Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Malware infection, popups, slow running computer


  • Please log in to reply
11 replies to this topic

#1 mercuryrsng

mercuryrsng

  • Members
  • 298 posts
  • OFFLINE
  •  
  • Local time:11:54 AM

Posted 19 September 2013 - 07:57 PM

Hi all.  This laptop that I have is running really slow.  Lots of pop ups and stuff.  I ran a malwarebytes antimalware scan and it found 241 items, many of them trojans.  I can show the results log upon request..  

 

Can someone help me with the cleanup process?

 

Thanks ahead of time.



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,039 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:54 AM

Posted 19 September 2013 - 08:03 PM

Hello, yes post that log and then run these.

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
.
.
.

Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool. Vista/Windows 7/8 users right-click and select Run As Administrator
.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
  • >>>
  • Last run ESET.
    • Hold down Control and click on this link to open ESET OnlineScan in a new window.
    • Click the esetonlinebtn.png button.
    • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the esetsmartinstaller_enu.png icon on your desktop.
    • Check "YES, I accept the Terms of Use."
    • Click the Start button.
    • Accept any security warnings from your browser.
    • Under scan settings, check "Scan Archives" and "Remove found threats"
    • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
    • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
    • When the scan completes, click List Threats
    • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
    • Click the Back button.
    • Click the Finish button.
    • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 mercuryrsng

mercuryrsng
  • Topic Starter

  • Members
  • 298 posts
  • OFFLINE
  •  
  • Local time:11:54 AM

Posted 19 September 2013 - 09:41 PM

OK here is everything but the ESET scan.  That scan is taking a while so I figured I would show everything else to you.

 

 

 

 

 

MiniToolBox by Farbar  Version: 13-07-2013
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
 
Database version: v2013.09.19.08
 
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16686
Eda :: EDA-HP [administrator]
 
9/19/2013 8:09:04 PM
mbam-log-2013-09-19 (20-09-04).txt
 
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 200077
Time elapsed: 10 minute(s), 54 second(s)
 
Memory Processes Detected: 4
C:\Users\Eda\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe (PUP.Optional.DefaultTab.A) -> 1588 -> Delete on reboot.
C:\Program Files (x86)\PC Health Kit\PCHKSmartScan.exe (Rogue.PCHealthKit) -> 4892 -> Delete on reboot.
C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe (PUP.Optional.SearchProtect.A) -> 1304 -> Delete on reboot.
C:\Users\Eda\AppData\Roaming\SearchProtect\bin\cltmng.exe (PUP.Optional.SearchProtect.A) -> 4644 -> Delete on reboot.
 
Memory Modules Detected: 7
C:\Program Files (x86)\SearchProtect\bin\msvcp100.dll (PUP.Optional.SearchProtect.A) -> Delete on reboot.
C:\Program Files (x86)\SearchProtect\bin\msvcr100.dll (PUP.Optional.SearchProtect.A) -> Delete on reboot.
C:\Users\Eda\AppData\Roaming\SearchProtect\bin\FirefoxModule.dll (PUP.Optional.SearchProtect.A) -> Delete on reboot.
C:\Users\Eda\AppData\Roaming\SearchProtect\bin\ChromeModule.dll (PUP.Optional.SearchProtect.A) -> Delete on reboot.
C:\Users\Eda\AppData\Roaming\SearchProtect\bin\InternetExplorerModule.dll (PUP.Optional.SearchProtect.A) -> Delete on reboot.
C:\Users\Eda\AppData\Roaming\SearchProtect\bin\msvcp100.dll (PUP.Optional.SearchProtect.A) -> Delete on reboot.
C:\Users\Eda\AppData\Roaming\SearchProtect\bin\msvcr100.dll (PUP.Optional.SearchProtect.A) -> Delete on reboot.
 
Registry Keys Detected: 39
HKLM\SYSTEM\CurrentControlSet\Services\DefaultTabUpdate (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01} (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
HKCR\TypeLib\{FEB62B15-CC00-4736-AAEC-BA046C9DFF73} (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
HKCR\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60} (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
HKCR\DefaultTabBHO.DefaultTabBrowser.1 (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
HKCR\DefaultTabBHO.DefaultTabBrowser (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01} (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01} (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01} (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01} (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01} (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
HKCR\AppID\{38495740-0035-4471-851E-F5BBB86AB085} (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
HKCR\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007} (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} (PUP.Optional.BrowseFox.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9} (PUP.Software.Updater) -> Quarantined and deleted successfully.
HKCR\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476} (PUP.Software.Updater) -> Quarantined and deleted successfully.
HKCR\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67} (PUP.Software.Updater) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96} (PUP.Software.Updater) -> Quarantined and deleted successfully.
HKCR\Updater.AmiUpd.1 (PUP.Software.Updater) -> Quarantined and deleted successfully.
HKCR\Updater.AmiUpd (PUP.Software.Updater) -> Quarantined and deleted successfully.
HKCR\CLSID\{A1E28287-1A31-4b0f-8D05-AA8C465D3C5A} (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
HKCR\DefaultTabBHO.DefaultTabBrowserActiveX.1 (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
HKCR\DefaultTabBHO.DefaultTabBrowserActiveX (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A} (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{739DF940-C5EE-4BAB-9D7E-270894AE687A} (PUP.Optional.WhiteSmoke.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{739DF940-C5EE-4BAB-9D7E-270894AE687A} (PUP.Optional.WhiteSmoke.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2D33ED6-EBBD-467C-BF6F-F175D9B51363} (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BAD84EE2-624D-4e7c-A8BB-41EFD720FD77} (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PC Health Kit_is1 (Rogue.PCHealthKit) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WhiteSmoke_New Toolbar (PUP.Optional.WhiteSmoke.A) -> Quarantined and deleted successfully.
HKLM\SYSTEM\CurrentControlSet\Services\CltMngSvc (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
HKLM\SYSTEM\CurrentControlSet\Services\DefaultTabSearch (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
HKCR\AppID\DefaultTabBHO.DLL (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\DEFAULT TAB (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
HKCU\Software\PC Health Kit (Rogue.PCHealthKit) -> Quarantined and deleted successfully.
HKCU\Software\AppDataLow\Software\DefaultTab (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\DEFAULT TAB (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
 
Registry Values Detected: 11
HKCU\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks|{739DF940-C5EE-4BAB-9D7E-270894AE687A} (PUP.Optional.WhiteSmoke.A) -> Data:  -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{739DF940-C5EE-4BAB-9D7E-270894AE687A} (PUP.Optional.WhiteSmoke.A) -> Data: WhiteSmoke_New Toolbar -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks|{739DF940-C5EE-4BAB-9D7E-270894AE687A} (PUP.Optional.WhiteSmoke.A) -> Data:  -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{739df940-c5ee-4bab-9d7e-270894ae687a} (PUP.Optional.WhiteSmoke.A) -> Data:  -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{739df940-c5ee-4bab-9d7e-270894ae687a} (PUP.Optional.WhiteSmoke.A) -> Data:  -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{739df940-c5ee-4bab-9d7e-270894ae687a} (PUP.Optional.WhiteSmoke.A) -> Data:  -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|PC Health Kit (Rogue.PCHealthKit) -> Data: C:\Program Files (x86)\PC Health Kit\PCHKLauncher.exe -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|SearchProtectAll (PUP.Optional.SearchProtect.A) -> Data: C:\Program Files (x86)\SearchProtect\bin\cltmng.exe -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|SearchProtect (PUP.Optional.SearchProtect.A) -> Data: C:\Users\Eda\AppData\Roaming\SearchProtect\bin\cltmng.exe -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Default Tab|Version (PUP.Optional.DefaultTab.A) -> Data: 2.2.18.0 -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Default Tab|Version (PUP.Optional.DefaultTab.A) -> Data: 2.2.18.0 -> Quarantined and deleted successfully.
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 28
C:\Program Files (x86)\PC Health Kit (Rogue.PCHealthKit) -> Delete on reboot.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Kit (Rogue.PCHealthKit) -> Quarantined and deleted successfully.
C:\Program Files (x86)\WhiteSmoke_New (PUP.Optional.WhiteSmoke.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\bin (PUP.Optional.SearchProtect.A) -> Delete on reboot.
C:\Program Files (x86)\SearchProtect\Dialogs (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Dialogs\lib (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Dialogs\spbd (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Dialogs\spbd\images (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Dialogs\spsd (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Dialogs\spsd\images (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\ffprotect (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Eda\AppData\Roaming\SearchProtect\bin (PUP.Optional.SearchProtect.A) -> Delete on reboot.
C:\Users\Eda\AppData\Roaming\SearchProtect\Dialogs (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Eda\AppData\Roaming\SearchProtect\Dialogs\lib (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Eda\AppData\Roaming\SearchProtect\Dialogs\spbd (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Eda\AppData\Roaming\SearchProtect\Dialogs\spbd\images (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Eda\AppData\Roaming\SearchProtect\Dialogs\spsd (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Eda\AppData\Roaming\SearchProtect\Dialogs\spsd\images (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Eda\AppData\Roaming\SearchProtect\ffprotect (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Eda\AppData\Roaming\SearchProtect\ffprotect\Dialogs (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Eda\AppData\Roaming\SearchProtect\ffprotect\Dialogs\lib (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Eda\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spbd (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Eda\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spbd\images (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Eda\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spsd (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Eda\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spsd\images (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Eda\AppData\Roaming\SearchProtect\ffprotect\SProtectorRepository (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\DefaultTab (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Users\Eda\AppData\Roaming\DefaultTab\DefaultTab (PUP.Optional.DefaultTab.A) -> Delete on reboot.
 
