Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

USPS/Update Flash Player virus


  • Please log in to reply
7 replies to this topic

#1 TOehlerking

TOehlerking

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:08:18 PM

Posted 02 May 2014 - 09:54 AM

Windows 7 operating system.

I received an email looking like a notification from USPS about an undeliverable package. I opened the email but did not open the attachment.

Realizing it was a fake, I deleted the email but was too late.

I started receiving notifications that I needed to update my flash player that stated this:

update flash player_21487ovc.exe.

When I closed or said no, I would get a new notice with a different .exe file.

CPU & RAM usage are at 100% and the virus is located in my C:\Users\Tim\Appdata\Roaming file.

I have used Advanced System Care & Malwarebyte scans & removed the virus twice. It keeps coming back.

Don't know what else to do.

These are the logs from Malwarebytes after the first scan:

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2014.03.06.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16518
Tim :: TIM-PC [administrator]

3/6/2014 9:38:06 AM
mbam-log-2014-03-06 (09-38-06).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 248559
Time elapsed: 11 minute(s), 50 second(s)

Memory Processes Detected: 2
C:\Program Files\SavingsbullFilter\SavingsbullFilterService64.exe (PUP.Optional.SavingsBull.A) -> 3548 -> No action taken.
C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher64.exe (PUP.Optional.Savingsbull) -> 1136 -> Delete on reboot.

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 25
HKLM\SYSTEM\CurrentControlSet\Services\SavingsbullFilterService64 (PUP.Optional.SavingsBull.A) -> No action taken.
HKCU\SOFTWARE\DEFAULT TAB (PUP.Optional.DefaultTab.A) -> No action taken.
HKCU\Software\SavingsBull (PUP.Optional.SavingsBull.A) -> No action taken.
HKCU\Software\AppDataLow\Software\Crossrider (PUP.Optional.CrossRider.A) -> No action taken.
HKCU\Software\AppDataLow\Software\DefaultTab (PUP.Optional.DefaultTab.A) -> No action taken.
HKCU\Software\AppDataLow\Software\PriceGong (PUP.Optional.PriceGong.A) -> No action taken.
HKCU\Software\AppDataLow\Software\Savings Bull (PUP.Optional.SavingsBull.A) -> No action taken.
HKCU\Software\AppDataLow\Software\SavingsBull (PUP.Optional.SavingsBull.A) -> No action taken.
HKCU\Software\Conduit\FF (PUP.Optional.Conduit.A) -> No action taken.
HKCU\Software\Conduit\ValueApps (PUP.Optional.ValueApps.A) -> No action taken.
HKLM\SOFTWARE\Highlightly (PUP.Optional.Highlightly) -> No action taken.
HKLM\SOFTWARE\SavingsbullFilter (PUP.Optional.SavingsBull.A) -> No action taken.
HKLM\SYSTEM\CurrentControlSet\Services\DefaultTabUpdate (PUP.Optional.DefaultTab.A) -> No action taken.
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\HLNFD (PUP.Optional.Highlightly) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IECT3309322 (PUP.Optional.Conduit.A) -> No action taken.
HKLM\SYSTEM\CurrentControlSet\Services\Level Quality Watcher (PUP.Optional.Savingsbull) -> Quarantined and deleted successfully.
HKCR\CLSID\{10AD2C61-0898-4348-8600-14A342F22AC3} (PUP.Optional.ScorpionSaver) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10AD2C61-0898-4348-8600-14A342F22AC3} (PUP.Optional.ScorpionSaver) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{10AD2C61-0898-4348-8600-14A342F22AC3} (PUP.Optional.ScorpionSaver) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{10AD2C61-0898-4348-8600-14A342F22AC3} (PUP.Optional.ScorpionSaver) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01} (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01} (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01} (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} (PUP.Optional.WeCare.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A} (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.

Registry Values Detected: 2
HKCU\SOFTWARE\Default Tab|Version (PUP.Optional.DefaultTab.A) -> Data: 2.2.23.0 -> No action taken.
HKLM\SYSTEM\CurrentControlSet\Services\hlnfd|DisplayName (PUP.Optional.Highlightly) -> Data: hlnfd -> No action taken.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 44
C:\Program Files\SavingsbullFilter (PUP.Optional.SavingsBull.A) -> No action taken.
C:\Users\Tim\AppData\Roaming\OpenCandy (PUP.Optional.OpenCandy) -> No action taken.
C:\Users\Tim\AppData\Roaming\OpenCandy\OpenCandy_67148FF60509438CB2024B96C55A05C8 (PUP.Optional.OpenCandy) -> No action taken.
C:\Users\Tim\AppData\Local\Temp\ct3309759 (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Tim\AppData\Local\Temp\ct3309759\xpi (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Tim\AppData\Local\Temp\ct3309759\xpi\defaults (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Tim\AppData\Local\Temp\ct3309759\xpi\defaults\preferences (PUP.Optional.Conduit.A) -> No action taken.
C:\ProgramData\Conduit\IE (PUP.Optional.Conduit.A) -> No action taken.
C:\ProgramData\Conduit\IE\CT3309322 (PUP.Optional.Conduit.A) -> No action taken.
C:\ProgramData\Conduit\IE\CT3309759 (PUP.Optional.Conduit.A) -> No action taken.
C:\Program Files\Level Quality Watcher\v1.01 (PUP.Optional.Adpeak) -> No action taken.
C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngaeinfoeljecnggcbonnohnjpepenmb (PUP.Optional.SavingsBull.A) -> No action taken.
C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngaeinfoeljecnggcbonnohnjpepenmb\5.0_0 (PUP.Optional.SavingsBull.A) -> No action taken.
C:\Program Files\SavingsBull (PUP.Optional.SavingsBull.A) -> No action taken.
C:\Program Files (x86)\SavingsBull (PUP.Optional.SavingsBull.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0 (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\css (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\css\jquery_ui (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\css\jquery_ui\images (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\images (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\images\engines_icons (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\images\injection (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\js (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\plugins (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0 (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\css (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\css\jquery_ui (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\css\jquery_ui\images (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\engines_icons (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\js (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\plugins (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj (PUP.Optional.SlickSavings.A) -> No action taken.
C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0 (PUP.Optional.SlickSavings.A) -> No action taken.
C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\css (PUP.Optional.SlickSavings.A) -> No action taken.
C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\Img (PUP.Optional.SlickSavings.A) -> No action taken.
C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk (PUP.Optional.SlickSavings.A) -> No action taken.
C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_1 (PUP.Optional.SlickSavings.A) -> No action taken.
C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_1\icons (PUP.Optional.SlickSavings.A) -> No action taken.
C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_1\scripts (PUP.Optional.SlickSavings.A) -> No action taken.
C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp (PUP.Optional.SlickSavings.A) -> No action taken.
C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp\1.0_1 (PUP.Optional.SlickSavings.A) -> No action taken.

Files Detected: 200
C:\$Recycle.Bin\S-1-5-21-3845494938-3895700647-4173336886-1000\$RNTVEPH.7z (Trojan.Agent.CK) -> No action taken.
C:\Users\Tim\AppData\Local\Temp\38950105-1f67-481a-872d-b4dbefb01fbd\spidentifierimpl.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Tim\Downloads\Flash_Setup.exe (PUP.Optional.AirInstaller) -> No action taken.
C:\Users\Tim\Downloads\Setup.exe (PUP.Optional.DomaIQ) -> No action taken.
C:\Users\Tim\Downloads\SoftonicDownloader_for_earthquake-3d.exe (PUP.Optional.Softonic.A) -> No action taken.
C:\Users\Tim\AppData\Local\Conduit\CT3282812\Somoto_V.1AutoUpdateHelper.exe (PUP.Optional.Conduit) -> No action taken.
C:\Users\Tim\AppData\Local\Conduit\CT3309322\KeyBar_1.22AutoUpdateHelper.exe (PUP.Optional.Conduit) -> No action taken.
C:\Windows\Installer\71fa10.msi (PUP.Optional.WeCare.A) -> No action taken.
C:\Program Files\SavingsbullFilter\sample.dll (PUP.Optional.SavingsBull.A) -> No action taken.
C:\Program Files\SavingsbullFilter\Installbat64.dll (PUP.Optional.SavingsBull.A) -> No action taken.
C:\Program Files\SavingsbullFilter\Microsoft.Deployment.WindowsInstaller.dll (PUP.Optional.SavingsBull.A) -> No action taken.
C:\Program Files\SavingsbullFilter\Microsoft.Deployment.WindowsInstaller.xml (PUP.Optional.SavingsBull.A) -> No action taken.
C:\Program Files\SavingsbullFilter\nfapi.dll (PUP.Optional.SavingsBull.A) -> No action taken.
C:\Program Files\SavingsbullFilter\nfregdrv.exe (PUP.Optional.SavingsBull.A) -> No action taken.
C:\Program Files\SavingsbullFilter\ProtocolFilters.dll (PUP.Optional.SavingsBull.A) -> No action taken.
C:\Program Files\SavingsbullFilter\SavingsbullFilterService64.exe (PUP.Optional.SavingsBull.A) -> No action taken.
C:\Users\Tim\AppData\Roaming\OpenCandy\OpenCandy_67148FF60509438CB2024B96C55A05C8\2512.ico (PUP.Optional.OpenCandy) -> No action taken.
C:\Users\Tim\AppData\Roaming\OpenCandy\OpenCandy_67148FF60509438CB2024B96C55A05C8\EBB77268-338F-4C6A-8590-AD88FED26F4A (PUP.Optional.OpenCandy) -> No action taken.
C:\Users\Tim\AppData\Roaming\OpenCandy\OpenCandy_67148FF60509438CB2024B96C55A05C8\OCBrowserHelper_1.0.2.73.dll (PUP.Optional.OpenCandy) -> No action taken.
C:\Users\Tim\AppData\Roaming\OpenCandy\OpenCandy_67148FF60509438CB2024B96C55A05C8\WeCare_ClearWater_p1v1.exe (PUP.Optional.OpenCandy) -> No action taken.
C:\ProgramData\Conduit\IE\CT3309322\configutaion.json (PUP.Optional.Conduit.A) -> No action taken.
C:\ProgramData\Conduit\IE\CT3309322\SetupIcon.ico (PUP.Optional.Conduit.A) -> No action taken.
C:\ProgramData\Conduit\IE\CT3309322\UninstallerUI.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\ProgramData\Conduit\IE\CT3309759\UninstallerUI.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher32.exe (PUP.Optional.Adpeak) -> No action taken.
C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngaeinfoeljecnggcbonnohnjpepenmb\5.0_0\background.js (PUP.Optional.SavingsBull.A) -> No action taken.
C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngaeinfoeljecnggcbonnohnjpepenmb\5.0_0\bootstrap.js (PUP.Optional.SavingsBull.A) -> No action taken.
C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngaeinfoeljecnggcbonnohnjpepenmb\5.0_0\icon128.png (PUP.Optional.SavingsBull.A) -> No action taken.
C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngaeinfoeljecnggcbonnohnjpepenmb\5.0_0\icon16.png (PUP.Optional.SavingsBull.A) -> No action taken.
C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngaeinfoeljecnggcbonnohnjpepenmb\5.0_0\icon32.png (PUP.Optional.SavingsBull.A) -> No action taken.
C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngaeinfoeljecnggcbonnohnjpepenmb\5.0_0\icon48.png (PUP.Optional.SavingsBull.A) -> No action taken.
C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngaeinfoeljecnggcbonnohnjpepenmb\5.0_0\icon64.png (PUP.Optional.SavingsBull.A) -> No action taken.
C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngaeinfoeljecnggcbonnohnjpepenmb\5.0_0\icon8.png (PUP.Optional.SavingsBull.A) -> No action taken.
C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngaeinfoeljecnggcbonnohnjpepenmb\5.0_0\manifest.json (PUP.Optional.SavingsBull.A) -> No action taken.
C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngaeinfoeljecnggcbonnohnjpepenmb\5.0_0\marcopolo.js (PUP.Optional.SavingsBull.A) -> No action taken.
C:\Program Files\SavingsBull\uninstaller.exe (PUP.Optional.SavingsBull.A) -> No action taken.
C:\Program Files (x86)\SavingsBull\CustomActionInstall (PUP.Optional.SavingsBull.A) -> No action taken.
C:\Program Files (x86)\SavingsBull\CustomActionUninstall (PUP.Optional.SavingsBull.A) -> No action taken.
C:\Program Files (x86)\SavingsBull\IEOptimizer64.dll (PUP.Optional.SavingsBull.A) -> No action taken.
C:\Program Files (x86)\SavingsBull\Microsoft.Deployment.WindowsInstaller.dll (PUP.Optional.SavingsBull.A) -> No action taken.
C:\Program Files (x86)\SavingsBull\Microsoft.Deployment.WindowsInstaller.xml (PUP.Optional.SavingsBull.A) -> No action taken.
C:\Program Files (x86)\SavingsBull\SendJson.dll (PUP.Optional.SavingsBull.A) -> No action taken.
C:\Program Files (x86)\SavingsBull\uninstaller.exe (PUP.Optional.SavingsBull.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\18x18.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\background.html (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\blank.html (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\manifest.json (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\manifest_no_button.json (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\new_tab.html (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\search_box.html (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\css\injection.css (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\css\jquery_ui\jquery-ui-1.8.16.custom.css (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\css\jquery_ui\images\ui-bg_flat_0_aaaaaa_40x100.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\css\jquery_ui\images\ui-bg_flat_75_ffffff_40x100.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\css\jquery_ui\images\ui-bg_glass_55_fbf9ee_1x400.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\css\jquery_ui\images\ui-bg_glass_65_ffffff_1x400.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\css\jquery_ui\images\ui-bg_glass_75_dadada_1x400.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\css\jquery_ui\images\ui-bg_glass_75_e6e6e6_1x400.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\css\jquery_ui\images\ui-bg_glass_95_fef1ec_1x400.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\css\jquery_ui\images\ui-bg_highlight-soft_75_cccccc_1x100.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\css\jquery_ui\images\ui-icons_222222_256x240.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\css\jquery_ui\images\ui-icons_2e83ff_256x240.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\css\jquery_ui\images\ui-icons_454545_256x240.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\css\jquery_ui\images\ui-icons_888888_256x240.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\css\jquery_ui\images\ui-icons_cd0a0a_256x240.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\images\help.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\images\engines_icons\Bing.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\images\engines_icons\Google.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\images\engines_icons\Search here.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\images\engines_icons\Yahoo.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\images\injection\bullet_arrow_down.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\images\injection\bullet_arrow_down_old.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\images\injection\icon.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\images\injection\search-inner-wrapper.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\images\injection\search-left.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\images\injection\search_arrow_top_button.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\images\injection\search_arrow_top_button_hovered.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\images\injection\search_bottom_bg.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\images\injection\search_bottom_border_bg.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\images\injection\search_bottom_left_before_corner.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\images\injection\search_bottom_left_corner.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\images\injection\search_bottom_right_before_corner.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\images\injection\search_bottom_right_corner.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\images\injection\search_left_border_bg.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\images\injection\search_left_bottom_border_bg.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\images\injection\search_middle_bg.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\images\injection\search_right_border_bg.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\images\injection\search_right_bottom_border_bg.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\images\injection\search_top_bg.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\images\injection\search_top_left_before_corner.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\images\injection\search_top_left_corner.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\images\injection\search_top_right_before_corner.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\images\injection\search_top_right_corner.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\js\bg.js (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\js\ConfigManager.js (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\js\content.js (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\js\InjectionManager.js (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\js\jquery-1.7.1.min.js (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\js\jquery-ui-1.8.16.custom.min.js (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\js\jquery.guid.js (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\js\newTab.js (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\js\SearchBox.js (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\plugins\npDefaultTabSearch.dll (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\18x18.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\background.html (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\blank.html (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\manifest.json (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\manifest_no_button.json (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\new_tab.html (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\search_box.html (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\css\injection.css (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\css\jquery_ui\jquery-ui-1.8.16.custom.css (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\css\jquery_ui\images\ui-bg_flat_0_aaaaaa_40x100.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\css\jquery_ui\images\ui-bg_flat_75_ffffff_40x100.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\css\jquery_ui\images\ui-bg_glass_55_fbf9ee_1x400.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\css\jquery_ui\images\ui-bg_glass_65_ffffff_1x400.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\css\jquery_ui\images\ui-bg_glass_75_dadada_1x400.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\css\jquery_ui\images\ui-bg_glass_75_e6e6e6_1x400.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\css\jquery_ui\images\ui-bg_glass_95_fef1ec_1x400.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\css\jquery_ui\images\ui-bg_highlight-soft_75_cccccc_1x100.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\css\jquery_ui\images\ui-icons_222222_256x240.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\css\jquery_ui\images\ui-icons_2e83ff_256x240.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\css\jquery_ui\images\ui-icons_454545_256x240.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\css\jquery_ui\images\ui-icons_888888_256x240.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\css\jquery_ui\images\ui-icons_cd0a0a_256x240.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\help.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\engines_icons\Bing.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\engines_icons\Google.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\engines_icons\Search here.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\engines_icons\Yahoo.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection\bullet_arrow_down.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection\bullet_arrow_down_old.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection\icon.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection\search-inner-wrapper.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection\search-left.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection\search_arrow_top_button.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection\search_arrow_top_button_hovered.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection\search_bottom_bg.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection\search_bottom_border_bg.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection\search_bottom_left_before_corner.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection\search_bottom_left_corner.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection\search_bottom_right_before_corner.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection\search_bottom_right_corner.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection\search_left_border_bg.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection\search_left_bottom_border_bg.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection\search_middle_bg.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection\search_right_border_bg.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection\search_right_bottom_border_bg.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection\search_top_bg.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection\search_top_left_before_corner.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection\search_top_left_corner.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection\search_top_right_before_corner.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection\search_top_right_corner.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\js\bg.js (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\js\ConfigManager.js (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\js\content.js (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\js\InjectionManager.js (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\js\jquery-1.7.1.min.js (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\js\jquery-ui-1.8.16.custom.min.js (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\js\jquery.guid.js (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\js\newTab.js (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\js\ScriptChecker.js (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\js\ScriptInjector.js (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\js\SearchBox.js (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\plugins\npDefaultTabSearch.dll (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\background.html (PUP.Optional.SlickSavings.A) -> No action taken.
C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\background.js (PUP.Optional.SlickSavings.A) -> No action taken.
C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\config.json (PUP.Optional.SlickSavings.A) -> No action taken.
C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\dea-128.png (PUP.Optional.SlickSavings.A) -> No action taken.
C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\dea-48.png (PUP.Optional.SlickSavings.A) -> No action taken.
C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\empty-favicon.ico (PUP.Optional.SlickSavings.A) -> No action taken.
C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\jquery.js (PUP.Optional.SlickSavings.A) -> No action taken.
C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\manifest.json (PUP.Optional.SlickSavings.A) -> No action taken.
C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\newtab.html (PUP.Optional.SlickSavings.A) -> No action taken.
C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\newtab.js (PUP.Optional.SlickSavings.A) -> No action taken.
C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\redirect.html (PUP.Optional.SlickSavings.A) -> No action taken.
C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\redirect.js (PUP.Optional.SlickSavings.A) -> No action taken.
C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\util.js (PUP.Optional.SlickSavings.A) -> No action taken.
C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\css\newtab.css (PUP.Optional.SlickSavings.A) -> No action taken.
C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\Img\no_thumb.png (PUP.Optional.SlickSavings.A) -> No action taken.
C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\Img\search-icon.png (PUP.Optional.SlickSavings.A) -> No action taken.
C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_1\background.html (PUP.Optional.SlickSavings.A) -> No action taken.
C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_1\config.json (PUP.Optional.SlickSavings.A) -> No action taken.
C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_1\manifest.json (PUP.Optional.SlickSavings.A) -> No action taken.
C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_1\icons\ss-128.png (PUP.Optional.SlickSavings.A) -> No action taken.
C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_1\icons\ss-48.png (PUP.Optional.SlickSavings.A) -> No action taken.
C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_1\scripts\background.js (PUP.Optional.SlickSavings.A) -> No action taken.
C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_1\scripts\loader_1036.js (PUP.Optional.SlickSavings.A) -> No action taken.
C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_1\scripts\utils.js (PUP.Optional.SlickSavings.A) -> No action taken.
C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp\1.0_1\amazon-128.png (PUP.Optional.SlickSavings.A) -> No action taken.
C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp\1.0_1\amazon-19.png (PUP.Optional.SlickSavings.A) -> No action taken.
C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp\1.0_1\amazon-48.png (PUP.Optional.SlickSavings.A) -> No action taken.
C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp\1.0_1\background.js (PUP.Optional.SlickSavings.A) -> No action taken.
C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp\1.0_1\manifest.json (PUP.Optional.SlickSavings.A) -> No action taken.
C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher64.exe (PUP.Optional.Savingsbull) -> Delete on reboot.
C:\Program Files (x86)\SavingsBull\IEOptimizer.dll (PUP.Optional.ScorpionSaver) -> Quarantined and deleted successfully.
C:\ProgramData\WeCareReminder\ReminderHelper.exe (PUP.Optional.WeCare.A) -> Quarantined and deleted successfully.
C:\ProgramData\WeCareReminder\WCAutoUpdate.exe (PUP.Optional.WeCare.A) -> Quarantined and deleted successfully.
C:\ProgramData\ZalmanInstaller_52332\otshotcomponent55.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Tim\AppData\Roaming\OpenCandy\OpenCandy_67148FF60509438CB2024B96C55A05C8\ReadOnlyInstaller.msi (PUP.Optional.WeCare.A) -> Quarantined and deleted successfully.

