Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Constant Bad Image Error Pop-ups After Running Malwarebytes


  • This topic is locked This topic is locked
13 replies to this topic

#1 VincentValentine

VincentValentine

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:04:34 AM

Posted 05 June 2014 - 09:32 PM

Hi! I attempted to fix a computer for a friend by running Malwarebytes. It successfully ran and removed all malware; however, a series of about 10 Bad Image error messages appear when starting up the computer, and a new Bad Image error appears when attempting to open any program. I have run DDS and FRST (not sure if I was supposed to, but I read it on a different topic). The DDS log is here, the ATTACH log is attached, and I can post the FRST one as well if necessary.

 

Any help here would be greatly appreciated.

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 11.0.9600.17041
Run by kelabethmama at 22:19:23 on 2014-06-05
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.2814.1809 [GMT -4:00]
.
AV: Norton Security Suite *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Security Suite *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Security Suite *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe
C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe
C:\Program Files (x86)\Launch Manager\dsiwmis.exe
C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
C:\Program Files (x86)\iWin Games\iWinGamesInstaller.exe
C:\Windows\system32\lxdxcoms.exe
C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\ccSvcHst.exe
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Acer\Acer Updater\UpdaterService.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\ToolbarUpdater.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\loggingserver.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\SysWOW64\Rundll32.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Windows\PLFSetI.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxmon.exe
C:\Program Files (x86)\Lexmark 3600-4600 Series\ezprint.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\AVG Secure Search\vprot.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe
C:\Windows\system32\taskeng.exe
C:\Windows\splwow64.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.gooogle.com/
uSearch Bar = hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=US&userid=906dc38a-a47d-4b23-9a9b-90e482b7b27f&searchtype=ds&q={searchTerms}&installDate=17/09/2013
uSearch Page = hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=US&userid=906dc38a-a47d-4b23-9a9b-90e482b7b27f&searchtype=ds&q={searchTerms}&installDate=17/09/2013
uDefault_Page_URL = hxxp://acer.msn.com
mStart Page = hxxp://start.sweetpacks.com/?src=10&st=12&crg=3.5000006.10045&barid={85005C2A-0074-11E3-90C4-206A8A271627}
uSearchAssistant = hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=US&userid=906dc38a-a47d-4b23-9a9b-90e482b7b27f&searchtype=ds&q={searchTerms}&installDate=17/09/2013
mURLSearchHooks: MixiDJ V37 Toolbar: {eef3855c-fc2d-41e6-8d91-d368f51b3055} - C:\Program Files (x86)\MixiDJ_V37\prxtbMixi.dll
mURLSearchHooks: SearchFlyBar2 Toolbar: {efc335aa-59ec-45b0-b287-739521153d5b} - C:\Program Files (x86)\SearchFlyBar2\prxtbSear.dll
mWinlogon: Userinit = userinit.exe
BHO: Play Pickle Text: {02F0243C-2E71-4a1a-A790-6C30888119D0} - C:\Program Files (x86)\Play Pickle\pptl.dll
BHO: Shopping Assistant Plugin: {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files (x86)\PriceGong\2.5.1\PriceGongIE.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Bing Bar Helper: {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll
BHO: RivalGaming Games: {26D675AC-D925-4bbf-A720-62C2AA4A81EB} - C:\Users\kelabethmama\AppData\Local\RivalGaming\RivalGaming.dll
BHO: QuickShare WidgetEngine: {31ad400d-1b06-4e33-a59a-90c2c140cba0} - 
BHO: XFINITY Toolbar: {4b9bcce8-a70b-402a-a7e1-db96831ee26f} - C:\Program Files (x86)\xfin_portal\comcastdx.dll
BHO: SocialRibbons: {4BE60886-F6AA-4714-8109-EA6D8247DD57} - C:\Program Files (x86)\SocialRibbons\Toolbar.dll
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\coieplg.dll
BHO: ArcadeFrontier Addon: {6C8DB2EC-499B-4897-A784-0E3186C97E9D} - C:\Users\kelabethmama\AppData\Local\ArcadeFrontier\ArcadeFrontier.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\ips\ipsbho.dll
BHO: StartNow Toolbar Helper: {6E13D095-45C3-4271-9475-F3B48227DD9F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll
BHO: Window Shopper: {74F475FA-6C75-43BD-AAB9-ECDA6184F600} - C:\Program Files (x86)\Superfish\Window Shopper\SuperfishIEAddon.dll
BHO: Toolbar BHO: {7c8f8fe5-9785-4f74-bcf8-895ef9752d97} - C:\Program Files (x86)\GamingWonderland\bar\1.bin\gtbar.dll
BHO: Updater By SweetPacks: {7D4F1959-3F72-49d5-8E59-F02F8AA6815D} - C:\Program Files\Updater By SweetPacks\Extension32.dll
BHO: DefaultTab Browser Helper: {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\kelabethmama\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll
BHO: Fantapper: {8A86D350-37AB-410A-8531-7D1363F317B3} - 
BHO: IEHlprObj Class: {8CA5ED52-F3FB-4414-A105-2E3491156990} - C:\Program Files (x86)\iWin Games\iWinGamesHookIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.1.0.443\AVG Secure Search_toolbar.dll
BHO: Search Toolbar: {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files (x86)\Search Toolbar\SearchToolbar.dll
BHO: DealPly Shopping: {a6c63b7f-2171-47fa-ab34-e64c4737169d} - 
BHO: Wajam: {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files (x86)\Wajam\IE\priam_bho.dll
BHO: Lyrics Fan: {A8720491-9558-4C0D-9E35-30EED15DFB2B} - 
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Search Assistant BHO: {ab5d199e-9659-47a2-930b-fc3b69061353} - C:\Program Files (x86)\GamingWonderland\bar\1.bin\gtSrcAs.dll
BHO: ArcadeCandy Games: {AB6BD08C-DB6B-4F02-8A22-4BD343E990FF} - C:\Users\kelabethmama\AppData\Local\ArcadeCandy\candyEX.dll
BHO: {acd6a209-4aaf-4b1c-9930-b82fa131e958} - <orphaned>
BHO: Play Pickle: {AEB04B5E-C981-47a9-B847-33EE4C92F6B9} - C:\Program Files (x86)\Play Pickle\playpicklelib32.dll
BHO: Updater For XFIN_PORTAL: {bb46be07-13eb-4c49-b0f0-fc78b9ea4983} - C:\Program Files (x86)\xfin_portal\auxi\comcastAu.dll
BHO: {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - <orphaned>
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: SweetPacks Browser Helper: {EEE6C35C-6118-11DC-9C72-001320C79847} - 
BHO: MixiDJ V37 Toolbar: {eef3855c-fc2d-41e6-8d91-d368f51b3055} - C:\Program Files (x86)\MixiDJ_V37\prxtbMixi.dll
BHO: SearchFlyBar2 Toolbar: {efc335aa-59ec-45b0-b287-739521153d5b} - C:\Program Files (x86)\SearchFlyBar2\prxtbSear.dll
BHO: Yontoo: {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Search Toolbar: {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files (x86)\Search Toolbar\SearchToolbar.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\coieplg.dll
TB: GamingWonderland: {A899079D-206F-43A6-BE6A-07E0FA648EA0} - C:\Program Files (x86)\GamingWonderland\bar\1.bin\gtbar.dll
TB: MixiDJ V37 Toolbar: {EEF3855C-FC2D-41E6-8D91-D368F51B3055} - C:\Program Files (x86)\MixiDJ_V37\prxtbMixi.dll
TB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file>
TB: SweetPacks Toolbar for Internet Explorer: {EEE6C35B-6118-11DC-9C72-001320C79847} - 
TB: Search Toolbar: {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files (x86)\Search Toolbar\SearchToolbar.dll
TB: XFINITY Toolbar: {4b9bcce8-a70b-402a-a7e1-db96831ee26f} - C:\Program Files (x86)\xfin_portal\comcastdx.dll
TB: StartNow Toolbar: {5911488E-9D1E-40ec-8CBB-06B231CC153F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll
TB: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.1.0.443\AVG Secure Search_toolbar.dll
TB: GamingWonderland: {a899079d-206f-43a6-be6a-07e0fa648ea0} - C:\Program Files (x86)\GamingWonderland\bar\1.bin\gtbar.dll
TB: Delta Toolbar: {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.21.0\deltaTlbr.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\coieplg.dll
TB: MixiDJ V37 Toolbar: {eef3855c-fc2d-41e6-8d91-d368f51b3055} - C:\Program Files (x86)\MixiDJ_V37\prxtbMixi.dll
TB: QuickShare Widget: {ae07101b-46d4-4a98-af68-0333ea26e113} - 
TB: SweetPacks Toolbar for Internet Explorer: {EEE6C35B-6118-11DC-9C72-001320C79847} - 
TB: SearchFlyBar2 Toolbar: {efc335aa-59ec-45b0-b287-739521153d5b} - C:\Program Files (x86)\SearchFlyBar2\prxtbSear.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Bing Bar: {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [DW6] "C:\Program Files (x86)\The Weather Channel FW\Desktop\DesktopWeather.exe"
uRun: [Desktop Software] "C:\Program Files (x86)\Common Files\SupportSoft\bin\bcont.exe"  /ini "C:\Program Files (x86)\ComcastUI\Desktop Software\uinstaller.ini" /fromrun /starthidden
uRun: [Weather] C:\Program Files (x86)\AWS\WeatherBug\Weather.exe 1
uRun: [Browser Infrastructure Helper] C:\Users\kelabethmama\AppData\Local\Smartbar\Application\QuickShare.exe startup
uRun: [OutfoxTV] C:\Program Files\OutfoxTV\OutfoxTV\DesktopContainer.exe
uRun: [BackgroundContainer] "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\kelabethmama\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
mRun: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
mRun: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
mRun: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [Play Pickle] C:\Program Files (x86)\Play Pickle\playpickle32.exe a
mRun: [StartNowToolbarHelper] "C:\Program Files (x86)\StartNow Toolbar\ToolbarHelper.exe"
mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
mRun: [GamingWonderland Search Scope Monitor] "C:\PROGRA~2\GAMING~2\bar\1.bin\gtsrchmn.exe" /m=2 /w /h
mRun: [GamingWonderland Browser Plugin Loader] C:\PROGRA~2\GAMING~2\bar\1.bin\gtbrmon.exe
mRun: [PCFixSpeed] "C:\Program Files (x86)\PCFixSpeed\PCFixTray.exe" /startup
dRunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
dRunOnce: [SpUninstallDeleteDir] rmdir /s /q "\SearchProtect"
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {A69A551A-1AAE-4B67-8C2E-52F8B8A19504} - {A69A551A-1AAE-4B67-8C2E-52F8B8A19504} - C:\Program Files (x86)\Superfish\Window Shopper\SuperfishIEAddon.dll
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{85EC0486-DD11-4D7A-A51C-556B825CA2C7} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{DDF6D5EB-8A24-4A3F-93AE-4B9873B56BDD} : DHCPNameServer = 192.168.1.1
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.0\ViProtocol.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs= C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Bing Bar Helper: {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll
x64-BHO: The Amazon 1Button App for IE: {26B19FA4-E8A1-4A1B-A163-1A1E46F830DD} - 
x64-BHO: QuickShare WidgetEngine: {31ad400d-1b06-4e33-a59a-90c2c140cba0} - 
x64-BHO: Updater By SweetPacks: {7D4F1959-3F72-49d5-8E59-F02F8AA6815D} - C:\Program Files\Updater By SweetPacks\Extension64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-TB: QuickShare Widget: {ae07101b-46d4-4a98-af68-0333ea26e113} - 
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-TB: Bing Bar: {eec0f710-38b5-4aba-99bf-ec87564a4e13} - 
x64-Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
x64-Run: [mwlDaemon] C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [PLFSetI] C:\Windows\PLFSetI.exe
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
x64-Run: [lxdxmon.exe] "C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxmon.exe"
x64-Run: [EzPrint] "C:\Program Files (x86)\Lexmark 3600-4600 Series\ezprint.exe"
x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\N360x64\1404000.028\symds64.sys [2013-7-16 493656]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\N360x64\1404000.028\symefa64.sys [2013-7-16 1139800]
R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2012-9-4 50464]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20140217.001\IDSviA64.sys [2014-2-18 521944]
R1 mwlPSDFilter;mwlPSDFilter;C:\Windows\System32\drivers\mwlPSDFilter.sys [2009-6-2 22576]
R1 mwlPSDNServ;mwlPSDNServ;C:\Windows\System32\drivers\mwlPSDNserv.sys [2009-6-2 20016]
R1 mwlPSDVDisk;mwlPSDVDisk;C:\Windows\System32\drivers\mwlPSDVDisk.sys [2009-6-2 60464]
R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\N360x64\1404000.028\symnets.sys [2013-7-16 433752]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2010-12-3 202752]
R2 AntiSpywareService;Comcast AntiSpyware;C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe [2009-6-17 616408]
R2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.EXE [2014-3-11 193696]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2013-4-22 822504]
R2 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-12-3 321104]
R2 ePowerSvc;Acer ePower Service;C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2010-12-3 868896]
R2 GREGService;GREGService;C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2010-1-8 23584]
R2 iWinGamesInstaller;iWinGamesInstaller;C:\Program Files (x86)\iWin Games\iWinGamesInstaller.exe [2008-6-25 78104]
R2 lxdx_device;lxdx_device;C:\Windows\System32\lxdxcoms.exe -service --> C:\Windows\System32\lxdxcoms.exe -service [?]
R2 N360;Norton Security Suite;C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\ccsvchst.exe [2013-7-16 144368]
R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-6-28 255744]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2010-4-16 144640]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-6-26 523944]
R2 Updater Service;Updater Service;C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2010-11-19 243232]
R2 vToolbarUpdater18.1.0;vToolbarUpdater18.1.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\ToolbarUpdater.exe [2014-5-17 1801240]
R3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE [2014-3-11 247968]
R3 k57nd60a;Broadcom NetLink ™ Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2010-6-8 406056]
R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2013-6-26 767144]
R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2013-6-26 273576]
R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2013-6-26 28840]
R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2013-6-26 23208]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-6-26 207528]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2010-12-3 38456]
S1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20140214.001\BHDrvx64.sys [2014-2-18 1526488]
S1 ccSet_N360;Norton Security Suite Settings Manager;C:\Windows\System32\drivers\N360x64\1404000.028\ccsetx64.sys [2013-7-16 169048]
S1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\N360x64\1404000.028\ironx64.sys [2013-7-16 224416]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 CltMngSvc;Search Protect by Conduit Service;C:\PROGRA~2\SearchProtect\Main\bin\CltMngSvc.exe --> C:\PROGRA~2\SearchProtect\Main\bin\CltMngSvc.exe [?]
S2 DefaultTabSearch;DefaultTabSearch;C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe [2013-12-19 574464]
S2 DefaultTabUpdate;DefaultTabUpdate;C:\Users\kelabethmama\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe [2013-8-8 107520]
S2 GamingWonderlandService;GamingWonderlandService;C:\PROGRA~2\GAMING~2\bar\1.bin\gtbarsvc.exe [2012-5-23 42504]
S2 MyOwnSuperheroService;MyOwnSuperheroService;C:\PROGRA~2\MYOWNS~2\bar\1.bin\v3barsvc.exe --> C:\PROGRA~2\MYOWNS~2\bar\1.bin\v3barsvc.exe [?]
S2 OutfoxTvService;OutfoxTvService;C:\Program Files\OutfoxTV\OutfoxTvService.exe --> C:\Program Files\OutfoxTV\OutfoxTvService.exe [?]
S2 Retrogamer_4wService;RetrogamerService;C:\PROGRA~2\RETROG~2\bar\1.bin\4wbarsvc.exe --> C:\PROGRA~2\RETROG~2\bar\1.bin\4wbarsvc.exe [?]
S2 Updater By SweetPacks;Updater By SweetPacks;C:\Program Files\Updater By SweetPacks\ExtensionUpdaterService.exe [2013-8-8 188760]
S2 WajamUpdater;WajamUpdater;C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe [2013-5-2 109064]
S3 AmUStor;AM USB Stroage Driver;C:\Windows\System32\drivers\AmUStor.sys [2010-6-10 40448]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-5-31 111616]
S3 MWLService;MyWinLocker Service;C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [2010-5-26 305520]
S3 NTIBackupSvc;NTI Backup Now 5 Backup Service;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2010-4-16 50432]
S3 RTL8192cu;%RTL8192cu.DeviceDesc.DispName%;C:\Windows\System32\drivers\rtl8192cu.sys [2011-8-16 848384]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-7-7 59392]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-2-5 1255736]
S4 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-6-1 2804568]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2014-05-31 22:19:58 693648 ----a-w- C:\Program Files (x86)\4wUninstall Retrogamer.dll
2014-05-31 22:19:58 169912 ----a-w- C:\Program Files (x86)\4wres.dll
2014-05-31 22:18:45 -------- d-sh--w- C:\Users\kelabethmama\AppData\Local\EmieUserList
2014-05-31 22:18:45 -------- d-sh--w- C:\Users\kelabethmama\AppData\Local\EmieSiteList
2014-05-31 22:18:00 824840 ----a-w- C:\Program Files (x86)\Uninstall Fun Web Products.dll
2014-05-31 22:07:15 699536 ----a-w- C:\Program Files (x86)\v3Uninstall MyOwnSuperhero.dll
2014-05-31 22:07:15 172464 ----a-w- C:\Program Files (x86)\v3res.dll
2014-05-31 22:05:00 -------- d-----w- C:\ProgramData\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}
2014-05-31 21:15:16 -------- d-----w- C:\Windows\System32\MRT
2014-05-31 16:04:17 -------- d-----w- C:\TDSSKiller_Quarantine
2014-05-31 15:54:18 -------- d-----w- C:\ProgramData\RogueKiller
2014-05-31 15:38:44 -------- d-----w- C:\FRST
2014-05-24 18:34:50 -------- d-s---w- C:\Windows\System32\CompatTel
2014-05-24 18:05:50 -------- d-----w- C:\Windows\Migration
2014-05-17 18:08:41 17938608 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
2014-05-17 17:54:09 -------- d-----w- C:\Windows\SysWow64\jmdp
2014-05-17 17:54:09 -------- d-----w- C:\Windows\System32\ljkb
2014-05-17 17:36:28 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll
2014-05-17 17:36:28 1987584 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
2014-05-17 17:36:26 3928064 ----a-w- C:\Windows\System32\d2d1.dll
2014-05-17 17:36:26 3419136 ----a-w- C:\Windows\SysWow64\d2d1.dll
2014-05-17 17:28:37 119512 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-05-17 17:27:56 88280 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-05-17 17:27:56 63192 ----a-w- C:\Windows\System32\drivers\mwac.sys
2014-05-17 17:27:56 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-05-17 17:27:54 -------- d-----w- C:\ProgramData\Malwarebytes
2014-05-17 17:27:54 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-17 17:25:38 228864 ----a-w- C:\Windows\System32\wwansvc.dll
2014-05-17 17:23:44 484864 ----a-w- C:\Windows\System32\wer.dll
2014-05-17 17:23:44 381440 ----a-w- C:\Windows\SysWow64\wer.dll
2014-05-17 17:23:39 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll
2014-05-17 17:23:39 2048 ----a-w- C:\Windows\System32\msxml3r.dll
2014-05-17 17:23:39 1882112 ----a-w- C:\Windows\System32\msxml3.dll
2014-05-17 17:23:39 1237504 ----a-w- C:\Windows\SysWow64\msxml3.dll
2014-05-17 17:20:39 3156480 ----a-w- C:\Windows\System32\win32k.sys
2014-05-10 20:44:40 27584 ----a-w- C:\Windows\System32\drivers\Diskdump.sys
2014-05-10 20:44:40 274880 ----a-w- C:\Windows\System32\drivers\msiscsi.sys
2014-05-10 20:44:40 2048 ----a-w- C:\Windows\SysWow64\iologmsg.dll
2014-05-10 20:44:40 2048 ----a-w- C:\Windows\System32\iologmsg.dll
2014-05-10 20:44:40 190912 ----a-w- C:\Windows\System32\drivers\storport.sys
2014-05-10 20:40:19 1684928 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2014-05-10 20:38:07 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2014-05-10 20:38:07 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2014-05-10 19:08:54 -------- d-----w- C:\Users\kelabethmama\AppData\Local\White_Sky,_Inc
.
==================== Find3M  ====================
.
2014-05-17 18:08:52 70832 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-17 18:08:52 692400 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-05-17 17:19:48 50464 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys
2014-05-09 06:14:03 477184 ----a-w- C:\Windows\System32\aepdu.dll
2014-05-09 06:11:23 424448 ----a-w- C:\Windows\System32\aeinv.dll
2014-04-12 02:22:05 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2014-04-12 02:22:05 155072 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2014-04-12 02:19:38 29184 ----a-w- C:\Windows\System32\sspisrv.dll
2014-04-12 02:19:38 136192 ----a-w- C:\Windows\System32\sspicli.dll
2014-04-12 02:19:37 28160 ----a-w- C:\Windows\System32\secur32.dll
2014-04-12 02:19:32 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
2014-04-12 02:19:05 31232 ----a-w- C:\Windows\System32\lsass.exe
2014-04-12 02:12:06 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-04-12 02:10:56 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-04-07 14:57:16 2276144 ----a-w- C:\Windows\System32\dmwu.exe
2014-04-07 14:55:08 33792 ----a-w- C:\Windows\System32\ImHttpComm.dll
2014-04-06 10:24:56 829264 ----a-w- C:\Windows\System32\msvcr100.dll
2014-04-06 10:24:56 608080 ----a-w- C:\Windows\System32\msvcp100.dll
.
============= FINISH: 22:20:04.62 ===============
Attached File  attach.zip   3.65KB   0 downloads


BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,703 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:34 AM

Posted 10 June 2014 - 09:35 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/536805 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 VincentValentine

VincentValentine
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:04:34 AM

Posted 11 June 2014 - 08:23 AM

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 11.0.9600.17041
Run by kelabethmama at 9:16:52 on 2014-06-11
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.2814.1516 [GMT -4:00]
.
AV: Norton Security Suite *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Security Suite *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Security Suite *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe
C:\Program Files (x86)\Launch Manager\dsiwmis.exe
C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
C:\Program Files (x86)\iWin Games\iWinGamesInstaller.exe
C:\Windows\system32\lxdxcoms.exe
C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\ccSvcHst.exe
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Acer\Acer Updater\UpdaterService.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\ToolbarUpdater.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\loggingserver.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\SysWOW64\Rundll32.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Windows\PLFSetI.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxmon.exe
C:\Program Files (x86)\Lexmark 3600-4600 Series\ezprint.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\AVG Secure Search\vprot.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe
C:\Windows\splwow64.exe
C:\Windows\system32\rundll32.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Windows\system32\vssvc.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Windows\system32\CompatTel\WicaInventory.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.gooogle.com/
uSearch Bar = hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=US&userid=906dc38a-a47d-4b23-9a9b-90e482b7b27f&searchtype=ds&q={searchTerms}&installDate=17/09/2013
uSearch Page = hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=US&userid=906dc38a-a47d-4b23-9a9b-90e482b7b27f&searchtype=ds&q={searchTerms}&installDate=17/09/2013
uDefault_Page_URL = hxxp://acer.msn.com
mStart Page = hxxp://start.sweetpacks.com/?src=10&st=12&crg=3.5000006.10045&barid={85005C2A-0074-11E3-90C4-206A8A271627}
uSearchAssistant = hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=US&userid=906dc38a-a47d-4b23-9a9b-90e482b7b27f&searchtype=ds&q={searchTerms}&installDate=17/09/2013
mURLSearchHooks: MixiDJ V37 Toolbar: {eef3855c-fc2d-41e6-8d91-d368f51b3055} - C:\Program Files (x86)\MixiDJ_V37\prxtbMixi.dll
mURLSearchHooks: SearchFlyBar2 Toolbar: {efc335aa-59ec-45b0-b287-739521153d5b} - C:\Program Files (x86)\SearchFlyBar2\prxtbSear.dll
mWinlogon: Userinit = userinit.exe
BHO: Play Pickle Text: {02F0243C-2E71-4a1a-A790-6C30888119D0} - C:\Program Files (x86)\Play Pickle\pptl.dll
BHO: Shopping Assistant Plugin: {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files (x86)\PriceGong\2.5.1\PriceGongIE.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Bing Bar Helper: {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll
BHO: RivalGaming Games: {26D675AC-D925-4bbf-A720-62C2AA4A81EB} - C:\Users\kelabethmama\AppData\Local\RivalGaming\RivalGaming.dll
BHO: QuickShare WidgetEngine: {31ad400d-1b06-4e33-a59a-90c2c140cba0} - 
BHO: XFINITY Toolbar: {4b9bcce8-a70b-402a-a7e1-db96831ee26f} - C:\Program Files (x86)\xfin_portal\comcastdx.dll
BHO: SocialRibbons: {4BE60886-F6AA-4714-8109-EA6D8247DD57} - C:\Program Files (x86)\SocialRibbons\Toolbar.dll
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\coieplg.dll
BHO: ArcadeFrontier Addon: {6C8DB2EC-499B-4897-A784-0E3186C97E9D} - C:\Users\kelabethmama\AppData\Local\ArcadeFrontier\ArcadeFrontier.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\ips\ipsbho.dll
BHO: StartNow Toolbar Helper: {6E13D095-45C3-4271-9475-F3B48227DD9F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll
BHO: Window Shopper: {74F475FA-6C75-43BD-AAB9-ECDA6184F600} - C:\Program Files (x86)\Superfish\Window Shopper\SuperfishIEAddon.dll
BHO: Toolbar BHO: {7c8f8fe5-9785-4f74-bcf8-895ef9752d97} - C:\Program Files (x86)\GamingWonderland\bar\1.bin\gtbar.dll
BHO: Updater By SweetPacks: {7D4F1959-3F72-49d5-8E59-F02F8AA6815D} - C:\Program Files\Updater By SweetPacks\Extension32.dll
BHO: DefaultTab Browser Helper: {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\kelabethmama\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll
BHO: Fantapper: {8A86D350-37AB-410A-8531-7D1363F317B3} - 
BHO: IEHlprObj Class: {8CA5ED52-F3FB-4414-A105-2E3491156990} - C:\Program Files (x86)\iWin Games\iWinGamesHookIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.1.0.443\AVG Secure Search_toolbar.dll
BHO: Search Toolbar: {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files (x86)\Search Toolbar\SearchToolbar.dll
BHO: DealPly Shopping: {a6c63b7f-2171-47fa-ab34-e64c4737169d} - 
BHO: Wajam: {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files (x86)\Wajam\IE\priam_bho.dll
BHO: Lyrics Fan: {A8720491-9558-4C0D-9E35-30EED15DFB2B} - 
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Search Assistant BHO: {ab5d199e-9659-47a2-930b-fc3b69061353} - C:\Program Files (x86)\GamingWonderland\bar\1.bin\gtSrcAs.dll
BHO: ArcadeCandy Games: {AB6BD08C-DB6B-4F02-8A22-4BD343E990FF} - C:\Users\kelabethmama\AppData\Local\ArcadeCandy\candyEX.dll
BHO: {acd6a209-4aaf-4b1c-9930-b82fa131e958} - <orphaned>
BHO: Play Pickle: {AEB04B5E-C981-47a9-B847-33EE4C92F6B9} - C:\Program Files (x86)\Play Pickle\playpicklelib32.dll
BHO: Updater For XFIN_PORTAL: {bb46be07-13eb-4c49-b0f0-fc78b9ea4983} - C:\Program Files (x86)\xfin_portal\auxi\comcastAu.dll
BHO: {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - <orphaned>
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: SweetPacks Browser Helper: {EEE6C35C-6118-11DC-9C72-001320C79847} - 
BHO: MixiDJ V37 Toolbar: {eef3855c-fc2d-41e6-8d91-d368f51b3055} - C:\Program Files (x86)\MixiDJ_V37\prxtbMixi.dll
BHO: SearchFlyBar2 Toolbar: {efc335aa-59ec-45b0-b287-739521153d5b} - C:\Program Files (x86)\SearchFlyBar2\prxtbSear.dll
BHO: Yontoo: {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Search Toolbar: {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files (x86)\Search Toolbar\SearchToolbar.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\coieplg.dll
TB: GamingWonderland: {A899079D-206F-43A6-BE6A-07E0FA648EA0} - C:\Program Files (x86)\GamingWonderland\bar\1.bin\gtbar.dll
TB: MixiDJ V37 Toolbar: {EEF3855C-FC2D-41E6-8D91-D368F51B3055} - C:\Program Files (x86)\MixiDJ_V37\prxtbMixi.dll
TB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file>
TB: SweetPacks Toolbar for Internet Explorer: {EEE6C35B-6118-11DC-9C72-001320C79847} - 
TB: Search Toolbar: {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files (x86)\Search Toolbar\SearchToolbar.dll
TB: XFINITY Toolbar: {4b9bcce8-a70b-402a-a7e1-db96831ee26f} - C:\Program Files (x86)\xfin_portal\comcastdx.dll
TB: StartNow Toolbar: {5911488E-9D1E-40ec-8CBB-06B231CC153F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll
TB: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.1.0.443\AVG Secure Search_toolbar.dll
TB: GamingWonderland: {a899079d-206f-43a6-be6a-07e0fa648ea0} - C:\Program Files (x86)\GamingWonderland\bar\1.bin\gtbar.dll
TB: Delta Toolbar: {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.21.0\deltaTlbr.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\coieplg.dll
TB: MixiDJ V37 Toolbar: {eef3855c-fc2d-41e6-8d91-d368f51b3055} - C:\Program Files (x86)\MixiDJ_V37\prxtbMixi.dll
TB: QuickShare Widget: {ae07101b-46d4-4a98-af68-0333ea26e113} - 
TB: SweetPacks Toolbar for Internet Explorer: {EEE6C35B-6118-11DC-9C72-001320C79847} - 
TB: SearchFlyBar2 Toolbar: {efc335aa-59ec-45b0-b287-739521153d5b} - C:\Program Files (x86)\SearchFlyBar2\prxtbSear.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Bing Bar: {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [DW6] "C:\Program Files (x86)\The Weather Channel FW\Desktop\DesktopWeather.exe"
uRun: [Desktop Software] "C:\Program Files (x86)\Common Files\SupportSoft\bin\bcont.exe"  /ini "C:\Program Files (x86)\ComcastUI\Desktop Software\uinstaller.ini" /fromrun /starthidden
uRun: [Weather] C:\Program Files (x86)\AWS\WeatherBug\Weather.exe 1
uRun: [Browser Infrastructure Helper] C:\Users\kelabethmama\AppData\Local\Smartbar\Application\QuickShare.exe startup
uRun: [OutfoxTV] C:\Program Files\OutfoxTV\OutfoxTV\DesktopContainer.exe
uRun: [BackgroundContainer] "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\kelabethmama\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
mRun: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
mRun: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
mRun: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [Play Pickle] C:\Program Files (x86)\Play Pickle\playpickle32.exe a
mRun: [StartNowToolbarHelper] "C:\Program Files (x86)\StartNow Toolbar\ToolbarHelper.exe"
mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
mRun: [GamingWonderland Search Scope Monitor] "C:\PROGRA~2\GAMING~2\bar\1.bin\gtsrchmn.exe" /m=2 /w /h
mRun: [GamingWonderland Browser Plugin Loader] C:\PROGRA~2\GAMING~2\bar\1.bin\gtbrmon.exe
mRun: [PCFixSpeed] "C:\Program Files (x86)\PCFixSpeed\PCFixTray.exe" /startup
dRunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
dRunOnce: [SpUninstallDeleteDir] rmdir /s /q "\SearchProtect"
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {A69A551A-1AAE-4B67-8C2E-52F8B8A19504} - {A69A551A-1AAE-4B67-8C2E-52F8B8A19504} - C:\Program Files (x86)\Superfish\Window Shopper\SuperfishIEAddon.dll
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{85EC0486-DD11-4D7A-A51C-556B825CA2C7} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{DDF6D5EB-8A24-4A3F-93AE-4B9873B56BDD} : DHCPNameServer = 192.168.1.1
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.0\ViProtocol.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs= C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Bing Bar Helper: {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll
x64-BHO: The Amazon 1Button App for IE: {26B19FA4-E8A1-4A1B-A163-1A1E46F830DD} - 
x64-BHO: QuickShare WidgetEngine: {31ad400d-1b06-4e33-a59a-90c2c140cba0} - 
x64-BHO: Updater By SweetPacks: {7D4F1959-3F72-49d5-8E59-F02F8AA6815D} - C:\Program Files\Updater By SweetPacks\Extension64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-TB: QuickShare Widget: {ae07101b-46d4-4a98-af68-0333ea26e113} - 
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-TB: Bing Bar: {eec0f710-38b5-4aba-99bf-ec87564a4e13} - 
x64-Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
x64-Run: [mwlDaemon] C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [PLFSetI] C:\Windows\PLFSetI.exe
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
x64-Run: [lxdxmon.exe] "C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxmon.exe"
x64-Run: [EzPrint] "C:\Program Files (x86)\Lexmark 3600-4600 Series\ezprint.exe"
x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\N360x64\1404000.028\symds64.sys [2013-7-16 493656]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\N360x64\1404000.028\symefa64.sys [2013-7-16 1139800]
R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2012-9-4 50464]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20140217.001\IDSviA64.sys [2014-2-18 521944]
R1 mwlPSDFilter;mwlPSDFilter;C:\Windows\System32\drivers\mwlPSDFilter.sys [2009-6-2 22576]
R1 mwlPSDNServ;mwlPSDNServ;C:\Windows\System32\drivers\mwlPSDNserv.sys [2009-6-2 20016]
R1 mwlPSDVDisk;mwlPSDVDisk;C:\Windows\System32\drivers\mwlPSDVDisk.sys [2009-6-2 60464]
R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\N360x64\1404000.028\symnets.sys [2013-7-16 433752]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2010-12-3 202752]
R2 AntiSpywareService;Comcast AntiSpyware;C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe [2009-6-17 616408]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2013-4-22 822504]
R2 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-12-3 321104]
R2 ePowerSvc;Acer ePower Service;C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2010-12-3 868896]
R2 GREGService;GREGService;C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2010-1-8 23584]
R2 iWinGamesInstaller;iWinGamesInstaller;C:\Program Files (x86)\iWin Games\iWinGamesInstaller.exe [2008-6-25 78104]
R2 lxdx_device;lxdx_device;C:\Windows\System32\lxdxcoms.exe -service --> C:\Windows\System32\lxdxcoms.exe -service [?]
R2 N360;Norton Security Suite;C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\ccsvchst.exe [2013-7-16 144368]
R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-6-28 255744]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2010-4-16 144640]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-6-26 523944]
R2 Updater Service;Updater Service;C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2010-11-19 243232]
R2 vToolbarUpdater18.1.0;vToolbarUpdater18.1.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\ToolbarUpdater.exe [2014-5-17 1801240]
R3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE [2014-3-11 247968]
R3 k57nd60a;Broadcom NetLink ™ Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2010-6-8 406056]
R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2013-6-26 767144]
R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2013-6-26 273576]
R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2013-6-26 28840]
R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2013-6-26 23208]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-6-26 207528]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2010-12-3 38456]
S1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20140214.001\BHDrvx64.sys [2014-2-18 1526488]
S1 ccSet_N360;Norton Security Suite Settings Manager;C:\Windows\System32\drivers\N360x64\1404000.028\ccsetx64.sys [2013-7-16 169048]
S1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\N360x64\1404000.028\ironx64.sys [2013-7-16 224416]
S2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.EXE [2014-3-11 193696]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 CltMngSvc;Search Protect by Conduit Service;C:\PROGRA~2\SearchProtect\Main\bin\CltMngSvc.exe --> C:\PROGRA~2\SearchProtect\Main\bin\CltMngSvc.exe [?]
S2 DefaultTabSearch;DefaultTabSearch;C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe [2013-12-19 574464]
S2 DefaultTabUpdate;DefaultTabUpdate;C:\Users\kelabethmama\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe [2013-8-8 107520]
S2 GamingWonderlandService;GamingWonderlandService;C:\PROGRA~2\GAMING~2\bar\1.bin\gtbarsvc.exe [2012-5-23 42504]
S2 MyOwnSuperheroService;MyOwnSuperheroService;C:\PROGRA~2\MYOWNS~2\bar\1.bin\v3barsvc.exe --> C:\PROGRA~2\MYOWNS~2\bar\1.bin\v3barsvc.exe [?]
S2 OutfoxTvService;OutfoxTvService;C:\Program Files\OutfoxTV\OutfoxTvService.exe --> C:\Program Files\OutfoxTV\OutfoxTvService.exe [?]
S2 Retrogamer_4wService;RetrogamerService;C:\PROGRA~2\RETROG~2\bar\1.bin\4wbarsvc.exe --> C:\PROGRA~2\RETROG~2\bar\1.bin\4wbarsvc.exe [?]
S2 Updater By SweetPacks;Updater By SweetPacks;C:\Program Files\Updater By SweetPacks\ExtensionUpdaterService.exe [2013-8-8 188760]
S2 WajamUpdater;WajamUpdater;C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe [2013-5-2 109064]
S3 AmUStor;AM USB Stroage Driver;C:\Windows\System32\drivers\AmUStor.sys [2010-6-10 40448]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-5-31 111616]
S3 MWLService;MyWinLocker Service;C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [2010-5-26 305520]
S3 NTIBackupSvc;NTI Backup Now 5 Backup Service;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2010-4-16 50432]
S3 RTL8192cu;%RTL8192cu.DeviceDesc.DispName%;C:\Windows\System32\drivers\rtl8192cu.sys [2011-8-16 848384]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-7-7 59392]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-2-5 1255736]
S4 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-6-1 2804568]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2014-06-06 02:45:45 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-05-31 22:19:58 693648 ----a-w- C:\Program Files (x86)\4wUninstall Retrogamer.dll
2014-05-31 22:19:58 169912 ----a-w- C:\Program Files (x86)\4wres.dll
2014-05-31 22:18:45 -------- d-sh--w- C:\Users\kelabethmama\AppData\Local\EmieUserList
2014-05-31 22:18:45 -------- d-sh--w- C:\Users\kelabethmama\AppData\Local\EmieSiteList
2014-05-31 22:18:00 824840 ----a-w- C:\Program Files (x86)\Uninstall Fun Web Products.dll
2014-05-31 22:07:15 699536 ----a-w- C:\Program Files (x86)\v3Uninstall MyOwnSuperhero.dll
2014-05-31 22:07:15 172464 ----a-w- C:\Program Files (x86)\v3res.dll
2014-05-31 22:05:00 -------- d-----w- C:\ProgramData\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}
2014-05-31 21:15:16 -------- d-----w- C:\Windows\System32\MRT
2014-05-31 16:04:17 -------- d-----w- C:\TDSSKiller_Quarantine
2014-05-31 15:54:18 -------- d-----w- C:\ProgramData\RogueKiller
2014-05-31 15:38:44 -------- d-----w- C:\FRST
2014-05-24 18:34:50 -------- d-s---w- C:\Windows\System32\CompatTel
2014-05-24 18:05:50 -------- d-----w- C:\Windows\Migration
2014-05-17 18:08:41 17938608 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
2014-05-17 17:54:09 -------- d-----w- C:\Windows\SysWow64\jmdp
2014-05-17 17:54:09 -------- d-----w- C:\Windows\System32\ljkb
2014-05-17 17:36:28 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll
2014-05-17 17:36:28 1987584 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
2014-05-17 17:36:26 3928064 ----a-w- C:\Windows\System32\d2d1.dll
2014-05-17 17:36:26 3419136 ----a-w- C:\Windows\SysWow64\d2d1.dll
2014-05-17 17:28:37 119512 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-05-17 17:27:56 88280 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-05-17 17:27:56 63192 ----a-w- C:\Windows\System32\drivers\mwac.sys
2014-05-17 17:27:56 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-05-17 17:27:54 -------- d-----w- C:\ProgramData\Malwarebytes
2014-05-17 17:27:54 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-17 17:25:38 228864 ----a-w- C:\Windows\System32\wwansvc.dll
2014-05-17 17:23:44 484864 ----a-w- C:\Windows\System32\wer.dll
2014-05-17 17:23:44 381440 ----a-w- C:\Windows\SysWow64\wer.dll
2014-05-17 17:23:39 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll
2014-05-17 17:23:39 2048 ----a-w- C:\Windows\System32\msxml3r.dll
2014-05-17 17:23:39 1882112 ----a-w- C:\Windows\System32\msxml3.dll
2014-05-17 17:23:39 1237504 ----a-w- C:\Windows\SysWow64\msxml3.dll
2014-05-17 17:20:39 3156480 ----a-w- C:\Windows\System32\win32k.sys
.
==================== Find3M  ====================
.
2014-05-17 18:08:52 70832 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-17 18:08:52 692400 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-05-17 17:19:48 50464 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys
2014-05-09 06:14:03 477184 ----a-w- C:\Windows\System32\aepdu.dll
2014-05-09 06:11:23 424448 ----a-w- C:\Windows\System32\aeinv.dll
2014-04-12 02:22:05 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2014-04-12 02:22:05 155072 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2014-04-12 02:19:38 29184 ----a-w- C:\Windows\System32\sspisrv.dll
2014-04-12 02:19:38 136192 ----a-w- C:\Windows\System32\sspicli.dll
2014-04-12 02:19:37 28160 ----a-w- C:\Windows\System32\secur32.dll
2014-04-12 02:19:32 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
2014-04-12 02:19:05 31232 ----a-w- C:\Windows\System32\lsass.exe
2014-04-12 02:12:06 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-04-12 02:10:56 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-04-07 14:57:16 2276144 ----a-w- C:\Windows\System32\dmwu.exe
2014-04-07 14:55:08 33792 ----a-w- C:\Windows\System32\ImHttpComm.dll
2014-04-06 10:24:56 829264 ----a-w- C:\Windows\System32\msvcr100.dll
2014-04-06 10:24:56 608080 ----a-w- C:\Windows\System32\msvcp100.dll
.
============= FINISH:  9:20:10.79 ===============