Files Detected: 160
C:\Users\Eda\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe (PUP.Optional.DefaultTab.A) -> Delete on reboot.
C:\Users\Eda\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
C:\Users\Eda\AppData\Local\SwvUpdater\Updater.exe (PUP.Software.Updater) -> Quarantined and deleted successfully.
C:\Users\Eda\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabStart.exe (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
C:\Users\Eda\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabStart64.exe (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
C:\Users\Eda\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabWrap.dll (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
C:\Users\Eda\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabWrap64.dll (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
C:\Users\Eda\AppData\Roaming\DefaultTab\DefaultTab\update.exe (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
C:\Users\Eda\AppData\Local\Temp\air3548.exe (PUP.Optional.Strongvault) -> Quarantined and deleted successfully.
C:\Users\Eda\AppData\Local\Temp\dlLogic.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Eda\AppData\Local\Temp\SPStub.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Eda\AppData\Local\Temp\ct3289663\chLogic.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Eda\AppData\Local\Temp\ct3289663\ctbe.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Eda\AppData\Local\Temp\ct3289663\ieLogic.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Eda\AppData\Local\Temp\ct3289663\spch.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Eda\AppData\Local\Temp\ct3289663\statisticsStub.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Eda\AppData\Local\Temp\ct3289663\stub.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Eda\AppData\Local\Temp\ct3289847\chlogic.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Eda\AppData\Local\Temp\ct3289847\ctbe.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Eda\AppData\Local\Temp\ct3289847\ielogic.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Eda\AppData\Local\Temp\ct3289847\statisticsStub.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Eda\AppData\Local\Conduit\CT3289663\InternetHelper3.1AutoUpdateHelper.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Eda\AppData\Local\Conduit\CT3289847\WhiteSmoke_NewAutoUpdateHelper.exe (PUP.Optional.WhiteSmoke.A) -> Quarantined and deleted successfully.
C:\Users\Eda\Local Settings\Temporary Internet Files\Content.IE5\1FRT5MLP\checktbexist[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Eda\Local Settings\Temporary Internet Files\Content.IE5\1FRT5MLP\DefaultTabSetup_20130903[1].exe (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Users\Eda\Local Settings\Temporary Internet Files\Content.IE5\1FRT5MLP\swa1_23[1].exe (PUP.Optional.Strongvault) -> Quarantined and deleted successfully.
C:\Users\Eda\Local Settings\Temporary Internet Files\Content.IE5\1FRT5MLP\WhiteSmoke_New[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Eda\Local Settings\Temporary Internet Files\Content.IE5\42Y947O9\freefileviewer_2_2817.exe (PUP.Optional.InstallIQ) -> Quarantined and deleted successfully.
C:\Users\Eda\Local Settings\Temporary Internet Files\Content.IE5\42Y947O9\IE_Security_Plugin_Setup.exe (PUP.Optional.IBryte) -> Quarantined and deleted successfully.
C:\Users\Eda\Local Settings\Temporary Internet Files\Content.IE5\42Y947O9\InternetHelper3_1_wpf[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Eda\Local Settings\Temporary Internet Files\Content.IE5\42Y947O9\PCFixSpeedSetup_253[1] (PUP.Optional.PCFixSpeed) -> Quarantined and deleted successfully.
C:\Users\Eda\Local Settings\Temporary Internet Files\Content.IE5\42Y947O9\setup__155[1].exe (PUP.Optional.Amonetize.AS) -> Quarantined and deleted successfully.
C:\Users\Eda\Local Settings\Temporary Internet Files\Content.IE5\WIK5WEHM\fileviewer.exe (PUP.Optional.InstallIQ.A) -> Quarantined and deleted successfully.
C:\Users\Eda\Local Settings\Temporary Internet Files\Content.IE5\WIK5WEHM\statisticsstub[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Eda\Local Settings\Temporary Internet Files\Content.IE5\Z6W4PLT3\InternetHelper3.1[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Eda\Local Settings\Temporary Internet Files\Content.IE5\Z6W4PLT3\stublogic[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Eda\Local Settings\Temporary Internet Files\Content.IE5\Z6W4PLT3\WhiteSmoke_New_wpf[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Windows\Tasks\AmiUpdXp.job (PUP.Software.Updater) -> Quarantined and deleted successfully.
C:\Program Files (x86)\PC Health Kit\PCHealthKit.chm (Rogue.PCHealthKit) -> Quarantined and deleted successfully.
C:\Program Files (x86)\PC Health Kit\CookiesException.txt (Rogue.PCHealthKit) -> Quarantined and deleted successfully.
C:\Program Files (x86)\PC Health Kit\English.ini (Rogue.PCHealthKit) -> Quarantined and deleted successfully.
C:\Program Files (x86)\PC Health Kit\file_id.diz (Rogue.PCHealthKit) -> Quarantined and deleted successfully.
C:\Program Files (x86)\PC Health Kit\HomePage.url (Rogue.PCHealthKit) -> Quarantined and deleted successfully.
C:\Program Files (x86)\PC Health Kit\PCHealthKit.exe (Rogue.PCHealthKit) -> Quarantined and deleted successfully.
C:\Program Files (x86)\PC Health Kit\PCHKGuard.exe (Rogue.PCHealthKit) -> Quarantined and deleted successfully.
C:\Program Files (x86)\PC Health Kit\PCHKLauncher.exe (Rogue.PCHealthKit) -> Quarantined and deleted successfully.
C:\Program Files (x86)\PC Health Kit\PCHKReminder.exe (Rogue.PCHealthKit) -> Quarantined and deleted successfully.
C:\Program Files (x86)\PC Health Kit\PCHKSchedule.exe (Rogue.PCHealthKit) -> Quarantined and deleted successfully.
C:\Program Files (x86)\PC Health Kit\PCHKSmartScan.exe (Rogue.PCHealthKit) -> Delete on reboot.
C:\Program Files (x86)\PC Health Kit\PCHKUninstaller.exe (Rogue.PCHealthKit) -> Quarantined and deleted successfully.
C:\Program Files (x86)\PC Health Kit\scan.gif (Rogue.PCHealthKit) -> Quarantined and deleted successfully.
C:\Program Files (x86)\PC Health Kit\sqlite3.dll (Rogue.PCHealthKit) -> Quarantined and deleted successfully.
C:\Program Files (x86)\PC Health Kit\StartupList.txt (Rogue.PCHealthKit) -> Quarantined and deleted successfully.
C:\Program Files (x86)\PC Health Kit\unins000.dat (Rogue.PCHealthKit) -> Quarantined and deleted successfully.
C:\Program Files (x86)\PC Health Kit\unins000.exe (Rogue.PCHealthKit) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Kit\PC Health Kit.lnk (Rogue.PCHealthKit) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Kit\Check updates.lnk (Rogue.PCHealthKit) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Kit\Help.lnk (Rogue.PCHealthKit) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Kit\PC Health Kit on the Web.lnk (Rogue.PCHealthKit) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Kit\Uninstall PC Health Kit.lnk (Rogue.PCHealthKit) -> Quarantined and deleted successfully.
C:\Program Files (x86)\WhiteSmoke_New\ToolbarContextMenu.xml (PUP.Optional.WhiteSmoke.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\WhiteSmoke_New\GottenAppsContextMenu.xml (PUP.Optional.WhiteSmoke.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\WhiteSmoke_New\hk64tbWhit.dll (PUP.Optional.WhiteSmoke.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\WhiteSmoke_New\hktbWhit.dll (PUP.Optional.WhiteSmoke.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\WhiteSmoke_New\ldrtbWhit.dll (PUP.Optional.WhiteSmoke.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\WhiteSmoke_New\OtherAppsContextMenu.xml (PUP.Optional.WhiteSmoke.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\WhiteSmoke_New\prxtbWhit.dll (PUP.Optional.WhiteSmoke.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\WhiteSmoke_New\SharedAppsContextMenu.xml (PUP.Optional.WhiteSmoke.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\WhiteSmoke_New\tbWhit.dll (PUP.Optional.WhiteSmoke.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\WhiteSmoke_New\toolbar.cfg (PUP.Optional.WhiteSmoke.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\WhiteSmoke_New\uninstall.exe (PUP.Optional.WhiteSmoke.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\WhiteSmoke_New\WhiteSmoke_NewToolbarHelper.exe (PUP.Optional.WhiteSmoke.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\bin\FirefoxModule.dll (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\bin\ChromeModule.dll (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\bin\cltmng.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe (PUP.Optional.SearchProtect.A) -> Delete on reboot.
C:\Program Files (x86)\SearchProtect\bin\InternetExplorerModule.dll (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\bin\msvcp100.dll (PUP.Optional.SearchProtect.A) -> Delete on reboot.
C:\Program Files (x86)\SearchProtect\bin\msvcr100.dll (PUP.Optional.SearchProtect.A) -> Delete on reboot.
C:\Program Files (x86)\SearchProtect\bin\SPHook32.dll (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\bin\SPRunner.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\bin\uninstall.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Dialogs\dialogsApi.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Dialogs\lib\jquery.min.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Dialogs\lib\json2.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Dialogs\spbd\bubble.css (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Dialogs\spbd\bubble.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Dialogs\spbd\main.html (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Dialogs\spbd\images\information.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Dialogs\spbd\images\x-default-LTR.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Dialogs\spbd\images\x-default-RTL.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Dialogs\spbd\images\x-mouseover-LTR.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Dialogs\spbd\images\x-mouseover-RTL.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Dialogs\spsd\main.html (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Dialogs\spsd\SearchProtector.css (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Dialogs\spsd\settings.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Dialogs\spsd\images\ok-button.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Dialogs\spsd\images\separation-line.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Dialogs\spsd\images\warning.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\ffprotect\nsprotector.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\ffprotect\abstraction.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\ffprotect\application.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Eda\AppData\Roaming\SearchProtect\bin\FirefoxModule.dll (PUP.Optional.SearchProtect.A) -> Delete on reboot.
C:\Users\Eda\AppData\Roaming\SearchProtect\bin\ChromeModule.dll (PUP.Optional.SearchProtect.A) -> Delete on reboot.
C:\Users\Eda\AppData\Roaming\SearchProtect\bin\cltmng.exe (PUP.Optional.SearchProtect.A) -> Delete on reboot.
C:\Users\Eda\AppData\Roaming\SearchProtect\bin\CltMngSvc.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Eda\AppData\Roaming\SearchProtect\bin\InternetExplorerModule.dll (PUP.Optional.SearchProtect.A) -> Delete on reboot.
C:\Users\Eda\AppData\Roaming\SearchProtect\bin\msvcp100.dll (PUP.Optional.SearchProtect.A) -> Delete on reboot.
C:\Users\Eda\AppData\Roaming\SearchProtect\bin\msvcr100.dll (PUP.Optional.SearchProtect.A) -> Delete on reboot.
C:\Users\Eda\AppData\Roaming\SearchProtect\bin\rep.dat (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Eda\AppData\Roaming\SearchProtect\bin\SPHook32.dll (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Eda\AppData\Roaming\SearchProtect\bin\SPRunner.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Eda\AppData\Roaming\SearchProtect\Dialogs\dialogsApi.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Eda\AppData\Roaming\SearchProtect\Dialogs\lib\jquery.min.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Eda\AppData\Roaming\SearchProtect\Dialogs\lib\json2.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Eda\AppData\Roaming\SearchProtect\Dialogs\spbd\bubble.css (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Eda\AppData\Roaming\SearchProtect\Dialogs\spbd\bubble.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Eda\AppData\Roaming\SearchProtect\Dialogs\spbd\main.html (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Eda\AppData\Roaming\SearchProtect\Dialogs\spbd\images\information.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Eda\AppData\Roaming\SearchProtect\Dialogs\spbd\images\x-default-LTR.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Eda\AppData\Roaming\SearchProtect\Dialogs\spbd\images\x-default-RTL.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Eda\AppData\Roaming\SearchProtect\Dialogs\spbd\images\x-mouseover-LTR.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Eda\AppData\Roaming\SearchProtect\Dialogs\spbd\images\x-mouseover-RTL.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Eda\AppData\Roaming\SearchProtect\Dialogs\spsd\main.html (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Eda\AppData\Roaming\SearchProtect\Dialogs\spsd\SearchProtector.css (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Eda\AppData\Roaming\SearchProtect\Dialogs\spsd\settings.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Eda\AppData\Roaming\SearchProtect\Dialogs\spsd\images\ok-button.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Eda\AppData\Roaming\SearchProtect\Dialogs\spsd\images\separation-line.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Eda\AppData\Roaming\SearchProtect\Dialogs\spsd\images\warning.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Eda\AppData\Roaming\SearchProtect\ffprotect\nsprotector.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Eda\AppData\Roaming\SearchProtect\ffprotect\abstraction.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Eda\AppData\Roaming\SearchProtect\ffprotect\application.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Eda\AppData\Roaming\SearchProtect\ffprotect\popupTransparent.xul (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Eda\AppData\Roaming\SearchProtect\ffprotect\Dialogs\dialogsApi.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Eda\AppData\Roaming\SearchProtect\ffprotect\Dialogs\lib\jquery.min.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Eda\AppData\Roaming\SearchProtect\ffprotect\Dialogs\lib\json2.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Eda\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spbd\bubble.css (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Eda\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spbd\bubble.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Eda\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spbd\main.html (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Eda\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spbd\images\information.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Eda\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spbd\images\x-default-LTR.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Eda\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spbd\images\x-default-RTL.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Eda\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spbd\images\x-mouseover-LTR.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Eda\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spbd\images\x-mouseover-RTL.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Eda\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spsd\main.html (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Eda\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spsd\SearchProtector.css (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Eda\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spsd\settings.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Eda\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spsd\images\ok-button.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Eda\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spsd\images\separation-line.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Eda\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spsd\images\warning.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Eda\AppData\Roaming\SearchProtect\ffprotect\SProtectorRepository\EN (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\DefaultTab\DefaultTab.crx (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\DefaultTab\uid (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Users\Eda\AppData\Roaming\DefaultTab\DefaultTab\addon.ico (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Users\Eda\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.cfg (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Users\Eda\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabUninstaller.exe (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Users\Eda\AppData\Roaming\DefaultTab\DefaultTab\DT.ico (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Users\Eda\AppData\Roaming\DefaultTab\DefaultTab\searchhere.ico (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Users\Eda\AppData\Roaming\DefaultTab\DefaultTab\uninstalldt.exe (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
 
(end)
 
 
 
 
Ran by Eda (administrator) on 19-09-2013 at 21:41:07
Running from "C:\Users\Eda\Downloads"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
 
 
 
========================= IP Configuration: ================================
 
Ralink RT5390 802.11b/g/n WiFi Adapter = Wireless Network Connection (Connected)
Realtek PCIe FE Family Controller = Local Area Connection (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : Eda-HP
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
 
Wireless LAN adapter Wireless Network Connection:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Ralink RT5390 802.11b/g/n WiFi Adapter
   Physical Address. . . . . . . . . : EC-55-F9-19-06-4A
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::2803:6b0:f6ed:84ad%12(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.1.23(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Thursday, September 19, 2013 8:31:48 PM
   Lease Expires . . . . . . . . . . : Friday, September 20, 2013 8:31:53 PM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 334255609
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-E7-FD-AA-98-4B-E1-C5-DD-00
   DNS Servers . . . . . . . . . . . : 192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Ethernet adapter Local Area Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : westell.com
   Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
   Physical Address. . . . . . . . . : 98-4B-E1-C5-DD-00
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.westell.com:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 9:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:1cdd:3893:9df0:55fa(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::1cdd:3893:9df0:55fa%16(Preferred) 
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
 
Tunnel adapter isatap.{B8ACD5F6-A1EF-40FD-84FD-B36D66FED72E}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  UnKnown
Address:  192.168.1.1
 
Name:    google.com
Addresses:  2607:f8b0:4006:802::1005
 173.194.43.14
 173.194.43.0
 173.194.43.1
 173.194.43.2
 173.194.43.3
 173.194.43.4
 173.194.43.5
 173.194.43.6
 173.194.43.7
 173.194.43.8
 173.194.43.9
 
 
Pinging google.com [74.125.226.226] with 32 bytes of data:
Reply from 74.125.226.226: bytes=32 time=28ms TTL=51
Reply from 74.125.226.226: bytes=32 time=27ms TTL=51
 
Ping statistics for 74.125.226.226:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 27ms, Maximum = 28ms, Average = 27ms
Server:  UnKnown
Address:  192.168.1.1
 
Name:    yahoo.com
Addresses:  206.190.36.45
 98.138.253.109
 98.139.183.24
 
 
Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=94ms TTL=47
Reply from 98.138.253.109: bytes=32 time=93ms TTL=47
 
Ping statistics for 98.138.253.109:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 93ms, Maximum = 94ms, Average = 93ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 12...ec 55 f9 19 06 4a ......Ralink RT5390 802.11b/g/n WiFi Adapter
 10...98 4b e1 c5 dd 00 ......Realtek PCIe FE Family Controller
  1...........................Software Loopback Interface 1
 15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 16...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1     192.168.1.23     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link      192.168.1.23    281
     192.168.1.23  255.255.255.255         On-link      192.168.1.23    281
    192.168.1.255  255.255.255.255         On-link      192.168.1.23    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link      192.168.1.23    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link      192.168.1.23    281
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 16     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 16     58 2001::/32                On-link
 16    306 2001:0:9d38:6ab8:1cdd:3893:9df0:55fa/128
                                    On-link
 12    281 fe80::/64                On-link
 16    306 fe80::/64                On-link
 16    306 fe80::1cdd:3893:9df0:55fa/128
                                    On-link
 12    281 fe80::2803:6b0:f6ed:84ad/128
                                    On-link
  1    306 ff00::/8                 On-link
 16    306 ff00::/8                 On-link
 12    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 09 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog5 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 09 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (09/19/2013 08:32:28 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding   14 23.1.168.192.in-addr.arpa. PTR Eda-HP.local.
 
Error: (09/19/2013 08:32:28 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.23:5353   16 23.1.168.192.in-addr.arpa. PTR Eda-HP-2.local.
 
