Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Highly infected PC with Rogue.pchealthkit, Adware.hotbar, and many other PUPs


  • Please log in to reply
16 replies to this topic

#1 squares16

squares16

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:27 PM

Posted 07 February 2014 - 02:23 PM

I have a gateway dx4380g desktop computer running Windows 8.  This computer had a pop message while surfing the web using Internet Explorer.  As described, this message had the title bar of Windows Explorer and contained the message "Your computer may be infected with Adware Dropper.w32 Bundler XSS Scripting".  There has also been another pop up that had a fake number to call.  I had then scanned the pc with malwarebytes and had over 1500 detections with: Rogue.pchealthkit, adware.hotbar, pop.optional.adpeak, pup.optional.browsesmart.a, pop.optional.optimizerpro, and tons of other PUPs.  Can I can help to clean this pc as there are many PUPs and at least rogues detected?



BC AdBot (Login to Remove)

 


#2 DASOS

DASOS

    Malware hunter


  • Security Colleague
  • 1,596 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greece loutraki 6 km from korinth canal
  • Local time:06:27 AM

Posted 07 February 2014 - 03:23 PM

Hi squares16

 

Please download and use the following tools (in the order listed) which will search for and remove many potentially unwanted programs (PUPs), adware, toolbars, browser hijackers, extensions, add-ons and other junkware as well as related registry entries (values, keys) and remnants.

RKill created by Grinler (aka Lawrence Abrams), the site owner of BleepingComputer.
AdwCleaner created by Xplode.
Junkware Removal Tool created by thisisu.

1. Double-click on RKill to launch the tool. A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.

Important: Do not reboot your computer until you complete the next step.

2. Double-click on AdwCleaner.exe to run the tool.
Vista/Windows 7/8 users right-click and select Run As Administrator.

Click on the Scan button.

  • AdwCleaner will begin...be patient as the scan may take some time to complete.

After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.

After reviewing the log, click on the Clean button.

Press OK when asked to close all programs and follow the onscreen prompts.

Press OK again to allow AdwCleaner to restart the computer and complete the removal process.

After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.

  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

-- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on each one and uncheck any items you want to keep (except you cannot uncheck Chrome and Firefox preferences lines).


Close all open programs and shut down any protection/security software to avoid potential conflicts.
If you do not know how to do this you can find out >here< or >here<
 
3. Double-click on
 JRT.exe to run the tool.
Vista/Windows 7/8 users right-click and select Run As Administrator.

  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.

On completion, a log file named JRT.txt will automatically open and be saved to your Desktop.

  • Copy and paste the contents of JRT.txt in your next reply.

4. As a final step, update and rescan again with Malwarebytes Anti-Malware and post the log.

 

Stelios



#3 squares16

squares16
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:27 PM

Posted 07 February 2014 - 06:00 PM

Hello,

 

I will post the logs as followed

 

RKill:

Rkill 2.6.5 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 02/07/2014 02:50:04 PM in x64 mode.
Windows Version: Windows 8

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * No issues found.

Checking Windows Service Integrity:

 * No issues found.

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * No issues found.

Program finished at: 02/07/2014 02:50:42 PM
Execution time: 0 hours(s), 0 minute(s), and 37 seconds(s)

 

 

ADWCleaner[S0]:

# AdwCleaner v3.018 - Report created 07/02/2014 at 15:09:09
# Updated 28/01/2014 by Xplode
# Operating System : Windows 8  (64 bits)
# Username : Richard - DESK-PC
# Running from : C:\Users\Richard\Desktop\Malware issue 2-7-14\AdwCleaner(1).exe
# Option : Clean

***** [ Services ] *****

Service Deleted : Zwinky_5qService

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\ProgramData\DealPlyLive
Folder Deleted : C:\ProgramData\ParetoLogic
Folder Deleted : C:\ProgramData\Systweak
Folder Deleted : C:\ProgramData\WeCareReminder
Folder Deleted : C:\ProgramData\tpeerfeCtucoupon
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\optimizer pro v3.2
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Kit
Folder Deleted : C:\Program Files (x86)\Advanced System Protector
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\DealPly
Folder Deleted : C:\Program Files (x86)\DealPlyLive
Folder Deleted : C:\Program Files (x86)\MyPC Backup
Folder Deleted : C:\Program Files (x86)\Mysearchdial
[!] Folder Deleted : C:\Program Files (x86)\optimizer pro
Folder Deleted : C:\Program Files (x86)\PC Health Kit
Folder Deleted : C:\Program Files (x86)\Wajam
Folder Deleted : C:\Program Files (x86)\Zwinky_5q
Folder Deleted : C:\Windows\SysWOW64\Searchprotect
Folder Deleted : C:\Users\Richard\AppData\Local\Conduit
Folder Deleted : C:\Users\Richard\AppData\Local\DealPlyLive
Folder Deleted : C:\Users\Richard\AppData\Local\Smartbar
Folder Deleted : C:\Users\Richard\AppData\Local\Zwinky_5q
Folder Deleted : C:\Users\Richard\AppData\Local\Temp\AirInstaller
Folder Deleted : C:\Users\Richard\AppData\Local\Temp\Smartbar
Folder Deleted : C:\Users\Richard\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Richard\AppData\LocalLow\iac
Folder Deleted : C:\Users\Richard\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Richard\AppData\LocalLow\Smartbar
Folder Deleted : C:\Users\Richard\AppData\LocalLow\Zwinky_5q
Folder Deleted : C:\Users\Richard\AppData\Roaming\DealPly
Folder Deleted : C:\Users\Richard\AppData\Roaming\DriverCure
Folder Deleted : C:\Users\Richard\AppData\Roaming\Mysearchdial
Folder Deleted : C:\Users\Richard\AppData\Roaming\optimizer pro
Folder Deleted : C:\Users\Richard\AppData\Roaming\ParetoLogic
Folder Deleted : C:\Users\Richard\AppData\Roaming\PC Health Kit
Folder Deleted : C:\Users\Richard\AppData\Roaming\Systweak
Folder Deleted : C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam
Folder Deleted : C:\Users\Richard\Documents\optimizer pro
Folder Deleted : C:\Users\Richard\Documents\PC Health Kit
File Deleted : C:\Users\Public\Desktop\Advanced System Protector.lnk
File Deleted : C:\Users\Public\Desktop\eBay.lnk
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Users\Richard\AppData\Local\Temp\Uninstall.exe
File Deleted : C:\Users\Richard\Desktop\MySearchDial.url
File Deleted : C:\Users\Richard\Desktop\Optimizer Pro.lnk
File Deleted : C:\Windows\System32\Tasks\Advanced System Protector_startup
File Deleted : C:\Windows\Tasks\Dealply.job
File Deleted : C:\Windows\System32\Tasks\Dealply
File Deleted : C:\Windows\Tasks\MySearchDial.job
File Deleted : C:\Windows\System32\Tasks\MySearchDial

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\mphpbdjcljebbcnfopfngmfdackbbdgf
Key Deleted : HKCU\Software\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Browser Infrastructure Helper]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Optimizer Pro]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [PC Health Kit]
Key Deleted : HKLM\SOFTWARE\Classes\.bdc
Key Deleted : HKLM\SOFTWARE\Classes\.bgl
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\IEHelperv2.5.0.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\priam_bho.DLL
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\esrv.mysearchdialESrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.mysearchdialESrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\IEHelperv250.WeCareReminder
Key Deleted : HKLM\SOFTWARE\Classes\IEHelperv250.WeCareReminder.1
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.bho
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform
Key Deleted : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialappCore
Key Deleted : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialappCore.1
Key Deleted : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialdskBnd
Key Deleted : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialdskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialHlpr
Key Deleted : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamBHO
Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamBHO.1
Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamDownloader
Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamDownloader.1
Key Deleted : HKLM\SOFTWARE\Classes\Zwinky_5q.FeedManager
Key Deleted : HKLM\SOFTWARE\Classes\Zwinky_5q.FeedManager.1
Key Deleted : HKLM\SOFTWARE\Classes\Zwinky_5q.HTMLMenu
Key Deleted : HKLM\SOFTWARE\Classes\Zwinky_5q.HTMLMenu.1
Key Deleted : HKLM\SOFTWARE\Classes\Zwinky_5q.HTMLPanel
Key Deleted : HKLM\SOFTWARE\Classes\Zwinky_5q.HTMLPanel.1
Key Deleted : HKLM\SOFTWARE\Classes\Zwinky_5q.MultipleButton
Key Deleted : HKLM\SOFTWARE\Classes\Zwinky_5q.MultipleButton.1
Key Deleted : HKLM\SOFTWARE\Classes\Zwinky_5q.PseudoTransparentPlugin
Key Deleted : HKLM\SOFTWARE\Classes\Zwinky_5q.PseudoTransparentPlugin.1
Key Deleted : HKLM\SOFTWARE\Classes\Zwinky_5q.Radio
Key Deleted : HKLM\SOFTWARE\Classes\Zwinky_5q.Radio.1
Key Deleted : HKLM\SOFTWARE\Classes\Zwinky_5q.RadioSettings
Key Deleted : HKLM\SOFTWARE\Classes\Zwinky_5q.RadioSettings.1
Key Deleted : HKLM\SOFTWARE\Classes\Zwinky_5q.ScriptButton
Key Deleted : HKLM\SOFTWARE\Classes\Zwinky_5q.ScriptButton.1
Key Deleted : HKLM\SOFTWARE\Classes\Zwinky_5q.SettingsPlugin
Key Deleted : HKLM\SOFTWARE\Classes\Zwinky_5q.SettingsPlugin.1
Key Deleted : HKLM\SOFTWARE\Classes\Zwinky_5q.ThirdPartyInstaller
Key Deleted : HKLM\SOFTWARE\Classes\Zwinky_5q.ThirdPartyInstaller.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dealplylive.exe
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@Zwinky_5q.com/Plugin
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Zwinky Search Scope Monitor]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Zwinky_5q Browser Plugin Loader]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Zwinky_5q Browser Plugin Loader 64]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [VideoDownloadConverter_4z Browser Plugin Loader 64]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4FBBF769-ECEB-420A-B536-133B1D505C36}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00FB52B5-0779-46DD-AFC6-C6EB55F21A26}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{076A9B45-DE24-4CDF-89BE-716C279B3B55}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{148DCAEC-C91D-441D-A0E7-519A0673E7F5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1663C10B-0D55-438D-8496-19A3DBAEC0E4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{27488090-768A-4D20-A938-F223F71C344C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3004627E-F8E9-4E8B-909D-316753CBA923}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3033124F-06BF-4829-873A-310A125B4D4C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{35DAB87A-026F-4503-B5F1-6774E16EAFFA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4ED063C9-4A0B-4B44-A9DC-23AFF424A0D3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5D64294B-1341-4FE7-B6D8-7C36828D4DD5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{61789F17-B8ED-4867-BA4A-DC19DAC8EF5B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{70658616-D7AE-4F31-BD19-4F1775792E9B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E0AE9C4-366B-43F2-91FF-329D170BC335}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82E74373-58AB-47EB-B0F0-A1D82BB8EB5C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8C775DBE-2382-4EAB-A48A-6859C3B9EF29}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A00289B5-2C16-4EC7-9780-2B56977ADC65}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A43DE495-3D00-47D4-9D2C-303115707939}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BD3EA7C2-3AF8-4463-9A9C-6EB8E136CB02}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C358B3D0-B911-41E3-A276-E7D43A6BA56D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D675A74C-29F6-4AA7-A098-66373D746CB9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DA4EBFA0-6BA0-4E18-817F-304B4192C393}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F2E03ADB-A325-4084-BA22-2F2260F6A90F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F346CF98-FA03-4E7A-81B6-EB19B718F9C1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F773BB94-6C19-4643-A570-0E429103D1C3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F90EAF3D-6A09-4FAF-A84C-E6E91F97561B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FBC663ED-1560-421B-BD71-F5B94DCEA09C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{98623C86-E768-4C5A-B23B-EE8CE3727CD3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F773BB94-6C19-4643-A570-0E429103D1C3}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{06CEAB46-0EFC-479A-B66B-AB6B11E1138A}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{15496D19-91EA-4930-9150-B24A27FE3DE1}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3B82BA62-32FD-4623-BB38-464D186E7453}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4A8AE59A-2F19-4777-B0B4-177188AB839B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{644413C0-4090-4A84-BC29-DC69E91A7D73}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{782D4CC0-74AE-41B6-B445-3D4C23AE6B9A}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A283A85F-ED85-43CE-9199-952A2D106802}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B12920CF-BE13-4C09-890D-1B6EFFFE2FBE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B2828F8B-EDAF-4A77-974E-78AE784A9AA3}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B6CC4C24-962F-4314-9358-C998FD4B4288}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{BD48A3C7-5201-4093-AB66-04BD35BAC3D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BD3EA7C2-3AF8-4463-9A9C-6EB8E136CB02}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{148DCAEC-C91D-441D-A0E7-519A0673E7F5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{27488090-768A-4D20-A938-F223F71C344C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3004627E-F8E9-4E8B-909D-316753CBA923}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3033124F-06BF-4829-873A-310A125B4D4C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BD3EA7C2-3AF8-4463-9A9C-6EB8E136CB02}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F464A68D-1CF2-4991-93AB-A84351D7F676}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{148DCAEC-C91D-441D-A0E7-519A0673E7F5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{27488090-768A-4D20-A938-F223F71C344C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3004627E-F8E9-4E8B-909D-316753CBA923}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3033124F-06BF-4829-873A-310A125B4D4C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BD3EA7C2-3AF8-4463-9A9C-6EB8E136CB02}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{076A9B45-DE24-4CDF-89BE-716C279B3B55}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{148DCAEC-C91D-441D-A0E7-519A0673E7F5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{35DAB87A-026F-4503-B5F1-6774E16EAFFA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8C775DBE-2382-4EAB-A48A-6859C3B9EF29}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A00289B5-2C16-4EC7-9780-2B56977ADC65}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F464A68D-1CF2-4991-93AB-A84351D7F676}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{219046AE-358F-4CF1-B1FD-2B4DE83642A8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{61789F17-B8ED-4867-BA4A-DC19DAC8EF5B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7695996F-9846-4A09-A037-632E45737712}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{98623C86-E768-4C5A-B23B-EE8CE3727CD3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AC5B6CDA-8F90-4740-9A8C-28AC5D3C73FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B803084B-B069-485E-B5D0-F9A6D318AF02}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{3004627E-F8E9-4E8B-909D-316753CBA923}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{3033124F-06BF-4829-873A-310A125B4D4C}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{CC2E2B99-14D3-4516-883C-9EA147F594EF}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{27488090-768A-4D20-A938-F223F71C344C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{3033124F-06BF-4829-873A-310A125B4D4C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{BD3EA7C2-3AF8-4463-9A9C-6EB8E136CB02}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1AD2049E-E483-4425-8555-8E0775ACB631}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2D73F2D0-2FAB-458E-977D-2F9050E0ED60}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3E9469AF-E866-4476-B767-810630F1F6E7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{47700C35-9E3E-4DAD-934C-0CE28A87237C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{716E443D-7CAA-44F1-866B-F45D00E712CC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{72063D77-7590-4DA9-A7F8-F5ECAF3632C4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7FC87AC5-FA93-476E-A32C-A941229DED0B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{98623C86-E768-4C5A-B23B-EE8CE3727CD3}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\DealPlyLive
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\mysearchdial
Key Deleted : HKCU\Software\Optimizer Pro
Key Deleted : HKCU\Software\ParetoLogic
Key Deleted : HKCU\Software\PC Health Kit
Key Deleted : HKCU\Software\smartbar
Key Deleted : HKCU\Software\smartbarbackup
Key Deleted : HKCU\Software\smartbarlog
Key Deleted : HKCU\Software\SoftwareUpdater
Key Deleted : HKCU\Software\systweak
Key Deleted : HKCU\Software\Wajam
Key Deleted : HKCU\Software\wecarereminder
Key Deleted : HKCU\Software\Zwinky_5q
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\smartbar
Key Deleted : HKCU\Software\AppDataLow\Software\Zwinky_5q
Key Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\DealPlyLive
Key Deleted : HKLM\Software\InstallCore
Key Deleted : HKLM\Software\InstallIQ
Key Deleted : HKLM\Software\ParetoLogic
Key Deleted : HKLM\Software\systweak
Key Deleted : HKLM\Software\Wajam
Key Deleted : HKLM\Software\Zwinky_5q
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~B9F029BF_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\mysearchdial
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PC Health Kit_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wajam
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~2\optimi~1\optpro~1.dll
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\PROGRA~2\OPTIMI~1\OPTPRO~2.DLL

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16537


*************************

AdwCleaner[R0].txt - [25892 octets] - [07/02/2014 14:52:14]
AdwCleaner[S0].txt - [25213 octets] - [07/02/2014 15:09:09]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [25274 octets] ##########
 

 

 

JRT:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.1 (02.04.2014:1)
OS: Windows 8 x64
Ran by Richard on Fri 02/07/2014 at 15:24:12.51
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services

Successfully stopped: [Service] 70e6ca8c
Failed to delete: [Service] 70e6ca8c
Failed to stop: [Service] update browsesmart
Failed to stop: [Service] util browsesmart



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\browserpluginhelper
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{fc0c0170-4eb0-430d-a7f3-939ee7ea1a25}
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-1111829442-3622066068-4140847587-1002\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\AboutURLs\\Tabs
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL
Suspicious HKCU\..\Run entries found. Trojan:JS/Medfos.B?

    Value Name          Type                             Value Data                     
========================================================================================
    NextLive    REG_SZ    C:\Windows\SysWOW64\rundll32.exe "C:\Users\Richard\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l




~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\safesearch.safesearch1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\yt.ytnavassistplugin
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\yt.ytnavassistplugin.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{02DD8284-A49F-43E5-9D84-CF19DC9AD21D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{27DE7D30-BCCD-44D1-ADCB-A74A4259EBEF}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3A0EFC4E-F167-4D0E-9C24-FC5519237993}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{65DEE40A-3E93-4CAE-9F98-B8E06DCEE2BF}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1111829442-3622066068-4140847587-1002\Software\wajam
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT3297955
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{4B51C980-C6B0-11E1-9136-AED16088709B}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{FC0C0170-4EB0-430D-A7F3-939EE7EA1A25}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{FC60FAD6-721A-4A2C-94B1-84DCF9D84D14}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{4B51C980-C6B0-11E1-9136-AED16088709B}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{65DEE40A-3E93-4CAE-9F98-B8E06DCEE2BF}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E27D5867-80DE-4449-9C03-71707C0DB05B}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E16E8A02-5F7D-407E-B1DB-23A301DB5580}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{E16E8A02-5F7D-407E-B1DB-23A301DB5580}



~~~ Files

Successfully deleted: [File] "C:\Windows\syswow64\wscm32.dll"
Successfully deleted: [File] "C:\Windows\syswow64\wscm64.dll"



~~~ Folders

Failed to delete: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Folder] "C:\Users\Richard\appdata\locallow\zwinky_5qei"
Failed to delete: [Folder] "C:\Program Files (x86)\browsesmart"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 02/07/2014 at 15:33:05.03
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

 

 

MBAM:

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2014.02.07.08

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16750
Richard :: DESK-PC [administrator]

2/7/2014 3:36:16 PM
MBAM-log-2014-02-07 (16-42-09).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 444907
Time elapsed: 1 hour(s), 5 minute(s), 35 second(s)

Memory Processes Detected: 3
C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher64.exe (PUP.Optional.Adpeak) -> 2132 -> No action taken.
C:\Program Files (x86)\BrowseSmart\updateBrowseSmart.exe (PUP.Optional.BrowseSmart.A) -> 6208 -> No action taken.
C:\Program Files (x86)\BrowseSmart\bin\utilBrowseSmart.exe (PUP.Optional.BrowseSmart.A) -> 3876 -> No action taken.

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 57
HKLM\SYSTEM\CurrentControlSet\Services\Level Quality Watcher (PUP.Optional.Adpeak) -> No action taken.
HKLM\SYSTEM\CurrentControlSet\Services\Update BrowseSmart (PUP.Optional.BrowseSmart.A) -> No action taken.
HKLM\SYSTEM\CurrentControlSet\Services\Util BrowseSmart (PUP.Optional.BrowseSmart.A) -> No action taken.
HKCR\CLSID\{662442F3-22A4-8B1F-8031-E85FDA944D07} (PUP.Optional.MultiPlug.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{662442F3-22A4-8B1F-8031-E85FDA944D07} (PUP.Optional.MultiPlug.A) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{662442F3-22A4-8B1F-8031-E85FDA944D07} (PUP.Optional.MultiPlug.A) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{662442F3-22A4-8B1F-8031-E85FDA944D07} (PUP.Optional.MultiPlug.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{662442F3-22A4-8B1F-8031-E85FDA944D07} (PUP.Optional.MultiPlug.A) -> No action taken.
HKCR\AppID\{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8} (PUP.Optional.MySearchDial.A) -> No action taken.
HKCR\CLSID\{D0C21091-FF8E-432C-9006-0540E81BA9D7} (PUP.Optional.GreatArcadeHits.A) -> No action taken.
HKCR\TypeLib\{5530C971-3D8F-471B-AC49-4CC23FA955E2} (PUP.Optional.GreatArcadeHits.A) -> No action taken.
HKCR\Interface\{7FBC7ADD-4D75-4685-9BD4-30D3FBDD3AB4} (PUP.Optional.GreatArcadeHits.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0C21091-FF8E-432C-9006-0540E81BA9D7} (PUP.Optional.GreatArcadeHits.A) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{D0C21091-FF8E-432C-9006-0540E81BA9D7} (PUP.Optional.GreatArcadeHits.A) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{D0C21091-FF8E-432C-9006-0540E81BA9D7} (PUP.Optional.GreatArcadeHits.A) -> No action taken.
HKCR\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B} (PUP.Optional.MySearchDial.A) -> No action taken.
HKCR\TypeLib\{C292AD0A-C11F-479B-B8DB-743E72D283B0} (PUP.Optional.MySearchDial.A) -> No action taken.
HKCR\CLSID\{E27D5867-80DE-4449-9C03-71707C0DB05B} (PUP.Optional.SafeSearch.A) -> No action taken.
HKCR\SafeSearch.IEModule (PUP.Optional.SafeSearch.A) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{E27D5867-80DE-4449-9C03-71707C0DB05B} (PUP.Optional.SafeSearch.A) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{E27D5867-80DE-4449-9C03-71707C0DB05B} (PUP.Optional.SafeSearch.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E27D5867-80DE-4449-9C03-71707C0DB05B} (PUP.Optional.SafeSearch.A) -> No action taken.
HKCR\CLSID\{fc0c0170-4eb0-430d-a7f3-939ee7ea1a25} (PUP.Optional.SafeSearch.A) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{FC0C0170-4EB0-430D-A7F3-939EE7EA1A25} (PUP.Optional.SafeSearch.A) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{FC0C0170-4EB0-430D-A7F3-939EE7EA1A25} (PUP.Optional.SafeSearch.A) -> No action taken.
HKCR\Typelib\{DCABB943-792E-44C4-9029-ECBEE6265AF9} (PUP.Optional.OutBrowse) -> No action taken.
HKCR\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534} (PUP.Optional.OutBrowse) -> No action taken.
HKCR\Typelib\{FBC322D5-407E-4854-8C0B-555B951FD8E3} (PUP.Optional.MySearchDial.A) -> No action taken.
HKCR\Interface\{0400EBCA-042C-4000-AA89-9713FBEDB671} (PUP.Optional.MySearchDial.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{01B91C29-337A-1FFD-7CFC-473451D2F861} (PUP.Optional.MultiPlug.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AC3F9A7A-E007-C9AE-EAE2-5E490FAD4DB9} (PUP.Optional.MultiPlug.A) -> No action taken.
HKCR\CLSID\{f66635a8-9629-5d06-9a76-d8c57f5ad806} (PUP.Optional.SafeSearch.A) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{F66635A8-9629-5D06-9A76-D8C57F5AD806} (PUP.Optional.SafeSearch.A) -> No action taken.
HKCR\TypeLib\{AECF140E-AD41-5109-AC86-CA717779C6B8} (PUP.Optional.SafeSearch.A) -> No action taken.
HKCR\Interface\{A7D53A0C-8D59-5C09-B2C9-747344531055} (PUP.Optional.SafeSearch.A) -> No action taken.
HKCR\AppID\AdpeakProxy.exe (PUP.Optional.Adpeak) -> No action taken.
HKCR\Wow6432Node\AppID\AdpeakProxy.exe (PUP.Optional.Adpeak) -> No action taken.
HKCU\SOFTWARE\The Weather Channel (Adware.Hotbar) -> No action taken.
HKCU\Software\BrowseSmart (PUP.Optional.BrowseSmart.A) -> No action taken.
HKCU\Software\AppDataLow\Software\Scorpion Saver (PUP.Optional.Adpeak) -> No action taken.
HKCU\SOFTWARE\SEARCHPROTECTINT (PUP.Optional.SearchProtect.A) -> No action taken.
HKLM\SOFTWARE\Adpeak, Inc. (PUP.Optional.AdpeakProxy) -> No action taken.
HKLM\SOFTWARE\Google\Chrome\Extensions\fpooidjoepcceohjkoffjgioneogihij (PUP.Optional.SafeSearch.A) -> No action taken.
HKLM\SOFTWARE\Wow6432Node\Adpeak, Inc. (PUP.Optional.Adpeak) -> No action taken.
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AdpeakProxy (PUP.Optional.ScorpionSaver) -> No action taken.
HKLM\SYSTEM\CurrentControlSet\Services\WajamUpdaterV3 (PUP.Optional.Wajam.A) -> No action taken.
HKLM\Software\BrowseSmart (PUP.Optional.BrowseSmart.A) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{856AD396-519D-4C7A-BED6-6785F64924BC} (PUP.Optional.GreatArcadeHits.A) -> No action taken.
HKCR\CLSID\{39AD0726-986D-40F9-972B-E3BFA24B7745} (PUP.Optional.ArcadeParlor.A) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{39AD0726-986D-40F9-972B-E3BFA24B7745} (PUP.Optional.ArcadeParlor.A) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{39AD0726-986D-40F9-972B-E3BFA24B7745} (PUP.Optional.ArcadeParlor.A) -> No action taken.
HKCR\TypeLib\{1F29738C-11D6-4AE5-A1B1-86D4D5F3A69C} (PUP.Optional.ArcadeParlor.A) -> No action taken.
HKCR\Interface\{96B4DEA0-F89C-475C-8124-B247260B7CB5} (PUP.Optional.ArcadeParlor.A) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B74443DB-5A88-4583-860A-F0D06EF399E3} (PUP.Optional.ArcadeParlor.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ffbb88a9-c663-4b9b-9170-70fa0a5a2786} (PUP.Optional.BrowseSmart.A) -> No action taken.
HKCR\CLSID\{ffbb88a9-c663-4b9b-9170-70fa0a5a2786} (PUP.Optional.BrowseSmart.A) -> No action taken.
HKCR\TypeLib\{b463ecd2-e5d8-4178-80c4-ec7c7e72f9ac} (PUP.Optional.BrowseSmart.A) -> No action taken.

Registry Values Detected: 3
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|NextLive (PUP.Optional.NextLive.A) -> Data: C:\Windows\SysWOW64\rundll32.exe "C:\Users\Richard\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l -> No action taken.
HKCU\Software\Mozilla\Firefox\EXTENSIONS|{B21F5E31-B8E8-41CD-B74C-168A71A10E49} (PUP.Optional.GreatArcadeHits.A) -> Data: C:\Users\Richard\AppData\Local\GreatArcadeHits\{B21F5E31-B8E8-41CD-B74C-168A71A10E49}\ -> No action taken.
HKCU\Software\SearchProtectINT|Install (PUP.Optional.SearchProtect.A) -> Data: 1 -> No action taken.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 17
C:\Program Files\SafeSearch (PUP.Optional.SafeSearch.A) -> No action taken.
C:\Program Files\SafeSearch\chrome (PUP.Optional.SafeSearch.A) -> No action taken.
C:\Program Files\SafeSearch\chrome\redistributables (PUP.Optional.SafeSearch.A) -> No action taken.
C:\Program Files\SafeSearch\chrome\redistributables\chrome (PUP.Optional.SafeSearch.A) -> No action taken.
C:\Program Files\SafeSearch\ie (PUP.Optional.SafeSearch.A) -> No action taken.
C:\Users\Richard\AppData\Local\Temp\CT3317209 (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Richard\AppData\Local\Temp\CT3317212 (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Richard\AppData\Local\GreatArcadeHits (PUP.Optional.GreatArcadeHits.A) -> No action taken.
C:\Users\Richard\AppData\Local\GreatArcadeHits\{B21F5E31-B8E8-41CD-B74C-168A71A10E49} (PUP.Optional.GreatArcadeHits.A) -> No action taken.
C:\Users\Richard\AppData\Local\GreatArcadeHits\{B21F5E31-B8E8-41CD-B74C-168A71A10E49}\chrome (PUP.Optional.GreatArcadeHits.A) -> No action taken.
C:\Users\Richard\AppData\Local\GreatArcadeHits\{B21F5E31-B8E8-41CD-B74C-168A71A10E49}\chrome\content (PUP.Optional.GreatArcadeHits.A) -> No action taken.
C:\Users\Richard\AppData\Local\ArcadeParlor (PUP.Optional.ArcadeParlor.A) -> No action taken.
C:\Users\Richard\AppData\Roaming\newnext.me (PUP.Optional.NextLive.A) -> No action taken.
C:\Users\Richard\AppData\Roaming\newnext.me\cache (PUP.Optional.NextLive.A) -> No action taken.
C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Extensions\ocifcogajbgikalbpphmoedjlcfjkhgh (PUP.Optional.GreatArcadeHits.A) -> No action taken.
C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Extensions\ocifcogajbgikalbpphmoedjlcfjkhgh\1.0.0_0 (PUP.Optional.GreatArcadeHits.A) -> No action taken.
C:\Program Files\Level Quality Watcher\v1.01 (PUP.Optional.Adpeak) -> No action taken.