#4 nasdaq

nasdaq

  • Malware Response Team
  • 39,559 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:04:34 AM

Posted 11 June 2014 - 08:41 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).
===

Download the correct version of this tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

===

Please paste the logs in your next reply DO NOT ATTACH THEM unless specified.

Let me know what problem persists.

#5 VincentValentine

VincentValentine
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:04:34 AM

Posted 11 June 2014 - 08:47 PM

Adwcleaner found no issues. So there was no Clean option. Here is the Report:

 

21:30:05.0838 0x069c  TDSS rootkit removing tool 3.0.0.39 Jun  5 2014 20:35:54
21:30:12.0234 0x069c  ============================================================
21:30:12.0234 0x069c  Current date / time: 2014/06/11 21:30:12.0234
21:30:12.0234 0x069c  SystemInfo:
21:30:12.0234 0x069c  
21:30:12.0234 0x069c  OS Version: 6.1.7601 ServicePack: 1.0
21:30:12.0234 0x069c  Product type: Workstation
21:30:12.0234 0x069c  ComputerName: KELABETHMAMA-PC
21:30:12.0234 0x069c  UserName: kelabethmama
21:30:12.0234 0x069c  Windows directory: C:\Windows
21:30:12.0234 0x069c  System windows directory: C:\Windows
21:30:12.0234 0x069c  Running under WOW64
21:30:12.0234 0x069c  Processor architecture: Intel x64
21:30:12.0234 0x069c  Number of processors: 2
21:30:12.0234 0x069c  Page size: 0x1000
21:30:12.0234 0x069c  Boot type: Normal boot
21:30:12.0234 0x069c  ============================================================
21:30:16.0149 0x069c  KLMD registered as C:\Windows\system32\drivers\97373422.sys
21:30:16.0727 0x069c  System UUID: {81E683ED-6ACC-D439-834D-3D5B4B969F1A}
21:30:18.0115 0x069c  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:30:18.0115 0x069c  Drive \Device\Harddisk1\DR3 - Size: 0x3D700000 ( 0.96 Gb ), SectorSize: 0x200, Cylinders: 0x7D, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
21:30:18.0115 0x069c  ============================================================
21:30:18.0115 0x069c  \Device\Harddisk0\DR0:
21:30:18.0115 0x069c  MBR partitions:
21:30:18.0115 0x069c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1C52800, BlocksNum 0x32000
21:30:18.0115 0x069c  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1C84800, BlocksNum 0x1B540970
21:30:18.0115 0x069c  \Device\Harddisk1\DR3:
21:30:18.0131 0x069c  MBR partitions:
21:30:18.0131 0x069c  \Device\Harddisk1\DR3\Partition1: MBR, Type 0xE, StartLBA 0x20, BlocksNum 0x1EB7E0
21:30:18.0131 0x069c  ============================================================
21:30:18.0302 0x069c  C: <-> \Device\Harddisk0\DR0\Partition2
21:30:18.0302 0x069c  ============================================================
21:30:18.0302 0x069c  Initialize success
21:30:18.0302 0x069c  ============================================================
21:30:36.0055 0x0cfc  ============================================================
21:30:36.0055 0x0cfc  Scan started
21:30:36.0055 0x0cfc  Mode: Manual;
21:30:36.0055 0x0cfc  ============================================================
21:30:36.0055 0x0cfc  KSN ping started
21:30:38.0645 0x0cfc  KSN ping finished: true
21:30:43.0715 0x0cfc  ================ Scan system memory ========================
21:30:43.0715 0x0cfc  System memory - ok
21:30:43.0715 0x0cfc  ================ Scan services =============================
21:30:44.0307 0x0cfc  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
21:30:44.0323 0x0cfc  1394ohci - ok
21:30:44.0573 0x0cfc  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
21:30:44.0635 0x0cfc  ACPI - ok
21:30:44.0791 0x0cfc  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
21:30:44.0791 0x0cfc  AcpiPmi - ok
21:30:45.0150 0x0cfc  [ 09E7C37DF4A911C8A9AA8BF88ACD10AA, E881E0BBDCED58F28E0BA8DC27372EDFFFF2C57EE31CD13A032FDC9F7C831B5A ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:30:45.0165 0x0cfc  AdobeFlashPlayerUpdateSvc - ok
21:30:45.0290 0x0cfc  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
21:30:45.0321 0x0cfc  adp94xx - ok
21:30:45.0431 0x0cfc  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
21:30:45.0446 0x0cfc  adpahci - ok
21:30:45.0524 0x0cfc  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
21:30:45.0524 0x0cfc  adpu320 - ok
21:30:45.0618 0x0cfc  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
21:30:45.0618 0x0cfc  AeLookupSvc - ok
21:30:45.0821 0x0cfc  [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD             C:\Windows\system32\drivers\afd.sys
21:30:45.0852 0x0cfc  AFD - ok
21:30:45.0977 0x0cfc  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
21:30:45.0977 0x0cfc  agp440 - ok
21:30:46.0023 0x0cfc  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
21:30:46.0023 0x0cfc  ALG - ok
21:30:46.0070 0x0cfc  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
21:30:46.0070 0x0cfc  aliide - ok
21:30:46.0133 0x0cfc  [ 61A18BCAF557CD6614309E4978B81056, 4481B4276E7F6790D7BF4D9DC3C172BCA037BF6A30D5CE4E0190585F669FA4EC ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
21:30:46.0148 0x0cfc  AMD External Events Utility - ok
21:30:46.0211 0x0cfc  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
21:30:46.0226 0x0cfc  amdide - ok
21:30:46.0335 0x0cfc  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
21:30:46.0335 0x0cfc  AmdK8 - ok
21:30:47.0256 0x0cfc  [ F05B22CE901FC26AE55A1A27AA674D96, 1D1F8D6076BC3608C11F343F4597B599BA602B3FB1064CC1EAFB08FD667D0D6E ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
21:30:47.0474 0x0cfc  amdkmdag - ok
21:30:47.0599 0x0cfc  [ ED25D58581B5A28593C277F482FCCD62, EC20DF155BA3814A052DD4DB1B5C220A75E68B9D88518ED676A12CF70AF619F5 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
21:30:47.0615 0x0cfc  amdkmdap - ok
21:30:47.0677 0x0cfc  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
21:30:47.0693 0x0cfc  AmdPPM - ok
21:30:47.0786 0x0cfc  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
21:30:47.0786 0x0cfc  amdsata - ok
21:30:47.0833 0x0cfc  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
21:30:47.0849 0x0cfc  amdsbs - ok
21:30:47.0864 0x0cfc  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
21:30:47.0880 0x0cfc  amdxata - ok
21:30:47.0958 0x0cfc  [ 391887990CDAA83DE5C56C3FDE966DA1, BC55E21E03B3FE7BBDBB13D56AADB8FBA74F58521AC73B105AD9788E7AE18F0B ] AmUStor         C:\Windows\system32\drivers\AmUStor.SYS
21:30:47.0958 0x0cfc  AmUStor - ok
21:30:48.0535 0x0cfc  [ F9DAC844B1D370DA4C984D4C22F5E696, 753B08E4D4CC09C91C16394F6A420E6DA033D41FDE510A41F900C1CED0E6B946 ] AntiSpywareService C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe
21:30:48.0644 0x0cfc  AntiSpywareService - ok
21:30:48.0722 0x0cfc  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
21:30:48.0722 0x0cfc  AppID - ok
21:30:48.0816 0x0cfc  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
21:30:48.0816 0x0cfc  AppIDSvc - ok
21:30:48.0925 0x0cfc  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
21:30:48.0941 0x0cfc  Appinfo - ok
21:30:49.0003 0x0cfc  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
21:30:49.0003 0x0cfc  arc - ok
21:30:49.0034 0x0cfc  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
21:30:49.0050 0x0cfc  arcsas - ok
21:30:50.0033 0x0cfc  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
21:30:50.0033 0x0cfc  aspnet_state - ok
21:30:50.0126 0x0cfc  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
21:30:50.0126 0x0cfc  AsyncMac - ok
21:30:50.0173 0x0cfc  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
21:30:50.0189 0x0cfc  atapi - ok
21:30:50.0407 0x0cfc  [ 637E0753BD6DEB8EA5314A5C357EC1A0, 2B479DBBF72A2AFB3DC65A3FDA30B628BC9FB21160EBD7E1BE44404C671B1D08 ] AtiHdmiService  C:\Windows\system32\drivers\AtiHdmi.sys
21:30:50.0423 0x0cfc  AtiHdmiService - ok
21:30:50.0610 0x0cfc  [ C07A040D6B5A42DD41EE386CF90974C8, 8D47815F99C79B795504C3172B5FBBDBA6AFACC004B17AA3954A06BE713FACAE ] AtiPcie         C:\Windows\system32\DRIVERS\AtiPcie.sys
21:30:50.0610 0x0cfc  AtiPcie - ok
21:30:50.0859 0x0cfc  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:30:50.0906 0x0cfc  AudioEndpointBuilder - ok
21:30:50.0969 0x0cfc  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
21:30:51.0015 0x0cfc  AudioSrv - ok
21:30:51.0156 0x0cfc  [ 9FD4BC46784309176AEFA26AA8241DA1, 939F7503A6231E5FD5A3F46BDB97671D62D0CEC8B6EF82BD6B1090C45D9D6E1F ] avgtp           C:\Windows\system32\drivers\avgtpx64.sys
21:30:51.0156 0x0cfc  avgtp - ok
21:30:51.0249 0x0cfc  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
21:30:51.0343 0x0cfc  AxInstSV - ok
21:30:51.0437 0x0cfc  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
21:30:51.0468 0x0cfc  b06bdrv - ok
21:30:51.0530 0x0cfc  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
21:30:51.0546 0x0cfc  b57nd60a - ok
21:30:52.0107 0x0cfc  [ 5F685973740F289BE3C809952DB8408B, 4C0A0C06BB2B6B1879A860B0D68289A55F80CF74947FCCE7815F1D8121232F62 ] BBSvc           C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe
21:30:52.0123 0x0cfc  BBSvc - ok
21:30:52.0295 0x0cfc  [ 76F78018F45E7F92164CEA5020176933, 76E1CA6E198417F3749864721C43913189A7EA07B5ED320DE543B2037CEA3D65 ] BBUpdate        C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe
21:30:52.0310 0x0cfc  BBUpdate - ok
21:30:53.0511 0x0cfc  [ 2D659B569A76CDB83B815675A80D7096, 8246BD350017B6CBADA4BBDBAB8B708B0A8F1AD5ADD4B2DE1BA610B4A188C262 ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl664.sys
21:30:53.0777 0x0cfc  BCM43XX - ok
21:30:53.0979 0x0cfc  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
21:30:53.0979 0x0cfc  BDESVC - ok
21:30:54.0089 0x0cfc  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
21:30:54.0104 0x0cfc  Beep - ok
21:30:54.0213 0x0cfc  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
21:30:54.0260 0x0cfc  BFE - ok
21:30:55.0539 0x0cfc  [ F14F048B4D05FBCE536250EA74BF9FDC, 63E25E916209B6AF7AAC98B665E0128842F1EFDDEF95D50095514A9FDDC522A9 ] BHDrvx64        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20140214.001\BHDrvx64.sys
21:30:55.0633 0x0cfc  BHDrvx64 - ok
21:30:55.0976 0x0cfc  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
21:30:56.0023 0x0cfc  BITS - ok
21:30:56.0132 0x0cfc  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
21:30:56.0132 0x0cfc  blbdrive - ok
21:30:56.0460 0x0cfc  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
21:30:56.0460 0x0cfc  bowser - ok
21:30:56.0663 0x0cfc  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
21:30:56.0663 0x0cfc  BrFiltLo - ok
21:30:56.0678 0x0cfc  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
21:30:56.0678 0x0cfc  BrFiltUp - ok
21:30:57.0053 0x0cfc  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
21:30:57.0053 0x0cfc  Browser - ok
21:30:57.0146 0x0cfc  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
21:30:57.0162 0x0cfc  Brserid - ok
21:30:57.0255 0x0cfc  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
21:30:57.0255 0x0cfc  BrSerWdm - ok
21:30:57.0271 0x0cfc  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
21:30:57.0271 0x0cfc  BrUsbMdm - ok
21:30:57.0287 0x0cfc  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
21:30:57.0287 0x0cfc  BrUsbSer - ok
21:30:57.0302 0x0cfc  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
21:30:57.0302 0x0cfc  BTHMODEM - ok
21:30:57.0443 0x0cfc  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
21:30:57.0521 0x0cfc  bthserv - ok
21:30:57.0942 0x0cfc  [ 56685951208AC81CF923B9B08BEDF3B7, F5FF438B9A54AD8D54E82DE60E1771C9685A95D5E590D69EB1E4E78D3B9B7769 ] ccSet_N360      C:\Windows\system32\drivers\N360x64\1404000.028\ccSetx64.sys
21:30:57.0942 0x0cfc  ccSet_N360 - ok
21:30:58.0051 0x0cfc  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
21:30:58.0051 0x0cfc  cdfs - ok
21:30:58.0145 0x0cfc  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\drivers\cdrom.sys
21:30:58.0145 0x0cfc  cdrom - ok
21:30:58.0238 0x0cfc  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
21:30:58.0254 0x0cfc  CertPropSvc - ok
21:30:58.0332 0x0cfc  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
21:30:58.0332 0x0cfc  circlass - ok
21:30:58.0503 0x0cfc  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
21:30:58.0535 0x0cfc  CLFS - ok
21:30:58.0925 0x0cfc  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:30:59.0018 0x0cfc  clr_optimization_v2.0.50727_32 - ok
21:30:59.0096 0x0cfc  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:30:59.0096 0x0cfc  clr_optimization_v2.0.50727_64 - ok
21:30:59.0814 0x0cfc  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:30:59.0845 0x0cfc  clr_optimization_v4.0.30319_32 - ok
21:30:59.0939 0x0cfc  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:30:59.0954 0x0cfc  clr_optimization_v4.0.30319_64 - ok
21:31:00.0032 0x0cfc  CltMngSvc - ok
21:31:00.0079 0x0cfc  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
21:31:00.0079 0x0cfc  CmBatt - ok
21:31:00.0141 0x0cfc  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
21:31:00.0141 0x0cfc  cmdide - ok
21:31:00.0266 0x0cfc  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
21:31:00.0282 0x0cfc  CNG - ok
21:31:00.0344 0x0cfc  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
21:31:00.0344 0x0cfc  Compbatt - ok
21:31:00.0391 0x0cfc  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
21:31:00.0407 0x0cfc  CompositeBus - ok
21:31:00.0407 0x0cfc  COMSysApp - ok
21:31:00.0453 0x0cfc  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
21:31:00.0453 0x0cfc  crcdisk - ok
21:31:00.0516 0x0cfc  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
21:31:00.0531 0x0cfc  CryptSvc - ok
21:31:00.0750 0x0cfc  [ FD557A50A65E44041CD2FCEF4BEB04DB, 746D5958F7198895D35A23566D3736D993D57726BF59D91421D8091C48926A26 ] cvhsvc          C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
21:31:00.0781 0x0cfc  cvhsvc - ok
21:31:00.0875 0x0cfc  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
21:31:00.0890 0x0cfc  DcomLaunch - ok
21:31:01.0202 0x0cfc  [ BDEE4C5447963140A973C8F30DD19CB3, 1DAD7375E868651030D43521DE93D4E863CCCB318EDDE8735F2F8911F63A7240 ] DefaultTabSearch C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe
21:31:01.0249 0x0cfc  DefaultTabSearch - ok
21:31:01.0764 0x0cfc  [ E0E6760ECAD603387C1EF3F3548672FD, 4A0EF004C1E4673ABBDC2B7545EA84E794786D0A90A26F4AB3242E974C3BD1F6 ] DefaultTabUpdate C:\Users\kelabethmama\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe
21:31:01.0764 0x0cfc  DefaultTabUpdate - ok
21:31:01.0857 0x0cfc  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
21:31:01.0857 0x0cfc  defragsvc - ok
21:31:01.0904 0x0cfc  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
21:31:01.0904 0x0cfc  DfsC - ok
21:31:01.0967 0x0cfc  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
21:31:01.0982 0x0cfc  Dhcp - ok
21:31:02.0045 0x0cfc  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
21:31:02.0045 0x0cfc  discache - ok
21:31:02.0076 0x0cfc  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
21:31:02.0076 0x0cfc  Disk - ok
21:31:02.0138 0x0cfc  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
21:31:02.0138 0x0cfc  Dnscache - ok
21:31:02.0232 0x0cfc  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
21:31:02.0247 0x0cfc  dot3svc - ok
21:31:02.0310 0x0cfc  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
21:31:02.0310 0x0cfc  DPS - ok
21:31:02.0388 0x0cfc  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
21:31:02.0388 0x0cfc  drmkaud - ok
21:31:02.0528 0x0cfc  [ 9CF46FDF163E06B83D03FF929EF2296C, 40BB0226361DEC2E6CBFE79CA092083986BD3D94564ED5F3E54CA2EE9A756837 ] DsiWMIService   C:\Program Files (x86)\Launch Manager\dsiwmis.exe
21:31:02.0544 0x0cfc  DsiWMIService - ok
21:31:02.0700 0x0cfc  [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
21:31:02.0715 0x0cfc  DXGKrnl - ok
21:31:02.0778 0x0cfc  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
21:31:02.0778 0x0cfc  EapHost - ok
21:31:03.0105 0x0cfc  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
21:31:03.0199 0x0cfc  ebdrv - ok
21:31:03.0324 0x0cfc  [ 1B7AA375F711F66D5FF2B855F9EC987F, 151E3897A31F0E828D08EBBB9C10A60047B48534BB38349EF1C8D9245524CA58 ] eeCtrl          C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
21:31:03.0324 0x0cfc  eeCtrl - ok
21:31:03.0386 0x0cfc  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS             C:\Windows\System32\lsass.exe
21:31:03.0386 0x0cfc  EFS - ok
21:31:03.0589 0x0cfc  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
21:31:03.0605 0x0cfc  ehRecvr - ok
21:31:03.0839 0x0cfc  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
21:31:03.0885 0x0cfc  ehSched - ok
21:31:04.0041 0x0cfc  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
21:31:04.0073 0x0cfc  elxstor - ok
21:31:04.0353 0x0cfc  [ 3EA2C4F68A782839D97B3C83595575B6, D4C3BFD0B6817B73BE9F2378FA946BD1C213A4FB9EB3F7D2C79E9B6D9F895106 ] ePowerSvc       C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
21:31:04.0416 0x0cfc  ePowerSvc - ok
21:31:04.0494 0x0cfc  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
21:31:04.0494 0x0cfc  ErrDev - ok
21:31:04.0603 0x0cfc  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
21:31:04.0619 0x0cfc  EventSystem - ok
21:31:04.0681 0x0cfc  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
21:31:04.0681 0x0cfc  exfat - ok
21:31:04.0743 0x0cfc  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
21:31:04.0743 0x0cfc  fastfat - ok
21:31:04.0853 0x0cfc  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
21:31:04.0868 0x0cfc  Fax - ok
21:31:04.0931 0x0cfc  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
21:31:04.0931 0x0cfc  fdc - ok
21:31:04.0977 0x0cfc  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
21:31:04.0977 0x0cfc  fdPHost - ok
21:31:04.0993 0x0cfc  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
21:31:04.0993 0x0cfc  FDResPub - ok
21:31:05.0009 0x0cfc  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
21:31:05.0009 0x0cfc  FileInfo - ok
21:31:05.0009 0x0cfc  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
21:31:05.0024 0x0cfc  Filetrace - ok
21:31:05.0024 0x0cfc  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
21:31:05.0024 0x0cfc  flpydisk - ok
21:31:05.0102 0x0cfc  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
21:31:05.0102 0x0cfc  FltMgr - ok
21:31:05.0258 0x0cfc  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
21:31:05.0305 0x0cfc  FontCache - ok
21:31:05.0383 0x0cfc  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:31:05.0399 0x0cfc  FontCache3.0.0.0 - ok
21:31:05.0445 0x0cfc  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
21:31:05.0445 0x0cfc  FsDepends - ok
21:31:05.0477 0x0cfc  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
21:31:05.0477 0x0cfc  Fs_Rec - ok
21:31:05.0570 0x0cfc  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
21:31:05.0586 0x0cfc  fvevol - ok
21:31:05.0617 0x0cfc  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
21:31:05.0617 0x0cfc  gagp30kx - ok
21:31:05.0835 0x0cfc  [ C403C5DB49A0F9AAF4F2128EDC0106D8, 3C6948B63278022D8182F773C5FA15784514F76C1546118DDBADBA322B962D12 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
21:31:05.0835 0x0cfc  GamesAppService - ok
21:31:05.0960 0x0cfc  [ 4AD246B97047A73C68FFD7F2C1856936, FB802CC1DC833D6F1BF0B78D7739179773C0CF1EF5F3827546D830C199F1FBA4 ] GamingWonderlandService C:\PROGRA~2\GAMING~2\bar\1.bin\gtbarsvc.exe
21:31:05.0976 0x0cfc  GamingWonderlandService - ok
21:31:06.0288 0x0cfc  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
21:31:06.0366 0x0cfc  gpsvc - ok
21:31:06.0444 0x0cfc  [ 0191DEE9B9EB7902AF2CF4F67301095D, 9E2E263E84167E1AD3FFCEA84066AF07CD6A653F5D8266A619E4973BC4B25460 ] GREGService     C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
21:31:06.0553 0x0cfc  GREGService - ok
21:31:06.0959 0x0cfc  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:31:06.0974 0x0cfc  gupdate - ok
21:31:07.0021 0x0cfc  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:31:07.0037 0x0cfc  gupdatem - ok
21:31:07.0130 0x0cfc  [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
21:31:07.0130 0x0cfc  gusvc - ok
21:31:07.0177 0x0cfc  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
21:31:07.0177 0x0cfc  hcw85cir - ok
21:31:07.0286 0x0cfc  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:31:07.0302 0x0cfc  HdAudAddService - ok
21:31:07.0380 0x0cfc  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
21:31:07.0395 0x0cfc  HDAudBus - ok
21:31:07.0473 0x0cfc  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
21:31:07.0473 0x0cfc  HidBatt - ok
21:31:07.0489 0x0cfc  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
21:31:07.0505 0x0cfc  HidBth - ok
21:31:07.0551 0x0cfc  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
21:31:07.0551 0x0cfc  HidIr - ok
21:31:07.0583 0x0cfc  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
21:31:07.0583 0x0cfc  hidserv - ok
21:31:07.0692 0x0cfc  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
21:31:07.0692 0x0cfc  HidUsb - ok
21:31:07.0754 0x0cfc  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
21:31:07.0754 0x0cfc  hkmsvc - ok
21:31:07.0895 0x0cfc  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:31:07.0910 0x0cfc  HomeGroupListener - ok
21:31:08.0019 0x0cfc  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:31:08.0019 0x0cfc  HomeGroupProvider - ok
21:31:08.0097 0x0cfc  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
21:31:08.0097 0x0cfc  HpSAMD - ok
21:31:08.0253 0x0cfc  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
21:31:08.0269 0x0cfc  HTTP - ok
21:31:08.0441 0x0cfc  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
21:31:08.0441 0x0cfc  hwpolicy - ok
21:31:08.0565 0x0cfc  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
21:31:08.0565 0x0cfc  i8042prt - ok
21:31:08.0659 0x0cfc  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
21:31:08.0675 0x0cfc  iaStorV - ok
21:31:08.0893 0x0cfc  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:31:08.0924 0x0cfc  idsvc - ok
21:31:09.0111 0x0cfc  [ 777612849691B0D9EE064F93481FEFF1, BA970CE9F13EE25AA54E7E9B3BE7DE0C271D9067A317F8AE5F60F93B3D18E912 ] IDSVia64        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20140217.001\IDSvia64.sys
21:31:09.0127 0x0cfc  IDSVia64 - ok
21:31:09.0174 0x0cfc  IEEtwCollectorService - ok
21:31:10.0047 0x0cfc  [ A87261EF1546325B559374F5689CF5BC, 8DE48A8A13A32AAAC54CDDF58F3F61BE3E2802C1D9CA1CA98E57EB0D65FB6002 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
21:31:10.0344 0x0cfc  igfx - ok
21:31:10.0422 0x0cfc  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
21:31:10.0422 0x0cfc  iirsp - ok
21:31:10.0562 0x0cfc  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
21:31:10.0593 0x0cfc  IKEEXT - ok
21:31:11.0015 0x0cfc  [ E8017F1662D9142F45CEAB694D013C00, 75EE9DF292C4D980B9461ABEB8810D22DD57EBBAD5A37FE7B046CBAD419EE9E0 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
21:31:11.0108 0x0cfc  IntcAzAudAddService - ok
21:31:11.0155 0x0cfc  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
21:31:11.0155 0x0cfc  intelide - ok
21:31:11.0233 0x0cfc  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
21:31:11.0249 0x0cfc  intelppm - ok
21:31:11.0311 0x0cfc  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
21:31:11.0327 0x0cfc  IPBusEnum - ok
21:31:11.0389 0x0cfc  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:31:11.0389 0x0cfc  IpFilterDriver - ok
21:31:11.0576 0x0cfc  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
21:31:11.0623 0x0cfc  iphlpsvc - ok
21:31:11.0685 0x0cfc  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
21:31:11.0685 0x0cfc  IPMIDRV - ok
21:31:11.0795 0x0cfc  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
21:31:11.0795 0x0cfc  IPNAT - ok
21:31:11.0826 0x0cfc  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
21:31:11.0826 0x0cfc  IRENUM - ok
21:31:11.0841 0x0cfc  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
21:31:11.0857 0x0cfc  isapnp - ok
21:31:12.0060 0x0cfc  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
21:31:12.0075 0x0cfc  iScsiPrt - ok
21:31:12.0387 0x0cfc  [ 1682490E4C7E0925CFFF3B46DD82F1B6, C176EBDDBB2192E3E495BBD8ED927AA7A48C8603B62F8C9234FF35E23B1C199A ] iWinGamesInstaller C:\Program Files (x86)\iWin Games\iWinGamesInstaller.exe
21:31:12.0387 0x0cfc  iWinGamesInstaller - ok
21:31:12.0497 0x0cfc  [ 12E27942DBB7C91880163634B0D8A776, DEE56DB8993A915E8FC32F9F50FAEED591799B0694655926C4F260EBFB99FC7E ] k57nd60a        C:\Windows\system32\DRIVERS\k57nd60a.sys
21:31:12.0512 0x0cfc  k57nd60a - ok
21:31:12.0699 0x0cfc  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
21:31:12.0699 0x0cfc  kbdclass - ok
21:31:12.0762 0x0cfc  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
21:31:12.0762 0x0cfc  kbdhid - ok
21:31:12.0824 0x0cfc  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso          C:\Windows\system32\lsass.exe
21:31:12.0824 0x0cfc  KeyIso - ok
21:31:12.0933 0x0cfc  [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
21:31:12.0933 0x0cfc  KSecDD - ok
21:31:13.0089 0x0cfc  [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
21:31:13.0105 0x0cfc  KSecPkg - ok
21:31:13.0152 0x0cfc  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
21:31:13.0152 0x0cfc  ksthunk - ok
21:31:13.0230 0x0cfc  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
21:31:13.0245 0x0cfc  KtmRm - ok
21:31:13.0308 0x0cfc  [ 2AC603C3188C704CFCE353659AA7AD71, 0DAC2E8858221145FA35883BAE0D6484E60EB624158DE9F063FF209951CD1CDF ] L1E             C:\Windows\system32\DRIVERS\L1E62x64.sys
21:31:13.0308 0x0cfc  L1E - ok
21:31:13.0386 0x0cfc  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
21:31:13.0401 0x0cfc  LanmanServer - ok
21:31:13.0511 0x0cfc  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:31:13.0511 0x0cfc  LanmanWorkstation - ok
21:31:13.0589 0x0cfc  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
21:31:13.0589 0x0cfc  lltdio - ok
21:31:13.0729 0x0cfc  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
21:31:13.0745 0x0cfc  lltdsvc - ok
21:31:13.0776 0x0cfc  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
21:31:13.0776 0x0cfc  lmhosts - ok
21:31:13.0901 0x0cfc  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
21:31:13.0916 0x0cfc  LSI_FC - ok
21:31:13.0963 0x0cfc  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
21:31:13.0963 0x0cfc  LSI_SAS - ok
21:31:13.0994 0x0cfc  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
21:31:14.0010 0x0cfc  LSI_SAS2 - ok
21:31:14.0057 0x0cfc  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
21:31:14.0057 0x0cfc  LSI_SCSI - ok
21:31:14.0150 0x0cfc  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
21:31:14.0150 0x0cfc  luafv - ok
21:31:14.0213 0x0cfc  lxdx_device - ok
21:31:14.0259 0x0cfc  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
21:31:14.0275 0x0cfc  Mcx2Svc - ok
21:31:14.0322 0x0cfc  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
21:31:14.0322 0x0cfc  megasas - ok
21:31:14.0369 0x0cfc  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
21:31:14.0384 0x0cfc  MegaSR - ok
21:31:14.0431 0x0cfc  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
21:31:14.0447 0x0cfc  MMCSS - ok
21:31:14.0525 0x0cfc  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
21:31:14.0525 0x0cfc  Modem - ok
21:31:14.0556 0x0cfc  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
21:31:14.0556 0x0cfc  monitor - ok
21:31:14.0618 0x0cfc  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\drivers\mouclass.sys
21:31:14.0634 0x0cfc  mouclass - ok
21:31:14.0712 0x0cfc  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
21:31:14.0712 0x0cfc  mouhid - ok
21:31:14.0774 0x0cfc  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
21:31:14.0774 0x0cfc  mountmgr - ok
21:31:14.0821 0x0cfc  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
21:31:14.0837 0x0cfc  mpio - ok
21:31:14.0930 0x0cfc  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
21:31:14.0946 0x0cfc  mpsdrv - ok
21:31:15.0164 0x0cfc  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
21:31:15.0258 0x0cfc  MpsSvc - ok
21:31:15.0336 0x0cfc  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
21:31:15.0351 0x0cfc  MRxDAV - ok
21:31:15.0492 0x0cfc  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
21:31:15.0492 0x0cfc  mrxsmb - ok
21:31:15.0601 0x0cfc  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:31:15.0617 0x0cfc  mrxsmb10 - ok
21:31:15.0695 0x0cfc  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:31:15.0710 0x0cfc  mrxsmb20 - ok
21:31:15.0851 0x0cfc  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
21:31:15.0851 0x0cfc  msahci - ok
21:31:16.0022 0x0cfc  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
21:31:16.0022 0x0cfc  msdsm - ok
21:31:16.0381 0x0cfc  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
21:31:16.0397 0x0cfc  MSDTC - ok
21:31:16.0475 0x0cfc  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
21:31:16.0475 0x0cfc  Msfs - ok
21:31:16.0490 0x0cfc  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
21:31:16.0490 0x0cfc  mshidkmdf - ok
21:31:16.0537 0x0cfc  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
21:31:16.0537 0x0cfc  msisadrv - ok
21:31:16.0615 0x0cfc  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
21:31:16.0631 0x0cfc  MSiSCSI - ok
21:31:16.0631 0x0cfc  msiserver - ok
21:31:16.0693 0x0cfc  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
21:31:16.0693 0x0cfc  MSKSSRV - ok
21:31:16.0755 0x0cfc  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
21:31:16.0755 0x0cfc  MSPCLOCK - ok
21:31:16.0787 0x0cfc  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
21:31:16.0787 0x0cfc  MSPQM - ok
21:31:17.0036 0x0cfc  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
21:31:17.0067 0x0cfc  MsRPC - ok
21:31:17.0114 0x0cfc  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
21:31:17.0114 0x0cfc  mssmbios - ok
21:31:17.0177 0x0cfc  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
21:31:17.0177 0x0cfc  MSTEE - ok
21:31:17.0192 0x0cfc  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
21:31:17.0208 0x0cfc  MTConfig - ok
21:31:17.0239 0x0cfc  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
21:31:17.0255 0x0cfc  Mup - ok
21:31:17.0473 0x0cfc  [ 6FFECC25B39DC7652A0CEC0ADA9DB589, 927EF066CBBA8353149F8C3B7C4299AC06FED439DA874D25CFB583E5912611A2 ] mwlPSDFilter    C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
21:31:17.0473 0x0cfc  mwlPSDFilter - ok
21:31:17.0598 0x0cfc  [ 0BEFE32CA56D6EE89D58175725596A85, E36B9E6159AF7F67D549F7178896CCCB8FC3964531B1DA20CBDD465E632D8FCF ] mwlPSDNServ     C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
21:31:17.0598 0x0cfc  mwlPSDNServ - ok
21:31:17.0613 0x0cfc  [ D43BC633B8660463E446E28E14A51262, C55F235B5E08FAC6D70B0FAC737D714E318A93F8E43FF8095B86A76559AF211D ] mwlPSDVDisk     C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
21:31:17.0629 0x0cfc  mwlPSDVDisk - ok
21:31:18.0035 0x0cfc  [ 3E5E20817259F7328C8F3BE5421F35B9, 9BF20E1CE75647BF5654AD603BD7D17E36CC0AD15EEAFF4FACE637D235C34190 ] MWLService      C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe
21:31:18.0066 0x0cfc  MWLService - ok
21:31:18.0097 0x0cfc  MyOwnSuperheroService - ok
21:31:18.0237 0x0cfc  [ 1BF9D6476061B31CD7FC2BF848529A56, 95B585543240E823D7850ADEEEA7A4738EF9E18A4B07D921F145F6EF466F0271 ] N360            C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\ccSvcHst.exe
21:31:18.0253 0x0cfc  N360 - ok
21:31:18.0362 0x0cfc  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
21:31:18.0393 0x0cfc  napagent - ok
21:31:18.0518 0x0cfc  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
21:31:18.0549 0x0cfc  NativeWifiP - ok
21:31:18.0659 0x0cfc  [ 702E07EC32F96ACDB873E9A5465D4401, 2C6B1C8BA0BF4791AEA064062DCA3678AE4443DF19DB37D6CB55BA6297D8A238 ] NAVENG          C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20140218.019\ENG64.SYS
21:31:18.0659 0x0cfc  NAVENG - ok
21:31:19.0127 0x0cfc  [ 302EA314A1AF0D7CEF0A3D0195F79561, 046DBC2D9D028F2D2E8BAE745CA2ADEF42741689BFF743A13B81EA4228DDCDC6 ] NAVEX15         C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20140218.019\EX64.SYS
21:31:19.0251 0x0cfc  NAVEX15 - ok
21:31:19.0610 0x0cfc  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
21:31:19.0673 0x0cfc  NDIS - ok
21:31:19.0751 0x0cfc  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
21:31:19.0751 0x0cfc  NdisCap - ok
21:31:19.0829 0x0cfc  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
21:31:19.0829 0x0cfc  NdisTapi - ok
21:31:19.0875 0x0cfc  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
21:31:19.0875 0x0cfc  Ndisuio - ok
21:31:19.0969 0x0cfc  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
21:31:19.0969 0x0cfc  NdisWan - ok
21:31:20.0063 0x0cfc  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
21:31:20.0063 0x0cfc  NDProxy - ok
21:31:20.0125 0x0cfc  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
21:31:20.0141 0x0cfc  NetBIOS - ok
21:31:20.0203 0x0cfc  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
21:31:20.0219 0x0cfc  NetBT - ok
21:31:20.0250 0x0cfc  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\Windows\system32\lsass.exe
21:31:20.0265 0x0cfc  Netlogon - ok
21:31:20.0390 0x0cfc  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
21:31:20.0406 0x0cfc  Netman - ok
21:31:20.0531 0x0cfc  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:31:20.0546 0x0cfc  NetMsmqActivator - ok
21:31:20.0562 0x0cfc  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:31:20.0577 0x0cfc  NetPipeActivator - ok
21:31:20.0655 0x0cfc  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
21:31:20.0687 0x0cfc  netprofm - ok
21:31:20.0718 0x0cfc  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:31:20.0733 0x0cfc  NetTcpActivator - ok
21:31:20.0749 0x0cfc  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:31:20.0765 0x0cfc  NetTcpPortSharing - ok
21:31:20.0843 0x0cfc  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
21:31:20.0843 0x0cfc  nfrd960 - ok
21:31:20.0967 0x0cfc  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
21:31:20.0999 0x0cfc  NlaSvc - ok
21:31:21.0451 0x0cfc  [ 5839A8027D6D324A7CD494051A96628C, 474F2D0BB463ABE68D7C4D2C630860AED4B722EC62C616C91EE00AA965378382 ] NOBU            C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
21:31:21.0716 0x0cfc  NOBU - ok
21:31:21.0810 0x0cfc  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
21:31:21.0810 0x0cfc  Npfs - ok
21:31:21.0841 0x0cfc  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
21:31:21.0857 0x0cfc  nsi - ok
21:31:21.0888 0x0cfc  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
