Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Many Startup items and bogged down


  • This topic is locked This topic is locked
12 replies to this topic

#1 jf3000

jf3000

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:35 AM

Posted 06 June 2013 - 04:50 AM

DDS

====

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16576  BrowserJavaVersion: 10.21.2
Run by Crawford at 19:46:15 on 2013-06-06
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.61.1033.18.8153.5974 [GMT 10:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\Dwm.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe
C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe
C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe
C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr64.exe
C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Users\Crawford\Downloads\Wra4Skype(1).exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\SysWOW64\msra.exe
C:\Windows\system32\msra.exe
C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
C:\Windows\system32\notepad.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2612669
uURLSearchHooks: UrlSearchHook Class: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
uURLSearchHooks: SearchHook Class: {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll
uURLSearchHooks: IMVU Inc Toolbar: {90b49673-5506-483e-b92b-ca0265bd9ca8} - C:\Program Files (x86)\IMVU_Inc\prxtbIMV0.dll
uURLSearchHooks: YTNavAssistPlugin Class: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll
mURLSearchHooks: IMVU Inc Toolbar: {90b49673-5506-483e-b92b-ca0265bd9ca8} - C:\Program Files (x86)\IMVU_Inc\prxtbIMV0.dll
mWinlogon: Userinit = userinit.exe
BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll
BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll
BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: IMVU Inc Toolbar: {90b49673-5506-483e-b92b-ca0265bd9ca8} - C:\Program Files (x86)\IMVU_Inc\prxtbIMV0.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
TB: IMVU Inc Toolbar: {90B49673-5506-483E-B92B-CA0265BD9CA8} - C:\Program Files (x86)\IMVU_Inc\prxtbIMV0.dll
TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
TB: IMVU Inc Toolbar: {90b49673-5506-483e-b92b-ca0265bd9ca8} - C:\Program Files (x86)\IMVU_Inc\prxtbIMV0.dll
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll
TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
mRun: [TaskTray] <no file>
mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Users\Crawford\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk
TCP: NameServer = 192.168.2.1
TCP: Interfaces\{8C57ED85-218D-4B03-9C2C-4A1826498EF0} : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{92090B74-D502-40B3-9E3B-71B4558927D9} : DHCPNameServer = 192.168.2.1
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Crawford\AppData\Roaming\Mozilla\Firefox\Profiles\7yrczv19.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2612669&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - IMVU Inc Customized Web Search
FF - prefs.js: browser.startup.homepage - www.google.com
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?octid=CT2612669&ctid=CT2612669&SearchSource=2&CUI=UN33469839415034749&UM=1&sspv=TB_TO&q=
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\2.1.4\npesnlaunch.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMSS.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll
FF - plugin: C:\Users\Crawford\AppData\Roaming\Mozilla\Firefox\Profiles\7yrczv19.default\extensions\{90b49673-5506-483e-b92b-ca0265bd9ca8}\plugins\np-mswmp.dll
FF - plugin: C:\Users\Crawford\AppData\Roaming\Mozilla\Firefox\Profiles\7yrczv19.default\extensions\{90b49673-5506-483e-b92b-ca0265bd9ca8}\plugins\npConduitFirefoxPlugin.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_75.dll
FF - ExtSQL: 2013-05-05 06:34; toolbar@ask.com; C:\Users\Crawford\AppData\Roaming\Mozilla\Firefox\Profiles\7yrczv19.default\extensions\toolbar@ask.com
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
============= SERVICES / DRIVERS ===============
.
R0 amd_sata;amd_sata;C:\Windows\System32\drivers\amd_sata.sys [2011-10-25 77952]
R0 amd_xata;amd_xata;C:\Windows\System32\drivers\amd_xata.sys [2011-10-25 37504]
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-1-20 230320]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-9-9 204288]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-9-8 361984]
R2 AODDriver4.01;AODDriver4.01;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2011-6-24 55424]
R2 asComSvc;ASUS Com Service;C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe [2011-10-26 922240]
R2 asHmComSvc;ASUS HM Com Service;C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe [2011-10-26 915584]
R2 AsSysCtrlService;ASUS System Control Service;C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [2011-10-26 586880]
R2 BCUService;Browser Configuration Utility Service;C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe [2009-10-26 223464]
R2 DTSAudioService;DTSAudioService;C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe [2011-10-26 210024]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2011-4-27 130008]
R2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-1-18 450848]
R3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2011-10-25 46136]
R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\System32\drivers\asmthub3.sys [2011-9-14 129000]
R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\System32\drivers\asmtxhci.sys [2011-9-14 394216]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2011-10-25 231440]
R3 CompFilter64;UVCCompositeFilter;C:\Windows\System32\drivers\lvbflt64.sys [2012-1-18 25632]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;C:\Windows\System32\drivers\LGBusEnum.sys [2009-11-24 22408]
R3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver;C:\Windows\System32\drivers\LGSHidFilt.Sys [2012-10-3 66360]
R3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2012-1-18 351136]
R3 LVUVC64;Logitech HD Pro Webcam C910(UVC);C:\Windows\System32\drivers\LVUVC64.sys [2011-8-19 4865568]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-1-27 379360]
R3 PlantronicsGC;PLTGC Interface;C:\Windows\System32\drivers\PLTGC.sys [2012-9-15 1327104]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-6-10 539240]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2011-10-26 47232]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 BEService;BattlEye Service;C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2013-6-2 49152]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2013-2-6 102936]
S3 FsUsbExDisk;FsUsbExDisk;C:\Windows\SysWOW64\FsUsbExDisk.Sys [2013-2-23 37344]
S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [2011-10-25 130976]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;C:\Windows\System32\drivers\LGVirHid.sys [2009-11-24 16008]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [2013-2-6 235216]
S3 RTL8192su;%RTL8192su.DeviceDesc.DispName%;C:\Windows\System32\drivers\RTL8192su.sys [2010-1-6 676864]
S3 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-5-14 3289208]
S3 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-2-28 161384]
S3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2013-2-6 203544]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-9-28 53760]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-10-26 1255736]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
.
=============== Created Last 30 ================
.
2013-06-06 09:37:02    --------    d-----w-    C:\Program Files (x86)\CodeStuff
2013-06-06 09:23:13    --------    d-----w-    C:\Users\Crawford\AppData\Roaming\Malwarebytes
2013-06-06 09:22:17    --------    d-----w-    C:\ProgramData\Malwarebytes
2013-06-06 09:22:16    25928    ----a-w-    C:\Windows\System32\drivers\mbam.sys
2013-06-06 09:22:15    --------    d-----w-    C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-06-06 09:22:00    --------    d-----w-    C:\Users\Crawford\AppData\Local\Programs
2013-06-06 04:12:34    9460464    ----a-w-    C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7D7B1166-516F-4976-87DD-595F51AA0183}\mpengine.dll
2013-06-05 04:22:54    --------    d-----w-    C:\Users\Crawford\AppData\Local\ArmA 2
2013-06-04 05:12:15    9460464    ------w-    C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-06-02 06:26:24    --------    d-----w-    C:\Program Files (x86)\Common Files\BattlEye
2013-06-02 06:23:03    --------    d-----w-    C:\ProgramData\Bohemia Interactive Studio
2013-06-02 06:22:31    159744    ----a-w-    C:\Program Files\Internet Explorer\Plugins\npqtplugin5.dll
2013-06-02 06:22:31    159744    ----a-w-    C:\Program Files\Internet Explorer\Plugins\npqtplugin4.dll
2013-06-02 06:22:31    159744    ----a-w-    C:\Program Files\Internet Explorer\Plugins\npqtplugin3.dll
2013-06-02 06:22:31    159744    ----a-w-    C:\Program Files\Internet Explorer\Plugins\npqtplugin2.dll
2013-06-02 06:22:31    159744    ----a-w-    C:\Program Files\Internet Explorer\Plugins\npqtplugin.dll
2013-06-02 06:22:31    159744    ----a-w-    C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
2013-06-02 06:22:31    159744    ----a-w-    C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
2013-06-02 06:22:31    159744    ----a-w-    C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
2013-06-02 06:22:31    159744    ----a-w-    C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
2013-06-02 06:22:31    159744    ----a-w-    C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
2013-06-02 01:17:50    --------    d-----w-    C:\Users\Crawford\AppData\Local\ArmA 2 OA
2013-06-02 01:05:22    --------    d-----w-    C:\Users\Crawford\AppData\Local\DayZCommander
2013-06-02 01:04:40    --------    d-----w-    C:\Program Files (x86)\Dotjosh Studios
2013-06-02 00:17:25    --------    d-----w-    C:\Program Files (x86)\Bohemia Interactive
2013-06-01 14:34:39    --------    d-----w-    C:\Users\Crawford\AppData\Local\DDMSettings
2013-05-26 23:25:12    --------    d-----w-    C:\Program Files (x86)\Battlelog Web Plugins
2013-05-26 22:50:05    --------    d-----w-    C:\Users\Crawford\AppData\Local\Origin
2013-05-26 22:47:06    --------    d-----w-    C:\Program Files (x86)\Origin
2013-05-26 22:29:48    --------    d-----w-    C:\Users\Crawford\AppData\Local\ESN
2013-05-21 11:16:55    964552    ------w-    C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0C84883F-A0BD-4126-ADBA-AFF19A5B0094}\gapaengine.dll
2013-05-15 04:19:08    983400    ----a-w-    C:\Windows\System32\drivers\dxgkrnl.sys
2013-05-15 04:19:07    265064    ----a-w-    C:\Windows\System32\drivers\dxgmms1.sys
2013-05-15 04:19:07    144384    ----a-w-    C:\Windows\System32\cdd.dll
2013-05-15 04:19:00    1930752    ----a-w-    C:\Windows\System32\authui.dll
2013-05-15 04:18:59    70144    ----a-w-    C:\Windows\System32\appinfo.dll
2013-05-15 04:18:59    1796096    ----a-w-    C:\Windows\SysWow64\authui.dll
2013-05-15 04:18:59    111448    ----a-w-    C:\Windows\System32\consent.exe
2013-05-15 04:18:47    3153920    ----a-w-    C:\Windows\System32\win32k.sys
2013-05-14 03:31:10    6128760    ----a-w-    C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
2013-05-14 03:31:10    6128760    ----a-w-    C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
2013-05-10 07:57:26    187456    ----a-w-    C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll
.
==================== Find3M  ====================
.
2013-06-05 07:25:06    71048    ----a-w-    C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-05 07:25:06    692104    ----a-w-    C:\Windows\SysWow64\FlashPlayerApp.exe
2013-06-04 08:18:08    291088    ----a-w-    C:\Windows\SysWow64\PnkBstrB.xtr
2013-06-04 08:18:08    291088    ----a-w-    C:\Windows\SysWow64\PnkBstrB.exe
2013-06-04 08:17:52    280904    ----a-w-    C:\Windows\SysWow64\PnkBstrB.ex0
2013-05-27 00:00:12    76888    ----a-w-    C:\Windows\SysWow64\PnkBstrA.exe
2013-05-02 15:29:56    278800    ------w-    C:\Windows\System32\MpSigStub.exe
2013-04-30 17:59:12    94208    ----a-w-    C:\Windows\SysWow64\QuickTimeVR.qtx
2013-04-30 17:59:12    69632    ----a-w-    C:\Windows\SysWow64\QuickTime.qts
2013-04-30 01:38:01    9728    ---ha-w-    C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-04-12 14:45:08    1656680    ----a-w-    C:\Windows\System32\drivers\ntfs.sys
2013-04-05 06:52:14    2242048    ----a-w-    C:\Windows\System32\wininet.dll
2013-04-05 06:50:36    3958784    ----a-w-    C:\Windows\System32\jscript9.dll
2013-04-05 06:50:31    67072    ----a-w-    C:\Windows\System32\iesetup.dll
2013-04-05 06:50:31    136704    ----a-w-    C:\Windows\System32\iesysprep.dll
2013-04-05 05:28:24    1767424    ----a-w-    C:\Windows\SysWow64\wininet.dll
2013-04-05 05:26:26    2877440    ----a-w-    C:\Windows\SysWow64\jscript9.dll
2013-04-05 05:26:21    61440    ----a-w-    C:\Windows\SysWow64\iesetup.dll
2013-04-05 05:26:21    109056    ----a-w-    C:\Windows\SysWow64\iesysprep.dll
2013-04-05 04:43:00    2706432    ----a-w-    C:\Windows\System32\mshtml.tlb
2013-04-05 04:29:45    2706432    ----a-w-    C:\Windows\SysWow64\mshtml.tlb
2013-04-05 03:51:11    89600    ----a-w-    C:\Windows\System32\RegisterIEPKEYs.exe
2013-04-05 03:38:25    71680    ----a-w-    C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-04-03 19:35:05    95648    ----a-w-    C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-03-23 01:09:28    354656    ----a-w-    C:\Windows\SysWow64\DivXControlPanelApplet.cpl
2013-03-19 06:04:06    5550424    ----a-w-    C:\Windows\System32\ntoskrnl.exe
2013-03-19 05:46:56    43520    ----a-w-    C:\Windows\System32\csrsrv.dll
2013-03-19 05:04:13    3968856    ----a-w-    C:\Windows\SysWow64\ntkrnlpa.exe
2013-03-19 05:04:10    3913560    ----a-w-    C:\Windows\SysWow64\ntoskrnl.exe
2013-03-19 04:47:50    6656    ----a-w-    C:\Windows\SysWow64\apisetschema.dll
2013-03-19 03:06:33    112640    ----a-w-    C:\Windows\System32\smss.exe
2013-03-12 12:10:14    18960    ----a-w-    C:\Windows\System32\drivers\LNonPnP.sys
.
============= FINISH: 19:46:59.40 ===============
 

Attach

=====

 

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 25/10/2011 3:45:11 PM
System Uptime: 6/06/2013 1:59:59 PM (6 hours ago)
.
Motherboard: ASUSTeK Computer INC. |  | M5A99X EVO
Processor: AMD Phenom™ II X6 1055T Processor | AM3r2 | 784/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 931 GiB total, 392.901 GiB free.
D: is CDROM (CDFS)
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP219: 15/05/2013 2:40:49 PM - Windows Update
RP220: 19/05/2013 8:13:59 AM - Windows Update
RP221: 23/05/2013 6:46:37 AM - Windows Update
RP222: 26/05/2013 8:12:45 AM - Windows Update
RP223: 27/05/2013 9:17:59 AM - Installed DirectX
RP224: 30/05/2013 8:14:04 AM - Windows Update
RP225: 2/06/2013 10:31:37 AM - Installed DirectX
RP226: 2/06/2013 10:54:00 AM - Installed DirectX
RP227: 2/06/2013 11:04:32 AM - Installed DayZ Commander
RP228: 2/06/2013 1:13:46 PM - Windows Update
RP229: 2/06/2013 4:21:21 PM - Installed QuickTime
RP230: 6/06/2013 2:12:06 PM - Windows Update
.
==== Installed Programs ======================
.
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.7)
AI Suite II
Aliens: Colonial Marines
AMD APP SDK Runtime
AMD AVIVO64 Codecs
AMD Catalyst Install Manager
AMD Drag and Drop Transcoding
AMD Fuel
AMD Media Foundation Decoders
AMD VISION Engine Control Center
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ARMA 2 Operation Arrowhead Uninstall
ArmA 2 Uninstall
Ask Toolbar
Ask Toolbar Updater
Asmedia ASM104x USB 3.0 Host Controller Driver
Assassin's Creed III 1.01
Battlefield 3™
Battlelog Web Plugins
BattlEye for OA Uninstall
BattlEye Uninstall
Belkin Connect Wireless USB Adapter
BioShock Infinite
Bonjour
Browser Configuration Utility
CameraHelperMsi
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
ccc-utility64
CCC Help English
CCleaner
Codec Pack - All In 1 6.0.3.0
CodeStuff Starter
Creation Kit
Crysis®3
Curse Client
D3DX10
DayZ Commander
Diablo III
DivX Setup
Driver Genius Professional Edition
erLT
ESN Sonar
Evochron Mercenary
Far Cry 3
FileHippo.com Update Checker
Futuremark SystemInfo
GIMP 2.8.2
Google Chrome
Google Earth Plug-in
Google Update Helper
Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678)
HydraVision
iCloud
IMVU Avatar Chat Software
IMVU Inc Toolbar
iTunes
Java 7 Update 21
Java Auto Updater
JMicron JMB36X Driver
LG CyberLink LabelPrint
LG CyberLink Power2Go
LG CyberLink PowerBackup
LG Power Tools
Logitech Gaming Software 8.40
Logitech Webcam Software
LWS Facebook
LWS Gallery
LWS Help_main
LWS Launcher
LWS Motion Detection
LWS Pictures And Video
LWS Twitter
LWS Video Mask Maker
LWS VideoEffects
LWS Webcam Software
LWS WLM Plugin
LWS YouTube Plugin
Malwarebytes Anti-Malware version 1.75.0.1300
McAfee Security Scan Plus
Media Player Classic - Home Cinema v1.5.1.2903
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft IntelliPoint 8.2
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Mozilla Firefox 19.0 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MyFreeCodec
Nexus Mod Manager
Origin
Plantronics® GameCom 780 Software for Dolby® Headphone
PunkBuster Services
QuickTime
Realtek Ethernet Controller Driver
Realtek HDMI Audio Driver for ATI
Realtek High Definition Audio Driver
Saints Row: The Third
Samsung Kies
SAMSUNG USB Driver for Mobile Phones
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Skype Click to Call
Skype™ 6.3
SkyRemote 1.6.0.0
SPORE™
StarCraft II
Steam
The Elder Scrolls V: Skyrim
Total Commander (Remove or Repair)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Uplay
VC80CRTRedist - 8.0.50727.6195
Ventrilo Client
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Messenger
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
WinRAR 4.00 (32-bit)
World of Warcraft
Xvid 1.2.2 final uninstall
Yahoo! Software Update
Yahoo! Toolbar
Yahoo!7 Messenger
.
==== Event Viewer Messages From Past Week ========
.
6/06/2013 2:00:42 PM, Error: Service Control Manager [7024]  - The HomeGroup Listener service terminated with service-specific error %%-2147023143.
1/06/2013 3:27:49 PM, Error: Service Control Manager [7034]  - The iPod Service service terminated unexpectedly.  It has done this 1 time(s).
1/06/2013 3:27:33 PM, Error: Service Control Manager [7034]  - The Adobe Acrobat Update Service service terminated unexpectedly.  It has done this 1 time(s).
1/06/2013 3:27:28 PM, Error: Service Control Manager [7031]  - The Apple Mobile Device service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
.
==== End Of File ===========================
 

 



BC AdBot (Login to Remove)

 


#2 jf3000

jf3000
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:35 AM

Posted 08 June 2013 - 03:03 AM

Can anyone assist me with this please?



#3 nasdaq

nasdaq

  • Malware Response Team
  • 40,456 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:03:35 PM

Posted 09 June 2013 - 10:07 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.
===

Search and delete the AdWare, PUP (Potentially Unwanted Program) installed on your computer.

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete tab follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Rn].txt (n is a number).
===

thisisujrt.gif Please download
Junkware Removal Tool to your Desktop.
  • Please close your security software to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click it and select Run as administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete, depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your Desktop and will automatically open.
  • Please post the contents of JRT.txt into your reply.
===

Please download ComboFix from any of the links below, and save it to your desktop. For information regarding this download, please visit this web page: http://www.bleepingcomputer.com/combofix/how-to-use-combofix
Link 1
Link 2

IMPORTANT !!! Save ComboFix.exe to your Desktop

1. Close any open browsers.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
3. Do not install any other programs until this if fixed.


How to : Disable Anti-virus and Firewall...
http://www.bleepingcomputer.com/forums/topic114351.html

Double click on ComboFix.exe and follow the prompts.
  • When finished, it will produce a report for you.
  • Please post the C:\ComboFix.txt
Note: Do not mouse click ComboFix's window while it's running. That may cause it to stall

Note: If you have difficulty properly disabling your protective programs, refer to this link --> http://www.bleepingcomputer.com/forums/topic114351.html

Note: If after running ComboFix you get this error message "Illegal operation attempted on a registry key that has been marked for deletion." when attempting to run a program all you need to do is restart the computer to reset the registry.
===

Third party programs if not up to date can be the cause of infiltration an infection.

Please run this security check for my review.

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
===

Please paste the logs in your next reply DO NOT ATTACH THEM.
Let me know what problem persists.

#4 jf3000

jf3000
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:35 AM

Posted 10 June 2013 - 08:54 PM

I had issues with the ComboFix file since it was telling me that certain Microsoft applications were running like essentials, even though I thought I had deleted that application.

 

The Security Check said unsupported operating system.

 

Am also running Windows 7 - 64bit

 

# AdwCleaner v2.303 - Logfile created 06/11/2013 at 11:16:56
# Updated 08/06/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Crawford - FROSTY2001
# Boot Mode : Normal
# Running from : C:\Users\Crawford\Desktop\Frosty\Frosty\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

File Found : C:\END
File Found : C:\Users\Crawford\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage
File Found : C:\Users\Crawford\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage-journal
File Found : C:\Users\Crawford\AppData\Roaming\Mozilla\Firefox\Profiles\7yrczv19.default\searchplugins\Askcom.xml
Folder Found : C:\Program Files (x86)\Conduit
Folder Found : C:\Program Files (x86)\IMVU_Inc
Folder Found : C:\ProgramData\Ask
Folder Found : C:\ProgramData\boost_interprocess
Folder Found : C:\Users\Crawford\AppData\Local\Conduit
Folder Found : C:\Users\Crawford\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcfjehbfanfhgoehogmbiebedkidedjb
Folder Found : C:\Users\Crawford\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcfjehbfanfhgoehogmbiebedkidedjb
Folder Found : C:\Users\Crawford\AppData\Local\Temp\CT2612669
Folder Found : C:\Users\Crawford\AppData\LocalLow\boost_interprocess
Folder Found : C:\Users\Crawford\AppData\LocalLow\Conduit
Folder Found : C:\Users\Crawford\AppData\LocalLow\IMVU_Inc
Folder Found : C:\Users\Crawford\AppData\LocalLow\PriceGong
Folder Found : C:\Users\Crawford\AppData\Roaming\Mozilla\Firefox\Profiles\7yrczv19.default\ConduitCommon
Folder Found : C:\Users\Crawford\AppData\Roaming\Mozilla\Firefox\Profiles\7yrczv19.default\CT2612669
Folder Found : C:\Users\Crawford\AppData\Roaming\Mozilla\Firefox\Profiles\7yrczv19.default\extensions\{90b49673-5506-483e-b92b-ca0265bd9ca8}
Folder Found : C:\Users\Crawford\AppData\Roaming\Mozilla\Firefox\Profiles\7yrczv19.default\Smartbar

***** [Registry] *****

Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Found : HKCU\Software\AppDataLow\Software\IMVU_Inc
Key Found : HKCU\Software\AppDataLow\Software\PriceGong
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\AppDataLow\Toolbar
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Google\Chrome\Extensions\bcfjehbfanfhgoehogmbiebedkidedjb
Key Found : HKCU\Software\Google\Chrome\Extensions\bcfjehbfanfhgoehogmbiebedkidedjb
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{90B49673-5506-483E-B92B-CA0265BD9CA8}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{90B49673-5506-483E-B92B-CA0265BD9CA8}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Found : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2612669
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\IMVU_Inc
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A19F5EBF-E163-4D4F-B7BD-33149BF756CC}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{90B49673-5506-483E-B92B-CA0265BD9CA8}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A19F5EBF-E163-4D4F-B7BD-33149BF756CC}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\bcfjehbfanfhgoehogmbiebedkidedjb
Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\bcfjehbfanfhgoehogmbiebedkidedjb
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4F4E35B3-55FC-4A36-962A-BF8AD3A87D3A}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5D7CDB03-580F-4553-A0CD-36AE8254562B}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\IMVU_Inc Toolbar
Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApnUpdater
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{90B49673-5506-483E-B92B-CA0265BD9CA8}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{90B49673-5506-483E-B92B-CA0265BD9CA8}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{90B49673-5506-483E-B92B-CA0265BD9CA8}]

***** [Internet Browsers] *****

-\\ Internet Explorer v10.0.9200.16576

[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.conduit.com?SearchSource=10&ctid=CT2612669

-\\ Mozilla Firefox v19.0 (en-US)

File : C:\Users\Crawford\AppData\Roaming\Mozilla\Firefox\Profiles\7yrczv19.default\prefs.js

