Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Spigot search protection, how to remove?


  • Please log in to reply
12 replies to this topic

#1 sunsigil

sunsigil

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:11:58 PM

Posted 25 November 2013 - 12:23 AM

I've recently gotten a virus or trojan putting my internet browsers instantly to Yahoo. Sometimes 404'ing saying it cannot be found. I'm worried that this virus might do some harm onto my computer.!

What do I do to stop this and prevent it in the future?



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,026 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:58 AM

Posted 25 November 2013 - 02:49 PM

Hello, do these and tell me how it is after.

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
    Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



    Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
  • .
    .
    .
    ADW Cleaner

    Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer like it did before.
  • After the scan has finished...
    <-insert any special instructions here for what to uncheck OR remove this line if there are none->
  • This time click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S#].txt) will open automatically (where the largest value of # represents the most recent report).
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • .
    .
    .

    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  • .
    .
    .
    .
  • Last run ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 sunsigil

sunsigil
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:11:58 PM

Posted 02 December 2013 - 09:14 PM

MiniToolBox by Farbar  Version: 13-07-2013
Ran by Junjun (administrator) on 29-11-2013 at 13:30:11
Running from "C:\Users\Junjun\Desktop\Multimedia"
Microsoft Windows 7 Ultimate  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================


127.0.0.1    www.007guard.com
127.0.0.1    007guard.com
127.0.0.1    008i.com
127.0.0.1    www.008k.com
127.0.0.1    008k.com
127.0.0.1    www.00hq.com
127.0.0.1    00hq.com
127.0.0.1    010402.com
127.0.0.1    www.032439.com
127.0.0.1    032439.com
127.0.0.1    www.0scan.com
127.0.0.1    0scan.com
127.0.0.1    1000gratisproben.com
127.0.0.1    www.1000gratisproben.com
127.0.0.1    1001namen.com
127.0.0.1    www.1001namen.com
127.0.0.1    www.100888290cs.com
127.0.0.1    100888290cs.com
127.0.0.1    100sexlinks.com

There are 15218 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : Junjun-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : gateway.2wire.net

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . : gateway.2wire.net
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : BC-5F-F4-2B-E2-6A
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::74fa:b638:67d0:7f96%10(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.64(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Friday, November 29, 2013 1:23:29 PM
   Lease Expires . . . . . . . . . . : Saturday, November 30, 2013 1:23:29 PM
   Default Gateway . . . . . . . . . : 192.168.1.254
   DHCP Server . . . . . . . . . . . : 192.168.1.254
   DHCPv6 IAID . . . . . . . . . . . : 247226356
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-3C-DC-62-BC-5F-F4-2B-E2-6A
   DNS Servers . . . . . . . . . . . : 192.168.1.254
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.gateway.2wire.net:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  homeportal
Address:  192.168.1.254

Name:    google.com
Addresses:  2607:f8b0:4002:c06::64
      74.125.21.102
      74.125.21.139
      74.125.21.113
      74.125.21.101
      74.125.21.138
      74.125.21.100


Pinging google.com [74.125.21.113] with 32 bytes of data:
Reply from 74.125.21.113: bytes=32 time=76ms TTL=42
Reply from 74.125.21.113: bytes=32 time=75ms TTL=42

Ping statistics for 74.125.21.113:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 75ms, Maximum = 76ms, Average = 75ms
Server:  homeportal
Address:  192.168.1.254

Name:    yahoo.com
Addresses:  98.138.253.109
      98.139.183.24
      206.190.36.45


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=117ms TTL=49
Reply from 98.139.183.24: bytes=32 time=159ms TTL=49

Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 117ms, Maximum = 159ms, Average = 138ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 10...bc 5f f4 2b e2 6a ......Realtek PCIe GBE Family Controller
  1...........................Software Loopback Interface 1
 11...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0    192.168.1.254     192.168.1.64     10
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link      192.168.1.64    266
     192.168.1.64  255.255.255.255         On-link      192.168.1.64    266
    192.168.1.255  255.255.255.255         On-link      192.168.1.64    266
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link      192.168.1.64    266
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link      192.168.1.64    266
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 10    266 fe80::/64                On-link
 10    266 fe80::74fa:b638:67d0:7f96/128
                                    On-link
  1    306 ff00::/8                 On-link
 10    266 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (11/21/2013 07:20:00 PM) (Source: Application Error) (User: )
Description: Faulting application name: TombRaider.exe, version: 1.1.748.0, time stamp: 0x519379a7
Faulting module name: d3d11.dll, version: 6.2.9200.16570, time stamp: 0x5153774d
Exception code: 0xc0000005
Fault offset: 0x0008ee4e
Faulting process id: 0x1708
Faulting application start time: 0xTombRaider.exe0
Faulting application path: TombRaider.exe1
Faulting module path: TombRaider.exe2
Report Id: TombRaider.exe3

Error: (11/19/2013 01:21:04 AM) (Source: MsiInstaller) (User: Junjun-PC)
Description: Product: NVIDIA PhysX -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\_CommonRedist\PhysX\9.12.1031\PhysX_9.12.1031_SystemSoftware.msi

Error: (11/18/2013 09:30:33 PM) (Source: Application Hang) (User: )
Description: The program dota.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 172c

Start Time: 01cee4e7b101e08c

Termination Time: 617

Application Path: C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe

Report Id:

Error: (11/18/2013 09:24:43 PM) (Source: Application Hang) (User: )
Description: The program dota.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1574

Start Time: 01cee4e732cf095f

Termination Time: 268

Application Path: C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe

Report Id:

Error: (11/16/2013 08:47:29 PM) (Source: Application Hang) (User: )
Description: The program XComEW.exe version 1.0.0.926 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 14cc

Start Time: 01cee34f9d979fdc

Termination Time: 69

Application Path: C:\Program Files (x86)\Steam\steamapps\common\XCom-Enemy-Unknown\XEW\Binaries\Win32\XComEW.exe

Report Id:

Error: (11/16/2013 08:42:20 PM) (Source: Application Error) (User: )
Description: Faulting application name: XComEW.exe, version: 1.0.0.926, time stamp: 0x524b2164
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7
Exception code: 0xc0000374
Fault offset: 0x000ce753
Faulting process id: 0x17d0
Faulting application start time: 0xXComEW.exe0
Faulting application path: XComEW.exe1
Faulting module path: XComEW.exe2
Report Id: XComEW.exe3

Error: (11/14/2013 00:31:59 AM) (Source: Application Hang) (User: )
Description: The program Grooveshark.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: d54

Start Time: 01cee109604acff8

Termination Time: 13

Application Path: C:\Program Files (x86)\Grooveshark\Grooveshark.exe

Report Id: de6f40de-4d06-11e3-8392-bc5ff42be26a

Error: (11/13/2013 09:25:37 PM) (Source: Application Hang) (User: )
Description: The program csgo.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 13a4

Start Time: 01cee0f971d2ed1e

Termination Time: 231

Application Path: C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe

Report Id:

Error: (11/13/2013 07:28:23 PM) (Source: Application Hang) (User: )
Description: The program Hearthstone.exe version 1.0.0.3937 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1b14

Start Time: 01cee0e94498ef72

Termination Time: 23

Application Path: C:\Program Files (x86)\Hearthstone\Hearthstone.exe

Report Id: bb60c0bc-4cdc-11e3-a463-bc5ff42be26a

Error: (11/10/2013 07:39:34 PM) (Source: Application Hang) (User: )
Description: The program swtor.exe version 1.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 14b8

Start Time: 01cede89001351cb

Termination Time: 217

Application Path: C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\swtor\retailclient\swtor.exe

Report Id: df123786-4a82-11e3-b088-bc5ff42be26a


System errors:
=============
Error: (11/29/2013 01:24:04 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
SBRE

Error: (11/28/2013 11:18:15 PM) (Source: Service Control Manager) (User: )
Description: The Windows Update service hung on starting.

Error: (11/28/2013 11:13:10 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
SBRE

Error: (11/28/2013 11:35:00 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
SBRE

Error: (11/27/2013 09:05:26 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
SBRE

Error: (11/27/2013 04:40:08 PM) (Source: Service Control Manager) (User: )
Description: The Windows Update service hung on starting.

Error: (11/27/2013 04:34:42 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
SBRE

Error: (11/26/2013 10:30:50 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
SBRE

Error: (11/25/2013 10:20:26 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
SBRE

Error: (11/25/2013 06:37:21 PM) (Source: volsnap) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.


Microsoft Office Sessions:
=========================
Error: (11/21/2013 07:20:00 PM) (Source: Application Error)(User: )
Description: TombRaider.exe1.1.748.0519379a7d3d11.dll6.2.9200.165705153774dc00000050008ee4e170801cee73131321480C:\Program Files (x86)\Steam\steamapps\common\Tomb Raider\TombRaider.exeC:\Windows\system32\d3d11.dllf7ed607a-5324-11e3-b106-bc5ff42be26a

Error: (11/19/2013 01:21:04 AM) (Source: MsiInstaller)(User: Junjun-PC)
Description: Product: NVIDIA PhysX -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\_CommonRedist\PhysX\9.12.1031\PhysX_9.12.1031_SystemSoftware.msi(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (11/18/2013 09:30:33 PM) (Source: Application Hang)(User: )
Description: dota.exe0.0.0.0172c01cee4e7b101e08c617C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe

Error: (11/18/2013 09:24:43 PM) (Source: Application Hang)(User: )
Description: dota.exe0.0.0.0157401cee4e732cf095f268C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe

Error: (11/16/2013 08:47:29 PM) (Source: Application Hang)(User: )
Description: XComEW.exe1.0.0.92614cc01cee34f9d979fdc69C:\Program Files (x86)\Steam\steamapps\common\XCom-Enemy-Unknown\XEW\Binaries\Win32\XComEW.exe

Error: (11/16/2013 08:42:20 PM) (Source: Application Error)(User: )
Description: XComEW.exe1.0.0.926524b2164ntdll.dll6.1.7601.18247521ea8e7c0000374000ce75317d001cee34f0681e007C:\Program Files (x86)\Steam\steamapps\common\XCom-Enemy-Unknown\XEW\Binaries\Win32\XComEW.exeC:\Windows\SysWOW64\ntdll.dlla4418b41-4f42-11e3-9016-bc5ff42be26a

Error: (11/14/2013 00:31:59 AM) (Source: Application Hang)(User: )
Description: Grooveshark.exe0.0.0.0d5401cee109604acff813C:\Program Files (x86)\Grooveshark\Grooveshark.exede6f40de-4d06-11e3-8392-bc5ff42be26a

Error: (11/13/2013 09:25:37 PM) (Source: Application Hang)(User: )
Description: csgo.exe0.0.0.013a401cee0f971d2ed1e231C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe

Error: (11/13/2013 07:28:23 PM) (Source: Application Hang)(User: )
Description: Hearthstone.exe1.0.0.39371b1401cee0e94498ef7223C:\Program Files (x86)\Hearthstone\Hearthstone.exebb60c0bc-4cdc-11e3-a463-bc5ff42be26a

Error: (11/10/2013 07:39:34 PM) (Source: Application Hang)(User: )
Description: swtor.exe1.0.0.014b801cede89001351cb217C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\swtor\retailclient\swtor.exedf123786-4a82-11e3-b088-bc5ff42be26a