21:31:21.0888 0x0cfc  nsiproxy - ok
21:31:22.0356 0x0cfc  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
21:31:22.0512 0x0cfc  Ntfs - ok
21:31:22.0605 0x0cfc  [ 9A308FCDCCA98A15B6F62D36A272160E, 3991F70D42C1949067ED48CF4EB815E06360B077F6A2369AC76BF0892C3C33EE ] NTI IScheduleSvc C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
21:31:22.0683 0x0cfc  NTI IScheduleSvc - ok
21:31:22.0761 0x0cfc  [ 28C59F594044CBF8598B18C927097091, 7B7633A9BCB1E0A3F89DD697C296D77955907DCF239B4B9D155AD7B90F2A1E7A ] NTIBackupSvc    C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
21:31:22.0761 0x0cfc  NTIBackupSvc - ok
21:31:22.0793 0x0cfc  [ 710263B44C1D1AEE07525A53401FBE48, 9E30D956099F42A7F8125664E671AEE49A6EDE0C2B717EC9B4488556A386FA21 ] NTIDrvr         C:\Windows\system32\drivers\NTIDrvr.sys
21:31:22.0793 0x0cfc  NTIDrvr - ok
21:31:22.0808 0x0cfc  [ B8D903B2894FF9AFBD99CA51C35590D7, AAC96724781EC5A715CEF85C65D4AE15283522D3F19020FC456BA0F73BAA22F9 ] NTISchedulerSvc C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
21:31:22.0824 0x0cfc  NTISchedulerSvc - ok
21:31:22.0855 0x0cfc  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
21:31:22.0855 0x0cfc  Null - ok
21:31:23.0027 0x0cfc  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
21:31:23.0042 0x0cfc  nvraid - ok
21:31:23.0089 0x0cfc  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
21:31:23.0105 0x0cfc  nvstor - ok
21:31:23.0167 0x0cfc  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
21:31:23.0183 0x0cfc  nv_agp - ok
21:31:23.0245 0x0cfc  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
21:31:23.0245 0x0cfc  ohci1394 - ok
21:31:23.0370 0x0cfc  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:31:23.0385 0x0cfc  ose - ok
21:31:24.0633 0x0cfc  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:31:25.0055 0x0cfc  osppsvc - ok
21:31:25.0148 0x0cfc  OutfoxTvService - ok
21:31:25.0211 0x0cfc  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
21:31:25.0226 0x0cfc  p2pimsvc - ok
21:31:25.0367 0x0cfc  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
21:31:25.0398 0x0cfc  p2psvc - ok
21:31:25.0445 0x0cfc  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
21:31:25.0445 0x0cfc  Parport - ok
21:31:25.0523 0x0cfc  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
21:31:25.0523 0x0cfc  partmgr - ok
21:31:25.0601 0x0cfc  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
21:31:25.0616 0x0cfc  PcaSvc - ok
21:31:25.0772 0x0cfc  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
21:31:25.0772 0x0cfc  pci - ok
21:31:25.0944 0x0cfc  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
21:31:25.0944 0x0cfc  pciide - ok
21:31:26.0069 0x0cfc  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
21:31:26.0084 0x0cfc  pcmcia - ok
21:31:26.0209 0x0cfc  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
21:31:26.0225 0x0cfc  pcw - ok
21:31:26.0334 0x0cfc  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
21:31:26.0381 0x0cfc  PEAUTH - ok
21:31:26.0755 0x0cfc  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
21:31:26.0755 0x0cfc  PerfHost - ok
21:31:27.0223 0x0cfc  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
21:31:27.0363 0x0cfc  pla - ok
21:31:27.0488 0x0cfc  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
21:31:27.0519 0x0cfc  PlugPlay - ok
21:31:27.0551 0x0cfc  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
21:31:27.0566 0x0cfc  PNRPAutoReg - ok
21:31:27.0613 0x0cfc  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
21:31:27.0644 0x0cfc  PNRPsvc - ok
21:31:27.0878 0x0cfc  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
21:31:27.0909 0x0cfc  PolicyAgent - ok
21:31:28.0190 0x0cfc  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
21:31:28.0206 0x0cfc  Power - ok
21:31:28.0549 0x0cfc  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
21:31:28.0549 0x0cfc  PptpMiniport - ok
21:31:28.0627 0x0cfc  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
21:31:28.0627 0x0cfc  Processor - ok
21:31:28.0752 0x0cfc  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
21:31:28.0767 0x0cfc  ProfSvc - ok
21:31:28.0783 0x0cfc  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
21:31:28.0799 0x0cfc  ProtectedStorage - ok
21:31:28.0861 0x0cfc  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
21:31:28.0861 0x0cfc  Psched - ok
21:31:29.0282 0x0cfc  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
21:31:29.0376 0x0cfc  ql2300 - ok
21:31:29.0501 0x0cfc  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
21:31:29.0501 0x0cfc  ql40xx - ok
21:31:29.0579 0x0cfc  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
21:31:29.0594 0x0cfc  QWAVE - ok
21:31:29.0719 0x0cfc  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
21:31:29.0719 0x0cfc  QWAVEdrv - ok
21:31:29.0828 0x0cfc  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
21:31:29.0828 0x0cfc  RasAcd - ok
21:31:29.0953 0x0cfc  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
21:31:29.0953 0x0cfc  RasAgileVpn - ok
21:31:30.0062 0x0cfc  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
21:31:30.0062 0x0cfc  RasAuto - ok
21:31:30.0156 0x0cfc  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
21:31:30.0156 0x0cfc  Rasl2tp - ok
21:31:30.0218 0x0cfc  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
21:31:30.0249 0x0cfc  RasMan - ok
21:31:30.0327 0x0cfc  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
21:31:30.0343 0x0cfc  RasPppoe - ok
21:31:30.0374 0x0cfc  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
21:31:30.0374 0x0cfc  RasSstp - ok
21:31:30.0577 0x0cfc  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
21:31:30.0593 0x0cfc  rdbss - ok
21:31:30.0639 0x0cfc  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
21:31:30.0655 0x0cfc  rdpbus - ok
21:31:30.0686 0x0cfc  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
21:31:30.0686 0x0cfc  RDPCDD - ok
21:31:30.0733 0x0cfc  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
21:31:30.0733 0x0cfc  RDPENCDD - ok
21:31:30.0780 0x0cfc  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
21:31:30.0780 0x0cfc  RDPREFMP - ok
21:31:31.0248 0x0cfc  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
21:31:31.0263 0x0cfc  RDPWD - ok
21:31:31.0373 0x0cfc  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
21:31:31.0388 0x0cfc  rdyboost - ok
21:31:31.0575 0x0cfc  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
21:31:31.0591 0x0cfc  RemoteAccess - ok
21:31:31.0669 0x0cfc  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
21:31:31.0685 0x0cfc  RemoteRegistry - ok
21:31:31.0731 0x0cfc  Retrogamer_4wService - ok
21:31:31.0809 0x0cfc  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
21:31:31.0809 0x0cfc  RpcEptMapper - ok
21:31:31.0841 0x0cfc  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
21:31:31.0856 0x0cfc  RpcLocator - ok
21:31:31.0965 0x0cfc  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
21:31:32.0012 0x0cfc  RpcSs - ok
21:31:32.0106 0x0cfc  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
21:31:32.0121 0x0cfc  rspndr - ok
21:31:32.0558 0x0cfc  [ 665BA29357882A8C5980B15B3A0123A4, C03D5140E4C8B469D30E3D82CDAEB2F1BA2EB671F146094166222B40993185C6 ] RTL8192cu       C:\Windows\system32\DRIVERS\RTL8192cu.sys
21:31:32.0621 0x0cfc  RTL8192cu - ok
21:31:32.0699 0x0cfc  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs           C:\Windows\system32\lsass.exe
21:31:32.0699 0x0cfc  SamSs - ok
21:31:32.0823 0x0cfc  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
21:31:32.0839 0x0cfc  sbp2port - ok
21:31:32.0917 0x0cfc  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
21:31:32.0948 0x0cfc  SCardSvr - ok
21:31:32.0995 0x0cfc  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
21:31:32.0995 0x0cfc  scfilter - ok
21:31:33.0416 0x0cfc  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
21:31:33.0525 0x0cfc  Schedule - ok
21:31:33.0697 0x0cfc  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
21:31:33.0697 0x0cfc  SCPolicySvc - ok
21:31:33.0806 0x0cfc  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
21:31:33.0822 0x0cfc  SDRSVC - ok
21:31:33.0869 0x0cfc  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
21:31:33.0869 0x0cfc  secdrv - ok
21:31:33.0962 0x0cfc  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
21:31:33.0978 0x0cfc  seclogon - ok
21:31:34.0134 0x0cfc  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
21:31:34.0212 0x0cfc  SENS - ok
21:31:34.0227 0x0cfc  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
21:31:34.0243 0x0cfc  SensrSvc - ok
21:31:34.0259 0x0cfc  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
21:31:34.0259 0x0cfc  Serenum - ok
21:31:34.0290 0x0cfc  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
21:31:34.0305 0x0cfc  Serial - ok
21:31:34.0383 0x0cfc  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
21:31:34.0383 0x0cfc  sermouse - ok
21:31:34.0524 0x0cfc  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
21:31:34.0539 0x0cfc  SessionEnv - ok
21:31:34.0586 0x0cfc  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
21:31:34.0586 0x0cfc  sffdisk - ok
21:31:34.0867 0x0cfc  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
21:31:34.0867 0x0cfc  sffp_mmc - ok
21:31:34.0914 0x0cfc  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
21:31:34.0914 0x0cfc  sffp_sd - ok
21:31:34.0961 0x0cfc  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
21:31:34.0961 0x0cfc  sfloppy - ok
21:31:35.0210 0x0cfc  [ 2046AA7491DE7EFA4D70E615D9BC9D09, A8763D059AD68D5842C407FA9644E0B129BEF0F63CD87E62B80B05441EDC3489 ] Sftfs           C:\Windows\system32\DRIVERS\Sftfslh.sys
21:31:35.0257 0x0cfc  Sftfs - ok
21:31:35.0569 0x0cfc  [ 77C5A741A7452812F278EF2C18478862, 0B763679EB7EFB8ED9DCE7B429706E939BB65BA6BCF1BAE0E0426D4E87074B8C ] sftlist         C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
21:31:35.0600 0x0cfc  sftlist - ok
21:31:35.0678 0x0cfc  [ 0E0446BC4D51BE4263ACB7E33491191C, 2AD039FB440560658C4E06F67CC192EF71577EF3FF789A43C08430CE5EAE5A70 ] Sftplay         C:\Windows\system32\DRIVERS\Sftplaylh.sys
21:31:35.0694 0x0cfc  Sftplay - ok
21:31:35.0772 0x0cfc  [ C5FB982CD266E604ED3142102C26D62C, A6BC0D72E98F924274ECAD49C85F0775D1CD45B97CD43F53DF3992B560835FC5 ] Sftredir        C:\Windows\system32\DRIVERS\Sftredirlh.sys
21:31:35.0772 0x0cfc  Sftredir - ok
21:31:35.0928 0x0cfc  [ 2575511AF67AA1FA068CCC4918E2C2A3, 3152FF5AC2CF6FE966DA59B1B33E22F9BD9B6BB4310441870528364BA9501A4D ] Sftvol          C:\Windows\system32\DRIVERS\Sftvollh.sys
21:31:35.0943 0x0cfc  Sftvol - ok
21:31:36.0037 0x0cfc  [ 39B1D0A636A400304565D4521FAD6D77, 1F01DB35B5A477AA7A77585C9304E6B5F3E67807531305BCA93A7F494CED8F59 ] sftvsa          C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
21:31:36.0053 0x0cfc  sftvsa - ok
21:31:36.0146 0x0cfc  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
21:31:36.0177 0x0cfc  SharedAccess - ok
21:31:36.0287 0x0cfc  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:31:36.0318 0x0cfc  ShellHWDetection - ok
21:31:36.0365 0x0cfc  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
21:31:36.0380 0x0cfc  SiSRaid2 - ok
21:31:36.0521 0x0cfc  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
21:31:36.0521 0x0cfc  SiSRaid4 - ok
21:31:36.0599 0x0cfc  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
21:31:36.0599 0x0cfc  Smb - ok
21:31:36.0661 0x0cfc  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
21:31:36.0677 0x0cfc  SNMPTRAP - ok
21:31:36.0723 0x0cfc  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
21:31:36.0723 0x0cfc  spldr - ok
21:31:36.0833 0x0cfc  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
21:31:36.0879 0x0cfc  Spooler - ok
21:31:38.0315 0x0cfc  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
21:31:38.0642 0x0cfc  sppsvc - ok
21:31:38.0689 0x0cfc  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
21:31:38.0705 0x0cfc  sppuinotify - ok
21:31:39.0063 0x0cfc  [ 2FD9346F9D76CB4192D37329CFA47A82, 4CD75B4006147D469116F3CBC10528928A592510DA8037D709CB198D89853CAB ] SRTSP           C:\Windows\System32\Drivers\N360x64\1404000.028\SRTSP64.SYS
21:31:39.0126 0x0cfc  SRTSP - ok
21:31:39.0173 0x0cfc  [ 0E76CEF892C45734F7AED09FDDF35D4D, C25AF31E411AC3A090859C883132B9AE6A80C8D791168FF219BC0895E35A0359 ] SRTSPX          C:\Windows\system32\drivers\N360x64\1404000.028\SRTSPX64.SYS
21:31:39.0173 0x0cfc  SRTSPX - ok
21:31:39.0625 0x0cfc  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
21:31:39.0656 0x0cfc  srv - ok
21:31:39.0812 0x0cfc  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
21:31:39.0828 0x0cfc  srv2 - ok
21:31:39.0921 0x0cfc  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
21:31:39.0937 0x0cfc  srvnet - ok
21:31:40.0109 0x0cfc  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
21:31:40.0124 0x0cfc  SSDPSRV - ok
21:31:40.0140 0x0cfc  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
21:31:40.0140 0x0cfc  SstpSvc - ok
21:31:40.0171 0x0cfc  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
21:31:40.0171 0x0cfc  stexstor - ok
21:31:40.0280 0x0cfc  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
21:31:40.0327 0x0cfc  stisvc - ok
21:31:40.0467 0x0cfc  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
21:31:40.0467 0x0cfc  swenum - ok
21:31:40.0717 0x0cfc  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
21:31:40.0764 0x0cfc  swprv - ok
21:31:40.0920 0x0cfc  [ 52DC0048D667757A8A2E4C87182890AC, 7B43DF6DADFDDBBC5402477FE832052ADB6A39B90111CDA89B5E01CE900F55C5 ] SymDS           C:\Windows\system32\drivers\N360x64\1404000.028\SYMDS64.SYS
21:31:40.0951 0x0cfc  SymDS - ok
21:31:41.0169 0x0cfc  [ 599872BAD7CFB45C7CE47CDED4B726D8, 5B15B1B22C3ACA1BC56CAFCAFFC2E974C75C77C0AB7355FBA91F2147C0911499 ] SymEFA          C:\Windows\system32\drivers\N360x64\1404000.028\SYMEFA64.SYS
21:31:41.0247 0x0cfc  SymEFA - ok
21:31:41.0341 0x0cfc  [ 97E11C50CE52277B377396EA8838E539, E17D03F80E14F961C41F2D54D1EF73D29BF01F38459C5710D786234F8BA3C835 ] SymEvent        C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
21:31:41.0357 0x0cfc  SymEvent - ok
21:31:41.0466 0x0cfc  [ ADF37F1A715D6C56C8E065FD8569A9A4, 33E895CB326F62D4D22E345563B0641EB88D23B2104A07E8CEBE5ED150882767 ] SymIRON         C:\Windows\system32\drivers\N360x64\1404000.028\Ironx64.SYS
21:31:41.0481 0x0cfc  SymIRON - ok
21:31:41.0715 0x0cfc  [ 9CDCA70485BD6B9D230365F67C31F132, 137995F1F0124E3A10AAA25551F811602BB5FE8361AE8CBA899C6B98486F4CF3 ] SymNetS         C:\Windows\System32\Drivers\N360x64\1404000.028\SYMNETS.SYS
21:31:41.0747 0x0cfc  SymNetS - ok
21:31:42.0012 0x0cfc  [ ED6D1424E5B0C21A57B28DD8508D6843, EF3BBBBD376F22520060BC6D637CDF79E2D8B43A95E746FC1463E7CDC407C2D9 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
21:31:42.0027 0x0cfc  SynTP - ok
21:31:42.0480 0x0cfc  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
21:31:42.0651 0x0cfc  SysMain - ok
21:31:42.0807 0x0cfc  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:31:42.0823 0x0cfc  TabletInputService - ok
21:31:42.0917 0x0cfc  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
21:31:42.0995 0x0cfc  TapiSrv - ok
21:31:43.0057 0x0cfc  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
21:31:43.0057 0x0cfc  TBS - ok
21:31:43.0416 0x0cfc  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
21:31:43.0587 0x0cfc  Tcpip - ok
21:31:44.0165 0x0cfc  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
21:31:44.0274 0x0cfc  TCPIP6 - ok
21:31:44.0508 0x0cfc  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
21:31:44.0524 0x0cfc  tcpipreg - ok
21:31:44.0586 0x0cfc  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
21:31:44.0586 0x0cfc  TDPIPE - ok
21:31:44.0633 0x0cfc  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
21:31:44.0633 0x0cfc  TDTCP - ok
21:31:44.0726 0x0cfc  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
21:31:44.0742 0x0cfc  tdx - ok
21:31:45.0007 0x0cfc  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
21:31:45.0007 0x0cfc  TermDD - ok
21:31:45.0226 0x0cfc  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
21:31:45.0288 0x0cfc  TermService - ok
21:31:45.0366 0x0cfc  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
21:31:45.0366 0x0cfc  Themes - ok
21:31:45.0444 0x0cfc  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
21:31:45.0460 0x0cfc  THREADORDER - ok
21:31:45.0506 0x0cfc  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
21:31:45.0506 0x0cfc  TrkWks - ok
21:31:45.0834 0x0cfc  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:31:45.0850 0x0cfc  TrustedInstaller - ok
21:31:45.0959 0x0cfc  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
21:31:45.0959 0x0cfc  tssecsrv - ok
21:31:46.0130 0x0cfc  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
21:31:46.0130 0x0cfc  TsUsbFlt - ok
21:31:46.0208 0x0cfc  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
21:31:46.0224 0x0cfc  tunnel - ok
21:31:46.0333 0x0cfc  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
21:31:46.0333 0x0cfc  uagp35 - ok
21:31:46.0442 0x0cfc  [ 40079B0B801C5432BA435B5AD61CE6E3, 709EFA377470234DE21B03AB50A70C9E9DA8F3D22F026D80340EC69C21595892 ] UBHelper        C:\Windows\system32\drivers\UBHelper.sys
21:31:46.0442 0x0cfc  UBHelper - ok
21:31:46.0801 0x0cfc  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
21:31:46.0832 0x0cfc  udfs - ok
21:31:47.0004 0x0cfc  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
21:31:47.0004 0x0cfc  UI0Detect - ok
21:31:47.0066 0x0cfc  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
21:31:47.0066 0x0cfc  uliagpkx - ok
21:31:47.0129 0x0cfc  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\drivers\umbus.sys
21:31:47.0129 0x0cfc  umbus - ok
21:31:47.0160 0x0cfc  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
21:31:47.0160 0x0cfc  UmPass - ok
21:31:47.0285 0x0cfc  [ 77E005336A7F71CE8B6A89A5D300B189, 134ED1FBC9C3636CDBB3288D22E29981AC13A63F1CC2F85A174EDCE40564B01B ] Updater By SweetPacks C:\Program Files\Updater By SweetPacks\ExtensionUpdaterService.exe
21:31:47.0300 0x0cfc  Updater By SweetPacks - ok
21:31:47.0690 0x0cfc  [ F9EC9ACD504D823D9B9CA98A4F8D3CA2, 58DAD5111C598F14CB199FE6A61FA5918F29513B778A8664FD05EFAB3C665D4F ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
21:31:47.0706 0x0cfc  Updater Service - ok
21:31:47.0784 0x0cfc  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
21:31:47.0815 0x0cfc  upnphost - ok
21:31:48.0065 0x0cfc  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
21:31:48.0080 0x0cfc  usbccgp - ok
21:31:48.0299 0x0cfc  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
21:31:48.0314 0x0cfc  usbcir - ok
21:31:48.0408 0x0cfc  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
21:31:48.0424 0x0cfc  usbehci - ok
21:31:48.0548 0x0cfc  [ 2C780746DC44A28FE67004DC58173F05, 9E0596CE35C7430A31A7E77B4D12A1F521B9ED8EB0614E6FB38403AC614C3EE3 ] usbfilter       C:\Windows\system32\DRIVERS\usbfilter.sys
21:31:48.0548 0x0cfc  usbfilter - ok
21:31:48.0642 0x0cfc  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
21:31:48.0658 0x0cfc  usbhub - ok
21:31:48.0814 0x0cfc  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
21:31:48.0814 0x0cfc  usbohci - ok
21:31:48.0970 0x0cfc  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
21:31:48.0970 0x0cfc  usbprint - ok
21:31:49.0032 0x0cfc  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\drivers\usbscan.sys
21:31:49.0048 0x0cfc  usbscan - ok
21:31:49.0172 0x0cfc  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:31:49.0172 0x0cfc  USBSTOR - ok
21:31:49.0282 0x0cfc  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
21:31:49.0282 0x0cfc  usbuhci - ok
21:31:49.0469 0x0cfc  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
21:31:49.0484 0x0cfc  usbvideo - ok
21:31:49.0531 0x0cfc  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
21:31:49.0547 0x0cfc  UxSms - ok
21:31:49.0594 0x0cfc  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc        C:\Windows\system32\lsass.exe
21:31:49.0609 0x0cfc  VaultSvc - ok
21:31:49.0718 0x0cfc  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
21:31:49.0718 0x0cfc  vdrvroot - ok
21:31:49.0843 0x0cfc  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
21:31:49.0890 0x0cfc  vds - ok
21:31:50.0140 0x0cfc  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
21:31:50.0140 0x0cfc  vga - ok
21:31:50.0218 0x0cfc  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
21:31:50.0218 0x0cfc  VgaSave - ok
21:31:50.0483 0x0cfc  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
21:31:50.0498 0x0cfc  vhdmp - ok
21:31:50.0545 0x0cfc  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
21:31:50.0545 0x0cfc  viaide - ok
21:31:50.0670 0x0cfc  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
21:31:50.0686 0x0cfc  volmgr - ok
21:31:50.0873 0x0cfc  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
21:31:50.0904 0x0cfc  volmgrx - ok
21:31:51.0029 0x0cfc  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
21:31:51.0044 0x0cfc  volsnap - ok
21:31:51.0122 0x0cfc  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
21:31:51.0122 0x0cfc  vsmraid - ok
21:31:51.0497 0x0cfc  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
21:31:51.0637 0x0cfc  VSS - ok
21:31:52.0558 0x0cfc  [ 7451065A6047CBF7332EB76F5ED5F362, 5ED16BE16EE8AAA99E7E22FF52174FC1D818535E5FD984FAA1A5A25B91936335 ] vToolbarUpdater18.1.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\ToolbarUpdater.exe
21:31:52.0729 0x0cfc  vToolbarUpdater18.1.0 - ok
21:31:52.0870 0x0cfc  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
21:31:52.0870 0x0cfc  vwifibus - ok
21:31:52.0885 0x0cfc  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
21:31:52.0885 0x0cfc  vwififlt - ok
21:31:52.0948 0x0cfc  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
21:31:52.0963 0x0cfc  vwifimp - ok
21:31:53.0119 0x0cfc  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
21:31:53.0150 0x0cfc  W32Time - ok
21:31:53.0244 0x0cfc  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
21:31:53.0244 0x0cfc  WacomPen - ok
21:31:53.0431 0x0cfc  [ E00154B84F26E283D930E86B759ADAE6, 5D7280314AEA6C03C4381FBC5AB5660CE41310F54EF32E271254650DC068B30C ] WajamUpdater    C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe
21:31:53.0431 0x0cfc  WajamUpdater - ok
21:31:53.0540 0x0cfc  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
21:31:53.0556 0x0cfc  WANARP - ok
21:31:53.0556 0x0cfc  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
21:31:53.0572 0x0cfc  Wanarpv6 - ok
21:31:53.0774 0x0cfc  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
21:31:53.0868 0x0cfc  WatAdminSvc - ok
21:31:54.0102 0x0cfc  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
21:31:54.0211 0x0cfc  wbengine - ok
21:31:54.0305 0x0cfc  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
21:31:54.0320 0x0cfc  WbioSrvc - ok
21:31:54.0414 0x0cfc  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
21:31:54.0445 0x0cfc  wcncsvc - ok
21:31:54.0492 0x0cfc  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:31:54.0508 0x0cfc  WcsPlugInService - ok
21:31:54.0554 0x0cfc  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
21:31:54.0554 0x0cfc  Wd - ok
21:31:54.0726 0x0cfc  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
21:31:54.0773 0x0cfc  Wdf01000 - ok
21:31:54.0835 0x0cfc  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
21:31:54.0851 0x0cfc  WdiServiceHost - ok
21:31:54.0866 0x0cfc  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
21:31:54.0866 0x0cfc  WdiSystemHost - ok
21:31:54.0929 0x0cfc  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
21:31:54.0960 0x0cfc  WebClient - ok
21:31:55.0022 0x0cfc  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
21:31:55.0038 0x0cfc  Wecsvc - ok
21:31:55.0085 0x0cfc  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
21:31:55.0085 0x0cfc  wercplsupport - ok
21:31:55.0147 0x0cfc  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
21:31:55.0147 0x0cfc  WerSvc - ok
21:31:55.0241 0x0cfc  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
21:31:55.0256 0x0cfc  WfpLwf - ok
21:31:55.0366 0x0cfc  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
21:31:55.0366 0x0cfc  WIMMount - ok
21:31:55.0397 0x0cfc  WinDefend - ok
21:31:55.0490 0x0cfc  WinHttpAutoProxySvc - ok
21:31:55.0896 0x0cfc  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
21:31:55.0912 0x0cfc  Winmgmt - ok
21:31:56.0333 0x0cfc  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
21:31:56.0520 0x0cfc  WinRM - ok
21:31:56.0676 0x0cfc  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
21:31:56.0707 0x0cfc  Wlansvc - ok
21:31:56.0832 0x0cfc  [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
21:31:56.0832 0x0cfc  wlcrasvc - ok
21:31:57.0409 0x0cfc  [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:31:57.0534 0x0cfc  wlidsvc - ok
21:31:57.0581 0x0cfc  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
21:31:57.0581 0x0cfc  WmiAcpi - ok
21:31:57.0659 0x0cfc  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
21:31:57.0659 0x0cfc  wmiApSrv - ok
21:31:57.0721 0x0cfc  WMPNetworkSvc - ok
21:31:57.0752 0x0cfc  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
21:31:57.0752 0x0cfc  WPCSvc - ok
21:31:57.0815 0x0cfc  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
21:31:57.0815 0x0cfc  WPDBusEnum - ok
21:31:57.0846 0x0cfc  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
21:31:57.0846 0x0cfc  ws2ifsl - ok
21:31:57.0893 0x0cfc  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
21:31:57.0908 0x0cfc  wscsvc - ok
21:31:57.0908 0x0cfc  WSearch - ok
21:31:58.0408 0x0cfc  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
21:31:58.0610 0x0cfc  wuauserv - ok
21:31:58.0688 0x0cfc  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
21:31:58.0688 0x0cfc  WudfPf - ok
21:31:58.0751 0x0cfc  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
21:31:58.0766 0x0cfc  WUDFRd - ok
21:31:58.0876 0x0cfc  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
21:31:58.0876 0x0cfc  wudfsvc - ok
21:31:59.0047 0x0cfc  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
21:31:59.0063 0x0cfc  WwanSvc - ok
21:31:59.0110 0x0cfc  ================ Scan global ===============================
21:31:59.0172 0x0cfc  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
21:31:59.0234 0x0cfc  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
21:31:59.0266 0x0cfc  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
21:31:59.0344 0x0cfc  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
21:31:59.0468 0x0cfc  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
21:31:59.0500 0x0cfc  [ Global ] - ok
21:31:59.0500 0x0cfc  ================ Scan MBR ==================================
21:31:59.0531 0x0cfc  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
21:32:00.0420 0x0cfc  \Device\Harddisk0\DR0 - ok
21:32:00.0436 0x0cfc  [ 65E858A8A0293BE11A920B0BC99D695E ] \Device\Harddisk1\DR3
21:32:00.0451 0x0cfc  \Device\Harddisk1\DR3 - ok
21:32:00.0451 0x0cfc  ================ Scan VBR ==================================
21:32:00.0529 0x0cfc  [ 2435062D468C965257F50E677975C29A ] \Device\Harddisk0\DR0\Partition1
21:32:00.0545 0x0cfc  \Device\Harddisk0\DR0\Partition1 - ok
21:32:00.0576 0x0cfc  [ 81C06DB296ED6F50EA3C29A2BD8382AC ] \Device\Harddisk0\DR0\Partition2
21:32:00.0576 0x0cfc  \Device\Harddisk0\DR0\Partition2 - ok
21:32:00.0592 0x0cfc  [ 297FB348E4BBF5610D616554192BB2A0 ] \Device\Harddisk1\DR3\Partition1
21:32:00.0592 0x0cfc  \Device\Harddisk1\DR3\Partition1 - ok
21:32:00.0592 0x0cfc  ================ Scan generic autorun ======================
21:32:00.0935 0x0cfc  [ 220BC54C446F88CFAAD689CCBDE591E3, C86E1B9E407E7C29B9977EBDE6CFA2BCB1E22BB88A51B5FD723A013E807B593C ] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
21:32:00.0966 0x0cfc  AmIcoSinglun64 - ok
21:32:01.0278 0x0cfc  [ 0D6972A795995F07B6D78CA7724744FB, AA5E21F2957CCA7FBB0A2D006054E43BE4992BDEBAAC26A217C741FF36276B1B ] C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
21:32:01.0309 0x0cfc  mwlDaemon - ok
21:32:04.0117 0x0cfc  [ 798DF4955D7DE4552706B3ECB65B3C80, C0DD4999D8E5505EBC5ADB2B458339BA1444FE897C8568E872C9F8CCF7C5360B ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
21:32:05.0053 0x0cfc  RtHDVCpl - ok
21:32:05.0303 0x0cfc  [ 75102FC486595CF486DFD7239BE30DD5, 1C04BBDAE0E5B4EA91EA7667BF383D4914766F4633519FF371278B1BD88A6846 ] C:\Windows\PLFSetI.exe
21:32:05.0318 0x0cfc  PLFSetI - ok
21:32:05.0318 0x0cfc  SynTPEnh - ok
21:32:05.0599 0x0cfc  [ 147B96A5AEA8CEF3A34D8E378EAAA9B2, AC60E8184AC0DF277C26617AAD06F13A315B459AE47D9093161FB3DD652195B1 ] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
21:32:05.0677 0x0cfc  Acer ePower Management - ok
21:32:05.0958 0x0cfc  [ BE0D4F98717DBAABBE0A785C9B854F21, 3C7EA33A6E3E4398C44CDD337CE1466A7B8ADEBD3F09ECB0C61EB29982275228 ] C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxmon.exe
21:32:06.0130 0x0cfc  lxdxmon.exe - ok
21:32:06.0239 0x0cfc  [ AF0C2E1410056D90DEC880C16632547D, 11E6EEB7ED17BF34690F529BF6676AF12D506C5A887EC466DA128ECDC1B2B7F8 ] C:\Program Files (x86)\Lexmark 3600-4600 Series\ezprint.exe
21:32:06.0317 0x0cfc  EzPrint - ok
21:32:06.0473 0x0cfc  [ C98FF6C440E8967251F59C7919B505A1, 3486C9C855E52FD084FBA3276E296ED8647B445A52FC459B794367AAED48D817 ] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe
21:32:06.0488 0x0cfc  Adobe Reader Speed Launcher - ok
21:32:06.0551 0x0cfc  [ 94F80155B91B8DF7A0EAD527C853D377, 3E35B686DB526592F2ABF4B3E6EAACE1E784A5552C1CE074E85661388E66C153 ] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
21:32:06.0582 0x0cfc  BackupManagerTray - ok
21:32:06.0676 0x0cfc  [ AF7DE2922E01EFA48BF5F2A8511CF896, C0488146EC4600DBD9BF35C3C2DAE38714A4AEBB5341539237CAD1B3BBED3051 ] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
21:32:06.0691 0x0cfc  SuiteTray - ok
21:32:06.0785 0x0cfc  [ F255E48EA981E943A14CF16269F3F3AF, DDA7829AE5D4E2EC0CB11581F4CB3AA70366021BFB70B678A54D050F2EEC0F4B ] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
21:32:06.0800 0x0cfc  EgisUpdate - ok
21:32:06.0863 0x0cfc  [ 0ADF079D36B2C25E6E9BECE1BD937ACE, E90188F60B942A9A7586E39DDE3871B1ED9D5F4D32AB70297CBE69B465609BEE ] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
21:32:06.0894 0x0cfc  EgisTecPMMUpdate - ok
21:32:07.0066 0x0cfc  [ 21EE540CC1AC0F16E34BE3D84BF93269, 1A4F67879043DCD622F9280E359D9BB189EF1C2FF23FB101606808740EA25B42 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
21:32:07.0081 0x0cfc  StartCCC - ok
21:32:07.0627 0x0cfc  [ 38218E47372B77DDB3C9DDD4390CB960, C665FCFE08A4C1F9C3FBA73A220AAB7344C2BF203B62FAB76EF1F659A78F007C ] C:\Program Files (x86)\Launch Manager\LManager.exe
21:32:07.0736 0x0cfc  LManager - ok
21:32:08.0750 0x0cfc  [ 48BE298F7FD1BEF4D8FBACB04D8D95C4, D375B3F6E850E4B0EC81BAA0E554C356BE2248AA77C6C56F5267CA05460FE4EB ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
21:32:08.0813 0x0cfc  Adobe ARM - ok
21:32:08.0984 0x0cfc  [ 13B19DD5EBEB6FDDBD11DD77490A3585, 3B768AA254708F77B5136AF00C27C20D2F820AF693FB2CB725C32E0BC443D8B7 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
21:32:09.0016 0x0cfc  SunJavaUpdateSched - ok
21:32:09.0156 0x0cfc  [ 111CE247AC7E9993CAD9EF0ECF0B6858, BC5D991EB1F6AEC06AABD03DAC00AE9FAD0A0988D1E3F7B9CBB8FA30EC28F47B ] C:\Program Files (x86)\Play Pickle\playpickle32.exe
21:32:09.0156 0x0cfc  Play Pickle - ok
21:32:09.0187 0x0cfc  StartNowToolbarHelper - ok
21:32:10.0388 0x0cfc  [ 926D373B7C52DB332C872FA9470114FB, 305F7CE6A447229034AF01511931BE0F4F6EC3899CE60228648718C98F4A247F ] C:\Program Files (x86)\AVG Secure Search\vprot.exe
21:32:10.0607 0x0cfc  vProt - ok
21:32:10.0794 0x0cfc  [ 33A924000CBFF03490A14ECC261571BE, 506A5D83D5A1DBB9086C3CBD2C2DF93378DEE2F5592559701459135D7516AB81 ] C:\PROGRA~2\GAMING~2\bar\1.bin\gtsrchmn.exe
21:32:10.0794 0x0cfc  GamingWonderland Search Scope Monitor - ok
21:32:10.0856 0x0cfc  [ 3E1DFACF17584F0AA2372F993EC15618, 7224362288CFBBAD5A604DF65B1F310DAEDF6CE5F2EEC14DB97419AB0E155124 ] C:\PROGRA~2\GAMING~2\bar\1.bin\gtbrmon.exe
21:32:10.0856 0x0cfc  GamingWonderland Browser Plugin Loader - ok
21:32:10.0981 0x0cfc  [ 55678779EE29C84D81A192FAACF38FF0, E3FC6702DFE95ED61C30001EA1A7C49714C394640D7EE528C9B3EB472FEBA35F ] C:\Program Files (x86)\PCFixSpeed\PCFixTray.exe
21:32:10.0997 0x0cfc  PCFixSpeed - ok
21:32:11.0215 0x0cfc  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
21:32:11.0293 0x0cfc  Sidebar - ok
21:32:11.0652 0x0cfc  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
21:32:11.0668 0x0cfc  mctadmin - ok
21:32:11.0808 0x0cfc  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
21:32:11.0886 0x0cfc  Sidebar - ok
21:32:12.0245 0x0cfc  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
21:32:12.0260 0x0cfc  mctadmin - ok
21:32:12.0853 0x0cfc  [ 5D61BE7DB55B026A5D61A3EED09D0EAD, D32CC7B31A6F98C60ABC313ABC7D1143681F72DE2BB2604711A0BA20710CAAAE ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
21:32:12.0853 0x0cfc  swg - ok
21:32:12.0853 0x0cfc  DW6 - ok
21:32:13.0103 0x0cfc  [ AC45CE93A426000DC0A5B8BC2491BF92, 3A094C40507C028ABAF23EF1BA81F1DCDB17CF733473EF42454668F3B2C6FCCE ] C:\Program Files (x86)\Common Files\SupportSoft\bin\bcont.exe
21:32:13.0196 0x0cfc  Desktop Software - ok
21:32:13.0196 0x0cfc  Weather - ok
21:32:14.0694 0x0cfc  [ E758F7984AADD9462DD8077524F108E8, 88C599641AD9B7D0A84952F596238CDEAEE288054F14DCB6C8F51CA64688F330 ] C:\Users\kelabethmama\AppData\Local\Smartbar\Application\QuickShare.exe
21:32:14.0694 0x0cfc  Browser Infrastructure Helper - ok
21:32:14.0694 0x0cfc  OutfoxTV - ok
21:32:14.0959 0x0cfc  [ 51138BEEA3E2C21EC44D0932C71762A8, 5AD3C37E6F2B9DB3EE8B5AEEDC474645DE90C66E3D95F8620C48102F1EBA4124 ] C:\Windows\SysWOW64\Rundll32.exe
21:32:14.0959 0x0cfc  BackgroundContainer - ok
21:32:14.0975 0x0cfc  Waiting for KSN requests completion. In queue: 27
21:32:15.0989 0x0cfc  Waiting for KSN requests completion. In queue: 27
21:32:17.0003 0x0cfc  Waiting for KSN requests completion. In queue: 27
21:32:18.0454 0x0cfc  AV detected via SS2: Norton Security Suite, C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\WSCStub.exe ( 20.4.0.0 ), 0x50000 ( disabled : updated )
21:32:18.0454 0x0cfc  FW detected via SS2: Norton Security Suite, C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\WSCStub.exe ( 20.4.0.0 ), 0x50010 ( disabled )
21:32:18.0532 0x0cfc  Win FW state via NFP2: enabled
21:32:21.0059 0x0cfc  ============================================================
21:32:21.0059 0x0cfc  Scan finished
21:32:21.0059 0x0cfc  ============================================================
21:32:21.0059 0x1444  Detected object count: 0
21:32:21.0059 0x1444  Actual detected object count: 0
 



