Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Clicking on icons/files message asks me to send them to recycle bin


  • Please log in to reply
14 replies to this topic

#1 monkeyd_ace

monkeyd_ace

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Local time:06:42 PM

Posted 25 August 2013 - 08:11 AM

It's been here for half a year already but it never showed up on my antivirus (avast), or my malwarebytes. Recently it's gotten worst. Before I could just press esc and it will stop but now no matter what every time I click on an icon it will ask me to send the icons to the recycle bin. I tried restoring it doesn't work. 

 

Anything else I can do?



BC AdBot (Login to Remove)

 


#2 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:10:42 AM

Posted 25 August 2013 - 02:00 PM

Hello,

I will be helping you with your problems. Please be patient while I assist you.

Some points for you to keep in mind while I am helping you to make things go easier and faster for both of us
 

  • Please do NOT run, install or uninstall any programs,  unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
          
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
          
  • Please read every post completely before doing anything.   
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
          
  • Please provide feedback about your experience as we go.    
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
          

NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.
- Do NOT backup any unknown files ending in .exe, .com, .scr, .pif, and .bat since files of these types are more likely to be infected.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

----------------------------------------------

Please do the following:

:step1:

Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!


  • Double-click on TDSSKiller.exe on your desktop to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click on change parameters
  • Under Objects to scan, check the boxes next to Verify file digital signatures, Detect TDLFS file system, then click OK.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not an option, Skip instead, do NOT choose Delete or Quarantine unless instructed.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the full contents of that file in your next reply. - If the log is too long, then split it into multiple posts.


:step2:

Please download AdwCleaner by Xplode onto your desktop.


  • Double click on AdwCleaner.exe to run the tool.
  • Click on Search.
  • A logfile will automatically open after the scan has finished.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[R1].txt as well.


:step3:

Please download Farbar Service Scanner and run it on the computer with the issue.


  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press Scan.
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the full contents of the log in your next reply.


:step4:

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:


  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices (Only Problems)
  • List Users, Partitions and Memory size.
  • List Minidump Files
  • List Restore points

NOTE: When using "Reset FF Proxy Settings" option Firefox should be closed.

Click Go and post the full contents of the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

 

 


Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#3 monkeyd_ace

monkeyd_ace
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Local time:06:42 PM

Posted 27 August 2013 - 03:00 AM

Here are the results for TDSS

 