=========================== Installed Programs ============================

7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Absolute Nature for S.T.A.L.K.E.R - Shadow of Chernobyl
Absolute Structures for S.T.A.L.K.E.R - Shadow of Chernobyl
Acrobat.com (Version: 0.0.0)
Acrobat.com (Version: 1.1.377)
Adobe AIR (Version: 3.9.0.1030)
Adobe Flash Player 11 ActiveX (Version: 11.9.900.117)
Adobe Flash Player 11 Plugin (Version: 11.9.900.152)
Adobe Reader X (10.1.7) (Version: 10.1.7)
AMD USB Filter Driver (Version: 1.0.14.91)
ASRock App Charger v1.0.5
ASRock eXtreme Tuner v0.1.122
ASRock InstantBoot v1.29
ASUS E-Green Uninstall
ATI Catalyst Install Manager (Version: 3.0.762.0)
BabylonObjectInstaller (Version: 1.0.0.0)
Baldur's Gate: Enhanced Edition
Bandisoft MPEG-1 Decoder
Battle.net
Battlelog Web Plugins (Version: 2.3.0)
BioWare Premium Module: Neverwinter Nights™ Kingmaker
BitRaider Web Client (Version: 1.1.9.4)
BOSS (Version: 2.1.1)
CameraHelperMsi (Version: 13.50.854.0)
Clementine (Version: 1.1.1)
Company of Heroes
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Curse Client (Version: 5.1.1.792)
DAEMON Tools Lite (Version: 4.46.1.0328)
Deus Ex - HDTP
Dota 2
Dragon Age Redesigned c Morrigan
Dragon Age Redesigned Oghrenc
Dragon Age Redesignedc
Dragon Age Redesignedc  Zevran
Dragon Age Redesignedc Leliana
Dragon Age Redesignedc Sten
Dragon Age Redesignedc Wynne
Dropbox (Version: 2.0.22)
E-Hammer (Version: 1.0.0)
EPSON Printer Software
EPSON Scan
erLT (Version: 1.20.0137)
erLT (Version: 1.20.138.34)
ESET Online Scanner v3
ESN Sonar (Version: 0.70.4)
Etron USB3.0 Host Controller (Version: 0.104)
EVGA Precision 2.0.4 (Version: 2.0.4)
Fallout Mod Manager 0.13.21
FINAL FANTASY XIV - A Realm Reborn (Version: 1.0.0000)
Fraps
FTL: Faster Than Light
gamelauncher-code4344-beta
GeForce Experience NvStream Client Components (Version: 1.6.28)
Google Chrome (Version: 31.0.1650.57)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.5.4601.54)
Google Update Helper (Version: 1.3.21.165)
Grooveshark (Version: 0.2.0)
Happy Cloud Client (Version: 1.374)
HashCheck Shell Extension (x86-32) (Version: 2.1.11.1)
HashCheck Shell Extension (x86-64) (Version: 2.1.11.1)
Hearthstone
Hotline Miami
Java 7 Update 45 (Version: 7.0.450)
Java Auto Updater (Version: 2.1.9.8)
Java™ 7 Update 4 (64-bit) (Version: 7.0.40)
JavaFX 2.1.0 (Version: 2.1.0)
League of Legends (Version: 1.3)
Left 4 Dead 2 Dedicated Server
Logitech SetPoint 5.20 (Version: 5.20)
Logitech Webcam Software (Version: 2.0)
LWS Facebook (Version: 13.50.854.0)
LWS Gallery (Version: 13.50.854.0)
LWS Help_main (Version: 13.50.862.0)
LWS Launcher (Version: 13.50.859.0)
LWS Motion Detection (Version: 13.30.1395.0)
LWS Pictures And Video (Version: 13.50.861.0)
LWS Twitter (Version: 13.30.1346.0)
LWS Video Mask Maker (Version: 13.30.1379.0)
LWS VideoEffects (Version: 13.30.1379.0)
LWS Webcam Software (Version: 13.31.1038.0)
LWS WLM Plugin (Version: 1.30.1201.0)
LWS YouTube Plugin (Version: 13.31.1038.0)
Magic 2014
Magic The Gathering Online  (Version: 3.4.78.342)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320)
Microsoft .NET Framework 4 Extended (Version: 4.0.30320)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.5.92.0)
Microsoft Games for Windows Marketplace (Version: 3.5.50.0)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Standard Edition 2003 (Version: 11.0.8173.0)
Microsoft Security Client (Version: 4.4.0304.0)
Microsoft Security Essentials (Version: 4.4.304.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (Version: 9.0.30411)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft XNA Framework Redistributable 3.1 (Version: 3.1.10527.0)
Microsoft XNA Framework Redistributable 4.0 (Version: 4.0.20823.0)
Microsoft XNA Framework Redistributable 4.0 Refresh (Version: 4.0.30901.0)
Mozilla Firefox 25.0.1 (x86 en-US) (Version: 25.0.1)
Mozilla Maintenance Service (Version: 25.0.1)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Mumble 1.2.3 (Version: 1.2.3)
Music Manager
NCLEX-PN 3000 - Institutional Version
Nero 10 Movie ThemePack Basic (Version: 10.0.10600.6.0)
Nero BurnRights 10 (Version: 4.0.11300.14.100)
Nero BurnRights 10 Help (CHM) (Version: 1.0.10900)
Nero Control Center 10 (Version: 10.0.12900.2.6)
Nero ControlCenter 10 Help (CHM) (Version: 1.0.10900)
Nero Core Components 10 (Version: 2.0.16800.7.15)
Nero CoverDesigner 10 (Version: 5.0.11200.16.100)
Nero CoverDesigner 10 Help (CHM) (Version: 1.0.10900)
Nero DiscSpeed 10 (Version: 6.0.11400.18.100)
Nero DiscSpeed 10 Help (CHM) (Version: 1.0.10900)
Nero Express 10 (Version: 10.0.12300.23.100)
Nero Express 10 Help (CHM) (Version: 1.0.10900)
Nero InfoTool 10 (Version: 7.0.11400.15.100)
Nero InfoTool 10 Help (CHM) (Version: 1.0.10900)
Nero MediaHub 10 (Version: 1.0.14800.28.100)
Nero MediaHub 10 Help (CHM) (Version: 1.0.10900)
Nero Multimedia Suite 10 Essentials (Version: 10.0.10300)
Nero StartSmart 10 (Version: 10.0.12600.30.100)
Nero StartSmart 10 Help (CHM) (Version: 1.0.10900)
Nero Update (Version: 1.0.0018)
Nexon Game Manager
Nexus Mod Manager (Version: 0.45.4)
NVIDIA 3D Vision Controller Driver 314.22 (Version: 314.22)
NVIDIA 3D Vision Driver 314.22 (Version: 314.22)
NVIDIA Control Panel 314.22 (Version: 314.22)
NVIDIA Endless City demo (Version: 1.0)
NVIDIA GeForce Experience 1.7.1 (Version: 1.7.1)
NVIDIA Graphics Driver 314.22 (Version: 314.22)
NVIDIA HD Audio Driver 1.3.23.1 (Version: 1.3.23.1)
NVIDIA Install Application (Version: 2.1002.140.952)
NVIDIA LED Visualizer 1.0 (Version: 1.0)
NVIDIA PhysX (Version: 9.12.1031)
NVIDIA ShadowPlay 9.3.21 (Version: 9.3.21)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.1422)
NVIDIA Update 9.3.21 (Version: 9.3.21)
NVIDIA Update Components (Version: 9.3.21)
NVIDIA Virtual Audio 1.2.9 (Version: 1.2.9)
Oblivion mod manager 1.1.12
OpenAL
Origin (Version: 9.3.7.2735)
Pando Media Booster (Version: 2.6.0.8)
Pandora Service
Poker Night 2
Portal 2 Publishing Tool
PowerISO
PunkBuster Services (Version: 0.991)
Quake Live Mozilla Plugin (Version: 1.0.520)
RaidCall (Version: 7.2.4-1.0.7299.14)
Rainmeter (Version: 2.2 r1116)
Realtek Ethernet Controller Driver (Version: 7.44.421.2011)
Realtek High Definition Audio Driver (Version: 6.0.1.6378)
Scrolls (Version: 1.0.0)
Shadowrun Returns
SHIELD Streaming (Version: 1.6.53)
Skype Click to Call (Version: 6.13.13771)
Skype? 6.9 (Version: 6.9.106)
Source SDK Base 2007
Splashtop Connect IE (Version: 1.1.12.1)
Spybot - Search & Destroy (Version: 1.6.2)
SpywareBlaster 4.6 (Version: 4.6.0)
Star Wars The Old Republic (Version: 7.0.0.22)
Star Wars: The Old Republic (Version: 1.00)
Steam (Version: 1.0.0.0)
Straight A's in Medical-Surgical Nursing - 2nd Edition
Straight A's in Psychiatric & Mental Health Nursing
Super Meat Boy
System Requirements Lab CYRI (Version: 6.0.8.0)
System Requirements Lab Test (Version: 5.0.6.0)
Team Fortress 2
TeamSpeak 3 Client (Version: 3.0.13.1)
The Binding of Isaac
The Elder Scrolls Online Beta (Version: 0.3.4)
The KMPlayer (remove only)
The Wolf Among Us
THX TruStudio (Version: 1.00.01)
Unofficial Oblivion Patch v3.2.0 (Version: 3.2.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
User's Guides (Version: 1.20.0000)
Vampire: The Masquerade - Bloodlines
Ventrilo Client for Windows x64 (Version: 3.0.8.0)
VLC media player 2.0.7 (Version: 2.0.7)
Windows 7 Manager (Version: 1.1.3)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
World of Warcraft
XCOM: Enemy Unknown
XFast LAN v6.61 (Version: 6.61)
XFast USB
YourFileDownloader (Version: 1.0.0)
YUME MIRU KUSURI (Version: 1.00.0000)
μTorrent (Version: 3.3.2.30303)
グリザイアの果実
真剣で私に恋しなさい!
真剣で私に恋しなさい!A-1
真剣で私に恋しなさい!S

========================= Memory info: ===================================

Percentage of memory in use: 30%
Total physical RAM: 8187.64 MB
Available physical RAM: 5705.14 MB
Total Pagefile: 16373.47 MB
Available Pagefile: 13967.12 MB
Total Virtual: 4095.88 MB
Available Virtual: 3978.44 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:465.66 GB) (Free:18.05 GB) NTFS

========================= Users: ========================================

User accounts for \\JUNJUN-PC

Administrator            Guest                    Junjun                   
UpdatusUser              


**** End of log ****
 

 

 

 