#6 VincentValentine

VincentValentine
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:04:34 AM

Posted 11 June 2014 - 08:52 PM

Here is FRST after running Farbar just now. I had run Farbar a first time in May, so I only have the addition log from then. Please let me know if you'd like me to supply a more recent one, although I don't know how to go about that. Also, thanks for your time!

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-06-2014 01
Ran by kelabethmama (administrator) on KELABETHMAMA-PC on 11-06-2014 21:37:39
Running from C:\Users\kelabethmama\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
() C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(iWin Inc.) C:\Program Files (x86)\iWin Games\iWinGamesInstaller.exe
( ) C:\Windows\System32\lxdxcoms.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\ccsvchst.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(NTI, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Acer Group) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\ToolbarUpdater.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\loggingserver.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(AMD) C:\Windows\System32\atieclxx.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Windows\PLFSetI.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
() C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxmon.exe
(Lexmark International Inc.) C:\Program Files (x86)\Lexmark 3600-4600 Series\ezprint.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\AVG Secure Search\vprot.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
() C:\Windows\Temp\35.0.1916.153_35.0.1916.114_chrome_updater.exe1ee0c7a4
(Google Inc.) C:\Windows\Temp\CR_80EA4.tmp\setup.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [324608 2010-06-10] (Alcor Micro Corp.)
HKLM\...\Run: [mwlDaemon] => C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe [349552 2010-05-26] (Egis Technology Inc.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11101800 2010-07-28] (Realtek Semiconductor)
HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [206208 2010-06-09] ()
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1842472 2009-09-18] (Synaptics Incorporated)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [861216 2010-06-11] (Acer Incorporated)
HKLM\...\Run: [lxdxmon.exe] => C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxmon.exe [672424 2010-02-04] ()
HKLM\...\Run: [EzPrint] => C:\Program Files (x86)\Lexmark 3600-4600 Series\ezprint.exe [107176 2010-02-04] (Lexmark International Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [37296 2012-03-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [265984 2010-06-28] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [337264 2010-05-26] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] => C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201584 2010-03-11] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [407920 2010-03-11] (Egis Technology Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [102400 2010-04-27] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [975952 2010-08-10] (Dritek System Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253672 2011-01-07] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [Play Pickle] => C:\Program Files (x86)\Play Pickle\playpickle32.exe [109056 2011-07-03] ()
HKLM-x32\...\Run: [StartNowToolbarHelper] => "C:\Program Files (x86)\StartNow Toolbar\ToolbarHelper.exe"
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Secure Search\vprot.exe [2557976 2014-05-17] ()
HKLM-x32\...\Run: [GamingWonderland Search Scope Monitor] => C:\Program Files (x86)\GamingWonderland\bar\1.bin\gtSrchMn.exe [42536 2012-05-23] ()
HKLM-x32\...\Run: [GamingWonderland Browser Plugin Loader] => C:\Program Files (x86)\GamingWonderland\bar\1.bin\gtbrmon.exe [30096 2012-05-23] ()
HKLM-x32\...\Run: [PCFixSpeed] => C:\Program Files (x86)\PCFixSpeed\PCFixTray.exe [382040 2013-10-08] ()
HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\Windows\System32\SPReview\SPReview.exe [301568 2013-03-21] (Microsoft Corporation)
HKU\.DEFAULT\...\RunOnce: [SpUninstallDeleteDir] - rmdir /s /q "\SearchProtect"
HKU\S-1-5-21-696852329-1326667962-1231185297-1001\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2011-02-16] (Google Inc.)
HKU\S-1-5-21-696852329-1326667962-1231185297-1001\...\Run: [DW6] => "C:\Program Files (x86)\The Weather Channel FW\Desktop\DesktopWeather.exe"
HKU\S-1-5-21-696852329-1326667962-1231185297-1001\...\Run: [Desktop Software] => C:\Program Files (x86)\Common Files\SupportSoft\bin\bcont.exe [1025320 2009-04-24] (SupportSoft, Inc.)
HKU\S-1-5-21-696852329-1326667962-1231185297-1001\...\Run: [Weather] => C:\Program Files (x86)\AWS\WeatherBug\Weather.exe 1
HKU\S-1-5-21-696852329-1326667962-1231185297-1001\...\Run: [Browser Infrastructure Helper] => C:\Users\kelabethmama\AppData\Local\Smartbar\Application\QuickShare.exe [20248 2013-09-14] ()
HKU\S-1-5-21-696852329-1326667962-1231185297-1001\...\Run: [OutfoxTV] => C:\Program Files\OutfoxTV\OutfoxTV\DesktopContainer.exe
HKU\S-1-5-21-696852329-1326667962-1231185297-1001\...\Run: [BackgroundContainer] => "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\kelabethmama\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun <===== ATTENTION
HKU\S-1-5-21-696852329-1326667962-1231185297-1001\...\MountPoints2: {14773ac9-ff57-11df-b172-806e6f6e6963} - D:\setup\rsrc\Autorun.exe
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll [1350944 2014-02-03] ()
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll [1046816 2014-02-03] ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gooogle.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=US&userid=906dc38a-a47d-4b23-9a9b-90e482b7b27f&searchtype=ds&q={searchTerms}&installDate=17/09/2013
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Restore = http://acer.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=US&userid=906dc38a-a47d-4b23-9a9b-90e482b7b27f&searchtype=ds&q={searchTerms}&installDate=17/09/2013
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://start.sweetpacks.com/?src=10&st=12&crg=3.5000006.10045&barid={85005C2A-0074-11E3-90C4-206A8A271627}
URLSearchHook: HKLM-x32 - MixiDJ V37 Toolbar - {eef3855c-fc2d-41e6-8d91-d368f51b3055} - C:\Program Files (x86)\MixiDJ_V37\prxtbMixi.dll ()
URLSearchHook: HKLM-x32 - SearchFlyBar2 Toolbar - {efc335aa-59ec-45b0-b287-739521153d5b} - C:\Program Files (x86)\SearchFlyBar2\prxtbSear.dll ()
SearchScopes: HKLM-x32 - DefaultScope {A28D0FB6-BBA7-4F87-A3C7-1CCB9478EA76} URL =
SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2394708
SearchScopes: HKLM-x32 - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://start.sweetpacks.com/?src=6&q={searchTerms}&st=12&crg=3.5000006.10045&barid={85005C2A-0074-11E3-90C4-206A8A271627}
SearchScopes: HKLM-x32 - {ef80d754-fb77-4a7f-be75-489beebb20c9} URL = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=RGxdm003YYus&ptnrS=RGxdm003YYus&si=CKSq4N39nq8CFQTd4AodbhV7dA&ptb=CB93590D-061F-4F3C-ABE9-579381EE1300&ind=2012040520&n=77ed4d48&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKCU - DefaultScope {B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF} URL = http://www.amazon.com/websearch/ref=bit_bds-p18_serp_ie_us_display?ie=UTF8&tagbase=bds-p18&tag=bds-p18-serp-us-ie-20&tbrId=v1_abb-channel-18_5a6a5b35665b48a584711d03f5c0bedc_18_38_20140121_US_ie_ds_OC1&query={searchTerms}
SearchScopes: HKCU - Comcast URL = http://search.xfinity.com/?cat=subweb&con=mmchrome&q={searchTerms}&cid=xfstart_tech_search
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=US&userid=906dc38a-a47d-4b23-9a9b-90e482b7b27f&searchtype=ds&q={searchTerms}&installDate=17/09/2013
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://search.conduit.com/Results.aspx?ctid=CT3292715&octid=EB_ORIGINAL_CTID&SearchSource=62&CUI=UN29520134561111294&UM=2&UP=SPDD9B4A88-B3C7-454E-B9AC-A5EFACB41791&q={searchTerms}&SSPV=
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0AD6AA35-1511-48DB-95D7-D96D51F0FB1E} URL = http://www.mysearchresults.com/search?c=0000&t=01&q={searchTerms}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.searchgol.com/?q={searchTerms}&affID=119351&tt=gc_&babsrc=SP_ss_Btisdt7&mntrId=F85318F46ABEA473
SearchScopes: HKCU - {399BFFC8-7EF0-407C-B88A-B3E9196BCFCE} URL = http://ws.infospace.com/playsushi_tbar/ws/redir?_iceUrl=true& user_id=%userid&tool_id=60231&qkw={searchTerms}
SearchScopes: HKCU - {5C151F6C-19A3-49E8-841D-78DD8D5A7FC2} URL = http://search.conduit.com/Results.aspx?ctid=CT3304762&SearchSource=45&UM=2&q={searchTerms}
SearchScopes: HKCU - {66D5E31B-4556-C309-8E9A-C2BE01B8E9EF} URL = http://www.bing.com/search?q={searchTerms}&pc=Z171&form=ZGAIDF&install_date=20111212&iesrc={referrer:source}
SearchScopes: HKCU - {7F2938BE-58B6-4210-AB63-A9D64AB8D79D} URL = http://websearch.ask.com/redirect?client=ie&tb=ARCD&o=102810&src=crm&q={searchTerms}&locale=en_US&apn_ptnrs=8W&apn_dtid=YYYYYYSPUS&apn_uid=d5bd49e8-d3cd-44e0-800b-e42a5f259f27&apn_sauid=93BF56C3-D831-449A-AADF-B1894733F089
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={FFA39954-0FA3-4BA2-9ADD-C98EA68AE69C}&mid=1f68f08cb20047d08c18f123ccc3ffd4-8d93dd2ad89a5ec13ac255b2e0c0d1f5fc1582fd&lang=en&ds=ka011&pr=sa&d=2012-04-01 09:52:28&v=15.3.0.11&pid=avg&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {A28D0FB6-BBA7-4F87-A3C7-1CCB9478EA76} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3292715&CUI=UN29520134561111294&UM=2&SSPV=IN1NB3
SearchScopes: HKCU - {A34E1897-3D72-EA57-9425-68B4317DFB36} URL = http://www.bing.com/search?q={searchTerms}&pc=Z042&form=ZGAIDF
SearchScopes: HKCU - {B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF} URL = http://www.amazon.com/websearch/ref=bit_bds-p18_serp_ie_us_display?ie=UTF8&tagbase=bds-p18&tag=bds-p18-serp-us-ie-20&tbrId=v1_abb-channel-18_5a6a5b35665b48a584711d03f5c0bedc_18_38_20140121_US_ie_ds_OC1&query={searchTerms}
SearchScopes: HKCU - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://start.sweetpacks.com?src=6&q={searchTerms}&barid={85005C2A-0074-11E3-90C4-206A8A271627}&crg=3.5000006.10045&st=23&st=23
SearchScopes: HKCU - {ef80d754-fb77-4a7f-be75-489beebb20c9} URL = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=RGxdm003YYus&ptnrS=RGxdm003YYus&si=CKSq4N39nq8CFQTd4AodbhV7dA&ptb=CB93590D-061F-4F3C-ABE9-579381EE1300&ind=2012040520&n=77ed4d48&psa=&st=sb&searchfor={searchTerms}
BHO: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO: The Amazon 1Button App for IE - {26B19FA4-E8A1-4A1B-A163-1A1E46F830DD} - C:\Program Files (x86)\Amazon\Amazon1ButtonApp\AmazonAppIE64.dll No File
BHO: QuickShare WidgetEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: Updater By SweetPacks - {7D4F1959-3F72-49d5-8E59-F02F8AA6815D} - C:\Program Files\Updater By SweetPacks\Extension64.dll ()
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO-x32: Play Pickle Text - {02F0243C-2E71-4a1a-A790-6C30888119D0} - C:\Program Files (x86)\Play Pickle\pptl.dll ()
BHO-x32: Shopping Assistant Plugin - {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files (x86)\PriceGong\2.5.1\PriceGongIE.dll ()
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: RivalGaming Games - {26D675AC-D925-4bbf-A720-62C2AA4A81EB} - C:\Users\kelabethmama\AppData\Local\RivalGaming\RivalGaming.dll (RivalGaming)
BHO-x32: QuickShare WidgetEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: XFINITY Toolbar - {4b9bcce8-a70b-402a-a7e1-db96831ee26f} - C:\Program Files (x86)\xfin_portal\comcastdx.dll ()
BHO-x32: SocialRibbons - {4BE60886-F6AA-4714-8109-EA6D8247DD57} - C:\Program Files (x86)\SocialRibbons\Toolbar.dll ()
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
BHO-x32: ArcadeFrontier Addon - {6C8DB2EC-499B-4897-A784-0E3186C97E9D} - C:\Users\kelabethmama\AppData\Local\ArcadeFrontier\ArcadeFrontier.dll ()
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: StartNow Toolbar Helper - {6E13D095-45C3-4271-9475-F3B48227DD9F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll ()
BHO-x32: Window Shopper - {74F475FA-6C75-43BD-AAB9-ECDA6184F600} - C:\Program Files (x86)\Superfish\Window Shopper\SuperfishIEAddon.dll ()
BHO-x32: Toolbar BHO - {7c8f8fe5-9785-4f74-bcf8-895ef9752d97} - C:\Program Files (x86)\GamingWonderland\bar\1.bin\gtbar.dll ()
BHO-x32: Updater By SweetPacks - {7D4F1959-3F72-49d5-8E59-F02F8AA6815D} - C:\Program Files\Updater By SweetPacks\Extension32.dll ()
BHO-x32: DefaultTab Browser Helper - {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\kelabethmama\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll ()
BHO-x32: Fantapper - {8A86D350-37AB-410A-8531-7D1363F317B3} - C:\Program Files (x86)\Brand Affinity Technologies\Fantapper Player\\IEInstaller.dll No File
BHO-x32: IEHlprObj Class - {8CA5ED52-F3FB-4414-A105-2E3491156990} - C:\Program Files (x86)\iWin Games\iWinGamesHookIE.dll (iWin Inc.)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.1.0.443\AVG Secure Search_toolbar.dll (AVG Secure Search)
BHO-x32: Search Toolbar - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files (x86)\Search Toolbar\SearchToolbar.dll ()
BHO-x32: DealPly Shopping - {a6c63b7f-2171-47fa-ab34-e64c4737169d} - C:\Program Files (x86)\DealPly\DealPlyIE.dll No File
BHO-x32: Wajam - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files (x86)\Wajam\IE\priam_bho.dll ()
BHO-x32: Lyrics Fan - {A8720491-9558-4C0D-9E35-30EED15DFB2B} - C:\Program Files (x86)\LyricsFan\lrcfan.dll No File
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Search Assistant BHO - {ab5d199e-9659-47a2-930b-fc3b69061353} - C:\Program Files (x86)\GamingWonderland\bar\1.bin\gtSrcAs.dll ()
BHO-x32: ArcadeCandy Games - {AB6BD08C-DB6B-4F02-8A22-4BD343E990FF} - C:\Users\kelabethmama\AppData\Local\ArcadeCandy\candyEX.dll ()
BHO-x32: No Name - {acd6a209-4aaf-4b1c-9930-b82fa131e958} -  No File
BHO-x32: Play Pickle - {AEB04B5E-C981-47a9-B847-33EE4C92F6B9} - C:\Program Files (x86)\Play Pickle\playpicklelib32.dll ()
BHO-x32: Updater For XFIN_PORTAL - {bb46be07-13eb-4c49-b0f0-fc78b9ea4983} - C:\Program Files (x86)\xfin_portal\auxi\comcastAu.dll (Visicom Media)
BHO-x32: No Name - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} -  No File
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: SweetPacks Browser Helper - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll No File
BHO-x32: MixiDJ V37 Toolbar - {eef3855c-fc2d-41e6-8d91-d368f51b3055} - C:\Program Files (x86)\MixiDJ_V37\prxtbMixi.dll ()
BHO-x32: SearchFlyBar2 Toolbar - {efc335aa-59ec-45b0-b287-739521153d5b} - C:\Program Files (x86)\SearchFlyBar2\prxtbSear.dll ()
BHO-x32: Yontoo - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll ()
Toolbar: HKLM - QuickShare Widget - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Search Toolbar - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files (x86)\Search Toolbar\SearchToolbar.dll ()
Toolbar: HKLM-x32 - XFINITY Toolbar - {4b9bcce8-a70b-402a-a7e1-db96831ee26f} - C:\Program Files (x86)\xfin_portal\comcastdx.dll ()
Toolbar: HKLM-x32 - StartNow Toolbar - {5911488E-9D1E-40ec-8CBB-06B231CC153F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll ()
Toolbar: HKLM-x32 - AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.1.0.443\AVG Secure Search_toolbar.dll (AVG Secure Search)
Toolbar: HKLM-x32 - GamingWonderland - {a899079d-206f-43a6-be6a-07e0fa648ea0} - C:\Program Files (x86)\GamingWonderland\bar\1.bin\gtbar.dll ()
Toolbar: HKLM-x32 - Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.21.0\deltaTlbr.dll ()
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - MixiDJ V37 Toolbar - {eef3855c-fc2d-41e6-8d91-d368f51b3055} - C:\Program Files (x86)\MixiDJ_V37\prxtbMixi.dll ()
Toolbar: HKLM-x32 - QuickShare Widget - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll No File
Toolbar: HKLM-x32 - SearchFlyBar2 Toolbar - {efc335aa-59ec-45b0-b287-739521153d5b} - C:\Program Files (x86)\SearchFlyBar2\prxtbSear.dll ()
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKCU - No Name - {9D425283-D487-4337-BAB6-AB8354A81457} -  No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Toolbar: HKCU - No Name - {2C1E21B5-5666-4CD5-8152-96B690B7216E} -  No File
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKCU - No Name - {A899079D-206F-43A6-BE6A-07E0FA648EA0} -  No File
Toolbar: HKCU - No Name - {EEF3855C-FC2D-41E6-8D91-D368F51B3055} -  No File
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
Toolbar: HKCU - No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} -  No File
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {4F29DE54-5EB7-4D76-B610-A86B5CD2A234}
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.0\ViProtocol.dll (AVG Secure Search)

Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.0\\npsitesafety.dll No File
FF Plugin-x32: @GamingWonderland.com/Plugin - C:\Program Files (x86)\GamingWonderland\bar\1.bin\NPgtStub.dll (MindSpark)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @oberon-media.com/ONCAdapter - C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.8\npapicomadapter.dll (Oberon-Media )
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @virtools.com/3DviaPlayer - C:\Program Files (x86)\Virtools\3D Life Player\npvirtools.dll (Dassault Systèmes)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @eximion.com/KalydoPlayer - C:\Users\kelabethmama\AppData\Roaming\Kalydo\KalydoPlayer\bin2\npkalydo.dll (Eximion B.V.)
FF Plugin HKCU: @nsroblox.roblox.com/launcher - C:\Users\kelabethmama\AppData\Local\Roblox\Versions\version-187659e292024b9d\\NPRobloxProxy.dll ( ROBLOX Corporation)
FF Plugin HKCU: @soe.sony.com/installer,version=1.0.3 - C:\Users\kelabethmama\AppData\Local\Microsoft\Internet Explorer\Downloaded Program Files\npsoe.dll ()
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\kelabethmama\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: @yahoo.com/BrowserPlus,version=2.9.8 - C:\Users\kelabethmama\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Extension:     RivalGaming  - C:\Users\kelabethmama\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\links@rivalgaming.com [2012-08-08]
FF Extension: ArcadeWeb - C:\Users\kelabethmama\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\textlinks@arcadeweb.com [2011-05-30]
FF Extension:     Play Pickle TextLinks         - C:\Users\kelabethmama\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\textlinks@plpickle.com [2011-07-01]
FF HKLM\...\Firefox\Extensions: [{8E9E3331-D360-4f87-8803-52DE43566502}] - C:\Program Files\Updater By SweetPacks\Firefox
FF Extension: Updater By SweetPacks - C:\Program Files\Updater By SweetPacks\Firefox [2013-08-08]
FF HKLM-x32\...\Firefox\Extensions: [fbdownloader@KMcore] -
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\coFFPlgn\
FF Extension: No Name - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\coFFPlgn\ []
FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG Secure Search\FireFoxExt\17.3.0.49
FF Extension: No Name - C:\ProgramData\AVG Secure Search\FireFoxExt\17.3.0.49 [2014-01-08]
FF HKLM-x32\...\Firefox\Extensions: [gtffxtbr@GamingWonderland.com] - C:\Program Files (x86)\GamingWonderland\bar\1.bin
FF Extension: GamingWonderland - C:\Program Files (x86)\GamingWonderland\bar\1.bin [2012-05-23]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\IPSFF
FF Extension: No Name - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\IPSFF [2013-10-09]
FF HKLM-x32\...\Firefox\Extensions: [{8E9E3331-D360-4f87-8803-52DE43566502}] - C:\Program Files\Updater By SweetPacks\Firefox
FF Extension: Updater By SweetPacks - C:\Program Files\Updater By SweetPacks\Firefox [2013-08-08]
FF HKCU\...\Firefox\Extensions: [{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}] - C:\Program Files (x86)\PriceGong\2.5.1\FF
FF Extension: PriceGong - C:\Program Files (x86)\PriceGong\2.5.1\FF [2011-12-12]
FF HKCU\...\Firefox\Extensions: [games@acandy.com] - C:\Users\kelabethmama\AppData\Local\ArcadeCandy\games@acandy.com
FF Extension: ArcadeCandy - C:\Users\kelabethmama\AppData\Local\ArcadeCandy\games@acandy.com [2013-07-09]
FF HKCU\...\Firefox\Extensions: [lrcfan@fansoft.br] - C:\Program Files (x86)\LyricsFan\FF\
FF Extension: Lyrics Fan - C:\Program Files (x86)\LyricsFan\FF\ []

Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\gcswf32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.250.6) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java™ Platform SE 6 U25) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.0.2\\npsitesafety.dll (AVG Technologies)
CHR Plugin: (Exent-\� AOD Gecko Plugin) - C:\Program Files (x86)\Free Ride Games\npExentCtl.dll No File
CHR Plugin: (MindSpark Toolbar Platform Plugin Stub) - C:\Program Files (x86)\GamingWonderland\bar\1.bin\NPgtStub.dll (MindSpark)
CHR Plugin: (MindSpark Toolbar Platform Plugin Stub) - C:\Program Files (x86)\Retrogamer_4w\bar\1.bin\NP4wStub.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (My Web Search Plugin Stub) - C:\Program Files (x86)\MyWebSearch\bar\1.bin\NPMyWebS.dll No File
CHR Plugin: (3DVIA player) - C:\Program Files (x86)\Virtools\3D Life Player\npvirtools.dll (Dassault Systèmes)
CHR Plugin: (WildTangent Games App V2 Presence Detector) - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll No File
CHR Plugin: (Windows Live-\� Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Unity Player) - C:\Users\kelabethmama\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (SOE Web Installer) - C:\Users\kelabethmama\AppData\Local\Microsoft\Internet Explorer\Downloaded Program Files\npsoe.dll ()
CHR Plugin: (BrowserPlus (from Yahoo!) v2.9.8) - C:\Users\kelabethmama\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\kelabethmama\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-24]
CHR Extension: (Google Wallet) - C:\Users\kelabethmama\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR HKCU\...\Chrome\Extension: [hgiifhjbblnglipdbpdgagphlcbililb] - C:\Users\kelabethmama\AppData\Local\CRE\hgiifhjbblnglipdbpdgagphlcbililb.crx [2014-01-12]
CHR HKCU\...\Chrome\Extension: [incfcgceegpikennjoplhfghaaikdgei] - C:\Users\kelabethmama\AppData\Roaming\StartNow Toolbar\CR\zcrx.crx [2012-08-19]
CHR HKCU\...\Chrome\Extension: [mfchmfgdaabgdjbcaophikcobddojjoe] - C:\Users\kelabethmama\AppData\Local\CRE\mfchmfgdaabgdjbcaophikcobddojjoe.crx [2013-08-08]
CHR HKCU\...\Chrome\Extension: [pbjikboenpfhbbejgkoklgkhjpfogcam] - C:\Program Files (x86)\Amazon\ABB\AmazonChrome-bds-amzn.crx [2014-01-15]
CHR HKLM-x32\...\Chrome\Extension: [bkomkajifikmkfnjgphkjcfeepbnojok] - C:\Program Files (x86)\PriceGong\2.5.1\pricegong.crx [2011-08-08]
CHR HKLM-x32\...\Chrome\Extension: [hgiifhjbblnglipdbpdgagphlcbililb] - C:\Users\kelabethmama\AppData\Local\CRE\hgiifhjbblnglipdbpdgagphlcbililb.crx [2014-01-12]
CHR HKLM-x32\...\Chrome\Extension: [jpmbfleldcgkldadpdinhjjopdfpjfjp] - C:\Users\kelabethmama\AppData\Local\Wajam\Chrome\wajam.crx [2013-05-02]
CHR HKLM-x32\...\Chrome\Extension: [kdidombaedgpfiiedeimiebkmbilgmlc] - C:\Program Files (x86)\DefaultTab\DefaultTab.crx [2013-02-12]
CHR HKLM-x32\...\Chrome\Extension: [kincjchfokkeneeofpeefomkikfkiedl] - C:\Program Files (x86)\Object\chromeaddon.crx [2013-02-12]
CHR HKLM-x32\...\Chrome\Extension: [mfchmfgdaabgdjbcaophikcobddojjoe] - C:\Users\kelabethmama\AppData\Local\CRE\mfchmfgdaabgdjbcaophikcobddojjoe.crx [2013-08-08]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\Exts\Chrome.crx [2013-08-08]
CHR HKLM-x32\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG Secure Search\ChromeExt\18.1.0.443\avg.crx [2014-05-17]
CHR HKLM-x32\...\Chrome\Extension: [nfeonecgpoepapkmdgdmjolonaakdknd] - C:\Program Files (x86)\LyricsFan\Chrome.crx [2013-05-20]
CHR HKLM-x32\...\Chrome\Extension: [niapdbllcanepiiimjjndipklodoedlc] - C:\Users\KELABE~1\AppData\Local\Temp\YontooLayers.crx [2013-05-20]
CHR HKLM-x32\...\Chrome\Extension: [nnfegheljpcijmdgonkecjpcaopjlpac] - C:\Users\kelabethmama\AppData\Local\ArcadeCandy\candyLinkx.crx [2012-07-09]
CHR HKLM-x32\...\Chrome\Extension: [ogccgbmabaphcakpiclgcnmcnimhokcj] - C:\Windows\SysWOW64\jmdp\SweetNT.crx [2014-04-06]
CHR HKLM-x32\...\Chrome\Extension: [ohgcjecomkebbohfjgmncelbhogbbokf] - C:\Program Files (x86)\Brand Affinity Technologies\Fantapper Player\\fantapper_tri20111005.crx [2014-04-06]

==================== Services (Whitelisted) =================

R2 AntiSpywareService; C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe [616408 2009-06-17] ()
S2 DefaultTabSearch; C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe [574464 2013-12-19] () [File not signed]
S2 DefaultTabUpdate; C:\Users\kelabethmama\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe [107520 2013-08-08] () [File not signed]
S2 GamingWonderlandService; C:\Program Files (x86)\GamingWonderland\bar\1.bin\gtbarsvc.exe [42504 2012-05-23] () [File not signed]
R2 iWinGamesInstaller; C:\Program Files (x86)\iWin Games\iWinGamesInstaller.exe [78104 2008-06-25] (iWin Inc.)
R2 lxdx_device; C:\Windows\system32\lxdxcoms.exe [1039872 2010-02-04] ( )
R2 lxdx_device; C:\Windows\SysWOW64\lxdxcoms.exe [589824 2010-02-04] ( )
S3 MWLService; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-05-26] (Egis Technology Inc.)
R2 N360; C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\ccSvcHst.exe [144368 2013-05-21] (Symantec Corporation)
S4 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
R2 NTISchedulerSvc; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [144640 2010-04-16] (NTI, Inc.)
S2 Updater By SweetPacks; C:\Program Files\Updater By SweetPacks\ExtensionUpdaterService.exe [188760 2013-07-01] () [File not signed]
R2 vToolbarUpdater18.1.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\ToolbarUpdater.exe [1801240 2014-05-17] (AVG Secure Search)
S2 WajamUpdater; C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe [109064 2013-05-02] () [File not signed]
S2 CltMngSvc; C:\PROGRA~2\SearchProtect\Main\bin\CltMngSvc.exe [X]
S2 MyOwnSuperheroService; C:\PROGRA~2\MYOWNS~2\bar\1.bin\v3barsvc.exe [X]
S2 OutfoxTvService; C:\Program Files\OutfoxTV\OutfoxTvService.exe [X]
S2 Retrogamer_4wService; C:\PROGRA~2\RETROG~2\bar\1.bin\4wbarsvc.exe [X]

==================== Drivers (Whitelisted) ====================

R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50464 2014-05-17] (AVG Technologies)
S1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20140214.001\BHDrvx64.sys [1526488 2014-01-09] (Symantec Corporation)
S1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1404000.028\ccSetx64.sys [169048 2013-04-15] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-11-21] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20140217.001\IDSvia64.sys [521944 2014-01-20] (Symantec Corporation)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20140218.019\ENG64.SYS [126040 2014-02-05] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20140218.019\EX64.SYS [2099288 2014-02-05] (Symantec Corporation)
S3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [848384 2011-02-10] (Realtek Semiconductor Corporation                           )
S3 SRTSP; C:\Windows\System32\Drivers\N360x64\1404000.028\SRTSP64.SYS [796760 2013-05-16] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1404000.028\SRTSPX64.SYS [36952 2013-03-04] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1404000.028\SYMDS64.SYS [493656 2013-05-21] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1404000.028\SYMEFA64.SYS [1139800 2013-05-23] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-11-22] (Symantec Corporation)
S1 SymIRON; C:\Windows\system32\drivers\N360x64\1404000.028\Ironx64.SYS [224416 2012-07-27] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1404000.028\SYMNETS.SYS [433752 2013-04-24] (Symantec Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-11 21:37 - 2014-06-11 21:37 - 02081792 _____ (Farbar) C:\Users\kelabethmama\Desktop\FRST64.exe
2014-06-11 21:37 - 2014-06-11 21:37 - 00040119 _____ () C:\Users\kelabethmama\Desktop\FRST.txt
2014-06-11 21:37 - 2014-06-11 21:37 - 00000000 ____D () C:\Users\kelabethmama\Desktop\FRST-OlderVersion
2014-06-11 21:29 - 2014-06-11 21:29 - 00000000 ____D () C:\Users\kelabethmama\Desktop\tdskiller
2014-06-11 21:27 - 2014-06-11 21:29 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\kelabethmama\Desktop\TDSSKiller.exe
2014-06-11 21:27 - 2014-06-11 21:28 - 04161050 _____ () C:\Users\kelabethmama\Downloads\tdsskiller.zip
2014-06-11 09:18 - 2014-05-06 00:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-11 09:18 - 2014-05-06 00:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-11 09:18 - 2014-05-05 23:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-11 09:18 - 2014-05-05 23:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-11 09:18 - 2014-05-05 23:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-11 09:18 - 2014-05-05 22:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-05 22:45 - 2014-03-01 00:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-05 22:25 - 2014-06-05 22:25 - 00003735 _____ () C:\Users\kelabethmama\Desktop\attach.zip
2014-06-05 22:18 - 2014-06-05 22:03 - 00688992 ____R (Swearware) C:\Users\kelabethmama\Desktop\dds.com
2014-05-31 18:20 - 2014-05-31 18:20 - 00000066 _____ () C:\Windows\wininit.ini
2014-05-31 18:19 - 2012-04-05 20:37 - 00693648 _____ (MindSpark) C:\Program Files (x86)\4wUninstall Retrogamer.dll
2014-05-31 18:19 - 2012-04-05 20:37 - 00169912 _____ () C:\Program Files (x86)\4wres.dll
2014-05-31 18:18 - 2014-05-31 18:18 - 00000000 __SHD () C:\Users\kelabethmama\AppData\Local\EmieUserList
2014-05-31 18:18 - 2014-05-31 18:18 - 00000000 __SHD () C:\Users\kelabethmama\AppData\Local\EmieSiteList
2014-05-31 18:18 - 2011-12-21 18:59 - 00824840 _____ (MyWebSearch.com) C:\Program Files (x86)\Uninstall Fun Web Products.dll
2014-05-31 18:07 - 2012-08-10 14:57 - 00699536 _____ (MindSpark) C:\Program Files (x86)\v3Uninstall MyOwnSuperhero.dll
2014-05-31 18:07 - 2012-08-10 14:57 - 00172464 _____ () C:\Program Files (x86)\v3res.dll
2014-05-31 18:05 - 2014-05-31 18:05 - 00000000 ____D () C:\ProgramData\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}
2014-05-31 17:40 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2014-05-31 17:36 - 2014-05-31 17:36 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-31 17:36 - 2014-05-31 17:36 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-05-31 17:36 - 2014-05-31 17:36 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-05-31 17:36 - 2014-05-31 17:36 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-05-31 17:36 - 2014-05-31 17:36 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-31 17:36 - 2014-05-31 17:36 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-05-31 17:36 - 2014-05-31 17:36 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-05-31 17:36 - 2014-05-31 17:36 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-05-31 17:36 - 2014-05-31 17:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-05-31 17:36 - 2014-05-31 17:36 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-05-31 17:36 - 2014-05-31 17:36 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-05-31 17:36 - 2014-05-31 17:36 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-31 17:36 - 2014-05-31 17:36 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-05-31 17:36 - 2014-05-31 17:36 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-05-31 17:36 - 2014-05-31 17:36 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-05-31 17:36 - 2014-05-31 17:36 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-05-31 17:36 - 2014-05-31 17:36 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-05-31 17:36 - 2014-05-31 17:36 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-05-31 17:36 - 2014-05-31 17:36 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-05-31 17:36 - 2014-05-31 17:36 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-05-31 17:36 - 2014-05-31 17:36 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-05-31 17:36 - 2014-05-31 17:36 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-05-31 17:36 - 2014-05-31 17:36 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-05-31 17:36 - 2014-05-31 17:36 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-05-31 17:36 - 2014-05-31 17:36 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-05-31 17:27 - 2014-06-11 21:34 - 00002147 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-31 17:27 - 2014-05-31 17:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-05-31 17:15 - 2014-05-31 18:02 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-31 17:15 - 2014-05-04 17:12 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-31 12:04 - 2014-05-31 12:04 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-05-31 11:54 - 2014-05-31 11:54 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-05-31 11:38 - 2014-06-11 21:37 - 00000000 ____D () C:\FRST
2014-05-24 14:34 - 2014-05-24 14:34 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-24 13:13 - 2014-05-24 11:45 - 00918672 _____ (Google Inc.) C:\Users\kelabethmama\Desktop\ChromeSetup.exe
2014-05-17 16:33 - 2014-02-12 16:53 - 00000426 _____ () C:\AVScanner.ini
2014-05-17 14:08 - 2014-05-17 14:08 - 17938608 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-05-17 14:04 - 2014-05-09 02:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-17 14:04 - 2014-05-09 02:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-17 14:04 - 2014-04-11 22:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-17 14:04 - 2014-04-11 22:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-17 14:04 - 2014-04-11 22:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-17 14:04 - 2014-04-11 22:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-17 14:04 - 2014-04-11 22:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-17 14:04 - 2014-04-11 22:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-17 14:04 - 2014-04-11 22:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-17 14:04 - 2014-04-11 22:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-17 14:04 - 2014-04-11 22:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-17 14:04 - 2014-03-24 22:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-17 14:04 - 2014-03-24 22:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-17 14:04 - 2014-03-04 05:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-17 14:04 - 2014-03-04 05:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-17 14:04 - 2014-03-04 05:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-17 14:04 - 2014-03-04 05:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-17 14:04 - 2014-03-04 05:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-17 14:04 - 2014-03-04 05:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-17 14:04 - 2014-03-04 05:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-17 14:04 - 2014-03-04 05:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-17 14:04 - 2014-03-04 05:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-17 14:04 - 2014-03-04 05:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-17 14:04 - 2014-03-04 05:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-17 14:04 - 2014-03-04 05:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-17 14:04 - 2014-03-04 05:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-17 14:04 - 2014-03-04 05:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-17 14:04 - 2014-03-04 05:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-17 14:04 - 2014-03-04 05:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-17 14:04 - 2014-03-04 05:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-17 14:04 - 2014-03-04 05:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-17 14:04 - 2014-03-04 05:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-17 14:04 - 2014-03-04 05:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-17 14:04 - 2014-03-04 05:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-17 14:04 - 2014-03-04 05:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-17 14:04 - 2014-03-04 05:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-17 14:04 - 2014-03-04 05:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-17 14:04 - 2014-03-04 05:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-17 14:04 - 2014-03-04 05:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-17 14:04 - 2014-03-04 05:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-17 14:04 - 2014-03-04 05:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-17 14:04 - 2014-03-04 05:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-17 14:04 - 2014-03-04 05:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-17 14:04 - 2014-03-04 05:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-17 14:04 - 2014-03-04 05:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-17 13:54 - 2014-05-17 13:54 - 00000000 ____D () C:\Windows\SysWOW64\jmdp
2014-05-17 13:54 - 2014-05-17 13:54 - 00000000 ____D () C:\Windows\system32\ljkb
2014-05-17 13:36 - 2013-12-24 19:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-05-17 13:36 - 2013-12-24 18:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-05-17 13:36 - 2013-11-26 04:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-05-17 13:36 - 2013-11-22 18:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-05-17 13:28 - 2014-05-31 17:15 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-17 13:28 - 2014-05-17 13:28 - 00001066 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-17 13:28 - 2014-05-17 13:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-17 13:27 - 2014-05-17 13:28 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-17 13:27 - 2014-05-17 13:27 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-17 13:27 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-17 13:27 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-17 13:27 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-17 13:25 - 2014-05-15 19:56 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\kelabethmama\Desktop\mbam-setup-2.0.1.1004.exe
2014-05-17 13:25 - 2014-01-27 22:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-05-17 13:23 - 2014-01-28 22:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-05-17 13:23 - 2014-01-28 22:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-05-17 13:23 - 2013-12-31 19:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-05-17 13:23 - 2013-12-05 22:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-05-17 13:23 - 2013-12-05 22:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-05-17 13:23 - 2013-12-05 22:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-05-17 13:23 - 2013-12-05 22:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-05-17 13:22 - 2013-12-03 22:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-05-17 13:22 - 2013-12-03 22:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-05-17 13:22 - 2013-12-03 22:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-05-17 13:22 - 2013-12-03 22:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-05-17 13:22 - 2013-12-03 22:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-05-17 13:22 - 2013-12-03 22:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-05-17 13:22 - 2013-12-03 22:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-05-17 13:22 - 2013-12-03 22:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-05-17 13:22 - 2013-12-03 22:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-05-17 13:22 - 2013-12-03 22:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-05-17 13:22 - 2013-12-03 22:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-05-17 13:22 - 2013-12-03 22:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-05-17 13:22 - 2013-12-03 22:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-05-17 13:22 - 2013-12-03 21:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-05-17 13:22 - 2013-12-03 21:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-05-17 13:22 - 2013-12-03 21:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-05-17 13:22 - 2013-12-03 21:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-05-17 13:20 - 2014-02-06 21:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-05-17 13:19 - 2014-05-17 13:19 - 00003662 _____ () C:\Windows\System32\Tasks\DTChk
2014-05-17 13:19 - 2014-05-17 13:19 - 00000000 ____D () C:\Users\Public\Util

==================== One Month Modified Files and Folders =======

2014-06-11 21:39 - 2014-06-11 21:37 - 00040119 _____ () C:\Users\kelabethmama\Desktop\FRST.txt
2014-06-11 21:39 - 2011-02-03 13:38 - 00000000 ____D () C:\Users\kelabethmama\AppData\Local\Temp
2014-06-11 21:37 - 2014-06-11 21:37 - 02081792 _____ (Farbar) C:\Users\kelabethmama\Desktop\FRST64.exe
2014-06-11 21:37 - 2014-06-11 21:37 - 00000000 ____D () C:\Users\kelabethmama\Desktop\FRST-OlderVersion
2014-06-11 21:37 - 2014-05-31 11:38 - 00000000 ____D () C:\FRST
2014-06-11 21:34 - 2014-05-31 17:27 - 00002147 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-06-11 21:34 - 2011-02-16 19:48 - 00000910 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-11 21:29 - 2014-06-11 21:29 - 00000000 ____D () C:\Users\kelabethmama\Desktop\tdskiller
2014-06-11 21:29 - 2014-06-11 21:27 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\kelabethmama\Desktop\TDSSKiller.exe
2014-06-11 21:28 - 2014-06-11 21:27 - 04161050 _____ () C:\Users\kelabethmama\Downloads\tdsskiller.zip
2014-06-11 21:27 - 2010-12-03 23:35 - 01823477 _____ () C:\Windows\WindowsUpdate.log
2014-06-11 21:23 - 2012-10-26 22:56 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-11 21:23 - 2011-02-16 19:48 - 00000906 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-05 22:44 - 2009-07-14 00:45 - 00017600 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-05 22:44 - 2009-07-14 00:45 - 00017600 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-05 22:35 - 2010-12-03 23:32 - 00190804 _____ () C:\Windows\PFRO.log
2014-06-05 22:35 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-05 22:35 - 2009-07-14 00:51 - 00106425 _____ () C:\Windows\setupact.log
2014-06-05 22:25 - 2014-06-05 22:25 - 00003735 _____ () C:\Users\kelabethmama\Desktop\attach.zip
2014-06-05 22:03 - 2014-06-05 22:18 - 00688992 ____R (Swearware) C:\Users\kelabethmama\Desktop\dds.com
2014-05-31 18:20 - 2014-05-31 18:20 - 00000066 _____ () C:\Windows\wininit.ini
2014-05-31 18:20 - 2013-07-16 19:56 - 00000000 ____D () C:\Program Files (x86)\gravitysensation.com
2014-05-31 18:18 - 2014-05-31 18:18 - 00000000 __SHD () C:\Users\kelabethmama\AppData\Local\EmieUserList
2014-05-31 18:18 - 2014-05-31 18:18 - 00000000 __SHD () C:\Users\kelabethmama\AppData\Local\EmieSiteList
2014-05-31 18:18 - 2011-07-01 18:35 - 00000000 ____D () C:\Users\kelabethmama\AppData\Local\Conduit
2014-05-31 18:17 - 2011-12-21 18:59 - 00000000 ____D () C:\Program Files (x86)\FunWebProducts
2014-05-31 18:10 - 2011-05-30 14:29 - 00000000 ____D () C:\Firefox
2014-05-31 18:06 - 2013-08-08 17:52 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup
2014-05-31 18:05 - 2014-05-31 18:05 - 00000000 ____D () C:\ProgramData\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}
2014-05-31 18:03 - 2011-02-03 13:40 - 00000000 ___RD () C:\Users\kelabethmama\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-31 18:02 - 2014-05-31 17:15 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-31 17:54 - 2011-02-03 13:40 - 00001417 _____ () C:\Users\kelabethmama\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-31 17:41 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-05-31 17:40 - 2013-11-12 08:38 - 00050517 _____ () C:\Windows\IE11_main.log
2014-05-31 17:36 - 2014-05-31 17:36 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-31 17:36 - 2014-05-31 17:36 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-05-31 17:36 - 2014-05-31 17:36 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-05-31 17:36 - 2014-05-31 17:36 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-05-31 17:36 - 2014-05-31 17:36 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-31 17:36 - 2014-05-31 17:36 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-05-31 17:36 - 2014-05-31 17:36 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-05-31 17:36 - 2014-05-31 17:36 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-05-31 17:36 - 2014-05-31 17:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-05-31 17:36 - 2014-05-31 17:36 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-05-31 17:36 - 2014-05-31 17:36 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-05-31 17:36 - 2014-05-31 17:36 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-31 17:36 - 2014-05-31 17:36 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-05-31 17:36 - 2014-05-31 17:36 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-05-31 17:36 - 2014-05-31 17:36 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-05-31 17:36 - 2014-05-31 17:36 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-05-31 17:36 - 2014-05-31 17:36 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-05-31 17:36 - 2014-05-31 17:36 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-05-31 17:36 - 2014-05-31 17:36 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-05-31 17:36 - 2014-05-31 17:36 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-05-31 17:36 - 2014-05-31 17:36 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-05-31 17:36 - 2014-05-31 17:36 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-05-31 17:36 - 2014-05-31 17:36 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-05-31 17:36 - 2014-05-31 17:36 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-05-31 17:36 - 2014-05-31 17:36 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-05-31 17:36 - 2014-05-31 17:36 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-05-31 17:27 - 2014-05-31 17:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-05-31 17:26 - 2011-02-19 14:44 - 00776014 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-05-31 17:25 - 2009-07-14 01:13 - 00776014 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-31 17:15 - 2014-05-17 13:28 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-31 12:05 - 2014-01-21 19:28 - 00000000 ____D () C:\Program Files (x86)\Amazon Browser Bar
2014-05-31 12:04 - 2014-05-31 12:04 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-05-31 11:54 - 2014-05-31 11:54 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-05-31 11:33 - 2013-08-08 17:31 - 00000258 __RSH () C:\Users\kelabethmama\ntuser.pol
2014-05-31 11:33 - 2011-02-03 13:40 - 00000000 ___RD () C:\Users\kelabethmama\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-31 11:33 - 2011-02-03 13:38 - 00000000 ____D () C:\Users\kelabethmama
2014-05-24 14:42 - 2009-07-14 00:45 - 00275712 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-05-24 14:34 - 2014-05-24 14:34 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-24 14:32 - 2013-03-20 09:30 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-05-24 14:32 - 2013-03-20 09:30 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-05-24 14:32 - 2010-11-19 05:32 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-05-24 13:32 - 2013-10-10 13:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-05-24 13:10 - 2012-04-30 15:00 - 00000000 ____D () C:\Users\kelabethmama\AppData\Local\AVG Secure Search
2014-05-24 11:45 - 2014-05-24 13:13 - 00918672 _____ (Google Inc.) C:\Users\kelabethmama\Desktop\ChromeSetup.exe
2014-05-17 17:18 - 2014-01-21 19:27 - 00000000 ____D () C:\Program Files (x86)\Amazon
2014-05-17 16:33 - 2014-02-12 16:53 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-05-17 16:33 - 2009-07-13 23:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-17 14:08 - 2014-05-17 14:08 - 17938608 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-05-17 14:08 - 2012-10-26 22:56 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-17 14:08 - 2012-10-26 22:55 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-17 14:08 - 2011-07-03 13:55 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-17 13:54 - 2014-05-17 13:54 - 00000000 ____D () C:\Windows\SysWOW64\jmdp
2014-05-17 13:54 - 2014-05-17 13:54 - 00000000 ____D () C:\Windows\system32\ljkb
2014-05-17 13:28 - 2014-05-17 13:28 - 00001066 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-17 13:28 - 2014-05-17 13:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-17 13:28 - 2014-05-17 13:27 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-17 13:27 - 2014-05-17 13:27 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-17 13:26 - 2011-02-16 19:48 - 00003906 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-17 13:26 - 2011-02-16 19:48 - 00003654 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-17 13:24 - 2012-04-01 09:52 - 00000000 ____D () C:\ProgramData\AVG Secure Search
2014-05-17 13:21 - 2012-04-01 09:51 - 00000000 ____D () C:\Program Files (x86)\AVG Secure Search
2014-05-17 13:20 - 2013-08-08 17:50 - 00000000 ____D () C:\Windows\SysWOW64\WNLT
2014-05-17 13:20 - 2013-08-08 17:50 - 00000000 ____D () C:\Windows\SysWOW64\ARFC
2014-05-17 13:19 - 2014-05-17 13:19 - 00003662 _____ () C:\Windows\System32\Tasks\DTChk
2014-05-17 13:19 - 2014-05-17 13:19 - 00000000 ____D () C:\Users\Public\Util
2014-05-17 13:19 - 2012-09-04 08:50 - 00050464 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys
2014-05-15 19:56 - 2014-05-17 13:25 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\kelabethmama\Desktop\mbam-setup-2.0.1.1004.exe

Files to move or delete:
====================
C:\ProgramData\ryjweatq.dat
C:\Users\kelabethmama\jagex_runescape_preferences.dat
C:\Users\kelabethmama\jagex_runescape_preferences2.dat


Some content of TEMP:
====================
C:\Users\kelabethmama\AppData\Local\Temp\avguidx.dll
C:\Users\kelabethmama\AppData\Local\Temp\BackupSetup.exe
C:\Users\kelabethmama\AppData\Local\Temp\checktbexist.exe
C:\Users\kelabethmama\AppData\Local\Temp\CommonInstaller.exe
C:\Users\kelabethmama\AppData\Local\Temp\gne5iyh7.dll
C:\Users\kelabethmama\AppData\Local\Temp\iGearedHelper.dll
C:\Users\kelabethmama\AppData\Local\Temp\Installer.exe
C:\Users\kelabethmama\AppData\Local\Temp\install_flashplayer11x64ax_gtbp_chra_aih[1].exe
C:\Users\kelabethmama\AppData\Local\Temp\kpinstaller.exe
C:\Users\kelabethmama\AppData\Local\Temp\MachineIdCreator.exe
C:\Users\kelabethmama\AppData\Local\Temp\mconduitinstaller.exe
C:\Users\kelabethmama\AppData\Local\Temp\mgsqlite3.dll
C:\Users\kelabethmama\AppData\Local\Temp\nsdEAC0.exe
C:\Users\kelabethmama\AppData\Local\Temp\nsg3359.exe
C:\Users\kelabethmama\AppData\Local\Temp\nsqC4F0.exe
C:\Users\kelabethmama\AppData\Local\Temp\nstEDDD.exe
C:\Users\kelabethmama\AppData\Local\Temp\nsyF951.exe
C:\Users\kelabethmama\AppData\Local\Temp\nsyFA8A.exe
C:\Users\kelabethmama\AppData\Local\Temp\SecondStepInstaller.exe
C:\Users\kelabethmama\AppData\Local\Temp\setup.exe
C:\Users\kelabethmama\AppData\Local\Temp\Shortcut_sweetpacks_dlcom_862013.exe
C:\Users\kelabethmama\AppData\Local\Temp\SPSetup.exe
C:\Users\kelabethmama\AppData\Local\Temp\SPStub.exe
C:\Users\kelabethmama\AppData\Local\Temp\swpacksbing_717_active.exe
C:\Users\kelabethmama\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\kelabethmama\AppData\Local\Temp\tbRadi.dll
C:\Users\kelabethmama\AppData\Local\Temp\thepriceisright2010-114767253-setup.s114767253.c110268333.r110268333.len.ub466631a644fe09fe1af13a4449fa5e8da255721.dl.exe
C:\Users\kelabethmama\AppData\Local\Temp\ToolbarHelper.exe
C:\Users\kelabethmama\AppData\Local\Temp\ToolbarInstaller.exe
C:\Users\kelabethmama\AppData\Local\Temp\uninst1.exe
C:\Users\kelabethmama\AppData\Local\Temp\Uninstall.exe
C:\Users\kelabethmama\AppData\Local\Temp\vcredist_x64.exe
C:\Users\kelabethmama\AppData\Local\Temp\WSSetup.exe
C:\Users\kelabethmama\AppData\Local\Temp\xijj1nvq.dll
C:\Users\kelabethmama\AppData\Local\Temp\zekor-q-.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2013-12-17 07:35

==================== End Of Log ============================



#7 VincentValentine

VincentValentine
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:04:34 AM

Posted 11 June 2014 - 08:54 PM

I wasn't able to attach addition (couldn't find the option). So here it is:

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-05-2014
Ran by kelabethmama at 2014-05-31 11:40:02
Running from C:\Users\kelabethmama\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AV: Norton Security Suite (Disabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Security Suite (Disabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Security Suite (Disabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
 