Error: (09/19/2013 07:39:25 PM) (Source: Application Error) (User: )
Description: Faulting application name: DefaultTabSearch.exe, version: 0.0.0.0, time stamp: 0x52302dc0
Faulting module name: DefaultTabSearch.exe, version: 0.0.0.0, time stamp: 0x52302dc0
Exception code: 0xc0000005
Fault offset: 0x00002c80
Faulting process id: 0x5ac
Faulting application start time: 0xDefaultTabSearch.exe0
Faulting application path: DefaultTabSearch.exe1
Faulting module path: DefaultTabSearch.exe2
Report Id: DefaultTabSearch.exe3
 
Error: (09/18/2013 11:41:02 PM) (Source: Application Error) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 10.0.9200.16686, time stamp: 0x52058cf0
Faulting module name: IEFRAME.dll, version: 10.0.9200.16686, time stamp: 0x52059132
Exception code: 0xc0000005
Fault offset: 0x001f6819
Faulting process id: 0x12dc
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3
 
Error: (09/18/2013 11:05:32 PM) (Source: Application Error) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 10.0.9200.16686, time stamp: 0x52058cf0
Faulting module name: RPCRT4.dll, version: 6.1.7601.18205, time stamp: 0x51db9710
Exception code: 0xc0020043
Fault offset: 0x0005cf69
Faulting process id: 0x102c
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3
 
Error: (09/18/2013 10:32:39 PM) (Source: Application Error) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 10.0.9200.16686, time stamp: 0x52058cf0
Faulting module name: IEFRAME.dll, version: 10.0.9200.16686, time stamp: 0x52059132
Exception code: 0xc0000005
Fault offset: 0x001f6819
Faulting process id: 0x1ea8
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3
 
Error: (09/18/2013 04:46:05 PM) (Source: Application Error) (User: )
Description: Faulting application name: AdobeARM.exe, version: 1.6.5.0, time stamp: 0x4ffe7cfa
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x004f00a0
Faulting process id: 0x2d8
Faulting application start time: 0xAdobeARM.exe0
Faulting application path: AdobeARM.exe1
Faulting module path: AdobeARM.exe2
Report Id: AdobeARM.exe3
 
Error: (09/17/2013 10:45:29 PM) (Source: Application Error) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 10.0.9200.16686, time stamp: 0x52058cf0
Faulting module name: IEFRAME.dll, version: 10.0.9200.16686, time stamp: 0x52059132
Exception code: 0xc0000005
Fault offset: 0x001f6819
Faulting process id: 0xe14
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3
 
Error: (09/17/2013 10:44:44 PM) (Source: Application Error) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 10.0.9200.16686, time stamp: 0x52058cf0
Faulting module name: IEFRAME.dll, version: 10.0.9200.16686, time stamp: 0x52059132
Exception code: 0xc0000005
Fault offset: 0x001f6819
Faulting process id: 0x10a4
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3
 
Error: (09/17/2013 10:22:24 PM) (Source: Application Hang) (User: )
Description: The program IEXPLORE.EXE version 10.0.9200.16686 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 394
 
Start Time: 01ceb415be73eef5
 
Termination Time: 1029
 
Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
 
Report Id:
 
 
System errors:
=============
Error: (09/19/2013 09:15:10 PM) (Source: Service Control Manager) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Apple Mobile Device service, but this action failed with the following error: 
%%1056
 
Error: (09/19/2013 09:14:10 PM) (Source: Service Control Manager) (User: )
Description: The Apple Mobile Device service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
 
Error: (09/19/2013 09:13:26 PM) (Source: Service Control Manager) (User: )
Description: The Apple Mobile Device service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
 
Error: (09/19/2013 08:32:22 PM) (Source: Service Control Manager) (User: )
Description: The Computer Backup (MyPC Backup) service failed to start due to the following error: 
%%1053
 
Error: (09/19/2013 08:32:22 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Computer Backup (MyPC Backup) service to connect.
 
Error: (09/19/2013 08:25:09 PM) (Source: Service Control Manager) (User: )
Description: The Computer Backup (MyPC Backup) service failed to start due to the following error: 
%%1053
 
Error: (09/19/2013 08:25:09 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Computer Backup (MyPC Backup) service to connect.
 
Error: (09/19/2013 07:41:22 PM) (Source: Service Control Manager) (User: )
Description: The DefaultTabSearch service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (09/19/2013 07:40:49 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
 
Error: (09/19/2013 07:40:12 PM) (Source: Service Control Manager) (User: )
Description: The Kodak AiO Network Discovery Service service failed to start due to the following error: 
%%1053
 
 
Microsoft Office Sessions:
=========================
Error: (09/19/2013 08:32:28 PM) (Source: Bonjour Service)(User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding   14 23.1.168.192.in-addr.arpa. PTR Eda-HP.local.
 
Error: (09/19/2013 08:32:28 PM) (Source: Bonjour Service)(User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.23:5353   16 23.1.168.192.in-addr.arpa. PTR Eda-HP-2.local.
 
Error: (09/19/2013 07:39:25 PM) (Source: Application Error)(User: )
Description: DefaultTabSearch.exe0.0.0.052302dc0DefaultTabSearch.exe0.0.0.052302dc0c000000500002c805ac01ceb59170b14469C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exeC:\Program Files (x86)\DefaultTab\DefaultTabSearch.exeb7783276-2184-11e3-aa13-984be1c5dd00
 
Error: (09/18/2013 11:41:02 PM) (Source: Application Error)(User: )
Description: IEXPLORE.EXE10.0.9200.1668652058cf0IEFRAME.dll10.0.9200.1668652059132c0000005001f681912dc01ceb4dd6dd205ccC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\system32\IEFRAME.dll4d644e95-20dd-11e3-b6cc-984be1c5dd00
 
Error: (09/18/2013 11:05:32 PM) (Source: Application Error)(User: )
Description: IEXPLORE.EXE10.0.9200.1668652058cf0RPCRT4.dll6.1.7601.1820551db9710c00200430005cf69102c01ceb4e08afab16cC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\syswow64\RPCRT4.dll57dcf99d-20d8-11e3-b6cc-984be1c5dd00
 
Error: (09/18/2013 10:32:39 PM) (Source: Application Error)(User: )
Description: IEXPLORE.EXE10.0.9200.1668652058cf0IEFRAME.dll10.0.9200.1668652059132c0000005001f68191ea801ceb4dd9d4eb4dfC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\system32\IEFRAME.dllbfe0294a-20d3-11e3-b6cc-984be1c5dd00
 
Error: (09/18/2013 04:46:05 PM) (Source: Application Error)(User: )
Description: AdobeARM.exe1.6.5.04ffe7cfaunknown0.0.0.000000000c0000005004f00a02d801ceb417fce75a65C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exeunknown55dda71d-20a3-11e3-b6cc-984be1c5dd00
 
Error: (09/17/2013 10:45:29 PM) (Source: Application Error)(User: )
Description: IEXPLORE.EXE10.0.9200.1668652058cf0IEFRAME.dll10.0.9200.1668652059132c0000005001f6819e1401ceb417ee7dc57cC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\system32\IEFRAME.dll60956c7d-200c-11e3-b6cc-984be1c5dd00
 
Error: (09/17/2013 10:44:44 PM) (Source: Application Error)(User: )
Description: IEXPLORE.EXE10.0.9200.1668652058cf0IEFRAME.dll10.0.9200.1668652059132c0000005001f681910a401ceb4172f3f0b3fC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\system32\IEFRAME.dll45dd4dfc-200c-11e3-b6cc-984be1c5dd00
 
Error: (09/17/2013 10:22:24 PM) (Source: Application Hang)(User: )
Description: IEXPLORE.EXE10.0.9200.1668639401ceb415be73eef51029C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
 
 
=========================== Installed Programs ============================
 
ActiveCheck component for HP Active Support Library (Version: 3.0.0.3)
Adobe AIR (Version: 3.8.0.1430)
Adobe Flash Player 11 ActiveX (Version: 11.8.800.174)
Adobe Reader 9.5.5 MUI (Version: 9.5.5)
Adobe Shockwave Player 11.5 (Version: 11.5.8.612)
Agatha Christie - Peril at End House (Version: 2.2.0.95)
aioprnt (Version: 5.3.1.0)
aioscnnr (Version: 6.2.3.10)
aioscnnr (Version: 7.3.4.0)
Apple Application Support (Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (Version: 2.1.3.127)
avast! Free Antivirus (Version: 8.0.1497.0)
Bejeweled 2 Deluxe (Version: 2.2.0.95)
Blackhawk Striker 2 (Version: 2.2.0.95)
Blasterball 3 (Version: 2.2.0.95)
Blio (Version: 2.0.5350)
Bonjour (Version: 3.0.0.10)
Bounce Symphony (Version: 2.2.0.95)
Build-a-lot 2 (Version: 2.2.0.95)
C4USelfUpdater (Version: 1.00.0000)
Cake Mania (Version: 2.2.0.95)
center (Version: 6.2.5.0)
Chuzzle Deluxe (Version: 2.2.0.95)
Compaq Setup Manager (Version: 1.0.12844.3519)
CyberLink DVD Suite (Version: 7.0.3320)
CyberLink MediaShow (Version: 5.0.1920)
CyberLink PowerDVD 9 (Version: 9.0.1.4604)
CyberLink YouCam (Version: 3.2.3321)
D3DX10 (Version: 15.4.2368.0902)
Define Ext (Version: 8)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Diner Dash 2 Restaurant Rescue (Version: 2.2.0.95)
Dora's World Adventure (Version: 2.2.0.95)
Dropbox (Version: 2.0.22)
Energy Star Digital Logo (Version: 1.0.1)
Escape Rosecliff Island (Version: 2.2.0.95)
essentials (Version: 6.0.14.0)
ESU for Microsoft Windows 7 (Version: 1.0.0)
Farm Frenzy (Version: 2.2.0.95)
FATE (Version: 2.2.0.95)
Final Drive Nitro (Version: 2.2.0.95)
Fisher-Price iXL - Cars 2 (Version: 1.0.0)
Fisher-Price iXL - Mickey's Clubhouse (Version: 1.0.0)
Fisher-Price iXL Computer Software (Version: 2.0.2.8)
Flash Player Pro V5.4
Google Chrome (Version: 29.0.1547.66)
Google Update Helper (Version: 1.3.21.153)
Heroes of Hellas 2 - Olympia (Version: 2.2.0.95)
HP Auto (Version: 1.0.12494.3472)
HP Client Services (Version: 1.0.12656.3472)
HP CloudDrive
HP Customer Experience Enhancements (Version: 6.0.1.7)
HP Documentation (Version: 1.1.2.1)
HP Game Console
HP Games (Version: 1.0.1.5)
HP MovieStore (Version: 1.0.023)
HP MovieStore (Version: 2.0.2)
HP Photo Creations (Version: 1.0.0.4042)
HP Power Manager (Version: 1.1.2)
HP Product Detection (Version: 11.14.0004)
HP Quick Launch (Version: 2.2.7)
HP Setup (Version: 8.4.4400.3525)
HP Software Framework (Version: 4.0.70.1)
HP Support Assistant (Version: 5.1.8.12)
HP Wireless Assistant (Version: 4.0.10.0)
HPAsset component for HP Active Support Library (Version: 3.0.2.2)
IBM SPSS Statistics 20 (Version: 20.0.0.0)
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.2086)
Intel® Rapid Storage Technology (Version: 9.6.2.1001)
InternetHelper3.1 Toolbar for IE (Version: 6.16.1.9)
iTunes (Version: 11.0.4.4)
Java 7 Update 40 (Version: 7.0.400)
Java Auto Updater (Version: 2.1.9.8)
Java™ 6 Update 21 (64-bit) (Version: 6.0.210)
Java™ 6 Update 35 (Version: 6.0.350)
Jewel Quest Solitaire 2 (Version: 2.2.0.95)
Junk Mail filter update (Version: 15.4.3502.0922)
Kodak AIO Printer (Version: 7.3.4.0)
KODAK AiO Software (Version: 7.3.8.20)
LabelPrint (Version: 2.5.3220)
LightScribe System Software (Version: 1.18.18.1)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Home and Student 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Starter 2010 - English (Version: 14.0.4763.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft PowerPoint Viewer (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Store Download Manager (Version: 2.9.4919.1)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Mystery P.I. - The London Caper (Version: 2.2.0.95)
ocr (Version: 6.2.3.50)
Octoshape add-in for Adobe Flash Player
Penguins! (Version: 2.2.0.95)
PhotoNow! (Version: 1.1.7717)
Plants vs. Zombies (Version: 2.2.0.95)
PlayReady PC Runtime x86 (Version: 1.3.0)
Poker Superstars III (Version: 2.2.0.95)
Polar Bowler (Version: 2.2.0.95)
Polar Golfer (Version: 2.2.0.95)
PowerDirector (Version: 8.0.3320)
PreReq (Version: 6.2.3.0)
QuickTime (Version: 7.74.80.86)
Ralink RT2860 Wireless LAN Card (Version: 3.1.13.0)
Realtek Ethernet Controller Driver For Windows 7 (Version: 7.18.322.2010)
Realtek High Definition Audio Driver (Version: 6.0.1.6206)
Recovery Manager (Version: 5.5.3223)
RoxioNow Player (Version: 1.9.5.101)
RtVOsd (Version: 1.0.6)
SUPERAntiSpyware (Version: 5.5.1016)
Synaptics Pointing Device Driver (Version: 15.1.6.64)
Times Reader (Version: 2.055)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553157) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589370) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760758) 32-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition
Virtual Families (Version: 2.2.0.95)
Virtual Villagers 4 - The Tree of Life (Version: 2.2.0.95)
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
VLC media player 2.0.8 (Version: 2.0.8)
Wheel of Fortune 2 (Version: 2.2.0.95)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WinX DVD Ripper 5.5.10
Zuma Deluxe (Version: 2.2.0.95)
 