(end)

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2014.05.01.12

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17041
Tim :: TIM-PC [administrator]

5/1/2014 4:32:27 PM
mbam-log-2014-05-01 (16-32-27).txt

Scan type: Full scan (B:\|C:\|I:\|M:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 777293
Time elapsed: 2 hour(s), 58 minute(s), 50 second(s)

Memory Processes Detected: 6
C:\Program Files\SavingsbullFilter\SavingsbullFilterService64.exe (PUP.Optional.SavingsBull.A) -> 4264 -> No action taken.
C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe (PUP.Optional.Spigot.A) -> 5532 -> No action taken.
C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings64.exe (PUP.Optional.Spigot.A) -> 8632 -> No action taken.
C:\Users\Tim\AppData\Roaming\Niyhafr\maiso.exe (Spyware.Zbot) -> 19156 -> Delete on reboot.
C:\Users\Tim\AppData\Roaming\Niyhafr\maiso.exe (Spyware.Zbot) -> 7828 -> Delete on reboot.
C:\Users\Tim\AppData\Roaming\Niyhafr\maiso.exe (Spyware.Zbot) -> 10476 -> Delete on reboot.

Memory Modules Detected: 1
C:\Program Files (x86)\Common Files\Spigot\Search Settings\wth181.dll (PUP.Optional.Spigot.A) -> No action taken.

Registry Keys Detected: 13
HKLM\SYSTEM\CurrentControlSet\Services\SavingsbullFilterService64 (PUP.Optional.SavingsBull.A) -> No action taken.
HKCU\Software\SavingsBull (PUP.Optional.SavingsBull.A) -> No action taken.
HKCU\Software\AppDataLow\Software\Crossrider (PUP.Optional.CrossRider.A) -> No action taken.
HKCU\Software\AppDataLow\Software\PriceGong (PUP.Optional.PriceGong.A) -> No action taken.
HKCU\Software\AppDataLow\Software\Savings Bull (PUP.Optional.SavingsBull.A) -> No action taken.
HKCU\Software\AppDataLow\Software\SavingsBull (PUP.Optional.SavingsBull.A) -> No action taken.
HKCU\Software\Conduit\FF (PUP.Optional.Conduit.A) -> No action taken.
HKCU\Software\Conduit\ValueApps (PUP.Optional.ValueApps.A) -> No action taken.
HKCU\Software\Softonic\Universal Downloader (PUP.Optional.Softonic.A) -> No action taken.
HKLM\SOFTWARE\Highlightly (PUP.Optional.Highlightly) -> No action taken.
HKLM\SYSTEM\CurrentControlSet\Services\DefaultTabUpdate (PUP.Optional.DefaultTab.A) -> No action taken.
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\HLNFD (PUP.Optional.Highlightly) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IECT3309322 (PUP.Optional.Conduit.A) -> No action taken.

Registry Values Detected: 5
HKLM\SOFTWARE\Mozilla\Firefox\Extensions|gethighlightly@gethighlightly.com (PUP.Optional.Highlightly.A) -> Data: C:\Program Files (x86)\Mozilla Firefox\extensions\gethighlightly@gethighlightly.com -> No action taken.
HKLM\SYSTEM\CurrentControlSet\Services\hlnfd|DisplayName (PUP.Optional.Highlightly) -> Data: hlnfd -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\PROGRAM FILES (X86)\COMMON FILES\SPIGOT\SEARCH SETTINGS\SEARCHSETTINGS.EXE (PUP.Optional.Spigot.A) -> Data: 1 -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|SearchSettings (PUP.Optional.Spigot.A) -> Data: "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe" -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Ubquawhe (Spyware.Zbot) -> Data: C:\Users\Tim\AppData\Roaming\Niyhafr\maiso.exe -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 44
C:\Program Files\SavingsbullFilter (PUP.Optional.SavingsBull.A) -> No action taken.
C:\Users\Tim\AppData\Roaming\OpenCandy (PUP.Optional.OpenCandy) -> No action taken.
C:\Users\Tim\AppData\Roaming\OpenCandy\OpenCandy_67148FF60509438CB2024B96C55A05C8 (PUP.Optional.OpenCandy) -> No action taken.
C:\Users\Tim\AppData\Local\Temp\ct3309759 (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Tim\AppData\Local\Temp\ct3309759\xpi (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Tim\AppData\Local\Temp\ct3309759\xpi\defaults (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Tim\AppData\Local\Temp\ct3309759\xpi\defaults\preferences (PUP.Optional.Conduit.A) -> No action taken.
C:\ProgramData\Conduit\IE (PUP.Optional.Conduit.A) -> No action taken.
C:\ProgramData\Conduit\IE\CT3309322 (PUP.Optional.Conduit.A) -> No action taken.
C:\ProgramData\Conduit\IE\CT3309759 (PUP.Optional.Conduit.A) -> No action taken.
C:\Program Files\Level Quality Watcher\v1.01 (PUP.Optional.Adpeak) -> No action taken.
C:\Program Files\SavingsBull (PUP.Optional.SavingsBull.A) -> No action taken.
C:\Program Files (x86)\SavingsBull (PUP.Optional.SavingsBull.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0 (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\css (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\css\jquery_ui (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\css\jquery_ui\images (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\images (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\images\engines_icons (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\images\injection (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\js (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\plugins (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0 (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\css (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\css\jquery_ui (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\css\jquery_ui\images (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\engines_icons (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\js (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\plugins (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj (PUP.Optional.SlickSavings.A) -> No action taken.
C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.4_0 (PUP.Optional.SlickSavings.A) -> No action taken.
C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk (PUP.Optional.SlickSavings.A) -> No action taken.
C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.5_0 (PUP.Optional.SlickSavings.A) -> No action taken.
C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.5_0\icons (PUP.Optional.SlickSavings.A) -> No action taken.
C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.5_0\scripts (PUP.Optional.SlickSavings.A) -> No action taken.
C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp (PUP.Optional.SlickSavings.A) -> No action taken.
C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp\1.0_0 (PUP.Optional.SlickSavings.A) -> No action taken.
C:\Program Files (x86)\KeyBar_1.22 (PUP.Optional.Conduit.A) -> No action taken.
C:\Program Files (x86)\Common Files\Spigot\Search Settings (PUP.Optional.Spigot.A) -> No action taken.
C:\Program Files (x86)\Common Files\Spigot\Search Settings\Lang (PUP.Optional.Spigot.A) -> No action taken.
C:\Program Files (x86)\Common Files\Spigot\Search Settings\Res (PUP.Optional.Spigot.A) -> No action taken.

Files Detected: 267
C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher32.exe (PUP.Optional.Savingsbull) -> No action taken.
C:\Program Files (x86)\KeyBar_1.22\KeyBar_1.22ToolbarHelper.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Program Files (x86)\Somoto_V.1\Somoto_V.1ToolbarHelper.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Tim\AppData\Local\Conduit\CT3282812\Somoto_V.1AutoUpdateHelper.exe (PUP.Optional.Conduit) -> No action taken.
C:\Users\Tim\AppData\Local\Conduit\CT3309322\KeyBar_1.22AutoUpdateHelper.exe (PUP.Optional.Conduit) -> No action taken.
C:\Users\Tim\AppData\LocalLow\KeyBar_1.22\hk64tbKey0.dll (PUP.Optional.Conduit) -> No action taken.
C:\Users\Tim\AppData\LocalLow\KeyBar_1.22\hktbKey0.dll (PUP.Optional.Conduit) -> No action taken.
C:\Users\Tim\AppData\LocalLow\KeyBar_1.22\ldrtbKey0.dll (PUP.Optional.Conduit) -> No action taken.
C:\Users\Tim\AppData\LocalLow\KeyBar_1.22\tbKey0.dll (PUP.Optional.Conduit) -> No action taken.
C:\Users\Tim\AppData\LocalLow\Somoto_V.1\hk64tbSom2.dll (PUP.Optional.Conduit) -> No action taken.
C:\Users\Tim\AppData\LocalLow\Somoto_V.1\hktbSom2.dll (PUP.Optional.Conduit) -> No action taken.
C:\Users\Tim\AppData\LocalLow\Somoto_V.1\ldrtbSom2.dll (PUP.Optional.Conduit) -> No action taken.
C:\Users\Tim\AppData\LocalLow\Somoto_V.1\tbSom2.dll (PUP.Optional.Conduit) -> No action taken.
C:\Users\Tim\Downloads\Setup.exe (PUP.Optional.DomaIQ) -> No action taken.
C:\Windows\Installer\71fa10.msi (PUP.Optional.WeCare.A) -> No action taken.
M:\Adobe CS5 Master Collection\KEYGEN.rar (PUP.Keygen.Intro) -> No action taken.
C:\Program Files\SavingsbullFilter\sample.dll (PUP.Optional.SavingsBull.A) -> No action taken.
C:\Program Files\SavingsbullFilter\Installbat64.dll (PUP.Optional.SavingsBull.A) -> No action taken.
C:\Program Files\SavingsbullFilter\Microsoft.Deployment.WindowsInstaller.dll (PUP.Optional.SavingsBull.A) -> No action taken.
C:\Program Files\SavingsbullFilter\Microsoft.Deployment.WindowsInstaller.xml (PUP.Optional.SavingsBull.A) -> No action taken.
C:\Program Files\SavingsbullFilter\nfapi.dll (PUP.Optional.SavingsBull.A) -> No action taken.
C:\Program Files\SavingsbullFilter\nfregdrv.exe (PUP.Optional.SavingsBull.A) -> No action taken.
C:\Program Files\SavingsbullFilter\ProtocolFilters.dll (PUP.Optional.SavingsBull.A) -> No action taken.
C:\Program Files\SavingsbullFilter\SavingsbullFilterService64.exe (PUP.Optional.SavingsBull.A) -> No action taken.
C:\Users\Tim\AppData\Roaming\OpenCandy\OpenCandy_67148FF60509438CB2024B96C55A05C8\2512.ico (PUP.Optional.OpenCandy) -> No action taken.
C:\Users\Tim\AppData\Roaming\OpenCandy\OpenCandy_67148FF60509438CB2024B96C55A05C8\EBB77268-338F-4C6A-8590-AD88FED26F4A (PUP.Optional.OpenCandy) -> No action taken.
C:\Users\Tim\AppData\Roaming\OpenCandy\OpenCandy_67148FF60509438CB2024B96C55A05C8\OCBrowserHelper_1.0.2.73.dll (PUP.Optional.OpenCandy) -> No action taken.
C:\Users\Tim\AppData\Roaming\OpenCandy\OpenCandy_67148FF60509438CB2024B96C55A05C8\WeCare_ClearWater_p1v1.exe (PUP.Optional.OpenCandy) -> No action taken.
C:\ProgramData\Conduit\IE\CT3309322\configutaion.json (PUP.Optional.Conduit.A) -> No action taken.
C:\ProgramData\Conduit\IE\CT3309322\SetupIcon.ico (PUP.Optional.Conduit.A) -> No action taken.
C:\ProgramData\Conduit\IE\CT3309322\UninstallerUI.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\ProgramData\Conduit\IE\CT3309759\UninstallerUI.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Program Files\SavingsBull\uninstaller.exe (PUP.Optional.SavingsBull.A) -> No action taken.
C:\Program Files (x86)\SavingsBull\CustomActionInstall (PUP.Optional.SavingsBull.A) -> No action taken.
C:\Program Files (x86)\SavingsBull\CustomActionUninstall (PUP.Optional.SavingsBull.A) -> No action taken.
C:\Program Files (x86)\SavingsBull\IEOptimizer64.dll (PUP.Optional.SavingsBull.A) -> No action taken.
C:\Program Files (x86)\SavingsBull\Microsoft.Deployment.WindowsInstaller.dll (PUP.Optional.SavingsBull.A) -> No action taken.
C:\Program Files (x86)\SavingsBull\Microsoft.Deployment.WindowsInstaller.xml (PUP.Optional.SavingsBull.A) -> No action taken.
C:\Program Files (x86)\SavingsBull\SendJson.dll (PUP.Optional.SavingsBull.A) -> No action taken.
C:\Program Files (x86)\SavingsBull\uninstaller.exe (PUP.Optional.SavingsBull.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\18x18.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\background.html (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\blank.html (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\manifest.json (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\manifest_no_button.json (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\new_tab.html (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\search_box.html (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\css\injection.css (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\css\jquery_ui\jquery-ui-1.8.16.custom.css (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\css\jquery_ui\images\ui-bg_flat_0_aaaaaa_40x100.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\css\jquery_ui\images\ui-bg_flat_75_ffffff_40x100.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\css\jquery_ui\images\ui-bg_glass_55_fbf9ee_1x400.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\css\jquery_ui\images\ui-bg_glass_65_ffffff_1x400.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\css\jquery_ui\images\ui-bg_glass_75_dadada_1x400.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\css\jquery_ui\images\ui-bg_glass_75_e6e6e6_1x400.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\css\jquery_ui\images\ui-bg_glass_95_fef1ec_1x400.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\css\jquery_ui\images\ui-bg_highlight-soft_75_cccccc_1x100.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\css\jquery_ui\images\ui-icons_222222_256x240.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\css\jquery_ui\images\ui-icons_2e83ff_256x240.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\css\jquery_ui\images\ui-icons_454545_256x240.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\css\jquery_ui\images\ui-icons_888888_256x240.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\css\jquery_ui\images\ui-icons_cd0a0a_256x240.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\images\help.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\images\engines_icons\Bing.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\images\engines_icons\Google.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\images\engines_icons\Search here.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\images\engines_icons\Yahoo.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\images\injection\bullet_arrow_down.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\images\injection\bullet_arrow_down_old.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\images\injection\icon.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\images\injection\search-inner-wrapper.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\images\injection\search-left.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\images\injection\search_arrow_top_button.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\images\injection\search_arrow_top_button_hovered.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\images\injection\search_bottom_bg.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\images\injection\search_bottom_border_bg.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\images\injection\search_bottom_left_before_corner.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\images\injection\search_bottom_left_corner.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\images\injection\search_bottom_right_before_corner.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\images\injection\search_bottom_right_corner.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\images\injection\search_left_border_bg.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\images\injection\search_left_bottom_border_bg.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\images\injection\search_middle_bg.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\images\injection\search_right_border_bg.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\images\injection\search_right_bottom_border_bg.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\images\injection\search_top_bg.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\images\injection\search_top_left_before_corner.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\images\injection\search_top_left_corner.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\images\injection\search_top_right_before_corner.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\images\injection\search_top_right_corner.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\js\bg.js (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\js\ConfigManager.js (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\js\content.js (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\js\InjectionManager.js (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\js\jquery-1.7.1.min.js (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\js\jquery-ui-1.8.16.custom.min.js (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\js\jquery.guid.js (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\js\newTab.js (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\js\SearchBox.js (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\plugins\npDefaultTabSearch.dll (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\18x18.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\background.html (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\blank.html (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\manifest.json (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\manifest_no_button.json (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\new_tab.html (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\search_box.html (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\css\injection.css (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\css\jquery_ui\jquery-ui-1.8.16.custom.css (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\css\jquery_ui\images\ui-bg_flat_0_aaaaaa_40x100.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\css\jquery_ui\images\ui-bg_flat_75_ffffff_40x100.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\css\jquery_ui\images\ui-bg_glass_55_fbf9ee_1x400.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\css\jquery_ui\images\ui-bg_glass_65_ffffff_1x400.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\css\jquery_ui\images\ui-bg_glass_75_dadada_1x400.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\css\jquery_ui\images\ui-bg_glass_75_e6e6e6_1x400.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\css\jquery_ui\images\ui-bg_glass_95_fef1ec_1x400.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\css\jquery_ui\images\ui-bg_highlight-soft_75_cccccc_1x100.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\css\jquery_ui\images\ui-icons_222222_256x240.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\css\jquery_ui\images\ui-icons_2e83ff_256x240.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\css\jquery_ui\images\ui-icons_454545_256x240.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\css\jquery_ui\images\ui-icons_888888_256x240.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\css\jquery_ui\images\ui-icons_cd0a0a_256x240.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\help.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\engines_icons\Bing.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\engines_icons\Google.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\engines_icons\Search here.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\engines_icons\Yahoo.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection\bullet_arrow_down.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection\bullet_arrow_down_old.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection\icon.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection\search-inner-wrapper.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection\search-left.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection\search_arrow_top_button.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection\search_arrow_top_button_hovered.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection\search_bottom_bg.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection\search_bottom_border_bg.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection\search_bottom_left_before_corner.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection\search_bottom_left_corner.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection\search_bottom_right_before_corner.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection\search_bottom_right_corner.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection\search_left_border_bg.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection\search_left_bottom_border_bg.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection\search_middle_bg.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection\search_right_border_bg.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection\search_right_bottom_border_bg.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection\search_top_bg.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection\search_top_left_before_corner.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection\search_top_left_corner.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection\search_top_right_before_corner.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection\search_top_right_corner.png (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\js\bg.js (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\js\ConfigManager.js (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\js\content.js (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\js\InjectionManager.js (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\js\jquery-1.7.1.min.js (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\js\jquery-ui-1.8.16.custom.min.js (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\js\jquery.guid.js (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\js\newTab.js (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\js\ScriptChecker.js (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\js\ScriptInjector.js (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\js\SearchBox.js (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\plugins\npDefaultTabSearch.dll (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.4_0\background.js (PUP.Optional.SlickSavings.A) -> No action taken.
C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.4_0\dea-128.png (PUP.Optional.SlickSavings.A) -> No action taken.
C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.4_0\dea-48.png (PUP.Optional.SlickSavings.A) -> No action taken.
C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.4_0\manifest.json (PUP.Optional.SlickSavings.A) -> No action taken.
C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.5_0\background.html (PUP.Optional.SlickSavings.A) -> No action taken.
C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.5_0\config.json (PUP.Optional.SlickSavings.A) -> No action taken.
C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.5_0\manifest.json (PUP.Optional.SlickSavings.A) -> No action taken.
C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.5_0\icons\ss-128.png (PUP.Optional.SlickSavings.A) -> No action taken.
C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.5_0\icons\ss-48.png (PUP.Optional.SlickSavings.A) -> No action taken.
C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.5_0\scripts\background.js (PUP.Optional.SlickSavings.A) -> No action taken.
C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.5_0\scripts\loader_1036.js (PUP.Optional.SlickSavings.A) -> No action taken.
C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.5_0\scripts\utils.js (PUP.Optional.SlickSavings.A) -> No action taken.
C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp\1.0_0\amazon-128.png (PUP.Optional.SlickSavings.A) -> No action taken.
C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp\1.0_0\amazon-19.png (PUP.Optional.SlickSavings.A) -> No action taken.
C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp\1.0_0\amazon-48.png (PUP.Optional.SlickSavings.A) -> No action taken.
C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp\1.0_0\background.js (PUP.Optional.SlickSavings.A) -> No action taken.
C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp\1.0_0\manifest.json (PUP.Optional.SlickSavings.A) -> No action taken.
C:\Program Files (x86)\KeyBar_1.22\GottenAppsContextMenu.xml (PUP.Optional.Conduit.A) -> No action taken.
C:\Program Files (x86)\KeyBar_1.22\hk64tbKeyB.dll (PUP.Optional.Conduit.A) -> No action taken.
C:\Program Files (x86)\KeyBar_1.22\hktbKeyB.dll (PUP.Optional.Conduit.A) -> No action taken.
C:\Program Files (x86)\KeyBar_1.22\ldrtbKeyB.dll (PUP.Optional.Conduit.A) -> No action taken.
C:\Program Files (x86)\KeyBar_1.22\OtherAppsContextMenu.xml (PUP.Optional.Conduit.A) -> No action taken.
C:\Program Files (x86)\KeyBar_1.22\SharedAppsContextMenu.xml (PUP.Optional.Conduit.A) -> No action taken.
C:\Program Files (x86)\KeyBar_1.22\tbKeyB.dll (PUP.Optional.Conduit.A) -> No action taken.
C:\Program Files (x86)\KeyBar_1.22\toolbar.cfg (PUP.Optional.Conduit.A) -> No action taken.
C:\Program Files (x86)\KeyBar_1.22\ToolbarContextMenu.xml (PUP.Optional.Conduit.A) -> No action taken.
C:\Program Files (x86)\Common Files\Spigot\Search Settings\baidu_ff.xml (PUP.Optional.Spigot.A) -> No action taken.
C:\Program Files (x86)\Common Files\Spigot\Search Settings\baidu_ie.xml (PUP.Optional.Spigot.A) -> No action taken.
C:\Program Files (x86)\Common Files\Spigot\Search Settings\config.ini (PUP.Optional.Spigot.A) -> No action taken.
C:\Program Files (x86)\Common Files\Spigot\Search Settings\searchcom_ff.xml (PUP.Optional.Spigot.A) -> No action taken.
C:\Program Files (x86)\Common Files\Spigot\Search Settings\searchcom_ie.xml (PUP.Optional.Spigot.A) -> No action taken.
C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe (PUP.Optional.Spigot.A) -> No action taken.
C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings64.exe (PUP.Optional.Spigot.A) -> No action taken.
C:\Program Files (x86)\Common Files\Spigot\Search Settings\wth156.dll (PUP.Optional.Spigot.A) -> No action taken.
C:\Program Files (x86)\Common Files\Spigot\Search Settings\wth157.dll (PUP.Optional.Spigot.A) -> No action taken.
C:\Program Files (x86)\Common Files\Spigot\Search Settings\wth159.dll (PUP.Optional.Spigot.A) -> No action taken.
C:\Program Files (x86)\Common Files\Spigot\Search Settings\wth160.dll (PUP.Optional.Spigot.A) -> No action taken.
C:\Program Files (x86)\Common Files\Spigot\Search Settings\wth161.dll (PUP.Optional.Spigot.A) -> No action taken.
C:\Program Files (x86)\Common Files\Spigot\Search Settings\wth162.dll (PUP.Optional.Spigot.A) -> No action taken.
C:\Program Files (x86)\Common Files\Spigot\Search Settings\wth163.dll (PUP.Optional.Spigot.A) -> No action taken.
C:\Program Files (x86)\Common Files\Spigot\Search Settings\wth164.dll (PUP.Optional.Spigot.A) -> No action taken.
C:\Program Files (x86)\Common Files\Spigot\Search Settings\wth165.dll (PUP.Optional.Spigot.A) -> No action taken.
C:\Program Files (x86)\Common Files\Spigot\Search Settings\wth166.dll (PUP.Optional.Spigot.A) -> No action taken.
C:\Program Files (x86)\Common Files\Spigot\Search Settings\wth171.dll (PUP.Optional.Spigot.A) -> No action taken.
C:\Program Files (x86)\Common Files\Spigot\Search Settings\wth172.dll (PUP.Optional.Spigot.A) -> No action taken.
C:\Program Files (x86)\Common Files\Spigot\Search Settings\wth173.dll (PUP.Optional.Spigot.A) -> No action taken.
C:\Program Files (x86)\Common Files\Spigot\Search Settings\wth174.dll (PUP.Optional.Spigot.A) -> No action taken.
C:\Program Files (x86)\Common Files\Spigot\Search Settings\wth175.dll (PUP.Optional.Spigot.A) -> No action taken.
C:\Program Files (x86)\Common Files\Spigot\Search Settings\wth176.dll (PUP.Optional.Spigot.A) -> No action taken.
C:\Program Files (x86)\Common Files\Spigot\Search Settings\wth178.dll (PUP.Optional.Spigot.A) -> No action taken.
C:\Program Files (x86)\Common Files\Spigot\Search Settings\wth179.dll (PUP.Optional.Spigot.A) -> No action taken.
C:\Program Files (x86)\Common Files\Spigot\Search Settings\wth180.dll (PUP.Optional.Spigot.A) -> No action taken.
C:\Program Files (x86)\Common Files\Spigot\Search Settings\wth181.dll (PUP.Optional.Spigot.A) -> No action taken.
C:\Program Files (x86)\Common Files\Spigot\Search Settings\wthx156.dll (PUP.Optional.Spigot.A) -> No action taken.
C:\Program Files (x86)\Common Files\Spigot\Search Settings\wthx157.dll (PUP.Optional.Spigot.A) -> No action taken.
C:\Program Files (x86)\Common Files\Spigot\Search Settings\wthx159.dll (PUP.Optional.Spigot.A) -> No action taken.
C:\Program Files (x86)\Common Files\Spigot\Search Settings\wthx160.dll (PUP.Optional.Spigot.A) -> No action taken.
C:\Program Files (x86)\Common Files\Spigot\Search Settings\wthx161.dll (PUP.Optional.Spigot.A) -> No action taken.
C:\Program Files (x86)\Common Files\Spigot\Search Settings\wthx162.dll (PUP.Optional.Spigot.A) -> No action taken.
C:\Program Files (x86)\Common Files\Spigot\Search Settings\wthx163.dll (PUP.Optional.Spigot.A) -> No action taken.
C:\Program Files (x86)\Common Files\Spigot\Search Settings\wthx164.dll (PUP.Optional.Spigot.A) -> No action taken.
C:\Program Files (x86)\Common Files\Spigot\Search Settings\wthx165.dll (PUP.Optional.Spigot.A) -> No action taken.
C:\Program Files (x86)\Common Files\Spigot\Search Settings\wthx166.dll (PUP.Optional.Spigot.A) -> No action taken.
C:\Program Files (x86)\Common Files\Spigot\Search Settings\wthx171.dll (PUP.Optional.Spigot.A) -> No action taken.
C:\Program Files (x86)\Common Files\Spigot\Search Settings\wthx172.dll (PUP.Optional.Spigot.A) -> No action taken.
C:\Program Files (x86)\Common Files\Spigot\Search Settings\wthx173.dll (PUP.Optional.Spigot.A) -> No action taken.
C:\Program Files (x86)\Common Files\Spigot\Search Settings\wthx174.dll (PUP.Optional.Spigot.A) -> No action taken.
C:\Program Files (x86)\Common Files\Spigot\Search Settings\wthx175.dll (PUP.Optional.Spigot.A) -> No action taken.
C:\Program Files (x86)\Common Files\Spigot\Search Settings\wthx176.dll (PUP.Optional.Spigot.A) -> No action taken.
C:\Program Files (x86)\Common Files\Spigot\Search Settings\wthx178.dll (PUP.Optional.Spigot.A) -> No action taken.
C:\Program Files (x86)\Common Files\Spigot\Search Settings\wthx179.dll (PUP.Optional.Spigot.A) -> No action taken.
C:\Program Files (x86)\Common Files\Spigot\Search Settings\wthx180.dll (PUP.Optional.Spigot.A) -> No action taken.
C:\Program Files (x86)\Common Files\Spigot\Search Settings\wthx181.dll (PUP.Optional.Spigot.A) -> No action taken.
C:\Program Files (x86)\Common Files\Spigot\Search Settings\yahoo_ff.xml (PUP.Optional.Spigot.A) -> No action taken.
C:\Program Files (x86)\Common Files\Spigot\Search Settings\yahoo_ie.xml (PUP.Optional.Spigot.A) -> No action taken.
C:\Program Files (x86)\Common Files\Spigot\Search Settings\yandex_ff.xml (PUP.Optional.Spigot.A) -> No action taken.
C:\Program Files (x86)\Common Files\Spigot\Search Settings\yandex_ie.xml (PUP.Optional.Spigot.A) -> No action taken.
C:\Program Files (x86)\Common Files\Spigot\Search Settings\Lang\res1031.ini (PUP.Optional.Spigot.A) -> No action taken.
C:\Program Files (x86)\Common Files\Spigot\Search Settings\Lang\res1033.ini (PUP.Optional.Spigot.A) -> No action taken.
C:\Program Files (x86)\Common Files\Spigot\Search Settings\Lang\res1034.ini (PUP.Optional.Spigot.A) -> No action taken.
C:\Program Files (x86)\Common Files\Spigot\Search Settings\Lang\res1036.ini (PUP.Optional.Spigot.A) -> No action taken.
C:\Program Files (x86)\Common Files\Spigot\Search Settings\Lang\res1040.ini (PUP.Optional.Spigot.A) -> No action taken.
C:\Users\Tim\AppData\Roaming\Niyhafr\maiso.exe (Spyware.Zbot) -> Delete on reboot.
B:\Adobe_CS5_Install-Files\KEYGEN\CORE10k.EXE (PUP.Keygen.Intro) -> Quarantined and deleted successfully.
B:\Adobe_CS5_Install-Files\KEYGEN\keygen.exe (Trojan.Agent.CK) -> Quarantined and deleted successfully.
B:\ACAD_2011\xf-a2011-64bits.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully.
C:\$Recycle.Bin\S-1-5-21-3845494938-3895700647-4173336886-1000\$R0UJ2V0.exe (Trojan.FakeDoc) -> Quarantined and deleted successfully.
C:\$Recycle.Bin\S-1-5-21-3845494938-3895700647-4173336886-1000\$RAGC6EH.exe (Spyware.Zbot.ED) -> Quarantined and deleted successfully.
C:\Program Files\Autodesk\AutoCAD 2013\xf-autocad-kg_x64.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully.
C:\Program Files\Autodesk\AutoCAD 2014\xf-adsk64.exe (Trojan.Agent.CK) -> Quarantined and deleted successfully.
C:\Program Files\Autodesk\Revit Architecture 2014\xf-adsk64.exe (Trojan.Agent.CK) -> Quarantined and deleted successfully.
C:\Users\Tim\AppData\Local\jewocmbf.exe (Spyware.Zbot.ED) -> Quarantined and deleted successfully.
C:\Users\Tim\AppData\Local\tpiamfle.exe (Spyware.Zbot.ED) -> Quarantined and deleted successfully.
C:\Users\Tim\AppData\Local\Temp\UpdateFlashPlayer_3d3d27c8.exe (Spyware.Zbot.ED) -> Quarantined and deleted successfully.
C:\Users\Tim\AppData\Local\Temp\UpdateFlashPlayer_632afce1.exe (Spyware.Zbot.ED) -> Quarantined and deleted successfully.
C:\Users\Tim\AppData\Local\Temp\UpdateFlashPlayer_7c1a8aeb.exe (Spyware.Zbot) -> Quarantined and deleted successfully.
C:\Users\Tim\AppData\Local\Temp\UpdateFlashPlayer_9143dd6c.exe (Spyware.Zbot.ED) -> Quarantined and deleted successfully.
C:\Users\Tim\AppData\Local\Temp\UpdateFlashPlayer_b8628786.exe (Spyware.Zbot) -> Quarantined and deleted successfully.
C:\Users\Tim\AppData\Local\Temp\UpdateFlashPlayer_badd32d1.exe (Spyware.Zbot.ED) -> Quarantined and deleted successfully.
C:\Users\Tim\AppData\Local\Temp\UpdateFlashPlayer_eea2fe6e.exe (Spyware.Zbot) -> Quarantined and deleted successfully.
C:\Users\Tim\AppData\Roaming\Ryobnafa\vyyhysq.exe (Spyware.Zbot) -> Quarantined and deleted successfully.
I:\Adobe CS5.5 Master Collection\adobemasterkeygen55.exe (Trojan.Agent.ck) -> Quarantined and deleted successfully.
C:\Windows\Tasks\Security Center Update - 1284238768.job (Trojan.Agent.RvGen) -> Quarantined and deleted successfully.
C:\Windows\Tasks\Security Center Update - 1634419559.job (Trojan.Agent.RvGen) -> Quarantined and deleted successfully.
C:\Windows\Tasks\Security Center Update - 3869222201.job (Trojan.Agent.RvGen) -> Quarantined and deleted successfully.