15:52:23.0765 4044 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
15:52:25.0782 4044 ============================================================
15:52:25.0782 4044 Current date / time: 2013/08/27 15:52:25.0782
15:52:25.0782 4044 SystemInfo:
15:52:25.0782 4044
15:52:25.0782 4044 OS Version: 6.1.7601 ServicePack: 1.0
15:52:25.0782 4044 Product type: Workstation
15:52:25.0782 4044 ComputerName: ADY-PC
15:52:25.0782 4044 UserName: anton
15:52:25.0782 4044 Windows directory: C:\Windows
15:52:25.0782 4044 System windows directory: C:\Windows
15:52:25.0782 4044 Processor architecture: Intel x86
15:52:25.0782 4044 Number of processors: 4
15:52:25.0782 4044 Page size: 0x1000
15:52:25.0782 4044 Boot type: Normal boot
15:52:25.0782 4044 ============================================================
15:52:27.0534 4044 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
15:52:27.0550 4044 ============================================================
15:52:27.0550 4044 \Device\Harddisk0\DR0:
15:52:27.0566 4044 MBR partitions:
15:52:27.0566 4044 \Device\Harddisk0\DR0\Partition1: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x950F800
15:52:27.0566 4044 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x9510000, BlocksNum 0x41347800
15:52:27.0566 4044 ============================================================
15:52:27.0800 4044 C: <-> \Device\Harddisk0\DR0\Partition2
15:52:27.0800 4044 ============================================================
15:52:27.0800 4044 Initialize success
15:52:27.0800 4044 ============================================================
15:53:27.0011 5304 ============================================================
15:53:27.0011 5304 Scan started
15:53:27.0011 5304 Mode: Manual; SigCheck; TDLFS;
15:53:27.0011 5304 ============================================================
15:53:27.0214 5304 ================ Scan system memory ========================
15:53:27.0214 5304 System memory - ok
15:53:27.0214 5304 ================ Scan services =============================
15:53:27.0994 5304 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
15:53:28.0181 5304 1394ohci - ok
15:53:28.0228 5304 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
15:53:28.0259 5304 ACPI - ok
15:53:28.0306 5304 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
15:53:28.0384 5304 AcpiPmi - ok
15:53:28.0545 5304 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
15:53:28.0592 5304 AdobeARMservice - ok
15:53:28.0748 5304 [ 476BB014F3F68C0C15EDDD5B444DA8FF ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
15:53:28.0779 5304 AdobeFlashPlayerUpdateSvc - ok
15:53:28.0857 5304 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
15:53:28.0888 5304 adp94xx - ok
15:53:28.0904 5304 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
15:53:28.0920 5304 adpahci - ok
15:53:28.0935 5304 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
15:53:28.0951 5304 adpu320 - ok
15:53:28.0966 5304 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:53:29.0044 5304 AeLookupSvc - ok
15:53:29.0107 5304 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
15:53:29.0169 5304 AFD - ok
15:53:29.0216 5304 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
15:53:29.0247 5304 agp440 - ok
15:53:29.0294 5304 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
15:53:29.0310 5304 aic78xx - ok
15:53:29.0388 5304 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
15:53:29.0450 5304 ALG - ok
15:53:29.0466 5304 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
15:53:29.0481 5304 aliide - ok
15:53:29.0481 5304 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
15:53:29.0497 5304 amdagp - ok
15:53:29.0512 5304 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
15:53:29.0528 5304 amdide - ok
15:53:29.0559 5304 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
15:53:29.0606 5304 AmdK8 - ok
15:53:29.0668 5304 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
15:53:29.0731 5304 AmdPPM - ok
15:53:29.0793 5304 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
15:53:29.0824 5304 amdsata - ok
15:53:29.0840 5304 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
15:53:29.0856 5304 amdsbs - ok
15:53:29.0871 5304 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
15:53:29.0887 5304 amdxata - ok
15:53:29.0934 5304 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
15:53:29.0980 5304 AppID - ok
15:53:30.0027 5304 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:53:30.0136 5304 AppIDSvc - ok
15:53:30.0246 5304 [ EACFDF31921F51C097629F1F3C9129B4 ] Appinfo C:\Windows\System32\appinfo.dll
15:53:30.0292 5304 Appinfo - ok
15:53:30.0412 5304 [ D6BB73F2E08A546FD8CDF99BCB9C1DA5 ] Application Updater C:\Program Files\Application Updater\ApplicationUpdater.exe
15:53:30.0463 5304 Application Updater - ok
15:53:30.0541 5304 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
15:53:30.0573 5304 arc - ok
15:53:30.0588 5304 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
15:53:30.0604 5304 arcsas - ok
15:53:30.0729 5304 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
15:53:30.0760 5304 aspnet_state - ok
15:53:30.0822 5304 [ 4AF5F360BA1E8794D32B366E45A64A0A ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
15:53:30.0853 5304 aswFsBlk - ok
15:53:30.0885 5304 [ 1F7094D4268D46F718C51286DC189791 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
15:53:30.0900 5304 aswMonFlt - ok
15:53:30.0916 5304 [ FFE9A993B3EC2908FECB1DF2C39148BB ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
15:53:30.0916 5304 aswRdr - ok
15:53:31.0041 5304 [ B680134BA1813B78B47FDD1DFF223CA5 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
15:53:31.0072 5304 aswRvrt - ok
15:53:31.0103 5304 [ CCD565A8A72AF7D45F9A242013870926 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
15:53:31.0134 5304 aswSnx - ok
15:53:31.0212 5304 [ 937300BC7C4CDF7576BCCE44E19BBB9D ] aswSP C:\Windows\system32\drivers\aswSP.sys
15:53:31.0243 5304 aswSP - ok
15:53:31.0275 5304 [ 1F71F170D90E42EFDE9633D81D5E12DC ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
15:53:31.0290 5304 aswTdi - ok
15:53:31.0337 5304 [ 8CFAA2B965773A653F48F1207A9CB9C4 ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
15:53:31.0368 5304 aswVmm - ok
15:53:31.0399 5304 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:53:31.0462 5304 AsyncMac - ok
15:53:31.0524 5304 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
15:53:31.0540 5304 atapi - ok
15:53:31.0649 5304 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:53:31.0711 5304 AudioEndpointBuilder - ok
15:53:31.0727 5304 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
15:53:31.0758 5304 Audiosrv - ok
15:53:31.0867 5304 [ 564820C1522FF9686B9080762E482C5B ] Autorun CDROM Monitor C:\Windows\system32\SupportAppXL\cdrom_mon.exe
15:53:31.0899 5304 Autorun CDROM Monitor ( UnsignedFile.Multi.Generic ) - warning
15:53:31.0899 5304 Autorun CDROM Monitor - detected UnsignedFile.Multi.Generic (1)
15:53:32.0164 5304 [ 28D6701C710AD7BA3CB95E75F8F1A9AA ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
15:53:32.0179 5304 avast! Antivirus - ok
15:53:32.0242 5304 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:53:32.0304 5304 AxInstSV - ok
15:53:32.0382 5304 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
15:53:32.0450 5304 b06bdrv - ok
15:53:32.0559 5304 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
15:53:32.0606 5304 b57nd60x - ok
15:53:32.0855 5304 [ 369C1928C9BBED65C9E347448BD376B0 ] BBSvc C:\Program Files\Microsoft\BingBar\7.2.241.0\BBSvc.exe
15:53:32.0902 5304 BBSvc - ok
15:53:32.0980 5304 [ 54949AFAC5CE6FA2E4D7846D4362BAB3 ] BBUpdate C:\Program Files\Microsoft\BingBar\7.2.241.0\SeaPort.exe
15:53:33.0011 5304 BBUpdate - ok
15:53:33.0120 5304 [ 55BBDDE1CBD3FA79EA88BAAA051D9735 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl6.sys
15:53:33.0167 5304 BCM43XX - ok
15:53:33.0214 5304 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
15:53:33.0354 5304 BDESVC - ok
15:53:33.0401 5304 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
15:53:33.0448 5304 Beep - ok
15:53:33.0495 5304 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
15:53:33.0604 5304 BFE - ok
15:53:33.0822 5304 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll
15:53:33.0885 5304 BITS - ok
15:53:33.0916 5304 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
15:53:33.0947 5304 blbdrive - ok
15:53:33.0978 5304 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:53:34.0041 5304 bowser - ok
15:53:34.0072 5304 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:53:34.0150 5304 BrFiltLo - ok
15:53:34.0181 5304 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:53:34.0228 5304 BrFiltUp - ok
15:53:34.0275 5304 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
15:53:34.0322 5304 Browser - ok
15:53:34.0410 5304 BrowserDefendert - ok
15:53:34.0456 5304 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
15:53:34.0534 5304 Brserid - ok
15:53:34.0581 5304 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
15:53:34.0644 5304 BrSerWdm - ok
15:53:34.0675 5304 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
15:53:34.0722 5304 BrUsbMdm - ok
15:53:34.0753 5304 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
15:53:34.0815 5304 BrUsbSer - ok
15:53:34.0878 5304 [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
15:53:34.0971 5304 BthEnum - ok
15:53:34.0987 5304 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
15:53:35.0018 5304 BTHMODEM - ok
15:53:35.0049 5304 [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
15:53:35.0081 5304 BthPan - ok
15:53:35.0127 5304 [ 1153DE2E4F5941E10C399CB5592F78A1 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
15:53:35.0174 5304 BTHPORT - ok
15:53:35.0221 5304 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
15:53:35.0283 5304 bthserv - ok
15:53:35.0299 5304 [ C81E9413A25A439F436B1D4B6A0CF9E9 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
15:53:35.0346 5304 BTHUSB - ok
15:53:35.0424 5304 [ 2A0DE6423D6BE95C96124FC66046176E ] BTWAMPFL C:\Windows\system32\DRIVERS\btwampfl.sys
15:53:35.0439 5304 BTWAMPFL - ok
15:53:35.0471 5304 [ C30935C27EB451586143B79B7DAD590F ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
15:53:35.0471 5304 btwaudio - ok
15:53:35.0517 5304 [ 9ABEA4DC976E3F47DA2D4B169719CBAA ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
15:53:35.0533 5304 btwavdt - ok
15:53:35.0627 5304 [ 2D54BCE239503A3D76B6E931F81AB6CE ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
15:53:35.0658 5304 btwdins - ok
15:53:35.0673 5304 [ C2C9AEB3F9525CBA2670D1F2BEB32A0A ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
15:53:35.0673 5304 btwl2cap - ok
15:53:35.0689 5304 [ 1E5468447E4D18FBEA5F01267D6495A5 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
15:53:35.0689 5304 btwrchid - ok
15:53:35.0720 5304 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:53:35.0783 5304 cdfs - ok
15:53:35.0861 5304 [ 6674BB4A919220D05BD002BBF6081AAA ] Cdr4_xp C:\Windows\system32\drivers\Cdr4_xp.sys
15:53:35.0954 5304 Cdr4_xp ( UnsignedFile.Multi.Generic ) - warning
15:53:35.0954 5304 Cdr4_xp - detected UnsignedFile.Multi.Generic (1)
15:53:36.0001 5304 [ 8822A9246C20AF99686E65710C7D6A5D ] Cdralw2k C:\Windows\system32\drivers\Cdralw2k.sys
15:53:36.0048 5304 Cdralw2k ( UnsignedFile.Multi.Generic ) - warning
15:53:36.0048 5304 Cdralw2k - detected UnsignedFile.Multi.Generic (1)
15:53:36.0173 5304 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
15:53:36.0251 5304 cdrom - ok
15:53:36.0344 5304 [ 66B9F9C62721F2347211C0C9BCCE4E98 ] cdudf_xp C:\Windows\system32\drivers\cdudf_xp.sys
15:53:36.0391 5304 cdudf_xp ( UnsignedFile.Multi.Generic ) - warning
15:53:36.0391 5304 cdudf_xp - detected UnsignedFile.Multi.Generic (1)
15:53:36.0427 5304 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
15:53:36.0536 5304 CertPropSvc - ok
15:53:36.0583 5304 [ F6A0F51706CB4B0D5B8718FF69F831BA ] Cinemsup C:\Windows\system32\drivers\Cinemsup.sys
15:53:36.0614 5304 Cinemsup ( UnsignedFile.Multi.Generic ) - warning
15:53:36.0614 5304 Cinemsup - detected UnsignedFile.Multi.Generic (1)
15:53:36.0677 5304 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
15:53:36.0739 5304 circlass - ok
15:53:36.0786 5304 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
15:53:36.0802 5304 CLFS - ok
15:53:36.0880 5304 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:53:36.0911 5304 clr_optimization_v2.0.50727_32 - ok
15:53:36.0989 5304 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:53:37.0067 5304 clr_optimization_v4.0.30319_32 - ok
15:53:37.0114 5304 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
15:53:37.0160 5304 CmBatt - ok
15:53:37.0192 5304 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
15:53:37.0238 5304 cmdide - ok
15:53:37.0332 5304 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\Windows\system32\Drivers\cng.sys
15:53:37.0394 5304 CNG - ok
15:53:37.0426 5304 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
15:53:37.0441 5304 Compbatt - ok
15:53:37.0488 5304 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
15:53:37.0535 5304 CompositeBus - ok
15:53:37.0566 5304 COMSysApp - ok
15:53:37.0597 5304 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
15:53:37.0628 5304 crcdisk - ok
15:53:37.0675 5304 [ 7CA1BECEA5DE2643ADDAD32670E7A4C9 ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:53:37.0722 5304 CryptSvc - ok
15:53:37.0784 5304 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
15:53:37.0847 5304 DcomLaunch - ok
15:53:37.0925 5304 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
15:53:38.0003 5304 defragsvc - ok
15:53:38.0050 5304 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:53:38.0143 5304 DfsC - ok
15:53:38.0221 5304 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
15:53:38.0268 5304 Dhcp - ok
15:53:38.0315 5304 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
15:53:38.0377 5304 discache - ok
15:53:38.0429 5304 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
15:53:38.0460 5304 Disk - ok
15:53:38.0476 5304 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:53:38.0507 5304 Dnscache - ok
15:53:38.0554 5304 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
15:53:38.0632 5304 dot3svc - ok
15:53:38.0663 5304 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
15:53:38.0710 5304 DPS - ok
15:53:38.0757 5304 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:53:38.0819 5304 drmkaud - ok
15:53:38.0866 5304 [ 1D5EDA9961B16B8E800639038D7492AD ] DVDVRRdr_xp C:\Windows\system32\drivers\DVDVRRdr_xp.sys
15:53:38.0928 5304 DVDVRRdr_xp ( UnsignedFile.Multi.Generic ) - warning
15:53:38.0928 5304 DVDVRRdr_xp - detected UnsignedFile.Multi.Generic (1)
15:53:38.0959 5304 [ DF112F6F01EFEDC21C9BC5CE822CE1D3 ] dvd_2K C:\Windows\system32\drivers\dvd_2K.sys
15:53:38.0991 5304 dvd_2K ( UnsignedFile.Multi.Generic ) - warning
15:53:38.0991 5304 dvd_2K - detected UnsignedFile.Multi.Generic (1)
15:53:39.0162 5304 [ 16498EBC04AE9DD07049A8884B205C05 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:53:39.0193 5304 DXGKrnl - ok
15:53:39.0225 5304 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
15:53:39.0271 5304 EapHost - ok
15:53:39.0412 5304 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
15:53:39.0521 5304 ebdrv - ok
15:53:39.0552 5304 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
15:53:39.0599 5304 EFS - ok
15:53:39.0677 5304 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:53:39.0739 5304 ehRecvr - ok
15:53:39.0771 5304 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
15:53:39.0771 5304 ehSched - ok
15:53:39.0895 5304 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
15:53:39.0927 5304 elxstor - ok
15:53:40.0005 5304 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
15:53:40.0051 5304 ErrDev - ok
15:53:40.0114 5304 [ E144747F35EB5253B34F5836BBABA653 ] ETD C:\Windows\system32\DRIVERS\ETD.sys
15:53:40.0161 5304 ETD - ok
15:53:40.0207 5304 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
15:53:40.0270 5304 EventSystem - ok
15:53:40.0395 5304 [ 76984D46B2ABAA46F8B3FCEF82C9217D ] EverestDriver C:\Program Files\Lavalys\EVEREST Home Edition\kerneld.wnt
15:53:40.0410 5304 EverestDriver ( UnsignedFile.Multi.Generic ) - warning
15:53:40.0410 5304 EverestDriver - detected UnsignedFile.Multi.Generic (1)
15:53:40.0478 5304 [ ABA5756393410EC871D803D8D1B12FCD ] ewusbnet C:\Windows\system32\DRIVERS\ewusbnet.sys
15:53:40.0509 5304 ewusbnet - ok
15:53:40.0556 5304 [ E98A64C7F106740A38FB2B78197816F8 ] ew_hwusbdev C:\Windows\system32\DRIVERS\ew_hwusbdev.sys
15:53:40.0618 5304 ew_hwusbdev - ok
15:53:40.0680 5304 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
15:53:40.0790 5304 exfat - ok
15:53:40.0805 5304 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:53:40.0852 5304 fastfat - ok
15:53:40.0914 5304 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
15:53:40.0961 5304 Fax - ok
15:53:40.0992 5304 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
15:53:41.0008 5304 fdc - ok
15:53:41.0024 5304 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
15:53:41.0055 5304 fdPHost - ok
15:53:41.0070 5304 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
15:53:41.0102 5304 FDResPub - ok
15:53:41.0133 5304 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:53:41.0148 5304 FileInfo - ok
15:53:41.0164 5304 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:53:41.0242 5304 Filetrace - ok
15:53:41.0242 5304 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
15:53:41.0273 5304 flpydisk - ok
15:53:41.0304 5304 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:53:41.0320 5304 FltMgr - ok
15:53:41.0460 5304 [ E12C4928B32ACE04610259647F072635 ] FontCache C:\Windows\system32\FntCache.dll
15:53:41.0538 5304 FontCache - ok
15:53:41.0616 5304 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
15:53:41.0648 5304 FontCache3.0.0.0 - ok
15:53:41.0679 5304 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:53:41.0726 5304 FsDepends - ok
15:53:41.0757 5304 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:53:41.0772 5304 Fs_Rec - ok
15:53:41.0819 5304 [ E306A24D9694C724FA2491278BF50FDB ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:53:41.0835 5304 fvevol - ok
15:53:41.0882 5304 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
15:53:41.0882 5304 gagp30kx - ok
15:53:41.0960 5304 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
15:53:42.0038 5304 gpsvc - ok
15:53:42.0131 5304 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
15:53:42.0162 5304 gupdate - ok
15:53:42.0178 5304 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
15:53:42.0194 5304 gupdatem - ok
15:53:42.0194 5304 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
15:53:42.0240 5304 hcw85cir - ok
15:53:42.0303 5304 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:53:42.0365 5304 HdAudAddService - ok
15:53:42.0412 5304 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
15:53:42.0448 5304 HDAudBus - ok
15:53:42.0464 5304 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
15:53:42.0479 5304 HidBatt - ok
15:53:42.0495 5304 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
15:53:42.0542 5304 HidBth - ok
15:53:42.0542 5304 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
15:53:42.0573 5304 HidIr - ok
15:53:42.0604 5304 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
15:53:42.0651 5304 hidserv - ok
15:53:42.0713 5304 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