13:36:20.0925 0x0f04  TDSS rootkit removing tool 3.0.0.19 Nov 18 2013 09:27:50
13:36:36.0881 0x0f04  ============================================================
13:36:36.0881 0x0f04  Current date / time: 2013/11/29 13:36:36.0881
13:36:36.0881 0x0f04  SystemInfo:
13:36:36.0881 0x0f04  
13:36:36.0882 0x0f04  OS Version: 6.1.7601 ServicePack: 1.0
13:36:36.0882 0x0f04  Product type: Workstation
13:36:36.0882 0x0f04  ComputerName: JUNJUN-PC
13:36:36.0882 0x0f04  UserName: Junjun
13:36:36.0882 0x0f04  Windows directory: C:\Windows
13:36:36.0882 0x0f04  System windows directory: C:\Windows
13:36:36.0882 0x0f04  Running under WOW64
13:36:36.0882 0x0f04  Processor architecture: Intel x64
13:36:36.0882 0x0f04  Number of processors: 4
13:36:36.0882 0x0f04  Page size: 0x1000
13:36:36.0882 0x0f04  Boot type: Normal boot
13:36:36.0882 0x0f04  ============================================================
13:36:38.0982 0x0f04  KLMD registered as C:\Windows\system32\drivers\19445265.sys
13:36:39.0336 0x0f04  System UUID: {0BB6D47F-67D0-FD39-DCDD-D0077A436489}
13:36:39.0803 0x0f04  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:36:39.0828 0x0f04  ============================================================
13:36:39.0828 0x0f04  \Device\Harddisk0\DR0:
13:36:39.0829 0x0f04  MBR partitions:
13:36:39.0829 0x0f04  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
13:36:39.0829 0x0f04  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
13:36:39.0829 0x0f04  ============================================================
13:36:39.0861 0x0f04  C: <-> \Device\Harddisk0\DR0\Partition2
13:36:39.0861 0x0f04  ============================================================
13:36:39.0861 0x0f04  Initialize success
13:36:39.0861 0x0f04  ============================================================
13:36:48.0640 0x06f8  ============================================================
13:36:48.0641 0x06f8  Scan started
13:36:48.0641 0x06f8  Mode: Manual;
13:36:48.0641 0x06f8  ============================================================
13:36:48.0641 0x06f8  KSN ping started
13:36:51.0400 0x06f8  KSN ping finished: true
13:36:52.0097 0x06f8  ================ Scan system memory ========================
13:36:52.0097 0x06f8  System memory - ok
13:36:52.0098 0x06f8  ================ Scan services =============================
13:36:52.0258 0x06f8  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
13:36:52.0274 0x06f8  1394ohci - ok
13:36:52.0341 0x06f8  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
13:36:52.0362 0x06f8  ACPI - ok
13:36:52.0375 0x06f8  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
13:36:52.0376 0x06f8  AcpiPmi - ok
13:36:52.0488 0x06f8  [ ADDA5E1951B90D3D23C56D3CF0622ADC, E85E7BFD29F00ED34BF5BE8BD4DA93CBB14278E16809BB55406875F0DA88551E ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
13:36:52.0493 0x06f8  AdobeARMservice - ok
13:36:52.0631 0x06f8  [ 438F31336B3DC248ABC632F1C8F34A24, 94C1218E7EC2EC6D4870A6FDC118097D7D3A359DA073DCD3A9770F399F830991 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:36:52.0648 0x06f8  AdobeFlashPlayerUpdateSvc - ok
13:36:52.0715 0x06f8  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
13:36:52.0739 0x06f8  adp94xx - ok
13:36:52.0759 0x06f8  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
13:36:52.0768 0x06f8  adpahci - ok
13:36:52.0785 0x06f8  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
13:36:52.0790 0x06f8  adpu320 - ok
13:36:52.0814 0x06f8  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
13:36:52.0816 0x06f8  AeLookupSvc - ok
13:36:52.0885 0x06f8  [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD             C:\Windows\system32\drivers\afd.sys
13:36:52.0916 0x06f8  AFD - ok
13:36:52.0954 0x06f8  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
13:36:52.0956 0x06f8  agp440 - ok
13:36:52.0987 0x06f8  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
13:36:52.0993 0x06f8  ALG - ok
13:36:53.0018 0x06f8  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
13:36:53.0020 0x06f8  aliide - ok
13:36:53.0032 0x06f8  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
13:36:53.0034 0x06f8  amdide - ok
13:36:53.0054 0x06f8  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
13:36:53.0056 0x06f8  AmdK8 - ok
13:36:53.0074 0x06f8  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
13:36:53.0076 0x06f8  AmdPPM - ok
13:36:53.0093 0x06f8  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
13:36:53.0096 0x06f8  amdsata - ok
13:36:53.0105 0x06f8  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
13:36:53.0111 0x06f8  amdsbs - ok
13:36:53.0126 0x06f8  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
13:36:53.0127 0x06f8  amdxata - ok
13:36:53.0151 0x06f8  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
13:36:53.0153 0x06f8  AppID - ok
13:36:53.0172 0x06f8  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
13:36:53.0173 0x06f8  AppIDSvc - ok
13:36:53.0216 0x06f8  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
13:36:53.0218 0x06f8  Appinfo - ok
13:36:53.0261 0x06f8  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
13:36:53.0274 0x06f8  AppMgmt - ok
13:36:53.0300 0x06f8  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
13:36:53.0307 0x06f8  arc - ok
13:36:53.0325 0x06f8  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
13:36:53.0332 0x06f8  arcsas - ok
13:36:53.0458 0x06f8  [ 9217D874131AE6FF8F642F124F00A555, BE2923D5AA7748FDAAED73AF567D015517B36F1C739C6E5637DD15112EFDF495 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
13:36:53.0462 0x06f8  aspnet_state - ok
13:36:53.0529 0x06f8  [ E1AFEE1584C74050DE0DD16DE2A54BF3, 77C8D98159D8BCDC7917B04977949823D50C49D0D13587310E060A4B8893AE42 ] AsrAppCharger   C:\Windows\system32\DRIVERS\AsrAppCharger.sys
13:36:53.0570 0x06f8  AsrAppCharger - ok
13:36:53.0580 0x06f8  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
13:36:53.0581 0x06f8  AsyncMac - ok
13:36:53.0602 0x06f8  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
13:36:53.0602 0x06f8  atapi - ok
13:36:53.0677 0x06f8  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:36:53.0704 0x06f8  AudioEndpointBuilder - ok
13:36:53.0724 0x06f8  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
13:36:53.0738 0x06f8  AudioSrv - ok
13:36:53.0768 0x06f8  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
13:36:53.0777 0x06f8  AxInstSV - ok
13:36:53.0829 0x06f8  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
13:36:53.0847 0x06f8  b06bdrv - ok
13:36:53.0884 0x06f8  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
13:36:53.0891 0x06f8  b57nd60a - ok
13:36:53.0912 0x06f8  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
13:36:53.0916 0x06f8  BDESVC - ok
13:36:53.0931 0x06f8  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
13:36:53.0932 0x06f8  Beep - ok
13:36:54.0013 0x06f8  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
13:36:54.0039 0x06f8  BFE - ok
13:36:54.0073 0x06f8  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
13:36:54.0107 0x06f8  BITS - ok
13:36:54.0129 0x06f8  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
13:36:54.0130 0x06f8  blbdrive - ok
13:36:54.0155 0x06f8  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
13:36:54.0158 0x06f8  bowser - ok
13:36:54.0297 0x06f8  [ D4F84730BE7FEB435D119792F84EA934, AE66026CEF3E3F71A210C903E55C327955872B22F01E80FC3410B0AA1355062C ] BRDriver64      C:\ProgramData\BitRaider\BRDriver64.sys
13:36:54.0323 0x06f8  BRDriver64 - ok
13:36:54.0335 0x06f8  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
13:36:54.0337 0x06f8  BrFiltLo - ok
13:36:54.0348 0x06f8  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
13:36:54.0350 0x06f8  BrFiltUp - ok
13:36:54.0388 0x06f8  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
13:36:54.0392 0x06f8  Browser - ok
13:36:54.0416 0x06f8  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
13:36:54.0424 0x06f8  Brserid - ok
13:36:54.0429 0x06f8  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
13:36:54.0431 0x06f8  BrSerWdm - ok
13:36:54.0484 0x06f8  [ 78561B78811A147B99CB47EBBD2D2847, 4EF1ED64CAF0549B43A660FF70D5035DFD59CCD22E7353150E8A13944C936520 ] BRSptSvc        C:\ProgramData\BitRaider\BRSptSvc.exe
13:36:54.0589 0x06f8  BRSptSvc - ok
13:36:54.0593 0x06f8  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
13:36:54.0594 0x06f8  BrUsbMdm - ok
13:36:54.0597 0x06f8  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
13:36:54.0598 0x06f8  BrUsbSer - ok
13:36:54.0603 0x06f8  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
13:36:54.0604 0x06f8  BTHMODEM - ok
13:36:54.0621 0x06f8  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
13:36:54.0623 0x06f8  bthserv - ok
13:36:54.0639 0x06f8  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
13:36:54.0641 0x06f8  cdfs - ok
13:36:54.0666 0x06f8  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
13:36:54.0669 0x06f8  cdrom - ok
13:36:54.0706 0x06f8  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
13:36:54.0712 0x06f8  CertPropSvc - ok
13:36:54.0809 0x06f8  [ 33B82CF69E41B38A2EC0C3CABDE80D6E, E7331B38232001A4055CE1F6D74AED0F108385DDBD5211006DA8EA932D3B1575 ] cFosSpeed       C:\Windows\system32\DRIVERS\cfosspeed6.sys
13:36:54.0837 0x06f8  cFosSpeed - ok
13:36:54.0917 0x06f8  [ 760085908644D2988F1B504C3FCA6959, 65BF8084E14A8755A4DBE8AEAFDC4D3A55F59AEE3D2FED021A202D8B6C02566C ] cFosSpeedS      C:\Program Files\ASRock\XFast LAN\spd.exe
13:36:54.0939 0x06f8  cFosSpeedS - ok
13:36:54.0976 0x06f8  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
13:36:54.0977 0x06f8  circlass - ok
13:36:55.0016 0x06f8  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
13:36:55.0025 0x06f8  CLFS - ok
13:36:55.0084 0x06f8  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:36:55.0090 0x06f8  clr_optimization_v2.0.50727_32 - ok
13:36:55.0119 0x06f8  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:36:55.0122 0x06f8  clr_optimization_v2.0.50727_64 - ok
13:36:55.0208 0x06f8  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:36:55.0218 0x06f8  clr_optimization_v4.0.30319_32 - ok
13:36:55.0261 0x06f8  [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:36:55.0265 0x06f8  clr_optimization_v4.0.30319_64 - ok
13:36:55.0291 0x06f8  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
13:36:55.0292 0x06f8  CmBatt - ok
13:36:55.0314 0x06f8  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
13:36:55.0316 0x06f8  cmdide - ok
13:36:55.0357 0x06f8  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
13:36:55.0368 0x06f8  CNG - ok
13:36:55.0389 0x06f8  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
13:36:55.0391 0x06f8  Compbatt - ok
13:36:55.0406 0x06f8  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
13:36:55.0407 0x06f8  CompositeBus - ok
13:36:55.0419 0x06f8  COMSysApp - ok
13:36:55.0436 0x06f8  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
13:36:55.0437 0x06f8  crcdisk - ok
13:36:55.0462 0x06f8  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
13:36:55.0468 0x06f8  CryptSvc - ok
13:36:55.0498 0x06f8  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
13:36:55.0512 0x06f8  CSC - ok
13:36:55.0540 0x06f8  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
13:36:55.0553 0x06f8  CscService - ok
13:36:55.0739 0x06f8  DAUpdaterSvc - ok
13:36:55.0802 0x06f8  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
13:36:55.0835 0x06f8  DcomLaunch - ok
13:36:55.0869 0x06f8  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
13:36:55.0877 0x06f8  defragsvc - ok
13:36:55.0897 0x06f8  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
13:36:55.0900 0x06f8  DfsC - ok
13:36:55.0926 0x06f8  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
13:36:55.0934 0x06f8  Dhcp - ok
13:36:55.0960 0x06f8  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
13:36:55.0962 0x06f8  discache - ok
13:36:55.0988 0x06f8  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
13:36:55.0990 0x06f8  Disk - ok
13:36:56.0020 0x06f8  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
13:36:56.0025 0x06f8  Dnscache - ok
13:36:56.0053 0x06f8  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
13:36:56.0060 0x06f8  dot3svc - ok
13:36:56.0076 0x06f8  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
13:36:56.0102 0x06f8  DPS - ok
13:36:56.0167 0x06f8  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
13:36:56.0188 0x06f8  drmkaud - ok
13:36:56.0404 0x06f8  [ 46571ED73AE84469DCA53081D33CF3C8, 8BB386BB4F6AD39F06A8607CD1DF3D67CFA45BBE52E40EDB90EB8C862283EBFF ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
13:36:56.0421 0x06f8  dtsoftbus01 - ok
13:36:56.0503 0x06f8  [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
13:36:56.0524 0x06f8  DXGKrnl - ok
13:36:56.0542 0x06f8  EagleX64 - ok
13:36:56.0566 0x06f8  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
13:36:56.0569 0x06f8  EapHost - ok
13:36:56.0666 0x06f8  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
13:36:56.0746 0x06f8  ebdrv - ok
13:36:56.0778 0x06f8  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS             C:\Windows\System32\lsass.exe
13:36:56.0779 0x06f8  EFS - ok
13:36:56.0861 0x06f8  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
13:36:56.0920 0x06f8  ehRecvr - ok
13:36:56.0943 0x06f8  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
13:36:56.0947 0x06f8  ehSched - ok
13:36:56.0982 0x06f8  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
13:36:56.0995 0x06f8  elxstor - ok
13:36:57.0008 0x06f8  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
13:36:57.0009 0x06f8  ErrDev - ok
13:36:57.0045 0x06f8  [ DB6AEC32FAF5BD002D9ED6C38692D42B, 8BB85AE88E783B678B05D5937B7EE261BB6ECC9BF82CCB0D9A4009A1535F62B3 ] EtronHub3       C:\Windows\system32\Drivers\EtronHub3.sys
13:36:57.0047 0x06f8  EtronHub3 - ok
13:36:57.0065 0x06f8  [ 9CC2F24274741E12F9DF92125EA6D6D8, AC51B2A81A4D285E2E17880597B491EBBFEC533A5009B810E4AD0D9FC589EB22 ] EtronXHCI       C:\Windows\system32\Drivers\EtronXHCI.sys
13:36:57.0068 0x06f8  EtronXHCI - ok
13:36:57.0090 0x06f8  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
13:36:57.0100 0x06f8  EventSystem - ok
13:36:57.0110 0x06f8  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
13:36:57.0115 0x06f8  exfat - ok
13:36:57.0132 0x06f8  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
13:36:57.0138 0x06f8  fastfat - ok
13:36:57.0178 0x06f8  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
13:36:57.0203 0x06f8  Fax - ok
13:36:57.0209 0x06f8  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
13:36:57.0210 0x06f8  fdc - ok
13:36:57.0225 0x06f8  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
13:36:57.0226 0x06f8  fdPHost - ok
13:36:57.0234 0x06f8  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
13:36:57.0235 0x06f8  FDResPub - ok
13:36:57.0254 0x06f8  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
13:36:57.0255 0x06f8  FileInfo - ok
13:36:57.0264 0x06f8  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
13:36:57.0265 0x06f8  Filetrace - ok
13:36:57.0269 0x06f8  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
13:36:57.0270 0x06f8  flpydisk - ok
13:36:57.0286 0x06f8  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
13:36:57.0292 0x06f8  FltMgr - ok
13:36:57.0325 0x06f8  [ 508401A63E6B1CBF0B9C9A011498731F, F636B0A9C0EB6AE7EC04E5C5FD8A0578AEB76A1B0D974F355BCE6B6091901725 ] FNETTBOH_305    C:\Windows\system32\drivers\FNETTBOH_305.SYS
13:36:57.0333 0x06f8  FNETTBOH_305 - ok
13:36:57.0350 0x06f8  [ 7C3C4B4C951EC1BDFD4F769D05E2CC68, 7B9DA195D3CF0E7BE6BB532CC5D058BC6658B7538B5C5CF09B1A4ABEF1ECACB4 ] FNETURPX        C:\Windows\system32\drivers\FNETURPX.SYS
13:36:57.0357 0x06f8  FNETURPX - ok
13:36:57.0441 0x06f8  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
13:36:57.0484 0x06f8  FontCache - ok
13:36:57.0531 0x06f8  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:36:57.0532 0x06f8  FontCache3.0.0.0 - ok
13:36:57.0553 0x06f8  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
13:36:57.0555 0x06f8  FsDepends - ok
13:36:57.0576 0x06f8  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
13:36:57.0577 0x06f8  Fs_Rec - ok
13:36:57.0603 0x06f8  [ 1F7B25B858FA27015169FE95E54108ED, 72DD12E924AA7273B3E4BDD2A2C581DECE304C8EF3D44EA79ABB032F3F95DCE5 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
13:36:57.0609 0x06f8  fvevol - ok
13:36:57.0629 0x06f8  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
13:36:57.0632 0x06f8  gagp30kx - ok
13:36:57.0672 0x06f8  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
13:36:57.0698 0x06f8  gpsvc - ok
13:36:57.0754 0x06f8  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:36:57.0764 0x06f8  gupdate - ok
13:36:57.0788 0x06f8  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:36:57.0796 0x06f8  gupdatem - ok
13:36:57.0848 0x06f8  [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
13:36:57.0860 0x06f8  gusvc - ok
13:36:57.0881 0x06f8  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
13:36:57.0885 0x06f8  hcw85cir - ok
13:36:57.0946 0x06f8  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:36:57.0980 0x06f8  HdAudAddService - ok
13:36:58.0016 0x06f8  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
13:36:58.0025 0x06f8  HDAudBus - ok
13:36:58.0036 0x06f8  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
13:36:58.0039 0x06f8  HidBatt - ok
13:36:58.0054 0x06f8  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
13:36:58.0059 0x06f8  HidBth - ok
13:36:58.0065 0x06f8  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
13:36:58.0066 0x06f8  HidIr - ok
13:36:58.0091 0x06f8  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
13:36:58.0092 0x06f8  hidserv - ok
13:36:58.0119 0x06f8  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
13:36:58.0120 0x06f8  HidUsb - ok
13:36:58.0143 0x06f8  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
13:36:58.0146 0x06f8  hkmsvc - ok
13:36:58.0173 0x06f8  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:36:58.0180 0x06f8  HomeGroupListener - ok
13:36:58.0202 0x06f8  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:36:58.0209 0x06f8  HomeGroupProvider - ok
13:36:58.0214 0x06f8  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
13:36:58.0217 0x06f8  HpSAMD - ok
13:36:58.0267 0x06f8  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
13:36:58.0293 0x06f8  HTTP - ok
13:36:58.0304 0x06f8  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
13:36:58.0304 0x06f8  hwpolicy - ok
13:36:58.0328 0x06f8  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
13:36:58.0331 0x06f8  i8042prt - ok
13:36:58.0356 0x06f8  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
13:36:58.0364 0x06f8  iaStorV - ok
13:36:58.0440 0x06f8  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:36:58.0469 0x06f8  idsvc - ok
13:36:58.0511 0x06f8  IEEtwCollectorService - ok
13:36:58.0538 0x06f8  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
13:36:58.0540 0x06f8  iirsp - ok
13:36:58.0606 0x06f8  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
13:36:58.0640 0x06f8  IKEEXT - ok
13:36:58.0768 0x06f8  [ C7124DA48E557D8F88D0D7F1254557F4, 300BC8ACB5CCB15F80ECAEAD27F12925EE94C84FE8110143A3E0F30E19DDA87B ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
13:36:58.0812 0x06f8  IntcAzAudAddService - ok
13:36:58.0830 0x06f8  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
13:36:58.0831 0x06f8  intelide - ok
13:36:58.0846 0x06f8  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
13:36:58.0848 0x06f8  intelppm - ok
13:36:58.0870 0x06f8  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
13:36:58.0879 0x06f8  IPBusEnum - ok
13:36:58.0906 0x06f8  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:36:58.0909 0x06f8  IpFilterDriver - ok