Files Detected: 136
C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher64.exe (PUP.Optional.Adpeak) -> No action taken.
C:\Program Files (x86)\BrowseSmart\updateBrowseSmart.exe (PUP.Optional.BrowseSmart.A) -> No action taken.
C:\Program Files (x86)\BrowseSmart\bin\utilBrowseSmart.exe (PUP.Optional.BrowseSmart.A) -> No action taken.
C:\Users\Richard\AppData\Roaming\newnext.me\nengine.dll (PUP.Optional.NextLive.A) -> No action taken.
C:\ProgramData\ApptOUo\yiAVS34OS.dll (PUP.Optional.MultiPlug.A) -> No action taken.
C:\Users\Richard\AppData\Local\GreatArcadeHits\GreatArcadeHitsIE.dll (PUP.Optional.GreatArcadeHits.A) -> No action taken.
C:\Program Files\SafeSearch\ie\adxloader.dll (PUP.Optional.SafeSearch.A) -> No action taken.
C:\Users\Richard\AppData\Local\Temp\DownloadManager2.exe (PUP.Optional.OutBrowse) -> No action taken.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Conduit\Community Alerts\Alert.dll.vir (PUP.Optional.Conduit) -> No action taken.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mysearchdial\1.8.21.0\mysearchdialApp.dll.vir (PUP.Optional.MySearchDial.A) -> No action taken.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mysearchdial\1.8.21.0\mysearchdialEng.dll.vir (PUP.Optional.MySearchDial.A) -> No action taken.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mysearchdial\1.8.21.0\mysearchdialsrv.exe.vir (PUP.Optional.MySearchDial.A) -> No action taken.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mysearchdial\1.8.21.0\mysearchdialTlbr.dll.vir (PUP.Optional.MySearchDial.A) -> No action taken.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mysearchdial\1.8.21.0\bh\mysearchdial.dll.vir (PUP.Optional.MySearchDial.A) -> No action taken.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\optimizer pro\OptimizerPro.exe.vir (PUP.Optional.OptimizerPro) -> No action taken.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\optimizer pro\OptProGuard.exe.vir (PUP.Optional.OptimizerPro) -> No action taken.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\optimizer pro\OptProReminder.exe.vir (PUP.Optional.OptimizerPro) -> No action taken.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\optimizer pro\OptProSchedule.exe.vir (PUP.Optional.OptimizerPro) -> No action taken.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\optimizer pro\OptProSmartScan.exe.vir (PUP.Optional.OptimizerPro) -> No action taken.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\optimizer pro\OptProStart.exe.vir (PUP.Optional.OptimizerPro) -> No action taken.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Wajam\IE\priam_bho.dll.vir (PUP.Optional.Wajam) -> No action taken.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Wajam\Updater\update.exe.vir (PUP.Optional.Wajam) -> No action taken.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Zwinky_5q\bar\1.bin\5qbarsvc.exe.vir (PUP.Optional.AudioToAudioToolBar.A) -> No action taken.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Zwinky_5q\bar\1.bin\5qbrmon.exe.vir (PUP.Optional.MindSpark.A) -> No action taken.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Zwinky_5q\bar\1.bin\5qbrstub.dll.vir (PUP.Optional.MindSpark.A) -> No action taken.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Zwinky_5q\bar\1.bin\5qidle.dll.vir (PUP.Optional.MindSpark.A) -> No action taken.
C:\AdwCleaner\Quarantine\C\ProgramData\tpeerfeCtucoupon\uZ.dll.vir (PUP.Optional.MultiPlug.A) -> No action taken.
C:\AdwCleaner\Quarantine\C\ProgramData\tpeerfeCtucoupon\uZ.exe.vir (PUP.Optional.MultiPlug.A) -> No action taken.
C:\AdwCleaner\Quarantine\C\ProgramData\tpeerfeCtucoupon\uZ.x64.dll.vir (PUP.Optional.MultiPlug.A) -> No action taken.
C:\AdwCleaner\Quarantine\C\ProgramData\WeCareReminder\ReminderHelper.exe.vir (PUP.Optional.WeCare.A) -> No action taken.
C:\AdwCleaner\Quarantine\C\ProgramData\WeCareReminder\WCAutoUpdate.exe.vir (PUP.Optional.WeCare.A) -> No action taken.
C:\AdwCleaner\Quarantine\C\Users\Richard\AppData\Local\Smartbar\Application\SmartbarVersionsHelper.exe.vir (PUP.Optional.SmartBar.A) -> No action taken.
C:\AdwCleaner\Quarantine\C\Users\Richard\AppData\Roaming\DealPly\UpdateProc\UpdateTask.exe.vir (PUP.Optional.DealPly.A) -> No action taken.
C:\Downloads\Software\Free_Download_Manage_brie.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher32.exe (PUP.Optional.Adpeak) -> No action taken.
C:\Program Files\SafeSearch\se.exe (PUP.Optional.SoftM8.A) -> No action taken.
C:\Program Files (x86)\Mobogenie\nengine.dll (PUP.Optional.NextLive.A) -> No action taken.
C:\Program Files (x86)\Software Updater\SoftwareUpdater.exe (PUP.Optional.AirInstaller) -> No action taken.
C:\ProgramData\ApptOUo\yiAVS34OS.exe (PUP.Optional.MultiPlug.A) -> No action taken.
C:\ProgramData\ApptOUo\yiAVS34OS.x64.dll (PUP.Optional.MultiPlug.A) -> No action taken.
C:\ProgramData\TXTufileViWer\_nZ.dll (PUP.Optional.MultiPlug.A) -> No action taken.
C:\ProgramData\TXTufileViWer\_nZ.exe (PUP.Optional.MultiPlug.A) -> No action taken.
C:\ProgramData\TXTufileViWer\_nZ.x64.dll (PUP.Optional.MultiPlug.A) -> No action taken.
C:\temp\000.exe (PUP.Optional.Adpeak) -> No action taken.
C:\temp\InstallServices64.msi (PUP.Optional.Adpeak) -> No action taken.
C:\temp\scorpionsaver.exe (PUP.Optional.ScorpionSaver) -> No action taken.
C:\temp\ScorpionSaver.msi (PUP.Optional.Adpeak) -> No action taken.
C:\Users\Richard\AppData\Local\genienext\nengine.dll (PUP.Optional.NextLive.A) -> No action taken.
C:\Users\Richard\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0J451G9Y\Free_Download_Manager_Setup.exe (PUP.Optional.OptimumInstaller.A) -> No action taken.
C:\Users\Richard\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CMECMO4R\spstub[1].exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Richard\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PLADE8DU\OfferBrokerage_14220E[1].exe (PUP.Optional.InstallIQ) -> No action taken.
C:\Users\Richard\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie2.1.36.zip (PUP.Optional.NextLive.A) -> No action taken.
C:\Users\Richard\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\nengine.dll (PUP.Optional.NextLive.A) -> No action taken.
C:\Users\Richard\AppData\Local\Temp\newsetup.exe (PUP.Optional.GreatArcadeHits.A) -> No action taken.
C:\Users\Richard\AppData\Local\Temp\nsbA635.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Richard\AppData\Local\Temp\nseBE44.exe (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\Richard\AppData\Local\Temp\nseE371.exe (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\Richard\AppData\Local\Temp\nsf5E02.exe (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\Richard\AppData\Local\Temp\nsg81C1.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Richard\AppData\Local\Temp\nsj1905.exe (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\Richard\AppData\Local\Temp\nsj4DD5.exe (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\Richard\AppData\Local\Temp\nslED03.exe (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\Richard\AppData\Local\Temp\nsp4CF2.exe (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\Richard\AppData\Local\Temp\nsp57D9.exe (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\Richard\AppData\Local\Temp\nsz2F5C.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Richard\AppData\Local\Temp\rcpsetup_binstall21_binstall21.exe (PUP.Optional.RegCleanerPro) -> No action taken.
C:\Users\Richard\AppData\Local\Temp\SearchProtectINT.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Richard\AppData\Local\Temp\SPSetup.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Richard\AppData\Local\Temp\SPStub.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Richard\AppData\Local\Temp\ssdl99527.exe (PUP.Optional.SafeSearch.A) -> No action taken.
C:\Users\Richard\AppData\Local\Temp\is1233253943\94754372_stp.EXE (PUP.Optional.OptimizerPro.A) -> No action taken.
C:\Users\Richard\AppData\Local\Temp\is1233253943\94754342_stp\BrowseSmartSetup.exe (PUP.Optional.BrowseSmart.A) -> No action taken.
C:\Users\Richard\AppData\Local\Temp\is1233253943\94754406_stp\Mobogenie_Setup_UN.exe (PUP.Optional.NextLive.A) -> No action taken.
C:\Windows\Installer\34e781f8.msi (PUP.Optional.SmartBar.A) -> No action taken.
C:\Windows\Installer\53b0f4a.msi (PUP.Optional.WeCare.A) -> No action taken.
C:\Windows\Temp\nsa37F8.exe (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Windows\Temp\nsa37F9.exe (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Windows\Temp\nsf7A36.exe (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Windows\Temp\nsv7A65.exe (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\Richard\AppData\Local\mysearchdial-speeddial.crx (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Users\Richard\Desktop\PC Health Kit.lnk (Rogue.PCHealthKit) -> No action taken.
C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pflphaooapbgpeakohlggbpidpppgdff_0.localstorage (PUP.Optional.FunMoods.A) -> No action taken.
C:\Program Files\SafeSearch\safesearch.xml (PUP.Optional.SafeSearch.A) -> No action taken.
C:\Program Files\SafeSearch\npsafesearch.dll (PUP.Optional.SafeSearch.A) -> No action taken.
C:\Program Files\SafeSearch\sqlite3.dll (PUP.Optional.SafeSearch.A) -> No action taken.
C:\Program Files\SafeSearch\ssinstall.dll (PUP.Optional.SafeSearch.A) -> No action taken.
C:\Program Files\SafeSearch\unins000.dat (PUP.Optional.SafeSearch.A) -> No action taken.
C:\Program Files\SafeSearch\unins000.exe (PUP.Optional.SafeSearch.A) -> No action taken.
C:\Program Files\SafeSearch\chrome\safesearch.crx (PUP.Optional.SafeSearch.A) -> No action taken.
C:\Program Files\SafeSearch\chrome\redistributables\chrome\safesearch.crx (PUP.Optional.SafeSearch.A) -> No action taken.
C:\Program Files\SafeSearch\ie\AddinExpress.IE.dll (PUP.Optional.SafeSearch.A) -> No action taken.
C:\Program Files\SafeSearch\ie\adxloader.dll.manifest (PUP.Optional.SafeSearch.A) -> No action taken.
C:\Program Files\SafeSearch\ie\adxloader.exe (PUP.Optional.SafeSearch.A) -> No action taken.
C:\Program Files\SafeSearch\ie\adxloader64.dll (PUP.Optional.SafeSearch.A) -> No action taken.
C:\Program Files\SafeSearch\ie\adxloader64.exe (PUP.Optional.SafeSearch.A) -> No action taken.
C:\Program Files\SafeSearch\ie\adxregext.exe (PUP.Optional.SafeSearch.A) -> No action taken.
C:\Program Files\SafeSearch\ie\adxregistrator.exe (PUP.Optional.SafeSearch.A) -> No action taken.
C:\Program Files\SafeSearch\ie\icon.ico (PUP.Optional.SafeSearch.A) -> No action taken.
C:\Program Files\SafeSearch\ie\Interop.SHDocVw.dll (PUP.Optional.SafeSearch.A) -> No action taken.
C:\Program Files\SafeSearch\ie\Microsoft.mshtml.dll (PUP.Optional.SafeSearch.A) -> No action taken.
C:\Program Files\SafeSearch\ie\SafeSearch.dll (PUP.Optional.SafeSearch.A) -> No action taken.
C:\Users\Richard\AppData\Local\Temp\AdpeakProxyr.log (PUP.Optional.AdpeakProxy) -> No action taken.
C:\Windows\Temp\AdpeakProxy.log (PUP.Optional.AdpeakProxy) -> No action taken.
C:\Windows\Temp\AdpeakProxyr.log (PUP.Optional.AdpeakProxy) -> No action taken.
C:\Windows\Tasks\ArcadeParlor.job (PUP.Optional.ArcadeParlor.A) -> No action taken.
C:\Users\Richard\AppData\Local\Temp\CT3317209\ddt.csf (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Richard\AppData\Local\Temp\CT3317212\ddt.csf (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Richard\AppData\Local\GreatArcadeHits\application.ico (PUP.Optional.GreatArcadeHits.A) -> No action taken.
C:\Users\Richard\AppData\Local\GreatArcadeHits\cookies.js (PUP.Optional.GreatArcadeHits.A) -> No action taken.
C:\Users\Richard\AppData\Local\GreatArcadeHits\gahff.xpi (PUP.Optional.GreatArcadeHits.A) -> No action taken.
C:\Users\Richard\AppData\Local\GreatArcadeHits\GAHUninstaller.exe (PUP.Optional.GreatArcadeHits.A) -> No action taken.
C:\Users\Richard\AppData\Local\GreatArcadeHits\GAHUpdate.exe (PUP.Optional.GreatArcadeHits.A) -> No action taken.
C:\Users\Richard\AppData\Local\GreatArcadeHits\Play Games online on GreatArcadeHits.com.url (PUP.Optional.GreatArcadeHits.A) -> No action taken.
C:\Users\Richard\AppData\Local\GreatArcadeHits\premium.pem (PUP.Optional.GreatArcadeHits.A) -> No action taken.
C:\Users\Richard\AppData\Local\GreatArcadeHits\static.js (PUP.Optional.GreatArcadeHits.A) -> No action taken.
C:\Users\Richard\AppData\Local\GreatArcadeHits\{B21F5E31-B8E8-41CD-B74C-168A71A10E49}\chrome.manifest (PUP.Optional.GreatArcadeHits.A) -> No action taken.
C:\Users\Richard\AppData\Local\GreatArcadeHits\{B21F5E31-B8E8-41CD-B74C-168A71A10E49}\icon.png (PUP.Optional.GreatArcadeHits.A) -> No action taken.
C:\Users\Richard\AppData\Local\GreatArcadeHits\{B21F5E31-B8E8-41CD-B74C-168A71A10E49}\install.rdf (PUP.Optional.GreatArcadeHits.A) -> No action taken.
C:\Users\Richard\AppData\Local\GreatArcadeHits\{B21F5E31-B8E8-41CD-B74C-168A71A10E49}\chrome\content\application.js (PUP.Optional.GreatArcadeHits.A) -> No action taken.
C:\Users\Richard\AppData\Local\GreatArcadeHits\{B21F5E31-B8E8-41CD-B74C-168A71A10E49}\chrome\content\overlay.xul (PUP.Optional.GreatArcadeHits.A) -> No action taken.
C:\Users\Richard\AppData\Local\GreatArcadeHits\{B21F5E31-B8E8-41CD-B74C-168A71A10E49}\chrome\content\page.js (PUP.Optional.GreatArcadeHits.A) -> No action taken.
C:\Users\Richard\AppData\Local\GreatArcadeHits\{B21F5E31-B8E8-41CD-B74C-168A71A10E49}\chrome\content\static.js (PUP.Optional.GreatArcadeHits.A) -> No action taken.
C:\Users\Richard\AppData\Local\ArcadeParlor\ap.config (PUP.Optional.ArcadeParlor.A) -> No action taken.
C:\Users\Richard\AppData\Local\ArcadeParlor\Arcadeparlor.dll (PUP.Optional.ArcadeParlor.A) -> No action taken.
C:\Users\Richard\AppData\Local\ArcadeParlor\broker.exe (PUP.Optional.ArcadeParlor.A) -> No action taken.
C:\Users\Richard\AppData\Local\ArcadeParlor\removal.exe (PUP.Optional.ArcadeParlor.A) -> No action taken.
C:\Users\Richard\AppData\Local\ArcadeParlor\versioncheck.exe (PUP.Optional.ArcadeParlor.A) -> No action taken.
C:\Users\Richard\AppData\Roaming\newnext.me\nengine.cookie (PUP.Optional.NextLive.A) -> No action taken.
C:\Users\Richard\AppData\Roaming\newnext.me\cache\spark.bin (PUP.Optional.NextLive.A) -> No action taken.
C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Extensions\ocifcogajbgikalbpphmoedjlcfjkhgh\1.0.0_0\background.js (PUP.Optional.GreatArcadeHits.A) -> No action taken.
C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Extensions\ocifcogajbgikalbpphmoedjlcfjkhgh\1.0.0_0\cookies.js (PUP.Optional.GreatArcadeHits.A) -> No action taken.
C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Extensions\ocifcogajbgikalbpphmoedjlcfjkhgh\1.0.0_0\icon.png (PUP.Optional.GreatArcadeHits.A) -> No action taken.
C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Extensions\ocifcogajbgikalbpphmoedjlcfjkhgh\1.0.0_0\Manifest.json (PUP.Optional.GreatArcadeHits.A) -> No action taken.
C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Extensions\ocifcogajbgikalbpphmoedjlcfjkhgh\1.0.0_0\page.js (PUP.Optional.GreatArcadeHits.A) -> No action taken.
C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Extensions\ocifcogajbgikalbpphmoedjlcfjkhgh\1.0.0_0\static.js (PUP.Optional.GreatArcadeHits.A) -> No action taken.
C:\Program Files (x86)\BrowseSmart\BrowseSmartBHO.dll (PUP.Optional.BrowseSmart.A) -> No action taken.

(end)
 

 

 

 

The fake number to call that popped up in a new tab of internet explorer while browsing the web was found.  This does actually include the adware dropper.w32 message.  After research, I am believing this is part of the warn1now malware.  I do have a screen print of the message but unable to paste the image here.  If you would like to see it, let me know and I will try to find a way to get it on here.  Otherwise it does look very similar to ones that are posted on other web pages.



#4 DASOS

DASOS

    Malware hunter


  • Security Colleague
  • 1,596 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greece loutraki 6 km from korinth canal
  • Local time:06:27 AM

Posted 08 February 2014 - 03:04 AM

 

Open up Malwarebytes > Settings Tab > Scanner Settings > Under action for PUP > Select: Show in Results List and Check for removal.

Please Update and run a FULL Scan with Malwarebytes Anti-Malware, post the report.

Make sure that everything is checked, and click Remove Selected.

 

A screen will display all the malware that the program found

click on the Remove Selected button to remove all the listed malware. MBAM will now delete all of the files and registry keys and add them to the programs quarantine. When removing the files, MBAM may require a reboot in order to remove some of them. If it displays a message stating that it needs to reboot, please allow it to do so

 

 

. How to use Malwarebytes' Anti-Malware to scan and remove malware from your computer 

 

====

 

Download Security Check by screen317 from here or here.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.

 

====

 

 

Download TDSSKiller and save it to your desktop.

  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.

 

==== 

 

 

 

I'd like us to scan your machine with ESET OnlineScan

Note:You will however need to disable your current installed Anti-Virus, how to do so can be read here.

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the esetsmartinstaller_enu.png
      icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

Note: Do not forget to re-enable your Anti-Virus application after running the above scan! 

 

 

Stelios


Edited by DASOS, 08 February 2014 - 03:58 AM.


#5 squares16

squares16
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:27 PM

Posted 08 February 2014 - 04:46 PM

I have completed the activites as such.  Logs will be posted below.

 

MBAM:

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2014.02.08.05

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16750
Richard :: DESK-PC [administrator]

2/8/2014 10:50:19 AM
mbam-log-2014-02-08 (10-50-19).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 445461
Time elapsed: 1 hour(s), 3 minute(s), 43 second(s)

Memory Processes Detected: 4
C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher64.exe (PUP.Optional.Adpeak) -> 2132 -> Delete on reboot.
C:\Program Files (x86)\BrowseSmart\updateBrowseSmart.exe (PUP.Optional.BrowseSmart.A) -> 6208 -> Delete on reboot.
C:\Program Files (x86)\BrowseSmart\bin\utilBrowseSmart.exe (PUP.Optional.BrowseSmart.A) -> 3876 -> Delete on reboot.
C:\Program Files (x86)\Software Updater\SoftwareUpdater.exe (PUP.Optional.AirInstaller) -> 624 -> Delete on reboot.

Memory Modules Detected: 1
C:\Users\Richard\AppData\Roaming\newnext.me\nengine.dll (PUP.Optional.NextLive.A) -> Delete on reboot.

Registry Keys Detected: 58
HKLM\SYSTEM\CurrentControlSet\Services\Level Quality Watcher (PUP.Optional.Adpeak) -> Quarantined and deleted successfully.
HKLM\SYSTEM\CurrentControlSet\Services\Update BrowseSmart (PUP.Optional.BrowseSmart.A) -> Quarantined and deleted successfully.
HKLM\SYSTEM\CurrentControlSet\Services\Util BrowseSmart (PUP.Optional.BrowseSmart.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{662442F3-22A4-8B1F-8031-E85FDA944D07} (PUP.Optional.MultiPlug.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{662442F3-22A4-8B1F-8031-E85FDA944D07} (PUP.Optional.MultiPlug.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{662442F3-22A4-8B1F-8031-E85FDA944D07} (PUP.Optional.MultiPlug.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{662442F3-22A4-8B1F-8031-E85FDA944D07} (PUP.Optional.MultiPlug.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{662442F3-22A4-8B1F-8031-E85FDA944D07} (PUP.Optional.MultiPlug.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{ffbb88a9-c663-4b9b-9170-70fa0a5a2786} (PUP.Optional.BrowseSmart.A) -> Quarantined and deleted successfully.
HKCR\TypeLib\{b463ecd2-e5d8-4178-80c4-ec7c7e72f9ac} (PUP.Optional.BrowseSmart.A) -> Quarantined and deleted successfully.
HKCR\Interface\{392DE650-A1E6-4FB3-A5A4-21285DE225BD} (PUP.Optional.BrowseSmart.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFBB88A9-C663-4B9B-9170-70FA0A5A2786} (PUP.Optional.BrowseSmart.A) -> Quarantined and deleted successfully.
HKCR\AppID\{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{D0C21091-FF8E-432C-9006-0540E81BA9D7} (PUP.Optional.GreatArcadeHits.A) -> Quarantined and deleted successfully.
HKCR\TypeLib\{5530C971-3D8F-471B-AC49-4CC23FA955E2} (PUP.Optional.GreatArcadeHits.A) -> Quarantined and deleted successfully.
HKCR\Interface\{7FBC7ADD-4D75-4685-9BD4-30D3FBDD3AB4} (PUP.Optional.GreatArcadeHits.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0C21091-FF8E-432C-9006-0540E81BA9D7} (PUP.Optional.GreatArcadeHits.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{D0C21091-FF8E-432C-9006-0540E81BA9D7} (PUP.Optional.GreatArcadeHits.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{D0C21091-FF8E-432C-9006-0540E81BA9D7} (PUP.Optional.GreatArcadeHits.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCR\TypeLib\{C292AD0A-C11F-479B-B8DB-743E72D283B0} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{E27D5867-80DE-4449-9C03-71707C0DB05B} (PUP.Optional.SafeSearch.A) -> Quarantined and deleted successfully.
HKCR\SafeSearch.IEModule (PUP.Optional.SafeSearch.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{E27D5867-80DE-4449-9C03-71707C0DB05B} (PUP.Optional.SafeSearch.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{E27D5867-80DE-4449-9C03-71707C0DB05B} (PUP.Optional.SafeSearch.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E27D5867-80DE-4449-9C03-71707C0DB05B} (PUP.Optional.SafeSearch.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{fc0c0170-4eb0-430d-a7f3-939ee7ea1a25} (PUP.Optional.SafeSearch.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{FC0C0170-4EB0-430D-A7F3-939EE7EA1A25} (PUP.Optional.SafeSearch.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{FC0C0170-4EB0-430D-A7F3-939EE7EA1A25} (PUP.Optional.SafeSearch.A) -> Quarantined and deleted successfully.
HKCR\Typelib\{DCABB943-792E-44C4-9029-ECBEE6265AF9} (PUP.Optional.OutBrowse) -> Quarantined and deleted successfully.
HKCR\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534} (PUP.Optional.OutBrowse) -> Quarantined and deleted successfully.
HKCR\Typelib\{FBC322D5-407E-4854-8C0B-555B951FD8E3} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCR\Interface\{0400EBCA-042C-4000-AA89-9713FBEDB671} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{01B91C29-337A-1FFD-7CFC-473451D2F861} (PUP.Optional.MultiPlug.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AC3F9A7A-E007-C9AE-EAE2-5E490FAD4DB9} (PUP.Optional.MultiPlug.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{f66635a8-9629-5d06-9a76-d8c57f5ad806} (PUP.Optional.SafeSearch.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{F66635A8-9629-5D06-9A76-D8C57F5AD806} (PUP.Optional.SafeSearch.A) -> Quarantined and deleted successfully.
HKCR\TypeLib\{AECF140E-AD41-5109-AC86-CA717779C6B8} (PUP.Optional.SafeSearch.A) -> Quarantined and deleted successfully.
HKCR\Interface\{A7D53A0C-8D59-5C09-B2C9-747344531055} (PUP.Optional.SafeSearch.A) -> Quarantined and deleted successfully.
HKCR\AppID\AdpeakProxy.exe (PUP.Optional.Adpeak) -> Quarantined and deleted successfully.
HKCR\Wow6432Node\AppID\AdpeakProxy.exe (PUP.Optional.Adpeak) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\The Weather Channel (Adware.Hotbar) -> Quarantined and deleted successfully.
HKCU\Software\BrowseSmart (PUP.Optional.BrowseSmart.A) -> Quarantined and deleted successfully.
HKCU\Software\AppDataLow\Software\Scorpion Saver (PUP.Optional.Adpeak) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\SEARCHPROTECTINT (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Adpeak, Inc. (PUP.Optional.AdpeakProxy) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\fpooidjoepcceohjkoffjgioneogihij (PUP.Optional.SafeSearch.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Adpeak, Inc. (PUP.Optional.Adpeak) -> Quarantined and deleted successfully.
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AdpeakProxy (PUP.Optional.ScorpionSaver) -> Quarantined and deleted successfully.
HKLM\SYSTEM\CurrentControlSet\Services\WajamUpdaterV3 (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully.
HKLM\Software\BrowseSmart (PUP.Optional.BrowseSmart.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{856AD396-519D-4C7A-BED6-6785F64924BC} (PUP.Optional.GreatArcadeHits.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{39AD0726-986D-40F9-972B-E3BFA24B7745} (PUP.Optional.ArcadeParlor.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{39AD0726-986D-40F9-972B-E3BFA24B7745} (PUP.Optional.ArcadeParlor.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{39AD0726-986D-40F9-972B-E3BFA24B7745} (PUP.Optional.ArcadeParlor.A) -> Quarantined and deleted successfully.
HKCR\TypeLib\{1F29738C-11D6-4AE5-A1B1-86D4D5F3A69C} (PUP.Optional.ArcadeParlor.A) -> Quarantined and deleted successfully.
HKCR\Interface\{96B4DEA0-F89C-475C-8124-B247260B7CB5} (PUP.Optional.ArcadeParlor.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B74443DB-5A88-4583-860A-F0D06EF399E3} (PUP.Optional.ArcadeParlor.A) -> Quarantined and deleted successfully.

Registry Values Detected: 3
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|NextLive (PUP.Optional.NextLive.A) -> Data: C:\Windows\SysWOW64\rundll32.exe "C:\Users\Richard\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l -> Quarantined and deleted successfully.
HKCU\Software\Mozilla\Firefox\EXTENSIONS|{B21F5E31-B8E8-41CD-B74C-168A71A10E49} (PUP.Optional.GreatArcadeHits.A) -> Data: C:\Users\Richard\AppData\Local\GreatArcadeHits\{B21F5E31-B8E8-41CD-B74C-168A71A10E49}\ -> Quarantined and deleted successfully.
HKCU\Software\SearchProtectINT|Install (PUP.Optional.SearchProtect.A) -> Data: 1 -> Quarantined and deleted successfully.

Registry Data Items Detected: 1
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.SafeSearch.A) -> Bad: (http://www.safesearch.net/?utm_medium=ie&utm_campaign=1377613747992&utm_source=sm&utm_content=1&utm_term=9662c1f1-1a0a-47e5-852f-3308e65a51fa) Good: (http://www.google.com) -> Quarantined and repaired successfully.

Folders Detected: 17
C:\Program Files\SafeSearch (PUP.Optional.SafeSearch.A) -> Quarantined and deleted successfully.
C:\Program Files\SafeSearch\chrome (PUP.Optional.SafeSearch.A) -> Quarantined and deleted successfully.
C:\Program Files\SafeSearch\chrome\redistributables (PUP.Optional.SafeSearch.A) -> Quarantined and deleted successfully.
C:\Program Files\SafeSearch\chrome\redistributables\chrome (PUP.Optional.SafeSearch.A) -> Quarantined and deleted successfully.
C:\Program Files\SafeSearch\ie (PUP.Optional.SafeSearch.A) -> Quarantined and deleted successfully.
C:\Users\Richard\AppData\Local\Temp\CT3317209 (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Richard\AppData\Local\Temp\CT3317212 (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Richard\AppData\Local\GreatArcadeHits (PUP.Optional.GreatArcadeHits.A) -> Quarantined and deleted successfully.
C:\Users\Richard\AppData\Local\GreatArcadeHits\{B21F5E31-B8E8-41CD-B74C-168A71A10E49} (PUP.Optional.GreatArcadeHits.A) -> Quarantined and deleted successfully.
C:\Users\Richard\AppData\Local\GreatArcadeHits\{B21F5E31-B8E8-41CD-B74C-168A71A10E49}\chrome (PUP.Optional.GreatArcadeHits.A) -> Quarantined and deleted successfully.
C:\Users\Richard\AppData\Local\GreatArcadeHits\{B21F5E31-B8E8-41CD-B74C-168A71A10E49}\chrome\content (PUP.Optional.GreatArcadeHits.A) -> Quarantined and deleted successfully.
C:\Users\Richard\AppData\Local\ArcadeParlor (PUP.Optional.ArcadeParlor.A) -> Quarantined and deleted successfully.
C:\Users\Richard\AppData\Roaming\newnext.me (PUP.Optional.NextLive.A) -> Delete on reboot.
C:\Users\Richard\AppData\Roaming\newnext.me\cache (PUP.Optional.NextLive.A) -> Quarantined and deleted successfully.
C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Extensions\ocifcogajbgikalbpphmoedjlcfjkhgh (PUP.Optional.GreatArcadeHits.A) -> Quarantined and deleted successfully.
C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Extensions\ocifcogajbgikalbpphmoedjlcfjkhgh\1.0.0_0 (PUP.Optional.GreatArcadeHits.A) -> Quarantined and deleted successfully.
C:\Program Files\Level Quality Watcher\v1.01 (PUP.Optional.Adpeak) -> Delete on reboot.