15:53:42.0760 5304 HidUsb - ok
15:53:42.0791 5304 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:53:42.0838 5304 hkmsvc - ok
15:53:42.0885 5304 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:53:42.0963 5304 HomeGroupListener - ok
15:53:43.0010 5304 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:53:43.0088 5304 HomeGroupProvider - ok
15:53:43.0150 5304 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
15:53:43.0181 5304 HpSAMD - ok
15:53:43.0213 5304 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:53:43.0259 5304 HTTP - ok
15:53:43.0322 5304 [ BB3C8E4B88842F3A1B9C5D603210C277 ] huawei_enumerator C:\Windows\system32\DRIVERS\ew_jubusenum.sys
15:53:43.0384 5304 huawei_enumerator - ok
15:53:43.0431 5304 [ 0B3957226EC94B1ECB7B9348BB535A23 ] hwdatacard C:\Windows\system32\DRIVERS\ewusbmdm.sys
15:53:43.0493 5304 hwdatacard - ok
15:53:43.0525 5304 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:53:43.0556 5304 hwpolicy - ok
15:53:43.0556 5304 [ E98A64C7F106740A38FB2B78197816F8 ] hwusbdev C:\Windows\system32\DRIVERS\ewusbdev.sys
15:53:43.0571 5304 hwusbdev - ok
15:53:43.0618 5304 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
15:53:43.0665 5304 i8042prt - ok
15:53:43.0743 5304 [ F4F4CBC7F6C7CB940AA9F0AAF3EF1104 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
15:53:43.0790 5304 iaStor - ok
15:53:43.0821 5304 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
15:53:43.0837 5304 iaStorV - ok
15:53:43.0930 5304 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
15:53:43.0977 5304 IDriverT ( UnsignedFile.Multi.Generic ) - warning
15:53:43.0977 5304 IDriverT - detected UnsignedFile.Multi.Generic (1)
15:53:44.0055 5304 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:53:44.0102 5304 idsvc - ok
15:53:44.0907 5304 [ 40F8A0F85BCE94F766808AEEE8F96FA8 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
15:53:45.0204 5304 igfx - ok
15:53:45.0251 5304 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
15:53:45.0251 5304 iirsp - ok
15:53:45.0313 5304 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
15:53:45.0407 5304 IKEEXT - ok
15:53:45.0531 5304 [ C91A0A0095DD54B1DAA2C1A246AD613C ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
15:53:45.0594 5304 IntcAzAudAddService - ok
15:53:45.0656 5304 [ C4FA261B9B5C9822D26020949605AC43 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
15:53:45.0703 5304 IntcDAud - ok
15:53:45.0765 5304 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
15:53:45.0765 5304 intelide - ok
15:53:45.0812 5304 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
15:53:45.0875 5304 intelppm - ok
15:53:45.0906 5304 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:53:45.0984 5304 IPBusEnum - ok
15:53:45.0999 5304 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:53:46.0015 5304 IpFilterDriver - ok
15:53:46.0109 5304 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
15:53:46.0171 5304 iphlpsvc - ok
15:53:46.0202 5304 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
15:53:46.0280 5304 IPMIDRV - ok
15:53:46.0280 5304 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:53:46.0311 5304 IPNAT - ok
15:53:46.0358 5304 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:53:46.0405 5304 IRENUM - ok
15:53:46.0444 5304 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
15:53:46.0459 5304 isapnp - ok
15:53:46.0490 5304 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
15:53:46.0522 5304 iScsiPrt - ok
15:53:46.0553 5304 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
15:53:46.0568 5304 kbdclass - ok
15:53:46.0615 5304 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
15:53:46.0678 5304 kbdhid - ok
15:53:46.0693 5304 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
15:53:46.0724 5304 KeyIso - ok
15:53:46.0771 5304 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:53:46.0802 5304 KSecDD - ok
15:53:46.0834 5304 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:53:46.0849 5304 KSecPkg - ok
15:53:46.0880 5304 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
15:53:46.0943 5304 KtmRm - ok
15:53:46.0958 5304 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll
15:53:47.0005 5304 LanmanServer - ok
15:53:47.0068 5304 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:53:47.0146 5304 LanmanWorkstation - ok
15:53:47.0348 5304 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:53:47.0426 5304 lltdio - ok
15:53:47.0458 5304 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:53:47.0489 5304 lltdsvc - ok
15:53:47.0520 5304 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
15:53:47.0551 5304 lmhosts - ok
15:53:47.0832 5304 [ 2ED1786B7542CDA261029F6B526EDF44 ] LMS C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe
15:53:47.0879 5304 LMS - ok
15:53:47.0926 5304 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
15:53:47.0926 5304 LSI_FC - ok
15:53:47.0957 5304 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
15:53:47.0972 5304 LSI_SAS - ok
15:53:48.0004 5304 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:53:48.0004 5304 LSI_SAS2 - ok
15:53:48.0035 5304 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:53:48.0035 5304 LSI_SCSI - ok
15:53:48.0097 5304 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
15:53:48.0175 5304 luafv - ok
15:53:48.0222 5304 [ 4470E3C1E0C3378E4CAB137893C12C3A ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
15:53:48.0238 5304 MBAMProtector - ok
15:53:48.0300 5304 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
15:53:48.0347 5304 MBAMScheduler - ok
15:53:48.0394 5304 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
15:53:48.0409 5304 MBAMService - ok
15:53:48.0461 5304 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:53:48.0477 5304 Mcx2Svc - ok
15:53:48.0492 5304 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
15:53:48.0508 5304 megasas - ok
15:53:48.0539 5304 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
15:53:48.0555 5304 MegaSR - ok
15:53:48.0601 5304 [ D86AC00883B9C98B570E7643AAF8E554 ] MEI C:\Windows\system32\DRIVERS\HECI.sys
15:53:48.0648 5304 MEI - ok
15:53:48.0742 5304 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
15:53:48.0773 5304 Microsoft Office Groove Audit Service - ok
15:53:48.0789 5304 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
15:53:48.0867 5304 MMCSS - ok
15:53:48.0913 5304 [ A52ED33515755E825D090A47793B773F ] mmc_2K C:\Windows\system32\drivers\mmc_2K.sys
15:53:48.0945 5304 mmc_2K ( UnsignedFile.Multi.Generic ) - warning
15:53:48.0945 5304 mmc_2K - detected UnsignedFile.Multi.Generic (1)
15:53:48.0976 5304 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
15:53:49.0038 5304 Modem - ok
15:53:49.0085 5304 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:53:49.0132 5304 monitor - ok
15:53:49.0163 5304 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
15:53:49.0194 5304 mouclass - ok
15:53:49.0225 5304 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:53:49.0272 5304 mouhid - ok
15:53:49.0319 5304 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:53:49.0350 5304 mountmgr - ok
15:53:49.0381 5304 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
15:53:49.0397 5304 mpio - ok
15:53:49.0413 5304 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:53:49.0459 5304 mpsdrv - ok
15:53:49.0537 5304 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
15:53:49.0615 5304 MpsSvc - ok
15:53:49.0787 5304 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:53:49.0881 5304 MRxDAV - ok
15:53:49.0912 5304 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:53:49.0959 5304 mrxsmb - ok
15:53:49.0990 5304 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:53:50.0005 5304 mrxsmb10 - ok
15:53:50.0021 5304 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:53:50.0052 5304 mrxsmb20 - ok
15:53:50.0099 5304 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
15:53:50.0115 5304 msahci - ok
15:53:50.0286 5304 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
15:53:50.0333 5304 msdsm - ok
15:53:50.0349 5304 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
15:53:50.0395 5304 MSDTC - ok
15:53:50.0447 5304 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:53:50.0510 5304 Msfs - ok
15:53:50.0525 5304 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
15:53:50.0556 5304 mshidkmdf - ok
15:53:50.0588 5304 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
15:53:50.0603 5304 msisadrv - ok
15:53:50.0650 5304 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:53:50.0697 5304 MSiSCSI - ok
15:53:50.0697 5304 msiserver - ok
15:53:50.0728 5304 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:53:50.0759 5304 MSKSSRV - ok
15:53:50.0775 5304 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:53:50.0822 5304 MSPCLOCK - ok
15:53:50.0853 5304 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:53:50.0884 5304 MSPQM - ok
15:53:50.0915 5304 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:53:50.0931 5304 MsRPC - ok
15:53:50.0962 5304 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
15:53:50.0962 5304 mssmbios - ok
15:53:50.0993 5304 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:53:51.0024 5304 MSTEE - ok
15:53:51.0040 5304 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
15:53:51.0071 5304 MTConfig - ok
15:53:51.0102 5304 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
15:53:51.0118 5304 Mup - ok
15:53:51.0149 5304 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
15:53:51.0212 5304 napagent - ok
15:53:51.0274 5304 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:53:51.0290 5304 NativeWifiP - ok
15:53:51.0336 5304 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
15:53:51.0368 5304 NDIS - ok
15:53:51.0414 5304 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
15:53:51.0461 5304 NdisCap - ok
15:53:51.0508 5304 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:53:51.0586 5304 NdisTapi - ok
15:53:51.0633 5304 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:53:51.0680 5304 Ndisuio - ok
15:53:51.0726 5304 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:53:51.0789 5304 NdisWan - ok
15:53:51.0836 5304 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:53:51.0867 5304 NDProxy - ok
15:53:51.0914 5304 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:53:51.0992 5304 NetBIOS - ok
15:53:52.0038 5304 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
15:53:52.0101 5304 NetBT - ok
15:53:52.0132 5304 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
15:53:52.0148 5304 Netlogon - ok
15:53:52.0226 5304 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
15:53:52.0319 5304 Netman - ok
15:53:52.0366 5304 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:53:52.0382 5304 NetMsmqActivator - ok
15:53:52.0382 5304 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:53:52.0397 5304 NetPipeActivator - ok
15:53:52.0413 5304 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
15:53:52.0465 5304 netprofm - ok
15:53:52.0465 5304 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:53:52.0465 5304 NetTcpActivator - ok
15:53:52.0496 5304 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:53:52.0496 5304 NetTcpPortSharing - ok
15:53:52.0543 5304 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
15:53:52.0558 5304 nfrd960 - ok
15:53:52.0589 5304 [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\Windows\System32\nlasvc.dll
15:53:52.0621 5304 NlaSvc - ok
15:53:52.0652 5304 [ F6C40E0A565EE3CE5AEEB325E10054F2 ] nmwcd C:\Windows\system32\drivers\ccdcmb.sys
15:53:52.0714 5304 nmwcd - ok
15:53:52.0745 5304 [ 2A394E9E1FA3565E4B2FEA470FFE4D6B ] nmwcdc C:\Windows\system32\drivers\ccdcmbo.sys
15:53:52.0808 5304 nmwcdc - ok
15:53:52.0855 5304 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:53:52.0933 5304 Npfs - ok
15:53:52.0964 5304 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
15:53:53.0011 5304 nsi - ok
15:53:53.0026 5304 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:53:53.0042 5304 nsiproxy - ok
15:53:53.0089 5304 [ 5E43D2B0EE64123D4880DFA6626DEFDE ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:53:53.0120 5304 Ntfs - ok
15:53:53.0151 5304 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
15:53:53.0229 5304 Null - ok
15:53:54.0690 5304 [ BCA295401D75C874544F80EEB651AE10 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:53:54.0986 5304 nvlddmkm - ok
15:53:55.0017 5304 [ 4EEAA0F0247F64CBC9BEB3DE4D71D3FE ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys
15:53:55.0017 5304 nvpciflt - ok
15:53:55.0080 5304 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
15:53:55.0111 5304 nvraid - ok
15:53:55.0173 5304 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
15:53:55.0205 5304 nvstor - ok
15:53:55.0251 5304 [ 0FC21EF0786BEF33112F688A69F57BF0 ] NVSvc C:\Windows\system32\nvvsvc.exe
15:53:55.0298 5304 NVSvc - ok
15:53:55.0610 5304 [ B4C03927FBE0CFBD6D8FA0FBEA7F9879 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
15:53:55.0657 5304 nvUpdatusService - ok
15:53:55.0688 5304 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
15:53:55.0704 5304 nv_agp - ok
15:53:55.0875 5304 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
15:53:55.0922 5304 odserv - ok
15:53:55.0969 5304 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
15:53:56.0016 5304 ohci1394 - ok
15:53:56.0063 5304 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:53:56.0078 5304 ose - ok
15:53:56.0141 5304 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
15:53:56.0187 5304 p2pimsvc - ok
15:53:56.0234 5304 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
15:53:56.0250 5304 p2psvc - ok
15:53:56.0265 5304 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
15:53:56.0281 5304 Parport - ok
15:53:56.0312 5304 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:53:56.0328 5304 partmgr - ok
15:53:56.0343 5304 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
15:53:56.0359 5304 Parvdm - ok
15:53:56.0375 5304 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
15:53:56.0390 5304 PcaSvc - ok
15:53:56.0437 5304 [ F451DCACBAA67F3307305EBD4A39EA07 ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfd.sys
15:53:56.0458 5304 pccsmcfd - ok
15:53:56.0489 5304 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
15:53:56.0504 5304 pci - ok
15:53:56.0536 5304 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
15:53:56.0551 5304 pciide - ok
15:53:56.0567 5304 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
15:53:56.0582 5304 pcmcia - ok
15:53:56.0629 5304 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
15:53:56.0660 5304 pcw - ok
15:53:56.0692 5304 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:53:56.0738 5304 PEAUTH - ok
15:53:56.0832 5304 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
15:53:56.0894 5304 pla - ok
15:53:56.0941 5304 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:53:57.0004 5304 PlugPlay - ok
15:53:57.0035 5304 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:53:57.0082 5304 PNRPAutoReg - ok
15:53:57.0113 5304 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:53:57.0144 5304 PNRPsvc - ok
15:53:57.0175 5304 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:53:57.0206 5304 PolicyAgent - ok
15:53:57.0253 5304 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
15:53:57.0331 5304 Power - ok
15:53:57.0378 5304 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:53:57.0472 5304 PptpMiniport - ok
15:53:57.0503 5304 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
15:53:57.0534 5304 Processor - ok
15:53:57.0596 5304 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
15:53:57.0643 5304 ProfSvc - ok
15:53:57.0674 5304 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:53:57.0690 5304 ProtectedStorage - ok
15:53:57.0737 5304 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:53:57.0784 5304 Psched - ok
15:53:57.0830 5304 [ 62D29677F6A7F018C5D49119CEA67DE5 ] pwd_2k C:\Windows\system32\drivers\pwd_2k.sys
15:53:57.0846 5304 pwd_2k ( UnsignedFile.Multi.Generic ) - warning
15:53:57.0846 5304 pwd_2k - detected UnsignedFile.Multi.Generic (1)
15:53:57.0893 5304 [ 183EF96BCC2EC3D5294CB2C2C0ECBCD1 ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
15:53:57.0924 5304 PxHelp20 ( UnsignedFile.Multi.Generic ) - warning
15:53:57.0924 5304 PxHelp20 - detected UnsignedFile.Multi.Generic (1)
15:53:57.0986 5304 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
15:53:58.0033 5304 ql2300 - ok
15:53:58.0049 5304 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
15:53:58.0064 5304 ql40xx - ok
15:53:58.0111 5304 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
15:53:58.0189 5304 QWAVE - ok
15:53:58.0220 5304 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:53:58.0236 5304 QWAVEdrv - ok
15:53:58.0252 5304 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:53:58.0314 5304 RasAcd - ok
15:53:58.0361 5304 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:53:58.0408 5304 RasAgileVpn - ok
15:53:58.0423 5304 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
15:53:58.0459 5304 RasAuto - ok
15:53:58.0491 5304 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:53:58.0553 5304 Rasl2tp - ok
15:53:58.0615 5304 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
15:53:58.0709 5304 RasMan - ok
15:53:58.0725 5304 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:53:58.0771 5304 RasPppoe - ok
15:53:58.0818 5304 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:53:58.0865 5304 RasSstp - ok
15:53:58.0896 5304 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:53:58.0927 5304 rdbss - ok
15:53:58.0990 5304 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
15:53:59.0021 5304 rdpbus - ok
15:53:59.0052 5304 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:53:59.0130 5304 RDPCDD - ok
15:53:59.0193 5304 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:53:59.0239 5304 RDPENCDD - ok
15:53:59.0255 5304 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
15:53:59.0286 5304 RDPREFMP - ok
15:53:59.0349 5304 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:53:59.0411 5304 RDPWD - ok
15:53:59.0473 5304 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:53:59.0505 5304 rdyboost - ok
15:53:59.0551 5304 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
15:53:59.0629 5304 RemoteAccess - ok
15:53:59.0676 5304 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:53:59.0770 5304 RemoteRegistry - ok
15:53:59.0832 5304 [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
15:53:59.0863 5304 RFCOMM - ok
15:53:59.0910 5304 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:53:59.0973 5304 RpcEptMapper - ok
15:54:00.0019 5304 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
15:54:00.0082 5304 RpcLocator - ok
15:54:00.0160 5304 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
15:54:00.0207 5304 RpcSs - ok
15:54:00.0253 5304 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:54:00.0347 5304 rspndr - ok
15:54:00.0441 5304 [ 274B4042A72BFE0E0CF9DCD57FDF94F9 ] RTL8167 C:\Windows\system32\DRIVERS\Rt86win7.sys
15:54:00.0482 5304 RTL8167 - ok
15:54:00.0513 5304 [ 6E5FBB7CBAEC47038B945D5E9B144A64 ] SABI C:\Windows\system32\Drivers\SABI.sys
15:54:00.0529 5304 SABI - ok
15:54:00.0544 5304 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
15:54:00.0560 5304 SamSs - ok
15:54:00.0607 5304 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:54:00.0622 5304 sbp2port - ok