Found : user_pref("CT2612669..clientLogIsEnabled", true);
Found : user_pref("CT2612669..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Found : user_pref("CT2612669..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Found : user_pref("CT2612669./9b+7e+x305", "JH4nQTM0NjN5RTo9KnIseXp+ejEoMztNR0VJSExZUllLM15TVkMsRTM0ODNKQUxU[...]
Found : user_pref("CT2612669./9b+7e,x305", "JH4oQS8/Pjd5RTo9KnIseXt4fTEoMzxHSEAsV0xPPCU+LC4rL0M6RU5ZUFtXZ2pm[...]
Found : user_pref("CT2612669./9b+7e-x305", "JH4pNjA8NjZ5RTo9KnIseXogezEoMz1GK1VKTUtHSVlNM1NdT0MsRTM0OTRKQUxW[...]
Found : user_pref("CT2612669./9b+7e/x305", "JH4rQTU2MnhEOTwpcSt4fHt3MCcyPkxDQ1NOLVhbPCU+LDAuNEM6RVFYYmleZ1pB[...]
Found : user_pref("CT2612669./9b+7e06cg5el8:", "bm1ubm1tcnJueA==");
Found : user_pref("CT2612669./9b+7e06cg5el;8i:k", "JH4tLyJqdHN0dHNzeHh0fiQvS0lHT0I1fV1cPQ==");
Found : user_pref("CT2612669./9b+7e0x305", "JH4sQDpAd0M4OyhwKnd8dX0vJjE+QSlVR0hNUVpOWlkyXVJVQitEMjcwN0lAS1he[...]
Found : user_pref("CT2612669./9b+7e1x305", "JH4tQTE9QDJ5RTo9KnIsend5fjEoM0FHPkVHRUgvWk9SPyhBMC0vM0Y9SFZiZWhc[...]
Found : user_pref("CT2612669./9b+7e2x305", "JH4uNUIxPT05OntHPD8sdC55IH0yKTRDVlVORy5ZTlEyXk9BKkM1NzIxSD9KWWVf[...]
Found : user_pref("CT2612669./9b+7e3x305", "JH4vQT87NjM/R0Y/fUk+QS52MH4iJCE1LDdHS1lXS0pIWFhOXjdiVzpTXkkySzo9[...]
Found : user_pref("CT2612669./9b+7e4x305", "JH4wLEB2Qjc6J28pd3t0di4lMEE+T0lKUitVVTojPCsvKClBOENUUV5dVmFfVmhc[...]
Found : user_pref("CT2612669./9b+7e5x305", "JH4xNkIrd0M4OyhwKnl1encvJjFDSz1JVkpQWS5ZTjFKVUApQjIuMy9HPklbXVla[...]
Found : user_pref("CT2612669./9b+7e6x305", "JH4yLD4yMjI4RT58SD1ALXUvfnskJDQrNklTVFJZWFpaUFJONmFWWUYvSDg1PTxN[...]
Found : user_pref("CT2612669./9b+7e7x305", "JH4zPSw/Pj95RTo9KnIse3p5ejEoM0dHRURRWVdbUEtQS01eVFVTUzplWl1KM0w8[...]
Found : user_pref("CT2612669./9b+7e8x305", "JH40PT87NTc7PzZ8R0csdC5+eCMyKTRJVlVARy5ZTlE+J0AwMjUzRTxHXFVYY2pl[...]
Found : user_pref("CT2612669./9b+7e9x305", "JH41Myw/MnhEOTwpcSt7dXl5MCcySExPT0RQTEdUWFxQSDRfVFdELUY3MTU0S0JN[...]
Found : user_pref("CT2612669./9b+7e:x305", "JH42Mzs4MnhEOTwpcSt7dnl6MCcySUhVRUQsV0xPPCU+LyotLUM6RVxnVVteP2pf[...]
Found : user_pref("CT2612669./9b+7e;x305", "JH43PzM/NzhCL3tHPD8sdC5+enoiMyo1TUYsV0xPPCU+LysrMUM6RV1jVldcXFpB[...]
Found : user_pref("CT2612669./9b+7e<x305", "JH44NDAwRC9GNkQ3fUk+QS52MCF9JCY1LDdQLk9HRzFcUVRBKkM0MTc4SD9KY19a[...]
Found : user_pref("CT2612669./9b+7e=x305", "JH45MzY/QUE3OTV8SD1ALXUvIH4gIjQrNlBUWVdMVU9RWzRfVFdELUY3Njc4S0JN[...]
Found : user_pref("CT2612669./9b+7e>x305", "JH46QTY/MjI4OHtHPD8sdC5+ICF8Myo1UE9TRkgvWk9SPyhBMjM0L0Y9SGNcXWZi[...]
Found : user_pref("CT2612669./9b+7e?x305", "JH47LS8vM0E0QDo6fUlMLXUvICMgfjQrNlJQTFJJVVJWUlw1YFVYRS5HODs4NkxD[...]
Found : user_pref("CT2612669./9b+7e@x305", "JH48QEIrd0M4OyhwKnt2fngvJjFOUlQ9KlVKLUZRPCU+MCszLEM6RWJnVlFiWWVf[...]
Found : user_pref("CT2612669./9b+7eax305", "JH49PTc4d0M4OyhwKnt6dX4vJjFPT1RKUkBFSFZPWDFcUVRBKkM1NC83SD9KaGRr[...]
Found : user_pref("CT2612669./9b+7ebe3g=;d9n9=d", "NywtMml1di46PHs6OUNKSUhBQ0smUUZJKWVQRlZJZXFzTTNLVw==");
Found : user_pref("CT2612669./9b+7ebx305", "JH4+OTFBMD0zRUA2Mn5KP0IvdzF7fSM1LDdWWUlITk9RUlxOTFVTW1RgWlo+aV5h[...]
Found : user_pref("CT2612669./9b+7ecx305", "JH4/PTAwQzEuekY7PitzLXsgfjEoM1NRVlVRV1pPWExeM15TVkMsRTQ4NklAS2tZ[...]
Found : user_pref("CT2612669./9b+7edx305", "JH5ANUIqNjh5RTo9KnIsfSAvJjFSR1Q8SEosV0wvSFM+J0AyM0M6RWZbaFBcXkBr[...]
Found : user_pref("CT2612669./9b+7etx305", "JH5uLy47MjNCNXtEOStzLXp7e3wyKTQhVkJULVhNUD0mPy0uLi5EO0Y1ZF5maVlc[...]
Found : user_pref("CT2612669./9b-0?3g>d", "Oz5taXBucm96dXdGSCBKfH13JVB6IVQqViUlJlZYWicwWiow");
Found : user_pref("CT2612669./9b-0?3g@6:5;", "AA==");
Found : user_pref("CT2612669./9b-0?3gfa7ef", "Ky4sPQ==");
Found : user_pref("CT2612669./9b-3=3eccja=f>", "JH4zPSxFL0E1J28pe359ISAvJjE+Qkk1fTc4LzpJTV1RPygzOENdZVRpW2VU[...]
Found : user_pref("CT2612669./9b/>01=9a6k6<im;krie@pdawm", "amlrcnN0dXY=");
Found : user_pref("CT2612669./9b3=>@44i48?", "NywtMml1djNCNjNBSEd2IT8+SE9OTUZIUCtWS04uWVlZX0xWTzdkU1dQ");
Found : user_pref("CT2612669./9b5ba==9cjag", "OWhvaUBsbXV6dXFxdUt4SnohUH0k");
Found : user_pref("CT2612669./9b6b11g4c56b>f;p;anr@p", "bm1ubm1tcXVwcHN0eg==");
Found : user_pref("CT2612669./9b9643g3/9e", "ag==");
Found : user_pref("CT2612669./9b<:222h64<", "OT81Lz4=");
Found : user_pref("CT2612669./9b=+03eh8h8j?:", "REM=");
Found : user_pref("CT2612669./9b?+e2a52d8", "NywtMml1di46PHs6OUNKSUhBQ0smUUZJKWVQRlZkcHJ5UVVeXlI=");
Found : user_pref("CT2612669./9b?b0d:8aj62<h", "bQ==");
Found : user_pref("CT2612669./9ba@0<0bi6a7gn:6@l?", "bms=");
Found : user_pref("CT2612669.2612669a129684721030689048000000paramsgk0", "eyJ1cGRhdGVSZXFUaW1lIjoxMzI0NDI3Mj[...]
Found : user_pref("CT2612669.2612669a129684723478947121000000paramsGK3.enc", "eyJ1cGRhdGVSZXFUaW1lIjoxMzY3ND[...]
Found : user_pref("CT2612669.2612669a129684723478947121000000paramsgk0", "eyJ1cGRhdGVSZXFUaW1lIjoxMzI5NDg3Nz[...]
Found : user_pref("CT2612669.2612669a129684723478947121000000paramsgk2", "eyJ1cGRhdGVSZXFUaW1lIjoxMzI5NTUzMj[...]
Found : user_pref("CT2612669.2612669a129684723478947121000000paramsgk3", "eyJ1cGRhdGVSZXFUaW1lIjoxMzU1MTg0Mj[...]
Found : user_pref("CT2612669.2612669a130003407608460983000000paramsGK0.enc", "eyJ1cGRhdGVSZXFUaW1lIjoxMzY3ND[...]
Found : user_pref("CT2612669.2612669a130003407608460983000000twitterTemplate_config_currentTab.enc", "aG9tZQ[...]
Found : user_pref("CT2612669.2612669a130003407608460983000000twitterTemplate_notify_followers.enc", "MHgwMDM[...]
Found : user_pref("CT2612669.2612669a130003407608460983000000twitterTemplate_notify_followers_count.enc", "M[...]
Found : user_pref("CT2612669.2612669a130003407608460983000000twitterTemplate_notify_following.enc", "MHgwMDM[...]
Found : user_pref("CT2612669.2612669a130003407608460983000000twitterTemplate_notify_following_count.enc", "M[...]
Found : user_pref("CT2612669.2612669a130003407608460983000000twitterTemplate_notify_home.enc", "MHgwMDMzLDB4[...]
Found : user_pref("CT2612669.2612669a130003407608460983000000twitterTemplate_notify_home_count.enc", "MTU=")[...]
Found : user_pref("CT2612669.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Found : user_pref("CT2612669.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Found : user_pref("CT2612669.AppTrackingLastCheckTime", "Fri Mar 09 2012 22:14:20 GMT+1000");
Found : user_pref("CT2612669.BrowserCompStateIsOpen_129482420034282070", true);
Found : user_pref("CT2612669.BrowserCompStateIsOpen_129564502120544861", true);
Found : user_pref("CT2612669.BrowserCompStateIsOpen_129564560723477699", true);
Found : user_pref("CT2612669.BrowserCompStateIsOpen_129683190780749804", true);
Found : user_pref("CT2612669.CTID", "CT2612669");
Found : user_pref("CT2612669.CommunitiesChangesLastCheckTime", "0");
Found : user_pref("CT2612669.CurrentServerDate", "11-12-2012");
Found : user_pref("CT2612669.DSInstall", true);
Found : user_pref("CT2612669.DialogsAlignMode", "LTR");
Found : user_pref("CT2612669.DialogsGetterLastCheckTime", "Mon Dec 10 2012 21:09:49 GMT+1000");
Found : user_pref("CT2612669.DownloadReferralCookieData", "");
Found : user_pref("CT2612669.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Found : user_pref("CT2612669.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...]
Found : user_pref("CT2612669.FF19Solved", "true");
Found : user_pref("CT2612669.FeedLastCount129206864782289142", 40);
Found : user_pref("CT2612669.FeedPollDate129206864782914144", "Wed Apr 18 2012 09:09:20 GMT+1000");
Found : user_pref("CT2612669.FeedTTL129206864782914144", 40);
Found : user_pref("CT2612669.FirstServerDate", "26-10-2011");
Found : user_pref("CT2612669.FirstTime", true);
Found : user_pref("CT2612669.FirstTimeFF3", true);
Found : user_pref("CT2612669.FixPageNotFoundErrors", true);
Found : user_pref("CT2612669.GroupingInvalidateCache", false);
Found : user_pref("CT2612669.GroupingLastCheckTime", "0");
Found : user_pref("CT2612669.GroupingLastServerUpdateTime", "0");
Found : user_pref("CT2612669.GroupingServerCheckInterval", 1440);
Found : user_pref("CT2612669.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Found : user_pref("CT2612669.HPInstall", false);
Found : user_pref("CT2612669.HasUserGlobalKeys", true);
Found : user_pref("CT2612669.HomePageProtectorEnabled", false);
Found : user_pref("CT2612669.HomepageBeforeUnload", "hxxp://www.google.com.au");
Found : user_pref("CT2612669.Initialize", true);
Found : user_pref("CT2612669.InitializeCommonPrefs", true);
Found : user_pref("CT2612669.InstallationAndCookieDataSentCount", 3);
Found : user_pref("CT2612669.InstallationType", "UnknownIntegration");
Found : user_pref("CT2612669.InstalledDate", "Thu Oct 27 2011 00:26:12 GMT+1000");
Found : user_pref("CT2612669.InvalidateCache", false);
Found : user_pref("CT2612669.IsAlertDBUpdated", true);
Found : user_pref("CT2612669.IsGrouping", false);
Found : user_pref("CT2612669.IsInitSetupIni", true);
Found : user_pref("CT2612669.IsMulticommunity", false);
Found : user_pref("CT2612669.IsOpenThankYouPage", true);
Found : user_pref("CT2612669.IsOpenUninstallPage", true);
Found : user_pref("CT2612669.IsProtectorsInit", true);
Found : user_pref("CT2612669.LanguagePackLastCheckTime", "Tue Dec 11 2012 08:48:27 GMT+1000");
Found : user_pref("CT2612669.LanguagePackReloadIntervalMM", 1440);
Found : user_pref("CT2612669.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Found : user_pref("CT2612669.LastLogin_3.13.0.6", "Tue Dec 11 2012 07:04:31 GMT+1000");
Found : user_pref("CT2612669.LastLogin_3.7.0.6", "Sat Jun 23 2012 12:52:06 GMT+1000");
Found : user_pref("CT2612669.LatestVersion", "3.13.0.6");
Found : user_pref("CT2612669.Locale", "en");
Found : user_pref("CT2612669.LoginRevertSettingsEnabled", true);
Found : user_pref("CT2612669.MCDetectTooltipHeight", "83");
Found : user_pref("CT2612669.MCDetectTooltipShow", false);
Found : user_pref("CT2612669.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Found : user_pref("CT2612669.MCDetectTooltipWidth", "295");
Found : user_pref("CT2612669.MyStuffEnabledAtInstallation", true);
Found : user_pref("CT2612669.OriginalFirstVersion", "3.7.0.6");
Found : user_pref("CT2612669.PG_ENABLE", "dHJ1ZQ==");
Found : user_pref("CT2612669.PG_ENABLE.enc", "dHJ1ZQ==");
Found : user_pref("CT2612669.RadioLastCheckTime", "0");
Found : user_pref("CT2612669.RadioLastUpdateIPServer", "0");
Found : user_pref("CT2612669.RadioLastUpdateServer", "0");
Found : user_pref("CT2612669.RevertSettingsEnabled", true);
Found : user_pref("CT2612669.SF_JUST_INSTALLED.enc", "RkFMU0U=");
Found : user_pref("CT2612669.SF_STATUS.enc", "RU5BQkxFRA==");
Found : user_pref("CT2612669.SearchAppState.enc", "Mw==");
Found : user_pref("CT2612669.SearchAppTracking.enc", "MQ==");
Found : user_pref("CT2612669.SearchCaption", "IMVU Inc Customized Web Search");
Found : user_pref("CT2612669.SearchEngineBeforeUnload", "IMVU Inc Customized Web Search");
Found : user_pref("CT2612669.SearchFromAddressBarIsInit", true);
Found : user_pref("CT2612669.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT261[...]
Found : user_pref("CT2612669.SearchInNewTabEnabled", true);
Found : user_pref("CT2612669.SearchInNewTabIntervalMM", 1440);
Found : user_pref("CT2612669.SearchInNewTabLastCheckTime", "Tue Dec 11 2012 08:48:25 GMT+1000");
Found : user_pref("CT2612669.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Found : user_pref("CT2612669.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usa[...]
Found : user_pref("CT2612669.SearchInNewTabUserEnabled", false);
Found : user_pref("CT2612669.SearchProtectorEnabled", true);
Found : user_pref("CT2612669.SearchProtectorToolbarDisabled", false);
Found : user_pref("CT2612669.SendProtectorDataViaLogin", true);
Found : user_pref("CT2612669.ServiceMapLastCheckTime", "Tue Dec 11 2012 08:48:27 GMT+1000");
Found : user_pref("CT2612669.SettingsLastCheckTime", "Tue Dec 11 2012 09:53:59 GMT+1000");
Found : user_pref("CT2612669.SettingsLastUpdate", "1354704805");
Found : user_pref("CT2612669.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2612669&SearchSource=13");
Found : user_pref("CT2612669.ThirdPartyComponentsInterval", 504);
Found : user_pref("CT2612669.ThirdPartyComponentsLastCheck", "Thu Dec 06 2012 19:56:49 GMT+1000");
Found : user_pref("CT2612669.ThirdPartyComponentsLastUpdate", "1331805997");
Found : user_pref("CT2612669.ToolbarDisabled", false);
Found : user_pref("CT2612669.ToolbarShrinkedFromSetup", false);
Found : user_pref("CT2612669.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Found : user_pref("CT2612669.UserID", "UN33469839415034749");
Found : user_pref("CT2612669.ValidationData_Toolbar", 2);
Found : user_pref("CT2612669._9b_7e.:2z527", "JH5wdXF3cngzMihwKnt5e3t+MCcyJCYqRCtWS047JD0vLS8vM0M6RTc4OGFdYU[...]
Found : user_pref("CT2612669._9b_7e.x305", "JH4qQTc3RDQzekY7PitzLXp9fCEyKTQ/VkZUUkxHSllaSFFQXlFSOWRZXEkySzk8[...]
Found : user_pref("CT2612669.addressBarTakeOverEnabledInHidden", "true");
Found : user_pref("CT2612669.addressUrlXPETakeover", "true");
Found : user_pref("CT2612669.alertChannelId", "1005466");
Found : user_pref("CT2612669.approveUntrustedApps", false);
Found : user_pref("CT2612669.autoDisableScopes", -1);
Found : user_pref("CT2612669.backendstorage./9b+7e+x305", "247E27413334363379453A3D2A722C797A7E7A3128333B4D4[...]
Found : user_pref("CT2612669.backendstorage./9b+7e,x305", "247E28412F3F3E3779453A3D2A722C797B787D3128333C474[...]
Found : user_pref("CT2612669.backendstorage./9b+7e-x305", "247E2936303C363679453A3D2A722C797A207B3128333D462[...]
Found : user_pref("CT2612669.backendstorage./9b+7e.:2z527", "247E707571777278333228702A7B797B7B7E30273224262[...]
Found : user_pref("CT2612669.backendstorage./9b+7e.x305", "247E2A4137374434337A463B3E2B732D7A7D7C213229343F5[...]
Found : user_pref("CT2612669.backendstorage./9b+7e/x305", "247E2B413536327844393C29712B787C7B773027323E4C434[...]
Found : user_pref("CT2612669.backendstorage./9b+7e06cg5el8:", "6E6D6E6E6D6D72726E78");
Found : user_pref("CT2612669.backendstorage./9b+7e06cg5el;8i:k", "247E2D2F226A7473747473737878747E242F4B4947[...]
Found : user_pref("CT2612669.backendstorage./9b+7e0x305", "247E2C403A407743383B28702A777C757D2F26313E4129554[...]
Found : user_pref("CT2612669.backendstorage./9b+7e1x305", "247E2D41313D403279453A3D2A722C7A77797E31283341473[...]
Found : user_pref("CT2612669.backendstorage./9b+7e2x305", "247E2E3542313D3D393A7B473C3F2C742E79207D322934435[...]
Found : user_pref("CT2612669.backendstorage./9b+7e3x305", "247E2F413F3B36333F47463F7D493E412E76307E222421352[...]
Found : user_pref("CT2612669.backendstorage./9b+7e4x305", "247E302C407642373A276F29777B74762E2530413E4F494A5[...]
Found : user_pref("CT2612669.backendstorage./9b+7e5x305", "247E3136422B7743383B28702A79757A772F2631434B3D495[...]
Found : user_pref("CT2612669.backendstorage./9b+7e6x305", "247E322C3E32323238453E7C483D402D752F7E7B2424342B3[...]
Found : user_pref("CT2612669.backendstorage./9b+7e7x305", "247E333D2C3F3E3F79453A3D2A722C7B7A797A31283347474[...]
Found : user_pref("CT2612669.backendstorage./9b+7e8x305", "247E343D3F3B35373B3F367C47472C742E7E7823322934495[...]
Found : user_pref("CT2612669.backendstorage./9b+7e9x305", "247E35332C3F327844393C29712B7B757979302732484C4F4[...]
Found : user_pref("CT2612669.backendstorage./9b+7e:x305", "247E36333B38327844393C29712B7B76797A3027324948554[...]
Found : user_pref("CT2612669.backendstorage./9b+7e;x305", "247E373F333F3738422F7B473C3F2C742E7E7A7A22332A354[...]
Found : user_pref("CT2612669.backendstorage./9b+7e<x305", "247E38343030442F463644377D493E412E7630217D2426352[...]
Found : user_pref("CT2612669.backendstorage./9b+7e=x305", "247E3933363F41413739357C483D402D752F207E2022342B3[...]
Found : user_pref("CT2612669.backendstorage./9b+7e>x305", "247E3A41363F323238387B473C3F2C742E7E20217C332A355[...]
Found : user_pref("CT2612669.backendstorage./9b+7e?x305", "247E3B2D2F2F334134403A3A7D494C2D752F2023207E342B3[...]
Found : user_pref("CT2612669.backendstorage./9b+7e@x305", "247E3C40422B7743383B28702A7B767E782F26314E52543D2[...]
Found : user_pref("CT2612669.backendstorage./9b+7eax305", "247E3D3D37387743383B28702A7B7A757E2F26314F4F544A5[...]
Found : user_pref("CT2612669.backendstorage./9b+7ebe3g=;d9n9=d", "372C2D326975762E3A3C7B3A39434A494841434B26[...]
Found : user_pref("CT2612669.backendstorage./9b+7ebx305", "247E3E393141303D33454036327E4A3F422F77317B7D23352[...]
Found : user_pref("CT2612669.backendstorage./9b+7ecx305", "247E3F3D303043312E7A463B3E2B732D7B207E31283353515[...]
Found : user_pref("CT2612669.backendstorage./9b+7edx305", "247E4035422A363879453A3D2A722C7D202F26315247543C4[...]
Found : user_pref("CT2612669.backendstorage./9b+7etx305", "247E6E2F2E3B323342357B44392B732D7A7B7B7C322934215[...]
Found : user_pref("CT2612669.backendstorage./9b-0?3g>d", "3B3E6D69706E726F7A75774648204A7C7D7725507A21542A56[...]
Found : user_pref("CT2612669.backendstorage./9b-0?3g@6:5;", "");
Found : user_pref("CT2612669.backendstorage./9b-0?3gfa7ef", "2B2E2C3D");
Found : user_pref("CT2612669.backendstorage./9b-3=3eccja=f>", "247E333D2C452F4135276F297B7E7D21202F26313E424[...]
Found : user_pref("CT2612669.backendstorage./9b/>01=9a6k6<im;krie@pdawm", "6A696B7273747576");
Found : user_pref("CT2612669.backendstorage./9b3=>@44i48?", "372C2D326975763342363341484776213F3E484F4E4D464[...]
Found : user_pref("CT2612669.backendstorage./9b5ba==9cjag", "39686F69406C6D757A757171754B784A7A21507D24");
Found : user_pref("CT2612669.backendstorage./9b6b11g4c56b>f;p;anr@p", "6E6D6E6E6D6D7175707073747A");
Found : user_pref("CT2612669.backendstorage./9b9643g3/9e", "6A");
Found : user_pref("CT2612669.backendstorage./9b<:222h64<", "393F352F3E");
Found : user_pref("CT2612669.backendstorage./9b=+03eh8h8j?:", "4443");
Found : user_pref("CT2612669.backendstorage./9b?+e2a52d8", "372C2D326975762E3A3C7B3A39434A494841434B26514649[...]
Found : user_pref("CT2612669.backendstorage./9b?b0d:8aj62<h", "6D");
Found : user_pref("CT2612669.backendstorage./9ba@0<0bi6a7gn:6@l?", "6E6B");
Found : user_pref("CT2612669.backendstorage.2612669a129684721030689048000000paramsgk0", "7B22757064617465526[...]
Found : user_pref("CT2612669.backendstorage.2612669a129684723478947121000000paramsgk0", "7B22757064617465526[...]
Found : user_pref("CT2612669.backendstorage.2612669a129684723478947121000000paramsgk2", "7B22757064617465526[...]
Found : user_pref("CT2612669.backendstorage.2612669a129684723478947121000000paramsgk3", "7B22757064617465526[...]
Found : user_pref("CT2612669.backendstorage.cb", "30");
Found : user_pref("CT2612669.backendstorage.cb_firstuse0100", "31");
Found : user_pref("CT2612669.backendstorage.cb_user_id_000", "43423938383338353638373133365F46697265666F78")[...]
Found : user_pref("CT2612669.backendstorage.cbcountry_000", "4155");
Found : user_pref("CT2612669.backendstorage.cbfirsttime", "546875204F637420323720323031312030303A32363A31342[...]
Found : user_pref("CT2612669.backendstorage.facebook_mode", "32");
Found : user_pref("CT2612669.backendstorage.facebook_user_locale", "656E");
Found : user_pref("CT2612669.backendstorage.shoppingapp.gk.exipres", "4D6F6E2041707220323320323031322030303A[...]
Found : user_pref("CT2612669.backendstorage.shoppingapp.gk.geolocation", "6175737472616C6961");
Found : user_pref("CT2612669.backendstorage.url_history", "687474703A2F2F617661746172732E696D76752E636F6D2F5[...]
Found : user_pref("CT2612669.backendstorage.url_history0001", "687474703A2F2F7777772E796F75747562652E636F6D2[...]
Found : user_pref("CT2612669.browser.search.defaultthis.engineName", true);
Found : user_pref("CT2612669.cb_firstuse0100", "MQ==");
Found : user_pref("CT2612669.cb_user_id_000", "Q0I5ODgzODU2ODcxMzZfRmlyZWZveA==");
Found : user_pref("CT2612669.cbcountry_000", "QVU=");
Found : user_pref("CT2612669.cbfirsttime.enc", "VGh1IE9jdCAyNyAyMDExIDAwOjI2OjE0IEdNVCsxMDAw");
Found : user_pref("CT2612669.components.129174085518698803", true);
Found : user_pref("CT2612669.components.129206864782289142", false);
Found : user_pref("CT2612669.components.129296598392950474", false);
Found : user_pref("CT2612669.components.129482420034282070", false);
Found : user_pref("CT2612669.components.129683190780749804", false);
Found : user_pref("CT2612669.components.3562342111233572", false);
Found : user_pref("CT2612669.components.4930556174285671", false);
Found : user_pref("CT2612669.components.7527685960312859", false);
Found : user_pref("CT2612669.defaultSearch", "false");
Found : user_pref("CT2612669.enableAlerts", "true");
Found : user_pref("CT2612669.enableFix404ByUser", "FALSE");
Found : user_pref("CT2612669.enableSearchFromAddressBar", "true");
Found : user_pref("CT2612669.facebook_mode", "Mg==");
Found : user_pref("CT2612669.facebook_user_locale", "ZW4=");
Found : user_pref("CT2612669.firstTimeDialogOpened", true);
Found : user_pref("CT2612669.fixPageNotFoundError", "true");
Found : user_pref("CT2612669.fixPageNotFoundErrorByUser", "true");
Found : user_pref("CT2612669.fixPageNotFoundErrorInHidden", "true");
Found : user_pref("CT2612669.fixUrls", true);
Found : user_pref("CT2612669.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Found : user_pref("CT2612669.globalFirstTimeInfoLastCheckTime", "Sat Dec 08 2012 11:08:43 GMT+1000");
Found : user_pref("CT2612669.homepageProtectorEnableByLogin", true);
Found : user_pref("CT2612669.hxxp___twittertemplate_conduitapps_com.APP_WIN_FEATURES.enc", "cmVzaXphYmxlPTAs[...]
Found : user_pref("CT2612669.hxxp___twittertemplate_conduitapps_com_v1_3_0.2612669a130003407608460983000000t[...]
Found : user_pref("CT2612669.hxxp___twittertemplate_conduitapps_com_v1_3_0.2612669a130003407608460983000000t[...]
Found : user_pref("CT2612669.hxxp___twittertemplate_conduitapps_com_v1_3_0.2612669a130003407608460983000000t[...]
Found : user_pref("CT2612669.hxxp___twittertemplate_conduitapps_com_v1_3_0.2612669a130003407608460983000000t[...]
Found : user_pref("CT2612669.hxxp___twittertemplate_conduitapps_com_v1_3_0.2612669a130003407608460983000000t[...]
Found : user_pref("CT2612669.hxxp___twittertemplate_conduitapps_com_v1_3_0.2612669a130003407608460983000000t[...]
Found : user_pref("CT2612669.hxxp___www_imvu_com_conduit_toolbar.APP_WIN_FEATURES.enc", "dGl0bGViYXI9MCxjbG9[...]
Found : user_pref("CT2612669.initDone", true);
Found : user_pref("CT2612669.installDate", "15/4/2013 7:31:31");
Found : user_pref("CT2612669.installId", "stub.exe");
Found : user_pref("CT2612669.installSessionId", "{60028F2D-6F30-4EED-8BE6-9DE96A9B3FB2}");
Found : user_pref("CT2612669.installSp", "false");
Found : user_pref("CT2612669.installType", "conduitnsisintegration");
Found : user_pref("CT2612669.installUsage", "15/4/2013 7:29:43");
Found : user_pref("CT2612669.installUsageEarly", "15/4/2013 7:29:43");
Found : user_pref("CT2612669.installerVersion", "1.4.1.1");
Found : user_pref("CT2612669.isAppTrackingManagerOn", false);
Found : user_pref("CT2612669.isCheckedStartAsHidden", true);
Found : user_pref("CT2612669.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":true}");
Found : user_pref("CT2612669.isFirstTimeToolbarLoading", "false");
Found : user_pref("CT2612669.isNewTabEnabled", true);
Found : user_pref("CT2612669.isPerformedSmartBarTransition", "true");
Found : user_pref("CT2612669.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Found : user_pref("CT2612669.keyword", "true");
Found : user_pref("CT2612669.lastNewTabSettings", "{\"isEnabled\":false,\"newTabUrl\":\"\"}");
Found : user_pref("CT2612669.lastVersion", "10.15.1.16");
Found : user_pref("CT2612669.mam_gk_appStateReportTime.enc", "MTM2NzMyMjgwMzg5Mg==");
Found : user_pref("CT2612669.mam_gk_appState_CouponBuddy.enc", "b2Zm");
Found : user_pref("CT2612669.mam_gk_appState_Easytobook.enc", "b2Zm");
Found : user_pref("CT2612669.mam_gk_appState_Easytobook_targeted.enc", "b2Zm");
Found : user_pref("CT2612669.mam_gk_appState_PriceGong.enc", "b2Zm");
Found : user_pref("CT2612669.mam_gk_appState_WindowShopper.enc", "b2Zm");
Found : user_pref("CT2612669.mam_gk_appsData.enc", "eyJhcHBzIjpbeyJpZCI6IlByaWNlR29uZyIsInVybCI6Imh0dHA6Ly9w[...]
Found : user_pref("CT2612669.mam_gk_appsDefaultEnabled.enc", "bnVsbA==");
Found : user_pref("CT2612669.mam_gk_configuration.enc", "eyJjb25maWd1cmF0aW9uIjpbeyJpZCI6IkNvdXBvbkJ1ZGR5Iiw[...]
Found : user_pref("CT2612669.mam_gk_currentVersion.enc", "MS40LjQuNg==");
Found : user_pref("CT2612669.mam_gk_eventsCache.enc", "eyJiMzQ0NDllYi1lNzg3LTQyOTUtODU0Mi0yNmJhNzljNTg4MzAiO[...]
Found : user_pref("CT2612669.mam_gk_first_time.enc", "MQ==");
Found : user_pref("CT2612669.mam_gk_gadgetOpen.enc", "MA==");
Found : user_pref("CT2612669.mam_gk_installer_preapproved.enc", "ZmFsc2U=");
Found : user_pref("CT2612669.mam_gk_lastLoginTime.enc", "MTM2NzQ1MTg2MDE0MA==");
Found : user_pref("CT2612669.mam_gk_lastSettingsOpen.enc", "eyJzZXR0aW5nc1BhZ2VGdWxsVXJsIjoiaHR0cDovL2FwcC5t[...]
Found : user_pref("CT2612669.mam_gk_localization.enc", "eyJnYWRnZXRDb250ZW50UG9saWN5Ijp7IlRleHQiOiJDb250ZW50[...]
Found : user_pref("CT2612669.mam_gk_pgUnloadedOnce.enc", "dHJ1ZQ==");
Found : user_pref("CT2612669.mam_gk_settings1.4.4.6.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVyd[...]
Found : user_pref("CT2612669.mam_gk_showCloseButton.enc", "dHJ1ZQ==");
Found : user_pref("CT2612669.mam_gk_showWelcomeGadget.enc", "ZmFsc2U=");
Found : user_pref("CT2612669.mam_gk_userId.enc", "OWFhNDcwNTctNmJkNS00YmZmLWEyNjktN2MzZjkyYmI2Njkw");
Found : user_pref("CT2612669.mam_gk_user_approval_interacted.enc", "MQ==");
Found : user_pref("CT2612669.migrateAppsAndComponents", true);
Found : user_pref("CT2612669.myStuffEnabled", true);
Found : user_pref("CT2612669.myStuffPublihserMinWidth", 400);
Found : user_pref("CT2612669.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Found : user_pref("CT2612669.myStuffServiceIntervalMM", 1440);
Found : user_pref("CT2612669.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Found : user_pref("CT2612669.navigationAliasesJson", "{\"EB_MAIN_FRAME_URL\":\"file%3A%2F%2F%2FC%3A%2FUsers%[...]
Found : user_pref("CT2612669.newSettings", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Found : user_pref("CT2612669.oldAppsList", "129170380618247103,129170380618247104,111,129174085518698803,129[...]
Found : user_pref("CT2612669.openThankYouPage", "false");
Found : user_pref("CT2612669.openUninstallPage", "true");
Found : user_pref("CT2612669.price-gong.isManagedApp", "true");
Found : user_pref("CT2612669.revertSettingsEnabled", true);
Found : user_pref("CT2612669.sac-country-code.enc", "IkFVIg==");
Found : user_pref("CT2612669.sac-experiments-animation.enc", "eyJuYW1lIjoiMC43NSIsInZlcnNpb24iOjN9");
Found : user_pref("CT2612669.sac-experiments-hover_effect.enc", "eyJuYW1lIjoiZnVsbCIsInZlcnNpb24iOjJ9");
Found : user_pref("CT2612669.sac-experiments-image_analysis.enc", "eyJuYW1lIjoid2l0aG91dFN1YnRpdGxlIiwidmVyc[...]
Found : user_pref("CT2612669.sac-experiments-placement.enc", "eyJuYW1lIjoid3JlY2std2lkZSIsInZlcnNpb24iOjJ9")[...]
Found : user_pref("CT2612669.sac-experiments-play_icon.enc", "eyJuYW1lIjoibm8iLCJ2ZXJzaW9uIjoxfQ==");
Found : user_pref("CT2612669.sac-periodic-reports.enc", "eyJ5dHRfcGluZ18wIjpbMTM2NzEyMTEzNjMwOCwxNDQwMDAwMF1[...]
Found : user_pref("CT2612669.sac-user-id.enc", "ImUxZDFhZTk5LWMwM2QtNGFmOS1iMzYwLWVmNWI4M2ExMjJiOCI=");
Found : user_pref("CT2612669.sac-yt-first-ping.enc", "MTM2NjcxNTAxMjAzNw==");
Found : user_pref("CT2612669.search.searchAppId", "129170380618247104");
Found : user_pref("CT2612669.search.searchCount", "2");
Found : user_pref("CT2612669.searchInNewTabEnabled", false);
Found : user_pref("CT2612669.searchInNewTabEnabledByUser", false);
Found : user_pref("CT2612669.searchInNewTabEnabledInHidden", "true");
Found : user_pref("CT2612669.searchProtectorDialogDelayInSec", 10);
Found : user_pref("CT2612669.searchProtectorEnableByLogin", true);
Found : user_pref("CT2612669.searchRevert", "false");
Found : user_pref("CT2612669.searchUserMode", "1");
Found : user_pref("CT2612669.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Found : user_pref("CT2612669.sendUsageEnabled", false);
Found : user_pref("CT2612669.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...]
Found : user_pref("CT2612669.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\[...]
Found : user_pref("CT2612669.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]
Found : user_pref("CT2612669.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]
Found : user_pref("CT2612669.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]
Found : user_pref("CT2612669.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]
Found : user_pref("CT2612669.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1367492204640");
Found : user_pref("CT2612669.serviceLayer_services_appsMetadata_lastUpdate", "1368260127595");
Found : user_pref("CT2612669.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1367410788360");
Found : user_pref("CT2612669.serviceLayer_services_location_lastUpdate", "1370839049540");
Found : user_pref("CT2612669.serviceLayer_services_login_10.13.40.15_lastUpdate", "1360011862153");
Found : user_pref("CT2612669.serviceLayer_services_login_10.14.42.7_lastUpdate", "1365971882457");
Found : user_pref("CT2612669.serviceLayer_services_login_10.15.1.16_lastUpdate", "1370912899893");
Found : user_pref("CT2612669.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1367410788428");
Found : user_pref("CT2612669.serviceLayer_services_searchAPI_lastUpdate", "1368229667494");
Found : user_pref("CT2612669.serviceLayer_services_serviceMap_lastUpdate", "1370839048505");
Found : user_pref("CT2612669.serviceLayer_services_toolbarContextMenu_lastUpdate", "1367410788328");
Found : user_pref("CT2612669.serviceLayer_services_toolbarSettings_lastUpdate", "1370912899325");
Found : user_pref("CT2612669.serviceLayer_services_translation_lastUpdate", "1370839054176");
Found : user_pref("CT2612669.settingsINI", true);
Found : user_pref("CT2612669.shouldFirstTimeDialog", "false");
Found : user_pref("CT2612669.showToolbarPermission", "false");
Found : user_pref("CT2612669.smartbar.CTID", "CT2612669");
Found : user_pref("CT2612669.smartbar.Uninstall", "0");
Found : user_pref("CT2612669.smartbar.isHidden", true);
Found : user_pref("CT2612669.smartbar.toolbarName", "IMVU Inc ");
Found : user_pref("CT2612669.startPage", "false");
Found : user_pref("CT2612669.testingCtid", "");
Found : user_pref("CT2612669.toolbarAppMetaDataLastCheckTime", "Tue Dec 11 2012 08:48:28 GMT+1000");
Found : user_pref("CT2612669.toolbarBornServerTime", "26-10-2011");
Found : user_pref("CT2612669.toolbarContextMenuLastCheckTime", "Wed Nov 28 2012 07:16:28 GMT+1000");
Found : user_pref("CT2612669.toolbarCurrentServerTime", "11-6-2013");
Found : user_pref("CT2612669.toolbarLoginClientTime", "Mon Apr 15 2013 07:31:39 GMT+1000");
Found : user_pref("CT2612669.twitterTemplate_2612669a130003407608460983000000_DailyActivity.enc", "MTM2NzQxM[...]
Found : user_pref("CT2612669.twitterTemplate_2612669a130003407608460983000000_LifetimeSent.enc", "VFJVRQ==")[...]
Found : user_pref("CT2612669.twitterTemplate_2612669a130003407608460983000000_lang.enc", "RU4=");
Found : user_pref("CT2612669.url_history", "aHR0cDovL2F2YXRhcnMuaW12dS5jb20vUm9zZU5pdGVLYWxsaXN0aQ==");
Found : user_pref("CT2612669.url_history0001", "aHR0cDovL3d3dy55b3V0dWJlLmNvbS93YXRjaD92PWZWNTJEdmpYOXJBOjo6[...]
Found : user_pref("CT2612669.usageEnabled", false);
Found : user_pref("CT2612669.usagesFlag", 2);
Found : user_pref("CT2612669.whitelist.enc", "W3sibmFtZSI6IlRpbWUiLCJkb21haW5fcmVneCI6IiguKlxcLik/dGltZS5jb2[...]
Found : user_pref("CT2612669.whitelist_ts.enc", "MTM2NzEyOTc2Mzk2MQ==");
Found : user_pref("CT2612669.wreck-country-code.enc", "IkFVIg==");
Found : user_pref("CT2612669.wreck-experiments-design.enc", "eyJuYW1lIjoic2lkZWJhciIsInZlcnNpb24iOjN9");
Found : user_pref("CT2612669.wreck-experiments-feed.enc", "eyJuYW1lIjoid3JlY2tBbmRUYWJvb2xhIiwidmVyc2lvbiI6M[...]
Found : user_pref("CT2612669.wreck-experiments-hover_effect.enc", "eyJuYW1lIjoiaGFsZiIsInZlcnNpb24iOjF9");
Found : user_pref("CT2612669.wreck-experiments-trigger.enc", "eyJuYW1lIjoieDAuNSIsInZlcnNpb24iOjF9");
Found : user_pref("CT2612669.wreck-periodic-reports.enc", "eyJ3cmVja19waW5nXzAiOlsxMzY3MTIxMTM2MjM0LDE0NDAwM[...]
Found : user_pref("CT2612669.wreck-user-id.enc", "IjkwNmVjMDk5LThmMGItNDYyNy1iODNiLTE4NTAyNjM3M2RjMiI=");
Found : user_pref("CT2612669_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...]
Found : user_pref("CommunityToolbar.ConduitSearchList", "IMVU Inc Customized Web Search");
Found : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2612669/CT2612669[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1005466/1001181/AU", "\"0\"[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2612669", [...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.7.[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2612669",[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2612669&octid=[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"189[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/20566976.xml", "\"80eae9b51e7c2923bc8[...]
Found : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Crawford\\AppData\\Roaming\\Mozilla[...]
Found : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.13.0.6");
Found : user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://pgcff.pricegong.com/agreement/agree.html#pg_e[...]
Found : user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://www.imvu.com/conduit_toolbar/buddies/", "285x[...]
Found : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "");
Found : user_pref("CommunityToolbar.ToolbarsList", "CT2612669");
Found : user_pref("CommunityToolbar.ToolbarsList2", "CT2612669");
Found : user_pref("CommunityToolbar.ToolbarsList4", "CT2612669");
Found : user_pref("CommunityToolbar.globalUserId", "1ddfe050-10b4-403f-acc3-31825a356fa8");
Found : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Found : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Found : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2612669");
Found : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Thu Dec 06 2012 10:34:0[...]
Found : user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);
Found : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Tue Dec 11 2012 09:48:32 GMT+100[...]
Found : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Found : user_pref("CommunityToolbar.notifications.locale", "en");
Found : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Found : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Mon Dec 10 2012 20:36:10 GMT+1000");
Found : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Found : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Found : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Found : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Found : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Found : user_pref("CommunityToolbar.notifications.userId", "ac5b1082-18db-43d3-bdf5-ec91cae64c41");
Found : user_pref("CommunityToolbar.originalHomepage", "hxxp://www.google.com.au");
Found : user_pref("CommunityToolbar.originalSearchEngine", "chrome://browser-region/locale/region.properties[...]
Found : user_pref("CommunityToolbar.twitter.user_20566976.LastCheckTime", "Wed Apr 18 2012 10:50:20 GMT+1000[...]
Found : user_pref("Smartbar.ConduitSearchEngineList", "IMVU Inc Customized Web Search");
Found : user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2612669[...]
Found : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=C[...]
Found : user_pref("Smartbar.keywordURLSelectedCTID", "CT2612669");
Found : user_pref("browser.search.defaultengine", "Ask.com");
Found : user_pref("browser.search.defaultenginename", "Ask.com");
Found : user_pref("browser.search.defaultthis.engineName", "IMVU Inc Customized Web Search");
Found : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2612669&Sea[...]
Found : user_pref("browser.search.order.1", "Ask.com");
Found : user_pref("browser.search.selectedEngine", "IMVU Inc Customized Web Search");
Found : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?octid=CT2612669&ctid=CT2612669&S[...]
Found : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT[...]
Found : user_pref("smartbar.machineId", "5DPPJUTISRCGID5D7FK5DQLMNPAO+ZAG9+DYWUFUWIKITEXFQFN6CTTW6ENQKJDK2UQ[...]
Found : user_pref("smartbar.originalSearchAddressUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT261[...]
Found : user_pref("smartbar.originalSearchEngine", "Ask.com");