13:36:58.0939 0x06f8  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
13:36:58.0942 0x06f8  IPMIDRV - ok
13:36:58.0948 0x06f8  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
13:36:58.0952 0x06f8  IPNAT - ok
13:36:58.0964 0x06f8  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
13:36:58.0965 0x06f8  IRENUM - ok
13:36:58.0969 0x06f8  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
13:36:58.0971 0x06f8  isapnp - ok
13:36:59.0002 0x06f8  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
13:36:59.0009 0x06f8  iScsiPrt - ok
13:36:59.0029 0x06f8  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
13:36:59.0030 0x06f8  kbdclass - ok
13:36:59.0051 0x06f8  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
13:36:59.0053 0x06f8  kbdhid - ok
13:36:59.0069 0x06f8  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso          C:\Windows\system32\lsass.exe
13:36:59.0071 0x06f8  KeyIso - ok
13:36:59.0104 0x06f8  [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
13:36:59.0107 0x06f8  KSecDD - ok
13:36:59.0135 0x06f8  [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
13:36:59.0139 0x06f8  KSecPkg - ok
13:36:59.0161 0x06f8  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
13:36:59.0163 0x06f8  ksthunk - ok
13:36:59.0192 0x06f8  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
13:36:59.0203 0x06f8  KtmRm - ok
13:36:59.0245 0x06f8  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
13:36:59.0253 0x06f8  LanmanServer - ok
13:36:59.0281 0x06f8  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:36:59.0286 0x06f8  LanmanWorkstation - ok
13:36:59.0349 0x06f8  [ B6552D382FF070B4ED34CBD6737277C0, 7C2C24454037170311B0267DEFB797E8DF8D157D62157D271BF7F5F74B2A12F3 ] LHidFilt        C:\Windows\system32\DRIVERS\LHidFilt.Sys
13:36:59.0353 0x06f8  LHidFilt - ok
13:36:59.0390 0x06f8  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
13:36:59.0395 0x06f8  lltdio - ok
13:36:59.0442 0x06f8  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
13:36:59.0468 0x06f8  lltdsvc - ok
13:36:59.0488 0x06f8  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
13:36:59.0492 0x06f8  lmhosts - ok
13:36:59.0515 0x06f8  [ 73C1F563AB73D459DFFE682D66476558, 9B8BEE384C968DC6C37DD54B9128D9C2BA92EDBF7BDF49D753AA7DB165F18D00 ] LMouFilt        C:\Windows\system32\DRIVERS\LMouFilt.Sys
13:36:59.0517 0x06f8  LMouFilt - ok
13:36:59.0552 0x06f8  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
13:36:59.0555 0x06f8  LSI_FC - ok
13:36:59.0574 0x06f8  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
13:36:59.0577 0x06f8  LSI_SAS - ok
13:36:59.0583 0x06f8  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
13:36:59.0585 0x06f8  LSI_SAS2 - ok
13:36:59.0596 0x06f8  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
13:36:59.0599 0x06f8  LSI_SCSI - ok
13:36:59.0616 0x06f8  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
13:36:59.0620 0x06f8  luafv - ok
13:36:59.0669 0x06f8  [ 0C85B2B6FB74B36A251792D45E0EF860, 2E04204560C1159ABC25F273B0B7F81FDF9BA5E88C17929FD924C4E945DE5020 ] LVRS64          C:\Windows\system32\DRIVERS\lvrs64.sys
13:36:59.0676 0x06f8  LVRS64 - ok
13:36:59.0878 0x06f8  [ FF3A488924B0032B1A9CA6948C1FA9E8, 6F05852B75498210926F5CDF49D2A6DD97C39CD93D32E3200D7240AADA3E7BEE ] LVUVC64         C:\Windows\system32\DRIVERS\lvuvc64.sys
13:36:59.0950 0x06f8  LVUVC64 - ok
13:36:59.0972 0x06f8  [ 8FF2D95CBA49B405C5DE27039FF0BF35, 03BF7FC7F1C2C76EDB583BA342EA1C325DB8058517744EF2A78529D3938F4DC1 ] MBfilt          C:\Windows\system32\drivers\MBfilt64.sys
13:36:59.0973 0x06f8  MBfilt - ok
13:36:59.0995 0x06f8  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
13:36:59.0998 0x06f8  Mcx2Svc - ok
13:37:00.0013 0x06f8  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
13:37:00.0014 0x06f8  megasas - ok
13:37:00.0034 0x06f8  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
13:37:00.0039 0x06f8  MegaSR - ok
13:37:00.0057 0x06f8  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
13:37:00.0059 0x06f8  MMCSS - ok
13:37:00.0074 0x06f8  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
13:37:00.0075 0x06f8  Modem - ok
13:37:00.0085 0x06f8  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
13:37:00.0086 0x06f8  monitor - ok
13:37:00.0119 0x06f8  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
13:37:00.0120 0x06f8  mouclass - ok
13:37:00.0123 0x06f8  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
13:37:00.0124 0x06f8  mouhid - ok
13:37:00.0146 0x06f8  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
13:37:00.0148 0x06f8  mountmgr - ok
13:37:00.0224 0x06f8  [ 5E0686615A80A6279B2314E13CD23F6E, 659931AB2DD395FAA2E5036D02BC6AAE8A7E4C9FF1A902B1FF9C15E878C89E77 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
13:37:00.0232 0x06f8  MozillaMaintenance - ok
13:37:00.0296 0x06f8  [ C6B88D62F20AC646C6BD5C032EC2FAF9, 111A07939F3C5A46F0C51B9D6F5C1D8478099E32EFD88BC260467109ADD975F8 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
13:37:00.0313 0x06f8  MpFilter - ok
13:37:00.0355 0x06f8  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
13:37:00.0366 0x06f8  mpio - ok
13:37:00.0393 0x06f8  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
13:37:00.0395 0x06f8  mpsdrv - ok
13:37:00.0438 0x06f8  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
13:37:00.0462 0x06f8  MpsSvc - ok
13:37:00.0483 0x06f8  [ DC722758B8261E1ABAFD31A3C0A66380, 88BBE073E2CCD1DAB4656DDC53D5161E8A91D035ADAC1465D0CEBA86F1BB6D9A ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
13:37:00.0486 0x06f8  MRxDAV - ok
13:37:00.0531 0x06f8  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
13:37:00.0541 0x06f8  mrxsmb - ok
13:37:00.0563 0x06f8  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:37:00.0570 0x06f8  mrxsmb10 - ok
13:37:00.0593 0x06f8  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:37:00.0596 0x06f8  mrxsmb20 - ok
13:37:00.0622 0x06f8  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
13:37:00.0624 0x06f8  msahci - ok
13:37:00.0638 0x06f8  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
13:37:00.0642 0x06f8  msdsm - ok
13:37:00.0682 0x06f8  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
13:37:00.0687 0x06f8  MSDTC - ok
13:37:00.0695 0x06f8  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
13:37:00.0696 0x06f8  Msfs - ok
13:37:00.0724 0x06f8  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
13:37:00.0725 0x06f8  mshidkmdf - ok
13:37:00.0740 0x06f8  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
13:37:00.0741 0x06f8  msisadrv - ok
13:37:00.0774 0x06f8  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
13:37:00.0779 0x06f8  MSiSCSI - ok
13:37:00.0783 0x06f8  msiserver - ok
13:37:00.0810 0x06f8  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
13:37:00.0811 0x06f8  MSKSSRV - ok
13:37:00.0889 0x06f8  [ 7675E15D1B2180745E4DA4D26AAD7385, 729AA6C610F67028CFFFF64B772FFA1CAE7581D37F8909BDA423D52AF85C92C8 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
13:37:00.0892 0x06f8  MsMpSvc - ok
13:37:00.0912 0x06f8  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
13:37:00.0914 0x06f8  MSPCLOCK - ok
13:37:00.0950 0x06f8  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
13:37:00.0951 0x06f8  MSPQM - ok
13:37:00.0972 0x06f8  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
13:37:00.0981 0x06f8  MsRPC - ok
13:37:00.0996 0x06f8  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
13:37:00.0997 0x06f8  mssmbios - ok
13:37:01.0009 0x06f8  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
13:37:01.0010 0x06f8  MSTEE - ok
13:37:01.0014 0x06f8  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
13:37:01.0015 0x06f8  MTConfig - ok
13:37:01.0030 0x06f8  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
13:37:01.0032 0x06f8  Mup - ok
13:37:01.0068 0x06f8  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
13:37:01.0081 0x06f8  napagent - ok
13:37:01.0110 0x06f8  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
13:37:01.0116 0x06f8  NativeWifiP - ok
13:37:01.0188 0x06f8  [ 9D1CCE440552500DED3A62F9D779CDB4, C6B3B1C891A8BA3F91CC1EC21919C4F80F4C9CAF88971AB6CA11F09820601EBD ] NAUpdate        C:\Program Files (x86)\Nero\Update\NASvc.exe
13:37:01.0230 0x06f8  NAUpdate - ok
13:37:01.0331 0x06f8  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
13:37:01.0362 0x06f8  NDIS - ok
13:37:01.0382 0x06f8  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
13:37:01.0384 0x06f8  NdisCap - ok
13:37:01.0403 0x06f8  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
13:37:01.0404 0x06f8  NdisTapi - ok
13:37:01.0421 0x06f8  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
13:37:01.0423 0x06f8  Ndisuio - ok
13:37:01.0460 0x06f8  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
13:37:01.0465 0x06f8  NdisWan - ok
13:37:01.0486 0x06f8  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
13:37:01.0488 0x06f8  NDProxy - ok
13:37:01.0493 0x06f8  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
13:37:01.0495 0x06f8  NetBIOS - ok
13:37:01.0510 0x06f8  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
13:37:01.0517 0x06f8  NetBT - ok
13:37:01.0536 0x06f8  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon        C:\Windows\system32\lsass.exe
13:37:01.0538 0x06f8  Netlogon - ok
13:37:01.0566 0x06f8  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
13:37:01.0576 0x06f8  Netman - ok
13:37:01.0610 0x06f8  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:37:01.0614 0x06f8  NetMsmqActivator - ok
13:37:01.0636 0x06f8  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:37:01.0639 0x06f8  NetPipeActivator - ok
13:37:01.0665 0x06f8  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
13:37:01.0678 0x06f8  netprofm - ok
13:37:01.0684 0x06f8  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:37:01.0687 0x06f8  NetTcpActivator - ok
13:37:01.0693 0x06f8  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:37:01.0696 0x06f8  NetTcpPortSharing - ok
13:37:01.0716 0x06f8  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
13:37:01.0718 0x06f8  nfrd960 - ok
13:37:01.0749 0x06f8  [ ACE8C64C57E4A711473C8BC10ADF692B, 53D8083CE78DB5527080B4570AC28ABAA262667744A319707AE0C46E46B297F9 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
13:37:01.0752 0x06f8  NisDrv - ok
13:37:01.0809 0x06f8  [ 6247E8B31ED0A9D6BC5A26276E49BEB3, 230C0C560492C454B9EB14B50EB4A78DC74FAB6B662449A0EA3114B3E671BFF3 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
13:37:01.0818 0x06f8  NisSrv - ok
13:37:01.0838 0x06f8  [ 1EE99A89CC788ADA662441D1E9830529, 6B4FDD74BB81E12BD4B25A3E8AECB0FA77FA0075D454DD1D6DC1790ADF1F2AA8 ] NlaSvc          C:\Windows\System32\nlasvc.dll
13:37:01.0847 0x06f8  NlaSvc - ok
13:37:01.0852 0x06f8  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
13:37:01.0853 0x06f8  Npfs - ok
13:37:01.0864 0x06f8  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
13:37:01.0866 0x06f8  nsi - ok
13:37:01.0879 0x06f8  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
13:37:01.0880 0x06f8  nsiproxy - ok
13:37:01.0978 0x06f8  [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
13:37:02.0034 0x06f8  Ntfs - ok
13:37:02.0048 0x06f8  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
13:37:02.0048 0x06f8  Null - ok
13:37:02.0102 0x06f8  [ B4F53BCA4C688FF47F04FA90098F896E, 6051CFC0CFE659A2C4CFC1029F19CF1B1B98A1A5E59C2B3A10D7B3407A7FA5C0 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
13:37:02.0114 0x06f8  NVHDA - ok
13:37:02.0465 0x06f8  [ 4EE399576F76D38C04745DB739BBC8C7, 7D7FB6013D5D3EE1908F37188AA440EE6EF80A432204EB59AE190ACD14CD1FE0 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
13:37:02.0623 0x06f8  nvlddmkm - ok
13:37:02.0662 0x06f8  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
13:37:02.0665 0x06f8  nvraid - ok
13:37:02.0687 0x06f8  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
13:37:02.0691 0x06f8  nvstor - ok
13:37:03.0179 0x06f8  [ F0AD6B3A2352EFADC223A9587693A51A, A0B3AB07364BB59D531AD73145A606DE2B2CB9AF29691FD983F1B0E3197E6637 ] NvStreamSvc     C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
13:37:03.0548 0x06f8  NvStreamSvc - ok
13:37:03.0662 0x06f8  [ 7335C3D78A7746D76D37F6722CC4A466, 18BDD51AB0EB4084E1DA2F27B8D4FCF488ED9161C034BB3CDFF5BE33F84C1D37 ] nvsvc           C:\Windows\system32\nvvsvc.exe
13:37:03.0698 0x06f8  nvsvc - ok
13:37:03.0877 0x06f8  [ F313FFEA01C3DFF4E7E763DA29B0FF36, 6D9FA981A27E120DB7AF9B6545B476ACA08B511CB01A202553017F63A4709188 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
13:37:03.0924 0x06f8  nvUpdatusService - ok
13:37:03.0963 0x06f8  [ 31B16657118E439B77B0A527F7EA66CB, 8C375D2AFF56125E08587DDDCE6AD31DE6D2DEEDC9AD95ADE95B7499F79A5B56 ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
13:37:03.0964 0x06f8  nvvad_WaveExtensible - ok
13:37:04.0003 0x06f8  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
13:37:04.0012 0x06f8  nv_agp - ok
13:37:04.0049 0x06f8  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
13:37:04.0055 0x06f8  ohci1394 - ok
13:37:04.0100 0x06f8  [ 7A56CF3E3F12E8AF599963B16F50FB6A, 882C82BAE96D263138D4C0D6C425458B770B7B9C8E9C1D28AC918BF6BE94A5C2 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:37:04.0106 0x06f8  ose - ok
13:37:04.0168 0x06f8  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
13:37:04.0193 0x06f8  p2pimsvc - ok
13:37:04.0220 0x06f8  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
13:37:04.0233 0x06f8  p2psvc - ok
13:37:04.0303 0x06f8  [ 20BD38241EDD66D8FDC9E3496A1762A3, 68E1C705758943F5EF0AA19F953396C2AE3C149A6BAD924C10C7C9E19502E06C ] PanService      C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
13:37:04.0597 0x06f8  PanService - ok
13:37:04.0634 0x06f8  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
13:37:04.0642 0x06f8  Parport - ok
13:37:04.0673 0x06f8  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
13:37:04.0679 0x06f8  partmgr - ok
13:37:04.0707 0x06f8  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
13:37:04.0722 0x06f8  PcaSvc - ok
13:37:04.0750 0x06f8  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
13:37:04.0755 0x06f8  pci - ok
13:37:04.0775 0x06f8  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
13:37:04.0776 0x06f8  pciide - ok
13:37:04.0785 0x06f8  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
13:37:04.0791 0x06f8  pcmcia - ok
13:37:04.0806 0x06f8  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
13:37:04.0807 0x06f8  pcw - ok
13:37:04.0827 0x06f8  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
13:37:04.0848 0x06f8  PEAUTH - ok
13:37:04.0914 0x06f8  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
13:37:04.0956 0x06f8  PeerDistSvc - ok
13:37:05.0025 0x06f8  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
13:37:05.0029 0x06f8  PerfHost - ok
13:37:05.0101 0x06f8  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
13:37:05.0134 0x06f8  pla - ok
13:37:05.0168 0x06f8  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
13:37:05.0176 0x06f8  PlugPlay - ok
13:37:05.0189 0x06f8  PnkBstrA - ok
13:37:05.0208 0x06f8  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
13:37:05.0210 0x06f8  PNRPAutoReg - ok
13:37:05.0229 0x06f8  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
13:37:05.0234 0x06f8  PNRPsvc - ok
13:37:05.0259 0x06f8  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
13:37:05.0269 0x06f8  PolicyAgent - ok
13:37:05.0292 0x06f8  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
13:37:05.0296 0x06f8  Power - ok
13:37:05.0332 0x06f8  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
13:37:05.0335 0x06f8  PptpMiniport - ok
13:37:05.0345 0x06f8  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
13:37:05.0347 0x06f8  Processor - ok
13:37:05.0373 0x06f8  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
13:37:05.0378 0x06f8  ProfSvc - ok
13:37:05.0394 0x06f8  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\Windows\system32\lsass.exe
13:37:05.0395 0x06f8  ProtectedStorage - ok
13:37:05.0436 0x06f8  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
13:37:05.0439 0x06f8  Psched - ok
13:37:05.0564 0x06f8  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
13:37:05.0612 0x06f8  ql2300 - ok
13:37:05.0631 0x06f8  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
13:37:05.0634 0x06f8  ql40xx - ok
13:37:05.0641 0x06f8  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
13:37:05.0647 0x06f8  QWAVE - ok
13:37:05.0658 0x06f8  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
13:37:05.0659 0x06f8  QWAVEdrv - ok
13:37:05.0669 0x06f8  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
13:37:05.0670 0x06f8  RasAcd - ok
13:37:05.0689 0x06f8  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
13:37:05.0691 0x06f8  RasAgileVpn - ok
13:37:05.0703 0x06f8  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
13:37:05.0706 0x06f8  RasAuto - ok
13:37:05.0733 0x06f8  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
13:37:05.0735 0x06f8  Rasl2tp - ok
13:37:05.0759 0x06f8  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
13:37:05.0766 0x06f8  RasMan - ok
13:37:05.0782 0x06f8  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
13:37:05.0784 0x06f8  RasPppoe - ok
13:37:05.0789 0x06f8  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
13:37:05.0791 0x06f8  RasSstp - ok
13:37:05.0807 0x06f8  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
13:37:05.0812 0x06f8  rdbss - ok
13:37:05.0832 0x06f8  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
13:37:05.0833 0x06f8  rdpbus - ok
13:37:05.0840 0x06f8  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
13:37:05.0841 0x06f8  RDPCDD - ok
13:37:05.0873 0x06f8  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
13:37:05.0876 0x06f8  RDPDR - ok
13:37:05.0894 0x06f8  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
13:37:05.0895 0x06f8  RDPENCDD - ok
13:37:05.0914 0x06f8  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
13:37:05.0916 0x06f8  RDPREFMP - ok
13:37:05.0969 0x06f8  [ 70CBA1A0C98600A2AA1863479B35CB90, 91A133297921B4955817176251AFC5283DA3C7D2099700C4C92ECC94DBE9A99E ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
13:37:05.0971 0x06f8  RdpVideoMiniport - ok
13:37:06.0006 0x06f8  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
13:37:06.0012 0x06f8  RDPWD - ok
13:37:06.0035 0x06f8  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
13:37:06.0040 0x06f8  rdyboost - ok
13:37:06.0072 0x06f8  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
13:37:06.0076 0x06f8  RemoteAccess - ok
13:37:06.0105 0x06f8  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
13:37:06.0111 0x06f8  RemoteRegistry - ok
13:37:06.0129 0x06f8  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
13:37:06.0132 0x06f8  RpcEptMapper - ok
13:37:06.0154 0x06f8  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
13:37:06.0156 0x06f8  RpcLocator - ok
13:37:06.0192 0x06f8  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
13:37:06.0204 0x06f8  RpcSs - ok
13:37:06.0216 0x06f8  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
13:37:06.0218 0x06f8  rspndr - ok
13:37:06.0285 0x06f8  [ F4C374B1C46DE294B573BB43723AC3F6, 9B8A40BF54262A1949661596CB753D0B591E94577470ED44D498042BD3EA7C10 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
13:37:06.0310 0x06f8  RTL8167 - ok
13:37:06.0336 0x06f8  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
13:37:06.0337 0x06f8  s3cap - ok
13:37:06.0352 0x06f8  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs           C:\Windows\system32\lsass.exe
13:37:06.0354 0x06f8  SamSs - ok
13:37:06.0366 0x06f8  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