Files Detected: 136
C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher64.exe (PUP.Optional.Adpeak) -> Delete on reboot.
C:\Program Files (x86)\BrowseSmart\updateBrowseSmart.exe (PUP.Optional.BrowseSmart.A) -> Delete on reboot.
C:\Program Files (x86)\BrowseSmart\bin\utilBrowseSmart.exe (PUP.Optional.BrowseSmart.A) -> Delete on reboot.
C:\Users\Richard\AppData\Roaming\newnext.me\nengine.dll (PUP.Optional.NextLive.A) -> Delete on reboot.
C:\Program Files (x86)\Software Updater\SoftwareUpdater.exe (PUP.Optional.AirInstaller) -> Delete on reboot.
C:\ProgramData\ApptOUo\yiAVS34OS.dll (PUP.Optional.MultiPlug.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\BrowseSmart\BrowseSmartBHO.dll (PUP.Optional.BrowseSmart.A) -> Quarantined and deleted successfully.
C:\Users\Richard\AppData\Local\GreatArcadeHits\GreatArcadeHitsIE.dll (PUP.Optional.GreatArcadeHits.A) -> Quarantined and deleted successfully.
C:\Program Files\SafeSearch\ie\adxloader.dll (PUP.Optional.SafeSearch.A) -> Quarantined and deleted successfully.
C:\Users\Richard\AppData\Local\Temp\DownloadManager2.exe (PUP.Optional.OutBrowse) -> Quarantined and deleted successfully.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Conduit\Community Alerts\Alert.dll.vir (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mysearchdial\1.8.21.0\mysearchdialApp.dll.vir (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mysearchdial\1.8.21.0\mysearchdialEng.dll.vir (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mysearchdial\1.8.21.0\mysearchdialsrv.exe.vir (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mysearchdial\1.8.21.0\mysearchdialTlbr.dll.vir (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mysearchdial\1.8.21.0\bh\mysearchdial.dll.vir (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\optimizer pro\OptimizerPro.exe.vir (PUP.Optional.OptimizerPro) -> Quarantined and deleted successfully.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\optimizer pro\OptProGuard.exe.vir (PUP.Optional.OptimizerPro) -> Quarantined and deleted successfully.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\optimizer pro\OptProReminder.exe.vir (PUP.Optional.OptimizerPro) -> Quarantined and deleted successfully.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\optimizer pro\OptProSchedule.exe.vir (PUP.Optional.OptimizerPro) -> Quarantined and deleted successfully.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\optimizer pro\OptProSmartScan.exe.vir (PUP.Optional.OptimizerPro) -> Quarantined and deleted successfully.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\optimizer pro\OptProStart.exe.vir (PUP.Optional.OptimizerPro) -> Quarantined and deleted successfully.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Wajam\IE\priam_bho.dll.vir (PUP.Optional.Wajam) -> Quarantined and deleted successfully.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Wajam\Updater\update.exe.vir (PUP.Optional.Wajam) -> Quarantined and deleted successfully.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Zwinky_5q\bar\1.bin\5qbarsvc.exe.vir (PUP.Optional.AudioToAudioToolBar.A) -> Quarantined and deleted successfully.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Zwinky_5q\bar\1.bin\5qbrmon.exe.vir (PUP.Optional.MindSpark.A) -> Quarantined and deleted successfully.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Zwinky_5q\bar\1.bin\5qbrstub.dll.vir (PUP.Optional.MindSpark.A) -> Quarantined and deleted successfully.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Zwinky_5q\bar\1.bin\5qidle.dll.vir (PUP.Optional.MindSpark.A) -> Quarantined and deleted successfully.
C:\AdwCleaner\Quarantine\C\ProgramData\tpeerfeCtucoupon\uZ.dll.vir (PUP.Optional.MultiPlug.A) -> Quarantined and deleted successfully.
C:\AdwCleaner\Quarantine\C\ProgramData\tpeerfeCtucoupon\uZ.exe.vir (PUP.Optional.MultiPlug.A) -> Quarantined and deleted successfully.
C:\AdwCleaner\Quarantine\C\ProgramData\tpeerfeCtucoupon\uZ.x64.dll.vir (PUP.Optional.MultiPlug.A) -> Quarantined and deleted successfully.
C:\AdwCleaner\Quarantine\C\ProgramData\WeCareReminder\ReminderHelper.exe.vir (PUP.Optional.WeCare.A) -> Quarantined and deleted successfully.
C:\AdwCleaner\Quarantine\C\ProgramData\WeCareReminder\WCAutoUpdate.exe.vir (PUP.Optional.WeCare.A) -> Quarantined and deleted successfully.
C:\AdwCleaner\Quarantine\C\Users\Richard\AppData\Local\Smartbar\Application\SmartbarVersionsHelper.exe.vir (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\AdwCleaner\Quarantine\C\Users\Richard\AppData\Roaming\DealPly\UpdateProc\UpdateTask.exe.vir (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\Downloads\Software\Free_Download_Manage_brie.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher32.exe (PUP.Optional.Adpeak) -> Quarantined and deleted successfully.
C:\Program Files\SafeSearch\se.exe (PUP.Optional.SoftM8.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mobogenie\nengine.dll (PUP.Optional.NextLive.A) -> Quarantined and deleted successfully.
C:\ProgramData\ApptOUo\yiAVS34OS.exe (PUP.Optional.MultiPlug.A) -> Quarantined and deleted successfully.
C:\ProgramData\ApptOUo\yiAVS34OS.x64.dll (PUP.Optional.MultiPlug.A) -> Quarantined and deleted successfully.
C:\ProgramData\TXTufileViWer\_nZ.dll (PUP.Optional.MultiPlug.A) -> Quarantined and deleted successfully.
C:\ProgramData\TXTufileViWer\_nZ.exe (PUP.Optional.MultiPlug.A) -> Quarantined and deleted successfully.
C:\ProgramData\TXTufileViWer\_nZ.x64.dll (PUP.Optional.MultiPlug.A) -> Quarantined and deleted successfully.
C:\temp\000.exe (PUP.Optional.Adpeak) -> Quarantined and deleted successfully.
C:\temp\InstallServices64.msi (PUP.Optional.Adpeak) -> Quarantined and deleted successfully.
C:\temp\scorpionsaver.exe (PUP.Optional.ScorpionSaver) -> Quarantined and deleted successfully.
C:\temp\ScorpionSaver.msi (PUP.Optional.Adpeak) -> Quarantined and deleted successfully.
C:\Users\Richard\AppData\Local\genienext\nengine.dll (PUP.Optional.NextLive.A) -> Quarantined and deleted successfully.
C:\Users\Richard\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0J451G9Y\Free_Download_Manager_Setup.exe (PUP.Optional.OptimumInstaller.A) -> Quarantined and deleted successfully.
C:\Users\Richard\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CMECMO4R\spstub[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Richard\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PLADE8DU\OfferBrokerage_14220E[1].exe (PUP.Optional.InstallIQ) -> Quarantined and deleted successfully.
C:\Users\Richard\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie2.1.36.zip (PUP.Optional.NextLive.A) -> Quarantined and deleted successfully.
C:\Users\Richard\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\nengine.dll (PUP.Optional.NextLive.A) -> Quarantined and deleted successfully.
C:\Users\Richard\AppData\Local\Temp\newsetup.exe (PUP.Optional.GreatArcadeHits.A) -> Quarantined and deleted successfully.
C:\Users\Richard\AppData\Local\Temp\nsbA635.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Richard\AppData\Local\Temp\nseBE44.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Richard\AppData\Local\Temp\nseE371.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Richard\AppData\Local\Temp\nsf5E02.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Richard\AppData\Local\Temp\nsg81C1.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Richard\AppData\Local\Temp\nsj1905.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Richard\AppData\Local\Temp\nsj4DD5.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Richard\AppData\Local\Temp\nslED03.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Richard\AppData\Local\Temp\nsp4CF2.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Richard\AppData\Local\Temp\nsp57D9.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Richard\AppData\Local\Temp\nsz2F5C.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Richard\AppData\Local\Temp\rcpsetup_binstall21_binstall21.exe (PUP.Optional.RegCleanerPro) -> Quarantined and deleted successfully.
C:\Users\Richard\AppData\Local\Temp\SearchProtectINT.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Richard\AppData\Local\Temp\SPSetup.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Richard\AppData\Local\Temp\SPStub.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Richard\AppData\Local\Temp\ssdl99527.exe (PUP.Optional.SafeSearch.A) -> Quarantined and deleted successfully.
C:\Users\Richard\AppData\Local\Temp\is1233253943\94754372_stp.EXE (PUP.Optional.OptimizerPro.A) -> Quarantined and deleted successfully.
C:\Users\Richard\AppData\Local\Temp\is1233253943\94754342_stp\BrowseSmartSetup.exe (PUP.Optional.BrowseSmart.A) -> Quarantined and deleted successfully.
C:\Users\Richard\AppData\Local\Temp\is1233253943\94754406_stp\Mobogenie_Setup_UN.exe (PUP.Optional.NextLive.A) -> Quarantined and deleted successfully.
C:\Windows\Installer\34e781f8.msi (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Windows\Installer\53b0f4a.msi (PUP.Optional.WeCare.A) -> Quarantined and deleted successfully.
C:\Windows\Temp\nsa37F8.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Windows\Temp\nsa37F9.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Windows\Temp\nsf7A36.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Windows\Temp\nsv7A65.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Richard\AppData\Local\mysearchdial-speeddial.crx (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Users\Richard\Desktop\PC Health Kit.lnk (Rogue.PCHealthKit) -> Quarantined and deleted successfully.
C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pflphaooapbgpeakohlggbpidpppgdff_0.localstorage (PUP.Optional.FunMoods.A) -> Quarantined and deleted successfully.
C:\Program Files\SafeSearch\safesearch.xml (PUP.Optional.SafeSearch.A) -> Quarantined and deleted successfully.
C:\Program Files\SafeSearch\npsafesearch.dll (PUP.Optional.SafeSearch.A) -> Quarantined and deleted successfully.
C:\Program Files\SafeSearch\sqlite3.dll (PUP.Optional.SafeSearch.A) -> Quarantined and deleted successfully.
C:\Program Files\SafeSearch\ssinstall.dll (PUP.Optional.SafeSearch.A) -> Quarantined and deleted successfully.
C:\Program Files\SafeSearch\unins000.dat (PUP.Optional.SafeSearch.A) -> Quarantined and deleted successfully.
C:\Program Files\SafeSearch\unins000.exe (PUP.Optional.SafeSearch.A) -> Quarantined and deleted successfully.
C:\Program Files\SafeSearch\chrome\safesearch.crx (PUP.Optional.SafeSearch.A) -> Quarantined and deleted successfully.
C:\Program Files\SafeSearch\chrome\redistributables\chrome\safesearch.crx (PUP.Optional.SafeSearch.A) -> Quarantined and deleted successfully.
C:\Program Files\SafeSearch\ie\AddinExpress.IE.dll (PUP.Optional.SafeSearch.A) -> Quarantined and deleted successfully.
C:\Program Files\SafeSearch\ie\adxloader.dll.manifest (PUP.Optional.SafeSearch.A) -> Quarantined and deleted successfully.
C:\Program Files\SafeSearch\ie\adxloader.exe (PUP.Optional.SafeSearch.A) -> Quarantined and deleted successfully.
C:\Program Files\SafeSearch\ie\adxloader64.dll (PUP.Optional.SafeSearch.A) -> Quarantined and deleted successfully.
C:\Program Files\SafeSearch\ie\adxloader64.exe (PUP.Optional.SafeSearch.A) -> Quarantined and deleted successfully.
C:\Program Files\SafeSearch\ie\adxregext.exe (PUP.Optional.SafeSearch.A) -> Quarantined and deleted successfully.
C:\Program Files\SafeSearch\ie\adxregistrator.exe (PUP.Optional.SafeSearch.A) -> Quarantined and deleted successfully.
C:\Program Files\SafeSearch\ie\icon.ico (PUP.Optional.SafeSearch.A) -> Quarantined and deleted successfully.
C:\Program Files\SafeSearch\ie\Interop.SHDocVw.dll (PUP.Optional.SafeSearch.A) -> Quarantined and deleted successfully.
C:\Program Files\SafeSearch\ie\Microsoft.mshtml.dll (PUP.Optional.SafeSearch.A) -> Quarantined and deleted successfully.
C:\Program Files\SafeSearch\ie\SafeSearch.dll (PUP.Optional.SafeSearch.A) -> Quarantined and deleted successfully.
C:\Users\Richard\AppData\Local\Temp\AdpeakProxyr.log (PUP.Optional.AdpeakProxy) -> Quarantined and deleted successfully.
C:\Windows\Temp\AdpeakProxy.log (PUP.Optional.AdpeakProxy) -> Quarantined and deleted successfully.
C:\Windows\Temp\AdpeakProxyr.log (PUP.Optional.AdpeakProxy) -> Quarantined and deleted successfully.
C:\Windows\Tasks\ArcadeParlor.job (PUP.Optional.ArcadeParlor.A) -> Quarantined and deleted successfully.
C:\Users\Richard\AppData\Local\Temp\CT3317209\ddt.csf (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Richard\AppData\Local\Temp\CT3317212\ddt.csf (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Richard\AppData\Local\GreatArcadeHits\application.ico (PUP.Optional.GreatArcadeHits.A) -> Quarantined and deleted successfully.
C:\Users\Richard\AppData\Local\GreatArcadeHits\cookies.js (PUP.Optional.GreatArcadeHits.A) -> Quarantined and deleted successfully.
C:\Users\Richard\AppData\Local\GreatArcadeHits\gahff.xpi (PUP.Optional.GreatArcadeHits.A) -> Quarantined and deleted successfully.
C:\Users\Richard\AppData\Local\GreatArcadeHits\GAHUninstaller.exe (PUP.Optional.GreatArcadeHits.A) -> Quarantined and deleted successfully.
C:\Users\Richard\AppData\Local\GreatArcadeHits\GAHUpdate.exe (PUP.Optional.GreatArcadeHits.A) -> Quarantined and deleted successfully.
C:\Users\Richard\AppData\Local\GreatArcadeHits\Play Games online on GreatArcadeHits.com.url (PUP.Optional.GreatArcadeHits.A) -> Quarantined and deleted successfully.
C:\Users\Richard\AppData\Local\GreatArcadeHits\premium.pem (PUP.Optional.GreatArcadeHits.A) -> Quarantined and deleted successfully.
C:\Users\Richard\AppData\Local\GreatArcadeHits\static.js (PUP.Optional.GreatArcadeHits.A) -> Quarantined and deleted successfully.
C:\Users\Richard\AppData\Local\GreatArcadeHits\{B21F5E31-B8E8-41CD-B74C-168A71A10E49}\chrome.manifest (PUP.Optional.GreatArcadeHits.A) -> Quarantined and deleted successfully.
C:\Users\Richard\AppData\Local\GreatArcadeHits\{B21F5E31-B8E8-41CD-B74C-168A71A10E49}\icon.png (PUP.Optional.GreatArcadeHits.A) -> Quarantined and deleted successfully.
C:\Users\Richard\AppData\Local\GreatArcadeHits\{B21F5E31-B8E8-41CD-B74C-168A71A10E49}\install.rdf (PUP.Optional.GreatArcadeHits.A) -> Quarantined and deleted successfully.
C:\Users\Richard\AppData\Local\GreatArcadeHits\{B21F5E31-B8E8-41CD-B74C-168A71A10E49}\chrome\content\application.js (PUP.Optional.GreatArcadeHits.A) -> Quarantined and deleted successfully.
C:\Users\Richard\AppData\Local\GreatArcadeHits\{B21F5E31-B8E8-41CD-B74C-168A71A10E49}\chrome\content\overlay.xul (PUP.Optional.GreatArcadeHits.A) -> Quarantined and deleted successfully.
C:\Users\Richard\AppData\Local\GreatArcadeHits\{B21F5E31-B8E8-41CD-B74C-168A71A10E49}\chrome\content\page.js (PUP.Optional.GreatArcadeHits.A) -> Quarantined and deleted successfully.
C:\Users\Richard\AppData\Local\GreatArcadeHits\{B21F5E31-B8E8-41CD-B74C-168A71A10E49}\chrome\content\static.js (PUP.Optional.GreatArcadeHits.A) -> Quarantined and deleted successfully.
C:\Users\Richard\AppData\Local\ArcadeParlor\ap.config (PUP.Optional.ArcadeParlor.A) -> Quarantined and deleted successfully.
C:\Users\Richard\AppData\Local\ArcadeParlor\Arcadeparlor.dll (PUP.Optional.ArcadeParlor.A) -> Quarantined and deleted successfully.
C:\Users\Richard\AppData\Local\ArcadeParlor\broker.exe (PUP.Optional.ArcadeParlor.A) -> Quarantined and deleted successfully.
C:\Users\Richard\AppData\Local\ArcadeParlor\removal.exe (PUP.Optional.ArcadeParlor.A) -> Quarantined and deleted successfully.
C:\Users\Richard\AppData\Local\ArcadeParlor\versioncheck.exe (PUP.Optional.ArcadeParlor.A) -> Quarantined and deleted successfully.
C:\Users\Richard\AppData\Roaming\newnext.me\nengine.cookie (PUP.Optional.NextLive.A) -> Quarantined and deleted successfully.
C:\Users\Richard\AppData\Roaming\newnext.me\cache\spark.bin (PUP.Optional.NextLive.A) -> Quarantined and deleted successfully.
C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Extensions\ocifcogajbgikalbpphmoedjlcfjkhgh\1.0.0_0\background.js (PUP.Optional.GreatArcadeHits.A) -> Quarantined and deleted successfully.
C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Extensions\ocifcogajbgikalbpphmoedjlcfjkhgh\1.0.0_0\cookies.js (PUP.Optional.GreatArcadeHits.A) -> Quarantined and deleted successfully.
C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Extensions\ocifcogajbgikalbpphmoedjlcfjkhgh\1.0.0_0\icon.png (PUP.Optional.GreatArcadeHits.A) -> Quarantined and deleted successfully.
C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Extensions\ocifcogajbgikalbpphmoedjlcfjkhgh\1.0.0_0\Manifest.json (PUP.Optional.GreatArcadeHits.A) -> Quarantined and deleted successfully.
C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Extensions\ocifcogajbgikalbpphmoedjlcfjkhgh\1.0.0_0\page.js (PUP.Optional.GreatArcadeHits.A) -> Quarantined and deleted successfully.
C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Extensions\ocifcogajbgikalbpphmoedjlcfjkhgh\1.0.0_0\static.js (PUP.Optional.GreatArcadeHits.A) -> Quarantined and deleted successfully.

(end)
 

 

 

SecurityCheck

 Results of screen317's Security Check version 0.99.79  
   x64 (UAC is enabled)  
 Internet Explorer 10 Out of date!
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
Windows Defender           
Norton Internet Security   
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
 Malwarebytes Anti-Malware version 1.75.0.1300  
````````Process Check: objlist.exe by Laurent````````  
 Norton ccSvcHst.exe
 Windows Defender MSMpEng.exe
 Richard Desktop Malware issue 2-7-14 SecurityCheck(1).exe
 Windows Defender MsMpEng.exe   
 Symantec Norton Online Backup NOBuAgent.exe  
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:  %
````````````````````End of Log``````````````````````
 

 

 