-\\ Google Chrome v27.0.1453.110

File : C:\Users\Crawford\AppData\Local\Google\Chrome\User Data\Default\Preferences

Found [l.34] : icon_url = "hxxp://www.ask.com/favicon.ico",
Found [l.37] : keyword = "ask.com",
Found [l.41] : search_url = "hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=ORJ&o=&locale=&apn_uid=8B70F294-1CE5-4D9B-AF27-2C77FCE441C4&apn_ptnrs=U3&apn_sauid=7D20CD33-D289-4E0E-B4C1-79AFF10CF349&apn_dtid=OSJ000YYAU&q={searchTerms}",
Found [l.42] : suggest_url = "hxxp://ss.websearch.ask.com/query?qsrc=2922&li=ff&sstype=prefix&q={searchTerms}"
Found [l.1910] : homepage = "hxxp://search.conduit.com/?ctid=CT2612669&SearchSource=48",
Found [l.2262] : urls_to_restore_on_startup = [ "hxxp://search.conduit.com/?ctid=CT2612669&SearchSource=48" ]

*************************

AdwCleaner[R1].txt - [45448 octets] - [11/06/2013 11:16:56]

########## EOF - C:\AdwCleaner[R1].txt - [45509 octets] ##########
 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Windows 7 Home Premium x64
Ran by Crawford on Tue 11/06/2013 at 11:25:57.72
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{2D53104E-F48C-4962-A592-D65424766186}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{F921EA2B-021E-4847-972C-BAA9D3060A24}



~~~ Files



~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\Crawford\appdata\local\{0A4B6A73-4613-4333-B40E-81A9327D407A}
Successfully deleted: [Empty Folder] C:\Users\Crawford\appdata\local\{0C3942E3-EDCC-46EA-AC07-3C743BC16C3E}
Successfully deleted: [Empty Folder] C:\Users\Crawford\appdata\local\{0CC8E2FE-961E-45B8-8503-2418CEDB73AE}
Successfully deleted: [Empty Folder] C:\Users\Crawford\appdata\local\{0E4E3204-E55F-42EB-A80D-BC91AAE7E38A}
Successfully deleted: [Empty Folder] C:\Users\Crawford\appdata\local\{0EE5A61A-FB9D-44F0-95AF-C46DB0F70F0A}
Successfully deleted: [Empty Folder] C:\Users\Crawford\appdata\local\{18B682EC-03BC-4D31-A81C-122A95CF0FD6}
Successfully deleted: [Empty Folder] C:\Users\Crawford\appdata\local\{194DF1C5-17EA-4FC3-982F-A52CCC5CBC6B}
Successfully deleted: [Empty Folder] C:\Users\Crawford\appdata\local\{1C477D5D-1488-40BE-ADB6-9C15081B5C5D}
Successfully deleted: [Empty Folder] C:\Users\Crawford\appdata\local\{2006A874-6F72-4FEF-AB63-CD8AB4E622DF}
Successfully deleted: [Empty Folder] C:\Users\Crawford\appdata\local\{217F605D-B944-4F48-A599-8636872C4E53}
Successfully deleted: [Empty Folder] C:\Users\Crawford\appdata\local\{2A1EC280-F8F4-44CE-92D6-A0150643F9A1}
Successfully deleted: [Empty Folder] C:\Users\Crawford\appdata\local\{2A5CDCA5-D3A6-4651-BCE5-2D4373FC8093}
Successfully deleted: [Empty Folder] C:\Users\Crawford\appdata\local\{3EE3A96F-0DE6-4941-9071-004985DE5DA2}
Successfully deleted: [Empty Folder] C:\Users\Crawford\appdata\local\{46380F48-EB64-40E5-8216-8653B4498EA6}
Successfully deleted: [Empty Folder] C:\Users\Crawford\appdata\local\{47BBF535-8FA3-4635-B033-4D348D2B0905}
Successfully deleted: [Empty Folder] C:\Users\Crawford\appdata\local\{47DA52AC-F93A-4401-9623-F8976E093BE4}
Successfully deleted: [Empty Folder] C:\Users\Crawford\appdata\local\{4B640E46-1946-48A6-872D-8068406EB562}
Successfully deleted: [Empty Folder] C:\Users\Crawford\appdata\local\{4B84CE13-3556-42F8-A0AD-8AA636C988CB}
Successfully deleted: [Empty Folder] C:\Users\Crawford\appdata\local\{4EF3011B-A076-4A41-8090-D81EF38F836B}
Successfully deleted: [Empty Folder] C:\Users\Crawford\appdata\local\{55B8F4CC-934A-447C-B303-99FBA86FBF77}
Successfully deleted: [Empty Folder] C:\Users\Crawford\appdata\local\{55BA2F4A-61D4-40F7-912B-28E3B783597F}
Successfully deleted: [Empty Folder] C:\Users\Crawford\appdata\local\{564F7BBF-8C42-451B-9FA7-B4E77CFD2566}
Successfully deleted: [Empty Folder] C:\Users\Crawford\appdata\local\{577CBA4E-BD44-4C1B-8635-290C93C0F698}
Successfully deleted: [Empty Folder] C:\Users\Crawford\appdata\local\{5B94C799-B1C7-465B-9710-2272DC0FAEDF}
Successfully deleted: [Empty Folder] C:\Users\Crawford\appdata\local\{5BA88C71-C6E6-407C-85FC-F87C97A91CD4}
Successfully deleted: [Empty Folder] C:\Users\Crawford\appdata\local\{5EA56213-346F-49D3-8518-73E295C62C08}
Successfully deleted: [Empty Folder] C:\Users\Crawford\appdata\local\{62DFB986-06BF-4A15-A909-8080BEF3984F}
Successfully deleted: [Empty Folder] C:\Users\Crawford\appdata\local\{6C2A861B-BEE9-48D1-8610-302581FFC6F4}
Successfully deleted: [Empty Folder] C:\Users\Crawford\appdata\local\{6D36C9EF-B7E4-4633-B7DE-241B18EE918F}
Successfully deleted: [Empty Folder] C:\Users\Crawford\appdata\local\{6D69D2C2-C350-4C5A-826B-B6EC6171DBB3}
Successfully deleted: [Empty Folder] C:\Users\Crawford\appdata\local\{6DE1D6FA-40AC-428C-9CC8-0837353B055B}
Successfully deleted: [Empty Folder] C:\Users\Crawford\appdata\local\{8160C7AE-84C6-4ECB-A665-02A47BE4F736}
Successfully deleted: [Empty Folder] C:\Users\Crawford\appdata\local\{88486438-8D07-432D-8628-D882AAE12D7B}
Successfully deleted: [Empty Folder] C:\Users\Crawford\appdata\local\{8B88AA0D-AADB-4BBB-9D6B-3A83E98C2CB4}
Successfully deleted: [Empty Folder] C:\Users\Crawford\appdata\local\{9698E3E9-D5DD-4090-A73A-AAD21502DE1F}
Successfully deleted: [Empty Folder] C:\Users\Crawford\appdata\local\{9C29FB5C-EA60-4D8F-98AF-F73F63F81D74}
Successfully deleted: [Empty Folder] C:\Users\Crawford\appdata\local\{9E4CB1FD-348D-42FF-8BC2-315DA7155DD5}
Successfully deleted: [Empty Folder] C:\Users\Crawford\appdata\local\{A030B95D-E383-44E9-9C05-81095509812B}
Successfully deleted: [Empty Folder] C:\Users\Crawford\appdata\local\{A05C7A25-0312-43D3-AE17-A8D9D0FA2425}
Successfully deleted: [Empty Folder] C:\Users\Crawford\appdata\local\{A1F5E51F-C734-4F34-9EAE-EF74140D55B3}
Successfully deleted: [Empty Folder] C:\Users\Crawford\appdata\local\{A24151AA-FA98-4AA0-A0CF-48F674947D03}
Successfully deleted: [Empty Folder] C:\Users\Crawford\appdata\local\{A2B55AAA-54D3-496B-ABEB-38B370CAE90B}
Successfully deleted: [Empty Folder] C:\Users\Crawford\appdata\local\{A58F2748-0C21-4012-9022-0211DBCA167B}
Successfully deleted: [Empty Folder] C:\Users\Crawford\appdata\local\{A8F5CDE1-3D67-423C-A1A2-5FDF7B044228}
Successfully deleted: [Empty Folder] C:\Users\Crawford\appdata\local\{B15A693D-CB75-422F-AD1D-917776485599}
Successfully deleted: [Empty Folder] C:\Users\Crawford\appdata\local\{B19AF4A6-364A-42B7-A780-A9605663D2FB}
Successfully deleted: [Empty Folder] C:\Users\Crawford\appdata\local\{B799C08A-851D-4FC9-8954-EA4B8A483F98}
Successfully deleted: [Empty Folder] C:\Users\Crawford\appdata\local\{BD312372-4CBD-4366-A8B9-5CB1543F90E8}
Successfully deleted: [Empty Folder] C:\Users\Crawford\appdata\local\{C60D0552-3591-400F-8D9A-C321D767F319}
Successfully deleted: [Empty Folder] C:\Users\Crawford\appdata\local\{C68A6052-44B1-4392-B897-8A4DFE383CA3}
Successfully deleted: [Empty Folder] C:\Users\Crawford\appdata\local\{C8654BE4-27DD-4B90-ABAE-5709CFF91E39}
Successfully deleted: [Empty Folder] C:\Users\Crawford\appdata\local\{C9EF7B65-6DD2-40F0-977C-2492FC882D81}
Successfully deleted: [Empty Folder] C:\Users\Crawford\appdata\local\{CD0D542D-7D85-4FF5-A8CD-92FC42B1E257}
Successfully deleted: [Empty Folder] C:\Users\Crawford\appdata\local\{CE5E1A63-10FF-4E2D-A728-D679416045D9}
Successfully deleted: [Empty Folder] C:\Users\Crawford\appdata\local\{CE619153-82D0-45AA-B440-84275C66DD30}
Successfully deleted: [Empty Folder] C:\Users\Crawford\appdata\local\{D505EFAB-9599-4641-8485-17DC948EA846}
Successfully deleted: [Empty Folder] C:\Users\Crawford\appdata\local\{D6979D98-2A3F-40DC-B25A-3B3D07686487}
Successfully deleted: [Empty Folder] C:\Users\Crawford\appdata\local\{E08F1A0D-4469-41F6-99BA-481575243589}
Successfully deleted: [Empty Folder] C:\Users\Crawford\appdata\local\{E2BA8270-DB3C-4077-805E-5C45846AD036}
Successfully deleted: [Empty Folder] C:\Users\Crawford\appdata\local\{ED9F4A71-8561-4BB9-A383-B4EEE32AFC7C}
Successfully deleted: [Empty Folder] C:\Users\Crawford\appdata\local\{EFB8D7C9-F4C9-4914-9181-CEFB7108C9DA}
Successfully deleted: [Empty Folder] C:\Users\Crawford\appdata\local\{F04B965E-E524-4C36-8027-3E8926C8CC79}
Successfully deleted: [Empty Folder] C:\Users\Crawford\appdata\local\{F69AEB19-ACCB-4D9F-B4AF-09EFF92BF07F}
Successfully deleted: [Empty Folder] C:\Users\Crawford\appdata\local\{F8F3709F-18B4-4972-94FE-C3257A9820A1}
Successfully deleted: [Empty Folder] C:\Users\Crawford\appdata\local\{FB83687D-2738-4A5B-9227-E68CDF85888F}
Successfully deleted: [Empty Folder] C:\Users\Crawford\appdata\local\{FF1FF42B-0205-430F-A78F-D2020D162446}
Successfully deleted: [Empty Folder] C:\Users\Crawford\appdata\local\{FFC876D6-9E88-49AC-9060-137582AAB2CE}



~~~ FireFox

Successfully deleted: [File] C:\Users\Crawford\AppData\Roaming\mozilla\firefox\profiles\7yrczv19.default\searchplugins\imvu-inc-customized-web-search.xml
Emptied folder: C:\Users\Crawford\AppData\Roaming\mozilla\firefox\profiles\7yrczv19.default\minidumps [53 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 11/06/2013 at 11:28:48.72
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 


Edited by jf3000, 10 June 2013 - 08:58 PM.


#5 nasdaq

nasdaq

  • Malware Response Team
  • 40,456 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:03:35 PM

Posted 11 June 2013 - 08:11 AM

Run the ComboFix and ignore the warning.

Post the log if you can.

#6 jf3000

jf3000
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:35 AM

Posted 11 June 2013 - 09:12 PM

ComboFix 13-06-08.02 - Crawford 12/06/2013  11:07:10.1.6 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.61.1033.18.8153.6817 [GMT 10:00]
Running from: c:\users\Crawford\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}
SP: Microsoft Security Essentials *Enabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Created a new restore point
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\ntuser.dat
c:\windows\iun6002.exe
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\SysWow64\muzapp.exe
.
.
(((((((((((((((((((((((((   Files Created from 2013-05-12 to 2013-06-12  )))))))))))))))))))))))))))))))
.
.
2013-06-12 01:16 . 2013-06-12 01:16    --------    d-----w-    c:\users\Default\AppData\Local\temp
2013-06-11 01:25 . 2013-06-11 01:25    --------    d-----w-    c:\windows\ERUNT
2013-06-11 01:25 . 2013-06-11 01:25    --------    d-----w-    C:\JRT
2013-06-10 04:28 . 2013-06-10 04:28    --------    d-----w-    c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-06-10 04:28 . 2013-06-10 04:28    --------    d-----w-    c:\program files\iTunes
2013-06-10 04:28 . 2013-06-10 04:28    --------    d-----w-    c:\program files (x86)\iTunes
2013-06-10 04:28 . 2013-06-10 04:28    --------    d-----w-    c:\program files\iPod
2013-06-07 22:51 . 2012-07-26 04:55    785512    ----a-w-    c:\windows\system32\drivers\Wdf01000.sys
2013-06-07 22:51 . 2012-07-26 04:55    54376    ----a-w-    c:\windows\system32\drivers\WdfLdr.sys
2013-06-07 22:51 . 2012-07-26 04:47    2560    ----a-w-    c:\windows\system32\drivers\en-US\wdf01000.sys.mui
2013-06-07 22:51 . 2012-07-26 02:36    9728    ----a-w-    c:\windows\system32\Wdfres.dll
2013-06-07 22:49 . 2012-12-07 13:20    441856    ----a-w-    c:\windows\system32\Wpc.dll
2013-06-07 22:48 . 2012-11-30 05:41    424448    ----a-w-    c:\windows\system32\KernelBase.dll
2013-06-06 09:37 . 2013-06-08 08:18    --------    d-----w-    c:\program files (x86)\CodeStuff
2013-06-06 09:23 . 2013-06-06 09:23    --------    d-----w-    c:\users\Crawford\AppData\Roaming\Malwarebytes
2013-06-06 09:22 . 2013-06-06 09:22    --------    d-----w-    c:\programdata\Malwarebytes
2013-06-06 09:22 . 2013-04-04 04:50    25928    ----a-w-    c:\windows\system32\drivers\mbam.sys
2013-06-06 09:22 . 2013-06-06 09:22    --------    d-----w-    c:\program files (x86)\Malwarebytes' Anti-Malware
2013-06-06 09:22 . 2013-06-06 09:22    --------    d-----w-    c:\users\Crawford\AppData\Local\Programs
2013-06-05 04:22 . 2013-06-05 04:22    --------    d-----w-    c:\users\Crawford\AppData\Local\ArmA 2
2013-06-02 06:26 . 2013-06-02 06:26    --------    d-----w-    c:\program files (x86)\Common Files\BattlEye
2013-06-02 06:23 . 2013-06-02 06:23    --------    d-----w-    c:\programdata\Bohemia Interactive Studio
2013-06-02 06:22 . 2013-06-02 06:22    159744    ----a-w-    c:\program files\Internet Explorer\Plugins\npqtplugin5.dll
2013-06-02 06:22 . 2013-06-02 06:22    159744    ----a-w-    c:\program files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
2013-06-02 06:22 . 2013-06-02 06:22    159744    ----a-w-    c:\program files\Internet Explorer\Plugins\npqtplugin4.dll
2013-06-02 06:22 . 2013-06-02 06:22    159744    ----a-w-    c:\program files\Internet Explorer\Plugins\npqtplugin3.dll
2013-06-02 06:22 . 2013-06-02 06:22    159744    ----a-w-    c:\program files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
2013-06-02 06:22 . 2013-06-02 06:22    159744    ----a-w-    c:\program files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
2013-06-02 06:22 . 2013-06-02 06:22    159744    ----a-w-    c:\program files\Internet Explorer\Plugins\npqtplugin2.dll
2013-06-02 06:22 . 2013-06-02 06:22    159744    ----a-w-    c:\program files\Internet Explorer\Plugins\npqtplugin.dll
2013-06-02 06:22 . 2013-06-02 06:22    159744    ----a-w-    c:\program files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
2013-06-02 06:22 . 2013-06-02 06:22    159744    ----a-w-    c:\program files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
2013-06-02 06:22 . 2013-06-02 06:22    --------    d-----w-    c:\program files (x86)\QuickTime
2013-06-02 01:17 . 2013-06-09 06:38    --------    d-----w-    c:\users\Crawford\AppData\Local\ArmA 2 OA
2013-06-02 01:05 . 2013-06-02 01:05    --------    d-----w-    c:\users\Crawford\AppData\Local\DayZCommander
2013-06-02 01:04 . 2013-06-02 01:04    --------    d-----w-    c:\program files (x86)\Dotjosh Studios
2013-06-02 00:17 . 2013-06-02 00:17    --------    d-----w-    c:\program files (x86)\Bohemia Interactive
2013-06-01 14:34 . 2013-06-01 14:34    --------    d-----w-    c:\users\Crawford\AppData\Local\DDMSettings
2013-05-26 23:25 . 2013-06-08 08:45    --------    d-----w-    c:\program files (x86)\Battlelog Web Plugins
2013-05-26 22:50 . 2013-05-26 22:51    --------    d-----w-    c:\users\Crawford\AppData\Local\Origin
2013-05-26 22:47 . 2013-06-04 08:11    --------    d-----w-    c:\program files (x86)\Origin
2013-05-26 22:29 . 2013-05-26 22:29    --------    d-----w-    c:\users\Crawford\AppData\Local\ESN
2013-05-15 04:19 . 2013-04-10 06:01    983400    ----a-w-    c:\windows\system32\drivers\dxgkrnl.sys
2013-05-15 04:19 . 2013-04-10 06:01    265064    ----a-w-    c:\windows\system32\drivers\dxgmms1.sys
2013-05-15 04:19 . 2011-02-03 11:25    144384    ----a-w-    c:\windows\system32\cdd.dll
2013-05-15 04:19 . 2013-02-27 05:52    14172672    ----a-w-    c:\windows\system32\shell32.dll
2013-05-15 04:19 . 2013-02-27 05:48    1930752    ----a-w-    c:\windows\system32\authui.dll
2013-05-15 04:18 . 2013-02-27 06:02    111448    ----a-w-    c:\windows\system32\consent.exe
2013-05-15 04:18 . 2013-02-27 05:52    197120    ----a-w-    c:\windows\system32\shdocvw.dll
2013-05-15 04:18 . 2013-02-27 05:47    70144    ----a-w-    c:\windows\system32\appinfo.dll
2013-05-15 04:18 . 2013-02-27 04:49    1796096    ----a-w-    c:\windows\SysWow64\authui.dll
2013-05-15 04:18 . 2013-04-10 03:30    3153920    ----a-w-    c:\windows\system32\win32k.sys
2013-05-14 03:31 . 2013-05-14 03:31    6128760    ----a-w-    c:\program files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
2013-05-14 03:31 . 2013-05-14 03:31    6128760    ----a-w-    c:\program files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-05 07:25 . 2012-04-01 21:45    692104    ----a-w-    c:\windows\SysWow64\FlashPlayerApp.exe
2013-06-05 07:25 . 2011-10-26 01:00    71048    ----a-w-    c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-04 08:18 . 2011-10-29 07:36    291088    ----a-w-    c:\windows\SysWow64\PnkBstrB.xtr
2013-06-04 08:18 . 2011-10-29 07:16    291088    ----a-w-    c:\windows\SysWow64\PnkBstrB.exe
2013-06-04 08:17 . 2011-10-29 07:16    280904    ----a-w-    c:\windows\SysWow64\PnkBstrB.ex0
2013-05-27 00:00 . 2011-10-29 07:16    76888    ----a-w-    c:\windows\SysWow64\PnkBstrA.exe
2013-05-15 04:45 . 2011-10-26 09:53    75016696    ----a-w-    c:\windows\system32\MRT.exe
2013-05-11 10:09 . 2011-03-28 08:36    22240    ----a-w-    c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-02 15:29 . 2010-11-21 03:27    278800    ------w-    c:\windows\system32\MpSigStub.exe
2013-04-30 17:59 . 2013-04-30 17:59    94208    ----a-w-    c:\windows\SysWow64\QuickTimeVR.qtx
2013-04-30 17:59 . 2013-04-30 17:59    69632    ----a-w-    c:\windows\SysWow64\QuickTime.qts
2013-04-30 01:39 . 2013-04-30 01:39    719360    ----a-w-    c:\windows\SysWow64\mshtmlmedia.dll
2013-04-30 01:39 . 2013-04-30 01:39    226304    ----a-w-    c:\windows\system32\elshyph.dll
2013-04-30 01:39 . 2013-04-30 01:39    185344    ----a-w-    c:\windows\SysWow64\elshyph.dll
2013-04-30 01:39 . 2013-04-30 01:39    158720    ----a-w-    c:\windows\SysWow64\msls31.dll
2013-04-30 01:39 . 2013-04-30 01:39    138752    ----a-w-    c:\windows\SysWow64\wextract.exe
2013-04-30 01:39 . 2013-04-30 01:39    1054720    ----a-w-    c:\windows\system32\MsSpellCheckingFacility.exe
2013-04-30 01:39 . 2013-04-30 01:39    150528    ----a-w-    c:\windows\SysWow64\iexpress.exe
2013-04-30 01:39 . 2013-04-30 01:39    73728    ----a-w-    c:\windows\SysWow64\SetIEInstalledDate.exe
2013-04-30 01:39 . 2013-04-30 01:39    61952    ----a-w-    c:\windows\SysWow64\tdc.ocx
2013-04-30 01:39 . 2013-04-30 01:39    523264    ----a-w-    c:\windows\SysWow64\vbscript.dll
2013-04-30 01:39 . 2013-04-30 01:39    48640    ----a-w-    c:\windows\SysWow64\mshtmler.dll
2013-04-30 01:39 . 2013-04-30 01:39    38400    ----a-w-    c:\windows\SysWow64\imgutil.dll
2013-04-30 01:39 . 2013-04-30 01:39    361984    ----a-w-    c:\windows\SysWow64\html.iec
2013-04-30 01:39 . 2013-04-30 01:39    137216    ----a-w-    c:\windows\SysWow64\ieUnatt.exe
2013-04-30 01:39 . 2013-04-30 01:39    12800    ----a-w-    c:\windows\SysWow64\mshta.exe
2013-04-30 01:39 . 2013-04-30 01:39    110592    ----a-w-    c:\windows\SysWow64\IEAdvpack.dll
2013-04-30 01:39 . 2013-04-30 01:39    905728    ----a-w-    c:\windows\system32\mshtmlmedia.dll
2013-04-30 01:39 . 2013-04-30 01:39    81408    ----a-w-    c:\windows\system32\icardie.dll
2013-04-30 01:39 . 2013-04-30 01:39    762368    ----a-w-    c:\windows\system32\ieapfltr.dll
2013-04-30 01:39 . 2013-04-30 01:39    452096    ----a-w-    c:\windows\system32\dxtmsft.dll
2013-04-30 01:39 . 2013-04-30 01:39    441856    ----a-w-    c:\windows\system32\html.iec
2013-04-30 01:39 . 2013-04-30 01:39    281600    ----a-w-    c:\windows\system32\dxtrans.dll
2013-04-30 01:39 . 2013-04-30 01:39    270848    ----a-w-    c:\windows\system32\iedkcs32.dll
2013-04-30 01:39 . 2013-04-30 01:39    235008    ----a-w-    c:\windows\system32\url.dll
2013-04-30 01:39 . 2013-04-30 01:39    23040    ----a-w-    c:\windows\SysWow64\licmgr10.dll
2013-04-30 01:39 . 2013-04-30 01:39    216064    ----a-w-    c:\windows\system32\msls31.dll
2013-04-30 01:39 . 2013-04-30 01:39    197120    ----a-w-    c:\windows\system32\msrating.dll
2013-04-30 01:39 . 2013-04-30 01:39    1441280    ----a-w-    c:\windows\SysWow64\inetcpl.cpl
2013-04-30 01:39 . 2013-04-30 01:39    1400416    ----a-w-    c:\windows\system32\ieapfltr.dat
2013-04-30 01:39 . 2013-04-30 01:39    1509376    ----a-w-    c:\windows\system32\inetcpl.cpl
2013-04-30 01:39 . 2013-04-30 01:39    97280    ----a-w-    c:\windows\system32\mshtmled.dll
2013-04-30 01:39 . 2013-04-30 01:39    62976    ----a-w-    c:\windows\system32\pngfilt.dll
2013-04-30 01:39 . 2013-04-30 01:39    599552    ----a-w-    c:\windows\system32\vbscript.dll
2013-04-30 01:39 . 2013-04-30 01:39    52224    ----a-w-    c:\windows\system32\msfeedsbs.dll
2013-04-30 01:39 . 2013-04-30 01:39    51200    ----a-w-    c:\windows\system32\imgutil.dll
2013-04-30 01:39 . 2013-04-30 01:39    27648    ----a-w-    c:\windows\system32\licmgr10.dll
2013-04-30 01:39 . 2013-04-30 01:39    247296    ----a-w-    c:\windows\system32\webcheck.dll
2013-04-30 01:39 . 2013-04-30 01:39    173568    ----a-w-    c:\windows\system32\ieUnatt.exe
2013-04-30 01:39 . 2013-04-30 01:39    167424    ----a-w-    c:\windows\system32\iexpress.exe
2013-04-30 01:39 . 2013-04-30 01:39    149504    ----a-w-    c:\windows\system32\occache.dll
2013-04-30 01:39 . 2013-04-30 01:39    144896    ----a-w-    c:\windows\system32\wextract.exe
2013-04-30 01:39 . 2013-04-30 01:39    13824    ----a-w-    c:\windows\system32\mshta.exe
2013-04-30 01:39 . 2013-04-30 01:39    136192    ----a-w-    c:\windows\system32\iepeers.dll
2013-04-30 01:39 . 2013-04-30 01:39    135680    ----a-w-    c:\windows\system32\IEAdvpack.dll
2013-04-30 01:39 . 2013-04-30 01:39    12800    ----a-w-    c:\windows\system32\msfeedssync.exe
2013-04-30 01:39 . 2013-04-30 01:39    102912    ----a-w-    c:\windows\system32\inseng.dll
2013-04-30 01:39 . 2013-04-30 01:39    92160    ----a-w-    c:\windows\system32\SetIEInstalledDate.exe
2013-04-30 01:39 . 2013-04-30 01:39    77312    ----a-w-    c:\windows\system32\tdc.ocx
2013-04-30 01:39 . 2013-04-30 01:39    48640    ----a-w-    c:\windows\system32\mshtmler.dll
2013-04-30 01:38 . 2013-04-30 01:38    9728    ---ha-w-    c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-04-30 01:38 . 2013-04-30 01:38    9728    ---ha-w-    c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-04-30 01:38 . 2013-04-30 01:38    5632    ---ha-w-    c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-04-30 01:38 . 2013-04-30 01:38    5632    ---ha-w-    c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-04-30 01:38 . 2013-04-30 01:38    5632    ---ha-w-    c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-04-30 01:38 . 2013-04-30 01:38    5632    ---ha-w-    c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-04-30 01:38 . 2013-04-30 01:38    522752    ----a-w-    c:\windows\system32\XpsGdiConverter.dll
2013-04-30 01:38 . 2013-04-30 01:38    465920    ----a-w-    c:\windows\system32\WMPhoto.dll
2013-04-30 01:38 . 2013-04-30 01:38    417792    ----a-w-    c:\windows\SysWow64\WMPhoto.dll
2013-04-30 01:38 . 2013-04-30 01:38    4096    ---ha-w-    c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-04-30 01:38 . 2013-04-30 01:38    4096    ---ha-w-    c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-04-30 01:38 . 2013-04-30 01:38    3928064    ----a-w-    c:\windows\system32\d2d1.dll
2013-04-30 01:38 . 2013-04-30 01:38    364544    ----a-w-    c:\windows\SysWow64\XpsGdiConverter.dll
2013-04-30 01:38 . 2013-04-30 01:38    363008    ----a-w-    c:\windows\system32\dxgi.dll
2013-04-30 01:38 . 2013-04-30 01:38    3584    ---ha-w-    c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-04-30 01:38 . 2013-04-30 01:38    3584    ---ha-w-    c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-04-30 01:38 . 2013-04-30 01:38    3072    ---ha-w-    c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2013-04-30 01:38 . 2013-04-30 01:38    3072    ---ha-w-    c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-04-30 01:38 . 2013-04-30 01:38    3072    ---ha-w-    c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-04-30 01:38 . 2013-04-30 01:38    3072    ---ha-w-    c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-04-30 01:38 . 2013-04-30 01:38    2776576    ----a-w-    c:\windows\system32\msmpeg2vdec.dll
2013-04-30 01:38 . 2013-04-30 01:38    2565120    ----a-w-    c:\windows\system32\d3d10warp.dll
2013-04-30 01:38 . 2013-04-30 01:38    2560    ---ha-w-    c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-04-30 01:38 . 2013-04-30 01:38    2560    ---ha-w-    c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-04-30 01:38 . 2013-04-30 01:38    2284544    ----a-w-    c:\windows\SysWow64\msmpeg2vdec.dll
2013-04-30 01:38 . 2013-04-30 01:38    1682432    ----a-w-    c:\windows\system32\XpsPrint.dll
2013-04-30 01:38 . 2013-04-30 01:38    1247744    ----a-w-    c:\windows\SysWow64\DWrite.dll
2013-04-30 01:38 . 2013-04-30 01:38    1158144    ----a-w-    c:\windows\SysWow64\XpsPrint.dll
2013-04-30 01:38 . 2013-04-30 01:38    10752    ---ha-w-    c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-04-30 01:38 . 2013-04-30 01:38    10752    ---ha-w-    c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-04-30 01:38 . 2013-04-30 01:38    1504768    ----a-w-    c:\windows\SysWow64\d3d11.dll
2013-04-30 01:38 . 2013-04-30 01:38    648192    ----a-w-    c:\windows\system32\d3d10level9.dll
2013-04-30 01:38 . 2013-04-30 01:38    604160    ----a-w-    c:\windows\SysWow64\d3d10level9.dll
2013-04-30 01:38 . 2013-04-30 01:38    3419136    ----a-w-    c:\windows\SysWow64\d2d1.dll
2013-04-30 01:38 . 2013-04-30 01:38    333312    ----a-w-    c:\windows\system32\d3d10_1core.dll
2013-04-30 01:38 . 2013-04-30 01:38    296960    ----a-w-    c:\windows\system32\d3d10core.dll
2013-04-30 01:38 . 2013-04-30 01:38    293376    ----a-w-    c:\windows\SysWow64\dxgi.dll
2013-04-30 01:38 . 2013-04-30 01:38    249856    ----a-w-    c:\windows\SysWow64\d3d10_1core.dll
2013-04-30 01:38 . 2013-04-30 01:38    245248    ----a-w-    c:\windows\system32\WindowsCodecsExt.dll
2013-04-30 01:38 . 2013-04-30 01:38    221184    ----a-w-    c:\windows\system32\UIAnimation.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-05-31 152392]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe;c:\program files (x86)\Common Files\BattlEye\BEService.exe [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\SysWOW64\FsUsbExDisk.SYS;c:\windows\SysWOW64\FsUsbExDisk.SYS [x]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
R3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTL8192su;%RTL8192su.DeviceDesc.DispName%;c:\windows\system32\DRIVERS\RTL8192su.sys;c:\windows\SYSNATIVE\DRIVERS\RTL8192su.sys [x]
R3 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
R3 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys;c:\windows\SYSNATIVE\DRIVERS\wdcsam64.sys [x]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_xata.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AODDriver4.01;AODDriver4.01;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 asComSvc;ASUS Com Service;c:\program files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe;c:\program files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe [x]
S2 asHmComSvc;ASUS HM Com Service;c:\program files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe;c:\program files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe [x]
S2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [x]
S2 DTSAudioService;DTSAudioService;c:\program files\Realtek\Audio\HDA\DTSAudioService64.exe;c:\program files\Realtek\Audio\HDA\DTSAudioService64.exe [x]
S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [x]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x]
S3 ASUSFILTER;ASUSFILTER;SysWow64\drivers\ASUSFILTER.sys;SysWow64\drivers\ASUSFILTER.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 CompFilter64;UVCCompositeFilter;c:\windows\system32\DRIVERS\lvbflt64.sys;c:\windows\SYSNATIVE\DRIVERS\lvbflt64.sys [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
S3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver;c:\windows\system32\DRIVERS\LGSHidFilt.Sys;c:\windows\SYSNATIVE\DRIVERS\LGSHidFilt.Sys [x]
S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]
S3 LVUVC64;Logitech HD Pro Webcam C910(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x]
S3 PlantronicsGC;PLTGC Interface;c:\windows\system32\drivers\PLTGC.sys;c:\windows\SYSNATIVE\drivers\PLTGC.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-06-07 05:49    1165776    ----a-w-    c:\program files (x86)\Google\Chrome\Application\27.0.1453.110\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-06-11 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-01 07:25]
.
2013-06-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-26 01:00]
.
2013-06-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-26 01:00]
.
.
--------- X64 Entries -----------
.
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
IE: {{d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\users\Crawford\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk
TCP: DhcpNameServer = 192.168.2.1
TCP: Interfaces\{8C57ED85-218D-4B03-9C2C-4A1826498EF0}: NameServer = 208.67.222.222,208.67.220.220
FF - ProfilePath - c:\users\Crawford\AppData\Roaming\Mozilla\Firefox\Profiles\7yrczv19.default\
FF - prefs.js: browser.startup.homepage - www.google.com
FF - prefs.js: network.proxy.type - 0
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-BattlEye for A2 - c:\program files (x86)\Bohemia Interactive\ArmA 2BattlEye\UnInstallBE.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-651912232-3080373802-1099118111-1000\Software\SecuROM\License information*]
"datasecu"=hex:02,7f,57,b6,00,3d,83,39,80,09,0c,f7,b1,ee,f7,cd,95,56,78,1f,97,
   52,87,4d,61,7d,86,1e,2c,39,57,60,c9,2f,f4,09,fc,cb,90,92,2c,48,63,0e,dc,a1,\
"rkeysecu"=hex:f1,41,d5,7d,89,c9,8d,a8,51,da,5d,6d,a5,33,9d,12
.
[HKEY_USERS\S-1-5-21-651912232-3080373802-1099118111-1000_Classes\Wow6432Node\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):bf,38,f5,a3,a3,9e,83,fe,5b,81,cc,08,d4,e3,a7,ab,40,ba,90,b4,e8,
   66,d4,6d,4d,f2,f7,67,e8,5f,9d,4c,fb,01,24,95,09,10,e2,99,00,00,00,00,00,00,\
.
[HKEY_USERS\S-1-5-21-651912232-3080373802-1099118111-1000_Classes\Wow6432Node\CLSID\{e8cb5c10-f88b-4398-9d52-4a81346d2bfc}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:00000020
"Therad"=dword:00000001
"MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a,
   1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_75_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_75_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_75_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_75_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_75.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_75.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_75.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_75.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\ASUS\AI Suite II\AsRoutineController.exe
c:\windows\SysWOW64\PnkBstrA.exe
.
**************************************************************************
.
Completion time: 2013-06-12  12:22:08 - machine was rebooted
ComboFix-quarantined-files.txt  2013-06-12 02:22
.
Pre-Run: 421,773,381,632 bytes free
Post-Run: 423,379,705,856 bytes free
.
- - End Of File - - 644B56C1B475409384FDD6D7889CF885
A36C5E4F47E84449FF07ED3517B43A31
 


