - Kaspersky Lab)
Kaspersky Total Security (HKLM-x32\...\{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab) Hidden
Kaspersky Total Security (HKLM-x32\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)
Killer Performance Suite (HKLM\...\{9D19C9E8-92C7-4825-AD7C-E0D25BE7A6ED}) (Version: 1.2.1268 - Rivet Networks)
Kingdom: New Lands (HKLM\...\Steam App 496300) (Version:  - Noio)
Kokurase (HKLM\...\Steam App 520910) (Version:  - galanti)
KYOTO TANOJI QUEST (HKLM\...\Steam App 558680) (Version:  - Media Impact Co.,Ltd)
L.A. Noire (HKLM\...\Steam App 110800) (Version:  - Team Bondi)
Legionwood: Tale of the Two Swords (HKLM\...\Steam App 461820) (Version:  - Dark Gaia Studios)
LEGO® Jurassic World (HKLM\...\Steam App 352400) (Version:  - TT Games Ltd)
Libra of the Vampire Princess (HKLM\...\Steam App 604170) (Version:  - onomatope*)
Loading Screen Simulator (HKLM\...\Steam App 652980) (Version:  - CakeEaterGames)
Lost Items (HKLM\...\Steam App 686870) (Version:  - ZoR Dev)
Malwarebytes version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
Manhunt 2 (HKLM-x32\...\Manhunt 2) (Version: 1.0 - Rockstar Games)
Mass Effect (HKLM\...\Steam App 17460) (Version:  - BioWare)
Mass Effect™ 2 (HKLM-x32\...\{75D84EF7-0D8C-4e70-B3FA-7B42A5D4E0EB}) (Version: 1.2.1604.0 - Electronic Arts)
Mass Effect™ 3 (HKLM-x32\...\{534A31BD-20F4-46b0-85CE-09778379663C}) (Version: 1.05.0.0 - Electronic Arts)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.3.6917.0607 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Minecraft: Story Mode - A Telltale Games Series (HKLM-x32\...\Steam App 376870) (Version:  - Telltale Games)
Minecraft: Story Mode - Season Two (HKLM\...\Steam App 639170) (Version:  - Telltale Games)
Mozilla Firefox 54.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 54.0.1 (x86 en-US)) (Version: 54.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 54.0.1.6388 - Mozilla)
MSI Afterburner 4.2.0 (HKLM-x32\...\Afterburner) (Version: 4.2.0 - MSI Co., LTD)
NieR:Automata™ (HKLM\...\Steam App 524220) (Version:  - Square Enix)
NVIDIA 3D Vision Controller Driver 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 384.76 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 384.76 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.7.0.81 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.7.0.81 - NVIDIA Corporation)
NVIDIA Graphics Driver 384.76 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 384.76 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.27 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
NVIDIA PhysX v8.09.04 (HKLM-x32\...\{A7E07C2B-2220-4415-87E3-784D5814BC93}) (Version: 8.09.04 - NVIDIA Corporation)
NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.7.0.81 - NVIDIA Corporation) Hidden
NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.6.1.0 - NVIDIA Corporation) Hidden
NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenCL™ runtime for Intel® Core™ and Xeon® Processors (HKLM\...\{1F6CF248-9A18-4740-BD09-281DBC8A2051}) (Version: 6.4.0.25 - Intel Corporation)
Oracle VM VirtualBox 5.0.18 (HKLM\...\{4D4859BB-681D-45A1-81C8-520B382D3034}) (Version: 5.0.18 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.4.17.36908 - Electronic Arts, Inc.)
ORION: Prelude (HKLM\...\Steam App 104900) (Version:  - Trek Industries, Inc)
Passpartout: The Starving Artist (HKLM\...\Steam App 582550) (Version:  - Flamebait Games)
Peggle (HKLM-x32\...\{715AD72D-887A-459E-988B-D4F3E87FA24B}) (Version: 1.04.0.0 - PopCap Games)
Pixel Puzzles 2: Birds (HKLM\...\Steam App 344230) (Version:  - Decaying Logic)
Pixel Puzzles 2: RADical ROACH (HKLM\...\Steam App 504880) (Version:  - Decaying Logic)
Pixel Puzzles Ultimate (HKLM\...\Steam App 351030) (Version:  - Decaying Logic)
Pretty Girls Mahjong Solitaire (HKLM\...\Steam App 393980) (Version:  - Zoo Corporation)
Prey (HKLM\...\Steam App 480490) (Version:  - Arkane Studios)
Prince of Persia Sands of Time (HKLM-x32\...\Uplay Install 111) (Version:  - Ubisoft)
PS3 Media Server (HKLM-x32\...\PS3 Media Server) (Version: 1.90.1 - PS3 Media Server)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
ReadySHARE Vault (HKLM-x32\...\ReadySHARE Vault) (Version: 7.0 - Genie9)
Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform)
Replica (HKLM\...\Steam App 496890) (Version:  - Somi)
RESIDENT EVIL 7 biohazard / BIOHAZARD 7 resident evil (HKLM\...\Steam App 418370) (Version:  - CAPCOM Co., Ltd.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Revo Uninstaller Pro 3.1.9 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.9 - VS Revo Group, Ltd.)
RivaTuner Statistics Server 6.4.1 (HKLM-x32\...\RTSS) (Version: 6.4.1 - Unwinder)