TDSS

12:47:44.0313 0x17d0  TDSS rootkit removing tool 3.0.0.22 Feb  3 2014 16:45:35
12:47:44.0313 0x17d0  UEFI system
12:48:00.0847 0x17d0  ============================================================
12:48:00.0847 0x17d0  Current date / time: 2014/02/08 12:48:00.0847
12:48:00.0847 0x17d0  SystemInfo:
12:48:00.0847 0x17d0  
12:48:00.0847 0x17d0  OS Version: 6.2.9200 ServicePack: 0.0
12:48:00.0847 0x17d0  Product type: Workstation
12:48:00.0847 0x17d0  ComputerName: DESK-PC
12:48:00.0847 0x17d0  UserName: Richard
12:48:00.0847 0x17d0  Windows directory: C:\Windows
12:48:00.0847 0x17d0  System windows directory: C:\Windows
12:48:00.0847 0x17d0  Running under WOW64
12:48:00.0847 0x17d0  Processor architecture: Intel x64
12:48:00.0847 0x17d0  Number of processors: 2
12:48:00.0847 0x17d0  Page size: 0x1000
12:48:00.0847 0x17d0  Boot type: Normal boot
12:48:00.0847 0x17d0  ============================================================
12:48:02.0608 0x17d0  KLMD registered as C:\Windows\system32\drivers\35443248.sys
12:48:02.0776 0x17d0  System UUID: {FA1204D3-CF4F-72BE-6ACC-1921D58E3B37}
12:48:03.0801 0x17d0  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:48:03.0818 0x17d0  Drive \Device\Harddisk2\DR2 - Size: 0x1D1C1115000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
12:48:03.0821 0x17d0  ============================================================
12:48:03.0821 0x17d0  \Device\Harddisk0\DR0:
12:48:03.0844 0x17d0  GPT partitions:
12:48:03.0852 0x17d0  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {4D354890-0DEB-4891-896C-60578A3801AA}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xC8000
12:48:03.0852 0x17d0  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {E145F3D7-6F3F-4FD7-BFDD-CD367E5AC5C4}, Name: EFI system partition, StartLBA 0xC8800, BlocksNum 0x96000
12:48:03.0852 0x17d0  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {A91E7356-ABD7-4DA8-9571-89E56E8E27B2}, Name: Microsoft reserved partition, StartLBA 0x15E800, BlocksNum 0x40000
12:48:03.0852 0x17d0  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {519A4D75-0B25-47CF-8494-68ACF5245197}, Name: Basic data partition, StartLBA 0x19E800, BlocksNum 0x71568000
12:48:03.0852 0x17d0  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {4D3D292D-E363-45A6-BD52-87984943E52F}, Name: Basic data partition, StartLBA 0x71706800, BlocksNum 0x3000000
12:48:03.0852 0x17d0  MBR partitions:
12:48:03.0852 0x17d0  \Device\Harddisk2\DR2:
12:48:03.0853 0x17d0  GPT partitions:
12:48:03.0854 0x17d0  Invalid gpt header signature
12:48:03.0854 0x17d0  MBR partitions:
12:48:03.0854 0x17d0  \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xE8DD5800
12:48:03.0854 0x17d0  ============================================================
12:48:03.0895 0x17d0  C: <-> \Device\Harddisk0\DR0\Partition4
12:48:04.0611 0x17d0  E: <-> \Device\Harddisk2\DR2\Partition1
12:48:04.0611 0x17d0  ============================================================
12:48:04.0611 0x17d0  Initialize success
12:48:04.0611 0x17d0  ============================================================
12:48:19.0463 0x003c  ============================================================
12:48:19.0464 0x003c  Scan started
12:48:19.0464 0x003c  Mode: Manual;
12:48:19.0464 0x003c  ============================================================
12:48:19.0464 0x003c  KSN ping started
12:48:22.0016 0x003c  KSN ping finished: true
12:48:22.0410 0x003c  ================ Scan system memory ========================
12:48:22.0410 0x003c  System memory - ok
12:48:22.0410 0x003c  ================ Scan services =============================
12:48:22.0545 0x003c  [ E890C46E4754F0DF51BAFCC8D2E07498, E620D03030F3B65442E0A5CB8B59016A6E8DB3BCA52741977B8897B34438E902 ] 1394ohci        C:\Windows\System32\drivers\1394ohci.sys
12:48:22.0551 0x003c  1394ohci - ok
12:48:22.0590 0x003c  [ 4F18D4C7EA14F11A7211F60D553C03DB, 09AB6D2D8E9B7B6D6A97708551C0E4B34538947A15EA2A69C11764D7BC0BB7F6 ] 3ware           C:\Windows\system32\drivers\3ware.sys
12:48:22.0593 0x003c  3ware - ok
12:48:22.0620 0x003c  [ 975AABEB243B800C23626D6B652C5A9C, FB02336F26AF10BA2A0D1B97C33CB1D78BB90CA51EF008A613A0274779798FAD ] ACPI            C:\Windows\system32\drivers\ACPI.sys
12:48:22.0629 0x003c  ACPI - ok
12:48:22.0643 0x003c  [ DC968C37822117E576B933F34A2D130C, 4C94E00ADC242296D7CBBFC7346D5F9AE5FE1B0C616ECA3BDE10A7B34FD2040B ] acpiex          C:\Windows\system32\Drivers\acpiex.sys
12:48:22.0646 0x003c  acpiex - ok
12:48:22.0662 0x003c  [ 0CA9F7C3A78227C21A0A7854E245CFB2, D54147C9C1EE2F0098B863B0852E027DB89D6FA67F6B7FD54F609D9715A11442 ] acpipagr        C:\Windows\System32\drivers\acpipagr.sys
12:48:22.0663 0x003c  acpipagr - ok
12:48:22.0672 0x003c  [ 8EB8DA03B142D3DD1EB9ED8107A76C43, 24B9B24F9A5BDF3AAD13C4EE0638497D9CA4A100096C6EAE403E0215EA89C439 ] AcpiPmi         C:\Windows\System32\drivers\acpipmi.sys
12:48:22.0674 0x003c  AcpiPmi - ok
12:48:22.0682 0x003c  [ CBCE725C5D86ABA7D2604E22951AA9B8, DE0440F0E943F057EBCD01DB4B1E12DBC241FBF03C42021306D322AB88FF8F21 ] acpitime        C:\Windows\System32\drivers\acpitime.sys
12:48:22.0683 0x003c  acpitime - ok
12:48:22.0714 0x003c  [ 93C6388592B99925C1D1576E465BC80F, 4C48BE5471DA4788357D71E90DFEA20FE320C7AAE1F4C55AFBE2E46FEA5CF8FB ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
12:48:22.0730 0x003c  adp94xx - ok
12:48:22.0754 0x003c  [ D27763E0247292654E7F7D16444C7C72, 0314C713D31E2B34F215B52F804F014D876E6ED92DC656CC3E27920CCD36CF0E ] adpahci         C:\Windows\system32\drivers\adpahci.sys
12:48:22.0761 0x003c  adpahci - ok
12:48:22.0784 0x003c  [ 67B90070FF48F794AF19F9FCF0080D75, 5D0D352606D58D2CA0814F38EF7B1774C030BE44353DF5910CBFAAF4FDE64ED6 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
12:48:22.0789 0x003c  adpu320 - ok
12:48:22.0836 0x003c  [ 974AE60BF5B90E31412D93596C968E5B, 092B59C2B67C4618E7B1800615D1DF7199482F60D0D27BD91763F7F8D7FC883F ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
12:48:22.0842 0x003c  AeLookupSvc - ok
12:48:22.0901 0x003c  [ 7C0E0EDF18D6CC565D7BFBB451709FA5, 47C21CD9D87B5C1B5EB14F6166B5E3349B1A6F10501E63CCED8D52A9FE22765D ] AFD             C:\Windows\system32\drivers\afd.sys
12:48:22.0913 0x003c  AFD - ok
12:48:22.0923 0x003c  [ 01590377A5AB19E792528C628A2A68F9, F3A4B6CA4E8D4436E44E36D7F7EEF3DC861D1EE50D41F4273226C4ED95674B84 ] agp440          C:\Windows\system32\drivers\agp440.sys
12:48:22.0944 0x003c  agp440 - ok
12:48:22.0962 0x003c  [ D1BE8E6E5B3AF23A4393AF1BF867977A, B3AE97D35A9304198715D76F6C3F0545AA176FDEBA6C2055782558B11DFA14EB ] ALG             C:\Windows\System32\alg.exe
12:48:22.0965 0x003c  ALG - ok
12:48:22.0982 0x003c  [ 025E8C755BE293E50854D26D1BBE5133, 4373639689306A3D8FE0F862072711BAD5DBAA45E105CD3129586439A90EE070 ] AllUserInstallAgent C:\Windows\system32\AUInstallAgent.dll
12:48:22.0986 0x003c  AllUserInstallAgent - ok
12:48:23.0002 0x003c  [ 9153EBE093D5C161B005D6D853F95FBE, 98CBEDF86BC542C4BFC6FAED591DB2D5B2CF6C2B36119934320F08B43DC9A194 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
12:48:23.0008 0x003c  AMD External Events Utility - ok
12:48:23.0052 0x003c  AMD FUEL Service - ok
12:48:23.0075 0x003c  [ 5A81054B824004B1ECC04F0034A1CDF9, 73A1986A4B346C425157216EBF16CC90EFFC642EDF6109E6364CF0552E3388FD ] AmdK8           C:\Windows\System32\drivers\amdk8.sys
12:48:23.0077 0x003c  AmdK8 - ok
12:48:23.0388 0x003c  [ 03282EC251E929C0D797E1F8ADF58C05, 48002E0FC16B5E2CEFDA94A0AD8714223D9ECB41C80ECF69B01100DCB5C92A4C ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
12:48:23.0662 0x003c  amdkmdag - ok
12:48:23.0710 0x003c  [ B1A43C78634B68AD22450B766EB7818C, 6965302E74B816EF8930967FEFDA1EDEEE99BCAF2499362BA82C035E3E921BC9 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
12:48:23.0718 0x003c  amdkmdap - ok
12:48:23.0748 0x003c  [ B849D453E644FAB9BC8EF6DC8CA9C4C6, B803CDA478D3385937C44CBB05A0E65ABACEFEBA682975787C44E2904FB89D2D ] AmdPPM          C:\Windows\System32\drivers\amdppm.sys
12:48:23.0751 0x003c  AmdPPM - ok
12:48:23.0769 0x003c  [ 35A0EB5AECB0FA3C41A2FB514A562304, 737783ABF348288471AC7051D4DC6CB336D686C94EC7B8938DCA74AFE9BECB1C ] amdsata         C:\Windows\system32\drivers\amdsata.sys
12:48:23.0772 0x003c  amdsata - ok
12:48:23.0796 0x003c  [ 00452671904F5EE94B50BF0219C97164, 99F9B86D3DB3E10B014120A63CD43CBAAB22C8E38851090ABE37D89ABD61F7B6 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
12:48:23.0802 0x003c  amdsbs - ok
12:48:23.0819 0x003c  [ EA3FFE53E92E59C87E3ECA9BEB20D9B7, DC0B8B798720F5F75F8AFD3383CF69194282AEEE84DCACB97382F4C86E1D3E49 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
12:48:23.0823 0x003c  amdxata - ok
12:48:23.0859 0x003c  [ BD736E31CD4331EDA00180E6C7F1AD22, BE36445631474D981A99FF860F3724BE967D50CD14D579E3FBE4F92EA44B98C6 ] amd_sata        C:\Windows\system32\drivers\amd_sata.sys
12:48:23.0860 0x003c  amd_sata - ok
12:48:23.0869 0x003c  [ 54CF3670A1BFEA4F6315B2418F646648, 0E0DF6D5576B5C4E3ECC73301143ACB56F6F5707BB80D98759038FBEC524A083 ] amd_xata        C:\Windows\system32\drivers\amd_xata.sys
12:48:23.0870 0x003c  amd_xata - ok
12:48:23.0913 0x003c  [ 83B3682CE922FB0F415734B26D9D6233, 9102E8B410BB1AE426770896B6AB584D1F02830337FBB2DEC182F3F19832F35F ] AppID           C:\Windows\system32\drivers\appid.sys
12:48:23.0916 0x003c  AppID - ok
12:48:23.0932 0x003c  [ CE2BEAD7F31816FF0AC490D048C969F9, 7D24C5A9E8F7C21CC6D8BF2CA29A8B79DDE7EEDE2F37D36B9071ECE1CF61371F ] AppIDSvc        C:\Windows\System32\appidsvc.dll
12:48:23.0934 0x003c  AppIDSvc - ok
12:48:23.0963 0x003c  [ 4F750B7EFCB6520AE01E01D082D7D476, AD2A67D727A1D4DD0BBACC6B4BB432FA9A14D50D8BA292B95A4747CEC9F85728 ] Appinfo         C:\Windows\System32\appinfo.dll
12:48:23.0965 0x003c  Appinfo - ok
12:48:24.0086 0x003c  [ F518545E5B7623AD49ABE7F8776EFA46, CD39B6EC0D80C6DB857F34D4AC5C31085271B51B8851A56FEFC052B20B7CC40C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:48:24.0087 0x003c  Apple Mobile Device - ok
12:48:24.0119 0x003c  [ 0260B9E197970DBEEA256A45BCBFCADC, F11162F53A458013D23501F8557F5B256F57EEE271B7E3AC6862F2E72CCB72A3 ] APXACC          C:\Windows\system32\DRIVERS\appexDrv.sys
12:48:24.0124 0x003c  APXACC - ok
12:48:24.0140 0x003c  [ E933401B392387F4BE34DE8BAF1722A7, 57CC6DE31E2C82D2B12509F0A5EC9EC70DD2EF6A1F31A66ADF62DC6AE0A67323 ] arc             C:\Windows\system32\drivers\arc.sys
12:48:24.0143 0x003c  arc - ok
12:48:24.0160 0x003c  [ 07CA323EF2E8247A568AB0F3662AD644, 1224B41193F0E9B164732BA5BF707A13427C82C1D8C3EDC2AAE5C5C75454B9F6 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
12:48:24.0163 0x003c  arcsas - ok
12:48:24.0175 0x003c  [ 74DBAEC35366C4EE7670428808715A6A, 3B3A7A81CD8038C4750560B94A9247C4409410780B312BA71EDF2E393DCA7474 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
12:48:24.0177 0x003c  AsyncMac - ok
12:48:24.0193 0x003c  [ A721FF570C2387E383BDDEA9632863C9, 45DD7787F44A2C742560FEB03AB66910C2F0002D95BB02C55EEDE973AA92AD24 ] atapi           C:\Windows\system32\drivers\atapi.sys
12:48:24.0195 0x003c  atapi - ok
12:48:24.0220 0x003c  [ 4885C14A6AB6969B5773A42DA0BA3DA4, E317E1E299543FBD9853C71E1CF8019343B6234B9AAF56ABF48C41BB7743490B ] AthBTPort       C:\Windows\system32\DRIVERS\btath_flt.sys
12:48:24.0225 0x003c  AthBTPort - ok
12:48:24.0245 0x003c  [ 7CA5397A47843B0BD36898F32F2D403B, 40BACD955FDF2E469AA20910203CEB97B7C7D94C04E15723D99ED2C577AD14CF ] AtherosSvc      C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
12:48:24.0250 0x003c  AtherosSvc - ok
12:48:24.0362 0x003c  [ 196EF9CF2344AA58D18156B7D618232C, 8961D2BBC59FC4521DB7888A4106F3730AC8AA5F97BF48B9CDFEA117B58B04EB ] athr            C:\Windows\system32\DRIVERS\athw8x.sys
12:48:24.0487 0x003c  athr - ok
12:48:24.0509 0x003c  [ 98A9D78AF74B2C7D27465029D389F567, 12EF8D3A7A9F27230A965D44DA4BD5692CF3F0A4183A822E226AC6722A35F4C4 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW86.sys
12:48:24.0512 0x003c  AtiHDAudioService - ok
12:48:24.0521 0x003c  [ 66828FF07CE53217582005540E31F84A, 67191E1CAF324014EB50E5C8BEE45D45C8A40C5CE02629AB83D3007E28CE2C35 ] AtiPcie         C:\Windows\system32\drivers\AtiPcie64.sys
12:48:24.0522 0x003c  AtiPcie - ok
12:48:24.0575 0x003c  [ BCD7A47EF587DC00DD61D12D9C2D1E44, 95BC9AC8BA8A86DB5C7A6317002BD9872F193B401A0C58DF252DCF3D4A7541E2 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
12:48:24.0580 0x003c  AudioEndpointBuilder - ok
12:48:24.0635 0x003c  [ 599B3F685A263A114FFAF3BE29C49C75, 579E9561BA8537888E061E303F3F89E2E6F8B8DED74369C3767DB10B35CD45E8 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
12:48:24.0652 0x003c  Audiosrv - ok
12:48:24.0666 0x003c  [ 89491EF71D5EA011127832C588002853, 05620E4235956D8446FB9604F930738C8AA97E3A74C907E37F7CC08B8EDA0461 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
12:48:24.0670 0x003c  AxInstSV - ok
12:48:24.0710 0x003c  [ 87AB5BB072A3F128541D5B815F82FFDD, 186AF33D3DE90638C3E165CAC3DA17295E8A80CDB523F9BE4AF7D38CA6954905 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
12:48:24.0721 0x003c  b06bdrv - ok
12:48:24.0741 0x003c  [ 81703BC5D68DEDBB086C2368FBE7B334, CFD4A55C8045C482F8D410514F3211AEFA00097AB395F5A04BFE983ED6254F6B ] BasicDisplay    C:\Windows\System32\drivers\BasicDisplay.sys
12:48:24.0743 0x003c  BasicDisplay - ok
12:48:24.0756 0x003c  [ 5EC68164E14D25675C98BBB5F09E8606, 1D7EDB21C87039FC5F39F46460AD852BC4EC6B179B1C205D189DD3C397343435 ] BasicRender     C:\Windows\System32\drivers\BasicRender.sys
12:48:24.0758 0x003c  BasicRender - ok
12:48:24.0783 0x003c  [ 89143A7BA7850F5C7E61B43BB44B6418, 00BB781DF87D4FF1BAFD318AFE237296B4F5925023BA4486405EC0A384C88D8F ] BDESVC          C:\Windows\System32\bdesvc.dll
12:48:24.0788 0x003c  BDESVC - ok
12:48:24.0798 0x003c  [ 9E7AEA59776D904607985AFFE7E5E183, C3DB745A9F4DA7CB9628A7913DD52B2444B14FEB9D588FF6558CF52CEB8955EB ] Beep            C:\Windows\system32\drivers\Beep.sys
12:48:24.0799 0x003c  Beep - ok
12:48:24.0854 0x003c  [ 53AA55632B94622F2DC3695E86EF9363, 9B5BB8EDA48A37AE97BCD42D83B25A6D10AA6231EABE745DCCE6D60E19094A6F ] BFE             C:\Windows\System32\bfe.dll
12:48:24.0869 0x003c  BFE - ok
12:48:25.0044 0x003c  [ 6E10DB69DB1AA96207F4B14B18FF12F8, 93D32F689AA1B8B41F5B40511CFE3F088FBD31ACE90F9EF25163D6676C1A084F ] BHDrvx64        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\BASHDefs\20130715.001\BHDrvx64.sys
12:48:25.0092 0x003c  BHDrvx64 - ok
12:48:25.0143 0x003c  [ D598C44A7072D3108D8D8102EC5E07F7, D7472E9BAAB7B6E1D30F4E153412E2A16EE5C08DE2BF8BFF4D65089825226FE0 ] BITS            C:\Windows\System32\qmgr.dll
12:48:25.0161 0x003c  BITS - ok
12:48:25.0203 0x003c  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
12:48:25.0213 0x003c  Bonjour Service - ok
12:48:25.0227 0x003c  [ B17AC10B47C7FCB44D22A1F06415840E, 990D6F629D93F4F913D218ACE5187A26DCB762BAFB2BB279CCE8CAF2755D85A5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
12:48:25.0230 0x003c  bowser - ok
12:48:25.0278 0x003c  [ 038FA1B55531E7020DB705B42FCCE373, 023E87E3204D64890D6FEA78E762E5BC5BD0A59325EBC264834727779EEEDBC5 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
12:48:25.0282 0x003c  BrokerInfrastructure - ok
12:48:25.0317 0x003c  [ 310068BDA80B1D55C36580FD8A873FAF, A75412FF1F483461F526E9A359DCEECA5E683441514464D5ED82D1A9740D583E ] Browser         C:\Windows\System32\browser.dll
12:48:25.0321 0x003c  Browser - ok
12:48:25.0359 0x003c  [ 942F3F6286056D6BBB5B02ED2B7088BD, 9F187C480BD40815ECFFC208BD1B00ACDFAD16899B4C8BE79C803FE48E322EA0 ] BTATH_A2DP      C:\Windows\system32\drivers\btath_a2dp.sys
12:48:25.0366 0x003c  BTATH_A2DP - ok
12:48:25.0382 0x003c  [ 43C965027229D9FF6E52E4C71C03B09E, AF0E39EAD8B17A65F885272BEF12BF91578289C183FB39BB803183BE0E5547D1 ] btath_avdt      C:\Windows\system32\drivers\btath_avdt.sys
12:48:25.0385 0x003c  btath_avdt - ok
12:48:25.0413 0x003c  [ 23CEDCD7527A26B222732A158F76EB24, 5A45D7FC8DFB96A938EEB8604B79413A10C0C16A17D3139B712263211D8215E9 ] BTATH_BUS       C:\Windows\System32\drivers\btath_bus.sys
12:48:25.0415 0x003c  BTATH_BUS - ok
12:48:25.0433 0x003c  [ 3DD64966A764BCAFF07C9DC064BD410E, 456252339BCA224549E4CBCD5A0501AF10340211CFD567C577067ABF5DABB21F ] BTATH_HCRP      C:\Windows\System32\drivers\btath_hcrp.sys
12:48:25.0439 0x003c  BTATH_HCRP - ok
12:48:25.0455 0x003c  [ B68EE0721EAC305AB1C9C989CDF1AEFF, 3F7CE8E244836E23456E519E48E53E4B9331C9AD9BAF13C208C922404575638A ] BTATH_LWFLT     C:\Windows\system32\DRIVERS\btath_lwflt.sys
12:48:25.0458 0x003c  BTATH_LWFLT - ok
12:48:25.0476 0x003c  [ EC7BB341229E9E6B04349580F55218B2, 4227CE6787DD1432EB054B1EE85C399188A61B23E2E8B0B615DA101C4AABD6C0 ] BTATH_RCP       C:\Windows\System32\drivers\btath_rcp.sys
12:48:25.0480 0x003c  BTATH_RCP - ok
12:48:25.0514 0x003c  [ CBF4EF7E9FE86CE0CAB0A6472DE34A1C, 7E4B410E1BC0BBC3B7CECF4B7396070E3FFB99D73CF185CBF38E65A79DDBB780 ] BtFilter        C:\Windows\system32\DRIVERS\btfilter.sys
12:48:25.0527 0x003c  BtFilter - ok
12:48:25.0556 0x003c  [ 6695200F455E251F0BCC9CE4D0978D59, 4DB2F967E449581A9330EF43E794B45B93581564B20C5B991FC1EC665A640D69 ] BthAvrcpTg      C:\Windows\System32\drivers\BthAvrcpTg.sys
12:48:25.0558 0x003c  BthAvrcpTg - ok
12:48:25.0591 0x003c  [ A8B20D852B07AE19A13B5D47EC4E4C3B, 86571C9E2BA15BB169CAB2D24C4D0598154C02FD173638CAFC685A7F6B09472D ] BthEnum         C:\Windows\System32\drivers\BthEnum.sys
12:48:25.0594 0x003c  BthEnum - ok
12:48:25.0620 0x003c  [ 616EB8748C988AEE98D93DA141C3D3B4, 15A055B0496BDB29CBCF6EEBF112D4BA1C7A2FF39124728830D0FD1FD7A404CB ] BthHFEnum       C:\Windows\System32\drivers\bthhfenum.sys
12:48:25.0623 0x003c  BthHFEnum - ok
12:48:25.0647 0x003c  [ DCB4EBD928A6FB368BE6CAE522412DE1, 9E1345F29467054689B9F48B5CCB567760D36610A4EA9AF41B829EAD60347269 ] bthhfhid        C:\Windows\System32\drivers\BthHFHid.sys
12:48:25.0648 0x003c  bthhfhid - ok
12:48:25.0674 0x003c  [ 42201C346F0B8C458E1E9CDE04D68A2C, 6168FD0D10CD06B00B5C79D5D2B5C353AAC22FD99CE8D417DDBA33ED63CFB8BF ] BthLEEnum       C:\Windows\system32\DRIVERS\BthLEEnum.sys
12:48:25.0679 0x003c  BthLEEnum - ok
12:48:25.0694 0x003c  [ 033916CE8784A848B9A3D686B7F66D97, B4D0514D59646CF6B70D4FA488CF95C38EA38CC5C509329CC8753E897C640AFA ] BTHMODEM        C:\Windows\System32\drivers\bthmodem.sys
12:48:25.0696 0x003c  BTHMODEM - ok
12:48:25.0726 0x003c  [ 091BB978E9504D0AD14586929431A957, ACED02B879026A228E35F40847C210BC30A5AFC948FFE922DB21663E4A8DFF1D ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
12:48:25.0729 0x003c  BthPan - ok
12:48:25.0775 0x003c  [ 13795CAA34239D97A7211E7F9D96E012, C4F3402B063A7CFCE386D1AE9255975A199164BA9E7DCDB6129725213A0642B1 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
12:48:25.0809 0x003c  BTHPORT - ok
12:48:25.0827 0x003c  [ A4387C3D271959313E2577DB7BE8BA7A, C71474802102102EBE04DF036EEB2F5FB3380BE288E3842F19F234EFAE977D70 ] bthserv         C:\Windows\system32\bthserv.dll
12:48:25.0830 0x003c  bthserv - ok
12:48:25.0849 0x003c  [ 1F715957F5236D30B6020A19A4271F6A, C06B637C2C6919E2DE1055AE249AE3EAF7B4890799F22BF5757CC10CEF145043 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
12:48:25.0851 0x003c  BTHUSB - ok
12:48:25.0881 0x003c  [ E41F70406C34F1CB667B4B27D81AD162, 8869C7EB9CBF68B90640765D15DB5B8DACEF45025C1E580AA94D96E32560274B ] ccSet_NARA      C:\Windows\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys
12:48:25.0885 0x003c  ccSet_NARA - ok
12:48:25.0929 0x003c  [ 56685951208AC81CF923B9B08BEDF3B7, F5FF438B9A54AD8D54E82DE60E1771C9685A95D5E590D69EB1E4E78D3B9B7769 ] ccSet_NIS       C:\Windows\system32\drivers\NISx64\1404000.028\ccSetx64.sys
12:48:25.0933 0x003c  ccSet_NIS - ok
12:48:25.0971 0x003c  [ 990B1BABE6E81FB18E65A87EBEFB1772, 1820D4AC57E1D4B7FB5AA89C277B16910ED73712878D2B43FE542CE16DFE16C3 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
12:48:25.0974 0x003c  cdfs - ok
12:48:25.0997 0x003c  [ 339BFF85D788268752DA8C9644B188EE, C2279F1A39AED39865A5027D2FD087F8E82F3ED8C94BA4D922855B98E792AFC5 ] cdrom           C:\Windows\System32\drivers\cdrom.sys
12:48:26.0002 0x003c  cdrom - ok
12:48:26.0023 0x003c  [ BAF8F0F55BC300E5F882E521F054E345, FB228DB18F2FA55D8BA35A7E6778EE5D2EB0C29D384F1A0A868F90AE706188D7 ] CertPropSvc     C:\Windows\System32\certprop.dll
12:48:26.0027 0x003c  CertPropSvc - ok
12:48:26.0043 0x003c  [ F64B7D1A37CC1D5F421D5359EEC81E2E, 2B4879DD32B2C20B94847755E22B1BCBE2B567B3989C57A9BA2DD783307EFFDB ] circlass        C:\Windows\System32\drivers\circlass.sys
12:48:26.0045 0x003c  circlass - ok
12:48:26.0070 0x003c  [ 9905168708DB68849B879B5548F68AB3, B7A495E57B9398704988DC472126CBC5B8D76761A34F51732FBF6CC88E3AB79A ] CLFS            C:\Windows\system32\drivers\CLFS.sys
12:48:26.0079 0x003c  CLFS - ok
12:48:26.0099 0x003c  [ 2DC8538A2260647484A6C921CA837313, 094059DD66B0C50A1CAE288F920107B0B6AD1AA5758284E35B92C131EDEA30EA ] CmBatt          C:\Windows\System32\drivers\CmBatt.sys
12:48:26.0101 0x003c  CmBatt - ok
12:48:26.0144 0x003c  [ E708BFF0473EC6B271EA46B65B16CA56, 2B4C661F7C5A4395CA4204122A1C3C8AA766B56C3D01CD8BAAFA18F71FC7B591 ] CNG             C:\Windows\system32\Drivers\cng.sys
12:48:26.0156 0x003c  CNG - ok
12:48:26.0175 0x003c  [ 0E5B1E9E7122EDAAF1F6CE047965CA92, 803E585B92D1E2E5B6BF67BE511E88DC2629A12407C3E30F7AEFB544D390A9B8 ] CompositeBus    C:\Windows\System32\drivers\CompositeBus.sys
12:48:26.0177 0x003c  CompositeBus - ok
12:48:26.0183 0x003c  COMSysApp - ok
12:48:26.0197 0x003c  [ D9CB0782AF819548072AA45B70F8B22D, 04796F39ABB88759A534DE3D0C51F684BF2A8DE1F4028B657CCFDBDD39A6618C ] condrv          C:\Windows\system32\drivers\condrv.sys
12:48:26.0199 0x003c  condrv - ok
12:48:26.0245 0x003c  [ 5CE2742F063731EC10C1B2EE386A2C08, 309919BDDD4649AFB95A99DCF8AFC3BAE10F9BC1E2819C0794CFD0F80682C223 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
12:48:26.0248 0x003c  CryptSvc - ok
12:48:26.0275 0x003c  [ FAEF4C245BE832DB41B15DAAC336AFB7, 1F8C98AB0DF4327FCB01FE0356025488E19B48A45FFFA50576B49A8587FAC42B ] dam             C:\Windows\system32\drivers\dam.sys
12:48:26.0277 0x003c  dam - ok
12:48:26.0336 0x003c  [ 1EC6E533C954BDDF2A37E7851A7E58FD, C25936A7465B6A2B3D05D2FCB09D91ACC07CFE038A5E968C99CFA9D9F2967DD4 ] DcomLaunch      C:\Windows\system32\rpcss.dll
12:48:26.0355 0x003c  DcomLaunch - ok
12:48:26.0394 0x003c  [ C8650D1F61149AA546BDBC99172EBBC1, D9592ED1B6F23B6EC76A0B93635B6E38702311B0A6982F0F9DEC37FCDAF1288B ] defragsvc       C:\Windows\System32\defragsvc.dll
12:48:26.0402 0x003c  defragsvc - ok
12:48:26.0419 0x003c  [ 5EAEF67AE2AF4D2DC664B649DB7B2E16, ADAC7FD6AC12B50F4998C5EB0BD770DD4B80A94C4CC1B9376AD77648E48D012D ] DeviceAssociationService C:\Windows\system32\das.dll
12:48:26.0428 0x003c  DeviceAssociationService - ok
12:48:26.0484 0x003c  [ 799BE46D45D486704CE0F37CA5385262, BB78DEE83B9DB613B1C083D55FAA458BE3E394AED80EB91B599185A7272F33B3 ] DeviceInstall   C:\Windows\system32\umpnpmgr.dll
12:48:26.0492 0x003c  DeviceInstall - ok
12:48:26.0509 0x003c  [ 09D9EB9E7898F8E6561473A20CC808B9, 0F511593D36084843E5138AF6D55FE08D77803968AE12A236A02368DB364347E ] Dfsc            C:\Windows\system32\Drivers\dfsc.sys
12:48:26.0512 0x003c  Dfsc - ok
12:48:26.0531 0x003c  [ 9E0E72222264745ADEB0E5AC680B0ED6, 576AFC8741695396A3B8E9DBDD3703E9D70370437D09D162262E47A140D101B4 ] Dhcp            C:\Windows\system32\dhcpcore.dll
12:48:26.0539 0x003c  Dhcp - ok
12:48:26.0551 0x003c  [ 3C736FAE17BA6F91BA37594AAB139CD0, 34304A194105B19E7ADD80108DC85C3B7AA9E942C84A7EF93C475CE1D9AE4615 ] discache        C:\Windows\system32\drivers\discache.sys
12:48:26.0554 0x003c  discache - ok
12:48:26.0573 0x003c  [ AE3786294CC246A5403783E1B86A0168, 29A7B4B490CBB16DAEF5D67D0A58A2577CF3FEE8F889484DB867F6913D9D2A28 ] disk            C:\Windows\system32\drivers\disk.sys
12:48:26.0576 0x003c  disk - ok
12:48:26.0592 0x003c  [ 82A7C72593793FE1EADA7A305BD1567A, 75F432E4C75AE9EFF553BD860B3B250853BDDA85C17DBD9B7242D74593506A86 ] dmvsc           C:\Windows\System32\drivers\dmvsc.sys
12:48:26.0594 0x003c  dmvsc - ok
12:48:26.0642 0x003c  [ 066B9710B36AB550E01EEFCA52155968, DCA9F3F4856A6866D3F5A2EEE34E96A83F40198DB0B5AC6381A7568DE1F56FAB ] Dnscache        C:\Windows\System32\dnsrslvr.dll
12:48:26.0648 0x003c  Dnscache - ok
12:48:26.0670 0x003c  [ 9949AD2ABA168A618D46C799D6CC898C, DFAC86A0AEE83C9EFE1BEE9EC15C8CAF1D619D55AF3ACC3986057A5AC985D06A ] dot3svc         C:\Windows\System32\dot3svc.dll
12:48:26.0676 0x003c  dot3svc - ok
12:48:26.0695 0x003c  [ 109FC3F80BF4F4DC5A071058074F13C1, F30736F45BA1811D59E9CB1C172D8D1EA9F5A7D36DCFFBFC9E7E02448C1CF851 ] DPS             C:\Windows\system32\dps.dll
12:48:26.0700 0x003c  DPS - ok
12:48:26.0722 0x003c  [ 9C7C183F937951AE17C5B8B3259CF3FF, 8ED607139F15D08B4835ACF864421BA4C08C88FE90B9AAF707F5D8514D7731B1 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
12:48:26.0745 0x003c  drmkaud - ok
12:48:26.0780 0x003c  [ F87F4AAAF6664906248D11D5E579A53B, F283932F68ED93891EEF00C18724359AB7057E922A3CDC8BC6F33F84D2B0BEE5 ] DsmSvc          C:\Windows\System32\DeviceSetupManager.dll
12:48:26.0785 0x003c  DsmSvc - ok
12:48:26.0840 0x003c  [ E6AF4DF1817953D73C519B17CF849756, 26A90EB368A3F572086F223ABED87B8FC6F998AE401C9E52BEB5EE76AB052702 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
12:48:26.0881 0x003c  DXGKrnl - ok
12:48:26.0910 0x003c  [ 58BA473DD88F5FC1932282BA683AA03E, B8A4407D3006D91BE88F9C5389AC1CACC73BEBF6F66433A1E5EB8E58E8836C12 ] Eaphost         C:\Windows\System32\eapsvc.dll
12:48:26.0914 0x003c  Eaphost - ok
12:48:27.0024 0x003c  [ 5AB97B3282D7D6114949D1EB5C8598E4, FB9449CC1CDC12C12AA0469BB6ACC770CB011250EDFD86E9600E754610608EFD ] ebdrv           C:\Windows\system32\drivers\evbda.sys
12:48:27.0117 0x003c  ebdrv - ok
12:48:27.0168 0x003c  [ 4353FF94D47A0A9D52B89ECCF0CDB013, 8926D1BA577B59ED7A7B5D7ED170A934ACD81541563DB81916E11BAD2DB8282B ] eeCtrl          C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
12:48:27.0179 0x003c  eeCtrl - ok
12:48:27.0195 0x003c  [ F702AB6181513303AB0FC8D59E52708B, D46939B9F672269E65C98606A573C849C4AF5A26E4E75D3A8FE56A65B3A6EA08 ] EFS             C:\Windows\System32\lsass.exe
12:48:27.0196 0x003c  EFS - ok
12:48:27.0209 0x003c  [ 66D60BD9A4C05616ABECA2A901475098, 8111550DB03FFD72F1822F47B16F075DA92874B64F19342D7CF60B0EE648AFEF ] EhStorClass     C:\Windows\system32\drivers\EhStorClass.sys
12:48:27.0212 0x003c  EhStorClass - ok
12:48:27.0232 0x003c  [ A61D0F543024E458C0FE32352E1978E2, BDE6BC140300EAF790F16466C28897CE0BD7D94DCED13FDE20AA4AACA0F6A4FD ] EhStorTcgDrv    C:\Windows\system32\drivers\EhStorTcgDrv.sys
12:48:27.0235 0x003c  EhStorTcgDrv - ok
12:48:27.0295 0x003c  [ 3D897AAAAC4BC8D6F069DA3BB65D136D, 65FAD19C638AE65FB29587EF980FB6EF12B528274469403281A5DCDD1E46C1DB ] ePowerSvc       C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe
12:48:27.0308 0x003c  ePowerSvc - ok
12:48:27.0351 0x003c  [ C5BCCB378D0A896304A3E71BE7215983, 33202DEDDA66C7D5D268E7B36320C104A097A43D099BD9D2E4EC20EC0997FBF3 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
12:48:27.0356 0x003c  EraserUtilRebootDrv - ok
12:48:27.0380 0x003c  [ D790D058D67582DB9C84C2D33695FE6B, A5763D7F6D191EA4B290B3E92D842AC36FD46DF598472E70B46E45D8CCD2F912 ] ErrDev          C:\Windows\System32\drivers\errdev.sys