========================= Memory info: ===================================
 
Percentage of memory in use: 67%
Total physical RAM: 1978.93 MB
Available physical RAM: 635.43 MB
Total Pagefile: 3957.85 MB
Available Pagefile: 1996.16 MB
Total Virtual: 4095.88 MB
Available Virtual: 3968.24 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:213.73 GB) (Free:116.12 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:18.86 GB) (Free:2.74 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\EDA-HP
 
Administrator            Eda                      Guest                    
 
 
**** End of log ****
 
 
 
 
 
 
 
21:41:30.0058 0x17ac  TDSS rootkit removing tool 2.9.2.0 Aug 15 2013 16:44:29
21:41:30.0554 0x17ac  ============================================================
21:41:30.0554 0x17ac  Current date / time: 2013/09/19 21:41:30.0554
21:41:30.0554 0x17ac  SystemInfo:
21:41:30.0554 0x17ac  
21:41:30.0554 0x17ac  OS Version: 6.1.7601 ServicePack: 1.0
21:41:30.0554 0x17ac  Product type: Workstation
21:41:30.0555 0x17ac  ComputerName: EDA-HP
21:41:30.0555 0x17ac  UserName: Eda
21:41:30.0555 0x17ac  Windows directory: C:\Windows
21:41:30.0555 0x17ac  System windows directory: C:\Windows
21:41:30.0555 0x17ac  Running under WOW64
21:41:30.0555 0x17ac  Processor architecture: Intel x64
21:41:30.0555 0x17ac  Number of processors: 1
21:41:30.0555 0x17ac  Page size: 0x1000
21:41:30.0555 0x17ac  Boot type: Normal boot
21:41:30.0555 0x17ac  ============================================================
21:41:31.0220 0x17ac  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:41:31.0224 0x17ac  ============================================================
21:41:31.0224 0x17ac  \Device\Harddisk0\DR0:
21:41:31.0224 0x17ac  MBR partitions:
21:41:31.0224 0x17ac  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
21:41:31.0224 0x17ac  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x1AB73800
21:41:31.0224 0x17ac  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x1ABD7800, BlocksNum 0x25BA000
21:41:31.0224 0x17ac  \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x1D191800, BlocksNum 0x33970
21:41:31.0224 0x17ac  ============================================================
21:41:31.0263 0x17ac  C: <-> \Device\Harddisk0\DR0\Partition2
21:41:31.0308 0x17ac  D: <-> \Device\Harddisk0\DR0\Partition3
21:41:31.0308 0x17ac  ============================================================
21:41:31.0308 0x17ac  Initialize success
21:41:31.0308 0x17ac  ============================================================
21:41:52.0208 0x15c4  ============================================================
21:41:52.0208 0x15c4  Scan started
21:41:52.0208 0x15c4  Mode: Manual; 
21:41:52.0208 0x15c4  ============================================================
21:41:52.0471 0x15c4  ================ Scan system memory ========================
21:41:52.0471 0x15c4  System memory - ok
21:41:52.0474 0x15c4  ================ Scan services =============================
21:41:52.0606 0x15c4  [ 581D88B25C4D4121824FED2CA38E562F ] !SASCORE        C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
21:41:52.0608 0x15c4  !SASCORE - ok
21:41:52.0867 0x15c4  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
21:41:52.0871 0x15c4  1394ohci - ok
21:41:52.0930 0x15c4  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
21:41:52.0934 0x15c4  ACPI - ok
21:41:52.0988 0x15c4  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
21:41:52.0990 0x15c4  AcpiPmi - ok
21:41:53.0174 0x15c4  [ 7BBAF543CABE8A8D275BC7F6C66C1959 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:41:53.0177 0x15c4  AdobeFlashPlayerUpdateSvc - ok
21:41:53.0265 0x15c4  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
21:41:53.0271 0x15c4  adp94xx - ok
21:41:53.0320 0x15c4  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
21:41:53.0342 0x15c4  adpahci - ok
21:41:53.0393 0x15c4  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
21:41:53.0396 0x15c4  adpu320 - ok
21:41:53.0438 0x15c4  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
21:41:53.0440 0x15c4  AeLookupSvc - ok
21:41:53.0504 0x15c4  [ D1E343BC00136CE03C4D403194D06A80 ] AERTFilters     C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
21:41:53.0509 0x15c4  AERTFilters - ok
21:41:53.0565 0x15c4  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
21:41:53.0571 0x15c4  AFD - ok
21:41:53.0623 0x15c4  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
21:41:53.0626 0x15c4  agp440 - ok
21:41:53.0669 0x15c4  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
21:41:53.0671 0x15c4  ALG - ok
21:41:53.0735 0x15c4  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
21:41:53.0736 0x15c4  aliide - ok
21:41:53.0771 0x15c4  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
21:41:53.0772 0x15c4  amdide - ok
21:41:53.0813 0x15c4  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
21:41:53.0816 0x15c4  AmdK8 - ok
21:41:53.0856 0x15c4  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
21:41:53.0858 0x15c4  AmdPPM - ok
21:41:53.0914 0x15c4  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
21:41:53.0916 0x15c4  amdsata - ok
21:41:53.0967 0x15c4  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
21:41:53.0969 0x15c4  amdsbs - ok
21:41:53.0993 0x15c4  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
21:41:53.0995 0x15c4  amdxata - ok
21:41:54.0059 0x15c4  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
21:41:54.0061 0x15c4  AppID - ok
21:41:54.0095 0x15c4  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
21:41:54.0096 0x15c4  AppIDSvc - ok
21:41:54.0153 0x15c4  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll
21:41:54.0155 0x15c4  Appinfo - ok
21:41:54.0265 0x15c4  [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:41:54.0266 0x15c4  Apple Mobile Device - ok
21:41:54.0319 0x15c4  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
21:41:54.0321 0x15c4  arc - ok
21:41:54.0350 0x15c4  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
21:41:54.0352 0x15c4  arcsas - ok
21:41:54.0421 0x15c4  [ A83C9C15680BB9E270ACF7172068E287 ] aswFsBlk        C:\Windows\system32\drivers\aswFsBlk.sys
21:41:54.0423 0x15c4  aswFsBlk - ok
21:41:54.0487 0x15c4  [ 5C40B8D77EBEE1DE0E7A8CDD0CD75773 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
21:41:54.0488 0x15c4  aswMonFlt - ok
21:41:54.0538 0x15c4  [ 997F6977294B9ACB7F400431DF8E3A4A ] aswRdr          C:\Windows\System32\Drivers\aswrdr2.sys
21:41:54.0540 0x15c4  aswRdr - ok
21:41:54.0620 0x15c4  [ 286193DC28CFB4CEB8D378E20A0850A9 ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
21:41:54.0622 0x15c4  aswRvrt - ok
21:41:54.0732 0x15c4  [ 58B93BA20D4693D0800D2B0A62B8059D ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
21:41:54.0742 0x15c4  aswSnx - ok
21:41:54.0794 0x15c4  [ EC7148DB4D126C81426A67602822E62C ] aswSP           C:\Windows\system32\drivers\aswSP.sys
21:41:54.0799 0x15c4  aswSP - ok
21:41:54.0853 0x15c4  [ 0E422E9CB7CD9C0AA6D4DFEAFA086EAA ] aswTdi          C:\Windows\system32\drivers\aswTdi.sys
21:41:54.0855 0x15c4  aswTdi - ok
21:41:54.0923 0x15c4  [ 9FE455C916C656144B004E3EB48507CE ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
21:41:54.0926 0x15c4  aswVmm - ok
21:41:54.0958 0x15c4  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
21:41:54.0960 0x15c4  AsyncMac - ok
21:41:55.0017 0x15c4  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
21:41:55.0018 0x15c4  atapi - ok
21:41:55.0096 0x15c4  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:41:55.0104 0x15c4  AudioEndpointBuilder - ok
21:41:55.0122 0x15c4  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
21:41:55.0128 0x15c4  AudioSrv - ok
21:41:55.0243 0x15c4  [ 9330941C8F6DF417F6DBBE998DB6687E ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
21:41:55.0245 0x15c4  avast! Antivirus - ok
21:41:55.0316 0x15c4  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
21:41:55.0318 0x15c4  AxInstSV - ok
21:41:55.0372 0x15c4  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
21:41:55.0378 0x15c4  b06bdrv - ok
21:41:55.0418 0x15c4  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
21:41:55.0424 0x15c4  b57nd60a - ok
21:41:55.0478 0x15c4  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
21:41:55.0480 0x15c4  BDESVC - ok
21:41:55.0517 0x15c4  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
21:41:55.0519 0x15c4  Beep - ok
21:41:55.0637 0x15c4  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
21:41:55.0646 0x15c4  BFE - ok
21:41:55.0713 0x15c4  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
21:41:55.0726 0x15c4  BITS - ok
21:41:55.0772 0x15c4  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
21:41:55.0774 0x15c4  blbdrive - ok
21:41:55.0870 0x15c4  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
21:41:55.0875 0x15c4  Bonjour Service - ok
21:41:55.0918 0x15c4  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
21:41:55.0920 0x15c4  bowser - ok
21:41:55.0966 0x15c4  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
21:41:55.0967 0x15c4  BrFiltLo - ok
21:41:56.0005 0x15c4  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
21:41:56.0006 0x15c4  BrFiltUp - ok
21:41:56.0057 0x15c4  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
21:41:56.0059 0x15c4  Browser - ok
21:41:56.0098 0x15c4  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
21:41:56.0112 0x15c4  Brserid - ok
21:41:56.0162 0x15c4  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
21:41:56.0166 0x15c4  BrSerWdm - ok
21:41:56.0204 0x15c4  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
21:41:56.0206 0x15c4  BrUsbMdm - ok
21:41:56.0238 0x15c4  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
21:41:56.0239 0x15c4  BrUsbSer - ok
21:41:56.0269 0x15c4  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
21:41:56.0271 0x15c4  BTHMODEM - ok
21:41:56.0331 0x15c4  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
21:41:56.0333 0x15c4  bthserv - ok
21:41:56.0369 0x15c4  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
21:41:56.0371 0x15c4  cdfs - ok
21:41:56.0446 0x15c4  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
21:41:56.0449 0x15c4  cdrom - ok
21:41:56.0501 0x15c4  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
21:41:56.0503 0x15c4  CertPropSvc - ok
21:41:56.0556 0x15c4  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
21:41:56.0562 0x15c4  circlass - ok
21:41:56.0614 0x15c4  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
21:41:56.0619 0x15c4  CLFS - ok
21:41:56.0703 0x15c4  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:41:56.0706 0x15c4  clr_optimization_v2.0.50727_32 - ok
21:41:56.0771 0x15c4  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:41:56.0774 0x15c4  clr_optimization_v2.0.50727_64 - ok
21:41:56.0853 0x15c4  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:41:56.0855 0x15c4  clr_optimization_v4.0.30319_32 - ok
21:41:56.0874 0x15c4  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:41:56.0877 0x15c4  clr_optimization_v4.0.30319_64 - ok
21:41:56.0919 0x15c4  [ 50F92C943F18B070F166D019DFAB3D9A ] clwvd           C:\Windows\system32\DRIVERS\clwvd.sys
21:41:56.0921 0x15c4  clwvd - ok
21:41:56.0962 0x15c4  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
21:41:56.0963 0x15c4  CmBatt - ok
21:41:57.0009 0x15c4  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
21:41:57.0011 0x15c4  cmdide - ok
21:41:57.0061 0x15c4  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
21:41:57.0074 0x15c4  CNG - ok
21:41:57.0123 0x15c4  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
21:41:57.0124 0x15c4  Compbatt - ok
21:41:57.0176 0x15c4  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
21:41:57.0178 0x15c4  CompositeBus - ok
21:41:57.0194 0x15c4  COMSysApp - ok
21:41:57.0237 0x15c4  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
21:41:57.0239 0x15c4  crcdisk - ok
21:41:57.0305 0x15c4  [ 6B400F211BEE880A37A1ED0368776BF4 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
21:41:57.0308 0x15c4  CryptSvc - ok
21:41:57.0430 0x15c4  [ FD557A50A65E44041CD2FCEF4BEB04DB ] cvhsvc          C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
21:41:57.0439 0x15c4  cvhsvc - ok
21:41:57.0513 0x15c4  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
21:41:57.0522 0x15c4  DcomLaunch - ok
21:41:57.0562 0x15c4  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
21:41:57.0566 0x15c4  defragsvc - ok
21:41:57.0627 0x15c4  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
21:41:57.0629 0x15c4  DfsC - ok
21:41:57.0713 0x15c4  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
21:41:57.0718 0x15c4  Dhcp - ok
21:41:57.0753 0x15c4  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
21:41:57.0755 0x15c4  discache - ok
21:41:57.0807 0x15c4  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
21:41:57.0809 0x15c4  Disk - ok
21:41:57.0847 0x15c4  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
21:41:57.0851 0x15c4  Dnscache - ok
21:41:57.0888 0x15c4  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
21:41:57.0892 0x15c4  dot3svc - ok
21:41:57.0936 0x15c4  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
21:41:57.0939 0x15c4  DPS - ok
21:41:57.0977 0x15c4  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
21:41:57.0979 0x15c4  drmkaud - ok
21:41:58.0042 0x15c4  [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
21:41:58.0052 0x15c4  DXGKrnl - ok
21:41:58.0095 0x15c4  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
21:41:58.0098 0x15c4  EapHost - ok
21:41:58.0204 0x15c4  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