15:54:00.0653 5304 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:54:00.0700 5304 SCardSvr - ok
15:54:00.0731 5304 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:54:00.0778 5304 scfilter - ok
15:54:00.0887 5304 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
15:54:00.0965 5304 Schedule - ok
15:54:01.0012 5304 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
15:54:01.0059 5304 SCPolicySvc - ok
15:54:01.0106 5304 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:54:01.0199 5304 SDRSVC - ok
15:54:01.0309 5304 [ 206387AB881E93A1A6EB89966C8651F1 ] SDScannerService C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
15:54:01.0340 5304 SDScannerService - ok
15:54:01.0433 5304 [ A529CFE32565C0B145578FFB2B32C9A5 ] SDUpdateService C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
15:54:01.0480 5304 SDUpdateService - ok
15:54:01.0527 5304 [ CB63BDB77BB86549FC3303C2F11EDC18 ] SDWSCService C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
15:54:01.0558 5304 SDWSCService - ok
15:54:01.0621 5304 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:54:01.0730 5304 secdrv - ok
15:54:01.0745 5304 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
15:54:01.0823 5304 seclogon - ok
15:54:01.0855 5304 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
15:54:01.0901 5304 SENS - ok
15:54:01.0933 5304 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:54:01.0948 5304 SensrSvc - ok
15:54:01.0995 5304 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
15:54:02.0011 5304 Serenum - ok
15:54:02.0026 5304 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
15:54:02.0042 5304 Serial - ok
15:54:02.0104 5304 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
15:54:02.0151 5304 sermouse - ok
15:54:02.0229 5304 [ C3BB6CF8F9EE199005A2AAE2815AD756 ] ServiceLayer C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
15:54:02.0276 5304 ServiceLayer - ok
15:54:02.0338 5304 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
15:54:02.0432 5304 SessionEnv - ok
15:54:02.0468 5304 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
15:54:02.0530 5304 sffdisk - ok
15:54:02.0546 5304 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
15:54:02.0608 5304 sffp_mmc - ok
15:54:02.0640 5304 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
15:54:02.0686 5304 sffp_sd - ok
15:54:02.0733 5304 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
15:54:02.0780 5304 sfloppy - ok
15:54:02.0842 5304 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
15:54:02.0889 5304 SharedAccess - ok
15:54:02.0967 5304 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:54:03.0061 5304 ShellHWDetection - ok
15:54:03.0108 5304 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
15:54:03.0123 5304 sisagp - ok
15:54:03.0170 5304 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:54:03.0186 5304 SiSRaid2 - ok
15:54:03.0201 5304 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
15:54:03.0217 5304 SiSRaid4 - ok
15:54:03.0248 5304 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:54:03.0295 5304 Smb - ok
15:54:03.0342 5304 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:54:03.0357 5304 SNMPTRAP - ok
15:54:03.0373 5304 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
15:54:03.0373 5304 spldr - ok
15:54:03.0420 5304 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
15:54:03.0482 5304 Spooler - ok
15:54:03.0576 5304 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
15:54:03.0669 5304 sppsvc - ok
15:54:03.0732 5304 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
15:54:03.0810 5304 sppuinotify - ok
15:54:03.0903 5304 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
15:54:03.0950 5304 srv - ok
15:54:03.0981 5304 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:54:04.0012 5304 srv2 - ok
15:54:04.0044 5304 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:54:04.0090 5304 srvnet - ok
15:54:04.0122 5304 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:54:04.0168 5304 SSDPSRV - ok
15:54:04.0231 5304 [ EF3458337D7341A05169CEFC73709264 ] SSPORT C:\Windows\system32\Drivers\SSPORT.sys
15:54:04.0246 5304 SSPORT ( UnsignedFile.Multi.Generic ) - warning
15:54:04.0246 5304 SSPORT - detected UnsignedFile.Multi.Generic (1)
15:54:04.0262 5304 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:54:04.0293 5304 SstpSvc - ok
15:54:04.0356 5304 [ 9E1380328C39D661E085B24D6A6E044E ] Steam Client Service C:\Program Files\Common Files\Steam\SteamService.exe
15:54:04.0402 5304 Steam Client Service - ok
15:54:04.0434 5304 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
15:54:04.0449 5304 stexstor - ok
15:54:04.0501 5304 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
15:54:04.0563 5304 StiSvc - ok
15:54:04.0610 5304 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
15:54:04.0626 5304 swenum - ok
15:54:04.0688 5304 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
15:54:04.0782 5304 swprv - ok
15:54:05.0000 5304 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
15:54:05.0094 5304 SysMain - ok
15:54:05.0125 5304 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:54:05.0156 5304 TabletInputService - ok
15:54:05.0219 5304 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
15:54:05.0265 5304 TapiSrv - ok
15:54:05.0297 5304 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
15:54:05.0343 5304 TBS - ok
15:54:05.0437 5304 [ 4E8B9BE71B807B3BAEDB7F4243F85E3C ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:54:05.0484 5304 Tcpip - ok
15:54:05.0515 5304 [ 4E8B9BE71B807B3BAEDB7F4243F85E3C ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:54:05.0546 5304 TCPIP6 - ok
15:54:05.0577 5304 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:54:05.0593 5304 tcpipreg - ok
15:54:05.0624 5304 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:54:05.0702 5304 TDPIPE - ok
15:54:05.0749 5304 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:54:05.0796 5304 TDTCP - ok
15:54:05.0827 5304 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:54:05.0905 5304 tdx - ok
15:54:05.0936 5304 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
15:54:05.0952 5304 TermDD - ok
15:54:06.0030 5304 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
15:54:06.0155 5304 TermService - ok
15:54:06.0186 5304 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
15:54:06.0201 5304 Themes - ok
15:54:06.0201 5304 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
15:54:06.0233 5304 THREADORDER - ok
15:54:06.0264 5304 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
15:54:06.0311 5304 TrkWks - ok
15:54:06.0389 5304 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:54:06.0477 5304 TrustedInstaller - ok
15:54:06.0523 5304 [ B37B08F2E5EEB1A37E448E09BACE1101 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:54:06.0586 5304 tssecsrv - ok
15:54:06.0633 5304 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
15:54:06.0695 5304 TsUsbFlt - ok
15:54:06.0742 5304 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:54:06.0804 5304 tunnel - ok
15:54:06.0851 5304 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
15:54:06.0867 5304 uagp35 - ok
15:54:06.0898 5304 [ FD0B16F8828F360390135031D8924CCD ] UDFReadr C:\Windows\system32\drivers\UDFReadr.sys
15:54:06.0913 5304 UDFReadr ( UnsignedFile.Multi.Generic ) - warning
15:54:06.0913 5304 UDFReadr - detected UnsignedFile.Multi.Generic (1)
15:54:06.0960 5304 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:54:07.0038 5304 udfs - ok
15:54:07.0116 5304 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:54:07.0179 5304 UI0Detect - ok
15:54:07.0210 5304 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
15:54:07.0210 5304 uliagpkx - ok
15:54:07.0257 5304 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\drivers\umbus.sys
15:54:07.0272 5304 umbus - ok
15:54:07.0319 5304 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
15:54:07.0366 5304 UmPass - ok
15:54:07.0647 5304 [ 7E5E1603D0FF2D240AE70295C5C3FEFC ] UNS C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe
15:54:07.0725 5304 UNS - ok
15:54:07.0771 5304 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
15:54:07.0849 5304 upnphost - ok
15:54:07.0896 5304 [ 47F5F9D837D80FFD5882A14DB9DA0A67 ] upperdev C:\Windows\system32\DRIVERS\usbser_lowerflt.sys
15:54:07.0927 5304 upperdev - ok
15:54:07.0974 5304 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:54:08.0005 5304 usbccgp - ok
15:54:12.0368 5304 [ 1422FBD02089697004DF8F16794E3A2D ] usbcir C:\Windows\system32\drivers\usbcir.sys
15:55:13.0095 5304 Suspicious file (NoAccess): C:\Windows\system32\drivers\usbcir.sys. md5: 1422FBD02089697004DF8F16794E3A2D
15:55:13.0095 5304 usbcir ( LockedFile.Multi.Generic ) - warning
15:55:13.0095 5304 usbcir - detected LockedFile.Multi.Generic (1)
15:55:13.0126 5304 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\drivers\usbehci.sys
15:55:13.0157 5304 usbehci - ok
15:55:13.0235 5304 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:55:13.0297 5304 usbhub - ok
15:55:13.0329 5304 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\drivers\usbohci.sys
15:55:13.0360 5304 usbohci - ok
15:55:13.0407 5304 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
15:55:13.0438 5304 usbprint - ok
15:55:13.0469 5304 [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
15:55:13.0516 5304 usbscan - ok
15:55:13.0563 5304 [ 31181DE6190B39FC8007DFFD1A48FFD6 ] usbser C:\Windows\system32\drivers\usbser.sys
15:55:13.0594 5304 usbser - ok
15:55:13.0625 5304 [ E44F0D17BE0908B58DCC99CCB99C6C32 ] UsbserFilt C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys
15:55:13.0672 5304 UsbserFilt - ok
15:55:13.0703 5304 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:55:13.0765 5304 USBSTOR - ok
15:55:13.0812 5304 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
15:55:13.0859 5304 usbuhci - ok
15:55:13.0906 5304 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
15:55:13.0968 5304 usbvideo - ok
15:55:14.0015 5304 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
15:55:14.0062 5304 UxSms - ok
15:55:14.0077 5304 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
15:55:14.0093 5304 VaultSvc - ok
15:55:14.0140 5304 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
15:55:14.0140 5304 vdrvroot - ok
15:55:14.0202 5304 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
15:55:14.0311 5304 vds - ok
15:55:14.0358 5304 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:55:14.0389 5304 vga - ok
15:55:14.0405 5304 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
15:55:14.0436 5304 VgaSave - ok
15:55:14.0514 5304 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
15:55:14.0550 5304 vhdmp - ok
15:55:14.0566 5304 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
15:55:14.0582 5304 viaagp - ok
15:55:14.0613 5304 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
15:55:14.0644 5304 ViaC7 - ok
15:55:14.0691 5304 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
15:55:14.0706 5304 viaide - ok
15:55:14.0738 5304 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
15:55:14.0738 5304 volmgr - ok
15:55:14.0753 5304 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:55:14.0769 5304 volmgrx - ok
15:55:14.0800 5304 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
15:55:14.0831 5304 volsnap - ok
15:55:14.0862 5304 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
15:55:14.0878 5304 vsmraid - ok
15:55:15.0065 5304 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
15:55:15.0174 5304 VSS - ok
15:55:15.0237 5304 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
15:55:15.0315 5304 vwifibus - ok
15:55:15.0362 5304 [ 632F1B4B573B19CE0C80DF8432D1F65D ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
15:55:15.0377 5304 vwififlt - ok
15:55:15.0408 5304 [ 30B788B9B23EB05D306D2A20B8425BFC ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
15:55:15.0424 5304 vwifimp - ok
15:55:15.0471 5304 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
15:55:15.0564 5304 W32Time - ok
15:55:15.0596 5304 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
15:55:15.0611 5304 WacomPen - ok
15:55:15.0658 5304 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
15:55:15.0720 5304 WANARP - ok
15:55:15.0736 5304 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:55:15.0752 5304 Wanarpv6 - ok
15:55:15.0798 5304 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
15:55:15.0845 5304 wbengine - ok
15:55:15.0892 5304 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:55:15.0970 5304 WbioSrvc - ok
15:55:16.0017 5304 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:55:16.0079 5304 wcncsvc - ok
15:55:16.0126 5304 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:55:16.0173 5304 WcsPlugInService - ok
15:55:16.0188 5304 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
15:55:16.0204 5304 Wd - ok
15:55:16.0251 5304 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:55:16.0266 5304 Wdf01000 - ok
15:55:16.0282 5304 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:55:16.0313 5304 WdiServiceHost - ok
15:55:16.0313 5304 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:55:16.0329 5304 WdiSystemHost - ok
15:55:16.0407 5304 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
15:55:16.0454 5304 WebClient - ok
15:55:16.0500 5304 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:55:16.0552 5304 Wecsvc - ok
15:55:16.0568 5304 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:55:16.0599 5304 wercplsupport - ok
15:55:16.0646 5304 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
15:55:16.0739 5304 WerSvc - ok
15:55:16.0802 5304 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
15:55:16.0849 5304 WfpLwf - ok
15:55:16.0864 5304 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:55:16.0864 5304 WIMMount - ok
15:55:17.0036 5304 [ 082CF481F659FAE0DE51AD060881EB47 ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
15:55:17.0114 5304 WinDefend - ok
15:55:17.0145 5304 WinHttpAutoProxySvc - ok
15:55:17.0254 5304 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:55:17.0270 5304 Winmgmt - ok
15:55:17.0473 5304 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
15:55:17.0566 5304 WinRM - ok
15:55:17.0644 5304 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
15:55:17.0707 5304 WinUsb - ok
15:55:17.0863 5304 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
15:55:17.0925 5304 Wlansvc - ok
15:55:17.0956 5304 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
15:55:18.0019 5304 WmiAcpi - ok
15:55:18.0097 5304 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:55:18.0128 5304 wmiApSrv - ok
15:55:18.0206 5304 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
15:55:18.0253 5304 WMPNetworkSvc - ok
15:55:18.0299 5304 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:55:18.0362 5304 WPCSvc - ok
15:55:18.0409 5304 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:55:18.0455 5304 WPDBusEnum - ok
15:55:18.0502 5304 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:55:18.0575 5304 ws2ifsl - ok
15:55:18.0590 5304 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\System32\wscsvc.dll
15:55:18.0621 5304 wscsvc - ok
15:55:18.0621 5304 WSearch - ok
15:55:18.0715 5304 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
15:55:18.0777 5304 wuauserv - ok
15:55:18.0824 5304 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:55:18.0824 5304 WudfPf - ok
15:55:18.0887 5304 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:55:18.0949 5304 WUDFRd - ok
15:55:18.0996 5304 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:55:19.0058 5304 wudfsvc - ok
15:55:19.0121 5304 [ 3C5E51C05BE9B56EAFF4E388C3AB25E4 ] WwanSvc C:\Windows\System32\wwansvc.dll
15:55:19.0199 5304 WwanSvc - ok
15:55:19.0261 5304 ================ Scan global ===============================
15:55:19.0292 5304 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
15:55:19.0339 5304 [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
15:55:19.0355 5304 [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
15:55:19.0386 5304 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
15:55:19.0433 5304 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
15:55:19.0433 5304 [Global] - ok
15:55:19.0433 5304 ================ Scan MBR ==================================
15:55:19.0448 5304 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:55:20.0181 5304 \Device\Harddisk0\DR0 - ok
15:55:20.0181 5304 ================ Scan VBR ==================================
15:55:20.0213 5304 [ 65C8385F836BD690AEE85374F4694D50 ] \Device\Harddisk0\DR0\Partition1
15:55:20.0213 5304 \Device\Harddisk0\DR0\Partition1 - ok
15:55:20.0228 5304 [ 1441C7D94D36682BEC64AAAE50B68F73 ] \Device\Harddisk0\DR0\Partition2
15:55:20.0275 5304 \Device\Harddisk0\DR0\Partition2 - ok
15:55:20.0291 5304 ============================================================
15:55:20.0291 5304 Scan finished
15:55:20.0291 5304 ============================================================
15:55:20.0306 5292 Detected object count: 15
15:55:20.0306 5292 Actual detected object count: 15
15:57:18.0596 5292 Autorun CDROM Monitor ( UnsignedFile.Multi.Generic ) - skipped by user
15:57:18.0596 5292 Autorun CDROM Monitor ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:57:18.0596 5292 Cdr4_xp ( UnsignedFile.Multi.Generic ) - skipped by user
15:57:18.0596 5292 Cdr4_xp ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:57:18.0596 5292 Cdralw2k ( UnsignedFile.Multi.Generic ) - skipped by user
15:57:18.0596 5292 Cdralw2k ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:57:18.0596 5292 cdudf_xp ( UnsignedFile.Multi.Generic ) - skipped by user
15:57:18.0596 5292 cdudf_xp ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:57:18.0596 5292 Cinemsup ( UnsignedFile.Multi.Generic ) - skipped by user
15:57:18.0596 5292 Cinemsup ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:57:18.0596 5292 DVDVRRdr_xp ( UnsignedFile.Multi.Generic ) - skipped by user
15:57:18.0596 5292 DVDVRRdr_xp ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:57:18.0612 5292 dvd_2K ( UnsignedFile.Multi.Generic ) - skipped by user
15:57:18.0612 5292 dvd_2K ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:57:18.0612 5292 EverestDriver ( UnsignedFile.Multi.Generic ) - skipped by user
15:57:18.0612 5292 EverestDriver ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:57:18.0612 5292 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
15:57:18.0612 5292 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:57:18.0612 5292 mmc_2K ( UnsignedFile.Multi.Generic ) - skipped by user
15:57:18.0612 5292 mmc_2K ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:57:18.0612 5292 pwd_2k ( UnsignedFile.Multi.Generic ) - skipped by user
15:57:18.0612 5292 pwd_2k ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:57:18.0612 5292 PxHelp20 ( UnsignedFile.Multi.Generic ) - skipped by user
15:57:18.0612 5292 PxHelp20 ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:57:18.0612 5292 SSPORT ( UnsignedFile.Multi.Generic ) - skipped by user
15:57:18.0612 5292 SSPORT ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:57:18.0612 5292 UDFReadr ( UnsignedFile.Multi.Generic ) - skipped by user
15:57:18.0612 5292 UDFReadr ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:57:18.0612 5292 usbcir ( LockedFile.Multi.Generic ) - skipped by user
15:57:18.0612 5292 usbcir ( LockedFile.Multi.Generic ) - User select action: Skip