Rocksmith 2014 (HKLM\...\Steam App 221680) (Version:  - Ubisoft - San Francisco)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.1.9 - Rockstar Games)
Sakura Clicker (HKLM\...\Steam App 383080) (Version:  - Winged Cloud)
Sepia Tears (HKLM-x32\...\Steam App 429300) (Version:  - Scarlet String Studios)
SES Driver (HKLM\...\{D8CC254C-C671-4664-9A38-FA368D1E2C97}) (Version: 1.0.0 - Western Digital)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0380 - NVIDIA Corporation) Hidden
Skype™ 7.35 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.35.103 - Skype Technologies S.A.)
Sound Blaster Recon3Di (HKLM-x32\...\{21F86C35-1E37-4E50-90D5-5E61E39003DA}) (Version: 1.04.00 - Creative Technology Limited)
Sound Blaster Recon3Di Extras (HKLM-x32\...\{536BDBFC-CA1A-4AC0-A8EB-BB2D0F1F522E}) (Version: 1.0 - Creative Technology Limited)
South Park™: The Stick of Truth™ (HKLM-x32\...\Steam App 213670) (Version:  - Obsidian Entertainment)
Speccy (HKLM\...\Speccy) (Version: 1.29 - Piriform)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
STEINS;GATE (HKLM\...\Steam App 412830) (Version:  - MAGES.INC.)
System Goose Overload (HKLM\...\Steam App 672000) (Version:  - Joseph Calabro)
System Requirements Lab Detection (HKLM-x32\...\{CC285F00-7097-4A2C-B612-CA2F2E94A981}) (Version: 6.1.6.0 - Husdawg, LLC)
Tap Tap Infinity (HKLM\...\Steam App 380360) (Version:  - Scary Bee LLC)
Terraria (HKLM\...\Steam App 105600) (Version:  - Re-Logic)
The Elder Scrolls Online (HKLM-x32\...\The Elder Scrolls Online) (Version: 1.0.0.0 - Zenimax Online Studios)
The Elder Scrolls Online: Tamriel Unlimited (HKLM-x32\...\Steam App 306130) (Version:  - Zenimax Online Studios)
The End o,,,o (HKLM\...\Steam App 509880) (Version:  - xrrawva)
The Expendabros (HKLM\...\Steam App 312990) (Version:  - Free Lives)
The Fastest Mouse Clicker version 1.5.1.1 (HKCU\...\The Fastest Mouse Clicker_is1) (Version: 1.5.1.1 - Open Source Developer Masha Novedad (twitter.com/WIN_2048_CLUB))
The Forgotten Ones (HKLM-x32\...\Steam App 314280) (Version:  - Bernt Andreas Eide)
The Initiate (HKLM\...\Steam App 659480) (Version:  - Deceptive Games Ltd.)
The Last Weekend (HKLM\...\Steam App 509800) (Version:  - KEXBOY)
The Legend of Heroes: Trails in the Sky (HKLM\...\Steam App 251150) (Version:  - Nihon Falcom)
The Long Journey Home (HKLM\...\Steam App 366910) (Version:  - Daedalic Studio West)
The Monster Inside (HKLM\...\Steam App 665490) (Version:  - Random Seed Games)
The Quest for Achievements (HKLM\...\Steam App 602940) (Version:  - StarSystemStudios™)
The Sad Story of Emmeline Burns (HKLM-x32\...\Steam App 429940) (Version:  - ebi-hime)
The Walking Dead (HKLM\...\Steam App 207610) (Version:  - Telltale Games)
The Walking Dead: A New Frontier (HKLM\...\Steam App 536220) (Version:  - Telltale Games)
The Walking Dead: Michonne (HKLM\...\Steam App 429570) (Version:  - Telltale Games)
The Walking Dead: Season Two (HKLM\...\Steam App 261030) (Version:  - Telltale Games)
The Witcher 3: Wild Hunt (HKLM-x32\...\Steam App 292030) (Version:  - CD PROJEKT RED)
Thunderbolt™ Software (HKLM-x32\...\{87A31923-8F18-4943-8093-17DBEE0101B7}) (Version: 16.3.61.275 - Intel Corporation)
Trick and Treat - Visual Novel (HKLM\...\Steam App 555210) (Version:  - Eternal Night Studios)
True or False (HKLM\...\Steam App 521340) (Version:  - Vladimir Maslov)
Universal Media Server (HKLM-x32\...\Universal Media Server) (Version: 6.5.1 - Universal Media Server)
Universe Sandbox ² (HKLM\...\Steam App 230290) (Version:  - Giant Army)
Uplay (HKLM-x32\...\Uplay) (Version: 14.0 - Ubisoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.5.1 (HKLM\...\VulkanRT1.0.5.1) (Version: 1.0.5.1 - LunarG, Inc.)
Watch_Dogs (HKLM-x32\...\Steam App 243470) (Version:  - Ubisoft)
Watch_Dogs 2 (HKLM\...\Steam App 447040) (Version:  - Ubisoft)
WinAntiRansom (HKLM-x32\...\{D7C29DFD-DD4C-4C58-B79F-E2B576142AF8}) (Version: 2016.2.365 - WinPatrol)
Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation)
Windows Driver Package - Western Digital Technologies (WDC_SAM) WDC_SAM  (03/06/2009 1.0.0008.0) (HKLM\...\422991454CB076E9B856C21BBF99AF2B82317EDA) (Version: 03/06/2009 1.0.0008.0 - Western Digital Technologies)
WinPatrol (HKLM-x32\...\{6A206A04-6BC1-411B-AA04-4E52EDEEADF2}) (Version: 35.5.2017.8 - Ruiware)
WinPrivacy (HKLM-x32\...\{18605281-BFFE-4968-9B86-05322D5FBB33}) (Version: 2016.2.851 - WinPatrol)
WinRAR 5.30 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
Yahoo Search Set (HKLM-x32\...\Yahoo! SearchSet) (Version:  - Yahoo Inc.)
Yonder: The Cloud Catcher Chronicles (HKLM\...\Steam App 580200) (Version:  - Prideful Sloth)
Zero Escape: The Nonary Games (HKLM\...\Steam App 477740) (Version:  - Spike Chunsoft Co., Ltd.)
Zumas Revenge (HKLM-x32\...\{0B153CAB-792B-4CA2-B2A5-AB0BBAF2FFA9}) (Version: 1.0.5.600 - PopCap Games)