21:41:58.0317 0x15c4  ebdrv - ok
21:41:58.0362 0x15c4  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
21:41:58.0365 0x15c4  EFS - ok
21:41:58.0477 0x15c4  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
21:41:58.0485 0x15c4  ehRecvr - ok
21:41:58.0517 0x15c4  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
21:41:58.0519 0x15c4  ehSched - ok
21:41:58.0570 0x15c4  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
21:41:58.0576 0x15c4  elxstor - ok
21:41:58.0613 0x15c4  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
21:41:58.0614 0x15c4  ErrDev - ok
21:41:58.0695 0x15c4  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
21:41:58.0701 0x15c4  EventSystem - ok
21:41:58.0731 0x15c4  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
21:41:58.0734 0x15c4  exfat - ok
21:41:58.0770 0x15c4  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
21:41:58.0772 0x15c4  fastfat - ok
21:41:58.0855 0x15c4  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
21:41:58.0864 0x15c4  Fax - ok
21:41:58.0895 0x15c4  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
21:41:58.0896 0x15c4  fdc - ok
21:41:58.0942 0x15c4  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
21:41:58.0944 0x15c4  fdPHost - ok
21:41:58.0958 0x15c4  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
21:41:58.0961 0x15c4  FDResPub - ok
21:41:58.0984 0x15c4  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
21:41:58.0987 0x15c4  FileInfo - ok
21:41:59.0008 0x15c4  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
21:41:59.0010 0x15c4  Filetrace - ok
21:41:59.0031 0x15c4  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
21:41:59.0033 0x15c4  flpydisk - ok
21:41:59.0091 0x15c4  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
21:41:59.0095 0x15c4  FltMgr - ok
21:41:59.0166 0x15c4  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
21:41:59.0180 0x15c4  FontCache - ok
21:41:59.0253 0x15c4  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:41:59.0255 0x15c4  FontCache3.0.0.0 - ok
21:41:59.0288 0x15c4  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
21:41:59.0289 0x15c4  FsDepends - ok
21:41:59.0340 0x15c4  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
21:41:59.0342 0x15c4  Fs_Rec - ok
21:41:59.0409 0x15c4  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
21:41:59.0413 0x15c4  fvevol - ok
21:41:59.0457 0x15c4  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
21:41:59.0459 0x15c4  gagp30kx - ok
21:41:59.0536 0x15c4  [ D154305DE6090E6E84E525F84BB08A06 ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
21:41:59.0540 0x15c4  GameConsoleService - ok
21:41:59.0567 0x15c4  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
21:41:59.0568 0x15c4  GEARAspiWDM - ok
21:41:59.0634 0x15c4  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
21:41:59.0643 0x15c4  gpsvc - ok
21:41:59.0699 0x15c4  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:41:59.0702 0x15c4  gupdate - ok
21:41:59.0724 0x15c4  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:41:59.0726 0x15c4  gupdatem - ok
21:41:59.0765 0x15c4  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
21:41:59.0767 0x15c4  hcw85cir - ok
21:41:59.0815 0x15c4  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:41:59.0821 0x15c4  HdAudAddService - ok
21:41:59.0859 0x15c4  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
21:41:59.0862 0x15c4  HDAudBus - ok
21:41:59.0898 0x15c4  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
21:41:59.0900 0x15c4  HidBatt - ok
21:41:59.0923 0x15c4  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
21:41:59.0925 0x15c4  HidBth - ok
21:41:59.0943 0x15c4  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
21:41:59.0952 0x15c4  HidIr - ok
21:41:59.0980 0x15c4  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
21:41:59.0982 0x15c4  hidserv - ok
21:42:00.0049 0x15c4  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
21:42:00.0050 0x15c4  HidUsb - ok
21:42:00.0086 0x15c4  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
21:42:00.0089 0x15c4  hkmsvc - ok
21:42:00.0130 0x15c4  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:42:00.0135 0x15c4  HomeGroupListener - ok
21:42:00.0184 0x15c4  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:42:00.0190 0x15c4  HomeGroupProvider - ok
21:42:00.0259 0x15c4  [ 37965381364B2E106E1DD7D74CDCAA43 ] HP Health Check Service C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
21:42:00.0261 0x15c4  HP Health Check Service - ok
21:42:00.0311 0x15c4  [ C930128C8F8FF03D8F8C42B570920D56 ] HP Wireless Assistant Service C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
21:42:00.0314 0x15c4  HP Wireless Assistant Service - ok
21:42:00.0363 0x15c4  [ 3DC11A802353401332D49C3CBFBBE5FC ] HPClientSvc     C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
21:42:00.0367 0x15c4  HPClientSvc - ok
21:42:00.0435 0x15c4  [ F323230C391771611BBE9363B88C3E3E ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
21:42:00.0437 0x15c4  HPDrvMntSvc.exe - ok
21:42:00.0492 0x15c4  [ 5311386F0EC157D155BB07A1D420FB4D ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
21:42:00.0501 0x15c4  hpqwmiex - ok
21:42:00.0572 0x15c4  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
21:42:00.0574 0x15c4  HpSAMD - ok
21:42:00.0676 0x15c4  [ 854197D1270D20193FE2D4B14784AADE ] HPWMISVC        C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
21:42:00.0678 0x15c4  HPWMISVC - ok
21:42:00.0736 0x15c4  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
21:42:00.0747 0x15c4  HTTP - ok
21:42:00.0798 0x15c4  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
21:42:00.0799 0x15c4  hwpolicy - ok
21:42:00.0866 0x15c4  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
21:42:00.0869 0x15c4  i8042prt - ok
21:42:00.0947 0x15c4  [ 1384872112E8E7FD5786ECEB8BDDF4C9 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
21:42:00.0951 0x15c4  iaStor - ok
21:42:01.0037 0x15c4  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
21:42:01.0042 0x15c4  iaStorV - ok
21:42:01.0143 0x15c4  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:42:01.0153 0x15c4  idsvc - ok
21:42:01.0484 0x15c4  [ 898AB5BFED7040D7AB07AF01885EB944 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
21:42:01.0705 0x15c4  igfx - ok
21:42:01.0732 0x15c4  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
21:42:01.0734 0x15c4  iirsp - ok
21:42:01.0803 0x15c4  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
21:42:01.0814 0x15c4  IKEEXT - ok
21:42:01.0918 0x15c4  [ D311E2DD59A34079D89C249B2A4D9FDB ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
21:42:01.0982 0x15c4  IntcAzAudAddService - ok
21:42:02.0018 0x15c4  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
21:42:02.0020 0x15c4  intelide - ok
21:42:02.0068 0x15c4  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
21:42:02.0070 0x15c4  intelppm - ok
21:42:02.0108 0x15c4  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
21:42:02.0112 0x15c4  IPBusEnum - ok
21:42:02.0159 0x15c4  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:42:02.0161 0x15c4  IpFilterDriver - ok
21:42:02.0215 0x15c4  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
21:42:02.0223 0x15c4  iphlpsvc - ok
21:42:02.0272 0x15c4  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
21:42:02.0275 0x15c4  IPMIDRV - ok
21:42:02.0302 0x15c4  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
21:42:02.0304 0x15c4  IPNAT - ok
21:42:02.0378 0x15c4  [ 0FF335D687C85097725A53458160E81E ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
21:42:02.0383 0x15c4  iPod Service - ok
21:42:02.0445 0x15c4  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
21:42:02.0446 0x15c4  IRENUM - ok
21:42:02.0474 0x15c4  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
21:42:02.0476 0x15c4  isapnp - ok
21:42:02.0518 0x15c4  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
21:42:02.0522 0x15c4  iScsiPrt - ok
21:42:02.0564 0x15c4  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
21:42:02.0565 0x15c4  kbdclass - ok
21:42:02.0616 0x15c4  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
21:42:02.0617 0x15c4  kbdhid - ok
21:42:02.0641 0x15c4  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
21:42:02.0644 0x15c4  KeyIso - ok
21:42:02.0718 0x15c4  [ 27277A11DB52FEFAE5B01DC8FB570B28 ] Kodak AiO Network Discovery Service C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
21:42:02.0722 0x15c4  Kodak AiO Network Discovery Service - ok
21:42:02.0768 0x15c4  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
21:42:02.0770 0x15c4  KSecDD - ok
21:42:02.0824 0x15c4  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
21:42:02.0827 0x15c4  KSecPkg - ok
21:42:02.0874 0x15c4  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
21:42:02.0875 0x15c4  ksthunk - ok
21:42:02.0922 0x15c4  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
21:42:02.0929 0x15c4  KtmRm - ok
21:42:03.0009 0x15c4  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
21:42:03.0015 0x15c4  LanmanServer - ok
21:42:03.0057 0x15c4  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:42:03.0063 0x15c4  LanmanWorkstation - ok
21:42:03.0141 0x15c4  [ FCBDCC6F1801E32244235608E1277752 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
21:42:03.0143 0x15c4  LightScribeService - ok
21:42:03.0176 0x15c4  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
21:42:03.0178 0x15c4  lltdio - ok
21:42:03.0223 0x15c4  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
21:42:03.0228 0x15c4  lltdsvc - ok
21:42:03.0257 0x15c4  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
21:42:03.0259 0x15c4  lmhosts - ok
21:42:03.0312 0x15c4  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
21:42:03.0314 0x15c4  LSI_FC - ok
21:42:03.0340 0x15c4  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
21:42:03.0342 0x15c4  LSI_SAS - ok
21:42:03.0383 0x15c4  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
21:42:03.0384 0x15c4  LSI_SAS2 - ok
21:42:03.0423 0x15c4  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
21:42:03.0425 0x15c4  LSI_SCSI - ok
21:42:03.0453 0x15c4  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
21:42:03.0455 0x15c4  luafv - ok
21:42:03.0514 0x15c4  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
21:42:03.0518 0x15c4  Mcx2Svc - ok
21:42:03.0560 0x15c4  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
21:42:03.0562 0x15c4  megasas - ok
21:42:03.0612 0x15c4  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
21:42:03.0615 0x15c4  MegaSR - ok
21:42:03.0663 0x15c4  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
21:42:03.0667 0x15c4  MMCSS - ok
21:42:03.0699 0x15c4  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
21:42:03.0700 0x15c4  Modem - ok
21:42:03.0740 0x15c4  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
21:42:03.0741 0x15c4  monitor - ok
21:42:03.0797 0x15c4  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\drivers\mouclass.sys
21:42:03.0799 0x15c4  mouclass - ok
21:42:03.0833 0x15c4  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
21:42:03.0836 0x15c4  mouhid - ok
21:42:03.0874 0x15c4  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
21:42:03.0876 0x15c4  mountmgr - ok
21:42:03.0930 0x15c4  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
21:42:03.0934 0x15c4  mpio - ok
21:42:03.0970 0x15c4  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
21:42:03.0972 0x15c4  mpsdrv - ok
21:42:04.0032 0x15c4  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
21:42:04.0043 0x15c4  MpsSvc - ok
21:42:04.0089 0x15c4  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
21:42:04.0092 0x15c4  MRxDAV - ok
21:42:04.0131 0x15c4  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
21:42:04.0135 0x15c4  mrxsmb - ok
21:42:04.0176 0x15c4  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:42:04.0180 0x15c4  mrxsmb10 - ok
21:42:04.0229 0x15c4  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:42:04.0231 0x15c4  mrxsmb20 - ok
21:42:04.0283 0x15c4  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
21:42:04.0284 0x15c4  msahci - ok
21:42:04.0316 0x15c4  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
21:42:04.0319 0x15c4  msdsm - ok
21:42:04.0343 0x15c4  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
21:42:04.0349 0x15c4  MSDTC - ok
21:42:04.0412 0x15c4  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
21:42:04.0414 0x15c4  Msfs - ok
21:42:04.0468 0x15c4  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
21:42:04.0470 0x15c4  mshidkmdf - ok
21:42:04.0500 0x15c4  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
21:42:04.0501 0x15c4  msisadrv - ok
21:42:04.0553 0x15c4  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
21:42:04.0557 0x15c4  MSiSCSI - ok
21:42:04.0569 0x15c4  msiserver - ok
21:42:04.0609 0x15c4  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
21:42:04.0610 0x15c4  MSKSSRV - ok
21:42:04.0636 0x15c4  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
21:42:04.0637 0x15c4  MSPCLOCK - ok
21:42:04.0658 0x15c4  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
21:42:04.0659 0x15c4  MSPQM - ok
21:42:04.0710 0x15c4  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
21:42:04.0714 0x15c4  MsRPC - ok
21:42:04.0757 0x15c4  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
21:42:04.0758 0x15c4  mssmbios - ok
21:42:04.0796 0x15c4  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
21:42:04.0798 0x15c4  MSTEE - ok
21:42:04.0816 0x15c4  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
21:42:04.0818 0x15c4  MTConfig - ok