#4 monkeyd_ace

monkeyd_ace
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Local time:06:42 PM

Posted 27 August 2013 - 03:05 AM

For AdwCleaner

 

# AdwCleaner v3.001 - Report created 27/08/2013 at 16:02:15
# Updated 24/08/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : anton - ADY-PC
# Running from : C:\Users\anton\Desktop\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****

Service Found : Application Updater
Service Found : BrowserDefendert

***** [ Files / Folders ] *****

File Found : C:\Users\Ady\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data
File Found : C:\Users\Ady\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences
File Found : C:\Users\Ady\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage
File Found : C:\Users\Ady\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage-journal
File Found : C:\Users\anton\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data
File Found : C:\Users\anton\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences
File Found : C:\Users\anton\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage
File Found : C:\Users\anton\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage-journal
File Found : C:\Users\anton\AppData\Local\Temp\Uninstall.exe
File Found : C:\Users\Public\Desktop\YourFile Downloader.lnk
File Found : C:\Windows\system32\roboot.exe
File Found : C:\Windows\System32\Tasks\BrowserDefendert
File Found : C:\Windows\System32\Tasks\EPUpdater
Folder Found : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofaekbahncacnjgelnfjcjoelcglkhkj
Folder Found : C:\Users\Ady\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Folder Found : C:\Users\Ady\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Folder Found : C:\Users\Ady\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Folder Found : C:\Users\Ady\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Folder Found : C:\Users\Ady\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Folder Found : C:\Users\Ady\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Folder Found : C:\Users\Ady\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Folder Found : C:\Users\Ady\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofaekbahncacnjgelnfjcjoelcglkhkj
Folder Found : C:\Users\anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Folder Found : C:\Users\anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Folder Found : C:\Users\anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Folder Found : C:\Users\anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Folder Found : C:\Users\anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Folder Found : C:\Users\anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Folder Found : C:\Users\anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Folder Found : C:\Users\anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Folder Found : C:\Users\anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpepfkjapeclaafmhoelccknpfedainn
Folder Found C:\Program Files\Application Updater
Folder Found C:\Program Files\blekko
Folder Found C:\Program Files\Common Files\spigot
Folder Found C:\Program Files\Conduit
Folder Found C:\Program Files\delta
Folder Found C:\Program Files\Industriya
Folder Found C:\Program Files\mixidj
Folder Found C:\Program Files\MocaFlix
Folder Found C:\Program Files\RegClean Pro
Folder Found C:\Program Files\SaveAs
Folder Found C:\Program Files\SaveAs
Folder Found C:\Program Files\uTorrentControl_v2
Folder Found C:\ProgramData\Babylon
Folder Found C:\ProgramData\blekko toolbars
Folder Found C:\ProgramData\BrowserDefender
Folder Found C:\ProgramData\BrowserProtect
Folder Found C:\ProgramData\InstallMate
Folder Found C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SaveAs
Folder Found C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SaveAs
Folder Found C:\ProgramData\Premium
Folder Found C:\ProgramData\SaveAs
Folder Found C:\ProgramData\SaveAs
Folder Found C:\Users\Admin\AppData\LocalLow\blekko
Folder Found C:\Users\Admin\AppData\LocalLow\Conduit
Folder Found C:\Users\Admin\AppData\LocalLow\Industriya
Folder Found C:\Users\Admin\AppData\LocalLow\mixidj
Folder Found C:\Users\Admin\AppData\LocalLow\Search Settings
Folder Found C:\Users\Admin\AppData\LocalLow\uTorrentControl_v2
Folder Found C:\Users\Ady\AppData\Local\Temp\BabylonToolbar
Folder Found C:\Users\Ady\AppData\LocalLow\blekko
Folder Found C:\Users\Ady\AppData\LocalLow\Conduit
Folder Found C:\Users\Ady\AppData\LocalLow\SaveAs
Folder Found C:\Users\Ady\AppData\LocalLow\SaveAs
Folder Found C:\Users\Ady\AppData\Roaming\yourfiledownloader
Folder Found C:\Users\anton\AppData\Local\Conduit
Folder Found C:\Users\anton\AppData\Local\cre
Folder Found C:\Users\anton\AppData\LocalLow\blekko
Folder Found C:\Users\anton\AppData\LocalLow\Conduit
Folder Found C:\Users\anton\AppData\LocalLow\Industriya
Folder Found C:\Users\anton\AppData\LocalLow\PriceGong
Folder Found C:\Users\anton\AppData\LocalLow\SaveAs
Folder Found C:\Users\anton\AppData\LocalLow\SaveAs
Folder Found C:\Users\anton\AppData\LocalLow\Search Settings
Folder Found C:\Users\anton\AppData\LocalLow\uTorrentControl_v2
Folder Found C:\Users\anton\AppData\Roaming\Industriya
Folder Found C:\Users\anton\AppData\Roaming\mixidj
Folder Found C:\Users\anton\AppData\Roaming\OpenCandy
Folder Found C:\Users\anton\AppData\Roaming\Systweak
Folder Found C:\Users\anton\Desktop\Save

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\5e53db8ce668ea48
Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Found : HKCU\Software\AppDataLow\Software\PriceGong
Key Found : HKCU\Software\AppDataLow\Software\Search Settings
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\AppDataLow\Software\uTorrentControl_v2
Key Found : HKCU\Software\AppDataLow\SProtector
Key Found : HKCU\Software\AppDataLow\Toolbar
Key Found : HKCU\Software\BabSolution
Key Found : HKCU\Software\blekko
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\DataMngr
Key Found : HKCU\Software\DataMngr_Toolbar
Key Found : HKCU\Software\Delta
Key Found : HKCU\Software\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Key Found : HKCU\Software\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Key Found : HKCU\Software\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Key Found : HKCU\Software\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Key Found : HKCU\Software\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Key Found : HKCU\Software\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Key Found : HKCU\Software\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1ACB5ABE-4890-4747-952C-F13BDB93FB75}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BAE35237-8D73-44D0-905C-8A95EA1E7E69}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EECF410C-006C-4A05-AD13-6741A0814DBF}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1ACB5ABE-4890-4747-952C-F13BDB93FB75}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BAE35237-8D73-44D0-905C-8A95EA1E7E69}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EECF410C-006C-4A05-AD13-6741A0814DBF}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com
Key Found : HKCU\Software\mixidj
Key Found : HKCU\Software\Search Settings
Key Found : HKCU\Software\StartSearch
Key Found : HKCU\Software\systweak
Key Found : HKLM\SOFTWARE\5e53db8ce668ea48
Key Found : HKLM\Software\Application Updater
Key Found : HKLM\Software\Babylon
Key Found : HKLM\Software\blekko
Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKLM\SOFTWARE\Classes\AppID\{1005247F-A178-490A-8DC3-6BAF09EA427B}
Key Found : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Found : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Found : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Classes\AppID\{ED90EC38-E71B-4C05-8FC1-DE46D5E692F5}
Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1ACB5ABE-4890-4747-952C-F13BDB93FB75}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{441DDAAE-EE81-4DFF-B523-11D1A9134C3E}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4D6A9BBF-402C-4301-B1EF-28D04F71D761}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{537F4F0B-3542-4C7D-A3E5-CF121482696C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{709CA6FC-5747-4C3C-A4B0-064AC86415ED}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B25AEDC4-8086-41E3-8349-328223FA9FCB}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{BAE35237-8D73-44D0-905C-8A95EA1E7E69}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C2C8A5A6-1DFC-4ED1-A4DC-90EEC596AADC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CA9B9C89-4662-4ADC-9C23-A452BECD5D19}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E6026FA7-B9E5-4265-B22E-8EC40169C83D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{EECF410C-006C-4A05-AD13-6741A0814DBF}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Found : HKLM\SOFTWARE\Classes\esrv.spamfreesearchESrvc
Key Found : HKLM\SOFTWARE\Classes\esrv.spamfreesearchESrvc.1
Key Found : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Key Found : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Key Found : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Key Found : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Key Found : HKLM\SOFTWARE\Classes\mixidj.mixidjappCore
Key Found : HKLM\SOFTWARE\Classes\mixidj.mixidjappCore.1
Key Found : HKLM\SOFTWARE\Classes\mixidj.mixidjdskBnd
Key Found : HKLM\SOFTWARE\Classes\mixidj.mixidjdskBnd.1
Key Found : HKLM\SOFTWARE\Classes\mixidj.mixidjHlpr
Key Found : HKLM\SOFTWARE\Classes\mixidj.mixidjHlpr.1
Key Found : HKLM\SOFTWARE\Classes\privitize.privitizeHlpr
Key Found : HKLM\SOFTWARE\Classes\privitize.privitizeHlpr.1
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\S
Key Found : HKLM\SOFTWARE\Classes\spamfreesearch.dskBnd
Key Found : HKLM\SOFTWARE\Classes\spamfreesearch.dskBnd.1
Key Found : HKLM\SOFTWARE\Classes\spamfreesearch.Hlpr
Key Found : HKLM\SOFTWARE\Classes\spamfreesearch.Hlpr.1
Key Found : HKLM\SOFTWARE\Classes\spamfreesearch.spamfreesearchappCore
Key Found : HKLM\SOFTWARE\Classes\spamfreesearch.spamfreesearchappCore.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{BA93826B-8DCE-40C3-9E31-07E449C0A979}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{ED90EC38-E71B-4C05-8FC1-DE46D5E692F5}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\DataMngr
Key Found : HKLM\Software\Delta
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\boipimhfjpakfgckhbljjengakjhkcbp
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\kpepfkjapeclaafmhoelccknpfedainn
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ofaekbahncacnjgelnfjcjoelcglkhkj
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{07732467-942B-400C-BD5D-2E80D37D6612}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{544586E0-1B1F-4245-8930-86472D93928F}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C4729755-E1F9-48E4-BD9F-5B4D0202C16A}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\blekko_1311013_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\blekko_1311013_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\BrowserDefendert
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\EPUpdater
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\BrowserDefendert
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\EPUpdater
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BrowserDefendert
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EPUpdater
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1ACB5ABE-4890-4747-952C-F13BDB93FB75}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D6A9BBF-402C-4301-B1EF-28D04F71D761}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BAE35237-8D73-44D0-905C-8A95EA1E7E69}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{537F4F0B-3542-4C7D-A3E5-CF121482696C}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\mixidj
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_56ec1d15
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_9d366ef6
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\spamfreesearch
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentControl_v2 Toolbar
Key Found : HKLM\Software\mixidj
Key Found : HKLM\Software\PIP
Key Found : HKLM\Software\Search Settings
Key Found : HKLM\Software\SP Global
Key Found : HKLM\Software\SProtector
Key Found : HKLM\Software\uTorrentControl_v2
Key Found : HKLM\Software\YourFileDownloader
Value Found : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Value Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{F3FEE66E-E034-436A-86E4-9690573BEE8A}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{CA9B9C89-4662-4ADC-9C23-A452BECD5D19}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EECF410C-006C-4A05-AD13-6741A0814DBF}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{F3FEE66E-E034-436A-86E4-9690573BEE8A}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SearchSettings]

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16660

Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://mixidj.delta-search.com/?babsrc=HP_ss&mntrId=5E5E90A4DE41BBF3&affID=121128&tsp=4966

-\\ Google Chrome v29.0.1547.57

[ File : C:\Users\Ady\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Found : homepage
Found : homepage