Edited by jf3000, 11 June 2013 - 09:27 PM.


#7 nasdaq

nasdaq

  • Malware Response Team
  • 40,456 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:03:35 PM

Posted 12 June 2013 - 07:58 AM

Looking good. Any remaining issues?

#8 jf3000

jf3000
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:35 AM

Posted 12 June 2013 - 06:54 PM

Heaps of issues, I visit webpages and they dont load, there are way to many processes that shouldnt be there, everything seems real slow, i'd like this looked into further, is there anything else I can do?



#9 nasdaq

nasdaq

  • Malware Response Team
  • 40,456 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:03:35 PM

Posted 13 June 2013 - 07:44 AM

Lets continue.

Read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • Double-click on TDSSKiller.exe to run the application.
    tdss1.png
  • Click Change parameters
    settings20121003115955.png
  • Check the boxes next to Verify Driver Digital Signature and Detect TDLFS file system, then click OK
    tdss3.png
  • Click on the Start Scan button to begin the scan and wait for it to finish.
    NOTE: Do not use the computer during the scan!
  • During the scan it will look similar to the image below:
    tdss4.jpg
  • When it finishes, you will either see a report that no threats were found like below:
    tdss5.jpg
    If no threats are found at this point, just click the Report selection on the top right of the form to generate a log. A log file report will pop which you can just close since the report file is already saved.
  • If any infection or suspected items are found, you will see a window similar to below:
    tdss7.jpg
    • If you have files that are shown to fail signature check do not take any action on these. Make sure you select Skip. I will tell you what to do with these later. They may not be issues at all.
    • If Suspicious objects are detected, the default action will be Skip. Leave the default set to Skip.
    • If Malicious objects are detected, they will show in the Scan results. TDSSKiller automatically selects an action (Cure or Delete) for malicious objects
    • Make sure that Cure is selected. Important! - If Cure is not available, please choose Skip instead. Do not choose Delete unless instructed to do so.
  • Click Continue to apply selected actions.
  • A reboot may be required to complete disinfection. A window like the below will appear:
    tdss6.jpg
    Reboot immediately if TDSSKiller states that one is needed.
  • Whether an infection is found or not, a log file should have already been created on your C: drive (or whatever drive you boot from) in the root folder named something like TDSSKiller.2.1.1_27.12.2009_14.17.04_log.txt which is based on the program version # and date and time run.
  • Paste the log to your next reply, DO NOT ATTACH IT.
===

Download http://public.avast.com/~gmerek/aswMBR.exe (aswMBR.exe) to your desktop. Double click the aswMBR.exe to run it.
  • Click the "Scan" button to start scan.
  • Upon completion of the scan, click Save log, and save it to your desktop. (Note - do not select any Fix at this time) <- IMPORTANT
  • Please paste the contents of that log in your next reply.
There shall also be a file on your desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) folder. Please attach that zipped file in your next reply.
===