13:37:06.0369 0x06f8  sbp2port - ok
13:37:06.0387 0x06f8  SBRE - ok
13:37:06.0407 0x06f8  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
13:37:06.0414 0x06f8  SCardSvr - ok
13:37:06.0500 0x06f8  [ 8475E746EB72D04F1015E6F091F50E09, 98EDC0966AD10E5EC750660824DA22ECE8D0B9D9A8AA21F61BC4FD23ACF6BA3A ] SCBackService   C:\Program Files (x86)\Splashtop\Splashtop Connect\BackService.exe
13:37:06.0524 0x06f8  SCBackService - ok
13:37:06.0566 0x06f8  [ 7FB7A7448D6D3609724C3E5BD7A90F8E, 95F31A1F7CB07FD83931EEA545EF26F83101355D6C40D6D0B6ABE166F4168D3D ] SCDEmu          C:\Windows\system32\drivers\SCDEmu.sys
13:37:06.0631 0x06f8  SCDEmu - ok
13:37:06.0645 0x06f8  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
13:37:06.0646 0x06f8  scfilter - ok
13:37:06.0676 0x06f8  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
13:37:06.0711 0x06f8  Schedule - ok
13:37:06.0735 0x06f8  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
13:37:06.0736 0x06f8  SCPolicySvc - ok
13:37:06.0775 0x06f8  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
13:37:06.0789 0x06f8  SDRSVC - ok
13:37:06.0823 0x06f8  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
13:37:06.0824 0x06f8  secdrv - ok
13:37:06.0840 0x06f8  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
13:37:06.0843 0x06f8  seclogon - ok
13:37:06.0868 0x06f8  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
13:37:06.0871 0x06f8  SENS - ok
13:37:06.0882 0x06f8  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
13:37:06.0884 0x06f8  SensrSvc - ok
13:37:06.0901 0x06f8  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
13:37:06.0902 0x06f8  Serenum - ok
13:37:06.0908 0x06f8  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
13:37:06.0910 0x06f8  Serial - ok
13:37:06.0944 0x06f8  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
13:37:06.0946 0x06f8  sermouse - ok
13:37:06.0985 0x06f8  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
13:37:06.0989 0x06f8  SessionEnv - ok
13:37:07.0008 0x06f8  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
13:37:07.0009 0x06f8  sffdisk - ok
13:37:07.0026 0x06f8  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
13:37:07.0027 0x06f8  sffp_mmc - ok
13:37:07.0041 0x06f8  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
13:37:07.0042 0x06f8  sffp_sd - ok
13:37:07.0054 0x06f8  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
13:37:07.0055 0x06f8  sfloppy - ok
13:37:07.0085 0x06f8  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:37:07.0096 0x06f8  ShellHWDetection - ok
13:37:07.0115 0x06f8  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
13:37:07.0117 0x06f8  SiSRaid2 - ok
13:37:07.0132 0x06f8  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
13:37:07.0134 0x06f8  SiSRaid4 - ok
13:37:07.0375 0x06f8  [ 9F712B26EE3B0242DE997A42FD302E2C, 12663EB108F158282A965EE70980627C2F2332BA7944D7DE03B78E18BEB87D26 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
13:37:07.0527 0x06f8  Skype C2C Service - ok
13:37:07.0619 0x06f8  [ F5BBEDF602C310B00036EB2DBF4348A5, AC2712E639F0C54BCF00EB4E90E805335871EA27AE8A45DFC53EDF28822318C4 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
13:37:07.0630 0x06f8  SkypeUpdate - ok
13:37:07.0646 0x06f8  SmartViewService - ok
13:37:07.0670 0x06f8  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
13:37:07.0677 0x06f8  Smb - ok
13:37:07.0714 0x06f8  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
13:37:07.0716 0x06f8  SNMPTRAP - ok
13:37:07.0724 0x06f8  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
13:37:07.0725 0x06f8  spldr - ok
13:37:07.0771 0x06f8  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
13:37:07.0787 0x06f8  Spooler - ok
13:37:07.0918 0x06f8  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
13:37:07.0996 0x06f8  sppsvc - ok
13:37:08.0016 0x06f8  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
13:37:08.0019 0x06f8  sppuinotify - ok
13:37:08.0076 0x06f8  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
13:37:08.0093 0x06f8  srv - ok
13:37:08.0112 0x06f8  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
13:37:08.0123 0x06f8  srv2 - ok
13:37:08.0141 0x06f8  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
13:37:08.0146 0x06f8  srvnet - ok
13:37:08.0162 0x06f8  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
13:37:08.0168 0x06f8  SSDPSRV - ok
13:37:08.0181 0x06f8  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
13:37:08.0184 0x06f8  SstpSvc - ok
13:37:08.0287 0x06f8  [ DB0768632C680B7C0D3AA92D80416893, BEC3CF4F1CB150AC7C4647DD7C0D5D62B10824308E44467CD77CA3427A46FB20 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
13:37:08.0317 0x06f8  Steam Client Service - ok
13:37:08.0460 0x06f8  [ 81F177C1954453AF407604160BD149CB, D6B05F7E399690233C71C1E4B88F95D566BC6A14D145715A8A8C0FFD591147F0 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
13:37:08.0480 0x06f8  Stereo Service - ok
13:37:08.0506 0x06f8  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
13:37:08.0508 0x06f8  stexstor - ok
13:37:08.0578 0x06f8  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
13:37:08.0622 0x06f8  stisvc - ok
13:37:08.0642 0x06f8  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
13:37:08.0643 0x06f8  storflt - ok
13:37:08.0656 0x06f8  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
13:37:08.0658 0x06f8  storvsc - ok
13:37:08.0668 0x06f8  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
13:37:08.0669 0x06f8  swenum - ok
13:37:08.0699 0x06f8  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
13:37:08.0713 0x06f8  swprv - ok
13:37:08.0718 0x06f8  Synth3dVsc - ok
13:37:08.0786 0x06f8  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
13:37:08.0832 0x06f8  SysMain - ok
13:37:08.0855 0x06f8  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:37:08.0858 0x06f8  TabletInputService - ok
13:37:08.0881 0x06f8  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
13:37:08.0888 0x06f8  TapiSrv - ok
13:37:08.0904 0x06f8  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
13:37:08.0906 0x06f8  TBS - ok
13:37:09.0002 0x06f8  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
13:37:09.0047 0x06f8  Tcpip - ok
13:37:09.0106 0x06f8  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
13:37:09.0133 0x06f8  TCPIP6 - ok
13:37:09.0157 0x06f8  [ DF687E3D8836BFB04FCC0615BF15A519, 7C5B1E72673B4299DFC21E869F0FBB28198CA54DF4F4AF7080005F2D82467784 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
13:37:09.0158 0x06f8  tcpipreg - ok
13:37:09.0180 0x06f8  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
13:37:09.0181 0x06f8  TDPIPE - ok
13:37:09.0197 0x06f8  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
13:37:09.0198 0x06f8  TDTCP - ok
13:37:09.0228 0x06f8  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
13:37:09.0237 0x06f8  tdx - ok
13:37:09.0256 0x06f8  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
13:37:09.0260 0x06f8  TermDD - ok
13:37:09.0300 0x06f8  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
13:37:09.0326 0x06f8  TermService - ok
13:37:09.0340 0x06f8  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
13:37:09.0343 0x06f8  Themes - ok
13:37:09.0366 0x06f8  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
13:37:09.0369 0x06f8  THREADORDER - ok
13:37:09.0392 0x06f8  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
13:37:09.0397 0x06f8  TrkWks - ok
13:37:09.0454 0x06f8  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:37:09.0467 0x06f8  TrustedInstaller - ok
13:37:09.0496 0x06f8  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
13:37:09.0497 0x06f8  tssecsrv - ok
13:37:09.0528 0x06f8  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
13:37:09.0530 0x06f8  TsUsbFlt - ok
13:37:09.0533 0x06f8  tsusbhub - ok
13:37:09.0573 0x06f8  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
13:37:09.0577 0x06f8  tunnel - ok
13:37:09.0602 0x06f8  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
13:37:09.0608 0x06f8  uagp35 - ok
13:37:09.0645 0x06f8  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
13:37:09.0671 0x06f8  udfs - ok
13:37:09.0705 0x06f8  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
13:37:09.0708 0x06f8  UI0Detect - ok
13:37:09.0725 0x06f8  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
13:37:09.0727 0x06f8  uliagpkx - ok
13:37:09.0756 0x06f8  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\drivers\umbus.sys
13:37:09.0758 0x06f8  umbus - ok
13:37:09.0762 0x06f8  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
13:37:09.0763 0x06f8  UmPass - ok
13:37:09.0794 0x06f8  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
13:37:09.0801 0x06f8  UmRdpService - ok
13:37:09.0899 0x06f8  [ 67A95B9D129ED5399E7965CD09CF30E7, F1F2F684146F1CCB293BB9871117B8CFC1D04588A830F67CE5D3F0D034D93B2A ] UMVPFSrv        C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
13:37:09.0917 0x06f8  UMVPFSrv - ok
13:37:09.0939 0x06f8  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
13:37:09.0949 0x06f8  upnphost - ok
13:37:10.0010 0x06f8  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
13:37:10.0018 0x06f8  usbaudio - ok
13:37:10.0071 0x06f8  [ ACCEA6BC68D0C9A78EB97EE159028B4E, 132F7A543C1DA9456FBABA50552B37E3162ACA612A8567BB3FF0F7DA84231419 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
13:37:10.0095 0x06f8  usbccgp - ok
13:37:10.0161 0x06f8  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
13:37:10.0169 0x06f8  usbcir - ok
13:37:10.0208 0x06f8  [ 311C1DD1088E55BEAE15954D17F50646, A663344ABD1414D570617F59CC00020640F31DB34265142EFCA8817328DB842A ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
13:37:10.0213 0x06f8  usbehci - ok
13:37:10.0249 0x06f8  [ 858BE9C0E498C8E505E198E17EECE0D9, 6720DEE3620325742FA5D3481534C703A7D7DEAFABEE08652843357E8FC97FA1 ] usbfilter       C:\Windows\system32\DRIVERS\usbfilter.sys
13:37:10.0252 0x06f8  usbfilter - ok
13:37:10.0320 0x06f8  [ 280E90CBF4B2DDD169F0728CB44D726F, 2B39666C022A4F7338BDDB4CB0D7B4D0CC6B398298D29E38826F27FADF4C29DD ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
13:37:10.0350 0x06f8  usbhub - ok
13:37:10.0377 0x06f8  [ 9406D801042FAF859CF81B2C886413DC, D16536EC05260D7A2902314E1AA5E5F73533483B9967739C381FD41B6192B92F ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
13:37:10.0378 0x06f8  usbohci - ok
13:37:10.0408 0x06f8  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
13:37:10.0409 0x06f8  usbprint - ok
13:37:10.0450 0x06f8  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
13:37:10.0454 0x06f8  usbscan - ok
13:37:10.0490 0x06f8  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:37:10.0497 0x06f8  USBSTOR - ok
13:37:10.0533 0x06f8  [ A83D0EC9AE4C31704442099D40BA2471, A29D714FCDF10DF7A2A17D54B131AEFDA61AED988CF8B99C7B30728C50130DCE ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
13:37:10.0537 0x06f8  usbuhci - ok
13:37:10.0590 0x06f8  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
13:37:10.0603 0x06f8  usbvideo - ok
13:37:10.0642 0x06f8  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
13:37:10.0649 0x06f8  UxSms - ok
13:37:10.0671 0x06f8  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc        C:\Windows\system32\lsass.exe
13:37:10.0675 0x06f8  VaultSvc - ok
13:37:10.0697 0x06f8  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
13:37:10.0698 0x06f8  vdrvroot - ok
13:37:10.0732 0x06f8  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
13:37:10.0748 0x06f8  vds - ok
13:37:10.0761 0x06f8  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
13:37:10.0763 0x06f8  vga - ok
13:37:10.0779 0x06f8  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
13:37:10.0780 0x06f8  VgaSave - ok
13:37:10.0805 0x06f8  VGPU - ok
13:37:10.0851 0x06f8  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
13:37:10.0865 0x06f8  vhdmp - ok
13:37:10.0899 0x06f8  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
13:37:10.0902 0x06f8  viaide - ok
13:37:10.0931 0x06f8  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
13:37:10.0936 0x06f8  vmbus - ok
13:37:10.0950 0x06f8  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
13:37:10.0951 0x06f8  VMBusHID - ok
13:37:10.0965 0x06f8  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
13:37:10.0968 0x06f8  volmgr - ok
13:37:10.0990 0x06f8  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
13:37:10.0999 0x06f8  volmgrx - ok
13:37:11.0018 0x06f8  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
13:37:11.0025 0x06f8  volsnap - ok
13:37:11.0057 0x06f8  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
13:37:11.0062 0x06f8  vsmraid - ok
13:37:11.0183 0x06f8  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
13:37:11.0276 0x06f8  VSS - ok
13:37:11.0303 0x06f8  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
13:37:11.0304 0x06f8  vwifibus - ok
13:37:11.0345 0x06f8  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
13:37:11.0365 0x06f8  W32Time - ok
13:37:11.0384 0x06f8  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
13:37:11.0386 0x06f8  WacomPen - ok
13:37:11.0408 0x06f8  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
13:37:11.0410 0x06f8  WANARP - ok
13:37:11.0415 0x06f8  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
13:37:11.0418 0x06f8  Wanarpv6 - ok
13:37:11.0509 0x06f8  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
13:37:11.0549 0x06f8  WatAdminSvc - ok
13:37:11.0639 0x06f8  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
13:37:11.0690 0x06f8  wbengine - ok
13:37:11.0713 0x06f8  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
13:37:11.0720 0x06f8  WbioSrvc - ok
13:37:11.0748 0x06f8  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
13:37:11.0759 0x06f8  wcncsvc - ok
13:37:11.0770 0x06f8  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:37:11.0773 0x06f8  WcsPlugInService - ok
13:37:11.0825 0x06f8  [ 147C60622CB53E901EFD8BB6D44A4C46, 453E9DDBE17C9C54C60BD160BBA045B39914A70B6DF7B6C530D68333944C43FB ] WCUService_STC_IE C:\Program Files (x86)\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe
13:37:11.0837 0x06f8  WCUService_STC_IE - ok
13:37:11.0851 0x06f8  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
13:37:11.0853 0x06f8  Wd - ok
13:37:11.0936 0x06f8  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
13:37:11.0967 0x06f8  Wdf01000 - ok
13:37:11.0985 0x06f8  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
13:37:11.0989 0x06f8  WdiServiceHost - ok
13:37:11.0994 0x06f8  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
13:37:11.0997 0x06f8  WdiSystemHost - ok
13:37:12.0018 0x06f8  [ 3DB6D04E1C64272F8B14EB8BC4616280, 9138642B1C19F895D4ECFD930160C80FBF15813CE63BBF4C899842C300FD3026 ] WebClient       C:\Windows\System32\webclnt.dll
13:37:12.0027 0x06f8  WebClient - ok
13:37:12.0036 0x06f8  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
13:37:12.0044 0x06f8  Wecsvc - ok
13:37:12.0055 0x06f8  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
13:37:12.0059 0x06f8  wercplsupport - ok
13:37:12.0064 0x06f8  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
13:37:12.0068 0x06f8  WerSvc - ok
13:37:12.0086 0x06f8  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
13:37:12.0086 0x06f8  WfpLwf - ok
13:37:12.0109 0x06f8  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
13:37:12.0110 0x06f8  WIMMount - ok
13:37:12.0140 0x06f8  WinDefend - ok
13:37:12.0158 0x06f8  WinHttpAutoProxySvc - ok
13:37:12.0226 0x06f8  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
13:37:12.0242 0x06f8  Winmgmt - ok
13:37:12.0339 0x06f8  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
13:37:12.0385 0x06f8  WinRM - ok
13:37:12.0447 0x06f8  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
13:37:12.0452 0x06f8  WinUsb - ok
13:37:12.0528 0x06f8  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
13:37:12.0557 0x06f8  Wlansvc - ok
13:37:12.0910 0x06f8  [ 98F138897EF4246381D197CB81846D62, A9FA88475AFBB8883297708608EC7C1AC29F229C3299A84D557172604813A18C ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
13:37:12.0949 0x06f8  wlidsvc - ok
13:37:12.0981 0x06f8  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
13:37:12.0982 0x06f8  WmiAcpi - ok
13:37:13.0003 0x06f8  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
13:37:13.0007 0x06f8  wmiApSrv - ok
13:37:13.0032 0x06f8  WMPNetworkSvc - ok
13:37:13.0060 0x06f8  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
13:37:13.0067 0x06f8  WPCSvc - ok
13:37:13.0098 0x06f8  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
13:37:13.0110 0x06f8  WPDBusEnum - ok
13:37:13.0134 0x06f8  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
13:37:13.0136 0x06f8  ws2ifsl - ok
13:37:13.0148 0x06f8  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\system32\wscsvc.dll
13:37:13.0152 0x06f8  wscsvc - ok
13:37:13.0155 0x06f8  WSearch - ok
13:37:13.0244 0x06f8  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
13:37:13.0306 0x06f8  wuauserv - ok
13:37:13.0320 0x06f8  [ D3381DC54C34D79B22CEE0D65BA91B7C, 70DC4ADCA4C0C28BB133287511E329D1B6B9B97F96CDE5B1D2F1F59FE1A965D9 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
13:37:13.0323 0x06f8  WudfPf - ok
13:37:13.0374 0x06f8  [ CF8D590BE3373029D57AF80914190682, FB9641777E90A58C063FBE95F081DC6D2F4770827DE19108A9DC3E3D6B17B4BF ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
13:37:13.0386 0x06f8  WUDFRd - ok
13:37:13.0427 0x06f8  [ 7A95C95B6C4CF292D689106BCAE49543, 9029F489E1E817CE12839B8C6656E46190497D445DC3F43C20CF96E5E6BD0691 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
13:37:13.0437 0x06f8  wudfsvc - ok
13:37:13.0468 0x06f8  [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc         C:\Windows\System32\wwansvc.dll
13:37:13.0493 0x06f8  WwanSvc - ok
13:37:13.0590 0x06f8  [ 4A5CE13408945E525503B5F73D29B9C5, D58BB31AF17752508EA67931BF170CE46877DC204FC5DA7EED5A078AEB0CA0FD ] xnacc           C:\Windows\system32\DRIVERS\xnacc.sys
13:37:13.0617 0x06f8  xnacc - ok
13:37:13.0629 0x06f8  ================ Scan global ===============================
13:37:13.0673 0x06f8  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
13:37:13.0713 0x06f8  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
13:37:13.0756 0x06f8  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
13:37:13.0801 0x06f8  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
13:37:13.0827 0x06f8  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
13:37:13.0835 0x06f8  [ Global ] - ok
13:37:13.0836 0x06f8  ================ Scan MBR ==================================
13:37:13.0845 0x06f8  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
13:37:14.0277 0x06f8  \Device\Harddisk0\DR0 - ok
13:37:14.0277 0x06f8  ================ Scan VBR ==================================
13:37:14.0279 0x06f8  [ C7417D820554D30EC22CD4BBD4224B07 ] \Device\Harddisk0\DR0\Partition1
13:37:14.0280 0x06f8  \Device\Harddisk0\DR0\Partition1 - ok
13:37:14.0290 0x06f8  [ E9DD97AD57C23CABCC35DDC31E1AF7AB ] \Device\Harddisk0\DR0\Partition2
13:37:14.0291 0x06f8  \Device\Harddisk0\DR0\Partition2 - ok
13:37:14.0291 0x06f8  Waiting for KSN requests completion. In queue: 344
13:37:15.0291 0x06f8  Waiting for KSN requests completion. In queue: 33
13:37:16.0291 0x06f8  Waiting for KSN requests completion. In queue: 33
13:37:17.0314 0x06f8  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.4.304.0 ), 0x61000 ( enabled : updated )
13:37:17.0321 0x06f8  Win FW state via NFP2: enabled
13:37:20.0230 0x06f8  ============================================================
13:37:20.0230 0x06f8  Scan finished
13:37:20.0230 0x06f8  ============================================================
13:37:20.0250 0x11b0  Detected object count: 0
13:37:20.0250 0x11b0  Actual detected object count: 0
 