(end)


 


Edited by TOehlerking, 02 May 2014 - 10:00 AM.


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:18 PM

Posted 02 May 2014 - 10:58 AM

Hello and welcome. You should update MBAM to Version 2, rerun it and have it Remove all those findings..
Then do these.


Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
    Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



    Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
  • .
    .
    .
    ADW Cleaner

    Please download AdwCleaner by Xplode and save to your Desktop.
  • Double-click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
  • -- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on each one and uncheck any items you want to keep (except you cannot uncheck Chrome and Firefox preferences lines).


    .

    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  • .
    .
    .
    .
  • Last run ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 TOehlerking

TOehlerking
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:08:18 PM

Posted 02 May 2014 - 11:56 AM

Thank you for the help!

 

Here is the updated Malware bytes log:

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 5/2/2014
Scan Time: 11:47:27 AM
Logfile: New malwarebytes log 1.txt
Administrator: Yes

Version: 2.00.1.1004
Malware Database: v2014.05.02.10
Rootkit Database: v2014.03.27.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Chameleon: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Tim

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 346062
Time Elapsed: 21 min, 13 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Shuriken: Enabled
PUP: Warn
PUM: Enabled

Processes: 3
Spyware.Zbot, C:\Users\Tim\AppData\Roaming\Kamuan\ivrao.exe, 2132, , [267caba1017a65d1c272c8ac06fb12ee]
Spyware.Zbot, C:\Users\Tim\AppData\Roaming\Kamuan\ivrao.exe, 4516, , [267caba1017a65d1c272c8ac06fb12ee]
Spyware.Zbot, C:\Users\Tim\AppData\Roaming\Kamuan\ivrao.exe, 8628, , [267caba1017a65d1c272c8ac06fb12ee]

Modules: 0
(No malicious items detected)

Registry Keys: 2
PUP.Optional.SavingsBull.A, HKLM\SOFTWARE\Savings Bull, , [f8aa88c45526ea4cd60a681fe0226a96],
PUP.Optional.PlusHD.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Plus-HD-7.7, , [3c66410b3b40fe38d800601e29d9619f],

Registry Values: 4
Spyware.Zbot, HKU\S-1-5-21-3845494938-3895700647-4173336886-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Utgyci, C:\Users\Tim\AppData\Roaming\Kamuan\ivrao.exe, , [267caba1017a65d1c272c8ac06fb12ee]
Spyware.Zbot, HKU\S-1-5-21-3845494938-3895700647-4173336886-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Utgyci, C:\Users\Tim\AppData\Roaming\Kamuan\ivrao.exe, , [267caba1017a65d1c272c8ac06fb12ee]
Spyware.Zbot, HKU\S-1-5-21-3845494938-3895700647-4173336886-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Xiizylapitq, C:\Users\Tim\AppData\Roaming\Ibkaqor\pimade.exe, , [e6bc96b6c8b39d99db59195be12002fe]
Spyware.Zbot, HKU\S-1-5-21-3845494938-3895700647-4173336886-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Xiizylapitq, C:\Users\Tim\AppData\Roaming\Ibkaqor\pimade.exe, , [e6bc96b6c8b39d99db59195be12002fe]

Registry Data: 0
(No malicious items detected)

Folders: 56
PUP.Optional.SavingsBull.A, C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\kqmgzf7s.default-1383085496970\extensions\SavingsBull@jetpack, , [564c69e3a4d72f073119224ba55d43bd],
PUP.Optional.SavingsBull.A, C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\kqmgzf7s.default-1383085496970\extensions\SavingsBull@jetpack\defaults, , [564c69e3a4d72f073119224ba55d43bd],
PUP.Optional.SavingsBull.A, C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\kqmgzf7s.default-1383085496970\extensions\SavingsBull@jetpack\defaults\preferences, , [564c69e3a4d72f073119224ba55d43bd],
PUP.Optional.SavingsBull.A, C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\kqmgzf7s.default-1383085496970\extensions\SavingsBull@jetpack\locale, , [564c69e3a4d72f073119224ba55d43bd],
PUP.Optional.SavingsBull.A, C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\kqmgzf7s.default-1383085496970\extensions\SavingsBull@jetpack\resources, , [564c69e3a4d72f073119224ba55d43bd],
PUP.Optional.SavingsBull.A, C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\kqmgzf7s.default-1383085496970\extensions\SavingsBull@jetpack\resources\addon-kit, , [564c69e3a4d72f073119224ba55d43bd],
PUP.Optional.SavingsBull.A, C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\kqmgzf7s.default-1383085496970\extensions\SavingsBull@jetpack\resources\addon-kit\data, , [564c69e3a4d72f073119224ba55d43bd],
PUP.Optional.SavingsBull.A, C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\kqmgzf7s.default-1383085496970\extensions\SavingsBull@jetpack\resources\addon-kit\lib, , [564c69e3a4d72f073119224ba55d43bd],
PUP.Optional.SavingsBull.A, C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\kqmgzf7s.default-1383085496970\extensions\SavingsBull@jetpack\resources\api-utils, , [564c69e3a4d72f073119224ba55d43bd],
PUP.Optional.SavingsBull.A, C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\kqmgzf7s.default-1383085496970\extensions\SavingsBull@jetpack\resources\api-utils\data, , [564c69e3a4d72f073119224ba55d43bd],
PUP.Optional.SavingsBull.A, C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\kqmgzf7s.default-1383085496970\extensions\SavingsBull@jetpack\resources\api-utils\lib, , [564c69e3a4d72f073119224ba55d43bd],
PUP.Optional.SavingsBull.A, C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\kqmgzf7s.default-1383085496970\extensions\SavingsBull@jetpack\resources\api-utils\lib\addon, , [564c69e3a4d72f073119224ba55d43bd],
PUP.Optional.SavingsBull.A, C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\kqmgzf7s.default-1383085496970\extensions\SavingsBull@jetpack\resources\api-utils\lib\content, , [564c69e3a4d72f073119224ba55d43bd],
PUP.Optional.SavingsBull.A, C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\kqmgzf7s.default-1383085496970\extensions\SavingsBull@jetpack\resources\api-utils\lib\dom, , [564c69e3a4d72f073119224ba55d43bd],
PUP.Optional.SavingsBull.A, C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\kqmgzf7s.default-1383085496970\extensions\SavingsBull@jetpack\resources\api-utils\lib\event, , [564c69e3a4d72f073119224ba55d43bd],
PUP.Optional.SavingsBull.A, C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\kqmgzf7s.default-1383085496970\extensions\SavingsBull@jetpack\resources\api-utils\lib\events, , [564c69e3a4d72f073119224ba55d43bd],
PUP.Optional.SavingsBull.A, C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\kqmgzf7s.default-1383085496970\extensions\SavingsBull@jetpack\resources\api-utils\lib\l10n, , [564c69e3a4d72f073119224ba55d43bd],
PUP.Optional.SavingsBull.A, C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\kqmgzf7s.default-1383085496970\extensions\SavingsBull@jetpack\resources\api-utils\lib\private-browsing, , [564c69e3a4d72f073119224ba55d43bd],
PUP.Optional.SavingsBull.A, C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\kqmgzf7s.default-1383085496970\extensions\SavingsBull@jetpack\resources\api-utils\lib\system, , [564c69e3a4d72f073119224ba55d43bd],
PUP.Optional.SavingsBull.A, C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\kqmgzf7s.default-1383085496970\extensions\SavingsBull@jetpack\resources\api-utils\lib\tabs, , [564c69e3a4d72f073119224ba55d43bd],
PUP.Optional.SavingsBull.A, C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\kqmgzf7s.default-1383085496970\extensions\SavingsBull@jetpack\resources\api-utils\lib\traits, , [564c69e3a4d72f073119224ba55d43bd],
PUP.Optional.SavingsBull.A, C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\kqmgzf7s.default-1383085496970\extensions\SavingsBull@jetpack\resources\api-utils\lib\utils, , [564c69e3a4d72f073119224ba55d43bd],
PUP.Optional.SavingsBull.A, C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\kqmgzf7s.default-1383085496970\extensions\SavingsBull@jetpack\resources\api-utils\lib\window, , [564c69e3a4d72f073119224ba55d43bd],
PUP.Optional.SavingsBull.A, C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\kqmgzf7s.default-1383085496970\extensions\SavingsBull@jetpack\resources\api-utils\lib\windows, , [564c69e3a4d72f073119224ba55d43bd],
PUP.Optional.SavingsBull.A, C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\kqmgzf7s.default-1383085496970\extensions\SavingsBull@jetpack\resources\SavingsBull, , [564c69e3a4d72f073119224ba55d43bd],
PUP.Optional.SavingsBull.A, C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\kqmgzf7s.default-1383085496970\extensions\SavingsBull@jetpack\resources\SavingsBull\data, , [564c69e3a4d72f073119224ba55d43bd],
PUP.Optional.SavingsBull.A, C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\kqmgzf7s.default-1383085496970\extensions\SavingsBull@jetpack\resources\SavingsBull\lib, , [564c69e3a4d72f073119224ba55d43bd],
PUP.Optional.SavingsBull.A, C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\kqmgzf7s.default-1383085496970\extensions\SavingsBull@jetpack\resources\SavingsBull\tests, , [564c69e3a4d72f073119224ba55d43bd],
PUP.Optional.SavingsBull.A, C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\ojyky0ju.default-1352145342368\extensions\SavingsBull@jetpack, , [f2b06fdd790282b4e565224bfc06fc04],
PUP.Optional.SavingsBull.A, C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\ojyky0ju.default-1352145342368\extensions\SavingsBull@jetpack\defaults, , [f2b06fdd790282b4e565224bfc06fc04],
PUP.Optional.SavingsBull.A, C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\ojyky0ju.default-1352145342368\extensions\SavingsBull@jetpack\defaults\preferences, , [f2b06fdd790282b4e565224bfc06fc04],
PUP.Optional.SavingsBull.A, C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\ojyky0ju.default-1352145342368\extensions\SavingsBull@jetpack\locale, , [f2b06fdd790282b4e565224bfc06fc04],
PUP.Optional.SavingsBull.A, C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\ojyky0ju.default-1352145342368\extensions\SavingsBull@jetpack\resources, , [f2b06fdd790282b4e565224bfc06fc04],
PUP.Optional.SavingsBull.A, C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\ojyky0ju.default-1352145342368\extensions\SavingsBull@jetpack\resources\addon-kit, , [f2b06fdd790282b4e565224bfc06fc04],
PUP.Optional.SavingsBull.A, C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\ojyky0ju.default-1352145342368\extensions\SavingsBull@jetpack\resources\addon-kit\data, , [f2b06fdd790282b4e565224bfc06fc04],
PUP.Optional.SavingsBull.A, C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\ojyky0ju.default-1352145342368\extensions\SavingsBull@jetpack\resources\addon-kit\lib, , [f2b06fdd790282b4e565224bfc06fc04],
PUP.Optional.SavingsBull.A, C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\ojyky0ju.default-1352145342368\extensions\SavingsBull@jetpack\resources\api-utils, , [f2b06fdd790282b4e565224bfc06fc04],
PUP.Optional.SavingsBull.A, C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\ojyky0ju.default-1352145342368\extensions\SavingsBull@jetpack\resources\api-utils\data, , [f2b06fdd790282b4e565224bfc06fc04],
PUP.Optional.SavingsBull.A, C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\ojyky0ju.default-1352145342368\extensions\SavingsBull@jetpack\resources\api-utils\lib, , [f2b06fdd790282b4e565224bfc06fc04],
PUP.Optional.SavingsBull.A, C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\ojyky0ju.default-1352145342368\extensions\SavingsBull@jetpack\resources\api-utils\lib\addon, , [f2b06fdd790282b4e565224bfc06fc04],
PUP.Optional.SavingsBull.A, C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\ojyky0ju.default-1352145342368\extensions\SavingsBull@jetpack\resources\api-utils\lib\content, , [f2b06fdd790282b4e565224bfc06fc04],
PUP.Optional.SavingsBull.A, C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\ojyky0ju.default-1352145342368\extensions\SavingsBull@jetpack\resources\api-utils\lib\dom, , [f2b06fdd790282b4e565224bfc06fc04],
PUP.Optional.SavingsBull.A, C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\ojyky0ju.default-1352145342368\extensions\SavingsBull@jetpack\resources\api-utils\lib\event, , [f2b06fdd790282b4e565224bfc06fc04],
PUP.Optional.SavingsBull.A, C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\ojyky0ju.default-1352145342368\extensions\SavingsBull@jetpack\resources\api-utils\lib\events, , [f2b06fdd790282b4e565224bfc06fc04],
PUP.Optional.SavingsBull.A, C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\ojyky0ju.default-1352145342368\extensions\SavingsBull@jetpack\resources\api-utils\lib\l10n, , [f2b06fdd790282b4e565224bfc06fc04],
PUP.Optional.SavingsBull.A, C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\ojyky0ju.default-1352145342368\extensions\SavingsBull@jetpack\resources\api-utils\lib\private-browsing, , [f2b06fdd790282b4e565224bfc06fc04],
PUP.Optional.SavingsBull.A, C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\ojyky0ju.default-1352145342368\extensions\SavingsBull@jetpack\resources\api-utils\lib\system, , [f2b06fdd790282b4e565224bfc06fc04],
PUP.Optional.SavingsBull.A, C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\ojyky0ju.default-1352145342368\extensions\SavingsBull@jetpack\resources\api-utils\lib\tabs, , [f2b06fdd790282b4e565224bfc06fc04],
PUP.Optional.SavingsBull.A, C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\ojyky0ju.default-1352145342368\extensions\SavingsBull@jetpack\resources\api-utils\lib\traits, , [f2b06fdd790282b4e565224bfc06fc04],
PUP.Optional.SavingsBull.A, C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\ojyky0ju.default-1352145342368\extensions\SavingsBull@jetpack\resources\api-utils\lib\utils, , [f2b06fdd790282b4e565224bfc06fc04],
PUP.Optional.SavingsBull.A, C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\ojyky0ju.default-1352145342368\extensions\SavingsBull@jetpack\resources\api-utils\lib\window, , [f2b06fdd790282b4e565224bfc06fc04],
PUP.Optional.SavingsBull.A, C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\ojyky0ju.default-1352145342368\extensions\SavingsBull@jetpack\resources\api-utils\lib\windows, , [f2b06fdd790282b4e565224bfc06fc04],
PUP.Optional.SavingsBull.A, C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\ojyky0ju.default-1352145342368\extensions\SavingsBull@jetpack\resources\SavingsBull, , [f2b06fdd790282b4e565224bfc06fc04],
PUP.Optional.SavingsBull.A, C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\ojyky0ju.default-1352145342368\extensions\SavingsBull@jetpack\resources\SavingsBull\data, , [f2b06fdd790282b4e565224bfc06fc04],
PUP.Optional.SavingsBull.A, C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\ojyky0ju.default-1352145342368\extensions\SavingsBull@jetpack\resources\SavingsBull\lib, , [f2b06fdd790282b4e565224bfc06fc04],
PUP.Optional.SavingsBull.A, C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\ojyky0ju.default-1352145342368\extensions\SavingsBull@jetpack\resources\SavingsBull\tests, , [f2b06fdd790282b4e565224bfc06fc04],