#10 jf3000

jf3000
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:35 AM

Posted 15 June 2013 - 07:06 AM

21:36:33.0449 3280  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
21:36:34.0929 3280  ============================================================
21:36:34.0929 3280  Current date / time: 2013/06/15 21:36:34.0929
21:36:34.0929 3280  SystemInfo:
21:36:34.0929 3280  
21:36:34.0929 3280  OS Version: 6.1.7601 ServicePack: 1.0
21:36:34.0929 3280  Product type: Workstation
21:36:34.0929 3280  ComputerName: FROSTY2001
21:36:34.0929 3280  UserName: Crawford
21:36:34.0929 3280  Windows directory: C:\Windows
21:36:34.0929 3280  System windows directory: C:\Windows
21:36:34.0929 3280  Running under WOW64
21:36:34.0929 3280  Processor architecture: Intel x64
21:36:34.0929 3280  Number of processors: 6
21:36:34.0929 3280  Page size: 0x1000
21:36:34.0929 3280  Boot type: Normal boot
21:36:34.0929 3280  ============================================================
21:36:35.0359 3280  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:36:35.0363 3280  Drive \Device\Harddisk1\DR1 - Size: 0x75400000 (1.83 Gb), SectorSize: 0x200, Cylinders: 0xEF, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
21:36:35.0364 3280  ============================================================
21:36:35.0364 3280  \Device\Harddisk0\DR0:
21:36:35.0364 3280  MBR partitions:
21:36:35.0364 3280  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
21:36:35.0364 3280  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D3800
21:36:35.0364 3280  \Device\Harddisk1\DR1:
21:36:35.0365 3280  MBR partitions:
21:36:35.0365 3280  ============================================================
21:36:35.0386 3280  C: <-> \Device\Harddisk0\DR0\Partition2
21:36:35.0386 3280  ============================================================
21:36:35.0386 3280  Initialize success
21:36:35.0386 3280  ============================================================
21:37:58.0311 3820  ============================================================
21:37:58.0311 3820  Scan started
21:37:58.0311 3820  Mode: Manual; SigCheck; TDLFS; 
21:37:58.0311 3820  ============================================================
21:37:59.0931 3820  ================ Scan system memory ========================
21:37:59.0931 3820  System memory - ok
21:37:59.0933 3820  ================ Scan services =============================
21:38:00.0088 3820  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
21:38:00.0199 3820  1394ohci - ok
21:38:00.0221 3820  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
21:38:00.0233 3820  ACPI - ok
21:38:00.0246 3820  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
21:38:00.0300 3820  AcpiPmi - ok
21:38:00.0425 3820  [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:38:00.0451 3820  AdobeARMservice - ok
21:38:00.0590 3820  [ 55976815615E8E7D484D49306D65609C ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:38:00.0610 3820  AdobeFlashPlayerUpdateSvc - ok
21:38:00.0649 3820  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
21:38:00.0676 3820  adp94xx - ok
21:38:00.0688 3820  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
21:38:00.0700 3820  adpahci - ok
21:38:00.0721 3820  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
21:38:00.0731 3820  adpu320 - ok
21:38:00.0748 3820  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
21:38:00.0884 3820  AeLookupSvc - ok
21:38:00.0943 3820  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
21:38:00.0976 3820  AFD - ok
21:38:00.0989 3820  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
21:38:01.0000 3820  agp440 - ok
21:38:01.0011 3820  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
21:38:01.0040 3820  ALG - ok
21:38:01.0044 3820  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
21:38:01.0054 3820  aliide - ok
21:38:01.0114 3820  [ 87E226C0E11182943D28E8BEC61618CD ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
21:38:01.0195 3820  AMD External Events Utility - ok
21:38:01.0259 3820  AMD FUEL Service - ok
21:38:01.0268 3820  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
21:38:01.0291 3820  amdide - ok
21:38:01.0298 3820  [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] amdiox64        C:\Windows\system32\DRIVERS\amdiox64.sys
21:38:01.0315 3820  amdiox64 - ok
21:38:01.0319 3820  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
21:38:01.0330 3820  AmdK8 - ok
21:38:01.0503 3820  [ 446A1AAD34191665A8DF6092BD8EB5A8 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
21:38:01.0739 3820  amdkmdag - ok
21:38:01.0779 3820  [ F8F8A908FDB005A65DDF7238C814EEA5 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
21:38:01.0794 3820  amdkmdap - ok
21:38:01.0816 3820  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
21:38:01.0838 3820  AmdPPM - ok
21:38:01.0858 3820  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
21:38:01.0866 3820  amdsata - ok
21:38:01.0870 3820  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
21:38:01.0880 3820  amdsbs - ok
21:38:01.0913 3820  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
21:38:01.0930 3820  amdxata - ok
21:38:01.0981 3820  [ 80A508D0C7A21BC13C01D4C671541203 ] amd_sata        C:\Windows\system32\DRIVERS\amd_sata.sys
21:38:02.0006 3820  amd_sata - ok
21:38:02.0043 3820  [ 2BE940F3A632A1A301B22B096BF221F1 ] amd_xata        C:\Windows\system32\DRIVERS\amd_xata.sys
21:38:02.0055 3820  amd_xata - ok
21:38:02.0070 3820  [ F312FAD7DBD49ED21A194AC71B497832 ] AODDriver4.01   C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
21:38:02.0083 3820  AODDriver4.01 - ok
21:38:02.0091 3820  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
21:38:02.0174 3820  AppID - ok
21:38:02.0200 3820  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
21:38:02.0231 3820  AppIDSvc - ok
21:38:02.0259 3820  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll
21:38:02.0328 3820  Appinfo - ok
21:38:02.0440 3820  [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:38:02.0469 3820  Apple Mobile Device - ok
21:38:02.0498 3820  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys
21:38:02.0521 3820  arc - ok
21:38:02.0525 3820  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
21:38:02.0536 3820  arcsas - ok
21:38:02.0635 3820  [ 6E3F4538B33BC19259E99BE1826286A3 ] asComSvc        C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe
21:38:02.0678 3820  asComSvc - ok
21:38:02.0725 3820  [ A63173897EA1A73A75D0E65036DE5B15 ] asHmComSvc      C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe
21:38:02.0766 3820  asHmComSvc - ok
21:38:02.0796 3820  [ FEF9DD9EA587F8886ADE43C1BEFBDAFE ] AsIO            C:\Windows\syswow64\drivers\AsIO.sys
21:38:02.0804 3820  AsIO - ok
21:38:02.0833 3820  [ 6D9C024AA8F24065A6DBEAB1F431D854 ] asmthub3        C:\Windows\system32\DRIVERS\asmthub3.sys
21:38:02.0890 3820  asmthub3 - ok
21:38:02.0941 3820  [ ECAD22F15D8F17CC04F24E9A6FB00F2F ] asmtxhci        C:\Windows\system32\DRIVERS\asmtxhci.sys
21:38:02.0983 3820  asmtxhci - ok
21:38:03.0063 3820  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
21:38:03.0118 3820  aspnet_state - ok
21:38:03.0149 3820  [ 5C31DFB196CB3A488A041881634D86D2 ] AsSysCtrlService C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
21:38:03.0168 3820  AsSysCtrlService - ok
21:38:03.0205 3820  [ A5E4CDB420540095D1293C874B5F89AA ] ASUSFILTER      C:\Windows\syswow64\drivers\ASUSFILTER.sys
21:38:03.0225 3820  ASUSFILTER - ok
21:38:03.0234 3820  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
21:38:03.0279 3820  AsyncMac - ok
21:38:03.0289 3820  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
21:38:03.0296 3820  atapi - ok
21:38:03.0341 3820  [ DBB487D09F56C674430AC454FD8BCAB9 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
21:38:03.0350 3820  AtiHDAudioService - ok
21:38:03.0380 3820  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:38:03.0409 3820  AudioEndpointBuilder - ok
21:38:03.0416 3820  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
21:38:03.0444 3820  AudioSrv - ok
21:38:03.0490 3820  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
21:38:03.0539 3820  AxInstSV - ok
21:38:03.0551 3820  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
21:38:03.0620 3820  b06bdrv - ok
21:38:03.0643 3820  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
21:38:03.0679 3820  b57nd60a - ok
21:38:03.0699 3820  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
21:38:03.0738 3820  BDESVC - ok
21:38:03.0755 3820  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
21:38:03.0802 3820  Beep - ok
21:38:03.0865 3820  [ B1359701847FF1FF415FA083F1610F48 ] BEService       C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
21:38:03.0874 3820  BEService ( UnsignedFile.Multi.Generic ) - warning
21:38:03.0874 3820  BEService - detected UnsignedFile.Multi.Generic (1)
21:38:03.0909 3820  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
21:38:03.0959 3820  BFE - ok
21:38:04.0000 3820  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\system32\qmgr.dll
21:38:04.0131 3820  BITS - ok
21:38:04.0142 3820  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
21:38:04.0150 3820  blbdrive - ok
21:38:04.0216 3820  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
21:38:04.0254 3820  Bonjour Service - ok
21:38:04.0300 3820  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
21:38:04.0345 3820  bowser - ok
21:38:04.0351 3820  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
21:38:04.0389 3820  BrFiltLo - ok
21:38:04.0392 3820  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
21:38:04.0410 3820  BrFiltUp - ok
21:38:04.0419 3820  [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
21:38:04.0471 3820  BridgeMP - ok
21:38:04.0505 3820  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
21:38:04.0562 3820  Browser - ok
21:38:04.0575 3820  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
21:38:04.0627 3820  Brserid - ok
21:38:04.0631 3820  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
21:38:04.0641 3820  BrSerWdm - ok
21:38:04.0645 3820  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
21:38:04.0654 3820  BrUsbMdm - ok
21:38:04.0665 3820  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
21:38:04.0672 3820  BrUsbSer - ok
21:38:04.0676 3820  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
21:38:04.0686 3820  BTHMODEM - ok
21:38:04.0697 3820  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
21:38:04.0730 3820  bthserv - ok
21:38:04.0740 3820  catchme - ok
21:38:04.0752 3820  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
21:38:04.0777 3820  cdfs - ok
21:38:04.0800 3820  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
21:38:04.0819 3820  cdrom - ok
21:38:04.0834 3820  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
21:38:04.0857 3820  CertPropSvc - ok
21:38:04.0871 3820  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
21:38:04.0881 3820  circlass - ok
21:38:04.0899 3820  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
21:38:04.0911 3820  CLFS - ok
21:38:04.0950 3820  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:38:04.0977 3820  clr_optimization_v2.0.50727_32 - ok
21:38:04.0994 3820  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:38:05.0004 3820  clr_optimization_v2.0.50727_64 - ok
21:38:05.0079 3820  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:38:05.0157 3820  clr_optimization_v4.0.30319_32 - ok
21:38:05.0161 3820  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:38:05.0172 3820  clr_optimization_v4.0.30319_64 - ok
21:38:05.0176 3820  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
21:38:05.0206 3820  CmBatt - ok
21:38:05.0210 3820  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
21:38:05.0220 3820  cmdide - ok
21:38:05.0262 3820  [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG             C:\Windows\system32\Drivers\cng.sys
21:38:05.0316 3820  CNG - ok
21:38:05.0321 3820  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
21:38:05.0331 3820  Compbatt - ok
21:38:05.0386 3820  [ 59D203C3F46F3CA536ECAC0E084CD887 ] CompFilter64    C:\Windows\system32\DRIVERS\lvbflt64.sys
21:38:05.0412 3820  CompFilter64 - ok
21:38:05.0427 3820  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
21:38:05.0459 3820  CompositeBus - ok
21:38:05.0462 3820  COMSysApp - ok
21:38:05.0467 3820  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
21:38:05.0477 3820  crcdisk - ok
21:38:05.0530 3820  [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc        C:\Windows\system32\cryptsvc.dll
21:38:05.0594 3820  CryptSvc - ok
21:38:05.0631 3820  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
21:38:05.0681 3820  DcomLaunch - ok
21:38:05.0701 3820  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
21:38:05.0729 3820  defragsvc - ok
21:38:05.0735 3820  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
21:38:05.0771 3820  DfsC - ok
21:38:05.0812 3820  [ 41AC348DBD378F618CB4FDEE54270692 ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
21:38:05.0821 3820  dg_ssudbus - ok
21:38:05.0846 3820  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
21:38:05.0906 3820  Dhcp - ok
21:38:05.0930 3820  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
21:38:05.0972 3820  discache - ok
21:38:06.0002 3820  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
21:38:06.0011 3820  Disk - ok
21:38:06.0050 3820  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
21:38:06.0075 3820  Dnscache - ok
21:38:06.0097 3820  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
21:38:06.0124 3820  dot3svc - ok
21:38:06.0136 3820  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
21:38:06.0166 3820  DPS - ok
21:38:06.0187 3820  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
21:38:06.0207 3820  drmkaud - ok
21:38:06.0265 3820  [ 44BB65B1D3827043978FC8E11CA7C0B4 ] DTSAudioService C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe
21:38:06.0294 3820  DTSAudioService - ok
21:38:06.0340 3820  [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
21:38:06.0367 3820  DXGKrnl - ok
21:38:06.0392 3820  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
21:38:06.0417 3820  EapHost - ok
21:38:06.0479 3820  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys
21:38:06.0567 3820  ebdrv - ok
21:38:06.0609 3820  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
21:38:06.0700 3820  EFS - ok
21:38:06.0752 3820  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
21:38:06.0827 3820  ehRecvr - ok
21:38:06.0844 3820  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
21:38:06.0860 3820  ehSched - ok
21:38:06.0876 3820  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
21:38:06.0890 3820  elxstor - ok
21:38:06.0894 3820  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
21:38:06.0911 3820  ErrDev - ok
21:38:06.0930 3820  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
21:38:06.0962 3820  EventSystem - ok
21:38:06.0977 3820  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
21:38:07.0004 3820  exfat - ok
21:38:07.0015 3820  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
21:38:07.0045 3820  fastfat - ok
21:38:07.0087 3820  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
21:38:07.0134 3820  Fax - ok
21:38:07.0137 3820  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\drivers\fdc.sys
21:38:07.0154 3820  fdc - ok
21:38:07.0175 3820  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
21:38:07.0199 3820  fdPHost - ok
21:38:07.0212 3820  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
21:38:07.0236 3820  FDResPub - ok
21:38:07.0242 3820  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
21:38:07.0251 3820  FileInfo - ok
21:38:07.0260 3820  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
21:38:07.0290 3820  Filetrace - ok
21:38:07.0294 3820  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
21:38:07.0301 3820  flpydisk - ok
21:38:07.0316 3820  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
21:38:07.0327 3820  FltMgr - ok
21:38:07.0397 3820  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
21:38:07.0491 3820  FontCache - ok
21:38:07.0547 3820  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:38:07.0570 3820  FontCache3.0.0.0 - ok
21:38:07.0589 3820  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
21:38:07.0616 3820  FsDepends - ok
21:38:07.0719 3820  [ DDEE99DC54EFA20BD5A442CD733C4462 ] FsUsbExDisk     C:\Windows\SysWOW64\FsUsbExDisk.SYS
21:38:07.0739 3820  FsUsbExDisk ( UnsignedFile.Multi.Generic ) - warning
21:38:07.0739 3820  FsUsbExDisk - detected UnsignedFile.Multi.Generic (1)
21:38:07.0780 3820  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
21:38:07.0807 3820  Fs_Rec - ok
21:38:07.0855 3820  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
21:38:07.0891 3820  fvevol - ok
21:38:07.0912 3820  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
21:38:07.0924 3820  gagp30kx - ok
21:38:07.0982 3820  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
21:38:08.0004 3820  GEARAspiWDM - ok
21:38:08.0015 3820  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
21:38:08.0055 3820  gpsvc - ok
21:38:08.0165 3820  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:38:08.0189 3820  gupdate - ok
21:38:08.0194 3820  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:38:08.0206 3820  gupdatem - ok
21:38:08.0216 3820  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
21:38:08.0268 3820  hcw85cir - ok
21:38:08.0310 3820  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:38:08.0360 3820  HdAudAddService - ok
21:38:08.0380 3820  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
21:38:08.0396 3820  HDAudBus - ok
21:38:08.0400 3820  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
21:38:08.0410 3820  HidBatt - ok
21:38:08.0415 3820  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
21:38:08.0436 3820  HidBth - ok
21:38:08.0440 3820  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys
21:38:08.0453 3820  HidIr - ok
21:38:08.0464 3820  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\System32\hidserv.dll
21:38:08.0490 3820  hidserv - ok
21:38:08.0529 3820  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
21:38:08.0553 3820  HidUsb - ok
21:38:08.0560 3820  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
21:38:08.0611 3820  hkmsvc - ok
21:38:08.0624 3820  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:38:08.0641 3820  HomeGroupListener - ok
21:38:08.0655 3820  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:38:08.0665 3820  HomeGroupProvider - ok
21:38:08.0675 3820  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
21:38:08.0684 3820  HpSAMD - ok
21:38:08.0700 3820  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
21:38:08.0738 3820  HTTP - ok
21:38:08.0748 3820  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
21:38:08.0755 3820  hwpolicy - ok
21:38:08.0766 3820  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
21:38:08.0775 3820  i8042prt - ok
21:38:08.0796 3820  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
21:38:08.0809 3820  iaStorV - ok
21:38:08.0845 3820  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:38:08.0863 3820  idsvc - ok
21:38:08.0873 3820  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
21:38:08.0880 3820  iirsp - ok
21:38:08.0901 3820  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
21:38:08.0934 3820  IKEEXT - ok
21:38:09.0050 3820  [ F2744FD54BE1580BE05916D1C755C92A ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
21:38:09.0154 3820  IntcAzAudAddService - ok
21:38:09.0158 3820  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
21:38:09.0166 3820  intelide - ok
21:38:09.0171 3820  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
21:38:09.0184 3820  intelppm - ok
21:38:09.0194 3820  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
21:38:09.0219 3820  IPBusEnum - ok
21:38:09.0223 3820  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:38:09.0248 3820  IpFilterDriver - ok
21:38:09.0294 3820  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
21:38:09.0358 3820  iphlpsvc - ok
21:38:09.0364 3820  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
21:38:09.0380 3820  IPMIDRV - ok
21:38:09.0385 3820  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
21:38:09.0423 3820  IPNAT - ok
21:38:09.0474 3820  [ 0FF335D687C85097725A53458160E81E ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
21:38:09.0511 3820  iPod Service - ok
21:38:09.0541 3820  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
21:38:09.0556 3820  IRENUM - ok
21:38:09.0561 3820  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
21:38:09.0573 3820  isapnp - ok
21:38:09.0584 3820  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
21:38:09.0599 3820  iScsiPrt - ok
21:38:09.0639 3820  [ C0D9BA660A41EE8A269EF804E6CD0D7B ] JRAID           C:\Windows\system32\DRIVERS\jraid.sys
21:38:09.0661 3820  JRAID - ok
21:38:09.0705 3820  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
21:38:09.0721 3820  kbdclass - ok
21:38:09.0760 3820  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
21:38:09.0801 3820  kbdhid - ok
21:38:09.0825 3820  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
21:38:09.0840 3820  KeyIso - ok
21:38:09.0881 3820  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
21:38:09.0898 3820  KSecDD - ok
21:38:09.0928 3820  [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
21:38:09.0945 3820  KSecPkg - ok
21:38:09.0950 3820  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
21:38:09.0991 3820  ksthunk - ok
21:38:10.0016 3820  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
21:38:10.0054 3820  KtmRm - ok
21:38:10.0090 3820  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\System32\srvsvc.dll
21:38:10.0116 3820  LanmanServer - ok
21:38:10.0141 3820  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:38:10.0168 3820  LanmanWorkstation - ok
21:38:10.0210 3820  [ FA529FB35694C24BF98A9EF67C1CD9D0 ] LGBusEnum       C:\Windows\system32\drivers\LGBusEnum.sys
21:38:10.0218 3820  LGBusEnum - ok
21:38:10.0263 3820  [ F7205E939F50B1C8D16F895916BE6756 ] LGSHidFilt      C:\Windows\system32\DRIVERS\LGSHidFilt.Sys
21:38:10.0289 3820  LGSHidFilt - ok
21:38:10.0349 3820  [ 94B29CE153765E768F004FB3440BE2B0 ] LGVirHid        C:\Windows\system32\drivers\LGVirHid.sys
21:38:10.0370 3820  LGVirHid - ok
21:38:10.0395 3820  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
21:38:10.0445 3820  lltdio - ok
21:38:10.0481 3820  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
21:38:10.0509 3820  lltdsvc - ok
21:38:10.0538 3820  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
21:38:10.0563 3820  lmhosts - ok
21:38:10.0590 3820  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
21:38:10.0599 3820  LSI_FC - ok
21:38:10.0604 3820  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
21:38:10.0613 3820  LSI_SAS - ok
21:38:10.0615 3820  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
21:38:10.0624 3820  LSI_SAS2 - ok
21:38:10.0628 3820  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
21:38:10.0636 3820  LSI_SCSI - ok
21:38:10.0650 3820  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
21:38:10.0694 3820  luafv - ok
21:38:10.0744 3820  [ 0C85B2B6FB74B36A251792D45E0EF860 ] LVRS64          C:\Windows\system32\DRIVERS\lvrs64.sys
21:38:10.0773 3820  LVRS64 - ok
21:38:10.0895 3820  [ FF3A488924B0032B1A9CA6948C1FA9E8 ] LVUVC64         C:\Windows\system32\DRIVERS\lvuvc64.sys
21:38:11.0006 3820  LVUVC64 - ok
21:38:11.0024 3820  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
21:38:11.0034 3820  Mcx2Svc - ok
21:38:11.0036 3820  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys
21:38:11.0045 3820  megasas - ok
21:38:11.0049 3820  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
21:38:11.0060 3820  MegaSR - ok
21:38:11.0081 3820  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
21:38:11.0106 3820  MMCSS - ok
21:38:11.0119 3820  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
21:38:11.0154 3820  Modem - ok
21:38:11.0184 3820  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
21:38:11.0215 3820  monitor - ok
21:38:11.0226 3820  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
21:38:11.0236 3820  mouclass - ok
21:38:11.0271 3820  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
21:38:11.0291 3820  mouhid - ok
21:38:11.0320 3820  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
21:38:11.0341 3820  mountmgr - ok
21:38:11.0423 3820  [ 5C5E45DDABEFBC9F564F1D5C83258B8F ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:38:11.0453 3820  MozillaMaintenance - ok
21:38:11.0460 3820  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
21:38:11.0473 3820  mpio - ok
21:38:11.0490 3820  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
21:38:11.0521 3820  mpsdrv - ok
21:38:11.0543 3820  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
21:38:11.0574 3820  MpsSvc - ok
21:38:11.0586 3820  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
21:38:11.0614 3820  MRxDAV - ok
21:38:11.0646 3820  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
21:38:11.0704 3820  mrxsmb - ok
21:38:11.0736 3820  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:38:11.0761 3820  mrxsmb10 - ok
21:38:11.0774 3820  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:38:11.0785 3820  mrxsmb20 - ok
21:38:11.0791 3820  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
21:38:11.0801 3820  msahci - ok
21:38:11.0811 3820  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
21:38:11.0821 3820  msdsm - ok
21:38:11.0839 3820  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
21:38:11.0849 3820  MSDTC - ok
21:38:11.0883 3820  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
21:38:11.0908 3820  Msfs - ok
21:38:11.0910 3820  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
21:38:11.0935 3820  mshidkmdf - ok
21:38:11.0949 3820  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
21:38:11.0956 3820  msisadrv - ok
21:38:11.0981 3820  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
21:38:12.0019 3820  MSiSCSI - ok
21:38:12.0021 3820  msiserver - ok
21:38:12.0036 3820  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
21:38:12.0061 3820  MSKSSRV - ok
21:38:12.0070 3820  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
21:38:12.0101 3820  MSPCLOCK - ok
21:38:12.0116 3820  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
21:38:12.0149 3820  MSPQM - ok
21:38:12.0161 3820  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
21:38:12.0174 3820  MsRPC - ok
21:38:12.0189 3820  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
21:38:12.0196 3820  mssmbios - ok
21:38:12.0208 3820  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
21:38:12.0238 3820  MSTEE - ok
21:38:12.0241 3820  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
21:38:12.0249 3820  MTConfig - ok
21:38:12.0260 3820  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
21:38:12.0269 3820  Mup - ok
21:38:12.0296 3820  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
21:38:12.0330 3820  napagent - ok
21:38:12.0364 3820  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
21:38:12.0395 3820  NativeWifiP - ok
21:38:12.0443 3820  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
21:38:12.0463 3820  NDIS - ok
21:38:12.0491 3820  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
21:38:12.0516 3820  NdisCap - ok
21:38:12.0540 3820  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
21:38:12.0564 3820  NdisTapi - ok
21:38:12.0574 3820  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
21:38:12.0599 3820  Ndisuio - ok
21:38:12.0608 3820  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
21:38:12.0645 3820  NdisWan - ok
21:38:12.0654 3820  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
21:38:12.0678 3820  NDProxy - ok
21:38:12.0689 3820  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
21:38:12.0714 3820  NetBIOS - ok
21:38:12.0728 3820  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
21:38:12.0753 3820  NetBT - ok
21:38:12.0775 3820  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
21:38:12.0782 3820  Netlogon - ok
21:38:12.0821 3820  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
21:38:12.0855 3820  Netman - ok
21:38:12.0930 3820  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:38:12.0980 3820  NetMsmqActivator - ok
21:38:12.0987 3820  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:38:12.0996 3820  NetPipeActivator - ok
21:38:13.0025 3820  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
21:38:13.0060 3820  netprofm - ok
21:38:13.0064 3820  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:38:13.0070 3820  NetTcpActivator - ok
21:38:13.0074 3820  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:38:13.0080 3820  NetTcpPortSharing - ok
21:38:13.0097 3820  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
21:38:13.0105 3820  nfrd960 - ok
21:38:13.0150 3820  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
21:38:13.0184 3820  NlaSvc - ok
21:38:13.0197 3820  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
21:38:13.0236 3820  Npfs - ok
21:38:13.0245 3820  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
21:38:13.0270 3820  nsi - ok
21:38:13.0277 3820  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
21:38:13.0301 3820  nsiproxy - ok
21:38:13.0376 3820  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
21:38:13.0441 3820  Ntfs - ok
21:38:13.0454 3820  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
21:38:13.0477 3820  Null - ok
21:38:13.0499 3820  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
21:38:13.0509 3820  nvraid - ok
21:38:13.0515 3820  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
21:38:13.0524 3820  nvstor - ok
21:38:13.0547 3820  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
21:38:13.0556 3820  nv_agp - ok
21:38:13.0560 3820  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
21:38:13.0569 3820  ohci1394 - ok
21:38:13.0585 3820  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
21:38:13.0605 3820  p2pimsvc - ok
21:38:13.0620 3820  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
21:38:13.0631 3820  p2psvc - ok
21:38:13.0636 3820  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\drivers\parport.sys
21:38:13.0644 3820  Parport - ok
21:38:13.0684 3820  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
21:38:13.0709 3820  partmgr - ok
21:38:13.0720 3820  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
21:38:13.0744 3820  PcaSvc - ok
21:38:13.0759 3820  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
21:38:13.0770 3820  pci - ok
21:38:13.0781 3820  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
21:38:13.0790 3820  pciide - ok
21:38:13.0806 3820  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
21:38:13.0816 3820  pcmcia - ok
21:38:13.0820 3820  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
21:38:13.0827 3820  pcw - ok
21:38:13.0849 3820  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
21:38:13.0879 3820  PEAUTH - ok
21:38:13.0902 3820  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
21:38:13.0920 3820  PerfHost - ok
21:38:13.0954 3820  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
21:38:14.0007 3820  pla - ok
21:38:14.0079 3820  [ AB168D5CF1CD69F9FA6F09C828FEA660 ] PlantronicsGC   C:\Windows\system32\drivers\PLTGC.sys
21:38:14.0149 3820  PlantronicsGC - ok
21:38:14.0209 3820  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
21:38:14.0257 3820  PlugPlay - ok
21:38:14.0286 3820  PnkBstrA - ok
21:38:14.0302 3820  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
21:38:14.0325 3820  PNRPAutoReg - ok
21:38:14.0334 3820  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
21:38:14.0352 3820  PNRPsvc - ok
21:38:14.0395 3820  [ 4F0878FD62D5F7444C5F1C4C66D9D293 ] Point64         C:\Windows\system32\DRIVERS\point64.sys
21:38:14.0417 3820  Point64 - ok
21:38:14.0444 3820  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
21:38:14.0482 3820  PolicyAgent - ok
21:38:14.0511 3820  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
21:38:14.0570 3820  Power - ok
21:38:14.0584 3820  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
21:38:14.0614 3820  PptpMiniport - ok
21:38:14.0629 3820  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys
21:38:14.0652 3820  Processor - ok
21:38:14.0696 3820  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
21:38:14.0790 3820  ProfSvc - ok
21:38:14.0809 3820  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
21:38:14.0835 3820  ProtectedStorage - ok
21:38:14.0852 3820  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
21:38:14.0887 3820  Psched - ok
21:38:14.0924 3820  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
21:38:14.0951 3820  ql2300 - ok
21:38:14.0964 3820  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
21:38:14.0974 3820  ql40xx - ok
21:38:15.0001 3820  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
21:38:15.0015 3820  QWAVE - ok
21:38:15.0027 3820  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
21:38:15.0039 3820  QWAVEdrv - ok
21:38:15.0042 3820  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
21:38:15.0066 3820  RasAcd - ok
21:38:15.0081 3820  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
21:38:15.0106 3820  RasAgileVpn - ok
21:38:15.0115 3820  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
21:38:15.0146 3820  RasAuto - ok
21:38:15.0160 3820  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
21:38:15.0185 3820  Rasl2tp - ok
21:38:15.0209 3820  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
21:38:15.0236 3820  RasMan - ok
21:38:15.0244 3820  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
21:38:15.0269 3820  RasPppoe - ok
21:38:15.0277 3820  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
21:38:15.0302 3820  RasSstp - ok
21:38:15.0315 3820  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
21:38:15.0342 3820  rdbss - ok
21:38:15.0346 3820  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
21:38:15.0360 3820  rdpbus - ok
21:38:15.0376 3820  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
21:38:15.0400 3820  RDPCDD - ok
21:38:15.0407 3820  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
21:38:15.0440 3820  RDPENCDD - ok
21:38:15.0445 3820  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
21:38:15.0469 3820  RDPREFMP - ok
21:38:15.0519 3820  [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