12:48:27.0381 0x003c  ErrDev - ok
12:48:27.0416 0x003c  [ F9E01C2D9F8BC049E04CF5DC24A5F638, CB6CCB59C77D4A59DDA846608AABEF1DFEC24C8422712AB8D59E27C13D731D2E ] EventSystem     C:\Windows\system32\es.dll
12:48:27.0427 0x003c  EventSystem - ok
12:48:27.0444 0x003c  [ 7A4D6FEB8C52B3FE855E4DCDF9107E03, 6B0146A4C9AD32DCDC2DEE8E8C5A29F687665458486449E0D37B151ED63B8ADC ] exfat           C:\Windows\system32\drivers\exfat.sys
12:48:27.0448 0x003c  exfat - ok
12:48:27.0472 0x003c  [ 60996602A7111FD2D086E803F33E4282, E62A91C90F8542990BEA4E6A5D9DD3D070F4EB23B4C13414C5DA2B0219509749 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
12:48:27.0478 0x003c  fastfat - ok
12:48:27.0515 0x003c  [ F0E7F8382ED5E138B0DFA4CB5058BCFE, 6247C7B75F975F5AB080FFB9881EF58A6F360219F7AF2DE871F38E80CAF3B62C ] Fax             C:\Windows\system32\fxssvc.exe
12:48:27.0530 0x003c  Fax - ok
12:48:27.0548 0x003c  [ 73B2D11DF0B6E03A0CB0323218ACB3E4, BA9256919BAA2E0760F6A658B557FDC389ACE8F9820D1A41FD995FC5613F5AA6 ] fdc             C:\Windows\System32\drivers\fdc.sys
12:48:27.0549 0x003c  fdc - ok
12:48:27.0568 0x003c  [ 0828E3E7BD77C89149EAD3232BFD38DB, A6A296647A4EDBFF59124E3A9C0AB48759AA1738615ACFA5A454FF6BD3C31BA2 ] fdPHost         C:\Windows\system32\fdPHost.dll
12:48:27.0570 0x003c  fdPHost - ok
12:48:27.0585 0x003c  [ 872506AAB591E8908DF4461475AF92DF, 772F2D08CB95775E438822B9EA005CBA92ED4071ADAB2C0101156A7D037D4704 ] FDResPub        C:\Windows\system32\fdrespub.dll
12:48:27.0588 0x003c  FDResPub - ok
12:48:27.0634 0x003c  [ 0588950D93A426F97C7AAADB1A9B0458, ABCB3619BD58CAC438FC032495AE45A7B6FFDD4BD33C1B3D1BC7F9F13FCB727A ] fhsvc           C:\Windows\system32\fhsvc.dll
12:48:27.0638 0x003c  fhsvc - ok
12:48:27.0654 0x003c  [ 88A9EBACD1058ABB237A6B4E96E7F397, 263D25D33B679EB01D97763701347C31B2F72E28CE2C7EC8013EA77756D98BE1 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
12:48:27.0657 0x003c  FileInfo - ok
12:48:27.0664 0x003c  [ 9E4EE3A0B00FF7D5F42A4AF9744CBA02, 1D7BFB00D74A28AC13ECBA1E0036D50EE79266AC02CEDB2632466BF9DD46F211 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
12:48:27.0666 0x003c  Filetrace - ok
12:48:27.0687 0x003c  [ B1D4C168FF7B8579E3745888658FFB1D, 1A5C13E902A0C788A8B995ADD2FBC3303005911C0AA3F3F4497D3016AA0EF583 ] flpydisk        C:\Windows\System32\drivers\flpydisk.sys
12:48:27.0688 0x003c  flpydisk - ok
12:48:27.0712 0x003c  [ B33EC133AE4E6C1881D2302D93D2467D, 77E3A16257EA3698B3FCD947D004144E8D1EEE48EF5C82DF49B1B9B2B3C61DB2 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
12:48:27.0722 0x003c  FltMgr - ok
12:48:27.0780 0x003c  [ 0BCDC0FF11B984162B0CF0FF6E9E0146, D44A3CECBA36B7A64854E244FA6B5E65047896BF9983D20B431410FBBA36697A ] FontCache       C:\Windows\system32\FntCache.dll
12:48:27.0824 0x003c  FontCache - ok
12:48:27.0893 0x003c  [ 0B56259F5611787222A04A8F254E51D4, F77AEC0ACBFAF9154E32223B84B613229DACCD953AEBC3E96C27570F9AB10FD0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:48:27.0895 0x003c  FontCache3.0.0.0 - ok
12:48:27.0916 0x003c  [ A5F7873A39E4E9FAAAE59B7E9E36B705, 32036109F5A50E9F3BEF97C5B28AE8179B3A5E22517868A83CADE4671FF90DEC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
12:48:27.0918 0x003c  FsDepends - ok
12:48:27.0930 0x003c  [ A6DD7D491F587F4BC13FB972977DC8E8, B86F97F17F6F443EC16DEF67CCA4EF78AFE56078D2877838A982FECB19557C87 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
12:48:27.0931 0x003c  Fs_Rec - ok
12:48:28.0014 0x003c  [ C1646A95EAC515F60CDB2A7A8A013C1E, F559B83C02B17265EDE95DD497C1A94E402F07EC251FC47449F789907AFFED14 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
12:48:28.0024 0x003c  fvevol - ok
12:48:28.0051 0x003c  [ A969D92973DFA895E7776B4BFE36DBB2, 7528E6983ECC59291A7A386E4E459B19D1593ABDDFFD276E2F01B0EA21693E20 ] FxPPM           C:\Windows\System32\drivers\fxppm.sys
12:48:28.0053 0x003c  FxPPM - ok
12:48:28.0073 0x003c  [ 52BC441E07A827EBAB70CDC7EAEDB28D, 8DECBD8E12EA52039742599CFBBF0D3B6610B57EF8D9DAEEEA33D202A478D286 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
12:48:28.0076 0x003c  gagp30kx - ok
12:48:28.0115 0x003c  [ C403C5DB49A0F9AAF4F2128EDC0106D8, 3C6948B63278022D8182F773C5FA15784514F76C1546118DDBADBA322B962D12 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
12:48:28.0120 0x003c  GamesAppService - ok
12:48:28.0154 0x003c  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
12:48:28.0157 0x003c  GEARAspiWDM - ok
12:48:28.0171 0x003c  [ 721F8EEF5E9747F32670DEFF7FB92541, E0A8EF70753E260C2C7D93D316B5EF9589DB086FDF829BDA2958C6A09CE471A6 ] gencounter      C:\Windows\System32\drivers\vmgencounter.sys
12:48:28.0173 0x003c  gencounter - ok
12:48:28.0201 0x003c  [ FC2B8B06BDBD3B6457F5A3DA9AD2410E, 4BF196E1CAC94E9265EBEB68F41C3E29F0C709ECFF9420B5B1C9C82680D5D6A8 ] GPIOClx0101     C:\Windows\system32\Drivers\msgpioclx.sys
12:48:28.0205 0x003c  GPIOClx0101 - ok
12:48:28.0260 0x003c  [ 5358678C6370F2ADC5291849F6503262, 841633D7A936C3889690C67E189BAD4C6B294C196FFFE5B564FCECDFE46A9E52 ] gpsvc           C:\Windows\System32\gpsvc.dll
12:48:28.0300 0x003c  gpsvc - ok
12:48:28.0334 0x003c  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:48:28.0339 0x003c  gupdate - ok
12:48:28.0346 0x003c  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:48:28.0348 0x003c  gupdatem - ok
12:48:28.0374 0x003c  [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
12:48:28.0380 0x003c  gusvc - ok
12:48:28.0429 0x003c  [ 630555943E5A3FE21010CE91EC7FC84F, 20D7247A4363EE9E851501D89A466564ADCAEC304DE42280E4E09AD8499436A9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:48:28.0438 0x003c  HdAudAddService - ok
12:48:28.0484 0x003c  [ 7D87B5B6C7188D553E11B59DC7F0B111, FC633DB71E1D72E8AD8F89BBB54324CC6ED17F5594EF55DD0BDB58EE1F601FF5 ] HDAudBus        C:\Windows\System32\drivers\HDAudBus.sys
12:48:28.0486 0x003c  HDAudBus - ok
12:48:28.0493 0x003c  [ 3F76BBA53D65E85A7F53E7A71082082C, D1E18815BB19CD11007C4A66162C76F55D4FE6B09B34ED45969C7ECC29D394AD ] HidBatt         C:\Windows\System32\drivers\HidBatt.sys
12:48:28.0495 0x003c  HidBatt - ok
12:48:28.0519 0x003c  [ 085F150D002B7F0153D3C06DDF33A143, 41847FD02608ECFE3A6B4B38CBDE8416B0EF17491868511FD704B0BCC280338E ] HidBth          C:\Windows\System32\drivers\hidbth.sys
12:48:28.0523 0x003c  HidBth - ok
12:48:28.0543 0x003c  [ CC4A07E51D89575CAB6F4EB590D87CD4, DFB4EAF0923EF9FF6C42EDD1EA5E4025F243C9BE2D03D5423FE8A897DC01D657 ] hidi2c          C:\Windows\System32\drivers\hidi2c.sys
12:48:28.0551 0x003c  hidi2c - ok
12:48:28.0580 0x003c  [ DC96F7DACB777CDEAEF9958A50BFDA06, 7CE79F32D5EE65C0178CFF56523825D3EE01095B2CE8C67634A6604A821A9086 ] HidIr           C:\Windows\System32\drivers\hidir.sys
12:48:28.0582 0x003c  HidIr - ok
12:48:28.0605 0x003c  [ FAC37D7B3D6354A5A5E19A45B50B4008, 2962B552A1DA545DFDEF0886582E82596FE8A3A19AAF989B025AFDA84D16D4EC ] hidserv         C:\Windows\system32\hidserv.dll
12:48:28.0607 0x003c  hidserv - ok
12:48:28.0648 0x003c  [ 012C354B4AB48E9A7A657DF39E3A2073, B15D0089CE509FF1CF73DFE095425C1C99FC3971622DCAAD9CAEB989A12A4FDB ] HidUsb          C:\Windows\System32\drivers\hidusb.sys
12:48:28.0655 0x003c  HidUsb - ok
12:48:28.0688 0x003c  [ 43F884B61A24377567CD0FEB35236334, B3BA36B527C8D6D83DE2FBCD8D503B87FD2611BF15B07A7BC138DC8BAE6A50C1 ] hkmsvc          C:\Windows\system32\kmsvc.dll
12:48:28.0692 0x003c  hkmsvc - ok
12:48:28.0726 0x003c  [ 33DFC14DFDCCFA7AA10E392F6A8EC1CF, E6967F3F465C6E903221BC0FCBAE7D05FD18C0BF110D929335F5935364B3C1BC ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:48:28.0733 0x003c  HomeGroupListener - ok
12:48:28.0758 0x003c  [ E0D9F6FE18FA7F53ADD29AF719CE2B7E, B965DCC72625188F3B896CB447B7696F22687266EAFC5AA270E2AD53DD9F324D ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:48:28.0767 0x003c  HomeGroupProvider - ok
12:48:28.0784 0x003c  [ 64DB7A8D97CA53DCCF93D0A1E08342CF, 02CAB7F28D3830C482683425C60044239C6F1562556688A274CA2C237C846E76 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
12:48:28.0787 0x003c  HpSAMD - ok
12:48:28.0839 0x003c  [ F4A91D985EB9D1D2717D538F3424603C, 454AD2FF3A7963B9835AEF300F6672F92D0CCF59593BA2CCC83F0EC1446BB659 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
12:48:28.0859 0x003c  HTTP - ok
12:48:28.0873 0x003c  [ 2A98301068801700906C06649860FE94, 664394A52326289DCA0828B0041A105653F4FEF3E3DCCC3787AAE0F6FDC73A14 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
12:48:28.0874 0x003c  hwpolicy - ok
12:48:28.0895 0x003c  [ DC76901D82097C9E297F20C287CB9A27, 01A412D0D8A65050BE4250A7C4B9F98A4C43FD891827761E0C830369A5F9F09C ] hyperkbd        C:\Windows\System32\drivers\hyperkbd.sys
12:48:28.0896 0x003c  hyperkbd - ok
12:48:28.0910 0x003c  [ 716413AB3CA12DE0A7222D28C1C9352C, B82B586BD9DBD70DDA19A02504E8CB00DA53677703AB848B53387601C5BAD3D3 ] HyperVideo      C:\Windows\system32\DRIVERS\HyperVideo.sys
12:48:28.0911 0x003c  HyperVideo - ok
12:48:28.0928 0x003c  [ C9E9CBF73AFFBFE3E801EFB516787BA3, 1A850D614BDA6AA4195CC657702BC6242BA51B90131717743182AA160F65E72C ] i8042prt        C:\Windows\System32\drivers\i8042prt.sys
12:48:28.0932 0x003c  i8042prt - ok
12:48:28.0960 0x003c  [ 5E394EBD26FD68AA9300332C46BEDD62, 56A5DA7CE08C07B519E55D0A46AA9D10B640349808EFE02B3278267B75B5F603 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
12:48:28.0968 0x003c  iaStorV - ok
12:48:29.0062 0x003c  [ ABEFA4BD23329FD9BD47496BF2E58774, 9689D4C6380735EE1CC7F480696CDDC229E0FA511942AC813314D353584D82DD ] IconMan_R       C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
12:48:29.0129 0x003c  IconMan_R - ok
12:48:29.0202 0x003c  [ A48928D4CCA6F8B731989DB08CF2C0AB, DDAEF30F16B65439D44096D97976D94EEE82240A375078930E921523E147732E ] IDSVia64        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\IPSDefs\20130802.001\IDSvia64.sys
12:48:29.0214 0x003c  IDSVia64 - ok
12:48:29.0228 0x003c  [ 24847A06B84339FEEDE5CABF3D27D320, 7727B1DAD0D4A1D474FBBEFCEBDF36A1F07D1AA300869AE57A24ED91BF84B6B4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
12:48:29.0230 0x003c  iirsp - ok
12:48:29.0295 0x003c  [ E455C83E029121270BED73CDAC381F37, 433D525C19DBF26FAC28853C606C872D973104842B0EF1B2BF2EAC85457E2953 ] IKEEXT          C:\Windows\System32\ikeext.dll
12:48:29.0330 0x003c  IKEEXT - ok
12:48:29.0456 0x003c  [ F1A3ECE3809AF333810ED0A872200226, BF1CC3EE64A9BDE41A5139A56016DE79DB87212D130B6024A03206CFCF65AC72 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
12:48:29.0559 0x003c  IntcAzAudAddService - ok
12:48:29.0587 0x003c  [ 4F37726CF764CA18A8A84F85EF3A7F24, 6212B23917526E127CE641A11A58DA93651FFE70829C4079FE465DBDC81CF470 ] intelide        C:\Windows\system32\drivers\intelide.sys
12:48:29.0589 0x003c  intelide - ok
12:48:29.0605 0x003c  [ E15CDF68DD73423F15D4AC404793AF0D, E2D0136AF68D1A73EB3A63C83284B4661222CB0A4AFACCF276CB57CBD4850287 ] intelppm        C:\Windows\System32\drivers\intelppm.sys
12:48:29.0609 0x003c  intelppm - ok
12:48:29.0624 0x003c  [ 8FCA66234A0933D796BB780B7953BAB9, 7DD677F5EE09A8D7A75C9E475B5E6B3DCA49D1E846C7D160B839D7029B1C5B6D ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:48:29.0627 0x003c  IpFilterDriver - ok
12:48:29.0670 0x003c  [ C217B8D2E58C57A319B16125C3D4B69C, 905BB858E1782BD08FF080A4A604CE662440A15601B178FBD30269C306C04CCF ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
12:48:29.0689 0x003c  iphlpsvc - ok
12:48:29.0707 0x003c  [ 6E98A046A12AA113F8898AA5D612BD6E, 28816CC1F03F2BFBF099C087C0BB6949E959F44C888DD2D0528FF7ED5D665ECF ] IPMIDRV         C:\Windows\System32\drivers\IPMIDrv.sys
12:48:29.0710 0x003c  IPMIDRV - ok
12:48:29.0727 0x003c  [ 3969B9C218DD3FAA9F4ED2FFC3651C02, 93447F124CC55FB17055126432194153E1BB8F0FD95A47608494B6834A5F7089 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
12:48:29.0732 0x003c  IPNAT - ok
12:48:29.0764 0x003c  [ F7ED08D4BC89D7AC6135C1556A89157F, 8F15F1E528F6513FCEF5D966880CBA8A2C7A4816393393F4B201CDD6227F36A3 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
12:48:29.0777 0x003c  iPod Service - ok
12:48:29.0793 0x003c  [ 25CD7C4BB2863FFC2B0B311F0AEBF77C, 4099BAA2DB4ADB93B878D71E241B7D9EB7E0EE7ED0FE2450CCB9E4718B3726EB ] IRENUM          C:\Windows\system32\drivers\irenum.sys
12:48:29.0794 0x003c  IRENUM - ok
12:48:29.0815 0x003c  [ D940C5BB9DC92E588533C19ABCC3D2C2, D1442854CEDE86F2C187A35851E74C873D34B772C60BC118FA1577F79C03364D ] isapnp          C:\Windows\system32\drivers\isapnp.sys
12:48:29.0816 0x003c  isapnp - ok
12:48:29.0857 0x003c  [ 69C8BF0BC2B0EA10F130F4D3104DC2EF, 8FFF92828C3DC20F0F42C42E58A03B59A4E0187963F728DC618C9595FB2D0239 ] iScsiPrt        C:\Windows\System32\drivers\msiscsi.sys
12:48:29.0864 0x003c  iScsiPrt - ok
12:48:29.0884 0x003c  [ 8FBD94B69D6423E20ABCD59D86368B21, 218EF992095E365EC917413749856A64D55D8129D77098E24D670843233377F4 ] kbdclass        C:\Windows\System32\drivers\kbdclass.sys
12:48:29.0886 0x003c  kbdclass - ok
12:48:29.0905 0x003c  [ E88C932ABDF8185A62C8F2FC7B051FB6, 67F9AF58237A11F0BF3D15AA5B32E5CE66B7AA039B999D938F7F6E63DCEA7A6E ] kbdhid          C:\Windows\System32\drivers\kbdhid.sys
12:48:29.0906 0x003c  kbdhid - ok
12:48:29.0921 0x003c  [ FB6C185092E18011EF49989425C2AA87, 043524409E0A764201DD221C48B7DEEA0D161945EB37D4B88313BAB2299949DF ] kdnic           C:\Windows\system32\DRIVERS\kdnic.sys
12:48:29.0923 0x003c  kdnic - ok
12:48:29.0934 0x003c  [ F702AB6181513303AB0FC8D59E52708B, D46939B9F672269E65C98606A573C849C4AF5A26E4E75D3A8FE56A65B3A6EA08 ] KeyIso          C:\Windows\system32\lsass.exe
12:48:29.0937 0x003c  KeyIso - ok
12:48:29.0989 0x003c  [ DFA480F6DED551464F3A5B959F437800, C07AB6F28A09FCBE11EECAD03B06CEAE1016EC24031FCA0C092639E90FBA84CF ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
12:48:29.0992 0x003c  KSecDD - ok
12:48:30.0009 0x003c  [ 127FB0AAD232BAAD2C9BBACD374F4FC5, 3BC56F6B4374062C96149D69ACE053DF81A278F0361599F5A2F3DB1F76F0AD68 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
12:48:30.0014 0x003c  KSecPkg - ok
12:48:30.0022 0x003c  [ 81492FEEBF2F26455B00EE8DBAE8A1B0, E33AA2DFB2D3BB30B02CDADA2EC290F86329DA3198327A653F39A843D86390B9 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
12:48:30.0023 0x003c  ksthunk - ok
12:48:30.0061 0x003c  [ 5825DBACEDC3812B5CF8D40B997BF210, 1C2997BCC707C1029B21876E093038CE3BBF6E6694B4CCF7EEDD47172ED9A541 ] KtmRm           C:\Windows\system32\msdtckrm.dll
12:48:30.0071 0x003c  KtmRm - ok
12:48:30.0102 0x003c  [ 256EE31588257E8A555DBFAA13F1908E, B6817F632EDEA483E35BF26846DCDD4E95E860620959179B2A5D8AD7EEDDB126 ] LanmanServer    C:\Windows\system32\srvsvc.dll
12:48:30.0111 0x003c  LanmanServer - ok
12:48:30.0131 0x003c  [ 16650912BE5A94B40E0B3B4C39652B56, 908C2C9367AE0AC9AECB5D91514BB33ACD746D99F19C1A8DD6A9550E9CAD9E00 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:48:30.0138 0x003c  LanmanWorkstation - ok
12:48:30.0155 0x003c  [ CEEFD29FC551F289810B0B9381B321DC, 900F206B487B2190D9363F28AA4BA0CD7DCFE1D005BE05A48AF74B1B81194691 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
12:48:30.0157 0x003c  lltdio - ok
12:48:30.0183 0x003c  [ BCF53485E0A94722CDE3C4A93CD8EB8C, D24E1066EB102245A89A5D17D608DB9DF6B71C99F1C77E070B95EFD17D268141 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
12:48:30.0191 0x003c  lltdsvc - ok
12:48:30.0198 0x003c  [ 5A2F7F1CBC2E631A497DAD16164E06D2, 35274FC6C386380B01B5E8F467E71A2C4E2FB2AD701554F9B1A9B036B0340142 ] lmhosts         C:\Windows\System32\lmhsvc.dll
12:48:30.0200 0x003c  lmhosts - ok
12:48:30.0222 0x003c  [ 022CDD12161B063D7852B1075BF3FFF2, E21267243AF2FC208D27E67827B1264A762C99AECEDB7AD2C48A04F421A6B2F0 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
12:48:30.0226 0x003c  LSI_SAS - ok
12:48:30.0238 0x003c  [ 07AD59D669B996F29F91817F0ECFA34F, 026F332F862D142BFFC9D169CCD17A35BFB6B301EEC72AA13E16369B3520919C ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
12:48:30.0241 0x003c  LSI_SAS2 - ok
12:48:30.0249 0x003c  [ 216FB796AA4E252ACCE93B1BCB80B5EC, 5B1E49B5F7B9C7A778198D27F8EE500FE35DC32D40B22A3D6ED67560BEB04212 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
12:48:30.0253 0x003c  LSI_SCSI - ok
12:48:30.0261 0x003c  [ 5E80530AF37102488EE980B4A92AF99F, 364E18EAD9AC22F8A306B24C6C43E58224F6BE2744EFEAA2484696B8D9880851 ] LSI_SSS         C:\Windows\system32\drivers\lsi_sss.sys
12:48:30.0264 0x003c  LSI_SSS - ok
12:48:30.0296 0x003c  [ A57BA284F5996FFD32DCDBC41A4657DB, 2106B83873A824BC83EF42FAC9DD9A0F741209535A84AE65EA8E786519920043 ] LSM             C:\Windows\System32\lsm.dll
12:48:30.0307 0x003c  LSM - ok
12:48:30.0328 0x003c  [ 2BDC5D711FA61307CE6190D47C956368, 6BCDC6CBB9783F1ABE8957BDA94AF977DFB2A310BB6D19085EFC8609C97FD180 ] luafv           C:\Windows\system32\drivers\luafv.sys
12:48:30.0331 0x003c  luafv - ok
12:48:30.0340 0x003c  [ 9B0D829C3BE4E7472DB9DD2B79908E3C, ACED5806FFF39E84007B5A3DCB16315329DC53007F46B1BEEDC391CC659F7DD3 ] megasas         C:\Windows\system32\drivers\megasas.sys
12:48:30.0342 0x003c  megasas - ok
12:48:30.0363 0x003c  [ ECC3F54C7AFC318271C4F0B4606D8DB0, FD1ACB18B8C912C7A57DABCD5460800DD0721A82E09C8D79C47B3392D61CBEA6 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
12:48:30.0372 0x003c  MegaSR - ok
12:48:30.0394 0x003c  [ EEE908BE7143FCA48CF0CB87214E2AB8, 4F9BD299F559DD36DBD93489CFAA753F236FBB70946E034D2E2260059AE20962 ] MMCSS           C:\Windows\system32\mmcss.dll
12:48:30.0398 0x003c  MMCSS - ok
12:48:30.0405 0x003c  [ 780098AD5DA8A4822E2563984C85EF7B, 29312970774E944B5ED388316CF3D350DCABF721F9695737B0AC56BE878B0446 ] Modem           C:\Windows\system32\drivers\modem.sys
12:48:30.0407 0x003c  Modem - ok
12:48:30.0436 0x003c  [ EA8EAD3F5B762F889CC7F3966625B48B, B701A42E5E08B7BC6601560446146803182E5DC631AB73E9408F19CB6432F121 ] monitor         C:\Windows\System32\drivers\monitor.sys
12:48:30.0437 0x003c  monitor - ok
12:48:30.0447 0x003c  [ 618446B98C79776654340CE27C73485E, EFE7169FDD545933B5949DA2D09266971C0C3E6894E7BD8AFE29E41567C72B16 ] mouclass        C:\Windows\System32\drivers\mouclass.sys
12:48:30.0449 0x003c  mouclass - ok
12:48:30.0467 0x003c  [ C0ADEBED913295803B579ED288936CBB, 58F71541166D1DA07C18FBD27458D55E3F8AD7291CB7496B3A2F01372A5B0CAE ] mouhid          C:\Windows\System32\drivers\mouhid.sys
12:48:30.0468 0x003c  mouhid - ok
12:48:30.0482 0x003c  [ 89D263DBF08119CE16273991C120D6DD, 9771EDAD266F0E234E71DFB6792F396710E051F2ADCA5CDADEBBD2790D0E6054 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
12:48:30.0485 0x003c  mountmgr - ok
12:48:30.0526 0x003c  [ 4CCBBD4944777CA100B9A6C2F149A46F, 7FC172FAF8266BFBBBBAD94FD67EA3C1872F5927DC3900A9A54DB2DFE34E7415 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
12:48:30.0537 0x003c  mpsdrv - ok
12:48:30.0604 0x003c  [ 9DE3341BD4E14BC5FADFCAD3019F2D0D, 37E0531EADABC6D4BCC496826651D4D14CF0D10156FF13C11BDE466084B44FF4 ] MpsSvc          C:\Windows\system32\mpssvc.dll
12:48:30.0622 0x003c  MpsSvc - ok
12:48:30.0649 0x003c  [ 3D70147F55F1EC84EB9139ED7FFE48BC, 12429C2FDDDA13815F0E18F9009011AA5360955759A23A38175543F480CB92EF ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
12:48:30.0653 0x003c  MRxDAV - ok
12:48:30.0688 0x003c  [ 93179D48066918323628CB016D8C94DC, FE110BF7A10EDD1DF7F6B933D373FCA51F37413282EBC4187E7C9B1965186BCC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
12:48:30.0696 0x003c  mrxsmb - ok
12:48:30.0717 0x003c  [ 06D5F2FA3C61E8EA91648EA8E9F99FD3, C665B7896501D42C73955F4EAF4FA3C6B2C9286957D6023C235AFBF9BFB761C6 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:48:30.0724 0x003c  mrxsmb10 - ok
12:48:30.0741 0x003c  [ 5C7DD2E5759FFCCD2C7341C1B90F2B26, 9822FA53E6067C0E39B7A3A3F1E88719D5D8B055D86FF894F0475B158289EA45 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:48:30.0746 0x003c  mrxsmb20 - ok
12:48:30.0766 0x003c  [ 98487487D6B3797CA927E9D7B030AE13, 05840AF0DD2E3CB596DA768DBD0728B52210EC05B55AB5921E697AD8956938DD ] MsBridge        C:\Windows\system32\DRIVERS\bridge.sys
12:48:30.0772 0x003c  MsBridge - ok
12:48:30.0812 0x003c  [ A592A054D78750B4D73ABAA4C94DECDF, 40B135C9F9EE698EC78BD19BD18353AE2CF4D020DDB9CFC37CD2FDBF7602614A ] MSCamSvc        C:\Program Files\Microsoft LifeCam\MSCamS64.exe
12:48:30.0816 0x003c  MSCamSvc - ok
12:48:30.0837 0x003c  [ 4A07458EB4F17573BD39F22029A991C1, 74D7A1882EA4D19B8F090C2813489E5D3F759BF4AF2D88AE852EC6510C405B5E ] MSDTC           C:\Windows\System32\msdtc.exe
12:48:30.0842 0x003c  MSDTC - ok
12:48:30.0872 0x003c  [ 3886F1F2A4D2900ABAA7E4486BEEE6A2, ECCA22985838A914EDC866C491DEB64B9FF5110EFA9BEE541F634AC5EC3081F9 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
12:48:30.0874 0x003c  Msfs - ok
12:48:30.0892 0x003c  [ C32A7A39B960A42BA9D4FBE47213CA03, 4DA48587138972DA5E95AEDBBBE73BA8CCADC8172C6654427ABEAC8047B27E95 ] msgpiowin32     C:\Windows\System32\drivers\msgpiowin32.sys
12:48:30.0893 0x003c  msgpiowin32 - ok
12:48:30.0907 0x003c  [ D3857A767B91A061B408CCAB02DA4F40, A4D780772086AD8717EE6DC2B6189F796939FB5E5AA08FD9D1984101998FBECF ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
12:48:30.0908 0x003c  mshidkmdf - ok
12:48:30.0918 0x003c  [ 839B48910FB1E887635C48F3EC11A05E, F8CFD99911500CC1B6A90C8E2A1697BD5A6E5776A62A62FE5B342FE204C936B1 ] mshidumdf       C:\Windows\System32\drivers\mshidumdf.sys
12:48:30.0919 0x003c  mshidumdf - ok
12:48:30.0926 0x003c  [ 55C0DB741E3AB7463242B185B1C2997C, D2E2A5B48A64EA0EC2A6566C08E65A38D11CEA64BCA7B57793BA0D009E4D974A ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
12:48:30.0927 0x003c  msisadrv - ok
12:48:30.0953 0x003c  [ 216C6B035A4BA5560E1255BD8E5BB89F, A14E038604B9A5506DB145A4D9F51E2751AC825240D2744924F39C332B5DE00B ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
12:48:30.0958 0x003c  MSiSCSI - ok
12:48:30.0965 0x003c  msiserver - ok
12:48:30.0984 0x003c  [ 509809566E49F4411055864EA8D437CD, 70F37BF9C759E8BCA1C6AC8FB9805950925E1C648ED37E8561A0F7A407DFDC28 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
12:48:30.0986 0x003c  MSKSSRV - ok
12:48:31.0001 0x003c  [ 63145201D6458E4958E572E7D6FC2604, EDD4A8A3BBE94B983554B1117734E66A2647B867269C5F0567C47EDE6F3FACCB ] MsLldp          C:\Windows\system32\DRIVERS\mslldp.sys
12:48:31.0004 0x003c  MsLldp - ok
12:48:31.0022 0x003c  [ 99D526E803DB6D7FF290FD98B6204641, 4AFAA3B1186621AEAD19E12D3DBE104DD8FCD5C106F9EC3ADA4AD1BC7093E61F ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
12:48:31.0023 0x003c  MSPCLOCK - ok
12:48:31.0037 0x003c  [ 06FA77C3E2A491ADCD704C5E73006269, 465A7EE5387E6C11398A554F73437278F5BF110356E7F49F315905C1F2459278 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
12:48:31.0038 0x003c  MSPQM - ok
12:48:31.0067 0x003c  [ E134EC4DE11CF78CB01432D180710D84, BB111F97AEEFDCA5866B157E9957599CD7A4952B5BCCA0B0BCA9EDFCD17E61FE ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
12:48:31.0077 0x003c  MsRPC - ok
12:48:31.0110 0x003c  [ B5AECF12F09DEE97C9FCAA5BA016CE1E, F5305C4CE6C93A3A3481BD13BE0C23FE26571E11029ACFFE75FB78913681FCFC ] mssmbios        C:\Windows\System32\drivers\mssmbios.sys
12:48:31.0112 0x003c  mssmbios - ok
12:48:31.0118 0x003c  [ 72D66A05E0F99F2528F6C6204FD22AA1, B14D433BC5795F1DC4C672302285E665DC012693E75574F60664AAD8874DE562 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
12:48:31.0120 0x003c  MSTEE - ok
12:48:31.0148 0x003c  [ 8AAAE399FC255FA105D4158CBA289001, 2F55C02605B4A3406B289FF9D46C76260B9138E3DE96AFAEA0E0522E5A2A746C ] MTConfig        C:\Windows\System32\drivers\MTConfig.sys
12:48:31.0149 0x003c  MTConfig - ok
12:48:31.0164 0x003c  [ 3BCB702F3E6CC622DCAFCAA45D7CDE0A, 00D33A4AB3E7C5F65F59C63F8E2FD27EF38D5484595F785D5632E9414E29352C ] Mup             C:\Windows\system32\Drivers\mup.sys
12:48:31.0166 0x003c  Mup - ok
12:48:31.0183 0x003c  [ 3A1E095277BBD406CEA8EA6B76950664, 47838F307A6354E77C19A7B1F3F3E22726EF60403B611F358AD6FFE81D7214E7 ] mvumis          C:\Windows\system32\drivers\mvumis.sys
12:48:31.0185 0x003c  mvumis - ok
12:48:31.0232 0x003c  [ 4B18840511D720BA118D3017E8165875, 724458A69269A5AE57E8DAB74FF3C198A79B6F7A9602BF38A70B4A40543ED167 ] napagent        C:\Windows\system32\qagentRT.dll
12:48:31.0243 0x003c  napagent - ok
12:48:31.0270 0x003c  [ 43D7388A90A4C6EA346A4D6FF0377479, DFDCFA448B49C8A577056070AF516F08CD2E452706A3CF9173195ABA4256F35D ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
12:48:31.0280 0x003c  NativeWifiP - ok
12:48:31.0336 0x003c  [ 934BB0D23A25C8C136570800A5A149B6, 15D99CE4E970FECE257F6D69810F8104720B26D8DC3787BC38CC8692ACEABD37 ] NAUpdate        C:\Program Files (x86)\Nero\Update\NASvc.exe
12:48:31.0350 0x003c  NAUpdate - ok
12:48:31.0386 0x003c  [ 56540E526B46E379A476FB5BC381B290, AE58FEC06BEB4512443B73423AA918767E5CEEC5C88E97108F9123CE7D60B300 ] NAVENG          C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\VirusDefs\20130803.004\ENG64.SYS
12:48:31.0391 0x003c  NAVENG - ok
12:48:31.0461 0x003c  [ 8A19D3991F9F14B885CDE8BC640F6B68, 6252CAB876E0B3DE99F7CA6FF6A1085F23A31111459D05F286D8C77BCE8AEC02 ] NAVEX15         C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\VirusDefs\20130803.004\EX64.SYS
12:48:31.0521 0x003c  NAVEX15 - ok
12:48:31.0553 0x003c  [ 6A0C3996DA7DAE6D6939676D786EEEC4, 6E8A4C6234FD3040BC889E92016A4D5AC7BCAF5059521E50C733966163A546A0 ] NcaSvc          C:\Windows\System32\ncasvc.dll
12:48:31.0558 0x003c  NcaSvc - ok
12:48:31.0571 0x003c  [ C982FE4CC91DECE2259F494FCEB4030F, 4C285407E6F9FBBA92180F4063AEFB736ED142D802F0151002F0CC20AB7BB4E5 ] NcdAutoSetup    C:\Windows\System32\NcdAutoSetup.dll
12:48:31.0574 0x003c  NcdAutoSetup - ok
12:48:31.0621 0x003c  [ A10E176F3B2BF83EDE7B5C4658C93B66, 42F2FAEB4A29BBC6727D7E159D3E7E2E66D33785E5C98496EEB44D281601A23E ] NDIS            C:\Windows\system32\drivers\ndis.sys
12:48:31.0642 0x003c  NDIS - ok
12:48:31.0661 0x003c  [ 39C8A1D9D46F5E83A016BCAB72455284, 80DBED610E0818C2C7122FBC5BC8C15BCE981538AE48DC48F464A86389AF3F68 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
12:48:31.0663 0x003c  NdisCap - ok
12:48:31.0682 0x003c  [ 762941932B7E4C588E48A577BA9D6440, 71FA1870E398CB848D8294FEF6C60E0499CAB9A16EC3F487564C41072590E4F3 ] NdisImPlatform  C:\Windows\system32\DRIVERS\NdisImPlatform.sys
12:48:31.0686 0x003c  NdisImPlatform - ok
12:48:31.0728 0x003c  [ 7A6F8A6D0E01432EBA294EF29CDD0FA7, D902AE15194A9F8A2198914FC76184FE7E2B589747275952A04A52853128FDB8 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
12:48:31.0729 0x003c  NdisTapi - ok
12:48:31.0747 0x003c  [ 79AB68BB3FFF974AD4F41FA559F4EC67, 1745EC6520B48E325C56D98A1F4DB9CE135FE3E097B3D66E6598791132CAD7BD ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
12:48:31.0750 0x003c  Ndisuio - ok
12:48:31.0772 0x003c  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8, D51FEF198F74FDF583826E259E4736F51CD49908194104677889FD135EEC2EBC ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
12:48:31.0776 0x003c  NdisWan - ok
12:48:31.0784 0x003c  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8, D51FEF198F74FDF583826E259E4736F51CD49908194104677889FD135EEC2EBC ] NDISWANLEGACY   C:\Windows\system32\DRIVERS\ndiswan.sys
12:48:31.0790 0x003c  NDISWANLEGACY - ok
12:48:31.0806 0x003c  [ 3730942D7DB2F8BB5F84542B7FF6F650, 89C9D7D7305205BDB304CE6DA7D1A57EDE86A9D77429698802A39D75EB78CAAB ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