[ File : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\anton\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Found : homepage
Found : search_url
Found : keyword
Found : urls_to_restore_on_startup

*************************

AdwCleaner[R0].txt - [20075 octets] - [27/08/2013 16:02:15]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [20136 octets] ##########



#5 monkeyd_ace

monkeyd_ace
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Local time:06:42 PM

Posted 27 August 2013 - 03:08 AM

Farbar

 

 

Farbar Service Scanner Version: 18-08-2013
Ran by anton (administrator) on 27-08-2013 at 16:07:12
Running from "C:\Users\anton\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcore.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys
[2013-08-15 02:34] - [2013-07-06 13:05] - 1293760 ____A (Microsoft Corporation) 4E8B9BE71B807B3BAEDB7F4243F85E3C

C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll
[2013-08-15 02:34] - [2013-07-09 12:46] - 0140288 ____A (Microsoft Corporation) 7CA1BECEA5DE2643ADDAD32670E7A4C9

C:\Program Files\Windows Defender\MpSvc.dll
[2013-07-28 17:47] - [2013-05-27 12:57] - 0680960 ____A (Microsoft Corporation) 082CF481F659FAE0DE51AD060881EB47

C:\Windows\system32\ipnathlp.dll => MD5 is legit
C:\Windows\system32\iphlpsvc.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****



#6 monkeyd_ace

monkeyd_ace
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Local time:06:42 PM

Posted 27 August 2013 - 03:12 AM

MiniToolBox by Farbar Version: 13-07-2013
Ran by anton (administrator) on 27-08-2013 at 16:10:42
Running from "C:\Users\anton\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================



========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection (Connected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)
Broadcom 802.11n Network Adapter = Wireless Network Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
set subinterface interface=?+. subinterface=ethernet_6 mtu=1477


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Ady-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 90-A4-DE-41-BB-F3
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : E8-11-32-58-33-20
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::41f:d189:3f13:71e1%14(Preferred)
IPv4 Address. . . . . . . . . . . : 10.12.62.35(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.224.0
Lease Obtained. . . . . . . . . . : Tuesday, August 27, 2013 3:43:14 PM
Lease Expires . . . . . . . . . . : Tuesday, August 27, 2013 10:03:14 PM
Default Gateway . . . . . . . . . : 10.12.32.1
DHCP Server . . . . . . . . . . . : 172.31.1.9
DHCPv6 IAID . . . . . . . . . . . : 417861938
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-38-6E-66-90-A4-DE-41-BB-F3
DNS Servers . . . . . . . . . . . : 114.108.193.201
114.108.195.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Wireless LAN adapter Wireless Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom 802.11n Network Adapter
Physical Address. . . . . . . . . : 90-A4-DE-41-BB-F3
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Bluetooth Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
Physical Address. . . . . . . . . : 90-A4-DE-1E-74-51
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{744D7C7A-9217-419F-ADA2-FCB08A4F3F15}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{906FA495-6B3D-4CDF-9D9E-7C3AC48D3AD2}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{0B54A067-7133-4EFD-883D-58147B53D9CE}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6abd:2c1a:350a:8d93:34c1(Preferred)
Link-local IPv6 Address . . . . . : fe80::2c1a:350a:8d93:34c1%19(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{B5362C24-EAD7-4ED4-A8C0-73BB388EC371}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 114.108.193.201

Name: google.com
Addresses: 2404:6800:4008:c01::8a
111.68.59.240
111.68.59.241
111.68.59.242
111.68.59.243
111.68.59.244
111.68.59.245
111.68.59.246
111.68.59.247
111.68.59.248
111.68.59.249
111.68.59.250
111.68.59.251


Pinging google.com [111.68.59.250] with 32 bytes of data:
Reply from 111.68.59.250: bytes=32 time=7ms TTL=59
Reply from 111.68.59.250: bytes=32 time=25ms TTL=59

Ping statistics for 111.68.59.250:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 7ms, Maximum = 25ms, Average = 16ms
Server: UnKnown
Address: 114.108.193.201

Name: yahoo.com
Addresses: 98.139.183.24
206.190.36.45
98.138.253.109


Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=235ms TTL=51
Reply from 206.190.36.45: bytes=32 time=225ms TTL=51

Ping statistics for 206.190.36.45:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 225ms, Maximum = 235ms, Average = 230ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
15...90 a4 de 41 bb f3 ......Microsoft Virtual WiFi Miniport Adapter
14...e8 11 32 58 33 20 ......Realtek PCIe GBE Family Controller
12...90 a4 de 41 bb f3 ......Broadcom 802.11n Network Adapter
11...90 a4 de 1e 74 51 ......Bluetooth Device (Personal Area Network)
1...........................Software Loopback Interface 1
35...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
21...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
19...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
22...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 10.12.32.1 10.12.62.35 20
10.12.32.0 255.255.224.0 On-link 10.12.62.35 276
10.12.62.35 255.255.255.255 On-link 10.12.62.35 276
10.12.63.255 255.255.255.255 On-link 10.12.62.35 276
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 10.12.62.35 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 10.12.62.35 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
19 58 ::/0 On-link
1 306 ::1/128 On-link
19 58 2001::/32 On-link
19 306 2001:0:9d38:6abd:2c1a:350a:8d93:34c1/128
On-link
14 276 fe80::/64 On-link
19 306 fe80::/64 On-link
14 276 fe80::41f:d189:3f13:71e1/128
On-link
19 306 fe80::2c1a:350a:8d93:34c1/128
On-link
1 306 ff00::/8 On-link
19 306 ff00::/8 On-link
14 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 07 C:\Windows\system32\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 30 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 31 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 32 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 33 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 34 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 35 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 36 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 37 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 38 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 39 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/25/2013 10:46:47 PM) (Source: Application Error) (User: )
Description: Faulting application name: nvcplui.exe, version: 3.5.752.0, time stamp: 0x4d408ea5
Faulting module name: nvgames.dll, version: 6.14.12.6683, time stamp: 0x4d408eef
Exception code: 0xc0000005
Fault offset: 0x00002aa8
Faulting process id: 0x1edc
Faulting application start time: 0xnvcplui.exe0
Faulting application path: nvcplui.exe1
Faulting module path: nvcplui.exe2
Report Id: nvcplui.exe3

Error: (08/25/2013 10:42:37 PM) (Source: Application Hang) (User: )
Description: The program Explorer.EXE version 6.1.7601.17567 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 844

Start Time: 01cea17f550925bf

Termination Time: 665

Application Path: C:\Windows\Explorer.EXE

Report Id: 7445b688-0d94-11e3-ba2b-90a4de1e7451

Error: (08/18/2013 00:12:27 PM) (Source: Application Error) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.1.7601.17567, time stamp: 0x4d6727a7
Faulting module name: UIAnimation.dll, version: 6.2.9200.16492, time stamp: 0x50f310aa
Exception code: 0xc0000005
Fault offset: 0x000050aa
Faulting process id: 0x96c
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3

Error: (08/18/2013 00:04:43 PM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore.exe, version: 10.0.9200.16660, time stamp: 0x51f1c5f3
Faulting module name: privitizeTlbr.dll_unloaded, version: 0.0.0.0, time stamp: 0x519b4fe2
Exception code: 0xc0000005
Fault offset: 0x6a9f7240
Faulting process id: 0x143c
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (08/17/2013 11:38:40 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (08/17/2013 11:36:04 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (08/17/2013 11:35:35 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (08/17/2013 11:35:17 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (08/17/2013 11:34:55 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (08/15/2013 11:19:44 PM) (Source: Application Hang) (User: )
Description: The program WifiManager.exe version 1.0.1.6 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: c20

Start Time: 01ce99ca9b0e605d

Termination Time: 15

Application Path: C:\Program Files\Samsung\Easy Display Manager\WifiManager.exe

Report Id: 16594cbc-05be-11e3-a37d-90a4de1e7451


System errors:
=============
Error: (08/27/2013 04:10:00 PM) (Source: Service Control Manager) (User: )
Description: The BrowserDefendert service failed to start due to the following error:
%%2

Error: (08/27/2013 04:09:00 PM) (Source: Service Control Manager) (User: )
Description: The BrowserDefendert service failed to start due to the following error:
%%2

Error: (08/27/2013 04:08:00 PM) (Source: Service Control Manager) (User: )
Description: The BrowserDefendert service failed to start due to the following error:
%%2

Error: (08/27/2013 04:07:00 PM) (Source: Service Control Manager) (User: )
Description: The BrowserDefendert service failed to start due to the following error:
%%2

Error: (08/27/2013 04:06:00 PM) (Source: Service Control Manager) (User: )
Description: The BrowserDefendert service failed to start due to the following error:
%%2

Error: (08/27/2013 04:05:00 PM) (Source: Service Control Manager) (User: )
Description: The BrowserDefendert service failed to start due to the following error:
%%2

Error: (08/27/2013 04:04:00 PM) (Source: Service Control Manager) (User: )
Description: The BrowserDefendert service failed to start due to the following error:
%%2

Error: (08/27/2013 04:03:00 PM) (Source: Service Control Manager) (User: )
Description: The BrowserDefendert service failed to start due to the following error:
%%2

Error: (08/27/2013 04:02:00 PM) (Source: Service Control Manager) (User: )
Description: The BrowserDefendert service failed to start due to the following error:
%%2

Error: (08/27/2013 04:01:00 PM) (Source: Service Control Manager) (User: )
Description: The BrowserDefendert service failed to start due to the following error:
%%2


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

toolbar (Version: 1.8.21.6)
Update for Microsoft Office 2007 (KB2508958)
µTorrent (Version: 3.3.0.29533)
7-Zip 9.20
Adobe Flash Player 11 Plugin (Version: 11.8.800.94)
Adobe Reader X (10.1.6) (Version: 10.1.6)
Amnesia: The Dark Descent
Audiosurf
avast! Free Antivirus (Version: 8.0.1489.0)
Bastion
BatteryLifeExtender (Version: 1.0.11)
Bing Bar (Version: 7.2.241.0)
Blekko Search Bar
Braid
Broadcom 802.11 Network Adapter (Version: 5.60.48.55)
Comical 0.8
Common Desktop Agent (Version: 1.52.0)
Company of Heroes (New Steam Version)
Company of Heroes: Opposing Fronts
Convert VOB to AVI
Defender's Quest: Valley of the Forgotten
Deus Ex: Game of the Year Edition
Deus Ex: Human Revolution
Easy Content Share (Version: 1.0)
Easy Display Manager (Version: 3.2)
Easy Migration (Version: 1.0)
Easy Network Manager (Version: 4.4.7)
Easy SpeedUp Manager (Version: 2.1.1.1)
EasyBatteryManager (Version: 4.0.0.4)
EasyFileShare (Version: 1.0.12)
ETDWare PS/2-X86 10.7.14.12_WHQL (Version: 10.7.14.12)
Fast Start (Version: 2.2.0.1)
Free Download Manager 3.9.2
Frozen Synapse
FTL: Faster Than Light
Globe Broadband (Version: 11.300.05.14.158)
Google Chrome (Version: 29.0.1547.57)
Google Update Helper (Version: 1.3.21.153)
Hotline Miami
Intel® Control Center (Version: 1.2.1.1007)
Intel® Management Engine Components (Version: 7.0.0.1144)
Intel® Processor Graphics (Version: 8.15.10.2622)
Intel® Rapid Storage Technology (Version: 10.0.0.1046)
Java 7 Update 25 (Version: 7.0.250)
Java Auto Updater (Version: 2.1.9.5)
LIMBO
Lone Survivor
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft XNA Framework Redistributable 3.1 (Version: 3.1.10527.0)
Microsoft XNA Framework Redistributable 4.0 (Version: 4.0.20823.0)
MixiDJ Toolbar (Version: 1.8.18.8)
Monaco
MSVC90_x86 (Version: 1.0.1.2)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Nokia Connectivity Cable Driver (Version: 7.1.78.0)
Nokia_Multimedia_Common_Components_2_5 (Version: 2.7.69)
NVIDIA Control Panel 266.83 (Version: 266.83)
NVIDIA Graphics Driver 266.83 (Version: 266.83)
NVIDIA Install Application (Version: 2.265.39.0)
NVIDIA Optimus 1.0.17 (Version: 1.0.17)
NVIDIA Update Components (Version: 1.0.17)
OpenAL
Opera 12.16 (Version: 12.16.1860)
Organ Trail: Director's Cut
PC Connectivity Solution (Version: 12.0.27.0)
PDF Reader for Windows 7
PESTERCHUM
Power2Go 4.0
PowerDirector
PowerDVD
PowerStarter
Realtek Ethernet Controller Driver (Version: 7.36.1224.2010)
Realtek High Definition Audio Driver (Version: 6.0.1.6301)
Rome: Total War
Roxio Easy Media Creator 7 (Version: 7.5.0.47)
Samsung Easy Printer Manager (Version: 1.00.47.00)
Samsung ML-1860 Series
Samsung Printer Live Update
Samsung Support Center 1.0 (Version: 1.1.38)
Samsung Update Plus (Version: 3.0.0.17)
SaveAs (Version: 1.0)
Search Assistant MocaFlix 1.66
Sibelius 7 OpenType Fonts (Version: 7.0.0)
Sibelius 7.0.0.23 (Version: 7.0.0.23)
Sid Meier's Civilization IV
Slick Savings (Version: 1.0)
SMART BRO (Version: 1.0.0.0)
Spybot - Search & Destroy (Version: 2.0.12)
Steam (Version: 1.0.0.0)
Super Hexagon
System Requirements Lab Detection (Version: 1.0.5.0)
System Shock 2
The Binding of Isaac
Thief Gold
Twine 1.3.5 (remove only)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2768023) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817642) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
uTorrentControl_v2 Toolbar (Version: 6.9.0.16)
VLC media player 2.0.0 (Version: 2.0.0)
WEB Partner (Version: TOOL-ConnLaucher_WIN1.01.02.00)
WIDCOMM Bluetooth Software (Version: 6.3.0.7600)
Windows Driver Package - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0) (Version: 05/31/2012 7.1.2.0)
Windows Media Encoder 9 Series
Windows Media Encoder 9 Series (Version: 9.00.2980)
Wolfenstein 3D
World of Goo
XCOM: Enemy Unknown
YTD Toolbar v7.4 (Version: 7.4)
YTD Video Downloader 4.4 (Version: 4.4)

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 42%
Total physical RAM: 2731.55 MB
Available physical RAM: 1572.93 MB
Total Pagefile: 5461.38 MB
Available Pagefile: 3922.98 MB
Total Virtual: 2047.88 MB
Available Virtual: 1932.55 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:521.64 GB) (Free:257.3 GB) NTFS

========================= Users: ========================================

User accounts for \\ADY-PC

Admin Administrator Ady
anton Guest UpdatusUser

========================= Minidump Files ==================================

No minidump file found

========================= Restore Points ==================================

13-08-2013 07:37:56 Windows Update
14-08-2013 19:00:48 Windows Update
18-08-2013 11:00:25 Windows Backup
20-08-2013 10:22:08 Windows Update
22-08-2013 19:00:20 Windows Update
25-08-2013 10:34:51 Windows Update
25-08-2013 11:00:31 Windows Backup

**** End of log ****



#7 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:10:42 AM

Posted 27 August 2013 - 06:35 PM

Hi

Please do the following next:

:step1:

Going over your logs I noticed that you have utorrent installed.