21:38:15.0581 3820  RdpVideoMiniport - ok
21:38:15.0616 3820  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
21:38:15.0679 3820  RDPWD - ok
21:38:15.0696 3820  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
21:38:15.0715 3820  rdyboost - ok
21:38:15.0737 3820  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
21:38:15.0791 3820  RemoteAccess - ok
21:38:15.0802 3820  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
21:38:15.0829 3820  RemoteRegistry - ok
21:38:15.0845 3820  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
21:38:15.0870 3820  RpcEptMapper - ok
21:38:15.0890 3820  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
21:38:15.0897 3820  RpcLocator - ok
21:38:15.0912 3820  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
21:38:15.0940 3820  RpcSs - ok
21:38:15.0949 3820  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
21:38:15.0974 3820  rspndr - ok
21:38:16.0027 3820  [ 2E7D1CA91D62501713C9D6E6704395C6 ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIVX.sys
21:38:16.0054 3820  RTHDMIAzAudService - ok
21:38:16.0101 3820  [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
21:38:16.0117 3820  RTL8167 - ok
21:38:16.0179 3820  [ FC00C0DE6DC83DE1B2B01420E2195B21 ] RTL8192su       C:\Windows\system32\DRIVERS\RTL8192su.sys
21:38:16.0256 3820  RTL8192su - ok
21:38:16.0275 3820  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
21:38:16.0302 3820  SamSs - ok
21:38:16.0312 3820  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
21:38:16.0326 3820  sbp2port - ok
21:38:16.0340 3820  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
21:38:16.0376 3820  SCardSvr - ok
21:38:16.0382 3820  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
21:38:16.0409 3820  scfilter - ok
21:38:16.0430 3820  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
21:38:16.0476 3820  Schedule - ok
21:38:16.0500 3820  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
21:38:16.0522 3820  SCPolicySvc - ok
21:38:16.0535 3820  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
21:38:16.0557 3820  SDRSVC - ok
21:38:16.0576 3820  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
21:38:16.0607 3820  secdrv - ok
21:38:16.0617 3820  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
21:38:16.0642 3820  seclogon - ok
21:38:16.0660 3820  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\system32\sens.dll
21:38:16.0691 3820  SENS - ok
21:38:16.0702 3820  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
21:38:16.0720 3820  SensrSvc - ok
21:38:16.0739 3820  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
21:38:16.0755 3820  Serenum - ok
21:38:16.0774 3820  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
21:38:16.0782 3820  Serial - ok
21:38:16.0789 3820  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
21:38:16.0802 3820  sermouse - ok
21:38:16.0821 3820  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
21:38:16.0856 3820  SessionEnv - ok
21:38:16.0860 3820  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
21:38:16.0889 3820  sffdisk - ok
21:38:16.0892 3820  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
21:38:16.0901 3820  sffp_mmc - ok
21:38:16.0905 3820  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
21:38:16.0915 3820  sffp_sd - ok
21:38:16.0937 3820  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
21:38:16.0945 3820  sfloppy - ok
21:38:16.0989 3820  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
21:38:17.0044 3820  SharedAccess - ok
21:38:17.0060 3820  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:38:17.0089 3820  ShellHWDetection - ok
21:38:17.0095 3820  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
21:38:17.0102 3820  SiSRaid2 - ok
21:38:17.0106 3820  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
21:38:17.0115 3820  SiSRaid4 - ok
21:38:17.0301 3820  [ EB17DF573B4423DF0B3B2EE3B268A6DE ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
21:38:17.0407 3820  Skype C2C Service - ok
21:38:17.0495 3820  [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
21:38:17.0519 3820  SkypeUpdate - ok
21:38:17.0527 3820  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
21:38:17.0557 3820  Smb - ok
21:38:17.0572 3820  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
21:38:17.0585 3820  SNMPTRAP - ok
21:38:17.0600 3820  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
21:38:17.0607 3820  spldr - ok
21:38:17.0652 3820  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
21:38:17.0711 3820  Spooler - ok
21:38:17.0794 3820  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
21:38:17.0897 3820  sppsvc - ok
21:38:17.0909 3820  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
21:38:17.0935 3820  sppuinotify - ok
21:38:17.0980 3820  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
21:38:18.0020 3820  srv - ok
21:38:18.0037 3820  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
21:38:18.0066 3820  srv2 - ok
21:38:18.0106 3820  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
21:38:18.0122 3820  srvnet - ok
21:38:18.0155 3820  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
21:38:18.0211 3820  SSDPSRV - ok
21:38:18.0224 3820  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
21:38:18.0250 3820  SstpSvc - ok
21:38:18.0286 3820  [ B4C983DA20E2970E21893BF0E4EE2AD8 ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
21:38:18.0295 3820  ssudmdm - ok
21:38:18.0342 3820  Steam Client Service - ok
21:38:18.0345 3820  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
21:38:18.0354 3820  stexstor - ok
21:38:18.0401 3820  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
21:38:18.0447 3820  stisvc - ok
21:38:18.0462 3820  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
21:38:18.0477 3820  swenum - ok
21:38:18.0495 3820  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
21:38:18.0549 3820  swprv - ok
21:38:18.0584 3820  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
21:38:18.0617 3820  SysMain - ok
21:38:18.0629 3820  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:38:18.0641 3820  TabletInputService - ok
21:38:18.0656 3820  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
21:38:18.0689 3820  TapiSrv - ok
21:38:18.0697 3820  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
21:38:18.0724 3820  TBS - ok
21:38:18.0776 3820  [ 9849EA3843A2ADBDD1497E97A85D8CAE ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
21:38:18.0809 3820  Tcpip - ok
21:38:18.0844 3820  [ 9849EA3843A2ADBDD1497E97A85D8CAE ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
21:38:18.0871 3820  TCPIP6 - ok
21:38:18.0906 3820  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
21:38:18.0914 3820  tcpipreg - ok
21:38:18.0935 3820  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
21:38:18.0989 3820  TDPIPE - ok
21:38:19.0017 3820  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
21:38:19.0026 3820  TDTCP - ok
21:38:19.0042 3820  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
21:38:19.0075 3820  tdx - ok
21:38:19.0079 3820  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
21:38:19.0087 3820  TermDD - ok
21:38:19.0107 3820  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
21:38:19.0137 3820  TermService - ok
21:38:19.0151 3820  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
21:38:19.0164 3820  Themes - ok
21:38:19.0181 3820  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
21:38:19.0206 3820  THREADORDER - ok
21:38:19.0216 3820  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
21:38:19.0245 3820  TrkWks - ok
21:38:19.0279 3820  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:38:19.0305 3820  TrustedInstaller - ok
21:38:19.0312 3820  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
21:38:19.0345 3820  tssecsrv - ok
21:38:19.0374 3820  [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
21:38:19.0422 3820  TsUsbFlt - ok
21:38:19.0451 3820  [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
21:38:19.0465 3820  TsUsbGD - ok
21:38:19.0491 3820  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
21:38:19.0534 3820  tunnel - ok
21:38:19.0542 3820  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
21:38:19.0551 3820  uagp35 - ok
21:38:19.0566 3820  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
21:38:19.0607 3820  udfs - ok
21:38:19.0620 3820  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
21:38:19.0630 3820  UI0Detect - ok
21:38:19.0639 3820  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
21:38:19.0647 3820  uliagpkx - ok
21:38:19.0659 3820  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
21:38:19.0676 3820  umbus - ok
21:38:19.0691 3820  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
21:38:19.0699 3820  UmPass - ok
21:38:19.0764 3820  [ 67A95B9D129ED5399E7965CD09CF30E7 ] UMVPFSrv        C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
21:38:19.0800 3820  UMVPFSrv - ok
21:38:19.0821 3820  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
21:38:19.0864 3820  upnphost - ok
21:38:19.0902 3820  [ 43228F8EDD1B0BCDD3145AD246E63D39 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
21:38:19.0912 3820  USBAAPL64 ( UnsignedFile.Multi.Generic ) - warning
21:38:19.0912 3820  USBAAPL64 - detected UnsignedFile.Multi.Generic (1)
21:38:19.0959 3820  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
21:38:20.0006 3820  usbaudio - ok
21:38:20.0017 3820  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
21:38:20.0059 3820  usbccgp - ok
21:38:20.0082 3820  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
21:38:20.0096 3820  usbcir - ok
21:38:20.0114 3820  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
21:38:20.0130 3820  usbehci - ok
21:38:20.0164 3820  [ 573D192E268F0C5B486B7E96F661E538 ] usbfilter       C:\Windows\system32\DRIVERS\usbfilter.sys
21:38:20.0172 3820  usbfilter - ok
21:38:20.0189 3820  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
21:38:20.0210 3820  usbhub - ok
21:38:20.0214 3820  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
21:38:20.0222 3820  usbohci - ok
21:38:20.0236 3820  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\drivers\usbprint.sys
21:38:20.0256 3820  usbprint - ok
21:38:20.0270 3820  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:38:20.0324 3820  USBSTOR - ok
21:38:20.0369 3820  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
21:38:20.0405 3820  usbuhci - ok
21:38:20.0419 3820  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
21:38:20.0465 3820  UxSms - ok
21:38:20.0484 3820  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
21:38:20.0491 3820  VaultSvc - ok
21:38:20.0499 3820  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
21:38:20.0506 3820  vdrvroot - ok
21:38:20.0514 3820  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
21:38:20.0552 3820  vds - ok
21:38:20.0566 3820  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
21:38:20.0576 3820  vga - ok
21:38:20.0589 3820  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
21:38:20.0619 3820  VgaSave - ok
21:38:20.0624 3820  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
21:38:20.0634 3820  vhdmp - ok
21:38:20.0642 3820  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
21:38:20.0650 3820  viaide - ok
21:38:20.0660 3820  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
21:38:20.0667 3820  volmgr - ok
21:38:20.0681 3820  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
21:38:20.0694 3820  volmgrx - ok
21:38:20.0701 3820  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
21:38:20.0712 3820  volsnap - ok
21:38:20.0729 3820  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
21:38:20.0739 3820  vsmraid - ok
21:38:20.0767 3820  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
21:38:20.0812 3820  VSS - ok
21:38:20.0817 3820  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
21:38:20.0826 3820  vwifibus - ok
21:38:20.0831 3820  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
21:38:20.0843 3820  vwififlt - ok
21:38:20.0846 3820  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
21:38:20.0857 3820  vwifimp - ok
21:38:20.0870 3820  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
21:38:20.0898 3820  W32Time - ok
21:38:20.0911 3820  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
21:38:20.0928 3820  WacomPen - ok
21:38:20.0941 3820  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
21:38:20.0965 3820  WANARP - ok
21:38:20.0967 3820  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
21:38:20.0991 3820  Wanarpv6 - ok
21:38:21.0052 3820  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
21:38:21.0092 3820  WatAdminSvc - ok
21:38:21.0127 3820  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
21:38:21.0173 3820  wbengine - ok
21:38:21.0188 3820  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
21:38:21.0202 3820  WbioSrvc - ok
21:38:21.0220 3820  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
21:38:21.0236 3820  wcncsvc - ok
21:38:21.0245 3820  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:38:21.0266 3820  WcsPlugInService - ok
21:38:21.0272 3820  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
21:38:21.0280 3820  Wd - ok
21:38:21.0321 3820  [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM         C:\Windows\system32\DRIVERS\wdcsam64.sys
21:38:21.0332 3820  WDC_SAM - ok
21:38:21.0373 3820  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
21:38:21.0415 3820  Wdf01000 - ok
21:38:21.0436 3820  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
21:38:21.0507 3820  WdiServiceHost - ok
21:38:21.0511 3820  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
21:38:21.0527 3820  WdiSystemHost - ok
21:38:21.0542 3820  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
21:38:21.0557 3820  WebClient - ok
21:38:21.0566 3820  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
21:38:21.0595 3820  Wecsvc - ok
21:38:21.0607 3820  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
21:38:21.0633 3820  wercplsupport - ok
21:38:21.0651 3820  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
21:38:21.0676 3820  WerSvc - ok
21:38:21.0686 3820  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
21:38:21.0711 3820  WfpLwf - ok
21:38:21.0720 3820  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
21:38:21.0727 3820  WIMMount - ok
21:38:21.0740 3820  WinDefend - ok
21:38:21.0748 3820  WinHttpAutoProxySvc - ok
21:38:21.0785 3820  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
21:38:21.0841 3820  Winmgmt - ok
21:38:21.0877 3820  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
21:38:21.0922 3820  WinRM - ok
21:38:21.0971 3820  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
21:38:22.0005 3820  WinUsb - ok
21:38:22.0035 3820  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
21:38:22.0075 3820  Wlansvc - ok
21:38:22.0201 3820  [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:38:22.0270 3820  wlidsvc - ok
21:38:22.0281 3820  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
21:38:22.0290 3820  WmiAcpi - ok
21:38:22.0305 3820  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
21:38:22.0325 3820  wmiApSrv - ok
21:38:22.0327 3820  WMPNetworkSvc - ok
21:38:22.0340 3820  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
21:38:22.0362 3820  WPCSvc - ok
21:38:22.0383 3820  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
21:38:22.0405 3820  WPDBusEnum - ok
21:38:22.0417 3820  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
21:38:22.0441 3820  ws2ifsl - ok
21:38:22.0456 3820  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\system32\wscsvc.dll
21:38:22.0477 3820  wscsvc - ok
21:38:22.0480 3820  WSearch - ok
21:38:22.0562 3820  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
21:38:22.0633 3820  wuauserv - ok
21:38:22.0671 3820  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
21:38:22.0708 3820  WudfPf - ok
21:38:22.0740 3820  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
21:38:22.0757 3820  WUDFRd - ok
21:38:22.0785 3820  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
21:38:22.0825 3820  wudfsvc - ok
21:38:22.0858 3820  [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc         C:\Windows\System32\wwansvc.dll
21:38:22.0927 3820  WwanSvc - ok
21:38:22.0960 3820  ================ Scan global ===============================
21:38:22.0985 3820  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
21:38:23.0036 3820  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
21:38:23.0052 3820  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
21:38:23.0081 3820  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
21:38:23.0101 3820  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
21:38:23.0106 3820  [Global] - ok
21:38:23.0106 3820  ================ Scan MBR ==================================
21:38:23.0123 3820  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:38:23.0375 3820  \Device\Harddisk0\DR0 - ok
21:38:23.0382 3820  [ E6BAFF1E3D25B60291E566A04180A7B0 ] \Device\Harddisk1\DR1
21:38:23.0507 3820  \Device\Harddisk1\DR1 - ok
21:38:23.0507 3820  ================ Scan VBR ==================================
21:38:23.0513 3820  [ 89692FDB82545C6B99BE53DD658C4298 ] \Device\Harddisk0\DR0\Partition1
21:38:23.0516 3820  \Device\Harddisk0\DR0\Partition1 - ok
21:38:23.0523 3820  [ 5511C245ED897D20C1C8789AF2D65BF0 ] \Device\Harddisk0\DR0\Partition2
21:38:23.0527 3820  \Device\Harddisk0\DR0\Partition2 - ok
21:38:23.0530 3820  ============================================================
21:38:23.0530 3820  Scan finished
21:38:23.0530 3820  ============================================================
21:38:23.0563 1424  Detected object count: 3
21:38:23.0563 1424  Actual detected object count: 3
21:40:26.0427 1424  BEService ( UnsignedFile.Multi.Generic ) - skipped by user
21:40:26.0428 1424  BEService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
21:40:26.0428 1424  FsUsbExDisk ( UnsignedFile.Multi.Generic ) - skipped by user
21:40:26.0428 1424  FsUsbExDisk ( UnsignedFile.Multi.Generic ) - User select action: Skip 
21:40:26.0429 1424  USBAAPL64 ( UnsignedFile.Multi.Generic ) - skipped by user
21:40:26.0429 1424  USBAAPL64 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
21:43:39.0175 2760  ============================================================
21:43:39.0175 2760  Scan started
21:43:39.0175 2760  Mode: Manual; SigCheck; TDLFS; 
21:43:39.0175 2760  ============================================================
21:43:39.0366 2760  ================ Scan system memory ========================
21:43:39.0366 2760  System memory - ok
21:43:39.0366 2760  ================ Scan services =============================
21:43:39.0504 2760  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
21:43:39.0543 2760  1394ohci - ok
21:43:39.0589 2760  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
21:43:39.0603 2760  ACPI - ok
21:43:39.0614 2760  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
21:43:39.0625 2760  AcpiPmi - ok
21:43:39.0734 2760  [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:43:39.0761 2760  AdobeARMservice - ok
21:43:39.0890 2760  [ 55976815615E8E7D484D49306D65609C ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:43:39.0920 2760  AdobeFlashPlayerUpdateSvc - ok
21:43:39.0933 2760  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
21:43:39.0949 2760  adp94xx - ok
21:43:39.0964 2760  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
21:43:39.0974 2760  adpahci - ok
21:43:39.0978 2760  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
21:43:39.0986 2760  adpu320 - ok
21:43:39.0998 2760  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
21:43:40.0021 2760  AeLookupSvc - ok
21:43:40.0063 2760  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
21:43:40.0074 2760  AFD - ok
21:43:40.0089 2760  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
21:43:40.0096 2760  agp440 - ok
21:43:40.0104 2760  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
21:43:40.0111 2760  ALG - ok
21:43:40.0114 2760  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
21:43:40.0121 2760  aliide - ok
21:43:40.0154 2760  [ 87E226C0E11182943D28E8BEC61618CD ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
21:43:40.0166 2760  AMD External Events Utility - ok
21:43:40.0209 2760  AMD FUEL Service - ok
21:43:40.0218 2760  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
21:43:40.0243 2760  amdide - ok
21:43:40.0253 2760  [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] amdiox64        C:\Windows\system32\DRIVERS\amdiox64.sys
21:43:40.0266 2760  amdiox64 - ok
21:43:40.0270 2760  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
21:43:40.0280 2760  AmdK8 - ok
21:43:40.0450 2760  [ 446A1AAD34191665A8DF6092BD8EB5A8 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
21:43:40.0540 2760  amdkmdag - ok
21:43:40.0580 2760  [ F8F8A908FDB005A65DDF7238C814EEA5 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
21:43:40.0593 2760  amdkmdap - ok
21:43:40.0600 2760  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
21:43:40.0606 2760  AmdPPM - ok
21:43:40.0634 2760  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
21:43:40.0641 2760  amdsata - ok
21:43:40.0645 2760  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
21:43:40.0654 2760  amdsbs - ok
21:43:40.0664 2760  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
21:43:40.0670 2760  amdxata - ok
21:43:40.0681 2760  [ 80A508D0C7A21BC13C01D4C671541203 ] amd_sata        C:\Windows\system32\DRIVERS\amd_sata.sys
21:43:40.0689 2760  amd_sata - ok
21:43:40.0701 2760  [ 2BE940F3A632A1A301B22B096BF221F1 ] amd_xata        C:\Windows\system32\DRIVERS\amd_xata.sys
21:43:40.0708 2760  amd_xata - ok
21:43:40.0736 2760  [ F312FAD7DBD49ED21A194AC71B497832 ] AODDriver4.01   C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
21:43:40.0756 2760  AODDriver4.01 - ok
21:43:40.0765 2760  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
21:43:40.0796 2760  AppID - ok
21:43:40.0809 2760  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
21:43:40.0833 2760  AppIDSvc - ok
21:43:40.0868 2760  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll
21:43:40.0875 2760  Appinfo - ok
21:43:40.0958 2760  [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:43:40.0981 2760  Apple Mobile Device - ok
21:43:40.0990 2760  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys
21:43:41.0005 2760  arc - ok
21:43:41.0026 2760  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
21:43:41.0034 2760  arcsas - ok
21:43:41.0094 2760  [ 6E3F4538B33BC19259E99BE1826286A3 ] asComSvc        C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe
21:43:41.0125 2760  asComSvc - ok
21:43:41.0183 2760  [ A63173897EA1A73A75D0E65036DE5B15 ] asHmComSvc      C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe
21:43:41.0214 2760  asHmComSvc - ok
21:43:41.0230 2760  [ FEF9DD9EA587F8886ADE43C1BEFBDAFE ] AsIO            C:\Windows\syswow64\drivers\AsIO.sys
21:43:41.0235 2760  AsIO - ok
21:43:41.0249 2760  [ 6D9C024AA8F24065A6DBEAB1F431D854 ] asmthub3        C:\Windows\system32\DRIVERS\asmthub3.sys
21:43:41.0258 2760  asmthub3 - ok
21:43:41.0296 2760  [ ECAD22F15D8F17CC04F24E9A6FB00F2F ] asmtxhci        C:\Windows\system32\DRIVERS\asmtxhci.sys
21:43:41.0308 2760  asmtxhci - ok
21:43:41.0398 2760  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
21:43:41.0419 2760  aspnet_state - ok
21:43:41.0471 2760  [ 5C31DFB196CB3A488A041881634D86D2 ] AsSysCtrlService C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
21:43:41.0501 2760  AsSysCtrlService - ok
21:43:41.0539 2760  [ A5E4CDB420540095D1293C874B5F89AA ] ASUSFILTER      C:\Windows\syswow64\drivers\ASUSFILTER.sys
21:43:41.0550 2760  ASUSFILTER - ok
21:43:41.0556 2760  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
21:43:41.0589 2760  AsyncMac - ok
21:43:41.0598 2760  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
21:43:41.0604 2760  atapi - ok
21:43:41.0625 2760  [ DBB487D09F56C674430AC454FD8BCAB9 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
21:43:41.0634 2760  AtiHDAudioService - ok
21:43:41.0655 2760  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:43:41.0683 2760  AudioEndpointBuilder - ok
21:43:41.0689 2760  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
21:43:41.0716 2760  AudioSrv - ok
21:43:41.0731 2760  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
21:43:41.0743 2760  AxInstSV - ok
21:43:41.0760 2760  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
21:43:41.0770 2760  b06bdrv - ok
21:43:41.0775 2760  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
21:43:41.0784 2760  b57nd60a - ok
21:43:41.0799 2760  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
21:43:41.0806 2760  BDESVC - ok
21:43:41.0814 2760  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
21:43:41.0836 2760  Beep - ok
21:43:41.0883 2760  [ B1359701847FF1FF415FA083F1610F48 ] BEService       C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
21:43:41.0890 2760  BEService ( UnsignedFile.Multi.Generic ) - warning
21:43:41.0890 2760  BEService - detected UnsignedFile.Multi.Generic (1)
21:43:41.0910 2760  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
21:43:41.0964 2760  BFE - ok
21:43:41.0993 2760  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\system32\qmgr.dll
21:43:42.0021 2760  BITS - ok
21:43:42.0034 2760  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
21:43:42.0041 2760  blbdrive - ok
21:43:42.0086 2760  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
21:43:42.0119 2760  Bonjour Service - ok
21:43:42.0159 2760  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
21:43:42.0181 2760  bowser - ok
21:43:42.0186 2760  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
21:43:42.0203 2760  BrFiltLo - ok
21:43:42.0208 2760  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
21:43:42.0216 2760  BrFiltUp - ok
21:43:42.0245 2760  [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
21:43:42.0269 2760  BridgeMP - ok
21:43:42.0308 2760  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
21:43:42.0331 2760  Browser - ok
21:43:42.0339 2760  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
21:43:42.0355 2760  Brserid - ok
21:43:42.0360 2760  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
21:43:42.0369 2760  BrSerWdm - ok
21:43:42.0371 2760  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
21:43:42.0380 2760  BrUsbMdm - ok
21:43:42.0390 2760  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
21:43:42.0396 2760  BrUsbSer - ok
21:43:42.0400 2760  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
21:43:42.0409 2760  BTHMODEM - ok
21:43:42.0424 2760  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
21:43:42.0448 2760  bthserv - ok
21:43:42.0449 2760  catchme - ok
21:43:42.0461 2760  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
21:43:42.0485 2760  cdfs - ok
21:43:42.0493 2760  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
21:43:42.0500 2760  cdrom - ok
21:43:42.0504 2760  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
21:43:42.0526 2760  CertPropSvc - ok
21:43:42.0530 2760  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
21:43:42.0539 2760  circlass - ok
21:43:42.0558 2760  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
21:43:42.0569 2760  CLFS - ok
21:43:42.0584 2760  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:43:42.0590 2760  clr_optimization_v2.0.50727_32 - ok
21:43:42.0610 2760  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:43:42.0616 2760  clr_optimization_v2.0.50727_64 - ok
21:43:42.0688 2760  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:43:42.0696 2760  clr_optimization_v4.0.30319_32 - ok
21:43:42.0714 2760  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:43:42.0723 2760  clr_optimization_v4.0.30319_64 - ok
21:43:42.0728 2760  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
21:43:42.0736 2760  CmBatt - ok
21:43:42.0740 2760  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
21:43:42.0749 2760  cmdide - ok
21:43:42.0783 2760  [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG             C:\Windows\system32\Drivers\cng.sys
21:43:42.0820 2760  CNG - ok
21:43:42.0825 2760  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
21:43:42.0834 2760  Compbatt - ok
21:43:42.0870 2760  [ 59D203C3F46F3CA536ECAC0E084CD887 ] CompFilter64    C:\Windows\system32\DRIVERS\lvbflt64.sys
21:43:42.0894 2760  CompFilter64 - ok
21:43:42.0903 2760  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
21:43:42.0915 2760  CompositeBus - ok
21:43:42.0919 2760  COMSysApp - ok
21:43:42.0923 2760  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
21:43:42.0931 2760  crcdisk - ok
21:43:42.0964 2760  [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc        C:\Windows\system32\cryptsvc.dll
21:43:42.0989 2760  CryptSvc - ok
21:43:43.0021 2760  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
21:43:43.0049 2760  DcomLaunch - ok
21:43:43.0060 2760  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
21:43:43.0086 2760  defragsvc - ok
21:43:43.0094 2760  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
21:43:43.0116 2760  DfsC - ok
21:43:43.0155 2760  [ 41AC348DBD378F618CB4FDEE54270692 ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
21:43:43.0163 2760  dg_ssudbus - ok
21:43:43.0188 2760  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
21:43:43.0196 2760  Dhcp - ok
21:43:43.0205 2760  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
21:43:43.0229 2760  discache - ok
21:43:43.0236 2760  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
21:43:43.0244 2760  Disk - ok
21:43:43.0275 2760  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
21:43:43.0284 2760  Dnscache - ok
21:43:43.0306 2760  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
21:43:43.0330 2760  dot3svc - ok
21:43:43.0345 2760  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
21:43:43.0368 2760  DPS - ok
21:43:43.0388 2760  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
21:43:43.0396 2760  drmkaud - ok
21:43:43.0449 2760  [ 44BB65B1D3827043978FC8E11CA7C0B4 ] DTSAudioService C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe
21:43:43.0473 2760  DTSAudioService - ok
21:43:43.0524 2760  [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
21:43:43.0558 2760  DXGKrnl - ok
21:43:43.0576 2760  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
21:43:43.0600 2760  EapHost - ok
21:43:43.0683 2760  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys
21:43:43.0720 2760  ebdrv - ok
21:43:43.0759 2760  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
21:43:43.0766 2760  EFS - ok
21:43:43.0810 2760  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
21:43:43.0838 2760  ehRecvr - ok
21:43:43.0844 2760  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
21:43:43.0855 2760  ehSched - ok
21:43:43.0869 2760  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
21:43:43.0880 2760  elxstor - ok
21:43:43.0884 2760  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
21:43:43.0891 2760  ErrDev - ok
21:43:43.0905 2760  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
21:43:43.0931 2760  EventSystem - ok
21:43:43.0944 2760  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
21:43:43.0969 2760  exfat - ok
21:43:43.0983 2760  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
21:43:44.0006 2760  fastfat - ok
21:43:44.0031 2760  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
21:43:44.0043 2760  Fax - ok
21:43:44.0046 2760  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\drivers\fdc.sys
21:43:44.0054 2760  fdc - ok
21:43:44.0066 2760  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
21:43:44.0090 2760  fdPHost - ok
21:43:44.0104 2760  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
21:43:44.0129 2760  FDResPub - ok
21:43:44.0134 2760  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
21:43:44.0141 2760  FileInfo - ok
21:43:44.0153 2760  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
21:43:44.0175 2760  Filetrace - ok
21:43:44.0179 2760  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
21:43:44.0186 2760  flpydisk - ok
21:43:44.0200 2760  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
21:43:44.0210 2760  FltMgr - ok
21:43:44.0273 2760  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
21:43:44.0315 2760  FontCache - ok
21:43:44.0356 2760  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:43:44.0364 2760  FontCache3.0.0.0 - ok
21:43:44.0380 2760  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
21:43:44.0390 2760  FsDepends - ok
21:43:44.0485 2760  [ DDEE99DC54EFA20BD5A442CD733C4462 ] FsUsbExDisk     C:\Windows\SysWOW64\FsUsbExDisk.SYS
21:43:44.0493 2760  FsUsbExDisk ( UnsignedFile.Multi.Generic ) - warning
21:43:44.0494 2760  FsUsbExDisk - detected UnsignedFile.Multi.Generic (1)
21:43:44.0531 2760  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
21:43:44.0556 2760  Fs_Rec - ok
21:43:44.0606 2760  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
21:43:44.0641 2760  fvevol - ok
21:43:44.0663 2760  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
21:43:44.0673 2760  gagp30kx - ok
21:43:44.0708 2760  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
21:43:44.0715 2760  GEARAspiWDM - ok
21:43:44.0724 2760  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
21:43:44.0761 2760  gpsvc - ok
21:43:44.0849 2760  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:43:44.0873 2760  gupdate - ok
21:43:44.0879 2760  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:43:44.0888 2760  gupdatem - ok
21:43:44.0900 2760  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
21:43:44.0909 2760  hcw85cir - ok
21:43:44.0945 2760  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:43:44.0974 2760  HdAudAddService - ok
21:43:44.0989 2760  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
21:43:45.0001 2760  HDAudBus - ok
21:43:45.0005 2760  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
21:43:45.0014 2760  HidBatt - ok
21:43:45.0019 2760  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
21:43:45.0030 2760  HidBth - ok
21:43:45.0033 2760  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys
21:43:45.0043 2760  HidIr - ok
21:43:45.0048 2760  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\System32\hidserv.dll
21:43:45.0071 2760  hidserv - ok
21:43:45.0104 2760  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
21:43:45.0111 2760  HidUsb - ok