 

 

 

# AdwCleaner v3.013 - Report created 29/11/2013 at 13:41:49
# Updated 24/11/2013 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Junjun - JUNJUN-PC
# Running from : C:\Users\Junjun\Desktop\Multimedia\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : SCBackService

***** [ Files / Folders ] *****

Folder Deleted : C:\Splashtop
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\DeviceVM
Folder Deleted : C:\ProgramData\Splashtop
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\Splashtop
Folder Deleted : C:\Program Files (x86)\yourfiledownloader
Folder Deleted : C:\Users\Junjun\AppData\Local\Conduit
Folder Deleted : C:\Users\Junjun\AppData\LocalLow\BabylonToolbar
Folder Deleted : C:\Users\Junjun\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Junjun\AppData\Roaming\DeviceVM
Folder Deleted : C:\Users\Junjun\AppData\Roaming\Splashtop
Folder Deleted : C:\Users\Junjun\AppData\Roaming\yourfiledownloader
Folder Deleted : C:\Users\Junjun\AppData\Roaming\Mozilla\Firefox\Profiles\6b1miq6m.default\ConduitCommon
Folder Deleted : C:\Users\Junjun\AppData\Roaming\Mozilla\Firefox\Profiles\6b1miq6m.default\Smartbar
Folder Deleted : C:\Users\Junjun\AppData\Roaming\Mozilla\Firefox\Profiles\6b1miq6m.default\CT3225826
Folder Deleted : C:\Users\Junjun\AppData\Roaming\Mozilla\Firefox\Profiles\6b1miq6m.default\Extensions\{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14}
File Deleted : C:\Users\Junjun\AppData\Roaming\Mozilla\Firefox\Profiles\6b1miq6m.default\searchplugins\Conduit.xml

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Key Deleted : HKLM\SOFTWARE\Classes\AddressBarSearch.SearchHook
Key Deleted : HKLM\SOFTWARE\Classes\AddressBarSearch.SearchHook.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Classes\STC.FBServiceAPPEventsSink
Key Deleted : HKLM\SOFTWARE\Classes\STC.FBServiceAPPEventsSink.1
Key Deleted : HKLM\SOFTWARE\Classes\STC.OptionMenu
Key Deleted : HKLM\SOFTWARE\Classes\STC.OptionMenu.1
Key Deleted : HKLM\SOFTWARE\Classes\STC.Protocol
Key Deleted : HKLM\SOFTWARE\Classes\STC.Protocol.1
Key Deleted : HKLM\SOFTWARE\Classes\STC.VisualBookmark
Key Deleted : HKLM\SOFTWARE\Classes\STC.VisualBookmark.1
Key Deleted : HKLM\SOFTWARE\Classes\STC.WebObject
Key Deleted : HKLM\SOFTWARE\Classes\STC.WebObject.1
Key Deleted : HKLM\SOFTWARE\Classes\STCHelper.BHOHelper
Key Deleted : HKLM\SOFTWARE\Classes\STCHelper.BHOHelper.1
Key Deleted : HKLM\SOFTWARE\Classes\STCHelper.FBServiceAPP
Key Deleted : HKLM\SOFTWARE\Classes\STCHelper.FBServiceAPP.1
Key Deleted : HKLM\SOFTWARE\Classes\STCHelper.Protocol
Key Deleted : HKLM\SOFTWARE\Classes\STCHelper.Protocol.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\adawarebp_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\adawarebp_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BabylonToolbarsrv_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BabylonToolbarsrv_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3225826
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{82A5CE4D-AF0C-45B6-8AF8-75625BE6A08D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B2B7E0CD-E169-43B3-A233-E129610EE314}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0DEC13F0-5C8C-4147-8329-6CDFAD9755B7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0F3DC9E0-C459-4A40-BCF8-747BD9322E10}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E97F0FA-3B44-4634-A87E-8B0D5CFD6365}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{951F5841-FD1E-4F1D-8607-67B174DBD753}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D1CCB0CC-DA45-4797-93D3-DEE7A13F8177}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DCE24E28-D8EF-49BE-BC01-A1DD3B58FCE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E4F7F1A5-490E-4884-A9E3-CBD6A25749E1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FFE66D00-A56A-4F7F-81D7-4A28C5816D6C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E8E0178-00EF-413D-9324-E7B3E31572E3}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A1A533A8-E106-422B-AE29-D0025269AF83}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B1759D04-0EF9-472A-B5C3-C774997B5321}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FFE66D00-A56A-4F7F-81D7-4A28C5816D6C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{80ED3EBC-CC05-4336-ABCC-295798855718}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{0F3DC9E0-C459-4A40-BCF8-747BD9322E10}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Microsoft\Babylon
Key Deleted : HKCU\Software\Splashtop Inc.
Key Deleted : HKCU\Software\YourFileDownloader
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\Splashtop Inc.
Key Deleted : HKLM\Software\YourFileDownloader
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\YourFileDownloader
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{83AA2913-C123-4146-85BD-AD8F93971D39}
Key Deleted : HKLM\Software\Classes\Installer\Features\3192AA38321C641458DBDAF83979D193
Key Deleted : HKLM\Software\Classes\Installer\Products\3192AA38321C641458DBDAF83979D193

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428


-\\ Mozilla Firefox v25.0.1 (en-US)

[ File : C:\Users\Junjun\AppData\Roaming\Mozilla\Firefox\Profiles\6b1miq6m.default\prefs.js ]