12:48:31.0808 0x003c  NDProxy - ok
12:48:31.0826 0x003c  [ D3F60A4345FCA9C1BE68AD7D0D6DE770, 214AF09F4B021C2F8655FBC8AC8C801E89CD9115CDE690FAEBDA69D63D660EDD ] Ndu             C:\Windows\system32\drivers\Ndu.sys
12:48:31.0829 0x003c  Ndu - ok
12:48:31.0839 0x003c  [ 7C203A76394F9AE68F69EEE5F9612C4A, 2222654915913BDC9367A2075714906A10CF22C047A7494CD59CB71834ED1B62 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
12:48:31.0841 0x003c  NetBIOS - ok
12:48:31.0862 0x003c  [ 7CEC25C682D319D484630B3952C31A11, 025C46B367E0570E9E3F9DF1564C3E47B1524E9E9A180BBDF0E9C684838F5E42 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
12:48:31.0871 0x003c  NetBT - ok
12:48:31.0882 0x003c  [ F702AB6181513303AB0FC8D59E52708B, D46939B9F672269E65C98606A573C849C4AF5A26E4E75D3A8FE56A65B3A6EA08 ] Netlogon        C:\Windows\system32\lsass.exe
12:48:31.0884 0x003c  Netlogon - ok
12:48:31.0908 0x003c  [ 89519D29CBEC2121CA65CC29C4D345E0, F3BA7BCAFEC8DD8B29837458D1B2B1DEE748AEAAAE0575FD3AAE65CFC72A04CD ] Netman          C:\Windows\System32\netman.dll
12:48:31.0915 0x003c  Netman - ok
12:48:31.0975 0x003c  [ 79FA9393C67EBBF92A56923592CF7A7C, A8AB8A6346B97B68810CC632F425085BE9E63ACAED0F119A7BFD03F2DA4AA5F6 ] netprofm        C:\Windows\System32\netprofmsvc.dll
12:48:31.0987 0x003c  netprofm - ok
12:48:32.0036 0x003c  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:48:32.0041 0x003c  NetTcpPortSharing - ok
12:48:32.0059 0x003c  [ 12DD2800E4EEA37DC9AE256AD62423B4, 34740469EEA8740CBACD881CB232C9ABB9AB180DE5F45336BC6DBE154259F29B ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
12:48:32.0062 0x003c  nfrd960 - ok
12:48:32.0105 0x003c  [ 1BF9D6476061B31CD7FC2BF848529A56, 95B585543240E823D7850ADEEEA7A4738EF9E18A4B07D921F145F6EF466F0271 ] NIS             C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
12:48:32.0108 0x003c  NIS - ok
12:48:32.0143 0x003c  [ 80ABCD4C2DE9FD832477303AE0CA3BE5, 98F3958E650CEB1006D92980503E1B176D2CA55D2A6742C1C27CDE829D137DA9 ] NlaSvc          C:\Windows\System32\nlasvc.dll
12:48:32.0153 0x003c  NlaSvc - ok
12:48:32.0293 0x003c  [ 9B70CE32DD84A674B100BEA37F756016, 4B52FDA1FB24B02AE149AC70F46F3605B85A2A8AC5B948260BF53A5F076A674A ] NOBU            C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
12:48:32.0395 0x003c  NOBU - ok
12:48:32.0416 0x003c  [ 17E19A742FB30C002F8B43575451DBE1, 59D226A4A5B5281C399BE96C694915E38EEAF335D31F346B0C65D8F469D7C9C3 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
12:48:32.0418 0x003c  Npfs - ok
12:48:32.0428 0x003c  [ 8ED299C30792544264E558BEA79F0947, 8A03FDA9AADB79ECBCBCDC988B7D8CF0672689C9DF673A2ECFE0D2D88A9C6A6B ] npsvctrig       C:\Windows\System32\drivers\npsvctrig.sys
12:48:32.0429 0x003c  npsvctrig - ok
12:48:32.0437 0x003c  [ 832B5FDF0B5577713FD7F2465FCD0ACE, 4A551CDBACED47DD781EC59F8B59A13D66EFD85DCF636BCFCBACFE5972A78E93 ] nsi             C:\Windows\system32\nsisvc.dll
12:48:32.0440 0x003c  nsi - ok
12:48:32.0451 0x003c  [ 689B3B1E95C70ABF7AFF29F9406EF1E0, 8B62D8AE53E1B3218158FADC0075682AB06D18998CF5DE82C920A9CD91C0652F ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
12:48:32.0455 0x003c  nsiproxy - ok
12:48:32.0579 0x003c  [ 76929F4A69E425911A63B407E26C2589, 17896DB6EDEF2637D159432DB61E8B5FA2F4F54B5F50BCD6215827C321ED2C2A ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
12:48:32.0641 0x003c  Ntfs - ok
12:48:32.0678 0x003c  [ F6F0C3C031BF8260EB687DADA0D487DD, 9788B2B0B20593B8CE33F5C9601557C342DF1BDFE46DE8CD2F198860E2367455 ] NTI BackupNowEZSvr C:\Program Files (x86)\NTI\NTI Backup Now EZ\BackupNowEZSvr.exe
12:48:32.0679 0x003c  NTI BackupNowEZSvr - ok
12:48:32.0695 0x003c  [ 64DDD0DEE976302F4BD93E5EFCC2F013, 19F54B4549999EF96FAE1B2B97973F281304843ADE0CF5823574453AB41E3E9C ] NTIDrvr         C:\Windows\system32\drivers\NTIDrvr.sys
12:48:32.0696 0x003c  NTIDrvr - ok
12:48:32.0711 0x003c  [ 4163ADE07DB51843AE31F65B94F5398D, 4349E7EF1EE1E71E1F436BA42F5B58871D82B987D513BA2D6E1CEB8A21BD1B20 ] Null            C:\Windows\system32\drivers\Null.sys
12:48:32.0712 0x003c  Null - ok
12:48:32.0733 0x003c  [ D6D34118263412D3AAA8348A9572B7F2, 66106A25BC5A4CA7697A23ED67CEDB5C0BF678EA70FD967A405D2DF76F4CA3A4 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
12:48:32.0738 0x003c  nvraid - ok
12:48:32.0749 0x003c  [ 27AFC428D1D32ABD04A86763A4EDDEA9, 0920866013A8C8CFEE00E6AECDD41736F5501C49837E2D785998734F087F6B98 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
12:48:32.0756 0x003c  nvstor - ok
12:48:32.0768 0x003c  [ 051CFB5107BAAE510419BDC41F8C4036, 9990906F17A3886EF301D2AA6556263B52A1C0554C6BD18331AF44ECECAEE4B5 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
12:48:32.0772 0x003c  nv_agp - ok
12:48:32.0863 0x003c  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
12:48:32.0872 0x003c  odserv - ok
12:48:32.0974 0x003c  [ E7D8C7748AAED52F1700D048A0087158, 3DD1652460C3AC9809A01DFC39326614C738CBF8196AC1DB73D88231EB860C90 ] OfficeSvc       C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
12:48:33.0006 0x003c  OfficeSvc - ok
12:48:33.0053 0x003c  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:48:33.0057 0x003c  ose - ok
12:48:33.0083 0x003c  [ AB76700D764A342D7475FB8F47CAB18C, ECDF705D3E69EF6E7044C98A462A7281D0E7D0D85769C0815555D934B0B69C8D ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
12:48:33.0093 0x003c  p2pimsvc - ok
12:48:33.0124 0x003c  [ 4319FD931DCD796435ECB5DB4A04FBA5, 20185B2F359EEC202B37019A4E4F5B914ADCF78B97AF0CBD91EECED2259FC6DE ] p2psvc          C:\Windows\system32\p2psvc.dll
12:48:33.0134 0x003c  p2psvc - ok
12:48:33.0155 0x003c  [ 4563DAF8C6A740AD7F501E219BD10766, 7A1212DDAE2D66A9C2041262796904E36036CDC4C5B75C2F66B8DF9D89F7C25D ] Parport         C:\Windows\System32\drivers\parport.sys
12:48:33.0159 0x003c  Parport - ok
12:48:33.0187 0x003c  [ D6ACCF9F2EEEEA711C14EFD976E573F3, 60D2A81832A8D24F91C3EF134440D5026354917F59462BACBCE7A01D84767D91 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
12:48:33.0190 0x003c  partmgr - ok
12:48:33.0227 0x003c  [ 4811D9EC53649105A5A8BEA661B0F936, C77907E03D0561500FCFEAFAC323E9679E66297329901A0CA2BD7E919419A8E8 ] PcaSvc          C:\Windows\System32\pcasvc.dll
12:48:33.0236 0x003c  PcaSvc - ok
12:48:33.0257 0x003c  [ 4A003E8F718C1E6A2050CA98CD53E3E2, BCC3BE1EC3FA4967353371D85094D096940A7B5944A6FFCA31E8FBE83D92CC6C ] pci             C:\Windows\system32\drivers\pci.sys
12:48:33.0264 0x003c  pci - ok
12:48:33.0280 0x003c  [ F9908D274D458220F91E89B54D78D837, 1E89ABFA6B375383E0297CEE5AF66E37F90E16DD21ABA5C91777A86CDF013B4D ] pciide          C:\Windows\system32\drivers\pciide.sys
12:48:33.0281 0x003c  pciide - ok
12:48:33.0304 0x003c  [ 84D19CB6102627932DCB5DFDF89FE269, 2F9C47E076645B35877D9ACA77968EFFCDA8794D76265CD9A4AAA239C4B33C5F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
12:48:33.0310 0x003c  pcmcia - ok
12:48:33.0347 0x003c  [ CEBBAD5391C2644560C55628A40BFD27, 8AAA6EBD8D89FC91AECCCF1452F53C5650A1A17027FF4E64D224371404CE4C8B ] pcw             C:\Windows\system32\drivers\pcw.sys
12:48:33.0348 0x003c  pcw - ok
12:48:33.0389 0x003c  [ 0698DEDEAD6A00AD0D468C687D830FBF, B9DCA1A61F2EF80DB26380F390F2E9A17114D33129D61CF465B949B6A7916CAA ] pdc             C:\Windows\system32\drivers\pdc.sys
12:48:33.0392 0x003c  pdc - ok
12:48:33.0428 0x003c  [ 61FE70659CD43E07F94DA4DC31DEC493, 3739B6670B440173FD81DE3D47B0B90FAF296802AD4F57C05BF5CF191BF16022 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
12:48:33.0444 0x003c  PEAUTH - ok
12:48:33.0521 0x003c  [ EB88FA19F0EA05DD04BE9C5FFEEFFE1A, 459CF99D5243C4ACAA38C7B426ADC52F1044C759D06A925D475DF6213AEB85CD ] PerfHost        C:\Windows\SysWow64\perfhost.exe
12:48:33.0523 0x003c  PerfHost - ok
12:48:33.0586 0x003c  [ 6E84BFF58F7643499277F29DFA2F8C8D, 401CCF137F35D9690C7B56B2BFEDB2DB72709EBE38626D787904B67640EF6F14 ] pla             C:\Windows\system32\pla.dll
12:48:33.0629 0x003c  pla - ok
12:48:33.0678 0x003c  [ 799BE46D45D486704CE0F37CA5385262, BB78DEE83B9DB613B1C083D55FAA458BE3E394AED80EB91B599185A7272F33B3 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
12:48:33.0682 0x003c  PlugPlay - ok
12:48:33.0692 0x003c  [ 8E2414E818C26C4A9C70CB2B8567F04F, A16B22AE143BA070C562FBE5DEF32F7E228F50B302B66E46B46C44C0F50A4461 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
12:48:33.0695 0x003c  PNRPAutoReg - ok
12:48:33.0708 0x003c  [ AB76700D764A342D7475FB8F47CAB18C, ECDF705D3E69EF6E7044C98A462A7281D0E7D0D85769C0815555D934B0B69C8D ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
12:48:33.0716 0x003c  PNRPsvc - ok
12:48:33.0740 0x003c  [ 0108C8E5176D590F242701EF5A62CC26, 3A72F5D4402663B7445F6B3C55F01E83A619B6192F7D3CC2DE3C57F9F50D5A2D ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
12:48:33.0751 0x003c  PolicyAgent - ok
12:48:33.0799 0x003c  [ F1E067F56373F11EA4B785CAE823740A, 69BD30E64DA17595FF29C9C9FF9AD4F2F4BE29B688FBAC9DABB2FA9D13A47FF0 ] Power           C:\Windows\system32\umpo.dll
12:48:33.0804 0x003c  Power - ok
12:48:33.0817 0x003c  [ 362D47E5B4D67270DE4B8606036F4ADD, 716E229C68D91AEA5B5629F60133D5CBDC0C95ABA54D9DC6264E923CAF4DC6C0 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
12:48:33.0824 0x003c  PptpMiniport - ok
12:48:33.0929 0x003c  [ 9D59831262CAD44E709D695FC9D5E7AB, F95C5475F91DA667C8D5C96253944CE8A0F2C9B1ED4DF8703E5D1D47A0C730B5 ] PrintNotify     C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll
12:48:33.0998 0x003c  PrintNotify - ok
12:48:34.0056 0x003c  [ DD979EB6A7212F60E4AFBE96EDC7AE6D, BC681D64C5B8F08FD4613D71111853FCD5B05E4BD127D2C6258BAED7627105BE ] Processor       C:\Windows\System32\drivers\processr.sys
12:48:34.0059 0x003c  Processor - ok
12:48:34.0079 0x003c  [ 429E8502AD2227CF88F8840FC5BD590D, A186DA46C083580ACEDE9C7E3156865034302CD803140EEEC8E1DE16DA4BC99B ] ProfSvc         C:\Windows\system32\profsvc.dll
12:48:34.0086 0x003c  ProfSvc - ok
12:48:34.0104 0x003c  [ EB8034147D4820CD31BFCB11A2A652DF, B10B5E16B7A05D2DB2D5D1945B6146DE15EEDE2C778772A59F104706B5145E46 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
12:48:34.0108 0x003c  Psched - ok
12:48:34.0123 0x003c  [ 0AFBF333B6F87A2F598EAB379AF100B8, D11F3A4D7E4463B62E2DBDE5FC61425B1FDFB07DD1A19BC001D479CA1F554510 ] QWAVE           C:\Windows\system32\qwave.dll
12:48:34.0131 0x003c  QWAVE - ok
12:48:34.0147 0x003c  [ 13D47BB0CCA2FC51BD15F8E85C6A078E, EA832A9511007C9E8599C3066E1FA66BE869E8A27886D9A9AC590BD4DFBD1A15 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
12:48:34.0149 0x003c  QWAVEdrv - ok
12:48:34.0167 0x003c  [ 873C60F8178100557740A832FCE10B5F, 400EF60CB2C98E2AFE122AF3D01CCE56A1548AF865345EE2194AB74DBCBF4C48 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
12:48:34.0169 0x003c  RasAcd - ok
12:48:34.0187 0x003c  [ 69B93F623B130976243ECA3D84CC99CA, F27617E651EADFAEE479619AAB01CDAA98111BA63E204D5C44A1256732CB0100 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
12:48:34.0190 0x003c  RasAgileVpn - ok
12:48:34.0207 0x003c  [ 005F6E54C4A2DA4EBF68FB0392CE8BB0, 2F3C90A04964D4D906238BD557D90F7AC05DF86FE9729C4378B39431F54DDAE3 ] RasAuto         C:\Windows\System32\rasauto.dll
12:48:34.0212 0x003c  RasAuto - ok
12:48:34.0227 0x003c  [ A14D625C5AEE5FFE0F47D1A1D419FAAE, 1229B81C23340AD5B436B1FD227876EB41715CE6BD270BA367F18879D26B8F04 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
12:48:34.0230 0x003c  Rasl2tp - ok
12:48:34.0254 0x003c  [ C923C785A2DE0B396AD6D13ACAFF2DE9, 4F950DA776FBABEC7D546983D6F3018733F61268A4BF95C01D4836AD000BD073 ] RasMan          C:\Windows\System32\rasmans.dll
12:48:34.0264 0x003c  RasMan - ok
12:48:34.0276 0x003c  [ 00695B9C2DB6111064499C529E90C042, 3CD4DF4D8001C2BBF52EEEB1F0D587209878BEAC339D268892477AD840D490F1 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
12:48:34.0280 0x003c  RasPppoe - ok
12:48:34.0295 0x003c  [ A7F24D8CD1956B0A1FDCB86CC5114DE4, 30489D235362DF62B105378597168B13F4BAC74A8EDDBDA25237E3C017B69FEE ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
12:48:34.0298 0x003c  RasSstp - ok
12:48:34.0352 0x003c  [ CA03D642ACE58E1BA54E4B383F91CD69, 39BB942603801CF11FBEA28E24F8C8D1EF2AF615D1FABF951683A015D6A6EF37 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
12:48:34.0362 0x003c  rdbss - ok
12:48:34.0376 0x003c  [ CA7DF5EC95D8DE0DD24BE7FF97369F68, 153E6F716CA935DBCACB8FF1BB8DE5F5551CE3D18878225470E45893CA69BDB8 ] rdpbus          C:\Windows\System32\drivers\rdpbus.sys
12:48:34.0378 0x003c  rdpbus - ok
12:48:34.0394 0x003c  [ B2A3AD74FF2E2FFA73AF2567108231B3, DF8CEA6215F75C634D56F6B8AE11ECCEEB5F8CBC091AC3D6D9F7DE214B00A439 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
12:48:34.0398 0x003c  RDPDR - ok
12:48:34.0434 0x003c  [ 57F4787E4602A3FCA719C0A33137C6DA, D03AE59A184EB5D126F8EAB9D36EE406ABB8B9ED834F2D2496DDB1349FF56F89 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
12:48:34.0436 0x003c  RdpVideoMiniport - ok
12:48:34.0454 0x003c  [ B3CB0721E81E30419CE7D837EF4EA151, EC9410818661BF77E4A19694E3A3030E1D983B36F49C72E27F92A1424E0729C2 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
12:48:34.0459 0x003c  RDPWD - ok
12:48:34.0485 0x003c  [ 62C1F8A0685FE07E998AA296C4F697C4, C636AB2D0F139003A6AD7A12E9DC13EE4485A62F30DA59AF842FF02FE07442EE ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
12:48:34.0490 0x003c  rdyboost - ok
12:48:34.0559 0x003c  [ 96EFEC24346A8EB1157E80523079ADDC, 7F8FC284029856C754E400B6C954369FFE27763C81D8F4AF4E58BFDD44CBC24A ] RealNetworks Downloader Resolver Service C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
12:48:34.0561 0x003c  RealNetworks Downloader Resolver Service - ok
12:48:34.0607 0x003c  [ 3663CCF243EE0C04E9F6F91ED1737273, 31D06445996F99A7F6B32004D1BA63A21C61DE125373F860BA9A9DE5278E8293 ] RemoteAccess    C:\Windows\System32\mprdim.dll
12:48:34.0612 0x003c  RemoteAccess - ok
12:48:34.0647 0x003c  [ E80DD61E52EDFFF9DA1ED7260A68855B, 97909F42AE35E28B8F98C01A1D8BAD80A949CDCA0C88FB4ACF0A655DC7C10E45 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
12:48:34.0652 0x003c  RemoteRegistry - ok
12:48:34.0673 0x003c  [ CCBFCABDFE2BC22F0645CEAADDB36004, 279EA9075079F91165027CEFD4FBC61A213CA602EE7DE106F7D2D243468706AA ] RFCOMM          C:\Windows\System32\drivers\rfcomm.sys
12:48:34.0677 0x003c  RFCOMM - ok
12:48:34.0723 0x003c  [ 73F2E030B5C24E4E41401B5F0D59E6FD, FAA8B5E3159684E0836900C6EAF63857B445F7F180169B56D5790F097EDAA38B ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
12:48:34.0727 0x003c  RpcEptMapper - ok
12:48:34.0747 0x003c  [ 10B21284B3D964AB3DC45490E57D422E, 12D5E3A7785F21C99C5EAD14A88EB7A86A058E26C091991339356D99D196CC13 ] RpcLocator      C:\Windows\system32\locator.exe
12:48:34.0749 0x003c  RpcLocator - ok
12:48:34.0787 0x003c  [ 1EC6E533C954BDDF2A37E7851A7E58FD, C25936A7465B6A2B3D05D2FCB09D91ACC07CFE038A5E968C99CFA9D9F2967DD4 ] RpcSs           C:\Windows\system32\rpcss.dll
12:48:34.0807 0x003c  RpcSs - ok
12:48:34.0829 0x003c  [ E04E770DD198B9399640717145E79EBF, 2F9BECB7E4B0A522C6370FD39CFD7DFD3FB5D0A779AECCED2EE855629FA3C952 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
12:48:34.0831 0x003c  rspndr - ok
12:48:34.0857 0x003c  [ 7291CC1B5ECA448B0B9C15E7E987A6B3, 1A61A4E5105354ABF041989044E97F1DEE356D65D77218F2DF97A4D2337177FD ] RSUSBSTOR       C:\Windows\System32\Drivers\RtsUStor.sys
12:48:34.0863 0x003c  RSUSBSTOR - ok
12:48:34.0891 0x003c  [ 0E7689F3BFD1012B0280E077402365F2, 2095F639A8B4CC98DEBD514F8A2DC8AEE7DEC39A481FC0D22B4B82C4242D01CD ] RtkIOAC60       C:\Windows\system32\DRIVERS\RtkIOAC60.sys
12:48:34.0893 0x003c  RtkIOAC60 - ok
12:48:34.0929 0x003c  [ 7D9DA8EC6784A9EE213C676709D46BE6, 9861D1EF107F7D1590B89098EAEA7F509C1EF46999C37703F3766BAD733D8AD2 ] RTL8168         C:\Windows\system32\DRIVERS\Rt630x64.sys
12:48:34.0944 0x003c  RTL8168 - ok
12:48:34.0964 0x003c  [ 752EC7DCD2F96871A3857EEE6AFE965A, 1D0640966B9147A06ED0E733711773E6B4AB8AC6D962D5B369ECB04170D18AD8 ] s3cap           C:\Windows\System32\drivers\vms3cap.sys
12:48:34.0966 0x003c  s3cap - ok
12:48:34.0979 0x003c  [ F702AB6181513303AB0FC8D59E52708B, D46939B9F672269E65C98606A573C849C4AF5A26E4E75D3A8FE56A65B3A6EA08 ] SamSs           C:\Windows\system32\lsass.exe
12:48:34.0981 0x003c  SamSs - ok
12:48:34.0990 0x003c  [ 9C7B28CE0D136DB226E24DB3BC817F92, E9DE55D6432ADD08EC75F99F2B5D2BD1F553F4EE55991B1767B1578351EE0BF2 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
12:48:34.0994 0x003c  sbp2port - ok
12:48:35.0010 0x003c  [ 14316954FCE79C9DE5A0AFF9D42C83AA, B60FB1FAC0299F9560761411711E86EDFA2F8D27B58230E2E4BB37736FAB2287 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
12:48:35.0017 0x003c  SCardSvr - ok
12:48:35.0029 0x003c  [ 5D7733A12756B267FCA021672B26BC9E, 01CE5B5F49914B9E099BD909A66296F3A40644AE47BA1D5EBFFB30CD33C70A4A ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
12:48:35.0031 0x003c  scfilter - ok
12:48:35.0103 0x003c  [ ED40ED9A65F3E79A8C43DD50C5FDADBF, 2323BFAB1BC3D661A376650B7AC14C7780C92BA575DA048F3C7611CDB3F7F04A ] Schedule        C:\Windows\system32\schedsvc.dll
12:48:35.0145 0x003c  Schedule - ok
12:48:35.0173 0x003c  [ BAF8F0F55BC300E5F882E521F054E345, FB228DB18F2FA55D8BA35A7E6778EE5D2EB0C29D384F1A0A868F90AE706188D7 ] SCPolicySvc     C:\Windows\System32\certprop.dll
12:48:35.0176 0x003c  SCPolicySvc - ok
12:48:35.0230 0x003c  [ F58B030A0664385C707B8C1C63682041, E46AADAA2CD687B9A4B564DC5B002493C8480542588E660BC3DF89EAF9DB0427 ] sdbus           C:\Windows\System32\drivers\sdbus.sys
12:48:35.0234 0x003c  sdbus - ok
12:48:35.0322 0x003c  [ 75A9CC4CC6C12A05E22443070443C4E7, 7EEE4AC72C6DA0770005A18BD884718E00C28ABC7A0423DD92D3853984E7A1A7 ] sdd Updater     C:\Program Files (x86)\SDDUpdater\updater.exe
12:48:35.0354 0x003c  sdd Updater - ok
12:48:35.0374 0x003c  [ 92968277ED491E4B3DDA361E3952361E, 71C50853BB2126A34C7CD014EE44D4B8B39F589E2E8E8E8F4C982E07498E3899 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
12:48:35.0380 0x003c  SDRSVC - ok
12:48:35.0401 0x003c  [ BB107AA9980B0DA4E19A3A90C3BD4460, BCB4CF0FFF1FD57302557B68044A88C8EEAAE57C2FEAE8EAD1F410F960298B6D ] sdstor          C:\Windows\System32\drivers\sdstor.sys
12:48:35.0404 0x003c  sdstor - ok
12:48:35.0424 0x003c  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
12:48:35.0426 0x003c  secdrv - ok
12:48:35.0440 0x003c  [ CD282626738B6BC92B6E7CD0AAE95B63, 1A56567C781786C85C63E24E79186EE5C82D3EB2679061B21BA0571A3A6CB7F5 ] seclogon        C:\Windows\system32\seclogon.dll
12:48:35.0443 0x003c  seclogon - ok
12:48:35.0459 0x003c  [ 9C51620998F0763039DFA6BF68E475ED, 9E496ADE7CE9A446BE8A2C2FC61B462D966778A94A4C147AABBD25C4821C2BCE ] SENS            C:\Windows\System32\sens.dll
12:48:35.0463 0x003c  SENS - ok
12:48:35.0479 0x003c  [ 0D50B4B860DAB65241628D04CD33ACAE, 2AA897C3F9ED076AB9244A32745D18489B076F3ED28A35B868C472131C5B5B46 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
12:48:35.0485 0x003c  SensrSvc - ok
12:48:35.0494 0x003c  [ 87C46B239A7EEF30FDFDD5E9BD46130C, F36FB5B20AC58FBD31F7E636059D2D865B751E178E51A03B94ABE0BBD1AB1EC9 ] SerCx           C:\Windows\system32\drivers\SerCx.sys
12:48:35.0496 0x003c  SerCx - ok
12:48:35.0513 0x003c  [ 7A1F9347C85FD55E39B8A76B3A25C5AD, 03AF3B23285278A38F4CBEAB7FD326A48FA1EC7F8D044C059CE5403C6D225639 ] Serenum         C:\Windows\System32\drivers\serenum.sys
12:48:35.0517 0x003c  Serenum - ok
12:48:35.0527 0x003c  [ F640A0A218BBF857F1D04A15D7D939F6, 948C13886281FE7947E10FB7B34D5CCFE512FB632F1132B6062AC85149F79950 ] Serial          C:\Windows\System32\drivers\serial.sys
12:48:35.0531 0x003c  Serial - ok
12:48:35.0538 0x003c  [ F1A5F56B2620B862CC28FF96A0A6DAAB, E5367212B2CADF3820D657CFC27CD961547E28DAB950C68E1380CF97FB68F3F4 ] sermouse        C:\Windows\System32\drivers\sermouse.sys
12:48:35.0540 0x003c  sermouse - ok
12:48:35.0580 0x003c  [ CB60A60340788C8D6DE2A269D28086AB, 2D8948E59BB9B00E16D20E425F80E7B862957DBAC9A4D1484E5191FAF333B60D ] SessionEnv      C:\Windows\system32\sessenv.dll
12:48:35.0590 0x003c  SessionEnv - ok
12:48:35.0607 0x003c  [ 7EE65419B29302C795714FF8073969A1, E28D89A5423E3A5062030EB2418E9435DD5D8B9D16570046E782D3FCFDA2E79A ] sfloppy         C:\Windows\System32\drivers\sfloppy.sys
12:48:35.0609 0x003c  sfloppy - ok
12:48:35.0644 0x003c  [ 090AE16F79C8EAD04E6031F863DA85F3, 3F27BE46DF602B53940414A6E9FEB23B36CFFB8E9A7F41440C3315B8E27D0029 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
12:48:35.0654 0x003c  SharedAccess - ok
12:48:35.0690 0x003c  [ A77F3ABE13FCC698511E5DEC7ACEBD5F, 78A43FDA9F770FD8BA107605DB44BC71D8B89D7E75560DA783AA6356C1873C15 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:48:35.0705 0x003c  ShellHWDetection - ok
12:48:35.0713 0x003c  [ 2560721D6F16D5B611C36A3A9D28C1B2, 15C30404902654ABA5DB5367FC5BD31343B12A3FC22B4BC5A26B09016447B5ED ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
12:48:35.0715 0x003c  SiSRaid2 - ok
12:48:35.0724 0x003c  [ 3AA8FDE1DBF65BB8B88B053529554A0D, 8060D946344D043D336F4735363C23C37C91A6DB3F81E575C267B2EC2BECB0EC ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
12:48:35.0727 0x003c  SiSRaid4 - ok
12:48:35.0769 0x003c  [ E660156A4588A84305CB772FD2C0DB21, 9492EB6578D4A689945E1FC2440EFA77D461049CDB2D00A645969A71B7DA68E1 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
12:48:35.0772 0x003c  SNMPTRAP - ok
12:48:35.0824 0x003c  [ 9110193D93960E38B8692E4519C75D72, 789381B4CCC056EE431E78E2339AC9802264A1CE4B378DDA9769649664C9A7A0 ] spaceport       C:\Windows\system32\drivers\spaceport.sys
12:48:35.0831 0x003c  spaceport - ok
12:48:35.0839 0x003c  [ 3D8679C8DF52EB26EB7583A4E0A29202, DCD9B69299275857712AB200C014AE820C8A9F7E53C4A335A84518FBE4BB56BB ] SpbCx           C:\Windows\system32\drivers\SpbCx.sys
12:48:35.0842 0x003c  SpbCx - ok
12:48:35.0874 0x003c  [ 3F215BF2D4D8D6756298B25B579772C2, 744192D1635E5D296BFD399E870B70592202CEAF95C31C2D2B226A868D33A3FD ] Spooler         C:\Windows\System32\spoolsv.exe
12:48:35.0891 0x003c  Spooler - ok
12:48:36.0066 0x003c  [ 061A977C920FBE4BF71FF47C966DDDCA, 746516396B72E4ADB05D978C819CD45FE44EE194756F6DA50121D755439CA590 ] sppsvc          C:\Windows\system32\sppsvc.exe
12:48:36.0201 0x003c  sppsvc - ok
12:48:36.0281 0x003c  [ 2FD9346F9D76CB4192D37329CFA47A82, 4CD75B4006147D469116F3CBC10528928A592510DA8037D709CB198D89853CAB ] SRTSP           C:\Windows\System32\Drivers\NISx64\1404000.028\SRTSP64.SYS
12:48:36.0297 0x003c  SRTSP - ok
12:48:36.0326 0x003c  [ 0E76CEF892C45734F7AED09FDDF35D4D, C25AF31E411AC3A090859C883132B9AE6A80C8D791168FF219BC0895E35A0359 ] SRTSPX          C:\Windows\system32\drivers\NISx64\1404000.028\SRTSPX64.SYS
12:48:36.0328 0x003c  SRTSPX - ok
12:48:36.0358 0x003c  [ 0F1FCD575A03ABDE13FCA9D0ADE4DDA6, 61EEB1349489CB85204F1B4E398BE24EDC01FB914120C9DD0487F8EE1EDA055E ] srv             C:\Windows\system32\DRIVERS\srv.sys
12:48:36.0368 0x003c  srv - ok
12:48:36.0425 0x003c  [ 56218A571ECF8D55E0CDFF8DF2546CF1, 44B34722108EDDC8757A0B7C939A854457BB7EBC92A83C4284DFFAECFC2E3619 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
12:48:36.0439 0x003c  srv2 - ok
12:48:36.0458 0x003c  [ 14FC338B80CFF7E04215133B568D15C4, 1F437BE0EC887097F0C3409D4198A20981FC325FDF915532AB85070D337DEF2B ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
12:48:36.0463 0x003c  srvnet - ok
12:48:36.0503 0x003c  [ 7A20882D76D4A78240A5AC9F2C2EBA21, ACA05211EE542999A118BBD2CD051038A7DC8C40C4B8971DC6514BA90E90EC61 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
12:48:36.0510 0x003c  SSDPSRV - ok
12:48:36.0520 0x003c  [ D233B16999A8E626F6004BD7814C57EC, 5BBFE5DDF1269617ABD1BDBED85A79D99BB52EA29C2BB3A8F4A1827BFAA1A747 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
12:48:36.0524 0x003c  SstpSvc - ok
12:48:36.0545 0x003c  [ 4E85355B94CFCB67C135F6521A4895A7, AC4FC65C1E62A54B3834E7FE0A2B1ECC48A2AA563AE5BD508326EE68FFFBBEEE ] stexstor        C:\Windows\system32\drivers\stexstor.sys
12:48:36.0548 0x003c  stexstor - ok
12:48:36.0577 0x003c  [ BAC8A721736AECC55A4F71523AEAB65F, B52E1303B13A961A5FC190829E55B6F28ACA409A6EEF44B358D1D210558FE1D8 ] stisvc          C:\Windows\System32\wiaservc.dll
12:48:36.0592 0x003c  stisvc - ok
12:48:36.0622 0x003c  [ B240874B2CA0CD02E8CD11E140B14C57, 0FDBEE3DB644175A30065CAF020F375703ADC45A33221788C010F3111707FC25 ] storahci        C:\Windows\system32\drivers\storahci.sys
12:48:36.0625 0x003c  storahci - ok
12:48:36.0640 0x003c  [ F74DBC95A57B1EE866D3732EB5F79BE2, E4FE9D5CD0A385ACB60D5D5E8D969F26C3A6BC0C08FF0838DBE9CA106229C8DE ] storflt         C:\Windows\system32\DRIVERS\vmstorfl.sys
12:48:36.0642 0x003c  storflt - ok
12:48:36.0659 0x003c  [ 5337E138B49ED1F44CCBA4073BC35C20, 2B296973215E3865A56C46DC3D27F1460D96BC321558CE7A911B05B0E7BF397F ] StorSvc         C:\Windows\system32\storsvc.dll
12:48:36.0662 0x003c  StorSvc - ok
12:48:36.0671 0x003c  [ 543CD3CC0E05B8D8815E0D4F040B6F59, 4B57C9534E94A0A67FC82DBD4FAECACA180BEC281FB477550A37C0A04777E09E ] storvsc         C:\Windows\system32\drivers\storvsc.sys
12:48:36.0672 0x003c  storvsc - ok
12:48:36.0682 0x003c  [ 8BC1C1ED6EF9C985A3FAA6A72F41679A, 82CC77030D23013572B4A64A64B6156789F253BF56268B790093CE3D345410A0 ] svsvc           C:\Windows\system32\svsvc.dll
12:48:36.0685 0x003c  svsvc - ok
12:48:36.0698 0x003c  [ 4AFD66AAE74FFB5986BC240744DC5FC9, 0C9347614E3FD3B4D3B29FA4A5DA23FF6EE4CD9A1FFC378B855B8DE61B2876CF ] swenum          C:\Windows\System32\drivers\swenum.sys
12:48:36.0700 0x003c  swenum - ok
12:48:36.0727 0x003c  [ 502F9488540051F3E6C39889ECFA76BB, 22ABD681BE4CF8A1F484C6363C1334B1EF7A6C074D837B0121DE1896887B84C6 ] swprv           C:\Windows\System32\swprv.dll
12:48:36.0739 0x003c  swprv - ok
12:48:36.0776 0x003c  [ 52DC0048D667757A8A2E4C87182890AC, 7B43DF6DADFDDBBC5402477FE832052ADB6A39B90111CDA89B5E01CE900F55C5 ] SymDS           C:\Windows\system32\drivers\NISx64\1404000.028\SYMDS64.SYS
12:48:36.0787 0x003c  SymDS - ok
12:48:36.0829 0x003c  [ 599872BAD7CFB45C7CE47CDED4B726D8, 5B15B1B22C3ACA1BC56CAFCAFFC2E974C75C77C0AB7355FBA91F2147C0911499 ] SymEFA          C:\Windows\system32\drivers\NISx64\1404000.028\SYMEFA64.SYS
12:48:36.0865 0x003c  SymEFA - ok
12:48:36.0893 0x003c  [ 42947647F71E9EF2167B42B372F1DDB7, AE825B7DFFAE8BCF5598C512EFAF5645C5A6C4DC90F8B3073A255223DF3AAA4A ] SymELAM         C:\Windows\system32\drivers\NISx64\1404000.028\SymELAM.sys
12:48:36.0895 0x003c  SymELAM - ok
12:48:36.0915 0x003c  [ F19E5E37ED8134B9E5F6287F2D3A75D7, 5804D6DF529213CCF7CD2C345483940554CAA5C6EA065A1B09AA54D114C612F8 ] SymEvent        C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
12:48:36.0920 0x003c  SymEvent - ok
12:48:36.0960 0x003c  [ ADF37F1A715D6C56C8E065FD8569A9A4, 33E895CB326F62D4D22E345563B0641EB88D23B2104A07E8CEBE5ED150882767 ] SymIRON         C:\Windows\system32\drivers\NISx64\1404000.028\Ironx64.SYS
12:48:36.0966 0x003c  SymIRON - ok
12:48:37.0009 0x003c  [ 9CDCA70485BD6B9D230365F67C31F132, 137995F1F0124E3A10AAA25551F811602BB5FE8361AE8CBA899C6B98486F4CF3 ] SymNetS         C:\Windows\System32\Drivers\NISx64\1404000.028\SYMNETS.SYS
12:48:37.0019 0x003c  SymNetS - ok
12:48:37.0091 0x003c  [ A06CB9269D29EE3D0F3F5630ABB660B8, 519A01FC7D9414B26CCBC23E7FB1CEAF1C91CD173B4F4A4025F8316B7460C584 ] SysMain         C:\Windows\system32\sysmain.dll