  • Avoid peer-to-peer (P2P) file sharing programs.
  • They are a security risk which can make your computer susceptible to a wide variety of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.
  • P2p programs share a directory or set of directories on your computer to the world. Anyone can type in a search, and potentially download something from your computer. This makes the machine an open web server -- massively increasing the attack surface of the machine.
  • To reduce the risk of infection avoid using any P2P applications.

It is pretty much certain that if you continue to use P2P programs, you will get infected again.
I would recommend that you uninstall utorrent, however that choice is up to you.

If you choose to remove these programs, you can do so via:

For Vista / Win 7:

  • Click the "Windows Orb" start button.
  • Click Control Panel then Programs and Features..

For Win 8:

  • Open Control Panel then Programs and Features..

If you wish to keep it, please do not use it until your computer is cleaned.


:step2:

  • Launch Malwarebytes' Anti-Malware (MBAM)
  • Click on the tab update, then click Check for Updates
  • If an update is found, it will download and install the latest version.
  • Then on the Scanner tab select Perform full scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad.
  • Post the full contents of the log in your next reply.

Note: Be sure to restart the computer.

The log can also be found here:
C:\Users\<Username>\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt


:step3:

I'd like us to scan your machine with ESET Online Scanner:

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.

Note: Vista / Windows 7 / Windows 8 users: You will need to to right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from the context menu.

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png  button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the esetsmartinstaller_enu.png
       icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • On ESET: Click the Back button, then the Finish button.

Note: Do not forget to re-enable your Anti-Virus application after running the above scan!


:step4:

  • Please close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Clean.
  • Confirm each time with Ok.
  • You will be prompted to restart your computer. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#8 monkeyd_ace

monkeyd_ace
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Local time:06:42 PM

Posted 28 August 2013 - 05:49 PM

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.08.28.04

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 10.0.9200.16660
anton :: ADY-PC [administrator]

8/28/2013 11:23:44 PM
mbam-log-2013-08-28 (23-23-44).txt

Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 551105
Time elapsed: 7 hour(s), 9 minute(s), 24 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 44
HKCR\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
HKCR\AppID\{14B1B6D0-D25F-4418-94E3-EC2B5AEE9756} (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
HKCR\TypeLib\{14B1B6D0-D25F-4418-94E3-EC2B5AEE9756} (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
HKCR\AppID\{39CB8175-E224-4446-8746-00566302DF8D} (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
HKCR\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{CA9B9C89-4662-4ADC-9C23-A452BECD5D19} (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
HKCR\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
HKCR\mixidj.mixidjdskBnd.1 (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
HKCR\mixidj.mixidjdskBnd (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
HKCR\AppID\{A2773ED4-83BD-488A-A186-73590706C916} (PUP.Optional.MixiDJToolbar.A) -> Quarantined and deleted successfully.
HKCR\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D} (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
HKCR\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
HKCR\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{2C141B4C-B5BA-4E89-BE73-F71ED4A208CF} (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
HKCR\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
HKCR\mixidj.mixidjappCore.1 (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
HKCR\mixidj.mixidjappCore (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{4D6A9BBF-402C-4301-B1EF-28D04F71D761} (PUP.Optional.MixiDJToolbar.A) -> Quarantined and deleted successfully.
HKCR\mixidj.mixidjHlpr.1 (PUP.Optional.MixiDJToolbar.A) -> Quarantined and deleted successfully.
HKCR\mixidj.mixidjHlpr (PUP.Optional.MixiDJToolbar.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D6A9BBF-402C-4301-B1EF-28D04F71D761} (PUP.Optional.MixiDJToolbar.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{7D0EE142-0642-4FDD-AF73-7399C04E1041} (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
HKCR\esrv.mixidjESrvc.1 (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
HKCR\esrv.mixidjESrvc (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{C3F978C3-0594-4397-B8E6-3F9D9BE6A7B9} (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
HKCR\escort.escortIEPane.1 (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
HKCR\escort.escortIEPane (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{F9221CC8-22DF-4CEF-B8ED-BA87F1F09878} (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
HKCR\m (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
HKCR\Typelib\{4599D05A-D545-4069-BB42-5895B4EAE05B} (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
HKCR\Interface\{1231839B-064E-4788-B865-465A1B5266FD} (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
HKCR\Typelib\{8BA772A8-AC4F-4954-9B5E-433CA6DC506F} (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
HKCR\Interface\{108F5878-71F9-4B5C-9EC0-58CEC29E8124} (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85} (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_9d366ef6 (PUP.OPtional.SaveAs) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\DataMngr_Toolbar (PUP.Optional.DataMngr) -> Quarantined and deleted successfully.
HKCU\Software\DataMngr (PUP.Optional.DataMngr) -> Quarantined and deleted successfully.
HKCU\Software\BabSolution\Updater (PUP.Optional.Babylon.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\MIXIDJ\MIXIDJ (PUP.Optional.MixiDJToolbar.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\boipimhfjpakfgckhbljjengakjhkcbp (PUP.Optional.Babylon.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\kpepfkjapeclaafmhoelccknpfedainn (PUP.Optional.MixiDJToolbar.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SaveAs (PUP.Optional.SaveAs.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\mixidj (PUP.Optional.MixiDJToolbar.A) -> Quarantined and deleted successfully.

Registry Values Detected: 5
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{CA9B9C89-4662-4ADC-9C23-A452BECD5D19} (PUP.Optional.Delta.A) -> Data: MixiDJ Toolbar -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{CA9B9C89-4662-4ADC-9C23-A452BECD5D19} (PUP.Optional.MixiDJToolbar.A) -> Data: -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|bProtector Start Page (PUP.BProtector) -> Data: http://mixidj.delta-search.com/?babsrc=HP_ss&mntrId=5E5E90A4DE41BBF3&affID=121128&tsp=4966 -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes|bProtectorDefaultScope (PUP.BProtector) -> Data: {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} -> Quarantined and deleted successfully.
HKCU\Software\mixidj\mixidj|tlbrSrchUrl (PUP.Optional.MixiDJToolbar.A) -> Data: -> Quarantined and deleted successfully.

Registry Data Items Detected: 1
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.StartPage) -> Bad: (http://mixidj.delta-search.com/?babsrc=HP_ss&mntrId=5E5E90A4DE41BBF3&affID=121128&tsp=4966) Good: (http://www.google.com) -> Quarantined and repaired successfully.

Folders Detected: 13
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SaveAs (PUP.OPtional.SaveAs) -> Quarantined and deleted successfully.
C:\Program Files\SaveAs (PUP.OPtional.SaveAs) -> Quarantined and deleted successfully.
C:\ProgramData\SaveAs (PUP.OPtional.SaveAs) -> Quarantined and deleted successfully.
C:\ProgramData\SaveAs\data (PUP.OPtional.SaveAs) -> Quarantined and deleted successfully.
C:\Users\anton\AppData\Roaming\OpenCandy (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.
C:\Users\anton\AppData\Roaming\OpenCandy\5135FF01AE01491997132C2406B9A269 (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.
C:\ProgramData\InstallMate\SaveAs (PUP.Optional.SaveAs.A) -> Quarantined and deleted successfully.
C:\ProgramData\InstallMate\SaveAs\851BEAA25B41D291 (PUP.Optional.SaveAs.A) -> Quarantined and deleted successfully.
C:\Program Files\mixidj\mixidj\1.8.18.8 (PUP.Optional.MixiDJToolbar.A) -> Quarantined and deleted successfully.
C:\Program Files\mixidj\mixidj\1.8.18.8\bh (PUP.Optional.MixiDJToolbar.A) -> Quarantined and deleted successfully.
C:\Users\anton\AppData\Local\Temp\mt_ffx\Delta (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
C:\Users\anton\AppData\Local\Temp\mt_ffx\Delta\delta (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
C:\Users\anton\AppData\Local\Temp\mt_ffx\Delta\delta\1.8.21.5 (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.

Files Detected: 27
C:\Program Files\mixidj\mixidj\1.8.18.8\mixidjsrv.exe (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
C:\Program Files\mixidj\mixidj\1.8.18.8\mixidjTlbr.dll (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
C:\Program Files\mixidj\mixidj\1.8.18.8\mixidjApp.dll (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
C:\Program Files\mixidj\mixidj\1.8.18.8\bh\mixidj.dll (PUP.Optional.MixiDJToolbar.A) -> Quarantined and deleted successfully.
C:\Program Files\mixidj\mixidj\1.8.18.8\mixidjEng.dll (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
C:\Users\anton\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YB5YMYTG\rcpsetup17970[1].exe (PUP.Optional.RegCleanerPro) -> Quarantined and deleted successfully.
C:\Users\anton\AppData\Local\Temp\F40B6D15-BAB0-7891-89FC-2B46AEB6FD03\Latest\BUSolution.dll (PUP.Optional.BabSolution.A) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SaveAs\SaveAs.lnk (PUP.OPtional.SaveAs) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SaveAs\Uninstall.lnk (PUP.OPtional.SaveAs) -> Quarantined and deleted successfully.
C:\Program Files\SaveAs\sprotector.dll (PUP.OPtional.SaveAs) -> Quarantined and deleted successfully.
C:\Program Files\SaveAs\uninstall.exe (PUP.OPtional.SaveAs) -> Quarantined and deleted successfully.
C:\ProgramData\SaveAs\ehedphpnpljfehhfpokliomgnfgahoip.crx (PUP.OPtional.SaveAs) -> Quarantined and deleted successfully.
C:\ProgramData\SaveAs\50d9dcf811bc1.dll (PUP.OPtional.SaveAs) -> Quarantined and deleted successfully.
C:\ProgramData\SaveAs\50d9dcf811bc1.tlb (PUP.OPtional.SaveAs) -> Quarantined and deleted successfully.
C:\ProgramData\SaveAs\data\SaveAs.dat (PUP.OPtional.SaveAs) -> Quarantined and deleted successfully.
C:\Windows\System32\roboot.exe (PUP.Optional.PCPerformer.A) -> Quarantined and deleted successfully.
C:\Users\anton\AppData\Roaming\OpenCandy\5135FF01AE01491997132C2406B9A269\TuneUpUtilities2013-2200319_en-US.exe (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.
C:\ProgramData\InstallMate\SaveAs\Setup.dat (PUP.Optional.SaveAs.A) -> Quarantined and deleted successfully.
C:\ProgramData\InstallMate\SaveAs\Setup.exe (PUP.Optional.SaveAs.A) -> Quarantined and deleted successfully.
C:\ProgramData\InstallMate\SaveAs\Setup.ico (PUP.Optional.SaveAs.A) -> Quarantined and deleted successfully.
C:\ProgramData\InstallMate\SaveAs\TsuDll.dll (PUP.Optional.SaveAs.A) -> Quarantined and deleted successfully.
C:\ProgramData\InstallMate\SaveAs\_Setup.dll (PUP.Optional.SaveAs.A) -> Quarantined and deleted successfully.
C:\ProgramData\InstallMate\SaveAs\_Setupx.dll (PUP.Optional.SaveAs.A) -> Quarantined and deleted successfully.
C:\Program Files\mixidj\mixidj\1.8.18.8\escortShld.dll (PUP.Optional.MixiDJToolbar.A) -> Quarantined and deleted successfully.
C:\Program Files\mixidj\mixidj\1.8.18.8\GUninstaller.exe (PUP.Optional.MixiDJToolbar.A) -> Quarantined and deleted successfully.
C:\Program Files\mixidj\mixidj\1.8.18.8\mixidj.crx (PUP.Optional.MixiDJToolbar.A) -> Quarantined and deleted successfully.
C:\Program Files\mixidj\mixidj\1.8.18.8\uninstall.exe (PUP.Optional.MixiDJToolbar.A) -> Quarantined and deleted successfully.

(end)



#9 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:10:42 AM

Posted 29 August 2013 - 04:50 AM

Please post the results of the ESET scan, and the AdwCleaner Clean log


Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#10 monkeyd_ace

monkeyd_ace
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Local time:06:42 PM

Posted 29 August 2013 - 11:16 AM

Hi I'm having a problem with scanning my comp. The scan slows it down so much that it freezes my laptop forcing me to reset it. Any way to deal with laptop freezes?