Files: 7
Spyware.Zbot, C:\Users\Tim\AppData\Roaming\Kamuan\ivrao.exe, , [267caba1017a65d1c272c8ac06fb12ee],
Spyware.Zbot, C:\Users\Tim\AppData\Roaming\Ibkaqor\pimade.exe, , [e6bc96b6c8b39d99db59195be12002fe],
Spyware.Zbot, C:\Users\Tim\AppData\Local\Temp\UpdateFlashPlayer_99b42793.exe, , [9a083814c0bb89ada78dde9639c8be42],
Spyware.Zbot, C:\Users\Tim\AppData\Local\Temp\UpdateFlashPlayer_b8fc457b.exe, , [aef43d0f027975c13afa0c6899682bd5],
PUP.Optional.PCPerformer.A, C:\Windows\System32\roboot64.exe, , [990952fa3c3fed490cc11570f0121ce4],
Trojan.Agent.RvGen, C:\Windows\Tasks\Security Center Update - 2956622822.job, , [6f33f8548fec211570c08707f013e818],
Trojan.Agent.RvGen, C:\Windows\Tasks\Security Center Update - 4913537.job, , [f9a91b317407ff3772be35593dc603fd],

Physical Sectors: 0
(No malicious items detected)


(end)

Mini Tool Box results:

MiniToolBox by Farbar  Version: 23-01-2014
Ran by Tim (administrator) on 02-05-2014 at 11:58:35
Running from "C:\Users\Tim\Desktop"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================


127.0.0.1 activate.adobe.com
127.0.0.1 activate.adobe.com

========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection (Connected)
Atheros 802.11 a/b/g/n Dualband Wireless Network Module = Wireless Network Connection (Connected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : Tim-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : Belkin

Wireless LAN adapter Wireless Network Connection 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
   Physical Address. . . . . . . . . : 06-21-00-C2-C6-13
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . : Belkin
   Description . . . . . . . . . . . : Atheros 802.11 a/b/g/n Dualband Wireless Network Module
   Physical Address. . . . . . . . . : 00-21-00-C2-C6-13
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::545e:96af:7103:4cbf%11(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.2.5(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Friday, May 02, 2014 11:49:51 AM
   Lease Expires . . . . . . . . . . : Monday, June 08, 2150 6:27:05 PM
   Default Gateway . . . . . . . . . : 192.168.2.1
   DHCP Server . . . . . . . . . . . : 192.168.2.1
   DHCPv6 IAID . . . . . . . . . . . : 218112256
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-C9-F6-09-00-24-21-23-7A-47
   DNS Servers . . . . . . . . . . . : 192.168.2.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . : Belkin
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : 00-24-21-23-7A-47
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::c415:ce4b:569d:8383%10(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.2.3(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Friday, May 02, 2014 11:49:46 AM
   Lease Expires . . . . . . . . . . : Monday, June 08, 2150 6:27:05 PM
   Default Gateway . . . . . . . . . : 192.168.2.1
   DHCP Server . . . . . . . . . . . : 192.168.2.1
   DHCPv6 IAID . . . . . . . . . . . : 234890273
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-C9-F6-09-00-24-21-23-7A-47
   DNS Servers . . . . . . . . . . . : 192.168.2.1
   NetBIOS over Tcpip. . . . . . . . : Enabled
Server:  router.Belkin
Address:  192.168.2.1

Name:    google.com
Addresses:  2607:f8b0:4000:807::1008
      74.125.225.226
      74.125.225.227
      74.125.225.228
      74.125.225.229
      74.125.225.230
      74.125.225.231
      74.125.225.232
      74.125.225.233
      74.125.225.238
      74.125.225.224
      74.125.225.225


Pinging google.com [74.125.225.225] with 32 bytes of data:
Reply from 74.125.225.225: bytes=32 time=525ms TTL=50
Reply from 74.125.225.225: bytes=32 time=477ms TTL=50

Ping statistics for 74.125.225.225:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 477ms, Maximum = 525ms, Average = 501ms
Server:  router.Belkin
Address:  192.168.2.1

Name:    yahoo.com
Addresses:  98.139.183.24
      206.190.36.45
      98.138.253.109


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=703ms TTL=45
Reply from 98.138.253.109: bytes=32 time=757ms TTL=45

Ping statistics for 98.138.253.109:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 703ms, Maximum = 757ms, Average = 730ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 16...06 21 00 c2 c6 13 ......Microsoft Virtual WiFi Miniport Adapter
 11...00 21 00 c2 c6 13 ......Atheros 802.11 a/b/g/n Dualband Wireless Network Module
 10...00 24 21 23 7a 47 ......Realtek PCIe GBE Family Controller
  1...........................Software Loopback Interface 1
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.2.1      192.168.2.3     10
          0.0.0.0          0.0.0.0      192.168.2.1      192.168.2.5     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.2.0    255.255.255.0         On-link       192.168.2.3    266
      192.168.2.0    255.255.255.0         On-link       192.168.2.5    281
      192.168.2.3  255.255.255.255         On-link       192.168.2.3    266
      192.168.2.5  255.255.255.255         On-link       192.168.2.5    281
    192.168.2.255  255.255.255.255         On-link       192.168.2.3    266
    192.168.2.255  255.255.255.255         On-link       192.168.2.5    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link       192.168.2.3    266
        224.0.0.0        240.0.0.0         On-link       192.168.2.5    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link       192.168.2.3    266
  255.255.255.255  255.255.255.255         On-link       192.168.2.5    281
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 10    266 fe80::/64                On-link
 11    281 fe80::/64                On-link
 11    281 fe80::545e:96af:7103:4cbf/128
                                    On-link
 10    266 fe80::c415:ce4b:569d:8383/128
                                    On-link
  1    306 ff00::/8                 On-link
 10    266 ff00::/8                 On-link
 11    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (05/02/2014 11:28:16 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (05/02/2014 11:24:45 AM) (Source: Application Error) (User: )
Description: Faulting application name: ivrao.exe, version: 0.0.0.0, time stamp: 0x5349a356
Faulting module name: Flash32_13_0_0_206.ocx, version: 13.0.0.206, time stamp: 0x53519a13
Exception code: 0xc0000005
Fault offset: 0x0020c646
Faulting process id: 0x2304
Faulting application start time: 0xivrao.exe0
Faulting application path: ivrao.exe1
Faulting module path: ivrao.exe2
Report Id: ivrao.exe3

Error: (05/02/2014 11:15:45 AM) (Source: MsiInstaller) (User: Tim-PC)
Description: Product: SolutionCenter -- Error 1706. An installation package for the product SolutionCenter cannot be found. Try the installation again using a valid copy of the installation package 'SolutionCenter.msi'.

Error: (05/02/2014 10:28:10 AM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore.exe, version: 11.0.9600.17041, time stamp: 0x53180888
Faulting module name: Flash64_13_0_0_206.ocx, version: 13.0.0.206, time stamp: 0x5351a284
Exception code: 0xc0000005
Fault offset: 0x00000000002b7bec
Faulting process id: 0x401c
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (05/02/2014 10:11:05 AM) (Source: Application Error) (User: )
Description: Faulting application name: ivrao.exe, version: 0.0.0.0, time stamp: 0x5349a356
Faulting module name: Flash32_13_0_0_206.ocx, version: 13.0.0.206, time stamp: 0x53519a13
Exception code: 0xc0000005
Fault offset: 0x0020c646
Faulting process id: 0x348c
Faulting application start time: 0xivrao.exe0
Faulting application path: ivrao.exe1
Faulting module path: ivrao.exe2
Report Id: ivrao.exe3

Error: (05/02/2014 09:58:44 AM) (Source: Application Error) (User: )
Description: Faulting application name: ivrao.exe, version: 0.0.0.0, time stamp: 0x5349a356
Faulting module name: Flash32_13_0_0_206.ocx, version: 13.0.0.206, time stamp: 0x53519a13
Exception code: 0xc0000005
Fault offset: 0x0020c646
Faulting process id: 0x24b0
Faulting application start time: 0xivrao.exe0
Faulting application path: ivrao.exe1
Faulting module path: ivrao.exe2
Report Id: ivrao.exe3

Error: (05/02/2014 09:58:20 AM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore.exe, version: 11.0.9600.17041, time stamp: 0x53180888
Faulting module name: mshtml.dll, version: 11.0.9600.17041, time stamp: 0x53184ad4
Exception code: 0xc00000fd
Fault offset: 0x000000000005d228
Faulting process id: 0x768
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (05/02/2014 09:28:09 AM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore.exe, version: 11.0.9600.17041, time stamp: 0x53180888
Faulting module name: mshtml.dll, version: 11.0.9600.17041, time stamp: 0x53184ad4
Exception code: 0xc00000fd
Fault offset: 0x000000000005becf
Faulting process id: 0x2530
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (05/02/2014 08:57:32 AM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore.exe, version: 11.0.9600.17041, time stamp: 0x53180888
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0000000000000000
Faulting process id: 0x22d0
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (05/02/2014 08:11:57 AM) (Source: MsiInstaller) (User: Tim-PC)
Description: Product: SolutionCenter -- Error 1706. An installation package for the product SolutionCenter cannot be found. Try the installation again using a valid copy of the installation package 'SolutionCenter.msi'.


System errors:
=============
Error: (05/02/2014 11:52:52 AM) (Source: Service Control Manager) (User: )
Description: The LiveUpdate service terminated unexpectedly.  It has done this 1 time(s).

Error: (05/02/2014 11:52:11 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the QBCFMonitorService service to connect.

Error: (05/02/2014 11:51:31 AM) (Source: Service Control Manager) (User: )
Description: The mysql service failed to start due to the following error:
%%3

Error: (05/02/2014 11:51:31 AM) (Source: Service Control Manager) (User: )
Description: The MCSTRM service failed to start due to the following error:
%%2

Error: (05/02/2014 11:51:22 AM) (Source: Service Control Manager) (User: )
Description: The Garmin Core Update Service service failed to start due to the following error:
%%1053

Error: (05/02/2014 11:51:22 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Garmin Core Update Service service to connect.

Error: (05/02/2014 11:51:00 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (05/02/2014 11:50:47 AM) (Source: Service Control Manager) (User: )
Description: The Autodesk Content Service service failed to start due to the following error:
%%1053

Error: (05/02/2014 11:50:47 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Autodesk Content Service service to connect.

Error: (05/02/2014 11:50:09 AM) (Source: Service Control Manager) (User: )
Description: The Apache2.2 service failed to start due to the following error:
%%3


Microsoft Office Sessions:
=========================
Error: (05/01/2014 04:18:32 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6691.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 11688 seconds with 120 seconds of active time.  This session ended with a crash.

Error: (01/11/2013 03:43:24 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6661.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 36 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (10/11/2012 04:44:38 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1970 seconds with 300 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2014-05-01 22:39:14.276
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows.old\Windows\winsxs\wow64_microsoft-windows-tpm-driver-wmi_31bf3856ad364e35_6.0.6000.16386_none_d3c9923ab016e8cf\Win32_Tpm.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-05-01 22:39:13.668
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows.old\Windows\winsxs\wow64_microsoft-windows-tpm-driver-wmi_31bf3856ad364e35_6.0.6000.16386_none_d3c9923ab016e8cf\Win32_Tpm.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-05-01 22:39:13.060
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows.old\Windows\winsxs\wow64_microsoft-windows-tpm-driver-wmi_31bf3856ad364e35_6.0.6000.16386_none_d3c9923ab016e8cf\Win32_Tpm.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-05-01 22:38:48.566
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows.old\Windows\winsxs\wow64_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6000.16386_none_52c91746df38caec\bcrypt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-05-01 22:38:47.957
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows.old\Windows\winsxs\wow64_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6000.16386_none_52c91746df38caec\bcrypt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-05-01 22:38:47.318
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows.old\Windows\winsxs\wow64_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6000.16386_none_52c91746df38caec\bcrypt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-05-01 22:37:46.601
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows.old\Windows\winsxs\Backup\wow64_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6000.16386_none_52c91746df38caec_bcrypt.dll_e2f091ac because the set of per-page image hashes could not be found on the system.

  Date: 2014-05-01 22:37:46.040
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows.old\Windows\winsxs\Backup\wow64_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6000.16386_none_52c91746df38caec_bcrypt.dll_e2f091ac because the set of per-page image hashes could not be found on the system.

  Date: 2014-05-01 22:37:45.416
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows.old\Windows\winsxs\Backup\wow64_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6000.16386_none_52c91746df38caec_bcrypt.dll_e2f091ac because the set of per-page image hashes could not be found on the system.

  Date: 2014-05-01 22:37:11.251
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows.old\Windows\winsxs\Backup\amd64_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6000.16386_none_48746cf4aad808f1_bcrypt.dll_e2f091ac because the set of per-page image hashes could not be found on the system.