==================== Installed Programs ======================
 
18 Wheels of Steel - American Long Haul (x32 Version: 2.2.0.95 - WildTangent) Hidden
3DVIA player 5.0 (HKLM-x32\...\{4E868D3D-6EEB-4273-926C-2287236B5B79}) (Version: 5.0.0.12 - 3DVIA)
Acer Backup Manager (HKLM-x32\...\InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}) (Version: 2.0.0.68 - NewTech Infosystems)
Acer Crystal Eye Webcam (HKLM-x32\...\{7760D94E-B1B5-40A0-9AA0-ABF942108755}) (Version: 5.2.19.3 - Suyin Optronics Corp)
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 5.00.3005 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3013 - Acer Incorporated)
Acer Games (HKLM-x32\...\WildTangent acer Master Uninstall) (Version: 1.0.3.0 - WildTangent)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.03.3003 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.1124.2010 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3001 - Acer Incorporated)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9130 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.3.9130 - Adobe Systems Inc.) Hidden
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader 9.5.1 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.5.1 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.5.9.620 - Adobe Systems, Inc.)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.95 - WildTangent) Hidden
Alcor Micro USB Card Reader (HKLM-x32\...\InstallShield_{DD89CE29-BC88-40C6-A845-E2548682C5D6}) (Version: 1.9.17.06019 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 1.9.17.06019 - Alcor Micro Corp.) Hidden
Amazon Browser Settings (HKLM-x32\...\Amazon Browser Settings) (Version: 3.0 - Amazon)
AMD USB Filter Driver (x32 Version: 1.0.15.94 - Advanced Micro Devices, Inc.) Hidden
ArcadeFrontier (HKCU\...\{4AFCAFDC-D870-41FA-B9FB-1442B9DAFE76}) (Version:  - ArcadeFrontier)
ArcadeWeb (HKLM-x32\...\Arcadeweb) (Version:  - )
Ask Toolbar (HKLM-x32\...\{86D4B82A-ABED-442A-BE86-96357B70F4FE}) (Version: 1.14.1.0 - Ask.com) <==== ATTENTION
Ask Toolbar Updater (HKCU\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.2.0.20007 - Ask.com) <==== ATTENTION
ATI Catalyst Install Manager (HKLM\...\{A0158415-15CA-B2A0-928D-E755DD506C0D}) (Version: 3.0.769.0 - ATI Technologies, Inc.)
AVG Security Toolbar (HKLM-x32\...\AVG Secure Search) (Version: 18.1.0.443 - AVG Technologies)
Backup Manager Basic (x32 Version: 2.0.0.68 - NewTech Infosystems) Hidden
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bejeweled 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Belkin N300 Micro USB Wireless Adapter (HKLM-x32\...\{B20F9D1C-A0A5-4cd8-8306-DA03872311B1}) (Version: 1.00.0155 - )
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Broadcom Gigabit NetLink Controller (HKLM\...\{A84DB02B-9C2B-4272-9D2D-A80E00A56513}) (Version: 14.2.4.2 - Broadcom Corporation)
Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
CA Pest Patrol Realtime Protection (HKLM-x32\...\{F05A5232-CE5E-4274-AB27-44EB8105898D}) (Version: 001.001.0034 - Computer Associates Inc.)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2010.0426.2136.36953 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2010.0426.2136.36953 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2010.0426.2136.36953 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2010.0426.2136.36953 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2010.0426.2136.36953 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0426.2136.36953 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2010.0426.2136.36953 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2010.0426.2135.36953 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2010.0426.2135.36953 - ATI) Hidden
CCC Help Czech (x32 Version: 2010.0426.2135.36953 - ATI) Hidden
CCC Help Danish (x32 Version: 2010.0426.2135.36953 - ATI) Hidden
CCC Help Dutch (x32 Version: 2010.0426.2135.36953 - ATI) Hidden
CCC Help English (x32 Version: 2010.0426.2135.36953 - ATI) Hidden
CCC Help Finnish (x32 Version: 2010.0426.2135.36953 - ATI) Hidden
CCC Help French (x32 Version: 2010.0426.2135.36953 - ATI) Hidden
CCC Help German (x32 Version: 2010.0426.2135.36953 - ATI) Hidden
CCC Help Greek (x32 Version: 2010.0426.2135.36953 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2010.0426.2135.36953 - ATI) Hidden
CCC Help Italian (x32 Version: 2010.0426.2135.36953 - ATI) Hidden
CCC Help Japanese (x32 Version: 2010.0426.2135.36953 - ATI) Hidden
CCC Help Korean (x32 Version: 2010.0426.2135.36953 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2010.0426.2135.36953 - ATI) Hidden
CCC Help Polish (x32 Version: 2010.0426.2135.36953 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2010.0426.2135.36953 - ATI) Hidden
CCC Help Russian (x32 Version: 2010.0426.2135.36953 - ATI) Hidden
CCC Help Spanish (x32 Version: 2010.0426.2135.36953 - ATI) Hidden
CCC Help Swedish (x32 Version: 2010.0426.2135.36953 - ATI) Hidden
CCC Help Thai (x32 Version: 2010.0426.2135.36953 - ATI) Hidden
CCC Help Turkish (x32 Version: 2010.0426.2135.36953 - ATI) Hidden
ccc-core-static (x32 Version: 2010.0426.2136.36953 - ATI) Hidden
ccc-utility64 (Version: 2010.0426.2136.36953 - ATI) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Clone Wars (HKCU\...\SOE-Clone Wars) (Version:  - Sony Online Entertainment)
Comcast Desktop Software (v1.2.1) (HKLM-x32\...\{118C3943-1683-42EF-824D-C22E70DB42E7}) (Version: 24 - Comcast)
CyberLink PowerDVD 9 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.3216.50 - CyberLink Corp.)
CyberLink PowerDVD 9 (x32 Version: 9.0.3216.50 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dealply (HKCU\...\Dealply) (Version:  - ) <==== ATTENTION
DefaultTab (HKLM-x32\...\DefaultTab) (Version: 2.2.8.0 - Search Results, LLC) <==== ATTENTION
Delta Chrome Toolbar (HKLM-x32\...\Delta Chrome Toolbar) (Version:  - Visual Tools) <==== ATTENTION
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dora's Carnival Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
eBay Worldwide (HKLM-x32\...\{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}) (Version: 2.1.0901 - OEM)
Fantapper Player (HKLM-x32\...\{C8FAFAEE-94E2-43D9-8046-87F96D0FD7CF}) (Version: 1.0.9 - Brand Affinity Technologies)
FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE: The Cursed King (x32 Version: 2.2.0.97 - WildTangent) Hidden
GameTap Web Player (HKLM-x32\...\{86C0E2A3-1EDA-4F01-A43D-80DA8642813C}_is1) (Version:  - Metaboli)
GamingWonderland Toolbar (HKLM-x32\...\GamingWonderlandbar Uninstall) (Version:  - Mindspark Interactive Network) <==== ATTENTION
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Acer Incorporated)
iWin Games (remove only) (HKLM-x32\...\iWinArcade) (Version:  - )
Java Auto Updater (x32 Version: 2.0.4.1 - Sun Microsystems, Inc.) Hidden
Java™ 6 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216025FF}) (Version: 6.0.250 - Oracle)
Jewel Quest - Heritage (x32 Version: 2.2.0.95 - WildTangent) Hidden
Jewel Quest III (remove only) (HKLM-x32\...\Jewel Quest III) (Version:  - )
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kalydo Player 4.10.01 (HKCU\...\KalydoPlayer) (Version: 4.10.01 - Eximion B.V.)
Launch Manager (HKLM-x32\...\LManager) (Version: 4.0.14 - Acer Inc.)
Lexmark 3600-4600 Series (HKLM\...\Lexmark 3600-4600 Series) (Version:  - Lexmark International, Inc.)
LR701US (HKLM-x32\...\{3D97BE49-D553-48B2-9D0C-5500E3C4149F}) (Version: 1.0 - Lexia Learning Systems, Inc.)
Lyrics Fan (HKLM-x32\...\lrcfan@fansoft.br) (Version:  - FAN Software) <==== ATTENTION
Malwarebytes Anti-Malware version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
MixiDJ V37 Toolbar (HKLM-x32\...\MixiDJ_V37 Toolbar) (Version: 6.15.0.27 - MixiDJ V37) <==== ATTENTION
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
My Web Search (IWON) (HKLM-x32\...\MyWebSearch bar Uninstall) (Version:  - My Web Search) <==== ATTENTION
MyOwnSuperhero Toolbar (HKLM-x32\...\MyOwnSuperherobar Uninstall) (Version:  - Mindspark Interactive Network) <==== ATTENTION
MyPC Backup  (HKLM\...\MyPC Backup) (Version:  - MyPC Backup) <==== ATTENTION
MyWinLocker (x32 Version: 3.1.212.0 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}) (Version: 3.1.212.0 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 3.1.212.0 - Egis Technology Inc.) Hidden
NOOK for PC (HKLM-x32\...\BN_DesktopReader) (Version: 2.5.1.237 - Barnesandnoble.com)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
Norton Security Suite (HKLM-x32\...\N360) (Version: 20.4.0.40 - Symantec Corporation)
NTI Backup Now 5 (HKLM-x32\...\InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}) (Version: 5.1.2.630 - NewTech Infosystems)
NTI Backup Now Standard (x32 Version: 5.1.2.630 - NewTech Infosystems) Hidden
NTI Media Maker 8 (HKLM-x32\...\InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}) (Version: 8.0.12.6636 - NewTech Infosystems)
NTI Media Maker 8 (x32 Version: 8.0.12.6636 - NewTech Infosystems) Hidden
OpinionSquare (HKLM-x32\...\{9cf77345-ac1f-46e5-83ff-79676bee4d6b}) (Version: 1.3.337.320 - TMRG,  Inc.)
OutfoxTV (HKLM-x32\...\OutfoxTV) (Version:  - OutfoxTV)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.8 - Pando Networks Inc.)
PC Fix Speed 1.2.0.24 (HKLM-x32\...\{F7B34B38-02A6-44D5-B8CC-06EB3B8ACFC9}_is1) (Version: 1.2.0.24 - Crawler, LLC.)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Pirate101 (HKLM-x32\...\{662140BE-138C-4DC1-B4CD-B62C6C855A25}) (Version: 1.0.0 - KingsIsle Entertainment, Inc.)
Plants vs. Zombies (x32 Version: 2.2.0.95 - WildTangent) Hidden
Play Pickle (HKLM-x32\...\Play Pickle) (Version:  - )
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
PriceGong 2.5.1 (HKLM-x32\...\PriceGong) (Version: 2.5.1 - PriceGong) <==== ATTENTION
QuickShare (HKLM-x32\...\{CC1C2EE8-8E03-4D79-9758-C208D4438A3E}) (Version: 1.146.60.12450 - Linkury Inc.) <==== ATTENTION
Radio 123 Toolbar (HKLM-x32\...\Radio_123 Toolbar) (Version: 6.4.1.2 - Radio 123)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6167 - Realtek Semiconductor Corp.)
Retrogamer toolbar (HKLM-x32\...\Retrogamer_4wbar Uninstall) (Version:  - Mindspark Interactive Network) <==== ATTENTION
RivalGaming (HKCU\...\RivalGaming) (Version:  - RivalGaming)
ROBLOX Player for kelabethmama (HKCU\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version:  - ROBLOX Corporation)
ROBLOX Studio 2013 for kelabethmama (HKCU\...\{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}) (Version:  - ROBLOX Corporation)
Search Protect (HKLM-x32\...\SearchProtect) (Version: 2.9.65.0 - Conduit) <==== ATTENTION
Search Toolbar (HKLM-x32\...\Search Toolbar) (Version: 1.2 - Zugo Ltd)
SearchFlyBar2 Toolbar for IE (HKLM-x32\...\IECT3292715) (Version: 6.17.2.617 - SearchFlyBar2)
Shop To Win (HKLM-x32\...\{6EFDBA50-4ABE-4194-86F7-F3BD0A011F5B}_is1) (Version: 1.0.25 - Shop To Win, LLC)
Shredder (Version: 2.0.8.3 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.3 - Egis Technology Inc.) Hidden
SocialRibbons (HKLM-x32\...\SocialRibbons) (Version:  - )
Spider-Man™ - Web of Shadows (HKLM-x32\...\InstallShield_{7F7E4FA7-6F32-4DE2-917E-361E034AED7A}) (Version: 1.0 - Activision)
Spider-Man™ - Web of Shadows (x32 Version: 1.0 - Activision) Hidden
StartNow Toolbar (HKLM-x32\...\StartNow Toolbar) (Version: 2.5.0 - StartNow.com) <==== ATTENTION
Stronghold Kingdoms (HKLM-x32\...\{D1D632A2-E249-466D-A094-B1B934D37645}_is1) (Version: Stronghold Kingdoms (Installer v1.17) - Firefly Studios)
Sumotori Full Version (HKLM-x32\...\Sumotori Full Version) (Version:  - )
SweetPacks Updater Service (HKLM-x32\...\WNLT) (Version: 5.0.8.6 - ) <==== ATTENTION
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.6.0 - Synaptics Incorporated)
The Price is Right (HKLM-x32\...\114767253) (Version:  - Oberon Media)
The Weather Channel Desktop 6 (HKLM-x32\...\The Weather Channel Desktop 6) (Version:  - )
Times Reader (HKLM-x32\...\com.nyt.timesreader.78C54164786ADE80CB31E1C5D95607D0938C987A.1) (Version: 2.055 - The New York Times Company)
Times Reader (x32 Version: 2.055 - The New York Times Company) Hidden
Uniblue RegistryBooster (HKLM-x32\...\Uniblue RegistryBooster) (Version: 6.0.10.8 - Uniblue Systems Ltd)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Updater By SweetPacks 2.0.0.608 (HKLM\...\{7D4F1959-3F72-49d5-8E59-F02F8AA6815D}_is1) (Version: 2.0.0.608 - SweetPacks) <==== ATTENTION
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden
Wajam (HKLM-x32\...\Wajam) (Version: 1.81 - Wajam) <==== ATTENTION
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3005 - Acer Incorporated)
WildTangent Games App (Acer Games) (x32 Version: 4.0.5.36 - WildTangent) Hidden
Window Shopper (HKLM-x32\...\{A1570454-ED12-4050-A7AC-9282C7AFB23C}) (Version: 01.02.0003 - Superfish)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Wizard101 (HKLM-x32\...\{A9E27FF5-6294-46A8-B8FD-77B1DECA3021}) (Version: 1.0.0 - KingsIsle Entertainment, Inc.)
XFINITY Toolbar (HKLM-x32\...\xfin_portal) (Version: 3.5.1.10 - )
Yahoo! BrowserPlus 2.9.8 (HKCU\...\Yahoo! BrowserPlus) (Version:  - Yahoo! Inc.)
Yontoo 1.10.02 (HKLM\...\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}) (Version: 1.10.02 - Yontoo LLC) <==== ATTENTION
Zuma's Revenge (x32 Version: 2.2.0.95 - WildTangent) Hidden
 
==================== Restore Points  =========================
 
02-03-2014 03:16:43 Windows Update
04-03-2014 12:46:48 Removed LR701US
06-03-2014 21:04:07 Windows Update
06-03-2014 21:22:32 Windows Defender Checkpoint
15-03-2014 18:03:07 Windows Update
15-03-2014 19:28:37 Restore Operation
17-05-2014 20:49:47 Removed Internet Explorer Toolbar 4.9 by SweetPacks
17-05-2014 20:54:02 Removed Internet Explorer Toolbar 4.9 by SweetPacks
17-05-2014 20:56:23 Removed Internet Explorer Toolbar 4.9 by SweetPacks
17-05-2014 21:14:59 Removed Fantapper Player
17-05-2014 21:19:49 Removed CA Pest Patrol Realtime Protection
24-05-2014 17:21:05 Removed WeatherBug
24-05-2014 17:29:11 Windows Update
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {149FE9C6-3565-4726-AEF8-67F664D1E5F2} - System32\Tasks\ArcadeFrontier => C:\Users\kelabethmama\AppData\Local\ArcadeFrontier\veragent.exe [2013-12-11] ()
Task: {1C2B206B-8653-4D7D-A796-164EE8AB18DF} - System32\Tasks\Dealply => C:\Users\KELABE~1\AppData\Roaming\Dealply\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {28890710-AF00-4140-9AE7-A8E876C8CFD0} - \DealPlyUpdate No Task File <==== ATTENTION
Task: {2A3549E3-35CF-4CC3-8CCE-502521CF1847} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-02-16] (Google Inc.)
Task: {38773ECF-8357-46AF-94DF-A6586908AFA5} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv => C:\Windows\TEMP\{1B7D8A62-BB7B-4A85-9C77-A093CCFFD171}.exe
Task: {5A2B58AF-23F5-4B8B-9494-D3F170B288B0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-17] (Adobe Systems Incorporated)
Task: {8C508969-B429-49F3-9706-C0FD087E4504} - System32\Tasks\Norton Security Suite\Norton Error Processor => C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\SymErr.exe [2013-06-03] (Symantec Corporation)
Task: {925FCEF9-447C-4D9F-8F9E-A1970C72880B} - System32\Tasks\BackgroundContainer Startup Task => Rundll32.exe "C:\Users\kelabethmama\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun <==== ATTENTION
Task: {9F4B0F88-02DB-49DA-95DF-1740C85DF18E} - System32\Tasks\Norton Security Suite\Norton Error Analyzer => C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\SymErr.exe [2013-06-03] (Symantec Corporation)
Task: {9FC12180-F4BD-4981-AF36-BFFAF9681EA1} - System32\Tasks\EPUpdater => C:\Users\kelabethmama\AppData\Roaming\BabSolution\Shared\BabMaint.exe [2013-05-09] () <==== ATTENTION
Task: {A100907E-0BF4-44B9-9512-5345A26E8E2F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-02-16] (Google Inc.)
Task: {A73942EB-F4EA-42BA-9A29-77B7813BCF7D} - System32\Tasks\Installation App Launcher => C:\Program Files (x86)\Lexmark 3600-4600 Series\ezprint.exe [2010-02-04] (Lexmark International Inc.)
Task: {BF005112-7BE8-419C-9B49-858288157306} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\WSCStub.exe [2013-06-04] (Symantec Corporation)
Task: {CF962E00-D3EB-4FDD-BE06-F8A08C4CFA22} - System32\Tasks\DTChk => C:\Users\Public\Util\DTChk.exe [2014-05-17] (Search Results, LLC)
Task: {D14AD27F-E1B6-4E9F-AA10-E8E9666C7682} - System32\Tasks\CandyUpdater => C:\Users\kelabethmama\AppData\Local\ArcadeCandy\candyUpdater.exe [2013-09-26] ()
Task: {D6455632-EE04-48AD-B493-A09738258834} - System32\Tasks\DTReg => C:\Users\kelabethmama\AppData\Roaming\DefaultTab\DefaultTab\DTReg.exe [2014-02-05] () <==== ATTENTION
Task: {E6487848-F647-4715-A5EC-A1FE157AD810} - System32\Tasks\RegistryBooster => C:\Program Files (x86)\Uniblue\RegistryBooster\rbmonitor.exe [2012-03-02] (Uniblue Systems Limited)
Task: {EE244378-5BF8-4688-A6C9-68E7E3D2BC56} - System32\Tasks\RGames Updater => C:\Users\kelabethmama\AppData\Local\RivalGaming\Updater.exe [2012-11-09] ()
Task: {EF8895F5-3F92-4753-8E71-0D2B46F72650} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe [2012-01-03] () <==== ATTENTION
Task: {FFDCBB78-556C-404D-A64C-81DFB7D730AB} - System32\Tasks\Norton Security Scan for kelabethmama => C:\Program Files (x86)\Norton Security Scan\Engine\3.0.0.103\Nss.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\ArcadeFrontier.job => C:\Users\kelabethmama\AppData\Local\ArcadeFrontier\veragent.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\Windows\TEMP\{1B7D8A62-BB7B-4A85-9C77-A093CCFFD171}.exe
Task: C:\Windows\Tasks\CandyUpdater.job => C:\Users\kelabethmama\AppData\Local\ArcadeCandy\candyUpdater.exe
Task: C:\Windows\Tasks\Dealply.job => C:\Users\KELABE~1\AppData\Roaming\Dealply\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\RegistryBooster.job => C:\Program Files (x86)\Uniblue\RegistryBooster\rbmonitor.exe
Task: C:\Windows\Tasks\RGames Updater.job => C:\Users\kelabethmama\AppData\Local\RivalGaming\Updater.exe
 
==================== Loaded Modules (whitelisted) =============
 
2011-02-04 16:58 - 2009-10-16 19:12 - 00177664 _____ () C:\Windows\system32\spool\PRTPROCS\x64\lxdxdrpp.dll
2009-06-17 13:49 - 2009-06-17 13:49 - 00616408 _____ () C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe
2013-07-01 13:43 - 2013-07-01 13:43 - 01102336 _____ () C:\Program Files (x86)\MyPC Backup\x64\System.Data.SQLite.dll
2014-05-17 13:23 - 2014-05-17 13:19 - 00159768 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\loggingserver.exe
2010-12-03 23:42 - 2010-06-09 22:54 - 00206208 _____ () C:\Windows\PLFSetI.exe
2011-02-04 16:59 - 2010-02-04 02:27 - 00672424 _____ () C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxmon.exe
2012-04-01 09:51 - 2014-05-17 13:19 - 02557976 _____ () C:\Program Files (x86)\AVG Secure Search\vprot.exe
2011-02-04 16:56 - 2009-10-16 19:09 - 01401856 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\lxdxptpc.dll
2011-02-04 16:56 - 2009-10-16 19:12 - 00196096 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\lxdxdrui.dll
2011-02-04 16:57 - 2009-10-16 19:12 - 00273408 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\lxdxdr.dll
2010-06-28 19:20 - 2010-06-28 19:20 - 00465576 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
2010-06-28 19:12 - 2010-06-28 19:12 - 01081600 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\ACE.dll
2014-05-17 13:23 - 2014-05-17 13:19 - 00519704 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\log4cplusU.dll
2014-01-22 16:14 - 2014-01-22 16:14 - 00544768 _____ () C:\Users\kelabethmama\AppData\Local\FGZsoft\physxcudart_20.dll
2011-02-04 16:59 - 2010-02-04 02:04 - 00380928 _____ () C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxscw.dll
2011-02-04 16:59 - 2010-02-04 01:52 - 00589824 _____ () C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxdatr.dll
2011-02-04 16:59 - 2010-02-04 01:52 - 00073728 _____ () C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxcats.dll
2011-02-04 16:59 - 2010-02-04 02:04 - 00782336 _____ () C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxDRS.dll
2011-02-04 16:59 - 2010-02-04 02:05 - 00081920 _____ () C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxcaps.dll
2011-02-04 16:59 - 2010-02-04 01:52 - 00069632 _____ () C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxcnv4.dll
2011-02-04 16:59 - 2010-02-04 01:02 - 00364544 _____ () C:\Program Files (x86)\Lexmark 3600-4600 Series\iptk.dll
2011-02-04 16:59 - 2007-09-06 06:11 - 00151552 _____ () C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxptp.dll
2010-12-03 23:24 - 2009-05-20 18:02 - 00072200 _____ () C:\Program Files (x86)\Launch Manager\CdDirIo.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
AlternateDataStreams: C:\ProgramData\Temp:C9CAD6C7
 
==================== Safe Mode (whitelisted) ===================
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SMR210 => ""="Service"
 
==================== EXE Association (whitelisted) =============
 
 
==================== Disabled items from MSCONFIG ==============
 
MSCONFIG\Services: ITMRTSVC => 2
MSCONFIG\Services: McAfee SiteAdvisor Service => 2
MSCONFIG\Services: McComponentHostService => 3
MSCONFIG\Services: McMPFSvc => 2
MSCONFIG\Services: mcmscsvc => 2
MSCONFIG\Services: McNaiAnn => 2
MSCONFIG\Services: McNASvc => 2
MSCONFIG\Services: McODS => 3
MSCONFIG\Services: McProxy => 2
MSCONFIG\Services: MSK80Service => 2
MSCONFIG\Services: NOBU => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupreg: ComcastAntispyClient => "C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntispy.exe" /hide
MSCONFIG\startupreg: mcui_exe => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
MSCONFIG\startupreg: Norton Online Backup => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
 
==================== Faulty Device Manager Devices =============
 
Name: Symantec Iron Driver
Description: Symantec Iron Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: SymIRON
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
Name: BHDrvx64
Description: BHDrvx64
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: BHDrvx64
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
Name: Norton Security Suite Settings Manager
Description: Norton Security Suite Settings Manager
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: ccSet_N360
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (05/31/2014 11:27:11 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: DTChk.exe, version: 1.1.0.2, time stamp: 0x2a425e19
Faulting module name: KERNELBASE.dll, version: 6.1.7601.18409, time stamp: 0x53159a86
Exception code: 0x0eedfade
Fault offset: 0x0000c42d
Faulting process id: 0xe18
Faulting application start time: 0xDTChk.exe0
Faulting application path: DTChk.exe1
Faulting module path: DTChk.exe2
Report Id: DTChk.exe3
 
Error: (05/31/2014 09:56:47 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Information only.
(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.
 
Error: (05/24/2014 02:36:22 PM) (Source: .NET Runtime Optimization Service) (EventID: 1107) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - Failed to execute command from the offline queue: uninstall "System.Transactions, Version=2.0.0.0, Culture=Neutral, PublicKeyToken=b77a5c561934e089, processorArchitecture=amd64" /NoDependencies .  The error returned was Error: The specified assembly is not installed.
.
 
Error: (05/24/2014 01:29:12 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary X5XSEx.
 
System Error:
The system cannot find the file specified.
.
 
Error: (05/24/2014 01:21:05 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary X5XSEx.
 
System Error:
The system cannot find the file specified.
.
 
Error: (05/24/2014 01:10:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: DTChk.exe, version: 1.1.0.2, time stamp: 0x2a425e19
Faulting module name: KERNELBASE.dll, version: 6.1.7601.18229, time stamp: 0x51fb1116
Exception code: 0x0eedfade
Fault offset: 0x0000c41f
Faulting process id: 0x15d0
Faulting application start time: 0xDTChk.exe0
Faulting application path: DTChk.exe1
Faulting module path: DTChk.exe2
Report Id: DTChk.exe3
 
Error: (05/24/2014 01:10:18 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Information only.
(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.
 
Error: (05/17/2014 05:19:50 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary X5XSEx.
 
System Error:
The system cannot find the file specified.
.
 
Error: (05/17/2014 05:15:00 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary X5XSEx.
 
System Error:
The system cannot find the file specified.
.
 
Error: (05/17/2014 04:57:47 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 10.0.9200.16750 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 7b4
 
Start Time: 01cf721299bac255
 
Termination Time: 16
 
Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
 
Report Id:
 
 
System errors:
=============
Error: (05/31/2014 11:27:09 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
 
Error: (05/31/2014 09:46:53 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
 
Error: (05/31/2014 09:46:47 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
BHDrvx64
ccSet_N360
SymIRON
 
Error: (05/31/2014 09:46:26 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Search Protect by Conduit Service service failed to start due to the following error: 
%%2
 
Error: (05/31/2014 09:46:25 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The WajamUpdater service failed to start due to the following error: 
%%216
 
Error: (05/31/2014 09:46:20 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The RetrogamerService service failed to start due to the following error: 
%%216
 
Error: (05/31/2014 09:46:15 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The MyOwnSuperheroService service failed to start due to the following error: 
%%216
 
Error: (05/31/2014 09:46:14 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The IBUpdaterService service failed to start due to the following error: 
%%216
 
Error: (05/31/2014 09:46:14 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The GamingWonderlandService service failed to start due to the following error: 
%%216
 
Error: (05/31/2014 09:46:00 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The DefaultTabUpdate service failed to start due to the following error: 
%%216
 
 
Microsoft Office Sessions:
=========================
Error: (05/31/2014 11:27:11 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: DTChk.exe1.1.0.22a425e19KERNELBASE.dll6.1.7601.1840953159a860eedfade0000c42de1801cf7ce4c9ef796bC:\Users\Public\Util\DTChk.exeC:\Windows\syswow64\KERNELBASE.dll08b023ea-e8d8-11e3-b84e-18f46abea473
 
Error: (05/31/2014 09:56:47 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.
 
Error: (05/24/2014 02:36:22 PM) (Source: .NET Runtime Optimization Service) (EventID: 1107) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - Failed to execute command from the offline queue: uninstall "System.Transactions, Version=2.0.0.0, Culture=Neutral, PublicKeyToken=b77a5c561934e089, processorArchitecture=amd64" /NoDependencies .  The error returned was Error: The specified assembly is not installed.
.
 
Error: (05/24/2014 01:29:12 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary X5XSEx.
 
System Error:
The system cannot find the file specified.
 
Error: (05/24/2014 01:21:05 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary X5XSEx.
 
System Error:
The system cannot find the file specified.
 
Error: (05/24/2014 01:10:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: DTChk.exe1.1.0.22a425e19KERNELBASE.dll6.1.7601.1822951fb11160eedfade0000c41f15d001cf77730bcd74c2C:\Users\Public\Util\DTChk.exeC:\Windows\syswow64\KERNELBASE.dll4f4c1d0c-e366-11e3-9527-206a8a271627
 
Error: (05/24/2014 01:10:18 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.
 
Error: (05/17/2014 05:19:50 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary X5XSEx.
 
System Error:
The system cannot find the file specified.
 
Error: (05/17/2014 05:15:00 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary X5XSEx.
 
System Error:
The system cannot find the file specified.
 
Error: (05/17/2014 04:57:47 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE10.0.9200.167507b401cf721299bac25516C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE


#8 nasdaq

nasdaq

  • Malware Response Team
  • 39,559 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:04:34 AM

Posted 12 June 2014 - 08:39 AM

Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below.
 