#11 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:10:42 AM

Posted 29 August 2013 - 03:03 PM

Hi. Is this the Adwcleaner scan or the ESET scan that is causing the freezing?


Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#12 monkeyd_ace

monkeyd_ace
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Local time:06:42 PM

Posted 29 August 2013 - 05:05 PM

It was the ESET scan but I managed to scan it.

 

Here's the ESET Scan 

 

C:\Users\All Users\BrowserProtect\2.6.1040.25\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.crx Win32/bProtector.E application
C:\Users\All Users\Premium\SaveAs\SaveAs.exe Win32/GenUpdater application
C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined
C:\Program Files\MocaFlix\sprotector.dll Win32/SProtector application cleaned by deleting - quarantined
C:\Program Files\YTD Toolbar\IE\7.4\ytdToolbarIE.dll a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined
C:\ProgramData\BrowserProtect\2.6.1040.25\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.crx Win32/bProtector.E application deleted - quarantined
C:\ProgramData\Premium\SaveAs\SaveAs.exe Win32/GenUpdater application cleaned by deleting (after the next restart) - quarantined
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehedphpnpljfehhfpokliomgnfgahoip\2_0\50d9dcf8119b03.24650573.js Win32/Adware.MultiPlug.H application cleaned by deleting - quarantined
C:\Users\Ady\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehedphpnpljfehhfpokliomgnfgahoip\2_0\50d9dcf8119b03.24650573.js Win32/Adware.MultiPlug.H application cleaned by deleting - quarantined
C:\Users\Ady\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QAQIU4MZ\pack[1].7z multiple threats deleted - quarantined
C:\Users\Ady\AppData\Local\Temp\C0296DCE-BAB0-7891-B1A1-9D3B24F9E08A\Setup.exe a variant of Win32/Toolbar.Babylon.H application cleaned by deleting - quarantined
C:\Users\Ady\AppData\Local\Temp\ICReinstall\cnet2_PDFReaderSetup_exe.exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined
C:\Users\Ady\Desktop\Crack\SLIC Dump ToolKit v2.0\SLIC_Dump_ToolKit.EXE a variant of Win32/Packed.FlyStudio application cleaned by deleting - quarantined
C:\Users\Ady\Downloads\cnet2_PDFReaderSetup_exe.exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined
C:\Users\anton\AppData\Local\Temp\5581FA2A-BAB0-7891-AA3B-BE74C4C12CE8\Latest\BExternal.dll a variant of Win32/Toolbar.Babylon.F application cleaned by deleting - quarantined
C:\Users\anton\AppData\Local\Temp\5581FA2A-BAB0-7891-AA3B-BE74C4C12CE8\Latest\Delta.crx a variant of Win32/Toolbar.Babylon.I application deleted - quarantined
C:\Users\anton\AppData\Local\Temp\5581FA2A-BAB0-7891-AA3B-BE74C4C12CE8\Latest\IEHelper.dll Win32/Toolbar.Babylon.E application cleaned by deleting - quarantined
C:\Users\anton\AppData\Local\Temp\F40B6D15-BAB0-7891-89FC-2B46AEB6FD03\Latest\BExternal.dll a variant of Win32/Toolbar.Babylon.F application cleaned by deleting - quarantined
C:\Users\anton\AppData\Local\Temp\F40B6D15-BAB0-7891-89FC-2B46AEB6FD03\Latest\IEHelper.dll a variant of Win32/Toolbar.Babylon.E application cleaned by deleting - quarantined
C:\Users\anton\AppData\Local\Temp\F40B6D15-BAB0-7891-89FC-2B46AEB6FD03\Latest\MyMixiTB.exe Win32/Toolbar.Tuvaro.A application cleaned by deleting - quarantined
C:\Users\anton\Documents\Anton Files\epsxe170\ANTON FILES X\FinalTorrent2011Setup.exe a variant of Win32/InstallIQ.A application cleaned by deleting - quarantined
C:\Users\anton\Documents\Anton Files\epsxe170\ANTON FILES X\SoftonicDownloader_for_comicrack.exe Win32/SoftonicDownloader.A application cleaned by deleting - quarantined
C:\Users\anton\Documents\Avid.Sibelius.v7.0.0.x86.x64.WORKiNG-ASSiGN\Sibelius700b23.exe Win32/InstallMonetizer.AH application cleaned by deleting - quarantined
C:\Users\anton\Downloads\cbsidlm-cbsi5_2_0_83-Opera-SEO2-10005498.exe a variant of Win32/CNETInstaller.A application cleaned by deleting - quarantined
C:\Users\anton\Downloads\cbsidlm-tr1_10a-FreeRAM_XP_Pro-ORG-10070530.exe Win32/DownloadAdmin.G application cleaned by deleting - quarantined
C:\Users\anton\Downloads\YTDSetup.exe a variant of Win32/Bundled.Toolbar.Ask.D application cleaned by deleting - quarantined
C:\Windows\Installer\1bd0a55.msi a variant of Win32/Toolbar.Widgi application deleted - quarantined


Edited by monkeyd_ace, 29 August 2013 - 05:06 PM.


#13 monkeyd_ace

monkeyd_ace
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Local time:06:42 PM

Posted 29 August 2013 - 05:15 PM

AdwCleaner results

 

# AdwCleaner v3.001 - Report created 30/08/2013 at 06:09:48
# Updated 24/08/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : anton - ADY-PC
# Running from : C:\Users\anton\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : Application Updater
[#] Service Deleted : BrowserDefendert

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\blekko toolbars
Folder Deleted : C:\ProgramData\BrowserDefender
Folder Deleted : C:\ProgramData\BrowserProtect
Folder Deleted : C:\ProgramData\InstallMate
Folder Deleted : C:\ProgramData\Premium
Folder Deleted : C:\Program Files\Application Updater
Folder Deleted : C:\Program Files\blekko
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Program Files\delta
Folder Deleted : C:\Program Files\Industriya
Folder Deleted : C:\Program Files\mixidj
Folder Deleted : C:\Program Files\MocaFlix
Folder Deleted : C:\Program Files\RegClean Pro
Folder Deleted : C:\Program Files\Common Files\spigot
Folder Deleted : C:\Users\Ady\AppData\Local\Temp\BabylonToolbar
Folder Deleted : C:\Users\Ady\AppData\LocalLow\blekko
Folder Deleted : C:\Users\Ady\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Ady\AppData\LocalLow\SaveAs
Folder Deleted : C:\Users\Ady\AppData\Roaming\yourfiledownloader
Folder Deleted : C:\Users\Admin\AppData\LocalLow\blekko
Folder Deleted : C:\Users\Admin\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Admin\AppData\LocalLow\Industriya
Folder Deleted : C:\Users\Admin\AppData\LocalLow\mixidj
Folder Deleted : C:\Users\Admin\AppData\LocalLow\Search Settings
Folder Deleted : C:\Users\anton\AppData\Local\Conduit
Folder Deleted : C:\Users\anton\AppData\Local\cre
Folder Deleted : C:\Users\anton\AppData\LocalLow\blekko
Folder Deleted : C:\Users\anton\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\anton\AppData\LocalLow\Industriya
Folder Deleted : C:\Users\anton\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\anton\AppData\LocalLow\SaveAs
Folder Deleted : C:\Users\anton\AppData\LocalLow\Search Settings
Folder Deleted : C:\Users\anton\AppData\Roaming\Industriya
Folder Deleted : C:\Users\anton\AppData\Roaming\mixidj
Folder Deleted : C:\Users\anton\AppData\Roaming\Systweak
Folder Deleted : C:\Users\anton\Desktop\Save
Folder Deleted : C:\Users\anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Folder Deleted : C:\Users\anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpepfkjapeclaafmhoelccknpfedainn
Folder Deleted : C:\Users\Ady\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofaekbahncacnjgelnfjcjoelcglkhkj
Folder Deleted : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofaekbahncacnjgelnfjcjoelcglkhkj
Folder Deleted : C:\Users\Ady\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Folder Deleted : C:\Users\anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
[!] Folder Deleted : C:\Users\Ady\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
[!] Folder Deleted : C:\Users\anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
[!] Folder Deleted : C:\Users\Ady\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
[!] Folder Deleted : C:\Users\anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
[!] Folder Deleted : C:\Users\Ady\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
[!] Folder Deleted : C:\Users\anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
[!] Folder Deleted : C:\Users\Ady\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
[!] Folder Deleted : C:\Users\anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
[!] Folder Deleted : C:\Users\Ady\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
[!] Folder Deleted : C:\Users\anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
[!] Folder Deleted : C:\Users\Ady\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
[!] Folder Deleted : C:\Users\anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
File Deleted : C:\Users\Public\Desktop\YourFile Downloader.lnk
File Deleted : C:\Users\anton\AppData\Local\Temp\Uninstall.exe
File Deleted : C:\Users\Ady\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data
File Deleted : C:\Users\anton\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data
File Deleted : C:\Users\Ady\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences
File Deleted : C:\Users\anton\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences
File Deleted : C:\Users\Ady\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage
File Deleted : C:\Users\anton\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage
File Deleted : C:\Users\Ady\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage-journal
File Deleted : C:\Users\anton\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage-journal
File Deleted : C:\Windows\System32\Tasks\BrowserDefendert
File Deleted : C:\Windows\System32\Tasks\EPUpdater

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ofaekbahncacnjgelnfjcjoelcglkhkj
Key Deleted : HKCU\Software\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BrowserDefendert
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D8EF8EFA-6DB8-4C4D-A929-C0DA2A4F9256}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D8EF8EFA-6DB8-4C4D-A929-C0DA2A4F9256}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EPUpdater
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{80E53004-4BAD-435B-9004-0B3F0DBF425C}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{80E53004-4BAD-435B-9004-0B3F0DBF425C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\esrv.spamfreesearchESrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.spamfreesearchESrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\privitize.privitizeHlpr
Key Deleted : HKLM\SOFTWARE\Classes\privitize.privitizeHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Classes\spamfreesearch.dskBnd
Key Deleted : HKLM\SOFTWARE\Classes\spamfreesearch.dskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\spamfreesearch.Hlpr
Key Deleted : HKLM\SOFTWARE\Classes\spamfreesearch.Hlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\spamfreesearch.spamfreesearchappCore
Key Deleted : HKLM\SOFTWARE\Classes\spamfreesearch.spamfreesearchappCore.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\blekko_1311013_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\blekko_1311013_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_56ec1d15
Key Deleted : HKCU\Software\5e53db8ce668ea48
Key Deleted : HKLM\SOFTWARE\5e53db8ce668ea48
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1005247F-A178-490A-8DC3-6BAF09EA427B}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{ED90EC38-E71B-4C05-8FC1-DE46D5E692F5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1ACB5ABE-4890-4747-952C-F13BDB93FB75}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{441DDAAE-EE81-4DFF-B523-11D1A9134C3E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{709CA6FC-5747-4C3C-A4B0-064AC86415ED}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B25AEDC4-8086-41E3-8349-328223FA9FCB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BAE35237-8D73-44D0-905C-8A95EA1E7E69}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C2C8A5A6-1DFC-4ED1-A4DC-90EEC596AADC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E6026FA7-B9E5-4265-B22E-8EC40169C83D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EECF410C-006C-4A05-AD13-6741A0814DBF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{BA93826B-8DCE-40C3-9E31-07E449C0A979}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{ED90EC38-E71B-4C05-8FC1-DE46D5E692F5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1ACB5ABE-4890-4747-952C-F13BDB93FB75}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BAE35237-8D73-44D0-905C-8A95EA1E7E69}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1ACB5ABE-4890-4747-952C-F13BDB93FB75}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BAE35237-8D73-44D0-905C-8A95EA1E7E69}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EECF410C-006C-4A05-AD13-6741A0814DBF}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1ACB5ABE-4890-4747-952C-F13BDB93FB75}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BAE35237-8D73-44D0-905C-8A95EA1E7E69}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EECF410C-006C-4A05-AD13-6741A0814DBF}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C4729755-E1F9-48E4-BD9F-5B4D0202C16A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EECF410C-006C-4A05-AD13-6741A0814DBF}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{F3FEE66E-E034-436A-86E4-9690573BEE8A}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{F3FEE66E-E034-436A-86E4-9690573BEE8A}]
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\BabSolution
Key Deleted : HKCU\Software\blekko
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Delta
Key Deleted : HKCU\Software\mixidj
Key Deleted : HKCU\Software\Search Settings
Key Deleted : HKCU\Software\StartSearch
Key Deleted : HKCU\Software\systweak
Key Deleted : HKCU\Software\AppDataLow\SProtector
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\Software\Application Updater
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\blekko
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\Delta
Key Deleted : HKLM\Software\mixidj
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\Search Settings
Key Deleted : HKLM\Software\SP Global
Key Deleted : HKLM\Software\SProtector
Key Deleted : HKLM\Software\YourFileDownloader
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\spamfreesearch

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16660


-\\ Google Chrome v29.0.1547.57

[ File : C:\Users\Ady\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : homepage

[ File : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\anton\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : homepage
Deleted : search_url
Deleted : keyword
Deleted : urls_to_restore_on_startup

*************************

AdwCleaner[R0].txt - [20217 octets] - [27/08/2013 16:02:15]
AdwCleaner[R1].txt - [15113 octets] - [30/08/2013 06:08:54]
AdwCleaner[S0].txt - [14609 octets] - [30/08/2013 06:09:48]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [14670 octets] ##########



#14 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:10:42 AM

Posted 29 August 2013 - 07:20 PM

How is the computer running now?


Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#15 monkeyd_ace

monkeyd_ace
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Local time:06:42 PM

Posted 29 August 2013 - 07:34 PM

So far it's working much better. Thanks!






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users