=========================== Installed Programs ============================

 Update for Microsoft Office 2007 (KB2508958)
64 Bit HP CIO Components Installer (Version: 7.2.8)
7-Zip 9.21 (x64 edition) (Version: 9.21.00.0)
AccelerateTab (Version: 2.0)
Acronis True Image Home 2011 (Version: 14.0.6597)
Add or Remove Adobe Creative Suite 3 Master Collection (Version: 1.0)
Adobe Acrobat 8 Professional (Version: 8.1.0)
Adobe After Effects CS3 (Version: 8)
Adobe After Effects CS3 Presets (Version: 8)
Adobe AIR (Version: 3.5.0.880)
Adobe Anchor Service CS3 (Version: 1.0)
Adobe Asset Services CS3 (Version: 3)
Adobe Bridge CS3 (Version: 2)
Adobe Bridge Start Meeting (Version: 1.0)
Adobe BridgeTalk Plugin CS3 (Version: 1.0)
Adobe Camera Raw 4.0 (Version: 4.0)
Adobe CMaps (Version: 1.0)
Adobe Color - Photoshop Specific (Version: 1.0)
Adobe Color Common Settings (Version: 1.0)
Adobe Color EU Extra Settings (Version: 1.0)
Adobe Color JA Extra Settings (Version: 1.0)
Adobe Color NA Recommended Settings (Version: 1.0)
Adobe Community Help (Version: 3.0.0)
Adobe Community Help (Version: 3.0.0.400)
Adobe ConnectNow Add-in
Adobe Contribute CS3 (Version: 4.1)
Adobe Creative Suite 5 Master Collection (Version: 5.0)
Adobe Default Language CS3 (Version: 1.0)
Adobe Device Central CS3 (Version: 1.0)
Adobe Dreamweaver CS3 (Version: 9)
Adobe Encore CS3 (Version: 3)
Adobe Encore CS3 Codecs (Version: 3)
Adobe ExtendScript Toolkit 2 (Version: 2.0)
Adobe Extension Manager CS3 (Version: 1.8)
Adobe Fireworks CS3 (Version: 9.0)
Adobe Flash CS3 (Version: 9.0)
Adobe Flash Player 13 ActiveX (Version: 13.0.0.206)
Adobe Flash Player 13 Plugin (Version: 13.0.0.206)
Adobe Flash Video Encoder (Version: 2.0)
Adobe Fonts All (Version: 1.0)
Adobe Help Viewer CS3 (Version: 1)
Adobe Illustrator CS3 (Version: 13.0)
Adobe InDesign CS3 (Version: 5.0)
Adobe InDesign CS3 Icon Handler (Version: 5.0)
Adobe Linguistics CS3 (Version: 3.0.0)
Adobe Media Player (Version: 1.8)
Adobe MotionPicture Color Files (Version: 1.0)
Adobe PDF Library Files (Version: 8.0)
Adobe Photoshop CS3 (Version: 10)
Adobe Premiere Pro CS3 (Version: 3)
Adobe Premiere Pro CS3 Functional Content (Version: 8)
Adobe Premiere Pro CS3 Third Party Content (Version: 3)
Adobe Reader XI (11.0.04) (Version: 11.0.04)
Adobe Setup (Version: 1.0)
Adobe Shockwave Player 11.5 (Version: 11.5)
Adobe SING CS3 (Version: 0.1)
Adobe Soundbooth CS3 (Version: 1)
Adobe Soundbooth CS3 Codecs (Version: 3)
Adobe Stock Photos CS3 (Version: 1.5)
Adobe Type Support (Version: 1.0)
Adobe Update Manager CS3 (Version: 5.1.0)
Adobe Version Cue CS3 Client (Version: 3)
Adobe Version Cue CS3 Server (Version: 3.0)
Adobe Video Profiles (Version: 1.0)
Adobe WAS CS3 (Version: 1.0)
Adobe WinSoft Linguistics Plugin (Version: 1.0)
Adobe XMP DVA Panels CS3 (Version: 1.0)
Adobe XMP Panels CS3 (Version: 1.0)
Advanced SystemCare 7 (Version: 7.2.1)
AHV content for Acrobat and Flash (Version: 1)
Apple Application Support (Version: 1.5.2)
Apple Mobile Device Support (Version: 3.4.1.2)
Apple Software Update (Version: 2.1.3.127)
AutoCAD 2011 - English (Version: 18.1.49.0)
AutoCAD 2011 Language Pack - English (Version: 18.1.49.0)
AutoCAD 2013 - English (Version: 19.0.55.0)
AutoCAD 2013 Language Pack - English (Version: 19.0.55.0)
AutoCAD 2014 Language Pack - English (Version: 19.1.18.0)
Autodesk 360 (Version: 4.0.27.1)
Autodesk App Manager (Version: 1.1.0)
Autodesk AutoCAD 2014 - English (Version: 19.1.18.0)
Autodesk Content Service (Version: 3.0.84.0)
Autodesk Content Service Language Pack (Version: 3.0.84.0)
Autodesk Design Review 2011 (Version: 11.0.0.86)
Autodesk Featured Apps (Version: 1.1.0)
Autodesk Inventor Fusion 2013 (Version: 2.0.0.206)
Autodesk Inventor Fusion plug-in for AutoCAD 2013 (Version: 0.2.0.230)
Autodesk Inventor Fusion plug-in language pack for AutoCAD 2013 (Version: 0.2.0.230)
Autodesk Material Library 2011 (Version: 2.0.0.49)
Autodesk Material Library 2011 Base Image library (Version: 2.0.0.49)
Autodesk Material Library 2013 (Version: 3.0.13)
Autodesk Material Library 2014 (Version: 4.0.19.0)
Autodesk Material Library Base Resolution Image Library 2013 (Version: 3.0.13)
Autodesk Material Library Base Resolution Image Library 2014 (Version: 4.0.19.0)
Autodesk Material Library Low Resolution Image Library 2014 (Version: 4.0.19.0)
Autodesk Material Library Medium Resolution Image Library 2014 (Version: 4.0.19.0)
Autodesk ReCap (Version: 1.0.43.13)
Autodesk ReCap Language Pack-English (Version: 1.0.43.13)
Autodesk Revit Architecture 2014 (Version: 13.03.08151)
Autodesk Workflows 2014 (Version: 4.0.19.0)
AVG SafeGuard toolbar (Version: 18.1.0.444)
Belkin Setup and Router Monitor
Belkin USB Print and Storage Center (Version: 1.1.3)
Bonjour (Version: 3.0.0.2)
BufferChm (Version: 130.0.331.000)
ChromecastApp (Version: 1.5.316.0)
Citrix Online Launcher (Version: 1.0.153)
Clean Water Action TriMini Reminder by We-Care.com v5.0.3.2 (Version: 5.0.3.2)
Color Cop 5.4.3
Copy (Version: 130.0.428.000)
CustomerResearchQFolder (Version: 1.00.0000)
D3DX10 (Version: 15.4.2368.0902)
DAEMON Tools Lite (Version: 4.47.1.0335)
DefaultTab (Version: 2.2.23.0)
Destinations (Version: 130.0.0.0)
DeviceDiscovery (Version: 130.0.465.000)
DeviceManagementQFolder (Version: 1.00.0000)
Distributed System Design (Version: 3.2)
DJ_AIO_03_F4200_Software_Min (Version: 130.0.365.000)
Dodge View
Driver Booster (Version: 1.3)
Elevated Installer (Version: 2.2.17)
eSupportQFolder (Version: 1.00.0000)
F4200 (Version: 130.0.365.000)
FARO LS 1.1.406.58 (Version: 4.6.58.2)
FARO LS 1.1.501.0 (64bit) (Version: 5.1.0.30630)
Game Booster (Version: 2.4.1.0)
Garmin Express (Version: 2.2.17)
Garmin Express Tray (Version: 2.2.17)
Garmin Update Service (Version: 2.2.17)
Google Chrome (Version: 34.0.1847.131)
Google Drive (Version: 1.15.6464.228)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.5.5111.1712)
Google Update Helper (Version: 1.3.23.9)
GoToMeeting 6.0.0.1259 (Version: 6.0.0.1259)
GPBaseService (Version: 100.0.187.000)
GPBaseService2 (Version: 130.0.371.000)
Hewlett-Packard ACLM.NET v1.1.0.0 (Version: 1.00.0000)
Hightail Desktop App (Version: 2.4.7.1621)
Hightail Express (Version: 2.14.1)
HP Customer Participation Program 10.0 (Version: 10.0)
HP Deskjet F4200 All-In-One Driver Software 13.0 Rel. 3 (Version: 13.0)
HP Imaging Device Functions 13.0 (Version: 13.0)
HP Photosmart Essential 2.5 (Version: 1.02.0000)
HP Photosmart Essential 2.5 (Version: 2.5)
HP Product Detection (Version: 11.14.0001)
HP Smart Web Printing 4.51 (Version: 4.51)
HP Solution Center 13.0 (Version: 13.0)
HP Update (Version: 5.005.000.002)
HPDiagnosticAlert (Version: 1.00.0000)
HPPhotoGadget (Version: 130.0.282.000)
HPProductAssistant (Version: 130.0.371.000)
HPSSupply (Version: 130.0.371.000)
HTC BMP USB Driver (Version: 1.0.5375)
HTC Driver Installer (Version: 4.0.1.001)
HTC Sync (Version: 3.3.21)
IObit Apps Toolbar v9.1 (Version: 9.1)
IObit Toolbar v9.1 (Version: 9.1)
IObit Uninstaller (Version: 3.1.8.2434)
IPTInstaller (Version: 4.0.8)
iTunes (Version: 10.4.0.80)
Java 7 Update 21 (Version: 7.0.210)
Java 7 Update 45 (64-bit) (Version: 7.0.450)
Java Auto Updater (Version: 2.1.9.5)
Landlord Forms
Malwarebytes Anti-Malware version 2.0.1.1004 (Version: 2.0.1.1004)
MarketResearch (Version: 100.0.170.000)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.30214.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 x64 ATL Runtime 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 x64 CRT Runtime 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 x64 MFC Runtime 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 x64 OpenMP Runtime 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 x86 ATL Runtime 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 x86 CRT Runtime 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 x86 MFC Runtime 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 x86 OpenMP Runtime 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Movie Maker (Version: 16.4.3508.0205)
Mozilla Firefox 28.0 (x86 en-US) (Version: 28.0)
Mozilla Maintenance Service (Version: 28.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT110 (Version: 16.4.1108.0727)
MSVCRT110_amd64 (Version: 16.4.1109.0912)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0)
MSXML 4.0 SP3 Parser (KB2758694) (Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)
Notepad++ (Version: 5.9.3)
NVIDIA Control Panel 335.23 (Version: 335.23)
NVIDIA Install Application (Version: 2.1002.145.1024)
NVIDIA Update 1.3.5 (Version: 1.3.5)
NVIDIA Update Components (Version: 1.3.5)
PDF Settings (Version: 1.0)
PDF Settings CS5 (Version: 10.0)
Photo Gallery (Version: 16.4.3508.0205)
ProMash (Version: 1.8.a)
Protected Folder
PSSWCORE (Version: 2.02.0000)
PxMergeModule (Version: 1.00.0000)
QuickBooks Premier: Professional Services Edition 2008 (Version: 18.0.4010.606)
QuickTime (Version: 7.69.80.9)
Realtek High Definition Audio Driver (Version: 6.0.1.7183)
Revit Architecture 2014 Language Pack - English (Version: 13.03.08151)
Rhapsody
SavingsBull (Version: 1.0.0.0)
SavingsBull (Version: SavingsBull)
SavingsbullFilter (Version: 1.0.0.0)
Scan (Version: 13.0.0.0)
Shop for HP Supplies (Version: 13.0)
SketchUp Import for AutoCAD 2014 (Version: 1.1.0)
Smart Defrag 3 (Version: 3.1)
SmartWebPrintingOC (Version: 100.0.189.000)
SolutionCenter (Version: 130.0.373.000)
Somoto V.1 Toolbar (Version: 6.14.0.28)
Status (Version: 130.0.469.000)
SupportSoft Assisted Service (Version: 15)
Surfing Protection (Version: 1.0)
System Requirements Lab
Toolbox (Version: 130.0.648.000)
TrayApp (Version: 130.0.422.000)
UnloadSupport (Version: 11.0.0)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2878297) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Video Mover
VideoToolkit01 (Version: 100.0.128.000)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (Version: 9.0.30729.177)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (Version: 9.0.30729.177)
WebReg (Version: 130.0.132.017)
Windows Live Communications Platform (Version: 16.4.3508.0205)
Windows Live Essentials (Version: 16.4.3508.0205)
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0)
Windows Live Installer (Version: 16.4.3508.0205)
Windows Live Photo Common (Version: 16.4.3508.0205)
Windows Live PIMT Platform (Version: 16.4.3508.0205)
Windows Live SOXE (Version: 16.4.3508.0205)
Windows Live SOXE Definitions (Version: 16.4.3508.0205)
Windows Live UX Platform (Version: 16.4.3508.0205)
Windows Live UX Platform Language Pack (Version: 16.4.3508.0205)
WModem Driver Installer (Version: 2.0.6.9)

========================= Memory info: ===================================

Percentage of memory in use: 30%
Total physical RAM: 8190.49 MB
Available physical RAM: 5660.25 MB
Total Pagefile: 16380.98 MB
Available Pagefile: 13275.05 MB
Total Virtual: 4095.88 MB
Available Virtual: 3962.64 MB

========================= Partitions: =====================================

1 Drive b: (BkUp-Cache) (Fixed) (Total:242.18 GB) (Free:86.63 GB) exFAT
2 Drive c: () (Fixed) (Total:465.76 GB) (Free:353.11 GB) NTFS
4 Drive i: (My Book) (Fixed) (Total:465.65 GB) (Free:14.37 GB) FAT32
5 Drive j: (DrWebLiveCD) (CDROM) (Total:0.26 GB) (Free:0 GB) CDFS
6 Drive m: (Media) (Fixed) (Total:689.32 GB) (Free:535.83 GB) NTFS

========================= Users: ========================================

User accounts for \\TIM-PC

Administrator            Guest                    Tim                      
UpdatusUser              


**** End of log ****
 


Edited by TOehlerking, 02 May 2014 - 12:00 PM.


#4 TOehlerking

TOehlerking
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:08:18 PM

Posted 02 May 2014 - 12:38 PM

TDSSKiller log files:

 