12:48:37.0133 0x003c  SysMain - ok
12:48:37.0173 0x003c  [ 6FB88606C4A71E1BFAF97D63A676C673, D72F93A482E989ACA50F9647B7AD699A4656AEAACF377BB2B8CEBB094B748852 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
12:48:37.0178 0x003c  SystemEventsBroker - ok
12:48:37.0193 0x003c  [ A6C06C45C44AD06C70AF8899AEC15BDC, AC2CCCDBA6B94BA85A6D41B47343193D175786D4ECF71AE9C7766ADD63A1273F ] TabletInputService C:\Windows\System32\TabSvc.dll
12:48:37.0198 0x003c  TabletInputService - ok
12:48:37.0219 0x003c  [ 88B7721AB551C4325036B25A34A2BF7B, 2817CC6294542524EC373A674535F913440736BEBE81233CA91D5ECD93620B02 ] TapiSrv         C:\Windows\System32\tapisrv.dll
12:48:37.0230 0x003c  TapiSrv - ok
12:48:37.0336 0x003c  [ 37D85E873C9531A2F88DD9C63D3F8A9E, C31FF8324962B72DAED445F0A264E3E2E51296DDC98A5914DCE155693FB18868 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
12:48:37.0399 0x003c  Tcpip - ok
12:48:37.0482 0x003c  [ 37D85E873C9531A2F88DD9C63D3F8A9E, C31FF8324962B72DAED445F0A264E3E2E51296DDC98A5914DCE155693FB18868 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
12:48:37.0527 0x003c  TCPIP6 - ok
12:48:37.0550 0x003c  [ 8F2A13A5DF99D72FDDE87F502A66F989, 2228C62ACDB4CBBFDD2BE705E604E0B9A8AEA7146F65F2D8B9B2A2FB49ACFAE1 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
12:48:37.0552 0x003c  tcpipreg - ok
12:48:37.0574 0x003c  [ 73DC722CE5DF26D7638CE2446F2655C7, 9B8E6F6DEA5E0C2AEAC24A31897D2E73F86EF44F1C25FEF82D2C860353793817 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
12:48:37.0578 0x003c  tdx - ok
12:48:37.0839 0x003c  [ C32E6295D7D024B2302EFF1A7FEFD720, A9E5C78FD8765367863FFCA4954E52EEC77BE4956A6910CD09BBBF9D5BC96D4E ] TeamViewer9     C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
12:48:37.0927 0x003c  TeamViewer9 - ok
12:48:37.0954 0x003c  [ F7C8AB5D8AFFAA318D6A21093D139BF4, 0A35052EF7DC8615783A23897358D8C579BE694363615C9563FF629E7B719991 ] terminpt        C:\Windows\System32\drivers\terminpt.sys
12:48:37.0956 0x003c  terminpt - ok
12:48:37.0989 0x003c  [ 541EE228D0DEF392F7B2DFD885DD021B, 594D6538FA4DB5EF4D130007D7C29051EC2EDCA39EBB119695B58E9CBB0EB728 ] TermService     C:\Windows\System32\termsrv.dll
12:48:38.0006 0x003c  TermService - ok
12:48:38.0018 0x003c  [ 519A6F672FFF56B7D8EE8C730CEC8ECD, 2B36F10C0AE16A261DC0887B1050808BA1F0568F3879E4ABC3D370F08C3FADB7 ] Themes          C:\Windows\system32\themeservice.dll
12:48:38.0022 0x003c  Themes - ok
12:48:38.0062 0x003c  [ EEE908BE7143FCA48CF0CB87214E2AB8, 4F9BD299F559DD36DBD93489CFAA753F236FBB70946E034D2E2260059AE20962 ] THREADORDER     C:\Windows\system32\mmcss.dll
12:48:38.0065 0x003c  THREADORDER - ok
12:48:38.0138 0x003c  [ 4515B9E4140F04FB3907692DF89FCA87, F68EC56524BDA877646E987BE7414C1D622BD9FF05A5AEADCA39030FDC2B0115 ] TimeBroker      C:\Windows\System32\TimeBrokerServer.dll
12:48:38.0143 0x003c  TimeBroker - ok
12:48:38.0166 0x003c  [ E94F7A7B48C7638D1F3F8089344C97B7, 276CDE59614D563A52529BCC4BFC726E5F5BE131C9C4142558A644D79328C810 ] TPM             C:\Windows\system32\drivers\tpm.sys
12:48:38.0170 0x003c  TPM - ok
12:48:38.0185 0x003c  [ 8C8CF3041B27E7657ADD0EE17F6DBFCA, A6846478B9E7B0A509E5A28C6C7B66ED39F0247F9AFF01E3C3CADC0DBEF3CA00 ] TrkWks          C:\Windows\System32\trkwks.dll
12:48:38.0190 0x003c  TrkWks - ok
12:48:38.0239 0x003c  [ 8ABBB5CE0C62E0A6D28F32F44B7F865C, 4C78FE2A4A25A758D5191C4EDB2A6FE691FF82E7C16C0F146DC96DAD87D4F64E ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:48:38.0242 0x003c  TrustedInstaller - ok
12:48:38.0270 0x003c  [ 4E7C5FB10A50435523DE0CAA37DE2BD3, D6206DF61950F2541FB754E57C4D9EF9FA0CC1EDD6F6FA4E45F02B47958493F7 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
12:48:38.0272 0x003c  TsUsbFlt - ok
12:48:38.0281 0x003c  [ 16D684A820872EE54F6370703AC0B513, 795E20484358424CE9FA766937DD99413025A8AF967D03490392E8E02A382D0B ] TsUsbGD         C:\Windows\System32\drivers\TsUsbGD.sys
12:48:38.0283 0x003c  TsUsbGD - ok
12:48:38.0305 0x003c  [ 78C9EE193AC2B4CBDBC48B620314D740, 41523E47D321BFF5778F5E453545B928C0A469C3BBA51578E74D6721D7DF9273 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
12:48:38.0309 0x003c  tunnel - ok
12:48:38.0318 0x003c  [ 6D4F67CA56ACA2085DFA2CD89EAFBC1A, AA7DA2207C0236F47859A4791F9D7301E7ADB50A59D831DC859ECC7CA70D3E1D ] uagp35          C:\Windows\system32\drivers\uagp35.sys
12:48:38.0320 0x003c  uagp35 - ok
12:48:38.0339 0x003c  [ 6FD6D03B7752C78712E5CFF29A305026, F09C5188AAFCF4C77B05BA1E604F9912782A9F1371F72F959288EBC2725407ED ] UASPStor        C:\Windows\System32\drivers\uaspstor.sys
12:48:38.0343 0x003c  UASPStor - ok
12:48:38.0367 0x003c  [ 2E22C1FD397A5A9FFEF55E9D1FC96C00, 4646712B3F3AF6188DBCE1A95D92261E8B15E9583FE5DD538EC884F48B51759D ] UBHelper        C:\Windows\system32\drivers\UBHelper.sys
12:48:38.0369 0x003c  UBHelper - ok
12:48:38.0420 0x003c  [ 061BA3EE0D2BE17944990544008CF190, C9236D368EC2281B545E8C008BC2801F21A9716ED3D4DAEDB0751A5008346E81 ] UCX01000        C:\Windows\System32\drivers\ucx01000.sys
12:48:38.0426 0x003c  UCX01000 - ok
12:48:38.0468 0x003c  [ 25C50F4EDF70D0A831E0566BD181CCF2, F2F9E86FB5617C16077D2073EC0AA747F76F1EB5148BA110347A84F3C3569F83 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
12:48:38.0475 0x003c  udfs - ok
12:48:38.0493 0x003c  [ FB3475FEA1CCB0DAEA1EBE44D0E3BB7D, 16DE6E0894C356A58AF12BEC2FE9B188F147DD4B16CB2414DE600CE4127F929D ] UI0Detect       C:\Windows\system32\UI0Detect.exe
12:48:38.0497 0x003c  UI0Detect - ok
12:48:38.0519 0x003c  [ 07FEBCDF24FABA0D47B635D85A0FFB7A, 452C04B14681EBCE8B1B25B75A1B7CC978722B7DDE54D624E17841B14ACCF65D ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
12:48:38.0522 0x003c  uliagpkx - ok
12:48:38.0541 0x003c  [ 02CEB3FE6152668A7BA420B93B664860, 613F27540FD1EFE2442E326F507DACD5A25691C8481937022B7E1104F3E6E9E2 ] umbus           C:\Windows\System32\drivers\umbus.sys
12:48:38.0543 0x003c  umbus - ok
12:48:38.0559 0x003c  [ 991EE6B5FC41EAEF99C8AF5B92F2CA09, 30AAD7D18FF5962CEC7180359D148EED5A1BF193DDB2B34508897FC3EBA692C3 ] UmPass          C:\Windows\System32\drivers\umpass.sys
12:48:38.0561 0x003c  UmPass - ok
12:48:38.0581 0x003c  [ 43FEFB040A0CC30F795FBF544169594D, F2A730C0F7C883321C378D4564120A40428D7F8E393F02C8D6A08934795A35C7 ] UmRdpService    C:\Windows\System32\umrdp.dll
12:48:38.0590 0x003c  UmRdpService - ok
12:48:38.0613 0x003c  [ 14D22C411854AA2560AFC94CD2D5E61F, BB376734733671C02319E6DB1800D41212694446FD65465498C92D4ECBFE7458 ] upnphost        C:\Windows\System32\upnphost.dll
12:48:38.0626 0x003c  upnphost - ok
12:48:38.0649 0x003c  [ 9E9F21FF91D7ECC0BCCB94D3FE52A959, 85461393D62ED939F6741C2D0A90C8AB34F4415173223BB4CFC119715D10E7A7 ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
12:48:38.0663 0x003c  usbaudio - ok
12:48:38.0682 0x003c  [ C976C4306F9AE133D6BBD47FDFC3BF92, 820413D92D6A89055A7F26523BF5CC4B668610C4A06E8B0D163FBF929B1DFA9A ] usbccgp         C:\Windows\System32\drivers\usbccgp.sys
12:48:38.0708 0x003c  usbccgp - ok
12:48:38.0735 0x003c  [ 427B6DB8C05A5A977E8C3525370A2595, C67222CA9123AE12D953995326B3B582C146CEA89594B7209DB0B1F628A0118D ] usbcir          C:\Windows\System32\drivers\usbcir.sys
12:48:38.0747 0x003c  usbcir - ok
12:48:38.0755 0x003c  [ B24FDEB1B18496F1B463782235AA3AF1, 3F5036F36987C8007D03DAFC3EC30615515BE96D9A1DF879BCD4EB0E66CD50B1 ] usbehci         C:\Windows\System32\drivers\usbehci.sys
12:48:38.0758 0x003c  usbehci - ok
12:48:38.0775 0x003c  [ 4875DC63E548812C75D4FDEF84970C89, 6A29306BAB6F95F0384E16533A9588A654A6E3CFC35D55A4CEB2B14EF34EEE19 ] usbfilter       C:\Windows\system32\DRIVERS\usbfilter.sys
12:48:38.0778 0x003c  usbfilter - ok
12:48:38.0804 0x003c  [ F8C2A832DF9403F5EA8080CBDBDA95FB, 50E9455465672BC13EB945BEC132D2F30BA2EB25C68928D2B4C256F2DB292A83 ] usbhub          C:\Windows\System32\drivers\usbhub.sys
12:48:38.0817 0x003c  usbhub - ok
12:48:38.0876 0x003c  [ E5F7328B1D29BCE791862CD3C0DD382A, E520D75CA6E4EDB06F576D97FB6B7CFD46A3EF3A3AC881537DE3BB8C862FE8C3 ] USBHUB3         C:\Windows\System32\drivers\UsbHub3.sys
12:48:38.0886 0x003c  USBHUB3 - ok
12:48:38.0904 0x003c  [ 325F6179009B5A7F6118951A5BA422AB, 756CB2893530485E8C3ACFF5A40F4C6EB446E72B2296E8772058E407A5E066DE ] usbohci         C:\Windows\System32\drivers\usbohci.sys
12:48:38.0913 0x003c  usbohci - ok
12:48:38.0925 0x003c  [ 9FDBA6982582A6F2354144980F641E7B, 054A65412CB22C5BE970FD3A266E140110D869B614B9F9894628D553CE82C991 ] usbprint        C:\Windows\System32\drivers\usbprint.sys
12:48:38.0935 0x003c  usbprint - ok
12:48:38.0942 0x003c  [ AD91D1BBE5D3CF4501887DC1C09384FD, ED9E27CD1D52401087427EC20E389FBE2497193483C2E53E8DE5D70DACF5D928 ] usbscan         C:\Windows\System32\drivers\usbscan.sys
12:48:38.0952 0x003c  usbscan - ok
12:48:38.0993 0x003c  [ BFC7FE4AAEB61317A921871B4085EF4B, CBC3FBAEAD6C82A437CC87A97007EF807C64053AB8FA5C3233C2A0CF6FC8D019 ] USBSTOR         C:\Windows\System32\drivers\USBSTOR.SYS
12:48:38.0996 0x003c  USBSTOR - ok
12:48:39.0012 0x003c  [ 1ABF657259DB57F7E5558E4DF1357C0C, 34EAF5DEA3293CFA96BA81B036305FD90ABAE05B9CB73D4F54FB236448C1978C ] usbuhci         C:\Windows\System32\drivers\usbuhci.sys
12:48:39.0021 0x003c  usbuhci - ok
12:48:39.0043 0x003c  [ 8DC398D7B8E02C929A2096E74A170970, 87B3CE84D05F50C33935B28F0AFF1CB15DAA4530768BA1FB25C311609CD4B0A5 ] USBXHCI         C:\Windows\System32\drivers\USBXHCI.SYS
12:48:39.0051 0x003c  USBXHCI - ok
12:48:39.0068 0x003c  [ F702AB6181513303AB0FC8D59E52708B, D46939B9F672269E65C98606A573C849C4AF5A26E4E75D3A8FE56A65B3A6EA08 ] VaultSvc        C:\Windows\system32\lsass.exe
12:48:39.0070 0x003c  VaultSvc - ok
12:48:39.0081 0x003c  [ BACECBFF9C97F7627A60B0E0F1FE7EE8, DC82F767D066B93A48A090DC7146EBCCDC54B43C6CD9DF29A160E09E3A531DC8 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
12:48:39.0082 0x003c  vdrvroot - ok
12:48:39.0145 0x003c  [ 1B4488988E5E7512E6C5CD1255E9E973, B82C26E767A8895CFFD76C11D07D5C945C38E1BD32CC27D20A6C0FA7F6064FC5 ] vds             C:\Windows\System32\vds.exe
12:48:39.0162 0x003c  vds - ok
12:48:39.0179 0x003c  [ 74FA2D4368DE6F6CE14393EDF1F342BE, C5CE4164B2C3D583A7FB8687ADEADCDB08D36A5AB1965E5FC6949AEED15881C8 ] VerifierExt     C:\Windows\system32\drivers\VerifierExt.sys
12:48:39.0182 0x003c  VerifierExt - ok
12:48:39.0216 0x003c  [ 500BE6B2E49883720D0AE8BB859ED7A3, 4606B02A3E8123510676E554635EB5ECF9DC5F2B83928710C8563787C52CC102 ] vhdmp           C:\Windows\System32\drivers\vhdmp.sys
12:48:39.0227 0x003c  vhdmp - ok
12:48:39.0243 0x003c  [ F5B4A14B00E89250C50982AC762DDD1D, 581CD97DD42E74A82F06BFB827DFC82618B4A8667ACA7E93C628BB0D056CE8F0 ] viaide          C:\Windows\system32\drivers\viaide.sys
12:48:39.0245 0x003c  viaide - ok
12:48:39.0264 0x003c  [ 78DB50F7329F6D1311658DABFFFC8BE0, 8CB0C831608033C4BC1D2DA7FAA7D429333A3654E76A989F7AF85BFC5F086BE9 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
12:48:39.0269 0x003c  vmbus - ok
12:48:39.0279 0x003c  [ ECFEE2F2BA3932C7880D1A8F67D68F91, 57DCD55A518A9FBDEF72B511C643B1062C3F7BD339F4B0FC19E9D84C615B968D ] VMBusHID        C:\Windows\System32\drivers\VMBusHID.sys
12:48:39.0281 0x003c  VMBusHID - ok
12:48:39.0335 0x003c  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicheartbeat   C:\Windows\System32\ICSvc.dll
12:48:39.0353 0x003c  vmicheartbeat - ok
12:48:39.0364 0x003c  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmickvpexchange C:\Windows\System32\ICSvc.dll
12:48:39.0372 0x003c  vmickvpexchange - ok
12:48:39.0387 0x003c  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicrdv         C:\Windows\System32\ICSvc.dll
12:48:39.0394 0x003c  vmicrdv - ok
12:48:39.0406 0x003c  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicshutdown    C:\Windows\System32\ICSvc.dll
12:48:39.0413 0x003c  vmicshutdown - ok
12:48:39.0425 0x003c  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmictimesync    C:\Windows\System32\ICSvc.dll
12:48:39.0432 0x003c  vmictimesync - ok
12:48:39.0444 0x003c  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicvss         C:\Windows\System32\ICSvc.dll
12:48:39.0451 0x003c  vmicvss - ok
12:48:39.0474 0x003c  [ CB60FAAED8B49B812EBBF77EB87D9B18, ADA7C68D4C4981555ED48981E8B7ACBEEF5C39F902EB98782FC3DFF495FE0C33 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
12:48:39.0477 0x003c  volmgr - ok
12:48:39.0499 0x003c  [ A74101DA9809251BCD0E5A26BAE0F824, 15A3A7CC31A13C5882812C344D0937A8A4503D12DB07B9F7F2A8191B739CDBF7 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
12:48:39.0508 0x003c  volmgrx - ok
12:48:39.0540 0x003c  [ 78A5BBA3819FFFC62FFEC3E2220D102D, A95797B97D576374C2CDA8A09E6C51A89BADE428AAA89D5093579C85062E5874 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
12:48:39.0548 0x003c  volsnap - ok
12:48:39.0557 0x003c  [ A8DA1C1B52ECEA3726DEBED4FF1B700D, 75C024EC3858DF24FB82FE105BDD1E37900D53EFE9D72F42CDDFFD0742525586 ] vpci            C:\Windows\System32\drivers\vpci.sys
12:48:39.0560 0x003c  vpci - ok
12:48:39.0575 0x003c  [ 38A60CD9C009C55C6D3B5586F8E6A353, 7F7E2AE39F1A0A5245650911E310E0948BC22A18262A16FA76B44A042D66312D ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
12:48:39.0579 0x003c  vsmraid - ok
12:48:39.0656 0x003c  [ D0C69E44BC1E1D4AD290FD84104623D8, 4C86760EA4BD2A64FFD42D89284EC3E5048CB2F0F6F3B80D017B41C0D2456A90 ] VSS             C:\Windows\system32\vssvc.exe
12:48:39.0697 0x003c  VSS - ok
12:48:39.0736 0x003c  [ A0F6FE0FC2F647C22BBFD6BD4249DBCC, AC2F3C70EDCA0AFBB2606267DFE6D3E8E7B0772140153BAD6B0A9EDE6A1D2F29 ] VSTXRAID        C:\Windows\system32\drivers\vstxraid.sys
12:48:39.0744 0x003c  VSTXRAID - ok
12:48:39.0770 0x003c  [ 62460A45435A26A334907E3F2EA45611, FEF86E05117CC0AAB8211CA1542776EB620BD4699BD590D91F16621ED35B9824 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
12:48:39.0772 0x003c  vwifibus - ok
12:48:39.0782 0x003c  [ 095E943D27025E4D588AF0A72CC2318F, 3CE406A202F93EF8C4BC7317621A672670D734C69166393CA7256D5E5E667041 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
12:48:39.0784 0x003c  vwififlt - ok
12:48:39.0800 0x003c  [ 73FA1A41A97A5C34ADC03B3577FF1A86, CBA4BC0DA837C163587BBB4BF2AC1549C72440307C984D3CDF8995023718136C ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
12:48:39.0802 0x003c  vwifimp - ok
12:48:39.0888 0x003c  [ 07E6731FF9399A3B72D64150D4C5F71A, 8D12F4160E661C5AB6184A917924F7863E31F0739803E59A12F85558DE1A14B8 ] VX6000          C:\Windows\system32\DRIVERS\VX6000Xp.sys
12:48:39.0950 0x003c  VX6000 - ok
12:48:39.0992 0x003c  [ F690B6EEAA94576727B24376D7ED3601, A61EE96024C8FC4058481DFB1E7F0AD746565368672FA3B6BA8F9E23D0F47E4C ] W32Time         C:\Windows\system32\w32time.dll
12:48:40.0001 0x003c  W32Time - ok
12:48:40.0007 0x003c  [ 6B806E893714019969E2B50D7EF6A4D9, 38FE2B01082DC4C2A0C11A292016A727F48C3DF1293DC3A0216B2254A452263F ] WacomPen        C:\Windows\System32\drivers\wacompen.sys
12:48:40.0009 0x003c  WacomPen - ok
12:48:40.0043 0x003c  [ 61F6972FF9AC9A8D0B4D62076DC30051, 5A028036461534CA53CB2D6C1D720783D408A9F17FD77AB1ECDD75FBAD9F2381 ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
12:48:40.0046 0x003c  Wanarp - ok
12:48:40.0052 0x003c  [ 61F6972FF9AC9A8D0B4D62076DC30051, 5A028036461534CA53CB2D6C1D720783D408A9F17FD77AB1ECDD75FBAD9F2381 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
12:48:40.0054 0x003c  Wanarpv6 - ok
12:48:40.0112 0x003c  [ 42DF22F8C448E7CD219F6D63743505E2, 063F4280C7BD20CE1360436B76A17DFE17FF611F75337A47373D098CC6C263BF ] wbengine        C:\Windows\system32\wbengine.exe
12:48:40.0164 0x003c  wbengine - ok
12:48:40.0194 0x003c  [ 31D37B2F6069C631EF0557D322924812, 6E18A1060F3C8F4BF220E286C44327866A8F9109E74928AA2D8C2DA9C452038B ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
12:48:40.0203 0x003c  WbioSrvc - ok
12:48:40.0246 0x003c  [ AF1349386D4C6786EF4E34FACEF15042, 6B33778409BC54C1955B92508ADDEBAFD629141961B71C94A91DC4CFE8391A13 ] Wcmsvc          C:\Windows\System32\wcmsvc.dll
12:48:40.0254 0x003c  Wcmsvc - ok
12:48:40.0303 0x003c  [ 5B5FEAB51172F5513C2CF7B39CFA6A01, 4FDAC5168E00D44781C6F5D98ECD4977A12663C5CE6FFDFF9DBC89A28D6212D8 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
12:48:40.0314 0x003c  wcncsvc - ok
12:48:40.0331 0x003c  [ E19556D414332E2BEBA1F368229006B4, AB3454EC85D7B6E62D44C4510C1547AE7F736558588E54B0E265F7B3A5810E15 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:48:40.0334 0x003c  WcsPlugInService - ok
12:48:40.0340 0x003c  [ B3A4D918DAB90505B6BC7B70632913CB, ECC19DCD7902C29D0682C70B9546CF8B82477A32147EE30EB6750D8499605B46 ] Wd              C:\Windows\system32\drivers\wd.sys
12:48:40.0342 0x003c  Wd - ok
12:48:40.0383 0x003c  [ FD47DF026B32969B8A68721A0243E8EE, 57A7B9B40CEDADFB023AEDD9F29869F1B93EA2596F47B5DDC233D57FC585CCE1 ] WdBoot          C:\Windows\system32\drivers\WdBoot.sys
12:48:40.0385 0x003c  WdBoot - ok
12:48:40.0441 0x003c  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
12:48:40.0457 0x003c  Wdf01000 - ok
12:48:40.0478 0x003c  [ 5F425D842DD6ADE9F95A51A0616AFAD7, 807B8E6A4FE443A362076C225F588A8C897CFE24A6367F4D461C8F6D3EF004C5 ] WdFilter        C:\Windows\system32\drivers\WdFilter.sys
12:48:40.0484 0x003c  WdFilter - ok
12:48:40.0504 0x003c  [ 240FC332484572227CD1DF82407F33E5, 5210549EC519DD3BCA6BBC995F01E1E3E0988580797E4BD1433F429E0CB30412 ] WdiServiceHost  C:\Windows\system32\wdi.dll
12:48:40.0508 0x003c  WdiServiceHost - ok
12:48:40.0515 0x003c  [ 240FC332484572227CD1DF82407F33E5, 5210549EC519DD3BCA6BBC995F01E1E3E0988580797E4BD1433F429E0CB30412 ] WdiSystemHost   C:\Windows\system32\wdi.dll
12:48:40.0520 0x003c  WdiSystemHost - ok
12:48:40.0565 0x003c  [ 9B1384CE8E681D2D77BB3524B8E86311, BDEF9D0A79A7C26A88088A306F91632F300E587736CDD2C64717EC54DD6E89FF ] WebClient       C:\Windows\System32\webclnt.dll
12:48:40.0573 0x003c  WebClient - ok
12:48:40.0595 0x003c  [ 35FD720943D4FCD75C3275BF062FF140, 9D8345E6DE1AE23F93AD0B52D27D1CCFD69EF7EE50654F92CA999BEC4570A773 ] Wecsvc          C:\Windows\system32\wecsvc.dll
12:48:40.0603 0x003c  Wecsvc - ok
12:48:40.0614 0x003c  [ 4D2612E3C462B68F499D840B1133263E, 4DDAEB4480AEC31A8184838588E0D3DFA31CE6D2FA6E906926860C75F52DC7B7 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
12:48:40.0618 0x003c  wercplsupport - ok
12:48:40.0644 0x003c  [ 5F70EBFC1F75B487DE79501E3CCBDB54, 2FCA57BF60A43B03BB42FBF22BBFC19AD2266FBBD818494AD114125E6E433321 ] WerSvc          C:\Windows\System32\WerSvc.dll
12:48:40.0649 0x003c  WerSvc - ok
12:48:40.0695 0x003c  [ 44BB9C31E6242C4BD1CE7C2B440C2533, E603BB001028918B687818E930340008C752679B133037367A8A8E41DA559FFE ] WFPLWFS         C:\Windows\system32\DRIVERS\wfplwfs.sys
12:48:40.0698 0x003c  WFPLWFS - ok
12:48:40.0736 0x003c  [ 60E0C220593DA4F7C289CB909D2DBAE0, 057CA7727F748600CC155043081AB9E3244763CF4913F317D13226A515F6FDB6 ] WiaRpc          C:\Windows\System32\wiarpc.dll
12:48:40.0740 0x003c  WiaRpc - ok
12:48:40.0758 0x003c  [ A3C7624A42A3447EF5EDD1ED37FE4E60, BD8BDF0A571873FA8277878AF7AED11196CFF1B4DF1EA6BA13BD4887D7B63B94 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
12:48:40.0760 0x003c  WIMMount - ok
12:48:40.0785 0x003c  WinDefend - ok
12:48:40.0821 0x003c  [ 7911470B6018059A880469A63B65700A, 4B6131491A028FBCA54AC261112D183EFD42E98160545C8E8DFBDA01C87B3FB5 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
12:48:40.0837 0x003c  WinHttpAutoProxySvc - ok
12:48:40.0886 0x003c  [ 3D6B518B71C75C8FA4115A33615C107A, ED7A266013D29D3B1A462464735C3632BEA121D1B32553907AEAA0B00595C3DF ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
12:48:40.0892 0x003c  Winmgmt - ok
12:48:40.0981 0x003c  [ 8E212A627F33F6FC3B5F3BB47212F66E, 9BBFE26ABFA14F346FE3711D13D959523EEA23608A33C16F3D750D66CA511911 ] WinRM           C:\Windows\system32\WsmSvc.dll
12:48:41.0055 0x003c  WinRM - ok
12:48:41.0124 0x003c  [ 6351724B8FA0255C2DBD970297F00B93, A02F274479F9F32E30C75A5BD991B008B3CCB47D380D5870563EF918DAC5730E ] WlanSvc         C:\Windows\System32\wlansvc.dll
12:48:41.0172 0x003c  WlanSvc - ok
12:48:41.0248 0x003c  [ B330CE47FB74A6BE9A3FFFF4B3F64D9B, B76226808406D8B38DE2D3A8CCE633BB507022C8BAAA6C3DAD34204CC6CE1284 ] wlidsvc         C:\Windows\system32\wlidsvc.dll
12:48:41.0307 0x003c  wlidsvc - ok
12:48:41.0326 0x003c  [ E2A596CACFC6504306CDB7B593B90084, DF89CF57249553CE922C841F18B99A213185FA1099C053B9BB8C0F6E5BC3FEC0 ] WmiAcpi         C:\Windows\System32\drivers\wmiacpi.sys
12:48:41.0327 0x003c  WmiAcpi - ok
12:48:41.0352 0x003c  [ D113499052C5E541906B727779F0F959, 05FB51086C0A0CE3812A7E6098C5A454ECCFE8553669CFA715153564F2226DB0 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
12:48:41.0358 0x003c  wmiApSrv - ok
12:48:41.0370 0x003c  WMPNetworkSvc - ok
12:48:41.0380 0x003c  [ C6FF953D5D6F2EAE3B8883474D5076B3, 001CBB7FBC30209C892869258E5ABD3F0932886E156ECB10DCA599F6D32648BE ] wpcfltr         C:\Windows\system32\DRIVERS\wpcfltr.sys
12:48:41.0381 0x003c  wpcfltr - ok
12:48:41.0406 0x003c  [ A6ED163169876BFD2437E872FE2F1509, C13E8676800EEEF690F51C4DEA660B36C8734AE2CCAAC48054E10D74B98949B8 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
12:48:41.0410 0x003c  WPCSvc - ok
12:48:41.0462 0x003c  [ 3013658A4D327854BEEC4A08D9655194, C4CF5AA6A47CC55E7037B0BFE20AE0A6442ADDC5DEB89D6861C98C61851FA821 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
12:48:41.0468 0x003c  WPDBusEnum - ok
12:48:41.0477 0x003c  [ 0346CAFC181C91C6E2330332EB332ED6, D46F44C339399CAAE13CD71C53A169E95065208E07E5420DE00A4509D6CB056F ] WpdUpFltr       C:\Windows\system32\drivers\WpdUpFltr.sys
12:48:41.0479 0x003c  WpdUpFltr - ok
12:48:41.0518 0x003c  [ BC8B5CB336E63BB25EAD1CE8EDD34B81, A42759956EDCCC6D0688240AA4F833FB9CA132D42D2D901CDCBB24DCE1788C1D ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
12:48:41.0521 0x003c  ws2ifsl - ok
12:48:41.0563 0x003c  [ ADD2FE1A9F4EE41A6D724819550D4E1F, EE8320496D611F6D264AC21684EACB5DC6F9DD82E055726073C7782D0993AFB3 ] WsAudio_Device  C:\Windows\system32\drivers\VirtualAudio.sys
12:48:41.0575 0x003c  WsAudio_Device - ok
12:48:41.0626 0x003c  [ 012CFE7F0F95266F554EE3B91EE2128A, 866312F6BF7369BE686F1BA9F01311C99E95E268C6E63BE37C841F54F5AA0DB8 ] wscsvc          C:\Windows\System32\wscsvc.dll
12:48:41.0630 0x003c  wscsvc - ok
12:48:41.0636 0x003c  WSearch - ok
12:48:41.0741 0x003c  [ D4D04839F3DFAF09D94BAB1016F7A297, 944A41D251F522EE87189C1D01CF7EEE2C70BF4353BA4005C44F03DB485F843F ] WSService       C:\Windows\System32\WSService.dll
12:48:41.0837 0x003c  WSService - ok
12:48:41.0962 0x003c  [ 311E5E1976E0BD9110A88B93158055D5, F1AA738D6AD74C33785EEFE1FBE8A869AAB62417B7D079389293AB1209A849C1 ] wuauserv        C:\Windows\system32\wuaueng.dll
12:48:42.0060 0x003c  wuauserv - ok
12:48:42.0091 0x003c  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
12:48:42.0094 0x003c  WudfPf - ok
12:48:42.0117 0x003c  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\System32\drivers\WUDFRd.sys
12:48:42.0123 0x003c  WUDFRd - ok
12:48:42.0135 0x003c  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFSensorLP    C:\Windows\system32\DRIVERS\WUDFRd.sys
12:48:42.0139 0x003c  WUDFSensorLP - ok
12:48:42.0159 0x003c  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
12:48:42.0164 0x003c  wudfsvc - ok
12:48:42.0176 0x003c  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFWpdFs       C:\Windows\system32\DRIVERS\WUDFRd.sys
12:48:42.0180 0x003c  WUDFWpdFs - ok
12:48:42.0231 0x003c  [ 6D9E07436B6646EC8F7EFFD39B6BA288, 82C1CEA93ECEF17D221AD0F87C5BD96F3FD8143841C16BD9608BD4D58D90B8E0 ] WwanSvc         C:\Windows\System32\wwansvc.dll
12:48:42.0243 0x003c  WwanSvc - ok
12:48:42.0308 0x003c  [ DD0042F0C3B606A6A8B92D49AFB18AD6, 8D3BE4C93D02AF5F42EC46AF598D6DA40C61D467CB2FEE5E222F9C1E7A84B852 ] YahooAUService  C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
12:48:42.0320 0x003c  YahooAUService - ok
12:48:42.0344 0x003c  [ BB1842E3AA602B401F7692718B0D0F9A, 6DE508F6CC917D046E61730706C70EF2965B12A7A31F180C22DF8BFA30C0CF67 ] ZAtheros Wlan Agent C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe
12:48:42.0346 0x003c  ZAtheros Wlan Agent - ok
12:48:42.0367 0x003c  ================ Scan global ===============================
12:48:42.0404 0x003c  [ DDC1AFBF9DDF880CE9BD3896114D8DED, E2406231EA4D2689A5EDFA9BD1A1BC064359D8D23B37F113A18B5EAE3E2D4050 ] C:\Windows\system32\basesrv.dll
12:48:42.0447 0x003c  [ E9343076AE704D20BB0D01F3AF3EFFEF, FF2CE4146945976F9480690505CECD3C7C719BAF0F633E6192C8272C75EF295D ] C:\Windows\system32\winsrv.dll
12:48:42.0466 0x003c  [ BD7C6949984D19AAA609896B675E7357, 5B46538B27BC70F5A3805AA63F6AACDC780C7168468FB535F2D35CF26B9DEE06 ] C:\Windows\system32\sxssrv.dll
12:48:42.0492 0x003c  [ 8F226143046435C75C033B0C52E90FFE, 54FA316485B57D7B8104FE621F5F40DEC35E3D57C3DF46B5F7EACF57445FE7CA ] C:\Windows\system32\services.exe
12:48:42.0502 0x003c  [ Global ] - ok
12:48:42.0504 0x003c  ================ Scan MBR ==================================
12:48:42.0516 0x003c  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
12:48:42.0526 0x003c  \Device\Harddisk0\DR0 - ok
12:48:42.0531 0x003c  [ 508F4A6A6A6B3DADC6D881D9948389D2 ] \Device\Harddisk2\DR2
12:48:42.0570 0x003c  \Device\Harddisk2\DR2 - ok
12:48:42.0571 0x003c  ================ Scan VBR ==================================
12:48:42.0581 0x003c  [ 3C273329D158FA69D99CC01121A0E597 ] \Device\Harddisk0\DR0\Partition1
12:48:42.0583 0x003c  \Device\Harddisk0\DR0\Partition1 - ok
12:48:42.0595 0x003c  [ 7CD33CC15C9BC5F1EC1F63B59471CB4C ] \Device\Harddisk0\DR0\Partition2
12:48:42.0596 0x003c  \Device\Harddisk0\DR0\Partition2 - ok
12:48:42.0607 0x003c  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
12:48:42.0607 0x003c  \Device\Harddisk0\DR0\Partition3 - ok
12:48:42.0614 0x003c  [ 7CFCD5E6A78A5B89EB874DF326210032 ] \Device\Harddisk0\DR0\Partition4
12:48:42.0616 0x003c  \Device\Harddisk0\DR0\Partition4 - ok
12:48:42.0646 0x003c  [ 9E369C0EBB366CF95DDB12A8E2253C84 ] \Device\Harddisk0\DR0\Partition5
12:48:42.0648 0x003c  \Device\Harddisk0\DR0\Partition5 - ok
12:48:42.0654 0x003c  [ AF446B07A4F6480D0C27572E500024E5 ] \Device\Harddisk2\DR2\Partition1
12:48:42.0658 0x003c  \Device\Harddisk2\DR2\Partition1 - ok
12:48:42.0659 0x003c  Waiting for KSN requests completion. In queue: 85
12:48:43.0660 0x003c  Waiting for KSN requests completion. In queue: 85
12:48:44.0661 0x003c  Waiting for KSN requests completion. In queue: 85
12:48:45.0687 0x003c  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.3.215.0 ), 0x61100 ( enabled : updated )
12:48:45.0688 0x003c  AV detected via SS2: Norton Internet Security, C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\WSCStub.exe ( 20.4.0.0 ), 0x50010 ( disabled : outofdate )
12:48:45.0689 0x003c  FW detected via SS2: Norton Internet Security, C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\WSCStub.exe ( 20.4.0.0 ), 0x50010 ( disabled )
12:48:45.0691 0x003c  Win FW state via NFP2: enabled
12:48:48.0252 0x003c  ============================================================
12:48:48.0252 0x003c  Scan finished
12:48:48.0252 0x003c  ============================================================
12:48:48.0263 0x08dc  Detected object count: 0
12:48:48.0263 0x08dc  Actual detected object count: 0
 