21:42:04.0846 0x15c4  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
21:42:04.0848 0x15c4  Mup - ok
21:42:04.0891 0x15c4  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
21:42:04.0900 0x15c4  napagent - ok
21:42:04.0952 0x15c4  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
21:42:04.0962 0x15c4  NativeWifiP - ok
21:42:05.0044 0x15c4  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
21:42:05.0055 0x15c4  NDIS - ok
21:42:05.0098 0x15c4  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
21:42:05.0100 0x15c4  NdisCap - ok
21:42:05.0150 0x15c4  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
21:42:05.0152 0x15c4  NdisTapi - ok
21:42:05.0201 0x15c4  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
21:42:05.0203 0x15c4  Ndisuio - ok
21:42:05.0259 0x15c4  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
21:42:05.0264 0x15c4  NdisWan - ok
21:42:05.0320 0x15c4  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
21:42:05.0322 0x15c4  NDProxy - ok
21:42:05.0369 0x15c4  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
21:42:05.0371 0x15c4  NetBIOS - ok
21:42:05.0415 0x15c4  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
21:42:05.0418 0x15c4  NetBT - ok
21:42:05.0441 0x15c4  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
21:42:05.0444 0x15c4  Netlogon - ok
21:42:05.0499 0x15c4  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
21:42:05.0508 0x15c4  Netman - ok
21:42:05.0536 0x15c4  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
21:42:05.0544 0x15c4  netprofm - ok
21:42:05.0610 0x15c4  [ 24CF1304D899124336F67F88F3C15E21 ] netr28x         C:\Windows\system32\DRIVERS\netr28x.sys
21:42:05.0623 0x15c4  netr28x - ok
21:42:05.0669 0x15c4  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:42:05.0672 0x15c4  NetTcpPortSharing - ok
21:42:05.0850 0x15c4  [ 64428DFDAF6E88366CB51F45A79C5F69 ] netw5v64        C:\Windows\system32\DRIVERS\netw5v64.sys
21:42:06.0008 0x15c4  netw5v64 - ok
21:42:06.0060 0x15c4  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
21:42:06.0067 0x15c4  nfrd960 - ok
21:42:06.0109 0x15c4  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
21:42:06.0115 0x15c4  NlaSvc - ok
21:42:06.0149 0x15c4  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
21:42:06.0151 0x15c4  Npfs - ok
21:42:06.0188 0x15c4  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
21:42:06.0191 0x15c4  nsi - ok
21:42:06.0211 0x15c4  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
21:42:06.0213 0x15c4  nsiproxy - ok
21:42:06.0304 0x15c4  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
21:42:06.0322 0x15c4  Ntfs - ok
21:42:06.0349 0x15c4  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
21:42:06.0350 0x15c4  Null - ok
21:42:06.0394 0x15c4  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
21:42:06.0397 0x15c4  nvraid - ok
21:42:06.0437 0x15c4  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
21:42:06.0440 0x15c4  nvstor - ok
21:42:06.0490 0x15c4  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
21:42:06.0513 0x15c4  nv_agp - ok
21:42:06.0546 0x15c4  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
21:42:06.0548 0x15c4  ohci1394 - ok
21:42:06.0583 0x15c4  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:42:06.0585 0x15c4  ose - ok
21:42:06.0785 0x15c4  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:42:06.0917 0x15c4  osppsvc - ok
21:42:06.0952 0x15c4  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
21:42:06.0958 0x15c4  p2pimsvc - ok
21:42:07.0000 0x15c4  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
21:42:07.0008 0x15c4  p2psvc - ok
21:42:07.0046 0x15c4  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
21:42:07.0048 0x15c4  Parport - ok
21:42:07.0102 0x15c4  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
21:42:07.0104 0x15c4  partmgr - ok
21:42:07.0131 0x15c4  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
21:42:07.0136 0x15c4  PcaSvc - ok
21:42:07.0164 0x15c4  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
21:42:07.0168 0x15c4  pci - ok
21:42:07.0216 0x15c4  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
21:42:07.0218 0x15c4  pciide - ok
21:42:07.0256 0x15c4  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
21:42:07.0260 0x15c4  pcmcia - ok
21:42:07.0294 0x15c4  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
21:42:07.0295 0x15c4  pcw - ok
21:42:07.0325 0x15c4  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
21:42:07.0334 0x15c4  PEAUTH - ok
21:42:07.0398 0x15c4  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
21:42:07.0402 0x15c4  PerfHost - ok
21:42:07.0501 0x15c4  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
21:42:07.0524 0x15c4  pla - ok
21:42:07.0578 0x15c4  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
21:42:07.0586 0x15c4  PlugPlay - ok
21:42:07.0623 0x15c4  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
21:42:07.0627 0x15c4  PNRPAutoReg - ok
21:42:07.0652 0x15c4  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
21:42:07.0656 0x15c4  PNRPsvc - ok
21:42:07.0711 0x15c4  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
21:42:07.0718 0x15c4  PolicyAgent - ok
21:42:07.0754 0x15c4  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
21:42:07.0765 0x15c4  Power - ok
21:42:07.0824 0x15c4  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
21:42:07.0826 0x15c4  PptpMiniport - ok
21:42:07.0861 0x15c4  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
21:42:07.0863 0x15c4  Processor - ok
21:42:07.0929 0x15c4  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
21:42:07.0934 0x15c4  ProfSvc - ok
21:42:07.0952 0x15c4  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
21:42:07.0955 0x15c4  ProtectedStorage - ok
21:42:08.0010 0x15c4  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
21:42:08.0016 0x15c4  Psched - ok
21:42:08.0085 0x15c4  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
21:42:08.0101 0x15c4  ql2300 - ok
21:42:08.0126 0x15c4  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
21:42:08.0140 0x15c4  ql40xx - ok
21:42:08.0180 0x15c4  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
21:42:08.0186 0x15c4  QWAVE - ok
21:42:08.0201 0x15c4  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
21:42:08.0203 0x15c4  QWAVEdrv - ok
21:42:08.0244 0x15c4  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
21:42:08.0245 0x15c4  RasAcd - ok
21:42:08.0285 0x15c4  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
21:42:08.0287 0x15c4  RasAgileVpn - ok
21:42:08.0326 0x15c4  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
21:42:08.0330 0x15c4  RasAuto - ok
21:42:08.0397 0x15c4  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
21:42:08.0399 0x15c4  Rasl2tp - ok
21:42:08.0456 0x15c4  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
21:42:08.0464 0x15c4  RasMan - ok
21:42:08.0523 0x15c4  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
21:42:08.0525 0x15c4  RasPppoe - ok
21:42:08.0573 0x15c4  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
21:42:08.0575 0x15c4  RasSstp - ok
21:42:08.0625 0x15c4  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
21:42:08.0630 0x15c4  rdbss - ok
21:42:08.0652 0x15c4  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
21:42:08.0654 0x15c4  rdpbus - ok
21:42:08.0683 0x15c4  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
21:42:08.0684 0x15c4  RDPCDD - ok
21:42:08.0722 0x15c4  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
21:42:08.0724 0x15c4  RDPENCDD - ok
21:42:08.0753 0x15c4  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
21:42:08.0754 0x15c4  RDPREFMP - ok
21:42:08.0797 0x15c4  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
21:42:08.0800 0x15c4  RDPWD - ok
21:42:08.0865 0x15c4  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
21:42:08.0868 0x15c4  rdyboost - ok
21:42:08.0904 0x15c4  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
21:42:08.0908 0x15c4  RemoteAccess - ok
21:42:08.0967 0x15c4  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
21:42:08.0972 0x15c4  RemoteRegistry - ok
21:42:09.0043 0x15c4  [ C1568E17039B2EC2B73A4F880DDD51E5 ] RoxioNow Service C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
21:42:09.0048 0x15c4  RoxioNow Service - ok
21:42:09.0088 0x15c4  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
21:42:09.0092 0x15c4  RpcEptMapper - ok
21:42:09.0121 0x15c4  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
21:42:09.0124 0x15c4  RpcLocator - ok
21:42:09.0177 0x15c4  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
21:42:09.0184 0x15c4  RpcSs - ok
21:42:09.0236 0x15c4  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
21:42:09.0238 0x15c4  rspndr - ok
21:42:09.0288 0x15c4  [ 4FBDA07EF0A3097CE14C5CABF723B278 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
21:42:09.0293 0x15c4  RTL8167 - ok
21:42:09.0334 0x15c4  [ 4EA7E5DF0CB237156176FA0349E6E87F ] RtVOsdService   C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe
21:42:09.0339 0x15c4  RtVOsdService - ok
21:42:09.0363 0x15c4  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
21:42:09.0366 0x15c4  SamSs - ok
21:42:09.0422 0x15c4  [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
21:42:09.0424 0x15c4  SASDIFSV - ok
21:42:09.0440 0x15c4  [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
21:42:09.0441 0x15c4  SASKUTIL - ok
21:42:09.0489 0x15c4  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
21:42:09.0491 0x15c4  sbp2port - ok
21:42:09.0540 0x15c4  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
21:42:09.0546 0x15c4  SCardSvr - ok
21:42:09.0596 0x15c4  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
21:42:09.0598 0x15c4  scfilter - ok
21:42:09.0668 0x15c4  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
21:42:09.0683 0x15c4  Schedule - ok
21:42:09.0735 0x15c4  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
21:42:09.0738 0x15c4  SCPolicySvc - ok
21:42:09.0796 0x15c4  [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus           C:\Windows\system32\drivers\sdbus.sys
21:42:09.0801 0x15c4  sdbus - ok
21:42:09.0856 0x15c4  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
21:42:09.0864 0x15c4  SDRSVC - ok
21:42:09.0905 0x15c4  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
21:42:09.0907 0x15c4  secdrv - ok
21:42:09.0951 0x15c4  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
21:42:09.0955 0x15c4  seclogon - ok
21:42:09.0989 0x15c4  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
21:42:09.0994 0x15c4  SENS - ok
21:42:10.0029 0x15c4  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
21:42:10.0034 0x15c4  SensrSvc - ok
21:42:10.0082 0x15c4  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
21:42:10.0084 0x15c4  Serenum - ok
21:42:10.0111 0x15c4  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
21:42:10.0113 0x15c4  Serial - ok
21:42:10.0140 0x15c4  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
21:42:10.0142 0x15c4  sermouse - ok
21:42:10.0213 0x15c4  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
21:42:10.0218 0x15c4  SessionEnv - ok
21:42:10.0268 0x15c4  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
21:42:10.0270 0x15c4  sffdisk - ok
21:42:10.0295 0x15c4  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
21:42:10.0297 0x15c4  sffp_mmc - ok
21:42:10.0316 0x15c4  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
21:42:10.0318 0x15c4  sffp_sd - ok
21:42:10.0339 0x15c4  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
21:42:10.0341 0x15c4  sfloppy - ok
21:42:10.0416 0x15c4  [ 2046AA7491DE7EFA4D70E615D9BC9D09 ] Sftfs           C:\Windows\system32\DRIVERS\Sftfslh.sys
21:42:10.0426 0x15c4  Sftfs - ok
21:42:10.0515 0x15c4  [ 77C5A741A7452812F278EF2C18478862 ] sftlist         C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
21:42:10.0522 0x15c4  sftlist - ok
21:42:10.0552 0x15c4  [ 0E0446BC4D51BE4263ACB7E33491191C ] Sftplay         C:\Windows\system32\DRIVERS\Sftplaylh.sys
21:42:10.0560 0x15c4  Sftplay - ok
21:42:10.0581 0x15c4  [ C5FB982CD266E604ED3142102C26D62C ] Sftredir        C:\Windows\system32\DRIVERS\Sftredirlh.sys
21:42:10.0582 0x15c4  Sftredir - ok
21:42:10.0617 0x15c4  [ 2575511AF67AA1FA068CCC4918E2C2A3 ] Sftvol          C:\Windows\system32\DRIVERS\Sftvollh.sys
21:42:10.0619 0x15c4  Sftvol - ok
21:42:10.0688 0x15c4  [ 39B1D0A636A400304565D4521FAD6D77 ] sftvsa          C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
21:42:10.0693 0x15c4  sftvsa - ok
21:42:10.0735 0x15c4  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
21:42:10.0743 0x15c4  SharedAccess - ok
21:42:10.0797 0x15c4  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:42:10.0805 0x15c4  ShellHWDetection - ok
21:42:10.0847 0x15c4  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
21:42:10.0848 0x15c4  SiSRaid2 - ok
21:42:10.0889 0x15c4  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
21:42:10.0892 0x15c4  SiSRaid4 - ok
21:42:10.0930 0x15c4  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
21:42:10.0933 0x15c4  Smb - ok
21:42:11.0008 0x15c4  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
21:42:11.0012 0x15c4  SNMPTRAP - ok
21:42:11.0043 0x15c4  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
21:42:11.0045 0x15c4  spldr - ok
21:42:11.0097 0x15c4  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
21:42:11.0107 0x15c4  Spooler - ok
21:42:11.0234 0x15c4  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
21:42:11.0290 0x15c4  sppsvc - ok
21:42:11.0339 0x15c4  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
21:42:11.0345 0x15c4  sppuinotify - ok