Line Deleted : user_pref("CT3225826..clientLogIsEnabled", false);
Line Deleted : user_pref("CT3225826..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
Line Deleted : user_pref("CT3225826..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
Line Deleted : user_pref("CT3225826.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Line Deleted : user_pref("CT3225826.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Line Deleted : user_pref("CT3225826.BrowserCompStateIsOpen_130067975574673392", true);
Line Deleted : user_pref("CT3225826.BrowserCompStateIsOpen_1482755286787340176", true);
Line Deleted : user_pref("CT3225826.CT3225826.lastNewTabSettings", "{\"isEnabled\":false,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT3225826&octid=CT3225826&SearchSource=15&CUI=SB_CUI&SSPV=EB_SSPV&Lay=1&UM=UM_[...]
Line Deleted : user_pref("CT3225826.CTID", "CT3225826");
Line Deleted : user_pref("CT3225826.ConfigurationLastCheckTime", "Sun Nov 10 2013 18:27:21 GMT-0800 (Pacific Standard Time)");
Line Deleted : user_pref("CT3225826.CurrentServerDate", "11-11-2013");
Line Deleted : user_pref("CT3225826.DSInstall", true);
Line Deleted : user_pref("CT3225826.DialogsAlignMode", "LTR");
Line Deleted : user_pref("CT3225826.DialogsGetterLastCheckTime", "Wed Nov 06 2013 17:32:53 GMT-0800 (Pacific Standard Time)");
Line Deleted : user_pref("CT3225826.DownloadReferralCookieData", "");
Line Deleted : user_pref("CT3225826.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":false}");
Line Deleted : user_pref("CT3225826.EnableSearchHistory", false);
Line Deleted : user_pref("CT3225826.EnableSearchSuggest", false);
Line Deleted : user_pref("CT3225826.FirstServerDate", "27-8-2012");
Line Deleted : user_pref("CT3225826.FirstTime", true);
Line Deleted : user_pref("CT3225826.FirstTimeFF3", true);
Line Deleted : user_pref("CT3225826.FirstTimeHiddenVer", true);
Line Deleted : user_pref("CT3225826.FixPageNotFoundErrors", true);
Line Deleted : user_pref("CT3225826.GroupingServerCheckInterval", 1440);
Line Deleted : user_pref("CT3225826.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Line Deleted : user_pref("CT3225826.HPInstall", true);
Line Deleted : user_pref("CT3225826.HPProtectChoice", true);
Line Deleted : user_pref("CT3225826.HPProtectCount", 1);
Line Deleted : user_pref("CT3225826.HasUserGlobalKeys", true);
Line Deleted : user_pref("CT3225826.HomePageProtectorEnabled", true);
Line Deleted : user_pref("CT3225826.HomepageBeforeUnload", "hxxp://search.conduit.com/?ctid=CT3225826&SearchSource=13");
Line Deleted : user_pref("CT3225826.Initialize", true);
Line Deleted : user_pref("CT3225826.InitializeCommonPrefs", true);
Line Deleted : user_pref("CT3225826.InstallationAndCookieDataSentCount", 3);
Line Deleted : user_pref("CT3225826.InstallationId", "fft8203.tmp.exe");
Line Deleted : user_pref("CT3225826.InstallationType", "XPE");
Line Deleted : user_pref("CT3225826.InstalledDate", "Sun Aug 26 2012 20:14:09 GMT-0700 (Pacific Daylight Time)");
Line Deleted : user_pref("CT3225826.IsAlertDBUpdated", true);
Line Deleted : user_pref("CT3225826.IsGrouping", false);
Line Deleted : user_pref("CT3225826.IsInitSetupIni", true);
Line Deleted : user_pref("CT3225826.IsMulticommunity", false);
Line Deleted : user_pref("CT3225826.IsOpenThankYouPage", true);
Line Deleted : user_pref("CT3225826.IsOpenUninstallPage", false);
Line Deleted : user_pref("CT3225826.IsProtectorsInit", true);
Line Deleted : user_pref("CT3225826.LanguagePackLastCheckTime", "Sun Nov 10 2013 18:27:21 GMT-0800 (Pacific Standard Time)");
Line Deleted : user_pref("CT3225826.LanguagePackReloadIntervalMM", 1440);
Line Deleted : user_pref("CT3225826.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
Line Deleted : user_pref("CT3225826.LastLogin_3.15.0.0", "Tue Aug 28 2012 16:01:44 GMT-0700 (Pacific Daylight Time)");
Line Deleted : user_pref("CT3225826.LastLogin_3.15.1.0", "Mon Mar 04 2013 20:40:48 GMT-0800 (Pacific Standard Time)");
Line Deleted : user_pref("CT3225826.LastLogin_3.18.0.7", "Mon Jul 15 2013 00:10:07 GMT-0700 (Pacific Standard Time)");
Line Deleted : user_pref("CT3225826.LastLogin_3.19.0.3", "Mon Sep 09 2013 15:50:06 GMT-0700 (Pacific Standard Time)");
Line Deleted : user_pref("CT3225826.LastLogin_3.20.0.4", "Sun Nov 10 2013 18:27:20 GMT-0800 (Pacific Standard Time)");
Line Deleted : user_pref("CT3225826.LatestVersion", "3.20.0.4");
Line Deleted : user_pref("CT3225826.Locale", "en");
Line Deleted : user_pref("CT3225826.MCDetectTooltipHeight", "83");
Line Deleted : user_pref("CT3225826.MCDetectTooltipShow", false);
Line Deleted : user_pref("CT3225826.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Line Deleted : user_pref("CT3225826.MCDetectTooltipWidth", "295");
Line Deleted : user_pref("CT3225826.MyStuffEnabledAtInstallation", true);
Line Deleted : user_pref("CT3225826.OriginalFirstVersion", "3.15.0.0");
Line Deleted : user_pref("CT3225826.SavedHomepage", "chrome://branding/locale/browserconfig.properties");
Line Deleted : user_pref("CT3225826.SearchAPILastCheckTime", "Sun Nov 10 2013 18:27:21 GMT-0800 (Pacific Standard Time)");
Line Deleted : user_pref("CT3225826.SearchCaption", "BitTorrentControl_v12 Customized Web Search");
Line Deleted : user_pref("CT3225826.SearchEngineBeforeUnload", "chrome://browser-region/locale/region.properties");
Line Deleted : user_pref("CT3225826.SearchFromAddressBarIsInit", true);
Line Deleted : user_pref("CT3225826.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3225826&SearchSource=2&q=");
Line Deleted : user_pref("CT3225826.SearchInNewTabEnabled", true);
Line Deleted : user_pref("CT3225826.SearchInNewTabIntervalMM", 1440);
Line Deleted : user_pref("CT3225826.SearchInNewTabLastCheckTime", "Mon Sep 09 2013 17:13:58 GMT-0700 (Pacific Standard Time)");
Line Deleted : user_pref("CT3225826.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID&UM=UM_ID");
Line Deleted : user_pref("CT3225826.SearchInNewTabURLFromSearchAPI", "hxxp://search.conduit.com/?ctid=CT3225826&octid=CT3225826&SearchSource=15&CUI=SB_CUI&SSPV=EB_SSPV&Lay=1&UM=UM_ID");
Line Deleted : user_pref("CT3225826.SearchInNewTabUserEnabled", false);
Line Deleted : user_pref("CT3225826.SearchProtectorEnabled", true);
Line Deleted : user_pref("CT3225826.SearchProtectorToolbarDisabled", false);
Line Deleted : user_pref("CT3225826.SendProtectorDataViaLogin", true);
Line Deleted : user_pref("CT3225826.ServiceMapLastCheckTime", "Sun Nov 10 2013 18:27:20 GMT-0800 (Pacific Standard Time)");
Line Deleted : user_pref("CT3225826.SettingsLastCheckTime", "Sun Nov 10 2013 18:27:18 GMT-0800 (Pacific Standard Time)");
Line Deleted : user_pref("CT3225826.SettingsLastUpdate", "1384073878");
Line Deleted : user_pref("CT3225826.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT3225826&SearchSource=13");
Line Deleted : user_pref("CT3225826.ThirdPartyComponentsInterval", 504);
Line Deleted : user_pref("CT3225826.ThirdPartyComponentsLastCheck", "Sun Aug 26 2012 20:14:09 GMT-0700 (Pacific Daylight Time)");
Line Deleted : user_pref("CT3225826.ThirdPartyComponentsLastUpdate", "1331805997");
Line Deleted : user_pref("CT3225826.ToolbarShrinkedFromSetup", false);
Line Deleted : user_pref("CT3225826.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolbar.com,CommunityToolbars.com,ForumToolbar.com,MyBlogToolbar.com,MyCity[...]
Line Deleted : user_pref("CT3225826.UserID", "UN01159284515134351");
Line Deleted : user_pref("CT3225826.ValidationData_Toolbar", 1);
Line Deleted : user_pref("CT3225826.addressBarTakeOverEnabledInHidden", "true");
Line Deleted : user_pref("CT3225826.alertChannelId", "1659193");
Line Deleted : user_pref("CT3225826.approveUntrustedApps", false);
Line Deleted : user_pref("CT3225826.autoDisableScopes", -1);
Line Deleted : user_pref("CT3225826.backendstorage.bt_stats", "7B226C6173745F6C6F67223A313334363033373235352C2275756964223A3337363731323636393635333732312C227365715F6964223A312C22737362223A313334363033373235357D");
Line Deleted : user_pref("CT3225826.backendstorage.cbcountry_001", "5553");
Line Deleted : user_pref("CT3225826.backendstorage.cbfirsttime", "53756E2041756720323620323031322032303A31343A313320474D542D30373030202850616369666963204461796C696768742054696D6529");
Line Deleted : user_pref("CT3225826.bt_stats.from_oldbar.enc", "eyJsYXN0X2xvZyI6MTM0NjAzNzI1NSwidXVpZCI6Mzc2NzEyNjY5NjUzNzIxLCJzZXFfaWQiOjEsInNzYiI6MTM0NjAzNzI1NX0=");
Line Deleted : user_pref("CT3225826.cbcountry_001.from_oldbar.enc", "VVM=");
Line Deleted : user_pref("CT3225826.cbfirsttime.from_oldbar.enc", "U3VuIEF1ZyAyNiAyMDEyIDIwOjE0OjEzIEdNVC0wNzAwIChQYWNpZmljIERheWxpZ2h0IFRpbWUp");
Line Deleted : user_pref("CT3225826.countryCode", "US");
Line Deleted : user_pref("CT3225826.enableAlerts", "never");
Line Deleted : user_pref("CT3225826.firstTimeDialogOpened", true);
Line Deleted : user_pref("CT3225826.fixPageNotFoundErrorByUser", "TRUE");
Line Deleted : user_pref("CT3225826.fixPageNotFoundErrorInHidden", "true");
Line Deleted : user_pref("CT3225826.fullUserID", "UN01159284515134351.UP.2138");
Line Deleted : user_pref("CT3225826.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.com\",\"AppsDetectionUrlPattern\":\"hxxp://appdown[...]
Line Deleted : user_pref("CT3225826.globalFirstTimeInfoLastCheckTime", "Sun Aug 26 2012 20:14:12 GMT-0700 (Pacific Daylight Time)");
Line Deleted : user_pref("CT3225826.homepageProtectorEnableByLogin", true);
Line Deleted : user_pref("CT3225826.homepageuserchanged", true);
Line Deleted : user_pref("CT3225826.initDone", true);
Line Deleted : user_pref("CT3225826.installId", "fft8203.tmp.exe");
Line Deleted : user_pref("CT3225826.installType", "XPE");
Line Deleted : user_pref("CT3225826.isAppTrackingManagerOn", false);
Line Deleted : user_pref("CT3225826.isCheckedStartAsHidden", true);
Line Deleted : user_pref("CT3225826.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":true}");
Line Deleted : user_pref("CT3225826.isFirstTimeToolbarLoading", "false");
Line Deleted : user_pref("CT3225826.isPerformedSmartBarTransition", "true");
Line Deleted : user_pref("CT3225826.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Line Deleted : user_pref("CT3225826.lastNewTabSettings", "{\"isEnabled\":false,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT3225826&octid=CT3225826&SearchSource=15&CUI=UN01159284515134351&SSPV=&Lay=1&UM=\"}");
Line Deleted : user_pref("CT3225826.lastVersion", "10.20.101.5");
Line Deleted : user_pref("CT3225826.myStuffEnabled", true);
Line Deleted : user_pref("CT3225826.myStuffPublihserMinWidth", 400);
Line Deleted : user_pref("CT3225826.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
Line Deleted : user_pref("CT3225826.myStuffServiceIntervalMM", 1440);
Line Deleted : user_pref("CT3225826.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
Line Deleted : user_pref("CT3225826.navigateToUrlOnSearch", false);
Line Deleted : user_pref("CT3225826.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"\",\"EB_MAIN_FRAME_TITLE\":\"\",\"EB_TOOLBAR_SUB_DOMAIN\":\"hxxp://BitTorrentControlv12.OurToolbar.com/\"[...]
Line Deleted : user_pref("CT3225826.originalHomepage", "chrome://branding/locale/browserconfig.properties");
Line Deleted : user_pref("CT3225826.originalSearchAddressUrl", "");
Line Deleted : user_pref("CT3225826.originalSearchEngine", "chrome://browser-region/locale/region.properties");
Line Deleted : user_pref("CT3225826.revertSettingsEnabled", true);
Line Deleted : user_pref("CT3225826.searchFromAddressBarEnabledByUser", "false");
Line Deleted : user_pref("CT3225826.searchInNewTabEnabledByUser", "false");
Line Deleted : user_pref("CT3225826.searchInNewTabEnabledInHidden", "true");
Line Deleted : user_pref("CT3225826.searchProtectorDialogDelayInSec", 10);
Line Deleted : user_pref("CT3225826.searchProtectorEnableByLogin", true);
Line Deleted : user_pref("CT3225826.searchSuggestEnabledByUser", "false");
Line Deleted : user_pref("CT3225826.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3225826.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3225826.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
Line Deleted : user_pref("CT3225826.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT3225826\"}");
Line Deleted : user_pref("CT3225826.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://BitTorrentControlv12.OurToolbar.com//xpi\"}");
Line Deleted : user_pref("CT3225826.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"BitTorrentControl_v12 \"}");
Line Deleted : user_pref("CT3225826.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3225826.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}");
Line Deleted : user_pref("CT3225826.serviceLayer_services_Configuration_lastUpdate", "1385709529836");
Line Deleted : user_pref("CT3225826.serviceLayer_services_login_10.20.101.5_lastUpdate", "1385760470034");
Line Deleted : user_pref("CT3225826.serviceLayer_services_searchAPI_lastUpdate", "1385709529758");
Line Deleted : user_pref("CT3225826.serviceLayer_services_serviceMap_lastUpdate", "1385709529424");
Line Deleted : user_pref("CT3225826.serviceLayer_services_toolbarSettings_lastUpdate", "1385760470235");
Line Deleted : user_pref("CT3225826.serviceLayer_services_translation_lastUpdate", "1385709529626");
Line Deleted : user_pref("CT3225826.settingsINI", true);
Line Deleted : user_pref("CT3225826.showToolbarPermission", "false");
Line Deleted : user_pref("CT3225826.smartbar.CTID", "CT3225826");
Line Deleted : user_pref("CT3225826.smartbar.Uninstall", "0");
Line Deleted : user_pref("CT3225826.smartbar.homepage", true);
Line Deleted : user_pref("CT3225826.smartbar.toolbarName", "BitTorrentControl_v12 ");
Line Deleted : user_pref("CT3225826.testingCtid", "");
Line Deleted : user_pref("CT3225826.toolbarAppMetaDataLastCheckTime", "Sun Nov 10 2013 18:27:21 GMT-0800 (Pacific Standard Time)");
Line Deleted : user_pref("CT3225826.toolbarBornServerTime", "27-8-2012");
Line Deleted : user_pref("CT3225826.toolbarContextMenuLastCheckTime", "Sun Aug 26 2012 20:14:12 GMT-0700 (Pacific Daylight Time)");
Line Deleted : user_pref("CT3225826.toolbarCurrentServerTime", "30-11-2013");
Line Deleted : user_pref("CT3225826.toolbarLoginClientTime", "Sun Nov 10 2013 19:40:52 GMT-0800 (Pacific Standard Time)");
Line Deleted : user_pref("CT3225826.upgradeFromOBVersion", true);
Line Deleted : user_pref("CT3225826.usagesFlag", 2);
Line Deleted : user_pref("CT3225826_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1385760931035,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Line Deleted : user_pref("CommunityToolbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3225826&SearchSource=13");
Line Deleted : user_pref("CommunityToolbar.ConduitSearchList", "BitTorrentControl_v12 Customized Web Search");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT3225826/CT3225826", "\"4f45bee53b75db79ed2a209916f560863\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT3225826", "\"1362323957\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=en", "G9mW7heT/8xIX1frcduu0A==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=en", "2E1/v7EfCEDbv3VaBQMELg==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=en", "k9un27OkAvkwB2ZmvXxTnA==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=en", "4BgM4MhF/sOgPsDNmIs3Yw==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\"8076e3ce381dcd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.15.0.0", "\"0e0a4327275cd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.15.1.0", "\"0343677cfb1cd1:160f\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.18.0.7", "\"0343677cfb1cd1:1694\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.19.0.3", "\"23c5489aa686ce1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.20.0.4", "\"f414eeaa6bece1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT3225826", "\"52c3f1538cb4af4ada257fcbc6b15d49\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=EB_LOCALE", "\"6abb08a2a6c39ef5c70441fbd0da4a1f\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"6d6e7780368a6882a638d6dae05b7497\"");
Line Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Junjun\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\6b1miq6m.default\\conduitCommon\\modules\\3.15.0.0");
Line Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.15.0.0");
Line Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "");
Line Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT3225826");
Line Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT3225826");
Line Deleted : user_pref("CommunityToolbar.ToolbarsList4", "CT3225826");
Line Deleted : user_pref("CommunityToolbar.globalUserId", "9cdabbbe-9f1f-40f3-9f5a-8fc5eeedead5");
Line Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Line Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Line Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Sun Aug 26 2012 20:14:13 GMT-0700 (Pacific Daylight Time)");
Line Deleted : user_pref("CommunityToolbar.notifications.alertEnabled", false);
Line Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Line Deleted : user_pref("CommunityToolbar.notifications.locale", "en");
Line Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Line Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Sun Aug 26 2012 20:14:12 GMT-0700 (Pacific Daylight Time)");
Line Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Line Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Line Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Line Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Line Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Line Deleted : user_pref("CommunityToolbar.notifications.userId", "9c296a65-7d92-4457-9c6e-c658a744904d");
Line Deleted : user_pref("CommunityToolbar.originalHomepage", "chrome://branding/locale/browserconfig.properties");
Line Deleted : user_pref("CommunityToolbar.originalSearchEngine", "chrome://browser-region/locale/region.properties");
Line Deleted : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?CUI=UN01159284515134351&ctid=CT3225826&SearchSource=13");
Line Deleted : user_pref("Smartbar.ConduitSearchEngineList", "BitTorrentControl_v12 Customized Web Search");
Line Deleted : user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?CUI=UN01159284515134351&ctid=CT3225826&SearchSource=3&q={searchTerms}");
Line Deleted : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "");
Line Deleted : user_pref("browser.search.defaultthis.engineName", "BitTorrentControl_v12 Customized Web Search");
Line Deleted : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3225826&SearchSource=3&q={searchTerms}");
Line Deleted : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3225826&SearchSource=13,hxxp://search.conduit.com/?CUI=UN01159284515134351&ctid=CT3225826&SearchSource=13");
Line Deleted : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3225826&SearchSource=2&q=");
Line Deleted : user_pref("smartbar.homePageOwnerCTID", "CT3225826");
Line Deleted : user_pref("smartbar.machineId", "I9RYWPAE1XNRP/PTF61T1VQGFNEWDRWB1S2QH8H8Q3XNPAOLMLPURYPYDCZM77AFJRUAUK1SEAQPO2DCOKS+IA");