start
(iWin Inc.) C:\Program Files (x86)\iWin Games\iWinGamesInstaller.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\ToolbarUpdater.exe
(Google Inc.) C:\Windows\Temp\CR_80EA4.tmp\setup.exe
HKLM-x32\...\Run: [Play Pickle] => C:\Program Files (x86)\Play Pickle\playpickle32.exe [109056 2011-07-03] ()
HKLM-x32\...\Run: [StartNowToolbarHelper] => "C:\Program Files (x86)\StartNow Toolbar\ToolbarHelper.exe"
HKLM-x32\...\Run: [GamingWonderland Search Scope Monitor] => C:\Program Files (x86)\GamingWonderland\bar\1.bin\gtSrchMn.exe [42536 2012-05-23] ()
HKLM-x32\...\Run: [GamingWonderland Browser Plugin Loader] => C:\Program Files (x86)\GamingWonderland\bar\1.bin\gtbrmon.exe [30096 2012-05-23] ()
HKLM-x32\...\Run: [PCFixSpeed] => C:\Program Files (x86)\PCFixSpeed\PCFixTray.exe [382040 2013-10-08] ()
HKU\.DEFAULT\...\RunOnce: [SpUninstallDeleteDir] - rmdir /s /q "\SearchProtect"
HKU\S-1-5-21-696852329-1326667962-1231185297-1001\...\Run: [Browser Infrastructure Helper] => C:\Users\kelabethmama\AppData\Local\Smartbar\Application\QuickShare.exe [20248 2013-09-14] ()
HKU\S-1-5-21-696852329-1326667962-1231185297-1001\...\Run: [OutfoxTV] => C:\Program Files\OutfoxTV\OutfoxTV\DesktopContainer.exe
HKU\S-1-5-21-696852329-1326667962-1231185297-1001\...\Run: [BackgroundContainer] => "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\kelabethmama\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun <===== ATTENTION
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll [1350944 2014-02-03] ()
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll [1046816 2014-02-03] ()
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=US&userid=906dc38a-a47d-4b23-9a9b-90e482b7b27f&searchtype=ds&q={searchTerms}&installDate=17/09/2013
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=US&userid=906dc38a-a47d-4b23-9a9b-90e482b7b27f&searchtype=ds&q={searchTerms}&installDate=17/09/2013
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://start.sweetpacks.com/?src=10&st=12&crg=3.5000006.10045&barid={85005C2A-0074-11E3-90C4-206A8A271627}
URLSearchHook: HKLM-x32 - MixiDJ V37 Toolbar - {eef3855c-fc2d-41e6-8d91-d368f51b3055} - C:\Program Files (x86)\MixiDJ_V37\prxtbMixi.dll ()
URLSearchHook: HKLM-x32 - SearchFlyBar2 Toolbar - {efc335aa-59ec-45b0-b287-739521153d5b} - C:\Program Files (x86)\SearchFlyBar2\prxtbSear.dll ()
SearchScopes: HKLM-x32 - DefaultScope {A28D0FB6-BBA7-4F87-A3C7-1CCB9478EA76} URL =
SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2394708
SearchScopes: HKLM-x32 - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://start.sweetpacks.com/?src=6&q={searchTerms}&st=12&crg=3.5000006.10045&barid={85005C2A-0074-11E3-90C4-206A8A271627}
SearchScopes: HKLM-x32 - {ef80d754-fb77-4a7f-be75-489beebb20c9} URL = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=RGxdm003YYus&ptnrS=RGxdm003YYus&si=CKSq4N39nq8CFQTd4AodbhV7dA&ptb=CB93590D-061F-4F3C-ABE9-579381EE1300&ind=2012040520&n=77ed4d48&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKCU - DefaultScope {B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF} URL = http://www.amazon.com/websearch/ref=bit_bds-p18_serp_ie_us_display?ie=UTF8&tagbase=bds-p18&tag=bds-p18-serp-us-ie-20&tbrId=v1_abb-channel-18_5a6a5b35665b48a584711d03f5c0bedc_18_38_20140121_US_ie_ds_OC1&query={searchTerms}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=US&userid=906dc38a-a47d-4b23-9a9b-90e482b7b27f&searchtype=ds&q={searchTerms}&installDate=17/09/2013
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://search.conduit.com/Results.aspx?ctid=CT3292715&octid=EB_ORIGINAL_CTID&SearchSource=62&CUI=UN29520134561111294&UM=2&UP=SPDD9B4A88-B3C7-454E-B9AC-A5EFACB41791&q={searchTerms}&SSPV=
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0AD6AA35-1511-48DB-95D7-D96D51F0FB1E} URL = http://www.mysearchresults.com/search?c=0000&t=01&q={searchTerms}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.searchgol.com/?q={searchTerms}&affID=119351&tt=gc_&babsrc=SP_ss_Btisdt7&mntrId=F85318F46ABEA473
SearchScopes: HKCU - {399BFFC8-7EF0-407C-B88A-B3E9196BCFCE} URL = http://ws.infospace.com/playsushi_tbar/ws/redir?_iceUrl=true& user_id=%userid&tool_id=60231&qkw={searchTerms}
SearchScopes: HKCU - {5C151F6C-19A3-49E8-841D-78DD8D5A7FC2} URL = http://search.conduit.com/Results.aspx?ctid=CT3304762&SearchSource=45&UM=2&q={searchTerms}
SearchScopes: HKCU - {7F2938BE-58B6-4210-AB63-A9D64AB8D79D} URL = http://websearch.ask.com/redirect?client=ie&tb=ARCD&o=102810&src=crm&q={searchTerms}&locale=en_US&apn_ptnrs=8W&apn_dtid=YYYYYYSPUS&apn_uid=d5bd49e8-d3cd-44e0-800b-e42a5f259f27&apn_sauid=93BF56C3-D831-449A-AADF-B1894733F089
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={FFA39954-0FA3-4BA2-9ADD-C98EA68AE69C}&mid=1f68f08cb20047d08c18f123ccc3ffd4-8d93dd2ad89a5ec13ac255b2e0c0d1f5fc1582fd&lang=en&ds=ka011&pr=sa&d=2012-04-01 09:52:28&v=15.3.0.11&pid=avg&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {A28D0FB6-BBA7-4F87-A3C7-1CCB9478EA76} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3292715&CUI=UN29520134561111294&UM=2&SSPV=IN1NB3
SearchScopes: HKCU - {B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF} URL = http://www.amazon.com/websearch/ref=bit_bds-p18_serp_ie_us_display?ie=UTF8&tagbase=bds-p18&tag=bds-p18-serp-us-ie-20&tbrId=v1_abb-channel-18_5a6a5b35665b48a584711d03f5c0bedc_18_38_20140121_US_ie_ds_OC1&query={searchTerms}
SearchScopes: HKCU - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://start.sweetpacks.com?src=6&q={searchTerms}&barid={85005C2A-0074-11E3-90C4-206A8A271627}&crg=3.5000006.10045&st=23&st=23
SearchScopes: HKCU - {ef80d754-fb77-4a7f-be75-489beebb20c9} URL = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=RGxdm003YYus&ptnrS=RGxdm003YYus&si=CKSq4N39nq8CFQTd4AodbhV7dA&ptb=CB93590D-061F-4F3C-ABE9-579381EE1300&ind=2012040520&n=77ed4d48&psa=&st=sb&searchfor={searchTerms}
BHO: The Amazon 1Button App for IE - {26B19FA4-E8A1-4A1B-A163-1A1E46F830DD} - C:\Program Files (x86)\Amazon\Amazon1ButtonApp\AmazonAppIE64.dll No File
BHO: QuickShare WidgetEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: Updater By SweetPacks - {7D4F1959-3F72-49d5-8E59-F02F8AA6815D} - C:\Program Files\Updater By SweetPacks\Extension64.dll ()
BHO-x32: Play Pickle Text - {02F0243C-2E71-4a1a-A790-6C30888119D0} - C:\Program Files (x86)\Play Pickle\pptl.dll ()
BHO-x32: Shopping Assistant Plugin - {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files (x86)\PriceGong\2.5.1\PriceGongIE.dll ()
BHO-x32: RivalGaming Games - {26D675AC-D925-4bbf-A720-62C2AA4A81EB} - C:\Users\kelabethmama\AppData\Local\RivalGaming\RivalGaming.dll (RivalGaming)
BHO-x32: QuickShare WidgetEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: ArcadeFrontier Addon - {6C8DB2EC-499B-4897-A784-0E3186C97E9D} - C:\Users\kelabethmama\AppData\Local\ArcadeFrontier\ArcadeFrontier.dll ()
BHO-x32: StartNow Toolbar Helper - {6E13D095-45C3-4271-9475-F3B48227DD9F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll ()
BHO-x32: Window Shopper - {74F475FA-6C75-43BD-AAB9-ECDA6184F600} - C:\Program Files (x86)\Superfish\Window Shopper\SuperfishIEAddon.dll ()
BHO-x32: Toolbar BHO - {7c8f8fe5-9785-4f74-bcf8-895ef9752d97} - C:\Program Files (x86)\GamingWonderland\bar\1.bin\gtbar.dll ()
BHO-x32: Updater By SweetPacks - {7D4F1959-3F72-49d5-8E59-F02F8AA6815D} - C:\Program Files\Updater By SweetPacks\Extension32.dll ()
BHO-x32: DefaultTab Browser Helper - {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\kelabethmama\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll ()
BHO-x32: Fantapper - {8A86D350-37AB-410A-8531-7D1363F317B3} - C:\Program Files (x86)\Brand Affinity Technologies\Fantapper Player\\IEInstaller.dll No File
BHO-x32: IEHlprObj Class - {8CA5ED52-F3FB-4414-A105-2E3491156990} - C:\Program Files (x86)\iWin Games\iWinGamesHookIE.dll (iWin Inc.)
BHO-x32: Search Toolbar - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files (x86)\Search Toolbar\SearchToolbar.dll ()
BHO-x32: DealPly Shopping - {a6c63b7f-2171-47fa-ab34-e64c4737169d} - C:\Program Files (x86)\DealPly\DealPlyIE.dll No File
BHO-x32: Wajam - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files (x86)\Wajam\IE\priam_bho.dll ()
BHO-x32: Lyrics Fan - {A8720491-9558-4C0D-9E35-30EED15DFB2B} - C:\Program Files (x86)\LyricsFan\lrcfan.dll No File
BHO-x32: Search Assistant BHO - {ab5d199e-9659-47a2-930b-fc3b69061353} - C:\Program Files (x86)\GamingWonderland\bar\1.bin\gtSrcAs.dll ()
BHO-x32: ArcadeCandy Games - {AB6BD08C-DB6B-4F02-8A22-4BD343E990FF} - C:\Users\kelabethmama\AppData\Local\ArcadeCandy\candyEX.dll ()
BHO-x32: No Name - {acd6a209-4aaf-4b1c-9930-b82fa131e958} -  No File
BHO-x32: Play Pickle - {AEB04B5E-C981-47a9-B847-33EE4C92F6B9} - C:\Program Files (x86)\Play Pickle\playpicklelib32.dll ()
BHO-x32: No Name - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} -  No File
BHO-x32: SweetPacks Browser Helper - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll No File
BHO-x32: MixiDJ V37 Toolbar - {eef3855c-fc2d-41e6-8d91-d368f51b3055} - C:\Program Files (x86)\MixiDJ_V37\prxtbMixi.dll ()
BHO-x32: Yontoo - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll ()
Toolbar: HKLM - QuickShare Widget - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Search Toolbar - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files (x86)\Search Toolbar\SearchToolbar.dll ()
Toolbar: HKLM-x32 - StartNow Toolbar - {5911488E-9D1E-40ec-8CBB-06B231CC153F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll ()
Toolbar: HKLM-x32 - GamingWonderland - {a899079d-206f-43a6-be6a-07e0fa648ea0} - C:\Program Files (x86)\GamingWonderland\bar\1.bin\gtbar.dll ()
Toolbar: HKLM-x32 - Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.21.0\deltaTlbr.dll ()
Toolbar: HKLM-x32 - MixiDJ V37 Toolbar - {eef3855c-fc2d-41e6-8d91-d368f51b3055} - C:\Program Files (x86)\MixiDJ_V37\prxtbMixi.dll ()
Toolbar: HKLM-x32 - QuickShare Widget - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll No File
Toolbar: HKLM-x32 - SearchFlyBar2 Toolbar - {efc335aa-59ec-45b0-b287-739521153d5b} - C:\Program Files (x86)\SearchFlyBar2\prxtbSear.dll ()
Toolbar: HKCU - No Name - {9D425283-D487-4337-BAB6-AB8354A81457} -  No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Toolbar: HKCU - No Name - {2C1E21B5-5666-4CD5-8152-96B690B7216E} -  No File
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKCU - No Name - {A899079D-206F-43A6-BE6A-07E0FA648EA0} -  No File
Toolbar: HKCU - No Name - {EEF3855C-FC2D-41E6-8D91-D368F51B3055} -  No File
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
Toolbar: HKCU - No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} -  No File
DPF: HKLM-x32 {4F29DE54-5EB7-4D76-B610-A86B5CD2A234}
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.0\\npsitesafety.dll No File
FF Plugin-x32: @GamingWonderland.com/Plugin - C:\Program Files (x86)\GamingWonderland\bar\1.bin\NPgtStub.dll (MindSpark)
FF HKLM\...\Firefox\Extensions: [{8E9E3331-D360-4f87-8803-52DE43566502}] - C:\Program Files\Updater By SweetPacks\Firefox
FF Extension: Updater By SweetPacks - C:\Program Files\Updater By SweetPacks\Firefox [2013-08-08]
FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG Secure Search\FireFoxExt\17.3.0.49
FF Extension: No Name - C:\ProgramData\AVG Secure Search\FireFoxExt\17.3.0.49 [2014-01-08]
FF HKLM-x32\...\Firefox\Extensions: [gtffxtbr@GamingWonderland.com] - C:\Program Files (x86)\GamingWonderland\bar\1.bin
FF Extension: GamingWonderland - C:\Program Files (x86)\GamingWonderland\bar\1.bin [2012-05-23]
FF HKLM-x32\...\Firefox\Extensions: [{8E9E3331-D360-4f87-8803-52DE43566502}] - C:\Program Files\Updater By SweetPacks\Firefox
FF Extension: Updater By SweetPacks - C:\Program Files\Updater By SweetPacks\Firefox [2013-08-08]
FF HKCU\...\Firefox\Extensions: [{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}] - C:\Program Files (x86)\PriceGong\2.5.1\FF
FF Extension: PriceGong - C:\Program Files (x86)\PriceGong\2.5.1\FF [2011-12-12]
FF HKCU\...\Firefox\Extensions: [games@acandy.com] - C:\Users\kelabethmama\AppData\Local\ArcadeCandy\games@acandy.com
FF Extension: ArcadeCandy - C:\Users\kelabethmama\AppData\Local\ArcadeCandy\games@acandy.com [2013-07-09]
FF HKCU\...\Firefox\Extensions: [lrcfan@fansoft.br] - C:\Program Files (x86)\LyricsFan\FF\
FF Extension: Lyrics Fan - C:\Program Files (x86)\LyricsFan\FF\ []
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\gcswf32.dll No File
CHR Plugin: (Exent-\? AOD Gecko Plugin) - C:\Program Files (x86)\Free Ride Games\npExentCtl.dll No File
CHR Plugin: (MindSpark Toolbar Platform Plugin Stub) - C:\Program Files (x86)\GamingWonderland\bar\1.bin\NPgtStub.dll (MindSpark)
CHR Plugin: (MindSpark Toolbar Platform Plugin Stub) - C:\Program Files (x86)\Retrogamer_4w\bar\1.bin\NP4wStub.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (My Web Search Plugin Stub) - C:\Program Files (x86)\MyWebSearch\bar\1.bin\NPMyWebS.dll No File
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR HKCU\...\Chrome\Extension: [hgiifhjbblnglipdbpdgagphlcbililb] - C:\Users\kelabethmama\AppData\Local\CRE\hgiifhjbblnglipdbpdgagphlcbililb.crx [2014-01-12]
CHR HKCU\...\Chrome\Extension: [incfcgceegpikennjoplhfghaaikdgei] - C:\Users\kelabethmama\AppData\Roaming\StartNow Toolbar\CR\zcrx.crx [2012-08-19]
CHR HKCU\...\Chrome\Extension: [mfchmfgdaabgdjbcaophikcobddojjoe] - C:\Users\kelabethmama\AppData\Local\CRE\mfchmfgdaabgdjbcaophikcobddojjoe.crx [2013-08-08]
CHR HKCU\...\Chrome\Extension: [pbjikboenpfhbbejgkoklgkhjpfogcam] - C:\Program Files (x86)\Amazon\ABB\AmazonChrome-bds-amzn.crx [2014-01-15]
CHR HKLM-x32\...\Chrome\Extension: [bkomkajifikmkfnjgphkjcfeepbnojok] - C:\Program Files (x86)\PriceGong\2.5.1\pricegong.crx [2011-08-08]
CHR HKLM-x32\...\Chrome\Extension: [hgiifhjbblnglipdbpdgagphlcbililb] - C:\Users\kelabethmama\AppData\Local\CRE\hgiifhjbblnglipdbpdgagphlcbililb.crx [2014-01-12]
CHR HKLM-x32\...\Chrome\Extension: [jpmbfleldcgkldadpdinhjjopdfpjfjp] - C:\Users\kelabethmama\AppData\Local\Wajam\Chrome\wajam.crx [2013-05-02]
CHR HKLM-x32\...\Chrome\Extension: [kdidombaedgpfiiedeimiebkmbilgmlc] - C:\Program Files (x86)\DefaultTab\DefaultTab.crx [2013-02-12]
CHR HKLM-x32\...\Chrome\Extension: [kincjchfokkeneeofpeefomkikfkiedl] - C:\Program Files (x86)\Object\chromeaddon.crx [2013-02-12]
CHR HKLM-x32\...\Chrome\Extension: [mfchmfgdaabgdjbcaophikcobddojjoe] - C:\Users\kelabethmama\AppData\Local\CRE\mfchmfgdaabgdjbcaophikcobddojjoe.crx [2013-08-08]
CHR HKLM-x32\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG Secure Search\ChromeExt\18.1.0.443\avg.crx [2014-05-17]
CHR HKLM-x32\...\Chrome\Extension: [nfeonecgpoepapkmdgdmjolonaakdknd] - C:\Program Files (x86)\LyricsFan\Chrome.crx [2013-05-20]
CHR HKLM-x32\...\Chrome\Extension: [niapdbllcanepiiimjjndipklodoedlc] - C:\Users\KELABE~1\AppData\Local\Temp\YontooLayers.crx [2013-05-20]
CHR HKLM-x32\...\Chrome\Extension: [nnfegheljpcijmdgonkecjpcaopjlpac] - C:\Users\kelabethmama\AppData\Local\ArcadeCandy\candyLinkx.crx [2012-07-09]
CHR HKLM-x32\...\Chrome\Extension: [ogccgbmabaphcakpiclgcnmcnimhokcj] - C:\Windows\SysWOW64\jmdp\SweetNT.crx [2014-04-06]
CHR HKLM-x32\...\Chrome\Extension: [ohgcjecomkebbohfjgmncelbhogbbokf] - C:\Program Files (x86)\Brand Affinity Technologies\Fantapper Player\\fantapper_tri20111005.crx [2014-04-06]
S2 DefaultTabSearch; C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe [574464 2013-12-19] () [File not signed]
S2 DefaultTabUpdate; C:\Users\kelabethmama\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe [107520 2013-08-08] () [File not signed]
S2 GamingWonderlandService; C:\Program Files (x86)\GamingWonderland\bar\1.bin\gtbarsvc.exe [42504 2012-05-23] () [File not signed]
R2 iWinGamesInstaller; C:\Program Files (x86)\iWin Games\iWinGamesInstaller.exe [78104 2008-06-25] (iWin Inc.)
S2 Updater By SweetPacks; C:\Program Files\Updater By SweetPacks\ExtensionUpdaterService.exe [188760 2013-07-01] () [File not signed]
R2 vToolbarUpdater18.1.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\ToolbarUpdater.exe [1801240 2014-05-17] (AVG Secure Search)
S2 CltMngSvc; C:\PROGRA~2\SearchProtect\Main\bin\CltMngSvc.exe [X]
S2 MyOwnSuperheroService; C:\PROGRA~2\MYOWNS~2\bar\1.bin\v3barsvc.exe [X]
S2 OutfoxTvService; C:\Program Files\OutfoxTV\OutfoxTvService.exe [X]
S2 Retrogamer_4wService; C:\PROGRA~2\RETROG~2\bar\1.bin\4wbarsvc.exe [X]
C:\ProgramData\ryjweatq.dat
AlternateDataStreams: C:\ProgramData\Temp:C9CAD6C7
C:\Users\kelabethmama\AppData\Local\Temp\avguidx.dll
C:\Users\kelabethmama\AppData\Local\Temp\BackupSetup.exe
C:\Users\kelabethmama\AppData\Local\Temp\checktbexist.exe
C:\Users\kelabethmama\AppData\Local\Temp\CommonInstaller.exe
C:\Users\kelabethmama\AppData\Local\Temp\gne5iyh7.dll
C:\Users\kelabethmama\AppData\Local\Temp\iGearedHelper.dll
C:\Users\kelabethmama\AppData\Local\Temp\Installer.exe
C:\Users\kelabethmama\AppData\Local\Temp\install_flashplayer11x64ax_gtbp_chra_aih[1].exe
C:\Users\kelabethmama\AppData\Local\Temp\kpinstaller.exe
C:\Users\kelabethmama\AppData\Local\Temp\MachineIdCreator.exe
C:\Users\kelabethmama\AppData\Local\Temp\mconduitinstaller.exe
C:\Users\kelabethmama\AppData\Local\Temp\mgsqlite3.dll
C:\Users\kelabethmama\AppData\Local\Temp\nsdEAC0.exe
C:\Users\kelabethmama\AppData\Local\Temp\nsg3359.exe
C:\Users\kelabethmama\AppData\Local\Temp\nsqC4F0.exe
C:\Users\kelabethmama\AppData\Local\Temp\nstEDDD.exe
C:\Users\kelabethmama\AppData\Local\Temp\nsyF951.exe
C:\Users\kelabethmama\AppData\Local\Temp\nsyFA8A.exe
C:\Users\kelabethmama\AppData\Local\Temp\SecondStepInstaller.exe
C:\Users\kelabethmama\AppData\Local\Temp\setup.exe
C:\Users\kelabethmama\AppData\Local\Temp\Shortcut_sweetpacks_dlcom_862013.exe
C:\Users\kelabethmama\AppData\Local\Temp\SPSetup.exe
C:\Users\kelabethmama\AppData\Local\Temp\SPStub.exe
C:\Users\kelabethmama\AppData\Local\Temp\swpacksbing_717_active.exe
C:\Users\kelabethmama\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\kelabethmama\AppData\Local\Temp\tbRadi.dll
C:\Users\kelabethmama\AppData\Local\Temp\thepriceisright2010-114767253-setup.s114767253.c110268333.r110268333.len.ub466631a644fe09fe1af13a4449fa5e8da255721.dl.exe
C:\Users\kelabethmama\AppData\Local\Temp\ToolbarHelper.exe
C:\Users\kelabethmama\AppData\Local\Temp\ToolbarInstaller.exe
C:\Users\kelabethmama\AppData\Local\Temp\uninst1.exe
C:\Users\kelabethmama\AppData\Local\Temp\Uninstall.exe
C:\Users\kelabethmama\AppData\Local\Temp\vcredist_x64.exe
C:\Users\kelabethmama\AppData\Local\Temp\WSSetup.exe
C:\Users\kelabethmama\AppData\Local\Temp\xijj1nvq.dll
C:\Users\kelabethmama\AppData\Local\Temp\zekor-q-.dll
Task: {EF8895F5-3F92-4753-8E71-0D2B46F72650} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe [2012-01-03] () <==== ATTENTION
Task: C:\Windows\Tasks\Dealply.job => C:\Users\KELABE~1\AppData\Roaming\Dealply\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {D6455632-EE04-48AD-B493-A09738258834} - System32\Tasks\DTReg => C:\Users\kelabethmama\AppData\Roaming\DefaultTab\DefaultTab\DTReg.exe [2014-02-05] () Task: {CF962E00-D3EB-4FDD-BE06-F8A08C4CFA22} - System32\Tasks\DTChk => C:\Users\Public\Util\DTChk.exe [2014-05-17] (Search Results, LLC)==== ATTENTION
Task: {9FC12180-F4BD-4981-AF36-BFFAF9681EA1} - System32\Tasks\EPUpdater => C:\Users\kelabethmama\AppData\Roaming\BabSolution\Shared\BabMaint.exe [2013-05-09] () <==== ATTENTION
Task: {925FCEF9-447C-4D9F-8F9E-A1970C72880B} - System32\Tasks\BackgroundContainer Startup Task => Rundll32.exe "C:\Users\kelabethmama\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun <==== ATTENTION
Task: {1C2B206B-8653-4D7D-A796-164EE8AB18DF} - System32\Tasks\Dealply => C:\Users\KELABE~1\AppData\Roaming\Dealply\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {28890710-AF00-4140-9AE7-A8E876C8CFD0} - \DealPlyUpdate No Task File <==== ATTENTION

End
Save the files as fixlist.txt into the same folder as FRST

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
p.s.
If the SecurityCheck program fails to run for any reason, run it as an Administrator.
===

Let me know what problem persists.

#9 VincentValentine

VincentValentine
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:04:34 AM

Posted 13 June 2014 - 07:31 AM

The Bad Image errors are gone! Computer is back to normal. Here is Fixlog.txt:

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 12-06-2014 01
Ran by kelabethmama at 2014-06-13 00:02:23 Run:1
Running from C:\Users\kelabethmama\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
start
(iWin Inc.) C:\Program Files (x86)\iWin Games\iWinGamesInstaller.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\ToolbarUpdater.exe
(Google Inc.) C:\Windows\Temp\CR_80EA4.tmp\setup.exe
HKLM-x32\...\Run: [Play Pickle] => C:\Program Files (x86)\Play Pickle\playpickle32.exe [109056 2011-07-03] ()
HKLM-x32\...\Run: [StartNowToolbarHelper] => "C:\Program Files (x86)\StartNow Toolbar\ToolbarHelper.exe"
HKLM-x32\...\Run: [GamingWonderland Search Scope Monitor] => C:\Program Files (x86)\GamingWonderland\bar\1.bin\gtSrchMn.exe [42536 2012-05-23] ()
HKLM-x32\...\Run: [GamingWonderland Browser Plugin Loader] => C:\Program Files (x86)\GamingWonderland\bar\1.bin\gtbrmon.exe [30096 2012-05-23] ()
HKLM-x32\...\Run: [PCFixSpeed] => C:\Program Files (x86)\PCFixSpeed\PCFixTray.exe [382040 2013-10-08] ()
HKU\.DEFAULT\...\RunOnce: [SpUninstallDeleteDir] - rmdir /s /q "\SearchProtect"
HKU\S-1-5-21-696852329-1326667962-1231185297-1001\...\Run: [Browser Infrastructure Helper] => C:\Users\kelabethmama\AppData\Local\Smartbar\Application\QuickShare.exe [20248 2013-09-14] ()
HKU\S-1-5-21-696852329-1326667962-1231185297-1001\...\Run: [OutfoxTV] => C:\Program Files\OutfoxTV\OutfoxTV\DesktopContainer.exe
HKU\S-1-5-21-696852329-1326667962-1231185297-1001\...\Run: [BackgroundContainer] => "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\kelabethmama\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun <===== ATTENTION
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll [1350944 2014-02-03] ()
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll [1046816 2014-02-03] ()
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=US&userid=906dc38a-a47d-4b23-9a9b-90e482b7b27f&searchtype=ds&q={searchTerms}&installDate=17/09/2013
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=US&userid=906dc38a-a47d-4b23-9a9b-90e482b7b27f&searchtype=ds&q={searchTerms}&installDate=17/09/2013
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://start.sweetpacks.com/?src=10&st=12&crg=3.5000006.10045&barid={85005C2A-0074-11E3-90C4-206A8A271627}
URLSearchHook: HKLM-x32 - MixiDJ V37 Toolbar - {eef3855c-fc2d-41e6-8d91-d368f51b3055} - C:\Program Files (x86)\MixiDJ_V37\prxtbMixi.dll ()
URLSearchHook: HKLM-x32 - SearchFlyBar2 Toolbar - {efc335aa-59ec-45b0-b287-739521153d5b} - C:\Program Files (x86)\SearchFlyBar2\prxtbSear.dll ()
SearchScopes: HKLM-x32 - DefaultScope {A28D0FB6-BBA7-4F87-A3C7-1CCB9478EA76} URL =
SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2394708
SearchScopes: HKLM-x32 - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://start.sweetpacks.com/?src=6&q={searchTerms}&st=12&crg=3.5000006.10045&barid={85005C2A-0074-11E3-90C4-206A8A271627}
SearchScopes: HKLM-x32 - {ef80d754-fb77-4a7f-be75-489beebb20c9} URL = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=RGxdm003YYus&ptnrS=RGxdm003YYus&si=CKSq4N39nq8CFQTd4AodbhV7dA&ptb=CB93590D-061F-4F3C-ABE9-579381EE1300&ind=2012040520&n=77ed4d48&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKCU - DefaultScope {B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF} URL = http://www.amazon.com/websearch/ref=bit_bds-p18_serp_ie_us_display?ie=UTF8&tagbase=bds-p18&tag=bds-p18-serp-us-ie-20&tbrId=v1_abb-channel-18_5a6a5b35665b48a584711d03f5c0bedc_18_38_20140121_US_ie_ds_OC1&query={searchTerms}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=US&userid=906dc38a-a47d-4b23-9a9b-90e482b7b27f&searchtype=ds&q={searchTerms}&installDate=17/09/2013
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://search.conduit.com/Results.aspx?ctid=CT3292715&octid=EB_ORIGINAL_CTID&SearchSource=62&CUI=UN29520134561111294&UM=2&UP=SPDD9B4A88-B3C7-454E-B9AC-A5EFACB41791&q={searchTerms}&SSPV=
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0AD6AA35-1511-48DB-95D7-D96D51F0FB1E} URL = http://www.mysearchresults.com/search?c=0000&t=01&q={searchTerms}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.searchgol.com/?q={searchTerms}&affID=119351&tt=gc_&babsrc=SP_ss_Btisdt7&mntrId=F85318F46ABEA473
SearchScopes: HKCU - {399BFFC8-7EF0-407C-B88A-B3E9196BCFCE} URL = http://ws.infospace.com/playsushi_tbar/ws/redir?_iceUrl=true& user_id=%userid&tool_id=60231&qkw={searchTerms}
SearchScopes: HKCU - {5C151F6C-19A3-49E8-841D-78DD8D5A7FC2} URL = http://search.conduit.com/Results.aspx?ctid=CT3304762&SearchSource=45&UM=2&q={searchTerms}
SearchScopes: HKCU - {7F2938BE-58B6-4210-AB63-A9D64AB8D79D} URL = http://websearch.ask.com/redirect?client=ie&tb=ARCD&o=102810&src=crm&q={searchTerms}&locale=en_US&apn_ptnrs=8W&apn_dtid=YYYYYYSPUS&apn_uid=d5bd49e8-d3cd-44e0-800b-e42a5f259f27&apn_sauid=93BF56C3-D831-449A-AADF-B1894733F089
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={FFA39954-0FA3-4BA2-9ADD-C98EA68AE69C}&mid=1f68f08cb20047d08c18f123ccc3ffd4-8d93dd2ad89a5ec13ac255b2e0c0d1f5fc1582fd&lang=en&ds=ka011&pr=sa&d=2012-04-01 09:52:28&v=15.3.0.11&pid=avg&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {A28D0FB6-BBA7-4F87-A3C7-1CCB9478EA76} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3292715&CUI=UN29520134561111294&UM=2&SSPV=IN1NB3
SearchScopes: HKCU - {B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF} URL = http://www.amazon.com/websearch/ref=bit_bds-p18_serp_ie_us_display?ie=UTF8&tagbase=bds-p18&tag=bds-p18-serp-us-ie-20&tbrId=v1_abb-channel-18_5a6a5b35665b48a584711d03f5c0bedc_18_38_20140121_US_ie_ds_OC1&query={searchTerms}
SearchScopes: HKCU - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://start.sweetpacks.com?src=6&q={searchTerms}&barid={85005C2A-0074-11E3-90C4-206A8A271627}&crg=3.5000006.10045&st=23&st=23
SearchScopes: HKCU - {ef80d754-fb77-4a7f-be75-489beebb20c9} URL = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=RGxdm003YYus&ptnrS=RGxdm003YYus&si=CKSq4N39nq8CFQTd4AodbhV7dA&ptb=CB93590D-061F-4F3C-ABE9-579381EE1300&ind=2012040520&n=77ed4d48&psa=&st=sb&searchfor={searchTerms}
BHO: The Amazon 1Button App for IE - {26B19FA4-E8A1-4A1B-A163-1A1E46F830DD} - C:\Program Files (x86)\Amazon\Amazon1ButtonApp\AmazonAppIE64.dll No File
BHO: QuickShare WidgetEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: Updater By SweetPacks - {7D4F1959-3F72-49d5-8E59-F02F8AA6815D} - C:\Program Files\Updater By SweetPacks\Extension64.dll ()
BHO-x32: Play Pickle Text - {02F0243C-2E71-4a1a-A790-6C30888119D0} - C:\Program Files (x86)\Play Pickle\pptl.dll ()
BHO-x32: Shopping Assistant Plugin - {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files (x86)\PriceGong\2.5.1\PriceGongIE.dll ()
BHO-x32: RivalGaming Games - {26D675AC-D925-4bbf-A720-62C2AA4A81EB} - C:\Users\kelabethmama\AppData\Local\RivalGaming\RivalGaming.dll (RivalGaming)
BHO-x32: QuickShare WidgetEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: ArcadeFrontier Addon - {6C8DB2EC-499B-4897-A784-0E3186C97E9D} - C:\Users\kelabethmama\AppData\Local\ArcadeFrontier\ArcadeFrontier.dll ()
BHO-x32: StartNow Toolbar Helper - {6E13D095-45C3-4271-9475-F3B48227DD9F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll ()
BHO-x32: Window Shopper - {74F475FA-6C75-43BD-AAB9-ECDA6184F600} - C:\Program Files (x86)\Superfish\Window Shopper\SuperfishIEAddon.dll ()
BHO-x32: Toolbar BHO - {7c8f8fe5-9785-4f74-bcf8-895ef9752d97} - C:\Program Files (x86)\GamingWonderland\bar\1.bin\gtbar.dll ()
BHO-x32: Updater By SweetPacks - {7D4F1959-3F72-49d5-8E59-F02F8AA6815D} - C:\Program Files\Updater By SweetPacks\Extension32.dll ()
BHO-x32: DefaultTab Browser Helper - {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\kelabethmama\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll ()
BHO-x32: Fantapper - {8A86D350-37AB-410A-8531-7D1363F317B3} - C:\Program Files (x86)\Brand Affinity Technologies\Fantapper Player\\IEInstaller.dll No File
BHO-x32: IEHlprObj Class - {8CA5ED52-F3FB-4414-A105-2E3491156990} - C:\Program Files (x86)\iWin Games\iWinGamesHookIE.dll (iWin Inc.)
BHO-x32: Search Toolbar - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files (x86)\Search Toolbar\SearchToolbar.dll ()
BHO-x32: DealPly Shopping - {a6c63b7f-2171-47fa-ab34-e64c4737169d} - C:\Program Files (x86)\DealPly\DealPlyIE.dll No File
BHO-x32: Wajam - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files (x86)\Wajam\IE\priam_bho.dll ()
BHO-x32: Lyrics Fan - {A8720491-9558-4C0D-9E35-30EED15DFB2B} - C:\Program Files (x86)\LyricsFan\lrcfan.dll No File
BHO-x32: Search Assistant BHO - {ab5d199e-9659-47a2-930b-fc3b69061353} - C:\Program Files (x86)\GamingWonderland\bar\1.bin\gtSrcAs.dll ()
BHO-x32: ArcadeCandy Games - {AB6BD08C-DB6B-4F02-8A22-4BD343E990FF} - C:\Users\kelabethmama\AppData\Local\ArcadeCandy\candyEX.dll ()
BHO-x32: No Name - {acd6a209-4aaf-4b1c-9930-b82fa131e958} -  No File
BHO-x32: Play Pickle - {AEB04B5E-C981-47a9-B847-33EE4C92F6B9} - C:\Program Files (x86)\Play Pickle\playpicklelib32.dll ()
BHO-x32: No Name - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} -  No File
BHO-x32: SweetPacks Browser Helper - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll No File
BHO-x32: MixiDJ V37 Toolbar - {eef3855c-fc2d-41e6-8d91-d368f51b3055} - C:\Program Files (x86)\MixiDJ_V37\prxtbMixi.dll ()
BHO-x32: Yontoo - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll ()
Toolbar: HKLM - QuickShare Widget - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Search Toolbar - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files (x86)\Search Toolbar\SearchToolbar.dll ()
Toolbar: HKLM-x32 - StartNow Toolbar - {5911488E-9D1E-40ec-8CBB-06B231CC153F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll ()
Toolbar: HKLM-x32 - GamingWonderland - {a899079d-206f-43a6-be6a-07e0fa648ea0} - C:\Program Files (x86)\GamingWonderland\bar\1.bin\gtbar.dll ()
Toolbar: HKLM-x32 - Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.21.0\deltaTlbr.dll ()
Toolbar: HKLM-x32 - MixiDJ V37 Toolbar - {eef3855c-fc2d-41e6-8d91-d368f51b3055} - C:\Program Files (x86)\MixiDJ_V37\prxtbMixi.dll ()
Toolbar: HKLM-x32 - QuickShare Widget - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll No File
Toolbar: HKLM-x32 - SearchFlyBar2 Toolbar - {efc335aa-59ec-45b0-b287-739521153d5b} - C:\Program Files (x86)\SearchFlyBar2\prxtbSear.dll ()
Toolbar: HKCU - No Name - {9D425283-D487-4337-BAB6-AB8354A81457} -  No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Toolbar: HKCU - No Name - {2C1E21B5-5666-4CD5-8152-96B690B7216E} -  No File
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKCU - No Name - {A899079D-206F-43A6-BE6A-07E0FA648EA0} -  No File
Toolbar: HKCU - No Name - {EEF3855C-FC2D-41E6-8D91-D368F51B3055} -  No File
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
Toolbar: HKCU - No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} -  No File
DPF: HKLM-x32 {4F29DE54-5EB7-4D76-B610-A86B5CD2A234}
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.0\\npsitesafety.dll No File
FF Plugin-x32: @GamingWonderland.com/Plugin - C:\Program Files (x86)\GamingWonderland\bar\1.bin\NPgtStub.dll (MindSpark)
FF HKLM\...\Firefox\Extensions: [{8E9E3331-D360-4f87-8803-52DE43566502}] - C:\Program Files\Updater By SweetPacks\Firefox
FF Extension: Updater By SweetPacks - C:\Program Files\Updater By SweetPacks\Firefox [2013-08-08]
FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG Secure Search\FireFoxExt\17.3.0.49
FF Extension: No Name - C:\ProgramData\AVG Secure Search\FireFoxExt\17.3.0.49 [2014-01-08]
FF HKLM-x32\...\Firefox\Extensions: [gtffxtbr@GamingWonderland.com] - C:\Program Files (x86)\GamingWonderland\bar\1.bin
FF Extension: GamingWonderland - C:\Program Files (x86)\GamingWonderland\bar\1.bin [2012-05-23]
FF HKLM-x32\...\Firefox\Extensions: [{8E9E3331-D360-4f87-8803-52DE43566502}] - C:\Program Files\Updater By SweetPacks\Firefox
FF Extension: Updater By SweetPacks - C:\Program Files\Updater By SweetPacks\Firefox [2013-08-08]
FF HKCU\...\Firefox\Extensions: [{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}] - C:\Program Files (x86)\PriceGong\2.5.1\FF
FF Extension: PriceGong - C:\Program Files (x86)\PriceGong\2.5.1\FF [2011-12-12]
FF HKCU\...\Firefox\Extensions: [games@acandy.com] - C:\Users\kelabethmama\AppData\Local\ArcadeCandy\games@acandy.com
FF Extension: ArcadeCandy - C:\Users\kelabethmama\AppData\Local\ArcadeCandy\games@acandy.com [2013-07-09]
FF HKCU\...\Firefox\Extensions: [lrcfan@fansoft.br] - C:\Program Files (x86)\LyricsFan\FF\
FF Extension: Lyrics Fan - C:\Program Files (x86)\LyricsFan\FF\ []
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\gcswf32.dll No File
CHR Plugin: (Exent-\? AOD Gecko Plugin) - C:\Program Files (x86)\Free Ride Games\npExentCtl.dll No File
CHR Plugin: (MindSpark Toolbar Platform Plugin Stub) - C:\Program Files (x86)\GamingWonderland\bar\1.bin\NPgtStub.dll (MindSpark)
CHR Plugin: (MindSpark Toolbar Platform Plugin Stub) - C:\Program Files (x86)\Retrogamer_4w\bar\1.bin\NP4wStub.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (My Web Search Plugin Stub) - C:\Program Files (x86)\MyWebSearch\bar\1.bin\NPMyWebS.dll No File
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR HKCU\...\Chrome\Extension: [hgiifhjbblnglipdbpdgagphlcbililb] - C:\Users\kelabethmama\AppData\Local\CRE\hgiifhjbblnglipdbpdgagphlcbililb.crx [2014-01-12]
CHR HKCU\...\Chrome\Extension: [incfcgceegpikennjoplhfghaaikdgei] - C:\Users\kelabethmama\AppData\Roaming\StartNow Toolbar\CR\zcrx.crx [2012-08-19]
CHR HKCU\...\Chrome\Extension: [mfchmfgdaabgdjbcaophikcobddojjoe] - C:\Users\kelabethmama\AppData\Local\CRE\mfchmfgdaabgdjbcaophikcobddojjoe.crx [2013-08-08]
CHR HKCU\...\Chrome\Extension: [pbjikboenpfhbbejgkoklgkhjpfogcam] - C:\Program Files (x86)\Amazon\ABB\AmazonChrome-bds-amzn.crx [2014-01-15]
CHR HKLM-x32\...\Chrome\Extension: [bkomkajifikmkfnjgphkjcfeepbnojok] - C:\Program Files (x86)\PriceGong\2.5.1\pricegong.crx [2011-08-08]
CHR HKLM-x32\...\Chrome\Extension: [hgiifhjbblnglipdbpdgagphlcbililb] - C:\Users\kelabethmama\AppData\Local\CRE\hgiifhjbblnglipdbpdgagphlcbililb.crx [2014-01-12]
CHR HKLM-x32\...\Chrome\Extension: [jpmbfleldcgkldadpdinhjjopdfpjfjp] - C:\Users\kelabethmama\AppData\Local\Wajam\Chrome\wajam.crx [2013-05-02]
CHR HKLM-x32\...\Chrome\Extension: [kdidombaedgpfiiedeimiebkmbilgmlc] - C:\Program Files (x86)\DefaultTab\DefaultTab.crx [2013-02-12]
CHR HKLM-x32\...\Chrome\Extension: [kincjchfokkeneeofpeefomkikfkiedl] - C:\Program Files (x86)\Object\chromeaddon.crx [2013-02-12]
CHR HKLM-x32\...\Chrome\Extension: [mfchmfgdaabgdjbcaophikcobddojjoe] - C:\Users\kelabethmama\AppData\Local\CRE\mfchmfgdaabgdjbcaophikcobddojjoe.crx [2013-08-08]
CHR HKLM-x32\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG Secure Search\ChromeExt\18.1.0.443\avg.crx [2014-05-17]
CHR HKLM-x32\...\Chrome\Extension: [nfeonecgpoepapkmdgdmjolonaakdknd] - C:\Program Files (x86)\LyricsFan\Chrome.crx [2013-05-20]
CHR HKLM-x32\...\Chrome\Extension: [niapdbllcanepiiimjjndipklodoedlc] - C:\Users\KELABE~1\AppData\Local\Temp\YontooLayers.crx [2013-05-20]
CHR HKLM-x32\...\Chrome\Extension: [nnfegheljpcijmdgonkecjpcaopjlpac] - C:\Users\kelabethmama\AppData\Local\ArcadeCandy\candyLinkx.crx [2012-07-09]
CHR HKLM-x32\...\Chrome\Extension: [ogccgbmabaphcakpiclgcnmcnimhokcj] - C:\Windows\SysWOW64\jmdp\SweetNT.crx [2014-04-06]
CHR HKLM-x32\...\Chrome\Extension: [ohgcjecomkebbohfjgmncelbhogbbokf] - C:\Program Files (x86)\Brand Affinity Technologies\Fantapper Player\\fantapper_tri20111005.crx [2014-04-06]
S2 DefaultTabSearch; C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe [574464 2013-12-19] () [File not signed]
S2 DefaultTabUpdate; C:\Users\kelabethmama\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe [107520 2013-08-08] () [File not signed]
S2 GamingWonderlandService; C:\Program Files (x86)\GamingWonderland\bar\1.bin\gtbarsvc.exe [42504 2012-05-23] () [File not signed]
R2 iWinGamesInstaller; C:\Program Files (x86)\iWin Games\iWinGamesInstaller.exe [78104 2008-06-25] (iWin Inc.)
S2 Updater By SweetPacks; C:\Program Files\Updater By SweetPacks\ExtensionUpdaterService.exe [188760 2013-07-01] () [File not signed]
R2 vToolbarUpdater18.1.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\ToolbarUpdater.exe [1801240 2014-05-17] (AVG Secure Search)
S2 CltMngSvc; C:\PROGRA~2\SearchProtect\Main\bin\CltMngSvc.exe [X]
S2 MyOwnSuperheroService; C:\PROGRA~2\MYOWNS~2\bar\1.bin\v3barsvc.exe [X]
S2 OutfoxTvService; C:\Program Files\OutfoxTV\OutfoxTvService.exe [X]
S2 Retrogamer_4wService; C:\PROGRA~2\RETROG~2\bar\1.bin\4wbarsvc.exe [X]
C:\ProgramData\ryjweatq.dat
AlternateDataStreams: C:\ProgramData\Temp:C9CAD6C7
C:\Users\kelabethmama\AppData\Local\Temp\avguidx.dll
C:\Users\kelabethmama\AppData\Local\Temp\BackupSetup.exe
C:\Users\kelabethmama\AppData\Local\Temp\checktbexist.exe
C:\Users\kelabethmama\AppData\Local\Temp\CommonInstaller.exe
C:\Users\kelabethmama\AppData\Local\Temp\gne5iyh7.dll
C:\Users\kelabethmama\AppData\Local\Temp\iGearedHelper.dll
C:\Users\kelabethmama\AppData\Local\Temp\Installer.exe
C:\Users\kelabethmama\AppData\Local\Temp\install_flashplayer11x64ax_gtbp_chra_aih[1].exe
C:\Users\kelabethmama\AppData\Local\Temp\kpinstaller.exe
C:\Users\kelabethmama\AppData\Local\Temp\MachineIdCreator.exe
C:\Users\kelabethmama\AppData\Local\Temp\mconduitinstaller.exe
C:\Users\kelabethmama\AppData\Local\Temp\mgsqlite3.dll
C:\Users\kelabethmama\AppData\Local\Temp\nsdEAC0.exe
C:\Users\kelabethmama\AppData\Local\Temp\nsg3359.exe
C:\Users\kelabethmama\AppData\Local\Temp\nsqC4F0.exe
C:\Users\kelabethmama\AppData\Local\Temp\nstEDDD.exe
C:\Users\kelabethmama\AppData\Local\Temp\nsyF951.exe
C:\Users\kelabethmama\AppData\Local\Temp\nsyFA8A.exe
C:\Users\kelabethmama\AppData\Local\Temp\SecondStepInstaller.exe
C:\Users\kelabethmama\AppData\Local\Temp\setup.exe
C:\Users\kelabethmama\AppData\Local\Temp\Shortcut_sweetpacks_dlcom_862013.exe
C:\Users\kelabethmama\AppData\Local\Temp\SPSetup.exe
C:\Users\kelabethmama\AppData\Local\Temp\SPStub.exe
C:\Users\kelabethmama\AppData\Local\Temp\swpacksbing_717_active.exe
C:\Users\kelabethmama\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\kelabethmama\AppData\Local\Temp\tbRadi.dll
C:\Users\kelabethmama\AppData\Local\Temp\thepriceisright2010-114767253-setup.s114767253.c110268333.r110268333.len.ub466631a644fe09fe1af13a4449fa5e8da255721.dl.exe
C:\Users\kelabethmama\AppData\Local\Temp\ToolbarHelper.exe
C:\Users\kelabethmama\AppData\Local\Temp\ToolbarInstaller.exe
C:\Users\kelabethmama\AppData\Local\Temp\uninst1.exe
C:\Users\kelabethmama\AppData\Local\Temp\Uninstall.exe
C:\Users\kelabethmama\AppData\Local\Temp\vcredist_x64.exe
C:\Users\kelabethmama\AppData\Local\Temp\WSSetup.exe
C:\Users\kelabethmama\AppData\Local\Temp\xijj1nvq.dll
C:\Users\kelabethmama\AppData\Local\Temp\zekor-q-.dll
Task: {EF8895F5-3F92-4753-8E71-0D2B46F72650} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe [2012-01-03] () <==== ATTENTION
Task: C:\Windows\Tasks\Dealply.job => C:\Users\KELABE~1\AppData\Roaming\Dealply\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {D6455632-EE04-48AD-B493-A09738258834} - System32\Tasks\DTReg => C:\Users\kelabethmama\AppData\Roaming\DefaultTab\DefaultTab\DTReg.exe [2014-02-05] () Task: {CF962E00-D3EB-4FDD-BE06-F8A08C4CFA22} - System32\Tasks\DTChk => C:\Users\Public\Util\DTChk.exe [2014-05-17] (Search Results, LLC)==== ATTENTION
Task: {9FC12180-F4BD-4981-AF36-BFFAF9681EA1} - System32\Tasks\EPUpdater => C:\Users\kelabethmama\AppData\Roaming\BabSolution\Shared\BabMaint.exe [2013-05-09] () <==== ATTENTION
Task: {925FCEF9-447C-4D9F-8F9E-A1970C72880B} - System32\Tasks\BackgroundContainer Startup Task => Rundll32.exe "C:\Users\kelabethmama\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun <==== ATTENTION
Task: {1C2B206B-8653-4D7D-A796-164EE8AB18DF} - System32\Tasks\Dealply => C:\Users\KELABE~1\AppData\Roaming\Dealply\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {28890710-AF00-4140-9AE7-A8E876C8CFD0} - \DealPlyUpdate No Task File <==== ATTENTION