21:42:11.0383 0x15c4  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
21:42:11.0390 0x15c4  srv - ok
21:42:11.0418 0x15c4  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
21:42:11.0424 0x15c4  srv2 - ok
21:42:11.0475 0x15c4  [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA       C:\Windows\system32\DRIVERS\VSTAZL6.SYS
21:42:11.0479 0x15c4  SrvHsfHDA - ok
21:42:11.0533 0x15c4  [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92       C:\Windows\system32\DRIVERS\VSTDPV6.SYS
21:42:11.0560 0x15c4  SrvHsfV92 - ok
21:42:11.0613 0x15c4  [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac     C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
21:42:11.0622 0x15c4  SrvHsfWinac - ok
21:42:11.0659 0x15c4  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
21:42:11.0662 0x15c4  srvnet - ok
21:42:11.0717 0x15c4  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
21:42:11.0723 0x15c4  SSDPSRV - ok
21:42:11.0743 0x15c4  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
21:42:11.0749 0x15c4  SstpSvc - ok
21:42:11.0793 0x15c4  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
21:42:11.0796 0x15c4  stexstor - ok
21:42:11.0845 0x15c4  [ DECACB6921DED1A38642642685D77DAC ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
21:42:11.0847 0x15c4  StillCam - ok
21:42:11.0913 0x15c4  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
21:42:11.0925 0x15c4  stisvc - ok
21:42:11.0970 0x15c4  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
21:42:11.0971 0x15c4  swenum - ok
21:42:12.0016 0x15c4  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
21:42:12.0025 0x15c4  swprv - ok
21:42:12.0121 0x15c4  [ 961CFAC2A5318E212F459D651F28E0A4 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
21:42:12.0144 0x15c4  SynTP - ok
21:42:12.0238 0x15c4  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
21:42:12.0261 0x15c4  SysMain - ok
21:42:12.0309 0x15c4  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:42:12.0314 0x15c4  TabletInputService - ok
21:42:12.0341 0x15c4  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
21:42:12.0350 0x15c4  TapiSrv - ok
21:42:12.0391 0x15c4  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
21:42:12.0398 0x15c4  TBS - ok
21:42:12.0490 0x15c4  [ DB74544B75566C974815E79A62433F29 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
21:42:12.0510 0x15c4  Tcpip - ok
21:42:12.0593 0x15c4  [ DB74544B75566C974815E79A62433F29 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
21:42:12.0607 0x15c4  TCPIP6 - ok
21:42:12.0660 0x15c4  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
21:42:12.0662 0x15c4  tcpipreg - ok
21:42:12.0704 0x15c4  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
21:42:12.0713 0x15c4  TDPIPE - ok
21:42:12.0750 0x15c4  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
21:42:12.0752 0x15c4  TDTCP - ok
21:42:12.0810 0x15c4  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
21:42:12.0812 0x15c4  tdx - ok
21:42:12.0861 0x15c4  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
21:42:12.0863 0x15c4  TermDD - ok
21:42:12.0899 0x15c4  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
21:42:12.0910 0x15c4  TermService - ok
21:42:12.0943 0x15c4  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
21:42:12.0948 0x15c4  Themes - ok
21:42:12.0974 0x15c4  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
21:42:12.0978 0x15c4  THREADORDER - ok
21:42:13.0018 0x15c4  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
21:42:13.0023 0x15c4  TrkWks - ok
21:42:13.0082 0x15c4  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:42:13.0085 0x15c4  TrustedInstaller - ok
21:42:13.0143 0x15c4  [ 4CE278FC9671BA81A138D70823FCAA09 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
21:42:13.0145 0x15c4  tssecsrv - ok
21:42:13.0209 0x15c4  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
21:42:13.0211 0x15c4  TsUsbFlt - ok
21:42:13.0259 0x15c4  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
21:42:13.0261 0x15c4  tunnel - ok
21:42:13.0287 0x15c4  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
21:42:13.0289 0x15c4  uagp35 - ok
21:42:13.0345 0x15c4  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
21:42:13.0350 0x15c4  udfs - ok
21:42:13.0400 0x15c4  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
21:42:13.0404 0x15c4  UI0Detect - ok
21:42:13.0440 0x15c4  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
21:42:13.0442 0x15c4  uliagpkx - ok
21:42:13.0500 0x15c4  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\drivers\umbus.sys
21:42:13.0501 0x15c4  umbus - ok
21:42:13.0545 0x15c4  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
21:42:13.0547 0x15c4  UmPass - ok
21:42:13.0598 0x15c4  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
21:42:13.0611 0x15c4  upnphost - ok
21:42:13.0666 0x15c4  [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
21:42:13.0669 0x15c4  USBAAPL64 - ok
21:42:13.0719 0x15c4  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
21:42:13.0722 0x15c4  usbccgp - ok
21:42:13.0785 0x15c4  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
21:42:13.0788 0x15c4  usbcir - ok
21:42:13.0817 0x15c4  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\drivers\usbehci.sys
21:42:13.0819 0x15c4  usbehci - ok
21:42:13.0887 0x15c4  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
21:42:13.0892 0x15c4  usbhub - ok
21:42:13.0935 0x15c4  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
21:42:13.0937 0x15c4  usbohci - ok
21:42:13.0979 0x15c4  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
21:42:13.0981 0x15c4  usbprint - ok
21:42:14.0021 0x15c4  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
21:42:14.0022 0x15c4  usbscan - ok
21:42:14.0042 0x15c4  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:42:14.0045 0x15c4  USBSTOR - ok
21:42:14.0093 0x15c4  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
21:42:14.0094 0x15c4  usbuhci - ok
21:42:14.0131 0x15c4  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
21:42:14.0136 0x15c4  UxSms - ok
21:42:14.0163 0x15c4  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
21:42:14.0167 0x15c4  VaultSvc - ok
21:42:14.0195 0x15c4  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
21:42:14.0198 0x15c4  vdrvroot - ok
21:42:14.0255 0x15c4  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
21:42:14.0267 0x15c4  vds - ok
21:42:14.0312 0x15c4  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
21:42:14.0313 0x15c4  vga - ok
21:42:14.0342 0x15c4  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
21:42:14.0344 0x15c4  VgaSave - ok
21:42:14.0392 0x15c4  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
21:42:14.0395 0x15c4  vhdmp - ok
21:42:14.0461 0x15c4  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
21:42:14.0463 0x15c4  viaide - ok
21:42:14.0482 0x15c4  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
21:42:14.0485 0x15c4  volmgr - ok
21:42:14.0542 0x15c4  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
21:42:14.0548 0x15c4  volmgrx - ok
21:42:14.0605 0x15c4  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
21:42:14.0608 0x15c4  volsnap - ok
21:42:14.0667 0x15c4  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
21:42:14.0670 0x15c4  vsmraid - ok
21:42:14.0747 0x15c4  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
21:42:14.0768 0x15c4  VSS - ok
21:42:14.0798 0x15c4  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
21:42:14.0800 0x15c4  vwifibus - ok
21:42:14.0837 0x15c4  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
21:42:14.0839 0x15c4  vwififlt - ok
21:42:14.0890 0x15c4  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
21:42:14.0899 0x15c4  W32Time - ok
21:42:14.0945 0x15c4  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
21:42:14.0947 0x15c4  WacomPen - ok
21:42:15.0019 0x15c4  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
21:42:15.0021 0x15c4  WANARP - ok
21:42:15.0033 0x15c4  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
21:42:15.0035 0x15c4  Wanarpv6 - ok
21:42:15.0115 0x15c4  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
21:42:15.0129 0x15c4  WatAdminSvc - ok
21:42:15.0205 0x15c4  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
21:42:15.0225 0x15c4  wbengine - ok
21:42:15.0264 0x15c4  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
21:42:15.0271 0x15c4  WbioSrvc - ok
21:42:15.0322 0x15c4  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
21:42:15.0331 0x15c4  wcncsvc - ok
21:42:15.0364 0x15c4  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:42:15.0369 0x15c4  WcsPlugInService - ok
21:42:15.0406 0x15c4  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
21:42:15.0407 0x15c4  Wd - ok
21:42:15.0465 0x15c4  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
21:42:15.0474 0x15c4  Wdf01000 - ok
21:42:15.0493 0x15c4  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
21:42:15.0498 0x15c4  WdiServiceHost - ok
21:42:15.0510 0x15c4  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
21:42:15.0515 0x15c4  WdiSystemHost - ok
21:42:15.0568 0x15c4  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
21:42:15.0575 0x15c4  WebClient - ok
21:42:15.0619 0x15c4  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
21:42:15.0627 0x15c4  Wecsvc - ok
21:42:15.0649 0x15c4  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
21:42:15.0655 0x15c4  wercplsupport - ok
21:42:15.0688 0x15c4  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
21:42:15.0692 0x15c4  WerSvc - ok
21:42:15.0747 0x15c4  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
21:42:15.0748 0x15c4  WfpLwf - ok
21:42:15.0773 0x15c4  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
21:42:15.0774 0x15c4  WIMMount - ok
21:42:15.0810 0x15c4  WinDefend - ok
21:42:15.0838 0x15c4  WinHttpAutoProxySvc - ok
21:42:15.0904 0x15c4  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
21:42:15.0908 0x15c4  Winmgmt - ok
21:42:16.0006 0x15c4  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
21:42:16.0033 0x15c4  WinRM - ok
21:42:16.0123 0x15c4  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
21:42:16.0125 0x15c4  WinUsb - ok
21:42:16.0191 0x15c4  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
21:42:16.0205 0x15c4  Wlansvc - ok
21:42:16.0321 0x15c4  [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:42:16.0347 0x15c4  wlidsvc - ok
21:42:16.0410 0x15c4  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
21:42:16.0412 0x15c4  WmiAcpi - ok
21:42:16.0461 0x15c4  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
21:42:16.0465 0x15c4  wmiApSrv - ok
21:42:16.0503 0x15c4  WMPNetworkSvc - ok
21:42:16.0535 0x15c4  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
21:42:16.0540 0x15c4  WPCSvc - ok
21:42:16.0582 0x15c4  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
21:42:16.0588 0x15c4  WPDBusEnum - ok
21:42:16.0619 0x15c4  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
21:42:16.0621 0x15c4  ws2ifsl - ok
21:42:16.0653 0x15c4  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
21:42:16.0658 0x15c4  wscsvc - ok
21:42:16.0675 0x15c4  WSearch - ok
21:42:16.0781 0x15c4  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
21:42:16.0816 0x15c4  wuauserv - ok
21:42:16.0865 0x15c4  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
21:42:16.0867 0x15c4  WudfPf - ok
21:42:16.0926 0x15c4  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
21:42:16.0930 0x15c4  WUDFRd - ok
21:42:16.0968 0x15c4  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
21:42:16.0975 0x15c4  wudfsvc - ok
21:42:17.0034 0x15c4  [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc         C:\Windows\System32\wwansvc.dll
21:42:17.0042 0x15c4  WwanSvc - ok
21:42:17.0094 0x15c4  [ B3EEACF62445E24FBB2CD4B0FB4DB026 ] yukonw7         C:\Windows\system32\DRIVERS\yk62x64.sys
21:42:17.0099 0x15c4  yukonw7 - ok
21:42:17.0134 0x15c4  ================ Scan global ===============================
21:42:17.0160 0x15c4  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
21:42:17.0206 0x15c4  [ 88EDD0B34EED542745931E581AD21A32 ] C:\Windows\system32\winsrv.dll
21:42:17.0230 0x15c4  [ 88EDD0B34EED542745931E581AD21A32 ] C:\Windows\system32\winsrv.dll
21:42:17.0265 0x15c4  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
21:42:17.0309 0x15c4  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
21:42:17.0316 0x15c4  [Global] - ok
21:42:17.0320 0x15c4  ================ Scan MBR ==================================
21:42:17.0334 0x15c4  [ 1649863E3F30904E920EAEEF15C22434 ] \Device\Harddisk0\DR0
21:42:17.0488 0x15c4  \Device\Harddisk0\DR0 - ok
21:42:17.0492 0x15c4  ================ Scan VBR ==================================
21:42:17.0497 0x15c4  [ 9F3C5D47D27086247B836290D54BC108 ] \Device\Harddisk0\DR0\Partition1
21:42:17.0498 0x15c4  \Device\Harddisk0\DR0\Partition1 - ok
21:42:17.0518 0x15c4  [ 49BE568513F0ADCED04F03EECAEE42F7 ] \Device\Harddisk0\DR0\Partition2
21:42:17.0520 0x15c4  \Device\Harddisk0\DR0\Partition2 - ok
21:42:17.0549 0x15c4  [ DAC844EAC5484D31C65EB8A717099CD0 ] \Device\Harddisk0\DR0\Partition3
21:42:17.0550 0x15c4  \Device\Harddisk0\DR0\Partition3 - ok
21:42:17.0569 0x15c4  [ 064186638E2329104CCF2818ACD81F34 ] \Device\Harddisk0\DR0\Partition4
21:42:17.0570 0x15c4  \Device\Harddisk0\DR0\Partition4 - ok
21:42:17.0574 0x15c4  ============================================================
21:42:17.0574 0x15c4  Scan finished
21:42:17.0574 0x15c4  ============================================================
21:42:17.0593 0x0eb8  Detected object count: 0
21:42:17.0593 0x0eb8  Actual detected object count: 0
 