21:43:45.0119 2760  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
21:43:45.0141 2760  hkmsvc - ok
21:43:45.0158 2760  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:43:45.0166 2760  HomeGroupListener - ok
21:43:45.0189 2760  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:43:45.0198 2760  HomeGroupProvider - ok
21:43:45.0201 2760  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
21:43:45.0209 2760  HpSAMD - ok
21:43:45.0225 2760  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
21:43:45.0253 2760  HTTP - ok
21:43:45.0265 2760  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
21:43:45.0271 2760  hwpolicy - ok
21:43:45.0293 2760  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
21:43:45.0300 2760  i8042prt - ok
21:43:45.0321 2760  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
21:43:45.0333 2760  iaStorV - ok
21:43:45.0371 2760  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:43:45.0385 2760  idsvc - ok
21:43:45.0398 2760  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
21:43:45.0405 2760  iirsp - ok
21:43:45.0426 2760  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
21:43:45.0456 2760  IKEEXT - ok
21:43:45.0558 2760  [ F2744FD54BE1580BE05916D1C755C92A ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
21:43:45.0609 2760  IntcAzAudAddService - ok
21:43:45.0613 2760  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
21:43:45.0620 2760  intelide - ok
21:43:45.0624 2760  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
21:43:45.0631 2760  intelppm - ok
21:43:45.0645 2760  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
21:43:45.0669 2760  IPBusEnum - ok
21:43:45.0673 2760  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:43:45.0695 2760  IpFilterDriver - ok
21:43:45.0744 2760  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
21:43:45.0775 2760  iphlpsvc - ok
21:43:45.0781 2760  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
21:43:45.0790 2760  IPMIDRV - ok
21:43:45.0795 2760  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
21:43:45.0821 2760  IPNAT - ok
21:43:45.0866 2760  [ 0FF335D687C85097725A53458160E81E ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
21:43:45.0901 2760  iPod Service - ok
21:43:45.0916 2760  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
21:43:45.0930 2760  IRENUM - ok
21:43:45.0935 2760  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
21:43:45.0944 2760  isapnp - ok
21:43:45.0960 2760  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
21:43:45.0973 2760  iScsiPrt - ok
21:43:45.0996 2760  [ C0D9BA660A41EE8A269EF804E6CD0D7B ] JRAID           C:\Windows\system32\DRIVERS\jraid.sys
21:43:46.0006 2760  JRAID - ok
21:43:46.0014 2760  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
21:43:46.0024 2760  kbdclass - ok
21:43:46.0060 2760  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
21:43:46.0070 2760  kbdhid - ok
21:43:46.0076 2760  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
21:43:46.0085 2760  KeyIso - ok
21:43:46.0123 2760  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
21:43:46.0134 2760  KSecDD - ok
21:43:46.0161 2760  [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
21:43:46.0173 2760  KSecPkg - ok
21:43:46.0176 2760  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
21:43:46.0205 2760  ksthunk - ok
21:43:46.0225 2760  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
21:43:46.0251 2760  KtmRm - ok
21:43:46.0266 2760  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\System32\srvsvc.dll
21:43:46.0290 2760  LanmanServer - ok
21:43:46.0316 2760  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:43:46.0340 2760  LanmanWorkstation - ok
21:43:46.0378 2760  [ FA529FB35694C24BF98A9EF67C1CD9D0 ] LGBusEnum       C:\Windows\system32\drivers\LGBusEnum.sys
21:43:46.0399 2760  LGBusEnum - ok
21:43:46.0439 2760  [ F7205E939F50B1C8D16F895916BE6756 ] LGSHidFilt      C:\Windows\system32\DRIVERS\LGSHidFilt.Sys
21:43:46.0464 2760  LGSHidFilt - ok
21:43:46.0500 2760  [ 94B29CE153765E768F004FB3440BE2B0 ] LGVirHid        C:\Windows\system32\drivers\LGVirHid.sys
21:43:46.0519 2760  LGVirHid - ok
21:43:46.0554 2760  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
21:43:46.0605 2760  lltdio - ok
21:43:46.0624 2760  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
21:43:46.0649 2760  lltdsvc - ok
21:43:46.0663 2760  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
21:43:46.0688 2760  lmhosts - ok
21:43:46.0699 2760  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
21:43:46.0708 2760  LSI_FC - ok
21:43:46.0712 2760  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
21:43:46.0719 2760  LSI_SAS - ok
21:43:46.0723 2760  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
21:43:46.0730 2760  LSI_SAS2 - ok
21:43:46.0734 2760  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
21:43:46.0742 2760  LSI_SCSI - ok
21:43:46.0759 2760  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
21:43:46.0783 2760  luafv - ok
21:43:46.0835 2760  [ 0C85B2B6FB74B36A251792D45E0EF860 ] LVRS64          C:\Windows\system32\DRIVERS\lvrs64.sys
21:43:46.0863 2760  LVRS64 - ok
21:43:46.0975 2760  [ FF3A488924B0032B1A9CA6948C1FA9E8 ] LVUVC64         C:\Windows\system32\DRIVERS\lvuvc64.sys
21:43:47.0034 2760  LVUVC64 - ok
21:43:47.0059 2760  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
21:43:47.0066 2760  Mcx2Svc - ok
21:43:47.0070 2760  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys
21:43:47.0078 2760  megasas - ok
21:43:47.0083 2760  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
21:43:47.0091 2760  MegaSR - ok
21:43:47.0108 2760  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
21:43:47.0131 2760  MMCSS - ok
21:43:47.0145 2760  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
21:43:47.0168 2760  Modem - ok
21:43:47.0193 2760  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
21:43:47.0201 2760  monitor - ok
21:43:47.0205 2760  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
21:43:47.0211 2760  mouclass - ok
21:43:47.0215 2760  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
21:43:47.0223 2760  mouhid - ok
21:43:47.0228 2760  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
21:43:47.0235 2760  mountmgr - ok
21:43:47.0306 2760  [ 5C5E45DDABEFBC9F564F1D5C83258B8F ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:43:47.0334 2760  MozillaMaintenance - ok
21:43:47.0340 2760  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
21:43:47.0351 2760  mpio - ok
21:43:47.0365 2760  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
21:43:47.0398 2760  mpsdrv - ok
21:43:47.0418 2760  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
21:43:47.0448 2760  MpsSvc - ok
21:43:47.0461 2760  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
21:43:47.0473 2760  MRxDAV - ok
21:43:47.0514 2760  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
21:43:47.0531 2760  mrxsmb - ok
21:43:47.0551 2760  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:43:47.0568 2760  mrxsmb10 - ok
21:43:47.0583 2760  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:43:47.0590 2760  mrxsmb20 - ok
21:43:47.0600 2760  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
21:43:47.0606 2760  msahci - ok
21:43:47.0611 2760  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
21:43:47.0619 2760  msdsm - ok
21:43:47.0631 2760  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
21:43:47.0640 2760  MSDTC - ok
21:43:47.0646 2760  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
21:43:47.0670 2760  Msfs - ok
21:43:47.0684 2760  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
21:43:47.0706 2760  mshidkmdf - ok
21:43:47.0710 2760  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
21:43:47.0716 2760  msisadrv - ok
21:43:47.0733 2760  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
21:43:47.0756 2760  MSiSCSI - ok
21:43:47.0760 2760  msiserver - ok
21:43:47.0770 2760  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
21:43:47.0794 2760  MSKSSRV - ok
21:43:47.0804 2760  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
21:43:47.0828 2760  MSPCLOCK - ok
21:43:47.0834 2760  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
21:43:47.0856 2760  MSPQM - ok
21:43:47.0870 2760  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
21:43:47.0881 2760  MsRPC - ok
21:43:47.0889 2760  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
21:43:47.0896 2760  mssmbios - ok
21:43:47.0909 2760  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
21:43:47.0931 2760  MSTEE - ok
21:43:47.0940 2760  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
21:43:47.0946 2760  MTConfig - ok
21:43:47.0961 2760  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
21:43:47.0969 2760  Mup - ok
21:43:47.0996 2760  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
21:43:48.0023 2760  napagent - ok
21:43:48.0036 2760  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
21:43:48.0049 2760  NativeWifiP - ok
21:43:48.0103 2760  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
21:43:48.0134 2760  NDIS - ok
21:43:48.0150 2760  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
21:43:48.0181 2760  NdisCap - ok
21:43:48.0191 2760  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
21:43:48.0214 2760  NdisTapi - ok
21:43:48.0225 2760  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
21:43:48.0248 2760  Ndisuio - ok
21:43:48.0259 2760  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
21:43:48.0283 2760  NdisWan - ok
21:43:48.0289 2760  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
21:43:48.0311 2760  NDProxy - ok
21:43:48.0323 2760  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
21:43:48.0346 2760  NetBIOS - ok
21:43:48.0361 2760  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
21:43:48.0385 2760  NetBT - ok
21:43:48.0393 2760  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
21:43:48.0400 2760  Netlogon - ok
21:43:48.0413 2760  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
21:43:48.0440 2760  Netman - ok
21:43:48.0514 2760  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:43:48.0538 2760  NetMsmqActivator - ok
21:43:48.0541 2760  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:43:48.0549 2760  NetPipeActivator - ok
21:43:48.0568 2760  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
21:43:48.0603 2760  netprofm - ok
21:43:48.0606 2760  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:43:48.0613 2760  NetTcpActivator - ok
21:43:48.0615 2760  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:43:48.0623 2760  NetTcpPortSharing - ok
21:43:48.0631 2760  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
21:43:48.0639 2760  nfrd960 - ok
21:43:48.0681 2760  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
21:43:48.0691 2760  NlaSvc - ok
21:43:48.0706 2760  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
21:43:48.0730 2760  Npfs - ok
21:43:48.0738 2760  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
21:43:48.0761 2760  nsi - ok
21:43:48.0769 2760  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
21:43:48.0793 2760  nsiproxy - ok
21:43:48.0868 2760  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
21:43:48.0900 2760  Ntfs - ok
21:43:48.0913 2760  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
21:43:48.0936 2760  Null - ok
21:43:48.0958 2760  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
21:43:48.0966 2760  nvraid - ok
21:43:48.0974 2760  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
21:43:48.0983 2760  nvstor - ok
21:43:48.0998 2760  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
21:43:49.0006 2760  nv_agp - ok
21:43:49.0010 2760  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
21:43:49.0018 2760  ohci1394 - ok
21:43:49.0044 2760  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
21:43:49.0054 2760  p2pimsvc - ok
21:43:49.0070 2760  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
21:43:49.0080 2760  p2psvc - ok
21:43:49.0085 2760  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\drivers\parport.sys
21:43:49.0093 2760  Parport - ok
21:43:49.0134 2760  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
21:43:49.0150 2760  partmgr - ok
21:43:49.0170 2760  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
21:43:49.0194 2760  PcaSvc - ok
21:43:49.0209 2760  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
21:43:49.0218 2760  pci - ok
21:43:49.0220 2760  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
21:43:49.0228 2760  pciide - ok
21:43:49.0240 2760  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
21:43:49.0249 2760  pcmcia - ok
21:43:49.0253 2760  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
21:43:49.0260 2760  pcw - ok
21:43:49.0281 2760  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
21:43:49.0310 2760  PEAUTH - ok
21:43:49.0328 2760  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
21:43:49.0336 2760  PerfHost - ok
21:43:49.0363 2760  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
21:43:49.0396 2760  pla - ok
21:43:49.0463 2760  [ AB168D5CF1CD69F9FA6F09C828FEA660 ] PlantronicsGC   C:\Windows\system32\drivers\PLTGC.sys
21:43:49.0494 2760  PlantronicsGC - ok
21:43:49.0544 2760  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
21:43:49.0570 2760  PlugPlay - ok
21:43:49.0575 2760  PnkBstrA - ok
21:43:49.0586 2760  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
21:43:49.0601 2760  PNRPAutoReg - ok
21:43:49.0609 2760  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
21:43:49.0623 2760  PNRPsvc - ok
21:43:49.0663 2760  [ 4F0878FD62D5F7444C5F1C4C66D9D293 ] Point64         C:\Windows\system32\DRIVERS\point64.sys
21:43:49.0669 2760  Point64 - ok
21:43:49.0694 2760  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
21:43:49.0720 2760  PolicyAgent - ok
21:43:49.0736 2760  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
21:43:49.0763 2760  Power - ok
21:43:49.0776 2760  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
21:43:49.0799 2760  PptpMiniport - ok
21:43:49.0813 2760  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys
21:43:49.0820 2760  Processor - ok
21:43:49.0848 2760  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
21:43:49.0856 2760  ProfSvc - ok
21:43:49.0876 2760  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
21:43:49.0883 2760  ProtectedStorage - ok
21:43:49.0894 2760  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
21:43:49.0916 2760  Psched - ok
21:43:49.0950 2760  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
21:43:49.0973 2760  ql2300 - ok
21:43:49.0981 2760  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
21:43:49.0990 2760  ql40xx - ok
21:43:50.0010 2760  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
21:43:50.0023 2760  QWAVE - ok
21:43:50.0036 2760  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
21:43:50.0046 2760  QWAVEdrv - ok
21:43:50.0050 2760  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
21:43:50.0073 2760  RasAcd - ok
21:43:50.0090 2760  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
21:43:50.0114 2760  RasAgileVpn - ok
21:43:50.0124 2760  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
21:43:50.0149 2760  RasAuto - ok
21:43:50.0169 2760  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
21:43:50.0193 2760  Rasl2tp - ok
21:43:50.0243 2760  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
21:43:50.0268 2760  RasMan - ok
21:43:50.0294 2760  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
21:43:50.0318 2760  RasPppoe - ok
21:43:50.0329 2760  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
21:43:50.0353 2760  RasSstp - ok
21:43:50.0366 2760  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
21:43:50.0390 2760  rdbss - ok
21:43:50.0394 2760  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
21:43:50.0403 2760  rdpbus - ok
21:43:50.0410 2760  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
21:43:50.0434 2760  RDPCDD - ok
21:43:50.0441 2760  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
21:43:50.0465 2760  RDPENCDD - ok
21:43:50.0469 2760  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
21:43:50.0493 2760  RDPREFMP - ok
21:43:50.0528 2760  [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
21:43:50.0534 2760  RdpVideoMiniport - ok
21:43:50.0565 2760  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
21:43:50.0574 2760  RDPWD - ok
21:43:50.0588 2760  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
21:43:50.0596 2760  rdyboost - ok
21:43:50.0613 2760  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
21:43:50.0638 2760  RemoteAccess - ok
21:43:50.0645 2760  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
21:43:50.0670 2760  RemoteRegistry - ok
21:43:50.0679 2760  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
21:43:50.0703 2760  RpcEptMapper - ok
21:43:50.0715 2760  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
21:43:50.0724 2760  RpcLocator - ok
21:43:50.0738 2760  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
21:43:50.0765 2760  RpcSs - ok
21:43:50.0774 2760  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
21:43:50.0798 2760  rspndr - ok
21:43:50.0833 2760  [ 2E7D1CA91D62501713C9D6E6704395C6 ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIVX.sys
21:43:50.0843 2760  RTHDMIAzAudService - ok
21:43:50.0876 2760  [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
21:43:50.0909 2760  RTL8167 - ok
21:43:50.0949 2760  [ FC00C0DE6DC83DE1B2B01420E2195B21 ] RTL8192su       C:\Windows\system32\DRIVERS\RTL8192su.sys
21:43:50.0964 2760  RTL8192su - ok
21:43:50.0976 2760  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
21:43:50.0983 2760  SamSs - ok
21:43:50.0986 2760  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
21:43:50.0995 2760  sbp2port - ok
21:43:51.0008 2760  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
21:43:51.0033 2760  SCardSvr - ok
21:43:51.0041 2760  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
21:43:51.0064 2760  scfilter - ok
21:43:51.0089 2760  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
21:43:51.0120 2760  Schedule - ok
21:43:51.0134 2760  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
21:43:51.0156 2760  SCPolicySvc - ok
21:43:51.0169 2760  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
21:43:51.0178 2760  SDRSVC - ok
21:43:51.0185 2760  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
21:43:51.0208 2760  secdrv - ok
21:43:51.0211 2760  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
21:43:51.0235 2760  seclogon - ok
21:43:51.0244 2760  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\system32\sens.dll
21:43:51.0269 2760  SENS - ok
21:43:51.0279 2760  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
21:43:51.0286 2760  SensrSvc - ok
21:43:51.0289 2760  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
21:43:51.0296 2760  Serenum - ok
21:43:51.0308 2760  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
21:43:51.0315 2760  Serial - ok
21:43:51.0323 2760  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
21:43:51.0330 2760  sermouse - ok
21:43:51.0348 2760  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
21:43:51.0371 2760  SessionEnv - ok
21:43:51.0374 2760  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
21:43:51.0384 2760  sffdisk - ok
21:43:51.0386 2760  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
21:43:51.0395 2760  sffp_mmc - ok
21:43:51.0399 2760  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
21:43:51.0408 2760  sffp_sd - ok
21:43:51.0410 2760  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
21:43:51.0418 2760  sfloppy - ok
21:43:51.0429 2760  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
21:43:51.0454 2760  SharedAccess - ok
21:43:51.0469 2760  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:43:51.0495 2760  ShellHWDetection - ok
21:43:51.0499 2760  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
21:43:51.0506 2760  SiSRaid2 - ok
21:43:51.0509 2760  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
21:43:51.0516 2760  SiSRaid4 - ok
21:43:51.0689 2760  [ EB17DF573B4423DF0B3B2EE3B268A6DE ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
21:43:51.0736 2760  Skype C2C Service - ok
21:43:51.0804 2760  [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
21:43:51.0819 2760  SkypeUpdate - ok
21:43:51.0825 2760  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
21:43:51.0854 2760  Smb - ok
21:43:51.0865 2760  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
21:43:51.0873 2760  SNMPTRAP - ok
21:43:51.0884 2760  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
21:43:51.0893 2760  spldr - ok
21:43:51.0936 2760  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
21:43:51.0965 2760  Spooler - ok
21:43:52.0079 2760  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
21:43:52.0136 2760  sppsvc - ok
21:43:52.0151 2760  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
21:43:52.0176 2760  sppuinotify - ok
21:43:52.0219 2760  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
21:43:52.0229 2760  srv - ok
21:43:52.0245 2760  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
21:43:52.0255 2760  srv2 - ok
21:43:52.0291 2760  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
21:43:52.0318 2760  srvnet - ok
21:43:52.0330 2760  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
21:43:52.0359 2760  SSDPSRV - ok
21:43:52.0366 2760  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
21:43:52.0391 2760  SstpSvc - ok
21:43:52.0429 2760  [ B4C983DA20E2970E21893BF0E4EE2AD8 ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
21:43:52.0436 2760  ssudmdm - ok
21:43:52.0459 2760  Steam Client Service - ok
21:43:52.0476 2760  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
21:43:52.0484 2760  stexstor - ok
21:43:52.0514 2760  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
21:43:52.0529 2760  stisvc - ok
21:43:52.0538 2760  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
21:43:52.0545 2760  swenum - ok
21:43:52.0560 2760  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
21:43:52.0589 2760  swprv - ok
21:43:52.0618 2760  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
21:43:52.0641 2760  SysMain - ok
21:43:52.0654 2760  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:43:52.0665 2760  TabletInputService - ok
21:43:52.0681 2760  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
21:43:52.0706 2760  TapiSrv - ok
21:43:52.0715 2760  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
21:43:52.0740 2760  TBS - ok
21:43:52.0794 2760  [ 9849EA3843A2ADBDD1497E97A85D8CAE ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
21:43:52.0821 2760  Tcpip - ok
21:43:52.0853 2760  [ 9849EA3843A2ADBDD1497E97A85D8CAE ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
21:43:52.0879 2760  TCPIP6 - ok
21:43:52.0915 2760  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
21:43:52.0935 2760  tcpipreg - ok
21:43:52.0960 2760  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
21:43:52.0973 2760  TDPIPE - ok
21:43:53.0001 2760  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
21:43:53.0014 2760  TDTCP - ok
21:43:53.0035 2760  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
21:43:53.0074 2760  tdx - ok
21:43:53.0078 2760  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
21:43:53.0085 2760  TermDD - ok
21:43:53.0099 2760  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
21:43:53.0128 2760  TermService - ok
21:43:53.0135 2760  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
21:43:53.0148 2760  Themes - ok
21:43:53.0165 2760  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
21:43:53.0190 2760  THREADORDER - ok
21:43:53.0200 2760  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
21:43:53.0225 2760  TrkWks - ok
21:43:53.0255 2760  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:43:53.0278 2760  TrustedInstaller - ok
21:43:53.0288 2760  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
21:43:53.0310 2760  tssecsrv - ok
21:43:53.0341 2760  [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
21:43:53.0365 2760  TsUsbFlt - ok
21:43:53.0393 2760  [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
21:43:53.0410 2760  TsUsbGD - ok
21:43:53.0426 2760  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
21:43:53.0465 2760  tunnel - ok
21:43:53.0469 2760  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
21:43:53.0476 2760  uagp35 - ok
21:43:53.0491 2760  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
21:43:53.0516 2760  udfs - ok
21:43:53.0530 2760  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
21:43:53.0538 2760  UI0Detect - ok
21:43:53.0541 2760  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
21:43:53.0549 2760  uliagpkx - ok
21:43:53.0559 2760  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
21:43:53.0566 2760  umbus - ok
21:43:53.0575 2760  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
21:43:53.0583 2760  UmPass - ok
21:43:53.0635 2760  [ 67A95B9D129ED5399E7965CD09CF30E7 ] UMVPFSrv        C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
21:43:53.0668 2760  UMVPFSrv - ok
21:43:53.0698 2760  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
21:43:53.0731 2760  upnphost - ok
21:43:53.0770 2760  [ 43228F8EDD1B0BCDD3145AD246E63D39 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
21:43:53.0773 2760  USBAAPL64 ( UnsignedFile.Multi.Generic ) - warning
21:43:53.0773 2760  USBAAPL64 - detected UnsignedFile.Multi.Generic (1)
21:43:53.0809 2760  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
21:43:53.0843 2760  usbaudio - ok
21:43:53.0860 2760  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
21:43:53.0869 2760  usbccgp - ok
21:43:53.0884 2760  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
21:43:53.0896 2760  usbcir - ok
21:43:53.0914 2760  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
21:43:53.0923 2760  usbehci - ok
21:43:53.0973 2760  [ 573D192E268F0C5B486B7E96F661E538 ] usbfilter       C:\Windows\system32\DRIVERS\usbfilter.sys
21:43:53.0994 2760  usbfilter - ok
21:43:54.0008 2760  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
21:43:54.0024 2760  usbhub - ok
21:43:54.0029 2760  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
21:43:54.0038 2760  usbohci - ok
21:43:54.0053 2760  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\drivers\usbprint.sys
21:43:54.0065 2760  usbprint - ok
21:43:54.0079 2760  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:43:54.0089 2760  USBSTOR - ok
21:43:54.0103 2760  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
21:43:54.0111 2760  usbuhci - ok
21:43:54.0119 2760  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
21:43:54.0150 2760  UxSms - ok
21:43:54.0159 2760  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
21:43:54.0166 2760  VaultSvc - ok
21:43:54.0175 2760  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
21:43:54.0181 2760  vdrvroot - ok
21:43:54.0189 2760  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
21:43:54.0215 2760  vds - ok
21:43:54.0225 2760  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
21:43:54.0234 2760  vga - ok
21:43:54.0248 2760  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
21:43:54.0270 2760  VgaSave - ok
21:43:54.0275 2760  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
21:43:54.0284 2760  vhdmp - ok
21:43:54.0294 2760  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
21:43:54.0300 2760  viaide - ok
21:43:54.0310 2760  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
21:43:54.0318 2760  volmgr - ok
21:43:54.0331 2760  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
21:43:54.0343 2760  volmgrx - ok
21:43:54.0351 2760  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
21:43:54.0361 2760  volsnap - ok
21:43:54.0366 2760  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
21:43:54.0374 2760  vsmraid - ok
21:43:54.0401 2760  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
21:43:54.0436 2760  VSS - ok
21:43:54.0440 2760  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
21:43:54.0450 2760  vwifibus - ok
21:43:54.0453 2760  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
21:43:54.0464 2760  vwififlt - ok
21:43:54.0466 2760  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
21:43:54.0478 2760  vwifimp - ok
21:43:54.0488 2760  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
21:43:54.0514 2760  W32Time - ok
21:43:54.0529 2760  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
21:43:54.0536 2760  WacomPen - ok
21:43:54.0550 2760  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
21:43:54.0573 2760  WANARP - ok
21:43:54.0576 2760  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
21:43:54.0599 2760  Wanarpv6 - ok
21:43:54.0644 2760  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
21:43:54.0680 2760  WatAdminSvc - ok
21:43:54.0711 2760  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
21:43:54.0730 2760  wbengine - ok
21:43:54.0739 2760  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
21:43:54.0751 2760  WbioSrvc - ok
21:43:54.0763 2760  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
21:43:54.0776 2760  wcncsvc - ok
21:43:54.0786 2760  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:43:54.0794 2760  WcsPlugInService - ok
21:43:54.0806 2760  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
21:43:54.0814 2760  Wd - ok
21:43:54.0848 2760  [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM         C:\Windows\system32\DRIVERS\wdcsam64.sys
21:43:54.0853 2760  WDC_SAM - ok
21:43:54.0891 2760  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
21:43:54.0909 2760  Wdf01000 - ok
21:43:54.0929 2760  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
21:43:54.0940 2760  WdiServiceHost - ok
21:43:54.0944 2760  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
21:43:54.0955 2760  WdiSystemHost - ok
21:43:54.0969 2760  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
21:43:54.0981 2760  WebClient - ok
21:43:54.0993 2760  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
21:43:55.0019 2760  Wecsvc - ok
21:43:55.0025 2760  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
21:43:55.0050 2760  wercplsupport - ok
21:43:55.0060 2760  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
21:43:55.0084 2760  WerSvc - ok
21:43:55.0095 2760  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
21:43:55.0118 2760  WfpLwf - ok
21:43:55.0128 2760  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
21:43:55.0135 2760  WIMMount - ok
21:43:55.0149 2760  WinDefend - ok
21:43:55.0154 2760  WinHttpAutoProxySvc - ok
21:43:55.0203 2760  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
21:43:55.0251 2760  Winmgmt - ok
21:43:55.0286 2760  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
21:43:55.0325 2760  WinRM - ok
21:43:55.0363 2760  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
21:43:55.0371 2760  WinUsb - ok
21:43:55.0393 2760  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
21:43:55.0411 2760  Wlansvc - ok
21:43:55.0511 2760  [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:43:55.0548 2760  wlidsvc - ok
21:43:55.0556 2760  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
21:43:55.0564 2760  WmiAcpi - ok
21:43:55.0580 2760  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
21:43:55.0589 2760  wmiApSrv - ok
21:43:55.0591 2760  WMPNetworkSvc - ok
21:43:55.0599 2760  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
21:43:55.0606 2760  WPCSvc - ok
21:43:55.0618 2760  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
21:43:55.0626 2760  WPDBusEnum - ok
21:43:55.0634 2760  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
21:43:55.0658 2760  ws2ifsl - ok
21:43:55.0665 2760  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\system32\wscsvc.dll
21:43:55.0676 2760  wscsvc - ok
21:43:55.0679 2760  WSearch - ok
21:43:55.0768 2760  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
21:43:55.0808 2760  wuauserv - ok
21:43:55.0846 2760  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
21:43:55.0852 2760  WudfPf - ok
21:43:55.0865 2760  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
21:43:55.0872 2760  WUDFRd - ok
21:43:55.0902 2760  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
21:43:55.0910 2760  wudfsvc - ok
21:43:55.0941 2760  [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc         C:\Windows\System32\wwansvc.dll
21:43:55.0950 2760  WwanSvc - ok
21:43:55.0957 2760  ================ Scan global ===============================
21:43:55.0985 2760  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
21:43:56.0020 2760  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
21:43:56.0035 2760  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
21:43:56.0065 2760  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
21:43:56.0087 2760  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
21:43:56.0096 2760  [Global] - ok
21:43:56.0097 2760  ================ Scan MBR ==================================
21:43:56.0107 2760  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:43:56.0359 2760  \Device\Harddisk0\DR0 - ok
21:43:56.0366 2760  [ E6BAFF1E3D25B60291E566A04180A7B0 ] \Device\Harddisk1\DR1
21:43:56.0489 2760  \Device\Harddisk1\DR1 - ok
21:43:56.0490 2760  ================ Scan VBR ==================================
21:43:56.0496 2760  [ 89692FDB82545C6B99BE53DD658C4298 ] \Device\Harddisk0\DR0\Partition1
21:43:56.0499 2760  \Device\Harddisk0\DR0\Partition1 - ok
21:43:56.0506 2760  [ 5511C245ED897D20C1C8789AF2D65BF0 ] \Device\Harddisk0\DR0\Partition2
21:43:56.0509 2760  \Device\Harddisk0\DR0\Partition2 - ok
21:43:56.0511 2760  ============================================================
21:43:56.0511 2760  Scan finished
21:43:56.0511 2760  ============================================================
21:43:56.0521 2752  Detected object count: 3
21:43:56.0521 2752  Actual detected object count: 3
21:44:15.0796 2752  BEService ( UnsignedFile.Multi.Generic ) - skipped by user
21:44:15.0796 2752  BEService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
21:44:15.0797 2752  FsUsbExDisk ( UnsignedFile.Multi.Generic ) - skipped by user
21:44:15.0797 2752  FsUsbExDisk ( UnsignedFile.Multi.Generic ) - User select action: Skip 
21:44:15.0801 2752  USBAAPL64 ( UnsignedFile.Multi.Generic ) - skipped by user
21:44:15.0801 2752  USBAAPL64 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
21:44:21.0610 3240  Deinitialize success