 

 

ESET

C:\wajam_validate.exe    Win32/Wajam.F potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe.vir    a variant of MSIL/AdvancedSystemProtector.B potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Advanced System Protector\AspManager.exe.vir    a variant of MSIL/AdvancedSystemProtector.B potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Advanced System Protector\filetypehelper.exe.vir    a variant of MSIL/AdvancedSystemProtector.B potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Advanced System Protector\scandll.dll.vir    a variant of MSIL/AdvancedSystemProtector.B potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\optimizer pro\OptProCrash.dll.vir    a variant of Win32/SProtector.D potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\optimizer pro\OptProLauncher.exe.vir    a variant of Win32/AdWare.SpeedingUpMyPC.D application    cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\PC Health Kit\PCHealthKit.exe.vir    a variant of Win32/SpeedingUpMyPC.F application    cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Wajam\Updater\WajamUpdaterV3.exe.vir    Win32/Wajam.D potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Zwinky_5q\bar\1.bin\5qskin.dll.vir    probably a variant of Win32/Toolbar.MyWebSearch.P potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Zwinky_5q\bar\1.bin\AppIntegrator64.exe.vir    a variant of Win64/Toolbar.MyWebSearch.A potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Zwinky_5q\bar\1.bin\AppIntegratorStub64.dll.vir    a variant of Win64/Toolbar.MyWebSearch.A potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Zwinky_5q\bar\1.bin\Hpg64.dll.vir    a variant of Win64/Toolbar.MyWebSearch.A potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Richard\AppData\Local\Smartbar\Application\BrowserHelper.exe.vir    a variant of MSIL/Toolbar.Linkury.A potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Richard\AppData\Local\Smartbar\Application\QuickShare.exe.vir    a variant of Win32/Toolbar.Linkury.A potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Richard\AppData\Local\Smartbar\Application\SmartbarInternetExplorerBHO.dll.vir    a variant of Win32/Toolbar.Linkury.B potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Richard\AppData\Local\Smartbar\Application\SmartbarInternetExplorerBHO2.dll.vir    a variant of Win32/Toolbar.Linkury.B potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Richard\AppData\Local\Smartbar\Application\SmartbarInternetExplorerExtension.dll.vir    a variant of MSIL/Toolbar.Linkury.D potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Richard\AppData\Local\Smartbar\Application\SmartbarInternetExplorerExtension2.dll.vir    a variant of MSIL/Toolbar.Linkury.D potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Richard\AppData\Local\Smartbar\Application\srbs.dll.vir    a variant of MSIL/Toolbar.Linkury.C potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Richard\AppData\Local\Smartbar\Application\amfclgbdpgndipgoegfpkkgobahigbcl\GoogleChromeRemotePlugin.dll.vir    Win32/Toolbar.Linkury.D potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Richard\AppData\Local\Smartbar\Application\[email protected]\components\SmartbarFireFoxRemotePlugin_20.dll.vir    Win32/Toolbar.Linkury.D potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Richard\AppData\Local\Smartbar\Application\[email protected]\components\SmartbarFireFoxRemotePlugin_21.dll.vir    Win32/Toolbar.Linkury.D potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Richard\AppData\Local\Smartbar\Application\[email protected]\components\SmartbarFireFoxRemotePlugin_22.dll.vir    a variant of Win32/Toolbar.Linkury.D potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Richard\AppData\Local\Smartbar\Application\[email protected]\components\SmartbarFireFoxRemotePlugin_23.dll.vir    a variant of Win32/Toolbar.Linkury.D potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Richard\AppData\Local\Smartbar\Application\[email protected]\components\SmartbarFireFoxRemotePlugin_24.dll.vir    a variant of Win32/Toolbar.Linkury.D potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Richard\AppData\Local\Smartbar\Application\[email protected]\components\SmartbarFireFoxRemotePlugin_25.dll.vir    a variant of Win32/Toolbar.Linkury.D potentially unwanted application    deleted - quarantined
C:\Program Files (x86)\Mobogenie\DaemonProcess.exe    a variant of Win32/Mobogenie.A potentially unwanted application    deleted - quarantined
C:\Program Files (x86)\Mobogenie\Mobogenie.exe    a variant of Win32/Mobogenie.A potentially unwanted application    deleted - quarantined
C:\Program Files (x86)\Mobogenie\New_UpdateMoboGenie.exe    a variant of Win32/Mobogenie.A potentially unwanted application    deleted - quarantined
C:\Program Files (x86)\Mobogenie\UpdateMoboGenie.exe    a variant of Win32/Mobogenie.A potentially unwanted application    deleted - quarantined
C:\Users\Richard\AppData\Local\Downloaded Installations\{4175787A-9EE1-4D7D-9D00-F80F59573684}\The Weather Channel App.msi    a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application    deleted - quarantined
C:\Users\Richard\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CMECMO4R\WajamPreExe[1].exe    Win32/Wajam.F potentially unwanted application    deleted - quarantined
C:\Users\Richard\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\DaemonProcess.exe    a variant of Win32/Mobogenie.A potentially unwanted application    deleted - quarantined
C:\Users\Richard\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\Mobogenie.exe    a variant of Win32/Mobogenie.A potentially unwanted application    deleted - quarantined
C:\Users\Richard\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\New_UpdateMoboGenie.exe    a variant of Win32/Mobogenie.A potentially unwanted application    deleted - quarantined
C:\Users\Richard\AppData\Local\Temp\airE735.exe    a variant of Win32/SpeedingUpMyPC.F application    cleaned by deleting - quarantined
C:\Users\Richard\AppData\Local\Temp\Mobogenie550.exe    a variant of Win32/Mobogenie.A potentially unwanted application    deleted - quarantined
C:\Users\Richard\AppData\Local\Temp\tbPro2.dll    a variant of Win32/Toolbar.Conduit.X potentially unwanted application    deleted - quarantined
C:\Users\Richard\AppData\Local\Temp\is-67IFS.tmp\OptProCrash.dll    a variant of Win32/SProtector.E potentially unwanted application    deleted - quarantined
C:\Users\Richard\AppData\Local\Temp\{9A0DB282-DB8A-4A82-9F1F-602D2338CF50}\setup.exe    multiple threats    cleaned by deleting - quarantined
C:\Users\Richard\AppData\LocalLow\VideoDownloadConverter_4zEI\Installr\Cache\1BDA1B5E.exe    a variant of Win32/Toolbar.MyWebSearch.O potentially unwanted application    deleted - quarantined
C:\Users\Richard\AppData\Roaming\InstallX Search Protect for Yahoo\searchprotector.exe    probably a variant of Win32/InstallIQ.A potentially unwanted application    deleted - quarantined
C:\Users\Richard\AppData\Roaming\InstallX Search Protect for Yahoo\searchprotector.zip    probably a variant of Win32/InstallIQ.A potentially unwanted application    deleted - quarantined
C:\Users\Richard\Desktop\Old Hard Drive HP\HP_Administrator\Documents\Dad's Folder\Anim304_Crk.exe    a variant of Win32/HackTool.Patcher.C potentially unsafe application    deleted - quarantined
C:\Users\Richard\Desktop\Old Hard Drive HP\HP_Administrator\Documents\Dad's Folder\PSP704_Crk.exe    a variant of Win32/HackTool.Patcher.C potentially unsafe application    deleted - quarantined
C:\Users\Richard\Desktop\Old Hard Drive HP\HP_Administrator\My Documents\Downloads\WormsWorldParty-dm.exe    a variant of Win32/Adware.Trymedia.A potentially unwanted application    deleted - quarantined
C:\Windows\Installer\5dfd5.msi    a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application    deleted - quarantined
C:\Windows\Temp\36f8daf1.ftf.ftf    a variant of Win32/SProtector.D potentially unwanted application    deleted - quarantined
 

 

 

 

Also the Norton Online Security stuff was a trial version and has never been removed.  So basically it does nothing but sit in the background for now.



#6 DASOS

DASOS

    Malware hunter


  • Security Colleague
  • 1,596 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greece loutraki 6 km from korinth canal
  • Local time:06:27 AM

Posted 08 February 2014 - 05:43 PM

Hey! good job!

 

We need to download Temp File Cleaner (TFC) by OldTimer:
 

  • Please download TFC.exe by Oldtimer at one of the two links: Link 1 Link 2
  • Save and close all running applications
  • Double-click on TFC.exe to run the program
  • Click on Start to begin the cleaning process
    note: this program may close running applications, make your screen disappear temporarily, or require a reboot of your PC - this is normal and part of the cleanup
  • When the scan is complete, if you were not asked to reboot the computer, please do so now

More Information can be found about the tool here: http://www.geekstogo.com/forum/files/file/187-tfc-temp-file-cleaner-by-oldtimer/

 

====

 

Please uninstall Norton and you may need to run this tool also to clean your comp from Norton!

http://www.bleepingcomputer.com/download/norton-removal-tool/ 

====

 

also take a look for a new AV here:

 

http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/#entry2316629     

 

Choose one you like. Install update and scan your comp again let me know if it finds something.

 

 



#7 squares16

squares16
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:27 PM

Posted 08 February 2014 - 11:49 PM

I ran TFC successfully and was not prompt to reboot.  I did then reboot as told.  I used Revo Uninstaller with advanced mode to remove Norton Internet Security and Online Backup.  I did use the Norton Removal Tool afterwards to catch anything else.  Rebooted again.  I chose to install Avira Free AV for the AV protection.  Updated and scanned.  No detections were found.  However, I did find some PUP looking programs still on Add/Remove programs and Revo (BrowseSmart, DriverUpdate, File Association Manager, MoboGenie, QuickShare, Save Daily Deals, tperfectcoUPon, and other toolbars).  I have also checked some of the folders/files and they still do exsist.



#8 DASOS

DASOS

    Malware hunter


  • Security Colleague
  • 1,596 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greece loutraki 6 km from korinth canal
  • Local time:06:27 AM

Posted 09 February 2014 - 01:08 AM

good morning! 8:09

 

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:

  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
  • List Minidump Files
  • List Restore Points

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
 
Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



#9 squares16

squares16
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:27 PM

Posted 09 February 2014 - 10:04 AM

Here is the Report log from MiniToolBox

 

MiniToolBox by Farbar  Version: 23-01-2014
Ran by Richard (administrator) on 09-02-2014 at 08:57:53
Running from "C:\Users\Richard\Desktop\Malware issue 2-7-14"
Microsoft Windows 8  (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

 

========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Ethernet (Connected)
Qualcomm Atheros AR5BWB222 Wireless Network Adapter = Wi-Fi (Connected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)

# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled taskoffload=enabled
set interface interface="Local Area Connection* 9" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Bluetooth Network Connection" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Wi-Fi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 12" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled

popd
# End of IPv4 configuration

 

Windows IP Configuration

   Host Name . . . . . . . . . . . . : desk-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : new.rr.com

Wireless LAN adapter Local Area Connection* 12:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
   Physical Address. . . . . . . . . : 12-16-D8-32-A4-B9
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wi-Fi:

   Connection-specific DNS Suffix  . : new.rr.com
   Description . . . . . . . . . . . : Qualcomm Atheros AR5BWB222 Wireless Network Adapter
   Physical Address. . . . . . . . . : 20-16-D8-32-A4-B9
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::b10a:900a:2e61:c4df%15(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.230.102(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Sunday, February 9, 2014 8:34:14 AM
   Lease Expires . . . . . . . . . . : Monday, February 10, 2014 8:34:16 AM
   Default Gateway . . . . . . . . . : 192.168.230.1
   DHCP Server . . . . . . . . . . . : 192.168.230.1
   DHCPv6 IAID . . . . . . . . . . . : 387978968
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-32-F7-AD-70-54-D2-0D-0B-3C
   DNS Servers . . . . . . . . . . . : 209.18.47.61
                                       209.18.47.62
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Bluetooth Network Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
   Physical Address. . . . . . . . . : 20-16-D8-32-B3-B9
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Ethernet:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : 70-54-D2-0D-0B-3C
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::e8f0:fad2:942f:5072%12(Preferred)
   Autoconfiguration IPv4 Address. . : 169.254.80.114(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.0.0
   Default Gateway . . . . . . . . . :
   DHCPv6 IAID . . . . . . . . . . . : 208688338
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-32-F7-AD-70-54-D2-0D-0B-3C
   DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
                                       fec0:0:0:ffff::2%1
                                       fec0:0:0:ffff::3%1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{7966DD7E-48BF-4878-9441-60D991FC99D8}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.new.rr.com:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : new.rr.com
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  dns-cac-lb-01.rr.com
Address:  209.18.47.61

Name:    google.com
Addresses:  2607:f8b0:4009:802::1003
   74.125.225.64
   74.125.225.65
   74.125.225.66
   74.125.225.67
   74.125.225.68
   74.125.225.69
   74.125.225.70
   74.125.225.71
   74.125.225.72
   74.125.225.73
   74.125.225.78

Pinging google.com [74.125.225.135] with 32 bytes of data:
Reply from 74.125.225.135: bytes=32 time=16ms TTL=54
Reply from 74.125.225.135: bytes=32 time=19ms TTL=54

Ping statistics for 74.125.225.135:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 16ms, Maximum = 19ms, Average = 17ms
Server:  dns-cac-lb-01.rr.com
Address:  209.18.47.61

Name:    yahoo.com
Addresses:  206.190.36.45
   98.138.253.109
   98.139.183.24

Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=88ms TTL=45
Reply from 206.190.36.45: bytes=32 time=87ms TTL=45

Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 87ms, Maximum = 88ms, Average = 87ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 16...12 16 d8 32 a4 b9 ......Microsoft Wi-Fi Direct Virtual Adapter
 15...20 16 d8 32 a4 b9 ......Qualcomm Atheros AR5BWB222 Wireless Network Adapter
 13...20 16 d8 32 b3 b9 ......Bluetooth Device (Personal Area Network)
 12...70 54 d2 0d 0b 3c ......Realtek PCIe GBE Family Controller
  1...........................Software Loopback Interface 1
 17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
 19...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0    192.168.230.1  192.168.230.102     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      169.254.0.0      255.255.0.0         On-link    169.254.80.114    276
   169.254.80.114  255.255.255.255         On-link    169.254.80.114    276
  169.254.255.255  255.255.255.255         On-link    169.254.80.114    276
    192.168.230.0    255.255.255.0         On-link   192.168.230.102    281
  192.168.230.102  255.255.255.255         On-link   192.168.230.102    281
  192.168.230.255  255.255.255.255         On-link   192.168.230.102    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link   192.168.230.102    281
        224.0.0.0        240.0.0.0         On-link    169.254.80.114    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link   192.168.230.102    281
  255.255.255.255  255.255.255.255         On-link    169.254.80.114    276
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 15    281 fe80::/64                On-link
 12    276 fe80::/64                On-link
 15    281 fe80::b10a:900a:2e61:c4df/128
                                    On-link
 12    276 fe80::e8f0:fad2:942f:5072/128
                                    On-link
  1    306 ff00::/8                 On-link
 15    281 ff00::/8                 On-link
 12    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\pnrpnsp.dll [67584] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [67584] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\NLAapi.dll [55296] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [21504] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [50688] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [66560] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [85504] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [85504] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [72192] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [53760] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [64000] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (02/09/2014 08:57:48 AM) (Source: ATIeRecord) (User: )
Description: ATI EEU Client event error

Error: (02/09/2014 08:57:33 AM) (Source: ATIeRecord) (User: )
Description: ATI EEU Client event error

Error: (02/09/2014 08:57:18 AM) (Source: ATIeRecord) (User: )
Description: ATI EEU Client event error

Error: (02/09/2014 08:57:03 AM) (Source: ATIeRecord) (User: )
Description: ATI EEU Client event error

Error: (02/09/2014 08:56:48 AM) (Source: ATIeRecord) (User: )
Description: ATI EEU Client event error

Error: (02/09/2014 08:56:33 AM) (Source: ATIeRecord) (User: )
Description: ATI EEU Client event error

Error: (02/09/2014 08:56:18 AM) (Source: ATIeRecord) (User: )
Description: ATI EEU Client event error

Error: (02/09/2014 08:56:03 AM) (Source: ATIeRecord) (User: )
Description: ATI EEU Client event error

Error: (02/09/2014 08:55:48 AM) (Source: ATIeRecord) (User: )
Description: ATI EEU Client event error

Error: (02/09/2014 08:55:33 AM) (Source: ATIeRecord) (User: )
Description: ATI EEU Client event error

System errors:
=============
Error: (02/08/2014 05:21:52 PM) (Source: Service Control Manager) (User: )
Description: The Apple Mobile Device service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

7-Zip 9.20
Agatha Christie - Death on the Nile (Version: 2.2.0.98)
Aloha TriPeaks (Version: 2.2.0.98)
AMD APP SDK Runtime (Version: 10.0.938.2)
AMD Catalyst Install Manager (Version: 8.0.881.0)
AMD Fuel (Version: 2012.0704.2139.36919)
AMD Quick Stream (Version: 3.3.22.0)
AMD VISION Engine Control Center (Version: 2012.0704.2139.36919)
Apple Application Support (Version: 3.0)
Apple Mobile Device Support (Version: 7.1.0.32)
Apple Software Update (Version: 2.1.3.127)
Avira (Version: 1.0.5142.23462)
Avira Free Antivirus (Version: 14.0.2.286)
Bejeweled 3 (Version: 2.2.0.98)
Bonjour (Version: 3.0.0.10)
BrowseSmart (Version: 2013.12.06.205904)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center InstallProxy (Version: 2012.0704.2139.36919)
Catalyst Control Center Localization All (Version: 2012.0704.2139.36919)
Catalyst Control Center Profiles Mobile (Version: 2012.0704.2139.36919)
CCC Help Chinese Standard (Version: 2012.0704.2138.36919)
CCC Help Chinese Traditional (Version: 2012.0704.2138.36919)
CCC Help Czech (Version: 2012.0704.2138.36919)
CCC Help Danish (Version: 2012.0704.2138.36919)
CCC Help Dutch (Version: 2012.0704.2138.36919)
CCC Help English (Version: 2012.0704.2138.36919)
CCC Help Finnish (Version: 2012.0704.2138.36919)
CCC Help French (Version: 2012.0704.2138.36919)
CCC Help German (Version: 2012.0704.2138.36919)
CCC Help Greek (Version: 2012.0704.2138.36919)
CCC Help Hungarian (Version: 2012.0704.2138.36919)
CCC Help Italian (Version: 2012.0704.2138.36919)
CCC Help Japanese (Version: 2012.0704.2138.36919)
CCC Help Korean (Version: 2012.0704.2138.36919)
CCC Help Norwegian (Version: 2012.0704.2138.36919)
CCC Help Polish (Version: 2012.0704.2138.36919)
CCC Help Portuguese (Version: 2012.0704.2138.36919)
CCC Help Russian (Version: 2012.0704.2138.36919)
CCC Help Spanish (Version: 2012.0704.2138.36919)
CCC Help Swedish (Version: 2012.0704.2138.36919)
CCC Help Thai (Version: 2012.0704.2138.36919)
CCC Help Turkish (Version: 2012.0704.2138.36919)
ccc-utility64 (Version: 2012.0704.2139.36919)
Cradle Of Egypt Collector's Edition (Version: 2.2.0.98)
CWA Reminder by We-Care.com v4.1.24.3 (Version: 4.1.24.3)
CyberLink MediaEspresso 6.5 (Version: 6.5.3103_44819)
CyberLink PowerDVD 10 (Version: 10.0.4220.52)
Defraggler (Version: 2.16)
Delicious: Emily's True Love Premium Edition (Version: 2.2.0.98)
DriverUpdate (Version: 2.2.30452)
eBay Worldwide (Version: 2.3.0630)
ESET Online Scanner v3
FastStone Image Viewer 4.8 (Version: 4.8)
File Association Manager (Version: 0.5)
Gateway Power Management (Version: 7.00.3006)
Gateway Recovery Management (Version: 6.00.3011)
Google Drive (Version: 1.13.5782.599)
Google Earth (Version: 7.1.2.2041)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.5.4805.320)
Google Update Helper (Version: 1.3.22.3)
Hotkey Utility (Version: 3.00.3001)
Identity Card (Version: 2.00.3004)
iTunes (Version: 11.1.4.62)
Jewel Match 3 (Version: 2.2.0.98)
Live Updater (Version: 2.00.3003)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Microsoft Corporation (Version: 9.1.0.0)
Microsoft LifeCam (Version: 3.22.270.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 365 Home Premium - en-us (Version: 15.0.4551.1512)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft SkyDrive (Version: 17.0.2015.0811)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Mobogenie
Mystery P.I. - Curious Case of Counterfeit Cove (Version: 2.2.0.98)
Nero 12 Essentials OEM.a01 (Version: 12.5.00000)
Nero BackItUp (Version: 12.0.0016)
Nero BackItUp 12 Essentials OEM.a01 (Version: 12.5.00000)
Nero BackItUp Help (CHM) (Version: 12.0.1000)
Nero ControlCenter (Version: 11.0.14500.0.45)
Nero ControlCenter Help (CHM) (Version: 12.0.0003)
Nero Core Components (Version: 11.0.16900.1.27)
Nero Express (Version: 12.0.16001)
Nero Express Help (CHM) (Version: 12.0.1000)
Nero Launcher (Version: 12.0.3000)
Nero RescueAgent (Version: 12.0.3001)
Nero RescueAgent Help (CHM) (Version: 12.0.1000)
Nero Update (Version: 11.0.11500.28.0)
NTI Backup Now EZ (Version: 3.0.2.32)
Office 15 Click-to-Run Extensibility Component (Version: 15.0.4551.1512)
Office 15 Click-to-Run Licensing Component (Version: 15.0.4551.1512)
Office 15 Click-to-Run Localization Component (Version: 15.0.4551.1512)
Peggle Nights (Version: 2.2.0.98)
Penguins! (Version: 2.2.0.98)
PictureMover (Version: 3.6.0.6)
Plants vs. Zombies - Game of the Year (Version: 2.2.0.98)
Polar Bowler (Version: 2.2.0.97)
Polar Golfer (Version: 2.2.0.98)
Prerequisite installer (Version: 12.0.0002)
Qualcomm Atheros Bluetooth Suite (64) (Version: 8.0.0.206)
Qualcomm Atheros WiFi Driver Installation (Version: 11.13)
QuickShare (Version: 10.169.60.13223)
RealDownloader (Version: 1.3.3)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0)
RealPlayer (Version: 16.0.3)
Realtek Ethernet Controller Driver (Version: 8.2.612.2012)
Realtek High Definition Audio Driver (Version: 6.0.1.6680)
Realtek USB 2.0 Card Reader (Version: 6.2.8400.30137)
RealUpgrade 1.1 (Version: 1.1.0)
Revo Uninstaller 1.95 (Version: 1.95)
SafeSearch (Version: 0.9.2.0)
SaveDailyDeals
SoftPlanet Software Assistant version 1.19 (Version: 1.19)
Software Updater version 1.8.3 (Version: 1.8.3)
Spotify (Version: 0.8.4.99.ga249b5f1)
Tales of Lagoona (Version: 2.2.0.110)
TeamViewer 9 (Version: 9.0.25942)
The Weather Channel App
The Weather Channel App (Version: 1.00.0000)
tpeerfeCtucoupon
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update Installer for WildTangent Games App
VLC media player 2.1.2 (Version: 2.1.2)
WildTangent Games (Version: 1.0.3.0)
WildTangent Games App (Version: 4.0.9.3)
Win8 DVD Player 1.2.0.0 (Version: 1.2.0.0)
Wondershare Video Converter Ultimate(Build 6.7.0.10) (Version: 6.7.0.10)
Yahoo! Toolbar
Zuma's Revenge (Version: 2.2.0.98)
Zwinky Internet Explorer Toolbar

========================= Devices: ================================

========================= Memory info: ===================================

Percentage of memory in use: 29%
Total physical RAM: 5581.41 MB
Available physical RAM: 3930.56 MB
Total Pagefile: 9421.41 MB
Available Pagefile: 7233.54 MB
Total Virtual: 4095.88 MB
Available Virtual: 3977.41 MB

========================= Partitions: =====================================

1 Drive c: (Gateway) (Fixed) (Total:906.7 GB) (Free:788.46 GB) NTFS
3 Drive e: (TOSHIBA EXT) (Fixed) (Total:1862.92 GB) (Free:1542.59 GB) NTFS

========================= Users: ========================================

User accounts for \\DESK-PC

Administrator            Guest                    Richard                 

========================= Minidump Files ==================================

No minidump file found

========================= Restore Points ==================================

09-02-2014 04:20:55 Scheduled Checkpoint

**** End of log ****



#10 DASOS

DASOS

    Malware hunter


  • Security Colleague
  • 1,596 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greece loutraki 6 km from korinth canal
  • Local time:06:27 AM

Posted 09 February 2014 - 11:04 AM

I ran TFC successfully and was not prompt to reboot.  I did then reboot as told.  I used Revo Uninstaller with advanced mode to remove Norton Internet Security and Online Backup.  I did use the Norton Removal Tool afterwards to catch anything else.  Rebooted again.  I chose to install Avira Free AV for the AV protection.  Updated and scanned.  No detections were found.  However, I did find some PUP looking programs still on Add/Remove programs and Revo (BrowseSmart, DriverUpdate, File Association Manager, MoboGenie, QuickShare, Save Daily Deals, tperfectcoUPon, and other toolbars).  I have also checked some of the folders/files and they still do exsist.

There is 2 more  you can uninstall 

 

SafeSearch (Version: 0.9.2.0)
Zwinky Internet Explorer Toolbar

 

How is your comp running?  



#11 squares16

squares16
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:27 PM

Posted 09 February 2014 - 11:28 AM

should I also uninstall the others that I listed or just the two: SafeSearch and Zwinky?



#12 DASOS

DASOS

    Malware hunter


  • Security Colleague
  • 1,596 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greece loutraki 6 km from korinth canal
  • Local time:06:27 AM

Posted 09 February 2014 - 12:40 PM

yes if you didn't  install those, also  Software Updater version 1.8.3 (Version: 1.8.3)

take a look here http://www.shouldiremoveit.com/software-updater-102250-program.aspx 



#13 squares16

squares16
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:27 PM

Posted 09 February 2014 - 09:13 PM

Alright.  I got done uninstalling everything listed plus other programs that were not in use. The computer seems to run a little faster using IE and outlook. Does not seem to give out any issues at that this point.



#14 DASOS

DASOS

    Malware hunter


  • Security Colleague
  • 1,596 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greece loutraki 6 km from korinth canal
  • Local time:06:27 AM

Posted 10 February 2014 - 06:20 AM

Ok! Use it for a couple days and let me know how is everything.

Take care!



#15 squares16

squares16
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:27 PM

Posted 10 February 2014 - 02:48 PM

Will do. Thank you.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users