-\\ Google Chrome v31.0.1650.57

[ File : C:\Users\Junjun\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [30161 octets] - [29/11/2013 13:39:20]
AdwCleaner[S0].txt - [30440 octets] - [29/11/2013 13:41:49]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [30501 octets] ##########
 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Ultimate x64
Ran by Junjun on 11/29/2013 Fri at 13:49:09.86
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services

Successfully stopped: [Service] wcuservice_stc_ie
Successfully deleted: [Service] wcuservice_stc_ie



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Junjun\appdata\local\cre"
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"



~~~ FireFox

Successfully deleted: [File] C:\user.js
Emptied folder: C:\Users\Junjun\AppData\Roaming\mozilla\firefox\profiles\6b1miq6m.default\minidumps [815 files]



~~~ Chrome

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Google\Chrome\Extensions\dknkjnkhedbanphkkpbpcgoblmkbfhlf
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\dknkjnkhedbanphkkpbpcgoblmkbfhlf



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 11/29/2013 Fri at 13:54:09.02
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

 

C:\AdwCleaner\Quarantine\C\Program Files (x86)\yourfiledownloader\uninstall.exe.vir    a variant of Win32/YourFileDownloader application    cleaned by deleting - quarantined
C:\Users\Junjun\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\29N6PE7S\Download-KMPlayercurrent[1].exe    a variant of Win32/CNETInstaller.B application    cleaned by deleting - quarantined
C:\Users\Junjun\AppData\Local\Temp\KMP_3.7.0.113.exe    a variant of Win32/CNETInstaller.B application    cleaned by deleting - quarantined
C:\Users\Junjun\Desktop\Multimedia\cnet2_KMPlayer_EN_3_2_0_0_exe.exe    a variant of Win32/InstallCore.D application    cleaned by deleting - quarantined
C:\Users\Junjun\Desktop\Multimedia\DTLite4461-0328.exe    multiple threats    cleaned by deleting - quarantined
C:\Windows\Installer\2b31d3.msi    multiple threats    deleted - quarantined
 



#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,026 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:58 AM

Posted 02 December 2013 - 09:34 PM

Are you seeing it anymore now?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 sunsigil

sunsigil
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:11:58 PM

Posted 03 December 2013 - 02:49 PM

Are you seeing it anymore now?

Well I have no idea how to change my homepage for google chrome, but so far so good.
I guess I have to uninstall Utorrent



#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,026 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:58 AM

Posted 03 December 2013 - 03:09 PM

Also uninstall these

Java™ 7 Update 4 (64-bit) (Version: 7.0.40)
μTorrent (Version: 3.3.2.30303)

And these
グリザイアの果実
真剣で私に恋しなさい!
真剣で私に恋しなさい!A-1
真剣で私に恋しなさい!S

Reboot.


Is this what you want
Set Default homepage on chrome for every user on the computer
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 sunsigil

sunsigil
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:11:58 PM

Posted 12 December 2013 - 01:55 AM

I have uninstalled those two programs, the other programs in japanese are actually games, so they are okay.

 

Recently I have been getting this message "One or more Active X Controls can not be displayed" I googled this issue and it seems to be a malware. Logging into facebook also states i have been infected by something



#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,026 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:58 AM

Posted 12 December 2013 - 10:56 AM

Ok,lets do one more..If no Joy we will move for a deeper look

Download RogueKiller from one of the following links and save it to your desktop:
  • Link 1
  • Link 2
    • Close all programs and disconnect any USB or external drives before running the tool.
    • Double-click RogueKiller.exe to run the tool (Vista or 7 users: Right-click and select Run As Administrator).
    • Once the Prescan has finished, click Scan.
    • Once the Status box shows "Scan Finished", just close the program. <--Don't fix anything!
    • Copy and paste the report that opens into your next reply.
      • The log can also be found on your desktop labeled (RKreport[X]_S_xxdatexx_xtimex)
      • The highest number of [X], is the most recent Scan

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 sunsigil

sunsigil
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:11:58 PM

Posted 12 December 2013 - 09:10 PM

RogueKiller V8.7.11 [Dec  3 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Junjun [Admin rights]
Mode : Scan -- Date : 12/12/2013 18:08:59
| ARK || FAK || MBR |

¤¤¤ Bad processes : 1 ¤¤¤
[SUSP PATH] GSDesktopHelper_Win(4).exe -- C:\Users\Junjun\Desktop\Multimedia\GSDesktopHelper_Win(4).exe [-] -> KILLED [TermProc]

¤¤¤ Registry Entries : 6 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : GSDesktopHelper (C:\Users\Junjun\Desktop\Multimedia\GSDesktopHelper_Win(4).exe [-]) -> FOUND
[RUN][SUSP PATH] HKUS\S-1-5-21-1366853064-4064985979-2904789789-1000\[...]\Run : GSDesktopHelper (C:\Users\Junjun\Desktop\Multimedia\GSDesktopHelper_Win(4).exe [-]) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ INPROC][ZeroAccess] HKCR\[...]\InprocServer32 :  (C:\Users\Junjun\AppData\Local\{b9eb9408-1fa2-5e6e-ac5d-453ec20a1912}\n. [x]) -> FOUND
[BROK VAL] HKCR\[...]\command :  () -> MISSING

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection : ZeroAccess ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1    www.007guard.com
127.0.0.1    007guard.com
127.0.0.1    008i.com
127.0.0.1    www.008k.com
127.0.0.1    008k.com
127.0.0.1    www.00hq.com
127.0.0.1    00hq.com
127.0.0.1    010402.com
127.0.0.1    www.032439.com
127.0.0.1    032439.com
127.0.0.1    www.0scan.com
127.0.0.1    0scan.com
127.0.0.1    1000gratisproben.com
127.0.0.1    www.1000gratisproben.com
127.0.0.1    1001namen.com
127.0.0.1    www.1001namen.com
127.0.0.1    www.100888290cs.com
127.0.0.1    100888290cs.com
127.0.0.1    100sexlinks.com
127.0.0.1    www.100sexlinks.com
[...]


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD5002AALX-00J37A0 ATA Device +++++
--- User ---
[MBR] 0aa03c9d085a9ea10b3b07eb496e137b
[BSP] 014e2af72d48fce6652959ad9e924446 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 476838 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[0]_S_12122013_180859.txt >>



 



#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,026 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:58 AM

Posted 12 December 2013 - 09:59 PM

You have some ugly issues here....
  • Close all programs and disconnect any USB or external drives before running the tool.
  • Double-click RogueKiller.exe to run the tool again (Vista or 7 users: Right-click and select Run As Administrator).
  • Once the Prescan has finished, click Scan.
  • Once the Status box shows "Scan Finished", this time click the Delete button.
  • Copy and paste the report that opens into your next reply.
    • The log can also be found on your desktop labeled (RKreport[X]_D_xxdatexx_xtimex)
    • The highest number of [X], is the most recent Delete

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 sunsigil

sunsigil
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:11:58 PM

Posted 12 December 2013 - 11:07 PM

RogueKiller V8.7.11 [Dec  3 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Junjun [Admin rights]
Mode : Remove -- Date : 12/12/2013 20:07:09
| ARK || FAK || MBR |

¤¤¤ Bad processes : 1 ¤¤¤
[SUSP PATH] GSDesktopHelper_Win(4).exe -- C:\Users\Junjun\Desktop\Multimedia\GSDesktopHelper_Win(4).exe [-] -> KILLED [TermProc]

¤¤¤ Registry Entries : 6 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : GSDesktopHelper (C:\Users\Junjun\Desktop\Multimedia\GSDesktopHelper_Win(4).exe [-]) -> DELETED
[RUN][SUSP PATH] HKUS\S-1-5-21-1366853064-4064985979-2904789789-1000\[...]\Run : GSDesktopHelper (C:\Users\Junjun\Desktop\Multimedia\GSDesktopHelper_Win(4).exe [-]) -> [0x2] The system cannot find the file specified.
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
[HJ INPROC][ZeroAccess] HKCR\[...]\InprocServer32 :  (C:\Users\Junjun\AppData\Local\{b9eb9408-1fa2-5e6e-ac5d-453ec20a1912}\n. [x]) -> REPLACED (C:\Windows\system32\shell32.dll)
[BROK VAL] HKCR\[...]\command :  () -> CREATED ("%1" %*)

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection : ZeroAccess ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1    www.007guard.com
127.0.0.1    007guard.com
127.0.0.1    008i.com
127.0.0.1    www.008k.com
127.0.0.1    008k.com
127.0.0.1    www.00hq.com
127.0.0.1    00hq.com
127.0.0.1    010402.com
127.0.0.1    www.032439.com
127.0.0.1    032439.com
127.0.0.1    www.0scan.com
127.0.0.1    0scan.com
127.0.0.1    1000gratisproben.com
127.0.0.1    www.1000gratisproben.com
127.0.0.1    1001namen.com
127.0.0.1    www.1001namen.com
127.0.0.1    www.100888290cs.com
127.0.0.1    100888290cs.com
127.0.0.1    100sexlinks.com
127.0.0.1    www.100sexlinks.com
[...]


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD5002AALX-00J37A0 ATA Device +++++
--- User ---
[MBR] 0aa03c9d085a9ea10b3b07eb496e137b
[BSP] 014e2af72d48fce6652959ad9e924446 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 476838 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[0]_D_12122013_200709.txt >>
RKreport[0]_S_12122013_180859.txt;RKreport[0]_S_12122013_200650.txt


 



#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,026 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:58 AM

Posted 12 December 2013 - 11:53 PM

Hello again..  We have an infection we cannot kill here. We will need to dig it out.
Make a new post with a that RK log and a DDS log from this guide. Please follow this Preparation Guide, do steps 6,7 and 8 and post in a new topic.
Let me know if all went well.
 
Title it 0Access infection.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#13 WVChristianGirl

WVChristianGirl

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:11:58 PM

Posted 14 January 2014 - 01:06 PM

Spigot search protection, how to remove?

 

Go here:  http://www.spigot.com/uninstall.html

 

Worked for me.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users