Attached Files

  • Attached File  MBR.zip   559bytes   0 downloads


#11 nasdaq

nasdaq

  • Malware Response Team
  • 40,456 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:03:35 PM

Posted 15 June 2013 - 08:23 AM

I visit webpages and they dont load, there are way to many processes that shouldnt be there, everything seems real slow

This has nothing to do with to many processes. I have see others with more processes than you have and all is well...

Try this

Click the StartBtn.gif button. In the Search box, type Command Prompt, and then, in the list of results, double-click Command Prompt.

at the cursor type:
ipconfig /flushdns <-- (A space between g and / is needed)

repeat with
ipconfig /renew

Then hit Enter, type Exit, hit the Enter key.

You may need to run CMD - Command Prompt on Vista - Windows 7/8 with Elevated Privilege
http://www.mydigitallife.info/2007/02/17/how-to-open-elevated-command-prompt-with-administrator-privileges-in-windows-vista/
===

If still having problem, Remove Chrome using the Add/Remove programs applet.
Restart the computer normally and reinstall the program.

Keep me posted.

#12 jf3000

jf3000
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:35 AM

Posted 17 June 2013 - 06:04 PM

You may close this thread, thank you for your assistance. +Rep



#13 nasdaq

nasdaq

  • Malware Response Team
  • 40,456 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:03:35 PM

Posted 18 June 2013 - 08:33 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users