========================= Memory info: ===================================

Percentage of memory in use: 44%
Total physical RAM: 32727.38 MB
Available physical RAM: 18049.25 MB
Total Virtual: 65495.38 MB
Available Virtual: 46496.33 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:2047.51 GB) (Free:909.35 GB) NTFS
2 Drive d: () (Fixed) (Total:447.13 GB) (Free:446.98 GB) NTFS

========================= Users: ========================================

User accounts for \\DESKTOP-SIPDIDA

Administrator            DefaultAccount           Drazala                  
Guest                    


**** End of log ****

 

C:\Users\Administrator\Downloads\ccsetup511.exe    Win32/Bundled.Toolbar.Google.D potentially unsafe application    
C:\Users\Drazala\AppData\Roaming\TheFastestMouseClicker\TheFastestMouseClicker_Updater_1.exe    a variant of Win32/CoinMiner.ABJ trojan    
C:\Users\Drazala\AppData\Roaming\TheFastestMouseClicker\TheFastestMouseClicker_Updater_1a.exe    a variant of Win64/BitCoinMiner.U potentially unsafe application    
C:\Users\Drazala\AppData\Roaming\TheFastestMouseClicker\TheFastestMouseClicker_Updater_1g.exe    a variant of Win64/BitCoinMiner.U potentially unsafe application    
    


    


    





 



#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:58 PM

Posted 13 August 2017 - 08:30 PM

OK rerun ADWcleaner and click clean.