12:01:15.0696 0x23b8  TDSS rootkit removing tool 3.0.0.34 Apr 29 2014 18:20:10
12:01:20.0623 0x23b8  ============================================================
12:01:20.0623 0x23b8  Current date / time: 2014/05/02 12:01:20.0623
12:01:20.0623 0x23b8  SystemInfo:
12:01:20.0623 0x23b8  
12:01:20.0623 0x23b8  OS Version: 6.1.7601 ServicePack: 1.0
12:01:20.0623 0x23b8  Product type: Workstation
12:01:20.0623 0x23b8  ComputerName: TIM-PC
12:01:20.0623 0x23b8  UserName: Tim
12:01:20.0623 0x23b8  Windows directory: C:\Windows
12:01:20.0626 0x23b8  System windows directory: C:\Windows
12:01:20.0626 0x23b8  Running under WOW64
12:01:20.0626 0x23b8  Processor architecture: Intel x64
12:01:20.0626 0x23b8  Number of processors: 4
12:01:20.0626 0x23b8  Page size: 0x1000
12:01:20.0626 0x23b8  Boot type: Normal boot
12:01:20.0626 0x23b8  ============================================================
12:01:21.0366 0x23b8  KLMD registered as C:\Windows\system32\drivers\08203346.sys
12:01:21.0504 0x23b8  System UUID: {228FD47D-B81B-31FB-E01B-5E6D817F7929}
12:01:23.0186 0x23b8  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:01:23.0268 0x23b8  Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:01:23.0276 0x23b8  Drive \Device\Harddisk2\DR2 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
12:01:23.0848 0x23b8  ============================================================
12:01:23.0848 0x23b8  \Device\Harddisk0\DR0:
12:01:23.0862 0x23b8  MBR partitions:
12:01:23.0862 0x23b8  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A385000
12:01:23.0862 0x23b8  \Device\Harddisk1\DR1:
12:01:23.0884 0x23b8  MBR partitions:
12:01:23.0884 0x23b8  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1E460000
12:01:23.0884 0x23b8  \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x1E460800, BlocksNum 0x562A5000
12:01:23.0884 0x23b8  \Device\Harddisk2\DR2:
12:01:23.0886 0x23b8  MBR partitions:
12:01:23.0886 0x23b8  \Device\Harddisk2\DR2\Partition1: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x3A384C02
12:01:23.0886 0x23b8  ============================================================
12:01:23.0974 0x23b8  C: <-> \Device\Harddisk0\DR0\Partition1
12:01:23.0978 0x23b8  B: <-> \Device\Harddisk1\DR1\Partition1
12:01:24.0015 0x23b8  M: <-> \Device\Harddisk1\DR1\Partition2
12:01:24.0016 0x23b8  I: <-> \Device\Harddisk2\DR2\Partition1
12:01:24.0017 0x23b8  ============================================================
12:01:24.0017 0x23b8  Initialize success
12:01:24.0017 0x23b8  ============================================================
12:01:26.0752 0x21cc  ============================================================
12:01:26.0752 0x21cc  Scan started
12:01:26.0752 0x21cc  Mode: Manual;
12:01:26.0752 0x21cc  ============================================================
12:01:26.0752 0x21cc  KSN ping started
12:01:53.0438 0x21cc  KSN ping finished: true
12:01:57.0867 0x21cc  ================ Scan system memory ========================
12:01:57.0867 0x21cc  System memory - ok
12:01:57.0868 0x21cc  ================ Scan services =============================
12:01:58.0073 0x21cc  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
12:01:58.0089 0x21cc  1394ohci - ok
12:01:58.0157 0x21cc  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
12:01:58.0194 0x21cc  ACPI - ok
12:01:58.0246 0x21cc  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
12:01:58.0261 0x21cc  AcpiPmi - ok
12:01:58.0404 0x21cc  [ 2017D497D1F099CB74671539AAACADC3, 6C12F211AE9D072896226D57075388E4C7894AC89D97888B0526CD248D7B9889 ] AcrSch2Svc      C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
12:01:58.0472 0x21cc  AcrSch2Svc - ok
12:01:58.0578 0x21cc  [ 14C23516C990DCD6052152CF034DDE40, 1EC8AAD6AA6D68A17A9D04AECDB716BD0DD4BFF93641BD96D01855AF1232A5FB ] Adobe Version Cue CS3 C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
12:01:58.0591 0x21cc  Adobe Version Cue CS3 - ok
12:01:58.0682 0x21cc  [ ADDA5E1951B90D3D23C56D3CF0622ADC, E85E7BFD29F00ED34BF5BE8BD4DA93CBB14278E16809BB55406875F0DA88551E ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:01:58.0693 0x21cc  AdobeARMservice - ok
12:01:58.0847 0x21cc  [ 7C7E868E1D8096ED08D80FF7712BB9D8, EB4438F3CC377728173E018A763F0D0A8D5BBA4A289F554036D06B24030D2D62 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:01:58.0859 0x21cc  AdobeFlashPlayerUpdateSvc - ok
12:01:58.0931 0x21cc  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
12:01:58.0965 0x21cc  adp94xx - ok
12:01:58.0991 0x21cc  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
12:01:59.0003 0x21cc  adpahci - ok
12:01:59.0026 0x21cc  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
12:01:59.0046 0x21cc  adpu320 - ok
12:01:59.0715 0x21cc  [ 6C856C581ACE1785CE3FC2414E9859A3, 2A1CA4C76212BA264861F561F01D973945A1565E30FA009F5AB0BC9D13B729E9 ] AdvancedSystemCareService7 C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
12:01:59.0757 0x21cc  AdvancedSystemCareService7 - ok
12:01:59.0804 0x21cc  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
12:01:59.0809 0x21cc  AeLookupSvc - ok
12:01:59.0853 0x21cc  [ AE1FCE2CD1E99BEA89183BA8CD320872, 96F14BCA0C2479F39A5027A71922907D0F35CAD8E9A5037674DF7995BBDB2B51 ] afcdp           C:\Windows\system32\DRIVERS\afcdp.sys
12:01:59.0861 0x21cc  afcdp - ok
12:02:00.0161 0x21cc  [ AF44F7E027037628F1FAC3C13CDE73E6, 56A95EBF2241C275FD401487C5F0E86859F8637D8B1BD01B7157EE9BC22B1907 ] afcdpsrv        C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
12:02:00.0325 0x21cc  afcdpsrv - ok
12:02:00.0410 0x21cc  [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD             C:\Windows\system32\drivers\afd.sys
12:02:00.0427 0x21cc  AFD - ok
12:02:00.0561 0x21cc  [ 91B76D91C781E9DD49D9D03A2AB3E8C3, 98EC45B1DF51A91CC1E12CEE1F0EE7F9426EE0FCA33B41C04F27FE8F5B0B090A ] AffinegyService C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
12:02:00.0597 0x21cc  AffinegyService - ok
12:02:00.0655 0x21cc  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
12:02:00.0672 0x21cc  agp440 - ok
12:02:00.0707 0x21cc  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
12:02:00.0715 0x21cc  ALG - ok
12:02:00.0755 0x21cc  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
12:02:00.0767 0x21cc  aliide - ok
12:02:00.0788 0x21cc  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
12:02:00.0791 0x21cc  amdide - ok
12:02:00.0822 0x21cc  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
12:02:00.0826 0x21cc  AmdK8 - ok
12:02:00.0834 0x21cc  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
12:02:00.0836 0x21cc  AmdPPM - ok
12:02:00.0881 0x21cc  [ F747497A0EE5498F79B207F215B3D2D8, 9052AD0746CF9DC9DC811C49B639CFD4C96A3A0CDB02125E45148301D4DEEEA3 ] amdsata         C:\Windows\system32\DRIVERS\amdsata.sys
12:02:00.0891 0x21cc  amdsata - ok
12:02:00.0914 0x21cc  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
12:02:00.0922 0x21cc  amdsbs - ok
12:02:00.0949 0x21cc  [ 2946D695E158615BAAA16248E63C7ADB, 059B261BF275CC8EE67453C80B1CDFBE17B383BC7DA22BD66F2CCD4D444D24C7 ] amdxata         C:\Windows\system32\DRIVERS\amdxata.sys
12:02:00.0951 0x21cc  amdxata - ok
12:02:00.0988 0x21cc  [ A1434F35B7B171CB697D74D33F7D029F, 97688D8C388066D02036DEF388AD7D8BE55DB268185CECE88128195D87422496 ] amd_sata        C:\Windows\system32\DRIVERS\amd_sata.sys
12:02:00.0990 0x21cc  amd_sata - ok
12:02:01.0052 0x21cc  [ E9B5A82FA268BB2D1B012030D5F4E096, 9EBE4DD2B86EE62D5E47ED85FC6271FE66A5A564227C7C8B7A576FD54A2CFACB ] amd_xata        C:\Windows\system32\DRIVERS\amd_xata.sys
12:02:01.0069 0x21cc  amd_xata - ok
12:02:01.0101 0x21cc  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
12:02:01.0116 0x21cc  AppID - ok
12:02:01.0186 0x21cc  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
12:02:01.0211 0x21cc  AppIDSvc - ok
12:02:01.0241 0x21cc  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
12:02:01.0245 0x21cc  Appinfo - ok
12:02:01.0481 0x21cc  [ 20F6F19FE9E753F2780DC2FA083AD597, 5106F0F9BA8A7DE49260A9B13BF8EC45ACA6A166FA8B10B4F69C3BB54F6840A1 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:02:01.0511 0x21cc  Apple Mobile Device - ok
12:02:01.0646 0x21cc  [ 718BEE421CB137176B6F3F67E6F36132, 70455CDBDFE536BD9B17DCC1D045A6B1732D4D0446A5BF1E654DFDF25B13B858 ] Application Updater C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
12:02:01.0690 0x21cc  Application Updater - ok
12:02:01.0782 0x21cc  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
12:02:01.0817 0x21cc  arc - ok
12:02:01.0825 0x21cc  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
12:02:01.0830 0x21cc  arcsas - ok
12:02:02.0004 0x21cc  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
12:02:02.0221 0x21cc  aspnet_state - ok
12:02:02.0238 0x21cc  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
12:02:02.0240 0x21cc  AsyncMac - ok
12:02:02.0252 0x21cc  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
12:02:02.0255 0x21cc  atapi - ok
12:02:02.0350 0x21cc  [ 7D89B0C443F6068E5B27AA3B972069FF, 34CBB7D44D060F1D614BCA1357C8A260A002C21E67D33E819F57815AC400CCBD ] athr            C:\Windows\system32\DRIVERS\athrx.sys
12:02:02.0434 0x21cc  athr - ok
12:02:02.0505 0x21cc  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:02:02.0527 0x21cc  AudioEndpointBuilder - ok
12:02:02.0575 0x21cc  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
12:02:02.0591 0x21cc  AudioSrv - ok
12:02:02.0786 0x21cc  [ F431DC5D94F4B2FDBC927655D8A9B10E, FA16A95E5B83D08F0FD76FDAB03FC7CD4B6917BFE15F2F1D9F3B781F6A1888D8 ] Autodesk Content Service C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
12:02:02.0796 0x21cc  Autodesk Content Service - ok
12:02:02.0829 0x21cc  [ 9FD4BC46784309176AEFA26AA8241DA1, 939F7503A6231E5FD5A3F46BDB97671D62D0CEC8B6EF82BD6B1090C45D9D6E1F ] avgtp           C:\Windows\system32\drivers\avgtpx64.sys
12:02:02.0831 0x21cc  avgtp - ok
12:02:02.0861 0x21cc  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
12:02:02.0866 0x21cc  AxInstSV - ok
12:02:02.0906 0x21cc  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
12:02:02.0922 0x21cc  b06bdrv - ok
12:02:02.0998 0x21cc  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
12:02:03.0018 0x21cc  b57nd60a - ok
12:02:03.0094 0x21cc  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
12:02:03.0099 0x21cc  BDESVC - ok
12:02:03.0105 0x21cc  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
12:02:03.0106 0x21cc  Beep - ok
12:02:03.0257 0x21cc  [ 299E54DB3638A18E47BD3A2D2EF499F7, 7812C8F8EDA14CC74F43979B1C7E790EE15CFE10672C5F3E077AE6C87A69C27C ] Belkin Local Backup Service C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe
12:02:03.0282 0x21cc  Belkin Local Backup Service - ok
12:02:03.0334 0x21cc  [ E62A04D615A8CAC83601E1F07C010D3C, BA9E08EE979C3898DF573B61514B3EAA6E5DAAA182DA3618BFA1BD94ABDA0266 ] Belkin Network USB Helper C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe
12:02:03.0336 0x21cc  Belkin Network USB Helper - ok
12:02:03.0397 0x21cc  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
12:02:03.0443 0x21cc  BFE - ok
12:02:03.0506 0x21cc  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
12:02:03.0580 0x21cc  BITS - ok
12:02:03.0604 0x21cc  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
12:02:03.0608 0x21cc  blbdrive - ok
12:02:03.0680 0x21cc  [ 1C87705CCB2F60172B0FC86B5D82F00D, C6413E6603AD7ECDA5107504E109F608154BA43DAFCE319793E8D8B47C2781A3 ] Bonjour Service C:\Program Files (x86)\Bonjour\mDNSResponder.exe
12:02:03.0696 0x21cc  Bonjour Service - ok
12:02:03.0723 0x21cc  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
12:02:03.0727 0x21cc  bowser - ok
12:02:03.0790 0x21cc  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:02:03.0800 0x21cc  BrFiltLo - ok
12:02:03.0806 0x21cc  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:02:03.0808 0x21cc  BrFiltUp - ok
12:02:03.0870 0x21cc  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
12:02:03.0891 0x21cc  Browser - ok
12:02:03.0932 0x21cc  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
12:02:03.0958 0x21cc  Brserid - ok
12:02:03.0966 0x21cc  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
12:02:03.0969 0x21cc  BrSerWdm - ok
12:02:03.0976 0x21cc  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
12:02:03.0978 0x21cc  BrUsbMdm - ok
12:02:03.0985 0x21cc  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
12:02:03.0987 0x21cc  BrUsbSer - ok
12:02:04.0015 0x21cc  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
12:02:04.0018 0x21cc  BTHMODEM - ok
12:02:04.0054 0x21cc  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
12:02:04.0058 0x21cc  bthserv - ok
12:02:04.0073 0x21cc  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
12:02:04.0078 0x21cc  cdfs - ok
12:02:04.0123 0x21cc  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
12:02:04.0129 0x21cc  cdrom - ok
12:02:04.0160 0x21cc  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
12:02:04.0165 0x21cc  CertPropSvc - ok
12:02:04.0180 0x21cc  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
12:02:04.0184 0x21cc  circlass - ok
12:02:04.0220 0x21cc  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
12:02:04.0236 0x21cc  CLFS - ok
12:02:04.0422 0x21cc  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:02:04.0457 0x21cc  clr_optimization_v2.0.50727_32 - ok
12:02:04.0477 0x21cc  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:02:04.0490 0x21cc  clr_optimization_v2.0.50727_64 - ok
12:02:04.0582 0x21cc  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:02:05.0736 0x21cc  clr_optimization_v4.0.30319_32 - ok
12:02:05.0763 0x21cc  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:02:06.0181 0x21cc  clr_optimization_v4.0.30319_64 - ok
12:02:06.0245 0x21cc  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
12:02:06.0251 0x21cc  CmBatt - ok
12:02:06.0307 0x21cc  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
12:02:06.0320 0x21cc  cmdide - ok
12:02:06.0351 0x21cc  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
12:02:06.0366 0x21cc  CNG - ok
12:02:06.0397 0x21cc  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
12:02:06.0405 0x21cc  Compbatt - ok
12:02:06.0432 0x21cc  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
12:02:06.0443 0x21cc  CompositeBus - ok
12:02:06.0448 0x21cc  COMSysApp - ok
12:02:06.0474 0x21cc  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
12:02:06.0484 0x21cc  crcdisk - ok
12:02:06.0527 0x21cc  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
12:02:06.0539 0x21cc  CryptSvc - ok
12:02:06.0683 0x21cc  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
12:02:06.0701 0x21cc  DcomLaunch - ok
12:02:06.0767 0x21cc  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
12:02:06.0784 0x21cc  defragsvc - ok
12:02:06.0823 0x21cc  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
12:02:06.0841 0x21cc  DfsC - ok
12:02:06.0883 0x21cc  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
12:02:06.0900 0x21cc  Dhcp - ok
12:02:06.0943 0x21cc  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
12:02:06.0961 0x21cc  discache - ok
12:02:06.0969 0x21cc  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
12:02:06.0974 0x21cc  Disk - ok
12:02:07.0019 0x21cc  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
12:02:07.0029 0x21cc  Dnscache - ok
12:02:07.0121 0x21cc  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
12:02:07.0131 0x21cc  dot3svc - ok
12:02:07.0198 0x21cc  [ B42ED0320C6E41102FDE0005154849BB, 4DB872E23AD049C3C9FDC0759FC58BFA60DA91B18BC82B611BFA300D26DDFC7A ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
12:02:07.0215 0x21cc  Dot4 - ok
12:02:07.0242 0x21cc  [ E9F5969233C5D89F3C35E3A66A52A361, C4BD35795C78FB11E6022372CB25DEB570730EFDAD3DC1584368235FF622638C ] Dot4Print       C:\Windows\system32\DRIVERS\Dot4Prt.sys
12:02:07.0249 0x21cc  Dot4Print - ok
12:02:07.0274 0x21cc  [ FD05A02B0370BC3000F402E543CA5814, 089B1113E640F495F470E8F57060B89546270481B309DC8ED3C3D13A849076A3 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
12:02:07.0307 0x21cc  dot4usb - ok
12:02:07.0340 0x21cc  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
12:02:07.0353 0x21cc  DPS - ok
12:02:07.0427 0x21cc  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
12:02:07.0447 0x21cc  drmkaud - ok
12:02:07.0501 0x21cc  [ 6A0E850DDCB136AA3D2FB7234382DF12, C01863E95F45E1B74AC65C9CD12C8DC769299218255B3C94E3EBF58C4D79FEF3 ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
12:02:07.0509 0x21cc  dtsoftbus01 - ok
12:02:07.0565 0x21cc  [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
12:02:07.0592 0x21cc  DXGKrnl - ok
12:02:07.0653 0x21cc  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
12:02:07.0673 0x21cc  EapHost - ok
12:02:07.0965 0x21cc  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
12:02:08.0315 0x21cc  ebdrv - ok
12:02:08.0355 0x21cc  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS             C:\Windows\System32\lsass.exe
12:02:08.0370 0x21cc  EFS - ok
12:02:08.0464 0x21cc  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
12:02:08.0489 0x21cc  ehRecvr - ok
12:02:08.0534 0x21cc  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
12:02:08.0539 0x21cc  ehSched - ok
12:02:08.0590 0x21cc  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
12:02:08.0609 0x21cc  elxstor - ok
12:02:08.0700 0x21cc  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
12:02:08.0708 0x21cc  ErrDev - ok
12:02:08.0776 0x21cc  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
12:02:08.0789 0x21cc  EventSystem - ok
12:02:08.0842 0x21cc  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
12:02:08.0853 0x21cc  exfat - ok
12:02:08.0879 0x21cc  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
12:02:08.0893 0x21cc  fastfat - ok
12:02:08.0940 0x21cc  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
12:02:08.0963 0x21cc  Fax - ok
12:02:08.0971 0x21cc  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
12:02:08.0974 0x21cc  fdc - ok
12:02:09.0084 0x21cc  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
12:02:09.0110 0x21cc  fdPHost - ok
12:02:09.0125 0x21cc  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
12:02:09.0127 0x21cc  FDResPub - ok
12:02:09.0137 0x21cc  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
12:02:09.0144 0x21cc  FileInfo - ok
12:02:09.0283 0x21cc  [ D409D4A4517865131999FAC96D366CBF, 512A80C4B180D5D6DECBAFB831A56C0DC8C5D1CC7E749465C47D29EC4DA45719 ] FileMonitor     C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys
12:02:09.0285 0x21cc  FileMonitor - ok
12:02:09.0310 0x21cc  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
12:02:09.0327 0x21cc  Filetrace - ok
12:02:09.0396 0x21cc  [ 227846995AFEEFA70D328BF5334A86A5, B8EF22DE552B44E7DC352742C775BB6B4992B653AF4B66B231A60182CE7A7201 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
12:02:09.0414 0x21cc  FLEXnet Licensing Service - ok
12:02:09.0551 0x21cc  [ ECC329F6104EE208C24C4A8C1B4A9D14, E120DAAB58C4083577A8445230DBB841984818188BFD0609576BC704C836DF3F ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
12:02:09.0646 0x21cc  FLEXnet Licensing Service 64 - ok
12:02:09.0692 0x21cc  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
12:02:09.0723 0x21cc  flpydisk - ok
12:02:09.0767 0x21cc  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
12:02:09.0779 0x21cc  FltMgr - ok
12:02:09.0916 0x21cc  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
12:02:09.0984 0x21cc  FontCache - ok
12:02:10.0094 0x21cc  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:02:10.0110 0x21cc  FontCache3.0.0.0 - ok
12:02:10.0213 0x21cc  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
12:02:10.0223 0x21cc  FsDepends - ok
12:02:10.0266 0x21cc  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
12:02:10.0276 0x21cc  Fs_Rec - ok
12:02:10.0331 0x21cc  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
12:02:10.0348 0x21cc  fvevol - ok
12:02:10.0373 0x21cc  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
12:02:10.0382 0x21cc  gagp30kx - ok
12:02:10.0541 0x21cc  [ E80DC56FD16772FC91C88ACECC715324, 22723A1A64A91907E97D2C5B5F1D06C874B9A148D3470AACE3A5945E2C2D0AC8 ] Garmin Core Update Service C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
12:02:10.0574 0x21cc  Garmin Core Update Service - ok
12:02:10.0622 0x21cc  [ E403AACF8C7BB11375122D2464560311, 0427B8FFD999D256EA1A5135F218692959A7577CB32354D3087CF0FB4F0577DF ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
12:02:10.0625 0x21cc  GEARAspiWDM - ok
12:02:10.0715 0x21cc  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
12:02:10.0759 0x21cc  gpsvc - ok
12:02:10.0831 0x21cc  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:02:10.0835 0x21cc  gupdate - ok
12:02:10.0845 0x21cc  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:02:10.0849 0x21cc  gupdatem - ok
12:02:10.0879 0x21cc  [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
12:02:10.0901 0x21cc  gusvc - ok
12:02:10.0950 0x21cc  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
12:02:10.0953 0x21cc  hcw85cir - ok
12:02:10.0998 0x21cc  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:02:11.0013 0x21cc  HdAudAddService - ok
12:02:11.0041 0x21cc  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
12:02:11.0065 0x21cc  HDAudBus - ok
12:02:11.0086 0x21cc  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
12:02:11.0089 0x21cc  HidBatt - ok
12:02:11.0098 0x21cc  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
12:02:11.0106 0x21cc  HidBth - ok
12:02:11.0186 0x21cc  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
12:02:11.0448 0x21cc  HidIr - ok
12:02:11.0535 0x21cc  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
12:02:11.0543 0x21cc  hidserv - ok
12:02:11.0633 0x21cc  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
12:02:11.0660 0x21cc  HidUsb - ok
12:02:11.0768 0x21cc  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
12:02:11.0781 0x21cc  hkmsvc - ok
12:02:11.0897 0x21cc  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:02:11.0908 0x21cc  HomeGroupListener - ok
12:02:11.0951 0x21cc  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:02:11.0994 0x21cc  HomeGroupProvider - ok
12:02:12.0148 0x21cc  [ 1DAE5C46D42B02A6D5862E1482EFB390, 90B14E0A8376AE51872D89C141E88AE144B742805F94B4F7948E295322C78B9D ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
12:02:12.0165 0x21cc  hpqcxs08 - ok
12:02:12.0181 0x21cc  [ 99E8EEF42FE2F4AF29B08C3355DD7685, D57BC2148653DA5596FB49F1086D165B11C9F6C644608202C08305D3C8499CFE ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
12:02:12.0187 0x21cc  hpqddsvc - ok
12:02:12.0211 0x21cc  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
12:02:12.0217 0x21cc  HpSAMD - ok
12:02:12.0263 0x21cc  [ F47CEC45FB85791D4AB237563AD0FA8F, 1035066D48BD179855BCA7F62EFA1B951E6E839D2E29E15A31844E18A126DD41 ] HTCAND64        C:\Windows\system32\Drivers\ANDROIDUSB.sys
12:02:12.0273 0x21cc  HTCAND64 - ok
12:02:12.0339 0x21cc  [ B8B1B284362E1D8135112573395D5DA5, 97BC6A7B2DCD7CC854B912A85BB2FCF199592E8E16A7C405EAF89B02D5DE4AEE ] htcnprot        C:\Windows\system32\DRIVERS\htcnprot.sys
12:02:12.0350 0x21cc  htcnprot - ok
12:02:12.0407 0x21cc  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
12:02:12.0437 0x21cc  HTTP - ok
12:02:12.0487 0x21cc  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
12:02:12.0506 0x21cc  hwpolicy - ok
12:02:12.0545 0x21cc  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
12:02:12.0555 0x21cc  i8042prt - ok
12:02:12.0591 0x21cc  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
12:02:12.0618 0x21cc  iaStorV - ok
12:02:12.0719 0x21cc  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:02:12.0835 0x21cc  idsvc - ok
12:02:12.0857 0x21cc  IEEtwCollectorService - ok
12:02:12.0880 0x21cc  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
12:02:12.0883 0x21cc  iirsp - ok
12:02:12.0974 0x21cc  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
12:02:13.0011 0x21cc  IKEEXT - ok
12:02:13.0074 0x21cc  [ E38AC5D38C757EE5B6230A0C56791EE4, 78409852567BBA4C4B089C4D55BD53295BC868C098A4F41E370B02D5BFE5C04B ] IMFservice      C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
12:02:13.0093 0x21cc  IMFservice - ok
12:02:13.0440 0x21cc  [ ECA5E9DA350D2D21376260CD3602449A, B027FE77062488B8FC0EEE2113341DD922CE1BD741DF4F5D92DCCDC2E2C18BB2 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
12:02:13.0609 0x21cc  IntcAzAudAddService - ok
12:02:13.0686 0x21cc  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
12:02:13.0714 0x21cc  intelide - ok
12:02:13.0772 0x21cc  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
12:02:13.0802 0x21cc  intelppm - ok
12:02:13.0902 0x21cc  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
12:02:13.0908 0x21cc  IPBusEnum - ok
12:02:13.0954 0x21cc  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:02:13.0975 0x21cc  IpFilterDriver - ok
12:02:14.0023 0x21cc  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
12:02:14.0045 0x21cc  iphlpsvc - ok
12:02:14.0092 0x21cc  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
12:02:14.0097 0x21cc  IPMIDRV - ok
12:02:14.0168 0x21cc  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
12:02:14.0184 0x21cc  IPNAT - ok
12:02:14.0238 0x21cc  [ FDF57F795098AB29AF780824315C9859, F6AA328161947A6006D875D0576C5078557CF9C7251B62436E3812FA3A6A906C ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
12:02:14.0269 0x21cc  iPod Service - ok
12:02:14.0279 0x21cc  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
12:02:14.0281 0x21cc  IRENUM - ok
12:02:14.0321 0x21cc  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
12:02:14.0324 0x21cc  isapnp - ok
12:02:14.0360 0x21cc  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
12:02:14.0371 0x21cc  iScsiPrt - ok
12:02:14.0421 0x21cc  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
12:02:14.0435 0x21cc  kbdclass - ok
12:02:14.0478 0x21cc  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
12:02:14.0493 0x21cc  kbdhid - ok
12:02:14.0508 0x21cc  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso          C:\Windows\system32\lsass.exe
12:02:14.0510 0x21cc  KeyIso - ok
12:02:14.0589 0x21cc  [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
12:02:14.0595 0x21cc  KSecDD - ok
12:02:14.0614 0x21cc  [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
12:02:14.0621 0x21cc  KSecPkg - ok
12:02:14.0661 0x21cc  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
12:02:14.0674 0x21cc  ksthunk - ok
12:02:14.0725 0x21cc  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
12:02:14.0739 0x21cc  KtmRm - ok
12:02:14.0786 0x21cc  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
12:02:14.0798 0x21cc  LanmanServer - ok
12:02:14.0833 0x21cc  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:02:14.0840 0x21cc  LanmanWorkstation - ok
12:02:15.0053 0x21cc  [ 935E2093CEED8198C820B7F60BB63167, 7C8A7A0501BA31624143C576B0D8C6C74AF7869A9734E4AB142715B766F2B59D ] LiveUpdateSvc   C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
12:02:15.0128 0x21cc  LiveUpdateSvc - ok
12:02:15.0231 0x21cc  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
12:02:15.0266 0x21cc  lltdio - ok
12:02:15.0355 0x21cc  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
12:02:15.0395 0x21cc  lltdsvc - ok
12:02:15.0465 0x21cc  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
12:02:15.0518 0x21cc  lmhosts - ok
12:02:15.0565 0x21cc  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
12:02:15.0589 0x21cc  LSI_FC - ok
12:02:15.0614 0x21cc  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
12:02:15.0620 0x21cc  LSI_SAS - ok
12:02:15.0630 0x21cc  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:02:15.0634 0x21cc  LSI_SAS2 - ok
12:02:15.0645 0x21cc  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:02:15.0651 0x21cc  LSI_SCSI - ok
12:02:15.0671 0x21cc  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
12:02:15.0676 0x21cc  luafv - ok
12:02:15.0704 0x21cc  MCSTRM - ok
12:02:15.0771 0x21cc  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
12:02:15.0777 0x21cc  Mcx2Svc - ok
12:02:15.0819 0x21cc  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
12:02:15.0839 0x21cc  megasas - ok
12:02:15.0871 0x21cc  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
12:02:15.0887 0x21cc  MegaSR - ok
12:02:15.0969 0x21cc  [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
12:02:15.0986 0x21cc  Microsoft Office Groove Audit Service - ok
12:02:16.0021 0x21cc  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
12:02:16.0052 0x21cc  MMCSS - ok
12:02:16.0123 0x21cc  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
12:02:16.0138 0x21cc  Modem - ok
12:02:16.0193 0x21cc  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
12:02:16.0195 0x21cc  monitor - ok
12:02:16.0214 0x21cc  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
12:02:16.0216 0x21cc  mouclass - ok
12:02:16.0277 0x21cc  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
12:02:16.0285 0x21cc  mouhid - ok
12:02:16.0335 0x21cc  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
12:02:16.0354 0x21cc  mountmgr - ok
12:02:16.0470 0x21cc  [ AEE4E9CC59CDEB55B1ECB0E596E796BE, 674F6F38D86D238AFD6223E03A862F8B43DD8499FBC2D4B7A04E510EC5EACF3B ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
12:02:16.0484 0x21cc  MozillaMaintenance - ok
12:02:16.0539 0x21cc  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
12:02:16.0559 0x21cc  mpio - ok
12:02:16.0606 0x21cc  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
12:02:16.0619 0x21cc  mpsdrv - ok
12:02:16.0691 0x21cc  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
12:02:16.0722 0x21cc  MpsSvc - ok
12:02:16.0783 0x21cc  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
12:02:16.0805 0x21cc  MRxDAV - ok
12:02:16.0876 0x21cc  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
12:02:16.0891 0x21cc  mrxsmb - ok
12:02:16.0935 0x21cc  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:02:16.0954 0x21cc  mrxsmb10 - ok
12:02:17.0012 0x21cc  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:02:17.0026 0x21cc  mrxsmb20 - ok
12:02:17.0059 0x21cc  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
12:02:17.0062 0x21cc  msahci - ok
12:02:17.0083 0x21cc  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
12:02:17.0100 0x21cc  msdsm - ok
12:02:17.0132 0x21cc  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
12:02:17.0162 0x21cc  MSDTC - ok
12:02:17.0331 0x21cc  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
12:02:17.0388 0x21cc  Msfs - ok
12:02:17.0473 0x21cc  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
12:02:17.0490 0x21cc  mshidkmdf - ok
12:02:17.0578 0x21cc  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
12:02:17.0587 0x21cc  msisadrv - ok
12:02:17.0680 0x21cc  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
12:02:17.0710 0x21cc  MSiSCSI - ok
12:02:17.0719 0x21cc  msiserver - ok
12:02:17.0767 0x21cc  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
12:02:17.0769 0x21cc  MSKSSRV - ok
12:02:17.0780 0x21cc  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
12:02:17.0796 0x21cc  MSPCLOCK - ok
12:02:17.0805 0x21cc  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
12:02:17.0809 0x21cc  MSPQM - ok
12:02:17.0883 0x21cc  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
12:02:17.0897 0x21cc  MsRPC - ok
12:02:17.0947 0x21cc  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
12:02:17.0948 0x21cc  mssmbios - ok
12:02:17.0998 0x21cc  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
12:02:18.0013 0x21cc  MSTEE - ok
12:02:18.0038 0x21cc  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
12:02:18.0040 0x21cc  MTConfig - ok