 
 
 
 
 
# AdwCleaner v3.004 - Report created 19/09/2013 at 21:46:23
# Updated 15/09/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Eda - EDA-HP
# Running from : C:\Users\Eda\Downloads\AdwCleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
File Found : C:\END
File Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
File Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
File Found : C:\Users\Eda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage
File Found : C:\Users\Eda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage-journal
File Found : C:\Users\Eda\AppData\Local\Temp\Uninstall.exe
Folder Found C:\Program Files (x86)\Conduit
Folder Found C:\Program Files (x86)\internethelper3.1
Folder Found C:\Program Files (x86)\InternetHelper3.1
Folder Found C:\Program Files (x86)\MyPC Backup
Folder Found C:\Program Files (x86)\MyPC Backup 
Folder Found C:\Program Files (x86)\Searchprotect
Folder Found C:\Program Files (x86)\TelevisionFanatic
Folder Found C:\Program Files (x86)\TelevisionFanaticEI
Folder Found C:\ProgramData\apn
Folder Found C:\ProgramData\AVG Security Toolbar
Folder Found C:\ProgramData\Conduit
Folder Found C:\ProgramData\PC Optimizer Pro
Folder Found C:\Users\Eda\AppData\Local\Conduit
Folder Found C:\Users\Eda\AppData\Local\cre
Folder Found C:\Users\Eda\AppData\Local\DefineExt
Folder Found C:\Users\Eda\AppData\Local\SwvUpdater
Folder Found C:\Users\Eda\AppData\Local\Temp\AirInstaller
Folder Found C:\Users\Eda\AppData\Local\Temp\apn
Folder Found C:\Users\Eda\AppData\LocalLow\AVG Security Toolbar
Folder Found C:\Users\Eda\AppData\LocalLow\Conduit
Folder Found C:\Users\Eda\AppData\LocalLow\InternetHelper3.1
Folder Found C:\Users\Eda\AppData\LocalLow\internethelper3.1
Folder Found C:\Users\Eda\AppData\LocalLow\TelevisionFanatic
Folder Found C:\Users\Eda\AppData\LocalLow\TelevisionFanaticEI
Folder Found C:\Users\Eda\AppData\LocalLow\WhiteSmoke_New
Folder Found C:\Users\Eda\AppData\Roaming\DefaultTab
Folder Found C:\Users\Eda\AppData\Roaming\Searchprotect
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Found : HKCU\Software\AppDataLow\Software\InternetHelper3.1
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\AppDataLow\Software\TelevisionFanatic
Key Found : HKCU\Software\AppDataLow\Software\WhiteSmoke_New
Key Found : HKCU\Software\AppDataLow\Toolbar
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\DefaultTab
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A5B9C0F5-5616-47CD-A95F-E43B488FACCF}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07CBF788-1359-421B-A4E3-5A8D041B90A3}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07CBF788-1359-421B-A4E3-5A8D041B90A3}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B78F92C8-DEB3-11E2-9A0A-FB64281D6ADE}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07CBF788-1359-421B-A4E3-5A8D041B90A3}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07CBF788-1359-421B-A4E3-5A8D041B90A3}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B78F92C8-DEB3-11E2-9A0A-FB64281D6ADE}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKCU\Software\pc optimizer pro
Key Found : HKCU\Software\SearchProtect
Key Found : [x64] HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\DefaultTab
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A5B9C0F5-5616-47CD-A95F-E43B488FACCF}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Found : [x64] HKCU\Software\pc optimizer pro
Key Found : [x64] HKCU\Software\SearchProtect
Key Found : HKLM\SOFTWARE\Classes\CLSID\{07CBF788-1359-421B-A4E3-5A8D041B90A3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{07CBF788-1359-421B-A4E3-5A8D041B90A3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6CE83F03-4DFD-4070-A0A7-C46C82E20971}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B78F92C8-DEB3-11E2-9A0A-FB64281D6ADE}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\IMsiDe1egate.Application.1
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3289663
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\DefaultTab
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
Key Found : HKLM\Software\InstallIQ
Key Found : HKLM\Software\InternetHelper3.1
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6BC814FD-9FB1-495B-8401-B149A49C43CE}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BD88BCE3-9C2F-4E53-A1E1-8C3940BA56DD}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A5B9C0F5-5616-47CD-A95F-E43B488FACCF}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07CBF788-1359-421B-A4E3-5A8D041B90A3}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07CBF788-1359-421B-A4E3-5A8D041B90A3}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B78F92C8-DEB3-11E2-9A0A-FB64281D6ADE}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6CE83F03-4DFD-4070-A0A7-C46C82E20971}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Key Found : HKLM\Software\SearchProtect
Key Found : HKLM\Software\TelevisionFanatic
Key Found : HKLM\Software\WhiteSmoke_New
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{07CBF788-1359-421B-A4E3-5A8D041B90A3}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{07CBF788-1359-421B-A4E3-5A8D041B90A3}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{07CBF788-1359-421B-A4E3-5A8D041B90A3}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{07CBF788-1359-421B-A4E3-5A8D041B90A3}]
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [ConduitFloatingPlugin_nemfjadlboooiffmcelkafilagddogim]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{07CBF788-1359-421B-A4E3-5A8D041B90A3}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{07CBF788-1359-421B-A4E3-5A8D041B90A3}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{07CBF788-1359-421B-A4E3-5A8D041B90A3}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{07CBF788-1359-421B-A4E3-5A8D041B90A3}]
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v10.0.9200.16686
 
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://search.conduit.com/?ctid=CT3289663&octid=CT3289663&SearchSource=61&CUI=UN27132668951175520&UM=2&UP=SPD1203145-DFFA-49E9-BAAA-97AB656F8C5F
 
-\\ Google Chrome v29.0.1547.66
 
[ File : C:\Users\Eda\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [10295 octets] - [19/09/2013 21:46:23]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [10356 octets] ##########


#4 mercuryrsng

mercuryrsng
  • Topic Starter

  • Members
  • 298 posts
  • OFFLINE
  •  
  • Local time:11:54 AM

Posted 20 September 2013 - 06:01 AM

C:\Program Files (x86)\CouponAlert_2pEI\Installr\1.bin\2pEIPlug.dll Win32/Toolbar.MyWebSearch application cleaned by deleting - quarantined
C:\Program Files (x86)\CouponAlert_2pEI\Installr\1.bin\2pEZSETP.dll Win32/Toolbar.MyWebSearch application cleaned by deleting - quarantined
C:\Program Files (x86)\CouponAlert_2pEI\Installr\1.bin\NP2pEISb.dll Win32/Toolbar.MyWebSearch application cleaned by deleting - quarantined
C:\Users\Eda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1FRT5MLP\ChromeSpeedUp_Installer[1].exe Win32/InstallMonetizer.AG application cleaned by deleting - quarantined
C:\Users\Eda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1FRT5MLP\OffercastInstaller_AVR_U-0120-01-P_.exe a variant of Win32/Bundled.Toolbar.Ask.D application cleaned by deleting - quarantined
C:\Users\Eda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1FRT5MLP\OffercastInstaller_AVR_U-0431-01-P_.exe a variant of Win32/Bundled.Toolbar.Ask.D application cleaned by deleting - quarantined
C:\Users\Eda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1FRT5MLP\SPSetup[1].exe multiple threats cleaned by deleting - quarantined
C:\Users\Eda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WIK5WEHM\FPP_Setup.exe a variant of Win32/AirAdInstaller.A application cleaned by deleting - quarantined
C:\Users\Eda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WIK5WEHM\FromDocToPDF.exe Win32/AdInstaller application cleaned by deleting - quarantined
C:\Users\Eda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z6W4PLT3\PCHealthKitUS1213b[1].exe a variant of Win32/SpeedingUpMyPC application cleaned by deleting - quarantined
C:\Users\Eda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z6W4PLT3\Setup[1].exe multiple threats cleaned by deleting - quarantined
C:\Users\Eda\AppData\Local\Temp\air75A2.exe a variant of Win32/AirAdInstaller.A application cleaned by deleting - quarantined
C:\Users\Eda\AppData\Local\Temp\airD792.exe a variant of Win32/SpeedingUpMyPC application cleaned by deleting - quarantined
C:\Users\Eda\AppData\Local\Temp\setup.exe a variant of Win32/AirAdInstaller.A application cleaned by deleting - quarantined
C:\Users\Eda\AppData\LocalLow\TelevisionFanaticEI\Installr\Cache\24A08999.exe a variant of Win32/Toolbar.MyWebSearch.O application cleaned by deleting - quarantined


#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,039 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:54 AM

Posted 20 September 2013 - 10:36 AM

Ok great, that's a lot of bad guys.

In Control Panel Uninstall these.

Adobe Reader 9.5.5 MUI (Version: 9.5.5
Java™ 6 Update 21 (64-bit) (Version: 6.0.210)
Java™ 6 Update 35 (Version: 6.0.350)


Double click on AdwCleaner.exe to run the tool again.
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer like it did before.
  • After the scan has finished...
    <-insert any special instructions here for what to uncheck OR remove this line if there are none->
  • This time click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
Reboot and see how it is..
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 mercuryrsng

mercuryrsng
  • Topic Starter

  • Members
  • 298 posts
  • OFFLINE
  •  
  • Local time:11:54 AM

Posted 20 September 2013 - 11:56 AM

I had actually deleted those already while waiting for your next response.

 

Here's the ADW cleaner results.

 

Computer is running much better now.

 

# AdwCleaner v3.004 - Report created 20/09/2013 at 12:51:45
# Updated 15/09/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Eda - EDA-HP
# Running from : C:\Users\Eda\Downloads\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\AVG Security Toolbar
Folder Deleted : C:\ProgramData\Conduit
Folder Deleted : C:\ProgramData\PC Optimizer Pro
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\internethelper3.1
Folder Deleted : C:\Program Files (x86)\MyPC Backup 
Folder Deleted : C:\Program Files (x86)\Searchprotect
Folder Deleted : C:\Program Files (x86)\TelevisionFanatic
Folder Deleted : C:\Program Files (x86)\TelevisionFanaticEI
Folder Deleted : C:\Users\Eda\AppData\Local\Conduit
Folder Deleted : C:\Users\Eda\AppData\Local\cre
Folder Deleted : C:\Users\Eda\AppData\Local\DefineExt
Folder Deleted : C:\Users\Eda\AppData\Local\SwvUpdater
Folder Deleted : C:\Users\Eda\AppData\Local\Temp\AirInstaller
Folder Deleted : C:\Users\Eda\AppData\Local\Temp\apn
Folder Deleted : C:\Users\Eda\AppData\LocalLow\AVG Security Toolbar
Folder Deleted : C:\Users\Eda\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Eda\AppData\LocalLow\internethelper3.1
Folder Deleted : C:\Users\Eda\AppData\LocalLow\TelevisionFanatic
Folder Deleted : C:\Users\Eda\AppData\LocalLow\TelevisionFanaticEI
Folder Deleted : C:\Users\Eda\AppData\LocalLow\WhiteSmoke_New
Folder Deleted : C:\Users\Eda\AppData\Roaming\DefaultTab
Folder Deleted : C:\Users\Eda\AppData\Roaming\Searchprotect
File Deleted : C:\END
File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
File Deleted : C:\Users\Eda\AppData\Local\Temp\Uninstall.exe
File Deleted : C:\Users\Eda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage
File Deleted : C:\Users\Eda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage-journal
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
Key Deleted : HKLM\SOFTWARE\Classes\IMsiDe1egate.Application.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3289663
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [ConduitFloatingPlugin_nemfjadlboooiffmcelkafilagddogim]
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{07CBF788-1359-421B-A4E3-5A8D041B90A3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B78F92C8-DEB3-11E2-9A0A-FB64281D6ADE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6CE83F03-4DFD-4070-A0A7-C46C82E20971}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07CBF788-1359-421B-A4E3-5A8D041B90A3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B78F92C8-DEB3-11E2-9A0A-FB64281D6ADE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07CBF788-1359-421B-A4E3-5A8D041B90A3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B78F92C8-DEB3-11E2-9A0A-FB64281D6ADE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07CBF788-1359-421B-A4E3-5A8D041B90A3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B78F92C8-DEB3-11E2-9A0A-FB64281D6ADE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6CE83F03-4DFD-4070-A0A7-C46C82E20971}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BD88BCE3-9C2F-4E53-A1E1-8C3940BA56DD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6BC814FD-9FB1-495B-8401-B149A49C43CE}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A5B9C0F5-5616-47CD-A95F-E43B488FACCF}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A5B9C0F5-5616-47CD-A95F-E43B488FACCF}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{07CBF788-1359-421B-A4E3-5A8D041B90A3}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{07CBF788-1359-421B-A4E3-5A8D041B90A3}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{07CBF788-1359-421B-A4E3-5A8D041B90A3}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{07CBF788-1359-421B-A4E3-5A8D041B90A3}]
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\DefaultTab
Key Deleted : HKCU\Software\pc optimizer pro
Key Deleted : HKCU\Software\SearchProtect
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\TelevisionFanatic
Key Deleted : HKCU\Software\AppDataLow\Software\InternetHelper3.1
Key Deleted : HKCU\Software\AppDataLow\Software\WhiteSmoke_New
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\DefaultTab
Key Deleted : HKLM\Software\InstallIQ
Key Deleted : HKLM\Software\SearchProtect
Key Deleted : HKLM\Software\TelevisionFanatic
Key Deleted : HKLM\Software\InternetHelper3.1
Key Deleted : HKLM\Software\WhiteSmoke_New
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v10.0.9200.16686
 
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
 
-\\ Google Chrome v29.0.1547.76
 
[ File : C:\Users\Eda\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [10489 octets] - [19/09/2013 21:46:23]
AdwCleaner[R1].txt - [10550 octets] - [20/09/2013 12:49:51]
AdwCleaner[S0].txt - [8680 octets] - [20/09/2013 12:51:45]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8740 octets] ##########


#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,039 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:54 AM

Posted 20 September 2013 - 08:58 PM

you meant you deleted these while waiting.

Adobe Reader 9.5.5 MUI (Version: 9.5.5
Java™ 6 Update 21 (64-bit) (Version: 6.0.210)
Java™ 6 Update 35 (Version: 6.0.350)

 

 

Install the latest Adobe Reader XI

 

Note UN check he X in the box by YES<

Google_banner_225x66.png

Yes, install Chrome as my default browser and Google Toolbar for Internet Explorer – optional. (32.11 MB) Install Options

 

 

 

Update and run a FULL MBAM scan now ..post that log.


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 mercuryrsng

mercuryrsng
  • Topic Starter

  • Members
  • 298 posts
  • OFFLINE
  •  
  • Local time:11:54 AM

Posted 20 September 2013 - 11:11 PM

Yes, those three programs were what I was referring to.

 

Adobe Reader is updated.  Here is the mbam log.

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
 
Database version: v2013.09.20.10
 
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16686
Eda :: EDA-HP [administrator]
 
9/20/2013 10:36:26 PM
mbam-log-2013-09-20 (22-36-26).txt
 
Scan type: Full scan (C:\|D:\|Q:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 447953
Time elapsed: 1 hour(s), 30 minute(s), 44 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 1
C:\AdwCleaner\Quarantine\C\Program Files (x86)\internethelper3.1\InternetHelper3.1ToolbarHelper.exe.vir (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
 
(end)


#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,039 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:54 AM

Posted 21 September 2013 - 08:23 PM

Somewhere there is a piece of this Conduit lurking. There is a list of steps to do here.

 

Removal Guide


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#10 mercuryrsng

mercuryrsng
  • Topic Starter

  • Members
  • 298 posts
  • OFFLINE
  •  
  • Local time:11:54 AM

Posted 21 September 2013 - 10:18 PM

OK I did everything that the site said.  Seems pretty good at this point.  JRT only found some things.  Do you need to see any of those scans?



#11 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,039 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:54 AM

Posted 23 September 2013 - 11:19 AM

No, I think we got it .
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#12 mercuryrsng

mercuryrsng
  • Topic Starter

  • Members
  • 298 posts
  • OFFLINE
  •  
  • Local time:11:54 AM

Posted 23 September 2013 - 03:32 PM

ok great thank you for your help.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users