Emsisoft Emergency Kit
 
Please download Emsisoft Emergency Kit and save it to your desktop. Double click on the EmsisoftEmergencyKit file you downloaded to extract its contents and create a shortcut on the desktop. Leave all settings as they are and click the Extract button at the bottom. A folder named EEK will be created in the root of the drive (usually c:\).
  • After extraction please double-click on the new Start Emsisoft Emergency Kit icon on your desktop.
  • The first time you launch it, Emsisoft Emergency Kit will recommend that you allow it to download updates. Please click Yes so that it downloads the latest database updates.
  • When update is complete, click Malware Scan. When asked if you want the scanner to scan for Potentially Unwanted Programs, click Yes. Emsisoft Emergency Kit will start scanning.
  • When the scan is completed click Quarantine selected objects. Note, this option is only available if malicious objects were detected during the scan.
  • When the threats have been quarantined, click the View report button in the lower-right corner, and the scan log will be opened in Notepad.
  • Please save the log in Notepad on your desktop and post the contents in your next reply.
  • When you close Emsisoft Emergency Kit, it will give you an option to sign up for a newsletter. This is optional, and is not necessary for the malware removal process.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#10 Drazala

Drazala
  • Topic Starter

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Local time:07:58 PM

Posted 16 August 2017 - 01:00 PM

I apologize for the delay. Here is my EMSIsoft log.

 

 

 

Emsisoft Emergency Kit - Version 2017.6
Last update: 8/16/2017 12:27:47 PM
User account: DESKTOP-SIPDIDA\Drazala
Computer name: DESKTOP-SIPDIDA
OS version: Windows 10x64

Scan settings:

Scan type: Malware Scan
Objects: Rootkits, Memory, Traces, Files

Detect PUPs: On
Scan archives: Off
Scan mail archives: Off
ADS Scan: On
File extension filter: Off
Direct disk access: Off

Scan start:    8/16/2017 12:28:19 PM
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\PROTECTOR_DLL.PROTECTORBHO     detected: Application.AdReg (A) [272387]
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\PROTECTOR_DLL.PROTECTORBHO.1     detected: Application.AdReg (A) [272388]
C:\Users\Drazala\AppData\Roaming\TheFastestMouseClicker\TheFastestMouseClicker_Updater_1g.exe     detected: Trojan.Generic.20217947 (B) [krnl.xmd]
C:\Users\Drazala\AppData\Roaming\TheFastestMouseClicker\TheFastestMouseClicker_Updater_1.exe     detected: Trojan.Generic.21755840 (B) [krnl.xmd]


Scanned    85585
Found    4

Scan end:    8/16/2017 12:35:20 PM
Scan time:    0:07:01
 



#11 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:58 PM

Posted 16 August 2017 - 04:10 PM

Place a checkmark before everything, then choose Quarantine Selected.
If Emsisoft Emergency Kit asks to reboot, please do so immediately.
The scan log is located in Logs -> Scan Logs. Click on the entry of the latest scan, choose Export and save the report on your Desktop.


Reststart and see how it is.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#12 Drazala

Drazala
  • Topic Starter

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Local time:07:58 PM

Posted 17 August 2017 - 09:47 PM

Nothing is showing up now.

 

Emsisoft Emergency Kit - Version 2017.6
Last update: 8/16/2017 12:27:47 PM
User account: DESKTOP-SIPDIDA\Drazala
Computer name: DESKTOP-SIPDIDA
OS version: Windows 10x64

Scan settings:

Scan type: Malware Scan
Objects: Rootkits, Memory, Traces, Files

Detect PUPs: On
Scan archives: Off
Scan mail archives: Off
ADS Scan: On
File extension filter: Off
Direct disk access: Off

Scan start:    8/17/2017 9:11:22 PM
Scanned    85952
Found       0

Scan end:    8/17/2017 9:16:36 PM
Scan time:    0:05:14
 


Edited by Drazala, 17 August 2017 - 09:48 PM.


#13 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:58 PM

Posted 18 August 2017 - 10:04 AM

Ok.. How is it now?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#14 Drazala

Drazala
  • Topic Starter

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Local time:07:58 PM

Posted 19 August 2017 - 08:59 PM

It works fine now. Thank you. The program windows are no longer freezing when I interact with another window.


Edited by Drazala, 19 August 2017 - 09:00 PM.


#15 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:58 PM

Posted 20 August 2017 - 08:11 PM

Great !! thanks for coming by.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users