12:02:18.0087 0x21cc  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
12:02:18.0092 0x21cc  Mup - ok
12:02:18.0193 0x21cc  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
12:02:18.0211 0x21cc  napagent - ok
12:02:18.0255 0x21cc  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
12:02:18.0297 0x21cc  NativeWifiP - ok
12:02:18.0384 0x21cc  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
12:02:18.0420 0x21cc  NDIS - ok
12:02:18.0498 0x21cc  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
12:02:18.0514 0x21cc  NdisCap - ok
12:02:18.0529 0x21cc  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
12:02:18.0530 0x21cc  NdisTapi - ok
12:02:18.0583 0x21cc  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
12:02:18.0586 0x21cc  Ndisuio - ok
12:02:18.0623 0x21cc  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
12:02:18.0637 0x21cc  NdisWan - ok
12:02:18.0659 0x21cc  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
12:02:18.0675 0x21cc  NDProxy - ok
12:02:18.0721 0x21cc  [ 2334DC48997BA203B794DF3EE70521DB, 832F4EC1586C9669F2D54AB3B212943E43B87A33B24DCC8CDAD6A0264291EE2F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
12:02:18.0739 0x21cc  Net Driver HPZ12 - ok
12:02:18.0786 0x21cc  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
12:02:18.0797 0x21cc  NetBIOS - ok
12:02:18.0833 0x21cc  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
12:02:18.0842 0x21cc  NetBT - ok
12:02:18.0938 0x21cc  [ 3E71B9D55EDE56BF5E11E923C0D09874, 25D314F94F52970843EECB855A39DDA9E2BF0077A5CE7CB5DA83F139C421825F ] netfilter64     C:\Windows\system32\drivers\netfilter64.sys
12:02:18.0940 0x21cc  netfilter64 - ok
12:02:18.0961 0x21cc  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon        C:\Windows\system32\lsass.exe
12:02:18.0964 0x21cc  Netlogon - ok
12:02:19.0007 0x21cc  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
12:02:19.0021 0x21cc  Netman - ok
12:02:19.0087 0x21cc  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:02:19.0128 0x21cc  NetMsmqActivator - ok
12:02:19.0141 0x21cc  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:02:19.0146 0x21cc  NetPipeActivator - ok
12:02:19.0211 0x21cc  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
12:02:19.0248 0x21cc  netprofm - ok
12:02:19.0278 0x21cc  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:02:19.0282 0x21cc  NetTcpActivator - ok
12:02:19.0315 0x21cc  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:02:19.0319 0x21cc  NetTcpPortSharing - ok
12:02:19.0381 0x21cc  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
12:02:19.0435 0x21cc  nfrd960 - ok
12:02:19.0478 0x21cc  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
12:02:19.0502 0x21cc  NlaSvc - ok
12:02:19.0529 0x21cc  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
12:02:19.0533 0x21cc  Npfs - ok
12:02:19.0687 0x21cc  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
12:02:19.0714 0x21cc  nsi - ok
12:02:19.0820 0x21cc  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
12:02:19.0834 0x21cc  nsiproxy - ok
12:02:19.0945 0x21cc  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
12:02:20.0028 0x21cc  Ntfs - ok
12:02:20.0096 0x21cc  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
12:02:20.0098 0x21cc  Null - ok
12:02:20.0936 0x21cc  [ 757ACE4D4C9FF0571F86AA5D586B45E8, E7F23CC1DE26E2DAA690B78B05FC001EE0051F0ED9B9BCE9E7FA4E9684D4F3D4 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
12:02:21.0445 0x21cc  nvlddmkm - ok
12:02:21.0570 0x21cc  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
12:02:21.0620 0x21cc  nvraid - ok
12:02:21.0656 0x21cc  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
12:02:21.0671 0x21cc  nvstor - ok
12:02:21.0755 0x21cc  [ 1C7CC708AC4A02A3BE8915539780534A, 0EBDE100880963BF1EC05002BA244CA7700693E958D1974CDD2AC3927D93224F ] nvsvc           C:\Windows\system32\nvvsvc.exe
12:02:21.0812 0x21cc  nvsvc - ok
12:02:22.0031 0x21cc  [ E7818CD4FB51284C948D68A7A85A69B8, E7CB8AA0F17058EDF3F76186B233524971C7726EBD151BA5300B56EE8EFA15AC ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
12:02:22.0109 0x21cc  nvUpdatusService - ok
12:02:22.0157 0x21cc  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
12:02:22.0195 0x21cc  nv_agp - ok
12:02:22.0437 0x21cc  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
12:02:22.0454 0x21cc  odserv - ok
12:02:22.0495 0x21cc  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
12:02:22.0506 0x21cc  ohci1394 - ok
12:02:22.0578 0x21cc  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:02:22.0595 0x21cc  ose - ok
12:02:22.0688 0x21cc  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
12:02:22.0714 0x21cc  p2pimsvc - ok
12:02:22.0782 0x21cc  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
12:02:22.0803 0x21cc  p2psvc - ok
12:02:22.0875 0x21cc  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
12:02:22.0918 0x21cc  Parport - ok
12:02:22.0952 0x21cc  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
12:02:22.0958 0x21cc  partmgr - ok
12:02:23.0207 0x21cc  [ 3CAE2BBC86FCF7F94C9696994AF30386, 4DA063A60523567272CFB35DF5D7CA142B100EF9123B1F23A6F11AB89DB83486 ] PassThru Service C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
12:02:23.0225 0x21cc  PassThru Service - ok
12:02:23.0523 0x21cc  [ 733357D50FCD27812FC1B292DC5C1693, C5DB5D786FBE44FA001DE9F3D6ACD3B7DB382FB5CA32AA1D24C82AC3B80F27AE ] PasswordBox     C:\Program Files (x86)\PasswordBox\pbbtnService.exe
12:02:23.0590 0x21cc  PasswordBox - ok
12:02:23.0788 0x21cc  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
12:02:23.0821 0x21cc  PcaSvc - ok
12:02:23.0903 0x21cc  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
12:02:23.0973 0x21cc  pci - ok
12:02:24.0116 0x21cc  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
12:02:24.0156 0x21cc  pciide - ok
12:02:24.0251 0x21cc  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
12:02:24.0298 0x21cc  pcmcia - ok
12:02:24.0352 0x21cc  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
12:02:24.0369 0x21cc  pcw - ok
12:02:24.0441 0x21cc  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
12:02:24.0476 0x21cc  PEAUTH - ok
12:02:26.0304 0x21cc  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
12:02:26.0315 0x21cc  PerfHost - ok
12:02:26.0384 0x21cc  [ 4DDD6ECD65E4A4B3C3E0A0D9643B5DCA, BE291E09EE0545CAAAF6DDED6530EDDA9CDB3950E5BFA458EBBF68A485AB54CB ] PfFilter        C:\Program Files (x86)\IObit\Protected Folder\pffilter.sys
12:02:26.0386 0x21cc  PfFilter - ok
12:02:26.0537 0x21cc  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
12:02:26.0611 0x21cc  pla - ok
12:02:26.0754 0x21cc  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
12:02:26.0774 0x21cc  PlugPlay - ok
12:02:26.0820 0x21cc  [ AC78DF349F0E4CFB8B667C0CFFF83CCE, 7E635AA2E7350FCA0C954E697F1480A6204920AEFBCF06B90FFA02398DA82822 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
12:02:26.0827 0x21cc  Pml Driver HPZ12 - ok
12:02:26.0882 0x21cc  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
12:02:26.0894 0x21cc  PNRPAutoReg - ok
12:02:26.0912 0x21cc  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
12:02:26.0924 0x21cc  PNRPsvc - ok
12:02:27.0034 0x21cc  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
12:02:27.0084 0x21cc  PolicyAgent - ok
12:02:27.0181 0x21cc  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
12:02:27.0236 0x21cc  Power - ok
12:02:27.0329 0x21cc  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
12:02:27.0347 0x21cc  PptpMiniport - ok
12:02:27.0523 0x21cc  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
12:02:27.0576 0x21cc  Processor - ok
12:02:27.0648 0x21cc  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
12:02:27.0694 0x21cc  ProfSvc - ok
12:02:27.0752 0x21cc  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\Windows\system32\lsass.exe
12:02:27.0754 0x21cc  ProtectedStorage - ok
12:02:27.0910 0x21cc  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
12:02:27.0935 0x21cc  Psched - ok
12:02:28.0059 0x21cc  [ 4712CC14E720ECCCC0AA16949D18AAF1, AF0223D118A25CA14EC1AF8A40A793D3CBCBE3576CCACBCD4F9A3D3F10407262 ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
12:02:28.0097 0x21cc  PxHlpa64 - ok
12:02:28.0310 0x21cc  [ F6EA2DCE39F1ACCB2C6C38D61FC79075, EBB975F8441F66E4E40722735C9F093CE0D2A825504D60C973586EEAB61BA866 ] QBCFMonitorService C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
12:02:28.0312 0x21cc  QBCFMonitorService - ok
12:02:28.0445 0x21cc  [ BAB30D2799754F6EA22F0B9076311793, 1544260A94EC0BB5342D42B760B32CFEACE8638956E7CB15ABD90F14E6F69137 ] QBFCService     C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
12:02:28.0466 0x21cc  QBFCService - ok
12:02:28.0555 0x21cc  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
12:02:28.0624 0x21cc  ql2300 - ok
12:02:28.0692 0x21cc  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
12:02:28.0699 0x21cc  ql40xx - ok
12:02:28.0756 0x21cc  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
12:02:28.0785 0x21cc  QWAVE - ok
12:02:28.0834 0x21cc  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
12:02:28.0845 0x21cc  QWAVEdrv - ok
12:02:28.0895 0x21cc  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
12:02:28.0901 0x21cc  RasAcd - ok
12:02:28.0972 0x21cc  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
12:02:29.0006 0x21cc  RasAgileVpn - ok
12:02:29.0119 0x21cc  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
12:02:29.0136 0x21cc  RasAuto - ok
12:02:29.0262 0x21cc  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
12:02:29.0280 0x21cc  Rasl2tp - ok
12:02:29.0409 0x21cc  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
12:02:29.0444 0x21cc  RasMan - ok
12:02:29.0504 0x21cc  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
12:02:29.0510 0x21cc  RasPppoe - ok
12:02:29.0531 0x21cc  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
12:02:29.0539 0x21cc  RasSstp - ok
12:02:29.0639 0x21cc  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
12:02:29.0649 0x21cc  rdbss - ok
12:02:29.0686 0x21cc  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
12:02:29.0697 0x21cc  rdpbus - ok
12:02:29.0731 0x21cc  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
12:02:29.0735 0x21cc  RDPCDD - ok
12:02:29.0767 0x21cc  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
12:02:29.0802 0x21cc  RDPENCDD - ok
12:02:29.0862 0x21cc  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
12:02:29.0863 0x21cc  RDPREFMP - ok
12:02:29.0922 0x21cc  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
12:02:29.0960 0x21cc  RdpVideoMiniport - ok
12:02:30.0029 0x21cc  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
12:02:30.0051 0x21cc  RDPWD - ok
12:02:30.0167 0x21cc  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
12:02:30.0176 0x21cc  rdyboost - ok
12:02:30.0596 0x21cc  [ 5623E2CC4F1F6DE24BE9DB3319E42D23, 2EA009F85804BF2757559DC7EBE4BCB637DE3786795891290F8F99580C32C9ED ] RegFilter       C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys
12:02:30.0600 0x21cc  RegFilter - ok
12:02:30.0678 0x21cc  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
12:02:30.0689 0x21cc  RemoteAccess - ok
12:02:30.0806 0x21cc  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
12:02:30.0822 0x21cc  RemoteRegistry - ok
12:02:30.0887 0x21cc  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
12:02:30.0895 0x21cc  RpcEptMapper - ok
12:02:30.0962 0x21cc  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
12:02:30.0975 0x21cc  RpcLocator - ok
12:02:31.0065 0x21cc  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
12:02:31.0083 0x21cc  RpcSs - ok
12:02:31.0172 0x21cc  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
12:02:31.0186 0x21cc  rspndr - ok
12:02:31.0401 0x21cc  [ 14182642967B8751F3717E94FC90DF48, 0EEF109D51E7D8AE89DFF4C94AD42764682953DEBA2C4C62B6062F3753164A4F ] RSUSBSTOR       C:\Windows\system32\Drivers\RtsUStor.sys
12:02:31.0408 0x21cc  RSUSBSTOR - ok
12:02:31.0641 0x21cc  [ F1D20C2B36F78863530B251DF504CC51, A3C71BDB45B1DB321BC2D9889CB25CF7840E145DFB769882748B7D507A605A42 ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
12:02:31.0650 0x21cc  RtkAudioService - ok
12:02:31.0832 0x21cc  [ 46596144363B912105F70016F0E2F908, 199FF8BFA60D8E9662F3C785146FAED3231B514D260F795B2B9857DC1EEB2E4B ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
12:02:31.0872 0x21cc  RTL8167 - ok
12:02:31.0898 0x21cc  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs           C:\Windows\system32\lsass.exe
12:02:31.0901 0x21cc  SamSs - ok
12:02:31.0936 0x21cc  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
12:02:31.0942 0x21cc  sbp2port - ok
12:02:32.0002 0x21cc  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
12:02:32.0010 0x21cc  SCardSvr - ok
12:02:32.0056 0x21cc  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
12:02:32.0089 0x21cc  scfilter - ok
12:02:32.0198 0x21cc  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
12:02:32.0244 0x21cc  Schedule - ok
12:02:32.0289 0x21cc  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
12:02:32.0291 0x21cc  SCPolicySvc - ok
12:02:32.0326 0x21cc  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
12:02:32.0337 0x21cc  SDRSVC - ok
12:02:32.0395 0x21cc  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
12:02:32.0410 0x21cc  secdrv - ok
12:02:32.0478 0x21cc  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
12:02:32.0482 0x21cc  seclogon - ok
12:02:32.0776 0x21cc  [ CF8F0BE4978AD2652368B5CF368E2300, 633CBD2DC2ECF5004F35C47120D269B09A8AABB98ADEF0474AC99D212FCAB278 ] SecureUpdateSvc C:\Program Files (x86)\Secure Speed Dial\IE\SecureUpdate.exe
12:02:32.0880 0x21cc  SecureUpdateSvc - ok
12:02:32.0926 0x21cc  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
12:02:32.0943 0x21cc  SENS - ok
12:02:32.0971 0x21cc  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
12:02:32.0985 0x21cc  SensrSvc - ok
12:02:33.0019 0x21cc  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
12:02:33.0022 0x21cc  Serenum - ok
12:02:33.0086 0x21cc  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
12:02:33.0091 0x21cc  Serial - ok
12:02:33.0120 0x21cc  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
12:02:33.0143 0x21cc  sermouse - ok
12:02:33.0221 0x21cc  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
12:02:33.0228 0x21cc  SessionEnv - ok
12:02:33.0275 0x21cc  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
12:02:33.0278 0x21cc  sffdisk - ok
12:02:33.0297 0x21cc  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
12:02:33.0300 0x21cc  sffp_mmc - ok
12:02:33.0320 0x21cc  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
12:02:33.0323 0x21cc  sffp_sd - ok
12:02:33.0355 0x21cc  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
12:02:33.0358 0x21cc  sfloppy - ok
12:02:33.0409 0x21cc  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
12:02:33.0442 0x21cc  SharedAccess - ok
12:02:33.0484 0x21cc  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:02:33.0499 0x21cc  ShellHWDetection - ok
12:02:33.0512 0x21cc  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:02:33.0518 0x21cc  SiSRaid2 - ok
12:02:33.0542 0x21cc  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
12:02:33.0555 0x21cc  SiSRaid4 - ok
12:02:33.0653 0x21cc  [ E77CB3736A702D46A6FB15FB4A9894E3, A341AD51825D4DB8A68ADDABE0FD17693DE387B0DA11800D427B8EA31577626C ] SmartDefragDriver C:\Windows\system32\Drivers\SmartDefragDriver.sys
12:02:33.0662 0x21cc  SmartDefragDriver - ok
12:02:33.0678 0x21cc  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
12:02:33.0683 0x21cc  Smb - ok
12:02:33.0770 0x21cc  [ 10450F432811D7FDA60A97FCC674D7B2, FD6245B06DD81C6E287DA47173D622357D86D84E3A5444CD34645973FE2E8BF5 ] snapman         C:\Windows\system32\DRIVERS\snapman.sys
12:02:33.0856 0x21cc  snapman - ok
12:02:33.0932 0x21cc  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
12:02:33.0940 0x21cc  SNMPTRAP - ok
12:02:33.0984 0x21cc  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
12:02:33.0993 0x21cc  spldr - ok
12:02:34.0053 0x21cc  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
12:02:34.0076 0x21cc  Spooler - ok
12:02:34.0341 0x21cc  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
12:02:34.0507 0x21cc  sppsvc - ok
12:02:34.0612 0x21cc  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
12:02:34.0627 0x21cc  sppuinotify - ok
12:02:34.0697 0x21cc  [ D6AB7C13FCDD2E4CAC35244D2C172D9A, 64A66368F5336B7A5879D083C2FE57DFD384410ADCC18004F327A4004A4F4300 ] sptd            C:\Windows\System32\Drivers\sptd.sys
12:02:34.0736 0x21cc  sptd - ok
12:02:34.0796 0x21cc  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
12:02:34.0811 0x21cc  srv - ok
12:02:34.0855 0x21cc  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
12:02:34.0869 0x21cc  srv2 - ok
12:02:34.0908 0x21cc  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
12:02:34.0936 0x21cc  srvnet - ok
12:02:35.0012 0x21cc  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
12:02:35.0024 0x21cc  SSDPSRV - ok
12:02:35.0068 0x21cc  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
12:02:35.0076 0x21cc  SstpSvc - ok
12:02:35.0130 0x21cc  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
12:02:35.0195 0x21cc  stexstor - ok
12:02:35.0450 0x21cc  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
12:02:35.0483 0x21cc  stisvc - ok
12:02:35.0631 0x21cc  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
12:02:35.0635 0x21cc  swenum - ok
12:02:35.0870 0x21cc  [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard     C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
12:02:35.0887 0x21cc  SwitchBoard - ok
12:02:35.0976 0x21cc  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
12:02:36.0002 0x21cc  swprv - ok
12:02:36.0069 0x21cc  [ 52EB25BD8AB4E331028C48B178441B36, 72A907F447ADB4EF307A06D2BC1052BB2F3ED0F10DC13391DB8B43665F81FD74 ] sxuptp          C:\Windows\system32\DRIVERS\sxuptp.sys
12:02:36.0076 0x21cc  sxuptp - ok
12:02:36.0283 0x21cc  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
12:02:36.0366 0x21cc  SysMain - ok
12:02:36.0448 0x21cc  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:02:36.0458 0x21cc  TabletInputService - ok
12:02:36.0525 0x21cc  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
12:02:36.0560 0x21cc  TapiSrv - ok
12:02:36.0652 0x21cc  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
12:02:36.0672 0x21cc  TBS - ok
12:02:36.0814 0x21cc  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
12:02:36.0910 0x21cc  Tcpip - ok
12:02:37.0047 0x21cc  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
12:02:37.0189 0x21cc  TCPIP6 - ok
12:02:37.0430 0x21cc  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
12:02:37.0437 0x21cc  tcpipreg - ok
12:02:37.0544 0x21cc  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
12:02:37.0594 0x21cc  TDPIPE - ok
12:02:37.0683 0x21cc  [ 99527D49EE0A96FC25537C61B270A372, 519E23F86EC86349F92C4A88DBD19C097AEE0A6E152776B32B45D293ED14946B ] tdrpman273      C:\Windows\system32\DRIVERS\tdrpm273.sys
12:02:37.0771 0x21cc  tdrpman273 - ok
12:02:37.0860 0x21cc  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
12:02:37.0875 0x21cc  TDTCP - ok
12:02:37.0935 0x21cc  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
12:02:37.0943 0x21cc  tdx - ok
12:02:38.0018 0x21cc  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
12:02:38.0020 0x21cc  TermDD - ok
12:02:38.0088 0x21cc  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
12:02:38.0113 0x21cc  TermService - ok
12:02:38.0177 0x21cc  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
12:02:38.0188 0x21cc  Themes - ok
12:02:38.0222 0x21cc  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
12:02:38.0226 0x21cc  THREADORDER - ok
12:02:38.0293 0x21cc  [ EBBAEA02F0095A798000C7E06B16D41B, CBEAC6CBF0F8D5B72ACCBADA6BD1DF1EB31F84B0D973DA955337991D4DBBDF7E ] timounter       C:\Windows\system32\DRIVERS\timntr.sys
12:02:38.0323 0x21cc  timounter - ok
12:02:38.0413 0x21cc  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
12:02:38.0419 0x21cc  TrkWks - ok
12:02:38.0495 0x21cc  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:02:38.0504 0x21cc  TrustedInstaller - ok
12:02:38.0534 0x21cc  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
12:02:38.0536 0x21cc  tssecsrv - ok
12:02:38.0573 0x21cc  [ 17C6B51CBCCDED95B3CC14E22791F85E, EE417C19E9B2C258D62A74F1F2421AFFBAC67ACD62481CAA08F5B6A3439C1D7C ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
12:02:38.0588 0x21cc  TsUsbFlt - ok
12:02:38.0645 0x21cc  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
12:02:38.0653 0x21cc  tunnel - ok
12:02:38.0724 0x21cc  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
12:02:38.0730 0x21cc  uagp35 - ok
12:02:38.0774 0x21cc  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
12:02:38.0794 0x21cc  udfs - ok
12:02:38.0888 0x21cc  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
12:02:38.0903 0x21cc  UI0Detect - ok
12:02:38.0940 0x21cc  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
12:02:38.0951 0x21cc  uliagpkx - ok
12:02:39.0004 0x21cc  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
12:02:39.0014 0x21cc  umbus - ok
12:02:39.0079 0x21cc  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
12:02:39.0084 0x21cc  UmPass - ok
12:02:39.0131 0x21cc  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
12:02:39.0145 0x21cc  upnphost - ok
12:02:39.0353 0x21cc  [ 893A6B67C8AA502648AD946CF50DDFD1, 9480AD8BF791E5912FC89A9F610D5B2E23FD07DF99A15F6844A8854E4ECB4095 ] UrlFilter       C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys
12:02:39.0354 0x21cc  UrlFilter - ok
12:02:39.0722 0x21cc  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
12:02:39.0771 0x21cc  usbaudio - ok
12:02:39.0830 0x21cc  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
12:02:39.0860 0x21cc  usbccgp - ok
12:02:39.0954 0x21cc  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
12:02:40.0016 0x21cc  usbcir - ok
12:02:40.0059 0x21cc  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
12:02:40.0085 0x21cc  usbehci - ok
12:02:40.0144 0x21cc  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
12:02:40.0159 0x21cc  usbhub - ok
12:02:40.0193 0x21cc  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
12:02:40.0231 0x21cc  usbohci - ok
12:02:40.0311 0x21cc  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
12:02:40.0332 0x21cc  usbprint - ok
12:02:40.0411 0x21cc  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\drivers\usbscan.sys
12:02:40.0425 0x21cc  usbscan - ok
12:02:40.0480 0x21cc  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:02:40.0495 0x21cc  USBSTOR - ok
12:02:40.0535 0x21cc  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
12:02:40.0553 0x21cc  usbuhci - ok
12:02:40.0638 0x21cc  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
12:02:40.0650 0x21cc  UxSms - ok
12:02:40.0680 0x21cc  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc        C:\Windows\system32\lsass.exe
12:02:40.0682 0x21cc  VaultSvc - ok
12:02:40.0715 0x21cc  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
12:02:40.0719 0x21cc  vdrvroot - ok
12:02:40.0830 0x21cc  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
12:02:40.0850 0x21cc  vds - ok
12:02:40.0889 0x21cc  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
12:02:40.0895 0x21cc  vga - ok
12:02:40.0914 0x21cc  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
12:02:40.0917 0x21cc  VgaSave - ok
12:02:40.0964 0x21cc  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
12:02:40.0977 0x21cc  vhdmp - ok
12:02:41.0018 0x21cc  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
12:02:41.0041 0x21cc  viaide - ok
12:02:41.0072 0x21cc  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
12:02:41.0105 0x21cc  volmgr - ok
12:02:41.0203 0x21cc  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
12:02:41.0291 0x21cc  volmgrx - ok
12:02:41.0368 0x21cc  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
12:02:41.0444 0x21cc  volsnap - ok
12:02:41.0562 0x21cc  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
12:02:41.0605 0x21cc  vsmraid - ok
12:02:41.0800 0x21cc  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
12:02:41.0929 0x21cc  VSS - ok
12:02:42.0308 0x21cc  [ 2B975897C830866222588F5BF99C5B4E, BEA632F72848BF880230326ABB1211300AF5D09DF7E73CB4158B764D3CBEE780 ] vToolbarUpdater18.1.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\ToolbarUpdater.exe
12:02:42.0375 0x21cc  vToolbarUpdater18.1.0 - ok
12:02:42.0398 0x21cc  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
12:02:42.0408 0x21cc  vwifibus - ok
12:02:42.0422 0x21cc  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
12:02:42.0425 0x21cc  vwififlt - ok
12:02:42.0438 0x21cc  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
12:02:42.0442 0x21cc  vwifimp - ok
12:02:42.0506 0x21cc  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
12:02:42.0522 0x21cc  W32Time - ok
12:02:42.0608 0x21cc  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
12:02:42.0626 0x21cc  WacomPen - ok
12:02:42.0659 0x21cc  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
12:02:42.0669 0x21cc  WANARP - ok
12:02:42.0697 0x21cc  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
12:02:42.0700 0x21cc  Wanarpv6 - ok
12:02:42.0846 0x21cc  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
12:02:42.0911 0x21cc  WatAdminSvc - ok
12:02:43.0091 0x21cc  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
12:02:43.0159 0x21cc  wbengine - ok
12:02:43.0267 0x21cc  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
12:02:43.0285 0x21cc  WbioSrvc - ok
12:02:43.0324 0x21cc  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
12:02:43.0344 0x21cc  wcncsvc - ok
12:02:43.0402 0x21cc  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:02:43.0410 0x21cc  WcsPlugInService - ok
12:02:43.0468 0x21cc  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
12:02:43.0478 0x21cc  Wd - ok
12:02:43.0549 0x21cc  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
12:02:43.0586 0x21cc  Wdf01000 - ok
12:02:43.0622 0x21cc  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
12:02:43.0643 0x21cc  WdiServiceHost - ok
12:02:43.0670 0x21cc  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
12:02:43.0704 0x21cc  WdiSystemHost - ok
12:02:43.0766 0x21cc  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
12:02:43.0777 0x21cc  WebClient - ok
12:02:43.0836 0x21cc  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
12:02:43.0855 0x21cc  Wecsvc - ok
12:02:43.0918 0x21cc  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
12:02:43.0939 0x21cc  wercplsupport - ok
12:02:44.0010 0x21cc  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
12:02:44.0017 0x21cc  WerSvc - ok
12:02:44.0064 0x21cc  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
12:02:44.0067 0x21cc  WfpLwf - ok
12:02:44.0080 0x21cc  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
12:02:44.0082 0x21cc  WIMMount - ok
12:02:44.0167 0x21cc  WinDefend - ok
12:02:44.0200 0x21cc  WinHttpAutoProxySvc - ok
12:02:44.0361 0x21cc  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
12:02:44.0374 0x21cc  Winmgmt - ok
12:02:44.0589 0x21cc  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
12:02:44.0701 0x21cc  WinRM - ok
12:02:44.0775 0x21cc  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
12:02:44.0779 0x21cc  WinUsb - ok
12:02:44.0898 0x21cc  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
12:02:44.0927 0x21cc  Wlansvc - ok
12:02:45.0327 0x21cc  [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:02:45.0422 0x21cc  wlidsvc - ok
12:02:45.0474 0x21cc  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
12:02:45.0485 0x21cc  WmiAcpi - ok
12:02:45.0578 0x21cc  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
12:02:45.0587 0x21cc  wmiApSrv - ok
12:02:45.0642 0x21cc  WMPNetworkSvc - ok
12:02:45.0696 0x21cc  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
12:02:45.0712 0x21cc  WPCSvc - ok
12:02:45.0747 0x21cc  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
12:02:45.0762 0x21cc  WPDBusEnum - ok
12:02:45.0813 0x21cc  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
12:02:45.0826 0x21cc  ws2ifsl - ok
12:02:45.0856 0x21cc  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
12:02:45.0863 0x21cc  wscsvc - ok
12:02:45.0907 0x21cc  [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
12:02:45.0910 0x21cc  WSDPrintDevice - ok
12:02:45.0923 0x21cc  WSearch - ok
12:02:46.0104 0x21cc  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
12:02:46.0208 0x21cc  wuauserv - ok
12:02:46.0281 0x21cc  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
12:02:46.0288 0x21cc  WudfPf - ok
12:02:46.0345 0x21cc  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
12:02:46.0377 0x21cc  WUDFRd - ok
12:02:46.0414 0x21cc  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
12:02:46.0425 0x21cc  wudfsvc - ok
12:02:46.0470 0x21cc  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
12:02:46.0487 0x21cc  WwanSvc - ok
12:02:46.0542 0x21cc  ================ Scan global ===============================
12:02:46.0711 0x21cc  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
12:02:46.0779 0x21cc  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
12:02:46.0810 0x21cc  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
12:02:46.0884 0x21cc  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
12:02:47.0013 0x21cc  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
12:02:47.0031 0x21cc  [ Global ] - ok
12:02:47.0032 0x21cc  ================ Scan MBR ==================================
12:02:47.0072 0x21cc  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:02:59.0438 0x21cc  \Device\Harddisk0\DR0 - ok
12:02:59.0470 0x21cc  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
12:02:59.0478 0x21cc  \Device\Harddisk1\DR1 - ok
12:03:00.0057 0x21cc  [ 31CFC50FBD443DAEEC9A5C7AE8DA8F6D ] \Device\Harddisk2\DR2
12:03:19.0757 0x21cc  \Device\Harddisk2\DR2 - ok
12:03:19.0757 0x21cc  ================ Scan VBR ==================================
12:03:19.0771 0x21cc  [ 1B43A78F274057A9C664E08FE53D8EE3 ] \Device\Harddisk0\DR0\Partition1
12:03:19.0774 0x21cc  \Device\Harddisk0\DR0\Partition1 - detected Rootkit.Boot.Cidox.b ( 0 )
12:03:19.0774 0x21cc  \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - infected
12:03:27.0171 0x21cc  [ 67775BE8AD8278AAC8361BDDECA012F6 ] \Device\Harddisk1\DR1\Partition1
12:03:27.0173 0x21cc  \Device\Harddisk1\DR1\Partition1 - ok
12:03:27.0177 0x21cc  [ 1C674520156B72B9390DFD0D81E3CADA ] \Device\Harddisk1\DR1\Partition2
12:03:27.0185 0x21cc  \Device\Harddisk1\DR1\Partition2 - ok
12:03:27.0212 0x21cc  [ 3915D8535CDBE087EDE26AE50BA9EA63 ] \Device\Harddisk2\DR2\Partition1
12:03:27.0235 0x21cc  \Device\Harddisk2\DR2\Partition1 - ok
12:03:27.0285 0x21cc  Win FW state via NFP2: enabled
12:03:39.0519 0x21cc  ============================================================
12:03:39.0519 0x21cc  Scan finished
12:03:39.0519 0x21cc  ============================================================
12:03:39.0536 0x21b0  Detected object count: 1
12:03:39.0536 0x21b0  Actual detected object count: 1
12:22:14.0082 0x21b0  \Device\Harddisk0\DR0\Partition1 - copied to quarantine
12:22:14.0098 0x21b0  \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - will be cured on reboot
12:22:14.0114 0x21b0  \Device\Harddisk0\DR0\Partition1 - ok
12:22:14.0114 0x21b0  \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - User select action: Cure
12:22:14.0301 0x21b0  KLMD registered as C:\Windows\system32\drivers\71290388.sys
12:23:26.0069 0x2398  Deinitialize success