End
*****************

[1648] C:\Program Files (x86)\iWin Games\iWinGamesInstaller.exe => Process closed successfully.
[2124] C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\ToolbarUpdater.exe => Process closed successfully.
C:\Windows\Temp\CR_80EA4.tmp\setup.exe => No running process found
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Play Pickle => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\StartNowToolbarHelper => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\GamingWonderland Search Scope Monitor => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\GamingWonderland Browser Plugin Loader => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\PCFixSpeed => value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpUninstallDeleteDir => value deleted successfully.
HKU\S-1-5-21-696852329-1326667962-1231185297-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Browser Infrastructure Helper => value deleted successfully.
HKU\S-1-5-21-696852329-1326667962-1231185297-1001\Software\Microsoft\Windows\CurrentVersion\Run\\OutfoxTV => value deleted successfully.
HKU\S-1-5-21-696852329-1326667962-1231185297-1001\Software\Microsoft\Windows\CurrentVersion\Run\\BackgroundContainer => value deleted successfully.
"C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll" => Value Data removed successfully.
"C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll" => Value Data removed successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Search Bar => value deleted successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\URLSearchHooks\\{eef3855c-fc2d-41e6-8d91-d368f51b3055} => value deleted successfully.
'HKCR\Wow6432Node\CLSID\{eef3855c-fc2d-41e6-8d91-d368f51b3055}' => Key deleted successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\URLSearchHooks\\{efc335aa-59ec-45b0-b287-739521153d5b} => value deleted successfully.
'HKCR\Wow6432Node\CLSID\{efc335aa-59ec-45b0-b287-739521153d5b}' => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
'HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}' => Key deleted successfully.
'HKCR\Wow6432Node\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}'=> Key not found.
'HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}' => Key deleted successfully.
'HKCR\Wow6432Node\CLSID\{EEE6C360-6118-11DC-9C72-001320C79847}'=> Key not found.
'HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{ef80d754-fb77-4a7f-be75-489beebb20c9}' => Key deleted successfully.
'HKCR\Wow6432Node\CLSID\{ef80d754-fb77-4a7f-be75-489beebb20c9}'=> Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
'HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}' => Key deleted successfully.
'HKCR\CLSID\{006ee092-9658-4fd6-bd8e-a21a348e59f5}'=> Key not found.
'HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}' => Key deleted successfully.
'HKCR\CLSID\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}'=> Key not found.
'HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}' => Key deleted successfully.
'HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}'=> Key not found.
'HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0AD6AA35-1511-48DB-95D7-D96D51F0FB1E}' => Key deleted successfully.
'HKCR\CLSID\{0AD6AA35-1511-48DB-95D7-D96D51F0FB1E}'=> Key not found.
'HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}' => Key deleted successfully.
'HKCR\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}'=> Key not found.
'HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{399BFFC8-7EF0-407C-B88A-B3E9196BCFCE}' => Key deleted successfully.
'HKCR\CLSID\{399BFFC8-7EF0-407C-B88A-B3E9196BCFCE}'=> Key not found.
'HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{5C151F6C-19A3-49E8-841D-78DD8D5A7FC2}' => Key deleted successfully.
'HKCR\CLSID\{5C151F6C-19A3-49E8-841D-78DD8D5A7FC2}'=> Key not found.
'HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{7F2938BE-58B6-4210-AB63-A9D64AB8D79D}' => Key deleted successfully.
'HKCR\CLSID\{7F2938BE-58B6-4210-AB63-A9D64AB8D79D}'=> Key not found.
'HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}' => Key deleted successfully.
'HKCR\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}'=> Key not found.
'HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A28D0FB6-BBA7-4F87-A3C7-1CCB9478EA76}' => Key deleted successfully.
'HKCR\CLSID\{A28D0FB6-BBA7-4F87-A3C7-1CCB9478EA76}'=> Key not found.
'HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF}' => Key deleted successfully.
'HKCR\CLSID\{B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF}'=> Key not found.
'HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}' => Key deleted successfully.
'HKCR\CLSID\{EEE6C360-6118-11DC-9C72-001320C79847}'=> Key not found.
'HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{ef80d754-fb77-4a7f-be75-489beebb20c9}' => Key deleted successfully.
'HKCR\CLSID\{ef80d754-fb77-4a7f-be75-489beebb20c9}'=> Key not found.
'HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{26B19FA4-E8A1-4A1B-A163-1A1E46F830DD}' => Key deleted successfully.
'HKCR\CLSID\{26B19FA4-E8A1-4A1B-A163-1A1E46F830DD}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31ad400d-1b06-4e33-a59a-90c2c140cba0}' => Key deleted successfully.
'HKCR\CLSID\{31ad400d-1b06-4e33-a59a-90c2c140cba0}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7D4F1959-3F72-49d5-8E59-F02F8AA6815D}' => Key deleted successfully.
'HKCR\CLSID\{7D4F1959-3F72-49d5-8E59-F02F8AA6815D}' => Key deleted successfully.
'HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02F0243C-2E71-4a1a-A790-6C30888119D0}' => Key deleted successfully.
'HKCR\Wow6432Node\CLSID\{02F0243C-2E71-4a1a-A790-6C30888119D0}' => Key deleted successfully.
'HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1631550F-191D-4826-B069-D9439253D926}' => Key deleted successfully.
'HKCR\Wow6432Node\CLSID\{1631550F-191D-4826-B069-D9439253D926}' => Key deleted successfully.
'HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{26D675AC-D925-4bbf-A720-62C2AA4A81EB}' => Key deleted successfully.
'HKCR\Wow6432Node\CLSID\{26D675AC-D925-4bbf-A720-62C2AA4A81EB}' => Key deleted successfully.
'HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31ad400d-1b06-4e33-a59a-90c2c140cba0}' => Key deleted successfully.
'HKCR\Wow6432Node\CLSID\{31ad400d-1b06-4e33-a59a-90c2c140cba0}' => Key deleted successfully.
'HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C8DB2EC-499B-4897-A784-0E3186C97E9D}' => Key deleted successfully.
'HKCR\Wow6432Node\CLSID\{6C8DB2EC-499B-4897-A784-0E3186C97E9D}' => Key deleted successfully.
'HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E13D095-45C3-4271-9475-F3B48227DD9F}' => Key deleted successfully.
'HKCR\Wow6432Node\CLSID\{6E13D095-45C3-4271-9475-F3B48227DD9F}' => Key deleted successfully.
'HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}' => Key deleted successfully.
'HKCR\Wow6432Node\CLSID\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}' => Key deleted successfully.
'HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7c8f8fe5-9785-4f74-bcf8-895ef9752d97}' => Key deleted successfully.
'HKCR\Wow6432Node\CLSID\{7c8f8fe5-9785-4f74-bcf8-895ef9752d97}' => Key deleted successfully.
'HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7D4F1959-3F72-49d5-8E59-F02F8AA6815D}' => Key deleted successfully.
'HKCR\Wow6432Node\CLSID\{7D4F1959-3F72-49d5-8E59-F02F8AA6815D}' => Key deleted successfully.
'HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}' => Key deleted successfully.
'HKCR\Wow6432Node\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01}' => Key deleted successfully.
'HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A86D350-37AB-410A-8531-7D1363F317B3}' => Key deleted successfully.
'HKCR\Wow6432Node\CLSID\{8A86D350-37AB-410A-8531-7D1363F317B3}' => Key deleted successfully.
'HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8CA5ED52-F3FB-4414-A105-2E3491156990}' => Key deleted successfully.
'HKCR\Wow6432Node\CLSID\{8CA5ED52-F3FB-4414-A105-2E3491156990}' => Key deleted successfully.
'HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D425283-D487-4337-BAB6-AB8354A81457}' => Key deleted successfully.
'HKCR\Wow6432Node\CLSID\{9D425283-D487-4337-BAB6-AB8354A81457}' => Key deleted successfully.
'HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a6c63b7f-2171-47fa-ab34-e64c4737169d}' => Key deleted successfully.
'HKCR\Wow6432Node\CLSID\{a6c63b7f-2171-47fa-ab34-e64c4737169d}' => Key deleted successfully.
'HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}' => Key deleted successfully.
'HKCR\Wow6432Node\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}' => Key deleted successfully.
'HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A8720491-9558-4C0D-9E35-30EED15DFB2B}' => Key deleted successfully.
'HKCR\Wow6432Node\CLSID\{A8720491-9558-4C0D-9E35-30EED15DFB2B}' => Key deleted successfully.
'HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ab5d199e-9659-47a2-930b-fc3b69061353}' => Key deleted successfully.
'HKCR\Wow6432Node\CLSID\{ab5d199e-9659-47a2-930b-fc3b69061353}' => Key deleted successfully.
'HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AB6BD08C-DB6B-4F02-8A22-4BD343E990FF}' => Key deleted successfully.
'HKCR\Wow6432Node\CLSID\{AB6BD08C-DB6B-4F02-8A22-4BD343E990FF}' => Key deleted successfully.
'HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{acd6a209-4aaf-4b1c-9930-b82fa131e958}' => Key deleted successfully.
'HKCR\Wow6432Node\CLSID\{acd6a209-4aaf-4b1c-9930-b82fa131e958}'=> Key not found.
'HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AEB04B5E-C981-47a9-B847-33EE4C92F6B9}' => Key deleted successfully.
'HKCR\Wow6432Node\CLSID\{AEB04B5E-C981-47a9-B847-33EE4C92F6B9}' => Key deleted successfully.
'HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}' => Key deleted successfully.
'HKCR\Wow6432Node\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}'=> Key not found.
'HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}' => Key deleted successfully.
'HKCR\Wow6432Node\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}' => Key deleted successfully.
'HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{eef3855c-fc2d-41e6-8d91-d368f51b3055}' => Key deleted successfully.
'HKCR\Wow6432Node\CLSID\{eef3855c-fc2d-41e6-8d91-d368f51b3055}'=> Key not found.
'HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}' => Key deleted successfully.
'HKCR\Wow6432Node\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}' => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{ae07101b-46d4-4a98-af68-0333ea26e113} => value deleted successfully.
'HKCR\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113}' => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{9D425283-D487-4337-BAB6-AB8354A81457} => value deleted successfully.
'HKCR\Wow6432Node\CLSID\{9D425283-D487-4337-BAB6-AB8354A81457}'=> Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{5911488E-9D1E-40ec-8CBB-06B231CC153F} => value deleted successfully.
'HKCR\Wow6432Node\CLSID\{5911488E-9D1E-40ec-8CBB-06B231CC153F}' => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{a899079d-206f-43a6-be6a-07e0fa648ea0} => value deleted successfully.
'HKCR\Wow6432Node\CLSID\{a899079d-206f-43a6-be6a-07e0fa648ea0}' => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{82E1477C-B154-48D3-9891-33D83C26BCD3} => value deleted successfully.
'HKCR\Wow6432Node\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3}' => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{eef3855c-fc2d-41e6-8d91-d368f51b3055} => value deleted successfully.
'HKCR\Wow6432Node\CLSID\{eef3855c-fc2d-41e6-8d91-d368f51b3055}'=> Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{ae07101b-46d4-4a98-af68-0333ea26e113} => value deleted successfully.
'HKCR\Wow6432Node\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113}' => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{EEE6C35B-6118-11DC-9C72-001320C79847} => value deleted successfully.
'HKCR\Wow6432Node\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}' => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{efc335aa-59ec-45b0-b287-739521153d5b} => value deleted successfully.
'HKCR\Wow6432Node\CLSID\{efc335aa-59ec-45b0-b287-739521153d5b}'=> Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{9D425283-D487-4337-BAB6-AB8354A81457} => value deleted successfully.
'HKCR\CLSID\{9D425283-D487-4337-BAB6-AB8354A81457}'=> Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} => value deleted successfully.
'HKCR\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}'=> Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2C1E21B5-5666-4CD5-8152-96B690B7216E} => value deleted successfully.
'HKCR\CLSID\{2C1E21B5-5666-4CD5-8152-96B690B7216E}'=> Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => value deleted successfully.
'HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}'=> Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{A899079D-206F-43A6-BE6A-07E0FA648EA0} => value deleted successfully.
'HKCR\CLSID\{A899079D-206F-43A6-BE6A-07E0FA648EA0}'=> Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EEF3855C-FC2D-41E6-8D91-D368F51B3055} => value deleted successfully.
'HKCR\CLSID\{EEF3855C-FC2D-41E6-8D91-D368F51B3055}'=> Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} => value deleted successfully.
'HKCR\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}'=> Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EEE6C35B-6118-11DC-9C72-001320C79847} => value deleted successfully.
'HKCR\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}'=> Key not found.
'HKLM\SOFTWARE\Wow6432Node\Microsoft\Code Store Database\Distribution Units\{4F29DE54-5EB7-4D76-B610-A86B5CD2A234}' => Key deleted successfully.
'HKCR\Wow6432Node\CLSID\{4F29DE54-5EB7-4D76-B610-A86B5CD2A234}' => Key deleted successfully.
'HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer' => Key deleted successfully.
C:\Windows\system32\Adobe\Director\np32dsw.dll not found.
'HKLM\Software\Wow6432Node\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin' => Key deleted successfully.
C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.0\\npsitesafety.dll not found.
'HKLM\Software\Wow6432Node\MozillaPlugins\@GamingWonderland.com/Plugin' => Key deleted successfully.
C:\Program Files (x86)\GamingWonderland\bar\1.bin\NPgtStub.dll => Moved successfully.
HKLM\Software\Mozilla\Firefox\Extensions\\{8E9E3331-D360-4f87-8803-52DE43566502} => value deleted successfully.
C:\Program Files\Updater By SweetPacks\Firefox => Moved successfully.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\avg@toolbar => value deleted successfully.
C:\ProgramData\AVG Secure Search\FireFoxExt\17.3.0.49 => Moved successfully.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\gtffxtbr@GamingWonderland.com => value deleted successfully.
C:\Program Files (x86)\GamingWonderland\bar\1.bin => Moved successfully.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\{8E9E3331-D360-4f87-8803-52DE43566502} => value deleted successfully.
C:\Program Files\Updater By SweetPacks\Firefox not found.
HKCU\Software\Mozilla\Firefox\Extensions\\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829} => value deleted successfully.
C:\Program Files (x86)\PriceGong\2.5.1\FF => Moved successfully.
HKCU\Software\Mozilla\Firefox\Extensions\\games@acandy.com => value deleted successfully.
C:\Users\kelabethmama\AppData\Local\ArcadeCandy\games@acandy.com => Moved successfully.
HKCU\Software\Mozilla\Firefox\Extensions\\lrcfan@fansoft.br => value deleted successfully.
C:\Program Files (x86)\LyricsFan\FF\ => Moved successfully.
C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\gcswf32.dll not found.
C:\Program Files (x86)\Free Ride Games\npExentCtl.dll not found.
C:\Program Files (x86)\GamingWonderland\bar\1.bin\NPgtStub.dll not found.
C:\Program Files (x86)\Retrogamer_4w\bar\1.bin\NP4wStub.dll not found.
C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll not found.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\NPMyWebS.dll not found.
C:\Windows\system32\Adobe\Director\np32dsw.dll not found.
c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll not found.
'HKCU\SOFTWARE\Google\Chrome\Extensions\hgiifhjbblnglipdbpdgagphlcbililb' => Key deleted successfully.
C:\Users\kelabethmama\AppData\Local\CRE\hgiifhjbblnglipdbpdgagphlcbililb.crx => Moved successfully.
'HKCU\SOFTWARE\Google\Chrome\Extensions\incfcgceegpikennjoplhfghaaikdgei' => Key deleted successfully.
C:\Users\kelabethmama\AppData\Roaming\StartNow Toolbar\CR\zcrx.crx => Moved successfully.
'HKCU\SOFTWARE\Google\Chrome\Extensions\mfchmfgdaabgdjbcaophikcobddojjoe' => Key deleted successfully.
C:\Users\kelabethmama\AppData\Local\CRE\mfchmfgdaabgdjbcaophikcobddojjoe.crx => Moved successfully.
'HKCU\SOFTWARE\Google\Chrome\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam' => Key deleted successfully.
C:\Program Files (x86)\Amazon\ABB\AmazonChrome-bds-amzn.crx => Moved successfully.
'HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok' => Key deleted successfully.
C:\Program Files (x86)\PriceGong\2.5.1\pricegong.crx => Moved successfully.
'HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\hgiifhjbblnglipdbpdgagphlcbililb' => Key deleted successfully.
"C:\Users\kelabethmama\AppData\Local\CRE\hgiifhjbblnglipdbpdgagphlcbililb.crx" => File/Directory not found.
'HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp' => Key deleted successfully.
C:\Users\kelabethmama\AppData\Local\Wajam\Chrome\wajam.crx => Moved successfully.
'HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc' => Key deleted successfully.
C:\Program Files (x86)\DefaultTab\DefaultTab.crx => Moved successfully.
'HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\kincjchfokkeneeofpeefomkikfkiedl' => Key deleted successfully.
"C:\Program Files (x86)\Object\chromeaddon.crx" => File/Directory not found.
'HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\mfchmfgdaabgdjbcaophikcobddojjoe' => Key deleted successfully.
"C:\Users\kelabethmama\AppData\Local\CRE\mfchmfgdaabgdjbcaophikcobddojjoe.crx" => File/Directory not found.
'HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof' => Key deleted successfully.
C:\ProgramData\AVG Secure Search\ChromeExt\18.1.0.443\avg.crx => Moved successfully.
'HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\nfeonecgpoepapkmdgdmjolonaakdknd' => Key deleted successfully.
C:\Program Files (x86)\LyricsFan\Chrome.crx => Moved successfully.
'HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc' => Key deleted successfully.
"C:\Users\KELABE~1\AppData\Local\Temp\YontooLayers.crx" => File/Directory not found.
'HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\nnfegheljpcijmdgonkecjpcaopjlpac' => Key deleted successfully.
C:\Users\kelabethmama\AppData\Local\ArcadeCandy\candyLinkx.crx => Moved successfully.
'HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj' => Key deleted successfully.
C:\Windows\SysWOW64\jmdp\SweetNT.crx => Moved successfully.
'HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ohgcjecomkebbohfjgmncelbhogbbokf' => Key deleted successfully.
"C:\Program Files (x86)\Brand Affinity Technologies\Fantapper Player\\fantapper_tri20111005.crx" => File/Directory not found.
DefaultTabSearch => Service deleted successfully.
DefaultTabUpdate => Service deleted successfully.
GamingWonderlandService => Service deleted successfully.
iWinGamesInstaller => Service deleted successfully.
Updater By SweetPacks => Service deleted successfully.
vToolbarUpdater18.1.0 => Service deleted successfully.
CltMngSvc => Service deleted successfully.
MyOwnSuperheroService => Service deleted successfully.
OutfoxTvService => Service deleted successfully.
Retrogamer_4wService => Service deleted successfully.
C:\ProgramData\ryjweatq.dat => Moved successfully.
C:\ProgramData\Temp => ":C9CAD6C7" ADS removed successfully.
C:\Users\kelabethmama\AppData\Local\Temp\avguidx.dll => Moved successfully.
C:\Users\kelabethmama\AppData\Local\Temp\BackupSetup.exe => Moved successfully.
C:\Users\kelabethmama\AppData\Local\Temp\checktbexist.exe => Moved successfully.
C:\Users\kelabethmama\AppData\Local\Temp\CommonInstaller.exe => Moved successfully.
C:\Users\kelabethmama\AppData\Local\Temp\gne5iyh7.dll => Moved successfully.
C:\Users\kelabethmama\AppData\Local\Temp\iGearedHelper.dll => Moved successfully.
C:\Users\kelabethmama\AppData\Local\Temp\Installer.exe => Moved successfully.
C:\Users\kelabethmama\AppData\Local\Temp\install_flashplayer11x64ax_gtbp_chra_aih[1].exe => Moved successfully.
C:\Users\kelabethmama\AppData\Local\Temp\kpinstaller.exe => Moved successfully.
C:\Users\kelabethmama\AppData\Local\Temp\MachineIdCreator.exe => Moved successfully.
C:\Users\kelabethmama\AppData\Local\Temp\mconduitinstaller.exe => Moved successfully.
C:\Users\kelabethmama\AppData\Local\Temp\mgsqlite3.dll => Moved successfully.
C:\Users\kelabethmama\AppData\Local\Temp\nsdEAC0.exe => Moved successfully.
C:\Users\kelabethmama\AppData\Local\Temp\nsg3359.exe => Moved successfully.
C:\Users\kelabethmama\AppData\Local\Temp\nsqC4F0.exe => Moved successfully.
C:\Users\kelabethmama\AppData\Local\Temp\nstEDDD.exe => Moved successfully.
C:\Users\kelabethmama\AppData\Local\Temp\nsyF951.exe => Moved successfully.
C:\Users\kelabethmama\AppData\Local\Temp\nsyFA8A.exe => Moved successfully.
C:\Users\kelabethmama\AppData\Local\Temp\SecondStepInstaller.exe => Moved successfully.
C:\Users\kelabethmama\AppData\Local\Temp\setup.exe => Moved successfully.
C:\Users\kelabethmama\AppData\Local\Temp\Shortcut_sweetpacks_dlcom_862013.exe => Moved successfully.
C:\Users\kelabethmama\AppData\Local\Temp\SPSetup.exe => Moved successfully.
C:\Users\kelabethmama\AppData\Local\Temp\SPStub.exe => Moved successfully.
C:\Users\kelabethmama\AppData\Local\Temp\swpacksbing_717_active.exe => Moved successfully.
C:\Users\kelabethmama\AppData\Local\Temp\swt-win32-3349.dll => Moved successfully.
C:\Users\kelabethmama\AppData\Local\Temp\tbRadi.dll => Moved successfully.
C:\Users\kelabethmama\AppData\Local\Temp\thepriceisright2010-114767253-setup.s114767253.c110268333.r110268333.len.ub466631a644fe09fe1af13a4449fa5e8da255721.dl.exe => Moved successfully.
C:\Users\kelabethmama\AppData\Local\Temp\ToolbarHelper.exe => Moved successfully.
C:\Users\kelabethmama\AppData\Local\Temp\ToolbarInstaller.exe => Moved successfully.
C:\Users\kelabethmama\AppData\Local\Temp\uninst1.exe => Moved successfully.
C:\Users\kelabethmama\AppData\Local\Temp\Uninstall.exe => Moved successfully.
C:\Users\kelabethmama\AppData\Local\Temp\vcredist_x64.exe => Moved successfully.
C:\Users\kelabethmama\AppData\Local\Temp\WSSetup.exe => Moved successfully.
C:\Users\kelabethmama\AppData\Local\Temp\xijj1nvq.dll => Moved successfully.
C:\Users\kelabethmama\AppData\Local\Temp\zekor-q-.dll => Moved successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EF8895F5-3F92-4753-8E71-0D2B46F72650}'=> Key not found.
C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar not found.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar'=> Key not found.
C:\Windows\Tasks\Dealply.job not found.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D6455632-EE04-48AD-B493-A09738258834}'=> Key not found.
C:\Windows\System32\Tasks\DTReg => C:\Users\kelabethmama\AppData\Roaming\DefaultTab\DefaultTab\DTReg.exe [2014-02-05] () Task: {CF962E00-D3EB-4FDD-BE06-F8A08C4CFA22} - System32\Tasks\DTChk not found.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DTReg => C:\Users\kelabethmama\AppData\Roaming\DefaultTab\DefaultTab\DTReg.exe [2014-02-05] () Task: {CF962E00-D3EB-4FDD-BE06-F8A08C4CFA22} - System32\Tasks\DTChk'=> Key not found.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9FC12180-F4BD-4981-AF36-BFFAF9681EA1}'=> Key not found.
C:\Windows\System32\Tasks\EPUpdater not found.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EPUpdater'=> Key not found.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{925FCEF9-447C-4D9F-8F9E-A1970C72880B}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{925FCEF9-447C-4D9F-8F9E-A1970C72880B}' => Key deleted successfully.
C:\Windows\System32\Tasks\BackgroundContainer Startup Task => Moved successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BackgroundContainer Startup Task' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1C2B206B-8653-4D7D-A796-164EE8AB18DF}'=> Key not found.
C:\Windows\System32\Tasks\Dealply not found.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Dealply'=> Key not found.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{28890710-AF00-4140-9AE7-A8E876C8CFD0}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{28890710-AF00-4140-9AE7-A8E876C8CFD0}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DealPlyUpdate' => Key deleted successfully.

==== End of Fixlog ====



#10 VincentValentine

VincentValentine
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:04:34 AM

Posted 13 June 2014 - 07:32 AM

and here's checkup:

 

 Results of screen317's Security Check version 0.99.84  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
Norton Security Suite   
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
 Java™ 6 Update 25  
 Java version out of Date!
 Adobe Flash Player 13.0.0.214  
 Adobe Reader 9 Adobe Reader out of Date!
 Google Chrome 35.0.1916.114  
 Google Chrome 35.0.1916.153  
````````Process Check: objlist.exe by Laurent````````  
 Norton ccSvcHst.exe
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 25% Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````
 



#11 nasdaq

nasdaq

  • Malware Response Team
  • 39,559 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:04:34 AM

Posted 13 June 2014 - 08:16 AM

Your version of Java is outdated and needs to be updated to take advantage of fixes that have eliminated security vulnerabilities.
Latest version is Java JRE 7u60.

You can manually check your present version and update as recommended.
https://www.java.com/en/download/installed.jsp

Be careful not to install malware posing as Java update!
Important read this blog.
http://blog.trendmicro.com/trendlabs-security-intelligence/malware-poses-as-an-update-for-java-0-day-fix/

Quoted from the page.
"In light of the recent events surrounding Java, users must seriously consider their use of Java. Do they really need it? If yes, make sure that users follow the steps we recommended and get the security update directly from the official oracle website." at:
http://www.oracle.com/technetwork/java/javase/downloads/index.html

How to disable Java in your browsers
http://www.infoworld.com/t/web-browsers/how-disable-java-in-your-browsers-210882


If present remove the old version(s) of Java using the Add/Remove Programs applet.

Java 6 Update 25
===

Get the latest version of the Adobe Reader.
http://get.adobe.com/reader/
Before your download I suggest you unckeck the box on the top right "Yes, install McAfee Security Scan Plus - optional" this is not required if you are not a McAfee subscriber. While the installation is in progress you can also deny the installation of any other programs that may be suggested.

When installed remove your old version of the Reader using the Add/Remove Programs applet if present.
<<<>>>

Let me know of any remaining issues with this computer.

#12 VincentValentine

VincentValentine
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:04:34 AM

Posted 13 June 2014 - 08:30 AM

Java and Adobe Reader are updated. I have no remaining issues. Thank you very much!



#13 nasdaq

nasdaq

  • Malware Response Team
  • 39,559 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:04:34 AM

Posted 13 June 2014 - 01:15 PM

If all is well:

Please consider using these ideas to help secure your computer. While there is no way to guarantee safety when you use a computer, these steps will make it much less likely that you will need to endure another infection. While we really like to help people, we would rather help you protect yourself so that you won't need that help in the future.

Please either enable Automatic Updates under Start -> Control Panel -> Automatic Updates or get into the habit of checking Windows Update regularly. They usually have security updates every month. You can set Windows to notify you of Updates so that you can choose, but only do this if you believe you are able to understand which ones are needed. This is a crucial security measure.

Having an effective antivirus is a must for everyone.
In addition to many excellent commercial products there are plenty of good free antivirus programs available. I can recommend:

If you are satisfied with your current protection programs you can ignore the instructions on Antivirus or Firewall listed below.In addition to an antivirus I recommend using a firewall. A software firewall is a software program that helps screen out hackers, viruses, and worms that try to reach your computer over the Internet. I can recommend one of the following free products:Please note: Many installer offer third-party downloads that are installed automatically when you do not uncheck certain checkboxes. While most of the time not being malicious you usually do not want these on your computer. Be careful during the installation process and you will avoid seeing tons of new unwanted toolbars in your favorite web browser.

Please consider installing and running some of the following programs; they are either free or have free versions of commercial programs:

Malwarebytes Anti-Malware (MBAM)
The free version of MBAM can be used to scan the system for traces of malware. Scanning your system regularly will make it harder for malware to reside on your system.
A tutorial on using MBAM can be found here.
Please Note: Only the paid for version has real time capabilities.

SpywareBlaster
A tutorial on using SpywareBlaster to prevent malware from ever installing on your computer may be found here.

Please keep these programs up-to-date and run them whenever you suspect a problem to prevent malware problems. A number of programs have resident protection and it is a good idea to run the resident protection of one of each type of program to maintain protection. However, it is important to run only one resident program of each type since they can conflict and become less effective. That means only one antivirus, firewall and scanning anti-spyware program at a time. Passive protectors, like SpywareBlaster can be run with any of them.

Note that there are a lot of rogue programs out there that want to scare you into giving them your money and some malware actually claims to be security programs. If you get a popup for a security program that you did not install yourself, do NOT click on it and ask for help immediately. It is very important to run an antivirus and firewall, but you can't always rely on reviews and ads for information. Ask in a security forum that you trust if you are not sure. If you are unsure and looking for anti-spyware programs, you can find out if it is a rogue here:A similar category of programs is now called "scareware." Scareware programs are active infections that will pop-up on your computer and tell you that you are infected. If you look closely, it will usually have a name that looks like it might be legitimate, but it is NOT one of the programs you installed. It tells you to click and install it right away. If you click on any part of it, including the 'X' to close it, you may actually help it infect your computer further. Keeping protection updated and running resident protection can help prevent these infections. If it happens anyway, get offline as quickly as you can. Pull the internet connection cable or shut down the computer if you have to. Contact someone to help by using another computer if possible. These programs are also sometimes called 'rogues', but they are different than the older version of rogues mentioned above.

Please keep your programs up to date. This applies to Java, Adobe Flashplayer, Adobe Reader and your Internet Browsers in particular. Vulnerabilities in these programs are often exploited in order to install malware on your PC. Visiting a prepared web page suffices to infect your system.

In general Firefox, Opera and Google Chrome are considered to be more secure than Internet Explorer. In addition there are many useful add-ons that can protect you from possible risks:
  • WOT will warn you when you try to visit sites with poor reputation. The reputation is based on user ratings and is usually very accurate.
  • Script Blocker can help blocking many attempts to infect your system via malicious websites by only allowing scripts at sites you trust.
  • NoScript is a popular Firefox addon,
  • ScriptNo a popular Google Chrome addon.
For much more useful information, please also read Tony Klein's excellent article: How did I get infected in the first place

Hopefully these steps will help to keep you error free. If you run into more difficulty, we will certainly do what we can to help.
===

#14 nasdaq

nasdaq

  • Malware Response Team
  • 39,559 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:04:34 AM

Posted 13 June 2014 - 01:16 PM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users