 

 

12:31:39.0082 0x0624  TDSS rootkit removing tool 3.0.0.34 Apr 29 2014 18:20:10
12:31:39.0628 0x0624  ============================================================
12:31:39.0628 0x0624  Current date / time: 2014/05/02 12:31:39.0628
12:31:39.0628 0x0624  SystemInfo:
12:31:39.0628 0x0624  
12:31:39.0628 0x0624  OS Version: 6.1.7601 ServicePack: 1.0
12:31:39.0628 0x0624  Product type: Workstation
12:31:39.0628 0x0624  ComputerName: TIM-PC
12:31:39.0628 0x0624  UserName: Tim
12:31:39.0628 0x0624  Windows directory: C:\Windows
12:31:39.0628 0x0624  System windows directory: C:\Windows
12:31:39.0628 0x0624  Running under WOW64
12:31:39.0628 0x0624  Processor architecture: Intel x64
12:31:39.0628 0x0624  Number of processors: 4
12:31:39.0628 0x0624  Page size: 0x1000
12:31:39.0628 0x0624  Boot type: Normal boot
12:31:39.0628 0x0624  ============================================================
12:31:39.0628 0x0624  BG loaded
12:31:39.0862 0x0624  System UUID: {228FD47D-B81B-31FB-E01B-5E6D817F7929}
12:31:41.0500 0x0624  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:31:41.0609 0x0624  Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:31:41.0640 0x0624  Drive \Device\Harddisk2\DR2 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
12:31:41.0656 0x0624  ============================================================
12:31:41.0656 0x0624  \Device\Harddisk0\DR0:
12:31:41.0687 0x0624  MBR partitions:
12:31:41.0687 0x0624  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A385000
12:31:41.0687 0x0624  \Device\Harddisk1\DR1:
12:31:41.0734 0x0624  MBR partitions:
12:31:41.0734 0x0624  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1E460000
12:31:41.0734 0x0624  \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x1E460800, BlocksNum 0x562A5000
12:31:41.0734 0x0624  \Device\Harddisk2\DR2:
12:31:41.0734 0x0624  MBR partitions:
12:31:41.0734 0x0624  \Device\Harddisk2\DR2\Partition1: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x3A384C02
12:31:41.0734 0x0624  ============================================================
12:31:41.0952 0x0624  C: <-> \Device\Harddisk0\DR0\Partition1
12:31:42.0061 0x0624  B: <-> \Device\Harddisk1\DR1\Partition1
12:31:42.0529 0x0624  M: <-> \Device\Harddisk1\DR1\Partition2
12:31:42.0529 0x0624  I: <-> \Device\Harddisk2\DR2\Partition1
12:31:42.0529 0x0624  ============================================================
12:31:42.0529 0x0624  Initialize success
12:31:42.0529 0x0624  ============================================================
12:32:01.0125 0x11f4  Deinitialize success
 

ADwCleaner post reboot log:

# AdwCleaner v3.205 - Report created 02/05/2014 at 12:54:49
# Updated 28/04/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Tim - TIM-PC
# Running from : C:\Users\Tim\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : Application Updater

***** [ Files / Folders ] *****

Folder Deleted : C:\SearchProtect
Folder Deleted : C:\Program Files (x86)\Application Updater
Folder Deleted : C:\Program Files (x86)\AVG SafeGuard toolbar
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\IObit Apps Toolbar
Folder Deleted : C:\Program Files (x86)\IObit Toolbar
Folder Deleted : C:\Program Files (x86)\Secure Speed Dial
Folder Deleted : C:\Program Files (x86)\somoto_v.1
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Program Files (x86)\Common Files\Spigot
Folder Deleted : C:\Windows\Installer\{6DDE8071-E4BA-461B-8A96-990DFAA0EBD1}
Folder Deleted : C:\Windows\Installer\{813BA625-B0FA-48D8-9B75-59759C88C219}
Folder Deleted : C:\Windows\SysWOW64\SearchProtect
Folder Deleted : C:\Program Files\Level Quality Watcher
[!] Folder Deleted : C:\Users\Tim\AppData\Local\AVG SafeGuard toolbar
Folder Deleted : C:\Users\Tim\AppData\Local\Conduit
Folder Deleted : C:\Users\Tim\AppData\Local\OpenCandy
Folder Deleted : C:\Users\Tim\AppData\Local\Temp\Conduit
Folder Deleted : C:\Users\Tim\AppData\LocalLow\AVG SafeGuard toolbar
Folder Deleted : C:\Users\Tim\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Tim\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Tim\AppData\LocalLow\Search Settings
Folder Deleted : C:\Users\Tim\AppData\LocalLow\somoto_v.1
Folder Deleted : C:\Users\Tim\AppData\LocalLow\KeyBar_1.22
Folder Deleted : C:\Users\Tim\AppData\Roaming\Systweak
Folder Deleted : C:\Users\Tim\Documents\Optimizer Pro
Folder Deleted : C:\Users\Tim\Documents\PC Health Kit
Folder Deleted : C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\ojyky0ju.default-1352145342368\Extensions\{E306AAA2-3B4F-4802-9FAF-0C10AB78B589}
Folder Deleted : C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\kqmgzf7s.default-1383085496970\Extensions\adsremoval@adsremoval.net
Folder Deleted : C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\ojyky0ju.default-1352145342368\Extensions\adsremoval@adsremoval.net
Folder Deleted : C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\kqmgzf7s.default-1383085496970\Extensions\speeddial@instair.net
Folder Deleted : C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\ojyky0ju.default-1352145342368\Extensions\speeddial@instair.net
Folder Deleted : C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Folder Deleted : C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Folder Deleted : C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\miijoamjkkkkmnjhklgiiohpeeckdofp
File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\safeguard-secure-search.xml
File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\sweettunes_search.xml
File Deleted : C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\l83xm51l.default-1394045458453\user.js
File Deleted : C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\ojyky0ju.default-1352145342368\user.js
File Deleted : C:\Windows\System32\Tasks\Driver Booster Update

***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp
Key Deleted : HKCU\Software\Google\Chrome\Extensions\miijoamjkkkkmnjhklgiiohpeeckdofp
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\miijoamjkkkkmnjhklgiiohpeeckdofp
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\conduit.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\conduitapps.com
Key Deleted : HKLM\SOFTWARE\Classes\AppID\IEHelperv2.5.0.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\IEHelperv250.WeCareReminder
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASMANCS
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_earthquake-3d_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_earthquake-3d_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4FBBF769-ECEB-420A-B536-133B1D505C36}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0BDA0769-FD72-49F4-9266-E1FB004F4D8F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{48A789BF-F6D6-4930-9C8B-77855A63EDE1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F773BB94-6C19-4643-A570-0E429103D1C3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F773BB94-6C19-4643-A570-0E429103D1C3}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B12920CF-BE13-4C09-890D-1B6EFFFE2FBE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{FEB62B15-CC00-4736-AAEC-BA046C9DFF73}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0BDA0769-FD72-49F4-9266-E1FB004F4D8F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{48A789BF-F6D6-4930-9C8B-77855A63EDE1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0BDA0769-FD72-49F4-9266-E1FB004F4D8F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{48A789BF-F6D6-4930-9C8B-77855A63EDE1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4AD03236-050E-494A-8B75-D8ADA092CD1D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B673DD09-E496-4A82-8144-D16AD900B303}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0BDA0769-FD72-49F4-9266-E1FB004F4D8F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{48A789BF-F6D6-4930-9C8B-77855A63EDE1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AC5B6CDA-8F90-4740-9A8C-28AC5D3C73FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A1441095-7184-48CC-BEB9-36C368039AD0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{310BE69B-3E58-4BD9-BF9F-E30B46E98D63}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EB4B447F-FE8F-4844-A072-E49ACD3FF1C5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{16E54796-9261-49A8-A293-251F46D3FE34}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{0BDA0769-FD72-49F4-9266-E1FB004F4D8F}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EF1FEEDD-D8DA-4930-96F1-0A1A598375C6}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E306AAA2-3B4F-4802-9FAF-0C10AB78B589}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{0BDA0769-FD72-49F4-9266-E1FB004F4D8F}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{EF1FEEDD-D8DA-4930-96F1-0A1A598375C6}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{E306AAA2-3B4F-4802-9FAF-0C10AB78B589}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{EF1FEEDD-D8DA-4930-96F1-0A1A598375C6}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{E306AAA2-3B4F-4802-9FAF-0C10AB78B589}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{0BDA0769-FD72-49F4-9266-E1FB004F4D8F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{0BDA0769-FD72-49F4-9266-E1FB004F4D8F}]
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\AVG SafeGuard toolbar
Key Deleted : HKCU\Software\Search Settings
Key Deleted : HKCU\Software\wecarereminder
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\Somoto_V.1
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings
Key Deleted : HKCU\Software\AppDataLow\Software\KeyBar_1.22
Key Deleted : HKCU\Software\AppDataLow\Software\Somoto_V.1
Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\Software\Application Updater
Key Deleted : HKLM\Software\AVG SafeGuard toolbar
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\DefaultTab
Key Deleted : HKLM\Software\Search Settings
Key Deleted : HKLM\Software\systweak
Key Deleted : HKLM\Software\KeyBar_1.22
Key Deleted : HKLM\Software\Somoto_V.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6DDE8071-E4BA-461B-8A96-990DFAA0EBD1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG SafeGuard toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Somoto_V.1 Toolbar
Key Deleted : [x64] HKLM\SOFTWARE\LevelQualityWatcher
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{813BA625-B0FA-48D8-9B75-59759C88C219}
Key Deleted : HKLM\Software\Classes\Installer\Features\1708EDD6AB4EB164A86999D0AF0ABE1D
Key Deleted : HKLM\Software\Classes\Installer\Features\526AB318AF0B8D84B9579557C9882C91
Key Deleted : HKLM\Software\Classes\Installer\Products\1708EDD6AB4EB164A86999D0AF0ABE1D
Key Deleted : HKLM\Software\Classes\Installer\Products\526AB318AF0B8D84B9579557C9882C91

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17041


-\\ Mozilla Firefox v28.0 (en-US)

[ File : C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\kqmgzf7s.default-1383085496970\prefs.js ]


[ File : C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\l83xm51l.default-1394045458453\prefs.js ]

Line Deleted : user_pref("avg.userPreferences.URLBarFocus.whiteList", "bing\\.com|google\\.\\w+|yahoo\\.\\w+|gmail\\.\\w+|hotmail\\.\\w+|live\\.\\w+|isearch\\.avg\\.com|mysearch\\.avg\\.com");

[ File : C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\ojyky0ju.default-1352145342368\prefs.js ]


-\\ Google Chrome v

*************************

AdwCleaner[R0].txt - [18235 octets] - [02/05/2014 12:44:15]
AdwCleaner[S0].txt - [16917 octets] - [02/05/2014 12:54:49]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [16978 octets] ##########
 


Edited by TOehlerking, 02 May 2014 - 01:08 PM.


#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:18 PM

Posted 02 May 2014 - 02:56 PM

After you post the ESET log....

After the mBAM scan was complete, if there have been detections. Did you click Apply Actions to allow MBAM to clean what was detected?

In Control Panel Uninstall these and Reboot.

Java 7 Update 21 (Version: 7.0.210)
Java 7 Update 45 (64-bit) (Version: 7.0.450)
Java Auto Updater (Version: 2.1.9.5)

I did not see your Antivirus... do you need one/

How is it running?

Edited by boopme, 02 May 2014 - 02:56 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 TOehlerking

TOehlerking
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:08:18 PM

Posted 05 May 2014 - 11:17 AM

I have IOBit Advanced System Care Pro & IOBit Malware Fighter V2.3 running. I'm not sure why windows says I don't have an antivirus program.

I applied all actions mBAM told me too. As well as TDSSkilller, ADwCleaner, etc.

Each program has found the virus', but they continue to come regenerate.

Here is the latest mBAM log:

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 5/5/2014
Scan Time: 11:16:15 AM
Logfile: mBAM log 5_5_14.txt
Administrator: Yes

Version: 2.00.1.1004
Malware Database: v2014.05.05.08
Rootkit Database: v2014.03.27.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Chameleon: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Tim

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 346706
Time Elapsed: 15 min, 2 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Shuriken: Enabled
PUP: Warn
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 1
Spyware.Zbot, HKU\S-1-5-21-3845494938-3895700647-4173336886-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Ovybyf, C:\Users\Tim\AppData\Roaming\Cefiofev\ugazpy.exe, Quarantined, [c6069bb29edda1953056076d2cd5966a]

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 1
Spyware.Zbot, C:\Users\Tim\AppData\Roaming\Cefiofev\ugazpy.exe, Quarantined, [c6069bb29edda1953056076d2cd5966a],

Physical Sectors: 0
(No malicious items detected)


(end)


Edited by TOehlerking, 05 May 2014 - 11:54 AM.


#7 TOehlerking

TOehlerking
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:08:18 PM

Posted 05 May 2014 - 12:40 PM

ESET online scanner has been running for 20 minutes & hasn't moved from the first target file, is it working? IObit is turned off.


Edited by TOehlerking, 05 May 2014 - 02:07 PM.


#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:18 PM

Posted 05 May 2014 - 01:31 PM

It may be being hampered if Iobit is also active.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users